From 01ee9cdd1cc30b9989fd051750cbb0b1420d6c75 Mon Sep 17 00:00:00 2001
From: keyan <keyan.kousha+huumn@gmail.com>
Date: Thu, 30 Dec 2021 16:02:18 -0600
Subject: [PATCH] don't ever reveal user wallet balances to other users

---
 api/resolvers/user.js | 5 ++++-
 components/seo.js     | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/api/resolvers/user.js b/api/resolvers/user.js
index a75798c8..e8514c99 100644
--- a/api/resolvers/user.js
+++ b/api/resolvers/user.js
@@ -150,7 +150,10 @@ export default {
         AND "Item"."userId" = ${user.id}`
       return sum || 0
     },
-    sats: async (user, args, { models }) => {
+    sats: async (user, args, { models, me }) => {
+      if (me?.id !== user.id) {
+        return 0
+      }
       return Math.floor(user.msats / 1000)
     },
     bio: async (user, args, { models }) => {
diff --git a/components/seo.js b/components/seo.js
index 606eb5d5..dacb6ce8 100644
--- a/components/seo.js
+++ b/components/seo.js
@@ -33,7 +33,7 @@ export default function Seo ({ item, user }) {
     }
   }
   if (user) {
-    desc = `@${user.name} has [${user.stacked} stacked, ${user.sats} sats, ${user.nitems} posts, ${user.ncomments} comments]`
+    desc = `@${user.name} has [${user.stacked} stacked, ${user.nitems} posts, ${user.ncomments} comments]`
   }
 
   return (