Merge branch 'main' into 1585-prevent-brute-force-attacks-support-rat…

…e-limiting-login-attempts

docker/dev/.env.example

@@ -3,7 +3,6 @@ FROM_EMAIL=
 SENDGRID_API_KEY=
 AUTH_IDENTITY_SERVER_SECRET=
 AUTH_COOKIE_KEY=
-RATE_API_KEY=
 GATEHUB_ACCESS_KEY=
 GATEHUB_SECRET_KEY=
 GATEHUB_GATEWAY_UUID=

docker/dev/docker-compose.yml

@@ -47,7 +47,6 @@ services:
       SENDGRID_API_KEY: ${SENDGRID_API_KEY}
       FROM_EMAIL: ${FROM_EMAIL}
       SEND_EMAIL: ${SEND_EMAIL:-false}
-      RATE_API_KEY: ${RATE_API_KEY}
       REDIS_URL: redis://redis:6379/0
       KRATOS_ADMIN_URL: 'http://kratos:4434/admin'
       GATEHUB_ACCESS_KEY: ${GATEHUB_ACCESS_KEY}

docker/prod/.env.example

@@ -26,7 +26,6 @@ WALLET_BACKEND_SENDGRID_API_KEY=
 WALLET_BACKEND_FROM_EMAIL=
 WALLET_BACKEND_SEND_EMAIL=
 WALLET_BACKEND_AUTH_DOMAIN=
-WALLET_BACKEND_RATE_API_KEY=
 WALLET_BACKEND_GATEHUB_ACCESS_KEY=
 WALLET_BACKEND_GATEHUB_SECRET_KEY=
 WALLET_BACKEND_GATEHUB_GATEWAY_UUID=

docker/prod/docker-compose.yml

@@ -60,7 +60,6 @@ services:
       SEND_EMAIL: ${WALLET_BACKEND_SEND_EMAIL}
       AUTH_IDENTITY_SERVER_SECRET: ${RAFIKI_AUTH_IDENTITY_SERVER_SECRET}
       AUTH_DOMAIN: ${WALLET_BACKEND_AUTH_DOMAIN}
-      RATE_API_KEY: ${WALLET_BACKEND_RATE_API_KEY}
       REDIS_URL: ${WALLET_BACKEND_REDIS_URL}
       GATEHUB_ACCESS_KEY: ${WALLET_BACKEND_GATEHUB_ACCESS_KEY}
       GATEHUB_SECRET_KEY: ${WALLET_BACKEND_GATEHUB_SECRET_KEY}

packages/boutique/backend/package.json

@@ -11,7 +11,7 @@
     "@interledger/open-payments": "^6.13.1",
     "@shared/backend": "workspace:*",
     "@boutique/shared": "workspace:*",
-    "awilix": "^10.0.2",
+    "awilix": "^11.0.0",
     "axios": "^1.7.7",
     "cors": "^2.8.5",
     "express": "^4.21.0",

packages/boutique/backend/src/open-payments/service.ts

@@ -40,10 +40,13 @@ interface CreateOutgoingPaymentParams {
   authServer: string
   identifier: string
   walletAddress: string
-  debitAmount: Amount
-  receiveAmount: Amount
   nonce: string
   finishUrl?: string
+  limits: {
+    debitAmount: Amount
+    receiveAmount: Amount
+    receiver?: string
+  }
 }
 
 interface CreateIncomingPaymentParams {
@@ -127,9 +130,11 @@ export class OpenPayments implements IOpenPayments {
       identifier: order.id,
       walletAddress: customerWalletAddress.id,
       authServer: customerWalletAddress.authServer,
-
-      debitAmount: quote.debitAmount,
-      receiveAmount: quote.receiveAmount,
+      limits: {
+        debitAmount: quote.debitAmount,
+        receiveAmount: quote.receiveAmount,
+        receiver: incomingPayment.id
+      },
       nonce: clientNonce
     })
 
