Skip to content

feat(asb): rebuild xmr lock tx on confirmed double spend #1142

Draft
binarybaron wants to merge 2 commits into
masterfrom
trusted-daemon-double-spend-rebuild
Draft

feat(asb): rebuild xmr lock tx on confirmed double spend #1142
binarybaron wants to merge 2 commits into
masterfrom
trusted-daemon-double-spend-rebuild

Conversation

@binarybaron

Copy link
Copy Markdown

No description provided.

@binarybaron binarybaron changed the title feat(asb): rebuild Monero lock tx on confirmed double spend with trusted daemon feat(asb): rebuild xmr lock tx on confirmed double spend Jun 25, 2026
@binarybaron

Copy link
Copy Markdown
Author

@Einliterflasche Should we really rebuild the TX here? We could also just go into SafelyAborted (or a similar end state, e.g SafelyAbortedAfterXmrLockDoubleSpend to preserve the state data).

…ng the lock tx

Before Alice constructs her Monero lock transaction, scan the shared
wallet (the view pair Bob and Alice both know) from a recorded restore
height and abort the swap if it already received any output, on-chain
or in the mempool. This guards against ever locking Monero twice for
the same swap, complementing the double-spend rebuild path which
re-enters BtcLocked and now re-runs this check with a fresh restore
height.

- swap-machine: new AliceState::XmrReadyToLock carries the restore
  height captured in BtcLocked so a resumed swap scans the full window
  in which an earlier lock could have landed.
- monero-wallet-ng: new empty module scans blocks in batches of 10
  plus the mempool with a naive Scanner over the shared view pair.
- The check runs once per construction attempt and again before
  falling back to BtcEarlyRefundable after the lock retry timeout.
@binarybaron

Copy link
Copy Markdown
Author

bugbot run

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes using default effort and found 1 potential issue.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit 473b299. Configure here.


return Ok(AliceState::BtcLocked { state3: state3.clone() });
}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pool presence skips double-spend check

High Severity

Confirmed-input double-spend recovery runs only inside !is_present, but is_transaction_present is true while the lock tx is still in the mempool. If inputs are already SpentInBlockchain via another tx, the swap still advances to XmrLockTransactionSent and can wait forever for confirmations that never arrive.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 473b299. Configure here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant