fix(nip05): add configurable limits for relays per user and identity listing

Adds max_relays_per_user (default: 10) to prevent users from attaching excessive relay URLs that inflate .well-known/nostr.json responses. Enforced in both claimUsername and updateRelays. Reduces the no-name listing limit from hardcoded 1000 to configurable max_identities_listing (default: 100) for the /.well-known/nostr.json endpoint when no ?name= parameter is provided. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
fix(nip05): add redirect prevention docs and zap field validation
2026-04-02 15:02:41 -04:00 · 2026-04-02 15:02:41 -04:00 · 2026-04-02 15:02:41 -04:00 · 2026-04-02 15:02:41 -04:00 · 2026-04-02 15:02:41 -04:00 · 2026-04-02 18:47:55 +00:00
2 changed files with 17 additions and 8 deletions
--- a/src/services/lnd/lnd.ts
+++ b/src/services/lnd/lnd.ts
@ -142,15 +142,20 @@ export default class {
        return new Promise<void>((res, rej) => {
            const interval = setInterval(async () => {
                try {
-                    await this.GetInfo()
+                    const info = await this.GetInfo()
+                    if (!info.syncedToChain || !info.syncedToGraph) {
+                        this.log("LND responding but not synced yet, waiting...")
+                        return
+                    }
                    clearInterval(interval)
                    this.ready = true
                    res()
                } catch (err) {
                    this.log(INFO, "LND is not ready yet, will try again in 1 second")
-                    if (Date.now() - now > 1000 * 60) {
-                        rej(new Error("LND not ready after 1 minute"))
-                    }
+                }
+                if (Date.now() - now > 1000 * 60 * 10) {
+                    clearInterval(interval)
+                    rej(new Error("LND not synced after 10 minutes"))
                }
            }, 1000)
        })
--- a/src/services/main/watchdog.ts
+++ b/src/services/main/watchdog.ts
@ -238,13 +238,17 @@ export class Watchdog {
        const knownMaxIndex = Math.max(maxFromDb, this.latestPaymentIndexOffset)
        const newLatest = await this.lnd.GetLatestPaymentIndex(knownMaxIndex)
        const historyMismatch = newLatest > knownMaxIndex
-        const deny = await this.checkBalanceUpdate(deltaLnd, deltaUsers)
        if (historyMismatch) {
-            getLogger({ component: 'bark' })("History mismatch detected in absolute update, locking outgoing operations")
-            this.lnd.LockOutgoingOperations()
-            return
+            this.log("Payment index advanced from", knownMaxIndex, "to", newLatest, "- updating offset (likely LND restart or external payment)")
+            this.latestPaymentIndexOffset = newLatest
        }
+        const deny = await this.checkBalanceUpdate(deltaLnd, deltaUsers)
        if (deny) {
+            if (historyMismatch) {
+                getLogger({ component: 'bark' })("Balance mismatch with unexpected payment history, locking outgoing operations")
+                this.lnd.LockOutgoingOperations()
+                return
+            }
            this.log("Balance mismatch detected in absolute update, but history is ok")
        }
        this.lnd.UnlockOutgoingOperations()
Author	SHA1	Message	Date
Patrick Mulligan	bd0a657527	fix(nip05): add configurable limits for relays per user and identity listing Some checks are pending Docker Compose Actions Workflow / test (push) Waiting to run Details Adds max_relays_per_user (default: 10) to prevent users from attaching excessive relay URLs that inflate .well-known/nostr.json responses. Enforced in both claimUsername and updateRelays. Reduces the no-name listing limit from hardcoded 1000 to configurable max_identities_listing (default: 100) for the /.well-known/nostr.json endpoint when no ?name= parameter is provided. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-02 15:02:41 -04:00
Patrick Mulligan	c71dd45ae8	fix(nip05): add redirect prevention docs and zap field validation Gap #5: Document NIP-05 spec requirement that /.well-known/nostr.json MUST NOT return HTTP redirects. The extension already complies (always returns direct responses), but reverse proxy deployments need awareness. Gap #7: Log a warning when getLnurlPayInfo() response is missing allowsNostr or nostrPubkey fields required by NIP-57 for zap support. This surfaces misconfiguration early instead of silently breaking zaps. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-02 15:02:41 -04:00
Patrick Mulligan	4191bb11f4	fix(nip05): allow hyphens and periods in usernames per NIP-05 spec NIP-05 spec states local-part MUST only use characters a-z0-9-_. The previous regex /^[a-z][a-z0-9_]$/ rejected hyphens and periods. Updated to /^[a-z][a-z0-9._-][a-z0-9]$/ and added support for the root identifier "_" (_@domain) as described in the spec. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-02 15:02:41 -04:00
Patrick Mulligan	a5cf1d8ceb	feat(nip05): add Lightning Address support for zaps Adds /.well-known/lnurlp/:username endpoint that: 1. Looks up username in NIP-05 database 2. Gets LNURL-pay info from Lightning.Pub for that user 3. Returns standard LUD-16 response for wallet compatibility This makes NIP-05 addresses (alice@domain) work seamlessly as Lightning Addresses for receiving payments and NIP-57 zaps. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-04-02 15:02:41 -04:00
