21 sats \ 2 replies \ @benthecarman 16 Dec 2023 \ parent \ on: LNbank Vulnerability Recap ยท d11n ๐Ÿฏ๐Ÿฆกโšก๏ธ๐Ÿ•—๐Ÿ”— bitcoin
Yeah, since payment failures are common in lightning you can just put a temporary hold on the balance and then properly handle the balances after the payment completes. Can also just not allow concurrent withdrawals but that can provide a bad experience
write
preview
77 sats \ 0 replies \ @nikotsla 16 Dec 2023
I agree with all said, but want to add a little point about UX or bad experience... when you handle money... UX is the "last" of your priority, the back fire when you lose other people money is SO bad for your application that throw all the UX to the garbage.
Focus on "don't" lose money first, and then add all the shitty lights, remember... we are competing with banks... worst UX in the world.
reply
100 sats \ 0 replies \ @Kukks 17 Dec 2023
Actually there were locks in place for these, but the bug was much less trivial: it was timing between the time it took to save the new tx to the dB and the balance compute from dB. There were (keyed per wallet) locks all over the place
reply