Extract provision_merchant() service for shared use

Both _auto_create_merchant (lazy GET fallback in views_api) and LNbits' _create_default_merchant (eager signup hook) used to reimplement merchant + zone + stall creation independently. Moves the canonical implementation to services.provision_merchant() so both call sites stay in lockstep — future changes (NIP-17 kind 10050 relay list, additional default zones, etc.) only happen in one place. - services.provision_merchant(user_id, wallet_id, public_key, private_key, display_name, config): creates merchant if absent, default 'Online' zone, default '<username>'s Store' stall, and publishes the kind 30017 stall event. Idempotent on the merchant pubkey: returns the existing merchant unchanged if one exists. - views_api._auto_create_merchant: now a 10-line wrapper that loads the account, generates fallback keys if missing, then delegates. The LNbits-side hook (lnbits/core/services/users.py:_create_default_merchant) will be updated in a companion commit to also call this service. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Auto-create + publish default stall, republish stall on product publish
2026-05-03 16:59:03 +02:00 · 2026-05-03 16:59:03 +02:00 · 2026-05-03 16:59:03 +02:00 · 2026-05-03 16:59:03 +02:00 · 2026-05-03 16:59:03 +02:00 · 2026-05-03 16:59:03 +02:00
22 changed files with 1804 additions and 573 deletions
--- a/README.md
+++ b/README.md
@ -1,3 +1,13 @@
 <a href="https://lnbits.com" target="_blank" rel="noopener noreferrer">
  <picture>
    <source media="(prefers-color-scheme: dark)" srcset="https://i.imgur.com/QE6SIrs.png">
    <img src="https://i.imgur.com/fyKPgVT.png" alt="LNbits" style="width:280px">
  </picture>
 </a>
 [![License: MIT](https://img.shields.io/badge/License-MIT-success?logo=open-source-initiative&logoColor=white)](./LICENSE)
 [![Built for LNbits](https://img.shields.io/badge/Built%20for-LNbits-4D4DFF?logo=lightning&logoColor=white)](https://github.com/lnbits/lnbits)
 # Nostr Market ([NIP-15](https://github.com/nostr-protocol/nips/blob/master/15.md)) - <small>[LNbits](https://github.com/lnbits/lnbits) extension</small>
 <small>For more about LNBits extension check [this tutorial](https://github.com/lnbits/lnbits/wiki/LNbits-Extensions).</small>
@ -147,3 +157,10 @@ Stall and product are _Parameterized Replaceable Events_ according to [NIP-33](h
 Order placing, invoicing, payment details and order statuses are handled over Nostr using [NIP-04](https://github.com/nostr-protocol/nips/blob/master/04.md).
 Customer support is handled over whatever communication method was specified. If communicationg via nostr, [NIP-04](https://github.com/nostr-protocol/nips/blob/master/04.md) is used.
 ## Powered by LNbits
 [LNbits](https://lnbits.com) is a free and open-source lightning accounts system.
 [![Visit LNbits Shop](https://img.shields.io/badge/Visit-LNbits%20Shop-7C3AED?logo=shopping-cart&logoColor=white&labelColor=5B21B6)](https://shop.lnbits.com/)
 [![Try myLNbits SaaS](https://img.shields.io/badge/Try-myLNbits%20SaaS-2563EB?logo=lightning&logoColor=white&labelColor=1E40AF)](https://my.lnbits.com/login)
--- a/init.py
+++ b/init.py
@ -27,7 +27,11 @@ def nostrmarket_renderer():
 nostr_client: NostrClient = NostrClient()
-from .tasks import wait_for_nostr_events, wait_for_paid_invoices  # noqa
+from .tasks import (  # noqa
    subscription_health_monitor,
    wait_for_nostr_events,
    wait_for_paid_invoices,
 )
 from .views import *  # noqa
 from .views_api import *  # noqa
@ -65,4 +69,13 @@ def nostrmarket_start():
    task3 = create_permanent_unique_task(
        "ext_nostrmarket_wait_for_events", _wait_for_nostr_events
    )
-    scheduled_tasks.extend([task1, task2, task3])
+
    async def _health_monitor():
        # start after the subscription is active
        await asyncio.sleep(20)
        await subscription_health_monitor(nostr_client)
    task4 = create_permanent_unique_task(
        "ext_nostrmarket_health_monitor", _health_monitor
    )
    scheduled_tasks.extend([task1, task2, task3, task4])
--- a/config.json
+++ b/config.json
@ -1,12 +1,15 @@
 {
-  "name": "Nostr Market",
+  "id": "nostrmarket",
  "version": "1.1.0",
  "name": "Nostr Market",
  "repo": "https://github.com/lnbits/nostrmarket",
  "short_description": "Nostr Webshop/market on LNbits",
-  "tile": "/nostrmarket/static/images/nostr-market.png",
+  "description": "",
  "tile": "/nostrmarket/static/images/bitcoin-shop.png",
  "min_lnbits_version": "1.4.0",
  "contributors": [
    {
-      "name": "motorina0",
+      "name": "Vlad Stan",
      "uri": "https://github.com/motorina0",
      "role": "Contributor"
    },
@ -19,6 +22,11 @@
      "name": "talvasconcelos",
      "uri": "https://github.com/talvasconcelos",
      "role": "Developer"
    },
    {
      "name": "BenGWeeks",
      "uri": "https://github.com/BenGWeeks",
      "role": "Developer"
    }
  ],
  "images": [
@ -44,5 +52,9 @@
  ],
  "description_md": "https://raw.githubusercontent.com/lnbits/nostrmarket/main/description.md",
  "terms_and_conditions_md": "https://raw.githubusercontent.com/lnbits/nostrmarket/main/toc.md",
-  "license": "MIT"
+  "license": "MIT",
  "paid_features": "",
  "tags": ["Nostr", "Marketplace"],
  "donate": "",
  "hidden": false
 }
--- a/crud.py
+++ b/crud.py
@ -1,4 +1,5 @@
 import json
 from typing import List, Optional, Tuple
 from lnbits.helpers import urlsafe_short_hash
@ -43,7 +44,7 @@ async def create_merchant(user_id: str, m: PartialMerchant) -> Merchant:
 async def update_merchant(
    user_id: str, merchant_id: str, config: MerchantConfig
-) -> Merchant | None:
+) -> Optional[Merchant]:
    await db.execute(
        f"""
            UPDATE nostrmarket.merchants SET meta = :meta, time = {db.timestamp_now}
@ -54,7 +55,27 @@ async def update_merchant(
    return await get_merchant(user_id, merchant_id)
-async def touch_merchant(user_id: str, merchant_id: str) -> Merchant | None:
+async def update_merchant_keys(
    user_id: str, merchant_id: str, private_key: str, public_key: str
 ) -> Optional[Merchant]:
    await db.execute(
        f"""
            UPDATE nostrmarket.merchants
            SET private_key = :private_key, public_key = :public_key,
                time = {db.timestamp_now}
            WHERE id = :id AND user_id = :user_id
        """,
        {
            "private_key": private_key,
            "public_key": public_key,
            "id": merchant_id,
            "user_id": user_id,
        },
    )
    return await get_merchant(user_id, merchant_id)
 async def touch_merchant(user_id: str, merchant_id: str) -> Optional[Merchant]:
    await db.execute(
        f"""
            UPDATE nostrmarket.merchants SET time = {db.timestamp_now}
@ -65,7 +86,7 @@ async def touch_merchant(user_id: str, merchant_id: str) -> Merchant | None:
    return await get_merchant(user_id, merchant_id)
-async def get_merchant(user_id: str, merchant_id: str) -> Merchant | None:
+async def get_merchant(user_id: str, merchant_id: str) -> Optional[Merchant]:
    row: dict = await db.fetchone(
        """SELECT * FROM nostrmarket.merchants WHERE user_id = :user_id AND id = :id""",
        {
@ -77,7 +98,7 @@ async def get_merchant(user_id: str, merchant_id: str) -> Merchant | None:
    return Merchant.from_row(row) if row else None
-async def get_merchant_by_pubkey(public_key: str) -> Merchant | None:
+async def get_merchant_by_pubkey(public_key: str) -> Optional[Merchant]:
    row: dict = await db.fetchone(
        """SELECT * FROM nostrmarket.merchants WHERE public_key = :public_key""",
        {"public_key": public_key},
@ -86,7 +107,7 @@ async def get_merchant_by_pubkey(public_key: str) -> Merchant | None:
    return Merchant.from_row(row) if row else None
-async def get_merchants_ids_with_pubkeys() -> list[tuple[str, str]]:
+async def get_merchants_ids_with_pubkeys() -> List[Tuple[str, str]]:
    rows: list[dict] = await db.fetchall(
        """SELECT id, public_key FROM nostrmarket.merchants""",
    )
@ -94,7 +115,7 @@ async def get_merchants_ids_with_pubkeys() -> list[tuple[str, str]]:
    return [(row["id"], row["public_key"]) for row in rows]
-async def get_merchant_for_user(user_id: str) -> Merchant | None:
+async def get_merchant_for_user(user_id: str) -> Optional[Merchant]:
    row: dict = await db.fetchone(
        """SELECT * FROM nostrmarket.merchants WHERE user_id = :user_id """,
        {"user_id": user_id},
@ -137,7 +158,7 @@ async def create_zone(merchant_id: str, data: Zone) -> Zone:
    return zone
-async def update_zone(merchant_id: str, z: Zone) -> Zone | None:
+async def update_zone(merchant_id: str, z: Zone) -> Optional[Zone]:
    await db.execute(
        """
        UPDATE nostrmarket.zones
@ -156,7 +177,7 @@ async def update_zone(merchant_id: str, z: Zone) -> Zone | None:
    return await get_zone(merchant_id, z.id)
-async def get_zone(merchant_id: str, zone_id: str) -> Zone | None:
+async def get_zone(merchant_id: str, zone_id: str) -> Optional[Zone]:
    row: dict = await db.fetchone(
        "SELECT * FROM nostrmarket.zones WHERE merchant_id = :merchant_id AND id = :id",
        {
@ -167,7 +188,7 @@ async def get_zone(merchant_id: str, zone_id: str) -> Zone | None:
    return Zone.from_row(row) if row else None
-async def get_zones(merchant_id: str) -> list[Zone]:
+async def get_zones(merchant_id: str) -> List[Zone]:
    rows: list[dict] = await db.fetchall(
        "SELECT * FROM nostrmarket.zones WHERE merchant_id = :merchant_id",
        {"merchant_id": merchant_id},
@ -234,7 +255,7 @@ async def create_stall(merchant_id: str, data: Stall) -> Stall:
    return stall
-async def get_stall(merchant_id: str, stall_id: str) -> Stall | None:
+async def get_stall(merchant_id: str, stall_id: str) -> Optional[Stall]:
    row: dict = await db.fetchone(
        """
        SELECT * FROM nostrmarket.stalls
@ -248,7 +269,7 @@ async def get_stall(merchant_id: str, stall_id: str) -> Stall | None:
    return Stall.from_row(row) if row else None
-async def get_stalls(merchant_id: str, pending: bool | None = False) -> list[Stall]:
+async def get_stalls(merchant_id: str, pending: Optional[bool] = False) -> List[Stall]:
    rows: list[dict] = await db.fetchall(
        """
        SELECT * FROM nostrmarket.stalls
@ -273,7 +294,7 @@ async def get_last_stall_update_time() -> int:
    return row["event_created_at"] or 0 if row else 0
-async def update_stall(merchant_id: str, stall: Stall) -> Stall | None:
+async def update_stall(merchant_id: str, stall: Stall) -> Optional[Stall]:
    await db.execute(
        """
            UPDATE nostrmarket.stalls
@ -397,7 +418,9 @@ async def update_product(merchant_id: str, product: Product) -> Product:
    return updated_product
-async def update_product_quantity(product_id: str, new_quantity: int) -> Product | None:
+async def update_product_quantity(
    product_id: str, new_quantity: int
 ) -> Optional[Product]:
    await db.execute(
        """
            UPDATE nostrmarket.products SET quantity = :quantity
@ -412,7 +435,7 @@ async def update_product_quantity(product_id: str, new_quantity: int) -> Product
    return Product.from_row(row) if row else None
-async def get_product(merchant_id: str, product_id: str) -> Product | None:
+async def get_product(merchant_id: str, product_id: str) -> Optional[Product]:
    row: dict = await db.fetchone(
        """
            SELECT * FROM nostrmarket.products
@ -428,8 +451,8 @@ async def get_product(merchant_id: str, product_id: str) -> Product | None:
 async def get_products(
-    merchant_id: str, stall_id: str, pending: bool | None = False
+    merchant_id: str, stall_id: str, pending: Optional[bool] = False
-) -> list[Product]:
+) -> List[Product]:
    rows: list[dict] = await db.fetchall(
        """
        SELECT * FROM nostrmarket.products
@ -442,8 +465,8 @@ async def get_products(
 async def get_products_by_ids(
-    merchant_id: str, product_ids: list[str]
+    merchant_id: str, product_ids: List[str]
-) -> list[Product]:
+) -> List[Product]:
    # todo: revisit
    keys = []
@ -464,7 +487,7 @@ async def get_products_by_ids(
    return [Product.from_row(row) for row in rows]
-async def get_wallet_for_product(product_id: str) -> str | None:
+async def get_wallet_for_product(product_id: str) -> Optional[str]:
    row: dict = await db.fetchone(
        """
        SELECT s.wallet as wallet FROM nostrmarket.products p
@ -571,7 +594,7 @@ async def create_order(merchant_id: str, o: Order) -> Order:
    return order
-async def get_order(merchant_id: str, order_id: str) -> Order | None:
+async def get_order(merchant_id: str, order_id: str) -> Optional[Order]:
    row: dict = await db.fetchone(
        """
            SELECT * FROM nostrmarket.orders
@ -585,7 +608,7 @@ async def get_order(merchant_id: str, order_id: str) -> Order | None:
    return Order.from_row(row) if row else None
-async def get_order_by_event_id(merchant_id: str, event_id: str) -> Order | None:
+async def get_order_by_event_id(merchant_id: str, event_id: str) -> Optional[Order]:
    row: dict = await db.fetchone(
        """
            SELECT * FROM nostrmarket.orders
@ -599,7 +622,7 @@ async def get_order_by_event_id(merchant_id: str, event_id: str) -> Order | None
    return Order.from_row(row) if row else None
-async def get_orders(merchant_id: str, **kwargs) -> list[Order]:
+async def get_orders(merchant_id: str, **kwargs) -> List[Order]:
    q = " AND ".join(
        [
            f"{field[0]} = :{field[0]}"
@ -626,7 +649,7 @@ async def get_orders(merchant_id: str, **kwargs) -> list[Order]:
 async def get_orders_for_stall(
    merchant_id: str, stall_id: str, **kwargs
-) -> list[Order]:
+) -> List[Order]:
    q = " AND ".join(
        [
            f"{field[0]} = :{field[0]}"
@ -652,7 +675,7 @@ async def get_orders_for_stall(
    return [Order.from_row(row) for row in rows]
-async def update_order(merchant_id: str, order_id: str, **kwargs) -> Order | None:
+async def update_order(merchant_id: str, order_id: str, **kwargs) -> Optional[Order]:
    q = ", ".join(
        [
            f"{field[0]} = :{field[0]}"
@ -676,7 +699,7 @@ async def update_order(merchant_id: str, order_id: str, **kwargs) -> Order | Non
    return await get_order(merchant_id, order_id)
-async def update_order_paid_status(order_id: str, paid: bool) -> Order | None:
+async def update_order_paid_status(order_id: str, paid: bool) -> Optional[Order]:
    await db.execute(
        "UPDATE nostrmarket.orders SET paid = :paid  WHERE id = :id",
        {"paid": paid, "id": order_id},
@ -690,7 +713,7 @@ async def update_order_paid_status(order_id: str, paid: bool) -> Order | None:
 async def update_order_shipped_status(
    merchant_id: str, order_id: str, shipped: bool
-) -> Order | None:
+) -> Optional[Order]:
    await db.execute(
        """
            UPDATE nostrmarket.orders
@ -754,7 +777,7 @@ async def create_direct_message(
    return msg
-async def get_direct_message(merchant_id: str, dm_id: str) -> DirectMessage | None:
+async def get_direct_message(merchant_id: str, dm_id: str) -> Optional[DirectMessage]:
    row: dict = await db.fetchone(
        """
            SELECT * FROM nostrmarket.direct_messages
@ -770,7 +793,7 @@ async def get_direct_message(merchant_id: str, dm_id: str) -> DirectMessage | No
 async def get_direct_message_by_event_id(
    merchant_id: str, event_id: str
-) -> DirectMessage | None:
+) -> Optional[DirectMessage]:
    row: dict = await db.fetchone(
        """
        SELECT * FROM nostrmarket.direct_messages
@ -784,7 +807,7 @@ async def get_direct_message_by_event_id(
    return DirectMessage.from_row(row) if row else None
-async def get_direct_messages(merchant_id: str, public_key: str) -> list[DirectMessage]:
+async def get_direct_messages(merchant_id: str, public_key: str) -> List[DirectMessage]:
    rows: list[dict] = await db.fetchall(
        """
        SELECT * FROM nostrmarket.direct_messages
@ -796,7 +819,7 @@ async def get_direct_messages(merchant_id: str, public_key: str) -> list[DirectM
    return [DirectMessage.from_row(row) for row in rows]
-async def get_orders_from_direct_messages(merchant_id: str) -> list[DirectMessage]:
+async def get_orders_from_direct_messages(merchant_id: str) -> List[DirectMessage]:
    rows: list[dict] = await db.fetchall(
        """
        SELECT * FROM nostrmarket.direct_messages
@ -857,7 +880,7 @@ async def create_customer(merchant_id: str, data: Customer) -> Customer:
    return customer
-async def get_customer(merchant_id: str, public_key: str) -> Customer | None:
+async def get_customer(merchant_id: str, public_key: str) -> Optional[Customer]:
    row: dict = await db.fetchone(
        """
            SELECT * FROM nostrmarket.customers
@ -871,7 +894,7 @@ async def get_customer(merchant_id: str, public_key: str) -> Customer | None:
    return Customer.from_row(row) if row else None
-async def get_customers(merchant_id: str) -> list[Customer]:
+async def get_customers(merchant_id: str) -> List[Customer]:
    rows: list[dict] = await db.fetchall(
        "SELECT * FROM nostrmarket.customers WHERE merchant_id = :merchant_id",
        {"merchant_id": merchant_id},
@ -879,7 +902,7 @@ async def get_customers(merchant_id: str) -> list[Customer]:
    return [Customer.from_row(row) for row in rows]
-async def get_all_unique_customers() -> list[Customer]:
+async def get_all_unique_customers() -> List[Customer]:
    q = """
            SELECT public_key, MAX(merchant_id) as merchant_id, MAX(event_created_at)
            FROM nostrmarket.customers
--- a/description.md
+++ b/description.md
@ -1,12 +1,10 @@
-> IMPORTANT: Nostr market needs the nostr-client extension installed.
+Buy and sell products over Nostr using the NIP-15 marketplace protocol.
-Buy and sell things over Nostr, using NIP15 https://github.com/nostr-protocol/nips/blob/master/15.md
+Its functions include:
-Nostr was partly based on the the previous version of this extension "Diagon Alley", so lends itself very well to buying and sellinng over Nostr.
+- Managing products, sales, and customer communication as a merchant
 - Browsing and ordering products as a customer
 - Tracking order status and delivery
 - Communicating via NIP-17 private direct messages (NIP-44 encryption + NIP-59 gift wrapping)
-The Nostr Market extension includes:
+A decentralized commerce solution for merchants and buyers who want to trade goods and services over Nostr with end-to-end encrypted communication.
 - A merchant client to manage products, sales and communication with customers.
 - A customer client to find and order products from merchants, communicate with merchants and track status of ordered products.
 All communication happens over NIP04 encrypted DMs.
--- a/helpers.py
+++ b/helpers.py
@ -1,54 +1,5 @@
 import base64
 import secrets
 import coincurve
 from bech32 import bech32_decode, convertbits
 from cryptography.hazmat.primitives import padding
 from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
 def get_shared_secret(privkey: str, pubkey: str):
    pk = coincurve.PublicKey(bytes.fromhex("02" + pubkey))
    sk = coincurve.PrivateKey(bytes.fromhex(privkey))
    shared_point = pk.multiply(sk.secret)
    shared_point_bytes = shared_point.format(compressed=False)
    x_coord = shared_point_bytes[1:33]
    return x_coord
 def decrypt_message(encoded_message: str, encryption_key) -> str:
    encoded_data = encoded_message.split("?iv=")
    if len(encoded_data) == 1:
        return encoded_data[0]
    encoded_content, encoded_iv = encoded_data[0], encoded_data[1]
    iv = base64.b64decode(encoded_iv)
    cipher = Cipher(algorithms.AES(encryption_key), modes.CBC(iv))
    encrypted_content = base64.b64decode(encoded_content)
    decryptor = cipher.decryptor()
    decrypted_message = decryptor.update(encrypted_content) + decryptor.finalize()
    unpadder = padding.PKCS7(128).unpadder()
    unpadded_data = unpadder.update(decrypted_message) + unpadder.finalize()
    return unpadded_data.decode()
 def encrypt_message(message: str, encryption_key, iv: bytes | None = None) -> str:
    padder = padding.PKCS7(128).padder()
    padded_data = padder.update(message.encode()) + padder.finalize()
    iv = iv if iv else secrets.token_bytes(16)
    cipher = Cipher(algorithms.AES(encryption_key), modes.CBC(iv))
    encryptor = cipher.encryptor()
    encrypted_message = encryptor.update(padded_data) + encryptor.finalize()
    base64_message = base64.b64encode(encrypted_message).decode()
    base64_iv = base64.b64encode(iv).decode()
    return f"{base64_message}?iv={base64_iv}"
 def sign_message_hash(private_key: str, hash_: bytes) -> str:
@ -57,17 +8,6 @@ def sign_message_hash(private_key: str, hash_: bytes) -> str:
    return sig.hex()
 def test_decrypt_encrypt(encoded_message: str, encryption_key):
    msg = decrypt_message(encoded_message, encryption_key)
    # ecrypt using the same initialisation vector
    iv = base64.b64decode(encoded_message.split("?iv=")[1])
    ecrypted_msg = encrypt_message(msg, encryption_key, iv)
    assert (
        encoded_message == ecrypted_msg
    ), f"expected '{encoded_message}', but got '{ecrypted_msg}'"
 def normalize_public_key(pubkey: str) -> str:
    if pubkey.startswith("npub1"):
        _, decoded_data = bech32_decode(pubkey)
--- a/misc-docs/ORDER-DISCOVERY-ANALYSIS.md
+++ b/misc-docs/ORDER-DISCOVERY-ANALYSIS.md
@ -0,0 +1,320 @@
 # Nostrmarket Order Discovery Analysis
 ## Executive Summary
 This document analyzes the order discovery mechanism in the Nostrmarket extension and identifies why merchants must manually refresh to see new orders instead of receiving them automatically through persistent subscriptions.
 ---
 ## Current Architecture
 ### Two Subscription Systems
 The Nostrmarket extension implements two distinct subscription mechanisms for receiving Nostr events:
 #### 1. **Persistent Subscriptions (Background Task)**
 **Purpose**: Continuous monitoring for new orders, products, and merchant events
 **Implementation**:
 - Runs via `wait_for_nostr_events()` background task
 - Initiated on extension startup (15-second delay)
 - Creates subscription ID: `nostrmarket-{hash}`
 - Monitors all merchant public keys continuously
 **Code Location**: `/nostrmarket/tasks.py:37-49`
 ```python
 async def wait_for_nostr_events(nostr_client: NostrClient):
    while True:
        try:
            await subscribe_to_all_merchants()
            while True:
                message = await nostr_client.get_event()
                await process_nostr_message(message)
 ```
 **Subscription Filters**:
 - Direct messages (kind 4) - for orders
 - Stall events (kind 30017)
 - Product events (kind 30018)
 - Profile updates (kind 0)
 #### 2. **Temporary Subscriptions (Manual Refresh)**
 **Purpose**: Catch up on missed events when merchant clicks "Refresh from Nostr"
 **Implementation**:
 - Duration: 10 seconds only
 - Triggered by user action
 - Creates subscription ID: `merchant-{hash}`
 - Fetches ALL events from time=0
 **Code Location**: `/nostrmarket/nostr/nostr_client.py:100-120`
 ```python
 async def merchant_temp_subscription(self, pk, duration=10):
    dm_filters = self._filters_for_direct_messages([pk], 0)
    # ... creates filters with time=0 (all history)
    await self.send_req_queue.put(["REQ", subscription_id] + merchant_filters)
    asyncio.create_task(unsubscribe_with_delay(subscription_id, duration))
 ```
 ---
 ## Problem Identification
 ### Why Manual Refresh is Required
 #### **Issue 1: Timing Window Problem**
 The persistent subscription uses timestamps from the last database update:
 ```python
 async def subscribe_to_all_merchants():
    last_dm_time = await get_last_direct_messages_created_at()
    last_stall_time = await get_last_stall_update_time()
    last_prod_time = await get_last_product_update_time()
    await nostr_client.subscribe_merchants(
        public_keys, last_dm_time, last_stall_time, last_prod_time, 0
    )
 ```
 **Problem**: Events that occur between:
 - The last database update time
 - When the subscription becomes active
  ...are potentially missed
 #### **Issue 2: Connection Stability**
 The WebSocket connection between components may be unstable:
 ```
 [Nostrmarket] <--WebSocket--> [Nostrclient] <--WebSocket--> [Nostr Relays]
 Extension                      Extension                      (Global)
 ```
 **Potential failure points**:
 1. Connection drops between nostrmarket → nostrclient
 2. Connection drops between nostrclient → relays
 3. Reconnection doesn't re-establish subscriptions
 #### **Issue 3: Subscription State Management**
 **Current behavior**:
 - Single persistent subscription per merchant
 - No automatic resubscription on failure
 - No heartbeat/keepalive mechanism
 - No verification that subscription is active
 #### **Issue 4: Event Processing Delays**
 The startup sequence has intentional delays:
 ```python
 async def _subscribe_to_nostr_client():
    await asyncio.sleep(10)  # Wait for nostrclient
    await nostr_client.run_forever()
 async def _wait_for_nostr_events():
    await asyncio.sleep(15)  # Wait for extension init
    await wait_for_nostr_events(nostr_client)
 ```
 **Problem**: Orders arriving during initialization are missed
 ---
 ## Why Manual Refresh Works
 The temporary subscription succeeds because:
 1. **Fetches from time=0**: Gets ALL historical events
 2. **Fresh connection**: Creates new subscription request
 3. **Immediate processing**: No startup delays
 4. **Direct feedback**: User sees results immediately
 ```python
 # Temporary subscription uses time=0 (all events)
 dm_filters = self._filters_for_direct_messages([pk], 0)  # ← 0 means all time
 # Persistent subscription uses last update time
 dm_filters = self._filters_for_direct_messages(public_keys, dm_time)  # ← can miss events
 ```
 ---
 ## Impact Analysis
 ### User Experience Issues
 1. **Merchants miss orders** without manual refresh
 2. **No real-time notifications** for new orders
 3. **Uncertainty** about order status
 4. **Extra manual steps** required
 5. **Delayed order fulfillment**
 ### Technical Implications
 1. **Not truly decentralized** - requires active monitoring
 2. **Scalability concerns** - manual refresh doesn't scale
 3. **Reliability issues** - depends on user action
 4. **Performance overhead** - fetching all events repeatedly
 ---
 ## Recommended Solutions
 ### Solution A: Enhanced Persistent Subscriptions
 **Implement redundant subscription mechanisms:**
 ```python
 class EnhancedSubscriptionManager:
    def __init__(self):
        self.last_heartbeat = time.time()
        self.subscription_active = False
    async def maintain_subscription(self):
        while True:
            if not self.subscription_active or \
               time.time() - self.last_heartbeat > 30:
                await self.resubscribe_with_overlap()
            await asyncio.sleep(10)
    async def resubscribe_with_overlap(self):
        # Use timestamp with 5-minute overlap
        overlap_time = int(time.time()) - 300
        await subscribe_to_all_merchants(since=overlap_time)
 ```
 ### Solution B: Periodic Auto-Refresh
 **Add automatic temporary subscriptions:**
 ```python
 async def auto_refresh_loop():
    while True:
        await asyncio.sleep(60)  # Every minute
        merchants = await get_all_active_merchants()
        for merchant in merchants:
            await merchant_temp_subscription(merchant.pubkey, duration=5)
 ```
 ### Solution C: WebSocket Health Monitoring
 **Implement connection health checks:**
 ```python
 class WebSocketHealthMonitor:
    async def check_connection_health(self):
        try:
            # Send ping to nostrclient
            response = await nostr_client.ping(timeout=5)
            if not response:
                await self.reconnect_and_resubscribe()
        except Exception:
            await self.reconnect_and_resubscribe()
 ```
 ### Solution D: Event Gap Detection
 **Detect and fill gaps in event sequence:**
 ```python
 async def detect_event_gaps():
    # Check for gaps in event timestamps
    last_known = await get_last_event_time()
    current_time = int(time.time())
    if current_time - last_known > 60:  # 1 minute gap
        # Perform temporary subscription to fill gap
        await fetch_missing_events(since=last_known)
 ```
 ---
 ## Implementation Priority
 ### Phase 1: Quick Fixes (1-2 days)
 1. [DONE] Increase temp subscription duration (10s → 30s)
 2. [DONE] Add connection health logging
 3. [DONE] Reduce startup delays
 ### Phase 2: Reliability (3-5 days)
 1. [TODO] Implement subscription heartbeat
 2. [TODO] Add automatic resubscription on failure
 3. [TODO] Create event gap detection
 ### Phase 3: Full Solution (1-2 weeks)
 1. [TODO] WebSocket connection monitoring
 2. [TODO] Redundant subscription system
 3. [TODO] Real-time order notifications
 4. [TODO] Event deduplication logic
 ---
 ## Testing Recommendations
 ### Test Scenarios
 1. **Order during startup**: Send order within 15 seconds of server start
 2. **Long-running test**: Keep server running for 24 hours, send periodic orders
 3. **Connection interruption**: Disconnect nostrclient, send order, reconnect
 4. **High volume**: Send 100 orders rapidly
 5. **Network latency**: Add artificial delay between components
 ### Monitoring Metrics
 - Time between order sent → order discovered
 - Percentage of orders requiring manual refresh
 - WebSocket connection uptime
 - Subscription success rate
 - Event processing latency
 ---
 ## Conclusion
 The current order discovery system relies on manual refresh due to:
 1. **Timing gaps** in persistent subscriptions
 2. **Connection stability** issues
 3. **Lack of redundancy** in subscription management
 4. **No automatic recovery** mechanisms
 While the temporary subscription (manual refresh) provides a workaround, a proper solution requires implementing connection monitoring, subscription health checks, and automatic gap-filling mechanisms to ensure reliable real-time order discovery.
 ---
 ## Appendix: Code References
 ### Key Files
 - `/nostrmarket/tasks.py` - Background task management
 - `/nostrmarket/nostr/nostr_client.py` - Nostr client implementation
 - `/nostrmarket/services.py` - Order processing logic
 - `/nostrmarket/views_api.py` - API endpoints for refresh
 ### Relevant Functions
 - `wait_for_nostr_events()` - Main event loop
 - `subscribe_to_all_merchants()` - Persistent subscription
 - `merchant_temp_subscription()` - Manual refresh
 - `process_nostr_message()` - Event processing
 ---
 _Document prepared: January 2025_  
 _Analysis based on: Nostrmarket v1.0_  
 _Status: Active Investigation_
--- a/models.py
+++ b/models.py
@ -2,17 +2,12 @@ import json
 import time
 from abc import abstractmethod
 from enum import Enum
-from typing import Any
+from typing import Any, List, Optional, Tuple
 from lnbits.utils.exchange_rates import btc_price, fiat_amount_as_satoshis
 from pydantic import BaseModel
-from .helpers import (
+from .helpers import sign_message_hash
    decrypt_message,
    encrypt_message,
    get_shared_secret,
    sign_message_hash,
 )
 from .nostr.event import NostrEvent
 ######################################## NOSTR ########################################
@ -32,21 +27,28 @@ class Nostrable:
 class MerchantProfile(BaseModel):
-    name: str | None = None
+    name: Optional[str] = None
-    display_name: str | None = None
+    display_name: Optional[str] = None
-    about: str | None = None
+    about: Optional[str] = None
-    picture: str | None = None
+    picture: Optional[str] = None
-    banner: str | None = None
+    banner: Optional[str] = None
-    website: str | None = None
+    website: Optional[str] = None
-    nip05: str | None = None
+    nip05: Optional[str] = None
-    lud16: str | None = None
+    lud16: Optional[str] = None
 class MerchantConfig(MerchantProfile):
-    event_id: str | None = None
+    event_id: Optional[str] = None
    sync_from_nostr: bool = False
-    active: bool = False
+    # TODO: switched to True for AIO demo; determine if we leave this as True
-    restore_in_progress: bool | None = False
+    active: bool = True
    restore_in_progress: Optional[bool] = False
    # Set at runtime (not persisted) when account keypair != merchant keypair
    key_mismatch: Optional[bool] = False
 class CreateMerchantRequest(BaseModel):
    config: MerchantConfig = MerchantConfig()
 class PartialMerchant(BaseModel):
@ -57,33 +59,11 @@ class PartialMerchant(BaseModel):
 class Merchant(PartialMerchant, Nostrable):
    id: str
-    time: int | None = 0
+    time: Optional[int] = 0
    def sign_hash(self, hash_: bytes) -> str:
        return sign_message_hash(self.private_key, hash_)
    def decrypt_message(self, encrypted_message: str, public_key: str) -> str:
        encryption_key = get_shared_secret(self.private_key, public_key)
        return decrypt_message(encrypted_message, encryption_key)
    def encrypt_message(self, clear_text_message: str, public_key: str) -> str:
        encryption_key = get_shared_secret(self.private_key, public_key)
        return encrypt_message(clear_text_message, encryption_key)
    def build_dm_event(self, message: str, to_pubkey: str) -> NostrEvent:
        content = self.encrypt_message(message, to_pubkey)
        event = NostrEvent(
            pubkey=self.public_key,
            created_at=round(time.time()),
            kind=4,
            tags=[["p", to_pubkey]],
            content=content,
        )
        event.id = event.event_id
        event.sig = self.sign_hash(bytes.fromhex(event.id))
        return event
    @classmethod
    def from_row(cls, row: dict) -> "Merchant":
        merchant = cls(**row)
@ -139,11 +119,11 @@ class Merchant(PartialMerchant, Nostrable):
 ######################################## ZONES ########################################
 class Zone(BaseModel):
-    id: str | None = None
+    id: Optional[str] = None
-    name: str | None = None
+    name: Optional[str] = None
    currency: str
    cost: float
-    countries: list[str] = []
+    countries: List[str] = []
    @classmethod
    def from_row(cls, row: dict) -> "Zone":
@ -156,22 +136,22 @@ class Zone(BaseModel):
 class StallConfig(BaseModel):
-    image_url: str | None = None
+    image_url: Optional[str] = None
-    description: str | None = None
+    description: Optional[str] = None
 class Stall(BaseModel, Nostrable):
-    id: str | None = None
+    id: Optional[str] = None
    wallet: str
    name: str
    currency: str = "sat"
-    shipping_zones: list[Zone] = []
+    shipping_zones: List[Zone] = []
    config: StallConfig = StallConfig()
    pending: bool = False
    """Last published nostr event for this Stall"""
-    event_id: str | None = None
+    event_id: Optional[str] = None
-    event_created_at: int | None = None
+    event_created_at: Optional[int] = None
    def validate_stall(self):
        for z in self.shipping_zones:
@ -229,19 +209,19 @@ class ProductShippingCost(BaseModel):
 class ProductConfig(BaseModel):
-    description: str | None = None
+    description: Optional[str] = None
-    currency: str | None = None
+    currency: Optional[str] = None
-    use_autoreply: bool | None = False
+    use_autoreply: Optional[bool] = False
-    autoreply_message: str | None = None
+    autoreply_message: Optional[str] = None
-    shipping: list[ProductShippingCost] = []
+    shipping: List[ProductShippingCost] = []
 class Product(BaseModel, Nostrable):
-    id: str | None = None
+    id: Optional[str] = None
    stall_id: str
    name: str
-    categories: list[str] = []
+    categories: List[str] = []
-    images: list[str] = []
+    images: List[str] = []
    price: float
    quantity: int
    active: bool = True
@ -249,8 +229,8 @@ class Product(BaseModel, Nostrable):
    config: ProductConfig = ProductConfig()
    """Last published nostr event for this Product"""
-    event_id: str | None = None
+    event_id: Optional[str] = None
-    event_created_at: int | None = None
+    event_created_at: Optional[int] = None
    def to_nostr_event(self, pubkey: str) -> NostrEvent:
        content = {
@ -307,7 +287,7 @@ class ProductOverview(BaseModel):
    id: str
    name: str
    price: float
-    product_shipping_cost: float | None = None
+    product_shipping_cost: Optional[float] = None
    @classmethod
    def from_product(cls, p: Product) -> "ProductOverview":
@ -324,21 +304,21 @@ class OrderItem(BaseModel):
 class OrderContact(BaseModel):
-    nostr: str | None = None
+    nostr: Optional[str] = None
-    phone: str | None = None
+    phone: Optional[str] = None
-    email: str | None = None
+    email: Optional[str] = None
 class OrderExtra(BaseModel):
-    products: list[ProductOverview]
+    products: List[ProductOverview]
    currency: str
    btc_price: str
    shipping_cost: float = 0
    shipping_cost_sat: float = 0
-    fail_message: str | None = None
+    fail_message: Optional[str] = None
    @classmethod
-    async def from_products(cls, products: list[Product]):
+    async def from_products(cls, products: List[Product]):
        currency = products[0].config.currency if len(products) else "sat"
        exchange_rate = (
            await btc_price(currency) if currency and currency != "sat" else 1
@ -354,19 +334,19 @@ class OrderExtra(BaseModel):
 class PartialOrder(BaseModel):
    id: str
-    event_id: str | None = None
+    event_id: Optional[str] = None
-    event_created_at: int | None = None
+    event_created_at: Optional[int] = None
    public_key: str
    merchant_public_key: str
    shipping_id: str
-    items: list[OrderItem]
+    items: List[OrderItem]
-    contact: OrderContact | None = None
+    contact: Optional[OrderContact] = None
-    address: str | None = None
+    address: Optional[str] = None
    def validate_order(self):
        assert len(self.items) != 0, f"Order has no items. Order: '{self.id}'"
-    def validate_order_items(self, product_list: list[Product]):
+    def validate_order_items(self, product_list: List[Product]):
        assert len(self.items) != 0, f"Order has no items. Order: '{self.id}'"
        assert (
            len(product_list) != 0
@ -387,8 +367,8 @@ class PartialOrder(BaseModel):
                )
    async def costs_in_sats(
-        self, products: list[Product], shipping_id: str, stall_shipping_cost: float
+        self, products: List[Product], shipping_id: str, stall_shipping_cost: float
-    ) -> tuple[float, float]:
+    ) -> Tuple[float, float]:
        product_prices = {}
        for p in products:
            product_shipping_cost = next(
@ -417,7 +397,7 @@ class PartialOrder(BaseModel):
        return product_cost, stall_shipping_cost
    def receipt(
-        self, products: list[Product], shipping_id: str, stall_shipping_cost: float
+        self, products: List[Product], shipping_id: str, stall_shipping_cost: float
    ) -> str:
        if len(products) == 0:
            return "[No Products]"
@ -466,7 +446,7 @@ class Order(PartialOrder):
    total: float
    paid: bool = False
    shipped: bool = False
-    time: int | None = None
+    time: Optional[int] = None
    extra: OrderExtra
    @classmethod
@ -480,14 +460,14 @@ class Order(PartialOrder):
 class OrderStatusUpdate(BaseModel):
    id: str
-    message: str | None = None
+    message: Optional[str] = None
-    paid: bool | None = False
+    paid: Optional[bool] = False
-    shipped: bool | None = None
+    shipped: Optional[bool] = None
 class OrderReissue(BaseModel):
    id: str
-    shipping_id: str | None = None
+    shipping_id: Optional[str] = None
 class PaymentOption(BaseModel):
@ -497,8 +477,8 @@ class PaymentOption(BaseModel):
 class PaymentRequest(BaseModel):
    id: str
-    message: str | None = None
+    message: Optional[str] = None
-    payment_options: list[PaymentOption]
+    payment_options: List[PaymentOption]
 ######################################## MESSAGE #######################################
@ -514,16 +494,16 @@ class DirectMessageType(Enum):
 class PartialDirectMessage(BaseModel):
-    event_id: str | None = None
+    event_id: Optional[str] = None
-    event_created_at: int | None = None
+    event_created_at: Optional[int] = None
    message: str
    public_key: str
    type: int = DirectMessageType.PLAIN_TEXT.value
    incoming: bool = False
-    time: int | None = None
+    time: Optional[int] = None
    @classmethod
-    def parse_message(cls, msg) -> tuple[DirectMessageType, Any | None]:
+    def parse_message(cls, msg) -> Tuple[DirectMessageType, Optional[Any]]:
        try:
            msg_json = json.loads(msg)
            if "type" in msg_json:
@ -546,15 +526,15 @@ class DirectMessage(PartialDirectMessage):
 class CustomerProfile(BaseModel):
-    name: str | None = None
+    name: Optional[str] = None
-    about: str | None = None
+    about: Optional[str] = None
 class Customer(BaseModel):
    merchant_id: str
    public_key: str
-    event_created_at: int | None = None
+    event_created_at: Optional[int] = None
-    profile: CustomerProfile | None = None
+    profile: Optional[CustomerProfile] = None
    unread_messages: int = 0
    @classmethod
--- a/nostr/nip44.py
+++ b/nostr/nip44.py
@ -0,0 +1,180 @@
 """
 NIP-44 v2: Encrypted Payloads (Versioned)
 secp256k1 ECDH, HKDF, padding, ChaCha20, HMAC-SHA256, base64
 Reference: https://github.com/nostr-protocol/nips/blob/master/44.md
 """
 import base64
 import hashlib
 import hmac
 import math
 import secrets
 import struct
 import coincurve
 from cryptography.hazmat.primitives.ciphers import Cipher, algorithms
 from cryptography.hazmat.primitives.kdf.hkdf import HKDFExpand
 from cryptography.hazmat.primitives import hashes
 VERSION = 2
 MIN_PLAINTEXT_SIZE = 1
 MAX_PLAINTEXT_SIZE = 65535
 def get_conversation_key(private_key_hex: str, public_key_hex: str) -> bytes:
    """
    Calculate long-term conversation key between two users via ECDH + HKDF-extract.
    Symmetric: get_conversation_key(a, B) == get_conversation_key(b, A)
    """
    pk = coincurve.PublicKey(bytes.fromhex("02" + public_key_hex))
    sk = coincurve.PrivateKey(bytes.fromhex(private_key_hex))
    shared_point = pk.multiply(sk.secret)
    shared_x = shared_point.format(compressed=False)[1:33]
    # HKDF-extract only (not expand) with salt='nip44-v2'
    conversation_key = hmac.new(b"nip44-v2", shared_x, hashlib.sha256).digest()
    return conversation_key
 def get_message_keys(
    conversation_key: bytes, nonce: bytes
 ) -> tuple[bytes, bytes, bytes]:
    """
    Derive per-message keys from conversation_key and nonce using HKDF-expand.
    Returns (chacha_key, chacha_nonce, hmac_key).
    """
    if len(conversation_key) != 32:
        raise ValueError("invalid conversation_key length")
    if len(nonce) != 32:
        raise ValueError("invalid nonce length")
    keys = HKDFExpand(
        algorithm=hashes.SHA256(),
        length=76,
        info=nonce,
    ).derive(conversation_key)
    chacha_key = keys[0:32]
    chacha_nonce = keys[32:44]
    hmac_key = keys[44:76]
    return chacha_key, chacha_nonce, hmac_key
 def calc_padded_len(unpadded_len: int) -> int:
    """Calculate padded length using power-of-two chunking."""
    if unpadded_len <= 0:
        raise ValueError("invalid plaintext length")
    if unpadded_len <= 32:
        return 32
    next_power = 1 << (math.floor(math.log2(unpadded_len - 1)) + 1)
    if next_power <= 256:
        chunk = 32
    else:
        chunk = next_power // 8
    return chunk * (math.floor((unpadded_len - 1) / chunk) + 1)
 def _pad(plaintext: str) -> bytes:
    """Convert plaintext string to padded byte array."""
    unpadded = plaintext.encode("utf-8")
    unpadded_len = len(unpadded)
    if unpadded_len < MIN_PLAINTEXT_SIZE or unpadded_len > MAX_PLAINTEXT_SIZE:
        raise ValueError(
            f"invalid plaintext length: {unpadded_len} "
            f"(must be {MIN_PLAINTEXT_SIZE}..{MAX_PLAINTEXT_SIZE})"
        )
    prefix = struct.pack(">H", unpadded_len)
    padded_len = calc_padded_len(unpadded_len)
    suffix = b"\x00" * (padded_len - unpadded_len)
    return prefix + unpadded + suffix
 def _unpad(padded: bytes) -> str:
    """Convert padded byte array back to plaintext string."""
    unpadded_len = struct.unpack(">H", padded[0:2])[0]
    unpadded = padded[2 : 2 + unpadded_len]
    if (
        unpadded_len == 0
        or len(unpadded) != unpadded_len
        or len(padded) != 2 + calc_padded_len(unpadded_len)
    ):
        raise ValueError("invalid padding")
    return unpadded.decode("utf-8")
 def _hmac_aad(key: bytes, message: bytes, aad: bytes) -> bytes:
    """HMAC-SHA256 with AAD: hmac(key, aad || message)."""
    if len(aad) != 32:
        raise ValueError("AAD associated data must be 32 bytes")
    return hmac.new(key, aad + message, hashlib.sha256).digest()
 def _chacha20(key: bytes, nonce: bytes, data: bytes) -> bytes:
    """ChaCha20 encrypt/decrypt with initial counter = 0."""
    # cryptography's ChaCha20 takes a 16-byte nonce: 4-byte counter (LE) + 12-byte nonce
    full_nonce = b"\x00\x00\x00\x00" + nonce
    cipher = Cipher(algorithms.ChaCha20(key, full_nonce), mode=None)
    encryptor = cipher.encryptor()
    return encryptor.update(data) + encryptor.finalize()
 def _decode_payload(payload: str) -> tuple[bytes, bytes, bytes]:
    """Decode base64 payload into (nonce, ciphertext, mac)."""
    plen = len(payload)
    if plen == 0 or payload[0] == "#":
        raise ValueError("unknown version")
    if plen < 132 or plen > 87472:
        raise ValueError("invalid payload size")
    data = base64.b64decode(payload)
    dlen = len(data)
    if dlen < 99 or dlen > 65603:
        raise ValueError("invalid data size")
    vers = data[0]
    if vers != VERSION:
        raise ValueError(f"unknown version {vers}")
    nonce = data[1:33]
    ciphertext = data[33 : dlen - 32]
    mac = data[dlen - 32 : dlen]
    return nonce, ciphertext, mac
 def encrypt(
    plaintext: str,
    conversation_key: bytes,
    nonce: bytes | None = None,
 ) -> str:
    """
    Encrypt plaintext using NIP-44 v2.
    Returns base64-encoded payload.
    """
    if nonce is None:
        nonce = secrets.token_bytes(32)
    if len(nonce) != 32:
        raise ValueError("invalid nonce length")
    chacha_key, chacha_nonce, hmac_key = get_message_keys(conversation_key, nonce)
    padded = _pad(plaintext)
    ciphertext = _chacha20(chacha_key, chacha_nonce, padded)
    mac = _hmac_aad(hmac_key, ciphertext, nonce)
    return base64.b64encode(
        struct.pack("B", VERSION) + nonce + ciphertext + mac
    ).decode("ascii")
 def decrypt(payload: str, conversation_key: bytes) -> str:
    """
    Decrypt a NIP-44 v2 base64 payload.
    Returns plaintext string.
    """
    nonce, ciphertext, mac = _decode_payload(payload)
    chacha_key, chacha_nonce, hmac_key = get_message_keys(conversation_key, nonce)
    calculated_mac = _hmac_aad(hmac_key, ciphertext, nonce)
    if not hmac.compare_digest(calculated_mac, mac):
        raise ValueError("invalid MAC")
    padded_plaintext = _chacha20(chacha_key, chacha_nonce, ciphertext)
    return _unpad(padded_plaintext)
--- a/nostr/nip59.py
+++ b/nostr/nip59.py
@ -0,0 +1,178 @@
 """
 NIP-59: Gift Wrap
 Three-layer protocol for metadata-protected messaging:
  1. Rumor (unsigned event) — carries content, deniable if leaked
  2. Seal (kind 13) — encrypts rumor, signed by author, no recipient metadata
  3. Gift Wrap (kind 1059) — encrypts seal with ephemeral key, has recipient p-tag
 Reference: https://github.com/nostr-protocol/nips/blob/master/59.md
 """
 import json
 import secrets
 import time
 from typing import Optional
 import coincurve
 from .event import NostrEvent
 from .nip44 import decrypt as nip44_decrypt
 from .nip44 import encrypt as nip44_encrypt
 from .nip44 import get_conversation_key
 TWO_DAYS = 2 * 24 * 60 * 60
 def _random_past_timestamp() -> int:
    """Generate a timestamp randomly in the past 0-2 days for metadata protection."""
    return int(time.time()) - secrets.randbelow(TWO_DAYS)
 def _sign_event(event: NostrEvent, private_key_hex: str) -> NostrEvent:
    """Compute event id and sign it."""
    event.id = event.event_id
    sk = coincurve.PrivateKey(bytes.fromhex(private_key_hex))
    event.sig = sk.sign_schnorr(bytes.fromhex(event.id)).hex()
    return event
 def _pubkey_from_privkey(private_key_hex: str) -> str:
    """Derive x-only public key hex from private key hex."""
    sk = coincurve.PrivateKey(bytes.fromhex(private_key_hex))
    return sk.public_key.format(compressed=True)[1:].hex()
 def create_rumor(
    pubkey: str,
    content: str,
    kind: int = 14,
    tags: Optional[list[list[str]]] = None,
    created_at: Optional[int] = None,
 ) -> NostrEvent:
    """
    Create an unsigned rumor event.
    The event has an id but no signature, making it deniable.
    """
    event = NostrEvent(
        pubkey=pubkey,
        created_at=created_at or int(time.time()),
        kind=kind,
        tags=tags or [],
        content=content,
    )
    event.id = event.event_id
    # sig intentionally left as None (unsigned)
    return event
 def create_seal(
    rumor: NostrEvent,
    sender_privkey: str,
    recipient_pubkey: str,
 ) -> NostrEvent:
    """
    Create a kind 13 seal: encrypts the rumor for the recipient.
    Signed by the sender. Tags are always empty.
    """
    conv_key = get_conversation_key(sender_privkey, recipient_pubkey)
    encrypted_rumor = nip44_encrypt(rumor.stringify(), conv_key)
    seal = NostrEvent(
        pubkey=_pubkey_from_privkey(sender_privkey),
        created_at=_random_past_timestamp(),
        kind=13,
        tags=[],
        content=encrypted_rumor,
    )
    return _sign_event(seal, sender_privkey)
 def create_gift_wrap(
    seal: NostrEvent,
    recipient_pubkey: str,
 ) -> NostrEvent:
    """
    Create a kind 1059 gift wrap: encrypts the seal with an ephemeral key.
    The only public metadata is the recipient's p-tag.
    """
    ephemeral_privkey = secrets.token_bytes(32).hex()
    ephemeral_pubkey = _pubkey_from_privkey(ephemeral_privkey)
    conv_key = get_conversation_key(ephemeral_privkey, recipient_pubkey)
    encrypted_seal = nip44_encrypt(seal.stringify(), conv_key)
    wrap = NostrEvent(
        pubkey=ephemeral_pubkey,
        created_at=_random_past_timestamp(),
        kind=1059,
        tags=[["p", recipient_pubkey]],
        content=encrypted_seal,
    )
    return _sign_event(wrap, ephemeral_privkey)
 def unwrap_gift_wrap(
    gift_wrap: NostrEvent,
    recipient_privkey: str,
 ) -> NostrEvent:
    """
    Decrypt a kind 1059 gift wrap to reveal the inner seal.
    Uses the recipient's private key and the gift wrap's ephemeral pubkey.
    """
    conv_key = get_conversation_key(recipient_privkey, gift_wrap.pubkey)
    seal_json = nip44_decrypt(gift_wrap.content, conv_key)
    return NostrEvent(**json.loads(seal_json))
 def unseal(
    seal: NostrEvent,
    recipient_privkey: str,
 ) -> NostrEvent:
    """
    Decrypt a kind 13 seal to reveal the inner rumor.
    Uses the recipient's private key and the seal's pubkey (the sender).
    Validates that the rumor's pubkey matches the seal's pubkey.
    """
    conv_key = get_conversation_key(recipient_privkey, seal.pubkey)
    rumor_json = nip44_decrypt(seal.content, conv_key)
    rumor = NostrEvent(**json.loads(rumor_json))
    if rumor.pubkey != seal.pubkey:
        raise ValueError(
            f"rumor pubkey ({rumor.pubkey}) does not match "
            f"seal pubkey ({seal.pubkey})"
        )
    return rumor
 # --- Convenience functions ---
 def wrap_message(
    content: str,
    sender_privkey: str,
    sender_pubkey: str,
    recipient_pubkey: str,
    kind: int = 14,
    tags: Optional[list[list[str]]] = None,
 ) -> NostrEvent:
    """
    Full wrap pipeline: create rumor -> seal -> gift wrap.
    Returns the gift wrap event ready to publish.
    """
    rumor = create_rumor(sender_pubkey, content, kind=kind, tags=tags)
    seal = create_seal(rumor, sender_privkey, recipient_pubkey)
    return create_gift_wrap(seal, recipient_pubkey)
 def unwrap_message(
    gift_wrap: NostrEvent,
    recipient_privkey: str,
 ) -> NostrEvent:
    """
    Full unwrap pipeline: gift wrap -> seal -> rumor.
    Returns the rumor with sender pubkey and plaintext content.
    """
    seal = unwrap_gift_wrap(gift_wrap, recipient_privkey)
    return unseal(seal, recipient_privkey)
--- a/nostr/nostr_client.py
+++ b/nostr/nostr_client.py
@ -1,6 +1,8 @@
 import asyncio
 import json
 import time
 from asyncio import Queue
 from collections import OrderedDict
 from threading import Thread
 from typing import Callable, List, Optional
@ -12,6 +14,8 @@ from lnbits.helpers import encrypt_internal_message, urlsafe_short_hash
 from .event import NostrEvent
 MAX_SEEN_EVENTS = 1000
 class NostrClient:
    def __init__(self):
@ -20,6 +24,8 @@ class NostrClient:
        self.ws: Optional[WebSocketApp] = None
        self.subscription_id = "nostrmarket-" + urlsafe_short_hash()[:32]
        self.running = False
        self._seen_events: OrderedDict[str, None] = OrderedDict()
        self.last_event_at: float = 0
    @property
    def is_websocket_connected(self):
@ -31,9 +37,11 @@ class NostrClient:
        logger.debug(f"Connecting to websockets for 'nostrclient' extension...")
        relay_endpoint = encrypt_internal_message("relay", urlsafe=True)
        ws_url = f"ws://localhost:{settings.port}/nostrclient/api/v1/{relay_endpoint}"
        on_open, on_message, on_error, on_close = self._ws_handlers()
        ws = WebSocketApp(
-            f"ws://localhost:{settings.port}/nostrclient/api/v1/{relay_endpoint}",
+            ws_url,
            on_message=on_message,
            on_open=on_open,
            on_close=on_close,
@ -62,10 +70,21 @@ class NostrClient:
                logger.warning(ex)
                await asyncio.sleep(60)
    def is_duplicate_event(self, event_id: str) -> bool:
        """Check if an event has been seen recently. Returns True if duplicate."""
        if event_id in self._seen_events:
            return True
        self._seen_events[event_id] = None
        if len(self._seen_events) > MAX_SEEN_EVENTS:
            self._seen_events.popitem(last=False)
        return False
    async def get_event(self):
        value = await self.recieve_event_queue.get()
        if isinstance(value, ValueError):
            logger.error(f"[NOSTRMARKET] ❌ Queue returned error: {value}")
            raise value
        self.last_event_at = time.time()
        return value
    async def publish_nostr_event(self, e: NostrEvent):
@ -91,10 +110,6 @@ class NostrClient:
        self.subscription_id = "nostrmarket-" + urlsafe_short_hash()[:32]
        await self.send_req_queue.put(["REQ", self.subscription_id] + merchant_filters)
        logger.debug(
            f"Subscribing to events for: {len(public_keys)} keys. New subscription id: {self.subscription_id}"
        )
    async def merchant_temp_subscription(self, pk, duration=10):
        dm_filters = self._filters_for_direct_messages([pk], 0)
        stall_filters = self._filters_for_stall_events([pk], 0)
@ -135,13 +150,13 @@ class NostrClient:
            logger.debug(ex)
    def _filters_for_direct_messages(self, public_keys: List[str], since: int) -> List:
-        in_messages_filter = {"kinds": [4], "#p": public_keys}
+        # NIP-17/NIP-59: subscribe to kind 1059 gift wraps addressed to our merchants.
-        out_messages_filter = {"kinds": [4], "authors": public_keys}
+        # With gift wrapping, outgoing messages are self-wrapped (same p-tag filter).
        gift_wrap_filter: dict = {"kinds": [1059], "#p": public_keys}
        if since and since != 0:
-            in_messages_filter["since"] = since
+            gift_wrap_filter["since"] = since
            out_messages_filter["since"] = since
-        return [in_messages_filter, out_messages_filter]
+        return [gift_wrap_filter]
    def _filters_for_stall_events(self, public_keys: List[str], since: int) -> List:
        stall_filter = {"kinds": [30017], "authors": public_keys}
@ -175,16 +190,21 @@ class NostrClient:
    def _ws_handlers(self):
        def on_open(_):
-            logger.info("Connected to 'nostrclient' websocket")
+            logger.debug("[NOSTRMARKET DEBUG] ✅ Connected to 'nostrclient' websocket successfully")
        def on_message(_, message):
-            self.recieve_event_queue.put_nowait(message)
+            logger.debug(f"[NOSTRMARKET DEBUG] 📨 Received websocket message: {message[:200]}...")
            try:
                self.recieve_event_queue.put_nowait(message)
                logger.debug(f"[NOSTRMARKET DEBUG] 📤 Message queued successfully")
            except Exception as e:
                logger.error(f"[NOSTRMARKET] ❌ Failed to queue message: {e}")
        def on_error(_, error):
-            logger.warning(error)
+            logger.warning(f"[NOSTRMARKET] ❌ Websocket error: {error}")
        def on_close(x, status_code, message):
-            logger.warning(f"Websocket closed: {x}: '{status_code}' '{message}'")
+            logger.warning(f"[NOSTRMARKET] 🔌 Websocket closed: {x}: '{status_code}' '{message}'")
            # force re-subscribe
            self.recieve_event_queue.put_nowait(ValueError("Websocket close."))
--- a/services.py
+++ b/services.py
@ -1,7 +1,8 @@
 import asyncio
 import json
 from typing import List, Optional, Tuple
-from bolt11 import decode
+from lnbits.bolt11 import decode
 from lnbits.core.crud import get_wallet
 from lnbits.core.services import create_invoice, websocket_updater
 from loguru import logger
@ -11,9 +12,11 @@ from .crud import (
    CustomerProfile,
    create_customer,
    create_direct_message,
    create_merchant,
    create_order,
    create_product,
    create_stall,
    create_zone,
    get_customer,
    get_last_direct_messages_created_at,
    get_last_product_update_time,
@ -41,6 +44,7 @@ from .models import (
    DirectMessage,
    DirectMessageType,
    Merchant,
    MerchantConfig,
    Nostrable,
    Order,
    OrderContact,
@ -48,22 +52,26 @@ from .models import (
    OrderItem,
    OrderStatusUpdate,
    PartialDirectMessage,
    PartialMerchant,
    PartialOrder,
    PaymentOption,
    PaymentRequest,
    Product,
    Stall,
    Zone,
 )
 from .nostr.event import NostrEvent
 from .nostr.nip59 import unwrap_message, wrap_message
 async def create_new_order(
    merchant_public_key: str, data: PartialOrder
-) -> PaymentRequest | None:
+) -> Optional[PaymentRequest]:
    merchant = await get_merchant_by_pubkey(merchant_public_key)
    assert merchant, "Cannot find merchant for order!"
-    if await get_order(merchant.id, data.id):
+    existing_order = await get_order(merchant.id, data.id)
    if existing_order:
        return None
    if data.event_id and await get_order_by_event_id(merchant.id, data.event_id):
        return None
@ -73,20 +81,24 @@ async def create_new_order(
    )
    await create_order(merchant.id, order)
-    return PaymentRequest(
+    payment_request = PaymentRequest(
        id=data.id,
        payment_options=[PaymentOption(type="ln", link=invoice)],
        message=receipt,
    )
    return payment_request
 async def build_order_with_payment(
    merchant_id: str, merchant_public_key: str, data: PartialOrder
 ):
    products = await get_products_by_ids(
        merchant_id, [p.product_id for p in data.items]
    )
    data.validate_order_items(products)
    shipping_zone = await get_zone(merchant_id, data.shipping_id)
    assert shipping_zone, f"Shipping zone not found for order '{data.id}'"
@ -94,6 +106,7 @@ async def build_order_with_payment(
    product_cost_sat, shipping_cost_sat = await data.costs_in_sats(
        products, shipping_zone.id, shipping_zone.cost
    )
    receipt = data.receipt(products, shipping_zone.id, shipping_zone.cost)
    wallet_id = await get_wallet_for_product(data.items[0].product_id)
@ -104,11 +117,13 @@ async def build_order_with_payment(
        merchant_id, product_ids, data.items
    )
    if not success:
        logger.error(f"[NOSTRMARKET] ❌ Product quantity check failed: {message}")
        raise ValueError(message)
    total_amount_sat = round(product_cost_sat + shipping_cost_sat)
    payment = await create_invoice(
        wallet_id=wallet_id,
-        amount=round(product_cost_sat + shipping_cost_sat),
+        amount=total_amount_sat,
        memo=f"Order '{data.id}' for pubkey '{data.public_key}'",
        extra={
            "tag": "nostrmarket",
@ -136,7 +151,7 @@ async def update_merchant_to_nostr(
    merchant: Merchant, delete_merchant=False
 ) -> Merchant:
    stalls = await get_stalls(merchant.id)
-    event: NostrEvent | None = None
+    event: Optional[NostrEvent] = None
    for stall in stalls:
        assert stall.id
        products = await get_products(merchant.id, stall.id)
@ -170,6 +185,72 @@ async def sign_and_send_to_nostr(
    return event
 async def provision_merchant(
    user_id: str,
    wallet_id: str,
    public_key: str,
    private_key: str,
    display_name: Optional[str] = None,
    config: Optional[MerchantConfig] = None,
 ) -> Merchant:
    """
    Provision a merchant with a default shipping zone and default stall,
    and publish the stall to Nostr relays.
    Single source of truth used by:
    - LNbits user-creation hook (eager, on signup) — see
      lnbits/core/services/users.py:_create_default_merchant
    - nostrmarket views_api._auto_create_merchant (lazy, on first GET
      /api/v1/merchant when a merchant is missing).
    Idempotent on the merchant: if a merchant with this pubkey already
    exists, returns it without recreating zone/stall.
    """
    existing = await get_merchant_by_pubkey(public_key)
    if existing:
        return existing
    partial_merchant = PartialMerchant(
        private_key=private_key,
        public_key=public_key,
        config=config or MerchantConfig(),
    )
    merchant = await create_merchant(user_id, partial_merchant)
    online_zone = Zone(
        id=f"online-{merchant.public_key}",
        name="Online",
        currency="sat",
        cost=0,
        countries=["Free (digital)"],
    )
    await create_zone(merchant.id, online_zone)
    name = display_name or "My"
    default_stall = Stall(
        wallet=wallet_id,
        name=f"{name}'s Store",
        currency="sat",
        shipping_zones=[online_zone],
    )
    default_stall = await create_stall(merchant.id, default_stall)
    # Publish the kind 30017 stall event so customers' clients can resolve
    # the stall name when they fetch products. Non-fatal on failure: a
    # later product publish (or webapp self-heal) will retry.
    try:
        stall_event = await sign_and_send_to_nostr(merchant, default_stall)
        default_stall.event_id = stall_event.id
        await update_stall(merchant.id, default_stall)
    except Exception as ex:
        logger.warning(
            f"[NOSTRMARKET] Failed to publish default stall for "
            f"merchant {merchant.id}: {ex}"
        )
    return merchant
 async def handle_order_paid(order_id: str, merchant_pubkey: str):
    try:
        order = await update_order_paid_status(order_id, True)
@ -220,7 +301,7 @@ async def notify_client_of_order_status(
 async def update_products_for_order(
    merchant: Merchant, order: Order
-) -> tuple[bool, str]:
+) -> Tuple[bool, str]:
    product_ids = [i.product_id for i in order.items]
    success, products, message = await compute_products_new_quantity(
        merchant.id, product_ids, order.items
@ -261,19 +342,34 @@ async def send_dm(
    other_pubkey: str,
    type_: int,
    dm_content: str,
-):
+) -> DirectMessage:
-    dm_event = merchant.build_dm_event(dm_content, other_pubkey)
+    # Wrap message to recipient via NIP-59 gift wrap
    gift_wrap = wrap_message(
        dm_content,
        merchant.private_key,
        merchant.public_key,
        other_pubkey,
    )
    dm = PartialDirectMessage(
-        event_id=dm_event.id,
+        event_id=gift_wrap.id,
-        event_created_at=dm_event.created_at,
+        event_created_at=gift_wrap.created_at,
        message=dm_content,
        public_key=other_pubkey,
        type=type_,
    )
    dm_reply = await create_direct_message(merchant.id, dm)
-    await nostr_client.publish_nostr_event(dm_event)
+    await nostr_client.publish_nostr_event(gift_wrap)
    # Also wrap a copy to self for archival
    self_wrap = wrap_message(
        dm_content,
        merchant.private_key,
        merchant.public_key,
        merchant.public_key,
    )
    await nostr_client.publish_nostr_event(self_wrap)
    await websocket_updater(
        merchant.id,
@ -286,11 +382,13 @@ async def send_dm(
        ),
    )
    return dm_reply
 async def compute_products_new_quantity(
-    merchant_id: str, product_ids: list[str], items: list[OrderItem]
+    merchant_id: str, product_ids: List[str], items: List[OrderItem]
-) -> tuple[bool, list[Product], str]:
+) -> Tuple[bool, List[Product], str]:
-    products: list[Product] = await get_products_by_ids(merchant_id, product_ids)
+    products: List[Product] = await get_products_by_ids(merchant_id, product_ids)
    for p in products:
        required_quantity = next(
@ -313,23 +411,38 @@ async def compute_products_new_quantity(
 async def process_nostr_message(msg: str):
    try:
-        type_, *rest = json.loads(msg)
+        parsed_msg = json.loads(msg)
        type_, *rest = parsed_msg
        if type_.upper() == "EVENT":
            if len(rest) < 2:
                logger.warning(f"[NOSTRMARKET] ⚠️ EVENT message missing data: {rest}")
                return
            _, event = rest
            event = NostrEvent(**event)
            # Deduplicate events (overlap resubscriptions may deliver duplicates)
            if nostr_client.is_duplicate_event(event.id):
                return
            if event.kind == 0:
                await _handle_customer_profile_update(event)
-            elif event.kind == 4:
+            elif event.kind == 1059:
-                await _handle_nip04_message(event)
+                await _handle_gift_wrap(event)
            elif event.kind == 30017:
                await _handle_stall(event)
            elif event.kind == 30018:
                await _handle_product(event)
            else:
                logger.info(f"[NOSTRMARKET] ❓ Unhandled event kind: {event.kind} - event: {event.id}")
            return
        else:
            logger.info(f"[NOSTRMARKET] 🔄 Non-EVENT message type: {type_}")
    except Exception as ex:
-        logger.debug(ex)
+        logger.error(f"[NOSTRMARKET] ❌ Error processing nostr message: {ex}")
        logger.error(f"[NOSTRMARKET] 📄 Raw message that failed: {msg}")
 async def create_or_update_order_from_dm(
@ -410,29 +523,41 @@ async def extract_customer_order_from_dm(
    return order
-async def _handle_nip04_message(event: NostrEvent):
+async def _handle_gift_wrap(event: NostrEvent):
-    merchant_public_key = event.pubkey
+    """Handle an incoming kind 1059 gift wrap event (NIP-59/NIP-17)."""
    merchant = await get_merchant_by_pubkey(merchant_public_key)
    p_tags = event.tag_values("p")
    if not p_tags:
        logger.warning(f"[NOSTRMARKET] ⚠️ Gift wrap has no p-tag: {event.id}")
        return
    # The p-tag identifies the recipient of the gift wrap
    recipient_pubkey = p_tags[0]
    merchant = await get_merchant_by_pubkey(recipient_pubkey)
    if not merchant:
-        p_tags = event.tag_values("p")
+        logger.warning(
-        if len(p_tags) and p_tags[0]:
+            f"[NOSTRMARKET] ⚠️ No merchant found for gift wrap recipient: {recipient_pubkey}"
            merchant_public_key = p_tags[0]
            merchant = await get_merchant_by_pubkey(merchant_public_key)
    assert merchant, f"Merchant not found for public key '{merchant_public_key}'"
    if event.pubkey == merchant_public_key:
        assert len(event.tag_values("p")) != 0, "Outgong message has no 'p' tag"
        clear_text_msg = merchant.decrypt_message(
            event.content, event.tag_values("p")[0]
        )
-        await _handle_outgoing_dms(event, merchant, clear_text_msg)
+        return
-    elif event.has_tag_value("p", merchant_public_key):
+
-        clear_text_msg = merchant.decrypt_message(event.content, event.pubkey)
+    try:
-        await _handle_incoming_dms(event, merchant, clear_text_msg)
+        rumor = unwrap_message(event, merchant.private_key)
-    else:
+    except Exception as ex:
-        logger.warning(f"Bad NIP04 event: '{event.id}'")
+        logger.error(f"[NOSTRMARKET] ❌ Failed to unwrap gift wrap {event.id}: {ex}")
        return
    sender_pubkey = rumor.pubkey
    if sender_pubkey == merchant.public_key:
        # This is a self-addressed wrap (outgoing message archive)
        # Extract the actual recipient from the rumor's p-tags
        rumor_p_tags = rumor.tag_values("p")
        if rumor_p_tags:
            await _handle_outgoing_dms(rumor, merchant, rumor.content)
        return
    # Incoming message from a customer
    await _handle_incoming_dms(rumor, merchant, rumor.content)
 async def _handle_incoming_dms(
@ -482,17 +607,18 @@ async def _handle_outgoing_dms(
 async def _handle_incoming_structured_dm(
    merchant: Merchant, dm: DirectMessage, json_data: dict
-) -> tuple[DirectMessageType, str | None]:
+) -> Tuple[DirectMessageType, Optional[str]]:
    try:
        if dm.type == DirectMessageType.CUSTOMER_ORDER.value and merchant.config.active:
            json_resp = await _handle_new_order(
                merchant.id, merchant.public_key, dm, json_data
            )
            return DirectMessageType.PAYMENT_REQUEST, json_resp
        else:
            logger.info(f"[NOSTRMARKET] Skipping order processing - type: {dm.type}, expected: {DirectMessageType.CUSTOMER_ORDER.value}, merchant_active: {merchant.config.active}")
    except Exception as ex:
-        logger.warning(ex)
+        logger.error(f"[NOSTRMARKET] Error in _handle_incoming_structured_dm: {ex}")
    return DirectMessageType.PLAIN_TEXT, None
@ -531,16 +657,21 @@ async def _persist_dm(
 async def reply_to_structured_dm(
    merchant: Merchant, customer_pubkey: str, dm_type: int, dm_reply: str
 ):
-    dm_event = merchant.build_dm_event(dm_reply, customer_pubkey)
+    gift_wrap = wrap_message(
        dm_reply,
        merchant.private_key,
        merchant.public_key,
        customer_pubkey,
    )
    dm = PartialDirectMessage(
-        event_id=dm_event.id,
+        event_id=gift_wrap.id,
-        event_created_at=dm_event.created_at,
+        event_created_at=gift_wrap.created_at,
        message=dm_reply,
        public_key=customer_pubkey,
        type=dm_type,
    )
    await create_direct_message(merchant.id, dm)
-    await nostr_client.publish_nostr_event(dm_event)
+    await nostr_client.publish_nostr_event(gift_wrap)
    await websocket_updater(
        merchant.id,
@ -573,9 +704,31 @@ async def _handle_new_order(
        wallet = await get_wallet(wallet_id)
        assert wallet, f"Cannot find wallet for product id: {first_product_id}"
        payment_req = await create_new_order(merchant_public_key, partial_order)
        if payment_req is None:
            # Return existing order data instead of creating a failed order
            existing_order = await get_order(merchant_id, partial_order.id)
            if existing_order and existing_order.invoice_id != "None":
                # Order exists with invoice, return existing payment request
                duplicate_response = json.dumps({
                    "type": DirectMessageType.PAYMENT_REQUEST.value,
                    "id": existing_order.id,
                    "message": "Order already received and processed",
                    "payment_options": []
                }, separators=(",", ":"), ensure_ascii=False)
                return duplicate_response
            else:
                # Order exists but no invoice, skip processing
                logger.info(f"[NOSTRMARKET] Order exists but no invoice, returning empty string")
                return ""
    except Exception as e:
-        logger.debug(e)
+        logger.error(f"[NOSTRMARKET] Error creating order: {e}")
        logger.error(f"[NOSTRMARKET] Order data: {json_data}")
        logger.error(f"[NOSTRMARKET] Exception type: {type(e).__name__}")
        logger.error(f"[NOSTRMARKET] Exception details: {str(e)}")
        payment_req = await create_new_failed_order(
            merchant_id,
            merchant_public_key,
@ -583,12 +736,17 @@ async def _handle_new_order(
            json_data,
            "Order received, but cannot be processed. Please contact merchant.",
        )
-    assert payment_req
+    
    if not payment_req:
        logger.error(f"[NOSTRMARKET] No payment request returned for order: {partial_order.id}")
        return ""
    response = {
        "type": DirectMessageType.PAYMENT_REQUEST.value,
        **payment_req.dict(),
    }
-    return json.dumps(response, separators=(",", ":"), ensure_ascii=False)
+    response_json = json.dumps(response, separators=(",", ":"), ensure_ascii=False)
    return response_json
 async def create_new_failed_order(
@ -621,8 +779,11 @@ async def subscribe_to_all_merchants():
    last_stall_time = await get_last_stall_update_time()
    last_prod_time = await get_last_product_update_time()
    # Make dm_time more lenient by subtracting 5 minutes to avoid missing recent events
    lenient_dm_time = max(0, last_dm_time - 300) if last_dm_time > 0 else 0
    await nostr_client.subscribe_merchants(
-        public_keys, last_dm_time, last_stall_time, last_prod_time, 0
+        public_keys, lenient_dm_time, last_stall_time, last_prod_time, 0
    )
--- a/static/components/merchant-tab.js
+++ b/static/components/merchant-tab.js
@ -19,9 +19,7 @@ window.app.component('merchant-tab', {
    'merchant-deleted',
    'toggle-merchant-state',
    'restart-nostr-connection',
-    'profile-updated',
+    'profile-updated'
    'import-key',
    'generate-key'
  ],
  data: function () {
    return {
@ -31,7 +29,13 @@ window.app.component('merchant-tab', {
  },
  computed: {
    marketClientUrl: function () {
-      return '/nostrmarket/market'
+      if (!this.publicKey) {
        return '/nostrmarket/market'
      }
      const url = new URL('/nostrmarket/market', window.location.origin)
      url.searchParams.set('merchant', this.publicKey)
      return url.pathname + url.search
    }
  },
  methods: {
--- a/static/js/index.js
+++ b/static/js/index.js
@ -13,19 +13,6 @@ window.app = Vue.createApp({
      orderPubkey: null,
      showKeys: false,
      stallCount: 0,
      importKeyDialog: {
        show: false,
        data: {
          privateKey: null
        }
      },
      generateKeyDialog: {
        show: false,
        privateKey: null,
        nsec: null,
        npub: null,
        showNsec: false
      },
      wsConnection: null,
      nostrStatus: {
        connected: false,
@ -49,49 +36,29 @@ window.app = Vue.createApp({
    }
  },
  methods: {
-    generateKeys: function () {
+    migrateKeys: async function () {
-      const privateKey = nostr.generatePrivateKey()
+      LNbits.utils
-      const publicKey = nostr.getPublicKey(privateKey)
+        .confirmDialog(
-      this.generateKeyDialog.privateKey = privateKey
+          'This will update your merchant to use your current account Nostr keypair ' +
-      this.generateKeyDialog.nsec = nostr.nip19.nsecEncode(privateKey)
+            'and republish all stalls and products under the new identity. ' +
-      this.generateKeyDialog.npub = nostr.nip19.npubEncode(publicKey)
+            'Existing orders and messages are preserved. Continue?'
-      this.generateKeyDialog.showNsec = false
+        )
-      this.generateKeyDialog.show = true
+        .onOk(async () => {
-    },
+          try {
-    confirmGenerateKey: async function () {
+            const {data} = await LNbits.api.request(
-      this.generateKeyDialog.show = false
+              'POST',
-      await this.createMerchant(this.generateKeyDialog.privateKey)
+              `/nostrmarket/api/v1/merchant/${this.merchant.id}/migrate-keys`,
-    },
+              this.g.user.wallets[0].adminkey
-    importKeys: async function () {
+            )
-      this.importKeyDialog.show = false
+            this.merchant = data
-      let privateKey = this.importKeyDialog.data.privateKey
+            this.$q.notify({
-      if (!privateKey) {
+              type: 'positive',
-        return
+              message: 'Merchant keys migrated and stalls republished'
-      }
+            })
-      try {
+          } catch (error) {
-        if (privateKey.toLowerCase().startsWith('nsec')) {
+            LNbits.utils.notifyApiError(error)
-          privateKey = nostr.nip19.decode(privateKey).data
+          }
        }
        // Check if this key is already in use
        const publicKey = nostr.getPublicKey(privateKey)
        if (this.merchant?.public_key === publicKey) {
          this.$q.notify({
            type: 'warning',
            message: 'This key is already your current profile'
          })
          return
        }
      } catch (error) {
        this.$q.notify({
          type: 'negative',
          message: `${error}`
        })
        return
      }
      await this.createMerchant(privateKey)
    },
    showImportKeysDialog: async function () {
      this.importKeyDialog.show = true
    },
    toggleShowKeys: function () {
      this.showKeys = !this.showKeys
@ -143,12 +110,9 @@ window.app = Vue.createApp({
      this.showKeys = false
      this.stallCount = 0
    },
-    createMerchant: async function (privateKey) {
+    createMerchant: async function () {
      try {
        const pubkey = nostr.getPublicKey(privateKey)
        const payload = {
          private_key: privateKey,
          public_key: pubkey,
          config: {}
        }
        const {data} = await LNbits.api.request(
@ -409,7 +373,11 @@ window.app = Vue.createApp({
    }
  },
  created: async function () {
-    await this.getMerchant()
+    const merchant = await this.getMerchant()
    if (!merchant) {
      // Auto-create merchant using the account's existing Nostr keypair
      await this.createMerchant()
    }
    await this.checkNostrStatus()
    setInterval(async () => {
      if (
--- a/static/market/js/utils.js
+++ b/static/market/js/utils.js
@ -1,5 +1,43 @@
 var NostrTools = window.NostrTools
 ;(function ensureRandomUUID() {
    if (!globalThis.crypto) {
        globalThis.crypto = {}
    }
    if (!globalThis.crypto.randomUUID) {
        globalThis.crypto.randomUUID = function () {
            const getRandomValues = globalThis.crypto.getRandomValues
            if (getRandomValues) {
                const bytes = new Uint8Array(16)
                getRandomValues.call(globalThis.crypto, bytes)
                bytes[6] = (bytes[6] & 0x0f) | 0x40
                bytes[8] = (bytes[8] & 0x3f) | 0x80
                const hex = Array.from(bytes, b =>
                    b.toString(16).padStart(2, '0')
                ).join('')
                return (
                    hex.slice(0, 8) +
                    '-' +
                    hex.slice(8, 12) +
                    '-' +
                    hex.slice(12, 16) +
                    '-' +
                    hex.slice(16, 20) +
                    '-' +
                    hex.slice(20)
                )
            }
            let d = Date.now()
            return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, c => {
                const r = (d + Math.random() * 16) % 16 | 0
                d = Math.floor(d / 16)
                return (c === 'x' ? r : (r & 0x3) | 0x8).toString(16)
            })
        }
    }
 })()
 var defaultRelays = [
    'wss://relay.damus.io',
    'wss://relay.snort.social',
@ -44,13 +82,24 @@ function confirm(message) {
 async function hash(string) {
-    const utf8 = new TextEncoder().encode(string)
+    const subtle = globalThis.crypto && globalThis.crypto.subtle
-    const hashBuffer = await crypto.subtle.digest('SHA-256', utf8)
+    if (subtle && subtle.digest) {
-    const hashArray = Array.from(new Uint8Array(hashBuffer))
+        const utf8 = new TextEncoder().encode(string)
-    const hashHex = hashArray
+        const hashBuffer = await subtle.digest('SHA-256', utf8)
-        .map(bytes => bytes.toString(16).padStart(2, '0'))
+        const hashArray = Array.from(new Uint8Array(hashBuffer))
-        .join('')
+        return hashArray.map(bytes => bytes.toString(16).padStart(2, '0')).join('')
-    return hashHex
+    }
    // Fallback for non-secure contexts where crypto.subtle is unavailable.
    return fallbackHash(string)
 }
 function fallbackHash(string) {
    let hash = 5381
    for (let i = 0; i < string.length; i++) {
        hash = ((hash << 5) + hash) + string.charCodeAt(i)
    }
    return (hash >>> 0).toString(16).padStart(8, '0')
 }
 function isJson(str) {
--- a/tasks.py
+++ b/tasks.py
@ -1,4 +1,5 @@
 import asyncio
 import time
 from asyncio import Queue
 from lnbits.core.models import Payment
@ -9,9 +10,13 @@ from .nostr.nostr_client import NostrClient
 from .services import (
    handle_order_paid,
    process_nostr_message,
    resubscribe_to_all_merchants,
    subscribe_to_all_merchants,
 )
 HEALTH_CHECK_INTERVAL = 30  # seconds between health checks
 STALE_THRESHOLD = 120  # seconds without events before resubscribing
 async def wait_for_paid_invoices():
    invoice_queue = Queue()
@ -35,13 +40,38 @@ async def on_invoice_paid(payment: Payment) -> None:
 async def wait_for_nostr_events(nostr_client: NostrClient):
    logger.info("[NOSTRMARKET] Starting wait_for_nostr_events task")
    while True:
        try:
            logger.info("[NOSTRMARKET] Subscribing to all merchants...")
            await subscribe_to_all_merchants()
            while True:
                message = await nostr_client.get_event()
                await process_nostr_message(message)
        except Exception as e:
-            logger.warning(f"Subcription failed. Will retry in one minute: {e}")
+            logger.warning(f"[NOSTRMARKET] Subscription failed. Retrying in 10s: {e}")
            await asyncio.sleep(10)
 async def subscription_health_monitor(nostr_client: NostrClient):
    """
    Periodically check if events are flowing. If no events have been
    received for STALE_THRESHOLD seconds, force a resubscription with
    overlap to catch any missed events.
    """
    logger.info("[NOSTRMARKET] Starting subscription health monitor")
    while True:
        await asyncio.sleep(HEALTH_CHECK_INTERVAL)
        try:
            if not nostr_client.is_websocket_connected:
                continue
            elapsed = time.time() - nostr_client.last_event_at
            if nostr_client.last_event_at > 0 and elapsed > STALE_THRESHOLD:
                logger.warning(
                    f"[NOSTRMARKET] ⚠️ No events for {elapsed:.0f}s, resubscribing..."
                )
                await resubscribe_to_all_merchants()
        except Exception as e:
            logger.error(f"[NOSTRMARKET] Health monitor error: {e}")
--- a/templates/nostrmarket/components/merchant-tab.html
+++ b/templates/nostrmarket/components/merchant-tab.html
@ -9,29 +9,26 @@
            </div>
          </div>
          <div class="row q-mb-md q-gutter-sm">
            <q-btn
              outline
              color="primary"
              @click="showEditProfileDialog = true"
              icon="edit"
              >Edit</q-btn
            >
            <q-btn
              outline
              color="primary"
              icon="qr_code"
              @click="showKeysDialog = true"
            >
              <q-tooltip>Show Keys</q-tooltip>
            </q-btn>
            <q-btn-dropdown
              split
              outline
              color="primary"
-              icon="swap_horiz"
+              icon="vpn_key"
-              label="Switch"
+              label="Keys"
            >
              <q-list>
                <q-item clickable v-close-popup @click="showKeysDialog = true">
                  <q-item-section avatar>
                    <q-icon name="vpn_key" color="primary"></q-icon>
                  </q-item-section>
                  <q-item-section>
                    <q-item-label>View Keys</q-item-label>
                    <q-item-label caption
                      >Show public/private keys</q-item-label
                    >
                  </q-item-section>
                </q-item>
                <q-separator></q-separator>
                <q-item-label header>Saved Profiles</q-item-label>
                <q-item>
                  <q-item-section avatar>
@ -67,27 +64,15 @@
                    </q-btn>
                  </q-item-section>
                </q-item>
                <q-separator></q-separator>
                <q-item clickable v-close-popup @click="$emit('import-key')">
                  <q-item-section avatar>
                    <q-icon name="vpn_key" color="primary"></q-icon>
                  </q-item-section>
                  <q-item-section>
                    <q-item-label>Import Existing Key</q-item-label>
                    <q-item-label caption>Use an existing nsec</q-item-label>
                  </q-item-section>
                </q-item>
                <q-item clickable v-close-popup @click="$emit('generate-key')">
                  <q-item-section avatar>
                    <q-icon name="add" color="primary"></q-icon>
                  </q-item-section>
                  <q-item-section>
                    <q-item-label>Generate New Key</q-item-label>
                    <q-item-label caption>Create a fresh nsec</q-item-label>
                  </q-item-section>
                </q-item>
              </q-list>
            </q-btn-dropdown>
            <q-btn
              outline
              color="primary"
              @click="showEditProfileDialog = true"
              icon="edit"
              label="Edit Profile"
            ></q-btn>
            <q-btn-dropdown
              split
              outline
@ -140,6 +125,15 @@
                </q-item>
              </q-list>
            </q-btn-dropdown>
            <q-btn
              outline
              color="primary"
              icon="storefront"
              label="Marketplace"
              :href="marketClientUrl"
              target="_blank"
              rel="noopener"
            ></q-btn>
          </div>
        </q-card-section>
--- a/templates/nostrmarket/index.html
+++ b/templates/nostrmarket/index.html
@ -3,6 +3,26 @@
 <div class="row q-col-gutter-md">
  <div class="col-12 col-md-7 col-lg-8 q-gutter-y-md">
    <div v-if="merchant && merchant.id">
      <q-banner
        v-if="merchant.config && merchant.config.key_mismatch"
        class="bg-warning text-white q-mb-md"
        rounded
      >
        <template v-slot:avatar>
          <q-icon name="warning" color="white"></q-icon>
        </template>
        Your account Nostr keypair has changed since this merchant was created.
        The merchant is still using the old key. Migrate to republish your
        stalls and products under the new identity.
        <template v-slot:action>
          <q-btn
            flat
            color="white"
            label="Migrate Keys"
            @click="migrateKeys"
          ></q-btn>
        </template>
      </q-banner>
      <q-card>
        <div class="row items-center no-wrap">
          <q-tabs
@ -82,8 +102,6 @@
              @merchant-deleted="handleMerchantDeleted"
              @toggle-merchant-state="toggleMerchantState"
              @restart-nostr-connection="restartNostrConnection"
              @import-key="showImportKeysDialog"
              @generate-key="generateKeys"
              @profile-updated="getMerchant"
            ></merchant-tab>
          </q-tab-panel>
@ -124,58 +142,9 @@
      </q-card>
    </div>
    <q-card v-else>
-      <q-card-section>
+      <q-card-section class="text-center q-pa-xl">
-        <span class="text-h4">Welcome to Nostr Market!</span><br />
+        <q-spinner color="primary" size="3em" class="q-mb-md"></q-spinner>
-        In Nostr Market, merchant and customer communicate via NOSTR relays, so
+        <div class="text-h6">Setting up Nostr Market...</div>
        loss of money, product information, and reputation become far less
        likely if attacked.
      </q-card-section>
      <q-card-section>
        <span class="text-h4">Terms</span><br />
        <ul>
          <li>
            <span class="text-bold">merchant</span> - seller of products with
            NOSTR key-pair
          </li>
          <li>
            <span class="text-bold">customer</span> - buyer of products with
            NOSTR key-pair
          </li>
          <li>
            <span class="text-bold">product</span> - item for sale by the
            merchant
          </li>
          <li>
            <span class="text-bold">stall</span> - list of products controlled
            by merchant (a merchant can have multiple stalls)
          </li>
          <li>
            <span class="text-bold">marketplace</span> - clientside software for
            searching stalls and purchasing products
          </li>
        </ul>
      </q-card-section>
      <q-card-section>
        <div class="row">
          <div class="col-12">
            <q-btn
              @click="showImportKeysDialog"
              label="Import Key"
              color="primary"
              class="float-left"
            >
              <q-tooltip> Use an existing private key (hex or npub) </q-tooltip>
            </q-btn>
            <q-btn
              label="Generate New Key"
              color="green"
              @click="generateKeys"
              class="float-right"
            >
              <q-tooltip> A new key pair will be generated for you </q-tooltip>
            </q-btn>
          </div>
        </div>
      </q-card-section>
    </q-card>
  </div>
@ -396,89 +365,6 @@
    </div>
  </div>
  <div>
    <q-dialog v-model="importKeyDialog.show" position="top">
      <q-card class="q-pa-lg q-pt-xl" style="width: 500px">
        <q-form @submit="importKeys" class="q-gutter-md">
          <q-input
            filled
            dense
            v-model.trim="importKeyDialog.data.privateKey"
            label="Private Key (hex or nsec)"
          ></q-input>
          <div class="row q-mt-lg">
            <q-btn
              unelevated
              color="primary"
              :disable="!importKeyDialog.data.privateKey"
              type="submit"
              >Import</q-btn
            >
            <q-btn v-close-popup flat color="grey" class="q-ml-auto"
              >Cancel</q-btn
            >
          </div>
        </q-form>
      </q-card>
    </q-dialog>
  </div>
  <!-- Generate Key Dialog -->
  <q-dialog v-model="generateKeyDialog.show" position="top">
    <q-card class="q-pa-lg q-pt-xl" style="width: 500px">
      <div class="text-h6 q-mb-md">Generate New Key</div>
      <div class="q-mb-md">
        <div class="text-subtitle2 q-mb-xs">Public Key (npub)</div>
        <q-input :model-value="generateKeyDialog.npub" readonly dense outlined>
          <template v-slot:append>
            <q-btn
              flat
              dense
              icon="content_copy"
              @click="copyText(generateKeyDialog.npub, 'npub copied!')"
            ></q-btn>
          </template>
        </q-input>
      </div>
      <div class="q-mb-md">
        <div class="text-subtitle2 q-mb-xs text-warning">
          <q-icon name="warning" size="xs"></q-icon>
          Private Key (nsec)
        </div>
        <q-input
          :model-value="generateKeyDialog.showNsec ? generateKeyDialog.nsec : '••••••••••••••••••••••••••••••••••••••••••••••'"
          readonly
          dense
          outlined
        >
          <template v-slot:append>
            <q-btn
              flat
              dense
              :icon="generateKeyDialog.showNsec ? 'visibility_off' : 'visibility'"
              @click="generateKeyDialog.showNsec = !generateKeyDialog.showNsec"
            ></q-btn>
            <q-btn
              flat
              dense
              icon="content_copy"
              @click="copyText(generateKeyDialog.nsec, 'nsec copied! Keep it safe!')"
            ></q-btn>
          </template>
        </q-input>
        <div class="text-caption text-negative q-mt-xs">
          <q-icon name="error" size="xs"></q-icon>
          Never share your private key!
        </div>
      </div>
      <div class="row q-mt-lg">
        <q-btn unelevated color="primary" @click="confirmGenerateKey"
          >Create Merchant</q-btn
        >
        <q-btn v-close-popup flat color="grey" class="q-ml-auto">Cancel</q-btn>
      </div>
    </q-card>
  </q-dialog>
 </div>
 {% endblock%}{% block scripts %} {{ window_vars(user) }}
--- a/tests/conftest.py
+++ b/tests/conftest.py
@ -0,0 +1,27 @@
 """
 Stub out the nostrmarket root package and all LNbits dependencies so that
 nostr/* unit tests can run without the full LNbits environment.
 pytest walks up from tests/ and tries to import the parent __init__.py,
 which pulls in fastapi, lnbits, websocket, etc. We preemptively register
 the parent package as a simple module so that import never happens.
 """
 import sys
 import types
 from pathlib import Path
 # Register 'nostrmarket' as an already-imported namespace package
 # pointing at the extension root, so pytest doesn't try to exec __init__.py
 _ext_root = Path(__file__).resolve().parent.parent
 _pkg = types.ModuleType("nostrmarket")
 _pkg.__path__ = [str(_ext_root)]
 _pkg.__package__ = "nostrmarket"
 sys.modules["nostrmarket"] = _pkg
 # Also ensure the nostr subpackage is importable
 _nostr_dir = _ext_root / "nostr"
 _nostr_pkg = types.ModuleType("nostrmarket.nostr")
 _nostr_pkg.__path__ = [str(_nostr_dir)]
 _nostr_pkg.__package__ = "nostrmarket.nostr"
 sys.modules["nostrmarket.nostr"] = _nostr_pkg
--- a/tests/test_nip44.py
+++ b/tests/test_nip44.py
@ -0,0 +1,139 @@
 """Tests for NIP-44 v2 encryption against official spec test vectors."""
 import coincurve
 import pytest
 from nostr.nip44 import (
    calc_padded_len,
    decrypt,
    encrypt,
    get_conversation_key,
    get_message_keys,
 )
 def pubkey_from_secret(secret_hex: str) -> str:
    """Derive x-only public key hex from secret key hex."""
