The Stripe webhook race condition that silently charged users twice (and the Node.js fix)

Indie Hackers researchers traced a recurring support headache back to a single race condition inside Stripe webhook handling: simultaneous retries hit the same business transaction twice, and nobody noticed until customers complained about double charges. The fix looks obvious on paper, yet most teams still treat webhooks like regular requests. What happened in the Indie Hackers post Two things lined up: a webhook that triggered a downstream billing workflow and Stripe's stubborn automatic retries. When the original webhook handler takes longer than a few hundred milliseconds, Stripe retries the exact same event with the same id and idempotency_key . If the handler is not guarding against duplicate work, the second invocation commits the same payment record and triggers the customer's card again. By the time the developer examined the logs, support tickets had piled up and a single user had been billed twice for the same plan. The key insight: the retries are legitimate, the payload is

The Stripe webhook race condition that silently charged users twice (and the Node.js fix)

Related Articles

Thunderbird: Introducing our Public Roadmaps

How I Scraped Most Dark Stores in India — Blinkit, Zepto & Swiggy Instamart

Claude Code /branch Command Turned My Sessions Into Decision Trees

Much ado about protein

I'm OK being left behind, thanks

Related Articles

News
Thunderbird: Introducing our Public Roadmaps
Lobsters • 2h ago

News
How I Scraped Most Dark Stores in India — Blinkit, Zepto & Swiggy Instamart
Medium Programming • 2h ago

News
Claude Code /branch Command Turned My Sessions Into Decision Trees
Medium Programming • 2h ago

News
Much ado about protein
The Verge • 2h ago

News
I'm OK being left behind, thanks
Lobsters • 2h ago