feat: open payment modal immediately on relay plan upgrade

Co-authored-by: userAdityaa <aditya.chaudhary1558@gmail.com>
Co-committed-by: userAdityaa <aditya.chaudhary1558@gmail.com>

backend/.env.template

@@ -28,6 +28,6 @@ LIVEKIT_API_SECRET=
 
 # Billing
 NWC_URL=                      # Nostr Wallet Connect URL for generating Lightning invoices
-ENCRYPTION_SECRET=            # Nostr secret key (hex or nsec) used for NIP-44 encryption of tenant nwc_url at rest
+ENCRYPTION_SECRET=            # Nostr secret key (hex or nsec) used to encrypt tenant NWC URLs at rest
 STRIPE_SECRET_KEY=            # Required Stripe API secret key (sk_...)
 STRIPE_WEBHOOK_SECRET=whsec_test_00000000000000000000000000  # Webhook signing secret (use real value in production)

backend/README.md

@@ -30,30 +30,30 @@ backend/
 
 Environment variables:
 
-| Variable                 | Description                                                                             | Default                                  |
+| Variable                 | Description                                                             | Default                              |
-| ------------------------ | --------------------------------------------------------------------------------------- | ---------------------------------------- |
+| ------------------------ | ----------------------------------------------------------------------- | ------------------------------------ |
-| `DATABASE_URL`           | SQLite URL. Relative paths are resolved under `backend/`.                               | `sqlite://<backend>/data/caravel.db`     |
+| `DATABASE_URL`           | SQLite URL. Relative paths are resolved under `backend/`.               | `sqlite://<backend>/data/caravel.db` |
-| `HOST`                   | API bind host (also used for NIP-98 `u` host check)                                     | `127.0.0.1`                              |
+| `HOST`                   | API bind host (also used for NIP-98 `u` host check)                     | `127.0.0.1`                          |
-| `PORT`                   | API bind port                                                                           | `2892`                                   |
+| `PORT`                   | API bind port                                                           | `2892`                               |
-| `ADMINS`                 | Comma-separated admin pubkeys (hex)                                                     | _optional_                               |
+| `ADMINS`                 | Comma-separated admin pubkeys (hex)                                     | _optional_                           |
-| `ALLOW_ORIGINS`          | Comma-separated CORS origins. If empty, CORS is permissive.                             | _optional_                               |
+| `ALLOW_ORIGINS`          | Comma-separated CORS origins. If empty, CORS is permissive.             | _optional_                           |
-| `ZOOID_API_URL`          | Zooid API base URL used by infra worker                                                 | _required for infra sync_                |
+| `ZOOID_API_URL`          | Zooid API base URL used by infra worker                                 | _required for infra sync_            |
-| `ZOOID_API_SECRET`       | Nostr secret key used for authentication of requests to the zooid API                   | _required_                               |
+| `ZOOID_API_SECRET`       | Nostr secret key used for authentication of requests to the zooid API   | _required_                           |
-| `RELAY_DOMAIN`           | Base domain appended to relay subdomains                                                | empty                                    |
+| `RELAY_DOMAIN`           | Base domain appended to relay subdomains                                | empty                                |
-| `LIVEKIT_URL`            | LiveKit URL sent to zooid when relay livekit is enabled                                 | _optional_                               |
+| `LIVEKIT_URL`            | LiveKit URL sent to zooid when relay livekit is enabled                 | _optional_                           |
-| `LIVEKIT_API_KEY`        | LiveKit API key sent to zooid                                                           | _optional_                               |
+| `LIVEKIT_API_KEY`        | LiveKit API key sent to zooid                                           | _optional_                           |
-| `LIVEKIT_API_SECRET`     | LiveKit API secret sent to zooid                                                        | _optional_                               |
+| `LIVEKIT_API_SECRET`     | LiveKit API secret sent to zooid                                        | _optional_                           |
-| `NWC_URL`                | Platform NWC URL used to generate BOLT11 invoices                                       | _required for invoice generation_        |
+| `NWC_URL`                | Platform NWC URL used to generate BOLT11 invoices                       | _required for invoice generation_    |
-| `ENCRYPTION_SECRET`      | Nostr secret key (hex or `nsec`) used for NIP-44 encryption of tenant `nwc_url` at rest | _required when tenant `nwc_url` is used_ |
+| `ENCRYPTION_SECRET`      | Nostr secret key (hex or nsec) used to encrypt tenant NWC URLs at rest  | _required_                           |
-| `STRIPE_SECRET_KEY`      | Stripe API secret key used for billing API operations                                   | _required_                               |
+| `STRIPE_SECRET_KEY`      | Stripe API secret key used for billing API operations                   | _required_                           |
-| `STRIPE_WEBHOOK_SECRET`  | Stripe webhook signing secret used to verify `Stripe-Signature` headers                 | _required_                               |
+| `STRIPE_WEBHOOK_SECRET`  | Stripe webhook signing secret used to verify `Stripe-Signature` headers | _required_                           |
-| `ROBOT_SECRET`           | Robot Nostr secret key                                                                  | _required_                               |
+| `ROBOT_SECRET`           | Robot Nostr secret key                                                  | _required_                           |
-| `ROBOT_NAME`             | Robot display name (kind `0`)                                                           | _optional_                               |
+| `ROBOT_NAME`             | Robot display name (kind `0`)                                           | _optional_                           |
-| `ROBOT_DESCRIPTION`      | Robot description (kind `0`)                                                            | _optional_                               |
+| `ROBOT_DESCRIPTION`      | Robot description (kind `0`)                                            | _optional_                           |
-| `ROBOT_PICTURE`          | Robot picture URL (kind `0`)                                                            | _optional_                               |
+| `ROBOT_PICTURE`          | Robot picture URL (kind `0`)                                            | _optional_                           |
-| `ROBOT_OUTBOX_RELAYS`    | Comma-separated relays published as kind `10002`                                        | _required_                               |
+| `ROBOT_OUTBOX_RELAYS`    | Comma-separated relays published as kind `10002`                        | _required_                           |
-| `ROBOT_INDEXER_RELAYS`   | Comma-separated relays used for recipient relay discovery                               | _required_                               |
+| `ROBOT_INDEXER_RELAYS`   | Comma-separated relays used for recipient relay discovery               | _required_                           |
-| `ROBOT_MESSAGING_RELAYS` | Comma-separated relays published as kind `10050`                                        | _required_                               |
+| `ROBOT_MESSAGING_RELAYS` | Comma-separated relays published as kind `10050`                        | _required_                           |
 
