Fix call to Rates via bitpay API

Payment Tolerance

.gitignore

@@ -291,3 +291,5 @@ __pycache__/
 # Bundling JS/CSS
 BTCPayServer/wwwroot/bundles/*
 !BTCPayServer/wwwroot/bundles/.gitignore
+
+.vscode

BTCPayServer.Tests/BTCPayServer.Tests.csproj

@@ -8,7 +8,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.6.1" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.7.0" />
     <PackageReference Include="xunit" Version="2.3.1" />
     <PackageReference Include="xunit.runner.visualstudio" Version="2.3.1" />
   </ItemGroup>

BTCPayServer.Tests/BTCPayServerTester.cs

@@ -2,8 +2,11 @@
 using BTCPayServer.Hosting;
 using BTCPayServer.Payments;
 using BTCPayServer.Payments.Lightning;
+using BTCPayServer.Rating;
+using BTCPayServer.Security;
 using BTCPayServer.Services.Invoices;
 using BTCPayServer.Services.Rates;
+using BTCPayServer.Services.Stores;
 using BTCPayServer.Tests.Logging;
 using BTCPayServer.Tests.Mocks;
 using Microsoft.AspNetCore.Hosting;
@@ -47,7 +50,7 @@ namespace BTCPayServer.Tests
         }
 
         public Uri LTCNBXplorerUri { get; set; }
-        
+
         public Uri ServerUri
         {
             get;
@@ -65,11 +68,14 @@ namespace BTCPayServer.Tests
             get; set;
         }
 
+
+        public bool MockRates { get; set; } = true;
+
         public void Start()
         {
             if (!Directory.Exists(_Directory))
                 Directory.CreateDirectory(_Directory);
-            string chain = ChainType.Regtest.ToNetwork().Name;
+            string chain = NBXplorerDefaultSettings.GetFolderName(NetworkType.Regtest);
             string chainDirectory = Path.Combine(_Directory, chain);
             if (!Directory.Exists(chainDirectory))
                 Directory.CreateDirectory(chainDirectory);
@@ -101,12 +107,6 @@ namespace BTCPayServer.Tests
                     .UseConfiguration(conf)
                     .ConfigureServices(s =>
                     {
-                        var mockRates = new MockRateProviderFactory();
-                        var btc = new MockRateProvider("BTC", new Rate("USD", 5000m));
-                        var ltc = new MockRateProvider("LTC", new Rate("USD", 500m));
-                        mockRates.AddMock(btc);
-                        mockRates.AddMock(ltc);
-                        s.AddSingleton<IRateProviderFactory>(mockRates);
                         s.AddLogging(l =>
                         {
                             l.SetMinimumLevel(LogLevel.Information)
@@ -120,9 +120,32 @@ namespace BTCPayServer.Tests
                     .Build();
             _Host.Start();
             InvoiceRepository = (InvoiceRepository)_Host.Services.GetService(typeof(InvoiceRepository));
-            ((LightningLikePaymentHandler)_Host.Services.GetService(typeof(IPaymentMethodHandler<LightningSupportedPaymentMethod>))).SkipP2PTest = !InContainer;
+
+            var rateProvider = (BTCPayRateProviderFactory)_Host.Services.GetService(typeof(BTCPayRateProviderFactory));
+            rateProvider.DirectProviders.Clear();
+
+            var coinAverageMock = new MockRateProvider();
+            coinAverageMock.ExchangeRates.Add(new Rating.ExchangeRate()
+            {
+                Exchange = "coinaverage",
+                CurrencyPair = CurrencyPair.Parse("BTC_USD"),
+                Value = 5000m
+            });
+            coinAverageMock.ExchangeRates.Add(new Rating.ExchangeRate()
+            {
+                Exchange = "coinaverage",
+                CurrencyPair = CurrencyPair.Parse("BTC_CAD"),
+                Value = 4500m
+            });
+            coinAverageMock.ExchangeRates.Add(new Rating.ExchangeRate()
+            {
+                Exchange = "coinaverage",
+                CurrencyPair = CurrencyPair.Parse("LTC_USD"),
+                Value = 500m
+            });
+            rateProvider.DirectProviders.Add("coinaverage", coinAverageMock);
         }
-        
+
         public string HostName
         {
             get;
@@ -137,7 +160,7 @@ namespace BTCPayServer.Tests
             return _Host.Services.GetRequiredService<T>();
         }
 
-        public T GetController<T>(string userId = null) where T : Controller
+        public T GetController<T>(string userId = null, string storeId = null) where T : Controller
         {
             var context = new DefaultHttpContext();
             context.Request.Host = new HostString("127.0.0.1");
@@ -145,7 +168,11 @@ namespace BTCPayServer.Tests
             context.Request.Protocol = "http";
             if (userId != null)
             {
-                context.User = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(ClaimTypes.NameIdentifier, userId) }));
+                context.User = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(ClaimTypes.NameIdentifier, userId) }, Policies.CookieAuthentication));
+            }
+            if(storeId != null)
+            {
+                context.SetStoreData(GetService<StoreRepository>().FindStore(storeId, userId).GetAwaiter().GetResult());
             }
             var scope = (IServiceScopeFactory)_Host.Services.GetService(typeof(IServiceScopeFactory));
             var provider = scope.CreateScope().ServiceProvider;

BTCPayServer.Tests/Dockerfile

@@ -1,4 +1,4 @@
-FROM microsoft/dotnet:2.0.5-sdk-2.1.4
+FROM microsoft/dotnet:2.0.6-sdk-2.1.101-stretch
 WORKDIR /app
  # caches restore result by copying csproj file separately
 COPY BTCPayServer.Tests/BTCPayServer.Tests.csproj BTCPayServer.Tests/BTCPayServer.Tests.csproj
@@ -9,4 +9,4 @@ RUN dotnet restore
 # copies the rest of your code
 COPY . ../.
 
-ENTRYPOINT ["dotnet", "test"]
+ENTRYPOINT ["dotnet", "test"]

BTCPayServer.Tests/Mocks/MockRateProvider.cs

@@ -0,0 +1,18 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Threading.Tasks;
+using BTCPayServer.Rating;
+using BTCPayServer.Services.Rates;
+
+namespace BTCPayServer.Tests.Mocks
+{
+    public class MockRateProvider : IRateProvider
+    {
+        public ExchangeRates ExchangeRates { get; set; } = new ExchangeRates();
+        public Task<ExchangeRates> GetRatesAsync()
+        {
+            return Task.FromResult(ExchangeRates);
+        }
+    }
+}

BTCPayServer.Tests/RateRulesTest.cs

@@ -0,0 +1,134 @@
+using System;
+using System.Linq;
+using System.Collections.Generic;
+using System.Text;
+using BTCPayServer.Rating;
+using Xunit;
+
+namespace BTCPayServer.Tests
+{
+    public class RateRulesTest
+    {
+        [Fact]
+        public void CanParseRateRules()
+        {
+            // Check happy path
+            StringBuilder builder = new StringBuilder();
+            builder.AppendLine("// Some cool comments");
+            builder.AppendLine("DOGE_X = DOGE_BTC * BTC_X * 1.1");
+            builder.AppendLine("DOGE_BTC = Bittrex(DOGE_BTC)");
+            builder.AppendLine("// Some other cool comments");
+            builder.AppendLine("BTC_usd = GDax(BTC_USD)");
+            builder.AppendLine("BTC_X = Coinbase(BTC_X);");
+            builder.AppendLine("X_X = CoinAverage(X_X) * 1.02");
+
+            Assert.False(RateRules.TryParse("DPW*&W&#hdi&#&3JJD", out var rules));
+            Assert.True(RateRules.TryParse(builder.ToString(), out rules));
+            Assert.Equal(
+                "// Some cool comments\n" +
+                "DOGE_X = DOGE_BTC * BTC_X * 1.1;\n" +
+                "DOGE_BTC = bittrex(DOGE_BTC);\n" +
+                "// Some other cool comments\n" +
+                "BTC_USD = gdax(BTC_USD);\n" +
+                "BTC_X = coinbase(BTC_X);\n" +
+                "X_X = coinaverage(X_X) * 1.02;",
+                rules.ToString());
+            var tests = new[]
+            {
+                (Pair: "BTC_USD", Expected: "gdax(BTC_USD)"),
+                (Pair: "BTC_CAD", Expected: "coinbase(BTC_CAD)"),
+                (Pair: "DOGE_USD", Expected: "bittrex(DOGE_BTC) * gdax(BTC_USD) * 1.1"),
+                (Pair: "DOGE_CAD", Expected: "bittrex(DOGE_BTC) * coinbase(BTC_CAD) * 1.1"),
+                (Pair: "LTC_CAD", Expected: "coinaverage(LTC_CAD) * 1.02"),
+            };
+            foreach (var test in tests)
+            {
+                Assert.Equal(test.Expected, rules.GetRuleFor(CurrencyPair.Parse(test.Pair)).ToString());
+            }
+            rules.GlobalMultiplier = 2.32m;
+            Assert.Equal("(bittrex(DOGE_BTC) * gdax(BTC_USD) * 1.1) * 2.32", rules.GetRuleFor(CurrencyPair.Parse("DOGE_USD")).ToString());
+            ////////////////
+
+            // Check errors conditions
+            builder = new StringBuilder();
+            builder.AppendLine("DOGE_X = LTC_CAD * BTC_X * 1.1");
+            builder.AppendLine("DOGE_BTC = Bittrex(DOGE_BTC)");
+            builder.AppendLine("BTC_usd = GDax(BTC_USD)");
+            builder.AppendLine("LTC_CHF = LTC_CHF * 1.01");
+            builder.AppendLine("BTC_X = Coinbase(BTC_X)");
+            Assert.True(RateRules.TryParse(builder.ToString(), out rules));
+
+            tests = new[]
+            {
+                (Pair: "LTC_CAD", Expected: "ERR_NO_RULE_MATCH(LTC_CAD)"),
+                (Pair: "DOGE_USD", Expected: "ERR_NO_RULE_MATCH(LTC_CAD) * gdax(BTC_USD) * 1.1"),
+                (Pair: "LTC_CHF", Expected: "ERR_TOO_MUCH_NESTED_CALLS(LTC_CHF) * 1.01"),
+            };
+            foreach (var test in tests)
+            {
+                Assert.Equal(test.Expected, rules.GetRuleFor(CurrencyPair.Parse(test.Pair)).ToString());
+            }
+            //////////////////
+
+            // Check if we can resolve exchange rates
+            builder = new StringBuilder();
+            builder.AppendLine("DOGE_X = DOGE_BTC * BTC_X * 1.1");
+            builder.AppendLine("DOGE_BTC = Bittrex(DOGE_BTC)");
+            builder.AppendLine("BTC_usd = GDax(BTC_USD)");
+            builder.AppendLine("BTC_X = Coinbase(BTC_X)");
+            builder.AppendLine("X_X = CoinAverage(X_X) * 1.02");
+            Assert.True(RateRules.TryParse(builder.ToString(), out rules));
+
+            var tests2 = new[]
+            {
+                (Pair: "BTC_USD", Expected: "gdax(BTC_USD)", ExpectedExchangeRates: "gdax(BTC_USD)"),
+                (Pair: "BTC_CAD", Expected: "coinbase(BTC_CAD)", ExpectedExchangeRates: "coinbase(BTC_CAD)"),
+                (Pair: "DOGE_USD", Expected: "bittrex(DOGE_BTC) * gdax(BTC_USD) * 1.1", ExpectedExchangeRates: "bittrex(DOGE_BTC),gdax(BTC_USD)"),
+                (Pair: "DOGE_CAD", Expected: "bittrex(DOGE_BTC) * coinbase(BTC_CAD) * 1.1", ExpectedExchangeRates: "bittrex(DOGE_BTC),coinbase(BTC_CAD)"),
+                (Pair: "LTC_CAD", Expected: "coinaverage(LTC_CAD) * 1.02", ExpectedExchangeRates: "coinaverage(LTC_CAD)"),
+            };
+            foreach (var test in tests2)
+            {
+                var rule = rules.GetRuleFor(CurrencyPair.Parse(test.Pair));
+                Assert.Equal(test.Expected, rule.ToString());
+                Assert.Equal(test.ExpectedExchangeRates, string.Join(',', rule.ExchangeRates.OfType<object>().ToArray()));
+            }
+            var rule2 = rules.GetRuleFor(CurrencyPair.Parse("DOGE_CAD"));
+            rule2.ExchangeRates.SetRate("bittrex", CurrencyPair.Parse("DOGE_BTC"), 5000);
+            rule2.Reevaluate();
+            Assert.True(rule2.HasError);
+            Assert.Equal("5000 * ERR_RATE_UNAVAILABLE(coinbase, BTC_CAD) * 1.1", rule2.ToString(true));
+            Assert.Equal("bittrex(DOGE_BTC) * coinbase(BTC_CAD) * 1.1", rule2.ToString(false));
+            rule2.ExchangeRates.SetRate("coinbase", CurrencyPair.Parse("BTC_CAD"), 2000.4m);
+            rule2.Reevaluate();
+            Assert.False(rule2.HasError);
+            Assert.Equal("5000 * 2000.4 * 1.1", rule2.ToString(true));
+            Assert.Equal(rule2.Value, 5000m * 2000.4m * 1.1m);
+            ////////
+
+            // Make sure parenthesis are correctly calculated
+            builder = new StringBuilder();
+            builder.AppendLine("DOGE_X = DOGE_BTC * BTC_X");
+            builder.AppendLine("BTC_USD = -3 + coinbase(BTC_CAD) + 50 - 5");
+            builder.AppendLine("DOGE_BTC = 2000");
+            Assert.True(RateRules.TryParse(builder.ToString(), out rules));
+            rules.GlobalMultiplier = 1.1m;
+
+            rule2 = rules.GetRuleFor(CurrencyPair.Parse("DOGE_USD"));
+            Assert.Equal("(2000 * (-3 + coinbase(BTC_CAD) + 50 - 5)) * 1.1", rule2.ToString());
+            rule2.ExchangeRates.SetRate("coinbase", CurrencyPair.Parse("BTC_CAD"), 1000m);
+            Assert.True(rule2.Reevaluate());
+            Assert.Equal("(2000 * (-3 + 1000 + 50 - 5)) * 1.1", rule2.ToString(true));
+            Assert.Equal((2000m * (-3m + 1000m + 50m - 5m)) * 1.1m, rule2.Value.Value);
+
+            // Test inverse
+            rule2 = rules.GetRuleFor(CurrencyPair.Parse("USD_DOGE"));
+            Assert.Equal("(1 / (2000 * (-3 + coinbase(BTC_CAD) + 50 - 5))) * 1.1", rule2.ToString());
+            rule2.ExchangeRates.SetRate("coinbase", CurrencyPair.Parse("BTC_CAD"), 1000m);
+            Assert.True(rule2.Reevaluate());
+            Assert.Equal("(1 / (2000 * (-3 + 1000 + 50 - 5))) * 1.1", rule2.ToString(true));
+            Assert.Equal(( 1.0m / (2000m * (-3m + 1000m + 50m - 5m))) * 1.1m, rule2.Value.Value);
+            ////////
+        }
+    }
+}

BTCPayServer.Tests/ServerTester.cs

@@ -34,22 +34,12 @@ namespace BTCPayServer.Tests
         public ServerTester(string scope)
         {
             _Directory = scope;
-        }
-
-        public bool Dockerized
-        {
-            get; set;
-        }
-
-        public void Start()
-        {
             if (Directory.Exists(_Directory))
                 Utils.DeleteDirectory(_Directory);
             if (!Directory.Exists(_Directory))
                 Directory.CreateDirectory(_Directory);
 
-
-            NetworkProvider = new BTCPayNetworkProvider(ChainType.Regtest);
+            NetworkProvider = new BTCPayNetworkProvider(NetworkType.Regtest);
             ExplorerNode = new RPCClient(RPCCredentialString.Parse(GetEnvironment("TESTS_BTCRPCCONNECTION", "server=http://127.0.0.1:43782;ceiwHEbqWI83:DwubwWsoo3")), NetworkProvider.GetNetwork("BTC").NBitcoinNetwork);
             LTCExplorerNode = new RPCClient(RPCCredentialString.Parse(GetEnvironment("TESTS_LTCRPCCONNECTION", "server=http://127.0.0.1:43783;ceiwHEbqWI83:DwubwWsoo3")), NetworkProvider.GetNetwork("LTC").NBitcoinNetwork);
 
@@ -72,6 +62,15 @@ namespace BTCPayServer.Tests
             PayTester.Port = int.Parse(GetEnvironment("TESTS_PORT", Utils.FreeTcpPort().ToString(CultureInfo.InvariantCulture)), CultureInfo.InvariantCulture);
             PayTester.HostName = GetEnvironment("TESTS_HOSTNAME", "127.0.0.1");
             PayTester.InContainer = bool.Parse(GetEnvironment("TESTS_INCONTAINER", "false"));
+        }
+
+        public bool Dockerized
+        {
+            get; set;
+        }
+
+        public void Start()
+        {
             PayTester.Start();
         }
 

BTCPayServer.Tests/TestAccount.cs

@@ -44,24 +44,27 @@ namespace BTCPayServer.Tests
         public async Task GrantAccessAsync()
         {
             await RegisterAsync();
-            var store = await CreateStoreAsync();
+            await CreateStoreAsync();
+            var store = this.GetController<StoresController>();
             var pairingCode = BitPay.RequestClientAuthorization("test", Facade.Merchant);
             Assert.IsType<ViewResult>(await store.RequestPairing(pairingCode.ToString()));
             await store.Pair(pairingCode.ToString(), StoreId);
         }
-        public StoresController CreateStore()
+        public void CreateStore()
         {
-            return CreateStoreAsync().GetAwaiter().GetResult();
+            CreateStoreAsync().GetAwaiter().GetResult();
         }
 
-        public async Task<StoresController> CreateStoreAsync()
+        public T GetController<T>(bool setImplicitStore = true) where T : Controller
         {
-            var store = parent.PayTester.GetController<UserStoresController>(UserId);
+            return parent.PayTester.GetController<T>(UserId, setImplicitStore ? StoreId : null);
+        }
+
+        public async Task CreateStoreAsync()
+        {
+            var store = this.GetController<UserStoresController>();
             await store.CreateStore(new CreateStoreViewModel() { Name = "Test Store" });
             StoreId = store.CreatedStoreId;
-            var store2 = parent.PayTester.GetController<StoresController>(UserId);
-            store2.CreatedStoreId = store.CreatedStoreId;
-            return store2;
         }
 
         public BTCPayNetwork SupportedNetwork { get; set; }
@@ -73,12 +76,12 @@ namespace BTCPayServer.Tests
         public async Task RegisterDerivationSchemeAsync(string cryptoCode)
         {
             SupportedNetwork = parent.NetworkProvider.GetNetwork(cryptoCode);
-            var store = parent.PayTester.GetController<StoresController>(UserId);
+            var store = parent.PayTester.GetController<StoresController>(UserId, StoreId);
             ExtKey = new ExtKey().GetWif(SupportedNetwork.NBitcoinNetwork);
             DerivationScheme = new DerivationStrategyFactory(SupportedNetwork.NBitcoinNetwork).Parse(ExtKey.Neuter().ToString() + "-[legacy]");
-            var vm = (StoreViewModel)((ViewResult)await store.UpdateStore(StoreId)).Model;
+            var vm = (StoreViewModel)((ViewResult)store.UpdateStore()).Model;
             vm.SpeedPolicy = SpeedPolicy.MediumSpeed;
-            await store.UpdateStore(StoreId, vm);
+            await store.UpdateStore(vm);
 
             await store.AddDerivationScheme(StoreId, new DerivationSchemeViewModel()
             {
@@ -122,12 +125,13 @@ namespace BTCPayServer.Tests
 
         public async Task RegisterLightningNodeAsync(string cryptoCode, LightningConnectionType connectionType)
         {
-            var storeController = parent.PayTester.GetController<StoresController>(UserId);
+            var storeController = this.GetController<StoresController>();
             await storeController.AddLightningNode(StoreId, new LightningNodeViewModel()
             {
                 Url = connectionType == LightningConnectionType.Charge ? parent.MerchantCharge.Client.Uri.AbsoluteUri :
                       connectionType == LightningConnectionType.CLightning ? parent.MerchantLightningD.Address.AbsoluteUri
-                      : throw new NotSupportedException(connectionType.ToString())
+                      : throw new NotSupportedException(connectionType.ToString()),
+                SkipPortTest = true
             }, "save", "BTC");
             if (storeController.ModelState.ErrorCount != 0)
                 Assert.False(true, storeController.ModelState.FirstOrDefault().Value.Errors[0].ErrorMessage);

BTCPayServer.Tests/UnitTest1.cs

@@ -30,6 +30,13 @@ using BTCPayServer.Payments;
 using BTCPayServer.Payments.Bitcoin;
 using BTCPayServer.HostedServices;
 using BTCPayServer.Payments.Lightning;
+using BTCPayServer.Models.AppViewModels;
+using BTCPayServer.Services.Apps;
+using BTCPayServer.Services.Stores;
+using System.Net.Http;
+using System.Text;
+using BTCPayServer.Rating;
+using ExchangeSharp;
 
 namespace BTCPayServer.Tests
 {
@@ -103,22 +110,11 @@ namespace BTCPayServer.Tests
         {
             var entity = new InvoiceEntity();
 #pragma warning disable CS0618
-            entity.TxFee = Money.Coins(0.1m);
-            entity.Rate = 5000;
-
             entity.Payments = new System.Collections.Generic.List<PaymentEntity>();
+            entity.SetPaymentMethod(new PaymentMethod() { CryptoCode = "BTC", Rate = 5000, TxFee = Money.Coins(0.1m) });
             entity.ProductInformation = new ProductInformation() { Price = 5000 };
 
