2024-02-14 23:31:25 +00:00
|
|
|
import { getIdentity, createHodlInvoice, createInvoice, decodePaymentRequest, payViaPaymentRequest, cancelHodlInvoice, getInvoice as getInvoiceFromLnd, getNode, authenticatedLndGrpc, deletePayment } from 'ln-service'
|
2023-07-23 15:08:43 +00:00
|
|
|
import { GraphQLError } from 'graphql'
|
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 23:50:57 +00:00
|
|
|
import crypto from 'crypto'
|
2021-05-20 01:09:32 +00:00
|
|
|
import serialize from './serial'
|
2024-03-20 00:37:31 +00:00
|
|
|
import { decodeCursor, LIMIT, nextCursorEncoded } from '@/lib/cursor'
|
2021-12-15 16:50:11 +00:00
|
|
|
import lnpr from 'bolt11'
|
2021-12-16 20:02:17 +00:00
|
|
|
import { SELECT } from './item'
|
2024-03-20 00:37:31 +00:00
|
|
|
import { lnAddrOptions } from '@/lib/lnurl'
|
|
|
|
|
import { msatsToSats, msatsToSatsDecimal, ensureB64 } from '@/lib/format'
|
2024-04-14 22:34:21 +00:00
|
|
|
import { CLNAutowithdrawSchema, LNDAutowithdrawSchema, amountSchema, lnAddrAutowithdrawSchema, lnAddrSchema, ssValidate, withdrawlSchema } from '@/lib/validate'
|
2024-03-20 00:37:31 +00:00
|
|
|
import { ANON_BALANCE_LIMIT_MSATS, ANON_INV_PENDING_LIMIT, ANON_USER_ID, BALANCE_LIMIT_MSATS, INVOICE_RETENTION_DAYS, INV_PENDING_LIMIT, USER_IDS_BALANCE_NO_LIMIT } from '@/lib/constants'
|
|
|
|
|
import { datePivot } from '@/lib/time'
|
2023-12-14 17:30:51 +00:00
|
|
|
import assertGofacYourself from './ofac'
|
2024-04-03 20:11:06 +00:00
|
|
|
import assertApiKeyNotPermitted from './apiKey'
|
2024-04-14 22:34:21 +00:00
|
|
|
import { createInvoice as createInvoiceCLN } from '@/lib/cln'
|
2021-05-11 15:52:50 +00:00
|
|
|
|
2023-08-31 02:48:49 +00:00
|
|
|
export async function getInvoice (parent, { id }, { me, models, lnd }) {
|
2022-03-23 18:54:39 +00:00
|
|
|
const inv = await models.invoice.findUnique({
|
|
|
|
|
where: {
|
|
|
|
|
id: Number(id)
|
|
|
|
|
},
|
|
|
|
|
include: {
|
|
|
|
|
user: true
|
|
|
|
|
}
|
|
|
|
|
})
|
2021-05-20 01:09:32 +00:00
|
|
|
|
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 23:50:57 +00:00
|
|
|
if (!inv) {
|
|
|
|
|
throw new GraphQLError('invoice not found', { extensions: { code: 'BAD_INPUT' } })
|
|
|
|
|
}
|
2023-08-31 02:48:49 +00:00
|
|
|
|
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 23:50:57 +00:00
|
|
|
if (inv.user.id === ANON_USER_ID) {
|
|
|
|
|
return inv
|
|
|
|
|
}
|
|
|
|
|
if (!me) {
|
|
|
|
|
throw new GraphQLError('you must be logged in', { extensions: { code: 'FORBIDDEN' } })
|
|
|
|
|
}
|
2022-03-23 18:54:39 +00:00
|
|
|
if (inv.user.id !== me.id) {
|
2023-07-23 15:08:43 +00:00
|
|
|
throw new GraphQLError('not ur invoice', { extensions: { code: 'FORBIDDEN' } })
|
2022-03-23 18:54:39 +00:00
|
|
|
}
|
2021-05-20 01:09:32 +00:00
|
|
|
|
2023-08-08 18:19:31 +00:00
|
|
|
try {
|
|
|
|
|
inv.nostr = JSON.parse(inv.desc)
|
|
|
|
|
} catch (err) {
|
|
|
|
|
}
|
|
|
|
|
|
2023-10-21 00:25:22 +00:00
|
|
|
try {
|
|
|
|
|
if (inv.confirmedAt) {
|
|
|
|
|
const lnInv = await getInvoiceFromLnd({ id: inv.hash, lnd })
|
2023-10-23 21:44:09 +00:00
|
|
|
inv.confirmedPreimage = lnInv.secret
|
2023-10-21 00:25:22 +00:00
|
|
|
}
|
|
|
|
|
} catch (err) {
|
|
|
|
|
console.error('error fetching invoice from LND', err)
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-23 18:54:39 +00:00
|
|
|
return inv
|
|
|
|
|
}
|
|
|
|
|
|
2024-04-16 15:53:05 +00:00
|
|
|
export async function getWithdrawl (parent, { id }, { me, models }) {
|
|
|
|
|
if (!me) {
|
|
|
|
|
throw new GraphQLError('you must be logged in', { extensions: { code: 'FORBIDDEN' } })
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const wdrwl = await models.withdrawl.findUnique({
|
|
|
|
|
where: {
|
|
|
|
|
id: Number(id)
|
|
|
|
|
},
|
|
|
|
|
include: {
|
|
|
|
|
user: true
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
if (!wdrwl) {
|
|
|
|
|
throw new GraphQLError('withdrawal not found', { extensions: { code: 'BAD_INPUT' } })
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (wdrwl.user.id !== me.id) {
|
|
|
|
|
throw new GraphQLError('not ur withdrawal', { extensions: { code: 'FORBIDDEN' } })
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return wdrwl
|
|
|
|
|
}
|
|
|
|
|
|
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 23:50:57 +00:00
|
|
|
export function createHmac (hash) {
|
|
|
|
|
const key = Buffer.from(process.env.INVOICE_HMAC_KEY, 'hex')
|
|
|
|
|
return crypto.createHmac('sha256', key).update(Buffer.from(hash, 'hex')).digest('hex')
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-23 18:54:39 +00:00
|
|
|
export default {
|
|
|
|
|
Query: {
|
|
|
|
|
invoice: getInvoice,
|
2024-02-13 19:17:56 +00:00
|
|
|
wallet: async (parent, { id }, { me, models }) => {
|
|
|
|
|
if (!me) {
|
|
|
|
|
throw new GraphQLError('you must be logged in', { extensions: { code: 'FORBIDDEN' } })
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return await models.wallet.findUnique({
|
|
|
|
|
where: {
|
|
|
|
|
userId: me.id,
|
|
|
|
|
id: Number(id)
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
walletByType: async (parent, { type }, { me, models }) => {
|
|
|
|
|
if (!me) {
|
|
|
|
|
throw new GraphQLError('you must be logged in', { extensions: { code: 'FORBIDDEN' } })
