- x25519 ECDH + XChaCha20-Poly1305 encryption via @noble libs
- Key derivation from wallet signRaw, private key held in memory only
- Messaging pallet integration (registerEncryptionKey, sendMessage, inbox)
- Inbox polling every 12s, auto-decrypt when key unlocked
- ComposeDialog with recipient key validation and 512-byte limit
- Settings moved from grid to nav bar gear icon, PEZMessage takes its slot
- i18n translations for all 6 languages (en, tr, kmr, ckb, ar, fa)
- x25519 ECDH + XChaCha20-Poly1305 encryption via @noble libs
- Key derivation from wallet signRaw, private key held in memory only
- Messaging pallet integration (registerEncryptionKey, sendMessage, inbox)
- Inbox polling every 12s, auto-decrypt when key unlocked
- ComposeDialog with recipient key validation and 512-byte limit
- Settings moved from grid to nav bar gear icon, PEZMessage takes its slot
- i18n translations for all 6 languages (en, tr, kmr, ckb, ar, fa)
1. Fixed enum map missing NotStarted at index 0, causing all status
indices to be off by one (ReferrerApproved decoded as PendingReferral)
2. Restricted founder bypass to only show applications with no referrer,
not all applications regardless of referrer
1. Fixed enum map missing NotStarted at index 0, causing all status
indices to be off by one (ReferrerApproved decoded as PendingReferral)
2. Restricted founder bypass to only show applications with no referrer,
not all applications regardless of referrer
Replace hardcoded SS58 prefix 42 with api.registry.chainSS58 ?? 42
for robustness in getPendingApprovalsForReferrer, getReferralInfo,
and getMyReferrals functions.
Replace hardcoded SS58 prefix 42 with api.registry.chainSS58 ?? 42
for robustness in getPendingApprovalsForReferrer, getReferralInfo,
and getMyReferrals functions.
toJSON() for Substrate enums can return string, object ({"approved":null}),
or number (enum index). Previous code assumed string only, causing already
approved applications to appear as pending.
toJSON() for Substrate enums can return string, object ({"approved":null}),
or number (enum index). Previous code assumed string only, causing already
approved applications to appear as pending.
toJSON() returns hex format for AccountId fields but comparison was
against SS58 addresses, causing referrer matching to always fail.
- citizenship-workflow: encodeAddress for referrer in getPendingApprovals
- citizenship-workflow: handle both PascalCase and camelCase KycStatus
- referral: encodeAddress for referrer in getMyReferrals and getReferralInfo
toJSON() returns hex format for AccountId fields but comparison was
against SS58 addresses, causing referrer matching to always fail.
- citizenship-workflow: encodeAddress for referrer in getPendingApprovals
- citizenship-workflow: handle both PascalCase and camelCase KycStatus
- referral: encodeAddress for referrer in getMyReferrals and getReferralInfo
TX was not yet included in a block when verify fired immediately
after signing, causing first attempt to always fail. Block time on
Asset Hub is ~12s, so delay the verify call accordingly.
TX was not yet included in a block when verify fired immediately
after signing, causing first attempt to always fail. Block time on
Asset Hub is ~12s, so delay the verify call accordingly.
The manual "Verify Deposit" step required users to click a button after
signing. Hash was already captured automatically, making the manual step
redundant and risky (modal close = hash lost). Now verification starts
immediately after TX is signed, with spinner UI and retry on failure.
The manual "Verify Deposit" step required users to click a button after
signing. Hash was already captured automatically, making the manual step
redundant and risky (modal close = hash lost). Now verification starts
immediately after TX is signed, with spinner UI and retry on failure.
- Back to Home button: smaller padding/font on mobile, pinned to corner
- PriceChart: increase height to 280px, stack header vertically on mobile
- TokenSwap: reduce padding/gaps/fonts on mobile, fix double-colon in balance text
- Back to Home button: smaller padding/font on mobile, pinned to corner
- PriceChart: increase height to 280px, stack header vertically on mobile
- TokenSwap: reduce padding/gaps/fonts on mobile, fix double-colon in balance text
Supabase JS client wraps non-2xx responses as generic FunctionsHttpError
("Edge Function returned a non-2xx status code"), hiding the real error.
