From bb445a3973957b5046e2354992901fb675198cad Mon Sep 17 00:00:00 2001 From: Jeffrey Czyz Date: Thu, 18 Jul 2024 11:54:33 -0500 Subject: [PATCH] Authenticate payment_id from OffersContext Before abandoning a payment when receiving an InvoiceError, verify that the PaymentId included in the OffersContext with the included HMAC. This prevents a malicious actor sending an InvoiceError with a known payment id from abandoning our payment. --- lightning/src/ln/channelmanager.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs index b359df9e5..9dc8270d8 100644 --- a/lightning/src/ln/channelmanager.rs +++ b/lightning/src/ln/channelmanager.rs @@ -10731,8 +10731,10 @@ where let abandon_if_payment = |context| { match context { - Some(OffersContext::OutboundPayment { payment_id, .. }) => { - self.abandon_payment(payment_id) + Some(OffersContext::OutboundPayment { payment_id, nonce, hmac }) => { + if signer::verify_payment_id(payment_id, hmac, nonce, expanded_key) { + self.abandon_payment(payment_id); + } }, _ => {}, } -- 2.39.5