Commit Graph

68 Commits

Author SHA1 Message Date
Riccardo Balbo 95950cdff8
pass hasSendWallet to ItemAct actor (#1804) 2025-01-05 11:25:49 -06:00
Keyan 146b60278c
cowboy credits (aka nov-5 (aka jan-3)) (#1678)
* wip adding cowboy credits

* invite gift paid action

* remove balance limit

* remove p2p zap withdrawal notifications

* credits typedefs

* squash migrations

* remove wallet limit stuff

* CCs in item detail

* comments with meCredits

* begin including CCs in item stats/notifications

* buy credits ui/mutation

* fix old /settings/wallets paths

* bios don't get sats

* fix settings

* make invites work with credits

* restore migration from master

* inform backend of send wallets on zap

* satistics header

* default receive options to true and squash migrations

* fix paidAction query

* add nav for credits

* fix forever stacked count

* ek suggested fixes

* fix lint

* fix freebies wrt CCs

* add back disable freebies

* trigger cowboy hat job on CC depletion

* fix meMsats+meMcredits

* Update api/paidAction/README.md

Co-authored-by: ekzyis <ek@stacker.news>

* remove expireBoost migration that doesn't work

---------

Co-authored-by: ekzyis <ek@stacker.news>
2025-01-03 10:33:07 -06:00
Keyan eb22fdab41
make possibly conflicting optimistic cache updates write to each other (#1772)
* make possibly conflicting optimistic cache updates write to each other

* always update optimistic caches with cache.modifying items
2024-12-27 14:52:32 -06:00
Keyan 18445b1dc1
fix 1695 by not updating ancestors on zap (#1766)
* fix 1695 by not updating ancestors on zap

* update ancestors but only onPaid
2024-12-27 10:19:49 -06:00
ekzyis 4e6fb40c0b Use conditional waitFor to fix premature payment success 2024-12-11 19:27:29 +01:00
k00b 8595a2b8b0 stop probable source of 504 toasts 2024-12-01 17:01:13 -06:00
k00b 6b59e1fa75 usesendwallets 2024-11-27 19:39:20 -06:00
k00b b608fb6848 refactor out array of hooks 2024-11-27 17:31:08 -06:00
k00b 48640cbed6 pages load *kazoo* 2024-10-30 13:45:05 -05:00
k00b da020cf899 complete fantasy scaffolding 2024-10-30 13:44:18 -05:00
Keyan f4382ad73e
better boost hints (#1441)
* better boost hints

* refine
2024-10-02 19:24:01 -05:00
Keyan 9f06fd65ee
UX latency enhancements for paid actions (#1434)
* prevent multiple retries & pulse retry button

* fix lint

* don't wait for settlement on pessimistic zaps

* optimistic act modal
2024-09-25 13:32:52 -05:00
Keyan 76218dccac
batch zap requests (#1424) 2024-09-24 09:38:48 -05:00
ekzyis d30dace266
Fix missing dependency for useZap (#1420)
This didn't cause any bugs because useWallet returns everything we need on first render.

This caused a bug with E2EE device sync branch though since there the wallet is loaded async.

This meant that during payment, the wallet config was undefined.
2024-09-22 11:03:38 -05:00
Keyan 5f0494de30
rethinking boost (#1408)
* reuse boost for jobs

* wip

* allow job stopping

* restore upvote.js

* expire boost

* boost beyond edit window

* fix boost bolt styling

* rank comments with boost

* no random sort for jobs

* top boost for month at top of territory

* boost hints

* more boost help

* squash migrations

* for same boost, prioritize older

* show ad only if active

* fix itemCreate/Update boost expiration jobs

* fix fee button precedence
2024-09-19 13:13:14 -05:00
ekzyis a6713f9793
Account Switching (#644)
* WIP: Account switching

* Fix empty USER query

ANON_USER_ID was undefined and thus the query for @anon had no variables.

* Apply multiAuthMiddleware in /api/graphql

* Fix 'you must be logged in' query error on switch to anon

* Add smart 'switch account' button

"smart" means that it only shows if there are accounts to which one can switch

* Fix multiAuth not set in backend

* Comment fixes, minor changes

* Use fw-bold instead of 'selected'

* Close dropdown and offcanvas

Inside a dropdown, we can rely on autoClose but need to wrap the buttons with <Dropdown.Item> for that to work.

For the offcanvas, we need to pass down handleClose.