Patrick Mulligan	e4777894db	feat(extensions): add NIP-05 identity extension Implements Nostr NIP-05 for human-readable identity verification: - Username claiming and management (username@domain) - /.well-known/nostr.json endpoint per spec - Optional relay hints in JSON response - Admin controls for identity management RPC methods: - nip05.claim - Claim a username - nip05.release - Release your username - nip05.updateRelays - Update relay hints - nip05.getMyIdentity - Get your identity - nip05.lookup - Look up by username - nip05.lookupByPubkey - Look up by pubkey - nip05.listIdentities - List all (admin) - nip05.deactivate/reactivate - Admin controls Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-04-02 15:02:41 -04:00
padreug	77e5772afd	feat(extensions): add extension loader infrastructure (#3 ) Some checks are pending Docker Compose Actions Workflow / test (push) Waiting to run Details ## Summary - Adds a modular extension system for Lightning.Pub enabling third-party plugins - Provides isolated SQLite databases per extension for data safety - Implements ExtensionContext API for accessing Lightning.Pub services (payments, Nostr, storage) - Supports RPC method registration with automatic namespacing - Includes HTTP route handling for protocols like LNURL - Event routing for payment receipts and Nostr events - Comprehensive documentation with architecture overview and working examples ## Key Components - `src/extensions/types.ts` - Core extension interfaces - `src/extensions/loader.ts` - Extension discovery, loading, and lifecycle management - `src/extensions/context.ts` - Bridge between extensions and Lightning.Pub services - `src/extensions/database.ts` - SQLite isolation with WAL mode - `src/extensions/README.md` - Full documentation with examples ## ExtensionContext API \| Method \| Description \| \|--------\|-------------\| \| `getApplication()` \| Get application info \| \| `createInvoice()` \| Create Lightning invoice \| \| `payInvoice()` \| Pay Lightning invoice \| \| `getLnurlPayInfo()` \| Get LNURL-pay info for a user (enables Lightning Address/zaps) \| \| `sendEncryptedDM()` \| Send Nostr DM (NIP-44) \| \| `publishNostrEvent()` \| Publish Nostr event \| \| `registerMethod()` \| Register RPC method \| \| `onPaymentReceived()` \| Subscribe to payment callbacks \| \| `onNostrEvent()` \| Subscribe to Nostr events \| ## Test plan - [x] Review extension loader code for correctness - [x] Verify TypeScript compilation succeeds - [x] Test extension discovery from `src/extensions/` directory - [x] Test RPC method registration and routing - [x] Test database isolation between extensions 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: boufni95 <boufni95@gmail.com> Co-authored-by: Patrick Mulligan <patjmulligan@protonmail.com> Reviewed-on: #3	2026-04-02 18:47:55 +00:00
Patrick Mulligan	72c9872b23	fix(watchdog): handle LND restarts without locking outgoing operations Some checks failed Docker Compose Actions Workflow / test (push) Has been cancelled Details When the payment index advances (e.g. after an LND restart or external payment), update the cached offset instead of immediately locking. Only lock if both a history mismatch AND a balance discrepancy are detected — indicating a real security concern rather than a benign LND restart. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 15:19:20 -05:00
Patrick Mulligan	5e5e30c7a2	fix(lnd): wait for chain/graph sync before marking LND ready Warmup() previously only checked that LND responded to GetInfo(), but did not verify syncedToChain/syncedToGraph. This caused LP to accept requests while LND was still syncing, leading to "not synced" errors on every Health() check. Now waits for full sync with a 10min timeout. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 15:18:06 -05:00
Patrick Mulligan	611eb4fc04	fix(nostr): close SimplePool after publishing to prevent connection leak Each sendEvent() call created a new SimplePool() but never closed it, causing relay WebSocket connections to accumulate indefinitely (~20/min). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 15:16:28 -05:00
Patrick Mulligan	6512e10f08	fix(handlers): await NostrSend calls throughout codebase Update all NostrSend call sites to properly handle the async nature of the function now that it returns Promise<void>. Changes: - handler.ts: Add async to sendResponse, await nostrSend calls - debitManager.ts: Add logging for Kind 21002 response sending - nostrMiddleware.ts: Update nostrSend signature - tlvFilesStorageProcessor.ts: Update nostrSend signature - webRTC/index.ts: Add async/await for nostrSend calls This ensures Kind 21002 (ndebit) responses are properly sent to wallet clients, fixing the "Debit request failed" issue in ShockWallet. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-03-04 15:16:28 -05:00
Patrick Mulligan	e9b5dacb3b	fix(nostr): update NostrSend type to Promise<void> with error handling The NostrSend type was incorrectly typed as returning void when it actually returns Promise<void>. This caused async errors to be silently swallowed. Changes: - Update NostrSend type signature to return Promise<void> - Make NostrSender._nostrSend default to async function - Add .catch() error handling in NostrSender.Send() to log failures - Add logging to track event publishing status Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-03-04 15:16:28 -05:00