-            // Some check that handling legacy stuff does not break things
-            var paymentMethod = entity.GetPaymentMethods(null, true).TryGet("BTC", PaymentTypes.BTCLike);
-            paymentMethod.Calculate();
-            Assert.NotNull(paymentMethod);
-            Assert.Null(entity.GetPaymentMethods(null, false).TryGet("BTC", PaymentTypes.BTCLike));
-            entity.SetPaymentMethod(new PaymentMethod() { ParentEntity = entity, Rate = entity.Rate, CryptoCode = "BTC", TxFee = entity.TxFee });
-            Assert.NotNull(entity.GetPaymentMethods(null, false).TryGet("BTC", PaymentTypes.BTCLike));
-            Assert.NotNull(entity.GetPaymentMethods(null, true).TryGet("BTC", PaymentTypes.BTCLike));
-            ////////////////////
-
+            var paymentMethod = entity.GetPaymentMethods(null).TryGet("BTC", PaymentTypes.BTCLike);
             var accounting = paymentMethod.Calculate();
             Assert.Equal(Money.Coins(1.1m), accounting.Due);
             Assert.Equal(Money.Coins(1.1m), accounting.TotalDue);
@@ -233,6 +229,73 @@ namespace BTCPayServer.Tests
 #pragma warning restore CS0618
         }
 
+        [Fact]
+        public void CanAcceptInvoiceWithTolerance()
+        {
+            var entity = new InvoiceEntity();
+#pragma warning disable CS0618
+            entity.Payments = new List<PaymentEntity>();
+            entity.SetPaymentMethod(new PaymentMethod() { CryptoCode = "BTC", Rate = 5000, TxFee = Money.Coins(0.1m) });
+            entity.ProductInformation = new ProductInformation() { Price = 5000 };
+            entity.PaymentTolerance = 0;
+
+
+            var paymentMethod = entity.GetPaymentMethods(null).TryGet("BTC", PaymentTypes.BTCLike);
+            var accounting = paymentMethod.Calculate();
+            Assert.Equal(Money.Coins(1.1m), accounting.Due);
+            Assert.Equal(Money.Coins(1.1m), accounting.TotalDue);
+            Assert.Equal(Money.Coins(1.1m), accounting.MinimumTotalDue);
+
+            entity.PaymentTolerance = 10;
+            accounting = paymentMethod.Calculate();
+            Assert.Equal(Money.Coins(0.99m), accounting.MinimumTotalDue);
+
+            entity.PaymentTolerance = 100;
+            accounting = paymentMethod.Calculate();
+            Assert.Equal(Money.Coins(0), accounting.MinimumTotalDue);
+
+        }
+
+        [Fact]
+        public void CanAcceptInvoiceWithTolerance2()
+        {
+            using (var tester = ServerTester.Create())
+            {
+                tester.Start();
+                var user = tester.NewAccount();
+                user.GrantAccess();
+                user.RegisterDerivationScheme("BTC");
+                
+                // Set tolerance to 50%
+                var stores = user.GetController<StoresController>();
+                var vm = Assert.IsType<StoreViewModel>(Assert.IsType<ViewResult>(stores.UpdateStore()).Model);
+                Assert.Equal(0.0, vm.PaymentTolerance);
+                vm.PaymentTolerance = 50.0;
+                Assert.IsType<RedirectToActionResult>(stores.UpdateStore(vm).Result);
+
+                var invoice = user.BitPay.CreateInvoice(new Invoice()
+                {
+                    Buyer = new Buyer() { email = "test@fwf.com" },
+                    Price = 5000.0,
+                    Currency = "USD",
+                    PosData = "posData",
+                    OrderId = "orderId",
+                    ItemDesc = "Some description",
+                    FullNotifications = true
+                }, Facade.Merchant);
+
+                // Pays 75%
+                var invoiceAddress = BitcoinAddress.Create(invoice.CryptoInfo[0].Address, tester.ExplorerNode.Network);
+                tester.ExplorerNode.SendToAddress(invoiceAddress, Money.Satoshis((decimal)invoice.BtcDue.Satoshi * 0.75m));
+
+                Eventually(() =>
+                {
+                    var localInvoice = user.BitPay.GetInvoice(invoice.Id, Facade.Merchant);
+                    Assert.Equal("paid", localInvoice.Status);
+                });
+            }
+        }
+
         [Fact]
         public void CanPayUsingBIP70()
         {
@@ -301,9 +364,9 @@ namespace BTCPayServer.Tests
                 tester.Start();
                 var user = tester.NewAccount();
                 user.GrantAccess();
-                var storeController = tester.PayTester.GetController<StoresController>(user.UserId);
-                Assert.IsType<ViewResult>(storeController.UpdateStore(user.StoreId).GetAwaiter().GetResult());
-                Assert.IsType<ViewResult>(storeController.AddLightningNode(user.StoreId, "BTC").GetAwaiter().GetResult());
+                var storeController = user.GetController<StoresController>();
+                Assert.IsType<ViewResult>(storeController.UpdateStore());
+                Assert.IsType<ViewResult>(storeController.AddLightningNode(user.StoreId, "BTC"));
 
                 var testResult = storeController.AddLightningNode(user.StoreId, new LightningNodeViewModel()
                 {
@@ -317,7 +380,7 @@ namespace BTCPayServer.Tests
                     Url = tester.MerchantCharge.Client.Uri.AbsoluteUri
                 }, "save", "BTC").GetAwaiter().GetResult());
 
-                var storeVm = Assert.IsType<Models.StoreViewModels.StoreViewModel>(Assert.IsType<ViewResult>(storeController.UpdateStore(user.StoreId).GetAwaiter().GetResult()).Model);
+                var storeVm = Assert.IsType<Models.StoreViewModels.StoreViewModel>(Assert.IsType<ViewResult>(storeController.UpdateStore()).Model);
                 Assert.Single(storeVm.LightningNodes.Where(l => !string.IsNullOrEmpty(l.Address)));
             }
         }
@@ -463,8 +526,8 @@ namespace BTCPayServer.Tests
                 acc.Register();
                 acc.CreateStore();
 
-                var controller = tester.PayTester.GetController<StoresController>(acc.UserId);
-                var token = (RedirectToActionResult)controller.CreateToken(acc.StoreId, new Models.StoreViewModels.CreateTokenViewModel()
+                var controller = acc.GetController<StoresController>();
+                var token = (RedirectToActionResult)controller.CreateToken(new Models.StoreViewModels.CreateTokenViewModel()
                 {
                     Facade = Facade.Merchant.ToString(),
                     Label = "bla",
@@ -522,17 +585,66 @@ namespace BTCPayServer.Tests
                 tester.Start();
                 var acc = tester.NewAccount();
                 acc.Register();
-                var store = acc.CreateStore();
+                acc.CreateStore();
+                var store = acc.GetController<StoresController>();
                 var pairingCode = acc.BitPay.RequestClientAuthorization("test", Facade.Merchant);
                 Assert.IsType<RedirectToActionResult>(store.Pair(pairingCode.ToString(), acc.StoreId).GetAwaiter().GetResult());
 
                 pairingCode = acc.BitPay.RequestClientAuthorization("test1", Facade.Merchant);
-                var store2 = acc.CreateStore();
-                store2.Pair(pairingCode.ToString(), store2.CreatedStoreId).GetAwaiter().GetResult();
+                acc.CreateStore();
+                var store2 = acc.GetController<StoresController>();
+                store2.Pair(pairingCode.ToString(), store2.StoreData.Id).GetAwaiter().GetResult();
                 Assert.Contains(nameof(PairingResult.ReusedKey), store2.StatusMessage, StringComparison.CurrentCultureIgnoreCase);
             }
         }
 
+        [Fact]
+        public void CanListInvoices()
+        {
+            using (var tester = ServerTester.Create())
+            {
+                tester.Start();
+                var acc = tester.NewAccount();
+                acc.GrantAccess();
+                acc.RegisterDerivationScheme("BTC");
+                // First we try payment with a merchant having only BTC
+                var invoice = acc.BitPay.CreateInvoice(new Invoice()
+                {
+                    Price = 500,
+                    Currency = "USD",
+                    PosData = "posData",
+                    OrderId = "orderId",
+                    ItemDesc = "Some description",
+                    FullNotifications = true
+                }, Facade.Merchant);
+                
+                var cashCow = tester.ExplorerNode;
+                var invoiceAddress = BitcoinAddress.Create(invoice.CryptoInfo[0].Address, cashCow.Network);
+                var firstPayment = invoice.CryptoInfo[0].TotalDue - Money.Satoshis(10);
+                cashCow.SendToAddress(invoiceAddress, firstPayment);
+                Eventually(() =>
+                {
+                    invoice = acc.BitPay.GetInvoice(invoice.Id);
+                    Assert.Equal(firstPayment, invoice.CryptoInfo[0].Paid);
+                });
+
+
+                AssertSearchInvoice(acc, true, invoice.Id, $"storeid:{acc.StoreId}");
+                AssertSearchInvoice(acc, false, invoice.Id, $"storeid:blah");
+                AssertSearchInvoice(acc, true, invoice.Id, $"{invoice.Id}");
+                AssertSearchInvoice(acc, true, invoice.Id, $"exceptionstatus:paidPartial");
+                AssertSearchInvoice(acc, false, invoice.Id, $"exceptionstatus:paidOver");
+                AssertSearchInvoice(acc, true, invoice.Id, $"unusual:true");
+                AssertSearchInvoice(acc, false, invoice.Id, $"unusual:false");
+            }
+        }
+
+        private void AssertSearchInvoice(TestAccount acc, bool expected, string invoiceId, string filter)
+        {
+            var result = (Models.InvoicingModels.InvoicesModel)((ViewResult)acc.GetController<InvoiceController>().ListInvoices(filter).Result).Model;
+            Assert.Equal(expected, result.Invoices.Any(i => i.InvoiceId == invoiceId));
+        }
+
         [Fact]
         public void CanRBFPayment()
         {
@@ -596,8 +708,18 @@ namespace BTCPayServer.Tests
             var search = new SearchString(filter);
             Assert.Equal("storeid:abc status:abed blabhbalh", search.ToString());
             Assert.Equal("blabhbalh", search.TextSearch);
-            Assert.Equal("abc", search.Filters["storeid"]);
-            Assert.Equal("abed", search.Filters["status"]);
+            Assert.Single(search.Filters["storeid"]);
+            Assert.Single(search.Filters["status"]);
+            Assert.Equal("abc", search.Filters["storeid"].First());
+            Assert.Equal("abed", search.Filters["status"].First());
+
+            filter = "status:abed status:abed2";
+            search = new SearchString(filter);
+            Assert.Equal("status:abed status:abed2", search.ToString());
+            Assert.Throws<KeyNotFoundException>(() => search.Filters["test"]);
+            Assert.Equal(2, search.Filters["status"].Count);
+            Assert.Equal("abed", search.Filters["status"].First());
+            Assert.Equal("abed2", search.Filters["status"].Skip(1).First());
         }
 
         [Fact]
@@ -611,15 +733,87 @@ namespace BTCPayServer.Tests
                 user.GrantAccess();
                 user.RegisterDerivationScheme("BTC");
                 Assert.True(user.BitPay.TestAccess(Facade.Merchant));
+
+                // Can generate API Key
+                var repo = tester.PayTester.GetService<TokenRepository>();
+                Assert.Empty(repo.GetLegacyAPIKeys(user.StoreId).GetAwaiter().GetResult());
+                Assert.IsType<RedirectToActionResult>(user.GetController<StoresController>().GenerateAPIKey().GetAwaiter().GetResult());
+
+                var apiKey = Assert.Single(repo.GetLegacyAPIKeys(user.StoreId).GetAwaiter().GetResult());
+                ///////
+
+                // Generating a new one remove the previous
+                Assert.IsType<RedirectToActionResult>(user.GetController<StoresController>().GenerateAPIKey().GetAwaiter().GetResult());
+                var apiKey2 = Assert.Single(repo.GetLegacyAPIKeys(user.StoreId).GetAwaiter().GetResult());
+                Assert.NotEqual(apiKey, apiKey2);
+                ////////
+
+                apiKey = apiKey2;
+
+                // Can create an invoice with this new API Key
+                HttpClient client = new HttpClient();
+                HttpRequestMessage message = new HttpRequestMessage(HttpMethod.Post, tester.PayTester.ServerUri.AbsoluteUri + "invoices");
+                message.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Basic", Encoders.Base64.EncodeData(Encoders.ASCII.DecodeData(apiKey)));
+                var invoice = new Invoice()
+                {
+                    Price = 5000.0,
+                    Currency = "USD"
+                };
+                message.Content = new StringContent(JsonConvert.SerializeObject(invoice), Encoding.UTF8, "application/json");
+                var result = client.SendAsync(message).GetAwaiter().GetResult();
+                result.EnsureSuccessStatusCode();
+                /////////////////////
             }
         }
 
+        [Fact]
+        public void CanUseExchangeSpecificRate()
+        {
+            using (var tester = ServerTester.Create())
+            {
+                tester.PayTester.MockRates = false;
+                tester.Start();
+                var user = tester.NewAccount();
+                user.GrantAccess();
+                user.RegisterDerivationScheme("BTC");
+                List<decimal> rates = new List<decimal>();
+                rates.Add(CreateInvoice(tester, user, "coinaverage"));
+                var bitflyer = CreateInvoice(tester, user, "bitflyer");
+                var bitflyer2 = CreateInvoice(tester, user, "bitflyer");
+                Assert.Equal(bitflyer, bitflyer2); // Should be equal because cache
+                rates.Add(bitflyer);
+
+                foreach (var rate in rates)
+                {
+                    Assert.Single(rates.Where(r => r == rate));
+                }
+            }
+        }
+
+        private static decimal CreateInvoice(ServerTester tester, TestAccount user, string exchange)
+        {
+            var storeController = user.GetController<StoresController>();
+            var vm = (RatesViewModel)((ViewResult)storeController.Rates()).Model;
+            vm.PreferredExchange = exchange;
+            storeController.Rates(vm).Wait();
+            var invoice2 = user.BitPay.CreateInvoice(new Invoice()
+            {
+                Price = 5000.0,
+                Currency = "USD",
+                PosData = "posData",
+                OrderId = "orderId",
+                ItemDesc = "Some description",
+                FullNotifications = true
+            }, Facade.Merchant);
+            return invoice2.CryptoInfo[0].Rate;
+        }
 
         [Fact]
         public void CanTweakRate()
         {
             using (var tester = ServerTester.Create())
             {
+                tester.PayTester.MockRates = false;
                 tester.Start();
                 var user = tester.NewAccount();
                 user.GrantAccess();
@@ -637,11 +831,11 @@ namespace BTCPayServer.Tests
                 }, Facade.Merchant);
 
 
-                var storeController = tester.PayTester.GetController<StoresController>(user.UserId);
-                var vm = (StoreViewModel)((ViewResult)storeController.UpdateStore(user.StoreId).Result).Model;
+                var storeController = user.GetController<StoresController>();
+                var vm = (RatesViewModel)((ViewResult)storeController.Rates()).Model;
                 Assert.Equal(1.0, vm.RateMultiplier);
                 vm.RateMultiplier = 0.5;
-                storeController.UpdateStore(user.StoreId, vm).Wait();
+                storeController.Rates(vm).Wait();
 
 
                 var invoice2 = user.BitPay.CreateInvoice(new Invoice()
@@ -717,6 +911,66 @@ namespace BTCPayServer.Tests
             }
         }
 
+        [Fact]
+        public void CanModifyRates()
+        {
+            using (var tester = ServerTester.Create())
+            {
+                tester.Start();
+                var user = tester.NewAccount();
+                user.GrantAccess();
+                user.RegisterDerivationScheme("BTC");
+
+                var store = user.GetController<StoresController>();
+                var rateVm = Assert.IsType<RatesViewModel>(Assert.IsType<ViewResult>(store.Rates()).Model);
+                Assert.False(rateVm.ShowScripting);
+                Assert.Equal("coinaverage", rateVm.PreferredExchange);
+                Assert.Equal(1.0, rateVm.RateMultiplier);
+                Assert.Null(rateVm.TestRateRules);
+
+                rateVm.PreferredExchange = "bitflyer";
+                Assert.IsType<RedirectToActionResult>(store.Rates(rateVm, "Save").Result);
+                rateVm = Assert.IsType<RatesViewModel>(Assert.IsType<ViewResult>(store.Rates()).Model);
+                Assert.Equal("bitflyer", rateVm.PreferredExchange);
+
+                rateVm.ScriptTest = "BTC_JPY,BTC_CAD";
+                rateVm.RateMultiplier = 1.1;
+                store = user.GetController<StoresController>();
+                rateVm = Assert.IsType<RatesViewModel>(Assert.IsType<ViewResult>(store.Rates(rateVm, "Test").Result).Model);
+                Assert.NotNull(rateVm.TestRateRules);
+                Assert.Equal(2, rateVm.TestRateRules.Count);
+                Assert.False(rateVm.TestRateRules[0].Error);
+                Assert.StartsWith("(bitflyer(BTC_JPY)) * 1.10 =", rateVm.TestRateRules[0].Rule, StringComparison.OrdinalIgnoreCase);
+                Assert.True(rateVm.TestRateRules[1].Error);
+                Assert.IsType<RedirectToActionResult>(store.Rates(rateVm, "Save").Result);
+
+                Assert.IsType<RedirectToActionResult>(store.ShowRateRulesPost(true).Result);
+                Assert.IsType<RedirectToActionResult>(store.Rates(rateVm, "Save").Result);
+                store = user.GetController<StoresController>();
+                rateVm = Assert.IsType<RatesViewModel>(Assert.IsType<ViewResult>(store.Rates()).Model);
+                Assert.Equal(rateVm.DefaultScript, rateVm.Script);
+                Assert.True(rateVm.ShowScripting);
+                rateVm.ScriptTest = "BTC_JPY";
+                rateVm = Assert.IsType<RatesViewModel>(Assert.IsType<ViewResult>(store.Rates(rateVm, "Test").Result).Model);
+                Assert.True(rateVm.ShowScripting);
+                Assert.Contains("(bitflyer(BTC_JPY)) * 1.10 = ", rateVm.TestRateRules[0].Rule, StringComparison.OrdinalIgnoreCase);
+
+                rateVm.ScriptTest = "BTC_USD,BTC_CAD,DOGE_USD,DOGE_CAD";
+                rateVm.Script = "DOGE_X = bittrex(DOGE_BTC) * BTC_X;\n" +
+                                "X_CAD = quadrigacx(X_CAD);\n" +
+                                 "X_X = gdax(X_X);";
+                rateVm.RateMultiplier = 0.5;
+                rateVm = Assert.IsType<RatesViewModel>(Assert.IsType<ViewResult>(store.Rates(rateVm, "Test").Result).Model);
+                Assert.True(rateVm.TestRateRules.All(t => !t.Error));
+                Assert.IsType<RedirectToActionResult>(store.Rates(rateVm, "Save").Result);
+                store = user.GetController<StoresController>();
+                rateVm = Assert.IsType<RatesViewModel>(Assert.IsType<ViewResult>(store.Rates()).Model);
+                Assert.Equal(0.5, rateVm.RateMultiplier);
+                Assert.True(rateVm.ShowScripting);
+                Assert.Contains("DOGE_X", rateVm.Script, StringComparison.OrdinalIgnoreCase);
+            }
+        }
+
         [Fact]
         public void CanPayWithTwoCurrencies()
         {
@@ -829,7 +1083,7 @@ namespace BTCPayServer.Tests
         [Fact]
         public void CanParseDerivationScheme()
         {
-            var parser = new DerivationSchemeParser(Network.TestNet, NBXplorer.ChainType.Test);
+            var parser = new DerivationSchemeParser(Network.TestNet);
             NBXplorer.DerivationStrategy.DerivationStrategyBase result;
             //  Passing electrum stuff
             // Native
@@ -866,6 +1120,125 @@ namespace BTCPayServer.Tests
             Assert.Equal($"{tpub}-[p2sh]", result.ToString());
         }
 
