Merge branch 'arweave-tx-support'

Author: nikooo777

commentapi/comment.go

@@ -90,7 +90,7 @@ type CreateArgs struct {
 	IsProtected       bool               `json:"is_protected"`
 	Amount            *float64           `json:"amount"`
 	DryRun            bool               `json:"dry_run"`
-	PaymentTxId       *string            `json:"payment_tx_id"`
+	PaymentTxID       *string            `json:"payment_tx_id"`
 }
 
 // CreateResponse response for the comment.Create rpc call

config/config.go

@@ -1,6 +1,8 @@
 package config
 
 import (
+	"strings"
+
 	"github.com/OdyseeTeam/commentron/db"
 	"github.com/OdyseeTeam/commentron/env"
 	"github.com/OdyseeTeam/commentron/helper"
@@ -13,7 +15,7 @@ import (
 // SocketyToken token used to communicate with Sockety
 var SocketyToken string
 
-//IsTestMode turns off validations for local testing
+// IsTestMode turns off validations for local testing
 var IsTestMode bool
 
 // InitializeConfiguration inits the base configuration of commentron
@@ -51,6 +53,11 @@ func initSlack(config *env.Config) {
 			Channel:        slackChannel,
 			IconEmoji:      ":speech_balloon:",
 			Username:       "Commentron",
+			Filters: []slackrus.Filter{
+				func(entry *logrus.Entry) bool {
+					return !strings.Contains(entry.Message, "could not get claim from sdk")
+				},
+			},
 		})
 	}
 }

migration/bindata.go

@@ -91,12 +91,13 @@ func (c apiClient) CheckPerk(options CheckPerkOptions) (bool, error) {
 	return perkRes.Data.HasAccess, nil
 }
 
+// ArweavePaymentDetailsResponse is the response structure from internal-apis for the arweave payment details api
 type ArweavePaymentDetailsResponse struct {
 	Amount         uint64    `json:"amount"`
 	Currency       string    `json:"currency"`
 	Status         string    `json:"status"`
-	UserId         uint64    `json:"user_id"`
-	ChannelClaimId string    `json:"channel_claim_id"`
+	UserID         uint64    `json:"user_id"`
+	ChannelClaimID string    `json:"channel_claim_id"`
 	TippedAt       time.Time `json:"tipped_at"`
 }
 type apiArweavePaymentDetailsResponse struct {
@@ -105,12 +106,12 @@ type apiArweavePaymentDetailsResponse struct {
 	Data    ArweavePaymentDetailsResponse `json:"data"`
 }
 
-func (c apiClient) GetDetailsForTransaction(txId string) (*ArweavePaymentDetailsResponse, error) {
+func (c apiClient) GetDetailsForTransaction(txID string) (*ArweavePaymentDetailsResponse, error) {
 	const apiPath = "/arweave/payment/retrieve"
 	client := http.Client{}
 	form := make(url.Values)
 	form.Set("auth_token", apiToken)
-	form.Set("tx_id", txId)
+	form.Set("tx_id", txID)
 
 	response, err := client.PostForm(apiURL+apiPath, form)
 	if err != nil {

server/lbry/apis.go

@@ -96,6 +96,6 @@ func (m *mockAPI) CheckPerk(options CheckPerkOptions) (bool, error) {
 	return false, nil
 }
 
-func (m *mockAPI) GetDetailsForTransaction(txId string) (*ArweavePaymentDetailsResponse, error) {
+func (m *mockAPI) GetDetailsForTransaction(txID string) (*ArweavePaymentDetailsResponse, error) {
 	return nil, nil
 }

server/lbry/client.go

@@ -29,12 +29,12 @@ func populateItem(comment *m.Comment, channel *m.Channel, replies int) commentap
 	}
 
