feat(nip05): add Lightning Address support for zaps

Adds /.well-known/lnurlp/:username endpoint that: 1. Looks up username in NIP-05 database 2. Gets LNURL-pay info from Lightning.Pub for that user 3. Returns standard LUD-16 response for wallet compatibility This makes NIP-05 addresses (alice@domain) work seamlessly as Lightning Addresses for receiving payments and NIP-57 zaps. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
feat(extensions): add NIP-05 identity extension
2026-04-01 13:15:43 -04:00 · 2026-04-01 13:15:43 -04:00 · 2026-03-26 18:45:27 -04:00 · 2026-03-26 18:45:27 -04:00 · 2026-03-26 18:45:27 -04:00 · 2026-03-26 18:45:27 -04:00
7 changed files with 1122 additions and 1865 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -2,3 +2,21 @@
 .github
 build
 node_modules
+
+# Runtime state files (should not be baked into image)
+*.sqlite
+*.sqlite-journal
+*.sqlite-wal
+*.sqlite-shm
+*.db
+admin.connect
+admin.enroll
+admin.npub
+app.nprofile
+.jwt_secret
+
+# Runtime data directories
+metric_cache/
+metric_events/
+bundler_events/
+logs/
--- a/2
+++ b/2
@ -1,4 +1,4 @@
-FROM node:18
+FROM node:20

 WORKDIR /app

--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -77,6 +77,7 @@
    "zip-a-folder": "^3.1.9"
  },
  "devDependencies": {
+    "@types/better-sqlite3": "^7.6.13",
    "@types/chai": "^4.3.4",
    "@types/chai-string": "^1.4.5",
    "@types/cors": "^2.8.17",
@ -93,4 +94,4 @@
    "typescript": "5.5.4"
  },
  "overrides": {}
-}
+}
--- a/src/services/main/applicationManager.ts
+++ b/src/services/main/applicationManager.ts
@ -241,6 +241,8 @@ export default class {
            const paid = await this.paymentManager.PayInvoice(appUser.user.user_id, req, app, {
                ack: pendingOp => { this.notifyAppUserPayment(appUser, pendingOp) }
            })
+            // Refresh appUser balance from DB so notification has accurate latest_balance
+            appUser.user.balance_sats = paid.latest_balance
            this.notifyAppUserPayment(appUser, paid.operation)
            getLogger({ appName: app.name })(appUser.identifier, "invoice paid", paid.amount_paid, "sats")
            return paid
--- a/src/services/nostr/nip44v1.ts
+++ b/src/services/nostr/nip44v1.ts
@ -1,14 +1,14 @@
-import { base64 } from "@scure/base";
+import { base64, hex } from "@scure/base";
 import { randomBytes } from "@noble/hashes/utils";
 import { streamXOR as xchacha20 } from "@stablelib/xchacha20";
-import { secp256k1 } from "@noble/curves/secp256k1";
+import { secp256k1 } from "@noble/curves/secp256k1.js";
 import { sha256 } from "@noble/hashes/sha256";
 export type EncryptedData = {
    ciphertext: Uint8Array;
    nonce: Uint8Array;
 }
 export const getSharedSecret = (privateKey: string, publicKey: string) => {
-    const key = secp256k1.getSharedSecret(privateKey, "02" + publicKey);
+    const key = secp256k1.getSharedSecret(hex.decode(privateKey), hex.decode("02" + publicKey));
    return sha256(key.slice(1, 33));
 }

