Merge branch 'master' into login2fa

.env.development

@@ -29,8 +29,8 @@ SLACK_BOT_TOKEN=
 SLACK_CHANNEL_ID=
 
 # lnurl ... you'll need a tunnel to localhost:3000 for these
-LNAUTH_URL=
-LNWITH_URL=
+LNAUTH_URL=http://localhost:3000/api/lnauth
+LNWITH_URL=http://localhost:3000/api/lnwith
 
 ########################################
 # SNDEV STUFF WE PRESET                #
@@ -126,27 +126,42 @@ RPC_PORT=18443
 P2P_PORT=18444
 ZMQ_BLOCK_PORT=28334
 ZMQ_TX_PORT=28335
+ZMQ_HASHBLOCK_PORT=29000
 
-# sn lnd container stuff
-LND_REST_PORT=8080
-LND_GRPC_PORT=10009
-LND_P2P_PORT=9735
+# sn_lnd container stuff
+SN_LND_REST_PORT=8080
+SN_LND_GRPC_PORT=10009
+SN_LND_P2P_PORT=9735
 # docker exec -u lnd sn_lnd lncli newaddress p2wkh --unused
-LND_ADDR=bcrt1q7q06n5st4vqq3lssn0rtkrn2qqypghv9xg2xnl
-LND_PUBKEY=02cb2e2d5a6c5b17fa67b1a883e2973c82e328fb9bd08b2b156a9e23820c87a490
-
-# stacker lnd container stuff
-STACKER_LND_REST_PORT=8081
-STACKER_LND_GRPC_PORT=10010
+SN_LND_ADDR=bcrt1q7q06n5st4vqq3lssn0rtkrn2qqypghv9xg2xnl
+SN_LND_PUBKEY=02cb2e2d5a6c5b17fa67b1a883e2973c82e328fb9bd08b2b156a9e23820c87a490
+# sn_lndk stuff
+SN_LNDK_GRPC_PORT=10012
+
+# lnd container stuff
+LND_REST_PORT=8081
+LND_GRPC_PORT=10010
 # docker exec -u lnd lnd lncli newaddress p2wkh --unused
-STACKER_LND_ADDR=bcrt1qfqau4ug9e6rtrvxrgclg58e0r93wshucumm9vu
-STACKER_LND_PUBKEY=028093ae52e011d45b3e67f2e0f2cb6c3a1d7f88d2920d408f3ac6db3a56dc4b35
+LND_ADDR=bcrt1qfqau4ug9e6rtrvxrgclg58e0r93wshucumm9vu
+LND_PUBKEY=028093ae52e011d45b3e67f2e0f2cb6c3a1d7f88d2920d408f3ac6db3a56dc4b35
 
-# stacker cln container stuff
-STACKER_CLN_REST_PORT=9092
+# cln container stuff
+CLN_REST_PORT=9092
 # docker exec -u clightning cln lightning-cli newaddr bech32
-STACKER_CLN_ADDR=bcrt1q02sqd74l4pxedy24fg0qtjz4y2jq7x4lxlgzrx
-STACKER_CLN_PUBKEY=03ca7acec181dbf5e427c682c4261a46a0dd9ea5f35d97acb094e399f727835b90
+CLN_ADDR=bcrt1q02sqd74l4pxedy24fg0qtjz4y2jq7x4lxlgzrx
+CLN_PUBKEY=03ca7acec181dbf5e427c682c4261a46a0dd9ea5f35d97acb094e399f727835b90
+
+# sndev cli eclair getnewaddress
+# sndev cli eclair getinfo
+ECLAIR_ADDR="bcrt1qdus2yml69wsax3unz8pts9h979lc3s4tw0tpf6"
+ECLAIR_PUBKEY="02268c74cc07837041131474881f97d497706b89a29f939555da6d094b65bd5af0"
+
+# router lnd container stuff
+ROUTER_LND_REST_PORT=8082
+ROUTER_LND_GRPC_PORT=10011
+# docker exec -u lnd router_lnd lncli newaddress p2wkh --unused
+ROUTER_LND_ADDR=bcrt1qfkmwfpwgn6wt0dd36s79x04swz8vleyafsdpdr
+ROUTER_LND_PUBKEY=02750991fbf62e57631888bc469fae69c5e658bd1d245d8ab95ed883517caa33c3
 