* Use button to add account

* Some pages require hard reload on account switch

* Reinit settings form on account switch

* Also don't refetch WalletHistory

* Formatting

* Use width: fit-content for standalone SignUpButton

* Remove unused className

* Use fw-bold and text-underline on selected

* Fix inconsistent padding of login buttons

* Fix duplicate redirect from /settings on anon switch

* Never throw during refetch

* Throw errors which extend GraphQLError

* Only use meAnonSats if logged out

* Use reactive variable for meAnonSats

The previous commit broke the UI update after anon zaps because we actually updated item.meSats in the cache and not item.meAnonSats.

Updating item.meAnonSats was not possible because it's a local field. For that, one needs to use reactive variables.

We do this now and thus also don't need the useEffect hack in item-info.js anymore.

* Switch to new user

* Fix missing cleanup during logout

If we logged in but never switched to any other account, the 'multi_auth.user-id' cookie was not set.

This meant that during logout, the other 'multi_auth.*' cookies were not deleted.

This broke the account switch modal.

This is fixed by setting the 'multi_auth.user-id' cookie on login.

Additionally, we now cleanup if cookie pointer OR session is set (instead of only if both are set).

* Fix comments in middleware

* Remove unnecessary effect dependencies

setState is stable and thus only noise in effect dependencies

* Show but disable unavailable auth methods

* make signup button consistent with others

* Always reload page on switch

* refine account switch styling

* logout barrier

---------

Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: k00b <k00b@stacker.news>
2024-09-12 13:05:11 -05:00
ekzyis 0c3337fb97
More zap undo fixes IV (#1282)
* Add margin-top to zap undo input

* Update zap undo hint

* Fix zap undo pulse not reflecting zap amount
2024-08-02 17:41:47 -05:00
SatsAllDay dc0370ba17
random zap amounts (#1263)
* add random zapping support

adds an option to enable random zap amounts per stacker

configurable in settings, you can enable this feature and provide
an upper and lower range of your random zap amount

* rename github eslint check to lint

this has been bothering me since we aren't using eslint for linting

* fixup! add random zapping support

* fixup! rename github eslint check to lint

* fixup! fixup! add random zapping support

---------

Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
2024-07-26 22:37:03 -05:00
keyan 6cf16d3da7 don't toast on invoice cancellation 2024-07-09 13:10:41 -05:00
Keyan 79f0df17b2
improve pessimistic paid actions by letting the server perform actions and settle invoice on `HELD` (#1253)
* get rid of hash and hmac based pessimism

* fix readme
2024-07-04 12:30:42 -05:00
keyan 1e9d1ce66c fix zap optimistic response 2024-07-01 14:56:17 -05:00
Keyan ca11ac9fb8
backend payment optimism (#1195)
* wip backend optimism

* another inch

* make action state transitions only happen once

* another inch

* almost ready for testing

* use interactive txs

* another inch

* ready for basic testing

* lint fix

* inches

* wip item update

* get item update to work

* donate and downzap

* inchy inch

* fix territory paid actions

* wip usePaidMutation

* usePaidMutation error handling

* PENDING_HELD and HELD transitions, gql paidAction return types

* mostly working pessimism

* make sure invoice field is present in optimisticResponse

* inches

* show optimistic values to current me

* first pass at notifications and payment status reporting

* fix migration to have withdrawal hash

* reverse optimism on payment failure

* Revert "Optimistic updates via pending sats in item context (#1229)"

This reverts commit 93713b33df.