 Relay list env vars are comma-separated and trimmed. If a relay has no `ws://` or `wss://` scheme, `wss://` is prepended.
 

backend/spec/api.md

@@ -57,7 +57,7 @@ Notes:
 
 - Serves `GET /tenants`
 - Authorizes admin only
-- Return `data` is a list of tenant structs from `query.list_tenants`
+- Return `data` is a list of `TenantResponse` structs (contains `nwc_is_set: bool` instead of `nwc_url`)
 
 ## `async fn create_tenant(...) -> Response`
 
@@ -69,20 +69,21 @@ Notes:
 - On unique-constraint race (`pubkey-exists`), re-fetch and return the existing tenant
 - If Stripe customer creation fails, return `code=stripe-customer-create-failed`
 - Always returns `200` (create-or-get is uniform)
-- Return `data` is a single `Tenant` struct
+- Return `data` is a single `TenantResponse` struct (contains `nwc_is_set: bool` instead of `nwc_url`)
 
 ## `async fn get_tenant(...) -> Response`
 
 - Serves `GET /tenants/:pubkey`
 - Authorizes admin or matching tenant
-- Return `data` is a single tenant struct from `query.get_tenant`
+- Return `data` is a single `TenantResponse` struct (contains `nwc_is_set: bool` instead of `nwc_url`)
 
 ## `async fn update_tenant(...) -> Response`
 
 - Serves `PUT /tenants/:pubkey`
 - Authorizes admin or matching tenant
+- Accepts `nwc_url` in the request body; encrypts it before storage using `cipher::encrypt`
 - Updates tenant using `command.update_tenant`
-- Return `data` is the updated tenant struct
+- Return `data` is the updated `TenantResponse` struct (contains `nwc_is_set: bool` instead of `nwc_url`)
 
 ## `async fn list_tenant_relays(...) -> Response`
 

backend/spec/models.md

@@ -52,7 +52,7 @@ There are three plans available:
 Tenants are customers of the service, identified by a nostr `pubkey`. Public metadata like name etc are pulled from the nostr network. They also have associated billing information.
 
