[SpikeGronim]

I don't think your attack violates the security model of this protocol. One of the proofs in the paper is that if you have a network of good and bad nodes the bad nodes can use tricks like you posted to discover whether a good or bad node sent the message. I think that's all they can discover: did an attacker send this or not? But then again they already knew that, didn't they? So I think your attack is only interesting for 3 nodes.

[A1kmm]

It is a side channel that breaks the intention of the protocol - Bob and Charles are 'good nodes', one of who paid for the meal. Alice (bad node) is not supposed to be able to find out if it was Bob or Charles who paid.

If the participants don't share or talk about the outcome at all, this particular attack is avoided, so it is a side channel and not a direct failure of the protocol itself.