Description
There is no deduplication mechanism for settlement operations. If settle() is called twice for the same payment (e.g., due to a retry, network timeout, or client bug), it can result in duplicate on-chain transactions.
Impact
- Double-spending: the same payment payload can be settled multiple times
- Financial loss for the facilitator or payer depending on the scheme
- No way to detect or recover from duplicate settlements after the fact
Fix
- Implement idempotency keys — derive a unique key from the payment payload (e.g., hash of payer + nonce + amount + recipient)
- Track settlement status in Redis or a persistent store before submitting the on-chain transaction
- Check for existing settlement before executing a new one
- Return the existing settlement result for duplicate requests
- Add a TTL-based cleanup for completed settlement records
Description
There is no deduplication mechanism for settlement operations. If
settle()is called twice for the same payment (e.g., due to a retry, network timeout, or client bug), it can result in duplicate on-chain transactions.Impact
Fix