 LNCLI_NETWORK=regtest
 

.gitignore

@@ -58,4 +58,7 @@ docker-compose.*.yml
 scripts/nwc-keys.json
 
 # lnbits
-docker/lnbits/data
+docker/lnbits/data
+
+# lndk
+!docker/lndk/tls-*.pem

api/paidAction/index.js

@@ -317,34 +317,39 @@ export async function retryPaidAction (actionType, args, incomingContext) {
     optimistic: actionOptimistic,
     me: await models.user.findUnique({ where: { id: parseInt(me.id) } }),
     cost: BigInt(msatsRequested),
-    actionId
+    actionId,
+    predecessorId: failedInvoice.id
   }
 
   let invoiceArgs
   const invoiceForward = await models.invoiceForward.findUnique({
-    where: { invoiceId: failedInvoice.id },
+    where: {
+      invoiceId: failedInvoice.id
+    },
     include: {
-      wallet: true,
-      invoice: true,
-      withdrawl: true
+      wallet: true
     }
   })
-  // TODO: receiver fallbacks
-  // use next receiver wallet if forward failed (we currently immediately fallback to SN)
-  const failedForward = invoiceForward?.withdrawl && invoiceForward.withdrawl.actionState !== 'CONFIRMED'
-  if (invoiceForward && !failedForward) {
-    const { userId } = invoiceForward.wallet
-    const { invoice: bolt11, wrappedInvoice: wrappedBolt11, wallet, maxFee } = await createWrappedInvoice(userId, {
-      msats: failedInvoice.msatsRequested,
-      feePercent: await action.getSybilFeePercent?.(actionArgs, retryContext),
-      description: await action.describe?.(actionArgs, retryContext),
-      expiry: INVOICE_EXPIRE_SECS
-    }, retryContext)
-    invoiceArgs = { bolt11, wrappedBolt11, wallet, maxFee }
-  } else {
-    invoiceArgs = await createSNInvoice(actionType, actionArgs, retryContext)
+
+  if (invoiceForward) {
+    // this is a wrapped invoice, we need to retry it with receiver fallbacks
+    try {
+      const { userId } = invoiceForward.wallet
+      // this will return an invoice from the first receiver wallet that didn't fail yet and throw if none is available
+      const { invoice: bolt11, wrappedInvoice: wrappedBolt11, wallet, maxFee } = await createWrappedInvoice(userId, {
+        msats: failedInvoice.msatsRequested,
+        feePercent: await action.getSybilFeePercent?.(actionArgs, retryContext),
+        description: await action.describe?.(actionArgs, retryContext),
+        expiry: INVOICE_EXPIRE_SECS
+      }, retryContext)
+      invoiceArgs = { bolt11, wrappedBolt11, wallet, maxFee }
+    } catch (err) {
+      console.log('failed to retry wrapped invoice, falling back to SN:', err)
+    }
   }
 
+  invoiceArgs ??= await createSNInvoice(actionType, actionArgs, retryContext)
+
   return await models.$transaction(async tx => {
     const context = { ...retryContext, tx, invoiceArgs }
 
@@ -404,7 +409,7 @@ async function createSNInvoice (actionType, args, context) {
 }
 
 async function createDbInvoice (actionType, args, context) {
-  const { me, models, tx, cost, optimistic, actionId, invoiceArgs } = context
+  const { me, models, tx, cost, optimistic, actionId, invoiceArgs, predecessorId } = context
   const { bolt11, wrappedBolt11, preimage, wallet, maxFee } = invoiceArgs
 
   const db = tx ?? models
@@ -429,7 +434,8 @@ async function createDbInvoice (actionType, args, context) {
     actionOptimistic: optimistic,
     actionArgs: args,
     expiresAt,
-    actionId
+    actionId,
+    predecessorId
   }
 
   let invoice

api/payingAction/index.js

@@ -1,4 +1,4 @@
-import { LND_PATHFINDING_TIMEOUT_MS } from '@/lib/constants'
+import { LND_PATHFINDING_TIME_PREF_PPM, LND_PATHFINDING_TIMEOUT_MS } from '@/lib/constants'
 import { msatsToSats, satsToMsats, toPositiveBigInt } from '@/lib/format'
 import { Prisma } from '@prisma/client'
 import { parsePaymentRequest, payViaPaymentRequest } from 'ln-service'
@@ -44,7 +44,8 @@ export default async function performPayingAction ({ bolt11, maxFee, walletId },
       lnd,
       request: withdrawal.bolt11,
       max_fee: msatsToSats(withdrawal.msatsFeePaying),
-      pathfinding_timeout: LND_PATHFINDING_TIMEOUT_MS
+      pathfinding_timeout: LND_PATHFINDING_TIMEOUT_MS,
+      confidence: LND_PATHFINDING_TIME_PREF_PPM
     }).catch(console.error)
 
     return withdrawal

api/resolvers/item.js

@@ -8,7 +8,8 @@ import {
   COMMENT_DEPTH_LIMIT, COMMENT_TYPE_QUERY,
   USER_ID, POLL_COST, ADMIN_ITEMS, GLOBAL_SEED,
   NOFOLLOW_LIMIT, UNKNOWN_LINK_REL, SN_ADMIN_IDS,
-  BOOST_MULT
+  BOOST_MULT,
+  ITEM_EDIT_SECONDS
 } from '@/lib/constants'
 import { msatsToSats } from '@/lib/format'
 import { parse } from 'tldts'
@@ -1350,8 +1351,9 @@ export const updateItem = async (parent, { sub: subName, forward, hash, hmac, ..
     throw new GqlInputError('item is deleted')
   }
 