* add onCompleted to usePaidMutation

* onPaid and onPayError for new comments

* use 'IS DISTINCT FROM' for NULL invoiceActionState columns

* make usePaidMutation easier to read

* enhance invoice qr

* prevent actions on unpaid items

* allow navigation to action's invoice

* retry create item

* start edit window after item is paid for

* fix ux of retries from notifications

* refine retries

* fix optimistic downzaps

* remember item updates can't be retried

* store reference to action item in invoice

* remove invoice modal layout shift

* fix destructuring

* fix zap undos

* make sure ItemAct is paid in aggregate queries

* dont toast on long press zap undo

* fix delete and remindme bots

* optimistic poll votes with retries

* fix retry notifications and invoice item context

* fix pessimisitic typo

* item mentions and mention notifications

* dont show payment retry on item popover

* make bios work

* refactor paidAction transitions

* remove stray console.log

* restore docker compose nwc settings

* add new todos

* persist qr modal on post submission + unify item form submission

* fix post edit threshold

* make bounty payments work

* make job posting work

* remove more store procedure usage ... document serialization concerns

* dont use dynamic imports for paid action modules

* inline comment denormalization

* create item starts with median votes

* fix potential of serialization anomalies in zaps

* dont trigger notification indicator on successful paid action invoices

* ignore invoiceId on territory actions and add optimistic concurrency control

* begin docs for paid actions

* better error toasts and fix apollo cache warnings

* small documentation enhancements

* improve paid action docs

* optimistic concurrency control for territory updates

* use satsToMsats and msatsToSats helpers

* explictly type raw query template parameters

* improve consistency of nested relation names

* complete paid action docs

* useEffect for canEdit on payment

* make sure invoiceId is provided when required

* don't return null when expecting array

* remove buy credits

* move verifyPayment to paidAction

* fix comments invoicePaidAt time zone

* close nwc connections once

* grouped logs for paid actions

* stop invoiceWaitUntilPaid if not attempting to pay

* allow actionState to transition directly from HELD to PAID

* make paid mutation wait until pessimistic are fully paid

* change button text when form submits/pays

* pulsing form submit button

* ignore me in notification indicator for territory subscription

* filter unpaid items from more queries

* fix donation stike timing

* fix pending poll vote

* fix recent item notifcation padding

* no default form submitting button text

* don't show paying on submit button on free edits

* fix territory autorenew with fee credits

* reorg readme

* allow jobs to be editted forever

* fix image uploads

* more filter fixes for aggregate views

* finalize paid action invoice expirations

* remove unnecessary async

* keep clientside cache normal/consistent

* add more detail to paid action doc

* improve paid action table

* remove actionType guard

* fix top territories

* typo api/paidAction/README.md

Co-authored-by: ekzyis <ek@stacker.news>

* typo components/use-paid-mutation.js

Co-authored-by: ekzyis <ek@stacker.news>

* Apply suggestions from code review

Co-authored-by: ekzyis <ek@stacker.news>

* encorporate ek feeback

* more ek suggestions

* fix 'cost to post' hover on items

* Apply suggestions from code review

Co-authored-by: ekzyis <ek@stacker.news>

---------

Co-authored-by: ekzyis <ek@stacker.news>
2024-07-01 12:02:29 -05:00
ekzyis 93713b33df
Optimistic updates via pending sats in item context (#1229)
* Use context for pending sats

* Fix sats going negative on zap undo

We already handle undoing pending sats by wrapping the payment+mutation with try/finally.

* Remove unnecessary ItemContextProvider

* Rename to parentCtx

* Fix hierarchy of ItemContextProvider

If a comment was root and it was zapped, the pending sats contributed to the sats shown in <CommentsHeader>.

This was caused by <CommentsHeader> accessing the root item context for all comments, even for the root comment.

So even if the root comment was zapped, the pending sats contributed to the sats for the comment section.

This wasn't the case for posts since their item context was above the context used by <CommentsHeader>.

This was fixed by moving <ItemProviderContext> down into <Comments> and <Item> instead of declaring it at <ItemFull> which wraps the root item and all comments.

* Optimistic update for poll votes

* prevent twice optimistic zap

* enhance client notifications with skeleton and no redudant queries

* enlarge nwc amount limits

* Disable max amount and daily limit in NWC container

---------

Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2024-06-12 08:34:24 -05:00
ekzyis 09f9efa189
Remove strike delay (#1227) 2024-06-05 11:49:09 -05:00
ekzyis ea97fbf4a4
Avoid manual optimistic updates for now (#1220)
* Avoid manual optimistic zap updates for now

* Remove manual optimistic updates for pay-bounty and poll
2024-06-04 03:02:34 -05:00
ekzyis 94cce9155d
Frontend payment UX cleanup (#1194)
* Replace useInvoiceable with usePayment hook

* Show WebLnError in QR code fallback

* Fix missing removal of old zap undo code

* Fix payment timeout message

* Fix unused arg in super()

* Also bail if invoice expired

* Fix revert on reply error

* Use JIT_INVOICE_TIMEOUT_MS constant

* Remove unnecessary PaymentContext

* Fix me as a dependency in FeeButtonContext

* Fix anon sats added before act success

* Optimistic updates for zaps

* Fix modal not closed after custom zap

* Optimistic update for custom zaps

* Optimistic update for bounty payments

* Consistent error handling for zaps and bounty payments

* Optimistic update for poll votes

* Use var balance in payment.request

* Rename invoiceable to prepaid

* Log cancelled invoices

* Client notifications

We now show notifications that are stored on the client to inform the user about following errors in the prepaid payment flow:

- if a payment fails
- if an invoice expires before it is paid
- if a payment was interrupted (for example via page refresh)
- if the action fails after payment

* Remove unnecessary passing of act

* Use AbortController for zap undos

* Fix anon zap update not updating bolt color

* Fix zap counted towards anon sats even if logged in

* Fix duplicate onComplete call

* Fix downzap type error

* Fix "missing field 'path' while writing result" error

* Pass full item in downzap props

The previous commit fixed cache updates for downzaps but then the cache update for custom zaps failed because 'path' wasn't included in the server response.