 	item := commentapi.CommentItem{
-		Comment:       comment.Body,
-		CommentID:     comment.CommentID,
-		ClaimID:       comment.LbryClaimID,
-		Timestamp:     comment.Timestamp,
-		ParentID:      comment.ParentID.String,
-		Signature:     comment.Signature.String,
+		Comment:   comment.Body,
+		CommentID: comment.CommentID,
+		ClaimID:   comment.LbryClaimID,
+		Timestamp: comment.Timestamp,
+		ParentID:  comment.ParentID.String,
+		//Signature:     comment.Signature.String,
 		SigningTs:     comment.Signingts.String,
 		IsHidden:      comment.IsHidden.Bool,
 		IsPinned:      comment.IsPinned,

server/services/v1/comments/comments.go

@@ -67,8 +67,12 @@ func create(_ *http.Request, args *commentapi.CreateArgs, reply *commentapi.Crea
 
 	var frequencyCheck = checkFrequency
 
-	if args.Amount != nil {
-		if args.DryRun {
+	isPaidComment := args.Amount != nil || args.PaymentIntentID != nil //this is because odysee android app doesn't pass an amount for dryruns...
+	isDryRun := args.DryRun && (args.SupportTxID != nil || args.PaymentIntentID != nil || args.PaymentTxID != nil)
+	isActualTransaction := isPaidComment && (args.SupportTxID != nil || args.PaymentIntentID != nil || args.PaymentTxID != nil)
+
+	if isPaidComment {
+		if isDryRun {
 			cents := *args.Amount
 			if args.SupportTxID != nil {
 				lbc, err := btcutil.NewAmount(*args.Amount)
@@ -80,40 +84,15 @@ func create(_ *http.Request, args *commentapi.CreateArgs, reply *commentapi.Crea
 				cents *= 100
 			}
 			request.comment.Amount.SetValid(uint64(cents))
-		} else {
+		} else if isActualTransaction {
 			err := updateSupportInfo(request)
 			if err != nil {
 				return err
 			}
-		}
-		// ignore the frequency if it's a tipped comment
-		frequencyCheck = ignoreFrequency
-	}
-
-	if args.SupportTxID != nil || args.PaymentIntentID != nil || args.PaymentTxId != nil {
-		if args.DryRun {
-			if args.Amount != nil {
-				if args.PaymentIntentID != nil {
-					cents := uint64(*args.Amount * 100)
-					request.comment.Amount.SetValid(cents)
-				} else if args.SupportTxID != nil {
-					lbc, err := btcutil.NewAmount(*args.Amount)
-					if err != nil {
-						return errors.Err(err)
-					}
-					request.comment.Amount.SetValid(uint64(lbc.ToUnit(btcutil.AmountSatoshi)))
-				} else if args.PaymentTxId != nil {
-					//assume cents
-					request.comment.Amount.SetValid(uint64(*args.Amount))
-				}
-			}
 		} else {
-			err := updateSupportInfo(request)
-			if err != nil {
-				return err
-			}
+			return errors.Err("you must specify a transaction if it's a paid comment")
 		}
-		// ignore the frequency if its a tipped comment
+		// ignore the frequency if it's a tipped comment
 		frequencyCheck = ignoreFrequency
 	}
 
@@ -737,6 +716,8 @@ func getCounter(key string, expiration time.Duration) (*counter.Counter, error)
 
 func updateSupportInfo(request *createRequest) error {
 	triesLeft := 3
+	backoff := time.Second
+
 	for {
 		triesLeft--
 		err := updateSupportInfoAttempt(request, true)
@@ -746,20 +727,36 @@ func updateSupportInfo(request *createRequest) error {
 		if triesLeft == 0 {
 			return err
 		}
-		time.Sleep(1 * time.Second)
+		time.Sleep(backoff)
+		backoff *= 2
 	}
 }
 
