* Migrate vault entries to new schema (#2092)
* Migrate existing vault entries to new schema
* Read+write new vault schema
* Drop VaultEntry table
* Refactor vaultPrismaFragments
* Remove wrong comment
* Remove TODO
* Fix possible race condition on update of vault key
* Remove lib/object.js
* Wallet schema v2 (#2146)
* Add wallet-v2 TODOs
* Update checkWallet
* Wallet list
* Delete almost all wallet v1 code
and add some code for wallet protocol forms
* Define protocol display name in JSON
* Show form per protocol
* Increase max-height of image in form
* Add JSdoc for protocols, form validation
* Use wallet cards again
My wallet list was quite ugly and I couldn't look at it anymore.
* Refactor hooks in wallet provider
* Fix PasswordInput not used
* Read encrypted wallets
* Decrypt wallets
* useWalletQuery now returns decrypted wallets
* Refactor useIndexedDB because its only purpose will be to store the key, so no need for pagination code etc.
* There is still a bug: if the wallet is not decrypted on first render, the form will not see the decrypted value. See TODO.
* Rename protocolJson to protocol
it no longer uses a JSON file
* Fix form not updated with decrypted API key
* Fix wallet template forms
* Fix optional shown as hint
* Rename to mapUserWalletResolveTypes
* Save LNbits send and recv
TODO:
* implement resolvers for other protocols
* fix double update required for trigger?
* add missing validation on server
* add missing network tests
* don't import from wallets/client on server
* Move definitions to lib/wallets.json and lib/protocols
* Fix ProtocolWallet.updated_at not updated by trigger
* Move wallet fragments into wallets/client/fragments/
* move invoice fragments to fragments/invoice.js
* remove some unused fragments that I don't think I also will not use
* move fragments that will be generated in own file
* Move wallet resolvers into wallets/server/resolvers
* Fix missing authorization check on wallet update
* Run all shared code in generic wallet update function
* Fix 'encrypt' flag not set for blink send currency
* Add mutations for all protocols
* Fix macaroon validation
* Fix CLN socket value not set
* Add server-side schema validation
* Fix JSDoc typedef for protocols
* Don't put JSDoc into separate file
* Create test invoices on save
* Also move type resolvers into wallets/server/resolvers
* Fix unconfigured protocols of UserWallet not found
* Fix Blink API key in wallet seed
* Test send payment on save (except LNC)
This does not include LNC because LNC cannot be saved yet
* Check if window.webln is defined on save
* Create new wallets from templates
* Separate protocols in wallets/lib into individual files
* Use justify-content-start for protocol tabs
and larger margin at the top
* Add LNC to client protocols
* Only return wallets from useWallets
* Query decrypted wallets
* Payments with new wallets
* More wallet logos
* Fix TypeError in useIndexedDB
* Add protocol attach docs
* Fix undefined useWalletRecvPrompt import
* Remove outdated TODOs
* First successful zap to new wallets
* Fix walletLogger imports
* Fix sequences
* the sequences for InvoiceForward and DirectPayment were still starting at 1
* when using setval() with two arguments, nextval() will return the second argument+1 (see https://www.postgresql.org/docs/current/functions-sequence.html)
* Rename ProtocolWallet columns
* Remove more outdated TODOs
* Update wallet indicator
* Fix page reset on route change
* Refactor __typename checks into functions
* Refactor protocol selection into own hook
* Add button to detach protocol
* Refetch wallet on save and detach
* Refetch wallets on change
* Always show all templates
* Refactor WalletLink component
* Also put wallet into forms context
* Remove outdated TODOs
* Use useMemo in wallets hooks
* Passphrase modals
* prompt for password if decryption failed
* add button to reveal passphrase on wallet page
TODO:
* remove button if passphrase was revealed or imported
* encrypt wallets with new key on passphrase reveal
* Fix protocol missing as callback dependency
* Encrypt wallets with new key on passphrase export
* Update 'unlock wallets' text
* Rename wallet mutation hooks
* Remove 'removeWallet' mutation
Wallets are automatically deleted when all protocols are deleted
* Passphrase reset
* Use 110px as minimum width for bip39 words
longest bip39 words are 8 characters and they fit into 103px so I rounded up to 110px.
