* wip: Use uniform interface for wallets
* Fix import error
* Update wallet logging + other stuff
* add canPay and canSend to wallet definition
* rename 'default payment method' to 'enabled' and add enable + disable method
* Set canPay, canReceive in useWallet
* Enable wallet if just configured
* Don't pass logger to sendPayment
* Add logging to attach & detach
* Add schema to wallet def
* Add NWC wallet
* Fix unused isDefault saved in config
* Fix enableWallet
* wrong storage key was used
* broke if wallets with no configs existed
* Run validation during save
* Use INFO level for 'wallet disabled' message
* Pass config with spread operator
* Support help, optional, hint in wallet fields
* wip: Add LNC
* Fix 20s page load for /settings/wallets.json?nodata=true
For some reason, if nodata is passed (which is the case if going back), the page takes 20s to load.
* Fix extremely slow page load for LNC import
I noticed that the combination of
```
import { Form, PasswordInput, SubmitButton } from '@/components/form'
```
in components/wallet/lnc.js and the dynamic import via `await import` in components/wallet/index.js caused extremely slow page loads.
* Use normal imports
* Revert "Fix 20s page load for /settings/wallets.json?nodata=true"
This reverts commit deb476b3a966569fefcfdf4082d6b64f90fbd0a2.
Not using the dynamic import for LNC fixed the slow page load with ?nodata=true.
* Remove follow and show recent logs first
* Fix position of log start marker
* Add FIXMEs for LNC
I can't get LNC to connect. It just hangs forever on lnc.connect(). See FIXMEs.
* Remove logger.error since already handled in useWallet
* Don't require destructuring to pass props to input
* wip: Add LND autowithdrawals
* receiving wallets need to export 'server' object field
* don't print macaroon error stack
* fix missing wallet logs order update
* mark autowithdrawl settings as required
* fix server wallet logs deletion
* remove canPay and canReceive since it was confusing where it is available
TODO
* also use numeric priority for sending wallets to be consistent with how status for receiving wallets is determined
* define createInvoice function in wallet definition
* consistent wallet logs: sending wallets use 'wallet attached'+'wallet enabled/disabled' whereas receiving wallets use 'wallet created/updated'
* see FIXMEs
* Fix TypeError
* Fix sendPayment called with empty config
* removed useEffect such that config is available on first render
* fix hydration error using dynamic import without SSR
* Fix confusing UX around enabled
* Remove FIXMEs
Rebase on master seemed to have fixed these, weird
* Use same error format in toast and wallet log
* Fix usage of conditional hooks in useConfig
* Fix isConfigured
* Fix delete wallet logs on server
* Fix wallet logs refetch
onError does not exist on client.mutate
* Fix TypeError in isConfigured if no enabled wallet found
* Only include local/server config if required
* Fix another hydration error
* Fix server config not updated after save or detach
* Also use 'enabled' for server wallets
* Fix wallet logs not updated after server delete
* Consistent logs between local and server wallets
* 'wallet attached' on create
* 'wallet updated' on config updates
* 'wallet enabled' and 'wallet disabled' if checkbox changed
* 'wallet detached' on delete
* Also enable server wallets on create
* Disable checkbox if not configured yet
* Move all validation schema into lib/validate
* Implement drag & drop w/o persistence
* Use dynamic import for WalletCard
This fixes a lot of issues with hydration
* Save order as priority
* Fix autowithdrawSettings not applied
Form requires config in flat format but mutation requires autowithdraw settings in a separate 'settings' field.
I have decided that config will be in flat form format. It will be transformed into mutation format during save.
* Save dedicated enabled flag for server wallets
* wallet table now contains boolean column 'enabled'
* 'priority' is now a number everywhere
* use consistent order between how autowithdrawals are attempted and server wallets cards
* Fix onCanceled missing
* Fix typo
* Fix noisy changes in lib/validate
I moved the schema for lnbits, nwc and lnc out of lib/validate only to put them back in there later.
This commit should make the changeset cleaner by removing noise.
* Split arguments into [value,] config, context
* Run lnbits url.replace in validate and sendPayment
* Remove unnecessary WALLETS_QUERY
* Generate wallet mutation from fields
* Generate wallet resolver from fields
* Fix import inconsistency between app and worker
* Use wallet.createInvoice for autowithdrawals
* Fix success autowithdrawal log
* Fix wallet security banner shown for server wallets
* Add autowithdrawal to lightning address
* Add optional wallet short name for logging
* Fix draggable
* Fix autowithdraw loop
* Add missing hints
* Add CLN autowithdrawal
* Detach wallets and delete logs on logout
* Remove Wallet in lib/constants
* Use inject function for resolvers and typeDefs
* Fix priority ignored when fetching enabled wallet
* Fix draggable false on first page load due to SSR
* Use touches instead of dnd on mobile
Browsers don't support drag events for touch devices.