@@ -260,8 +265,10 @@ export class OpenPayments implements IOpenPayments {
       walletAddress: walletAddress.id,
       authServer: walletAddress.authServer,
       identifier: clientIdentifer,
-      debitAmount: amountData,
-      receiveAmount: amountData,
+      limits: {
+        debitAmount: amountData,
+        receiveAmount: amountData
+      },
       finishUrl: `${this.env.FRONTEND_URL}/cart/finish?identifier=${clientIdentifer}`
     })
 
@@ -402,15 +409,8 @@ export class OpenPayments implements IOpenPayments {
   private async createOutgoingPaymentGrant(
     params: CreateOutgoingPaymentParams
   ): Promise<PendingGrant> {
-    const {
-      nonce,
-      authServer,
-      identifier,
-      walletAddress,
-      debitAmount,
-      receiveAmount,
-      finishUrl
-    } = params
+    const { nonce, authServer, identifier, walletAddress, limits, finishUrl } =
+      params
 
     const finish =
       finishUrl ??
@@ -426,10 +426,7 @@ export class OpenPayments implements IOpenPayments {
                 type: 'outgoing-payment',
                 actions: ['create', 'read', 'list'],
                 identifier: walletAddress,
-                limits: {
-                  debitAmount,
-                  receiveAmount
-                }
+                limits
               }
             ]
           },

packages/boutique/backend/src/payment/service.ts

@@ -16,7 +16,7 @@ export interface IPaymentService {
 
 export class PaymentService implements IPaymentService {
   private readonly TRESHOLD_MS: number = 5000
-  private readonly MAX_ATTEMPTS: number = 5
+  private readonly MAX_ATTEMPTS: number = 24
 
   constructor(
     private logger: Logger,

packages/boutique/frontend/.env.example

@@ -0,0 +1 @@
+VITE_CURRENCY=

packages/boutique/frontend/package.json

@@ -8,6 +8,7 @@
     "preview": "vite preview"
   },
   "dependencies": {
+    "@boutique/shared": "workspace:*",
     "@hookform/resolvers": "^3.9.0",
     "@radix-ui/react-dialog": "^1.1.1",
     "@radix-ui/react-dropdown-menu": "^2.1.1",
@@ -17,9 +18,8 @@
     "@radix-ui/react-tabs": "^1.1.0",
     "@radix-ui/react-toast": "^1.2.1",
     "@tanstack/react-query": "^5.56.2",
-    "@boutique/shared": "workspace:*",
     "class-variance-authority": "^0.7.0",
-    "framer-motion": "^11.5.4",
+    "framer-motion": "^11.5.6",
     "react": "^18.3.1",
     "react-dom": "^18.3.1",
     "react-hook-form": "^7.53.0",
@@ -33,13 +33,13 @@
   "devDependencies": {
     "@tailwindcss/forms": "^0.5.9",
     "@tailwindcss/typography": "^0.5.15",
-    "@types/react": "18.3.7",
+    "@types/react": "18.3.8",
     "@types/react-dom": "18.3.0",
     "@vitejs/plugin-react-swc": "^3.7.0",
     "autoprefixer": "^10.4.20",
     "postcss": "^8.4.47",
-    "tailwindcss": "^3.4.11",
+    "tailwindcss": "^3.4.12",
     "typescript": "^5.6.2",
-    "vite": "^5.4.6"
+    "vite": "^5.4.7"
   }
 }

packages/boutique/frontend/src/lib/utils.ts

@@ -8,7 +8,7 @@ export function cn(...inputs: CxOptions) {
 export function formatPrice(price: number): string {
   const formatter = new Intl.NumberFormat('en-US', {
     style: 'currency',
-    currency: 'USD',
+    currency: import.meta.env.VITE_CURRENCY || 'USD',
     maximumFractionDigits: 2,
     minimumFractionDigits: 2
   })

packages/shared/backend/package.json

@@ -22,7 +22,7 @@
   },
   "dependencies": {
     "@google-cloud/logging-winston": "^6.0.0",
-    "awilix": "^10.0.2",
+    "awilix": "^11.0.0",
     "express": "^4.21.0",
     "objection": "^3.1.4",
     "knex": "^3.1.0",

