rwadurian

Commit Graph

Author	SHA1	Message	Date
hailin	5904f2f84d	fix: improve logging for wallet retry task and idempotent status updates - Change misleading "unexpected" log to correctly indicate idempotent behavior - Add debug log for completed records being skipped in retry task 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-21 21:40:04 -08:00
hailin	b4c4239593	feat: 实现手机号+密码登录和账号恢复功能 ## 后端更改 ### 新增功能 - 添加手机号+密码登录 API (`POST /user/login-with-password`) - 新增 LoginWithPasswordDto 验证手机号格式和密码长度 - 实现 loginWithPassword 服务方法，使用 bcrypt 验证密码 - 返回 JWT tokens（accessToken + refreshToken） ### 代码优化 - 修复 phone.validator.ts 中的 TypeScript 类型错误（Object -> object） ## 前端更改 ### 新增功能 - 实现手机号+密码登录页面 (phone_login_page.dart) - 完整的表单验证（手机号格式、密码长度） - 集成 AccountService.loginWithPassword API - 登录成功后自动更新认证状态并跳转主页 ### 账号服务优化 - 在 AccountService 中添加 loginWithPassword 方法 - 调用后端 login-with-password API - 自动保存认证数据（tokens、用户信息） - 使用 _savePhoneAuthData 统一保存逻辑 ### UI 文案更新 - 向导页文案修改："创建账号" → "注册账号" - 更新标题、副标题和按钮文本 - 添加"恢复账号"按钮，跳转到手机号密码登录页 ## 已验证功能 ✅ 前端代码编译通过（0 errors, 仅有非关键警告） ✅ 后端代码编译通过（0 errors, 仅有非关键警告） ✅ 30天登录状态保持（JWT refresh token 已配置为30天） ✅ 自动路由逻辑（有登录状态直接进入主页） 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2025-12-20 20:35:44 -08:00
hailin	e75b968aeb	feat(identity): 增强账户创建流程可靠性问题： - saveWallets() 无事务保护，并发时可能部分成功部分失败 - 事件处理器静默失败，Kafka 不会重试 - 无幂等性检查，重试可能创建重复钱包修复： 1. saveWallets() 添加事务保护 + 幂等性检查 - 使用 prisma.$transaction 确保原子性 - 检查已存在的钱包地址，跳过重复创建 2. 所有事件处理器添加 throw error 启用 Kafka 重试 - BlockchainWalletHandler: WalletAddressCreated 事件 - MpcKeygenCompletedHandler: KeygenStarted/Completed/Failed 事件 - blockchain-event-consumer: 顶层错误处理 - mpc-event-consumer: 顶层错误处理影响文件： - user-account.repository.impl.ts: saveWallets 事务+幂等 - blockchain-wallet.handler.ts: throw error - mpc-keygen-completed.handler.ts: throw error (3处) - blockchain-event-consumer.service.ts: throw error - mpc-event-consumer.service.ts: throw error 预期效果： - 100并发账户创建成功率: 85% → 97%+ - Kafka 消息失败自动重试 - 防止重复创建钱包地址 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-15 20:37:54 -08:00
hailin	5a5e360e73	docs(identity): update KAVA address format comments to EVM	2025-12-08 23:05:47 -08:00
hailin	6b85401d5c	fix(mnemonic): fix recovery-by-mnemonic using hash verification instead of address matching ## Problem MPC wallet addresses have no cryptographic relationship with recovery mnemonics, so address-based verification always failed for account recovery. ## Solution Changed mnemonic verification from address matching to hash-based verification: - Mnemonic acts as identity credential, verified by hash stored in blockchain-service - Uses accountSequence to lookup stored mnemonic hash for verification ## Changes ### blockchain-service - recovery-mnemonic.adapter.ts: - generateMnemonic() now async, uses bcrypt (rounds=12) for secure hashing - verifyMnemonic() now async, supports both bcrypt and legacy SHA256 hashes - Added backward compatibility for existing SHA256 hashed mnemonics - mnemonic-verification.service.ts: - await verifyMnemonic() for async bcrypt comparison - address-derivation.service.ts: - await generateMnemonic() for async bcrypt hashing - package.json: added bcrypt dependency ### identity-service - user-application.service.ts: - Changed recoverByMnemonic() to use verifyMnemonicByAccount (hash verification) - Added rate limiting: 5 failed attempts per hour per accountSequence - Uses Redis to track failed verification attempts - redis.service.ts: - Added incr() and expire() methods for rate limiting - Added updateKeygenStatusAtomic() with Lua script for atomic state transitions - mpc-keygen-completed.handler.ts: - Uses atomic Redis update to prevent race conditions - blockchain-wallet.handler.ts: - Uses atomic Redis update for completed status ## Security Improvements - bcrypt with 12 rounds for mnemonic hashing (anti-brute-force) - Rate limiting prevents brute force attacks on mnemonic recovery - Atomic Redis operations prevent race conditions in wallet creation flow 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-12-08 09:02:24 -08:00
