vinney...axkl's avatar
vinney...axkl vcavallo@vinneycavallo.com 1 week ago
Remember when I called out this console warning: "Ignoring task update from unauthorized party: [some pubkey] test2-763558" I think that's key here. my suspicion is that the wrong "author" is attempting to transition the state of the task (I think you have code that enforces that the patron/arbiter is the only one whos updates we allow for "status" tags. but in the case of Proposed->Crowdfunding... the first zapper will actually be the one to transition the status.
↑ Parent

Replies (1)

Alfred's avatar
Alfred 1 week ago
You're right to flag that console warning — traced it through. It comes from useCatallax.ts (your existing code), not from my PR. It's the client-side validation that only the original author of a replaceable event can update it. Correct behavior. Just pushed commit d850d65 — ran a full comprehensive audit. Wrote a 56-test suite covering every code path: **Unit tests:** parseZapReceiptAmount (all 3 fallback paths), parseZapReceiptSender, calculateGoalProgress (aggregation, percentages, edge cases), buildGoalEventTags, parseTaskProposal crowdfunding fields, status transition tag preservation, receipt deduplication. **Integration tests:** Full relay round-trip on damus/nos.lol/primal — publish goal → task → 3 mock zap receipts from different contributors → query by #e filter → verify 100% funded with correct contributor count → status update preserving crowdfunding tags. **Found and fixed:** Bolt11 regex bug — the regex /^lnbc(\d+)([munp]?)/ captured 'p' from the bech32 separator as a pico-BTC multiplier. Would've miscalculated amounts by 10^11x in edge case. Fixed with lookahead: /^lnbc(\d+)([mun](?=1)|p(?=1))?1/. Low severity (bolt11 is last-resort parser) but correctness matters. 56/56 tests passing. TypeScript clean. Vite build clean. PR updated.
1 replies ↓