Product schema on name pages with brand, offers, URL. BreadcrumbList
on pricing page. Triggers Google rich results and schema.org monitoring
alerts for brand sunrise names. Rate limit headers already provided
by api middleware group (X-RateLimit-Limit/Remaining).
Commit #103.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Multi-tenant scoping via CorePHP tenant package. workspace_id column
added to all three tables. Existing records backfilled to workspace 1
(Lethean CIC). workspaceContextRequired=false allows public API calls
without workspace context.
Commit #100.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
All 6 Mod modules now register API routes via ApiRoutesRegistering
instead of WebRoutesRegistering with CSRF hacks. The api middleware
group (ThrottleRequests + SubstituteBindings, no CSRF/session)
handles everything natively. Website/Api module simplified to just
metrics and homepage. fireApiRoutes() added to Web Boot.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Symlinked core-api, php-commerce, php-tenant into app/Core/.
All migrations ran (50 tables). Tenant feature seeder ran.
Workspace 'Lethean CIC' created with admin user Charon and
'Lethean Registrar' namespace. SetupWorkspace artisan command
for repeatable provisioning.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
ClaimApproved mailable sent when admin approves a claim — dark
themed HTML email with name, next steps, and CTA links. Wrapped
in try/catch so email failure doesn't block approval.
Dynamic SVG OpenGraph images at /names/{name}/og.svg — shows name,
type badge (Registered/Reserved/Gateway/Available), and branding.
og:image meta tag added to name detail pages via @push('head').
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
tests/TestCase.php bootstraps app via Core\Boot::app() with kernel
bootstrap. DatabaseTransactions for test isolation. PHPUnit config
with array cache/session. 12 tests written, unit tests pass.
HTTP endpoint tests need chain daemon mock to run standalone.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- UpdateDnsRecords Action: controller method now one-liner, all DNS
logic in Action with activity logging and edit lock.
- Prometheus metrics at /v1/metrics: chain_height, alias_count,
claims_pending, dns_tickets, gateways_live. Grafana-ready.
- ValidateJsonRequest middleware: enforces application/json on POST,
64KB body size limit. Applied to all /v1/* API routes.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
chain:stop sends SIGTERM and waits for graceful shutdown.
DNS updateRecords now logs 'dns_updated' activity with ticket_id
and records. Claim approve/reject also logged in previous commit.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
POST /v1/names/claims/{id}/approve — changes status, logs activity.
POST /v1/names/claims/{id}/reject — changes status, logs activity.
Both require auth.api middleware. Validates claim exists and is pending.
Completes the claim lifecycle: submit → review → approve/reject.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
DNS change tickets now persisted in MariaDB via DnsTicket model.
Survives cache clears and container rebuilds. Model has open(),
confirm(), fail() methods and pending/queued scopes. Controller
updateRecords and ticket endpoints refactored. RetryDnsTickets
command queries model instead of cache.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
13 tests covering CheckAvailability, SubmitClaim, NameClaim model
scopes, NameActivity logging, and HTTP endpoints. PHPUnit config
added. Tests need TestCase base class setup to run — framework
testing infrastructure TBD.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
NameResource transforms alias data with parsed type, capabilities,
and owner_type (registry/community). ClaimResource formats claim
responses. Lookup endpoint uses NameResource, claim uses ClaimResource
with additional message. Follows CorePHP patterns/building-rest-apis.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
NameActivity model with log() static method. Stores event, name,
properties (JSON), and hashed IP (GDPR). SubmitClaim action now
logs 'claimed' event. Ready for dns_updated, registered, etc.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
ChainService (code=chain, no deps) and NamesService (code=names,
depends on chain). Ready for CorePHP service registry discovery
when core-api package is installed.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
RetryDnsTickets command now scheduled everyMinute with
withoutOverlapping. Runs via supervisor scheduler in the container.
Queued DNS changes retry automatically without manual intervention.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
CorePHP Actions pattern — single-purpose classes with static ::run().
