Commit Graph

64 Commits

Author SHA1 Message Date
Riccardo Balbo 240040f2a3 ensure wallets are kept in-sync between clients 2024-10-30 13:41:41 -05:00
Riccardo Balbo 1beac3a405 ensure wallet id is in sync before saving the config 2024-10-30 13:41:41 -05:00
Riccardo Balbo a6665bca6a fix priority sorting for send wallets,caching and sorting 2024-10-30 13:41:41 -05:00
Riccardo Balbo 40f24236fd show enabled only if configured to receive or send (handle client settings wipe) 2024-10-30 13:41:41 -05:00
Riccardo Balbo 2ef7651421 optimize api calls, remove useless effects 2024-10-30 13:41:41 -05:00
Riccardo Balbo aded5ac422 fixes 2024-10-30 13:41:41 -05:00
Riccardo Balbo 87c5634b55 add debug log 2024-10-30 13:41:41 -05:00
Riccardo Balbo d30502a011 fix wallet filtering 2024-10-30 13:41:41 -05:00
Riccardo Balbo 4fce6fa234 Fix for enabled but not available wallets 2024-10-30 13:41:41 -05:00
Riccardo Balbo 6bd07284a5 optimize api calls 2024-10-30 13:41:41 -05:00
Riccardo Balbo 4aa9608212 fixed and add wallet migration 2024-10-30 13:41:41 -05:00
Riccardo Balbo a95e4cd6e9 collect meta from server config 2024-10-30 13:41:41 -05:00
Riccardo Balbo 4604a7bac9 use SSR constant 2024-10-30 13:41:41 -05:00
Riccardo Balbo b70dbeb6d6 user vault and server side client wallets 2024-10-30 13:41:09 -05:00
Keyan d146e50660
Merge branch 'master' into max-base-fee 2024-10-20 18:25:16 -05:00
Keyan 6049baf742
Merge branch 'master' into local-dev-lnbits-recv 2024-10-20 17:38:57 -05:00
ekzyis 88fa3bdca6 Fix autoWithdrawThreshold saved in send config 2024-10-20 15:19:53 +02:00
ekzyis c97ce2627b Rename to autoWithdrawMaxFeeTotal 2024-10-20 15:14:31 +02:00
ekzyis 596d67fc68 Add max base fee setting 2024-10-20 15:14:31 +02:00
ekzyis 1f9ab08228 Add comments 2024-10-19 22:36:26 +02:00
ekzyis 69c80e3d5c Fix wallet client validation 2024-10-19 22:33:37 +02:00
k00b aba212f6ec don't abort on blinded path feature bits 2024-10-17 14:23:03 -05:00
ekzyis 75051f1c56 LNbits updates for local dev
* persistent lnbits db with lnbits superuser
* map localhost:5001 -> lnbits:5000 in local dev for LNbits receives
* updated ATTACH.md
2024-10-17 20:54:07 +02:00
k00b 6aac9eeed4 update breaking change in estimateRouteFee 2024-10-17 13:25:49 -05:00
k00b 154c0e0a4a fix cache key bloat 2024-10-06 18:56:48 -05:00
k00b 177e0f6bb0 fix #1453 2024-10-05 13:57:55 -05:00
k00b 153455983e Revert "Encrypted device sync (#1373)"
This reverts commit a9a566a79f.
2024-10-04 15:00:13 -05:00
Keyan 4ce395889d
Be kind to lnd (#1448)
* cache or remove unecessary calls to lnd

* avoid redundant grpc calls in state machine

* store preimage whenever available

* enhancements post self-code review

* small refinements

* fixes

* fix lnurl-verify

* prevent wallet logger throwing on idb close

* fix promise in race while waiting for payment
2024-10-02 15:03:30 -05:00
Riccardo Balbo a9a566a79f
Encrypted device sync (#1373)
* user vault

