pezkuwichain/pezkuwi-telegram-miniapp
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pezkuwi-telegram-miniapp.git synced 2026-04-22 03:07:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
112 Commits 2 Branches 0 Tags
main
Commit Graph

92 Commits

Author SHA1 Message Date
pezkuwichain d2b1dd48ae fix: use pezkuwiXCM pallet on teyrchains 2026-02-07 23:47:52 +03:00
pezkuwichain 22d684c00e debug: detect available XCM pallet on chain 2026-02-07 22:46:58 +03:00
pezkuwichain 1caf549a71 fix: correct XCM params based on working original code 2026-02-07 22:35:44 +03:00
pezkuwichain 99e9cd981f fix: correct XCM teleport - use teyrchain, fix arrow direction 2026-02-07 22:28:12 +03:00
pezkuwichain e76bec3284 feat: add bidirectional HEZ teleport (Relay ↔ Parachain) 2026-02-07 21:31:25 +03:00
pezkuwichain 4d4eb72722 fix: get correct LP token ID from assetConversion pool 2026-02-07 17:59:53 +03:00
pezkuwichain cf3353a216 fix: wait for transaction finalization in LP staking 2026-02-07 17:48:55 +03:00
pezkuwichain 60285fa223 chore: clean up debug logs from Edge Functions and frontend 2026-02-07 06:44:50 +03:00
pezkuwichain 6b0fb5b90b fix: extract actual error from Edge Function response 2026-02-07 06:35:00 +03:00
pezkuwichain 5c6a3f5e67 fix: show actual error message on reaction failure 2026-02-07 06:32:49 +03:00
pezkuwichain ca404f2417 fix: auto-create user in tg_users when reacting 2026-02-07 06:21:34 +03:00
pezkuwichain d98ae6dd81 fix: use initData directly for reactions instead of session token 2026-02-07 06:12:47 +03:00
pezkuwichain 2adf3760ce debug: add detailed logging to auth flow 2026-02-07 05:53:36 +03:00
pezkuwichain 4674e06251 debug: add retry auth button and increase wait time to 5s 2026-02-07 05:40:20 +03:00
pezkuwichain 5382579f9f debug: add more info to debug banner 2026-02-07 05:35:20 +03:00
pezkuwichain f100296525 fix: add retry mechanism for Telegram initData loading 2026-02-07 05:29:12 +03:00
pezkuwichain fbb6c93ca8 fix: use console.warn for debug logs 2026-02-07 04:46:28 +03:00
pezkuwichain 60a089daa5 debug: add early auth logging 2026-02-07 04:39:54 +03:00
pezkuwichain b79fb83447 debug: improve error logging 2026-02-07 04:28:38 +03:00
pezkuwichain d000ba78db debug: add visible auth debug banner 2026-02-07 03:37:25 +03:00
pezkuwichain 760db703c5 debug: add auth logging to troubleshoot login issue 2026-02-07 03:36:05 +03:00
pezkuwichain cd5ef71505 feat: add secure announcement reactions with session token validation 
- Add announcement-reaction Edge Function for secure like/dislike
- Update telegram-auth to sync users to tg_users table
- Update useAnnouncementReaction hook to use Edge Function
- Add bridge announcement script and migration
 2026-02-07 03:19:15 +03:00
pezkuwichain 321081f620 feat: add HEZ-DOT LP token and pool 2026-02-07 02:59:17 +03:00
pezkuwichain 9001878fb1 fix: correct asset IDs and decimals for DOT, ETH, BTC 
- DOT: 6 -> 1001, decimals: 12 -> 10
- ETH: 5 -> 1002, decimals: 12 -> 18
- BTC: 4 -> 1003, decimals: 12 -> 8
- Remove BNB (not in asset list)
 2026-02-07 02:49:40 +03:00
pezkuwichain c8a1614f6a fix: DOT balance display in swap modal 2026-02-07 02:46:06 +03:00
pezkuwichain 6b8a34f047 fix: TypeScript error in HEZStakingModal dispatchError type 2026-02-07 02:35:06 +03:00
pezkuwichain 0d9b8fee4f feat: add HEZ staking for Trust Score 
- Create HEZStakingModal with bond/nominate/unbond tabs
- Add staking selector to choose between HEZ and LP staking
- HEZ staking uses Relay Chain staking pallet