+        [Fact]
+        public void CanSetPaymentMethodLimits()
+        {
+            using (var tester = ServerTester.Create())
+            {
+                tester.Start();
+                var user = tester.NewAccount();
+                user.GrantAccess();
+                user.RegisterDerivationScheme("BTC");
+                user.RegisterLightningNode("BTC", LightningConnectionType.Charge);
+                var vm = Assert.IsType<CheckoutExperienceViewModel>(Assert.IsType<ViewResult>(user.GetController<StoresController>().CheckoutExperience()).Model);
+                vm.LightningMaxValue = "2 USD";
+                vm.OnChainMinValue = "5 USD";
+                Assert.IsType<RedirectToActionResult>(user.GetController<StoresController>().CheckoutExperience(vm).Result);
+
+                var invoice = user.BitPay.CreateInvoice(new Invoice()
+                {
+                    Price = 1.5,
+                    Currency = "USD",
+                    PosData = "posData",
+                    OrderId = "orderId",
+                    ItemDesc = "Some description",
+                    FullNotifications = true
+                }, Facade.Merchant);
+
+                Assert.Single(invoice.CryptoInfo);
+                Assert.Equal(PaymentTypes.LightningLike.ToString(), invoice.CryptoInfo[0].PaymentType);
+
+                invoice = user.BitPay.CreateInvoice(new Invoice()
+                {
+                    Price = 5.5,
+                    Currency = "USD",
+                    PosData = "posData",
+                    OrderId = "orderId",
+                    ItemDesc = "Some description",
+                    FullNotifications = true
+                }, Facade.Merchant);
+
+                Assert.Single(invoice.CryptoInfo);
+                Assert.Equal(PaymentTypes.BTCLike.ToString(), invoice.CryptoInfo[0].PaymentType);
+            }
+        }
+
+        [Fact]
+        public void CanUsePoSApp()
+        {
+            using (var tester = ServerTester.Create())
+            {
+                tester.Start();
+                var user = tester.NewAccount();
+                user.GrantAccess();
+                user.RegisterDerivationScheme("BTC");
+                var apps = user.GetController<AppsController>();
+                var vm = Assert.IsType<CreateAppViewModel>(Assert.IsType<ViewResult>(apps.CreateApp().Result).Model);
+                vm.Name = "test";
+                vm.SelectedAppType = AppType.PointOfSale.ToString();
+                Assert.IsType<RedirectToActionResult>(apps.CreateApp(vm).Result);
+                var appId = Assert.IsType<ListAppsViewModel>(Assert.IsType<ViewResult>(apps.ListApps().Result).Model).Apps[0].Id;
+                var vmpos = Assert.IsType<UpdatePointOfSaleViewModel>(Assert.IsType<ViewResult>(apps.UpdatePointOfSale(appId).Result).Model);
+                vmpos.Title = "hello";
+                vmpos.Currency = "CAD";
+                vmpos.Template =
+                    "apple:\n" +
+                    "  price: 5.0\n" +
+                    "  title: good apple\n" +
+                    "orange:\n" +
+                    "  price: 10.0\n";
+                Assert.IsType<RedirectToActionResult>(apps.UpdatePointOfSale(appId, vmpos).Result);
+                vmpos = Assert.IsType<UpdatePointOfSaleViewModel>(Assert.IsType<ViewResult>(apps.UpdatePointOfSale(appId).Result).Model);
+                Assert.Equal("hello", vmpos.Title);
+                var vmview = Assert.IsType<ViewPointOfSaleViewModel>(Assert.IsType<ViewResult>(apps.ViewPointOfSale(appId).Result).Model);
+                Assert.Equal("hello", vmview.Title);
+                Assert.Equal(2, vmview.Items.Length);
+                Assert.Equal("good apple", vmview.Items[0].Title);
+                Assert.Equal("orange", vmview.Items[1].Title);
+                Assert.Equal(10.0m, vmview.Items[1].Price.Value);
+                Assert.Equal("$5.00", vmview.Items[0].Price.Formatted);
+                Assert.IsType<RedirectResult>(apps.ViewPointOfSale(appId, 0, "orange").Result);
+                var invoice = user.BitPay.GetInvoices().First();
+                Assert.Equal(10.00, invoice.Price);
+                Assert.Equal("CAD", invoice.Currency);
+                Assert.Equal("orange", invoice.ItemDesc);
+            }
+        }
+
+        [Fact]
+        public void CanCreateAndDeleteApps()
+        {
+            using (var tester = ServerTester.Create())
+            {
+                tester.Start();
+                var user = tester.NewAccount();
+                user.GrantAccess();
+                var user2 = tester.NewAccount();
+                user2.GrantAccess();
+                var apps = user.GetController<AppsController>();
+                var apps2 = user2.GetController<AppsController>();
+                var vm = Assert.IsType<CreateAppViewModel>(Assert.IsType<ViewResult>(apps.CreateApp().Result).Model);
+                Assert.NotNull(vm.SelectedAppType);
+                Assert.Null(vm.Name);
+                vm.Name = "test";
+                var redirectToAction = Assert.IsType<RedirectToActionResult>(apps.CreateApp(vm).Result);
+                Assert.Equal(nameof(apps.ListApps), redirectToAction.ActionName);
+                var appList = Assert.IsType<ListAppsViewModel>(Assert.IsType<ViewResult>(apps.ListApps().Result).Model);
+                var appList2 = Assert.IsType<ListAppsViewModel>(Assert.IsType<ViewResult>(apps2.ListApps().Result).Model);
+                Assert.Single(appList.Apps);
+                Assert.Empty(appList2.Apps);
+                Assert.Equal("test", appList.Apps[0].AppName);
+                Assert.True(appList.Apps[0].IsOwner);
+                Assert.Equal(user.StoreId, appList.Apps[0].StoreId);
+                Assert.IsType<NotFoundResult>(apps2.DeleteApp(appList.Apps[0].Id).Result);
+                Assert.IsType<ViewResult>(apps.DeleteApp(appList.Apps[0].Id).Result);
+                redirectToAction = Assert.IsType<RedirectToActionResult>(apps.DeleteAppPost(appList.Apps[0].Id).Result);
+                Assert.Equal(nameof(apps.ListApps), redirectToAction.ActionName);
+                appList = Assert.IsType<ListAppsViewModel>(Assert.IsType<ViewResult>(apps.ListApps().Result).Model);
+                Assert.Empty(appList.Apps);
+            }
+        }
+
         [Fact]
         public void InvoiceFlowThroughDifferentStatesCorrectly()
         {
@@ -891,13 +1264,13 @@ namespace BTCPayServer.Tests
                 {
                     var textSearchResult = tester.PayTester.InvoiceRepository.GetInvoices(new InvoiceQuery()
                     {
-                        StoreId = user.StoreId,
+                        StoreId = new[] { user.StoreId },
                         TextSearch = invoice.OrderId
                     }).GetAwaiter().GetResult();
                     Assert.Single(textSearchResult);
                     textSearchResult = tester.PayTester.InvoiceRepository.GetInvoices(new InvoiceQuery()
                     {
-                        StoreId = user.StoreId,
+                        StoreId = new[] { user.StoreId },
                         TextSearch = invoice.Id
                     }).GetAwaiter().GetResult();
 
@@ -920,8 +1293,6 @@ namespace BTCPayServer.Tests
 
                 var txFee = Money.Zero;
 
-                var rate = user.BitPay.GetRates();
-
                 var cashCow = tester.ExplorerNode;
 
                 var invoiceAddress = BitcoinAddress.Create(invoice.BitcoinAddress, cashCow.Network);
@@ -1022,28 +1393,111 @@ namespace BTCPayServer.Tests
             }
         }
 
+        [Fact]
+        public void CheckQuadrigacxRateProvider()
+        {
+            var quadri = new QuadrigacxRateProvider();
+            var rates = quadri.GetRatesAsync().GetAwaiter().GetResult();
+            Assert.NotEmpty(rates);
+            Assert.NotEqual(0.0m, rates.First().Value);
+            Assert.NotEqual(0.0m, rates.GetRate(QuadrigacxRateProvider.QuadrigacxName, CurrencyPair.Parse("BTC_CAD")).Value);
+            Assert.NotEqual(0.0m, rates.GetRate(QuadrigacxRateProvider.QuadrigacxName, CurrencyPair.Parse("BTC_USD")).Value);
+            Assert.NotEqual(0.0m, rates.GetRate(QuadrigacxRateProvider.QuadrigacxName, CurrencyPair.Parse("LTC_CAD")).Value);
+            Assert.Null(rates.GetRate(QuadrigacxRateProvider.QuadrigacxName, CurrencyPair.Parse("LTC_USD")));
+        }
+
+        [Fact]
+        public void CanQueryDirectProviders()
+        {
+            var provider = new BTCPayNetworkProvider(NetworkType.Mainnet);
+            var factory = CreateBTCPayRateFactory(provider);
+            
+            foreach (var result in factory
+                .DirectProviders
+                .Select(p => (ExpectedName: p.Key, ResultAsync: p.Value.GetRatesAsync()))
+                .ToList())
+            {
+                var exchangeRates = result.ResultAsync.Result;
+                Assert.NotNull(exchangeRates);
+                Assert.NotEmpty(exchangeRates);
+                Assert.NotEmpty(exchangeRates.ByExchange[result.ExpectedName]);
+
+                // This check if the currency pair is using right currency pair
+                Assert.Contains(exchangeRates.ByExchange[result.ExpectedName], 
+                        e => ( e.CurrencyPair == new CurrencyPair("BTC", "USD") ||
+                               e.CurrencyPair == new CurrencyPair("BTC", "EUR") ||
+                               e.CurrencyPair == new CurrencyPair("BTC", "USDT"))
+                               && e.Value > 1.0m // 1BTC will always be more than 1USD
+                               );
+            }
+        }
+
+        [Fact]
+        public void CanGetRateCryptoCurrenciesByDefault()
+        {
+            var provider = new BTCPayNetworkProvider(NetworkType.Mainnet);
+            var factory = CreateBTCPayRateFactory(provider);
+
+            var pairs =
+                    provider.GetAll()
+                    .Select(c => new CurrencyPair(c.CryptoCode, "USD"))
+                    .ToHashSet();
+
+            var rules = new StoreBlob().GetDefaultRateRules(provider);
+            var result = factory.FetchRates(pairs, rules);
+            foreach (var value in result)
+            {
+                var rateResult = value.Value.GetAwaiter().GetResult();
+                Assert.NotNull(rateResult.Value);
+            }
+        }
+
+        private static BTCPayRateProviderFactory CreateBTCPayRateFactory(BTCPayNetworkProvider provider)
+        {
+            return new BTCPayRateProviderFactory(new MemoryCacheOptions() { ExpirationScanFrequency = TimeSpan.FromSeconds(1.0) }, provider, new CoinAverageSettings());
+        }
+
         [Fact]
         public void CheckRatesProvider()
         {
-            var coinAverage = new CoinAverageRateProvider("BTC");
-            var jpy = coinAverage.GetRateAsync("JPY").GetAwaiter().GetResult();
-            var jpy2 = new BitpayRateProvider(new Bitpay(new Key(), new Uri("https://bitpay.com/"))).GetRateAsync("JPY").GetAwaiter().GetResult();
+            var provider = new BTCPayNetworkProvider(NetworkType.Mainnet);
+            var coinAverage = new CoinAverageRateProvider();
+            var rates = coinAverage.GetRatesAsync().GetAwaiter().GetResult();
+            Assert.NotNull(rates.GetRate("coinaverage", new CurrencyPair("BTC", "JPY")));
+            var ratesBitpay = new BitpayRateProvider(new Bitpay(new Key(), new Uri("https://bitpay.com/"))).GetRatesAsync().GetAwaiter().GetResult();
+            Assert.NotNull(ratesBitpay.GetRate("bitpay", new CurrencyPair("BTC", "JPY")));
 
-            var cached = new CachedRateProvider("BTC", coinAverage, new MemoryCache(new MemoryCacheOptions() { ExpirationScanFrequency = TimeSpan.FromSeconds(1.0) }));
-            cached.CacheSpan = TimeSpan.FromSeconds(10);
-            var a = cached.GetRateAsync("JPY").GetAwaiter().GetResult();
-            var b = cached.GetRateAsync("JPY").GetAwaiter().GetResult();
-            //Manually check that cache get hit after 10 sec
-            var c = cached.GetRateAsync("JPY").GetAwaiter().GetResult();
+            RateRules.TryParse("X_X = coinaverage(X_X);", out var rateRules);
+
+            var factory = CreateBTCPayRateFactory(provider);
+            factory.DirectProviders.Clear();
+            factory.CacheSpan = TimeSpan.FromSeconds(10);
+
+            var fetchedRate = factory.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
+            Assert.False(fetchedRate.Cached);
+            fetchedRate = factory.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
+            Assert.True(fetchedRate.Cached);
+
+            Thread.Sleep(11000);
+            fetchedRate = factory.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
+            Assert.False(fetchedRate.Cached);
+            fetchedRate = factory.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
+            Assert.True(fetchedRate.Cached);
+            // Should cache at exchange level so this should hit the cache
+            var fetchedRate2 = factory.FetchRate(CurrencyPair.Parse("LTC_USD"), rateRules).GetAwaiter().GetResult();
+            Assert.True(fetchedRate.Cached);
+            Assert.NotEqual(fetchedRate.Value.Value, fetchedRate2.Value.Value);
+
+            // Should cache at exchange level this should not hit the cache as it is different exchange
+            RateRules.TryParse("X_X = bittrex(X_X);", out rateRules);
+            fetchedRate = factory.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
+            Assert.False(fetchedRate.Cached);
 
-            var bitstamp = new CoinAverageRateProvider("BTC") { Exchange = "bitstamp" };
-            var bitstampRate = bitstamp.GetRateAsync("USD").GetAwaiter().GetResult();
-            Assert.Throws<RateUnavailableException>(() => bitstamp.GetRateAsync("XXXXX").GetAwaiter().GetResult());
         }
 
         private static bool IsMapped(Invoice invoice, ApplicationDbContext ctx)
         {
-            var h = BitcoinAddress.Create(invoice.BitcoinAddress).ScriptPubKey.Hash.ToString();
+            var h = BitcoinAddress.Create(invoice.BitcoinAddress, Network.RegTest).ScriptPubKey.Hash.ToString();
             return ctx.AddressInvoices.FirstOrDefault(i => i.InvoiceDataId == invoice.Id && i.GetAddress() == h) != null;
         }
 

BTCPayServer.Tests/UnitTestPeusa.cs

@@ -1,52 +0,0 @@
-using NBitcoin;
-using NBitcoin.DataEncoders;
-using NBitpayClient;
-using System;
-using System.Collections.Generic;
-using System.Text;
-using Xunit;
-
-namespace BTCPayServer.Tests
-{
-    // Helper class for testing functionality and generating data needed during coding/debuging
-    public class UnitTestPeusa
-    {
-        // Unit test that generates temorary checkout Bitpay page
-        // https://forkbitpay.slack.com/archives/C7M093Z55/p1508293682000217
-
-        // Testnet of Bitpay down
-        //[Fact]
-        //public void BitpayCheckout()
-        //{
-        //    var key = new Key(Encoders.Hex.DecodeData("7b70a06f35562873e3dcb46005ed0fe78e1991ad906e56adaaafa40ba861e056"));
-        //    var url = new Uri("https://test.bitpay.com/");
-        //    var btcpay = new Bitpay(key, url);
-        //    var invoice = btcpay.CreateInvoice(new Invoice()
-        //    {
-
-        //        Price = 5.0,
-        //        Currency = "USD",
-        //        PosData = "posData",
-        //        OrderId = "cdfd8a5f-6928-4c3b-ba9b-ddf438029e73",
-        //        ItemDesc = "Hello from the otherside"
-        //    }, Facade.Merchant);
-
-        //    // go to invoice.Url
-        //    Console.WriteLine(invoice.Url);
-        //}
-
-        // Generating Extended public key to use on http://localhost:14142/stores/{storeId}
-        [Fact]
-        public void GeneratePubkey()
-        {
-            var network = Network.RegTest;
-
-            ExtKey masterKey = new ExtKey();
-            Console.WriteLine("Master key : " + masterKey.ToString(network));
-            ExtPubKey masterPubKey = masterKey.Neuter();
-
-            ExtPubKey pubkey = masterPubKey.Derive(0);
-            Console.WriteLine("PubKey " + 0 + " : " + pubkey.ToString(network));
-        }
-    }
-}

BTCPayServer.Tests/docker-compose.yml

@@ -46,7 +46,7 @@ services:
       - lightning-charged
 
   nbxplorer:
-    image: nicolasdorier/nbxplorer:1.0.1.24
+    image: nicolasdorier/nbxplorer:1.0.2.3
     ports:
       - "32838:32838"
     expose: 
@@ -89,7 +89,7 @@ services:
       - "bitcoin_datadir:/data"
 
   customer_lightningd:
-    image: nicolasdorier/clightning
+    image: nicolasdorier/clightning:0.0.0.12-dev
     environment: 
       EXPOSE_TCP: "true"
       LIGHTNINGD_OPT: |
@@ -98,6 +98,7 @@ services:
         network=regtest
         ipaddr=customer_lightningd
         log-level=debug
+        dev-broadcast-interval=1000
     ports:
       - "30992:9835" # api port
     expose:
@@ -110,11 +111,10 @@ services:
       - bitcoind
 
   lightning-charged:
-    image: shesek/lightning-charge:0.3.5
+    image: shesek/lightning-charge:0.3.9
     environment:
       NETWORK: regtest
       API_TOKEN: foiewnccewuify
-      SKIP_BITCOIND: 1
       BITCOIND_RPCCONNECT: bitcoind
     volumes:
       - "bitcoin_datadir:/etc/bitcoin"
@@ -130,7 +130,7 @@ services:
       - merchant_lightningd
 
   merchant_lightningd:
-    image: nicolasdorier/clightning
+    image: nicolasdorier/clightning:0.0.0.11-dev
     environment: 
       EXPOSE_TCP: "true"
       LIGHTNINGD_OPT: |
@@ -139,6 +139,7 @@ services:
         ipaddr=merchant_lightningd
         network=regtest
         log-level=debug
+        dev-broadcast-interval=1000
     ports:
       - "30993:9835" # api port
     expose:

BTCPayServer/Authentication/BitIdentity.cs

@@ -1,35 +0,0 @@
-using NBitcoin;
-using NBitcoin.DataEncoders;
-using System;
-using System.Collections.Generic;
-using System.Security.Principal;
-using System.Text;
-
-namespace BTCPayServer.Authentication
-{
-    public class BitIdentity : IIdentity
-    {
-        public BitIdentity(PubKey key)
-        {
-            PubKey = key;
-            _Name = Encoders.Base58Check.EncodeData(Encoders.Hex.DecodeData("0f02" + key.Hash.ToString()));
-            SIN = NBitpayClient.Extensions.BitIdExtensions.GetBitIDSIN(key);
-        }
-        string _Name;
-
-        public string SIN
-        {
-            get;
-        }
-        public PubKey PubKey
-        {
-            get;
-        }
-
-        public string AuthenticationType => "BitID";
-
-        public bool IsAuthenticated => true;
-
-        public string Name => _Name;
-    }
-}

BTCPayServer/Authentication/TokenRepository.cs

@@ -33,6 +33,8 @@ namespace BTCPayServer.Authentication
 
         public async Task<BitTokenEntity[]> GetTokens(string sin)
         {
+            if (sin == null)
+                return Array.Empty<BitTokenEntity>();
             using (var ctx = _Factory.CreateContext())
             {
                 return (await ctx.PairedSINData
@@ -43,6 +45,46 @@ namespace BTCPayServer.Authentication
             }
         }
 
+        public async Task<String> GetStoreIdFromAPIKey(string apiKey)
+        {
+            using (var ctx = _Factory.CreateContext())
+            {
+                return await ctx.ApiKeys.Where(o => o.Id == apiKey).Select(o => o.StoreId).FirstOrDefaultAsync();
+            }
+        }
+
+        public async Task GenerateLegacyAPIKey(string storeId)
+        {
+            // It is legacy support and Bitpay generate string of unknown format, trying to replicate them
+            // as good as possible. The string below got generated for me.
+            var chars = "ERo0vkBMOYhyU0ZHvirCplbLDIGWPdi1ok77VnW7QdE";
+            var rand = new Random(Math.Abs(RandomUtils.GetInt32()));
+            var generated = new char[chars.Length];
+            for (int i = 0; i < generated.Length; i++)
+            {
+                generated[i] = chars[rand.Next(0, generated.Length)];
+            }
+
+            using (var ctx = _Factory.CreateContext())
+            {
+                var existing = await ctx.ApiKeys.Where(o => o.StoreId == storeId).FirstOrDefaultAsync();
+                if (existing != null)
+                {
+                    ctx.ApiKeys.Remove(existing);
+                }
+                ctx.ApiKeys.Add(new APIKeyData() { Id = new string(generated), StoreId = storeId });
+                await ctx.SaveChangesAsync().ConfigureAwait(false);
+            }
+        }
+
+        public async Task<string[]> GetLegacyAPIKeys(string storeId)
+        {
+            using (var ctx = _Factory.CreateContext())
+            {
+                return await ctx.ApiKeys.Where(o => o.StoreId == storeId).Select(c => c.Id).ToArrayAsync();
+            }
+        }
+
         private BitTokenEntity CreateTokenEntity(PairedSINData data)
         {
             return new BitTokenEntity()

BTCPayServer/BTCPayNetwork.cs

@@ -14,34 +14,28 @@ namespace BTCPayServer
     {
         static BTCPayDefaultSettings()
         {
-            _Settings = new Dictionary<ChainType, BTCPayDefaultSettings>();
-            foreach (var chainType in new[] { ChainType.Main, ChainType.Test, ChainType.Regtest })
+            _Settings = new Dictionary<NetworkType, BTCPayDefaultSettings>();
+            foreach (var chainType in new[] { NetworkType.Mainnet, NetworkType.Testnet, NetworkType.Regtest })
             {
-                var btcNetwork = (chainType == ChainType.Main ? Network.Main :
-                                  chainType == ChainType.Regtest ? Network.RegTest :
-                                  chainType == ChainType.Test ? Network.TestNet : throw new NotSupportedException(chainType.ToString()));
-
                 var settings = new BTCPayDefaultSettings();
                 _Settings.Add(chainType, settings);
-                settings.ChainType = chainType;
-                settings.DefaultDataDirectory = StandardConfiguration.DefaultDataDirectory.GetDirectory("BTCPayServer", btcNetwork.Name);
+                settings.DefaultDataDirectory = StandardConfiguration.DefaultDataDirectory.GetDirectory("BTCPayServer", NBXplorerDefaultSettings.GetFolderName(chainType));
                 settings.DefaultConfigurationFile = Path.Combine(settings.DefaultDataDirectory, "settings.config");
-                settings.DefaultPort = (chainType == ChainType.Main ? 23000 :
-                                                      chainType == ChainType.Regtest ? 23002 :
-                                                      chainType == ChainType.Test ? 23001 : throw new NotSupportedException(chainType.ToString()));
+                settings.DefaultPort = (chainType == NetworkType.Mainnet ? 23000 :
+                                                      chainType == NetworkType.Regtest ? 23002 :
+                                                      chainType == NetworkType.Testnet ? 23001 : throw new NotSupportedException(chainType.ToString()));
             }
         }
 
