diff --git a/src/components/modal/ZapRequestModal.tsx b/src/components/modal/ZapRequestModal.tsx index af2de5d8..fa2f6357 100644 --- a/src/components/modal/ZapRequestModal.tsx +++ b/src/components/modal/ZapRequestModal.tsx @@ -247,11 +247,8 @@ const ZapDialog: Component = (props) => { } const invoice = callbackResponse.pr; - await verifyInvoice(invoice, { - amountMilliSats, - metadata: endpointData.metadata, - zapRequest: callbackParams.zapRequest, - }); + + verifyInvoice(invoice, { amountMilliSats }); return invoice; }; diff --git a/src/nostr/zap/fetchLnurlCallback.ts b/src/nostr/zap/fetchLnurlCallback.ts index 500460ed..57ee4582 100644 --- a/src/nostr/zap/fetchLnurlCallback.ts +++ b/src/nostr/zap/fetchLnurlCallback.ts @@ -40,7 +40,7 @@ const fetchLnurlCallback = async ({ callbackUrl.searchParams.set('nostr', JSON.stringify(zapRequest)); } - const res = await fetch(callbackUrl, { mode: 'cors' }); + const res = await fetch(callbackUrl, { mode: 'cors', redirect: 'error' }); // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment const body = await res.json(); diff --git a/src/nostr/zap/fetchLnurlEndpoint.ts b/src/nostr/zap/fetchLnurlEndpoint.ts index 4edae2ac..4b0debc2 100644 --- a/src/nostr/zap/fetchLnurlEndpoint.ts +++ b/src/nostr/zap/fetchLnurlEndpoint.ts @@ -84,7 +84,7 @@ export const parseLnurlEndpointMetadata = ( }; const fetchLnurlEndpoint = async (lnurl: string): Promise => { - const res = await fetch(lnurl, { mode: 'cors' }); + const res = await fetch(lnurl, { mode: 'cors', redirect: 'error' }); // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment const body = await res.json(); diff --git a/src/nostr/zap/verifyInvoice.ts b/src/nostr/zap/verifyInvoice.ts index 60bbe2fe..f39ca430 100644 --- a/src/nostr/zap/verifyInvoice.ts +++ b/src/nostr/zap/verifyInvoice.ts @@ -1,28 +1,8 @@ -import { type Event as NostrEvent } from 'nostr-tools/pure'; - import { parseBolt11 } from '@/nostr/zap/bolt11'; -import sha256Hex from '@/utils/sha256Hex'; -const verifyInvoice = async ( - bolt11: string, - requirements: { amountMilliSats: string; metadata: string; zapRequest?: NostrEvent }, -): Promise => { +const verifyInvoice = (bolt11: string, requirements: { amountMilliSats: string }) => { const payReq = parseBolt11(bolt11); - const description = - requirements.zapRequest != null - ? JSON.stringify(requirements.zapRequest) - : requirements.metadata; - - if (payReq.tagsObject.description !== null && description === payReq.tagsObject.description) { - throw new Error("invalid invoice: description and didn't match"); - } - - const purposeCommitHash = await sha256Hex(description); - if (purposeCommitHash !== payReq.tagsObject.purpose_commit_hash) { - throw new Error("invalid invoice: hash value of purpose_commit_hash and didn't match"); - } - if (payReq.millisatoshis != null && payReq.millisatoshis !== requirements.amountMilliSats) { throw new Error("invalid invoice: amount didn't match"); }