Merge pull request #50 from pandarudra/preview

Add phantom public key to env and update transaction verification

Author: pandarudra

be/src/routes/payment.routes.ts

@@ -1,5 +1,10 @@
 import { Router, Response } from "express";
-import { Connection, PublicKey } from "@solana/web3.js";
+import {
+  Connection,
+  PublicKey,
+  ParsedInstruction,
+  PartiallyDecodedInstruction,
+} from "@solana/web3.js";
 import { AuthenticatedRequest } from "../middleware";
 import { treasury_wallet } from "../constants";
 import { TierService } from "../services/tier.service";
@@ -9,7 +14,7 @@ export const paymentRouter = Router();
 const connection = new Connection("https://api.devnet.solana.com", "confirmed");
 
 // Expected SOL amount for premium upgrade (e.g. 0.1 SOL)
-const PREMIUM_UPGRADE_LAMPORTS = 0.1 * 1_000_000_000;
+const PREMIUM_UPGRADE_LAMPORTS = 100_000_000;
 
 /**
  * @swagger
@@ -40,69 +45,100 @@ const PREMIUM_UPGRADE_LAMPORTS = 0.1 * 1_000_000_000;
  *       500:
  *         description: Internal verification error
  */
-paymentRouter.post("/verify-upgrade", async (req: AuthenticatedRequest, res: Response): Promise<any> => {
-  try {
-    const walletAddress = req.walletAddress;
-    const { signature } = req.body;
-
-    if (!walletAddress) {
-      return res.status(401).json({ error: "Unauthorized" });
-    }
-
-    if (!signature) {
-      return res.status(400).json({ error: "Transaction signature is required" });
-    }
-
-    Logger.info(`Verifying transaction ${signature} for wallet ${walletAddress}`);
-
-    // Wait slightly to ensure RPC node has the transaction
-    await new Promise(resolve => setTimeout(resolve, 2000));
-
-    // Fetch transaction details
-    const tx = await connection.getTransaction(signature, {
-      maxSupportedTransactionVersion: 0,
-      commitment: "confirmed",
-    });
-
-    if (!tx || !tx.meta) {
-      return res.status(400).json({ error: "Transaction not found or not confirmed" });
-    }
-
-    if (tx.meta.err) {
-      return res.status(400).json({ error: "Transaction failed on-chain" });
-    }
-
-    // Verify it's a transfer to our treasury wallet
-    // Look at postBalances - preBalances to see net change for treasury
-    const accountKeys = tx.transaction.message.getAccountKeys();
-    
-    // Find index of treasury wallet
-    const treasuryIndex = accountKeys.staticAccountKeys.findIndex(
-      (key) => key.toBase58() === treasury_wallet
-    );
-
-    if (treasuryIndex === -1) {
-      return res.status(400).json({ error: "Treasury wallet not involved in transaction" });
-    }
-
-    const preBalance = tx.meta.preBalances[treasuryIndex];
-    const postBalance = tx.meta.postBalances[treasuryIndex];
-    const amountReceived = postBalance - preBalance;
+paymentRouter.post(
+  "/verify-upgrade",
+  async (req: AuthenticatedRequest, res: Response): Promise<any> => {
+    try {
+      const walletAddress = req.walletAddress;
+      const { signature } = req.body;
+
+      if (!walletAddress) {
+        return res.status(401).json({ error: "Unauthorized" });
+      }
+
+      Logger.info("Wallet address:", walletAddress);
+
+      if (!signature) {
+        return res
+          .status(400)
+          .json({ error: "Transaction signature is required" });
+      }
+
+      Logger.info(
+        `Verifying transaction ${signature} for wallet ${walletAddress}`,
+      );
+
+      // Wait slightly to ensure RPC node has the transaction
+      await new Promise((resolve) => setTimeout(resolve, 2000));
+
+      // Verify it's a transfer to our treasury wallet
+      // Look at postBalances - preBalances to see net change for treasury
+      const parsedTx = await connection.getParsedTransaction(signature, {
+        maxSupportedTransactionVersion: 0,
+        commitment: "confirmed",
+      });
 