Now reads the response body to show the actual error message.
Also adds migration to drop auth.users FK on p2p_withdrawal_limits
(already absent in production, added for migration completeness).
Supabase JS client wraps non-2xx responses as generic FunctionsHttpError
("Edge Function returned a non-2xx status code"), hiding the real error.
Now reads the response body to show the actual error message.
Also adds migration to drop auth.users FK on p2p_withdrawal_limits
(already absent in production, added for migration completeness).
Three fixes for WC signing:
1. Changed optionalNamespaces to requiredNamespaces so wallet MUST
approve all Pezkuwi chains (relay, asset hub, people) or reject.
2. Restored payload-based chainId in signPayload — wallet validates
that WC chainId matches the transaction payload's genesisHash
and rejects mismatches with "Wrong chain id passed by dApp".
3. Added session validation on restore — old sessions missing
required chains are discarded, forcing a fresh session with
all chains included.
Three fixes for WC signing:
1. Changed optionalNamespaces to requiredNamespaces so wallet MUST
approve all Pezkuwi chains (relay, asset hub, people) or reject.
2. Restored payload-based chainId in signPayload — wallet validates
that WC chainId matches the transaction payload's genesisHash
and rejects mismatches with "Wrong chain id passed by dApp".
3. Added session validation on restore — old sessions missing
required chains are discarded, forcing a fresh session with
all chains included.
WC SignClient validates that the request chainId is in the session's
approved namespaces. When the DApp browser creates a session, it may
only approve the relay chain. Signing requests for Asset Hub or People
Chain then fail with "Missing or invalid chainId".
Fix: always use a chainId from the session's approved chains for the
WC request. The wallet determines the actual signing chain from the
transaction payload's genesisHash, not from the WC request chainId.
WC SignClient validates that the request chainId is in the session's
approved namespaces. When the DApp browser creates a session, it may
only approve the relay chain. Signing requests for Asset Hub or People
Chain then fail with "Missing or invalid chainId".
Fix: always use a chainId from the session's approved chains for the
WC request. The wallet determines the actual signing chain from the
transaction payload's genesisHash, not from the WC request chainId.
WC session was missing Asset Hub and People Chain because their APIs
weren't connected yet at session creation time. Also fix catch blocks
in ExistingCitizenAuth that referenced undefined err variable.
WC session was missing Asset Hub and People Chain because their APIs
weren't connected yet at session creation time. Also fix catch blocks
in ExistingCitizenAuth that referenced undefined err variable.
- Upgrade @pezkuwi/api 16.5.11 -> 16.5.36 in supabase edge functions
- Remove manual SS58-to-hex workaround, use native SS58 addresses
- Add kurdistan flag and Dijital Kurdistan images
- Add PezkuwiExplorer to web public assets
- Remove unused react-logo and telegram_welcome images
- Add *.bak to gitignore
- Upgrade @pezkuwi/api 16.5.11 -> 16.5.36 in supabase edge functions
- Remove manual SS58-to-hex workaround, use native SS58 addresses
- Add kurdistan flag and Dijital Kurdistan images
- Add PezkuwiExplorer to web public assets
- Remove unused react-logo and telegram_welcome images
- Add *.bak to gitignore
- Shrink title/banner fonts and padding on mobile
- Move digital ID card above entrance buttons
- Auto-resize uploaded photos via canvas instead of 2MB limit
- Make entrance cards compact 2-column grid on all screens
- Shrink title/banner fonts and padding on mobile
- Move digital ID card above entrance buttons
- Auto-resize uploaded photos via canvas instead of 2MB limit
- Make entrance cards compact 2-column grid on all screens
The signRaw handler was wrapping the address in CAIP-10 format
(polkadot:<chain>:<address>) before sending to the wallet. The wallet
expects a plain SS58 address in polkadot_signMessage params, causing
InvalidChecksumException crash when trying to decode the CAIP-10 string.
The signRaw handler was wrapping the address in CAIP-10 format
(polkadot:<chain>:<address>) before sending to the wallet. The wallet
expects a plain SS58 address in polkadot_signMessage params, causing
InvalidChecksumException crash when trying to decode the CAIP-10 string.
pezkuwichain