Controller methods now delegate to Actions. Each Action validates,
executes, and returns typed results. Enables reuse from commands,
jobs, and tests without going through HTTP.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Claims stored in Cache were lost on cache clear. Now persisted in
name_claims SQLite table via NameClaim Eloquent model. Auto-generates
claim_id via random_bytes. Scopes: pending(), approved(). Methods:
approve(), reject(). Status page updated to query model.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The @cspnonce Blade directive isn't available (Headers module not
loading). Reverted to plain <script>/<style> tags. unsafe-inline
in CSP config handles security. Nonces re-added when Headers Boot
is properly integrated.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Added @cspnonce to all inline <script> and <style> tags in layout,
explorer, and register views. Enabled nonce generation in headers
config. unsafe-inline kept as fallback. Nonces will activate after
container restart when the Headers Boot registers the Blade directive.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds paid fast-track option to sunrise page, reserved name detail
pages, and pricing table. Links to Blesta order form for BTCPay
payment. Three clear paths: free DNS verification, free manual
verification, or $49 BTC fast track with immediate registration.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Production stack has honeypot that null-routes API payloads sent to
the web domain. API routes now only register via Website/Api module
(api.lthn.io). Mod modules stripped to web-only routes. Frontend JS
fetch calls use configurable API_URL for cross-origin API access.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
POST endpoints on /v1/* were returning 419 CSRF mismatch because
$event->routes() wraps routes in the web middleware group which
includes ValidateCsrfToken. External clients (Blesta, curl) can't
send CSRF tokens. withoutMiddleware() on /v1/* prefixes fixes this.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
All 6 Mod modules now use $event->routes() and $event->views() instead
of raw Route:: and app('view')-> calls. Service singletons moved to
FrameworkBooted where appropriate. Website/Api module added for
api.lthn.io domain with proper DomainResolving.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Name detail pages now show DNS records from sidechain, ITNS sidechain
registration, services links (DNS/SSL/Proxy), and CIC governance label
for community members. Available names link to claim page.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds claim/listClaims endpoints so visitors can reserve .lthn names
before chain registration is fully automated. Claims are stored with
email for notification when approved. Admin endpoint lists all claims.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- /names/register: search → see result → one-click register
- Live API check via JavaScript (no page reload)
- Green "Register now" button links directly to Blesta checkout
- Reserved names link to /sunrise, taken names link to detail page
- Requirements and features shown alongside search
- Autofocus on input, Enter key support
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- GET /v1/names/sunrise/verify/{name} — generate verification token
- GET /v1/names/sunrise/check/{name} — check TXT record across .com/.org/.net/.io/.co.uk
- Token: _lthn-verify.brand.com TXT "lthn-verify={hash}"
- Same process as Handshake TLD claims
- Sunrise page shows both auto (DNS) and manual (email) verification paths
- Automatic claim when DNS record matches
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Organization schema on all pages (Lethean CIC, contact, offers)
- Per-name WebPage schema with Thing identifier (triggers Google Trends)
- Services ItemList schema with 3 Service offerings + pricing
- Sunrise WebPage schema with ItemList of reserved names
- OpenGraph + Twitter Card meta tags
- Canonical URLs
- Per-page meta descriptions via @yield
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- /sunrise page listing all 115 reserved names
- How to Claim: 4-step process with accepted proof types
- Stats: reserved count, active status, end date TBD
- All names as clickable tag cloud linking to detail pages
- Linked from reserved name detail pages
- "Request a reservation" CTA for unlisted brands
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Reserved names show Sunrise Period card with claim CTA
- Claim links to developers@lethean.io with pre-filled subject
- "Proof of brand ownership required" disclosure
- Available names page: feature list + prominent register button
- Fixed HNS → ITNS sidechain label
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Name detail: owner with @LetheanRegistry/@LetheanTestnet labels
- Type badges: Reserved (amber), Gateway/Service/User (green)
- Capabilities shown as individual badges (vpn, dns, proxy, etc)
- HNS sidechain reference shown when present
- Directory: type column with badges, details column with capabilities
- API lookup link on detail pages
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Bearer token auth middleware on POST /register and /records
- Throttle: 10 registrations/min, 20 DNS updates/min
- Token configurable via API_TOKEN env var (disabled when empty)
- Daemon alias validation: a-z 0-9 . - up to 255 chars
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- DNS update locks name for 5 min (until block confirms)
- Second edit gets clear "update pending" error (409)
- Lock released when ticket confirmed against chain
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- dns= entries now separated by | instead of ,
- Commas in TXT values (e.g. SPF records) no longer break parsing
- IPv6 addresses verified safe with splitColon(entry, 3)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- DaemonRpc: try/catch with stale cache (1h TTL) when daemon is down
- WalletRpc: try/catch with clear error message
- Health endpoint: status=offline/degraded/critical/low_funds/healthy
- Reports wallet_online, daemon_online, stale flags
- Reduced daemon timeout from 10s to 5s, wallet from 30s to 15s
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Cache-based lock on name during registration (10 min TTL)
- Availability check shows reserved: true when locked
- Second registration attempt gets clear error message
- Lock released on permanent failure, auto-expires after 10 min
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- POST /v1/names/records/{name} returns ticket ID for tracking
- GET /v1/names/ticket/{id} checks status (queued/pending/confirmed)
- Queue gracefully handles busy chain (202 Accepted)
- Ticket auto-checks confirmation against chain alias
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- GET /v1/names/records/{name} reads from LNS sidechain (/resolve)
- POST /v1/names/records/{name} writes via update_alias on chain
- Records encoded in alias comment: dns=TYPE:HOST:VALUE,...
- LNS_URL config for sidechain endpoint
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- POST /v1/names/register endpoint with wallet RPC integration
- WalletRpc service for alias registration via daemon wallet
- Blade views for homepage, explorer, names directory, network status
- Explorer and Names modules with view namespaces and web controllers
- Pool endpoint graceful offline handling
- Explorer block detail, aliases, search views
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
