rust-payjoin icon indicating copy to clipboard operation
rust-payjoin copied to clipboard
verified publisher icon payjoin

Add completed_event_id FK to prevent session replay

Open Mshehu5 opened this issue 3 months ago • 3 comments

This PR adds completed_event_id foreign key columns to both send_sessions and receive_sessions tables. This column references the exact event row that closed the session.

Closes #1146

  • [x] Replaced completed_at columns with completed_event_id foreign keys
  • [x] Updated close() methods to validate if completed_event_id is None
  • [x] Modified inactive session queries to derive timestamps from closed event

Please confirm the following before requesting review:

Mshehu5 avatar Oct 09 '25 02:10 Mshehu5

Pull Request Test Coverage Report for Build 19371495926

Details

  • 31 of 46 (67.39%) changed or added relevant lines in 3 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage decreased (-0.07%) to 83.508%
Changes Missing Coverage Covered Lines Changed/Added Lines %
payjoin-cli/src/db/error.rs 0 3 0.0%
payjoin-cli/src/db/v2.rs 27 39 69.23%
<!-- Total: 31 46
Totals Coverage Status
Change from base Build 18946545260: -0.07%
Covered Lines: 9008
Relevant Lines: 10787
💛 - Coveralls

coveralls avatar Oct 09 '25 02:10 coveralls

Thank you for taking on this @Mshehu5 . on first pass , this works as intended

zealsham avatar Oct 09 '25 11:10 zealsham

Its not clear to me what problem the changes in payjoin/src/core/send/v2 and its corresponding change in payjoin-cli are solving. They seem unrelated to the original ticket and should be moved to a different PR once its clear what the problem actually is.

understood, seems the reason I made the change in payjoin/src/core/send/v2 have been addressed in PR https://github.com/payjoin/rust-payjoin/pull/1171 I will take a better approach in issues like this next time

Mshehu5 avatar Oct 23 '25 17:10 Mshehu5

@Mshehu5 Thank you for spending time to explore this problem space and present great solutions! However, after looking at the current state of this PR (and alternatives paths that you have dillegently proposed) I don't think the added complexity is worth it. Specifically, the string-matching approach doesn’t set a good precedent for applications that will model their behavior after pj-cli. The best path forward is to close the ticket as won't be fixed.

arminsabouri avatar Nov 20 '25 15:11 arminsabouri