Right now, a payment isn't rejected for not-enough-balance until the customer tries to form a pay proof. This is very late and puts the customer into a difficult-to-recover state.
Also, there's a weird situation where a payment is initiated (the non-zkabacus bits) but the customer status doesn't change until it gets to zkabacus parts. This could result in a "race" where both payments get approved but only one gets executed.
Instead, the pay session should do the following
Set status to pending payment
Check whether there's enough balance. If not, return status to Ready
If so, continue.
When zkabacus starts, update state from PendingPay, not from Ready.
Right now, a payment isn't rejected for not-enough-balance until the customer tries to form a pay proof. This is very late and puts the customer into a difficult-to-recover state. Also, there's a weird situation where a payment is initiated (the non-zkabacus bits) but the customer status doesn't change until it gets to zkabacus parts. This could result in a "race" where both payments get approved but only one gets executed.
Instead, the pay session should do the following