feat: reputation system, stripe integration, swap routes, lightning improvements, and web-wallet updates

Author: ralyodio

src/app/api/cron/monitor-payments/route.test.ts

@@ -24,6 +24,10 @@ vi.mock('bitcoinjs-lib', () => ({
   },
 }));
 
+vi.mock('@/lib/blockchain/providers', () => ({
+  getBlockchainProvider: vi.fn(),
+}));
+
 // Mock env before module loads
 process.env.NEXT_PUBLIC_SUPABASE_URL = 'https://test.supabase.co';
 process.env.SUPABASE_SERVICE_ROLE_KEY = 'test-key';

src/app/api/cron/monitor-payments/route.ts

@@ -18,8 +18,8 @@ import { monitorLightningPayments, syncLnbitsPayments } from './lightning-monito
 import { monitorSeries } from './series-monitor';
 import { monitorEmails } from './email-monitor';
 
-const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL!;
-const supabaseServiceKey = process.env.SUPABASE_SERVICE_ROLE_KEY!;
+const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL || 'https://example.supabase.co';
+const supabaseServiceKey = process.env.SUPABASE_SERVICE_ROLE_KEY || 'service-role-key';
 
 /**
  * Get cron secret for authentication

src/app/api/lightning/address/route.ts

@@ -3,10 +3,14 @@ import { NextRequest, NextResponse } from 'next/server';
 import { createClient } from '@supabase/supabase-js';
 import { createPayLink, createUserWallet, getPayLink } from '@/lib/lightning/lnbits';
 
-const supabase = createClient(
-  process.env.NEXT_PUBLIC_SUPABASE_URL!,
-  process.env.SUPABASE_SERVICE_ROLE_KEY!
-);
+function getSupabase() {
+  const url = process.env.NEXT_PUBLIC_SUPABASE_URL;
+  const key = process.env.SUPABASE_SERVICE_ROLE_KEY;
+  if (!url || !key) {
+    throw new Error('Missing Supabase server environment variables');
+  }
+  return createClient(url, key);
+}
 
 const LIGHTNING_USERNAME_REGEX = /^[a-z0-9][a-z0-9._-]{1,30}[a-z0-9]$/;
 function isMissingLnbitsWalletError(error: unknown): boolean {
@@ -24,7 +28,7 @@ function isLnbitsAuthError(error: unknown): boolean {
   return /api error 401|401 authorization required|unauthorized/i.test(msg);
 }
 
-async function ensureLightningAddressBackend(walletId: string, username: string, wallet: {
+async function ensureLightningAddressBackend(supabase: ReturnType<typeof getSupabase>, walletId: string, username: string, wallet: {
   ln_wallet_adminkey?: string | null;
   ln_paylink_id?: number | null;
 }) {
@@ -110,6 +114,7 @@ async function ensureLightningAddressBackend(walletId: string, username: string,
  */
 export async function POST(request: NextRequest) {
   try {
+    const supabase = getSupabase();
     const { wallet_id, username } = await request.json();
 
     if (!wallet_id || !username) {
@@ -187,7 +192,7 @@ export async function POST(request: NextRequest) {
       );
     }
 
-    await ensureLightningAddressBackend(wallet_id, username, {
+    await ensureLightningAddressBackend(supabase, wallet_id, username, {
       ln_wallet_adminkey: wallet.ln_wallet_adminkey ?? null,
       ln_paylink_id: wallet.ln_paylink_id ?? null,
     });
@@ -224,6 +229,7 @@ export async function POST(request: NextRequest) {
  * Get current Lightning Address for a wallet
  */
 export async function GET(request: NextRequest) {
+  const supabase = getSupabase();
   const username = request.nextUrl.searchParams.get('username');
   if (username) {
     const normalized = username.trim().toLowerCase();
@@ -285,7 +291,7 @@ export async function GET(request: NextRequest) {
   // Keep Lightning Address restorable after seed imports by self-healing
   // stale/missing LNbits wallet or paylink metadata in background.
   try {
-    await ensureLightningAddressBackend(walletId, wallet.ln_username, {
+    await ensureLightningAddressBackend(supabase, walletId, wallet.ln_username, {
       ln_wallet_adminkey: (wallet as any).ln_wallet_adminkey ?? null,
       ln_paylink_id: (wallet as any).ln_paylink_id ?? null,
     });

