* user vault
* code cleanup and fixes
* improve ui
* prevent name collisions between users on the same device
* some improvements
* implement storage migration
* comments and cleanup
* make connect button primary instead of warning
* move show passphrase in new line (improvement for small screen devices)
* make show passphrase field readOnly
* fixes
* fix vault key unsync
* implicit migration
* move device sync under general tab
* fix locally disabled wallets and default wallet selection
* improve text
* remove useless SSR check
* add auth checks
* Rename variables
* Fix missing await
* Refactor local<>vault storage interface
I've changed quite some things here. Attempt of a summary:
* storageKey is now only controlled by useVaultStorageState
I've noticed that dealing with how storage keys are generated (to apply user scope) was handled in two places: the existing wallet code and in the new vault code.
This was confusing and error-prone. I've fixed that by completely relying on the new vault code to generate correct storage keys.
* refactored migration
Migration now simply encrypts any existing local wallets and sends them to the server. On success, the local unencrypted version is deleted.
The previous code seemed to unnecessarily generate new local entries prefixed by 'vault:'.
However, since we either use unencrypted local state OR use the encrypted vault on the server for the data, I didn't see any need for these.
Migration seems to work just as well as before.
* removed unnecessary state
In the <DeviceSync> component, enabled & connected were using a unnecessary combo of useState+useEffect.
They were only using variables that are always available during render so simple assignments were enough.
* other minor changes include:
* early returns
* remove unnecessary SSR checks in useEffect or useCallback
* formatting, comments
* remove unnecessary me? to expose possible bugs
* Fix missing dependency for useZap
This didn't cause any bugs because useWallet returns everything we need on first render.
This caused a bug with E2EE device sync branch though since there the wallet is loaded async.
This meant that during payment, the wallet config was undefined.
* Assume JSON during encryption and decryption
* Fix stale value from cache served on next fetches
* Add wallet.perDevice field
This adds 'perDevice' as a new wallet field to force local storage. For example, WebLN should not be synced across devices.
* Remove debug buttons
* Rename userVault -> vault
* Update console.log's
* revert some of the migration and key handling changes. restore debug buttons for testing
* Fix existing wallets not loaded
* Pass in localOnly and generate localStorageKey once
* Small refactor of migration
* Fix wallet drag and drop
* Add passphrase copy button
* Fix priorityOnly -> skipTests
* Disable autocompletion for reset confirmation prompt
* Show wrong passphrase as input error
* Move code into components/device-sync.js
* Import/export passphrase via QR code
* Fix modal back button invisible in light mode
* Fix modal closed even on connect error
* Use me-2 for cancel/close button
* Some rephrasing
* Fix wallet detach
* Remove debug buttons
* Fix QR code scan in dark mode
* Don't allow custom passphrases
* More rephrasing
* Only use schema if not enabled
* Fix typo in comment
* Replace 'generate passphrase' button with reload icon
* Add comment about IV reuse in GCM
* Use 600k iterations as recommended by OWASP
* Set extractable to false where not needed
* use-vault fallbacks to local storage only for anonymous users
* fix localStorage reset on logout
* add copy button
* move reset out of modals
* hide server side errors
* hardened passphrase storage
* do not show passphrase even if hardened storage is disabled (ie. indexeddb not supported)
* show qr code button on passphrase creation
* use toast for serverside error
* Move key (de)serialization burden to get/setLocalKey functions
* password textarea and remove qr
* don't print plaintext vault values into console
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: k00b <k00b@stacker.news>
* reuse boost for jobs
* wip
* allow job stopping
* restore upvote.js
* expire boost
* boost beyond edit window
* fix boost bolt styling
* rank comments with boost
* no random sort for jobs
* top boost for month at top of territory
* boost hints
* more boost help
* squash migrations
* for same boost, prioritize older
* show ad only if active
* fix itemCreate/Update boost expiration jobs
* fix fee button precedence
* WIP: Account switching
* Fix empty USER query
ANON_USER_ID was undefined and thus the query for @anon had no variables.
