From 4abfb0e2d78ae8226136e6a5e0b34992893db6cd Mon Sep 17 00:00:00 2001
From: benthecarman <benthecarman@live.com>
Date: Thu, 21 Nov 2024 15:00:05 -0600
Subject: [PATCH] limit nostr

---
 src/main.rs      |  4 ++++
 src/nostr_dms.rs | 33 +++++++++++++++++++++++++++++++--
 src/onchain.rs   | 10 ++++++++--
 3 files changed, 43 insertions(+), 4 deletions(-)

diff --git a/src/main.rs b/src/main.rs
index a4ab739..e8ab938 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -156,6 +156,10 @@ async fn onchain_handler(
         return Err(AppError::new("Too many payments"));
     }
 
+    if state.payments.get_total_payments(&payload.address).await > MAX_SEND_AMOUNT {
+        return Err(AppError::new("Too many payments"));
+    }
+
     let res = pay_onchain(state, x_forwarded_for, payload).await?;
 
     Ok(Json(res))
diff --git a/src/nostr_dms.rs b/src/nostr_dms.rs
index c529245..0e25a51 100644
--- a/src/nostr_dms.rs
+++ b/src/nostr_dms.rs
@@ -65,7 +65,7 @@ async fn pay_invoice(invoice: Bolt11Invoice, state: &AppState) -> anyhow::Result
         .amount_milli_satoshis()
         .is_some_and(|amt| amt / 1_000 < MAX_SEND_AMOUNT)
     {
-        info!("Paying invoice: {invoice}");
+        info!("Paying invoice: {invoice} from nostr dm");
         let mut lightning_client = state.lightning_client.clone();
 
         let response = lightning_client
@@ -173,9 +173,27 @@ async fn handle_event(event: Event, state: AppState) -> anyhow::Result<()> {
                 return Err(anyhow::anyhow!("Amount exceeds max send amount"));
             }
 
+            if state
+                .payments
+                .get_total_payments(&event.pubkey.to_string())
+                .await
+                > MAX_SEND_AMOUNT * 10
+            {
+                return Err(anyhow::anyhow!("Too many payments"));
+            }
+
+            if state
+                .payments
+                .get_total_payments(&address.to_string())
+                .await
+                > MAX_SEND_AMOUNT
+            {
+                return Err(anyhow::anyhow!("Too many payments"));
+            }
+
             let resp = {
                 let mut wallet_client = state.lightning_client.clone();
-                info!("Sending {amount} to {address}");
+                info!("Sending {amount} to {address} from nostr dm");
                 let req = lnrpc::SendCoinsRequest {
                     addr: address.to_string(),
                     amount: amount.to_sat() as i64,
@@ -186,6 +204,17 @@ async fn handle_event(event: Event, state: AppState) -> anyhow::Result<()> {
                 wallet_client.send_coins(req).await?.into_inner()
             };
 
+            state
+                .payments
+                .add_payment(&event.pubkey.to_string(), amount.to_sat())
+                .await;
+
+            // track for address too
+            state
+                .payments
+                .add_payment(&address.to_string(), amount.to_sat())
+                .await;
+
             let txid = resp.txid;
 
             info!("Sent onchain tx: {txid}");
diff --git a/src/onchain.rs b/src/onchain.rs
index fcb1288..e347f95 100644
--- a/src/onchain.rs
+++ b/src/onchain.rs
@@ -7,8 +7,8 @@ use std::str::FromStr;
 
 #[derive(Clone, Deserialize)]
 pub struct OnchainRequest {
-    sats: Option<u64>,
-    address: String,
+    pub sats: Option<u64>,
+    pub address: String,
 }
 
 #[derive(Clone, Serialize)]
@@ -69,6 +69,12 @@ pub async fn pay_onchain(
             .add_payment(x_forwarded_for, amount.to_sat())
             .await;
 
+        // track for address too
+        state
+            .payments
+            .add_payment(&address.to_string(), amount.to_sat())
+            .await;
+
         OnchainResponse {
             txid: resp.txid,
             address: address.to_string(),