+func checkReplays(txID string) error {
+	existingComment, err := m.Comments(m.CommentWhere.TXID.EQ(null.StringFrom(txID))).One(db.RO)
+	if err != nil && !errors.Is(err, sql.ErrNoRows) {
+		if !errors.Is(err, sql.ErrNoRows) {
+			return errors.Err(err)
+		}
+	}
+	if existingComment != nil {
+		return errors.Err("a comment with this transaction id already exists")
+	}
+	return nil
+}
+
 func updateSupportInfoAttempt(request *createRequest, retry bool) error {
-	//TODO: fix replay attacks
-	//todo: fix stolen tx attacks
 	if request.args.PaymentIntentID != nil {
 		env := ""
 		if request.args.Environment != nil {
 			env = *request.args.Environment
 		}
-		paymentintentClient := &paymentintent.Client{B: stripe.GetBackend(stripe.APIBackend), Key: config.ConnectAPIKey(config.From(env))}
-		pi, err := paymentintentClient.Get(*request.args.PaymentIntentID, &stripe.PaymentIntentParams{})
+		err := checkReplays(*request.args.PaymentIntentID)
+		if err != nil {
+			return err
+		}
+		pic := &paymentintent.Client{B: stripe.GetBackend(stripe.APIBackend), Key: config.ConnectAPIKey(config.From(env))}
+		pi, err := pic.Get(*request.args.PaymentIntentID, &stripe.PaymentIntentParams{})
 		if err != nil {
 			if !retry {
 				logrus.Error(errors.Prefix("could not get payment intent %s", *request.args.PaymentIntentID))
@@ -772,9 +769,13 @@ func updateSupportInfoAttempt(request *createRequest, retry bool) error {
 		request.comment.Amount.SetValid(uint64(pi.Amount))
 		request.comment.IsFiat = true
 		request.comment.Currency.SetValid(pi.Currency)
+		request.comment.TXID.SetValid(*request.args.PaymentIntentID)
 		return nil
 	} else if request.args.SupportTxID != nil {
-		request.comment.TXID.SetValid(util.StrFromPtr(request.args.SupportTxID))
+		err := checkReplays(*request.args.SupportTxID)
+		if err != nil {
+			return err
+		}
 		txSummary, err := lbry.SDK.GetTx(request.comment.TXID.String)
 		if err != nil {
 			return errors.Err(err)
@@ -790,35 +791,32 @@ func updateSupportInfoAttempt(request *createRequest, retry bool) error {
 		if err != nil {
 			return errors.Err(err)
 		}
+		request.comment.TXID.SetValid(util.StrFromPtr(request.args.SupportTxID))
 		request.comment.Amount.SetValid(amount)
+		request.comment.Currency.SetValid("LBC")
 		return nil
-	} else if request.args.PaymentTxId != nil {
-		//check for replays
-		existingComment, err := m.Comments(m.CommentWhere.TXID.EQ(null.StringFromPtr(request.args.PaymentTxId))).One(db.RO)
-		if err != nil && !errors.Is(err, sql.ErrNoRows) {
-			if !errors.Is(err, sql.ErrNoRows) {
-				return errors.Err(err)
-			}
-		}
-		if existingComment != nil {
-			return errors.Err("a comment with this transaction id already exists")
+	} else if request.args.PaymentTxID != nil {
+		err := checkReplays(*request.args.PaymentTxID)
+		if err != nil {
+			return err
 		}
-		//query internal apis to verify the transaction
-		pi, err := lbry.API.GetDetailsForTransaction(*request.args.PaymentTxId)
+		pi, err := lbry.API.GetDetailsForTransaction(*request.args.PaymentTxID)
 		if err != nil {
 			return err
 		}
 		if pi.Status != "confirmed" {
 			return errors.Err("transaction is not confirmed")
 		}
-		if pi.ChannelClaimId != request.args.ChannelID {
+		if pi.ChannelClaimID != request.args.ChannelID {
 			return errors.Err("channel mismatch for transaction")
 		}
 		if time.Since(pi.TippedAt) > time.Hour {
 			return errors.Err("transaction is too old")
 		}
 		request.comment.Amount.SetValid(pi.Amount)
 		request.comment.Currency.SetValid(pi.Currency)
+		request.comment.TXID.SetValid(*request.args.PaymentTxID)
+		request.comment.IsFiat = true
 	}
 	return nil
 }