* Also disable passphrase export on save
* Wallet settings
* Fix wallet receive prompt
* Remove unused parameters from postgres function
* Rename UserWallet to Wallet, ProtocolWallet to WalletProtocol
* Use danger variant for button to show passphrase
* Fix inconsistent imports and exports
* Remove outdated TODOs
* wallet logs
* Remove outdated comment
* Make sure wallets are used in priority order
* Separate wallets from templates in reducer
* Fix missing useCallback dependencies
* Refactor with useWalletLogger hook
* Move enabled to WalletProtocol
* Add checkbox to enable/disable protocol
* Fix migration with prod db dump
* Parse Coinos relay URLs
* Skip network tests if only enabled changed
* Allow IndexedDB calls without session
* Add code to migrate old CryptoKey
* first try to use existing CryptoKey before generating a new one
* bump IDB version to delete old object stores and create new ones
* return IDB callbacks with useMemo
* don't delete old IDB right away, wait until next release
* Fix ghost import error
*Sometimes*, I get import errors because it tries to resolve @/wallets/server to wallets/server.js instead of wallets/server/index.js.
For the files in wallets/server, it kind of makes sense because it's a circular import.
But I don't know why the files in worker/ have this problem.
Interestingly, it only seems to happen with walletLogger imports, so I guess its related to its import chain.
Anyway, this commit should make sure this never happens again ...
* Skip wallets queries if not logged in
* Split CUSTOM wallet into NWC and LN_ADDR
* Migrate local wallets
* Link to /wallets/:id/receive if send not supported
* Hide separator if there are no configured wallets
* Save LNC
* Add one-liner to attach LNC
* Update wallet priorities via DnD
* Wallet logs are part of protocol resolvers
* Fix logging to deleted protocol
* Fix trying to fetch logs for template
* also change type to Int so GraphQL layer can catch trying to fetch string IDs as is the case for templates
* Fix embedded flag for wallets logs not set
* Remove TODO
* Decrease max-height for embedded wallet logs on big screens
* Fix missing refetch on wallet priority update
* Set priorities of all wallets in one tx
* Fix nested state update
* Add DragIcon
* DnD mobile support and refactor
* Add CancelButton to wallet settings
* Remount form if path changes
This fixes the following warning in the console:
"""
Warning: A component is changing an uncontrolled input to be controlled. This is likely caused by the value changing from undefined to a defined value, which should not happen. Decide between using a controlled or uncontrolled input element for the lifetime of the component.
"""
* Support string and object for wallet.image JSON
* Append domain to lightning address inputs
* Remove outdated TODOs
* Add template IDs to wallet JSON
* Fix missing callback dependency
* Implement lightning address save in receive prompt
* Update TODOs
* Fix missing check for enabled
* Pay QR codes with WebLN as anon
* Add logo for NWC
* Fix trying to save logs for template
* Add template logs
* Fix inconsistent margin
* Always throw on missing key
* Remove misleading comment
Wallets are returned even if decryption fails so we can show the unlock page if a wallet is stored as encrypted in the context.
Maybe I should rethink this.
* Check for existing wallets on local wallet migration
* Fix local wallet migration causing duplicates
* Fix protocol reattached on detach due to migration
* Fix form not centered
* Fix ZEUS lightning address domain
* Add placeholder, help, hints etc. to wallet form inputs
* Fix wallet badges not updated
* Remove unused declared variables
* Rename to ATTACH_PAGE
* Fix 500 error if no amount was given to LNURLp endpoint
* Tag log messages with wallet name
* Only skip network tests if we're disabling the wallet
* Rename var to networkTests
* Continue to store key hash in IndexedDB
* Rethink wallet state management
If decryption failed, the function to decrypt the wallets didn't throw but simply returned wallets that were still encrypted.