packages/wallet/backend/package.json

@@ -12,7 +12,7 @@
     "@sendgrid/mail": "^8.1.3",
     "@shared/backend": "workspace:*",
     "@wallet/shared": "workspace:*",
-    "awilix": "^10.0.2",
+    "awilix": "^11.0.0",
     "axios": "^1.7.7",
     "cors": "^2.8.5",
     "crypto-js": "^4.2.0",
@@ -33,7 +33,7 @@
     "pg": "^8.13.0",
     "randexp": "^0.5.3",
     "rate-limiter-flexible": "^5.0.3",
-    "socket.io": "^4.7.5",
+    "socket.io": "^4.8.0",
     "uuid": "^10.0.0",
     "winston": "^3.14.2",
     "zod": "^3.23.8"

packages/wallet/backend/src/account/service.ts

@@ -22,7 +22,7 @@ interface IAccountService {
     includeWalletKeys?: boolean
   ) => Promise<Account[]>
   getAccountById: (userId: string, accountId: string) => Promise<Account>
-  getAccountBalance: (userId: string, assetCode: string) => Promise<number>
+  getAccountBalance: (userId: string, account: Account) => Promise<number>
 }
 
 export class AccountService implements IAccountService {
@@ -77,6 +77,7 @@ export class AccountService implements IAccountService {
       gateHubWalletId: result.address
     })
 
+    // On creation account will have balance 0
     account.balance = transformBalance(0, account.assetScale)
 
     return account
@@ -108,8 +109,9 @@ export class AccountService implements IAccountService {
     const accounts = await query
 
     if (!includeWalletAddress) {
-      accounts.forEach((acc) => {
-        acc.balance = transformBalance(0, acc.assetScale) // TODO: implement GateHub balance
+      accounts.forEach(async (acc) => {
+        const balance = await this.getAccountBalance(userId, acc)
+        acc.balance = transformBalance(balance, acc.assetScale)
       })
     }
 
@@ -130,7 +132,7 @@ export class AccountService implements IAccountService {
     }
 
     account.balance = transformBalance(
-      await this.getAccountBalance(userId, account.assetCode),
+      await this.getAccountBalance(userId, account),
       account.assetScale
     )
 
@@ -150,21 +152,28 @@ export class AccountService implements IAccountService {
     }
 
     account.balance = transformBalance(
-      await this.getAccountBalance(userId, account.assetCode),
+      await this.getAccountBalance(userId, account),
       account.assetScale
     )
 
     return account
   }
 
-  async getAccountBalance(userId: string, _assetCode: string): Promise<number> {
+  async getAccountBalance(userId: string, account: Account): Promise<number> {
     const user = await User.query().findById(userId)
 
     if (!user || !user.gateHubUserId) {
       throw new NotFound()
     }
 
-    return 0 // TODO: implement GateHub balance
+    const balances = await this.gateHubClient.getWalletBalance(
+      account.gateHubWalletId,
+      userId
+    )
+    return Number(
+      balances.find((balance) => balance.vault.assetCode === account.assetCode)
+        ?.total ?? 0
+    )
   }
 
   public findAccountById = async (

packages/wallet/backend/src/config/env.ts

@@ -28,10 +28,8 @@ const envSchema = z.object({
   AUTH_DOMAIN: z.string().url().default('http://rafiki-auth:3006'),
   AUTH_IDENTITY_SERVER_SECRET: z.string().default('replace-me'),
   OPEN_PAYMENTS_HOST: z.string().url().default('https://backend:80'),
-  RAPYD_SETTLEMENT_EWALLET: z.string().default('default_ewallet'),
   RAFIKI_MONEY_FRONTEND_HOST: z.string().default('localhost'),
   SENDGRID_API_KEY: z.string().default('SG.API_KEY'),
-  RATE_API_KEY: z.string().default('SG.API_KEY'),
   FROM_EMAIL: z.string().default('tech@interledger.org'),
   SEND_EMAIL: z
     .enum(['true', 'false'])