mpp has multiple payment bypass and griefing vulnerabilities
Multiple vulnerabilities were discovered which allowed for undesirable behaviors, including: Performing free tempo/charge requests Replaying existing tempo/charge requests Performing free tempo/session requests Piggybacking off existing tempo/session channels Griefing existing tempo/session channels Manipulate the fee payer of a tempo/charge or tempo/session handler into paying for requests Replaying existing stripe/charge requests