This was bad because it meant we could not rely on the wallets in the state being decrypted, even though this was the original idea behind the query hooks: hide the details of encryption and decryption inside them.
Because of this, we had to check if the wallets were still encrypted before we ran the wallet migration since we want to check if a protocol already exists.
This commit fixes this by making encryption and decryption always throw (and catching the errors), as well as returning a ready state from hooks. A hook might not be ready because it still needs to load something (in the case of the crypto hooks, it's loading the key from IndexedDB). Callers check that ready state before they call the function returned by the hook.
So now, the wallet migration hook can itself simply check if the hook to encrypt wallets is ready and if the wallets are no longer loading to let callers know if it itself is ready.
Since we also relied on wallets stored as encrypted in the context to show the unlock page, this was also changed by comparing the local and remote key hash.
* Add empty line
* Save new key hash during wallet reset
* Only receive protocol upserts require networkTests param
* Compare key hashes on server on each save
* Delete old code
* Fix card shows attach instead of configure
* Fix empty wallets created during migration
The old schema can contain '' instead of NULL in the columns of wallets for receiving.
* Update reset passphrase text
* Wrap passphrase reset in try/catch
* Fix migrate called multiple times
* Update key hash on migration if not set
* Fetch local wallets in migrate
* Fix missing await on setKey
* Let first device set key hash
* Fix indicator not shown if wallets locked
* Check if IndexedDB is available
* Fix inconsistent WebLN error message
* Disable WebLN if not available
* Remove outdated TODO
* Cursor-based pagination for wallet logs
* Fix log message x-overflow
* Add context to wallet logs
* Wrap errors are warnings in logs
* Rename wallet v2 migrations
* Update wallet status during logging
* Fix wallet logs loading state
The loading state would go from false -> true -> false because it's false when the lazy query wasn't called yet.
* Add wallet search
* Add Alby Go wallet
* Revert "Add Alby Go wallet"
This reverts commit 926c70638f1673756480c848237e52d5889dc037.
* Fix wallet logs sent by client don't update protocol status
* Fix mutation name
* put drag icon on opposite corner
* Add wallets/README.md
* Fix inconsistent case in wallets/README.md
* Fix autoprefixer warning about mixed support
This warning was in the app logs:
app | Warning
app |
app | (31:3) autoprefixer: end value has mixed support, consider using flex-end instead
app |
app | Import trace for requested module:
app | ./styles/wallet.module.css
app | ./wallets/client/hooks/prompt.js
app | ./wallets/client/hooks/index.js
app | ./wallets/client/context/hooks.js
app | ./wallets/client/context/provider.js
app | ./wallets/client/context/index.js
* fix effect of wallet indicators on logo
* Fix deleting wallet template logs
* Use name as primary key of WalletTemplate
* Fix wallet_clear_vault trigger not mentioned in README
* Fix wallet receive prompt
Also remove no longer needed templateId from wallets.json and helper functions
* Use findUnique since name is now primary key
* Merge Alby wallets into one
* Remove unused name parameter from WalletsForm component
* Fix number check to decide if wallet or template
* Update wallet encryption on click, not as effect
* add cashu.me and lightning address logos
* add images
* Use recommended typeof to check if IDB available
* Also check if IDB available on delete
* Use constraint triggers
* Add indices on columns used for joins
* Fix inconsistent CLEAR OR REPLACE TRIGGER
* Attach wallet_check_support trigger to WalletProtocol table
* Update wallets/README.md
* Remove debugging code
* Refactor reducer: replace page with status
* Show 'wallets unavailable' if device does not support IndexedDB
* Remove duplicate ELSIF condition
* Fix hasSendWallet
The useSendWallets hook was not checking if the returned send wallets are enabled.
Since the components that used that hook only need to know if there is a send wallet, I replaced the useSendWallets hook with a useHasSendWallet hook.