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const wallet = await models.wallet.findFirst({
|
|
|
|
|
where: {
|
|
|
|
|
userId: me.id,
|
|
|
|
|
type
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
return wallet
|
|
|
|
|
},
|
|
|
|
|
wallets: async (parent, args, { me, models }) => {
|
|
|
|
|
if (!me) {
|
|
|
|
|
throw new GraphQLError('you must be logged in', { extensions: { code: 'FORBIDDEN' } })
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return await models.wallet.findMany({
|
|
|
|
|
where: {
|
|
|
|
|
userId: me.id
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
},
|
2024-04-16 15:53:05 +00:00
|
|
|
withdrawl: getWithdrawl,
|
2023-11-09 17:50:43 +00:00
|
|
|
numBolt11s: async (parent, args, { me, models, lnd }) => {
|
|
|
|
|
if (!me) {
|
|
|
|
|
throw new GraphQLError('you must be logged in', { extensions: { code: 'FORBIDDEN' } })
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return await models.withdrawl.count({
|
|
|
|
|
where: {
|
|
|
|
|
userId: me.id,
|
|
|
|
|
hash: { not: null }
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
},
|
2021-06-02 23:15:28 +00:00
|
|
|
connectAddress: async (parent, args, { lnd }) => {
|
2021-06-03 22:08:00 +00:00
|
|
|
return process.env.LND_CONNECT_ADDRESS
|
2021-11-30 15:23:26 +00:00
|
|
|
},
|
2021-12-16 17:27:12 +00:00
|
|
|
walletHistory: async (parent, { cursor, inc }, { me, models, lnd }) => {
|
2021-11-30 15:23:26 +00:00
|
|
|
const decodedCursor = decodeCursor(cursor)
|
2021-12-15 16:50:11 +00:00
|
|
|
if (!me) {
|
2023-07-23 15:08:43 +00:00
|
|
|
throw new GraphQLError('you must be logged in', { extensions: { code: 'FORBIDDEN' } })
|
2021-12-15 16:50:11 +00:00
|
|
|
}
|
2021-11-30 15:23:26 +00:00
|
|
|
|
2021-12-16 20:17:50 +00:00
|
|
|
const include = new Set(inc?.split(','))
|
2021-12-16 17:27:12 +00:00
|
|
|
const queries = []
|
|
|
|
|
|
|
|
|
|
if (include.has('invoice')) {
|
|
|
|
|
queries.push(
|
2023-11-21 23:32:22 +00:00
|
|
|
`(SELECT
|
|
|
|
|
id, created_at as "createdAt", COALESCE("msatsReceived", "msatsRequested") as msats,
|
|
|
|
|
'invoice' as type,
|
|
|
|
|
jsonb_build_object(
|
|
|
|
|
'bolt11', bolt11,
|
|
|
|
|
'status', CASE WHEN "confirmedAt" IS NOT NULL THEN 'CONFIRMED'
|
|
|
|
|
WHEN "expiresAt" <= $2 THEN 'EXPIRED'
|
|
|
|
|
WHEN cancelled THEN 'CANCELLED'
|
|
|
|
|
ELSE 'PENDING' END,
|
|
|
|
|
'description', "desc",
|
|
|
|
|
'invoiceComment', comment,
|
|
|
|
|
'invoicePayerData', "lud18Data") as other
|
|
|
|
|
FROM "Invoice"
|
|
|
|
|
WHERE "userId" = $1
|
|
|
|
|
AND created_at <= $2)`
|
|
|
|
|
)
|
2021-12-16 17:27:12 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (include.has('withdrawal')) {
|
|
|
|
|
queries.push(
|
2023-11-21 23:32:22 +00:00
|
|
|
`(SELECT
|
|
|
|
|
id, created_at as "createdAt",
|
|
|
|
|
COALESCE("msatsPaid", "msatsPaying") as msats,
|
|
|
|
|
'withdrawal' as type,
|
|
|
|
|
jsonb_build_object(
|
2023-12-09 01:21:46 +00:00
|
|
|
'bolt11', bolt11,
|
2024-01-07 17:00:24 +00:00
|
|
|
'autoWithdraw', "autoWithdraw",
|
2023-11-21 23:32:22 +00:00
|
|
|
'status', COALESCE(status::text, 'PENDING'),
|
|
|
|
|
'msatsFee', COALESCE("msatsFeePaid", "msatsFeePaying")) as other
|
|
|
|
|
FROM "Withdrawl"
|
|
|
|
|
WHERE "userId" = $1
|
|
|
|
|
AND created_at <= $2)`
|
|
|
|
|
)
|
2021-12-16 17:27:12 +00:00
|
|
|
}
|
|
|
|
|
|
2021-12-16 20:02:17 +00:00
|
|
|
if (include.has('stacked')) {
|
multiple forwards on a post (#403)
* multiple forwards on a post
first phase of the multi-forward support
* update the graphql mutation for discussion posts to accept and validate multiple forwards
* update the discussion form to allow multiple forwards in the UI
* start working on db schema changes
* uncomment db schema, add migration to create the new model, and update create_item, update_item
stored procedures
* Propagate updates from discussion to poll, link, and bounty forms
Update the create, update poll sql functions for multi forward support
* Update gql, typedefs, and resolver to return forwarded users in items responses
* UI changes to show multiple forward recipients, and conditional upvote logic changes
* Update notification text to reflect multiple forwards upon vote action
* Disallow duplicate stacker entries
* reduce duplication in populating adv-post-form initial values
* Update item_act sql function to implement multi-way forwarding
* Update referral functions to scale referral bonuses for forwarded users
* Update notification text to reflect non-100% forwarded sats cases
* Update wallet history sql queries to accommodate multi-forward use cases
* Block zaps for posts you are forwarded zaps at the API layer, in addition
to in the UI
* Delete fwdUserId column from Item table as part of migration
* Fix how we calculate stacked sats after partial forwards in wallet history
* Exclude entries from wallet history that are 0 stacked sats from posts with 100% forwarded to other users
* Fix wallet history query for forwarded stacked sats to be scaled by the fwd pct
* Reduce duplication in adv post form, and do some style tweaks for better layout
* Use MAX_FORWARDS constants
* Address various PR feedback
* first enhancement pass
* enhancement pass too
---------
