feat: migrate wallet validation from StarkNet to Stellar

app/api/debug/user-stream/route.ts

@@ -1,5 +1,6 @@
 import { NextResponse } from "next/server";
 import { sql } from "@vercel/postgres";
+import { isValidStellarAddress } from "@/utils/stellar";
 
 export async function GET(req: Request) {
   try {
@@ -13,6 +14,13 @@ export async function GET(req: Request) {
       );
     }
 
+    if (!isValidStellarAddress(wallet)) {
+      return NextResponse.json(
+        { error: "Invalid wallet address. Must be a valid Stellar public key." },
+        { status: 400 }
+      );
+    }
+
     const result = await sql`
       SELECT 
         id,
@@ -24,7 +32,7 @@ export async function GET(req: Request) {
         is_live,
         creator
       FROM users 
-      WHERE LOWER(wallet) = LOWER(${wallet})
+      WHERE wallet = ${wallet}
     `;
 
     if (result.rows.length === 0) {

app/api/fetch-username/route.ts

@@ -2,6 +2,7 @@ import { NextResponse } from "next/server";
 import { sql } from "@vercel/postgres";
 import { withCorsResponse } from "@/lib/with-cors-response";
 import { resolve } from "path/posix";
+import { isValidStellarAddress } from "@/utils/stellar";
 
 export async function GET(req: Request) {
   const { searchParams } = new URL(req.url);
@@ -15,6 +16,13 @@ export async function GET(req: Request) {
     );
   }
 
+  if (wallet && !isValidStellarAddress(wallet)) {
+    return withCorsResponse(
+      { error: "Invalid wallet address. Must be a valid Stellar public key." },
+      400
+    );
+  }
+
   try {
     const result = wallet
       ? await sql`SELECT username FROM users WHERE wallet = ${wallet}`

app/api/streams/[wallet]/route.ts

@@ -1,6 +1,7 @@
 import { NextResponse } from "next/server";
 import { sql } from "@vercel/postgres";
 import { getMuxStreamHealth } from "@/lib/mux/server";
+import { isValidStellarAddress } from "@/utils/stellar";
 
 export async function GET(
   req: Request,
@@ -16,6 +17,13 @@ export async function GET(
       );
     }
 
+    if (!isValidStellarAddress(wallet)) {
+      return NextResponse.json(
+        { error: "Invalid wallet address. Must be a valid Stellar public key." },
+        { status: 400 }
+      );
+    }
+
     const result = await sql`
       SELECT
         u.id,

app/api/streams/create/route.ts

@@ -2,6 +2,7 @@ import { NextResponse } from "next/server";
 import { sql } from "@vercel/postgres";
 import { createMuxStream } from "@/lib/mux/server";
 import { checkExistingTableDetail } from "@/utils/validators";
+import { isValidStellarAddress } from "@/utils/stellar";
 
 export async function POST(req: Request) {
   try {
@@ -24,6 +25,14 @@ export async function POST(req: Request) {
       );
     }
 
+    if (!isValidStellarAddress(wallet)) {
+      console.log("❌ Validation failed: invalid Stellar address");
+      return NextResponse.json(
+        { error: "Invalid wallet address. Must be a valid Stellar public key." },
+        { status: 400 }
+      );
+    }
+
     if (title.length > 100) {
       console.log("❌ Validation failed: title too long");
       return NextResponse.json(
@@ -54,7 +63,7 @@ export async function POST(req: Request) {
 
     console.log("🔍 Fetching user data...");
     const userResult = await sql`
-      SELECT id, username, creator, mux_stream_id FROM users WHERE LOWER(wallet) = LOWER(${wallet})
+      SELECT id, username, creator, mux_stream_id FROM users WHERE wallet = ${wallet}
     `;
 
     if (userResult.rows.length === 0) {
@@ -173,7 +182,7 @@ export async function POST(req: Request) {
           streamkey = ${muxStream.streamKey},
           creator = ${JSON.stringify(updatedCreator)},
           updated_at = CURRENT_TIMESTAMP
-        WHERE LOWER(wallet) = LOWER(${wallet})
+        WHERE wallet = ${wallet}
       `;
       console.log("✅ User updated successfully with stream data");
     } catch (dbError) {

app/api/streams/delete-get/route.ts

@@ -1,6 +1,7 @@
 import { NextResponse } from "next/server";
 import { sql } from "@vercel/postgres";
 import { deleteMuxStream } from "@/lib/mux/server";
+import { isValidStellarAddress } from "@/utils/stellar";
 
 export async function GET(req: Request) {
   try {
@@ -14,12 +15,19 @@ export async function GET(req: Request) {
       );
     }
 