* Add Cash App wallet
* fix changes loglevel enum
* Fix key init race condition in strict mode if no key exists yet
* Formatting
* Fix key init race condition via transactions in readwrite mode
* Replace Promise.withResolvers with regular promises
* replace generic spinner with our usual
---------
Co-authored-by: k00b <k00b@stacker.news>
* user vault
* code cleanup and fixes
* improve ui
* prevent name collisions between users on the same device
* some improvements
* implement storage migration
* comments and cleanup
* make connect button primary instead of warning
* move show passphrase in new line (improvement for small screen devices)
* make show passphrase field readOnly
* fixes
* fix vault key unsync
* implicit migration
* move device sync under general tab
* fix locally disabled wallets and default wallet selection
* improve text
* remove useless SSR check
* add auth checks
* Rename variables
* Fix missing await
* Refactor local<>vault storage interface
I've changed quite some things here. Attempt of a summary:
* storageKey is now only controlled by useVaultStorageState
I've noticed that dealing with how storage keys are generated (to apply user scope) was handled in two places: the existing wallet code and in the new vault code.
This was confusing and error-prone. I've fixed that by completely relying on the new vault code to generate correct storage keys.
* refactored migration
Migration now simply encrypts any existing local wallets and sends them to the server. On success, the local unencrypted version is deleted.
The previous code seemed to unnecessarily generate new local entries prefixed by 'vault:'.
However, since we either use unencrypted local state OR use the encrypted vault on the server for the data, I didn't see any need for these.
Migration seems to work just as well as before.
* removed unnecessary state
In the <DeviceSync> component, enabled & connected were using a unnecessary combo of useState+useEffect.
They were only using variables that are always available during render so simple assignments were enough.
* other minor changes include:
* early returns
* remove unnecessary SSR checks in useEffect or useCallback
* formatting, comments
* remove unnecessary me? to expose possible bugs
* Fix missing dependency for useZap
This didn't cause any bugs because useWallet returns everything we need on first render.
This caused a bug with E2EE device sync branch though since there the wallet is loaded async.
This meant that during payment, the wallet config was undefined.
* Assume JSON during encryption and decryption
* Fix stale value from cache served on next fetches
* Add wallet.perDevice field
This adds 'perDevice' as a new wallet field to force local storage. For example, WebLN should not be synced across devices.
* Remove debug buttons
* Rename userVault -> vault
* Update console.log's
* revert some of the migration and key handling changes. restore debug buttons for testing
* Fix existing wallets not loaded
* Pass in localOnly and generate localStorageKey once
* Small refactor of migration
* Fix wallet drag and drop
* Add passphrase copy button
* Fix priorityOnly -> skipTests
* Disable autocompletion for reset confirmation prompt
* Show wrong passphrase as input error
* Move code into components/device-sync.js
* Import/export passphrase via QR code
* Fix modal back button invisible in light mode
* Fix modal closed even on connect error
* Use me-2 for cancel/close button
* Some rephrasing
* Fix wallet detach
* Remove debug buttons
* Fix QR code scan in dark mode
* Don't allow custom passphrases
* More rephrasing
* Only use schema if not enabled
* Fix typo in comment
* Replace 'generate passphrase' button with reload icon
* Add comment about IV reuse in GCM
* Use 600k iterations as recommended by OWASP
* Set extractable to false where not needed
* use-vault fallbacks to local storage only for anonymous users
* fix localStorage reset on logout
* add copy button
* move reset out of modals
* hide server side errors
* hardened passphrase storage
* do not show passphrase even if hardened storage is disabled (ie. indexeddb not supported)
* show qr code button on passphrase creation
* use toast for serverside error
* Move key (de)serialization burden to get/setLocalKey functions
* password textarea and remove qr
* don't print plaintext vault values into console
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: k00b <k00b@stacker.news>
* Add image carousel in fullscreen
* Flip through all images of a post
* Disable image selection in fullscreen
* Keep max-width: 100vw for images
* Fix missing dependency
* fix merge resolve bug
* better css
* refactor, keypress/swipe events, remove scoll
* changes after self-review
* give previews their own carousel
* hooks for arrow keys and swiping
---------
Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
Co-authored-by: k00b <k00b@stacker.news>
* wip backend optimism
* another inch
* make action state transitions only happen once
* another inch
* almost ready for testing
* use interactive txs
* another inch
* ready for basic testing
* lint fix
* inches
* wip item update
* get item update to work
* donate and downzap
* inchy inch
* fix territory paid actions
* wip usePaidMutation
* usePaidMutation error handling
* PENDING_HELD and HELD transitions, gql paidAction return types
* mostly working pessimism
* make sure invoice field is present in optimisticResponse
* inches
* show optimistic values to current me
* first pass at notifications and payment status reporting
* fix migration to have withdrawal hash
* reverse optimism on payment failure
* Revert "Optimistic updates via pending sats in item context (#1229)"
This reverts commit 93713b33df9bc3701dc5a692b86a04ff64e8cfb1.