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
2023-08-23 22:44:17 +00:00
|
|
|
// query1 - get all sats stacked as OP or as a forward
|
2021-12-16 20:02:17 +00:00
|
|
|
queries.push(
|
multiple forwards on a post (#403)
* multiple forwards on a post
first phase of the multi-forward support
* update the graphql mutation for discussion posts to accept and validate multiple forwards
* update the discussion form to allow multiple forwards in the UI
* start working on db schema changes
* uncomment db schema, add migration to create the new model, and update create_item, update_item
stored procedures
* Propagate updates from discussion to poll, link, and bounty forms
Update the create, update poll sql functions for multi forward support
* Update gql, typedefs, and resolver to return forwarded users in items responses
* UI changes to show multiple forward recipients, and conditional upvote logic changes
* Update notification text to reflect multiple forwards upon vote action
* Disallow duplicate stacker entries
* reduce duplication in populating adv-post-form initial values
* Update item_act sql function to implement multi-way forwarding
* Update referral functions to scale referral bonuses for forwarded users
* Update notification text to reflect non-100% forwarded sats cases
* Update wallet history sql queries to accommodate multi-forward use cases
* Block zaps for posts you are forwarded zaps at the API layer, in addition
to in the UI
* Delete fwdUserId column from Item table as part of migration
* Fix how we calculate stacked sats after partial forwards in wallet history
* Exclude entries from wallet history that are 0 stacked sats from posts with 100% forwarded to other users
* Fix wallet history query for forwarded stacked sats to be scaled by the fwd pct
* Reduce duplication in adv post form, and do some style tweaks for better layout
* Use MAX_FORWARDS constants
* Address various PR feedback
* first enhancement pass
* enhancement pass too
---------
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
2023-08-23 22:44:17 +00:00
|
|
|
`(SELECT
|
2023-11-21 23:32:22 +00:00
|
|
|
"Item".id,
|
|
|
|
|
MAX("ItemAct".created_at) AS "createdAt",
|
|
|
|
|
FLOOR(
|
|
|
|
|
SUM("ItemAct".msats)
|
|
|
|
|
* (CASE WHEN "Item"."userId" = $1 THEN
|
|
|
|
|
COALESCE(1 - ((SELECT SUM(pct) FROM "ItemForward" WHERE "itemId" = "Item".id) / 100.0), 1)
|
|
|
|
|
ELSE
|
|
|
|
|
(SELECT pct FROM "ItemForward" WHERE "itemId" = "Item".id AND "userId" = $1) / 100.0
|
|
|
|
|
END)
|
|
|
|
|
) AS msats,
|
|
|
|
|
'stacked' AS type, NULL::JSONB AS other
|
|
|
|
|
FROM "ItemAct"
|
|
|
|
|
JOIN "Item" ON "ItemAct"."itemId" = "Item".id
|
|
|
|
|
-- only join to with item forward for items where we aren't the OP
|
|
|
|
|
LEFT JOIN "ItemForward" ON "ItemForward"."itemId" = "Item".id AND "Item"."userId" <> $1
|
|
|
|
|
WHERE "ItemAct".act = 'TIP'
|
|
|
|
|
AND ("Item"."userId" = $1 OR "ItemForward"."userId" = $1)
|
|
|
|
|
AND "ItemAct".created_at <= $2
|
|
|
|
|
GROUP BY "Item".id)`
|
multiple forwards on a post (#403)
* multiple forwards on a post
first phase of the multi-forward support
* update the graphql mutation for discussion posts to accept and validate multiple forwards
* update the discussion form to allow multiple forwards in the UI
* start working on db schema changes
* uncomment db schema, add migration to create the new model, and update create_item, update_item
stored procedures
* Propagate updates from discussion to poll, link, and bounty forms
Update the create, update poll sql functions for multi forward support
* Update gql, typedefs, and resolver to return forwarded users in items responses
* UI changes to show multiple forward recipients, and conditional upvote logic changes
* Update notification text to reflect multiple forwards upon vote action
* Disallow duplicate stacker entries
* reduce duplication in populating adv-post-form initial values
* Update item_act sql function to implement multi-way forwarding
* Update referral functions to scale referral bonuses for forwarded users
* Update notification text to reflect non-100% forwarded sats cases
* Update wallet history sql queries to accommodate multi-forward use cases
* Block zaps for posts you are forwarded zaps at the API layer, in addition
to in the UI
* Delete fwdUserId column from Item table as part of migration
* Fix how we calculate stacked sats after partial forwards in wallet history
* Exclude entries from wallet history that are 0 stacked sats from posts with 100% forwarded to other users
* Fix wallet history query for forwarded stacked sats to be scaled by the fwd pct
* Reduce duplication in adv post form, and do some style tweaks for better layout
* Use MAX_FORWARDS constants
* Address various PR feedback
* first enhancement pass
* enhancement pass too
---------
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
2023-08-23 22:44:17 +00:00
|
|
|
)
|
2022-03-17 20:13:19 +00:00
|
|
|
queries.push(
|
2023-11-21 23:32:22 +00:00
|
|
|
`(SELECT
|
|
|
|
|
min("Earn".id) as id, created_at as "createdAt",
|
|
|
|
|
sum(msats) as msats, 'earn' as type, NULL::JSONB AS other
|
2022-03-17 20:13:19 +00:00
|
|
|
FROM "Earn"
|
2022-09-12 18:55:34 +00:00
|
|
|
WHERE "Earn"."userId" = $1 AND "Earn".created_at <= $2