To have a consistent implementation for desktop and mobile, we would need to use mousedown/touchstart, mouseup/touchend and mousemove/touchmove.
For now, this commit makes changing the order possible on touch devices with simple touches.
* Fix duplicate CLN error
* Fix autowithdraw priority order
* Fix error per invalid bip39 word
* Update LNC code
* remove LNC FIXMEs
Mhh, I guess the TURN server was down or something? It now magically works. Or maybe it only works once per mnemonic?
* also removed the lnc.lnd.lightning.getInfo() call since we don't ask and need permission for this RPC for payments.
* setting a password does not work though. It fails with 'The password provided is not valid' which is triggered at https://github.com/lightninglabs/lnc-web/blob/main/lib/util/credentialStore.ts#L81.
* Fix order if wallet with no priority exists
* Use common sort
* Add link to lnbits.com
* Add example wallet def
* Remove TODOs
TODO in components/wallet-logger.js was handled.
I don't see a need for the TODO in lib/wallet.js anymore. This function will only be called with the wallet of type LIGHTNING_ADDRESS anyway.
* Remove console.log
* Toast priority save errors
* Fix leaking relay connections
* Remove 'tor or clearnet' hint for LN addresses
* Remove React dependency from wallet definitions
* Generate resolver name from walletField
* Move wallets into top level directory wallet/
* Put wallets into own folder
* Fix generateMutation
* remove resolverName property from wallet defs
* move function into lib/wallet
* use function in generateMutation on client to fix wrongly generated mutation
* Separate client and server imports by files
* wallets now consist of an index.js, a client.js and a server.js file
* client.js is imported on the client and contains the client portion
* server.js is imported on the server and contains the server porition
* both reexport index.js so everything in index.js can be shared by client and server
* every wallet contains a client.js file since they are all imported on the client to show the cards
* client.js of every wallet is reexported as an array in wallets/client.js
* server.js of every wallet is reexported as an array in wallets/server.js
FIXME: for some reason, worker does not properly import the default export of wallets/server.js
* Fix worker import of wallets/server
* Fix wallet.server usage
* I removed wallet.server in a previous commit
* the client couldn't determine which wallet was stored on the server since all server specific fields were set in server.js
* walletType and walletField are now set in index.js
* walletType is now used to determine if a wallet is stored on the server
* also included some formatting changes
* Fix w.default usage
Since package.json with { "type": "module" } was added, this is no longer needed.
* Fix id access in walletPrioritySort
* Fix autowithdrawal error log
* Generate validation schema for LNbits
* Generate validation schema for NWC
* Rename to torAllowed
* Generate validation schema for LNC
* Generate validation schema for LND
* Generate validation schema for LnAddr
* Remove stringTypes
* Generate validation schema for CLN
* Make clear that message belongs to test
* validate.message was used in tandem with validate.test
* it might be confused as the message if the validation for validate.type failed
* now validate.test can be a function or an object of { test, message } shape which matches Yup.test
* Remove validate.schema as a trap door
* make lnc work
* Return null if no wallet was found
* Revert code around schema generation
* Transform autowithdrawSchemaMembers into an object
* Rename schema to yupSchema
* Fix missing required for LNbits adminKey
* Support formik form-level validation
* Fix missing addWalletLog import
* Fix missing space after =
* fix merge conflict resolution mistake
* remove non-custodial* badges
* create guides for attaching wallets in sndev
* Use built-in formik validation or Yup schema but not both
* Rename: validate -> testConnectClient, testConnect -> testConnectServer
* make lnaddr autowithdraw work in dev
* move ATTACH docs to ./wallets and add lnaddr doc
* Fix missing rename: yupSchema -> fieldValidation
* Remove unused context
* Add documentation how to add wallets
---------
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* capture/store data for new referral scheme
* simplify signup/forever referral rules
* no self-referrals and other fixes
* better post/comment distinction and support /items/1/related
* first pass of hashing user emails
* use salt
* add a salt to .env.development (prod salt needs to be kept a secret)
* move `hashEmail` util to a new util module
* trigger a one-time job to migrate existing emails via the worker
so we can use the salt from an env var
* move newsletter signup
move newsletter signup to prisma adapter create user with email code path
so we can still auto-enroll email accounts without having to persist the email address
in plaintext
* remove `email` from api key session lookup query
* drop user email index before dropping column
* restore email column, just null values instead
* fix function name
* fix salt and hash raw sql statement
* update auth methods email type in typedefs from str to bool
* remove todo comment
* lowercase email before hashing during migration
* check for emailHash and email to accommodate migration window
update our lookups to check for a matching emailHash, and then a matching
email, in that order, to accommodate the case that a user tries to login
via email while the migration is running, and their account has not yet been migrated
also update sndev to have a command `./sndev email` to launch the mailhog inbox in your browser
also update `./sndev login` to hash the generated email address and insert it into the db record
* update sndev help
* update awards.csv
* update the hack in next-auth to re-use the email supplied on input to `getUserByEmail`
* consolidate console.error logs
* create generic open command
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* Merge serializeInvoiceable with serialize
* Rename to verifyPayment
We already have a function named checkInvoice in the worker which can be confusing.
