forked from Kieran/snort
chore: improve zapper validation
This commit is contained in:
parent
d959a492b1
commit
c702d1b760
@ -115,7 +115,7 @@ export default function Note(props: NoteProps) {
|
|||||||
const zaps = useMemo(() => {
|
const zaps = useMemo(() => {
|
||||||
const sortedZaps = getReactions(related, ev.Id, EventKind.ZapReceipt)
|
const sortedZaps = getReactions(related, ev.Id, EventKind.ZapReceipt)
|
||||||
.map(parseZap)
|
.map(parseZap)
|
||||||
.filter(z => z.valid && z.zapper !== ev.PubKey);
|
.filter(z => z.valid && z.sender !== ev.PubKey);
|
||||||
sortedZaps.sort((a, b) => b.amount - a.amount);
|
sortedZaps.sort((a, b) => b.amount - a.amount);
|
||||||
return sortedZaps;
|
return sortedZaps;
|
||||||
}, [related]);
|
}, [related]);
|
||||||
|
@ -65,7 +65,7 @@ export default function NoteFooter(props: NoteFooterProps) {
|
|||||||
type: "language",
|
type: "language",
|
||||||
});
|
});
|
||||||
const zapTotal = zaps.reduce((acc, z) => acc + z.amount, 0);
|
const zapTotal = zaps.reduce((acc, z) => acc + z.amount, 0);
|
||||||
const didZap = zaps.some(a => a.zapper === login);
|
const didZap = zaps.some(a => a.sender === login);
|
||||||
const longPress = useLongPress(
|
const longPress = useLongPress(
|
||||||
e => {
|
e => {
|
||||||
e.stopPropagation();
|
e.stopPropagation();
|
||||||
|
@ -98,7 +98,7 @@ const Reactions = ({ show, setShow, positive, negative, reposts, zaps }: Reactio
|
|||||||
{tab.value === 1 &&
|
{tab.value === 1 &&
|
||||||
zaps.map(z => {
|
zaps.map(z => {
|
||||||
return (
|
return (
|
||||||
z.zapper && (
|
z.sender && (
|
||||||
<div key={z.id} className="reactions-item">
|
<div key={z.id} className="reactions-item">
|
||||||
<div className="zap-reaction-icon">
|
<div className="zap-reaction-icon">
|
||||||
<Icon name="zap" size={20} />
|
<Icon name="zap" size={20} />
|
||||||
@ -106,7 +106,7 @@ const Reactions = ({ show, setShow, positive, negative, reposts, zaps }: Reactio
|
|||||||
</div>
|
</div>
|
||||||
<ProfileImage
|
<ProfileImage
|
||||||
autoWidth={false}
|
autoWidth={false}
|
||||||
pubkey={z.anonZap ? "" : z.zapper}
|
pubkey={z.anonZap ? "" : z.sender}
|
||||||
subHeader={
|
subHeader={
|
||||||
<div className="f-ellipsis zap-comment" title={z.content}>
|
<div className="f-ellipsis zap-comment" title={z.content}>
|
||||||
{z.content}
|
{z.content}
|
||||||
|
@ -99,7 +99,7 @@ export default function Timeline({
|
|||||||
}
|
}
|
||||||
case EventKind.ZapReceipt: {
|
case EventKind.ZapReceipt: {
|
||||||
const zap = parseZap(e);
|
const zap = parseZap(e);
|
||||||
return zap.e ? null : <Zap zap={zap} key={e.id} />;
|
return zap.event ? null : <Zap zap={zap} key={e.id} />;
|
||||||
}
|
}
|
||||||
case EventKind.Reaction:
|
case EventKind.Reaction:
|
||||||
case EventKind.Repost: {
|
case EventKind.Repost: {
|
||||||
|
@ -2,9 +2,9 @@ import "./Zap.css";
|
|||||||
import { useMemo } from "react";
|
import { useMemo } from "react";
|
||||||
import { FormattedMessage, useIntl } from "react-intl";
|
import { FormattedMessage, useIntl } from "react-intl";
|
||||||
import { useSelector } from "react-redux";
|
import { useSelector } from "react-redux";
|
||||||