-  // author can edit their own item (except anon)
   const meId = Number(me?.id ?? USER_ID.anon)
+
+  // author can edit their own item (except anon)
   const authorEdit = !!me && Number(old.userId) === meId
   // admins can edit special items
   const adminEdit = ADMIN_ITEMS.includes(old.id) && SN_ADMIN_IDS.includes(meId)
@@ -1360,9 +1362,9 @@ export const updateItem = async (parent, { sub: subName, forward, hash, hmac, ..
   if (old.invoice?.hash && hash && hmac) {
     hmacEdit = old.invoice.hash === hash && verifyHmac(hash, hmac)
   }
-
   // ownership permission check
-  if (!authorEdit && !adminEdit && !hmacEdit) {
+  const ownerEdit = authorEdit || adminEdit || hmacEdit
+  if (!ownerEdit) {
     throw new GqlInputError('item does not belong to you')
   }
 
@@ -1379,12 +1381,12 @@ export const updateItem = async (parent, { sub: subName, forward, hash, hmac, ..
 
   const user = await models.user.findUnique({ where: { id: meId } })
 
-  // prevent update if it's not explicitly allowed, not their bio, not their job and older than 10 minutes
+  // edits are only allowed for own items within 10 minutes
+  // but forever if an admin is editing an "admin item", it's their bio or a job
   const myBio = user.bioId === old.id
-  const timer = Date.now() < datePivot(new Date(old.invoicePaidAt ?? old.createdAt), { minutes: 10 })
-
-  // timer permission check
-  if (!adminEdit && !myBio && !timer && !isJob(item)) {
+  const timer = Date.now() < datePivot(new Date(old.invoicePaidAt ?? old.createdAt), { seconds: ITEM_EDIT_SECONDS })
+  const canEdit = (timer && ownerEdit) || adminEdit || myBio || isJob(item)
+  if (!canEdit) {
     throw new GqlInputError('item can no longer be edited')
   }
 

api/resolvers/rewards.js

@@ -157,7 +157,7 @@ export default {
       const [{ to, from }] = await models.$queryRaw`
         SELECT date_trunc('day',  (now() AT TIME ZONE 'America/Chicago')) AT TIME ZONE 'America/Chicago' as from,
                (date_trunc('day',  (now() AT TIME ZONE 'America/Chicago')) AT TIME ZONE 'America/Chicago') + interval '1 day - 1 second' as to`
-      return await topUsers(parent, { when: 'custom', to: new Date(to).getTime().toString(), from: new Date(from).getTime().toString(), limit: 100 }, { models, ...context })
+      return await topUsers(parent, { when: 'custom', to: new Date(to).getTime().toString(), from: new Date(from).getTime().toString(), limit: 500 }, { models, ...context })
     },
     total: async (parent, args, { models }) => {
       if (!parent.total) {

api/resolvers/user.js

@@ -67,11 +67,12 @@ export async function topUsers (parent, { cursor, when, by, from, to, limit = LI
     case 'comments': column = 'ncomments'; break
     case 'referrals': column = 'referrals'; break
     case 'stacking': column = 'stacked'; break
+    case 'value':
     default: column = 'proportion'; break
   }
 
   const users = (await models.$queryRawUnsafe(`
-    SELECT *
+    SELECT * ${column === 'proportion' ? ', proportion' : ''}
     FROM
       (SELECT users.*,
         COALESCE(floor(sum(msats_spent)/1000), 0) as spent,

api/resolvers/wallet.js

@@ -8,7 +8,8 @@ import { SELECT, itemQueryWithMeta } from './item'
 import { formatMsats, msatsToSats, msatsToSatsDecimal, satsToMsats } from '@/lib/format'
 import {
   USER_ID, INVOICE_RETENTION_DAYS,
-  PAID_ACTION_PAYMENT_METHODS
+  PAID_ACTION_PAYMENT_METHODS,
+  WALLET_CREATE_INVOICE_TIMEOUT_MS
 } from '@/lib/constants'
 import { amountSchema, validateSchema, withdrawlSchema, lnAddrSchema } from '@/lib/validate'
 import assertGofacYourself from './ofac'
@@ -21,9 +22,10 @@ import { lnAddrOptions } from '@/lib/lnurl'
 import { GqlAuthenticationError, GqlAuthorizationError, GqlInputError } from '@/lib/error'
 import { getNodeSockets, getOurPubkey } from '../lnd'
 import validateWallet from '@/wallets/validate'
-import { canReceive } from '@/wallets/common'
+import { canReceive, getWalletByType } from '@/wallets/common'
 import performPaidAction from '../paidAction'
 import performPayingAction from '../payingAction'
+import { timeoutSignal, withTimeout } from '@/lib/time'
 