-        static Dictionary<ChainType, BTCPayDefaultSettings> _Settings;
+        static Dictionary<NetworkType, BTCPayDefaultSettings> _Settings;
 
-        public static BTCPayDefaultSettings GetDefaultSettings(ChainType chainType)
+        public static BTCPayDefaultSettings GetDefaultSettings(NetworkType chainType)
         {
             return _Settings[chainType];
         }
 
         public string DefaultDataDirectory { get; set; }
         public string DefaultConfigurationFile { get; set; }
-        public ChainType ChainType { get; internal set; }
         public int DefaultPort { get; set; }
     }
     public class BTCPayNetwork
@@ -50,7 +44,6 @@ namespace BTCPayServer
         public string CryptoCode { get; internal set; }
         public string BlockExplorerLink { get; internal set; }
         public string UriScheme { get; internal set; }
-        public IRateProvider DefaultRateProvider { get; set; }
 
         [Obsolete("Should not be needed")]
         public bool IsBTC
@@ -68,10 +61,17 @@ namespace BTCPayServer
         public BTCPayDefaultSettings DefaultSettings { get; set; }
         public KeyPath CoinType { get; internal set; }
         public int MaxTrackedConfirmation { get; internal set; } = 6;
+        public string[] DefaultRateRules { get; internal set; } = Array.Empty<string>();
 
         public override string ToString()
         {
             return CryptoCode;
-        }        
+        }
+
+        internal KeyPath GetRootKeyPath()
+        {
+            return new KeyPath(NBitcoinNetwork.Consensus.SupportSegwit ? "49'" : "44'")
+                        .Derive(CoinType); 
+        }
     }
 }

BTCPayServer/BTCPayNetworkProvider.Bitcoin.cs

@@ -14,21 +14,17 @@ namespace BTCPayServer
         public void InitBitcoin()
         {
             var nbxplorerNetwork = NBXplorerNetworkProvider.GetFromCryptoCode("BTC");
-            var coinaverage = new CoinAverageRateProvider("BTC");
-            var bitpay = new BitpayRateProvider(new Bitpay(new Key(), new Uri("https://bitpay.com/")));
-            var btcRate = new FallbackRateProvider(new IRateProvider[] { coinaverage, bitpay });
             Add(new BTCPayNetwork()
             {
                 CryptoCode = nbxplorerNetwork.CryptoCode,
-                BlockExplorerLink = NBXplorerNetworkProvider.ChainType == ChainType.Main ? "https://www.smartbit.com.au/tx/{0}" : "https://testnet.smartbit.com.au/tx/{0}",
+                BlockExplorerLink = NetworkType == NetworkType.Mainnet ? "https://www.smartbit.com.au/tx/{0}" : "https://testnet.smartbit.com.au/tx/{0}",
                 NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
                 NBXplorerNetwork = nbxplorerNetwork,
                 UriScheme = "bitcoin",
-                DefaultRateProvider = btcRate,
                 CryptoImagePath = "imlegacy/bitcoin-symbol.svg",
                 LightningImagePath = "imlegacy/btc-lightning.svg",
-                DefaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NBXplorerNetworkProvider.ChainType),
-                CoinType = NBXplorerNetworkProvider.ChainType == ChainType.Main ? new KeyPath("0'") : new KeyPath("1'")
+                DefaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NetworkType),
+                CoinType = NetworkType == NetworkType.Mainnet ? new KeyPath("0'") : new KeyPath("1'")
             });
         }
     }

BTCPayServer/BTCPayNetworkProvider.Dogecoin.cs

@@ -0,0 +1,34 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Services.Rates;
+using NBitcoin;
+using NBXplorer;
+
+namespace BTCPayServer
+{
+    public partial class BTCPayNetworkProvider
+    {
+        public void InitDogecoin()
+        {
+            var nbxplorerNetwork = NBXplorerNetworkProvider.GetFromCryptoCode("DOGE");
+            Add(new BTCPayNetwork()
+            {
+                CryptoCode = nbxplorerNetwork.CryptoCode,
+                BlockExplorerLink = NetworkType == NetworkType.Mainnet ? "https://dogechain.info/tx/{0}" : "https://dogechain.info/tx/{0}",
+                NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
+                NBXplorerNetwork = nbxplorerNetwork,
+                UriScheme = "dogecoin",
+                DefaultRateRules = new[] 
+                {
+                                "DOGE_X = DOGE_BTC * BTC_X",
+                                "DOGE_BTC = bittrex(DOGE_BTC)"
+                },
+                CryptoImagePath = "imlegacy/dogecoin.png",
+                DefaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NetworkType),
+                CoinType = NetworkType == NetworkType.Mainnet ? new KeyPath("3'") : new KeyPath("1'")
+            });
+        }
+    }
+}

BTCPayServer/BTCPayNetworkProvider.Litecoin.cs

@@ -12,22 +12,18 @@ namespace BTCPayServer
     {
         public void InitLitecoin()
         {
-            NBXplorer.Altcoins.Litecoin.Networks.EnsureRegistered();
-            var ltcRate = new CoinAverageRateProvider("LTC");
-
             var nbxplorerNetwork = NBXplorerNetworkProvider.GetFromCryptoCode("LTC");
             Add(new BTCPayNetwork()
             {
                 CryptoCode = nbxplorerNetwork.CryptoCode,
-                BlockExplorerLink = NBXplorerNetworkProvider.ChainType == ChainType.Main ? "https://live.blockcypher.com/ltc/tx/{0}/" : "http://explorer.litecointools.com/tx/{0}",
+                BlockExplorerLink = NetworkType == NetworkType.Mainnet ? "https://live.blockcypher.com/ltc/tx/{0}/" : "http://explorer.litecointools.com/tx/{0}",
                 NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
                 NBXplorerNetwork = nbxplorerNetwork,
                 UriScheme = "litecoin",
-                DefaultRateProvider = ltcRate,
                 CryptoImagePath = "imlegacy/litecoin-symbol.svg",
                 LightningImagePath = "imlegacy/ltc-lightning.svg",
-                DefaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NBXplorerNetworkProvider.ChainType),
-                CoinType = NBXplorerNetworkProvider.ChainType == ChainType.Main ? new KeyPath("2'") : new KeyPath("3'")
+                DefaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NetworkType),
+                CoinType = NetworkType == NetworkType.Mainnet ? new KeyPath("2'") : new KeyPath("1'")
             });
         }
     }

BTCPayServer/BTCPayNetworkProvider.cs

@@ -27,8 +27,8 @@ namespace BTCPayServer
 
         BTCPayNetworkProvider(BTCPayNetworkProvider filtered, string[] cryptoCodes)
         {
-            ChainType = filtered.ChainType;
-            _NBXplorerNetworkProvider = new NBXplorerNetworkProvider(filtered.ChainType);
+            NetworkType = filtered.NetworkType;
+            _NBXplorerNetworkProvider = new NBXplorerNetworkProvider(filtered.NetworkType);
             _Networks = new Dictionary<string, BTCPayNetwork>();
             cryptoCodes = cryptoCodes.Select(c => c.ToUpperInvariant()).ToArray();
             foreach (var network in filtered._Networks)
@@ -40,13 +40,14 @@ namespace BTCPayServer
             }
         }
 
-        public ChainType ChainType { get; set; }
-        public BTCPayNetworkProvider(ChainType chainType)
+        public NetworkType NetworkType { get; private set; }
+        public BTCPayNetworkProvider(NetworkType networkType)
         {
-            _NBXplorerNetworkProvider = new NBXplorerNetworkProvider(chainType);
-            ChainType = chainType;
+            _NBXplorerNetworkProvider = new NBXplorerNetworkProvider(networkType);
+            NetworkType = networkType;
             InitBitcoin();
             InitLitecoin();
+            InitDogecoin();
         }
 
         /// <summary>
@@ -85,7 +86,11 @@ namespace BTCPayServer
 
         public BTCPayNetwork GetNetwork(string cryptoCode)
         {
-            _Networks.TryGetValue(cryptoCode.ToUpperInvariant(), out BTCPayNetwork network);
+            if(!_Networks.TryGetValue(cryptoCode.ToUpperInvariant(), out BTCPayNetwork network))
+            {
+                if (cryptoCode == "XBT")
+                    return GetNetwork("BTC");
+            }
             return network;
         }
     }

BTCPayServer/BTCPayServer.csproj

@@ -2,21 +2,25 @@
   <PropertyGroup>
     <OutputType>Exe</OutputType>
     <TargetFramework>netcoreapp2.0</TargetFramework>
-		<Version>1.0.1.67</Version>
+		<Version>1.0.2.9</Version>
     <NoWarn>NU1701,CA1816,CA1308,CA1810,CA2208</NoWarn>
   </PropertyGroup>
   <ItemGroup>
     <Compile Remove="Build\dockerfiles\**" />
     <Compile Remove="wwwroot\bundles\jqueryvalidate\**" />
+    <Compile Remove="wwwroot\css\**" />
     <Compile Remove="wwwroot\vendor\jquery-nice-select\**" />
     <Content Remove="Build\dockerfiles\**" />
     <Content Remove="wwwroot\bundles\jqueryvalidate\**" />
+    <Content Remove="wwwroot\css\**" />
     <Content Remove="wwwroot\vendor\jquery-nice-select\**" />
     <EmbeddedResource Remove="Build\dockerfiles\**" />
     <EmbeddedResource Remove="wwwroot\bundles\jqueryvalidate\**" />
+    <EmbeddedResource Remove="wwwroot\css\**" />
     <EmbeddedResource Remove="wwwroot\vendor\jquery-nice-select\**" />
     <None Remove="Build\dockerfiles\**" />
     <None Remove="wwwroot\bundles\jqueryvalidate\**" />
+    <None Remove="wwwroot\css\**" />
     <None Remove="wwwroot\vendor\jquery-nice-select\**" />
   </ItemGroup>
   <ItemGroup>
@@ -26,19 +30,20 @@
     <EmbeddedResource Include="Currencies.txt" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="BuildBundlerMinifier" Version="2.6.362" />
-    <PackageReference Include="Hangfire" Version="1.6.17" />
+    <PackageReference Include="BuildBundlerMinifier" Version="2.6.375" />
+    <PackageReference Include="DigitalRuby.ExchangeSharp" Version="0.4.1" />
+    <PackageReference Include="Hangfire" Version="1.6.19" />
     <PackageReference Include="Hangfire.MemoryStorage" Version="1.5.2" />
     <PackageReference Include="Hangfire.PostgreSql" Version="1.4.8.1" />
-    <PackageReference Include="LedgerWallet" Version="1.0.1.32" />
+    <PackageReference Include="LedgerWallet" Version="1.0.1.36" />
     <PackageReference Include="Microsoft.CodeAnalysis.CSharp" Version="2.6.1" />
     <PackageReference Include="Meziantou.AspNetCore.BundleTagHelpers" Version="1.0.1" />
     <PackageReference Include="Microsoft.Extensions.Logging.Filter" Version="1.1.2" />
     <PackageReference Include="Microsoft.NetCore.Analyzers" Version="2.6.0" />
-    <PackageReference Include="NBitcoin" Version="4.0.0.65" />
+    <PackageReference Include="NBitcoin" Version="4.1.1.4" />
     <PackageReference Include="NBitpayClient" Version="1.0.0.18" />	  
     <PackageReference Include="DBreeze" Version="1.87.0" />
-    <PackageReference Include="NBXplorer.Client" Version="1.0.1.16" />
+    <PackageReference Include="NBXplorer.Client" Version="1.0.2.4" />
     <PackageReference Include="NicolasDorier.CommandLine" Version="1.0.0.1" />
     <PackageReference Include="NicolasDorier.CommandLine.Configuration" Version="1.0.0.2" />
     <PackageReference Include="NicolasDorier.StandardConfiguration" Version="1.0.0.13" />
@@ -49,8 +54,9 @@
   </ItemGroup>
 
 	<ItemGroup>
-		<PackageReference Include="Microsoft.AspNetCore.All" Version="2.0.5" />
-		<PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="2.0.1" PrivateAssets="All" />
+		<PackageReference Include="Microsoft.AspNetCore.All" Version="2.0.6" />
+		<PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="2.0.2" PrivateAssets="All" />
+		<PackageReference Include="YamlDotNet" Version="4.3.1" />
 	</ItemGroup>
 
 	<ItemGroup>
@@ -60,13 +66,8 @@
 	</ItemGroup>
 
 	<ItemGroup>
-	  <None Include="wwwroot\js\checkout\core.js" />
-	  <None Include="wwwroot\js\creative.js" />
-	  <None Include="wwwroot\js\creative.min.js" />
-	  <None Include="wwwroot\js\site.js" />
-	  <None Include="wwwroot\js\site.min.js" />
-	  <None Include="wwwroot\vendor\bootstrap\js\bootstrap.js" />
-	  <None Include="wwwroot\vendor\bootstrap\js\bootstrap.min.js" />
+	  <None Include="wwwroot\checkout\js\core.js" />
+	  <None Include="wwwroot\vendor\bootstrap4-creativestart\creative.js" />
 	  <None Include="wwwroot\vendor\font-awesome\fonts\fontawesome-webfont.svg" />
 	  <None Include="wwwroot\vendor\font-awesome\fonts\fontawesome-webfont.woff2" />
 	  <None Include="wwwroot\vendor\font-awesome\less\animated.less" />

BTCPayServer/Configuration/BTCPayServerOptions.cs

@@ -23,7 +23,7 @@ namespace BTCPayServer.Configuration
 
     public class BTCPayServerOptions
     {
-        public ChainType ChainType
+        public NetworkType NetworkType
         {
             get; set;
         }
@@ -51,15 +51,15 @@ namespace BTCPayServer.Configuration
 
         public void LoadArgs(IConfiguration conf)
         {
-            ChainType = DefaultConfiguration.GetChainType(conf);
-            var defaultSettings = BTCPayDefaultSettings.GetDefaultSettings(ChainType);
+            NetworkType = DefaultConfiguration.GetNetworkType(conf);
+            var defaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NetworkType);
             DataDir = conf.GetOrDefault<string>("datadir", defaultSettings.DefaultDataDirectory);
-            Logs.Configuration.LogInformation("Network: " + ChainType.ToString());
+            Logs.Configuration.LogInformation("Network: " + NetworkType.ToString());
 
             var supportedChains = conf.GetOrDefault<string>("chains", "btc")
                                       .Split(',', StringSplitOptions.RemoveEmptyEntries)
                                       .Select(t => t.ToUpperInvariant());
-            NetworkProvider = new BTCPayNetworkProvider(ChainType).Filter(supportedChains.ToArray());
+            NetworkProvider = new BTCPayNetworkProvider(NetworkType).Filter(supportedChains.ToArray());
             foreach (var chain in supportedChains)
             {
                 if (NetworkProvider.GetNetwork(chain) == null)
@@ -92,11 +92,15 @@ namespace BTCPayServer.Configuration
             PostgresConnectionString = conf.GetOrDefault<string>("postgres", null);
             BundleJsCss = conf.GetOrDefault<bool>("bundlejscss", true);
             ExternalUrl = conf.GetOrDefault<Uri>("externalurl", null);
+
+            RootPath = conf.GetOrDefault<string>("rootpath", "/");
+            if (!RootPath.StartsWith("/", StringComparison.InvariantCultureIgnoreCase))
+                RootPath = "/" + RootPath;
             var old = conf.GetOrDefault<Uri>("internallightningnode", null);
             if(old != null)
                 throw new ConfigException($"internallightningnode should not be used anymore, use btclightning instead");
         }
-
+        public string RootPath { get; set; }
         public Dictionary<string, LightningConnectionString> InternalLightningByCryptoCode { get; set; } = new Dictionary<string, LightningConnectionString>();
 
         public BTCPayNetworkProvider NetworkProvider { get; set; }
@@ -115,5 +119,14 @@ namespace BTCPayServer.Configuration
             get;
             set;
         }
+
+        internal string GetRootUri()
+        {
+            if (ExternalUrl == null)
+                return null;
+            UriBuilder builder = new UriBuilder(ExternalUrl);
+            builder.Path = RootPath;
+            return builder.ToString();
+        }
     }
 }

BTCPayServer/Configuration/DefaultConfiguration.cs

@@ -18,7 +18,7 @@ namespace BTCPayServer.Configuration
     {
         protected override CommandLineApplication CreateCommandLineApplicationCore()
         {
-            var provider = new BTCPayNetworkProvider(ChainType.Main);
+            var provider = new BTCPayNetworkProvider(NetworkType.Mainnet);
             var chains = string.Join(",", provider.GetAll().Select(n => n.CryptoCode.ToLowerInvariant()).ToArray());
             CommandLineApplication app = new CommandLineApplication(true)
             {
@@ -31,6 +31,9 @@ namespace BTCPayServer.Configuration
             app.Option("--regtest | -regtest", $"Use regtest (Deprecated, use --network instead)", CommandOptionType.BoolValue);
             app.Option("--chains | -c", $"Chains to support comma separated (default: btc, available: {chains})", CommandOptionType.SingleValue);
             app.Option("--postgres", $"Connection string to postgres database (default: sqlite is used)", CommandOptionType.SingleValue);
+            app.Option("--externalurl", $"The expected external url of this service, to use if BTCPay is behind a reverse proxy (default: empty, use the incoming HTTP request to figure out)", CommandOptionType.SingleValue);
+            app.Option("--bundlejscss", $"Bundle javascript and css files for better performance (default: true)", CommandOptionType.SingleValue);
+            app.Option("--rootpath", "The root path in the URL to access BTCPay (default: /)", CommandOptionType.SingleValue);
             foreach (var network in provider.GetAll())
             {
                 var crypto = network.CryptoCode.ToLowerInvariant();
@@ -38,8 +41,6 @@ namespace BTCPayServer.Configuration
                 app.Option($"--{crypto}explorercookiefile", $"Path to the cookie file (default: {network.NBXplorerNetwork.DefaultSettings.DefaultCookieFile})", CommandOptionType.SingleValue);
                 app.Option($"--{crypto}lightning", $"Easy configuration of lightning for the server adnistrator: Must be a unix socket of CLightning (lightning-rpc) or URL to a charge server (default: empty)", CommandOptionType.SingleValue);
             }
-            app.Option("--externalurl", $"The expected external url of this service, to use if BTCPay is behind a reverse proxy (default: empty, use the incoming HTTP request to figure out)", CommandOptionType.SingleValue);
-            app.Option("--bundlejscss", $"Bundle javascript and css files for better performance (default: true)", CommandOptionType.SingleValue);
             return app;
         }
 
@@ -47,12 +48,12 @@ namespace BTCPayServer.Configuration
 
         protected override string GetDefaultDataDir(IConfiguration conf)
         {
-            return BTCPayDefaultSettings.GetDefaultSettings(GetChainType(conf)).DefaultDataDirectory;
+            return BTCPayDefaultSettings.GetDefaultSettings(GetNetworkType(conf)).DefaultDataDirectory;
         }
 
         protected override string GetDefaultConfigurationFile(IConfiguration conf)
         {
-            var network = BTCPayDefaultSettings.GetDefaultSettings(GetChainType(conf));
+            var network = BTCPayDefaultSettings.GetDefaultSettings(GetNetworkType(conf));
             var dataDir = conf["datadir"];
             if (dataDir == null)
                 return network.DefaultConfigurationFile;
@@ -68,7 +69,7 @@ namespace BTCPayServer.Configuration
             return Path.Combine(chainDir, fileName);
         }
 
-        public static ChainType GetChainType(IConfiguration conf)
+        public static NetworkType GetNetworkType(IConfiguration conf)
         {
             var network = conf.GetOrDefault<string>("network", null);
             if (network != null)
@@ -78,17 +79,18 @@ namespace BTCPayServer.Configuration
                 {
                     throw new ConfigException($"Invalid network parameter '{network}'");
                 }
-                return n.ToChainType();
+                return n.NetworkType;
             }
-            var net = conf.GetOrDefault<bool>("regtest", false) ? ChainType.Regtest :
-                        conf.GetOrDefault<bool>("testnet", false) ? ChainType.Test : ChainType.Main;
+            var net = conf.GetOrDefault<bool>("regtest", false) ? NetworkType.Regtest :
+                        conf.GetOrDefault<bool>("testnet", false) ? NetworkType.Testnet : NetworkType.Mainnet;
 
             return net;
         }
 
         protected override string GetDefaultConfigurationFileTemplate(IConfiguration conf)
         {
-            var defaultSettings = BTCPayDefaultSettings.GetDefaultSettings(GetChainType(conf));
+            var networkType = GetNetworkType(conf);
+            var defaultSettings = BTCPayDefaultSettings.GetDefaultSettings(networkType);
             StringBuilder builder = new StringBuilder();
             builder.AppendLine("### Global settings ###");
             builder.AppendLine("#network=mainnet");
@@ -101,7 +103,7 @@ namespace BTCPayServer.Configuration
             builder.AppendLine("#postgres=User ID=root;Password=myPassword;Host=localhost;Port=5432;Database=myDataBase;");
             builder.AppendLine();
             builder.AppendLine("### NBXplorer settings ###");
-            foreach (var n in new BTCPayNetworkProvider(defaultSettings.ChainType).GetAll())
+            foreach (var n in new BTCPayNetworkProvider(networkType).GetAll())
             {
                 builder.AppendLine($"#{n.CryptoCode}.explorer.url={n.NBXplorerNetwork.DefaultSettings.DefaultUrl}");
                 builder.AppendLine($"#{n.CryptoCode}.explorer.cookiefile={ n.NBXplorerNetwork.DefaultSettings.DefaultCookieFile}");
@@ -115,7 +117,7 @@ namespace BTCPayServer.Configuration
 
         protected override IPEndPoint GetDefaultEndpoint(IConfiguration conf)
         {
-            return new IPEndPoint(IPAddress.Parse("127.0.0.1"), BTCPayDefaultSettings.GetDefaultSettings(GetChainType(conf)).DefaultPort);
+            return new IPEndPoint(IPAddress.Parse("127.0.0.1"), BTCPayDefaultSettings.GetDefaultSettings(GetNetworkType(conf)).DefaultPort);
         }
     }
 }