+    if (!isValidStellarAddress(wallet)) {
+      return NextResponse.json(
+        { error: "Invalid wallet address. Must be a valid Stellar public key." },
+        { status: 400 }
+      );
+    }
+
     console.log(`🔧 Force deleting stream for wallet: ${wallet}`);
 
     const userResult = await sql`
       SELECT id, username, mux_stream_id, is_live
       FROM users
-      WHERE LOWER(wallet) = LOWER(${wallet})
+      WHERE wallet = ${wallet}
     `;
 
     if (userResult.rows.length === 0) {
@@ -74,7 +82,7 @@ export async function GET(req: Request) {
         current_viewers = 0,
         stream_started_at = NULL,
         updated_at = CURRENT_TIMESTAMP
-      WHERE LOWER(wallet) = LOWER(${wallet})
+      WHERE wallet = ${wallet}
     `;
 
     console.log("✅ Force delete completed!");

app/api/streams/delete/route.ts

@@ -1,6 +1,7 @@
 import { NextResponse } from "next/server";
 import { sql } from "@vercel/postgres";
 import { deleteMuxStream } from "@/lib/mux/server";
+import { isValidStellarAddress } from "@/utils/stellar";
 
 export async function DELETE(req: Request) {
   try {
@@ -13,6 +14,13 @@ export async function DELETE(req: Request) {
       );
     }
 
+    if (!isValidStellarAddress(wallet)) {
+      return NextResponse.json(
+        { error: "Invalid wallet address. Must be a valid Stellar public key." },
+        { status: 400 }
+      );
+    }
+
     const userResult = await sql`
       SELECT id, username, mux_stream_id, is_live
       FROM users

app/api/streams/key/route.ts

@@ -1,6 +1,7 @@
 import { NextResponse } from "next/server";
 import { sql } from "@vercel/postgres";
 import { getWalletOrDevDefault } from "@/lib/dev-mode";
+import { isValidStellarAddress } from "@/utils/stellar";
 
 /**
  * GET /api/streams/key
@@ -21,6 +22,13 @@ export async function GET(req: Request) {
       );
     }
 
+    if (!isValidStellarAddress(wallet)) {
+      return NextResponse.json(
+        { error: "Invalid wallet address. Must be a valid Stellar public key." },
+        { status: 400 }
+      );
+    }
+
     const userResult = await sql`
       SELECT
         id,
@@ -30,7 +38,7 @@ export async function GET(req: Request) {
         mux_playback_id,
         is_live
       FROM users
-      WHERE LOWER(wallet) = LOWER(${wallet})
+      WHERE wallet = ${wallet}
     `;
 
     if (userResult.rows.length === 0) {

app/api/streams/start/route.ts

@@ -1,6 +1,7 @@
 import { NextResponse } from "next/server";
 import { sql } from "@vercel/postgres";
 import { getMuxStreamHealth } from "@/lib/mux/server";
+import { isValidStellarAddress } from "@/utils/stellar";
 
 export async function POST(req: Request) {
   try {
@@ -13,6 +14,13 @@ export async function POST(req: Request) {
       );
     }
 
+    if (!isValidStellarAddress(wallet)) {
+      return NextResponse.json(
+        { error: "Invalid wallet address. Must be a valid Stellar public key." },
+        { status: 400 }
+      );
+    }
+
     const userResult = await sql`
       SELECT id, username, mux_stream_id, is_live, mux_playback_id
       FROM users
@@ -101,6 +109,13 @@ export async function DELETE(req: Request) {
       );
     }
 
+    if (!isValidStellarAddress(wallet)) {
+      return NextResponse.json(
+        { error: "Invalid wallet address. Must be a valid Stellar public key." },
+        { status: 400 }
+      );
+    }
+
     const userResult = await sql`
       SELECT id, mux_stream_id, is_live
       FROM users

app/api/streams/update/route.ts

@@ -1,6 +1,7 @@
 import { NextResponse } from "next/server";
 import { sql } from "@vercel/postgres";
 import { uploadImage } from "@/utils/upload/cloudinary";
+import { isValidStellarAddress } from "@/utils/stellar";
 
 export async function PATCH(req: Request) {
   try {
@@ -14,6 +15,13 @@ export async function PATCH(req: Request) {
       );
     }
 
+    if (!isValidStellarAddress(wallet)) {
+      return NextResponse.json(
+        { error: "Invalid wallet address. Must be a valid Stellar public key." },
+        { status: 400 }
+      );
+    }
+
     if (title && title.length > 100) {
       return NextResponse.json(
         { error: "Title must be 100 characters or less" },

app/api/users/follow/route.ts

@@ -1,8 +1,17 @@
 import { NextRequest, NextResponse } from "next/server";
 import { sql } from "@vercel/postgres";
+import { isValidStellarAddress } from "@/utils/stellar";
 
 export async function POST(req: NextRequest) {
-  const { callerUsername, receiverUsername, action } = await req.json();
+  const { callerUsername, receiverUsername, action, wallet } = await req.json();
+
+  // Validate wallet if provided (for future wallet-based follow operations)
+  if (wallet && !isValidStellarAddress(wallet)) {
+    return NextResponse.json(
+      { error: "Invalid wallet address. Must be a valid Stellar public key." },
+      { status: 400 }
+    );
+  }
 
