Skip to content

feat(invite): Referral system with Email/SMS/WhatsApp invites #259

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
islandbitcoin wants to merge 4 commits into from
Closed

feat(invite): Referral system with Email/SMS/WhatsApp invites #259

islandbitcoin wants to merge 4 commits into from

Conversation

@islandbitcoin
Copy link
Contributor

@islandbitcoin islandbitcoin commented Jan 25, 2026
edited
Loading

Summary

Implements a referral/invite system allowing users to invite friends via Email (SendGrid), SMS (Twilio), or WhatsApp (Twilio).

Key Changes:

  • New GraphQL mutations: createInvite and redeemInvite
  • New GraphQL query: invitePreview (unauthenticated)
  • Admin queries: inviteById, invitesList
  • MongoDB schema for invite tracking with secure token hashing (SHA-256)
  • Rate limiting: 10 invites/day per user, 3 invites/day per target contact
  • 24-hour invite expiration with Firebase Dynamic Links support

How It Works

  1. User calls createInvite with contact (email/phone) + method (EMAIL/SMS/WHATSAPP)
  2. System validates contact format, checks rate limits, generates secure token
  3. Notification sent via SendGrid (email) or Twilio (SMS/WhatsApp) with Firebase Dynamic Link
  4. New user (within 24h of account creation) calls redeemInvite with token
  5. System validates token, checks contact match, marks invite as accepted

Files Changed (37 files, +2117/-111)

Core Implementation:

  • src/app/invite/ - Invite creation, redemption, rate limiting
  • src/domain/invite/ - Domain types and validation
  • src/graphql/public/root/mutation/create-invite.ts - Create invite mutation
  • src/graphql/public/root/mutation/redeem-invite.ts - Redeem invite mutation
  • src/graphql/public/root/query/invite-preview.ts - Preview invite query
  • src/services/mongoose/models/invite.ts - MongoDB schema
  • src/services/notification/index.ts - Twilio/SendGrid notification service
  • src/services/notifications/invite.ts - Invite-specific notifications

Admin Features:

  • src/app/admin/invite.ts - Revoke, extend, reset rate limits
  • src/graphql/admin/root/query/invite-by-id.ts - View invite details
  • src/graphql/admin/root/query/invites-list.ts - List/filter invites

Known Issues / Follow-up Tickets

🔴 HIGH PRIORITY

  1. Dead Code / Duplicate Logic

    • Location: src/app/invite/redeem-invite.ts vs src/graphql/public/root/mutation/redeem-invite.ts
    • Issue: Two separate implementations of redemption logic. The GraphQL mutation (170 lines) implements full logic inline while src/app/invite/redeem-invite.ts (60 lines) appears unused.
    • Recommendation: Remove src/app/invite/redeem-invite.ts or refactor mutation to use it

  2. Token Fragment Logged

    • Location: src/graphql/public/root/mutation/redeem-invite.ts line 156
    • Issue: First 8 characters of token logged in error cases
    • Risk: Reduces entropy for brute-force if logs compromised
    • Recommendation: Log invite ID or token hash instead

🟡 MEDIUM PRIORITY

  1. Email Validation Deferred (Documented in code)

    • Location: src/graphql/public/root/mutation/redeem-invite.ts lines 115-127
    • Issue: Email invites can be created/sent, but redemption cannot validate email match
    • Reason: Email-only registration not yet available (depends on PR feat/email-registration #212)
    • Status: Documented in code with link to email-registration PR

  2. Type Casting Hack in Rate Limits

    • Location: src/app/invite/rate-limits.ts line 21
    • Issue: keyToConsume: contact as IpAddress - incorrect type cast
    • Fix: Create proper branded type for rate limit keys

  3. WhatsApp Template Handling Incomplete

    • Location: src/services/notification/index.ts lines 176-189
    • Issue: Template-based WhatsApp requires TWILIO_WHATSAPP_TEMPLATE_SID env var but not in schema
    • Impact: Template messages may fail in production

  4. No Transaction Boundary for Multi-Step Operations

    • Location: src/graphql/public/root/mutation/redeem-invite.ts lines 128-132
    • Issue: Invite status update not in transaction - concurrent requests could cause issues

  5. Status Transition Edge Case

    • Location: src/app/admin/invite.ts line 61
    • Issue: Extending expired invite resets to PENDING (was SENT)
    • Impact: Loses notification history

🟢 LOW PRIORITY

  1. Undocumented GraphQL Complexity - Multiple endpoints use complexity: 120 without documentation
  2. Hardcoded URLs - https://getflash.io fallback in notifications
  3. Invite Preview Returns Full Contact - Anyone with token sees unmasked contact info

Pre-existing Test Infrastructure Issues

Same issues as PR #212 (feat/email-registration):

  • IdentityStateIdentityStateEnum in Kratos service
  • Missing lnurlp in Wallet mocks, npub in Account mocks
  • addInvoiceForSelfForBtcWallet removed, test files need updates
  • FractionalCentAmount type mismatches

These should be fixed once and shared across feature branches.

