Container was using host path for SQLite. Now creates database.sqlite
during Docker build and sets DB_DATABASE=/app/database/database.sqlite
in compose env. Migrations run on startup via laravel-entrypoint.sh.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
WalletRpc::getBalance() can throw when wallet is on localhost and
app runs in Docker. Wrapped in try/catch so status page degrades
gracefully instead of 500ing.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
DomainScope middleware checks Host header per-request — Octane-safe.
Applied to Api homepage (scoped to api.lthn.io). Explorer and Docs
subdomain routes stay disabled — catch-all routes like /{section}/{page?}
match before middleware runs, breaking other routes. These modules
need own containers for proper domain isolation.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
DaemonRpc implements ChainDaemon, WalletRpc implements ChainWallet.
Interfaces bound in FrameworkBooted — enables mocking for tests and
swapping to Go wrapper when go-process is ready. Concrete bindings
kept for backwards compatibility.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
CorePHP Actions pattern — single-purpose classes with static ::run().
Controller methods now delegate to Actions. Each Action validates,
executes, and returns typed results. Enables reuse from commands,
jobs, and tests without going through HTTP.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Claims stored in Cache were lost on cache clear. Now persisted in
name_claims SQLite table via NameClaim Eloquent model. Auto-generates
claim_id via random_bytes. Scopes: pending(), approved(). Methods:
approve(), reject(). Status page updated to query model.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The @cspnonce Blade directive isn't available (Headers module not
loading). Reverted to plain <script>/<style> tags. unsafe-inline
in CSP config handles security. Nonces re-added when Headers Boot
is properly integrated.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Container on noc-net network for Traefik DNS resolution.
Traefik routes to http://lthn-io:80. All pages serving 200.
Disabled Mod/Home (conflicting / route), disabled subdomain
Website modules (Octane can't scope routes by domain at boot).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Explorer, Docs, Pool, Trade, Names subdomain Website modules had
routes at root (/) that conflicted with the Lethean homepage when
registered unconditionally (required for Octane). Disabled subdomain
routes — Mod modules handle prefixed paths (/explorer, /names etc).
Container now serves all 10+ pages correctly on FrankenPHP Octane.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Octane registers routes once at startup when $_SERVER['HTTP_HOST']
is not available. All Website modules now register routes without
domain checks. Pool/Trade/Names subdomain routes disabled (views
not built). Home module disabled (Lethean handles homepage).
Container now serves 200 on FrankenPHP Octane.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Dockerfile from hostuk (FrankenPHP 1-php8.5), stripped scorer binary.
Supervisor config simplified for lthn.io (no horizon/reverb).
Octane + Predis installed. docker-compose.yml with Traefik labels,
host.docker.internal for daemon/wallet/LNS access, file cache.
TODO: Fix view namespace resolution inside container (localhost
doesn't match Lethean $domains). Need to add localhost to Lethean
$domains or test with proper Host header.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
CorePHP manages the testnet chain binaries via ConsoleBooting lifecycle.
chain:start checks if daemon/wallet are running, starts them if not,
waits for RPC readiness. chain:status shows daemon height, aliases,
PoS status, wallet and LNS node state. Config-driven paths for
binary locations, data dirs, mining address.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Added @cspnonce to all inline <script> and <style> tags in layout,
explorer, and register views. Enabled nonce generation in headers
config. unsafe-inline kept as fallback. Nonces will activate after
container restart when the Headers Boot registers the Blade directive.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
DaemonRpc, WalletRpc singletons and config now register in
FrameworkBooted instead of WebRoutesRegistering. Per CorePHP docs,
service registration belongs in FrameworkBooted. Controller DI
resolves lazily so singletons don't need to exist during route
registration. Verified health endpoint still works.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Full documentation site with sidebar navigation, search, markdown
rendering, and prev/next navigation. Initial content: introduction,
chain overview, name system, API reference, CIC governance.
Lethean Boot.php now only registers routes on matching domains
(lthn.io, testnet.lthn.io, localhost) — no longer bleeds onto
api.*, docs.*, explorer.* subdomains.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
All three Website modules now use $event->routes() with domain-scoped
routing. On their subdomain (e.g. pool.lthn.io): routes serve at root.