src/app/api/lightning/invoices/route.ts

@@ -5,8 +5,8 @@ import { createInvoice as createLnbitsInvoice } from '@/lib/lightning/lnbits';
 import { createClient } from '@supabase/supabase-js';
 
 const supabase = createClient(
-  process.env.NEXT_PUBLIC_SUPABASE_URL!,
-  process.env.SUPABASE_SERVICE_ROLE_KEY!
+  process.env.NEXT_PUBLIC_SUPABASE_URL || 'https://example.supabase.co',
+  process.env.SUPABASE_SERVICE_ROLE_KEY || 'service-role-key'
 );
 
 /**

src/app/api/payments/[id]/check-balance/route.ts

@@ -5,8 +5,8 @@ import { forwardPaymentSecurely } from '@/lib/wallets/secure-forwarding';
 
 import * as bitcoin from 'bitcoinjs-lib';
 
-const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL!;
-const supabaseServiceKey = process.env.SUPABASE_SERVICE_ROLE_KEY!;
+const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL || 'https://example.supabase.co';
+const supabaseServiceKey = process.env.SUPABASE_SERVICE_ROLE_KEY || 'service-role-key';
 
 /**
  * CashAddr charset for decoding

src/app/api/reputation/agent/[did]/reputation/route.ts

@@ -7,8 +7,8 @@ import { getAttestationScore } from '@/lib/reputation/mutual-attestation';
 import { isValidDid } from '@/lib/reputation/crypto';
 
 const supabase = createClient(
-  process.env.NEXT_PUBLIC_SUPABASE_URL!,
-  process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!
+  process.env.NEXT_PUBLIC_SUPABASE_URL || 'https://example.supabase.co',
+  process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY || 'public-anon-key'
 );
 
 export async function GET(

src/app/api/reputation/badge/[did]/route.ts

@@ -4,8 +4,8 @@ import { computeReputation } from '@/lib/reputation/attestation-engine';
 import { isValidDid } from '@/lib/reputation/crypto';
 
 const supabase = createClient(
-  process.env.NEXT_PUBLIC_SUPABASE_URL!,
-  process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!
+  process.env.NEXT_PUBLIC_SUPABASE_URL || 'https://example.supabase.co',
+  process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY || 'public-anon-key'
 );
 
 function generateBadgeSvg(taskCount: number, acceptedRate: number, flagged: boolean): string {

src/app/api/reputation/credential/[id]/route.ts

@@ -2,8 +2,8 @@ import { NextRequest, NextResponse } from 'next/server';
 import { createClient } from '@supabase/supabase-js';
 
 const supabase = createClient(
-  process.env.NEXT_PUBLIC_SUPABASE_URL!,
-  process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!
+  process.env.NEXT_PUBLIC_SUPABASE_URL || 'https://example.supabase.co',
+  process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY || 'public-anon-key'
 );
 
 export async function GET(

src/app/api/reputation/credentials/route.ts

@@ -3,8 +3,8 @@ import { createClient } from '@supabase/supabase-js';
 import { isValidDid } from '@/lib/reputation/crypto';
 
 const supabase = createClient(
-  process.env.NEXT_PUBLIC_SUPABASE_URL!,
-  process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!
+  process.env.NEXT_PUBLIC_SUPABASE_URL || 'https://example.supabase.co',
+  process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY || 'public-anon-key'
 );
 
 export async function GET(request: NextRequest) {

src/app/api/reputation/issuers/[id]/rotate/route.ts

@@ -9,8 +9,8 @@ import { randomBytes } from 'crypto';
 import { authenticateRequest, isMerchantAuth } from '@/lib/auth/middleware';
 
 const supabase = createClient(
-  process.env.NEXT_PUBLIC_SUPABASE_URL!,
-  process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!
+  process.env.NEXT_PUBLIC_SUPABASE_URL || 'https://example.supabase.co',
+  process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY || 'public-anon-key'
 );
 
 export async function POST(