BTCPayServer/Controllers/AccessTokenController.cs

@@ -12,6 +12,7 @@ using System.Threading.Tasks;
 
 namespace BTCPayServer.Controllers
 {
+    [BitpayAPIConstraint]
     public class AccessTokenController : Controller
     {
         TokenRepository _TokenRepository;
@@ -23,7 +24,7 @@ namespace BTCPayServer.Controllers
         [Route("tokens")]
         public async Task<GetTokensResponse> Tokens()
         {
-            var tokens = await _TokenRepository.GetTokens(this.GetBitIdentity().SIN);
+            var tokens = await _TokenRepository.GetTokens(this.User.GetSIN());
             return new GetTokensResponse(tokens);
         }
 
@@ -51,7 +52,7 @@ namespace BTCPayServer.Controllers
             }
             else
             {
-                var sin = this.GetBitIdentity(false)?.SIN ?? request.Id;
+                var sin = this.User.GetSIN() ?? request.Id;
                 if (string.IsNullOrEmpty(request.Id) || !NBitpayClient.Extensions.BitIdExtensions.ValidateSIN(request.Id))
                     throw new BitpayHttpException(400, "'id' property is required, alternatively, use BitId");
 

BTCPayServer/Controllers/AccountController.cs

@@ -16,10 +16,11 @@ using BTCPayServer.Services;
 using BTCPayServer.Services.Mails;
 using BTCPayServer.Services.Stores;
 using BTCPayServer.Logging;
+using BTCPayServer.Security;
 
 namespace BTCPayServer.Controllers
 {
-    [Authorize]
+    [Authorize(AuthenticationSchemes = Policies.CookieAuthentication)]
     [Route("[controller]/[action]")]
     public class AccountController : Controller
     {

BTCPayServer/Controllers/AppsController.PointOfSale.cs

@@ -0,0 +1,225 @@
+using System;
+using Microsoft.EntityFrameworkCore;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Data;
+using BTCPayServer.Models;
+using BTCPayServer.Models.AppViewModels;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using NBitcoin.DataEncoders;
+using NBitcoin;
+using BTCPayServer.Services.Apps;
+using Newtonsoft.Json;
+using YamlDotNet.RepresentationModel;
+using System.IO;
+using BTCPayServer.Services.Rates;
+using System.Globalization;
+
+namespace BTCPayServer.Controllers
+{
+    public partial class AppsController
+    {
+        public class PointOfSaleSettings
+        {
+            public PointOfSaleSettings()
+            {
+                Title = "My awesome Point of Sale";
+                Currency = "USD";
+                Template =
+                    "tea:\n" +
+                    "  price: 0.02\n" +
+                    "  title: Green Tea # title is optional, defaults to the keys\n\n" +
+                    "coffee:\n" +
+                    "  price: 1\n\n" +
+                    "bamba:\n" +
+                    "  price: 3\n\n" +
+                    "beer:\n" +
+                    "  price: 7\n\n" +
+                    "hat:\n" +
+                    "  price: 15\n\n" +
+                    "tshirt:\n" +
+                    "  price: 25";
+                ShowCustomAmount = true;
+            }
+            public string Title { get; set; }
+            public string Currency { get; set; }
+            public string Template { get; set; }
+            public bool ShowCustomAmount { get; set; }
+        }
+
+        [HttpGet]
+        [Route("{appId}/settings/pos")]
+        public async Task<IActionResult> UpdatePointOfSale(string appId)
+        {
+            var app = await GetOwnedApp(appId, AppType.PointOfSale);
+            if (app == null)
+                return NotFound();
+
+            var settings = app.GetSettings<PointOfSaleSettings>();
+            return View(new UpdatePointOfSaleViewModel() { Title = settings.Title, ShowCustomAmount = settings.ShowCustomAmount, Currency = settings.Currency, Template = settings.Template });
+        }
+        [HttpPost]
+        [Route("{appId}/settings/pos")]
+        public async Task<IActionResult> UpdatePointOfSale(string appId, UpdatePointOfSaleViewModel vm)
+        {
+            if (_Currencies.GetCurrencyData(vm.Currency) == null)
+                ModelState.AddModelError(nameof(vm.Currency), "Invalid currency");
+            try
+            {
+                Parse(vm.Template, vm.Currency);
+            }
+            catch
+            {
+                ModelState.AddModelError(nameof(vm.Template), "Invalid template");
+            }
+            if (!ModelState.IsValid)
+            {
+                return View(vm);
+            }
+            var app = await GetOwnedApp(appId, AppType.PointOfSale);
+            if (app == null)
+                return NotFound();
+            app.SetSettings(new PointOfSaleSettings()
+            {
+                Title = vm.Title,
+                ShowCustomAmount = vm.ShowCustomAmount,
+                Currency = vm.Currency.ToUpperInvariant(),
+                Template = vm.Template
+            });
+            await UpdateAppSettings(app);
+            StatusMessage = "App updated";
+            return RedirectToAction(nameof(UpdatePointOfSale));
+        }
+
+        [HttpGet]
+        [Route("{appId}/pos")]
+        public async Task<IActionResult> ViewPointOfSale(string appId)
+        {
+            var app = await GetApp(appId, AppType.PointOfSale);
+            if (app == null)
+                return NotFound();
+            var settings = app.GetSettings<PointOfSaleSettings>();
+            var currency = _Currencies.GetCurrencyData(settings.Currency);
+            double step = currency == null ? 1 : Math.Pow(10, -(currency.Divisibility));
+            return View(new ViewPointOfSaleViewModel()
+            {
+                Title = settings.Title,
+                Step = step.ToString(CultureInfo.InvariantCulture),
+                ShowCustomAmount = settings.ShowCustomAmount,
+                Items = Parse(settings.Template, settings.Currency)
+            });
+        }
+
+        private async Task<AppData> GetApp(string appId, AppType appType)
+        {
+            using (var ctx = _ContextFactory.CreateContext())
+            {
+                return await ctx.Apps
+                                .Where(us => us.Id == appId && us.AppType == appType.ToString())
+                                .FirstOrDefaultAsync();
+            }
+        }
+
+        private ViewPointOfSaleViewModel.Item[] Parse(string template, string currency)
+        {
+            var input = new StringReader(template);
+            YamlStream stream = new YamlStream();
+            stream.Load(input);
+            var root = (YamlMappingNode)stream.Documents[0].RootNode;
+            return root
+                .Children
+                .Select(kv => new { Key = (kv.Key as YamlScalarNode)?.Value, Value = kv.Value as YamlMappingNode })
+                .Where(kv => kv.Value != null)
+                .Select(c => new ViewPointOfSaleViewModel.Item()
+                {
+                    Id = c.Key,
+                    Title = c.Value.Children
+                             .Select(kv => new { Key = (kv.Key as YamlScalarNode)?.Value, Value = kv.Value as YamlScalarNode })
+                             .Where(kv => kv.Value != null)
+                             .Where(cc => cc.Key == "title")
+                             .FirstOrDefault()?.Value?.Value ?? c.Key,
+                    Price = c.Value.Children
+                             .Select(kv => new { Key = (kv.Key as YamlScalarNode)?.Value, Value = kv.Value as YamlScalarNode })
+                             .Where(kv => kv.Value != null)
+                             .Where(cc => cc.Key == "price")
+                             .Select(cc => new ViewPointOfSaleViewModel.Item.ItemPrice()
+                             {
+                                 Value = decimal.Parse(cc.Value.Value, CultureInfo.InvariantCulture),
+                                 Formatted = FormatCurrency(cc.Value.Value, currency)
+                             })
+                             .Single()
+                })
+                .ToArray();
+        }
+
+        string FormatCurrency(string price, string currency)
+        {
+            return decimal.Parse(price, CultureInfo.InvariantCulture).ToString("C", _Currencies.GetCurrencyProvider(currency));
+        }
+
+        [HttpPost]
+        [Route("{appId}/pos")]
+        public async Task<IActionResult> ViewPointOfSale(string appId, double amount, string choiceKey)
+        {
+            var app = await GetApp(appId, AppType.PointOfSale);
+            if (string.IsNullOrEmpty(choiceKey) && amount <= 0)
+            {
+                return RedirectToAction(nameof(ViewPointOfSale), new { appId = appId });
+            }
+            if (app == null)
+                return NotFound();
+            var settings = app.GetSettings<PointOfSaleSettings>();
+            if(string.IsNullOrEmpty(choiceKey) && !settings.ShowCustomAmount)
+            {
+                return RedirectToAction(nameof(ViewPointOfSale), new { appId = appId });
+            }
+            string title = null;
+            double price = 0.0;
+            if (!string.IsNullOrEmpty(choiceKey))
+            {
+                var choices = Parse(settings.Template, settings.Currency);
+                var choice = choices.FirstOrDefault(c => c.Id == choiceKey);
+                if (choice == null)
+                    return NotFound();
+                title = choice.Title;
+                price = (double)choice.Price.Value;
+            }
+            else
+            {
+                price = amount;
+                title = settings.Title;
+            }
+
+            var store = await GetStore(app);
+            var invoice = await _InvoiceController.CreateInvoiceCore(new NBitpayClient.Invoice()
+            {
+                ItemDesc = title,
+                Currency = settings.Currency,
+                Price = price,
+            }, store, HttpContext.Request.GetAbsoluteRoot());
+            return Redirect(invoice.Data.Url);
+        }
+
+        private async Task<StoreData> GetStore(AppData app)
+        {
+            using (var ctx = _ContextFactory.CreateContext())
+            {
+                return await ctx.Stores.FirstOrDefaultAsync(s => s.Id == app.StoreDataId);
+            }
+        }
+
+        private async Task UpdateAppSettings(AppData app)
+        {
+            using (var ctx = _ContextFactory.CreateContext())
+            {
+                ctx.Apps.Add(app);
+                ctx.Entry<AppData>(app).State = EntityState.Modified;
+                ctx.Entry<AppData>(app).Property(a => a.Settings).IsModified = true;
+                await ctx.SaveChangesAsync();
+            }
+        }
+    }
+}

BTCPayServer/Controllers/AppsController.cs

@@ -0,0 +1,205 @@
+using System;
+using Microsoft.EntityFrameworkCore;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Data;
+using BTCPayServer.Models;
+using BTCPayServer.Models.AppViewModels;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using NBitcoin.DataEncoders;
+using NBitcoin;
+using BTCPayServer.Services.Apps;
+using BTCPayServer.Services.Rates;
+
+namespace BTCPayServer.Controllers
+{
+    [AutoValidateAntiforgeryToken]
+    [Route("apps")]
+    public partial class AppsController : Controller
+    {
+        ApplicationDbContextFactory _ContextFactory;
+        UserManager<ApplicationUser> _UserManager;
+        CurrencyNameTable _Currencies;
+        InvoiceController _InvoiceController;
+
+        [TempData]
+        public string StatusMessage { get; set; }
+
+        public AppsController(
+            UserManager<ApplicationUser> userManager,
+            ApplicationDbContextFactory contextFactory,
+            CurrencyNameTable currencies,
+            InvoiceController invoiceController)
+        {
+            _InvoiceController = invoiceController;
+            _UserManager = userManager;
+            _ContextFactory = contextFactory;
+            _Currencies = currencies;
+        }
+        public async Task<IActionResult> ListApps()
+        {
+            var apps = await GetAllApps();
+            return View(new ListAppsViewModel()
+            {
+                Apps = apps
+            });
+        }
+
+        [HttpPost]
+        [Route("{appId}/delete")]
+        public async Task<IActionResult> DeleteAppPost(string appId)
+        {
+            var appData = await GetOwnedApp(appId);
+            if (appData == null)
+                return NotFound();
+            if (await DeleteApp(appData))
+                StatusMessage = "App removed successfully";
+            return RedirectToAction(nameof(ListApps));
+        }
+
+        [HttpGet]
+        [Route("create")]
+        public async Task<IActionResult> CreateApp()
+        {
+            var stores = await GetOwnedStores();
+            if (stores.Length == 0)
+            {
+                StatusMessage = "Error: You must have created at least one store";
+                return RedirectToAction(nameof(ListApps));
+            }
+            var vm = new CreateAppViewModel();
+            vm.SetStores(stores);
+            return View(vm);
+        }
+
+        [HttpPost]
+        [Route("create")]
+        public async Task<IActionResult> CreateApp(CreateAppViewModel vm)
+        {
+            var stores = await GetOwnedStores();
+            if (stores.Length == 0)
+            {
+                StatusMessage = "Error: You must own at least one store";
+                return RedirectToAction(nameof(ListApps));
+            }
+            var selectedStore = vm.SelectedStore;
+            vm.SetStores(stores);
+            vm.SelectedStore = selectedStore;
+
+            if (!Enum.TryParse<AppType>(vm.SelectedAppType, out AppType appType))
+                ModelState.AddModelError(nameof(vm.SelectedAppType), "Invalid App Type");
+
+            if (!ModelState.IsValid)
+            {
+                return View(vm);
+            }
+
+            if (!stores.Any(s => s.Id == selectedStore))
+            {
+                StatusMessage = "Error: You are not owner of this store";
+                return RedirectToAction(nameof(ListApps));
+            }
+            using (var ctx = _ContextFactory.CreateContext())
+            {
+                var id = Encoders.Base58.EncodeData(RandomUtils.GetBytes(32));
+                var appData = new AppData() { Id = id };
+                appData.StoreDataId = selectedStore;
+                appData.Name = vm.Name;
+                appData.AppType = appType.ToString();
+                ctx.Apps.Add(appData);
+                await ctx.SaveChangesAsync();
+            }
+            StatusMessage = "App successfully created";
+            return RedirectToAction(nameof(ListApps));
+        }
+
+        [HttpGet]
+        [Route("{appId}/delete")]
+        public async Task<IActionResult> DeleteApp(string appId)
+        {
+            var appData = await GetOwnedApp(appId);
+            if (appData == null)
+                return NotFound();
+            return View("Confirm", new ConfirmModel()
+            {
+                Title = $"Delete app {appData.Name} ({appData.AppType})",
+                Description = "This app will be removed from this store",
+                Action = "Delete"
+            });
+        }
+
+        private async Task<AppData> GetOwnedApp(string appId, AppType? type = null)
+        {
+            var userId = GetUserId();
+            using (var ctx = _ContextFactory.CreateContext())
+            {
+                var app = await ctx.UserStore
+                                .Where(us => us.ApplicationUserId == userId && us.Role == StoreRoles.Owner)
+                                .SelectMany(us => us.StoreData.Apps.Where(a => a.Id == appId))
+                   .FirstOrDefaultAsync();
+                if (app == null)
+                    return null;
+                if (type != null && type.Value.ToString() != app.AppType)
+                    return null;
+                return app;
+            }
+        }
+
+        private async Task<StoreData[]> GetOwnedStores()
+        {
+            var userId = GetUserId();
+            using (var ctx = _ContextFactory.CreateContext())
+            {
+                return await ctx.UserStore
+                    .Where(us => us.ApplicationUserId == userId && us.Role == StoreRoles.Owner)
+                    .Select(u => u.StoreData)
+                    .ToArrayAsync();
+            }
+        }
+
+        private async Task<bool> DeleteApp(AppData appData)
+        {
+            using (var ctx = _ContextFactory.CreateContext())
+            {
+                ctx.Apps.Add(appData);
+                ctx.Entry<AppData>(appData).State = EntityState.Deleted;
+                return await ctx.SaveChangesAsync() == 1;
+            }
+        }
+
+        private async Task<ListAppsViewModel.ListAppViewModel[]> GetAllApps()
+        {
+            var userId = GetUserId();
+            using (var ctx = _ContextFactory.CreateContext())
+            {
+                return await ctx.UserStore
+                   .Where(us => us.ApplicationUserId == userId)
+                   .Select(us => new
+                   {
+                       IsOwner = us.Role == StoreRoles.Owner,
+                       StoreId = us.StoreDataId,
+                       StoreName = us.StoreData.StoreName,
+                       Apps = us.StoreData.Apps
+                   })
+                   .SelectMany(us => us.Apps.Select(app => new ListAppsViewModel.ListAppViewModel()
+                   {
+                       IsOwner = us.IsOwner,
+                       AppName = app.Name,
+                       AppType = app.AppType,
+                       Id = app.Id,
+                       StoreId = us.StoreId,
+                       StoreName = us.StoreName
+                   }))
+                   .ToArrayAsync();
+            }
+        }
+
+        private string GetUserId()
+        {
+            return _UserManager.GetUserId(User);
+        }
+    }
+}

BTCPayServer/Controllers/InvoiceController.API.cs

@@ -22,20 +22,14 @@ namespace BTCPayServer.Controllers
     {
         private InvoiceController _InvoiceController;
         private InvoiceRepository _InvoiceRepository;
-        private TokenRepository _TokenRepository;
-        private StoreRepository _StoreRepository;
         private BTCPayNetworkProvider _NetworkProvider;
 
         public InvoiceControllerAPI(InvoiceController invoiceController,
                                     InvoiceRepository invoceRepository,
-                                    TokenRepository tokenRepository,
-                                    StoreRepository storeRepository,
                                     BTCPayNetworkProvider networkProvider)
         {
             this._InvoiceController = invoiceController;
             this._InvoiceRepository = invoceRepository;
-            this._TokenRepository = tokenRepository;
-            this._StoreRepository = storeRepository;
             this._NetworkProvider = networkProvider;
         }
 
@@ -44,21 +38,16 @@ namespace BTCPayServer.Controllers
         [MediaTypeConstraint("application/json")]
         public async Task<DataWrapper<InvoiceResponse>> CreateInvoice([FromBody] Invoice invoice)
         {
-            var bitToken = await CheckTokenPermissionAsync(Facade.Merchant, invoice.Token);
-            var store = await FindStore(bitToken);
-            return await _InvoiceController.CreateInvoiceCore(invoice, store, HttpContext.Request.GetAbsoluteRoot());
+            return await _InvoiceController.CreateInvoiceCore(invoice, HttpContext.GetStoreData(), HttpContext.Request.GetAbsoluteRoot());
         }
 
         [HttpGet]
         [Route("invoices/{id}")]
         public async Task<DataWrapper<InvoiceResponse>> GetInvoice(string id, string token)
         {
-            var bitToken = await CheckTokenPermissionAsync(Facade.Merchant, token);
-            var store = await FindStore(bitToken);
-            var invoice = await _InvoiceRepository.GetInvoice(store.Id, id);
+            var invoice = await _InvoiceRepository.GetInvoice(HttpContext.GetStoreData().Id, id);
             if (invoice == null)
                 throw new BitpayHttpException(404, "Object not found");
-
             var resp = invoice.EntityToDTO(_NetworkProvider);
             return new DataWrapper<InvoiceResponse>(resp);
         }
@@ -77,8 +66,7 @@ namespace BTCPayServer.Controllers
         {
             if (dateEnd != null)
                 dateEnd = dateEnd.Value + TimeSpan.FromDays(1); //Should include the end day
-            var bitToken = await CheckTokenPermissionAsync(Facade.Merchant, token);
-            var store = await FindStore(bitToken);
+            
             var query = new InvoiceQuery()
             {
                 Count = limit,
@@ -87,55 +75,14 @@ namespace BTCPayServer.Controllers
                 StartDate = dateStart,
                 OrderId = orderId,
                 ItemCode = itemCode,
-                Status = status,
-                StoreId = store.Id
+                Status = status == null ? null : new[] { status },
+                StoreId = new[] { this.HttpContext.GetStoreData().Id }
             };
 
-
             var entities = (await _InvoiceRepository.GetInvoices(query))
                             .Select((o) => o.EntityToDTO(_NetworkProvider)).ToArray();
 
             return DataWrapper.Create(entities);
         }
-
-        private async Task<BitTokenEntity> CheckTokenPermissionAsync(Facade facade, string expectedToken)
-        {
-            if (facade == null)
-                throw new ArgumentNullException(nameof(facade));
-
-            var actualTokens = (await _TokenRepository.GetTokens(this.GetBitIdentity().SIN)).ToArray();
-            actualTokens = actualTokens.SelectMany(t => GetCompatibleTokens(t)).ToArray();
-
-            var actualToken = actualTokens.FirstOrDefault(a => a.Value.Equals(expectedToken, StringComparison.Ordinal));
-            if (expectedToken == null || actualToken == null)
-            {
-                Logs.PayServer.LogDebug($"No token found for facade {facade} for SIN {this.GetBitIdentity().SIN}");
-                throw new BitpayHttpException(401, $"This endpoint does not support the `{actualTokens.Select(a => a.Facade).Concat(new[] { "user" }).FirstOrDefault()}` facade");
-            }
-            return actualToken;
-        }
-
-        private IEnumerable<BitTokenEntity> GetCompatibleTokens(BitTokenEntity token)
-        {
-            if (token.Facade == Facade.Merchant.ToString())
-            {
-                yield return token.Clone(Facade.User);
-                yield return token.Clone(Facade.PointOfSale);
-            }
-            if (token.Facade == Facade.PointOfSale.ToString())
-            {
-                yield return token.Clone(Facade.User);
-            }
-            yield return token;
-        }
-
-        private async Task<StoreData> FindStore(BitTokenEntity bitToken)
-        {
-            var store = await _StoreRepository.FindStore(bitToken.StoreId);
-            if (store == null)
-                throw new BitpayHttpException(401, "Unknown store");
-            return store;
-        }
-
     }
 }