* Apply multiAuthMiddleware in /api/graphql
* Fix 'you must be logged in' query error on switch to anon
* Add smart 'switch account' button
"smart" means that it only shows if there are accounts to which one can switch
* Fix multiAuth not set in backend
* Comment fixes, minor changes
* Use fw-bold instead of 'selected'
* Close dropdown and offcanvas
Inside a dropdown, we can rely on autoClose but need to wrap the buttons with <Dropdown.Item> for that to work.
For the offcanvas, we need to pass down handleClose.
* Use button to add account
* Some pages require hard reload on account switch
* Reinit settings form on account switch
* Also don't refetch WalletHistory
* Formatting
* Use width: fit-content for standalone SignUpButton
* Remove unused className
* Use fw-bold and text-underline on selected
* Fix inconsistent padding of login buttons
* Fix duplicate redirect from /settings on anon switch
* Never throw during refetch
* Throw errors which extend GraphQLError
* Only use meAnonSats if logged out
* Use reactive variable for meAnonSats
The previous commit broke the UI update after anon zaps because we actually updated item.meSats in the cache and not item.meAnonSats.
Updating item.meAnonSats was not possible because it's a local field. For that, one needs to use reactive variables.
We do this now and thus also don't need the useEffect hack in item-info.js anymore.
* Switch to new user
* Fix missing cleanup during logout
If we logged in but never switched to any other account, the 'multi_auth.user-id' cookie was not set.
This meant that during logout, the other 'multi_auth.*' cookies were not deleted.
This broke the account switch modal.
This is fixed by setting the 'multi_auth.user-id' cookie on login.
Additionally, we now cleanup if cookie pointer OR session is set (instead of only if both are set).
* Fix comments in middleware
* Remove unnecessary effect dependencies
setState is stable and thus only noise in effect dependencies
* Show but disable unavailable auth methods
* make signup button consistent with others
* Always reload page on switch
* refine account switch styling
* logout barrier
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: k00b <k00b@stacker.news>
* Add Random link and basic query
* Use random
* refine random sort query
* make vote threshold higher
---------
Co-authored-by: k00b <k00b@stacker.news>
* wip: Use uniform interface for wallets
* Fix import error
* Update wallet logging + other stuff
* add canPay and canSend to wallet definition
* rename 'default payment method' to 'enabled' and add enable + disable method
* Set canPay, canReceive in useWallet
* Enable wallet if just configured
* Don't pass logger to sendPayment
* Add logging to attach & detach
* Add schema to wallet def
* Add NWC wallet
* Fix unused isDefault saved in config
* Fix enableWallet
* wrong storage key was used
* broke if wallets with no configs existed
* Run validation during save
* Use INFO level for 'wallet disabled' message
* Pass config with spread operator
* Support help, optional, hint in wallet fields
* wip: Add LNC
* Fix 20s page load for /settings/wallets.json?nodata=true
For some reason, if nodata is passed (which is the case if going back), the page takes 20s to load.
* Fix extremely slow page load for LNC import
I noticed that the combination of
```
import { Form, PasswordInput, SubmitButton } from '@/components/form'
```
in components/wallet/lnc.js and the dynamic import via `await import` in components/wallet/index.js caused extremely slow page loads.
* Use normal imports
* Revert "Fix 20s page load for /settings/wallets.json?nodata=true"
This reverts commit deb476b3a966569fefcfdf4082d6b64f90fbd0a2.
Not using the dynamic import for LNC fixed the slow page load with ?nodata=true.
* Remove follow and show recent logs first
* Fix position of log start marker
* Add FIXMEs for LNC
I can't get LNC to connect. It just hangs forever on lnc.connect(). See FIXMEs.
