search

lightningnetwork / lnd

Lightning Network Daemon ⚡️
MIT License
7.67k stars 2.07k forks source link

[bug]: scammed using a hold invoice #7621

Open anycolo opened 1 year ago

anycolo commented 1 year ago
  1. I tried paying a ln invoice using my lnd instance. I submitted the payment a few days ago, but the status i received wasn't "complete".
  2. I waited a few hours, i tried paying again, i got 'no route' or 'payment in transit' (not sure)
  3. I waited a few more hours, i tried paying again, it didn't say 'invoice is already paid'.
  4. I waited a few moure hours, i tried paying the invoice again, it said that it was EXPIRED, so i assumed that the payment failed.

I refunded the customer using another channel and .. behold, the invoice managed to complete itself after some time, so i paid him twice.

I have a lot of questions:

alexbosworth commented 1 year ago

payment in transit means that the payment is being sent, but it shouldn't be possible that you can pay the same payment request twice in lnd, probably need more logs or more details to know exactly what happened

anycolo commented 1 year ago

I didn't pay the same invoice twice, i refunded via classic bitcoin transaction.

alexbosworth commented 1 year ago

ok, just to note, yes an invoice that is past the "expiry" date marked on the payment request can still be settled after this date. The date is advisory and not binding

anycolo commented 1 year ago

Is this behavior a bug in lightning, in general?

anycolo commented 1 year ago

I have a payment request "lnbcxxxx..." from yesterday. My lnd wallet attempted to pay it a few times. What command can i run to see:

alexbosworth commented 1 year ago

you can use trackpayment

anycolo commented 1 year ago

Trackpayment requires a hash, so i have decoded the payment request with decodepayreq, then i ran trackpayment succesfully:

+------------+--------------+--------------+--------------+-----+----------+----------+-------+
| HTLC_STATE | ATTEMPT_TIME | RESOLVE_TIME | RECEIVER_AMT | FEE | TIMELOCK | CHAN_OUT | ROUTE |
+------------+--------------+--------------+--------------+-----+----------+----------+-------+
+------------+--------------+--------------+--------------+-----+----------+----------+-------+
Amount + fee:   0 + 0 sat
Payment hash:   xxx
Payment status: FAILED, reason: FAILURE_REASON_NO_ROUTE

Does this mean 100% sure that the payment will not be completed at a later time?

alexbosworth commented 1 year ago

yes

anycolo commented 1 year ago

Okay, assume this case again:

What should lnd respond when i try to do this:

alexbosworth commented 1 year ago

if the htlc is still locked then it should respond that the payment is in transit yes, it shouldn't let you double pay it

anycolo commented 1 year ago

Okay, but any way to cancel a 'payment in transit' invoice? Or do i have to wait for the HTLC to resolve?

alexbosworth commented 1 year ago

Right there is a timeout associated with HTLCs that are in flight, wait for that timeout to expire

anycolo commented 1 year ago

I notice that sometimes, i can submit a payment attempt to my LND node, and it will timeout with some error after a few minutes of trying. When i try to make the same payment in a few minutes, i'll get an 'invoice is already paid'. How can i instruct lnd to cancel a submitted payment attempt or how can i instruct LND to try paying it for only a finite amount of time and then abort forever. It seems that once you submit an invoice to pay to lnd, it goes into a grey zone where you can never be sure about it's status.

alexbosworth commented 1 year ago

you couldn't cancel a payment with already committed HTLCs, but you can specify a pathfinding timeout to payment

You also cannot cancel pathfinding within that timeout frame though

The status can be found via trackpayment api