BTCPayServer/Controllers/InvoiceController.UI.cs

@@ -21,6 +21,8 @@ using System.Threading;
 using BTCPayServer.Events;
 using NBXplorer;
 using BTCPayServer.Payments;
+using BTCPayServer.Payments.Lightning;
+using BTCPayServer.Security;
 
 namespace BTCPayServer.Controllers
 {
@@ -73,6 +75,7 @@ namespace BTCPayServer.Controllers
                 cryptoPayment.PaymentMethod = ToString(paymentMethodId);
                 cryptoPayment.Due = accounting.Due.ToString() + $" {paymentMethodId.CryptoCode}";
                 cryptoPayment.Paid = accounting.CryptoPaid.ToString() + $" {paymentMethodId.CryptoCode}";
+                cryptoPayment.Overpaid = (accounting.DueUncapped > Money.Zero ? Money.Zero : -accounting.DueUncapped).ToString() + $" {paymentMethodId.CryptoCode}";
 
                 var onchainMethod = data.GetPaymentMethodDetails() as Payments.Bitcoin.BitcoinLikeOnChainPaymentMethod;
                 if (onchainMethod != null)
@@ -84,54 +87,66 @@ namespace BTCPayServer.Controllers
                 model.CryptoPayments.Add(cryptoPayment);
             }
 
-            var payments = invoice
+            var onChainPayments = invoice
                 .GetPayments()
-                .Where(p => p.GetPaymentMethodId().PaymentType == PaymentTypes.BTCLike)
-                .Select(async payment =>
+                .Select<PaymentEntity, Task<object>>(async payment =>
                 {
-                    var paymentData = (Payments.Bitcoin.BitcoinLikePaymentData)payment.GetCryptoPaymentData();
-                    var m = new InvoiceDetailsModel.Payment();
                     var paymentNetwork = _NetworkProvider.GetNetwork(payment.GetCryptoCode());
-                    m.PaymentMethod = ToString(payment.GetPaymentMethodId());
-                    m.DepositAddress = paymentData.Output.ScriptPubKey.GetDestinationAddress(paymentNetwork.NBitcoinNetwork);
-
-                    int confirmationCount = 0;
-                    if (    (paymentData.ConfirmationCount < paymentNetwork.MaxTrackedConfirmation && payment.Accounted)
-                         && (paymentData.Legacy || invoice.MonitoringExpiration < DateTimeOffset.UtcNow)) // The confirmation count in the paymentData is not up to date
+                    var paymentData = payment.GetCryptoPaymentData();
+                    if (paymentData is Payments.Bitcoin.BitcoinLikePaymentData onChainPaymentData)
                     {
-                        confirmationCount = (await ((ExplorerClientProvider)_ServiceProvider.GetService(typeof(ExplorerClientProvider))).GetExplorerClient(payment.GetCryptoCode())?.GetTransactionAsync(paymentData.Outpoint.Hash))?.Confirmations ?? 0;
-                        paymentData.ConfirmationCount = confirmationCount;
-                        payment.SetCryptoPaymentData(paymentData);
-                        await _InvoiceRepository.UpdatePayments(new List<PaymentEntity> { payment });
+                        var m = new InvoiceDetailsModel.Payment();
+                        m.Crypto = payment.GetPaymentMethodId().CryptoCode;
+                        m.DepositAddress = onChainPaymentData.Output.ScriptPubKey.GetDestinationAddress(paymentNetwork.NBitcoinNetwork);
+
+                        int confirmationCount = 0;
+                        if ((onChainPaymentData.ConfirmationCount < paymentNetwork.MaxTrackedConfirmation && payment.Accounted)
+                             && (onChainPaymentData.Legacy || invoice.MonitoringExpiration < DateTimeOffset.UtcNow)) // The confirmation count in the paymentData is not up to date
+                        {
+                            confirmationCount = (await ((ExplorerClientProvider)_ServiceProvider.GetService(typeof(ExplorerClientProvider))).GetExplorerClient(payment.GetCryptoCode())?.GetTransactionAsync(onChainPaymentData.Outpoint.Hash))?.Confirmations ?? 0;
+                            onChainPaymentData.ConfirmationCount = confirmationCount;
+                            payment.SetCryptoPaymentData(onChainPaymentData);
+                            await _InvoiceRepository.UpdatePayments(new List<PaymentEntity> { payment });
+                        }
+                        else
+                        {
+                            confirmationCount = onChainPaymentData.ConfirmationCount;
+                        }
+                        if (confirmationCount >= paymentNetwork.MaxTrackedConfirmation)
+                        {
+                            m.Confirmations = "At least " + (paymentNetwork.MaxTrackedConfirmation);
+                        }
+                        else
+                        {
+                            m.Confirmations = confirmationCount.ToString(CultureInfo.InvariantCulture);
+                        }
+
+                        m.TransactionId = onChainPaymentData.Outpoint.Hash.ToString();
+                        m.ReceivedTime = payment.ReceivedTime;
+                        m.TransactionLink = string.Format(CultureInfo.InvariantCulture, paymentNetwork.BlockExplorerLink, m.TransactionId);
+                        m.Replaced = !payment.Accounted;
+                        return m;
                     }
                     else
                     {
-                        confirmationCount = paymentData.ConfirmationCount;
+                        var lightningPaymentData = (Payments.Lightning.LightningLikePaymentData)paymentData;
+                        return new InvoiceDetailsModel.OffChainPayment()
+                        {
+                            Crypto = paymentNetwork.CryptoCode,
+                            BOLT11 = lightningPaymentData.BOLT11
+                        };
                     }
-                    if (confirmationCount >= paymentNetwork.MaxTrackedConfirmation)
-                    {
-                        m.Confirmations = "At least " + (paymentNetwork.MaxTrackedConfirmation);
-                    }
-                    else
-                    {
-                        m.Confirmations = confirmationCount.ToString(CultureInfo.InvariantCulture);
-                    }
-
-                    m.TransactionId = paymentData.Outpoint.Hash.ToString();
-                    m.ReceivedTime = payment.ReceivedTime;
-                    m.TransactionLink = string.Format(CultureInfo.InvariantCulture, paymentNetwork.BlockExplorerLink, m.TransactionId);
-                    m.Replaced = !payment.Accounted;
-                    return m;
                 })
                 .ToArray();
-            await Task.WhenAll(payments);
+            await Task.WhenAll(onChainPayments);
             model.Addresses = invoice.HistoricalAddresses.Select(h => new InvoiceDetailsModel.AddressModel
             {
                 Destination = h.GetAddress(),
                 PaymentMethod = ToString(h.GetPaymentMethodId()),
                 Current = !h.UnAssigned.HasValue
             }).ToArray();
-            model.Payments = payments.Select(p => p.GetAwaiter().GetResult()).ToList();
+            model.OnChainPayments = onChainPayments.Select(p => p.GetAwaiter().GetResult()).OfType<InvoiceDetailsModel.Payment>().ToList();
+            model.OffChainPayments = onChainPayments.Select(p => p.GetAwaiter().GetResult()).OfType<InvoiceDetailsModel.OffChainPayment>().ToList();
             model.StatusMessage = StatusMessage;
             return View(model);
         }
@@ -213,10 +228,14 @@ namespace BTCPayServer.Controllers
                 OrderId = invoice.OrderId,
                 InvoiceId = invoice.Id,
                 DefaultLang = storeBlob.DefaultLang ?? "en-US",
+                HtmlTitle = storeBlob.HtmlTitle ?? "BTCPay Invoice",
+                CustomCSSLink = storeBlob.CustomCSS?.AbsoluteUri,
+                CustomLogoLink = storeBlob.CustomLogo?.AbsoluteUri,
                 BtcAddress = paymentMethodDetails.GetPaymentDestination(),
                 OrderAmount = (accounting.TotalDue - accounting.NetworkFee).ToString(),
                 BtcDue = accounting.Due.ToString(),
                 CustomerEmail = invoice.RefundMail,
+                RequiresRefundEmail = storeBlob.RequiresRefundEmail,
                 ExpirationSeconds = Math.Max(0, (int)(invoice.ExpirationTime - DateTimeOffset.UtcNow).TotalSeconds),
                 MaxTimeSeconds = (int)(invoice.ExpirationTime - invoice.InvoiceTime).TotalSeconds,
                 MaxTimeMinutes = (int)(invoice.ExpirationTime - invoice.InvoiceTime).TotalMinutes,
@@ -227,6 +246,7 @@ namespace BTCPayServer.Controllers
                 InvoiceBitcoinUrl = paymentMethodId.PaymentType == PaymentTypes.BTCLike ? cryptoInfo.PaymentUrls.BIP21 :
                                     paymentMethodId.PaymentType == PaymentTypes.LightningLike ? cryptoInfo.PaymentUrls.BOLT11 :
                                     throw new NotSupportedException(),
+                PeerInfo = (paymentMethodDetails as LightningLikePaymentMethodDetails)?.NodeInfo,
                 InvoiceBitcoinUrlQR = paymentMethodId.PaymentType == PaymentTypes.BTCLike ? cryptoInfo.PaymentUrls.BIP21 :
                                     paymentMethodId.PaymentType == PaymentTypes.LightningLike ? cryptoInfo.PaymentUrls.BOLT11.ToUpperInvariant() :
                                     throw new NotSupportedException(),
@@ -234,7 +254,8 @@ namespace BTCPayServer.Controllers
                 BtcPaid = accounting.Paid.ToString(),
                 Status = invoice.Status,
                 CryptoImage = "/" + GetImage(paymentMethodId, network),
-                NetworkFeeDescription = $"{accounting.TxRequired} transaction{(accounting.TxRequired > 1 ? "s" : "")} x {paymentMethodDetails.GetTxFee()} {network.CryptoCode}",
+                NetworkFee = paymentMethodDetails.GetTxFee(),
+                IsMultiCurrency = invoice.GetPayments().Select(p => p.GetPaymentMethodId()).Concat(new[] { paymentMethod.GetId() }).Distinct().Count() > 1,
                 AllowCoinConversion = storeBlob.AllowCoinConversion,
                 AvailableCryptos = invoice.GetPaymentMethods(_NetworkProvider)
                                           .Where(i => i.Network != null)
@@ -247,12 +268,8 @@ namespace BTCPayServer.Controllers
                 .ToList()
             };
 
-            var isMultiCurrency = invoice.GetPayments().Select(p => p.GetPaymentMethodId()).Concat(new[] { paymentMethod.GetId() }).Distinct().Count() > 1;
-            if (isMultiCurrency)
-                model.NetworkFeeDescription = $"{accounting.NetworkFee} {network.CryptoCode}";
-
             var expiration = TimeSpan.FromSeconds(model.ExpirationSeconds);
-            model.TimeLeft = PrettyPrint(expiration);
+            model.TimeLeft = expiration.PrettyPrint();
             return model;
         }
 
@@ -271,17 +288,6 @@ namespace BTCPayServer.Controllers
             return price.ToString("C", _CurrencyNameTable.GetCurrencyProvider(currency)) + $" ({currency})";
         }
 
-        private string PrettyPrint(TimeSpan expiration)
-        {
-            StringBuilder builder = new StringBuilder();
-            if (expiration.Days >= 1)
-                builder.Append(expiration.Days.ToString(CultureInfo.InvariantCulture));
-            if (expiration.Hours >= 1)
-                builder.Append(expiration.Hours.ToString("00", CultureInfo.InvariantCulture));
-            builder.Append($"{expiration.Minutes.ToString("00", CultureInfo.InvariantCulture)}:{expiration.Seconds.ToString("00", CultureInfo.InvariantCulture)}");
-            return builder.ToString();
-        }
-
         [HttpGet]
         [Route("i/{invoiceId}/status")]
         [Route("i/{invoiceId}/{paymentMethodId}/status")]
@@ -352,9 +358,9 @@ namespace BTCPayServer.Controllers
 
         [HttpGet]
         [Route("invoices")]
-        [Authorize(AuthenticationSchemes = "Identity.Application")]
+        [Authorize(AuthenticationSchemes = Policies.CookieAuthentication)]
         [BitpayAPIConstraint(false)]
-        public async Task<IActionResult> ListInvoices(string searchTerm = null, int skip = 0, int count = 20)
+        public async Task<IActionResult> ListInvoices(string searchTerm = null, int skip = 0, int count = 50)
         {
             var model = new InvoicesModel();
             var filterString = new SearchString(searchTerm);
@@ -364,15 +370,20 @@ namespace BTCPayServer.Controllers
                 Count = count,
                 Skip = skip,
                 UserId = GetUserId(),
-                Status = filterString.Filters.TryGet("status"),
-                StoreId = filterString.Filters.TryGet("storeid")
+                Unusual = !filterString.Filters.ContainsKey("unusual") ? null
+                          : !bool.TryParse(filterString.Filters["unusual"].First(), out var r) ? (bool?)null
+                          : r,
+                Status = filterString.Filters.ContainsKey("status") ? filterString.Filters["status"].ToArray() : null,
+                ExceptionStatus = filterString.Filters.ContainsKey("exceptionstatus") ? filterString.Filters["exceptionstatus"].ToArray() : null,
+                StoreId = filterString.Filters.ContainsKey("storeid") ? filterString.Filters["storeid"].ToArray() : null
             }))
             {
                 model.SearchTerm = searchTerm;
                 model.Invoices.Add(new InvoiceModel()
                 {
-                    Status = invoice.Status,
-                    Date = Prettify(invoice.InvoiceTime),
+                    Status = invoice.Status + (invoice.ExceptionStatus == null ? string.Empty : $" ({invoice.ExceptionStatus})"),
+                    ShowCheckout = invoice.Status == "new",
+                    Date = (DateTimeOffset.UtcNow - invoice.InvoiceTime).Prettify() + " ago",
                     InvoiceId = invoice.Id,
                     OrderId = invoice.OrderId ?? string.Empty,
                     RedirectUrl = invoice.RedirectURL ?? string.Empty,
@@ -385,37 +396,13 @@ namespace BTCPayServer.Controllers
             return View(model);
         }
 
-        private string Prettify(DateTimeOffset invoiceTime)
-        {
-            var ago = DateTime.UtcNow - invoiceTime;
-
-            if (ago.TotalMinutes < 1)
-            {
-                return $"{(int)ago.TotalSeconds} second{Plural((int)ago.TotalSeconds)} ago";
-            }
-            if (ago.TotalHours < 1)
-            {
-                return $"{(int)ago.TotalMinutes} minute{Plural((int)ago.TotalMinutes)} ago";
-            }
-            if (ago.Days < 1)
-            {
-                return $"{(int)ago.TotalHours} hour{Plural((int)ago.TotalHours)} ago";
-            }
-            return $"{(int)ago.TotalDays} day{Plural((int)ago.TotalDays)} ago";
-        }
-
-        private string Plural(int totalDays)
-        {
-            return totalDays > 1 ? "s" : string.Empty;
-        }
-
         [HttpGet]
         [Route("invoices/create")]
-        [Authorize(AuthenticationSchemes = "Identity.Application")]
+        [Authorize(AuthenticationSchemes = Policies.CookieAuthentication)]
         [BitpayAPIConstraint(false)]
         public async Task<IActionResult> CreateInvoice()
         {
-            var stores = await GetStores(GetUserId());
+            var stores = new SelectList(await _StoreRepository.GetStoresByUserId(GetUserId()), nameof(StoreData.Id), nameof(StoreData.StoreName), null);
             if (stores.Count() == 0)
             {
                 StatusMessage = "Error: You need to create at least one store before creating a transaction";
@@ -426,27 +413,35 @@ namespace BTCPayServer.Controllers
 
         [HttpPost]
         [Route("invoices/create")]
-        [Authorize(AuthenticationSchemes = "Identity.Application")]
+        [Authorize(AuthenticationSchemes = Policies.CookieAuthentication)]
         [BitpayAPIConstraint(false)]
         public async Task<IActionResult> CreateInvoice(CreateInvoiceModel model)
         {
-            model.Stores = await GetStores(GetUserId(), model.StoreId);
+            var stores = await _StoreRepository.GetStoresByUserId(GetUserId());
+            model.Stores = new SelectList(stores, nameof(StoreData.Id), nameof(StoreData.StoreName), model.StoreId);
+            var store = stores.FirstOrDefault(s => s.Id == model.StoreId);
+            if(store == null)
+            {
+                ModelState.AddModelError(nameof(model.StoreId), "Store not found");
+            }
             if (!ModelState.IsValid)
             {
                 return View(model);
             }
-            var store = await _StoreRepository.FindStore(model.StoreId, GetUserId());
             StatusMessage = null;
-            if (store.Role != StoreRoles.Owner)
+            if (!store.HasClaim(Policies.CanModifyStoreSettings.Key))
             {
-                StatusMessage = "Error: You need to be owner of this store to create an invoice";
-            }
-            if (store.GetSupportedPaymentMethods(_NetworkProvider).Count() == 0)
-            {
-                StatusMessage = "Error: You need to configure the derivation scheme in order to create an invoice";
+                ModelState.AddModelError(nameof(model.StoreId), "You need to be owner of this store to create an invoice");
+                return View(model);
             }
 
-            if(StatusMessage != null)
+            if (store.GetSupportedPaymentMethods(_NetworkProvider).Count() == 0)
+            {
+                ModelState.AddModelError(nameof(model.StoreId), "You need to configure the derivation scheme in order to create an invoice");
+                return View(model);
+            }
+
+            if (StatusMessage != null)
             {
                 return RedirectToAction(nameof(StoresController.UpdateStore), "Stores", new
                 {
@@ -472,20 +467,15 @@ namespace BTCPayServer.Controllers
                 StatusMessage = $"Invoice {result.Data.Id} just created!";
                 return RedirectToAction(nameof(ListInvoices));
             }
-            catch (RateUnavailableException)
+            catch (BitpayHttpException ex)
             {
-                ModelState.TryAddModelError(nameof(model.Currency), "Unsupported currency");
+                ModelState.TryAddModelError(nameof(model.Currency), $"Error: {ex.Message}");
                 return View(model);
             }
         }
 
-        private async Task<SelectList> GetStores(string userId, string storeId = null)
-        {
-            return new SelectList(await _StoreRepository.GetStoresByUserId(userId), nameof(StoreData.Id), nameof(StoreData.StoreName), storeId);
-        }
-
         [HttpPost]
-        [Authorize(AuthenticationSchemes = "Identity.Application")]
+        [Authorize(AuthenticationSchemes = Policies.CookieAuthentication)]
         [BitpayAPIConstraint(false)]
         public IActionResult SearchInvoice(InvoicesModel invoices)
         {
@@ -499,7 +489,7 @@ namespace BTCPayServer.Controllers
 
         [HttpPost]
         [Route("invoices/invalidatepaid")]
-        [Authorize(AuthenticationSchemes = "Identity.Application")]
+        [Authorize(AuthenticationSchemes = Policies.CookieAuthentication)]
         [BitpayAPIConstraint(false)]
         public async Task<IActionResult> InvalidatePaidInvoice(string invoiceId)
         {

BTCPayServer/Controllers/InvoiceController.cs

@@ -40,13 +40,14 @@ using NBXplorer.DerivationStrategy;
 using NBXplorer;
 using BTCPayServer.HostedServices;
 using BTCPayServer.Payments;
+using BTCPayServer.Rating;
 
 namespace BTCPayServer.Controllers
 {
     public partial class InvoiceController : Controller
     {
         InvoiceRepository _InvoiceRepository;
-        IRateProviderFactory _RateProviders;
+        BTCPayRateProviderFactory _RateProvider;
         StoreRepository _StoreRepository;
         UserManager<ApplicationUser> _UserManager;
         private CurrencyNameTable _CurrencyNameTable;
@@ -59,7 +60,7 @@ namespace BTCPayServer.Controllers
             InvoiceRepository invoiceRepository,
             CurrencyNameTable currencyNameTable,
             UserManager<ApplicationUser> userManager,
-            IRateProviderFactory rateProviders,
+            BTCPayRateProviderFactory rateProvider,
             StoreRepository storeRepository,
             EventAggregator eventAggregator,
             BTCPayWalletProvider walletProvider,
@@ -69,7 +70,7 @@ namespace BTCPayServer.Controllers
             _CurrencyNameTable = currencyNameTable ?? throw new ArgumentNullException(nameof(currencyNameTable));
             _StoreRepository = storeRepository ?? throw new ArgumentNullException(nameof(storeRepository));
             _InvoiceRepository = invoiceRepository ?? throw new ArgumentNullException(nameof(invoiceRepository));
-            _RateProviders = rateProviders ?? throw new ArgumentNullException(nameof(rateProviders));
+            _RateProvider = rateProvider ?? throw new ArgumentNullException(nameof(rateProvider));
             _UserManager = userManager;
             _EventAggregator = eventAggregator;
             _NetworkProvider = networkProvider;
@@ -79,28 +80,6 @@ namespace BTCPayServer.Controllers
 
         internal async Task<DataWrapper<InvoiceResponse>> CreateInvoiceCore(Invoice invoice, StoreData store, string serverUrl)
         {
-            var supportedPaymentMethods = store.GetSupportedPaymentMethods(_NetworkProvider)
-                                               .Select(c =>
-                                                (Handler: (IPaymentMethodHandler)_ServiceProvider.GetService(typeof(IPaymentMethodHandler<>).MakeGenericType(c.GetType())),
-                                                SupportedPaymentMethod: c,
-                                                Network: _NetworkProvider.GetNetwork(c.PaymentId.CryptoCode),
-                                                IsAvailable: Task.FromResult(false)))
-                                                .Where(c => c.Network != null)
-                                                .Select(c =>
-                                                {
-                                                    c.IsAvailable = c.Handler.IsAvailable(c.SupportedPaymentMethod, c.Network);
-                                                    return c;
-                                                })
-                                                .ToList();
-            foreach (var supportedPaymentMethod in supportedPaymentMethods.ToList())
-            {
-                if (!await supportedPaymentMethod.IsAvailable)
-                {
-                    supportedPaymentMethods.Remove(supportedPaymentMethod);
-                }
-            }
-            if (supportedPaymentMethods.Count == 0)
-                throw new BitpayHttpException(400, "No derivation strategy are available now for this store");
             var entity = new InvoiceEntity
             {
                 InvoiceTime = DateTimeOffset.UtcNow
@@ -119,6 +98,7 @@ namespace BTCPayServer.Controllers
             entity.ExtendedNotifications = invoice.ExtendedNotifications;
             entity.NotificationURL = notificationUri?.AbsoluteUri;
             entity.BuyerInformation = Map<Invoice, BuyerInformation>(invoice);
+            entity.PaymentTolerance = storeBlob.PaymentTolerance;
             //Another way of passing buyer info to support
             FillBuyerInfo(invoice.Buyer, entity.BuyerInformation);
             if (entity?.BuyerInformation?.BuyerEmail != null)
@@ -132,95 +112,164 @@ namespace BTCPayServer.Controllers
             entity.Status = "new";
             entity.SpeedPolicy = ParseSpeedPolicy(invoice.TransactionSpeed, store.SpeedPolicy);
 
