When a user rotates their Nostr keypair in account settings, the
merchant still holds the old key. This adds:
- key_mismatch flag on MerchantConfig (runtime, not persisted) -
detected on each GET /api/v1/merchant by comparing account vs
merchant pubkey
- POST /api/v1/merchant/{id}/migrate-keys endpoint that updates
the merchant keys, republishes all stalls/products under the new
identity, and resubscribes
- Warning banner in the UI with a "Migrate Keys" button and
confirmation dialog
- update_merchant_keys() crud function
Orders and DM history are preserved since they reference customer
pubkeys. Old stall/product events on relays become orphaned.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Modernize the entire customer-merchant communication layer from deprecated
NIP-04 (kind 4, AES-256-CBC) to NIP-17 private direct messages using
NIP-44 v2 encryption (ChaCha20 + HMAC-SHA256) and NIP-59 gift wrapping
(rumor/seal/gift-wrap protocol). No backwards compatibility retained.
New modules:
- nostr/nip44.py: NIP-44 v2 encryption verified against official spec vectors
- nostr/nip59.py: NIP-59 gift wrap with wrap/unwrap convenience functions
- tests/: 44 unit tests for NIP-44 and NIP-59
Key changes:
- Subscription filters: kind 4 → kind 1059 gift wraps
- Message handler: _handle_nip04_message → _handle_gift_wrap (unwrap + route)
- send_dm/reply_to_structured_dm: NIP-59 gift wrap to recipient + self-archive
- Merchant model: removed NIP-04 crypto methods (decrypt/encrypt/build_dm_event)
- helpers.py: removed NIP-04 functions, kept Schnorr signing + key normalization
- views_api.py: consolidated DM sending through send_dm() service function
Reliability improvements:
- Event deduplication via bounded LRU set in NostrClient
- Subscription health monitor (resubscribes after 120s of silence)
- Preserved 5-minute lenient time window from prior work
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Updates type hints in `crud.py`, `helpers.py`, and `models.py` for improved readability and maintainability.
Replaces `Merchant | None` with `Optional[Merchant]` and `list[X]` with `List[X]` for consistency with standard Python typing practices.
Enhance the merchant creation process by automatically generating Nostr keypairs
for users who don't have them, and streamline the API interface.
Changes:
- Add CreateMerchantRequest model to simplify merchant creation API
- Auto-generate Nostr keypairs for users without existing keys
- Update merchant creation endpoint to use user account keypairs
- Improve error handling and validation in merchant creation flow
- Clean up frontend JavaScript for merchant creation
This ensures all merchants have proper Nostr keypairs for marketplace
functionality without requiring manual key management from users.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add PATCH endpoint for updating merchant profile config
- Add website field to MerchantProfile model
- Fix to_nostr_event to include all profile fields (display_name, banner, website, nip05, lud16)
- Always publish merchant profile (kind 0) when publishing to Nostr
- Extract edit-profile-dialog and nostr-keys-dialog into separate components
- Fix profile avatar alignment to match original design
- Simplify keys dialog to show only npub QR code (no nsec QR)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Display merchant profile information with:
- Banner image or grey placeholder
- Profile avatar with shadow
- Display name (or name fallback)
- About description
- NIP-05 verified identity indicator
- Lightning address (LUD16)
Extends MerchantProfile model with new fields:
display_name, banner, nip05, lud16
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: restore stalls from `nostr` as pending
* feat: stall and prod last update time
* feat: restore products and stalls as `pending`
* feat: show pending stalls
* feat: restore stall
* feat: restore a stall from nostr
* feat: add blank `Restore Product` button
* fix: handle no talls to restore case
* feat: show restore dialog
* feat: allow query for pending products
* feat: restore products
* chore: code clean-up
* fix: last dm and last order query
* chore: code clean-up
* fix: subscribe for stalls and products on merchant create/restore
* feat: add message type to orders
* feat: simplify messages; code format
* feat: add type to DMs; restore DMs from nostr
* fix: parsing ints
* fix: hide copy button if invoice not present
* fix: do not generate invoice if product not found
* feat: order restore: first version
* refactor: move some logic into `services`
* feat: improve restore UX
* fix: too many calls to customer DMs
* fix: allow `All` customers filter
* fix: ws reconnect on server restart
* fix: query for customer profiles only one
* fix: unread messages per customer per merchant
* fix: disable `user-profile-events`
* fix: customer profile is optional
* fix: get customers after new message debounced
* chore: code clean-up
* feat: auto-create zone
* feat: fixed ID for default zone
* feat: notify order paid