- LP staking uses Asset Hub assetRewards pallet
 2026-02-07 02:32:34 +03:00
pezkuwichain b641c742cc fix: change debug console.log to console.warn for lint 2026-02-07 02:26:35 +03:00
pezkuwichain 7eacb94350 fix: LP staking query format - use separate args instead of array 2026-02-07 02:24:16 +03:00
pezkuwichain 67b30daca8 fix: tiki score, staking lookup, LP balance, teleport, DOT swap 
- Fix tiki: use userTikis storage instead of userRoles
- Add tiki name to score mapping (welati=10, serok=50, etc)
- Improve staking ledger lookup with debug logging
- Fix LP balance fetching using poolId directly
- Change teleport placeholder from 0.5 to empty
- Add DOT token to swap list with 10 decimals
 2026-02-07 02:20:04 +03:00
pezkuwichain c35c538678 fix: LP staking logout issue and Kurdish text correction 
- Replace window.location.reload() with onClose() in LPStakingModal
- Fix Turkish word "ise" to Kurdish "be" in Rewards score formula
 2026-02-07 02:07:37 +03:00
pezkuwichain 2cf40459d3 fix: use Kurdish terminology (Xal instead of Puanlar) 2026-02-07 01:33:15 +03:00
pezkuwichain 122e38e306 feat: add staking and presale buttons to wallet quick actions 
- Change quick actions grid from 2x2 to 2x3 with smaller buttons
- Add LP Staking modal with stake/unstake/claim rewards functionality
- Add Presale button with coming soon message
 2026-02-07 01:20:16 +03:00
pezkuwichain 1a7609c14c feat: add scores tab and DOT token to send list 
- Add Puanlar (Scores) tab to Xelat section showing trust, staking, referral, tiki scores
- Add scores.ts lib with frontend fallback for staking and trust score calculation
- Add DOT token (asset ID 1001) to sendable tokens list
 2026-02-07 01:10:09 +03:00
pezkuwichain 57f9d9e7ff fix: improve edge function error handling and display 2026-02-06 20:04:46 +03:00
pezkuwichain e97bc0f56b fix: add auth error display and fix retry button 2026-02-06 19:48:42 +03:00
pezkuwichain 55be8a2a43 security: add HMAC session validation to all Edge Functions 
- create-offer-telegram: HMAC token + restricted CORS
- get-my-offers: HMAC token + restricted CORS
- verify-deposit-telegram: HMAC token + restricted CORS
- process-withdraw: restricted CORS (cron/admin only)
 2026-02-06 04:55:02 +03:00
pezkuwichain 3f8c8f4311 feat: add session token support for P2P cross-app auth 
- AuthContext now stores and exposes sessionToken from telegram-auth
- App.tsx sends session_token instead of tg_id to P2P
- Enables secure cross-app authentication without from_miniapp method
 2026-02-06 04:34:49 +03:00
pezkuwichain 0c1c440382 security: add secure RLS policies for financial tables 
- P2P/financial tables: service_role only (highest security)
- Admin/system tables: service_role only
- User/announcement tables: public read, service write
- Forum/thread tables: authenticated can write (social features)
 2026-02-06 04:19:32 +03:00
pezkuwichain 7c02b8dd83 security: harden telegram-auth Edge Function 
- Remove insecure from_miniapp auth method (telegram_id spoofing vulnerability)
- Implement HMAC-SHA256 signed session tokens (replace weak Base64 encoding)
- Reduce token expiry from 7 days to 24 hours
- Restrict CORS to production domains only (telegram.pezkuwichain.io, t.me)
- Add detailed debug logging for troubleshooting
 2026-02-06 04:06:49 +03:00
pezkuwichain 1e21b1c40d fix: revert edge function, add RLS policies 2026-02-05 16:02:30 +03:00
pezkuwichain ddd28705c1 Initial commit - PezkuwiChain Telegram MiniApp 2026-02-05 10:53:13 +03:00