From: Jeffrey Czyz Date: Thu, 18 Jul 2024 16:54:33 +0000 (-0500) Subject: Authenticate payment_id from OffersContext X-Git-Tag: v0.0.124-beta~12^2~15 X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=commitdiff_plain;h=bb445a3973957b5046e2354992901fb675198cad;p=rust-lightning Authenticate payment_id from OffersContext Before abandoning a payment when receiving an InvoiceError, verify that the PaymentId included in the OffersContext with the included HMAC. This prevents a malicious actor sending an InvoiceError with a known payment id from abandoning our payment. --- diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs index b359df9e5..9dc8270d8 100644 --- a/lightning/src/ln/channelmanager.rs +++ b/lightning/src/ln/channelmanager.rs @@ -10731,8 +10731,10 @@ where let abandon_if_payment = |context| { match context { - Some(OffersContext::OutboundPayment { payment_id, .. }) => { - self.abandon_payment(payment_id) + Some(OffersContext::OutboundPayment { payment_id, nonce, hmac }) => { + if signer::verify_payment_id(payment_id, hmac, nonce, expanded_key) { + self.abandon_payment(payment_id); + } }, _ => {}, }