import { Event, HexKey, TaggedRawEvent } from "@snort/nostr";
|
import { HexKey, TaggedRawEvent } from "@snort/nostr";
|
||||||
|
|
||||||
import { decodeInvoice, sha256, unwrap } from "Util";
|
import { decodeInvoice, InvoiceDetails, sha256, unwrap } from "Util";
|
||||||
import { formatShort } from "Number";
|
import { formatShort } from "Number";
|
||||||
import Text from "Element/Text";
|
import Text from "Element/Text";
|
||||||
import ProfileImage from "Element/ProfileImage";
|
import ProfileImage from "Element/ProfileImage";
|
||||||
@ -20,103 +20,110 @@ function findTag(e: TaggedRawEvent, tag: string) {
|
|||||||
return maybeTag && maybeTag[1];
|
return maybeTag && maybeTag[1];
|
||||||
}
|
}
|
||||||
|
|
||||||
function getInvoice(zap: TaggedRawEvent) {
|
function getInvoice(zap: TaggedRawEvent): InvoiceDetails | undefined {
|
||||||
const bolt11 = findTag(zap, "bolt11");
|
const bolt11 = findTag(zap, "bolt11");
|
||||||
if (!bolt11) {
|
if (!bolt11) {
|
||||||
console.debug("Invalid zap: ", zap);
|
throw new Error("Invalid zap, missing bolt11 tag");
|
||||||
return {};
|
|
||||||
}
|
}
|
||||||
const decoded = decodeInvoice(bolt11);
|
return decodeInvoice(bolt11);
|
||||||
if (decoded) {
|
|
||||||
return { amount: decoded?.amount, hash: decoded?.descriptionHash };
|
|
||||||
}
|
|
||||||
return {};
|
|
||||||
}
|
}
|
||||||
|
|
||||||
interface Zapper {
|
export function parseZap(zapReceipt: TaggedRawEvent): ParsedZap {
|
||||||
pubkey?: HexKey;
|
const invoice = getInvoice(zapReceipt);
|
||||||
isValid: boolean;
|
let innerZapJson = findTag(zapReceipt, "description");
|
||||||
isAnon: boolean;
|
if (innerZapJson) {
|
||||||
content: string;
|
|
||||||
}
|
|
||||||
|
|
||||||
function getZapper(zap: TaggedRawEvent, dhash: string): Zapper {
|
|
||||||
let zapRequest = findTag(zap, "description");
|
|
||||||
if (zapRequest) {
|
|
||||||
try {
|
try {
|
||||||
if (zapRequest.startsWith("%")) {
|
if (innerZapJson.startsWith("%")) {
|
||||||
zapRequest = decodeURIComponent(zapRequest);
|
innerZapJson = decodeURIComponent(innerZapJson);
|
||||||
}
|
}
|
||||||
const rawEvent: TaggedRawEvent = JSON.parse(zapRequest);
|
const zapRequest: TaggedRawEvent = JSON.parse(innerZapJson);
|
||||||
if (Array.isArray(rawEvent)) {
|
if (Array.isArray(zapRequest)) {
|
||||||
// old format, ignored
|
// old format, ignored
|
||||||
return { isValid: false, isAnon: false, content: "" };
|
throw new Error("deprecated zap format");
|
||||||
}
|
}
|
||||||
const anonZap = rawEvent.tags.some(a => a[0] === "anon");
|
const anonZap = findTag(zapRequest, "anon");
|
||||||
const metaHash = sha256(zapRequest);
|
const metaHash = sha256(innerZapJson);
|
||||||
const ev = new Event(rawEvent);
|
const ret: ParsedZap = {
|
||||||
const zapperIgnored = ZapperSpam.includes(zap.pubkey);
|
id: zapReceipt.id,
|
||||||
return {
|
zapService: zapReceipt.pubkey,
|
||||||
pubkey: ev.PubKey,
|
amount: (invoice?.amount ?? 0) / 1000,
|
||||||
isValid: dhash === metaHash && !zapperIgnored,
|
event: findTag(zapRequest, "e"),
|
||||||
isAnon: anonZap,
|
sender: zapRequest.pubkey,
|
||||||
content: rawEvent.content,
|
receiver: findTag(zapRequest, "p"),
