Don't trigger manager persistence on invalid payment release secret.

valentinewallace · valentinewallace · commit 1261b19c57cd · 2024-08-29T16:15:36.000-04:00
If someone sends us an invalid payment_release_secret for an outbound async
payment, we should simply ignore it and not persist the entire ChannelManager
in response.
diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs
@@ -4358,14 +4358,26 @@ where
 		&self, payment_id: PaymentId, payment_release_secret: [u8; 32]
 	) -> Result<(), Bolt12PaymentError> {
 		let best_block_height = self.best_block.read().unwrap().height;
-		let _persistence_guard = PersistenceNotifierGuard::notify_on_drop(self);
-		self.pending_outbound_payments
-			.send_payment_for_static_invoice(
+		let mut res = Ok(());
+		PersistenceNotifierGuard::optionally_notify(self, || {
+			let outbound_pmts_res = self.pending_outbound_payments.send_payment_for_static_invoice(
 				payment_id, payment_release_secret, &self.router, self.list_usable_channels(),
 				|| self.compute_inflight_htlcs(), &self.entropy_source, &self.node_signer,
 				best_block_height, &self.logger, &self.pending_events,
 				|args| self.send_payment_along_path(args)
-			)
+			);
+			match outbound_pmts_res {
+				Err(Bolt12PaymentError::UnexpectedInvoice) | Err(Bolt12PaymentError::DuplicateInvoice) => {
+					res = outbound_pmts_res.map(|_| ());
+					NotifyOption::SkipPersistNoEvents
+				},
+				other_res => {
+					res = other_res;
+					NotifyOption::DoPersist
+				}
+			}
+		});
+		res
 	}
 
 	/// Signals that no further attempts for the given payment should occur. Useful if you have a
