From 1621b67d348c8f859ea5c3de90e949d5cd7ccc2a Mon Sep 17 00:00:00 2001
From: Dusty Daemon <dustinpaystaxes@gmail.com>
Date: Mon, 17 Feb 2025 21:22:33 -0500
Subject: [PATCH] splice: Prevent user from signing an unfinal splice
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

An extra check to ensure the user doesn’t try to sign a splice that wasn’t finalized.
---
 channeld/channeld.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/channeld/channeld.c b/channeld/channeld.c
index 4b8954340..24a89c841 100644
--- a/channeld/channeld.c
+++ b/channeld/channeld.c
@@ -4267,6 +4267,15 @@ static void splice_initiator_user_signed(struct peer *peer, const u8 *inmsg)
 		wire_sync_write(MASTER_FD, take(msg));
 		return;
 	}
+	if (!inflight) {
+		msg = towire_channeld_splice_state_error(NULL, "Can't sign a"
+							 " splice until the"
+							 " splice is finalized"
+							 " using"
+							 " splice_update");
+		wire_sync_write(MASTER_FD, take(msg));
+		return;
+	}
 
 	if (!fromwire_channeld_splice_signed(inflight, inmsg, &signed_psbt,
 					     &peer->splicing->force_sign_first))