Also, we don't need to export this function.
* Use crypto.timingSafeEqual
* Fix missing unwrap for item creation and update
* Merge serializeInvoiceable with serialize
* Rename to verifyPayment
We already have a function named checkInvoice in the worker which can be confusing.
Also, we don't need to export this function.
* Use crypto.timingSafeEqual
* Generate API key in settings
* Check x-api-key for GraphQL API requests
* Don't fallback to cookie if x-api-key header was provided
* Select all session fields
* Fix error if API key not found
* Fix style in settings via form-label className
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
* Use parallel invoice subscriptions
* Fix missing idempotency
* Log error
* Use cursor for invoice subscription
* Subscribe to outgoing payments for withdrawals
* Add TODO comments regarding migration to LND subscriptions
* Also use isPoll variable in checkInvoice
* Queue status check of pending withdrawals
* Use for loop to check pending withdrawals
* Reconnect to LND gRPC API on error
* Fix hash modified of applied migrations
* Separate wallet code from worker index
* refactor subscription code some more
* remove unnecessary subWrapper abstraction
* move all wallet related code into worker/wallet.js such that only a single import is needed in worker/index.js
* Migrate from polling to LND subscriptions
* Remove unnecessary reconnect code
* Add FIXME
* Add listener for HODL invoice updates
* Remove obsolete comment
* Update README
* Add job to cancel hodl invoice if expired
* Fix missing else
* small bug fixes and readability enhancements
* refine and add periodic redundant deposit/withdrawal checks
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* Debounce the `onAddrChange` event handler when sending to a LN Address,
so we more accurately display the input form for LUD-12 and LUD-18 options
* Remove explicit URI encoding of Payer Data when sending to a LN Addr, since we're getting encoding for free via URLSearchParams
* Append `@stacker.news` to identifier values sent in payer data
* Don't do extra decoding when receiving LUD-18 data
* first pass of LUD-18 support
* Various LUD-18 updates
* don't cache the well-known response, since it includes randomly generated single use values
* validate k1 from well-known response to pay URL
* only keep k1's for 10 minutes if they go unused
* fix validation logic to make auth object optional
* Various LUD18 updates
* move k1 cache to database
* store payer data in invoice db table
* show payer data in invoices on satistics page
* show comments and payer data on invoice page
* Show lud18 data in invoice notification
* PayerData component for easier display of info in invoice, notification, wallet history
* `payerData` -> `invoicePayerData` in fact schema
* Merge prisma migrations
* lint fixes
* worker job to clear out unused lnurlp requests after 30 minutes
* More linting
* Move migration to older
* WIP review
* enhance lud-18
* refine notification ui
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* Prototype implementing LUD-12 comments on payRequest in LNURLP Lightning Address flow
* Support sending comment when withdrawing to ln addr (LUD-12)
* Prevent `initialError` from being toasted informs multiple times
* delete the old create_invoice function
* improve lightning addr withdrawal styling
* allow lnaddr comment to show up in notifications
* enhance satistics
---------
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
* Add diagnostics settings & endpoint
Stackers can now help us to identify and fix bugs by enabling diagnostics.
This will send anonymized data to us.
For now, this is only used to send events around push notifications.
* Send diagnostics to slack
* Detect OS
* Diagnostics data is only pseudonymous, not anonymous
It's only pseudonymous since with additional knowledge (which stacker uses which fancy name), we could trace the events back to individual stackers.
Data is only anonymous if this is not possible - it must be irreversible.
* Check if window.navigator is defined
* Use Slack SDK
* Catch errors of slack requests
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
This overrides OS auto-rotate settings on Android. This means that the PWA does auto-rotate even if the OS setting to auto-rotate is not enabled.
This property is experimental and only supported by Chromium-based browsers anyway.
Also, you can still manually rotate if you want.
Co-authored-by: ekzyis <ek@stacker.news>
Remove the static manifest file and serve it via an API route instead.
Change the background color of the PWA depending on the client hint provided data
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
ekzyis
Keyan
keyan
SatsAllDay
Alex Lewin
ekzyis
Satoshi Nakamoto