Supabase JS client wraps non-2xx responses as generic FunctionsHttpError
("Edge Function returned a non-2xx status code"), hiding the real error.
Now reads the response body to show the actual error message.
Also adds migration to drop auth.users FK on p2p_withdrawal_limits
(already absent in production, added for migration completeness).
- Upgrade @pezkuwi/api 16.5.11 -> 16.5.36 in supabase edge functions
- Remove manual SS58-to-hex workaround, use native SS58 addresses
- Add kurdistan flag and Dijital Kurdistan images
- Add PezkuwiExplorer to web public assets
- Remove unused react-logo and telegram_welcome images
- Add *.bak to gitignore
Deno npm shim breaks SS58 decoding in @pezkuwi/api type registry,
causing PezspCoreCryptoAccountId32 to receive 48-byte SS58 strings
instead of 32-byte public keys. Added inline ss58ToHex decoder and
explicit hex-based nonce fetching to avoid all SS58 → AccountId32
conversions at the API level. Also adds P2P E2E test script (45/45).
Replace hard fail on unfinalized blocks with a retry loop that polls
every 6 seconds up to 60 seconds. The TX is already fully verified via
events at this point — we just wait for GRANDPA finality before crediting.
DepositModal was building transactions via relay chain API, and all three
edge functions (verify-deposit, process-withdraw, process-withdrawal) had
RPC endpoints hardcoded or defaulting to the relay chain. This caused
deposit verification to fail with "Transaction not yet finalized" and
created a chain mismatch with the withdrawal system which operates on
Asset Hub.
- DepositModal: use assetHubApi instead of api for transfer TX
- verify-deposit: RPC_HTTP/RPC_WS default to asset-hub-rpc (env override)
- process-withdraw: RPC_ENDPOINT default to asset-hub-rpc (env override)
- process-withdrawal: RPC_ENDPOINT default to asset-hub-rpc
All P2P table RLS policies used auth.uid() which returns NULL since users
authenticate via wallet, not Supabase Auth. Replace with open access policies.
Financial security maintained through SECURITY DEFINER RPC functions
(escrow lock/release/refund, process_deposit, request_withdraw).
Replace all supabase.auth.getUser() calls with P2PIdentityContext that
resolves identity from on-chain citizen NFT or off-chain visa system.
- Add identityToUUID() in shared/lib/identity.ts (UUID v5 from citizen/visa number)
- Add P2PIdentityContext with citizen NFT detection and visa fallback
- Add p2p_visa migration for off-chain visa issuance
- Refactor p2p-fiat.ts: all functions now accept userId parameter
- Fix all P2P components to use useP2PIdentity() instead of useAuth()
- Update verify-deposit edge function: walletToUUID -> identityToUUID
- Add P2PLayout with identity gate (wallet/citizen/visa checks)
- Wrap all P2P routes with P2PLayout in App.tsx
- Drop auth.users FK constraints for wallet-based authentication
- Fix deferrable unique constraint on blockchain_tx_hash (ON CONFLICT compat)
- Rewrite block search: HTTP RPC + blake2b instead of WS-only @pezkuwi/api
- Add blockNumber hint for faster verification of older transactions
- Normalize SS58/hex addresses via base58 for reliable comparison
- DepositModal captures approximate block number after tx submission
Removed JWT auth requirement from edge function. Now uses wallet address
from request body and verifies it matches the on-chain transaction sender.
This works with wallet-based auth instead of Supabase Auth.
- NetworkStats now queries Asset Hub and People Chain for collator data
instead of relay chain (where collatorSelection doesn't exist)
- Restrict Edge Functions CORS to app.pezkuwichain.io domains only
- Add Access-Control-Allow-Credentials header for secure cross-origin requests
- Update PLATFORM_ESCROW_ADDRESS in p2p-fiat.ts
- Update PLATFORM_WALLET in verify-deposit edge function
- Use controlled wallet for P2P deposits/withdrawals
- Add process-withdraw Edge Function for blockchain withdrawals
- Update verify-deposit Edge Function with @pezkuwi/api
- Add withdrawal limits (daily/monthly) and fee system
- Add hot wallet configuration with production address
- Add admin roles for dispute resolution
- Add COMBINED SQL migration with full P2P system
- Encrypt payment details with AES-256-GCM
- Prevent TX hash reuse with UNIQUE constraint
- Fixed TypeScript type assertion issues
- Updated imports from api-augment/substrate to api-augment/bizinikiwi
- Fixed imgConvert.mjs header and imports
- Added @ts-expect-error for runtime-converted types
- Fixed all @polkadot copyright headers to @pezkuwi
- Add p2p_platform_escrow table for tracking locked funds
- Implement accept_p2p_offer() with FOR UPDATE lock to prevent race conditions
- Add complete_p2p_trade() and cancel_p2p_trade() atomic functions
- Configure platform escrow wallet: 5DFwqK698vL4gXHEcanaewnAqhxJ2rjhAogpSTHw3iwGDwd3
- Update AdList to show user's own offers with Your Ad badge
- Remove unused getActiveOffers import (ESLint fix)
Added:
- useGovernance hook: Fetches live proposals and referenda from blockchain
- useTreasury hook: Fetches live treasury balance and proposals
- TreasuryOverview: Now uses real blockchain data with loading/error states
- Forum database schema: Admin announcements, categories, discussions, replies, reactions
Features:
- Live data badge shows active blockchain connection
- Automatic refresh every 30 seconds for treasury data
- Secure RLS policies for forum access control
- Admin announcements system with priority and expiry
- Forum reactions (upvote/downvote) support
Next: Complete forum UI with admin banner and moderation panel
Restructured the project to support multiple frontend applications:
- Move web app to web/ directory
- Create pezkuwi-sdk-ui/ for Polkadot SDK clone (planned)
- Create mobile/ directory for mobile app development
- Add shared/ directory with common utilities, types, and blockchain code
- Update README.md with comprehensive documentation
- Remove obsolete DKSweb/ directory
This monorepo structure enables better code sharing and organized
development across web, mobile, and SDK UI projects.
pezkuwichain
Claude