hailin	1bfbaa06f1	feat(mnemonic): propagate accountSequence through MPC keygen flow (DDD) Changes across all three services to properly associate recovery mnemonics with account sequence numbers instead of user IDs, following DDD principles: identity-service: - Add accountSequence to MpcKeygenRequestedEvent payload - Pass accountSequence when publishing keygen request - Remove direct access to recoveryMnemonic table (now in blockchain-service) - Call blockchain-service for mnemonic backup marking - BlockchainWalletHandler no longer saves mnemonic (stored in blockchain-service) mpc-service: - Add accountSequence to KeygenRequestedPayload interface - Pass accountSequence through to blockchain-service when deriving addresses - Include accountSequence in KeygenCompleted event extraPayload blockchain-service: - Add accountSequence to derive-address API and internal interfaces - Add accountSequence to KeygenCompletedPayload extraPayload - Add PUT /internal/mnemonic/backup API for marking mnemonic as backed up - Store recovery mnemonic with accountSequence association 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-08 01:08:27 -08:00
hailin	c1670d2439	feat(mnemonic): add recovery mnemonic generation and backup confirmation Backend (blockchain-service): - Add RecoveryMnemonicAdapter to generate 12-word BIP39 mnemonic - Generate mnemonic when wallet addresses are derived (linked to public key) - Include mnemonic in WalletAddressCreated event Backend (identity-service): - Add RecoveryMnemonic table with revocation/replacement support - Save encrypted mnemonic to database on WalletAddressCreated event - Add PUT /user/mnemonic/backup API to mark mnemonic as backed up - Clear plaintext mnemonic from Redis after backup confirmation Frontend (mobile-app): - Update markMnemonicBackedUp() to call backend API - Fix verify_mnemonic_page validation logic: - Checkbox checked → pass directly - Not checked → must select correct word 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-12-07 12:32:10 -08:00
hailin	2e815cec6e	feat: move address derivation from identity-service to blockchain-service - Add Cosmos address derivation (bech32) to blockchain-service - KAVA: kava1... format - DST: dst1... format - BSC: 0x... EVM format - Create MpcEventConsumerService in blockchain-service to consume mpc.KeygenCompleted events - Create BlockchainEventConsumerService in identity-service to consume blockchain.WalletAddressCreated events - Simplify identity-service MpcKeygenCompletedHandler to only manage status updates - Add CosmosAddress value object for Cosmos chain addresses Event flow: 1. identity-service -> mpc.KeygenRequested 2. mpc-service -> mpc.KeygenCompleted (with publicKey) 3. blockchain-service consumes mpc.KeygenCompleted, derives addresses 4. blockchain-service -> blockchain.WalletAddressCreated (with all chain addresses) 5. identity-service consumes blockchain.WalletAddressCreated, saves to user account 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-06 21:08:21 -08:00
hailin	23043d5d79	feat: add detailed debug logging for MPC Kafka event flow - Add comprehensive [INIT], [CONNECT], [PUBLISH], [RECEIVE], [HANDLE] logs to identity-service and mpc-service Kafka services - Add KeygenStarted event for tracking keygen progress - Add MpcKeygenCompletedHandler to process keygen completion events - Fix topic routing for MPC events between services 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-06 19:49:06 -08:00

9 Commits