32 Commits

Author SHA1 Message Date
Keyan
ca11ac9fb8
backend payment optimism (#1195)
* wip backend optimism

* another inch

* make action state transitions only happen once

* another inch

* almost ready for testing

* use interactive txs

* another inch

* ready for basic testing

* lint fix

* inches

* wip item update

* get item update to work

* donate and downzap

* inchy inch

* fix territory paid actions

* wip usePaidMutation

* usePaidMutation error handling

* PENDING_HELD and HELD transitions, gql paidAction return types

* mostly working pessimism

* make sure invoice field is present in optimisticResponse

* inches

* show optimistic values to current me

* first pass at notifications and payment status reporting

* fix migration to have withdrawal hash

* reverse optimism on payment failure

* Revert "Optimistic updates via pending sats in item context (#1229)"

This reverts commit 93713b33df9bc3701dc5a692b86a04ff64e8cfb1.

* add onCompleted to usePaidMutation

* onPaid and onPayError for new comments

* use 'IS DISTINCT FROM' for NULL invoiceActionState columns

* make usePaidMutation easier to read

* enhance invoice qr

* prevent actions on unpaid items

* allow navigation to action's invoice

* retry create item

* start edit window after item is paid for

* fix ux of retries from notifications

* refine retries

* fix optimistic downzaps

* remember item updates can't be retried

* store reference to action item in invoice

* remove invoice modal layout shift

* fix destructuring

* fix zap undos

* make sure ItemAct is paid in aggregate queries

* dont toast on long press zap undo

* fix delete and remindme bots

* optimistic poll votes with retries

* fix retry notifications and invoice item context

* fix pessimisitic typo

* item mentions and mention notifications

* dont show payment retry on item popover

* make bios work

* refactor paidAction transitions

* remove stray console.log

* restore docker compose nwc settings

* add new todos

* persist qr modal on post submission + unify item form submission

* fix post edit threshold

* make bounty payments work

* make job posting work

* remove more store procedure usage ... document serialization concerns

* dont use dynamic imports for paid action modules

* inline comment denormalization

* create item starts with median votes

* fix potential of serialization anomalies in zaps

* dont trigger notification indicator on successful paid action invoices

* ignore invoiceId on territory actions and add optimistic concurrency control

* begin docs for paid actions

* better error toasts and fix apollo cache warnings

* small documentation enhancements

* improve paid action docs

* optimistic concurrency control for territory updates

* use satsToMsats and msatsToSats helpers

* explictly type raw query template parameters

* improve consistency of nested relation names

* complete paid action docs

* useEffect for canEdit on payment

* make sure invoiceId is provided when required

* don't return null when expecting array

* remove buy credits

* move verifyPayment to paidAction

* fix comments invoicePaidAt time zone

* close nwc connections once

* grouped logs for paid actions

* stop invoiceWaitUntilPaid if not attempting to pay

* allow actionState to transition directly from HELD to PAID

* make paid mutation wait until pessimistic are fully paid

* change button text when form submits/pays

* pulsing form submit button

* ignore me in notification indicator for territory subscription

* filter unpaid items from more queries

* fix donation stike timing

* fix pending poll vote

* fix recent item notifcation padding

* no default form submitting button text

* don't show paying on submit button on free edits

* fix territory autorenew with fee credits

* reorg readme

* allow jobs to be editted forever

* fix image uploads

* more filter fixes for aggregate views

* finalize paid action invoice expirations

* remove unnecessary async

* keep clientside cache normal/consistent

* add more detail to paid action doc

* improve paid action table

* remove actionType guard

* fix top territories

* typo api/paidAction/README.md

Co-authored-by: ekzyis <ek@stacker.news>

* typo components/use-paid-mutation.js

Co-authored-by: ekzyis <ek@stacker.news>

* Apply suggestions from code review

Co-authored-by: ekzyis <ek@stacker.news>

* encorporate ek feeback

* more ek suggestions

* fix 'cost to post' hover on items

* Apply suggestions from code review

Co-authored-by: ekzyis <ek@stacker.news>

---------

Co-authored-by: ekzyis <ek@stacker.news>
2024-07-01 12:02:29 -05:00
ekzyis
967b5b74fb
Fix anon payment verification (#1235)
* Enforce hash & hmac for anons in serialize

* Enforce logged in for idempotent zaps
2024-06-12 11:15:00 -05:00
keyan
b9d30b4076 count pending withdrawals toward balance 2024-04-27 18:37:57 -05:00
ekzyis
f3c1ebefcf
Merge serializeInvoiceable with serialize without bug (#1051)
* Merge serializeInvoiceable with serialize

* Rename to verifyPayment

We already have a function named checkInvoice in the worker which can be confusing.