Testing

  • TypeScript compiles for feature code (yarn tsc --noEmit - only pre-existing test errors)
  • Integration tests (blocked by test infrastructure issues)

Checklist

  • Code follows project conventions
  • Feature-specific TypeScript errors resolved
  • Email validation deferral documented in code
  • Security issues documented for follow-up
  • Ready for review

@islandbitcoin islandbitcoin requested a review from brh28 January 25, 2026 13:22
@islandbitcoin islandbitcoin self-assigned this Jan 25, 2026
islandbitcoin and others added 4 commits January 27, 2026 10:32
@islandbitcoin
feat: Implement referral system with Email/SMS/WhatsApp invites
17ec055 
Add comprehensive invite-friend feature allowing users to invite friends via Email, SMS, or WhatsApp.

**User-Facing Features:**
- Create invites: Users can send invites via Email (SendGrid), SMS, or WhatsApp (Twilio)
- Redeem invites: New users can redeem invites within 1 hour of account creation
- Preview invites: Unauthenticated endpoint to preview invite before registration
- Rate limiting: 10 invites/day per user, 3 invites/day per target contact (Redis-based)
- 24-hour invite expiration with Firebase Dynamic Links support

**Admin Features:**
- View invite details with inviter/redeemer information
- List and filter invites by status and inviter
- Paginated invite queries

**Technical Implementation:**
- MongoDB schema for invite tracking with secure token hashing (SHA-256)
- Notification service supporting Email, SMS, and WhatsApp
- Contact validation for email/phone formats
- Deep linking support via Firebase Dynamic Links
- Comprehensive test coverage (unit & integration tests)

**Security:**
- Tokens are 40-character random strings with only SHA-256 hash stored
- Contact verification ensures invite sent to correct recipient
- Account age validation (< 1 hour) for new user redemption
- Self-redemption prevention
@claude @islandbitcoin
fix: improve invite feature consistency and remove code duplication
221d082 
- Fix rate limit key inconsistency between admin functions and rate
  limiter service (use RateLimitPrefix constants)
- Refactor GraphQL createInvite mutation to use @app/invite layer
  instead of duplicating business logic
- Add index on redeemedById field in invite schema for query performance
- Make new-user invite redemption window configurable via
  NEW_USER_INVITE_WINDOW_HOURS constant (default 24 hours, was 1 hour)
- Standardize token generation to use 20-byte (40-char) tokens
@claude @islandbitcoin
fix: improve type safety in invite feature
2e14fb7 
- Add INVITE_TOKEN_LENGTH constant (40 chars) to domain
- Add InviteToken branded type with checkedToInviteToken validator
- Fix token length check in app/invite/redeem-invite.ts (was 64, should be 40)
- Replace magic number checks with typed validation in GraphQL mutations
- Use checkedToAccountId instead of unsafe `as AccountId` cast in invite-preview
@islandbitcoin
fix(invite): add missing ValidationError import and document email va…
6e53b2f 
…lidation deferral

- Add ValidationError import to redeem-invite.ts to fix TypeScript errors
- Document that email validation is deferred until email-only registration
  feature is available (see PR #212)
@islandbitcoin islandbitcoin changed the title feat/invite feat(invite): Referral system with Email/SMS/WhatsApp invites Jan 27, 2026
This was referenced Jan 27, 2026
Open
Open
@islandbitcoin islandbitcoin linked an issue Jan 27, 2026 that may be closed by this pull request
feat: Referral System with Email/SMS/WhatsApp Invites #261
Open
12 tasks
@islandbitcoin
Copy link
Contributor Author

islandbitcoin commented Jan 27, 2026

Closed as deferred

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@brh28 brh28 Awaiting requested review from brh28

Assignees

@islandbitcoin islandbitcoin

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

feat: Referral System with Email/SMS/WhatsApp Invites

3 participants

@islandbitcoin @claude