|
||||||
|
valid: true,
|
||||||
|
anonZap: anonZap !== undefined,
|
||||||
|
content: zapRequest.content,
|
||||||
|
errors: [],
|
||||||
};
|
};
|
||||||
|
if (invoice?.descriptionHash !== metaHash) {
|
||||||
|
ret.valid = false;
|
||||||
|
ret.errors.push("description_hash does not match zap request");
|
||||||
|
}
|
||||||
|
if (ZapperSpam.includes(zapReceipt.pubkey)) {
|
||||||
|
ret.valid = false;
|
||||||
|
ret.errors.push("zapper is banned");
|
||||||
|
}
|
||||||
|
if (findTag(zapRequest, "p") !== findTag(zapReceipt, "p")) {
|
||||||
|
ret.valid = false;
|
||||||
|
ret.errors.push("p tags dont match");
|
||||||
|
}
|
||||||
|
if (ret.event && ret.event !== findTag(zapReceipt, "e")) {
|
||||||
|
ret.valid = false;
|
||||||
|
ret.errors.push("e tags dont match");
|
||||||
|
}
|
||||||
|
if (findTag(zapRequest, "amount") === invoice?.amount) {
|
||||||
|
ret.valid = false;
|
||||||
|
ret.errors.push("amount tag does not match invoice amount");
|
||||||
|
}
|
||||||
|
if (!ret.valid) {
|
||||||
|
console.debug("Invalid zap", ret);
|
||||||
|
}
|
||||||
|
return ret;
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
console.warn("Invalid zap", zapRequest);
|
console.debug("Invalid zap", zapReceipt, e);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return { isValid: false, isAnon: false, content: "" };
|
return {
|
||||||
|
id: zapReceipt.id,
|
||||||
|
zapService: zapReceipt.pubkey,
|
||||||
|
amount: 0,
|
||||||
|
valid: false,
|
||||||
|
anonZap: false,
|
||||||
|
errors: ["invalid zap, parsing failed"],
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface ParsedZap {
|
export interface ParsedZap {
|
||||||
id: HexKey;
|
id: HexKey;
|
||||||
e?: HexKey;
|
event?: HexKey;
|
||||||
p: HexKey;
|
receiver?: HexKey;
|
||||||
amount: number;
|
amount: number;
|
||||||
content: string;
|
content?: string;
|
||||||
zapper?: HexKey;
|
sender?: HexKey;
|
||||||
valid: boolean;
|
valid: boolean;
|
||||||
zapService: HexKey;
|
zapService: HexKey;
|
||||||
anonZap: boolean;
|
anonZap: boolean;
|
||||||
}
|
errors: Array<string>;
|
||||||
|
|
||||||
export function parseZap(zap: TaggedRawEvent): ParsedZap {
|
|
||||||
const { amount, hash } = getInvoice(zap);
|
|
||||||
const zapper = hash ? getZapper(zap, hash) : ({ isValid: false, content: "" } as Zapper);
|
|
||||||
const e = findTag(zap, "e");
|
|
||||||
const p = unwrap(findTag(zap, "p"));
|
|
||||||
return {
|
|
||||||
id: zap.id,
|
|
||||||
e,
|
|
||||||
p,
|
|
||||||
amount: Number(amount) / 1000,
|
|
||||||
zapper: zapper.pubkey,
|
|
||||||
content: zapper.content,
|
|
||||||
valid: zapper.isValid,
|
|
||||||
zapService: zap.pubkey,
|
|
||||||
anonZap: zapper.isAnon,
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
||||||
const Zap = ({ zap, showZapped = true }: { zap: ParsedZap; showZapped?: boolean }) => {
|
const Zap = ({ zap, showZapped = true }: { zap: ParsedZap; showZapped?: boolean }) => {
|
||||||
const { amount, content, zapper, valid, p } = zap;
|
const { amount, content, sender, valid, receiver } = zap;
|
||||||
const pubKey = useSelector((s: RootState) => s.login.publicKey);
|