* code cleanup and fixes

* improve ui

* prevent name collisions between users on the same device

* some improvements

* implement storage migration

* comments and cleanup

* make connect button primary instead of warning

* move show passphrase in new line (improvement for small screen devices)

* make show passphrase field readOnly

* fixes

* fix vault key unsync

* implicit migration

* move device sync under  general tab

* fix locally disabled wallets and default wallet selection

* improve text

* remove useless SSR check

* add auth checks

* Rename variables

* Fix missing await

* Refactor local<>vault storage interface

I've changed quite some things here. Attempt of a summary:

* storageKey is now only controlled by useVaultStorageState

I've noticed that dealing with how storage keys are generated (to apply user scope) was handled in two places: the existing wallet code and in the new vault code.

This was confusing and error-prone. I've fixed that by completely relying on the new vault code to generate correct storage keys.

* refactored migration

Migration now simply encrypts any existing local wallets and sends them to the server. On success, the local unencrypted version is deleted.

The previous code seemed to unnecessarily generate new local entries prefixed by 'vault:'.

However, since we either use unencrypted local state OR use the encrypted vault on the server for the data, I didn't see any need for these.

Migration seems to work just as well as before.

* removed unnecessary state

In the <DeviceSync> component, enabled & connected were using a unnecessary combo of useState+useEffect.

They were only using variables that are always available during render so simple assignments were enough.

* other minor changes include:

  * early returns
  * remove unnecessary SSR checks in useEffect or useCallback
  * formatting, comments
  * remove unnecessary me? to expose possible bugs

* Fix missing dependency for useZap

This didn't cause any bugs because useWallet returns everything we need on first render.

This caused a bug with E2EE device sync branch though since there the wallet is loaded async.

This meant that during payment, the wallet config was undefined.

* Assume JSON during encryption and decryption

* Fix stale value from cache served on next fetches

* Add wallet.perDevice field

This adds 'perDevice' as a new wallet field to force local storage. For example, WebLN should not be synced across devices.

* Remove debug buttons

* Rename userVault -> vault

* Update console.log's

* revert some of the migration and key handling changes. restore debug buttons for testing

* Fix existing wallets not loaded

* Pass in localOnly and generate localStorageKey once

* Small refactor of migration

* Fix wallet drag and drop

* Add passphrase copy button

* Fix priorityOnly -> skipTests

* Disable autocompletion for reset confirmation prompt

* Show wrong passphrase as input error

* Move code into components/device-sync.js

* Import/export passphrase via QR code

* Fix modal back button invisible in light mode

* Fix modal closed even on connect error

* Use me-2 for cancel/close button

* Some rephrasing

* Fix wallet detach

* Remove debug buttons

* Fix QR code scan in dark mode

* Don't allow custom passphrases

* More rephrasing

* Only use schema if not enabled

* Fix typo in comment

* Replace 'generate passphrase' button with reload icon

* Add comment about IV reuse in GCM

* Use 600k iterations as recommended by OWASP

* Set extractable to false where not needed

* use-vault fallbacks to local storage only for anonymous users

* fix localStorage reset on logout

* add copy button

* move reset out of modals

* hide server side errors

* hardened passphrase storage

* do not show passphrase even if hardened storage is disabled (ie. indexeddb not supported)

* show qr code button on passphrase creation

* use toast for serverside error

* Move key (de)serialization burden to get/setLocalKey functions

* password textarea and remove qr

* don't print plaintext vault values into console

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: k00b <k00b@stacker.news>
2024-10-01 14:55:01 -05:00
ekzyis 5d1be66eef
Add nwc_recv container (#1442) 2024-10-01 09:14:29 -05:00
Keyan 3310925155
increase founders fee to 70% and zap sybil fee to 30% (#1388)
* increase founders fee to 70% and zap sybil fee to 30%

* more sybil fee changes
2024-09-19 15:15:56 -05:00
ekzyis 24aacd8839
Fix recv wallet deleted on logout (#1398)
* Fix recv wallet deleted on logout

* Fix wallet logs on server deleted on logout

* Remove unused option in deleteLogs to override wallet
2024-09-12 13:06:13 -05:00
ekzyis a6713f9793
Account Switching (#644)
* WIP: Account switching

* Fix empty USER query

ANON_USER_ID was undefined and thus the query for @anon had no variables.