* Remove logger.error since already handled in useWallet
* Don't require destructuring to pass props to input
* wip: Add LND autowithdrawals
* receiving wallets need to export 'server' object field
* don't print macaroon error stack
* fix missing wallet logs order update
* mark autowithdrawl settings as required
* fix server wallet logs deletion
* remove canPay and canReceive since it was confusing where it is available
TODO
* also use numeric priority for sending wallets to be consistent with how status for receiving wallets is determined
* define createInvoice function in wallet definition
* consistent wallet logs: sending wallets use 'wallet attached'+'wallet enabled/disabled' whereas receiving wallets use 'wallet created/updated'
* see FIXMEs
* Fix TypeError
* Fix sendPayment called with empty config
* removed useEffect such that config is available on first render
* fix hydration error using dynamic import without SSR
* Fix confusing UX around enabled
* Remove FIXMEs
Rebase on master seemed to have fixed these, weird
* Use same error format in toast and wallet log
* Fix usage of conditional hooks in useConfig
* Fix isConfigured
* Fix delete wallet logs on server
* Fix wallet logs refetch
onError does not exist on client.mutate
* Fix TypeError in isConfigured if no enabled wallet found
* Only include local/server config if required
* Fix another hydration error
* Fix server config not updated after save or detach
* Also use 'enabled' for server wallets
* Fix wallet logs not updated after server delete
* Consistent logs between local and server wallets
* 'wallet attached' on create
* 'wallet updated' on config updates
* 'wallet enabled' and 'wallet disabled' if checkbox changed
* 'wallet detached' on delete
* Also enable server wallets on create
* Disable checkbox if not configured yet
* Move all validation schema into lib/validate
* Implement drag & drop w/o persistence
* Use dynamic import for WalletCard
This fixes a lot of issues with hydration
* Save order as priority
* Fix autowithdrawSettings not applied
Form requires config in flat format but mutation requires autowithdraw settings in a separate 'settings' field.
I have decided that config will be in flat form format. It will be transformed into mutation format during save.
* Save dedicated enabled flag for server wallets
* wallet table now contains boolean column 'enabled'
* 'priority' is now a number everywhere
* use consistent order between how autowithdrawals are attempted and server wallets cards
* Fix onCanceled missing
* Fix typo
* Fix noisy changes in lib/validate
I moved the schema for lnbits, nwc and lnc out of lib/validate only to put them back in there later.
This commit should make the changeset cleaner by removing noise.
* Split arguments into [value,] config, context
* Run lnbits url.replace in validate and sendPayment
* Remove unnecessary WALLETS_QUERY
* Generate wallet mutation from fields
* Generate wallet resolver from fields
* Fix import inconsistency between app and worker
* Use wallet.createInvoice for autowithdrawals
* Fix success autowithdrawal log
* Fix wallet security banner shown for server wallets
* Add autowithdrawal to lightning address
* Add optional wallet short name for logging
* Fix draggable
* Fix autowithdraw loop
* Add missing hints
* Add CLN autowithdrawal
* Detach wallets and delete logs on logout
* Remove Wallet in lib/constants
* Use inject function for resolvers and typeDefs
* Fix priority ignored when fetching enabled wallet
* Fix draggable false on first page load due to SSR
* Use touches instead of dnd on mobile
Browsers don't support drag events for touch devices.
To have a consistent implementation for desktop and mobile, we would need to use mousedown/touchstart, mouseup/touchend and mousemove/touchmove.
For now, this commit makes changing the order possible on touch devices with simple touches.
* Fix duplicate CLN error
* Fix autowithdraw priority order
* Fix error per invalid bip39 word
* Update LNC code
* remove LNC FIXMEs
Mhh, I guess the TURN server was down or something? It now magically works. Or maybe it only works once per mnemonic?
* also removed the lnc.lnd.lightning.getInfo() call since we don't ask and need permission for this RPC for payments.
* setting a password does not work though. It fails with 'The password provided is not valid' which is triggered at https://github.com/lightninglabs/lnc-web/blob/main/lib/util/credentialStore.ts#L81.
* Fix order if wallet with no priority exists
* Use common sort
* Add link to lnbits.com
* Add example wallet def
* Remove TODOs
TODO in components/wallet-logger.js was handled.
