lamassu/lamassu-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: reuse last and reject reuse interaction

Browse source
This commit is contained in:
Rafael Taranto 2025-06-09 17:11:49 +01:00
parent 22938ab594
commit 240d4d6f93
2 changed files with 16 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
packages/server/lib/cash-in/cash-in-tx.js
View file

@ -30,6 +30,7 @@ module.exports = {
post,
monitorPending,
cancel,
doesTxReuseAddress,
PENDING_INTERVAL,
TRANSACTION_STATES,
}
@ -201,7 +202,7 @@ function postProcess(r, pi, isBlacklisted, addressReuse, walletScore) {
// If the current customer is anon, we can still allow one other customer to use the address,
// So we count distinct customers plus the current customer if they are not anonymous.
// To prevent malicious blocking of address, we only check for txs with actual fiat
function doesTxReuseAddress(tx) {
function doesTxReuseAddress({ toAddress, customerId }) {
const sql = `
SELECT COUNT(*) > 1 as exists
FROM (SELECT DISTINCT customer_id
@ -214,7 +215,7 @@ function doesTxReuseAddress(tx) {
WHERE $2 != $3) t;
`
return db
.one(sql, [tx.toAddress, tx.customerId, constants.anonymousCustomer.uuid])
.one(sql, [toAddress, customerId, constants.anonymousCustomer.uuid])
.then(({ exists }) => exists)
}