* Apply multiAuthMiddleware in /api/graphql

* Fix 'you must be logged in' query error on switch to anon

* Add smart 'switch account' button

"smart" means that it only shows if there are accounts to which one can switch

* Fix multiAuth not set in backend

* Comment fixes, minor changes

* Use fw-bold instead of 'selected'

* Close dropdown and offcanvas

Inside a dropdown, we can rely on autoClose but need to wrap the buttons with <Dropdown.Item> for that to work.

For the offcanvas, we need to pass down handleClose.

* Use button to add account

* Some pages require hard reload on account switch

* Reinit settings form on account switch

* Also don't refetch WalletHistory

* Formatting

* Use width: fit-content for standalone SignUpButton

* Remove unused className

* Use fw-bold and text-underline on selected

* Fix inconsistent padding of login buttons

* Fix duplicate redirect from /settings on anon switch

* Never throw during refetch

* Throw errors which extend GraphQLError

* Only use meAnonSats if logged out

* Use reactive variable for meAnonSats

The previous commit broke the UI update after anon zaps because we actually updated item.meSats in the cache and not item.meAnonSats.

Updating item.meAnonSats was not possible because it's a local field. For that, one needs to use reactive variables.

We do this now and thus also don't need the useEffect hack in item-info.js anymore.

* Switch to new user

* Fix missing cleanup during logout

If we logged in but never switched to any other account, the 'multi_auth.user-id' cookie was not set.

This meant that during logout, the other 'multi_auth.*' cookies were not deleted.

This broke the account switch modal.

This is fixed by setting the 'multi_auth.user-id' cookie on login.

Additionally, we now cleanup if cookie pointer OR session is set (instead of only if both are set).

* Fix comments in middleware

* Remove unnecessary effect dependencies

setState is stable and thus only noise in effect dependencies

* Show but disable unavailable auth methods

* make signup button consistent with others

* Always reload page on switch

* refine account switch styling

* logout barrier

---------

Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: k00b <k00b@stacker.news>
2024-09-12 13:05:11 -05:00
ekzyis 36e9f3f16f
useWallet hook cleanup (#1396)
* Assign everything to wallet object

* Add canReceive for sake of completeness
2024-09-12 11:09:44 -05:00
ekzyis ec5241ad29
Enable WebLN wallet on 'webln:enabled' (#1385)
* Enable WebLN wallet on 'webln:enabled'

* Optimistically use WebLN for login with lightning

* Don't scope WebLN config to user

* Rename var to wallet
2024-09-10 11:13:39 -05:00
ekzyis 8c56904094
Fix missing user invoice timeout (#1379)
* Wait max 10 seconds for user wallet to create invoice

* Add timeout in error message
2024-09-08 17:16:52 -05:00
ekzyis 3f0499b96e
Fix ephemeral events missed (#1367)
* Fix ephemeral events missed

The spec mentions the following:

> for kind n such that 20000 <= n < 30000, events are ephemeral, which means they are not expected to be stored by relays.

This applies to NWC events. This means that we need to subscribe _before_ we publish the request.