 - `pubkey` is the nostr public key identifying the tenant
-- `nwc_url` (private) a nostr wallet connect URL used for **paying** invoices generated by the system on the tenant's behalf
+- `nwc_url` (private) a nostr wallet connect URL used for **paying** invoices generated by the system on the tenant's behalf; stored encrypted at rest using NIP-44 via `ENCRYPTION_SECRET`; never serialized to API responses — tenant API endpoints expose `nwc_is_set: bool` instead
 - `nwc_error` (private) a string indicating the most recent NWC payment error, if any. Cleared on successful NWC payment.
 - `created_at` unix timestamp identifying tenant creation time
 - `stripe_customer_id` a string identifying the associated stripe customer
@@ -63,9 +63,9 @@ Tenants are customers of the service, identified by a nostr `pubkey`. Public met
 
 A relay is a nostr relay owned by a `tenant` and hosted by the attached zooid instance. Relay subdomains MUST be unique.
 
-- `id` - a random ID identifying the relay
+- `id` - calculated based on `subdomain` + 8 random hex chars
 - `tenant` - the tenant's pubkey
-- `schema` - the relay's db schema (read_only, calculated based on `subdomain` + `id`)
+- `schema` - the relay's db schema (read only, same as `id`)
 - `subdomain` - the relay's subdomain
 - `plan` - the relay's plan
 - `stripe_subscription_item_id` (nullable) - the Stripe subscription item id. Only set for relays on paid plans.

backend/src/api.rs

@@ -275,9 +275,6 @@ impl Api {
             return Err(RelayValidationError::PremiumFeature);
         }
 
-        if relay.schema.is_empty() {
-            relay.schema = format!("{}_{}", relay.subdomain.replace('-', "_"), relay.id);
-        }
         if relay.status.is_empty() {
             relay.status = RELAY_STATUS_ACTIVE.to_string();
         }
@@ -448,7 +445,7 @@ struct IdentityResponse {
 #[derive(Serialize)]
 struct TenantResponse {
     pubkey: String,
-    nwc_configured: bool,
+    nwc_is_set: bool,
     nwc_error: Option<String>,
     created_at: i64,
     stripe_customer_id: String,
@@ -456,6 +453,20 @@ struct TenantResponse {
     past_due_at: Option<i64>,
 }
 
+impl From<Tenant> for TenantResponse {
+    fn from(t: Tenant) -> Self {
+        TenantResponse {
+            nwc_is_set: !t.nwc_url.is_empty(),
+            pubkey: t.pubkey,
+            nwc_error: t.nwc_error,
+            created_at: t.created_at,
+            stripe_customer_id: t.stripe_customer_id,
+            stripe_subscription_id: t.stripe_subscription_id,
+            past_due_at: t.past_due_at,
+        }
+    }
+}
+
 #[derive(Deserialize)]
 struct CreateRelayRequest {
     tenant: String,
@@ -497,7 +508,13 @@ async fn list_tenants(
     state.api.require_admin(&pubkey)?;
 
     match state.api.query.list_tenants().await {
-        Ok(tenants) => Ok(ok(StatusCode::OK, scrub_tenants_for_response(tenants))),
+        Ok(tenants) => Ok(ok(
+            StatusCode::OK,
+            tenants
+                .into_iter()
+                .map(TenantResponse::from)
+                .collect::<Vec<_>>(),
+        )),
         Err(e) => Ok(err(
             StatusCode::INTERNAL_SERVER_ERROR,
             "internal",
@@ -526,7 +543,7 @@ async fn create_tenant(
     let pubkey = state.api.extract_auth_pubkey(&headers)?;
 
     match state.api.query.get_tenant(&pubkey).await {
-        Ok(Some(t)) => Ok(ok(StatusCode::OK, scrub_tenant_for_response(t))),
+        Ok(Some(t)) => Ok(ok(StatusCode::OK, TenantResponse::from(t))),
         Ok(None) => {
             let stripe_customer_id = match state.api.billing.stripe_create_customer(&pubkey).await {
                 Ok(id) => id,
@@ -550,10 +567,10 @@ async fn create_tenant(
             };
 