I don't see a need for the TODO in lib/wallet.js anymore. This function will only be called with the wallet of type LIGHTNING_ADDRESS anyway.
* Remove console.log
* Toast priority save errors
* Fix leaking relay connections
* Remove 'tor or clearnet' hint for LN addresses
* Remove React dependency from wallet definitions
* Generate resolver name from walletField
* Move wallets into top level directory wallet/
* Put wallets into own folder
* Fix generateMutation
* remove resolverName property from wallet defs
* move function into lib/wallet
* use function in generateMutation on client to fix wrongly generated mutation
* Separate client and server imports by files
* wallets now consist of an index.js, a client.js and a server.js file
* client.js is imported on the client and contains the client portion
* server.js is imported on the server and contains the server porition
* both reexport index.js so everything in index.js can be shared by client and server
* every wallet contains a client.js file since they are all imported on the client to show the cards
* client.js of every wallet is reexported as an array in wallets/client.js
* server.js of every wallet is reexported as an array in wallets/server.js
FIXME: for some reason, worker does not properly import the default export of wallets/server.js
* Fix worker import of wallets/server
* Fix wallet.server usage
* I removed wallet.server in a previous commit
* the client couldn't determine which wallet was stored on the server since all server specific fields were set in server.js
* walletType and walletField are now set in index.js
* walletType is now used to determine if a wallet is stored on the server
* also included some formatting changes
* Fix w.default usage
Since package.json with { "type": "module" } was added, this is no longer needed.
* Fix id access in walletPrioritySort
* Fix autowithdrawal error log
* Generate validation schema for LNbits
* Generate validation schema for NWC
* Rename to torAllowed
* Generate validation schema for LNC
* Generate validation schema for LND
* Generate validation schema for LnAddr
* Remove stringTypes
* Generate validation schema for CLN
* Make clear that message belongs to test
* validate.message was used in tandem with validate.test
* it might be confused as the message if the validation for validate.type failed
* now validate.test can be a function or an object of { test, message } shape which matches Yup.test
* Remove validate.schema as a trap door
* make lnc work
* Return null if no wallet was found
* Revert code around schema generation
* Transform autowithdrawSchemaMembers into an object
* Rename schema to yupSchema
* Fix missing required for LNbits adminKey
* Support formik form-level validation
* Fix missing addWalletLog import
* Fix missing space after =
* fix merge conflict resolution mistake
* remove non-custodial* badges
* create guides for attaching wallets in sndev
* Use built-in formik validation or Yup schema but not both
* Rename: validate -> testConnectClient, testConnect -> testConnectServer
* make lnaddr autowithdraw work in dev
* move ATTACH docs to ./wallets and add lnaddr doc
* Fix missing rename: yupSchema -> fieldValidation
* Remove unused context
* Add documentation how to add wallets
---------
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* Suffix localStorage key for attached wallets with me.id
* Suffix IndexedDB database name with me.id
* Fix TypeError: Cannot destructure property of 'config' as it is null
* Detach wallet on logout
* Migrate to new storage keys
* Use Promise.catch for togglePushSubscription on logout
It's more concise
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* Allow deletion of wallet logs
* Refactor wallet logs client<>server glue code
* Use variant='link' and className='text-muted fw-bold nav-link' for clear & cancel
There is a bug though: 'clear' stays highlighted after modal is closed
* Include wallet in toast
* Delete logs on logout
* Fix ugly wallet name in confirm dialog
* Fix clear still highlighted after modal closed
* Only delete client wallet logs
* Fix ugly wallet name in toast
* Fix bad search and replace
* Use Wallet object as constant
* Also delete LNC logs on logout
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* use fixed position + div placeholder
* hide footer padding when not shown
* account for mobile inset
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* Add .vscode/settings.json to .gitignore to allow local vscode settings without making the work tree dirty
* Swap (fix) Login & SignUp button ids + Make them both 112px wide
Keyan
k00b
Riccardo Balbo
ekzyis
Tom
keyan
Ben Allen
Felipe Bueno