See https://github.com/nostr-protocol/nips/blob/master/01.md

* Verify events before accepting them
2024-09-06 08:20:49 -05:00
ekzyis 7428738b23
Update wallets/README.md (#1353)
* Remove warning about send+recv not tested

* Add file comment

* Fix createInvoice description
2024-09-02 17:15:46 -05:00
ekzyis ae8cadd4be
Switch NWC from Damus to Primal relay (#1340) 2024-08-28 09:32:29 -05:00
ekzyis 4cec369005
Support Tor for LNbits recv (#1336)
* Add tor support to LNbits recv

* Only return agent
2024-08-27 11:16:02 -05:00
ekzyis ec6124ca62
NWC hardcoded keys (#1335)
* Include keys.json in NWC container image

* Update NWC ATTACH.md
2024-08-27 11:14:35 -05:00
ekzyis 9f194c5d8e
Fix preimage undefined in wallet logs (#1337)
* Fix preimage undefined in NWC wallet logs

* Return preimage as string
2024-08-27 11:13:52 -05:00
ekzyis cc003a9a3e
Phoenixd send+recv (#1322)
* Add genwallet script

* Add phoenixd as send+recv wallet

* phoenixd passwords are 64 hex chars
2024-08-26 18:20:45 -05:00
ekzyis 48d0cd1086
Fix full config saved on client on priority change (#1329)
* Fix full config saved on client on priority change

* Fix WebLN disabled on priority change

* Always merge configs
2024-08-25 18:40:55 -05:00
k00b 467a9d6a76 fix lnc by always reusing the same lnc object 2024-08-24 18:56:15 -05:00
ekzyis 66cf97e832
Skip wallet tests on priority update (#1327)
* Skip wallet connection tests if only priority is changed

* Fix server priority overrides client priority

* Also add priorityOnly as last argument in generateMutation
2024-08-22 20:08:02 -05:00
Keyan df62cfb28c
paid action limits (#1323) 2024-08-21 14:45:51 -05:00
ekzyis 789d7626f7
Support receiving with NWC (#1310)
* Add NWC receives

* Refactor sendPayment+createInvoice with nwcCall function

* Update badge

* Add method support checks

* Add timeout to NWC test invoice

* Fix NWC isConfigured state

All NWC fields are marked as optional but NWC should only be considered configured if one of them is set.

* Fix relay.fetch() throws 'crypto is not defined' in node

nip04.encrypt() was failing in worker because 'crypto is not defined'. Updating to nostr-tools v2.7.2 fixed that.

However, now crypto.randomUUID() in relay.fetch() was throwing 'crypto is not defined'. Importing crypto from 'crypto' fixed that.

However, with the import, randomUUID() does not work so I switched to randomBytes().

Running relay.fetch() now works in browser and node.

* recv must not support pay_invoice

* Fix Relay connection check

* this.url was undefined
* error was an object

* Fix additional isConfigured check runs always

It was meant to only catch false positives, not turn negatives into false positives.

* Rename testConnectServer to testCreateInvoice

* Rename testConnectClient to testSendPayment

* Only run testSendPayment if send is configured

The return value of testSendPayment was used before but it only returned something for LNC.

And for LNC, we only wanted to save the transformation during validation, so it was not needed.

* Always use withTimeout in NWC test functions

* Fix fragment name

* Use get_info command exclusively

* Check permissions more efficiently

* Log NWC request-response flow

* Fix variable name

* Call ws.send after listener is added

* Fix websocket not closed after timeout

* Also check that pay_keysend etc. are not supported

* fix lnc session key save

---------

Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: k00b <k00b@stacker.news>
2024-08-21 10:13:27 -05:00
Keyan bc94ec7d28
disable freebies setting (#1320)
* disable freebies setting

* await in disableFreebie resolver + better info modal
2024-08-21 09:37:25 -05:00
ekzyis 06b661625c
Use custom relay API (#1302)
* Use custom relay API

Relay from nostr-tools was cumbersome to use. This custom abstraction over window.WebSocket makes interacting with nostr relays easier.

* Use variables for nostr message parts

* Fix NWC save

* Use try/finally

* Refactor crossposting code

* use custom replay API
* simplify callWithTimeout

* Use isomorphic-ws for nip57 zap receipts

* Use async map

* Reject with timeout error

* Move time functions into lib/time

* Remove outdated comment regarding relay.close()
2024-08-18 17:28:39 -05:00