-            var methods = supportedPaymentMethods
-                        .Select(async o =>
-                        {
-                            var rate = await storeBlob.ApplyRateRules(o.Network, _RateProviders.GetRateProvider(o.Network, false)).GetRateAsync(invoice.Currency);
-                            PaymentMethod paymentMethod = new PaymentMethod();
-                            paymentMethod.ParentEntity = entity;
-                            paymentMethod.Network = o.Network;
-                            paymentMethod.SetId(o.SupportedPaymentMethod.PaymentId);
-                            paymentMethod.Rate = rate;
-                            var paymentDetails = await o.Handler.CreatePaymentMethodDetails(o.SupportedPaymentMethod, paymentMethod, o.Network);
-                            if (storeBlob.NetworkFeeDisabled)
-                                paymentDetails.SetNoTxFee();
-                            paymentMethod.SetPaymentMethodDetails(paymentDetails);
-#pragma warning disable CS0618
-                            if (paymentMethod.GetId().IsBTCOnChain)
-                            {
-                                entity.TxFee = paymentMethod.TxFee;
-                                entity.Rate = paymentMethod.Rate;
-                                entity.DepositAddress = paymentMethod.DepositAddress;
-                            }
-#pragma warning restore CS0618
-                            return (SupportedPaymentMethod: o.SupportedPaymentMethod, PaymentMethod: paymentMethod);
-                        });
-            
-            var paymentMethods = new PaymentMethodDictionary();
-            List<ISupportedPaymentMethod> supported = new List<ISupportedPaymentMethod>();
-            foreach (var method in methods)
+
+            HashSet<CurrencyPair> currencyPairsToFetch = new HashSet<CurrencyPair>();
+            var rules = storeBlob.GetRateRules(_NetworkProvider);
+
+            foreach (var network in store.GetSupportedPaymentMethods(_NetworkProvider)
+                                               .Select(c => _NetworkProvider.GetNetwork(c.PaymentId.CryptoCode))
+                                                .Where(c => c != null))
             {
-                var o = await method;
-
-                // Check if Lightning Max value is exceeded
-                if(o.SupportedPaymentMethod.PaymentId.PaymentType == PaymentTypes.LightningLike &&
-                   storeBlob.LightningMaxValue != null)
-                {
-                    var lightningMaxValue = storeBlob.LightningMaxValue;
-                    decimal rate = 0.0m;
-                    if (lightningMaxValue.Currency == invoice.Currency)
-                        rate = o.PaymentMethod.Rate;
-                    else
-                        rate = await storeBlob.ApplyRateRules(o.PaymentMethod.Network, _RateProviders.GetRateProvider(o.PaymentMethod.Network, false)).GetRateAsync(lightningMaxValue.Currency);
-
-                    var lightningMaxValueCrypto = Money.Coins(lightningMaxValue.Value / rate);
-                    if (o.PaymentMethod.Calculate().Due > lightningMaxValueCrypto)
-                    {
-                        continue;
-                    }
-                }
-                ///////////////
-                supported.Add(o.SupportedPaymentMethod);
-                paymentMethods.Add(o.PaymentMethod);
+                currencyPairsToFetch.Add(new CurrencyPair(network.CryptoCode, invoice.Currency));
+                if (storeBlob.LightningMaxValue != null)
+                    currencyPairsToFetch.Add(new CurrencyPair(network.CryptoCode, storeBlob.LightningMaxValue.Currency));
+                if (storeBlob.OnChainMinValue != null)
+                    currencyPairsToFetch.Add(new CurrencyPair(network.CryptoCode, storeBlob.OnChainMinValue.Currency));
             }
 
-            if(supported.Count == 0)
+            var rateRules = storeBlob.GetRateRules(_NetworkProvider);
+            var fetchingByCurrencyPair = _RateProvider.FetchRates(currencyPairsToFetch, rateRules);
+
+            var supportedPaymentMethods = store.GetSupportedPaymentMethods(_NetworkProvider)
+                                               .Select(c =>
+                                                (Handler: (IPaymentMethodHandler)_ServiceProvider.GetService(typeof(IPaymentMethodHandler<>).MakeGenericType(c.GetType())),
+                                                SupportedPaymentMethod: c,
+                                                Network: _NetworkProvider.GetNetwork(c.PaymentId.CryptoCode)))
+                                                .Where(c => c.Network != null)
+                                                .Select(o =>
+                                                    (SupportedPaymentMethod: o.SupportedPaymentMethod,
+                                                    PaymentMethod: CreatePaymentMethodAsync(fetchingByCurrencyPair, o.Handler, o.SupportedPaymentMethod, o.Network, entity, store)))
+                                                .ToList();
+
+            List<string> paymentMethodErrors = new List<string>();
+            List<ISupportedPaymentMethod> supported = new List<ISupportedPaymentMethod>();
+            var paymentMethods = new PaymentMethodDictionary();
+
+            foreach(var pair in fetchingByCurrencyPair)
             {
-                throw new BitpayHttpException(400, "No derivation strategy are available now for this store");
+                var rateResult = await pair.Value;
+                bool hasError = false;
+                if(rateResult.Errors.Count != 0)
+                {
+                    var allRateRuleErrors = string.Join(", ", rateResult.Errors.ToArray());
+                    paymentMethodErrors.Add($"{pair.Key}: Rate rule error ({allRateRuleErrors})");
+                    hasError = true;
+                }
+                if(rateResult.ExchangeExceptions.Count != 0)
+                {
+                    foreach(var ex in rateResult.ExchangeExceptions)
+                    {
+                        paymentMethodErrors.Add($"{pair.Key}: Exception reaching exchange {ex.ExchangeName} ({ex.Exception.Message})");
+                    }
+                    hasError = true;
+                }
+                if(hasError)
+                {
+                    paymentMethodErrors.Add($"{pair.Key}: The rule is {rateResult.Rule}");
+                    paymentMethodErrors.Add($"{pair.Key}: Evaluated rule is {rateResult.EvaluatedRule}");
+                }
+            }
+
+            foreach (var o in supportedPaymentMethods)
+            {
+                try
+                {
+                    var paymentMethod = await o.PaymentMethod;
+                    if (paymentMethod == null)
+                        throw new PaymentMethodUnavailableException("Payment method unavailable");
+                    supported.Add(o.SupportedPaymentMethod);
+                    paymentMethods.Add(paymentMethod);
+                }
+                catch (PaymentMethodUnavailableException ex)
+                {
+                    paymentMethodErrors.Add($"{o.SupportedPaymentMethod.PaymentId.CryptoCode} ({o.SupportedPaymentMethod.PaymentId.PaymentType}): Payment method unavailable ({ex.Message})");
+                }
+                catch (Exception ex)
+                {
+                    paymentMethodErrors.Add($"{o.SupportedPaymentMethod.PaymentId.CryptoCode} ({o.SupportedPaymentMethod.PaymentId.PaymentType}): Unexpected exception ({ex.ToString()})");
+                }
+            }
+
+            if (supported.Count == 0)
+            {
+                StringBuilder errors = new StringBuilder();
+                errors.AppendLine("No payment method available for this store");
+                foreach (var error in paymentMethodErrors)
+                {
+                    errors.AppendLine(error);
+                }
+                throw new BitpayHttpException(400, errors.ToString());
             }
 
             entity.SetSupportedPaymentMethods(supported);
             entity.SetPaymentMethods(paymentMethods);
-#pragma warning disable CS0618
-            // Legacy Bitpay clients expect information for BTC information, even if the store do not support it
-            var legacyBTCisSet = paymentMethods.Any(p => p.GetId().IsBTCOnChain);
-            if (!legacyBTCisSet && _NetworkProvider.BTC != null)
-            {
-                var btc = _NetworkProvider.BTC;
-                var feeProvider = ((IFeeProviderFactory)_ServiceProvider.GetService(typeof(IFeeProviderFactory))).CreateFeeProvider(btc);
-                var rateProvider = storeBlob.ApplyRateRules(btc, _RateProviders.GetRateProvider(btc, false));
-                if (feeProvider != null && rateProvider != null)
-                {
-                    var gettingFee = feeProvider.GetFeeRateAsync();
-                    var gettingRate = rateProvider.GetRateAsync(invoice.Currency);
-                    entity.TxFee = GetTxFee(storeBlob, await gettingFee);
-                    entity.Rate = await gettingRate;
-                }
-#pragma warning restore CS0618
-            }
             entity.PosData = invoice.PosData;
-            entity = await _InvoiceRepository.CreateInvoiceAsync(store.Id, entity, _NetworkProvider);
+            entity = await _InvoiceRepository.CreateInvoiceAsync(store.Id, entity, paymentMethodErrors, _NetworkProvider);
+
             _EventAggregator.Publish(new Events.InvoiceEvent(entity, 1001, "invoice_created"));
             var resp = entity.EntityToDTO(_NetworkProvider);
             return new DataWrapper<InvoiceResponse>(resp) { Facade = "pos/invoice" };
         }
 
-#pragma warning disable CS0618
-        private static Money GetTxFee(StoreBlob storeBlob, FeeRate feeRate)
+        private async Task<PaymentMethod> CreatePaymentMethodAsync(Dictionary<CurrencyPair, Task<RateResult>> fetchingByCurrencyPair, IPaymentMethodHandler handler, ISupportedPaymentMethod supportedPaymentMethod, BTCPayNetwork network, InvoiceEntity entity, StoreData store)
         {
-            return storeBlob.NetworkFeeDisabled ? Money.Zero : feeRate.GetFee(100);
-        }
+            var storeBlob = store.GetStoreBlob();
+            var rate = await fetchingByCurrencyPair[new CurrencyPair(network.CryptoCode, entity.ProductInformation.Currency)];
+            if (rate.Value == null)
+                return null;
+            PaymentMethod paymentMethod = new PaymentMethod();
+            paymentMethod.ParentEntity = entity;
+            paymentMethod.Network = network;
+            paymentMethod.SetId(supportedPaymentMethod.PaymentId);
+            paymentMethod.Rate = rate.Value.Value;
+            var paymentDetails = await handler.CreatePaymentMethodDetails(supportedPaymentMethod, paymentMethod, store, network);
+            if (storeBlob.NetworkFeeDisabled)
+                paymentDetails.SetNoTxFee();
+            paymentMethod.SetPaymentMethodDetails(paymentDetails);
+
+            Func<Money, Money, bool> compare = null;
+            CurrencyValue limitValue = null;
+            string errorMessage = null;
+            if (supportedPaymentMethod.PaymentId.PaymentType == PaymentTypes.LightningLike &&
+               storeBlob.LightningMaxValue != null)
+            {
+                compare = (a, b) => a > b;
+                limitValue = storeBlob.LightningMaxValue;
+                errorMessage = "The amount of the invoice is too high to be paid with lightning";
+            }
+            else if (supportedPaymentMethod.PaymentId.PaymentType == PaymentTypes.BTCLike &&
+               storeBlob.OnChainMinValue != null)
+            {
+                compare = (a, b) => a < b;
+                limitValue = storeBlob.OnChainMinValue;
+                errorMessage = "The amount of the invoice is too low to be paid on chain";
+            }
+
+            if (compare != null)
+            {
+                var limitValueRate = await fetchingByCurrencyPair[new CurrencyPair(network.CryptoCode, limitValue.Currency)];
+                if (limitValueRate.Value.HasValue)
+                {
+                    var limitValueCrypto = Money.Coins(limitValue.Value / limitValueRate.Value.Value);
+                    if (compare(paymentMethod.Calculate().Due, limitValueCrypto))
+                    {
+                        throw new PaymentMethodUnavailableException(errorMessage);
+                    }
+                }
+            }
+            ///////////////
+
+
+#pragma warning disable CS0618
+            if (paymentMethod.GetId().IsBTCOnChain)
+            {
+                entity.TxFee = paymentMethod.TxFee;
+                entity.Rate = paymentMethod.Rate;
+                entity.DepositAddress = paymentMethod.DepositAddress;
+            }
 #pragma warning restore CS0618
+            return paymentMethod;
+        }
 
         private SpeedPolicy ParseSpeedPolicy(string transactionSpeed, SpeedPolicy defaultPolicy)
         {
@@ -250,11 +299,6 @@ namespace BTCPayServer.Controllers
             buyerInformation.BuyerZip = buyerInformation.BuyerZip ?? buyer.zip;
         }
 
-        private DerivationStrategyBase ParseDerivationStrategy(string derivationStrategy, BTCPayNetwork network)
-        {
-            return new DerivationStrategyFactory(network.NBitcoinNetwork).Parse(derivationStrategy);
-        }
-
         private TDest Map<TFrom, TDest>(TFrom data)
         {
             return JsonConvert.DeserializeObject<TDest>(JsonConvert.SerializeObject(data));

BTCPayServer/Controllers/ManageController.cs

@@ -21,10 +21,11 @@ using BTCPayServer.Services.Stores;
 using BTCPayServer.Services.Wallets;
 using BTCPayServer.Services.Mails;
 using System.Globalization;
+using BTCPayServer.Security;
 
 namespace BTCPayServer.Controllers
 {
-    [Authorize]
+    [Authorize(AuthenticationSchemes = Policies.CookieAuthentication)]
     [Route("[controller]/[action]")]
     public class ManageController : Controller
     {

BTCPayServer/Controllers/RateController.cs

@@ -8,17 +8,19 @@ using System.Threading.Tasks;
 using BTCPayServer.Filters;
 using BTCPayServer.Services.Rates;
 using BTCPayServer.Services.Stores;
+using BTCPayServer.Rating;
+using Newtonsoft.Json;
 
 namespace BTCPayServer.Controllers
 {
     public class RateController : Controller
     {
-        IRateProviderFactory _RateProviderFactory;
+        BTCPayRateProviderFactory _RateProviderFactory;
         BTCPayNetworkProvider _NetworkProvider;
         CurrencyNameTable _CurrencyNameTable;
         StoreRepository _StoreRepo;
         public RateController(
-            IRateProviderFactory rateProviderFactory, 
+            BTCPayRateProviderFactory rateProviderFactory,
             BTCPayNetworkProvider networkProvider,
             StoreRepository storeRepo,
             CurrencyNameTable currencyNameTable)
@@ -32,43 +34,101 @@ namespace BTCPayServer.Controllers
         [Route("rates")]
         [HttpGet]
         [BitpayAPIConstraint]
-        public async Task<IActionResult> GetRates(string cryptoCode = null, string storeId = null)
+        public async Task<IActionResult> GetRates(string currencyPairs, string storeId)
         {
-            var result = await GetRates2(cryptoCode, storeId);
-            var rates = (result as JsonResult)?.Value as NBitpayClient.Rate[];
-            if(rates == null)
+            storeId = storeId ?? this.HttpContext.GetStoreData()?.Id;
+            var result = await GetRates2(currencyPairs, storeId);
+            var rates = (result as JsonResult)?.Value as Rate[];
+            if (rates == null)
                 return result;
-            return Json(new DataWrapper<NBitpayClient.Rate[]>(rates)); 
+            return Json(new DataWrapper<Rate[]>(rates));
         }
 
         [Route("api/rates")]
         [HttpGet]
-        public async Task<IActionResult> GetRates2(string cryptoCode = null, string storeId = null)
+        public async Task<IActionResult> GetRates2(string currencyPairs, string storeId)
         {
-            cryptoCode = cryptoCode ?? "BTC";
-            var network = _NetworkProvider.GetNetwork(cryptoCode);
-            if (network == null)
-                return NotFound();
-            var rateProvider = _RateProviderFactory.GetRateProvider(network, true);
-            if (rateProvider == null)
-                return NotFound();
-
-            if (storeId != null)
+            if(storeId == null || currencyPairs == null)
             {
-                var store = await _StoreRepo.FindStore(storeId);
-                if (store == null)
-                    return NotFound();
-                rateProvider = store.GetStoreBlob().ApplyRateRules(network, rateProvider);
+                var result = Json(new BitpayErrorsModel() { Error = "You need to specify storeId (in your store settings) and currencyPairs (eg. BTC_USD,LTC_CAD)" });
+                result.StatusCode = 400;
+                return result;
             }
 
-            var allRates = (await rateProvider.GetRatesAsync());
-            return Json(allRates.Select(r =>
-                            new NBitpayClient.Rate()
+            var store = this.HttpContext.GetStoreData();
+            if(store == null || store.Id != storeId)
+                store = await _StoreRepo.FindStore(storeId);
+            if (store == null)
+            {
+                var result = Json(new BitpayErrorsModel() { Error = "Store not found" });
+                result.StatusCode = 404;
+                return result;
+            }
+            var rules = store.GetStoreBlob().GetRateRules(_NetworkProvider);
+
+            HashSet<CurrencyPair> pairs = new HashSet<CurrencyPair>();
+            foreach(var currency in currencyPairs.Split(','))
+            {
+                if(!CurrencyPair.TryParse(currency, out var pair))
+                {
+                    var result = Json(new BitpayErrorsModel() { Error = $"Currency pair {currency} uncorrectly formatted" });
+                    result.StatusCode = 400;
+                    return result;
+                }
+                pairs.Add(pair);
+            }
+
+            var fetching = _RateProviderFactory.FetchRates(pairs, rules);
+            await Task.WhenAll(fetching.Select(f => f.Value).ToArray());
+            return Json(pairs
+                            .Select(r => (Pair: r, Value: fetching[r].GetAwaiter().GetResult().Value))
+                            .Where(r => r.Value.HasValue)
+                            .Select(r =>
+                            new Rate()
                             {
-                                Code = r.Currency,
-                                Name = _CurrencyNameTable.GetCurrencyData(r.Currency)?.Name,
-                                Value = r.Value
+                                CryptoCode = r.Pair.Left,
+                                Code = r.Pair.Right,
+                                CurrencyPair = r.Pair.ToString(),
+                                Name = _CurrencyNameTable.GetCurrencyData(r.Pair.Right)?.Name,
+                                Value = r.Value.Value
                             }).Where(n => n.Name != null).ToArray());
         }
+
+        public class Rate
+        {
+
+            [JsonProperty(PropertyName = "name")]
+            public string Name
+            {
+                get;
+                set;
+            }
+            [JsonProperty(PropertyName = "cryptoCode")]
+            public string CryptoCode
+            {
+                get;
+                set;
+            }
+
+            [JsonProperty(PropertyName = "currencyPair")]
+            public string CurrencyPair
+            {
+                get;
+                set;
+            }
+
+            [JsonProperty(PropertyName = "code")]
+            public string Code
+            {
+                get;
+                set;
+            }
+            [JsonProperty(PropertyName = "rate")]
+            public decimal Value
+            {
+                get;
+                set;
+            }
+        }
     }
 }

BTCPayServer/Controllers/ServerController.cs

@@ -1,7 +1,9 @@
-using BTCPayServer.Models;
+using BTCPayServer.HostedServices;
+using BTCPayServer.Models;
 using BTCPayServer.Models.ServerViewModels;
 using BTCPayServer.Services;
 using BTCPayServer.Services.Mails;
+using BTCPayServer.Services.Rates;
 using BTCPayServer.Validations;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
@@ -11,21 +13,96 @@ using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
 using System.Linq;
 using System.Net;
+using System.Net.Http;
 using System.Net.Mail;
 using System.Threading.Tasks;
 
 namespace BTCPayServer.Controllers
 {
-    [Authorize(Roles = Roles.ServerAdmin)]
+    [Authorize(Policy = BTCPayServer.Security.Policies.CanModifyServerSettings.Key)]
     public class ServerController : Controller
     {
         private UserManager<ApplicationUser> _UserManager;
         SettingsRepository _SettingsRepository;
+        private BTCPayRateProviderFactory _RateProviderFactory;
 