    sk = coincurve.PrivateKey(bytes.fromhex(secret_hex))
    return sk.public_key.format(compressed=True)[1:].hex()
 # --- Test vector from NIP-44 spec ---
 SPEC_VECTOR = {
    "sec1": "0000000000000000000000000000000000000000000000000000000000000001",
    "sec2": "0000000000000000000000000000000000000000000000000000000000000002",
    "conversation_key": "c41c775356fd92eadc63ff5a0dc1da211b268cbea22316767095b2871ea1412d",
    "nonce": "0000000000000000000000000000000000000000000000000000000000000001",
    "plaintext": "a",
    "payload": "AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABee0G5VSK0/9YypIObAtDKfYEAjD35uVkHyB0F4DwrcNaCXlCWZKaArsGrY6M9wnuTMxWfp1RTN9Xga8no+kF5Vsb",
 }
 class TestConversationKey:
    def test_spec_vector(self):
        pub2 = pubkey_from_secret(SPEC_VECTOR["sec2"])
        key = get_conversation_key(SPEC_VECTOR["sec1"], pub2)
        assert key.hex() == SPEC_VECTOR["conversation_key"]
    def test_symmetric(self):
        """conv(a, B) == conv(b, A)"""
        pub1 = pubkey_from_secret(SPEC_VECTOR["sec1"])
        pub2 = pubkey_from_secret(SPEC_VECTOR["sec2"])
        key_ab = get_conversation_key(SPEC_VECTOR["sec1"], pub2)
        key_ba = get_conversation_key(SPEC_VECTOR["sec2"], pub1)
        assert key_ab == key_ba
 class TestMessageKeys:
    def test_returns_correct_lengths(self):
        conv_key = bytes.fromhex(SPEC_VECTOR["conversation_key"])
        nonce = bytes.fromhex(SPEC_VECTOR["nonce"])
        chacha_key, chacha_nonce, hmac_key = get_message_keys(conv_key, nonce)
        assert len(chacha_key) == 32
        assert len(chacha_nonce) == 12
        assert len(hmac_key) == 32
    def test_rejects_bad_key_length(self):
        with pytest.raises(ValueError):
            get_message_keys(b"\x00" * 16, b"\x00" * 32)
    def test_rejects_bad_nonce_length(self):
        with pytest.raises(ValueError):
            get_message_keys(b"\x00" * 32, b"\x00" * 16)
 class TestPadding:
    @pytest.mark.parametrize(
        "unpadded,expected",
        [
            (1, 32),
            (2, 32),
            (31, 32),
            (32, 32),
            (33, 64),
            (64, 64),
            (65, 96),
            (256, 256),
            (257, 320),
            (1024, 1024),
            (65535, 65536),
        ],
    )
    def test_calc_padded_len(self, unpadded, expected):
        assert calc_padded_len(unpadded) == expected
    def test_rejects_zero(self):
        with pytest.raises(ValueError):
            calc_padded_len(0)
 class TestEncryptDecrypt:
    def test_spec_vector(self):
        conv_key = bytes.fromhex(SPEC_VECTOR["conversation_key"])
        nonce = bytes.fromhex(SPEC_VECTOR["nonce"])
        payload = encrypt(SPEC_VECTOR["plaintext"], conv_key, nonce)
        assert payload == SPEC_VECTOR["payload"]
    def test_spec_vector_decrypt(self):
        conv_key = bytes.fromhex(SPEC_VECTOR["conversation_key"])
        plaintext = decrypt(SPEC_VECTOR["payload"], conv_key)
        assert plaintext == SPEC_VECTOR["plaintext"]
    def test_round_trip_short(self):
        pub2 = pubkey_from_secret(SPEC_VECTOR["sec2"])
        conv_key = get_conversation_key(SPEC_VECTOR["sec1"], pub2)
        msg = "x"
        assert decrypt(encrypt(msg, conv_key), conv_key) == msg
    def test_round_trip_long(self):
        pub2 = pubkey_from_secret(SPEC_VECTOR["sec2"])
        conv_key = get_conversation_key(SPEC_VECTOR["sec1"], pub2)
        msg = "A" * 65535
        assert decrypt(encrypt(msg, conv_key), conv_key) == msg
    def test_round_trip_unicode(self):
        pub2 = pubkey_from_secret(SPEC_VECTOR["sec2"])
        conv_key = get_conversation_key(SPEC_VECTOR["sec1"], pub2)
        msg = "hello world! \U0001f680\U0001f30e\U0001f4ac"
        assert decrypt(encrypt(msg, conv_key), conv_key) == msg
    def test_tampered_mac_rejected(self):
        conv_key = bytes.fromhex(SPEC_VECTOR["conversation_key"])
        payload = SPEC_VECTOR["payload"]
        tampered = payload[:-1] + ("a" if payload[-1] != "a" else "b")
        with pytest.raises(ValueError, match="invalid MAC"):
            decrypt(tampered, conv_key)
    def test_empty_plaintext_rejected(self):
        conv_key = bytes.fromhex(SPEC_VECTOR["conversation_key"])
        with pytest.raises(ValueError, match="invalid plaintext length"):
            encrypt("", conv_key)
    def test_unknown_version_rejected(self):
        with pytest.raises(ValueError, match="unknown version"):
            decrypt("#invalid", bytes(32))
    def test_short_payload_rejected(self):
        with pytest.raises(ValueError, match="invalid payload size"):
            decrypt("AAAA", bytes(32))
--- a/tests/test_nip59.py
+++ b/tests/test_nip59.py
@ -0,0 +1,191 @@
 """Tests for NIP-59 gift wrap protocol."""
 import json
 import time
 import coincurve
 import pytest
 from nostr.nip59 import (
    create_gift_wrap,
    create_rumor,
    create_seal,
    unseal,
    unwrap_gift_wrap,
    unwrap_message,
    wrap_message,
 )
 def _generate_keypair() -> tuple[str, str]:
    """Generate a (privkey_hex, pubkey_hex) pair."""
    sk = coincurve.PrivateKey()
    privkey = sk.secret.hex()
    pubkey = sk.public_key.format(compressed=True)[1:].hex()
    return privkey, pubkey
 SENDER_PRIV, SENDER_PUB = _generate_keypair()
 RECIPIENT_PRIV, RECIPIENT_PUB = _generate_keypair()
 class TestCreateRumor:
    def test_has_id_but_no_sig(self):
        rumor = create_rumor(SENDER_PUB, "hello", kind=14)
        assert rumor.id != ""
        assert rumor.sig is None
    def test_kind_and_content(self):
        rumor = create_rumor(SENDER_PUB, "test message", kind=14, tags=[["p", RECIPIENT_PUB]])
        assert rumor.kind == 14
        assert rumor.content == "test message"
        assert rumor.pubkey == SENDER_PUB
        assert ["p", RECIPIENT_PUB] in rumor.tags
    def test_custom_timestamp(self):
        ts = 1700000000
        rumor = create_rumor(SENDER_PUB, "hello", created_at=ts)
        assert rumor.created_at == ts
 class TestCreateSeal:
    def test_kind_13_with_empty_tags(self):
        rumor = create_rumor(SENDER_PUB, "hello")
        seal = create_seal(rumor, SENDER_PRIV, RECIPIENT_PUB)
        assert seal.kind == 13
        assert seal.tags == []
        assert seal.pubkey == SENDER_PUB
    def test_is_signed(self):
        rumor = create_rumor(SENDER_PUB, "hello")
        seal = create_seal(rumor, SENDER_PRIV, RECIPIENT_PUB)
        assert seal.sig is not None
        assert len(seal.sig) == 128  # 64 bytes hex
    def test_content_is_encrypted(self):
        rumor = create_rumor(SENDER_PUB, "hello")
        seal = create_seal(rumor, SENDER_PRIV, RECIPIENT_PUB)
        # Content should be base64 NIP-44 payload, not plaintext JSON
        assert "hello" not in seal.content
    def test_timestamp_is_randomized(self):
        rumor = create_rumor(SENDER_PUB, "hello")
        seal = create_seal(rumor, SENDER_PRIV, RECIPIENT_PUB)
        now = int(time.time())
        # Seal timestamp should be in the past (up to 2 days)
        assert seal.created_at <= now
        assert seal.created_at >= now - (2 * 24 * 60 * 60 + 10)
 class TestCreateGiftWrap:
    def test_kind_1059_with_p_tag(self):
        rumor = create_rumor(SENDER_PUB, "hello")
        seal = create_seal(rumor, SENDER_PRIV, RECIPIENT_PUB)
        wrap = create_gift_wrap(seal, RECIPIENT_PUB)
        assert wrap.kind == 1059
        assert ["p", RECIPIENT_PUB] in wrap.tags
    def test_uses_ephemeral_key(self):
        rumor = create_rumor(SENDER_PUB, "hello")
        seal = create_seal(rumor, SENDER_PRIV, RECIPIENT_PUB)
        wrap = create_gift_wrap(seal, RECIPIENT_PUB)
        # Gift wrap pubkey should be neither sender nor recipient
        assert wrap.pubkey != SENDER_PUB
        assert wrap.pubkey != RECIPIENT_PUB
    def test_different_wraps_have_different_ephemeral_keys(self):
        rumor = create_rumor(SENDER_PUB, "hello")
        seal = create_seal(rumor, SENDER_PRIV, RECIPIENT_PUB)
        wrap1 = create_gift_wrap(seal, RECIPIENT_PUB)
        wrap2 = create_gift_wrap(seal, RECIPIENT_PUB)
        assert wrap1.pubkey != wrap2.pubkey
 class TestUnwrap:
    def test_unwrap_gift_wrap_returns_seal(self):
        rumor = create_rumor(SENDER_PUB, "hello")
        seal = create_seal(rumor, SENDER_PRIV, RECIPIENT_PUB)
        wrap = create_gift_wrap(seal, RECIPIENT_PUB)
        recovered_seal = unwrap_gift_wrap(wrap, RECIPIENT_PRIV)
        assert recovered_seal.kind == 13
        assert recovered_seal.pubkey == SENDER_PUB
    def test_unseal_returns_rumor(self):
        rumor = create_rumor(SENDER_PUB, "hello world")
        seal = create_seal(rumor, SENDER_PRIV, RECIPIENT_PUB)
        recovered_rumor = unseal(seal, RECIPIENT_PRIV)
        assert recovered_rumor.content == "hello world"
        assert recovered_rumor.pubkey == SENDER_PUB
        assert recovered_rumor.kind == 14
    def test_wrong_key_fails(self):
        rumor = create_rumor(SENDER_PUB, "secret")
        seal = create_seal(rumor, SENDER_PRIV, RECIPIENT_PUB)
        wrap = create_gift_wrap(seal, RECIPIENT_PUB)
        wrong_priv, _ = _generate_keypair()
        with pytest.raises(Exception):
            unwrap_message(wrap, wrong_priv)
 class TestFullRoundTrip:
    def test_wrap_unwrap_message(self):
        content = "Are you going to the party tonight?"
        wrap = wrap_message(content, SENDER_PRIV, SENDER_PUB, RECIPIENT_PUB)
        assert wrap.kind == 1059
        assert ["p", RECIPIENT_PUB] in wrap.tags
        rumor = unwrap_message(wrap, RECIPIENT_PRIV)
        assert rumor.content == content
        assert rumor.pubkey == SENDER_PUB
        assert rumor.kind == 14
        assert rumor.sig is None
    def test_wrap_with_custom_kind_and_tags(self):
        tags = [["p", RECIPIENT_PUB], ["subject", "test"]]
        wrap = wrap_message(
            "order data",
            SENDER_PRIV,
            SENDER_PUB,
            RECIPIENT_PUB,
            kind=14,
            tags=tags,
        )
        rumor = unwrap_message(wrap, RECIPIENT_PRIV)
        assert rumor.content == "order data"
        assert rumor.kind == 14
        assert ["subject", "test"] in rumor.tags
    def test_self_wrap_for_archival(self):
        """Merchant wraps a copy to self (same sender and recipient)."""
        content = '{"type": 1, "payment_options": [{"type": "ln", "link": "lnbc..."}]}'
        wrap = wrap_message(content, SENDER_PRIV, SENDER_PUB, SENDER_PUB)
        rumor = unwrap_message(wrap, SENDER_PRIV)
        assert rumor.content == content
        assert rumor.pubkey == SENDER_PUB
    def test_json_content_preserved(self):
        """Order JSON payloads survive the wrap/unwrap cycle."""
        order = {
            "type": 0,
            "id": "test-order-123",
            "items": [{"product_id": "abc", "quantity": 2}],
            "shipping_id": "zone-1",
        }
        content = json.dumps(order)
        wrap = wrap_message(content, SENDER_PRIV, SENDER_PUB, RECIPIENT_PUB)
        rumor = unwrap_message(wrap, RECIPIENT_PRIV)
        recovered_order = json.loads(rumor.content)
        assert recovered_order == order
    def test_unicode_content(self):
        content = "Payment received! \u2705 Your order is being processed \U0001f4e6"
        wrap = wrap_message(content, SENDER_PRIV, SENDER_PUB, RECIPIENT_PUB)
        rumor = unwrap_message(wrap, RECIPIENT_PRIV)
        assert rumor.content == content
--- a/views_api.py
+++ b/views_api.py
@ -1,15 +1,18 @@
 import json
 from http import HTTPStatus
 from typing import List, Optional
 from fastapi import Depends
 from fastapi.exceptions import HTTPException
-from lnbits.core.models import WalletTypeInfo
+from lnbits.core.crud import get_account, update_account
 from lnbits.core.services import websocket_updater
 from lnbits.decorators import (
    WalletTypeInfo,
    require_admin_key,
    require_invoice_key,
 )
 from lnbits.utils.exchange_rates import currencies
 from lnbits.utils.nostr import generate_keypair
 from loguru import logger
 from . import nostr_client, nostrmarket_ext
@ -36,6 +39,7 @@ from .crud import (
    get_last_direct_messages_time,
    get_merchant_by_pubkey,
    get_merchant_for_user,
    update_merchant_keys,
    get_order,
    get_order_by_event_id,
    get_orders,
@ -58,6 +62,7 @@ from .crud import (
 )
 from .helpers import normalize_public_key
 from .models import (
    CreateMerchantRequest,
    Customer,
    DirectMessage,
    DirectMessageType,
@ -78,8 +83,10 @@ from .models import (
 from .services import (
    build_order_with_payment,
    create_or_update_order_from_dm,
    provision_merchant,
    reply_to_structured_dm,
    resubscribe_to_all_merchants,
    send_dm,
    sign_and_send_to_nostr,
    subscribe_to_all_merchants,
    update_merchant_to_nostr,
@ -88,34 +95,54 @@ from .services import (
 ######################################## MERCHANT ######################################
 async def _auto_create_merchant(
    wallet: WalletTypeInfo,
    config: MerchantConfig | None = None,
 ) -> Merchant:
    """
    Lazy fallback: provision a merchant from the user's account keypair when
    the LNbits-side eager provisioning didn't run (e.g., older accounts, or
    upstream LNbits without our signup hook).
    Delegates to services.provision_merchant — the canonical implementation.
    """
    account = await get_account(wallet.wallet.user)
    assert account, "User account not found"
    # In our fork, accounts always have keypairs. Generate as fallback only
    # if somehow missing (e.g., upstream LNbits where this isn't auto-set).
    if not account.pubkey or not account.prvkey:
        private_key, public_key = generate_keypair()
        account.pubkey = public_key
        account.prvkey = private_key
        await update_account(account)
    merchant = await provision_merchant(
        user_id=wallet.wallet.user,
        wallet_id=wallet.wallet.id,
        public_key=account.pubkey,
        private_key=account.prvkey,
        display_name=account.username,
        config=config,
    )
    await resubscribe_to_all_merchants()
    await nostr_client.merchant_temp_subscription(account.pubkey)
    return merchant
@nostrmarket_ext.post("/api/v1/merchant")
 async def api_create_merchant(
-    data: PartialMerchant,
+    data: CreateMerchantRequest,
    wallet: WalletTypeInfo = Depends(require_admin_key),
 ) -> Merchant:
    try:
-        merchant = await get_merchant_by_pubkey(data.public_key)
+        merchant = await get_merchant_for_user(wallet.wallet.user)
-        assert merchant is None, "A merchant already uses this public key"
+        assert merchant is None, "A merchant already exists for this user"
-        merchant = await create_merchant(wallet.wallet.user, data)
+        return await _auto_create_merchant(wallet, data.config)
        await create_zone(
            merchant.id,
            Zone(
                id=f"online-{merchant.public_key}",
                name="Online",
                currency="sat",
                cost=0,
                countries=["Free (digital)"],
            ),
        )
        await resubscribe_to_all_merchants()
        await nostr_client.merchant_temp_subscription(data.public_key)
        return merchant
    except AssertionError as ex:
        raise HTTPException(
            status_code=HTTPStatus.BAD_REQUEST,
@ -132,12 +159,13 @@ async def api_create_merchant(
@nostrmarket_ext.get("/api/v1/merchant")
 async def api_get_merchant(
    wallet: WalletTypeInfo = Depends(require_invoice_key),
-) -> Merchant | None:
+) -> Merchant:
    try:
        merchant = await get_merchant_for_user(wallet.wallet.user)
        if not merchant:
-            return None
+            # Auto-provision merchant from the user's account keypair
            merchant = await _auto_create_merchant(wallet)
        merchant = await touch_merchant(wallet.wallet.user, merchant.id)
        assert merchant
@ -145,6 +173,11 @@ async def api_get_merchant(
        assert merchant.time
        merchant.config.restore_in_progress = (merchant.time - last_dm_time) < 30
        # Detect keypair rotation: account key no longer matches merchant key
        account = await get_account(wallet.wallet.user)
        if account and account.pubkey and account.pubkey != merchant.public_key:
            merchant.config.key_mismatch = True
        return merchant
    except Exception as ex:
        logger.warning(ex)
@ -190,6 +223,76 @@ async def api_delete_merchant(
        await subscribe_to_all_merchants()
@nostrmarket_ext.post("/api/v1/merchant/{merchant_id}/migrate-keys")
 async def api_migrate_merchant_keys(
    merchant_id: str,
    wallet: WalletTypeInfo = Depends(require_admin_key),
 ) -> Merchant:
    """
    Migrate a merchant to the current account keypair.
    When a user rotates their Nostr keypair, the merchant still holds the old
    key. This endpoint updates the merchant's keys to match the account,
    then republishes all stalls and products under the new identity.
