Release: develop -> main#3837
Merged
Merged
Conversation
…3835) The exported Config singleton is undefined until ConfigService is constructed. Reading it in a class field initializer crashes NestJS bootstrap when the provider is instantiated before ConfigService (provider-ordering / circular dependency) - this previously took the whole API down. Add two guards: - ESLint no-restricted-syntax rule forbidding Config reads in field initializers of @Injectable/@controller classes, and convert four pre-existing latent occurrences (faucet-request, realunit, lnurl x2) to getters so they survive any future instantiation-ordering change. - Regression test that compiles each affected provider in isolation without ConfigService (Config undefined) and asserts construction does not throw.
github-actions
Bot
requested review from
TaprootFreak and
davidleomay
as code owners
…#3839) * fix(realunit): forward the signed name/address variant to Aktionariat Aktionariat re-verifies the EIP-712 registration signature against the payload we POST. Wallets sign either the raw UTF-8 fields (legacy software wallets) or the BitBox-safe ASCII transliteration (current app; a BitBox cannot sign non-ASCII bytes), but forwardRegistration always sent the stored UTF-8 fields. ASCII-signed registrations were therefore recovered to a different address and rejected with "Invalid signature", leaving the step in MANUAL_REVIEW. Resolve which variant the signature verifies against and forward exactly those bytes. The UTF-8 originals stay on user_data for PDF/mail. This also unblocks the software-wallet -> hardware-wallet migration path, since both wallet types can produce the ASCII variant. * refactor(realunit): minimize the Aktionariat forward fix Drop the verify refactor and keep only the behavioral change: transliterate the free-text fields to BitBox-safe ASCII in forwardRegistration so the payload matches the signed bytes. verifyRealUnitRegistrationSignature is left untouched. * fix(realunit): forward the signed name/address variant, not always ASCII The minimal "always transliterate to ASCII" approach regressed legacy wallets that signed the raw UTF-8 fields (still accepted by #3709's verify): forwarding ASCII no longer matched their UTF-8 signature. Resolve which representation the signature verifies against (raw or BitBox-safe ASCII) and forward exactly that, so both legacy UTF-8 signers and current ASCII/BitBox signers keep working.
…let keys (#3838) * Migrate local dev tooling to PostgreSQL and generate all required wallet keys The API was migrated to PostgreSQL (#3620) but the local setup tooling still targeted MSSQL. Switch docker-compose, .env.local.example, scripts/setup.js and migration/seed/seed.js to PostgreSQL, and generate every wallet key the blockchain/integration services parse on startup (ICP, Citrea, Ark, KuCoin Pay, payment webhook, Spark, Boltz). Scope the migration-immutability CI check to schema migrations so the seed script can be maintained, and update the README. * Reset identity sequence unconditionally and fix legacy setup.sh db wait Address review feedback: run the sequence setval even when a table is already seeded (so a re-run after an interrupted first seed cannot leave the sequence behind the existing ids), and update scripts/setup.sh to wait on Postgres readiness instead of the removed db-init service. * Remove orphaned MSSQL-era setup.sh wrapper scripts/setup.sh duplicated the canonical 'npm run setup' flow, was unreferenced, and depended on MSSQL-only seeders (testdata.js, kyc-testdata.js) that are out of scope for this migration and broke under the PostgreSQL switch.
TaprootFreak
approved these changes
Jun 8, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Automatic Release PR
This PR was automatically created after changes were pushed to develop.
Commits: 1 new commit(s)
Checklist