const pubKey = useSelector((s: RootState) => s.login.publicKey);
|
||||||
|
|
||||||
return valid && zapper ? (
|
return valid && sender ? (
|
||||||
<div className="zap note card">
|
<div className="zap note card">
|
||||||
<div className="header">
|
<div className="header">
|
||||||
<ProfileImage autoWidth={false} pubkey={zapper} />
|
<ProfileImage autoWidth={false} pubkey={sender} />
|
||||||
{p !== pubKey && showZapped && <ProfileImage autoWidth={false} pubkey={p} />}
|
{receiver !== pubKey && showZapped && <ProfileImage autoWidth={false} pubkey={unwrap(receiver)} />}
|
||||||
<div className="amount">
|
<div className="amount">
|
||||||
<span className="amount-number">
|
<span className="amount-number">
|
||||||
<FormattedMessage {...messages.Sats} values={{ n: formatShort(amount) }} />
|
<FormattedMessage {...messages.Sats} values={{ n: formatShort(amount ?? 0) }} />
|
||||||
</span>
|
</span>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
{content.length > 0 && zapper && (
|
{(content?.length ?? 0) > 0 && sender && (
|
||||||
<div className="body">
|
<div className="body">
|
||||||
<Text creator={zapper} content={content} tags={[]} />
|
<Text creator={sender} content={unwrap(content)} tags={[]} />
|
||||||
</div>
|
</div>
|
||||||
)}
|
)}
|
||||||
</div>
|
</div>
|
||||||
@ -130,8 +137,8 @@ interface ZapsSummaryProps {
|
|||||||
export const ZapsSummary = ({ zaps }: ZapsSummaryProps) => {
|
export const ZapsSummary = ({ zaps }: ZapsSummaryProps) => {
|
||||||
const { formatMessage } = useIntl();
|
const { formatMessage } = useIntl();
|
||||||
const sortedZaps = useMemo(() => {
|
const sortedZaps = useMemo(() => {
|
||||||
const pub = [...zaps.filter(z => z.zapper && z.valid)];
|
const pub = [...zaps.filter(z => z.sender && z.valid)];
|
||||||
const priv = [...zaps.filter(z => !z.zapper && z.valid)];
|
const priv = [...zaps.filter(z => !z.sender && z.valid)];
|
||||||
pub.sort((a, b) => b.amount - a.amount);
|
pub.sort((a, b) => b.amount - a.amount);
|
||||||
return pub.concat(priv);
|
return pub.concat(priv);
|
||||||
}, [zaps]);
|
}, [zaps]);
|
||||||
@ -141,17 +148,17 @@ export const ZapsSummary = ({ zaps }: ZapsSummaryProps) => {
|
|||||||
}
|
}
|
||||||
|
|
||||||
const [topZap, ...restZaps] = sortedZaps;
|
const [topZap, ...restZaps] = sortedZaps;
|
||||||
const { zapper, amount, anonZap } = topZap;
|
const { sender, amount, anonZap } = topZap;
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<div className="zaps-summary">
|
<div className="zaps-summary">
|
||||||
{amount && (
|
{amount && (
|
||||||
<div className={`top-zap`}>
|
<div className={`top-zap`}>
|
||||||
<div className="summary">
|
<div className="summary">
|
||||||
{zapper && (
|
{sender && (
|
||||||
<ProfileImage
|
<ProfileImage
|
||||||
autoWidth={false}
|
autoWidth={false}
|
||||||
pubkey={anonZap ? "" : zapper}
|
pubkey={anonZap ? "" : sender}
|
||||||
overrideUsername={anonZap ? formatMessage({ defaultMessage: "Anonymous" }) : undefined}
|
overrideUsername={anonZap ? formatMessage({ defaultMessage: "Anonymous" }) : undefined}
|
||||||
/>
|
/>
|
||||||
)}
|
)}
|
||||||
|
@ -18,7 +18,7 @@ export default function useZapsFeed(pubkey?: HexKey) {