-    if (amountReceived < PREMIUM_UPGRADE_LAMPORTS) {
-      return res.status(400).json({ 
-        error: "Insufficient payment", 
-        expected: PREMIUM_UPGRADE_LAMPORTS, 
-        received: amountReceived 
+      if (!parsedTx || !parsedTx.meta) {
+        return res.status(400).json({
+          error: "Transaction not found or not confirmed",
+        });
+      }
+
+      if (parsedTx.meta.err) {
+        return res.status(400).json({
+          error: "Transaction failed on-chain",
+        });
+      }
+
+      const instructions = parsedTx.transaction.message.instructions;
+
+      Logger.info("Instructions:", JSON.stringify(instructions, null, 2));
+
+      const transferInstruction = instructions.find(
+        (ix): ix is ParsedInstruction =>
+          "parsed" in ix &&
+          ix.program === "system" &&
+          ix.parsed?.type === "transfer" &&
+          ix.parsed?.info?.destination === treasury_wallet,
+      );
+
+      if (!transferInstruction) {
+        return res.status(400).json({
+          error: "No valid transfer to treasury wallet found",
+        });
+      }
+
+      const sender = transferInstruction.parsed.info.source;
+
+      if (sender !== walletAddress) {
+        return res.status(400).json({
+          error: "Transaction sender mismatch",
+        });
+      }
+
+      const lamports = Number(transferInstruction.parsed.info.lamports);
+
+      Logger.info("Transfer sender:", sender);
+      Logger.info("Transfer amount:", lamports);
+
+      if (lamports < PREMIUM_UPGRADE_LAMPORTS) {
+        return res.status(400).json({
+          error: "Insufficient payment",
+          expected: PREMIUM_UPGRADE_LAMPORTS,
+          received: lamports,
+        });
+      }
+
+      // Upgrade the user
+      await TierService.upgradeUserToPremium(walletAddress);
+
+      return res.json({
+        success: true,
+        message: "Upgraded to Premium successfully",
       });
+    } catch (error) {
+      Logger.error("Failed to verify transaction:", error);
+      return res.status(500).json({ error: "Internal verification error" });
     }
-
-    // Upgrade the user
-    await TierService.upgradeUserToPremium(walletAddress);
-
-    return res.json({ success: true, message: "Upgraded to Premium successfully" });
-  } catch (error) {
-    Logger.error("Failed to verify transaction:", error);
-    return res.status(500).json({ error: "Internal verification error" });
-  }
-});
+  },
+);

fe/src/components/custom/modals/PremiumUpgradeModal.tsx

@@ -21,7 +21,7 @@ import {
 } from "@solana/web3.js";
 import { useConnection } from "@solana/wallet-adapter-react";
 import { getToken } from "@/services/auth.service";
-import { be_url } from "@/env/e";
+import { be_url, phantom_pub_key } from "@/env/e";
 
 interface PremiumUpgradeModalProps {
   isOpen: boolean;
@@ -121,9 +121,7 @@ export const PremiumUpgradeModal = ({
       toast.loading("Initiating transaction...", { id: "upgrade" });
 
       // Devnet treasury address
-      const treasuryPubkey = new PublicKey(
-        "6U2V5fGjJ2XJz5V4hVwGqU5nF5V5x5Y2tG6P1f6N4t9k",
-      );
+      const treasuryPubkey = new PublicKey(phantom_pub_key);
       const transaction = new Transaction().add(
         SystemProgram.transfer({
           fromPubkey: wallet.publicKey,
@@ -135,17 +133,24 @@ export const PremiumUpgradeModal = ({
       toast.loading("Please approve the transaction in your wallet...", {
         id: "upgrade",
       });
+
+      const { blockhash, lastValidBlockHeight } =
+        await connection.getLatestBlockhash();
+
+      transaction.recentBlockhash = blockhash;
+      transaction.feePayer = wallet.publicKey;
+
       const signature = await wallet.sendTransaction(transaction, connection);
 
       toast.loading(
         `Transaction sent! Waiting for confirmation... (${signature.slice(0, 8)}...)`,
         { id: "upgrade" },
       );
 
-      const latestBlockhash = await connection.getLatestBlockhash();
       await connection.confirmTransaction({
         signature,
-        ...latestBlockhash,
+        blockhash,
+        lastValidBlockHeight,
       });
 
       toast.loading("Transaction confirmed! Upgrading account...", {
@@ -164,7 +169,10 @@ export const PremiumUpgradeModal = ({
       });
 
       if (!verifyRes.ok) {
-        throw new Error("Backend verification failed");
+        const errData = await verifyRes.json();
+        console.error("Backend verify error:", errData);
+
+        throw new Error(errData.error || JSON.stringify(errData));
       }
 
       toast.success("Successfully upgraded to Premium! Enjoy!", {

fe/src/env/e.ts

@@ -2,3 +2,4 @@ export const be_url =
   import.meta.env.VITE_ENV === "prod"
     ? (import.meta.env.VITE_BE_URL as string)
     : "http://localhost:3000";
+export const phantom_pub_key = import.meta.env.VITE_PHANTOM_PUB_KEY as string;