Also, we don't need to export this function.

* Use crypto.timingSafeEqual

* Fix missing unwrap for item creation and update
2024-04-09 19:49:20 -05:00
keyan
9f79ff1f89 Revert "Merge serializeInvoiceable with serialize (#1040)"
This reverts commit e7e7cbff0a54155a6cf059afe229d0456a3d6a93.
2024-04-08 15:50:39 -05:00
ekzyis
e7e7cbff0a
Merge serializeInvoiceable with serialize (#1040)
* Merge serializeInvoiceable with serialize

* Rename to verifyPayment

We already have a function named checkInvoice in the worker which can be confusing.

Also, we don't need to export this function.

* Use crypto.timingSafeEqual
2024-04-08 09:22:29 -05:00
ekzyis
d237861ff5
Use module path aliases (#938)
* Use module path aliases

* fix broken refactor

* path mapping for svgs, style, and remaining places (bonus: lose babel dep)

---------

Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2024-03-19 19:37:31 -05:00
keyan
d8f4071afb refine serialization retries 2024-01-28 13:26:32 -06:00
ekzyis
39c9775c4c
Fix TypeError on item creation if JIT invoicing is used (#744)
* Fix TypeError on item creation if JIT invoicing is used

* Fix bad if body

---------

Co-authored-by: ekzyis <ek@stacker.news>
2024-01-10 19:24:49 -06:00
ekzyis
2151323c8d
Use LND subscriptions (#726)
* Use parallel invoice subscriptions

* Fix missing idempotency

* Log error

* Use cursor for invoice subscription

* Subscribe to outgoing payments for withdrawals

* Add TODO comments regarding migration to LND subscriptions

* Also use isPoll variable in checkInvoice

* Queue status check of pending withdrawals

* Use for loop to check pending withdrawals

* Reconnect to LND gRPC API on error

* Fix hash modified of applied migrations

* Separate wallet code from worker index

* refactor subscription code some more

* remove unnecessary subWrapper abstraction
* move all wallet related code into worker/wallet.js such that only a single import is needed in worker/index.js

* Migrate from polling to LND subscriptions

* Remove unnecessary reconnect code

* Add FIXME

* Add listener for HODL invoice updates

* Remove obsolete comment

* Update README

* Add job to cancel hodl invoice if expired

* Fix missing else

* small bug fixes and readability enhancements

* refine and add periodic redundant deposit/withdrawal checks

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2024-01-08 16:37:58 -06:00
keyan
ee68bd2946 hide lnurlpay errors while still reporting errors accurately 2023-12-18 18:02:39 -06:00
ekzyis
db36076541
Mix error messages to hide user balance (#693)
Co-authored-by: ekzyis <ek@stacker.news>
2023-12-17 13:25:20 -06:00
keyan
10203f565c territories 2023-12-04 21:34:06 -06:00
keyan
f438b14df7 update balance limit error msg 2023-12-04 17:02:40 -06:00
keyan
32847670e2 reduce duplication of invoicable code 2023-09-26 15:15:09 -05:00
ekzyis
dde82e25a5
Convert worker to ESM (#500)
* Convert worker to ESM

To use ESM for the worker, I created a package.json file in worker/ with `{ type: "module" }` as its sole content.

I then rewrote every import to use ESM syntax.

I also tried to set `{ type: "module" }` in the root package.json file to also use ESM in next.config.js.

However, this resulted in a weird problem: default imports were now getting imported as objects in this shape: `{ default: <defaultImport> }`.

Afaik, this should only be the case if you use "import * as foo from 'bar'" syntax: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/import#default_import

This is fixed by not using `{ type: "module" }` for some reason. However, then, next.config.js also doesn't support ESM import syntax anymore.

The documentation says that if you want to use ESM, you can use next.config.mjs: https://nextjs.org/docs/pages/api-reference/next-config-js

But I didn't want to use MJS extension since I don't have any experience with it. For example, not sure if it's good style to mix JS with MJS etc. So I kept the CJS import syntax there.