* add onCompleted to usePaidMutation
* onPaid and onPayError for new comments
* use 'IS DISTINCT FROM' for NULL invoiceActionState columns
* make usePaidMutation easier to read
* enhance invoice qr
* prevent actions on unpaid items
* allow navigation to action's invoice
* retry create item
* start edit window after item is paid for
* fix ux of retries from notifications
* refine retries
* fix optimistic downzaps
* remember item updates can't be retried
* store reference to action item in invoice
* remove invoice modal layout shift
* fix destructuring
* fix zap undos
* make sure ItemAct is paid in aggregate queries
* dont toast on long press zap undo
* fix delete and remindme bots
* optimistic poll votes with retries
* fix retry notifications and invoice item context
* fix pessimisitic typo
* item mentions and mention notifications
* dont show payment retry on item popover
* make bios work
* refactor paidAction transitions
* remove stray console.log
* restore docker compose nwc settings
* add new todos
* persist qr modal on post submission + unify item form submission
* fix post edit threshold
* make bounty payments work
* make job posting work
* remove more store procedure usage ... document serialization concerns
* dont use dynamic imports for paid action modules
* inline comment denormalization
* create item starts with median votes
* fix potential of serialization anomalies in zaps
* dont trigger notification indicator on successful paid action invoices
* ignore invoiceId on territory actions and add optimistic concurrency control
* begin docs for paid actions
* better error toasts and fix apollo cache warnings
* small documentation enhancements
* improve paid action docs
* optimistic concurrency control for territory updates
* use satsToMsats and msatsToSats helpers
* explictly type raw query template parameters
* improve consistency of nested relation names
* complete paid action docs
* useEffect for canEdit on payment
* make sure invoiceId is provided when required
* don't return null when expecting array
* remove buy credits
* move verifyPayment to paidAction
* fix comments invoicePaidAt time zone
* close nwc connections once
* grouped logs for paid actions
* stop invoiceWaitUntilPaid if not attempting to pay
* allow actionState to transition directly from HELD to PAID
* make paid mutation wait until pessimistic are fully paid
* change button text when form submits/pays
* pulsing form submit button
* ignore me in notification indicator for territory subscription
* filter unpaid items from more queries
* fix donation stike timing
* fix pending poll vote
* fix recent item notifcation padding
* no default form submitting button text
* don't show paying on submit button on free edits
* fix territory autorenew with fee credits
* reorg readme
* allow jobs to be editted forever
* fix image uploads
* more filter fixes for aggregate views
* finalize paid action invoice expirations
* remove unnecessary async
* keep clientside cache normal/consistent
* add more detail to paid action doc
* improve paid action table
* remove actionType guard
* fix top territories
* typo api/paidAction/README.md
Co-authored-by: ekzyis <ek@stacker.news>
* typo components/use-paid-mutation.js
Co-authored-by: ekzyis <ek@stacker.news>
* Apply suggestions from code review
Co-authored-by: ekzyis <ek@stacker.news>
* encorporate ek feeback
* more ek suggestions
* fix 'cost to post' hover on items
* Apply suggestions from code review
Co-authored-by: ekzyis <ek@stacker.news>
---------
Co-authored-by: ekzyis <ek@stacker.news>
* refactor: replace recursion with promise sequence
This commit refactors `useInvoicable`. The hard-to-follow recursion was replaced by awaiting promises which resolve or reject when one step of our JIT invoice flow is done.
Therefore, `onSubmit` is now fully agnostic of JIT invoices. The handler only returns when payment + action was successful or canceled - just like when a custodial zap was successful.
* refactor more and fix bugs
* move invoice cancel logic into hook where invoice is also created
* fix missing invoice cancellation if user closes modal or goes back.
* refactor promise logic: it makes more sense to wrap the payment promise with the modal promise than the other way around.
* Fix unhandled rejection
* Fix unnecessary prop drilling
* Fix modal not closed after successful action
* Fix unnecessary async promise executor
* Use function to set state
* invoices are no longer deleted to prevent double-spends but marked as confirmed.
therefore, during checkInvoice, we also check if the invoice is already confirmed.
* instead of showing FundError (with "fund wallet" and "pay invoice" as options), we now always immediately show an invoice
* since flagging, paying bounties and poll voting used FundError but only allowed spending from balance, they now also support paying per invoice
Co-authored-by: ekzyis <ek@stacker.news>
* Add anon zaps
* Add anon comments and posts (link, discussion, poll)
* Use payment hash instead of invoice id as proof of payment
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.
Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
* Allow pay per invoice for stackers
The modal which pops up if the stacker does not have enough sats now has two options: "fund wallet" and "pay invoice"
* Fix onSuccess called twice
For some reason, when calling `showModal`, `useMemo` in modal.js and the code for the modal component (here: <Invoice>) is called twice.
This leads to the `onSuccess` callback being called twice and one failing since the first one deletes the invoice.
* Keep invoice modal open if focus is lost
* Skip anon user during trust calculation
* Add error handling
* Skip 'invoice not found' errors
* Remove duplicate insufficient funds handling
* Fix insufficient funds error detection
* Fix invoice amount for comments
* Allow pay per invoice for bounty and job posts
* Also strike on payment after short press
* Fix unexpected token 'export'
* Fix eslint
* Remove unused id param
* Fix comment copy-paste error
* Rename to useInvoiceable
* Fix unexpected token 'export'
* Fix onConfirmation called at every render
* Add invoice HMAC
This prevents entities which know the invoice hash (like all LN nodes on the payment path) from using the invoice hash on SN.
Only the user which created the invoice knows the HMAC and thus can use the invoice hash.
* make anon posting less hidden, add anon info button explainer
* Fix anon users can't zap other anon users
* Always show repeat and contacts on action error
* Keep track of modal stack
* give anon an icon
* add generic date pivot helper
* make anon user's invoices expire in 5 minutes
* fix forgotten find and replace
* use datePivot more places
* add sat amounts to invoices
* reduce anon invoice expiration to 3 minutes
* don't abbreviate
* Fix [object Object] as error message
Any errors thrown here are already objects of shape { message: string }
* Fix empty invoice creation attempts
I stumbled across this while checking if anons can edit their items.
I monkey patched the code to make it possible (so they can see the 'edit' button) and tried to edit an item but I got this error:
Variable "$amount" of required type "Int!" was not provided.
I fixed this even though this function should never be called without an amount anyway. It will return a sane error in that case now.
* anon func mods, e.g. inv limits
* anon tips should be denormalized
* remove redundant meTotalSats
* correct overlay zap text for anon
* exclude anon from trust graph before algo runs
* remove balance limit on anon
* give anon a bio and remove cowboy hat/top stackers;
* make anon hat appear on profile
* concat hash and hmac and call it a token
* Fix localStorage cleared because error were swallowed
* fix qr layout shift
* restyle fund error modal
* Catch invoice errors in fund error modal
* invoice check backoff
* anon info typo
* make invoice expiration times have saner defaults
* add comma to anon info
* use builtin copy input label
---------
Co-authored-by: ekzyis <ek@stacker.news>
Co-authored-by: keyan <keyan.kousha+huumn@gmail.com>