|
2023-11-21 23:32:22 +00:00
|
|
|
GROUP BY "userId", created_at)`
|
|
|
|
|
)
|
2022-12-19 22:27:52 +00:00
|
|
|
queries.push(
|
2023-11-21 23:32:22 +00:00
|
|
|
`(SELECT id, created_at as "createdAt", msats, 'referral' as type, NULL::JSONB AS other
|
2022-12-19 22:27:52 +00:00
|
|
|
FROM "ReferralAct"
|
2023-11-21 23:32:22 +00:00
|
|
|
WHERE "ReferralAct"."referrerId" = $1 AND "ReferralAct".created_at <= $2)`
|
|
|
|
|
)
|
|
|
|
|
queries.push(
|
|
|
|
|
`(SELECT id, created_at as "createdAt", msats, 'revenue' as type,
|
|
|
|
|
jsonb_build_object('subName', "SubAct"."subName") as other
|
|
|
|
|
FROM "SubAct"
|
|
|
|
|
WHERE "userId" = $1 AND type = 'REVENUE'
|
|
|
|
|
AND created_at <= $2)`
|
|
|
|
|
)
|
2021-12-16 20:02:17 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (include.has('spent')) {
|
|
|
|
|
queries.push(
|
2023-11-21 23:32:22 +00:00
|
|
|
`(SELECT "Item".id, MAX("ItemAct".created_at) as "createdAt", sum("ItemAct".msats) as msats,
|
|
|
|
|
'spent' as type, NULL::JSONB AS other
|
|
|
|
|
FROM "ItemAct"
|
|
|
|
|
JOIN "Item" on "ItemAct"."itemId" = "Item".id
|
|
|
|
|
WHERE "ItemAct"."userId" = $1
|
|
|
|
|
AND "ItemAct".created_at <= $2
|
|
|
|
|
GROUP BY "Item".id)`
|
|
|
|
|
)
|
2022-12-08 00:04:02 +00:00
|
|
|
queries.push(
|
2023-11-21 23:32:22 +00:00
|
|
|
`(SELECT id, created_at as "createdAt", sats * 1000 as msats,'donation' as type, NULL::JSONB AS other
|
2022-12-08 00:04:02 +00:00
|
|
|
FROM "Donation"
|
|
|
|
|
WHERE "userId" = $1
|
2023-11-21 23:32:22 +00:00
|
|
|
AND created_at <= $2)`
|
|
|
|
|
)
|
|
|
|
|
queries.push(
|
|
|
|
|
`(SELECT id, created_at as "createdAt", msats, 'billing' as type,
|
|
|
|
|
jsonb_build_object('subName', "SubAct"."subName") as other
|
|
|
|
|
FROM "SubAct"
|
|
|
|
|
WHERE "userId" = $1 AND type = 'BILLING'
|
|
|
|
|
AND created_at <= $2)`
|
|
|
|
|
)
|
2021-12-16 20:02:17 +00:00
|
|
|
}
|
2021-12-14 16:42:54 +00:00
|
|
|
|
2021-12-16 17:27:12 +00:00
|
|
|
if (queries.length === 0) {
|
|
|
|
|
return {
|
|
|
|
|
cursor: null,
|
|
|
|
|
facts: []
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-07-26 16:01:31 +00:00
|
|
|
let history = await models.$queryRawUnsafe(`
|
2023-11-21 23:32:22 +00:00
|
|
|
${queries.join(' UNION ALL ')}
|
|
|
|
|
ORDER BY "createdAt" DESC
|
|
|
|
|
OFFSET $3
|
|
|
|
|
LIMIT ${LIMIT}`,
|
|
|
|
|
me.id, decodedCursor.time, decodedCursor.offset)
|
2021-12-15 16:50:11 +00:00
|
|
|
|
|
|
|
|
history = history.map(f => {
|
2023-11-21 23:32:22 +00:00
|
|
|
f = { ...f, ...f.other }
|
|
|
|
|
|
2021-12-15 16:50:11 +00:00
|
|
|
if (f.bolt11) {
|
|
|
|
|
const inv = lnpr.decode(f.bolt11)
|
|
|
|
|
if (inv) {
|
|
|
|
|
const { tags } = inv
|
|
|
|
|
for (const tag of tags) {
|
|
|
|
|
if (tag.tagName === 'description') {
|
2023-09-24 01:14:49 +00:00
|
|
|
// prioritize description from bolt11 over description from our DB
|
2021-12-15 16:50:11 +00:00
|
|
|
f.description = tag.data
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-11-21 23:32:22 +00:00
|
|
|
|
2021-12-15 16:50:11 +00:00
|
|
|
switch (f.type) {
|
|
|
|
|
case 'withdrawal':
|
2023-07-31 17:47:41 +00:00
|
|
|
f.msats = (-1 * Number(f.msats)) - Number(f.msatsFee)
|
2021-12-16 20:02:17 +00:00
|
|
|
break
|
|
|
|
|
case 'spent':
|
2022-12-08 00:04:02 +00:00
|
|
|
case 'donation':
|
2023-11-21 23:32:22 +00:00
|
|
|
case 'billing':
|
2022-12-08 00:04:02 +00:00
|
|
|
f.msats *= -1
|
|
|
|
|
break
|
2021-12-15 16:50:11 +00:00
|
|
|
default:
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return f
|
|
|
|
|
})
|
2021-12-14 16:42:54 +00:00
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
cursor: history.length === LIMIT ? nextCursorEncoded(decodedCursor) : null,
|
|
|
|
|
facts: history
|
|
|
|
|
}
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
},
|
|
|
|
|
walletLogs: async (parent, args, { me, models }) => {
|
|
|
|
|
if (!me) {
|
|
|
|
|
throw new GraphQLError('you must be logged in', { extensions: { code: 'FORBIDDEN' } })
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return await models.walletLog.findMany({
|
|
|
|
|
where: {
|
|
|
|
|
userId: me.id
|
|
|
|
|
},
|
|
|
|
|
orderBy: {
|
|
|
|
|
createdAt: 'asc'
|
|
|
|
|
}
|
|
|
|
|
})
|
2021-04-30 21:42:51 +00:00
|
|
|
}
|
|
|
|
|
},
|
2024-02-13 19:17:56 +00:00
|
|
|
WalletDetails: {
|
|
|
|
|
__resolveType (wallet) {
|
2024-04-14 22:34:21 +00:00
|
|
|
return wallet.address ? 'WalletLNAddr' : wallet.macaroon ? 'WalletLND' : 'WalletCLN'
|
2024-02-13 19:17:56 +00:00
|
|
|
}
|
|
|
|
|
},
|
2021-04-30 21:42:51 +00:00
|
|
|
Mutation: {
|
2023-12-14 17:30:51 +00:00
|
|
|
createInvoice: async (parent, { amount, hodlInvoice = false, expireSecs = 3600 }, { me, models, lnd, headers }) => {
|
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 23:50:57 +00:00
|
|
|
await ssValidate(amountSchema, { amount })
|
2023-12-14 17:30:51 +00:00
|
|
|
await assertGofacYourself({ models, headers })
|
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 23:50:57 +00:00
|
|
|
|
|
|
|
|
let expirePivot = { seconds: expireSecs }
|
|
|
|
|
let invLimit = INV_PENDING_LIMIT
|
2023-12-05 16:17:45 +00:00
|
|
|
let balanceLimit = (hodlInvoice || USER_IDS_BALANCE_NO_LIMIT.includes(Number(me?.id))) ? 0 : BALANCE_LIMIT_MSATS