This commit is the proper fix.

* Parse lnc rpc error messages

* Add hash to InvoiceExpiredError
2024-05-28 12:18:54 -05:00
Keyan c3d709b025
add lnc attached wallet (#1104)
* add litd to docker env

* lnc payments

* handle locked wallet configuration

* create new lnc connection for every action

* ensure creds are decrypted before reconnecting

* perform permissions check
2024-04-26 21:22:30 -05:00
keyan 1a25179a98 modal spacing fixes 2024-04-16 15:33:00 -05:00
ekzyis c2aef34ba2 Add threshold for zap undos 2024-03-25 20:34:28 +01:00
ekzyis 42d7a31584 Fix custom zap modal closed after zap undo 2024-03-25 20:32:23 +01:00
ekzyis 17071fa615 Add missing tag to custom zap toasts 2024-03-25 20:32:23 +01:00
ekzyis d237861ff5
Use module path aliases (#938)
* Use module path aliases

* fix broken refactor

* path mapping for svgs, style, and remaining places (bonus: lose babel dep)

---------

Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2024-03-19 19:37:31 -05:00
ekzyis 89de8a9907
Fix out of order undos for turbo zaps (#883)
Turbo zaps had different toast bodies so they weren't merged together. This gave stackers the option to undo these zaps out of order.

When zaps are undone out of order, the client cache can get in a bad state. Using the item id as a tag fixes that such that zaps for the same item will always get merged together.

This can be seen as a workaround for hacky zap undo code but I think it's also better UX so maybe we should do this anyway.
2024-02-26 18:10:43 -06:00
ekzyis bbdd969394
Fix missing progress bar for custom zaps (#882) 2024-02-26 18:09:29 -06:00
ekzyis 38f2aa309d
Fix bolt hover ignores turbozaps (#881)
* Fix bolt hover color ignores turbo zaps

* Refactor next tip code into own function
2024-02-26 18:09:09 -06:00
ekzyis a067a9fcf1
Use progress bar for pending payments (#873)
The progress bar indicates when the invoice will expire.

This works by passing in a timeout to the withToastFlow wrapper.

If timeout is set, progressBar option will be true for the toast and delay will be set to the timeout.

If progressBar is set, the progress bar will use the delay for its duration.
2024-02-24 14:33:08 -06:00
ekzyis 817234a7fa
More zap undo fixes (#872)
* Don't throw error if invoice attached

* Only show progress bar for undo toasts

* Update zap undo info in settings

* Skip zap undo toast flow for external payments
2024-02-24 11:38:40 -06:00
ekzyis c57fcd6518
Allow zap undo's for short period of time (#857)
* Cancel zaps

* Hide zap error toast

* Immediately throw error about insufficient funds

* Optimistic UX

* Also hide success zap toast

* Show undo instead of cancel

* Include sat amount in toast

* Fix undo toasts removed on navigation

* Add setting for zap undos

* Add undo to custom zaps

* Use WithUndos suffix

* Fix toast flow transition

* Fix setting not respected

* Skip undo flow if funds insufficient

* Remove brackets around undo

* Fix insufficient funds detection

* Fix downzap undo

* Add progress bar to toasts

* Use 'button' instead of 'notification' in zap undo info

* Remove console.log

* Fix toast progress bar restarts

---------

Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
2024-02-21 18:48:42 -06:00
ekzyis 310011f05d
Expose WebLN interface via React Context (#749)
* Add LNbits card

* Save LNbits Provider in WebLN context

* Check LNbits connection on save

* refactor: put LNbitsProvider into own file

* Pay invoices using WebLN provider from context

* Remove deprecated FIXME

* Try WebLN provider first

* Fix unhandled promise rejection

* Fix this in sendPayment

* Be optimistic regarding WebLN zaps

This wraps the WebLN payment promise with Apollo cache updates.

We will be optimistics and assume that the payment will succeed and update the cache accordingly.

When we notice that the payment failed, we undo this update.

* Bold strike on WebLN zap

If lightning strike animation is disabled, toaster will be used.

