snapshot-labs · wa0x6e · Jan 6, 2025 · Jan 7, 2025 · Jan 11, 2025 · Jan 13, 2025
diff --git a/.env.example b/.env.example
@@ -16,3 +16,5 @@ BROVIDER_URL=https://rpc.snapshot.org # optional
 STARKNET_RPC_URL= # optional
 # Secret for laser
 AUTH_SECRET=1dfd84a695705665668c260222ded178d1f1d62d251d7bee8148428dac6d0487 # optional
+WALLET_CONNECT_PROJECT_ID= # optional
+REOWN_SECRET= # optional
diff --git a/src/helpers/utils.ts b/src/helpers/utils.ts
@@ -202,3 +202,38 @@ export function captureError(e: any, context?: any, ignoredErrorCodes?: number[]
 export async function clearStampCache(type: string, id: string) {
   return fetch(`https://cdn.stamp.fyi/clear/${type}/${type === 'avatar' ? 'eth:' : ''}${id}`);
 }
+
+export async function removeFromWalletConnectWhitelist(domain: string) {
+  return updateWalletConnectWhitelist(domain, 'DELETE');
+}
+
+export async function addToWalletConnectWhitelist(domain: string) {
+  return updateWalletConnectWhitelist(domain, 'POST');
+}
+
+async function updateWalletConnectWhitelist(
+  domain: string,
+  method: 'POST' | 'DELETE'
+): Promise<boolean> {
+  if (!domain || !process.env.REOWN_SECRET || !process.env.WALLET_CONNECT_PROJECT_ID) return false;
+
+  try {
+    await fetch(`https://cloud.reown.com/api/set-allowed-domains`, {
+      method,
+      headers: {
+        Accept: 'application/json',
+        'Content-Type': 'application/json',
+        Authorization: process.env.REOWN_SECRET
+      },
+      body: JSON.stringify({
+        projectId: process.env.WALLET_CONNECT_PROJECT_ID,
+        origins: [`https://${domain}`]
+      })
+    });
+  } catch (e) {
+    capture(e, { domain, method });
+    return false;
+  }
+
+  return true;
+}
diff --git a/src/writer/settings.ts b/src/writer/settings.ts
@@ -4,7 +4,13 @@ import isEqual from 'lodash/isEqual';
 import { addOrUpdateSpace, getSpace } from '../helpers/actions';
 import log from '../helpers/log';
 import db from '../helpers/mysql';
-import { clearStampCache, DEFAULT_NETWORK, jsonParse } from '../helpers/utils';
+import {
+  addToWalletConnectWhitelist,
+  clearStampCache,
+  DEFAULT_NETWORK,
+  jsonParse,
+  removeFromWalletConnectWhitelist
+} from '../helpers/utils';
 
 const SNAPSHOT_ENV = process.env.NETWORK || 'testnet';
 const broviderUrl = process.env.BROVIDER_URL || 'https://rpc.snapshot.org';
@@ -120,9 +126,10 @@ export async function verify(body): Promise<any> {
 export async function action(body): Promise<void> {
   const msg = jsonParse(body.msg);
   const space = msg.space.toLowerCase();
-  const existingSettings = JSON.parse(
-    (await db.queryAsync('SELECT settings FROM spaces WHERE id = ?', [space])?.[0]) || '{}'
-  );
+  const existingSpace = (
+    await db.queryAsync('SELECT domain, settings FROM spaces WHERE id = ? LIMIT 1', [space])
+  )?.[0];
+  const existingSettings = JSON.parse(existingSpace?.settings || '{}');
 
   try {
     await addOrUpdateSpace(space, msg.payload);
@@ -133,4 +140,9 @@ export async function action(body): Promise<void> {
   }
 
   if (existingSettings.avatar !== msg.payload.avatar) await clearStampCache('space', space);
+
+  if (existingSpace?.domain != msg.payload.domain) {
+    await addToWalletConnectWhitelist(msg.payload.domain);
+    await removeFromWalletConnectWhitelist(existingSpace?.domain);
+  }
 }