             match state.api.command.create_tenant(&tenant).await {
-                Ok(()) => Ok(ok(StatusCode::OK, scrub_tenant_for_response(tenant))),
+                Ok(()) => Ok(ok(StatusCode::OK, TenantResponse::from(tenant))),
                 Err(e) if matches!(map_unique_error(&e), Some("pubkey-exists")) => {
                     match state.api.query.get_tenant(&pubkey).await {
-                        Ok(Some(t)) => Ok(ok(StatusCode::OK, scrub_tenant_for_response(t))),
+                        Ok(Some(t)) => Ok(ok(StatusCode::OK, TenantResponse::from(t))),
                         Ok(None) => Ok(err(
                             StatusCode::INTERNAL_SERVER_ERROR,
                             "internal",
@@ -596,7 +613,7 @@ async fn get_tenant(
     let auth = state.api.extract_auth_pubkey(&headers)?;
     state.api.require_admin_or_tenant(&auth, &pubkey)?;
     let tenant = state.api.get_tenant_or_404(&pubkey).await?;
-    Ok(ok(StatusCode::OK, scrub_tenant_for_response(tenant)))
+    Ok(ok(StatusCode::OK, TenantResponse::from(tenant)))
 }
 
 async fn list_relays(
@@ -734,10 +751,16 @@ async fn create_relay(
     let auth = state.api.extract_auth_pubkey(&headers)?;
     state.api.require_admin_or_tenant(&auth, &payload.tenant)?;
 
+    let relay_id = format!(
+        "{}_{}",
+        payload.subdomain.replace('-', "_"),
+        &uuid::Uuid::new_v4().simple().to_string()[..8]
+    );
+
     let mut relay = Relay {
-        id: uuid::Uuid::new_v4().to_string(),
+        id: relay_id.clone(),
         tenant: payload.tenant,
-        schema: String::new(),
+        schema: relay_id.clone(),
         subdomain: payload.subdomain,
         plan: payload.plan,
         stripe_subscription_item_id: None,
@@ -1114,7 +1137,12 @@ async fn update_tenant(
 
     let nwc_previously_empty = tenant.nwc_url.is_empty();
     if let Some(nwc_url) = payload.nwc_url {
-        tenant.nwc_url = nwc_url;
+        if nwc_url.is_empty() {
+            tenant.nwc_url = String::new();
+        } else {
+            tenant.nwc_url =
+                crate::cipher::encrypt(&nwc_url).map_err(|e| ApiError::Internal(e.to_string()))?;
+        }
     }
 
     match state.api.command.update_tenant(&tenant).await {
@@ -1133,7 +1161,7 @@ async fn update_tenant(
                     }
                 });
             }
-            Ok(ok(StatusCode::OK, scrub_tenant_for_response(tenant)))
+            Ok(ok(StatusCode::OK, TenantResponse::from(tenant)))
         }
         Err(e) => Ok(err(
             StatusCode::INTERNAL_SERVER_ERROR,
@@ -1142,19 +1170,3 @@ async fn update_tenant(
         )),
     }
 }
-
-fn scrub_tenant_for_response(tenant: Tenant) -> TenantResponse {
-    TenantResponse {
-        pubkey: tenant.pubkey,
-        nwc_configured: !tenant.nwc_url.is_empty(),
-        nwc_error: tenant.nwc_error,
-        created_at: tenant.created_at,
-        stripe_customer_id: tenant.stripe_customer_id,
-        stripe_subscription_id: tenant.stripe_subscription_id,
-        past_due_at: tenant.past_due_at,
-    }
-}
-
-fn scrub_tenants_for_response(tenants: Vec<Tenant>) -> Vec<TenantResponse> {
-    tenants.into_iter().map(scrub_tenant_for_response).collect()
-}

backend/src/billing.rs

@@ -151,11 +151,7 @@ impl Billing {
             return Ok(());
         }
 
-        tracing::info!(
+        tracing::info!(source, relay_count = relays.len(), "reconciling relay billing state");
-            source,
-            relay_count = relays.len(),
-            "reconciling relay billing state"
-        );
 
         for relay in relays {
             if let Err(error) = self.sync_relay_subscription_for_relay(&relay).await {
@@ -426,13 +422,14 @@ impl Billing {
 
         // 1. NWC auto-pay: if the tenant has a nwc_url
         if !tenant.nwc_url.is_empty() {
+            let plain_nwc_url = crate::cipher::decrypt(&tenant.nwc_url)?;
             match self
                 .nwc_pay_invoice(
                     invoice_id,
                     &tenant.pubkey,
                     amount_due,
                     currency,
-                    &tenant.nwc_url,
+                    &plain_nwc_url,
                 )
                 .await?
             {
@@ -861,6 +858,8 @@ impl Billing {
             return Ok(());
         }
 