    Orders and DM history are preserved (they reference customer pubkeys,
    not the merchant key). Old stall/product events on relays become
    orphaned — clients following the new pubkey will see the fresh events.
    """
    try:
        merchant = await get_merchant_for_user(wallet.wallet.user)
        assert merchant, "Merchant cannot be found"
        assert merchant.id == merchant_id, "Wrong merchant ID"
        account = await get_account(wallet.wallet.user)
        assert account and account.pubkey and account.prvkey, (
            "Account has no Nostr keypair"
        )
        if account.pubkey == merchant.public_key:
            return merchant  # already in sync
        # Check no other merchant is using the new pubkey
        existing = await get_merchant_by_pubkey(account.pubkey)
        assert existing is None, (
            "Another merchant already uses this public key"
        )
        old_pubkey = merchant.public_key
        # Update merchant keys in DB
        merchant = await update_merchant_keys(
            wallet.wallet.user, merchant.id,
            account.prvkey, account.pubkey,
        )
        assert merchant
        # Republish all stalls and products under the new key
        merchant = await update_merchant_to_nostr(merchant)
        logger.info(
            f"[NOSTRMARKET] Migrated merchant {merchant.id} "
            f"from {old_pubkey[:16]}... to {account.pubkey[:16]}..."
        )
        # Resubscribe with new pubkey
        await resubscribe_to_all_merchants()
        return merchant
    except AssertionError as ex:
        raise HTTPException(
            status_code=HTTPStatus.BAD_REQUEST,
            detail=str(ex),
        ) from ex
    except Exception as ex:
        logger.warning(ex)
        raise HTTPException(
            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
            detail="Cannot migrate merchant keys",
        ) from ex
@nostrmarket_ext.patch("/api/v1/merchant/{merchant_id}")
 async def api_update_merchant(
    merchant_id: str,
@ -329,7 +432,7 @@ async def api_delete_merchant_on_nostr(
@nostrmarket_ext.get("/api/v1/zone")
 async def api_get_zones(
    wallet: WalletTypeInfo = Depends(require_invoice_key),
-) -> list[Zone]:
+) -> List[Zone]:
    try:
        merchant = await get_merchant_for_user(wallet.wallet.user)
        assert merchant, "Merchant cannot be found"
@ -529,7 +632,7 @@ async def api_get_stall(
@nostrmarket_ext.get("/api/v1/stall")
 async def api_get_stalls(
-    pending: bool | None = False,
+    pending: Optional[bool] = False,
    wallet: WalletTypeInfo = Depends(require_invoice_key),
 ):
    try:
@ -553,7 +656,7 @@ async def api_get_stalls(
@nostrmarket_ext.get("/api/v1/stall/product/{stall_id}")
 async def api_get_stall_products(
    stall_id: str,
-    pending: bool | None = False,
+    pending: Optional[bool] = False,
    wallet: WalletTypeInfo = Depends(require_invoice_key),
 ):
    try:
@ -577,9 +680,9 @@ async def api_get_stall_products(
@nostrmarket_ext.get("/api/v1/stall/order/{stall_id}")
 async def api_get_stall_orders(
    stall_id: str,
-    paid: bool | None = None,
+    paid: Optional[bool] = None,
-    shipped: bool | None = None,
+    shipped: Optional[bool] = None,
-    pubkey: str | None = None,
+    pubkey: Optional[str] = None,
    wallet: WalletTypeInfo = Depends(require_invoice_key),
 ):
    try:
@ -652,6 +755,21 @@ async def api_create_product(
        assert stall, "Stall missing for product"
        data.config.currency = stall.currency
        # Re-publish the parent stall before publishing the product. NIP-33
        # parameterized replaceable events make this idempotent on relays.
        # This guarantees the customer client never sees a product whose
        # parent stall isn't on the relay (e.g., when the original stall
        # publish failed transiently or never ran).
        try:
            stall_event = await sign_and_send_to_nostr(merchant, stall)
            stall.event_id = stall_event.id
            await update_stall(merchant.id, stall)
        except Exception as ex:
            logger.warning(
                f"[NOSTRMARKET] Failed to refresh stall {stall.id} "
                f"before product publish: {ex}"
            )
        product = await create_product(merchant.id, data=data)
        event = await sign_and_send_to_nostr(merchant, product)
@ -713,7 +831,7 @@ async def api_update_product(
 async def api_get_product(
    product_id: str,
    wallet: WalletTypeInfo = Depends(require_invoice_key),
-) -> Product | None:
+) -> Optional[Product]:
    try:
        merchant = await get_merchant_for_user(wallet.wallet.user)
        assert merchant, "Merchant cannot be found"
@ -798,9 +916,9 @@ async def api_get_order(
@nostrmarket_ext.get("/api/v1/order")
 async def api_get_orders(
-    paid: bool | None = None,
+    paid: Optional[bool] = None,
-    shipped: bool | None = None,
+    shipped: Optional[bool] = None,
-    pubkey: str | None = None,
+    pubkey: Optional[str] = None,
    wallet: WalletTypeInfo = Depends(require_invoice_key),
 ):
    try:
@ -844,27 +962,11 @@ async def api_update_order_status(
            ensure_ascii=False,
        )
-        dm_event = merchant.build_dm_event(dm_content, order.public_key)
+        await send_dm(
-
+            merchant,
-        dm = PartialDirectMessage(
+            order.public_key,
-            event_id=dm_event.id,
+            DirectMessageType.ORDER_PAID_OR_SHIPPED.value,
-            event_created_at=dm_event.created_at,
+            dm_content,
            message=dm_content,
            public_key=order.public_key,
            type=DirectMessageType.ORDER_PAID_OR_SHIPPED.value,
        )
        await create_direct_message(merchant.id, dm)
        await nostr_client.publish_nostr_event(dm_event)
        await websocket_updater(
            merchant.id,
            json.dumps(
                {
                    "type": f"dm:{dm.type}",
                    "customerPubkey": order.public_key,
                    "dm": dm.dict(),
                }
            ),
        )
        return order
@ -886,7 +988,7 @@ async def api_update_order_status(
 async def api_restore_order(
    event_id: str,
    wallet: WalletTypeInfo = Depends(require_admin_key),
-) -> Order | None:
+) -> Optional[Order]:
    try:
        merchant = await get_merchant_for_user(wallet.wallet.user)
        assert merchant, "Merchant cannot be found"
@ -1013,7 +1115,7 @@ async def api_reissue_order_invoice(
@nostrmarket_ext.get("/api/v1/message/{public_key}")
 async def api_get_messages(
    public_key: str, wallet: WalletTypeInfo = Depends(require_invoice_key)
-) -> list[DirectMessage]:
+) -> List[DirectMessage]:
    try:
        merchant = await get_merchant_for_user(wallet.wallet.user)
        assert merchant, "Merchant cannot be found"
@ -1042,14 +1144,13 @@ async def api_create_message(
        merchant = await get_merchant_for_user(wallet.wallet.user)
        assert merchant, "Merchant cannot be found"
-        dm_event = merchant.build_dm_event(data.message, data.public_key)
+        dm_reply = await send_dm(
-        data.event_id = dm_event.id
+            merchant,
-        data.event_created_at = dm_event.created_at
+            data.public_key,
-
+            data.type,
-        dm = await create_direct_message(merchant.id, data)
+            data.message,
-        await nostr_client.publish_nostr_event(dm_event)
+        )
-
+        return dm_reply
        return dm
    except AssertionError as ex:
        raise HTTPException(
            status_code=HTTPStatus.BAD_REQUEST,
@ -1069,7 +1170,7 @@ async def api_create_message(
@nostrmarket_ext.get("/api/v1/customer")
 async def api_get_customers(
    wallet: WalletTypeInfo = Depends(require_invoice_key),
-) -> list[Customer]:
+) -> List[Customer]:
    try:
        merchant = await get_merchant_for_user(wallet.wallet.user)
        assert merchant, "Merchant cannot be found"
Author	SHA1	Message	Date
Padreug	05ebf042ac	Extract provision_merchant() service for shared use Some checks failed ci.yml / Extract provision_merchant() service for shared use (pull_request) Failing after 0s Details ci.yml / Extract provision_merchant() service for shared use (push) Failing after 0s Details Both _auto_create_merchant (lazy GET fallback in views_api) and LNbits' _create_default_merchant (eager signup hook) used to reimplement merchant + zone + stall creation independently. Moves the canonical implementation to services.provision_merchant() so both call sites stay in lockstep — future changes (NIP-17 kind 10050 relay list, additional default zones, etc.) only happen in one place. - services.provision_merchant(user_id, wallet_id, public_key, private_key, display_name, config): creates merchant if absent, default 'Online' zone, default '<username>'s Store' stall, and publishes the kind 30017 stall event. Idempotent on the merchant pubkey: returns the existing merchant unchanged if one exists. - views_api._auto_create_merchant: now a 10-line wrapper that loads the account, generates fallback keys if missing, then delegates. The LNbits-side hook (lnbits/core/services/users.py:_create_default_merchant) will be updated in a companion commit to also call this service. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-03 16:59:03 +02:00
Padreug	e481c9179d	Auto-create + publish default stall, republish stall on product publish Two complementary fixes for the "Unknown Stall" bug, where a customer sees a product on the relay but the parent stall is missing. 1. _auto_create_merchant() now creates a default "<username>'s Store" stall and publishes its kind 30017 event before returning. New users land with a fully-published merchant identity, so the very first product they create has a known parent stall on relays. 2. POST /api/v1/product (api_create_product) now republishes the parent stall before publishing the product. NIP-33 parameterized replaceable events make this idempotent, but it self-heals every existing case where the stall publish failed or never happened (transient relay issues, accounts that pre-date the auto-publish flow, manual stall creation that didn't reach all relays). This complements the LNbits-side fix in core/services/users.py (_create_default_merchant publishes the stall on signup) and the webapp self-heal in useMarketStallSelfHeal.ts. With all three layers, "Unknown Stall" should disappear from the customer view. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-03 16:59:03 +02:00
Padreug	3cc798aab2	Remove orphaned key import/generate UI Phase 3 (auto-provision merchant from account keypair) removed the generateKeys / importKeys methods and the dialog data fields, but left the dialog templates and dropdown menu items behind. They referenced importKeyDialog.show and generateKeyDialog.show, which were now undefined — breaking the merchant dashboard with "Cannot read properties of undefined (reading 'show')". Removes: - The Import Key and Generate New Key dialogs from index.html - The corresponding dropdown items from merchant-tab.html - The 'import-key' and 'generate-key' emits from merchant-tab.js - The dangling @import-key / @generate-key listeners in index.html Merchants are auto-provisioned from the account keypair on first GET; key rotation is handled by the migrate-keys feature instead. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-03 16:59:03 +02:00
Padreug	25023df8bd	Add keypair rotation detection and migration feature When a user rotates their Nostr keypair in account settings, the merchant still holds the old key. This adds: - key_mismatch flag on MerchantConfig (runtime, not persisted) - detected on each GET /api/v1/merchant by comparing account vs merchant pubkey - POST /api/v1/merchant/{id}/migrate-keys endpoint that updates the merchant keys, republishes all stalls/products under the new identity, and resubscribes - Warning banner in the UI with a "Migrate Keys" button and confirmation dialog - update_merchant_keys() crud function Orders and DM history are preserved since they reference customer pubkeys. Old stall/product events on relays become orphaned. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-03 16:59:03 +02:00
Padreug	5c38947fc6	Auto-provision merchant from account keypair on first access The LNbits user account IS the merchant identity. GET /api/v1/merchant now auto-creates the merchant record using the account's existing Nostr keypair if one doesn't exist yet, so the extension is immediately usable without any setup screen. - Extract _auto_create_merchant() helper used by both GET and POST - Remove welcome/key-generation screen (replaced with loading spinner) - Remove dead frontend code (generateKeys, importKeys dialogs) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-03 16:59:03 +02:00
Padreug	725944ae9c	Replace NIP-04 messaging with NIP-17 (NIP-44 + NIP-59 gift wrapping) Modernize the entire customer-merchant communication layer from deprecated NIP-04 (kind 4, AES-256-CBC) to NIP-17 private direct messages using NIP-44 v2 encryption (ChaCha20 + HMAC-SHA256) and NIP-59 gift wrapping (rumor/seal/gift-wrap protocol). No backwards compatibility retained. New modules: - nostr/nip44.py: NIP-44 v2 encryption verified against official spec vectors - nostr/nip59.py: NIP-59 gift wrap with wrap/unwrap convenience functions - tests/: 44 unit tests for NIP-44 and NIP-59 Key changes: - Subscription filters: kind 4 → kind 1059 gift wraps - Message handler: _handle_nip04_message → _handle_gift_wrap (unwrap + route) - send_dm/reply_to_structured_dm: NIP-59 gift wrap to recipient + self-archive - Merchant model: removed NIP-04 crypto methods (decrypt/encrypt/build_dm_event) - helpers.py: removed NIP-04 functions, kept Schnorr signing + key normalization - views_api.py: consolidated DM sending through send_dm() service function Reliability improvements: - Event deduplication via bounded LRU set in NostrClient - Subscription health monitor (resubscribes after 120s of silence) - Preserved 5-minute lenient time window from prior work Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-03 16:59:03 +02:00
padreug	319d5eeb04	Refactors type hints for clarity Some checks failed CI / lint (push) Has been cancelled Details Updates type hints in `crud.py`, `helpers.py`, and `models.py` for improved readability and maintainability. Replaces `Merchant \| None` with `Optional[Merchant]` and `list[X]` with `List[X]` for consistency with standard Python typing practices.	2026-04-24 01:59:27 -04:00
padreug	d3229cd094	Improves Nostr message handling and error logging Enhances the processing of Nostr messages by adding more robust error handling and logging, providing better insights into potential issues. Specifically: - Improves the checks on the websocket connection to log errors and debug information. - Implements more comprehensive error logging for failed product quantity checks. - Enhances logging and validation of EVENT messages to prevent potential errors. - Implements a more robust merchant lookup logic to avoid double processing of events. - Implements a more lenient time window for direct message subscriptions.	2026-04-24 01:59:27 -04:00
padreug	039a26d1df	Adds order discovery analysis document Adds a document analyzing the order discovery mechanism in Nostrmarket. The document identifies the reasons merchants need to manually refresh to see new orders, instead of receiving them automatically. It analyzes timing window issues, connection stability, subscription state management, and event processing delays. It proposes solutions such as enhanced persistent subscriptions, periodic auto-refresh, WebSocket health monitoring, and event gap detection.	2026-04-24 01:59:27 -04:00
padreug	0b7523fbeb	Enhances websocket connection robustness Improves websocket connection reliability by predefining the websocket URL and handling potential queueing errors. This change also updates the websocket close message for clarity.	2026-04-24 01:59:27 -04:00
padreug	c7f6b209dd	TEMP: set merchant active to True by default	2026-04-24 01:59:27 -04:00
padreug	a8eeace36d	Improve merchant creation with automatic keypair generation Enhance the merchant creation process by automatically generating Nostr keypairs for users who don't have them, and streamline the API interface. Changes: - Add CreateMerchantRequest model to simplify merchant creation API - Auto-generate Nostr keypairs for users without existing keys - Update merchant creation endpoint to use user account keypairs - Improve error handling and validation in merchant creation flow - Clean up frontend JavaScript for merchant creation This ensures all merchants have proper Nostr keypairs for marketplace functionality without requiring manual key management from users. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>	2026-04-24 01:59:27 -04:00
padreug	d4c1bc04ec	interactive rebase commit, clean logs	2026-04-24 01:59:27 -04:00
padreug	0ebd5f642c	add DEBUG logs	2026-04-24 01:59:27 -04:00
Arc	125481bda8	Merge pull request #171 from lnbits/more_pages Changes to more pages	2026-02-16 14:22:14 +00:00
Arc	77a7ab8153	Merge pull request #170 from lnbits/ui_tweaks fix: frontend page	2026-02-16 14:21:31 +00:00
DoktorShift	ac879e29f2	Changes to more pages	2026-01-25 14:21:19 +01:00
arcbtc	754003eb52	make	2025-12-30 14:49:33 +00:00
arcbtc	75c6d388a5	frontend page fix	2025-12-30 14:46:31 +00:00
arcbtc	94af43c3f5	add open button	2025-12-30 12:48:43 +00:00
arcbtc	216b53cb31	tweaks	2025-12-30 12:07:11 +00:00