WC SignClient validates that the request chainId is in the session's
approved namespaces. When the DApp browser creates a session, it may
only approve the relay chain. Signing requests for Asset Hub or People
Chain then fail with "Missing or invalid chainId".
Fix: always use a chainId from the session's approved chains for the
WC request. The wallet determines the actual signing chain from the
transaction payload's genesisHash, not from the WC request chainId.
WC session was missing Asset Hub and People Chain because their APIs
weren't connected yet at session creation time. Also fix catch blocks
in ExistingCitizenAuth that referenced undefined err variable.
- Upgrade @pezkuwi/api 16.5.11 -> 16.5.36 in supabase edge functions
- Remove manual SS58-to-hex workaround, use native SS58 addresses
- Add kurdistan flag and Dijital Kurdistan images
- Add PezkuwiExplorer to web public assets
- Remove unused react-logo and telegram_welcome images
- Add *.bak to gitignore
- Shrink title/banner fonts and padding on mobile
- Move digital ID card above entrance buttons
- Auto-resize uploaded photos via canvas instead of 2MB limit
- Make entrance cards compact 2-column grid on all screens
The signRaw handler was wrapping the address in CAIP-10 format
(polkadot:<chain>:<address>) before sending to the wallet. The wallet
expects a plain SS58 address in polkadot_signMessage params, causing
InvalidChecksumException crash when trying to decode the CAIP-10 string.
PostgrestError is not instanceof Error, so catch blocks were falling
through to generic messages. Now extracts .message and .details from
Supabase errors for better debugging.
P2P modules (TradeModal, p2p-fiat) use Sonner toast but the Sonner
Toaster component was not mounted in App.tsx. Only the shadcn Toaster
was rendered, causing all P2P toast.error/success calls to be invisible.
Deno npm shim breaks SS58 decoding in @pezkuwi/api type registry,
causing PezspCoreCryptoAccountId32 to receive 48-byte SS58 strings
instead of 32-byte public keys. Added inline ss58ToHex decoder and
explicit hex-based nonce fetching to avoid all SS58 → AccountId32
conversions at the API level. Also adds P2P E2E test script (45/45).
- requestWithdraw() calls process-withdraw edge function for full flow
(lock balance + blockchain TX + complete) instead of just DB lock
- Remove pending request block from withdrawal validation — backend
already enforces available_balance with FOR UPDATE row lock
- Pending requests shown as info alert instead of blocking error
- Balance card: numbers right-aligned, 2 decimal places
- requestWithdraw() now calls process-withdraw edge function instead of
just locking balance in DB. This triggers the full flow: lock balance,
send blockchain TX, complete withdrawal.
- Balance card: numbers right-aligned, 2 decimal places instead of 4
- Added public SELECT RLS policy on payment_methods table (was blocking
anon users from loading payment method dropdown)
Replace hard fail on unfinalized blocks with a retry loop that polls
every 6 seconds up to 60 seconds. The TX is already fully verified via
events at this point — we just wait for GRANDPA finality before crediting.
DepositModal was building transactions via relay chain API, and all three
edge functions (verify-deposit, process-withdraw, process-withdrawal) had
RPC endpoints hardcoded or defaulting to the relay chain. This caused
deposit verification to fail with "Transaction not yet finalized" and
created a chain mismatch with the withdrawal system which operates on
Asset Hub.
- DepositModal: use assetHubApi instead of api for transfer TX
- verify-deposit: RPC_HTTP/RPC_WS default to asset-hub-rpc (env override)
- process-withdraw: RPC_ENDPOINT default to asset-hub-rpc (env override)
- process-withdrawal: RPC_ENDPOINT default to asset-hub-rpc
All P2P table RLS policies used auth.uid() which returns NULL since users
authenticate via wallet, not Supabase Auth. Replace with open access policies.
Financial security maintained through SECURITY DEFINER RPC functions
(escrow lock/release/refund, process_deposit, request_withdraw).
Replace all supabase.auth.getUser() calls with P2PIdentityContext that
resolves identity from on-chain citizen NFT or off-chain visa system.
- Add identityToUUID() in shared/lib/identity.ts (UUID v5 from citizen/visa number)
- Add P2PIdentityContext with citizen NFT detection and visa fallback
- Add p2p_visa migration for off-chain visa issuance
- Refactor p2p-fiat.ts: all functions now accept userId parameter
- Fix all P2P components to use useP2PIdentity() instead of useAuth()
- Update verify-deposit edge function: walletToUUID -> identityToUUID
- Add P2PLayout with identity gate (wallet/citizen/visa checks)
- Wrap all P2P routes with P2PLayout in App.tsx
- Drop auth.users FK constraints for wallet-based authentication
- Fix deferrable unique constraint on blockchain_tx_hash (ON CONFLICT compat)
- Rewrite block search: HTTP RPC + blake2b instead of WS-only @pezkuwi/api
- Add blockNumber hint for faster verification of older transactions
- Normalize SS58/hex addresses via base58 for reliable comparison
- DepositModal captures approximate block number after tx submission
Removed JWT auth requirement from edge function. Now uses wallet address
from request body and verifies it matches the on-chain transaction sender.
This works with wallet-based auth instead of Supabase Auth.
Replace all web3FromAddress calls with getSigner() that auto-detects
walletSource and uses WC signer or extension signer accordingly.
This fixes all signing operations when connected via WalletConnect.
- Compact stat cards on mobile (Dashboard, Referral, P2P)
- Hide unnecessary sections on mobile (Recent Activity, NFTs, Score Calculation, Liquidity Pools, Recent Swaps)
- Fix back arrow overlapping title on all pages
- Swap Settings and Governance nav positions for better mobile dropdown
- Add back arrow to Presale page
- Add web3Enable before all web3FromAddress calls for WalletConnect compatibility
- Fix citizenship authentication signing with WalletConnect
pezkuwichain