* Rename undo variable to amount

* Fix zap undo

* Add NWC card

* Attempt to check NWC connection using info event

* Fix NaN on zap

Third argument of update is reserved for context

* Fix TypeError in catch of QR code

* Add basic NWC payments

* Wrap LNbits getInfo with try/catch

* EOSE is enough to check NWC connection

* refactor: Wrap WebLN providers into own context

I should have done this earlier

* Show red indicator on error

* Fix useEffect return value

* Fix wrong usage of pubkey

The event pubkey is derived from the secret. Doesn't make sense to manually set it. It's also the wrong pubkey: we're not the wallet service.

* Use p tag in NWC request

* Add comment about required filter field

* Aesthetic changes to NWC sendPayment

* Add TODO about receipt verification

* Fix WebLN attempted again after error

* Fix undefined name

* Add code to mock NWC relay

* Revert "Bold strike on WebLN zap"

This reverts commit a9eb27daec0cd2ef30b56294b05e0056fb5b4184.

* Fix update undo

* Fix lightning strike before payment

* WIP: Wrap WebLN payments with toasts

* add toasts for pending, error, success
* while pending, invoice can be canceled
* there are still some race conditions between payiny the invoice / error on payment and invoice cancellation

* Fix invoice poll using stale value from cache

* Remove unnecessary if

* Make sure that pay_invoice is declared as supported

* Check if WebLN provider is enabled before calling sendPayment

* Fix bad retry

If WebLN payments failed due to insufficient balances, the promise resolved and thus the action was retried but failed immediately since the invoice (still) wasn't paid.

* Fix cache undo update

* Fix no cache update after QR payment

* refactor: Use fragments to undo cache updates

* Remove console.log

* Small changes to NWC relay mocking

* Return SendPaymentResponse

See https://www.webln.guide/building-lightning-apps/webln-reference/webln.sendpayment

* Also undo cache update on retry failure

* Disable NWC mocking

* Fix initialValue not set

But following warning is now shown in console:

"""
Warning: A component is changing a controlled input to be uncontrolled.
This is likely caused by the value changing from a defined to undefined, which should not happen.
Decide between using a controlled or uncontrolled input element for the lifetime of the component. More info: https://reactjs.org/link/controlled-components
"""

* Remove comment since only relevant for blastr (mutiny relay)

* Remove TODO

* Fix duplicate cache update

* Fix QR modal not closed after payment

* Ignore lnbits variable unused

* Use single relay connection for all NWC events

* Fix missing timer and subscription cleanup

* Remove TODO

Confirmed that nostr-tools verifies events and filters for us.

See https://github.com/nbd-wtf/nostr-tools/blob/master/abstract-relay.ts#L161

* Fix switch from controlled to uncontrolled input

* Show 'configure' on error

* Use budgetable instead of async

* Remove EOSE listener

Only nostr.mutinywallet.com didn't respond with info events due to implementation-specific reasons. This is no longer the case.

* Use invoice expiry for NWC timeout

I don't think there was a specific reason why I used 60 seconds initially.

* Validate LNbits config on save

* Validate NWC config on save

* Also show unattach if configuration is invalid

If unattach is only shown if configuration is valid, resetting the configuration is not possible while it's invalid. So we're stuck with a red wallet indicator.

* Fix detection of WebLN payment

It depended on a Apollo cache update function being available. But that is not the case for every WebLN payment.

* Fix formik bag lost

* Use payment instead of zap in toast

* autoscale capture svc by response time

* docs and changes for testing lnbits locally

* Rename configJSON to config

Naming of config object was inconsistent with saveConfig function which was annoying.

Also fixed other inconsistencies between LNbits and NWC provider.

* Allow setting of default payment provider

* Update TODO comment about provider priority

The list 'paymentMethods' is not used yet but is already implemented for future iterations.

* Add wallet security disclaimer

* Update labels

---------

Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2024-02-08 12:33:13 -06:00
keyan 5086c2036d add ids to all toasts to help id rogue toasts 2024-01-28 13:26:32 -06:00
ekzyis 9ef0c81245
refactor: replace recursion with promise sequence in `useInvoiceable` (#752)
* refactor: replace recursion with promise sequence

This commit refactors `useInvoicable`. The hard-to-follow recursion was replaced by awaiting promises which resolve or reject when one step of our JIT invoice flow is done.

Therefore, `onSubmit` is now fully agnostic of JIT invoices. The handler only returns when payment + action was successful or canceled - just like when a custodial zap was successful.