 function injectResolvers (resolvers) {
   console.group('injected GraphQL resolvers:')
@@ -63,9 +65,15 @@ function injectResolvers (resolvers) {
 
       return await upsertWallet({
         wallet,
+        walletDef,
         testCreateInvoice:
           walletDef.testCreateInvoice && validateLightning && canReceive({ def: walletDef, config: data })
-            ? (data) => walletDef.testCreateInvoice(data, { logger, me, models })
+            ? (data) => withTimeout(
+                walletDef.testCreateInvoice(data, {
+                  logger,
+                  signal: timeoutSignal(WALLET_CREATE_INVOICE_TIMEOUT_MS)
+                }),
+                WALLET_CREATE_INVOICE_TIMEOUT_MS)
             : null
       }, {
         settings,
@@ -551,7 +559,10 @@ const resolvers = {
 
       const logger = walletLogger({ wallet, models })
       await models.wallet.delete({ where: { userId: me.id, id: Number(id) } })
-      logger.info('wallet detached')
+
+      if (canReceive({ def: getWalletByType(wallet.type), config: wallet.wallet })) {
+        logger.info('details for receiving deleted')
+      }
 
       return true
     },
@@ -606,6 +617,15 @@ const resolvers = {
     satsReceived: i => msatsToSats(i.msatsReceived),
     satsRequested: i => msatsToSats(i.msatsRequested),
     // we never want to fetch the sensitive data full monty in nested resolvers
+    forwardStatus: async (invoice, args, { models }) => {
+      const forward = await models.invoiceForward.findUnique({
+        where: { invoiceId: Number(invoice.id) },
+        include: {
+          withdrawl: true
+        }
+      })
+      return forward?.withdrawl?.status
+    },
     forwardedSats: async (invoice, args, { models }) => {
       const msats = (await models.invoiceForward.findUnique({
         where: { invoiceId: Number(invoice.id) },
@@ -750,7 +770,7 @@ export const walletLogger = ({ wallet, models }) => {
 }
 
 async function upsertWallet (
-  { wallet, testCreateInvoice }, { settings, data, vaultEntries }, { logger, me, models }) {
+  { wallet, walletDef, testCreateInvoice }, { settings, data, vaultEntries }, { logger, me, models }) {
   if (!me) {
     throw new GqlAuthenticationError()
   }
@@ -856,24 +876,26 @@ async function upsertWallet (
     )
   }
 
-  txs.push(
-    models.walletLog.createMany({
-      data: {
-        userId: me.id,
-        wallet: wallet.type,
-        level: 'SUCCESS',
-        message: id ? 'wallet details updated' : 'wallet attached'
-      }
-    }),
-    models.walletLog.create({
-      data: {
-        userId: me.id,
-        wallet: wallet.type,
-        level: enabled ? 'SUCCESS' : 'INFO',
-        message: enabled ? 'wallet enabled' : 'wallet disabled'
-      }
-    })
-  )
+  if (canReceive({ def: walletDef, config: walletData })) {
+    txs.push(
+      models.walletLog.createMany({
+        data: {
+          userId: me.id,
+          wallet: wallet.type,
+          level: 'SUCCESS',
+          message: id ? 'details for receiving updated' : 'details for receiving saved'
+        }
+      }),
+      models.walletLog.create({
+        data: {
+          userId: me.id,
+          wallet: wallet.type,
+          level: enabled ? 'SUCCESS' : 'INFO',
+          message: enabled ? 'receiving enabled' : 'receiving disabled'
+        }
+      })
+    )
+  }
 
   const [upsertedWallet] = await models.$transaction(txs)
   return upsertedWallet

api/typeDefs/user.js

@@ -61,6 +61,11 @@ export default gql`
     photoId: Int
     since: Int
 
+    """
+    this is only returned when we sort stackers by value
+    """
+    proportion: Float
+
     optional: UserOptional!
     privates: UserPrivates
 

api/typeDefs/wallet.js

@@ -129,6 +129,7 @@ const typeDefs = `
     item: Item
     itemAct: ItemAct
     forwardedSats: Int
+    forwardStatus: String
   }
 
   type Withdrawl {