On lthn.io: the Mod modules handle the prefixed paths (/pool, /trade,
/names). Removed loadViewsFrom from boot() where views are already
registered by the corresponding Mod modules.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
On explorer.lthn.io: routes serve at root (/). On lthn.io: Mod/Explorer
handles the /explorer prefix. Adopted CorePHP $event->routes() pattern.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Lethean module now checks HTTP_HOST and skips route registration on
api.* domains. This lets the Website/Api module's homepage route win
on api.lthn.io. Also migrated to $event->routes() pattern.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Widget.js default API URL changed to api.lthn.io. API docs page "Try"
links now use configurable API_URL. Base URL display is dynamic.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds paid fast-track option to sunrise page, reserved name detail
pages, and pricing table. Links to Blesta order form for BTCPay
payment. Three clear paths: free DNS verification, free manual
verification, or $49 BTC fast track with immediate registration.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Production stack has honeypot that null-routes API payloads sent to
the web domain. API routes now only register via Website/Api module
(api.lthn.io). Mod modules stripped to web-only routes. Frontend JS
fetch calls use configurable API_URL for cross-origin API access.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
POST endpoints on /v1/* were returning 419 CSRF mismatch because
$event->routes() wraps routes in the web middleware group which
includes ValidateCsrfToken. External clients (Blesta, curl) can't
send CSRF tokens. withoutMiddleware() on /v1/* prefixes fixes this.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The $event->routes() pattern applies SecurityHeaders middleware which
sets CSP. Inline <style> and <script> tags in Blade views need
unsafe-inline to render. Published config from framework with fix.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The Why Lethean page (/about) existed but was unreachable from the nav.
CTOs need to find the CIC governance and positioning page.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
All 6 Mod modules now use $event->routes() and $event->views() instead
of raw Route:: and app('view')-> calls. Service singletons moved to
FrameworkBooted where appropriate. Website/Api module added for
api.lthn.io domain with proper DomainResolving.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Name detail pages now show DNS records from sidechain, ITNS sidechain
registration, services links (DNS/SSL/Proxy), and CIC governance label
for community members. Available names link to claim page.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
API reference now covers all 29 endpoints across Names (13), Proxy (5),
Gateway (4), and Explorer (7). All GET endpoints verified returning 200.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Shows blockchain daemon, wallet, gateways, name registry, and consensus
status with green/amber indicators. Chain stats, hardfork status, and
gateway details. Footer link added.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds claim/listClaims endpoints so visitors can reserve .lthn names
before chain registration is fully automated. Claims are stored with
email for notification when approved. Admin endpoint lists all claims.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- /names/register: search → see result → one-click register
- Live API check via JavaScript (no page reload)
- Green "Register now" button links directly to Blesta checkout
- Reserved names link to /sunrise, taken names link to detail page
- Requirements and features shown alongside search
- Autofocus on input, Enter key support
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Bundle package: saves 85% vs buying separately ($64.87 → $9.99)
- New order form: /order/bundles
- Pricing page shows bundle with strikethrough original price
- 6 Blesta order forms total: domains, ssl, dns, proxy, bundles
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Proxy Services: Residential $49.99/mo, Mobile $99.99/mo, SEO $29.99/mo
- 5 Blesta order forms: domains, ssl, dns, proxy (+ old form 2)
- Affiliate program enabled: 10% commission
- All service pages link to correct order forms with group_ids
- .lthn internal SSL section on /services/ssl with trust model
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- SSL page: lthn.ca Certificate Authority section with trust model
- Valid/revoked/no cert visual trust indicators
- Proxy service pages link to proxy order form
- Foundation for lthn.ca ACME integration
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Real-time block notifications at bottom of explorer
- Green dot pulses on new blocks
- Shows block height, connection status, name/tx counts
- Polls /v1/explorer/info every 10 seconds
- Auto-scrolling feed, max 50 entries
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- /api page with all 22 endpoints: Names, Proxy, Gateway, Explorer
- "Try" links on public GET endpoints for live testing
- Auth docs, widget embed code
- GET=green badge, POST=amber badge
- lthn.ca = Certificate Authority (not Canada)
- Nav API link now goes to /api page
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- /pricing — all products in one view: names, SSL, DNS, proxy
- Names: free registration + sunrise claims
- SSL: 6 tiers from DV $4.99 to EV $69.99
- DNS: 3 tiers from free to enterprise $14.99/mo
- Proxy: 3 models from $1/1K requests to $5/GB mobile
- "All payments via BTC" CTA
- Added to nav between Services and Network
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- SSL Certificates order form with 4 packages: DV ($4.99), Wildcard ($39.99), IP SSL ($18), Code Signing ($59.99)
- DNS Hosting order form with 3 packages: Starter (free), Pro ($4.99/mo), Enterprise ($14.99/mo)
- Package groups created: SSL Certificates, DNS Hosting
- Order links on lthn.io pages point to correct Blesta forms
- Packages use None module as placeholder until GoGetSSL/ClouDNS creds added
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- GET /v1/names/sunrise/verify/{name} — generate verification token
- GET /v1/names/sunrise/check/{name} — check TXT record across .com/.org/.net/.io/.co.uk
- Token: _lthn-verify.brand.com TXT "lthn-verify={hash}"
- Same process as Handshake TLD claims
- Sunrise page shows both auto (DNS) and manual (email) verification paths
- Automatic claim when DNS record matches
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
