chore: encrypt tenant NWC URL at rest and stop secret exposure in tenant APIs

2026-05-05 18:58:16 +05:45
parent b1e3747ddb
commit 95f9f0c0bf
9 changed files with 86 additions and 14 deletions
@@ -28,5 +28,6 @@ LIVEKIT_API_SECRET=

 # Billing
 NWC_URL=                      # Nostr Wallet Connect URL for generating Lightning invoices
+ENCRYPTION_SECRET=            # Nostr secret key (hex or nsec) used to encrypt tenant NWC URLs at rest
 STRIPE_SECRET_KEY=            # Required Stripe API secret key (sk_...)
 STRIPE_WEBHOOK_SECRET=whsec_test_00000000000000000000000000  # Webhook signing secret (use real value in production)