Skip to content

v0.2.79

Choose a tag to compare

View all tags
@github-actions github-actions released this 07 Apr 10:28
· 83 commits to main since this release
v0.2.79
4d84fab

Bolt12 Pay v0.2.79

Major security and stability update for Bolt12-pay on StartOS.

🔒 Security Improvements

  • Added CSRF protection across sensitive admin and payment endpoints
  • Hardened login flow against brute-force attacks
  • Added login lockout and retry delay
  • Added retry countdown in the login UI
  • Improved session handling with secure cookie support
  • Added rate limiting for Cloudflare DNS operations

✅ Protected endpoints

  • /api/create-offer
  • /api/pay-offer
  • /api/pay-address
  • /api/create-invoice
  • /api/cloudflare/create-bip353

⚡ Nostr / NWC

  • Fixed NWC admin frontend flow
  • NWC unlock / lock flow working again
  • Nostr Wallet Connect connections stable
  • Zap support and zap notifications working

🧩 Platform Status

  • Start9 package updated and aligned
  • Umbrel and Start9 now at feature parity
  • Suitable for public/self-hosted deployments

⚠️ Notes

  • This package is distributed via GitHub Releases
  • Not available in the official Start9 Marketplace
  • Manual sideload required
  • Use at your own risk

Recommended checks after upgrade

  • Login works and lockout triggers correctly
  • Offer creation and payment flows work
  • Lightning Address / BIP353 resolution works
  • BOLT11 invoice creation works
  • NWC unlock / lock / connection flow works
  • Cloudflare BIP353 creation works
Assets 3
Loading