|
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 23:50:57 +00:00
|
|
|
let id = me?.id
|
2021-05-11 15:52:50 +00:00
|
|
|
if (!me) {
|
2023-08-28 12:08:29 +00:00
|
|
|
expirePivot = { seconds: Math.min(expireSecs, 180) }
|
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 23:50:57 +00:00
|
|
|
invLimit = ANON_INV_PENDING_LIMIT
|
|
|
|
|
balanceLimit = ANON_BALANCE_LIMIT_MSATS
|
|
|
|
|
id = ANON_USER_ID
|
2021-05-11 15:52:50 +00:00
|
|
|
}
|
|
|
|
|
|
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 23:50:57 +00:00
|
|
|
const user = await models.user.findUnique({ where: { id } })
|
2022-05-06 19:32:20 +00:00
|
|
|
|
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 23:50:57 +00:00
|
|
|
const expiresAt = datePivot(new Date(), expirePivot)
|
2023-02-15 17:20:26 +00:00
|
|
|
const description = `Funding @${user.name} on stacker.news`
|
2021-06-09 20:07:32 +00:00
|
|
|
try {
|
2023-08-31 02:48:49 +00:00
|
|
|
const invoice = await (hodlInvoice ? createHodlInvoice : createInvoice)({
|
2022-08-30 21:50:47 +00:00
|
|
|
description: user.hideInvoiceDesc ? undefined : description,
|
2021-06-09 20:07:32 +00:00
|
|
|
lnd,
|
|
|
|
|
tokens: amount,
|
|
|
|
|
expires_at: expiresAt
|
|
|
|
|
})
|
2021-05-11 15:52:50 +00:00
|
|
|
|
2024-04-10 00:49:20 +00:00
|
|
|
const [inv] = await serialize(
|
2024-01-08 22:37:58 +00:00
|
|
|
models.$queryRaw`SELECT * FROM create_invoice(${invoice.id}, ${hodlInvoice ? invoice.secret : null}::TEXT, ${invoice.request},
|
2023-10-03 19:35:53 +00:00
|
|
|
${expiresAt}::timestamp, ${amount * 1000}, ${user.id}::INTEGER, ${description}, NULL, NULL,
|
2024-04-10 00:49:20 +00:00
|
|
|
${invLimit}::INTEGER, ${balanceLimit})`,
|
|
|
|
|
{ models }
|
|
|
|
|
)
|
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 23:50:57 +00:00
|
|
|
|
|
|
|
|
// the HMAC is only returned during invoice creation
|
|
|
|
|
// this makes sure that only the person who created this invoice
|
|
|
|
|
// has access to the HMAC
|
|
|
|
|
const hmac = createHmac(inv.hash)
|
2021-05-11 15:52:50 +00:00
|
|
|
|
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 23:50:57 +00:00
|
|
|
return { ...inv, hmac }
|
2021-06-09 20:07:32 +00:00
|
|
|
} catch (error) {
|
2021-06-10 20:54:22 +00:00
|
|
|
console.log(error)
|
2021-06-09 20:07:32 +00:00
|
|
|
throw error
|
|
|
|
|
}
|
2021-05-12 23:04:19 +00:00
|
|
|
},
|
2022-01-23 17:21:55 +00:00
|
|
|
createWithdrawl: createWithdrawal,
|
2024-01-07 17:00:24 +00:00
|
|
|
sendToLnAddr,
|
2023-08-31 02:48:49 +00:00
|
|
|
cancelInvoice: async (parent, { hash, hmac }, { models, lnd }) => {
|
|
|
|
|
const hmac2 = createHmac(hash)
|
|
|
|
|
if (hmac !== hmac2) {
|
|
|
|
|
throw new GraphQLError('bad hmac', { extensions: { code: 'FORBIDDEN' } })
|
|
|
|
|
}
|
|
|
|
|
await cancelHodlInvoice({ id: hash, lnd })
|
2024-04-10 00:49:20 +00:00
|
|
|
const inv = await serialize(
|
2023-08-31 02:48:49 +00:00
|
|
|
models.invoice.update({
|
|
|
|
|
where: {
|
|
|
|
|
hash
|
|
|
|
|
},
|
|
|
|
|
data: {
|
|
|
|
|
cancelled: true
|
|
|
|
|
}
|
2024-04-10 00:49:20 +00:00
|
|
|
}),
|
|
|
|
|
{ models }
|
|
|
|
|
)
|
2023-08-31 02:48:49 +00:00
|
|
|
return inv
|
2023-11-09 17:50:43 +00:00
|
|
|
},
|
2024-02-14 23:31:25 +00:00
|
|
|
dropBolt11: async (parent, { id }, { me, models, lnd }) => {
|
2023-11-09 17:50:43 +00:00
|
|
|
if (!me) {
|
|
|
|
|
throw new GraphQLError('you must be logged in', { extensions: { code: 'UNAUTHENTICATED' } })
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-14 23:31:25 +00:00
|
|
|
const retention = `${INVOICE_RETENTION_DAYS} days`
|
|
|
|
|
|
|
|
|
|
const [invoice] = await models.$queryRaw`
|
|
|
|
|
WITH to_be_updated AS (
|
|
|
|
|
SELECT id, hash, bolt11
|
|
|
|
|
FROM "Withdrawl"
|
|
|
|
|
WHERE "userId" = ${me.id}
|
|
|
|
|
AND id = ${Number(id)}
|
|
|
|
|
AND now() > created_at + interval '${retention}'
|
|
|
|
|
AND hash IS NOT NULL
|
|
|
|
|
), updated_rows AS (
|
|
|
|
|
UPDATE "Withdrawl"
|
|
|
|
|
SET hash = NULL, bolt11 = NULL
|
|
|
|
|
FROM to_be_updated
|
|
|
|
|
WHERE "Withdrawl".id = to_be_updated.id)
|
|
|
|
|
SELECT * FROM to_be_updated;`
|
|
|
|
|
|
|
|
|
|
if (invoice) {
|
|
|
|
|
try {
|
|
|
|
|
await deletePayment({ id: invoice.hash, lnd })
|
|
|
|
|
} catch (error) {
|
|
|
|
|
console.error(error)
|
|
|
|
|
await models.withdrawl.update({
|
|
|
|
|
where: { id: invoice.id },
|
|
|
|
|
data: { hash: invoice.hash, bolt11: invoice.bolt11 }
|
|
|
|
|
})
|
|
|
|
|
throw new GraphQLError('failed to drop bolt11 from lnd', { extensions: { code: 'BAD_INPUT' } })
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-11-09 17:50:43 +00:00
|
|
|
return { id }
|
2024-02-13 19:17:56 +00:00
|
|
|
},
|
|
|
|
|
upsertWalletLND: async (parent, { settings, ...data }, { me, models }) => {
|
2024-02-18 21:08:10 +00:00
|
|
|
// make sure inputs are base64
|
|
|
|
|
data.macaroon = ensureB64(data.macaroon)
|
|
|
|
|
data.cert = ensureB64(data.cert)
|
2024-02-13 19:17:56 +00:00
|
|
|
|
2024-04-16 18:59:46 +00:00
|
|
|
const walletType = 'LND'
|
2024-02-13 19:17:56 +00:00
|
|
|
return await upsertWallet(
|
|
|
|
|
{
|
|
|
|
|
schema: LNDAutowithdrawSchema,
|
2024-04-16 18:59:46 +00:00
|
|
|
walletType,
|
2024-02-13 19:17:56 +00:00
|
|
|