+        let plain_nwc_url = crate::cipher::decrypt(&tenant.nwc_url)?;
+
         let invoices = self
             .stripe_list_invoices(&tenant.stripe_customer_id)
             .await?;
@@ -882,7 +881,7 @@ impl Billing {
                     &tenant.pubkey,
                     amount_due,
                     currency,
-                    &tenant.nwc_url,
+                    &plain_nwc_url,
                 )
                 .await?
             {
@@ -999,7 +998,8 @@ impl Billing {
         customer_id: &str,
         price_id: &str,
     ) -> Result<(String, String)> {
-        let idempotency_key = self.idempotency_key(&["create_subscription", customer_id, price_id]);
+        let idempotency_key =
+            self.idempotency_key(&["create_subscription", customer_id, price_id]);
         let resp = self
             .http
             .post(format!("{STRIPE_API}/subscriptions"))
@@ -1726,5 +1726,5 @@ mod tests {
         assert_eq!(billing.stripe_secret_key, "sk_test_dummy");
         assert_eq!(billing.stripe_webhook_secret, "whsec_test_dummy");
     }
-}
 
+}

backend/src/cipher.rs

@@ -0,0 +1,28 @@
+use anyhow::{Result, anyhow};
+use nostr_sdk::prelude::*;
+
+pub fn encrypt(plaintext: &str) -> Result<String> {
+    let keys = load_key()?;
+    nip44::encrypt(
+        keys.secret_key(),
+        &keys.public_key(),
+        plaintext,
+        nip44::Version::V2,
+    )
+    .map_err(|e| anyhow!("encryption failed: {e}"))
+}
+
+pub fn decrypt(ciphertext: &str) -> Result<String> {
+    let keys = load_key()?;
+    nip44::decrypt(keys.secret_key(), &keys.public_key(), ciphertext)
+        .map_err(|e| anyhow!("decryption failed: {e}"))
+}
+
+fn load_key() -> Result<Keys> {
+    let secret = std::env::var("ENCRYPTION_SECRET")
+        .map_err(|_| anyhow!("missing ENCRYPTION_SECRET environment variable"))?;
+    if secret.trim().is_empty() {
+        return Err(anyhow!("ENCRYPTION_SECRET is empty"));
+    }
+    Keys::parse(&secret).map_err(|e| anyhow!("invalid ENCRYPTION_SECRET: {e}"))
+}

backend/src/command.rs

@@ -2,7 +2,6 @@ use anyhow::Result;
 use sqlx::{Sqlite, SqlitePool, Transaction};
 use tokio::sync::broadcast;
 
-use crate::crypto;
 use crate::models::{
     Activity, RELAY_STATUS_ACTIVE, RELAY_STATUS_DELINQUENT, RELAY_STATUS_INACTIVE, Relay, Tenant,
 };
@@ -71,7 +70,6 @@ impl Command {
             anyhow::bail!("stripe_customer_id is required");
         }
 
-        let encrypted_nwc_url = crypto::encrypt(&tenant.nwc_url)?;
         let mut tx = self.pool.begin().await?;
 
         sqlx::query(
@@ -79,7 +77,7 @@ impl Command {
              VALUES (?, ?, ?, ?)",
         )
         .bind(&tenant.pubkey)
-        .bind(&encrypted_nwc_url)
+        .bind(&tenant.nwc_url)
         .bind(tenant.created_at)
         .bind(&tenant.stripe_customer_id)
         .execute(&mut *tx)
@@ -94,11 +92,10 @@ impl Command {
     }
 
     pub async fn update_tenant(&self, tenant: &Tenant) -> Result<()> {
-        let encrypted_nwc_url = crypto::encrypt(&tenant.nwc_url)?;
         let mut tx = self.pool.begin().await?;
 
         sqlx::query("UPDATE tenant SET nwc_url = ? WHERE pubkey = ?")
-            .bind(&encrypted_nwc_url)
+            .bind(&tenant.nwc_url)
             .bind(&tenant.pubkey)
             .execute(&mut *tx)
             .await?;