* Ignore worker/ during linting

I wasn't able to fix the following errors:

/home/runner/work/stacker.news/stacker.news/worker/auction.js:0:0: Parsing error: No Babel config file detected for /home/runner/work/stacker.news/stacker.news/worker/auction.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files. (null)
/home/runner/work/stacker.news/stacker.news/worker/earn.js:0:0: Parsing error: No Babel config file detected for /home/runner/work/stacker.news/stacker.news/worker/earn.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files. (null)
/home/runner/work/stacker.news/stacker.news/worker/index.js:0:0: Parsing error: No Babel config file detected for /home/runner/work/stacker.news/stacker.news/worker/index.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files. (null)
/home/runner/work/stacker.news/stacker.news/worker/nostr.js:0:0: Parsing error: No Babel config file detected for /home/runner/work/stacker.news/stacker.news/worker/nostr.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files. (null)
/home/runner/work/stacker.news/stacker.news/worker/ots.js:0:0: Parsing error: No Babel config file detected for /home/runner/work/stacker.news/stacker.news/worker/ots.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files. (null)
/home/runner/work/stacker.news/stacker.news/worker/repin.js:0:0: Parsing error: No Babel config file detected for /home/runner/work/stacker.news/stacker.news/worker/repin.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files. (null)
/home/runner/work/stacker.news/stacker.news/worker/search.js:0:0: Parsing error: No Babel config file detected for /home/runner/work/stacker.news/stacker.news/worker/search.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files. (null)
/home/runner/work/stacker.news/stacker.news/worker/streak.js:0:0: Parsing error: No Babel config file detected for /home/runner/work/stacker.news/stacker.news/worker/streak.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files. (null)
/home/runner/work/stacker.news/stacker.news/worker/trust.js:0:0: Parsing error: No Babel config file detected for /home/runner/work/stacker.news/stacker.news/worker/trust.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files. (null)
/home/runner/work/stacker.news/stacker.news/worker/views.js:0:0: Parsing error: No Babel config file detected for /home/runner/work/stacker.news/stacker.news/worker/views.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files. (null)
/home/runner/work/stacker.news/stacker.news/worker/wallet.js:0:0: Parsing error: No Babel config file detected for /home/runner/work/stacker.news/stacker.news/worker/wallet.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files. (null)

I tried to tell babel where to find the babel config file (.babelrc), specifying the babel config in worker/package.json under "babel", using babel.config.json etc. to no avail.

However, afaict, we don't need babel for the worker since it won't run in a browser. Babel is only used to transpile code to target browsers.

But it still would be nice to lint the worker code with standard.

But we can figure this out later.

* Fix worker imports from lib/ and api/

This fixes the issue that we can't use `{ "type": "module" }` in the root package.json since it breaks the app with this error:

  app  | TypeError: next_auth_providers_credentials__WEBPACK_IMPORTED_MODULE_2__ is not a function
  app  |     at eval (webpack-internal:///./pages/api/auth/[...nextauth].js:218:20)
  app  |     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
  app  | LND GRPC connection successful
  app  | - error pages/api/auth/[...nextauth].js (139:2) @ CredentialsProvider
  app  | - error Error [TypeError]: next_auth_providers_credentials__WEBPACK_IMPORTED_MODULE_2__ is not a function
  app  |     at eval (webpack-internal:///./pages/api/auth/[...nextauth].js:218:20) {
  app  |   digest: undefined
  app  | }
  app  |   137 |
  app  |   138 | const providers = [
  app  | > 139 |   CredentialsProvider({
  app  |       |  ^
  app  |   140 |     id: 'lightning',
  app  |   141 |     name: 'Lightning',
  app  |   142 |     credentials: {
  app  | TypeError: next_auth_providers_credentials__WEBPACK_IMPORTED_MODULE_2__ is not a function
  app  |     at eval (webpack-internal:///./pages/api/auth/[...nextauth].js:218:20)
  app  |     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)

build but we need to tell the worker that the files are MJS, else we get this error:

  worker  | file:///app/worker/wallet.js:3
  worker  | import { datePivot } from '../lib/time.js'
  worker  |          ^^^^^^^^^
  worker  | SyntaxError: Named export 'datePivot' not found. The requested module '../lib/time.js' is a CommonJS module, which may not support all module.exports as named exports.
  worker  | CommonJS modules can always be imported via the default export, for example using:
  worker  |
  worker  | import pkg from '../lib/time.js';
  worker  | const { datePivot } = pkg;
  worker  |
  worker  |     at ModuleJob._instantiate (node:internal/modules/esm/module_job:124:21)
  worker  |     at async ModuleJob.run (node:internal/modules/esm/module_job:190:5)
  worker  |
  worker  | Node.js v18.17.0
  worker  |
  worker exited with code 1

* Fix global not defined in browser context

* Also ignore api/ and lib/ during linting

I did not want to do this but I was not able to fix this error in any other way I tried:

  /home/ekzyis/programming/stacker.news/api/lnd/index.js:0:0: Parsing error: No Babel config file detected for /home/ekzyis/programming/stacker.news/api/lnd/index.js. Either disable config file checking with requ
ireConfigFile: false, or configure Babel so that it can find the config files. (null)

Did not want to look deeper into all this standard, eslint, babel configuration stuff ...

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
2023-09-23 20:19:35 -05:00
ekzyis
b9461b7eb3
Allow zapping, posting and commenting without funds or an account (#336)
* Add anon zaps

* Add anon comments and posts (link, discussion, poll)

* Use payment hash instead of invoice id as proof of payment

Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.

Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.

* Allow pay per invoice for stackers

The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"

* Fix onSuccess called twice

For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.

This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.

* Keep invoice modal open if focus is lost

* Skip anon user during trust calculation

* Add error handling

* Skip 'invoice not found' errors

* Remove duplicate insufficient funds handling

* Fix insufficient funds error detection

* Fix invoice amount for comments

* Allow pay per invoice for bounty and job posts

* Also strike on payment after short press

* Fix unexpected token 'export'

* Fix eslint

* Remove unused id param

* Fix comment copy-paste error

* Rename to useInvoiceable

* Fix unexpected token 'export'

* Fix onConfirmation called at every render

* Add invoice HMAC

This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.

Only the user which created the invoice knows the HMAC and thus can use the invoice hash.

* make anon posting less hidden, add anon info button explainer

* Fix anon users can't zap other anon users

* Always show repeat and contacts on action error

* Keep track of modal stack

* give anon an icon

* add generic date pivot helper

* make anon user's invoices expire in 5 minutes

* fix forgotten find and replace

* use datePivot more places

* add sat amounts to invoices

* reduce anon invoice expiration to 3 minutes

* don't abbreviate

* Fix [object Object] as error message

Any errors thrown here are already objects of shape { message: string }

* Fix empty invoice creation attempts

I stumbled across this while checking if anons can edit their items.

I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:

  Variable "$amount" of required type "Int!" was not provided.

I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.

* anon func mods, e.g. inv limits

* anon tips should be denormalized

* remove redundant meTotalSats

* correct overlay zap text for anon

* exclude anon from trust graph before algo runs

* remove balance limit on anon

* give anon a bio and remove cowboy hat/top stackers;

* make anon hat appear on profile

* concat hash and hmac and call it a token

* Fix localStorage cleared because error were swallowed

* fix qr layout shift

* restyle fund error modal

* Catch invoice errors in fund error modal

* invoice check backoff

* anon info typo

* make invoice expiration times have saner defaults

* add comma to anon info

* use builtin copy input label

---------

Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
2023-08-11 18:50:57 -05:00
keyan
c909efb7b7 update wallet code to prisma 5, handle prisma 5 errors on serialization 2023-07-31 08:31:40 -05:00
keyan
7542dd6cc4 upgrade to prisma 4 2023-07-26 19:18:42 -05:00
keyan
672853a7ea upgrade to prisma 3 2023-07-26 11:01:31 -05:00
keyan
59f7b6ff26 Revert "Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades""
This reverts commit 18910fa2ed470fe12ffbfb83df18e206101f0a05.
2023-07-23 10:08:43 -05:00
keyan
18910fa2ed Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades"
This reverts commit d0314ab73c42ebf85fe2f418dddd681af45dbc55.
2023-07-23 09:16:12 -05:00
keyan
d0314ab73c shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades 2023-07-21 17:33:11 -05:00
keyan
5746160893 let tips affect ranking 2022-11-23 12:12:09 -06:00
keyan
0ad886ffc0 constrain invoice quantity and amount 2022-08-30 15:33:39 -05:00
keyan
065cf284b3 add integer constraints 2022-08-27 10:48:59 -05:00
keyan
955d1aa1b2 finish up invites 2021-10-15 18:07:51 -05:00
keyan
79cb2d5c27 withdrawl => withdrawal/withdraw 2021-08-19 16:42:21 -05:00
keyan
14e929b3f0 allow retries of failed withdraw invoice while enforcing uniqueness of pending/confirmed 2021-07-10 09:16:40 -05:00
keyan
a68da87382 be more permissible with links and nofollow when low sats 2021-05-20 14:11:58 -05:00
keyan
57e96ac02b retry on serialization errors 2021-05-20 12:21:11 -05:00
keyan
0eabe1463d attempts at serializable transactions 2021-05-19 20:09:32 -05:00