testConnect: async ({ cert, macaroon, socket }) => {
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
try {
|
|
|
|
|
const { lnd } = await authenticatedLndGrpc({
|
|
|
|
|
cert,
|
|
|
|
|
macaroon,
|
|
|
|
|
socket
|
|
|
|
|
})
|
|
|
|
|
const inv = await createInvoice({
|
|
|
|
|
description: 'SN connection test',
|
|
|
|
|
lnd,
|
|
|
|
|
tokens: 0,
|
|
|
|
|
expires_at: new Date()
|
|
|
|
|
})
|
|
|
|
|
// we wrap both calls in one try/catch since connection attempts happen on RPC calls
|
2024-04-16 18:59:46 +00:00
|
|
|
await addWalletLog({ wallet: walletType, level: 'SUCCESS', message: 'connected to LND' }, { me, models })
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
return inv
|
|
|
|
|
} catch (err) {
|
|
|
|
|
// LND errors are in this shape: [code, type, { err: { code, details, metadata } }]
|
|
|
|
|
const details = err[2]?.err?.details || err.message || err.toString?.()
|
2024-04-16 18:59:46 +00:00
|
|
|
await addWalletLog({ wallet: walletType, level: 'ERROR', message: `could not connect to LND: ${details}` }, { me, models })
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
throw err
|
|
|
|
|
}
|
2024-02-13 19:17:56 +00:00
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
{ settings, data }, { me, models })
|
|
|
|
|
},
|
2024-04-14 22:34:21 +00:00
|
|
|
upsertWalletCLN: async (parent, { settings, ...data }, { me, models }) => {
|
|
|
|
|
data.cert = ensureB64(data.cert)
|
|
|
|
|
|
2024-04-16 18:59:46 +00:00
|
|
|
const walletType = 'CLN'
|
2024-04-14 22:34:21 +00:00
|
|
|
return await upsertWallet(
|
|
|
|
|
{
|
|
|
|
|
schema: CLNAutowithdrawSchema,
|
2024-04-16 18:59:46 +00:00
|
|
|
walletType,
|
2024-04-14 22:34:21 +00:00
|
|
|
testConnect: async ({ socket, rune, cert }) => {
|
|
|
|
|
try {
|
|
|
|
|
const inv = await createInvoiceCLN({
|
|
|
|
|
socket,
|
|
|
|
|
rune,
|
|
|
|
|
cert,
|
|
|
|
|
description: 'SN connection test',
|
|
|
|
|
msats: 'any',
|
|
|
|
|
expiry: 0
|
|
|
|
|
})
|
2024-04-16 18:59:46 +00:00
|
|
|
await addWalletLog({ wallet: walletType, level: 'SUCCESS', message: 'connected to CLN' }, { me, models })
|
2024-04-14 22:34:21 +00:00
|
|
|
return inv
|
|
|
|
|
} catch (err) {
|
|
|
|
|
const details = err.details || err.message || err.toString?.()
|
2024-04-16 18:59:46 +00:00
|
|
|
await addWalletLog({ wallet: walletType, level: 'ERROR', message: `could not connect to CLN: ${details}` }, { me, models })
|
2024-04-14 22:34:21 +00:00
|
|
|
throw err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
{ settings, data }, { me, models })
|
|
|
|
|
},
|
2024-02-13 19:17:56 +00:00
|
|
|
upsertWalletLNAddr: async (parent, { settings, ...data }, { me, models }) => {
|
2024-04-16 18:59:46 +00:00
|
|
|
const walletType = 'LIGHTNING_ADDRESS'
|
2024-02-13 19:17:56 +00:00
|
|
|
return await upsertWallet(
|
|
|
|
|
{
|
|
|
|
|
schema: lnAddrAutowithdrawSchema,
|
2024-04-16 18:59:46 +00:00
|
|
|
walletType,
|
2024-02-13 19:17:56 +00:00
|
|
|
testConnect: async ({ address }) => {
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
const options = await lnAddrOptions(address)
|
2024-04-16 18:59:46 +00:00
|
|
|
await addWalletLog({ wallet: walletType, level: 'SUCCESS', message: 'fetched payment details' }, { me, models })
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
return options
|
2024-02-13 19:17:56 +00:00
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
{ settings, data }, { me, models })
|
|
|
|
|
},
|
|
|
|
|
removeWallet: async (parent, { id }, { me, models }) => {
|
|
|
|
|
if (!me) {
|
|
|
|
|
throw new GraphQLError('you must be logged in', { extensions: { code: 'UNAUTHENTICATED' } })
|
|
|
|
|
}
|
|
|
|
|
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
const wallet = await models.wallet.findUnique({ where: { userId: me.id, id: Number(id) } })
|
|
|
|
|
if (!wallet) {
|
|
|
|
|
throw new GraphQLError('wallet not found', { extensions: { code: 'BAD_INPUT' } })
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
await models.$transaction([
|
|
|
|
|
models.wallet.delete({ where: { userId: me.id, id: Number(id) } }),
|
2024-04-16 18:59:46 +00:00
|
|
|
models.walletLog.create({ data: { userId: me.id, wallet: wallet.type, level: 'SUCCESS', message: 'wallet deleted' } })
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
])
|
2024-02-13 19:17:56 +00:00
|
|
|
|
|
|
|
|
return true
|
2021-04-30 21:42:51 +00:00
|
|
|
}
|
2021-05-13 21:19:51 +00:00
|
|
|
},
|
|
|
|
|
|
|
|
|
|
Withdrawl: {
|
2022-11-15 20:51:55 +00:00
|
|
|
satsPaying: w => msatsToSats(w.msatsPaying),
|
|
|
|
|
satsPaid: w => msatsToSats(w.msatsPaid),
|
|
|
|
|
satsFeePaying: w => msatsToSats(w.msatsFeePaying),
|
|
|
|
|
satsFeePaid: w => msatsToSats(w.msatsFeePaid)
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
Invoice: {
|
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 23:50:57 +00:00
|
|
|
satsReceived: i => msatsToSats(i.msatsReceived),
|
|
|
|
|
satsRequested: i => msatsToSats(i.msatsRequested)
|
2021-12-16 20:02:17 +00:00
|
|
|
},
|
|
|
|
|
|
|
|
|
|
Fact: {
|
|
|
|
|
item: async (fact, args, { models }) => {
|
|
|
|
|
if (fact.type !== 'spent' && fact.type !== 'stacked') {
|
|
|
|
|
return null
|
|
|
|
|
}
|
2023-07-26 16:01:31 +00:00
|
|
|
const [item] = await models.$queryRawUnsafe(`