backend/src/crypto.rs

@@ -1,49 +0,0 @@
-use anyhow::{Result, anyhow};
-use nostr_sdk::prelude::{Keys, nip44};
-
-const ENVELOPE_PREFIX: &str = "enc:nip44:v2:";
-
-pub fn encrypt(value: &str) -> Result<String> {
-    if value.is_empty() {
-        return Ok(String::new());
-    }
-
-    let keys = parse_encryption_keys()?;
-    let payload = nip44::encrypt(
-        keys.secret_key(),
-        &keys.public_key(),
-        value,
-        nip44::Version::V2,
-    )
-    .map_err(|e| anyhow!("encrypt failed: {e}"))?;
-
-    Ok(format!("{ENVELOPE_PREFIX}{payload}"))
-}
-
-pub fn decrypt(value: &str) -> Result<String> {
-    if value.is_empty() {
-        return Ok(String::new());
-    }
-
-    let Some(payload) = value.strip_prefix(ENVELOPE_PREFIX) else {
-        return Ok(value.to_string());
-    };
-
-    let keys = parse_encryption_keys()?;
-    nip44::decrypt(keys.secret_key(), &keys.public_key(), payload)
-        .map_err(|e| anyhow!("decrypt failed: {e}"))
-}
-
-fn parse_encryption_keys() -> Result<Keys> {
-    let raw = std::env::var("ENCRYPTION_SECRET")
-        .map_err(|_| anyhow!("missing ENCRYPTION_SECRET environment variable"))?;
-    let trimmed = raw.trim();
-
-    if trimmed.is_empty() {
-        return Err(anyhow!("missing ENCRYPTION_SECRET environment variable"));
-    }
-
-    Keys::parse(trimmed).map_err(|e| {
-        anyhow!("ENCRYPTION_SECRET must be a valid nostr secret key (hex or nsec): {e}")
-    })
-}

backend/src/infra.rs

@@ -106,11 +106,7 @@ impl Infra {
             return Ok(());
         }
 
-        tracing::info!(
+        tracing::info!(source, relay_count = relays.len(), "reconciling pending relay state");
-            source,
-            relay_count = relays.len(),
-            "reconciling pending relay state"
-        );
 
         for relay in relays {
             if relay.sync_error.trim().is_empty() {

backend/src/lib.rs

@@ -1,7 +1,7 @@
 pub mod api;
 pub mod billing;
+pub mod cipher;
 pub mod command;
-pub mod crypto;
 pub mod infra;
 pub mod models;
 pub mod pool;

backend/src/main.rs

@@ -1,7 +1,7 @@
 mod api;
 mod billing;
+mod cipher;
 mod command;
-mod crypto;
 mod infra;
 mod models;
 mod pool;

backend/src/query.rs

@@ -1,7 +1,6 @@
 use anyhow::Result;
 use sqlx::SqlitePool;
 
-use crate::crypto;
 use crate::models::{Activity, Plan, Relay, Tenant};
 
 #[derive(Clone)]
@@ -22,7 +21,7 @@ impl Query {
         )
         .fetch_all(&self.pool)
         .await?;
-        rows.into_iter().map(decrypt_tenant_nwc_url).collect()
+        Ok(rows)
     }
 
     pub async fn get_tenant(&self, pubkey: &str) -> Result<Option<Tenant>> {
@@ -34,7 +33,7 @@ impl Query {
         .bind(pubkey)
         .fetch_optional(&self.pool)
         .await?;
-        row.map(decrypt_tenant_nwc_url).transpose()
+        Ok(row)
     }
 
     pub fn list_plans() -> Vec<Plan> {
@@ -159,7 +158,7 @@ impl Query {
         .bind(stripe_customer_id)
         .fetch_optional(&self.pool)
         .await?;
-        row.map(decrypt_tenant_nwc_url).transpose()
+        Ok(row)
     }
 
     pub async fn get_invoice_nwc_payment_state(&self, invoice_id: &str) -> Result<Option<String>> {
@@ -225,8 +224,3 @@ impl Query {
         Ok(found.is_some())
     }
 }
-
-fn decrypt_tenant_nwc_url(mut tenant: Tenant) -> Result<Tenant> {
-    tenant.nwc_url = crypto::decrypt(&tenant.nwc_url)?;
-    Ok(tenant)
-}