--- a/src/services/nostr/nostrPool.ts
+++ b/src/services/nostr/nostrPool.ts
@ -205,20 +205,24 @@ export class NostrPool {
        const log = getLogger({ appName: keys.name })
        this.log(`📤 Publishing Kind ${event.kind} event to ${relays.length} relay(s): ${relays.join(', ')}`)
        const pool = new SimplePool()
-        await Promise.all(pool.publish(relays, signed).map(async p => {
-            try {
-                await p
-                sent = true
-            } catch (e: any) {
-                this.log(ERROR, `Failed to publish Kind ${event.kind} event:`, e.message || e)
-                log(e)
+        try {
+            await Promise.all(pool.publish(relays, signed).map(async p => {
+                try {
+                    await p
+                    sent = true
+                } catch (e: any) {
+                    this.log(ERROR, `Failed to publish Kind ${event.kind} event:`, e.message || e)
+                    log(e)
+                }
+            }))
+            if (!sent) {
+                this.log(ERROR, `Failed to send Kind ${event.kind} event to any relay`)
+                log("failed to send event")
+            } else {
+                this.log(`✅ Kind ${event.kind} event published successfully (id: ${signed.id.slice(0, 16)}...)`)
            }
-        }))
-        if (!sent) {
-            this.log(ERROR, `Failed to send Kind ${event.kind} event to any relay`)
-            log("failed to send event")
-        } else {
-            this.log(`✅ Kind ${event.kind} event published successfully (id: ${signed.id.slice(0, 16)}...)`)
+        } finally {
+            pool.close(relays)
        }
    }
Author	SHA1	Message	Date
Patrick Mulligan	a2366c40f2	feat(nip05): add Lightning Address support for zaps Some checks are pending Docker Compose Actions Workflow / test (push) Waiting to run Details Adds /.well-known/lnurlp/:username endpoint that: 1. Looks up username in NIP-05 database 2. Gets LNURL-pay info from Lightning.Pub for that user 3. Returns standard LUD-16 response for wallet compatibility This makes NIP-05 addresses (alice@domain) work seamlessly as Lightning Addresses for receiving payments and NIP-57 zaps. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-04-01 13:15:43 -04:00
Patrick Mulligan	cf85a2fd7c	feat(extensions): add NIP-05 identity extension Implements Nostr NIP-05 for human-readable identity verification: - Username claiming and management (username@domain) - /.well-known/nostr.json endpoint per spec - Optional relay hints in JSON response - Admin controls for identity management RPC methods: - nip05.claim - Claim a username - nip05.release - Release your username - nip05.updateRelays - Update relay hints - nip05.getMyIdentity - Get your identity - nip05.lookup - Look up by username - nip05.lookupByPubkey - Look up by pubkey - nip05.listIdentities - List all (admin) - nip05.deactivate/reactivate - Admin controls Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-04-01 13:15:43 -04:00
Patrick Mulligan	c308d4be78	fix: use fresh balance in PayAppUserInvoice notification Some checks failed Docker Compose Actions Workflow / test (push) Has been cancelled Details notifyAppUserPayment was sending the stale cached balance from the entity loaded before PayInvoice decremented it. Update the entity's balance_sats from the PayInvoice response so LiveUserOperation events contain the correct post-payment balance. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-26 18:45:27 -04:00
Patrick Mulligan	f1aa5d7139	chore: update Docker build and dependencies - Add .dockerignore for runtime state files (sqlite, logs, secrets) - Bump Node.js base image from 18 to 20 - Add @types/better-sqlite3 dev dependency Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-26 18:45:27 -04:00
Patrick Mulligan	9981e2628e	fix: correct nip44v1 secp256k1 getSharedSecret argument types The @noble/curves secp256k1.getSharedSecret expects Uint8Array arguments, not hex strings. Use hex.decode() to convert the private and public keys. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-03-26 18:45:27 -04:00
Patrick Mulligan	ece75df22d	feat(extensions): add getLnurlPayInfo to ExtensionContext Enables extensions to get LNURL-pay info for users by pubkey, supporting Lightning Address (LUD-16) and zap (NIP-57) functionality. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-03-26 18:45:27 -04:00
Patrick Mulligan	c909cd660a	docs(extensions): add comprehensive extension loader documentation Covers architecture, API reference, lifecycle, database isolation, RPC methods, HTTP routes, event handling, and complete examples. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-03-26 18:45:27 -04:00
Patrick Mulligan	5b88982fed	feat(extensions): add extension loader infrastructure Adds a modular extension system for Lightning.Pub that allows third-party functionality to be added without modifying core code. Features: - ExtensionLoader: discovers and loads extensions from directory - ExtensionContext: provides extensions with access to Lightning.Pub APIs - ExtensionDatabase: isolated SQLite database per extension - Lifecycle management: initialize, shutdown, health checks - RPC method registration: extensions can add new RPC methods - Event dispatching: routes payments and Nostr events to extensions Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-03-26 18:45:27 -04:00
Patrick Mulligan	4d19b55c57	fix(nostr): close SimplePool after publishing to prevent connection leak Each sendEvent() call created a new SimplePool() but never closed it, causing relay WebSocket connections to accumulate indefinitely (~20/min). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-26 18:45:27 -04:00
Patrick Mulligan	071a27ad2d	fix(handlers): await NostrSend calls throughout codebase Update all NostrSend call sites to properly handle the async nature of the function now that it returns Promise<void>. Changes: - handler.ts: Add async to sendResponse, await nostrSend calls - debitManager.ts: Add logging for Kind 21002 response sending - nostrMiddleware.ts: Update nostrSend signature - tlvFilesStorageProcessor.ts: Update nostrSend signature - webRTC/index.ts: Add async/await for nostrSend calls This ensures Kind 21002 (ndebit) responses are properly sent to wallet clients, fixing the "Debit request failed" issue in ShockWallet. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-03-26 18:45:27 -04:00
Patrick Mulligan	fee87e2741	fix(nostr): update NostrSend type to Promise<void> with error handling The NostrSend type was incorrectly typed as returning void when it actually returns Promise<void>. This caused async errors to be silently swallowed. Changes: - Update NostrSend type signature to return Promise<void> - Make NostrSender._nostrSend default to async function - Add .catch() error handling in NostrSender.Send() to log failures - Add logging to track event publishing status Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-03-26 18:45:27 -04:00