- Call refreshInbox() immediately after setupKey/unlockKey so messages
decrypt instantly instead of waiting for 12s polling interval
- Query both current and previous era to prevent message loss at era
boundaries
- Add toJSON fallback for robust field parsing in getInbox
- Improve debug logging with era, address, and field diagnostics
messaging.inbox and messaging.sendCount are StorageDoubleMaps keyed by
(era, address). Passing [era, address] as a single array produced empty
results; split into two arguments so the API constructs the correct
storage key.
- Check isPalletAvailable() BEFORE requesting wallet signature
- All chain queries return safe defaults if pallet not in runtime
- Show orange banner when messaging pallet needs runtime upgrade
- Add floating back-to-home button on messaging page
- x25519 ECDH + XChaCha20-Poly1305 encryption via @noble libs
- Key derivation from wallet signRaw, private key held in memory only
- Messaging pallet integration (registerEncryptionKey, sendMessage, inbox)
- Inbox polling every 12s, auto-decrypt when key unlocked
- ComposeDialog with recipient key validation and 512-byte limit
- Settings moved from grid to nav bar gear icon, PEZMessage takes its slot
- i18n translations for all 6 languages (en, tr, kmr, ckb, ar, fa)
1. Fixed enum map missing NotStarted at index 0, causing all status
indices to be off by one (ReferrerApproved decoded as PendingReferral)
2. Restricted founder bypass to only show applications with no referrer,
not all applications regardless of referrer
Replace hardcoded SS58 prefix 42 with api.registry.chainSS58 ?? 42
for robustness in getPendingApprovalsForReferrer, getReferralInfo,
and getMyReferrals functions.
toJSON() for Substrate enums can return string, object ({"approved":null}),
or number (enum index). Previous code assumed string only, causing already
approved applications to appear as pending.
toJSON() returns hex format for AccountId fields but comparison was
against SS58 addresses, causing referrer matching to always fail.
- citizenship-workflow: encodeAddress for referrer in getPendingApprovals
- citizenship-workflow: handle both PascalCase and camelCase KycStatus
- referral: encodeAddress for referrer in getMyReferrals and getReferralInfo
TX was not yet included in a block when verify fired immediately
after signing, causing first attempt to always fail. Block time on
Asset Hub is ~12s, so delay the verify call accordingly.
The manual "Verify Deposit" step required users to click a button after
signing. Hash was already captured automatically, making the manual step
redundant and risky (modal close = hash lost). Now verification starts
immediately after TX is signed, with spinner UI and retry on failure.
- Back to Home button: smaller padding/font on mobile, pinned to corner
- PriceChart: increase height to 280px, stack header vertically on mobile
- TokenSwap: reduce padding/gaps/fonts on mobile, fix double-colon in balance text
Supabase JS client wraps non-2xx responses as generic FunctionsHttpError
("Edge Function returned a non-2xx status code"), hiding the real error.
Now reads the response body to show the actual error message.
Also adds migration to drop auth.users FK on p2p_withdrawal_limits
(already absent in production, added for migration completeness).
Three fixes for WC signing:
1. Changed optionalNamespaces to requiredNamespaces so wallet MUST
approve all Pezkuwi chains (relay, asset hub, people) or reject.
2. Restored payload-based chainId in signPayload — wallet validates
that WC chainId matches the transaction payload's genesisHash
and rejects mismatches with "Wrong chain id passed by dApp".
3. Added session validation on restore — old sessions missing
required chains are discarded, forcing a fresh session with
all chains included.
WC SignClient validates that the request chainId is in the session's
approved namespaces. When the DApp browser creates a session, it may
only approve the relay chain. Signing requests for Asset Hub or People
Chain then fail with "Missing or invalid chainId".
Fix: always use a chainId from the session's approved chains for the
WC request. The wallet determines the actual signing chain from the
transaction payload's genesisHash, not from the WC request chainId.
WC session was missing Asset Hub and People Chain because their APIs
weren't connected yet at session creation time. Also fix catch blocks
in ExistingCitizenAuth that referenced undefined err variable.
- Upgrade @pezkuwi/api 16.5.11 -> 16.5.36 in supabase edge functions
- Remove manual SS58-to-hex workaround, use native SS58 addresses
- Add kurdistan flag and Dijital Kurdistan images
- Add PezkuwiExplorer to web public assets
- Remove unused react-logo and telegram_welcome images
- Add *.bak to gitignore
- Shrink title/banner fonts and padding on mobile
- Move digital ID card above entrance buttons
- Auto-resize uploaded photos via canvas instead of 2MB limit
- Make entrance cards compact 2-column grid on all screens
The signRaw handler was wrapping the address in CAIP-10 format
(polkadot:<chain>:<address>) before sending to the wallet. The wallet
expects a plain SS58 address in polkadot_signMessage params, causing
InvalidChecksumException crash when trying to decode the CAIP-10 string.
PostgrestError is not instanceof Error, so catch blocks were falling
through to generic messages. Now extracts .message and .details from
Supabase errors for better debugging.
P2P modules (TradeModal, p2p-fiat) use Sonner toast but the Sonner
Toaster component was not mounted in App.tsx. Only the shadcn Toaster
was rendered, causing all P2P toast.error/success calls to be invisible.
Deno npm shim breaks SS58 decoding in @pezkuwi/api type registry,
causing PezspCoreCryptoAccountId32 to receive 48-byte SS58 strings
instead of 32-byte public keys. Added inline ss58ToHex decoder and
explicit hex-based nonce fetching to avoid all SS58 → AccountId32
conversions at the API level. Also adds P2P E2E test script (45/45).
- requestWithdraw() calls process-withdraw edge function for full flow
(lock balance + blockchain TX + complete) instead of just DB lock
- Remove pending request block from withdrawal validation — backend
already enforces available_balance with FOR UPDATE row lock
- Pending requests shown as info alert instead of blocking error
- Balance card: numbers right-aligned, 2 decimal places
- requestWithdraw() now calls process-withdraw edge function instead of
just locking balance in DB. This triggers the full flow: lock balance,
send blockchain TX, complete withdrawal.
- Balance card: numbers right-aligned, 2 decimal places instead of 4
- Added public SELECT RLS policy on payment_methods table (was blocking
anon users from loading payment method dropdown)
Replace hard fail on unfinalized blocks with a retry loop that polls
every 6 seconds up to 60 seconds. The TX is already fully verified via
events at this point — we just wait for GRANDPA finality before crediting.
pezkuwichain