Commit 50272fa
committed
fix: security hardening phase 2
- CORS fail-closed on mainnet (reject startup if ALLOWED_ORIGINS empty)
- Remove query-token fallback in session validate (header-only auth)
- Deprecate memo-based session opening, require session_request_id
- HMAC-SHA256 blind index with startup migration
- HashMap invoice matching for O(1) address lookup
- CipherScan circuit breaker with 30s cooldown
- Parallel block fetching (batches of 10)
- X-CipherPay-Delivery-Id header on all webhooks
- Cache-Control: private, no-store on API responses
- Skip dust fees below 25000 zatoshis
- Remove unused spawn_webhook function
- Add cargo audit CI workflow1 parent 4fc3b2a commit 50272fa
498 files changed
Lines changed: 15799 additions & 88 deletions
File tree
- .cargo-home
- registry
- cache/index.crates.io-1949cf8c6b5b557f
- index/index.crates.io-1949cf8c6b5b557f
- .cache
- 2
- 3
- f
- g
- j
- l
- m
- s
- u
- ab/sc
- ad
- dr
- le
- ah/o-
- al/lo
- an
- st
- yh
- ar
- c-
- ra
- as/yn
- at/om
- au
- di
- to
- aw/s-
- ba
- ck
- se
- bi
- nf
- tf
- bl/oc
- bo/rs
- bs/tr
- bu/mp
- by/te
- ca
- mi
- no
- rg
- ce/su
- cf
- g-
- g_
- cl
- ap
- ru
- cm/ak
- co
- lo
- mb
- mp
- re
- cp/uf
- cr
- c3
- os
- yp
- cv/ss
- de/ra
- di
- ge
- sp
- du/nc
- ei/th
- en/co
- eq/ui
- er/rn
- ey/re
- fa/st
- fi
- le
- nd
- xe
- fl/at
- fo
- ld
- rm
- fs
- -e
- _e
- fu/tu
- ge
- ne
- tr
- gi
- ml
- x-
- ha/sh
- he
- ap
- ck
- ho/me
- ht/tp
- hy/pe
- ic/u_
- id
- -a
- en
- na
- in/de
- io/-c
- ip/ne
- ir/i-
- is/_t
- it/oa
- ji/ff
- jn/i-
- jo/bs
- js/-s
- ks/tr
- la/zy
- le/b1
- li
- bc
- br
- nu
- te
- lo/ck
- lr/u-
- ma
- tc
- yb
- me
- mc
- mm
- mi
- me
- ni
- nu
- -a
- m-
- ob/je
- on/ce
- op/en
- ow/o-
- pa/rk
- pe
- rc
- tg
- pi/n-
- pl
- ai
- at
- po
- rt
- te
- we
- pp/v-
- pr
- et
- oc
- od
- qu
- in
- it
- ot
- r-/ef
- ra
- nd
- yo
- re
- do
- ge
- qw
- ri/ng
- ru/st
- sa/me
- sc
- ha
- op
- se
- cr
- cu
- mv
- rd
- sh
- a1
- ar
- el
- le
- si/md
- sl/ab
- sm
- al
- ol
- so/ck
- st
- ab
- at
- rs
- su/bt
- sy
- nc
- ns
- ta/me
- te
- mp
- rm
- th
- is
- re
- ti
- me
- ny
- to
- ki
- ml
- po
- we
- tr
- ac
- y-
- tw/ox
- ty/pe
- ul/ur
- un
- ic
- tr
- ut/f8
- va/lu
- ve/rs
- wa
- it
- lk
- nt
- si
- sm
- we
- b-
- bp
- wi
- na
- nd
- nn
- t-
- wr/it
- yo/ke
- ze/ro
- zl/ib
- zm/ij
- src/index.crates.io-1949cf8c6b5b557f
- atomic-waker-1.1.2
- benches
- src
- tests
- auditable-extract-0.3.5
- src
- auditable-info-0.10.0
- src
- auditable-serde-0.9.0
- src
- cargo-audit-0.22.1
- src
- bin/cargo-audit
- commands
- audit
- cfg_aliases-0.2.1
- src
- tests
- deranged-0.5.8
- src
- display-error-chain-0.2.2
- .github/workflows
- fnv-1.0.7
- .github/workflows
- src
- api
- invoices
- merchants
- scanner
- webhooks
Some content is hidden
Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
Whitespace-only changes.
Whitespace-only changes.
Binary file not shown.
Whitespace-only changes.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
0 commit comments