frontend/src/lib/api.ts

@@ -99,7 +99,6 @@ export type UpdateRelayInput = {
 export type Tenant = {
   pubkey: string
   nwc_url: string
-  nwc_configured: boolean
   created_at: number
   stripe_customer_id: string
   stripe_subscription_id: string | null

frontend/src/lib/hooks.ts

@@ -135,7 +135,7 @@ export const reactivateRelayById = (id: string) => reactivateRelay(id)
 
 export async function tenantNeedsPaymentSetup(): Promise<boolean> {
   const tenant = await getTenant(account()!.pubkey)
-  return !tenant.nwc_configured && !tenant.stripe_subscription_id
+  return !tenant.nwc_url && !tenant.stripe_subscription_id
 }
 
 export async function getLatestOpenInvoice(): Promise<Invoice | null> {

frontend/src/lib/useRelayToggles.ts

@@ -1,5 +1,5 @@
 import { createSignal } from "solid-js"
-import { updateRelayById, deactivateRelayById, reactivateRelayById, getLatestOpenInvoice, type Relay } from "@/lib/hooks"
+import { updateRelayById, deactivateRelayById, reactivateRelayById, getLatestOpenInvoice, tenantNeedsPaymentSetup, type Relay } from "@/lib/hooks"
 import { setToastMessage } from "@/components/Toast"
 import type { Invoice, PlanId } from "@/lib/api"
 
@@ -31,6 +31,7 @@ export default function useRelayToggles(
 ) {
   const [busy, setBusy] = createSignal(false)
   const [pendingInvoice, setPendingInvoice] = createSignal<Invoice | undefined>()
+  const [pendingPaymentSetup, setPendingPaymentSetup] = createSignal(false)
 
   async function updateRelay(next: Relay, previous: Relay) {
     mutate(next)
@@ -101,8 +102,12 @@ export default function useRelayToggles(
     }
 
     if (plan !== "free") {
-      const invoice = await getLatestOpenInvoice()
+      const needsSetup = await tenantNeedsPaymentSetup()
-      if (invoice) setPendingInvoice(invoice)
+      if (needsSetup) {
+        const invoice = await getLatestOpenInvoice()
+        if (invoice) setPendingInvoice(invoice)
+        setPendingPaymentSetup(true)
+      }
     }
   }
 
@@ -116,5 +121,5 @@ export default function useRelayToggles(
     onToggleLivekitSupport: () => toggle("livekit_enabled", relay()?.plan !== "free"),
   }
 
-  return { busy, handleDeactivate, handleReactivate, handleUpdatePlan, pendingInvoice, clearPendingInvoice: () => setPendingInvoice(undefined), toggles }
+  return { busy, handleDeactivate, handleReactivate, handleUpdatePlan, pendingInvoice, clearPendingInvoice: () => setPendingInvoice(undefined), pendingPaymentSetup, clearPendingPaymentSetup: () => setPendingPaymentSetup(false), toggles }
 }

frontend/src/pages/Account.tsx

@@ -18,9 +18,9 @@ export default function Account() {
   const invoicesLoading = useMinLoading(() => invoices.loading)
 
   const hasBillingChanges = createMemo(() => {
+    const current = tenant()?.nwc_url?.trim() ?? ""
     const next = nwcUrl().trim()
-    if (next) return true
+    return current !== next
-    return tenant()?.nwc_configured ?? false
   })
 
   createEffect(() => {
@@ -169,7 +169,7 @@ export default function Account() {
                               <p class="text-xs text-gray-500 mt-0.5">{periodLabel()}</p>
                             </Show>
                           </div>
-                          <div class="flex items-center gap-2 shrink-0">
+                          <div class="flex items-center gap-2 flex-shrink-0">
                             <Show when={isOpen()}>
                               <span class="text-xs text-blue-600 font-medium">Pay now</span>
                             </Show>

frontend/src/pages/relays/RelayDetail.tsx

@@ -1,5 +1,5 @@
 import { useParams } from "@solidjs/router"
-import { createMemo, createResource, createSignal, Show } from "solid-js"
+import { createEffect, createMemo, createResource, createSignal, Show } from "solid-js"
 import BackLink from "@/components/BackLink"
 import PageContainer from "@/components/PageContainer"
 import PaymentDialog from "@/components/PaymentDialog"
@@ -28,13 +28,20 @@ export default function RelayDetail() {
   })
   const loading = useMinLoading(() => relay.loading && !relay())
   const [activity] = useRelayActivity(relayId)
-  const { busy, handleDeactivate, handleReactivate, handleUpdatePlan, pendingInvoice, clearPendingInvoice, toggles } = useRelayToggles(relayId, relay, { refetch, mutate })
+  const { busy, handleDeactivate, handleReactivate, handleUpdatePlan, pendingInvoice, clearPendingInvoice, pendingPaymentSetup, clearPendingPaymentSetup, toggles } = useRelayToggles(relayId, relay, { refetch, mutate })
 
