As is, the current status interceptors that return an error if the wallet unlocker endpoints are hit while the wallet is already unlocked: https://github.com/lightningnetwork/lnd/blob/master/rpcperms/interceptor.go#L508
However, since they return "normal" Go errors, callers are forced to do string matching against the returned errors.
Instead, we should be returning a gRPC status error code. When picking an error code, we should take care to ensure we don't collide with one of the pre-built error codes the gRPC library uses.