   if (
     !callerUsername ||

app/api/users/register/route.ts

@@ -3,6 +3,7 @@ import { checkExistingTableDetail, validateEmail } from "@/utils/validators";
 import { sql } from "@vercel/postgres";
 import { sendWelcomeRegistrationEmail } from "@/utils/send-email";
 import { createMuxStream } from "@/lib/mux/server";
+import { isValidStellarAddress } from "@/utils/stellar";
 
 async function handler(req: Request) {
   try {
@@ -78,6 +79,13 @@ async function handler(req: Request) {
     return NextResponse.json({ error: "Wallet is required" }, { status: 400 });
   }
 
+  if (!isValidStellarAddress(wallet)) {
+    return NextResponse.json(
+      { error: "Invalid wallet address. Must be a valid Stellar public key." },
+      { status: 400 }
+    );
+  }
+
   if (!email) {
     return NextResponse.json({ error: "Email is required" }, { status: 400 });
   }

app/api/users/updates/[wallet]/route.ts

@@ -7,18 +7,25 @@ import os from "os";
 import { validateEmail } from "@/utils/validators";
 import { validateUserUpdate } from "../../../../../utils/userValidators";
 import { UserUpdateInput } from "../../../../../types/user";
+import { isValidStellarAddress } from "@/utils/stellar";
 
 export async function PUT(
   req: NextRequest,
   { params }: { params: Promise<{ wallet: string }> }
 ) {
   try {
     const { wallet } = await params;
-    const normalizedWallet = wallet.toLowerCase();
+
+    if (!isValidStellarAddress(wallet)) {
+      return NextResponse.json(
+        { error: "Invalid wallet address. Must be a valid Stellar public key." },
+        { status: 400 }
+      );
+    }
 
     // Fetching current user data
     const existingResult = await sql`
-      SELECT * FROM users WHERE LOWER(wallet) = LOWER(${normalizedWallet})
+      SELECT * FROM users WHERE wallet = ${wallet}
     `;
     const user = existingResult.rows[0];
     if (!user) {
@@ -111,7 +118,7 @@ export async function PUT(
 
     if (email && email !== user.email) {
       const emailExists = await sql`
-        SELECT id FROM users WHERE email = ${email} AND wallet != ${normalizedWallet}
+        SELECT id FROM users WHERE email = ${email} AND wallet != ${wallet}
       `;
       if (emailExists.rows.length > 0) {
         return NextResponse.json(
@@ -124,7 +131,7 @@ export async function PUT(
     // Username uniqueness
     if (username && username !== user.username) {
       const usernameExists = await sql`
-        SELECT id FROM users WHERE username = ${username} AND wallet != ${normalizedWallet}
+        SELECT id FROM users WHERE username = ${username} AND wallet != ${wallet}
       `;
       if (usernameExists.rows.length > 0) {
         return NextResponse.json(
@@ -169,7 +176,7 @@ export async function PUT(
         emailnotifications = ${emailNotifications},
         creator = ${creator ? JSON.stringify(creator) : user.creator},
         updated_at = CURRENT_TIMESTAMP
-      WHERE LOWER(wallet) = LOWER(${normalizedWallet})
+      WHERE wallet = ${wallet}
       RETURNING id, username, email, streamkey, avatar, bio, sociallinks, emailverified, emailnotifications, creator, wallet, created_at, updated_at
     `;
 

app/api/users/wallet/[wallet]/route.ts

@@ -1,5 +1,6 @@
 import { NextResponse } from "next/server";
 import { sql } from "@vercel/postgres";
+import { isValidStellarAddress } from "@/utils/stellar";
 
 export async function GET(
   req: Request,
@@ -9,11 +10,15 @@ export async function GET(
     const { wallet } = await params;
     console.log("API: Fetching user for wallet:", wallet);
 
-    // Normalize the wallet address to lowercase for consistent comparison
-    const normalizedWallet = wallet.toLowerCase();
+    if (!isValidStellarAddress(wallet)) {
+      return NextResponse.json(
+        { error: "Invalid wallet address. Must be a valid Stellar public key." },
+        { status: 400 }
+      );
+    }
 
     const result = await sql`
-      SELECT * FROM users WHERE LOWER(wallet) = ${normalizedWallet}
+      SELECT * FROM users WHERE wallet = ${wallet}
     `;
 
     console.log("API: Query result rows:", result.rowCount);

utils/stellar.ts

@@ -0,0 +1,5 @@
+import { StrKey } from "@stellar/stellar-sdk";
+
+export function isValidStellarAddress(address: string): boolean {
+  return StrKey.isValidEd25519PublicKey(address);
+}