   const [tenant, { refetch: refetchTenant }] = useTenant()
   const [paymentSetupOpen, setPaymentSetupOpen] = createSignal(false)
   const [invoiceDialogOpen, setInvoiceDialogOpen] = createSignal(false)
   const [paymentBannerDismissed, setPaymentBannerDismissed] = createSignal(false)
 
+  createEffect(() => {
+    if (pendingPaymentSetup() && !pendingInvoice()) {
+      setPaymentSetupOpen(true)
+      clearPendingPaymentSetup()
+    }
+  })
+
   const isPaidRelay = createMemo(() => {
     const r = relay()
     if (!r) return false
@@ -52,7 +59,7 @@ export default function RelayDetail() {
     if (!isPaidRelay()) return false
     const t = tenant()
     if (!t) return false
-    return !t.nwc_configured
+    return !t.nwc_url
   })
 
   return (

frontend/src/pages/relays/RelayNew.tsx

@@ -3,13 +3,15 @@ import { useNavigate } from "@solidjs/router"
 import BackLink from "@/components/BackLink"
 import PageContainer from "@/components/PageContainer"
 import PaymentDialog from "@/components/PaymentDialog"
+import PaymentSetup from "@/components/PaymentSetup"
 import RelayForm, { type RelayFormValues } from "@/components/RelayForm"
-import { createRelayForActiveTenant, getLatestOpenInvoice } from "@/lib/hooks"
+import { createRelayForActiveTenant, getLatestOpenInvoice, tenantNeedsPaymentSetup } from "@/lib/hooks"
 import type { Invoice } from "@/lib/api"
 
 export default function RelayNew() {
   const navigate = useNavigate()
   const [pendingInvoice, setPendingInvoice] = createSignal<Invoice | undefined>()
+  const [paymentSetupOpen, setPaymentSetupOpen] = createSignal(false)
   let createdRelayId = ""
 
   async function handleSubmit(values: RelayFormValues) {
@@ -17,9 +19,14 @@ export default function RelayNew() {
     createdRelayId = relay.id
 
     if (values.plan !== "free") {
-      const invoice = await getLatestOpenInvoice()
+      const needsSetup = await tenantNeedsPaymentSetup()
-      if (invoice) {
+      if (needsSetup) {
-        setPendingInvoice(invoice)
+        const invoice = await getLatestOpenInvoice()
+        if (invoice) {
+          setPendingInvoice(invoice)
+          return
+        }
+        setPaymentSetupOpen(true)
         return
       }
     }
@@ -27,8 +34,13 @@ export default function RelayNew() {
     navigate(`/relays/${relay.id}`)
   }
 
-  function handleDialogClose() {
+  function handleInvoiceClose() {
     setPendingInvoice(undefined)
+    setPaymentSetupOpen(true)
+  }
+
+  function handleSetupClose() {
+    setPaymentSetupOpen(false)
     navigate(`/relays/${createdRelayId}`)
   }
 
@@ -47,10 +59,14 @@ export default function RelayNew() {
           <PaymentDialog
             invoice={inv()}
             open={true}
-            onClose={handleDialogClose}
+            onClose={handleInvoiceClose}
           />
         )}
       </Show>
+      <PaymentSetup
+        open={paymentSetupOpen()}
+        onClose={handleSetupClose}
+      />
     </PageContainer>
   )
 }

justfile

@@ -5,6 +5,9 @@ dev:
   cd frontend && bun dev &
   wait
 
+dev-backend:
+  cd backend && onchange src -ik -- bash -c 'RUST_LOG=backend=info cargo run'
+
 dev-frontend:
   cd frontend && bun run dev
 
@@ -27,7 +30,7 @@ build-backend:
   cd backend && cargo build
 
 build-frontend:
-  cd frontend && bun run build
+  cd frontend && bun i && bun run build
 
 fmt: fmt-backend