ekzyis
/
stacker.news
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
stacker.news/components
History
ekzyis fd8510d59f Use payment hash instead of invoice id as proof of payment 
Our invoice IDs can be enumerated.
So there is a - even though very rare - chance that an attacker could find a paid invoice which is not used yet and use it for himself.
Random payment hashes prevent this.

Also, since we delete invoices after use, using database IDs as proof of payments are not suitable.
If a user tells us an invoice ID after we deleted it, we can no longer tell if the invoice was paid or not since the LN node only knows about payment hashes but nothing about the database IDs.
 		2023-07-30 23:45:07 +02:00
..
accordian-item.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
action-tooltip.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
adv-post-form.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
avatar.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
bookmark.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
bounty-form.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
cancel-button.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
charts.js update packages and reduce bundle size 2023-07-24 17:50:12 -05:00
comment-edit.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
comment.js enhance styling 2023-07-25 13:32:48 -05:00
comment.module.css enhance styling 2023-07-25 13:32:48 -05:00
comments.js fix nested comment sorting 2023-07-25 19:45:35 -05:00
countdown.js Revert "Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades"" 2023-07-23 10:08:43 -05:00
cowboy-hat.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
dark-mode.js Revert "Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades"" 2023-07-23 10:08:43 -05:00
delete.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
discussion-form.js Use payment hash instead of invoice id as proof of payment 2023-07-30 23:45:07 +02:00
dont-link-this.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
error-boundary.js upgrade to next-auth 4 (bonus: improve error pages) 2023-07-29 14:38:20 -05:00
fee-button.js Add anon comments and posts (link, discussion, poll) 2023-07-30 23:45:07 +02:00
fee-button.module.css spam fees 2022-08-11 15:38:10 -05:00
footer-rewards.js Revert "Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades"" 2023-07-23 10:08:43 -05:00
footer.js fix issues with new linting 2023-07-25 09:14:45 -05:00
footer.module.css enhancements for footer version with prod support 2023-06-01 12:57:31 -05:00
form.js fix issues with new linting 2023-07-25 09:14:45 -05:00
form.module.css upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
fund-error.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
header.js Add anon comments and posts (link, discussion, poll) 2023-07-30 23:45:07 +02:00
header.module.css upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
info.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
invite.js full powered editing 2022-08-18 13:15:24 -05:00
invoice-status.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
invoice.js Add anon zaps 2023-07-30 23:45:07 +02:00
invoice.module.css ready for invoices 2021-05-06 16:15:22 -05:00
item-act.js Use payment hash instead of invoice id as proof of payment 2023-07-30 23:45:07 +02:00
item-full.js fix nested comment sorting 2023-07-25 19:45:35 -05:00
item-info.js Add anon zaps 2023-07-30 23:45:07 +02:00
item-job.js fix issues with new linting 2023-07-25 09:14:45 -05:00
item.js fix issues with new linting 2023-07-25 09:14:45 -05:00
item.module.css fix pinned discussion spacing 2023-07-26 08:48:46 -05:00
items.js Revert "Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades"" 2023-07-23 10:08:43 -05:00
items.module.css working search 2022-01-27 13:18:48 -06:00
job-form.js upgrade to prisma 4 2023-07-26 19:18:42 -05:00
layout.js Revert "Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades"" 2023-07-23 10:08:43 -05:00
layout.module.css Revert "Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades"" 2023-07-23 10:08:43 -05:00
lightning-auth.js upgrade to next-auth 4 (bonus: improve error pages) 2023-07-29 14:38:20 -05:00
lightning-auth.module.css lightning login copy 2023-01-10 12:55:17 -06:00
lightning.js fix issues with new linting 2023-07-25 09:14:45 -05:00
link-form.js Use payment hash instead of invoice id as proof of payment 2023-07-30 23:45:07 +02:00
login-button.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
login.js show errors on settings during auth linking 2023-07-30 15:39:18 -05:00
login.module.css more invite work 2021-10-15 13:05:34 -05:00
me.js Revert "Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades"" 2023-07-23 10:08:43 -05:00
modal.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
more-footer.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
notifications.js upgrade to next-auth 4 (bonus: improve error pages) 2023-07-29 14:38:20 -05:00
notifications.module.css refine push notification ui and catch promises 2023-07-04 17:19:59 -05:00
page-loading.js Revert "Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades"" 2023-07-23 10:08:43 -05:00
past-bounties.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
pay-bounty.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
pay-bounty.module.css upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
poll-form.js Use payment hash instead of invoice id as proof of payment 2023-07-30 23:45:07 +02:00
poll.js upgrade to next-auth 4 (bonus: improve error pages) 2023-07-29 14:38:20 -05:00
poll.module.css upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
post.js Add anon comments and posts (link, discussion, poll) 2023-07-30 23:45:07 +02:00
price.js fix issues with new linting 2023-07-25 09:14:45 -05:00
qr.js slashtags auth 2023-01-18 12:49:20 -06:00
recent-header.js fix back button behavior on select navigation 2023-07-25 15:29:45 -05:00
related.js more package updates 2023-07-24 19:50:55 -05:00
reply.js Use payment hash instead of invoice id as proof of payment 2023-07-30 23:45:07 +02:00
reply.module.css upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
root.js improve comment performance 2023-05-06 16:51:17 -05:00
search.js fix back button behavior on select navigation 2023-07-25 15:29:45 -05:00
search.module.css search filters 2022-10-20 17:44:44 -05:00
seo.js fix issues with new linting 2023-07-25 09:14:45 -05:00
serviceworker.js fix issues with new linting 2023-07-25 09:14:45 -05:00
share.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
snl.js fix issues with new linting 2023-07-25 09:14:45 -05:00
sub-select-form.js fix undefined sub on post pre-form 2023-07-25 15:41:46 -05:00
subscribe.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
table-of-contents.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
text.js fix syntax highlighting warnings 2023-07-27 12:10:05 -05:00
text.module.css Revert "Revert "shield your eyes; massive, squashed refactor; nextjs/react/react-dom/apollo upgrades"" 2023-07-23 10:08:43 -05:00
top-header.js fix nested comment sorting 2023-07-25 19:45:35 -05:00
upload.js fix issues with new linting 2023-07-25 09:14:45 -05:00
upvote.js Use payment hash instead of invoice id as proof of payment 2023-07-30 23:45:07 +02:00
upvote.module.css enhance styling 2023-07-25 13:32:48 -05:00
usage-header.js fix back button behavior on select navigation 2023-07-25 15:29:45 -05:00
user-header.js upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
user-header.module.css upgrade react-bootstrap 2023-07-24 13:53:53 -05:00
user-list.js fix back button behavior on select navigation 2023-07-25 15:29:45 -05:00