Skip to content

Apply MPP receive timeout to keysend payments#4558

Open
tnull wants to merge 1 commit intolightningdevkit:mainfrom
tnull:2026-04-fix-keysend-mpp-timeout
Open

Apply MPP receive timeout to keysend payments#4558
tnull wants to merge 1 commit intolightningdevkit:mainfrom
tnull:2026-04-fix-keysend-mpp-timeout

Conversation

@tnull
Copy link
Copy Markdown
Contributor

@tnull tnull commented Apr 13, 2026

Fixes #4553.

Incomplete keysend MPPs skipped the receive timeout path, allowing partial payments to hold HTLC slots until CLTV expiry instead of failing after MPP_TIMEOUT_TICKS. Apply the existing total_mpp_amount_msat completeness check to all MPP receives and add a regression test covering the keysend case.

The timeout logic was originally added only for
invoice-backed MPPs in 2022, and that invoice-only guard remained when receive-side MPP keysend support landed in 2023, leaving this gap latent until now.

Co-Authored-By: HAL 9000

@tnull
Apply MPP receive timeout to keysend payments
a3457de 
Incomplete keysend MPPs skipped the receive timeout path,
allowing partial payments to hold HTLC slots until CLTV
expiry instead of failing after `MPP_TIMEOUT_TICKS`.
Apply the existing `total_mpp_amount_msat` completeness
check to all MPP receives and add a regression test
covering the keysend case.

The timeout logic was originally added only for
invoice-backed MPPs in 2022, and that invoice-only
guard remained when receive-side MPP keysend support
landed in 2023, leaving this gap latent until now.

Co-Authored-By: HAL 9000
@ldk-reviews-bot
Copy link
Copy Markdown

ldk-reviews-bot commented Apr 13, 2026
edited
Loading

I've assigned @jkczyz as a reviewer!
I'll wait for their review and will help manage the review process.
Once they submit their review, I'll check if a second reviewer would be helpful.

@tnull tnull mentioned this pull request Apr 13, 2026
Open
@ldk-claude-review-bot
Copy link
Copy Markdown
Collaborator

ldk-claude-review-bot commented Apr 13, 2026

I've reviewed the entire diff thoroughly, tracing through:

  1. The core change in channelmanager.rs: Removal of the if let OnionPayload::Invoice { .. } guard so the MPP completeness check and timeout logic applies to both invoice and keysend payments.

  2. Condition matching: Verified the completeness condition total_mpp_value <= total_intended_recvd_value in timer_tick_occurred is equivalent to total_intended_recvd_value >= total_mpp_value in process_pending_htlc_forwards (line 8412). These correctly stay in sync.

  3. Single-path keysend safety: For non-MPP keysend (no payment_data), total_mpp_amount_msat falls back to outgoing_amt_msat (onion_payment.rs:282-285), which equals sender_intended_value, so the completeness check passes immediately and no timeout is triggered. Existing single-path keysend behavior is unaffected.

  4. The test: Follows the established pattern from do_mpp_receive_timeout(true) exactly — same diamond topology, same partial relay, same fail-back verification. The RecipientOnionFields::secret_only(payment_secret, 200_000) correctly sets the total MPP amount matching the two-path route.

  5. Keysend payment secret handling: Confirmed that has_recipient_created_payment_secret is false for keysend (onion_payment.rs:296), so the secret from get_payment_preimage_hash is used only for MPP correlation, not inbound payment verification.

No issues found.

@ldk-reviews-bot ldk-reviews-bot requested a review from jkczyz April 13, 2026 09:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jkczyz jkczyz Awaiting requested review from jkczyz

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

backport 0.1 backport 0.2

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Incomplete keysend MPP payments bypass MPP timeout

3 participants

@tnull @ldk-reviews-bot @ldk-claude-review-bot