|
|||||||
const zaps = useMemo(() => {
|
const zaps = useMemo(() => {
|
||||||
const profileZaps = zapsFeed.store.notes
|
const profileZaps = zapsFeed.store.notes
|
||||||
.map(parseZap)
|
.map(parseZap)
|
||||||
.filter(z => z.valid && z.p === pubkey && z.zapper !== pubkey && !z.e);
|
.filter(z => z.valid && z.receiver === pubkey && z.sender !== pubkey && !z.event);
|
||||||
profileZaps.sort((a, b) => b.amount - a.amount);
|
profileZaps.sort((a, b) => b.amount - a.amount);
|
||||||
return profileZaps;
|
return profileZaps;
|
||||||
}, [zapsFeed]);
|
}, [zapsFeed]);
|
||||||
|
@ -8,7 +8,9 @@ export function formatShort(n: number) {
|
|||||||
return n;
|
return n;
|
||||||
} else if (n < 1e6) {
|
} else if (n < 1e6) {
|
||||||
return `${intl.format(n / 1e3)}K`;
|
return `${intl.format(n / 1e3)}K`;
|
||||||
} else {
|
} else if (n < 1e9) {
|
||||||
return `${intl.format(n / 1e6)}M`;
|
return `${intl.format(n / 1e6)}M`;
|
||||||
|
} else {
|
||||||
|
return `${intl.format(n / 1e9)}G`;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -240,12 +240,13 @@ export const delay = (t: number) => {
|
|||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
|
export type InvoiceDetails = ReturnType<typeof decodeInvoice>;
|
||||||
export function decodeInvoice(pr: string) {
|
export function decodeInvoice(pr: string) {
|
||||||
try {
|
try {
|
||||||
const parsed = invoiceDecode(pr);
|
const parsed = invoiceDecode(pr);
|
||||||
|
|
||||||
const amountSection = parsed.sections.find(a => a.name === "amount");
|
const amountSection = parsed.sections.find(a => a.name === "amount");
|
||||||
const amount = amountSection ? (amountSection.value as number) : NaN;
|
const amount = amountSection ? Number(amountSection.value as number | string) : undefined;
|
||||||
|
|
||||||
const timestampSection = parsed.sections.find(a => a.name === "timestamp");
|
const timestampSection = parsed.sections.find(a => a.name === "timestamp");
|
||||||
const timestamp = timestampSection ? (timestampSection.value as number) : NaN;
|
const timestamp = timestampSection ? (timestampSection.value as number) : NaN;
|
||||||
@ -256,7 +257,7 @@ export function decodeInvoice(pr: string) {
|
|||||||
const descriptionHashSection = parsed.sections.find(a => a.name === "description_hash")?.value;
|
const descriptionHashSection = parsed.sections.find(a => a.name === "description_hash")?.value;
|
||||||
const paymentHashSection = parsed.sections.find(a => a.name === "payment_hash")?.value;
|
const paymentHashSection = parsed.sections.find(a => a.name === "payment_hash")?.value;
|
||||||
const ret = {
|
const ret = {
|
||||||
amount: !isNaN(amount) ? amount : undefined,
|
amount: amount,
|
||||||
expire: !isNaN(timestamp) && !isNaN(expire) ? timestamp + expire : undefined,
|
expire: !isNaN(timestamp) && !isNaN(expire) ? timestamp + expire : undefined,
|
||||||
timestamp: !isNaN(timestamp) ? timestamp : undefined,
|
timestamp: !isNaN(timestamp) ? timestamp : undefined,
|
||||||
description: descriptionSection as string | undefined,
|
description: descriptionSection as string | undefined,
|
||||||
|
Loading…
Reference in New Issue
Block a user