Skip to content

feat: end-to-end webhook monitoring with Horizon SSE (#94/#61)#369

Open
udeachudivine-spec wants to merge 1 commit into
Emmy123222:mainfrom
udeachudivine-spec:feat/webhook-monitor-fix
Open

feat: end-to-end webhook monitoring with Horizon SSE (#94/#61)#369
udeachudivine-spec wants to merge 1 commit into
Emmy123222:mainfrom
udeachudivine-spec:feat/webhook-monitor-fix

Conversation

@udeachudivine-spec

Copy link
Copy Markdown
Contributor
  • Split monolithic webhookService.js into three focused modules: webhookStore.js (in-memory Map store), webhookDelivery.js (signed POST delivery), paymentMonitor.js (Horizon SSE streaming)

  • Fix Promise.allSettled for parallel webhook delivery so one slow/ failing endpoint never blocks others

  • Add idempotent ensureMonitored() guard to prevent duplicate SSE streams on re-registration for the same public key

  • Add resumeAllMonitors() called at server startup so existing webhooks survive restarts

  • Fix HMAC signature header: X-Stellar-Signature: sha256=
    and add X-Webhook-ID header; reuse utils/webhookSignature.js

  • Fix payload: event name payment_received, add transactionHash and ledger fields

  • Fix POST /api/webhooks: validate publicKey via StrKey, enforce https:// URL, strip secret from response

  • Fix GET /api/webhooks/:publicKey: return { webhooks: [...] }

  • Fix DELETE /api/webhooks/:id: return { success: true } / 404

  • webhookService.js kept as compat facade re-exporting all symbols

Summary

Type of change

  • Bug fix
  • New feature
  • Documentation update
  • Refactor / chore
  • Smart contract change

Related issue

Closes #

Changes

Testing

  • Tested locally on Testnet
  • Added/updated unit tests
  • Manually tested UI flow

Screenshots (if UI change)

Checklist

  • My code follows the project style
  • I've updated docs if needed
  • No console errors or warnings
  • I've rebased on latest main

…mmy123222#61)

- Split monolithic webhookService.js into three focused modules:
  webhookStore.js (in-memory Map store), webhookDelivery.js (signed
  POST delivery), paymentMonitor.js (Horizon SSE streaming)

- Fix Promise.allSettled for parallel webhook delivery so one slow/
  failing endpoint never blocks others

- Add idempotent ensureMonitored() guard to prevent duplicate SSE
  streams on re-registration for the same public key

- Add resumeAllMonitors() called at server startup so existing
  webhooks survive restarts

- Fix HMAC signature header: X-Stellar-Signature: sha256=<hex>
  and add X-Webhook-ID header; reuse utils/webhookSignature.js

- Fix payload: event name payment_received, add transactionHash
  and ledger fields

- Fix POST /api/webhooks: validate publicKey via StrKey, enforce
  https:// URL, strip secret from response

- Fix GET /api/webhooks/:publicKey: return { webhooks: [...] }

- Fix DELETE /api/webhooks/:id: return { success: true } / 404

- webhookService.js kept as compat facade re-exporting all symbols
@vercel

vercel Bot commented Jun 24, 2026

Copy link
Copy Markdown

@udeachudivine-spec is attempting to deploy a commit to the Emmanuel's projects Team on Vercel.

A member of the Team first needs to authorize it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant