aljaz/rabbit
1
0
Fork 0
mirror of https://github.com/aljazceru/rabbit.git synced 2025-12-17 05:54:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: drop hash validation from NIP-57

Browse Source 
https://github.com/lnurl/luds/pull/234
This commit is contained in:
Shusui MOYATANI
2024-02-12 14:49:22 +09:00
parent ff73a0e217
commit ee0be6b9eb
4 changed files with 5 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/components/modal/ZapRequestModal.tsx
View File

@@ -247,11 +247,8 @@ const ZapDialog: Component<ZapDialogProps> = (props) => {
}
const invoice = callbackResponse.pr;
await verifyInvoice(invoice, {
amountMilliSats,
metadata: endpointData.metadata,
zapRequest: callbackParams.zapRequest,
});
verifyInvoice(invoice, { amountMilliSats });
return invoice;
};

2
src/nostr/zap/fetchLnurlCallback.ts
View File

@@ -40,7 +40,7 @@ const fetchLnurlCallback = async ({
callbackUrl.searchParams.set('nostr', JSON.stringify(zapRequest));
}
const res = await fetch(callbackUrl, { mode: 'cors' });
const res = await fetch(callbackUrl, { mode: 'cors', redirect: 'error' });
// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
const body = await res.json();

2
src/nostr/zap/fetchLnurlEndpoint.ts
View File

@@ -84,7 +84,7 @@ export const parseLnurlEndpointMetadata = (
};
const fetchLnurlEndpoint = async (lnurl: string): Promise<LnurlEndpoint | LnurlError> => {
const res = await fetch(lnurl, { mode: 'cors' });
const res = await fetch(lnurl, { mode: 'cors', redirect: 'error' });
// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
const body = await res.json();

22
src/nostr/zap/verifyInvoice.ts
View File

@@ -1,28 +1,8 @@
import { type Event as NostrEvent } from 'nostr-tools/pure';
import { parseBolt11 } from '@/nostr/zap/bolt11';
import sha256Hex from '@/utils/sha256Hex';
const verifyInvoice = async (
bolt11: string,
requirements: { amountMilliSats: string; metadata: string; zapRequest?: NostrEvent },
): Promise<void> => {
const verifyInvoice = (bolt11: string, requirements: { amountMilliSats: string }) => {
const payReq = parseBolt11(bolt11);
const description =
requirements.zapRequest != null
? JSON.stringify(requirements.zapRequest)
: requirements.metadata;
if (payReq.tagsObject.description !== null && description === payReq.tagsObject.description) {
throw new Error("invalid invoice: description and didn't match");
}
const purposeCommitHash = await sha256Hex(description);
if (purposeCommitHash !== payReq.tagsObject.purpose_commit_hash) {
throw new Error("invalid invoice: hash value of purpose_commit_hash and didn't match");
}
if (payReq.millisatoshis != null && payReq.millisatoshis !== requirements.amountMilliSats) {
throw new Error("invalid invoice: amount didn't match");
}