* refactor more and fix bugs

* move invoice cancel logic into hook where invoice is also created
* fix missing invoice cancellation if user closes modal or goes back.
* refactor promise logic: it makes more sense to wrap the payment promise with the modal promise than the other way around.

* Fix unhandled rejection

* Fix unnecessary prop drilling

* Fix modal not closed after successful action

* Fix unnecessary async promise executor

* Use function to set state
2024-01-16 18:40:11 -06:00
keyan 6170853d72 unify idempotent act and act 2023-12-27 10:15:18 -06:00
keyan 73ad93f2bb idempotent zaps 2023-12-26 20:27:52 -06:00
keyan 374a7985da unify zap/downzap/bounty mutation 2023-12-26 16:51:47 -06:00
keyan 7e0da18878 down zap ui polish 2023-12-19 18:25:41 -06:00
keyan af59e3ef54 merge non-normalized user subtypes fixing #645 2023-11-20 09:05:02 -06:00
keyan 8ca8bb985e reuse debounce hook more places 2023-10-06 15:01:51 -05:00
keyan 7d170a654f variable downzaps 2023-09-13 21:08:03 -05:00
ekzyis ac45fdc234
Use HODL invoices (#432)
* Use HODL invoices

* Fix expiry check comparing string with Date

* Fix unconfirmed user balance for HODL invoices

This is done by syncing the data from LND to the Invoice table.

If the columns is_held and msatsReceived are set, the frontend is told that we're ready to execute the action.

We then update the user balance in the same tx as the action.

We need to still keep checking the invoice for expiration though.

* Fix worker acting upon deleted invoices

* Prevent usage of invoice after expiration

* Use onComplete from <Countdown> to show expired status

* Remove unused lnd argument

* Fix item destructuring from query

* Fix balance added to every stacker

* Fix hmac required

* Fix invoices not used when logged in

* refactor: move invoiceable code into form

* renamed invoiceHash, invoiceHmac to hash, hmac since it's less verbose all over the place
* form now supports `invoiceable` in its props
* form then wraps `onSubmit` with `useInvoiceable` and passes optional invoice options

* Show expired if expired and canceled

* Also use useCallback for zapping

* Always expire modal invoices after 3m

* little styling thing

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
2023-08-30 21:48:49 -05:00
ekzyis b9461b7eb3
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps

* Add anon comments and posts (link, discussion, poll)

* Use payment hash instead of invoice id as proof of payment

Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.

Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.

* Allow pay per invoice for stackers

The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"

* Fix onSuccess called twice

For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.

This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.

* Keep invoice modal open if focus is lost

* Skip anon user during trust calculation

* Add error handling

* Skip 'invoice not found' errors

* Remove duplicate insufficient funds handling

* Fix insufficient funds error detection

* Fix invoice amount for comments

* Allow pay per invoice for bounty and job posts

* Also strike on payment after short press

* Fix unexpected token 'export'

* Fix eslint

* Remove unused id param

* Fix comment copy-paste error

* Rename to useInvoiceable

* Fix unexpected token 'export'

* Fix onConfirmation called at every render

* Add invoice HMAC

This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.

Only the user which created the invoice knows the HMAC and thus can use the invoice hash.

* make anon posting less hidden, add anon info button explainer

* Fix anon users can't zap other anon users

* Always show repeat and contacts on action error

* Keep track of modal stack

* give anon an icon

* add generic date pivot helper

* make anon user's invoices expire in 5 minutes

* fix forgotten find and replace

* use datePivot more places

* add sat amounts to invoices

* reduce anon invoice expiration to 3 minutes

* don't abbreviate

* Fix [object Object] as error message

Any errors thrown here are already objects of shape { message: string }

* Fix empty invoice creation attempts

I stumbled across this while checking if anons can edit their items.

I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:

  Variable "$amount" of required type "Int!" was not provided.

I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.

* anon func mods, e.g. inv limits

* anon tips should be denormalized

* remove redundant meTotalSats

* correct overlay zap text for anon

* exclude anon from trust graph before algo runs

* remove balance limit on anon

* give anon a bio and remove cowboy hat/top stackers;

* make anon hat appear on profile

* concat hash and hmac and call it a token

* Fix localStorage cleared because error were swallowed

* fix qr layout shift

* restyle fund error modal

* Catch invoice errors in fund error modal

* invoice check backoff

* anon info typo

* make invoice expiration times have saner defaults

* add comma to anon info

* use builtin copy input label

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 18:50:57 -05:00