pezkuwichain/pezkuwi-telegram-miniapp
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pezkuwi-telegram-miniapp.git synced 2026-04-22 04:17:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
16 Commits 2 Branches 0 Tags
0d9b8fee4faf61ba2ea88b7e0978ec7e4fc4c0f9
Commit Graph

16 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
pezkuwichain 0d9b8fee4f feat: add HEZ staking for Trust Score 
- Create HEZStakingModal with bond/nominate/unbond tabs
- Add staking selector to choose between HEZ and LP staking
- HEZ staking uses Relay Chain staking pallet
- LP staking uses Asset Hub assetRewards pallet
 2026-02-07 02:32:34 +03:00
pezkuwichain b641c742cc fix: change debug console.log to console.warn for lint 2026-02-07 02:26:35 +03:00
pezkuwichain 7eacb94350 fix: LP staking query format - use separate args instead of array 2026-02-07 02:24:16 +03:00
pezkuwichain 67b30daca8 fix: tiki score, staking lookup, LP balance, teleport, DOT swap 
- Fix tiki: use userTikis storage instead of userRoles
- Add tiki name to score mapping (welati=10, serok=50, etc)
- Improve staking ledger lookup with debug logging
- Fix LP balance fetching using poolId directly
- Change teleport placeholder from 0.5 to empty
- Add DOT token to swap list with 10 decimals
 2026-02-07 02:20:04 +03:00
pezkuwichain c35c538678 fix: LP staking logout issue and Kurdish text correction 
- Replace window.location.reload() with onClose() in LPStakingModal
- Fix Turkish word "ise" to Kurdish "be" in Rewards score formula
 2026-02-07 02:07:37 +03:00
pezkuwichain 2cf40459d3 fix: use Kurdish terminology (Xal instead of Puanlar) 2026-02-07 01:33:15 +03:00
pezkuwichain 122e38e306 feat: add staking and presale buttons to wallet quick actions 
- Change quick actions grid from 2x2 to 2x3 with smaller buttons
- Add LP Staking modal with stake/unstake/claim rewards functionality
- Add Presale button with coming soon message
 2026-02-07 01:20:16 +03:00
pezkuwichain 1a7609c14c feat: add scores tab and DOT token to send list 
- Add Puanlar (Scores) tab to Xelat section showing trust, staking, referral, tiki scores
- Add scores.ts lib with frontend fallback for staking and trust score calculation
- Add DOT token (asset ID 1001) to sendable tokens list
 2026-02-07 01:10:09 +03:00
pezkuwichain 57f9d9e7ff fix: improve edge function error handling and display 2026-02-06 20:04:46 +03:00
pezkuwichain e97bc0f56b fix: add auth error display and fix retry button 2026-02-06 19:48:42 +03:00
pezkuwichain 55be8a2a43 security: add HMAC session validation to all Edge Functions 
- create-offer-telegram: HMAC token + restricted CORS
- get-my-offers: HMAC token + restricted CORS
- verify-deposit-telegram: HMAC token + restricted CORS
- process-withdraw: restricted CORS (cron/admin only)
 2026-02-06 04:55:02 +03:00
pezkuwichain 3f8c8f4311 feat: add session token support for P2P cross-app auth 
- AuthContext now stores and exposes sessionToken from telegram-auth
- App.tsx sends session_token instead of tg_id to P2P
- Enables secure cross-app authentication without from_miniapp method
 2026-02-06 04:34:49 +03:00
pezkuwichain 0c1c440382 security: add secure RLS policies for financial tables 
- P2P/financial tables: service_role only (highest security)
- Admin/system tables: service_role only
- User/announcement tables: public read, service write
- Forum/thread tables: authenticated can write (social features)
 2026-02-06 04:19:32 +03:00
pezkuwichain 7c02b8dd83 security: harden telegram-auth Edge Function 
- Remove insecure from_miniapp auth method (telegram_id spoofing vulnerability)
- Implement HMAC-SHA256 signed session tokens (replace weak Base64 encoding)
- Reduce token expiry from 7 days to 24 hours
- Restrict CORS to production domains only (telegram.pezkuwichain.io, t.me)
- Add detailed debug logging for troubleshooting
 2026-02-06 04:06:49 +03:00
pezkuwichain 1e21b1c40d fix: revert edge function, add RLS policies 2026-02-05 16:02:30 +03:00
pezkuwichain ddd28705c1 Initial commit - PezkuwiChain Telegram MiniApp 2026-02-05 10:53:13 +03:00