|
2021-12-16 20:02:17 +00:00
|
|
|
${SELECT}
|
|
|
|
|
FROM "Item"
|
2023-11-21 23:32:22 +00:00
|
|
|
WHERE id = $1`, Number(fact.id))
|
2021-12-16 20:02:17 +00:00
|
|
|
|
|
|
|
|
return item
|
2022-11-15 20:51:55 +00:00
|
|
|
},
|
2023-11-21 23:32:22 +00:00
|
|
|
sats: fact => msatsToSatsDecimal(fact.msats)
|
2021-04-30 21:42:51 +00:00
|
|
|
}
|
|
|
|
|
}
|
2022-01-23 17:21:55 +00:00
|
|
|
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
export const addWalletLog = async ({ wallet, level, message }, { me, models }) => {
|
|
|
|
|
try {
|
|
|
|
|
await models.walletLog.create({ data: { userId: me.id, wallet, level, message } })
|
|
|
|
|
} catch (err) {
|
|
|
|
|
console.error('error creating wallet log:', err)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-13 19:17:56 +00:00
|
|
|
async function upsertWallet (
|
2024-04-16 18:59:46 +00:00
|
|
|
{ schema, walletType, testConnect }, { settings, data }, { me, models }) {
|
2024-02-13 19:17:56 +00:00
|
|
|
if (!me) {
|
|
|
|
|
throw new GraphQLError('you must be logged in', { extensions: { code: 'UNAUTHENTICATED' } })
|
|
|
|
|
}
|
2024-04-03 20:11:06 +00:00
|
|
|
assertApiKeyNotPermitted({ me })
|
2024-02-13 19:17:56 +00:00
|
|
|
|
|
|
|
|
await ssValidate(schema, { ...data, ...settings }, { me, models })
|
|
|
|
|
|
|
|
|
|
if (testConnect) {
|
|
|
|
|
try {
|
|
|
|
|
await testConnect(data)
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
} catch (err) {
|
|
|
|
|
console.error(err)
|
2024-04-16 18:59:46 +00:00
|
|
|
await addWalletLog({ wallet: walletType, level: 'ERROR', message: 'failed to attach wallet' }, { me, models })
|
2024-02-13 19:17:56 +00:00
|
|
|
throw new GraphQLError('failed to connect to wallet', { extensions: { code: 'BAD_INPUT' } })
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const { id, ...walletData } = data
|
|
|
|
|
const { autoWithdrawThreshold, autoWithdrawMaxFeePercent, priority } = settings
|
|
|
|
|
|
|
|
|
|
const txs = [
|
|
|
|
|
models.user.update({
|
|
|
|
|
where: { id: me.id },
|
|
|
|
|
data: {
|
|
|
|
|
autoWithdrawMaxFeePercent,
|
|
|
|
|
autoWithdrawThreshold
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
if (priority) {
|
|
|
|
|
txs.push(
|
|
|
|
|
models.wallet.updateMany({
|
|
|
|
|
where: {
|
|
|
|
|
userId: me.id
|
|
|
|
|
},
|
|
|
|
|
data: {
|
|
|
|
|
priority: 0
|
|
|
|
|
}
|
|
|
|
|
}))
|
|
|
|
|
}
|
|
|
|
|
|
2024-04-16 18:59:46 +00:00
|
|
|
const walletName = walletType === 'LND'
|
|
|
|
|
? 'walletLND'
|
|
|
|
|
: walletType === 'CLN' ? 'walletCLN' : 'walletLightningAddress'
|
2024-02-13 19:17:56 +00:00
|
|
|
if (id) {
|
|
|
|
|
txs.push(
|
|
|
|
|
models.wallet.update({
|
|
|
|
|
where: { id: Number(id), userId: me.id },
|
|
|
|
|
data: {
|
|
|
|
|
priority: priority ? 1 : 0,
|
|
|
|
|
[walletName]: {
|
|
|
|
|
update: {
|
|
|
|
|
where: { walletId: Number(id) },
|
|
|
|
|
data: walletData
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
}),
|
2024-04-16 18:59:46 +00:00
|
|
|
models.walletLog.create({ data: { userId: me.id, wallet: walletType, level: 'SUCCESS', message: 'wallet updated' } })
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
)
|
2024-02-13 19:17:56 +00:00
|
|
|
} else {
|
|
|
|
|
txs.push(
|
|
|
|
|
models.wallet.create({
|
|
|
|
|
data: {
|
|
|
|
|
priority: Number(priority),
|
|
|
|
|
userId: me.id,
|
|
|
|
|
type: walletType,
|
|
|
|
|
[walletName]: {
|
|
|
|
|
create: walletData
|
|
|
|
|
}
|
|
|
|
|
}
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
}),
|
2024-04-16 18:59:46 +00:00
|
|
|
models.walletLog.create({ data: { userId: me.id, wallet: walletType, level: 'SUCCESS', message: 'wallet created' } })
|
Wallet Logs (#994)
* nwc wallet logs
* persist logs in IndexedDB
* Potential fix for empty error message
* load logs limited to 5m ago from IDB
* load logs from past via query param
* Add 5m, 1h, 6h links for earlier logs
* Show end of log
* Clamp to logStart
* Add log.module.css
* Remove TODO about persistence
* Use table for logs
* <table> fixes bad format with fixed width and message overflow into start of next row
* also using ---start of log--- instead of ---end of log--- now
* removed time string in header nav
* Rename .header to .logNav
* Simply load all logs and remove navigation
I realized the code for navigation was most likely premature optimization which even resulted in worse UX:
Using the buttons to load logs from 5m, 1h, 6h ago sometimes meant that nothing happened at all since there were no logs from 5m, 1h, 6h ago.
That's why I added a time string as "start of logs" so it's at least visible that it changed but that looked bad so I removed it.
But all of this was not necessary: I can simply load all logs at once and then the user can scroll around however they like.
I was worried that it would be bad for performance to load all logs at once since we might store a lot of logs but as mentioned, that's probably premature optimization.
WHEN a lot of logs are stored AND this becomes a problem (What problem even? Slow page load?), THEN we can think about this.
If page load ever becomes slow because of loading logs, we could probably simply not load the logs at page load but only when /wallet/logs is visited.
But for now, this works fine.
* Add follow checkbox
* Create WalletLogs component
* Embed wallet logs
* Remove test error
* Fix level padding
* Add LNbits logs
* Add logs for attaching LND and lnAddr
* Use err.message || err.toString?.() consistently
* Autowithdrawal logs
* Use details from LND error
* Don't log test invoice individually
* Also refetch logs on error
* Remove obsolete and annoying toasts
* Replace scrollIntoView with scroll
* Use constant embedded max-height
* Fix missing width: 100% for embedded logs
* Show full payment hash and preimage in logs
* Also parse details from LND errors on autowithdrawal failures
* Remove TODO
* Fix accidental removal of wss:// check
* Fix alignment of start marker and show empty if empty
* Fix sendPayment loop
* Split context in two
2024-04-03 22:27:21 +00:00
|
|
|
)
|
2024-02-13 19:17:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
await models.$transaction(txs)
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
|
2024-04-16 18:59:46 +00:00
|
|
|
export async function createWithdrawal (parent, { invoice, maxFee }, { me, models, lnd, headers, walletId = null }) {
|
2024-04-03 20:11:06 +00:00
|
|
|
assertApiKeyNotPermitted({ me })
|
2023-02-08 19:38:04 +00:00
|
|
|
await ssValidate(withdrawlSchema, { invoice, maxFee })
|
2023-12-17 21:14:59 +00:00
|
|
|
await assertGofacYourself({ models, headers })
|
2023-05-07 15:02:59 +00:00
|
|
|
|
|
|
|
|
// remove 'lightning:' prefix if present
|
|
|
|
|
invoice = invoice.replace(/^lightning:/, '')
|
|
|
|
|
|
2022-01-23 17:21:55 +00:00
|
|
|
// decode invoice to get amount
|
2023-12-17 21:14:59 +00:00
|
|
|
let decoded, node
|
2022-01-23 17:21:55 +00:00
|
|
|
try {
|
|
|
|
|
decoded = await decodePaymentRequest({ lnd, request: invoice })
|
|
|
|
|
} catch (error) {
|
|
|
|
|
console.log(error)
|
2023-07-23 15:08:43 +00:00
|
|
|
throw new GraphQLError('could not decode invoice', { extensions: { code: 'BAD_INPUT' } })
|
2022-01-23 17:21:55 +00:00
|
|
|
}
|
|
|
|
|
|
2023-12-23 20:27:01 +00:00
|
|
|
try {
|
|
|
|
|
node = await getNode({ lnd, public_key: decoded.destination, is_omitting_channels: true })
|
|
|
|
|
} catch (error) {
|
|
|
|
|
// likely not found if it's an unannounced channel, e.g. phoenix
|
|
|
|
|
console.log(error)
|
|
|
|
|
}
|
|
|
|
|
|
2023-12-17 21:14:59 +00:00
|
|
|
if (node) {
|
|
|
|
|
for (const { socket } of node.sockets) {
|
|
|
|
|
const ip = socket.split(':')[0]
|
|
|
|
|
await assertGofacYourself({ models, headers, ip })
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-11-15 20:51:55 +00:00
|
|
|
if (!decoded.mtokens || BigInt(decoded.mtokens) <= 0) {
|
2023-07-23 15:08:43 +00:00
|
|
|
throw new GraphQLError('your invoice must specify an amount', { extensions: { code: 'BAD_INPUT' } })
|
2022-01-23 17:21:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const msatsFee = Number(maxFee) * 1000
|
|
|
|
|
|
2022-05-06 19:32:20 +00:00
|
|
|
const user = await models.user.findUnique({ where: { id: me.id } })
|
|
|
|
|
|
2024-04-16 18:59:46 +00:00
|
|
|
const autoWithdraw = !!walletId
|
2022-01-23 17:21:55 +00:00
|
|
|
// create withdrawl transactionally (id, bolt11, amount, fee)
|
2024-04-10 00:49:20 +00:00
|
|
|
const [withdrawl] = await serialize(
|
2022-01-23 17:21:55 +00:00
|
|
|
models.$queryRaw`SELECT * FROM create_withdrawl(${decoded.id}, ${invoice},
|
2024-04-16 18:59:46 +00:00
|
|
|
${Number(decoded.mtokens)}, ${msatsFee}, ${user.name}, ${autoWithdraw}, ${walletId}::INTEGER)`,
|
2024-04-10 00:49:20 +00:00
|
|
|
{ models }
|
|
|
|
|
)
|
2022-01-23 17:21:55 +00:00
|
|
|
|
|
|
|
|
payViaPaymentRequest({
|
|
|
|
|
lnd,
|
|
|
|
|
request: invoice,
|
|
|
|
|
// can't use max_fee_mtokens https://github.com/alexbosworth/ln-service/issues/141
|
|
|
|
|
max_fee: Number(maxFee),
|
|
|
|
|
pathfinding_timeout: 30000
|
2024-01-07 17:00:24 +00:00
|
|
|
}).catch(console.error)
|
2022-01-23 17:21:55 +00:00
|
|
|
|
|
|
|
|
return withdrawl
|
|
|
|
|
}
|
2024-01-07 17:00:24 +00:00
|
|
|
|
|
|
|
|
export async function sendToLnAddr (parent, { addr, amount, maxFee, comment, ...payer },
|
|
|
|
|
{ me, models, lnd, headers, autoWithdraw = false }) {
|
|
|
|
|
if (!me) {
|
|
|
|
|
throw new GraphQLError('you must be logged in', { extensions: { code: 'FORBIDDEN' } })
|
|
|
|
|
}
|
2024-04-03 20:11:06 +00:00
|
|
|
assertApiKeyNotPermitted({ me })
|
2024-01-07 17:00:24 +00:00
|
|
|
|
|
|
|
|
const options = await lnAddrOptions(addr)
|
|
|
|
|
await ssValidate(lnAddrSchema, { addr, amount, maxFee, comment, ...payer }, options)
|
|
|
|
|
|
|
|
|
|
if (payer) {
|
|
|
|
|
payer = {
|
|
|
|
|
...payer,
|
|
|
|
|
identifier: payer.identifier ? `${me.name}@stacker.news` : undefined
|
|
|
|
|
}
|
|
|
|
|
payer = Object.fromEntries(
|
|
|
|
|
Object.entries(payer).filter(([, value]) => !!value)
|
|
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const milliamount = 1000 * amount
|
|
|
|
|
const callback = new URL(options.callback)
|
|
|
|
|
callback.searchParams.append('amount', milliamount)
|
|
|
|
|
|
|
|
|
|
if (comment?.length) {
|
|
|
|
|
callback.searchParams.append('comment', comment)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let stringifiedPayerData = ''
|
|
|
|
|
if (payer && Object.entries(payer).length) {
|
|
|
|
|
stringifiedPayerData = JSON.stringify(payer)
|
|
|
|
|
callback.searchParams.append('payerdata', stringifiedPayerData)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// call callback with amount and conditionally comment
|
|
|
|
|
const res = await (await fetch(callback.toString())).json()
|
|
|
|
|
if (res.status === 'ERROR') {
|
|
|
|
|
throw new Error(res.reason)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// decode invoice
|
|
|
|
|
try {
|
|
|
|
|
const decoded = await decodePaymentRequest({ lnd, request: res.pr })
|
2024-01-13 04:22:00 +00:00
|
|
|
const ourPubkey = (await getIdentity({ lnd })).public_key
|
2024-02-15 14:59:45 +00:00
|
|
|
if (autoWithdraw && decoded.destination === ourPubkey && process.env.NODE_ENV === 'production') {
|
2024-01-13 04:22:00 +00:00
|
|
|
// unset lnaddr so we don't trigger another withdrawal with same destination
|
2024-02-15 14:59:45 +00:00
|
|
|
await models.wallet.deleteMany({
|
|
|
|
|
where: { userId: me.id, type: 'LIGHTNING_ADDRESS' }
|
2024-01-13 04:22:00 +00:00
|
|
|
})
|
|
|
|
|
throw new Error('automated withdrawals to other stackers are not allowed')
|
|
|
|
|
}
|
2024-01-07 17:00:24 +00:00
|
|
|
if (!decoded.mtokens || BigInt(decoded.mtokens) !== BigInt(milliamount)) {
|
|
|
|
|
throw new Error('invoice has incorrect amount')
|
|
|
|
|
}
|
|
|
|
|
} catch (e) {
|
|
|
|
|
console.log(e)
|
|
|
|
|
throw e
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// take pr and createWithdrawl
|
|
|
|
|
return await createWithdrawal(parent, { invoice: res.pr, maxFee }, { me, models, lnd, headers, autoWithdraw })
|
|
|
|
|
}
|