-        public ServerController(UserManager<ApplicationUser> userManager, SettingsRepository settingsRepository)
+        public ServerController(UserManager<ApplicationUser> userManager,
+            BTCPayRateProviderFactory rateProviderFactory,
+            SettingsRepository settingsRepository)
         {
             _UserManager = userManager;
             _SettingsRepository = settingsRepository;
+            _RateProviderFactory = rateProviderFactory;
+        }
+
+        [Route("server/rates")]
+        public async Task<IActionResult> Rates()
+        {
+            var rates = (await _SettingsRepository.GetSettingAsync<RatesSetting>()) ?? new RatesSetting();
+
+            var vm = new RatesViewModel()
+            {
+                CacheMinutes = rates.CacheInMinutes,
+                PrivateKey = rates.PrivateKey,
+                PublicKey = rates.PublicKey
+            };
+            await FetchRateLimits(vm);
+            return View(vm);
+        }
+
+        private static async Task FetchRateLimits(RatesViewModel vm)
+        {
+            var coinAverage = GetCoinaverageService(vm, false);
+            if (coinAverage != null)
+            {
+                try
+                {
+                    vm.RateLimits = await coinAverage.GetRateLimitsAsync();
+                }
+                catch { }
+            }
+        }
+
+        [Route("server/rates")]
+        [HttpPost]
+        public async Task<IActionResult> Rates(RatesViewModel vm)
+        {
+            var rates = (await _SettingsRepository.GetSettingAsync<RatesSetting>()) ?? new RatesSetting();
+            rates.PrivateKey = vm.PrivateKey;
+            rates.PublicKey = vm.PublicKey;
+            rates.CacheInMinutes = vm.CacheMinutes;
+            try
+            {
+                var service = GetCoinaverageService(vm, true);
+                if(service != null)
+                    await service.TestAuthAsync();
+            }
+            catch
+            {
+                ModelState.AddModelError(nameof(vm.PrivateKey), "Invalid API key pair");
+            }
+            if (!ModelState.IsValid)
+            {
+                await FetchRateLimits(vm);
+                return View(vm);
+            }
+            await _SettingsRepository.UpdateSetting(rates);
+            StatusMessage = "Rate settings successfully updated";
+            return RedirectToAction(nameof(Rates));
+        }
+
+        private static CoinAverageRateProvider GetCoinaverageService(RatesViewModel vm, bool withAuth)
+        {
+            var settings = new CoinAverageSettings()
+            {
+                KeyPair = (vm.PublicKey, vm.PrivateKey)
+            };
+            if (!withAuth || settings.GetCoinAverageSignature() != null)
+            {
+                return new CoinAverageRateProvider()
+                { Authenticator = settings };
+            }
+            return null;
         }
 
         [Route("server/users")]
@@ -52,6 +129,7 @@ namespace BTCPayServer.Controllers
             var roles = await _UserManager.GetRolesAsync(user);
             var userVM = new UserViewModel();
             userVM.Id = user.Id;
+            userVM.Email = user.Email;
             userVM.IsAdmin = IsAdmin(roles);
             return View(userVM);
         }
@@ -72,7 +150,7 @@ namespace BTCPayServer.Controllers
             var isAdmin = IsAdmin(roles);
             bool updated = false;
 
-            if(isAdmin != viewModel.IsAdmin)
+            if (isAdmin != viewModel.IsAdmin)
             {
                 if (viewModel.IsAdmin)
                     await _UserManager.AddToRoleAsync(user, Roles.ServerAdmin);
@@ -80,7 +158,7 @@ namespace BTCPayServer.Controllers
                     await _UserManager.RemoveFromRoleAsync(user, Roles.ServerAdmin);
                 updated = true;
             }
-            if(updated)
+            if (updated)
             {
                 viewModel.StatusMessage = "User successfully updated";
             }
@@ -138,7 +216,22 @@ namespace BTCPayServer.Controllers
         public async Task<IActionResult> Policies(PoliciesSettings settings)
         {
             await _SettingsRepository.UpdateSetting(settings);
-            TempData["StatusMessage"] = "Policies upadated successfully";
+            TempData["StatusMessage"] = "Policies updated successfully";
+            return View(settings);
+        }
+
+        [Route("server/theme")]
+        public async Task<IActionResult> Theme()
+        {
+            var data = (await _SettingsRepository.GetSettingAsync<ThemeSettings>()) ?? new ThemeSettings();
+            return View(data);
+        }
+        [Route("server/theme")]
+        [HttpPost]
+        public async Task<IActionResult> Theme(ThemeSettings settings)
+        {
+            await _SettingsRepository.UpdateSetting(settings);
+            TempData["StatusMessage"] = "Theme settings updated successfully";
             return View(settings);
         }
 
@@ -148,10 +241,13 @@ namespace BTCPayServer.Controllers
         {
             if (command == "Test")
             {
-                if (!ModelState.IsValid)
-                    return View(model);
                 try
                 {
+                    if(!model.Settings.IsComplete())
+                    {
+                        model.StatusMessage = "Error: Required fields missing";
+                        return View(model);
+                    }
                     var client = model.Settings.CreateSmtpClient();
                     await client.SendMailAsync(model.Settings.From, model.TestEmail, "BTCPay test", "BTCPay test");
                     model.StatusMessage = "Email sent to " + model.TestEmail + ", please, verify you received it";
@@ -162,11 +258,8 @@ namespace BTCPayServer.Controllers
                 }
                 return View(model);
             }
-            else
+            else // if(command == "Save")
             {
-                ModelState.Remove(nameof(model.TestEmail));
-                if (!ModelState.IsValid)
-                    return View(model);
                 await _SettingsRepository.UpdateSetting(model.Settings);
                 model.StatusMessage = "Email settings saved";
                 return View(model);

BTCPayServer/Controllers/StoresController.BTCLike.cs

@@ -21,15 +21,21 @@ namespace BTCPayServer.Controllers
     {
         [HttpGet]
         [Route("{storeId}/derivations/{cryptoCode}")]
-        public async Task<IActionResult> AddDerivationScheme(string storeId, string cryptoCode)
+        public IActionResult AddDerivationScheme(string storeId, string cryptoCode)
         {
-            var store = await _Repo.FindStore(storeId, GetUserId());
+            var store = HttpContext.GetStoreData();
             if (store == null)
                 return NotFound();
+            var network = cryptoCode == null ? null : _ExplorerProvider.GetNetwork(cryptoCode);
+            if (network == null)
+            {
+                return NotFound();
+            }
 
             DerivationSchemeViewModel vm = new DerivationSchemeViewModel();
             vm.ServerUrl = GetStoreUrl(storeId);
             vm.CryptoCode = cryptoCode;
+            vm.RootKeyPath = network.GetRootKeyPath();
             SetExistingValues(store, vm);
             return View(vm);
         }
@@ -54,7 +60,7 @@ namespace BTCPayServer.Controllers
         {
             vm.ServerUrl = GetStoreUrl(storeId);
             vm.CryptoCode = cryptoCode;
-            var store = await _Repo.FindStore(storeId, GetUserId());
+            var store = HttpContext.GetStoreData();
             if (store == null)
                 return NotFound();
 
@@ -63,6 +69,7 @@ namespace BTCPayServer.Controllers
             {
                 return NotFound();
             }
+            vm.RootKeyPath = network.GetRootKeyPath();
             var wallet = _WalletProvider.GetWallet(network);
             if (wallet == null)
             {
@@ -181,7 +188,7 @@ namespace BTCPayServer.Controllers
         {
             if (!HttpContext.WebSockets.IsWebSocketRequest)
                 return NotFound();
-            var store = await _Repo.FindStore(storeId, GetUserId());
+            var store = HttpContext.GetStoreData();
             if (store == null)
                 return NotFound();
 
@@ -204,7 +211,7 @@ namespace BTCPayServer.Controllers
                 {
                     try
                     {
-                        destinationAddress = BitcoinAddress.Create(destination);
+                        destinationAddress = BitcoinAddress.Create(destination, network.NBitcoinNetwork);
                     }
                     catch { }
                     if (destinationAddress == null)
@@ -251,8 +258,6 @@ namespace BTCPayServer.Controllers
                 if (command == "getxpub")
                 {
                     var getxpubResult = await hw.GetExtPubKey(network, account);
-                    ;
-                    getxpubResult.CoinType = (int)(getxpubResult.KeyPath.Indexes[1] - 0x80000000);
                     result = getxpubResult;
                 }
                 if (command == "getinfo")

BTCPayServer/Controllers/StoresController.LightningLike.cs

@@ -10,6 +10,7 @@ using Microsoft.AspNetCore.Mvc;
 using BTCPayServer.Payments.Lightning;
 using System.Net;
 using BTCPayServer.Data;
+using System.Threading;
 
 namespace BTCPayServer.Controllers
 {
@@ -18,9 +19,9 @@ namespace BTCPayServer.Controllers
 
         [HttpGet]
         [Route("{storeId}/lightning/{cryptoCode}")]
-        public async Task<IActionResult> AddLightningNode(string storeId, string cryptoCode)
+        public IActionResult AddLightningNode(string storeId, string cryptoCode)
         {
-            var store = await _Repo.FindStore(storeId, GetUserId());
+            var store = HttpContext.GetStoreData();
             if (store == null)
                 return NotFound();
             LightningNodeViewModel vm = new LightningNodeViewModel();
@@ -58,7 +59,7 @@ namespace BTCPayServer.Controllers
         public async Task<IActionResult> AddLightningNode(string storeId, LightningNodeViewModel vm, string command, string cryptoCode)
         {
             vm.CryptoCode = cryptoCode;
-            var store = await _Repo.FindStore(storeId, GetUserId());
+            var store = HttpContext.GetStoreData();
             if (store == null)
                 return NotFound();
             var network = vm.CryptoCode == null ? null : _ExplorerProvider.GetNetwork(vm.CryptoCode);
@@ -127,13 +128,20 @@ namespace BTCPayServer.Controllers
                 try
                 {
                     var info = await handler.Test(paymentMethod, network);
+                    if (!vm.SkipPortTest)
+                    {
+                        using (CancellationTokenSource cts = new CancellationTokenSource(TimeSpan.FromSeconds(20)))
+                        {
+                            await handler.TestConnection(info, cts.Token);
+                        }
+                    }
                     vm.StatusMessage = $"Connection to the lightning node succeed ({info})";
                 }
                 catch (Exception ex)
                 {
                     vm.StatusMessage = $"Error: {ex.Message}";
                     return View(vm);
-                }                
+                }
                 return View(vm);
             }
         }

BTCPayServer/Controllers/StoresController.cs

@@ -4,7 +4,10 @@ using BTCPayServer.Data;
 using BTCPayServer.HostedServices;
 using BTCPayServer.Models;
 using BTCPayServer.Models.StoreViewModels;
+using BTCPayServer.Rating;
+using BTCPayServer.Security;
 using BTCPayServer.Services;
+using BTCPayServer.Services.Rates;
 using BTCPayServer.Services.Stores;
 using BTCPayServer.Services.Wallets;
 using Microsoft.AspNetCore.Authorization;
@@ -18,6 +21,7 @@ using NBitcoin.DataEncoders;
 using NBXplorer.DerivationStrategy;
 using System;
 using System.Collections.Generic;
+using System.Globalization;
 using System.Linq;
 using System.Net.Http;
 using System.Threading;
@@ -26,11 +30,12 @@ using System.Threading.Tasks;
 namespace BTCPayServer.Controllers
 {
     [Route("stores")]
-    [Authorize(AuthenticationSchemes = "Identity.Application")]
-    [Authorize(Policy = StorePolicies.OwnStore)]
+    [Authorize(AuthenticationSchemes = Policies.CookieAuthentication)]
+    [Authorize(Policy = Policies.CanModifyStoreSettings.Key)]
     [AutoValidateAntiforgeryToken]
     public partial class StoresController : Controller
     {
+        BTCPayRateProviderFactory _RateFactory;
         public string CreatedStoreId { get; set; }
         public StoresController(
             NBXplorerDashboard dashboard,
@@ -44,11 +49,14 @@ namespace BTCPayServer.Controllers
             AccessTokenController tokenController,
             BTCPayWalletProvider walletProvider,
             BTCPayNetworkProvider networkProvider,
+            BTCPayRateProviderFactory rateFactory,
             ExplorerClientProvider explorerProvider,
             IFeeProviderFactory feeRateProvider,
             LanguageService langService,
-            IHostingEnvironment env)
+            IHostingEnvironment env,
+            CoinAverageSettings coinAverage)
         {
+            _RateFactory = rateFactory;
             _Dashboard = dashboard;
             _Repo = repo;
             _TokenRepository = tokenRepo;
@@ -64,7 +72,9 @@ namespace BTCPayServer.Controllers
             _ServiceProvider = serviceProvider;
             _BtcpayServerOptions = btcpayServerOptions;
             _BTCPayEnv = btcpayEnv;
+            _CoinAverage = coinAverage;
         }
+        CoinAverageSettings _CoinAverage;
         NBXplorerDashboard _Dashboard;
         BTCPayServerOptions _BtcpayServerOptions;
         BTCPayServerEnvironment _BTCPayEnv;
@@ -89,13 +99,10 @@ namespace BTCPayServer.Controllers
 
         [HttpGet]
         [Route("{storeId}/wallet/{cryptoCode}")]
-        public async Task<IActionResult> Wallet(string storeId, string cryptoCode)
+        public IActionResult Wallet(string cryptoCode)
         {
-            var store = await _Repo.FindStore(storeId, GetUserId());
-            if (store == null)
-                return NotFound();
             WalletModel model = new WalletModel();
-            model.ServerUrl = GetStoreUrl(storeId);
+            model.ServerUrl = GetStoreUrl(StoreData.Id);
             model.CryptoCurrency = cryptoCode;
             return View(model);
         }
@@ -107,17 +114,17 @@ namespace BTCPayServer.Controllers
 
         [HttpGet]
         [Route("{storeId}/users")]
-        public async Task<IActionResult> StoreUsers(string storeId)
+        public async Task<IActionResult> StoreUsers()
         {
             StoreUsersViewModel vm = new StoreUsersViewModel();
-            await FillUsers(storeId, vm);
+            await FillUsers(vm);
             return View(vm);
         }
 
-        private async Task FillUsers(string storeId, StoreUsersViewModel vm)
+        private async Task FillUsers(StoreUsersViewModel vm)
         {
-            var users = await _Repo.GetStoreUsers(storeId);
-            vm.StoreId = storeId;
+            var users = await _Repo.GetStoreUsers(StoreData.Id);
+            vm.StoreId = StoreData.Id;
             vm.Users = users.Select(u => new StoreUsersViewModel.StoreUserViewModel()
             {
                 Email = u.Email,
@@ -126,11 +133,20 @@ namespace BTCPayServer.Controllers
             }).ToList();
         }
 
+        public StoreData StoreData
+        {
+            get
+            {
+                return this.HttpContext.GetStoreData();
+            }
+        }
+
+
         [HttpPost]
         [Route("{storeId}/users")]
-        public async Task<IActionResult> StoreUsers(string storeId, StoreUsersViewModel vm)
+        public async Task<IActionResult> StoreUsers(StoreUsersViewModel vm)
         {
-            await FillUsers(storeId, vm);
+            await FillUsers(vm);
             if (!ModelState.IsValid)
             {
                 return View(vm);
@@ -146,7 +162,7 @@ namespace BTCPayServer.Controllers
                 ModelState.AddModelError(nameof(vm.Role), "Invalid role");
                 return View(vm);
             }
-            if (!await _Repo.AddStoreUser(storeId, user.Id, vm.Role))
+            if (!await _Repo.AddStoreUser(StoreData.Id, user.Id, vm.Role))
             {
                 ModelState.AddModelError(nameof(vm.Email), "The user already has access to this store");
                 return View(vm);
@@ -157,19 +173,16 @@ namespace BTCPayServer.Controllers
 
         [HttpGet]
         [Route("{storeId}/users/{userId}/delete")]
-        public async Task<IActionResult> DeleteStoreUser(string storeId, string userId)
+        public async Task<IActionResult> DeleteStoreUser(string userId)
         {
             StoreUsersViewModel vm = new StoreUsersViewModel();
-            var store = await _Repo.FindStore(storeId, userId);
-            if (store == null)
-                return NotFound();
             var user = await _UserManager.FindByIdAsync(userId);
             if (user == null)
                 return NotFound();
             return View("Confirm", new ConfirmModel()
             {
                 Title = $"Remove store user",
-                Description = $"Are you sure to remove access to remove {store.Role} access to {user.Email}?",
+                Description = $"Are you sure to remove access to remove access to {user.Email}?",
                 Action = "Delete"
             });
         }
@@ -184,10 +197,226 @@ namespace BTCPayServer.Controllers
         }
 
         [HttpGet]
-        [Route("{storeId}")]
-        public async Task<IActionResult> UpdateStore(string storeId)
+        [Route("{storeId}/rates")]
+        public IActionResult Rates()
         {
-            var store = await _Repo.FindStore(storeId, GetUserId());
+            var storeBlob = StoreData.GetStoreBlob();
+            var vm = new RatesViewModel();
+            vm.SetExchangeRates(GetSupportedExchanges(), storeBlob.PreferredExchange ?? CoinAverageRateProvider.CoinAverageName);
+            vm.RateMultiplier = (double)storeBlob.GetRateMultiplier();
+            vm.Script = storeBlob.GetRateRules(_NetworkProvider).ToString();
+            vm.DefaultScript = storeBlob.GetDefaultRateRules(_NetworkProvider).ToString();
+            vm.AvailableExchanges = GetSupportedExchanges();
+            vm.ShowScripting = storeBlob.RateScripting;
+            return View(vm);
+        }
+
+        [HttpPost]
+        [Route("{storeId}/rates")]
+        public async Task<IActionResult> Rates(RatesViewModel model, string command = null)
+        {
+            model.SetExchangeRates(GetSupportedExchanges(), model.PreferredExchange);
+            if (!ModelState.IsValid)
+            {
+                return View(model);
+            }
+            if (model.PreferredExchange != null)
+                model.PreferredExchange = model.PreferredExchange.Trim().ToLowerInvariant();
+
+            var blob = StoreData.GetStoreBlob();
+            model.DefaultScript = blob.GetDefaultRateRules(_NetworkProvider).ToString();
+            model.AvailableExchanges = GetSupportedExchanges();
+
+            blob.PreferredExchange = model.PreferredExchange;
+            blob.SetRateMultiplier(model.RateMultiplier);
+
+            if (!model.ShowScripting)
+            {
+                if (!GetSupportedExchanges().Select(c => c.Name).Contains(blob.PreferredExchange, StringComparer.OrdinalIgnoreCase))
+                {
+                    ModelState.AddModelError(nameof(model.PreferredExchange), $"Unsupported exchange ({model.RateSource})");
+                    return View(model);
+                }
+            }
+            RateRules rules = null;
+            if (model.ShowScripting)
+            {
+                if (!RateRules.TryParse(model.Script, out rules, out var errors))
+                {
+                    errors = errors ?? new List<RateRulesErrors>();
+                    var errorString = String.Join(", ", errors.ToArray());
+                    ModelState.AddModelError(nameof(model.Script), $"Parsing error ({errorString})");
+                    return View(model);
+                }
+                else
+                {
+                    blob.RateScript = rules.ToString();
+                    ModelState.Remove(nameof(model.Script));
+                    model.Script = blob.RateScript;
+                }
+            }
+            rules = blob.GetRateRules(_NetworkProvider);
+
+            if (command == "Test")
+            {
+                if (string.IsNullOrWhiteSpace(model.ScriptTest))
+                {
+                    ModelState.AddModelError(nameof(model.ScriptTest), "Fill out currency pair to test for (like BTC_USD,BTC_CAD)");
+                    return View(model);
+                }
+                var splitted = model.ScriptTest.Split(',', StringSplitOptions.RemoveEmptyEntries);
+
+                var pairs = new List<CurrencyPair>();
+                foreach (var pair in splitted)
+                {
+                    if (!CurrencyPair.TryParse(pair, out var currencyPair))
+                    {
+                        ModelState.AddModelError(nameof(model.ScriptTest), $"Invalid currency pair '{pair}' (it should be formatted like BTC_USD,BTC_CAD)");
+                        return View(model);
+                    }
+                    pairs.Add(currencyPair);
+                }
+
+                var fetchs = _RateFactory.FetchRates(pairs.ToHashSet(), rules);
+                var testResults = new List<RatesViewModel.TestResultViewModel>();
+                foreach (var fetch in fetchs)
+                {
+                    var testResult = await (fetch.Value);
+                    testResults.Add(new RatesViewModel.TestResultViewModel()
+                    {
+                        CurrencyPair = fetch.Key.ToString(),
+                        Error = testResult.Errors.Count != 0,
+                        Rule = testResult.Errors.Count == 0 ? testResult.Rule + " = " + testResult.Value.Value.ToString(CultureInfo.InvariantCulture) 
+                                                            : testResult.EvaluatedRule
+                    });
+                }
+                model.TestRateRules = testResults;
+                return View(model);
+            }
+            else // command == Save
+            {
+                if (StoreData.SetStoreBlob(blob))
+                {
+                    await _Repo.UpdateStore(StoreData);
+                    StatusMessage = "Rate settings updated";
+                }
+                return RedirectToAction(nameof(Rates), new
+                {
+                    storeId = StoreData.Id
+                });
+            }
+        }
+
+        [HttpGet]
+        [Route("{storeId}/rates/confirm")]
+        public IActionResult ShowRateRules(bool scripting)
+        {
+            return View("Confirm", new ConfirmModel()
+            {
+                Action = "Continue",
+                Title = "Rate rule scripting",
+                Description = scripting ?
+                                "This action will mofify your current rate sources. Are you sure to turn on rate rules scripting? (Advanced users)"
+                                : "This action will delete your rate script. Are you sure to turn off rate rules scripting?",
+                ButtonClass = "btn-primary"
+            });
+        }
+
+        [HttpPost]
+        [Route("{storeId}/rates/confirm")]
+        public async Task<IActionResult> ShowRateRulesPost(bool scripting)
+        {
+            var blob = StoreData.GetStoreBlob();
+            blob.RateScripting = scripting;
+            blob.RateScript = blob.GetDefaultRateRules(_NetworkProvider).ToString();
+            StoreData.SetStoreBlob(blob);
+            await _Repo.UpdateStore(StoreData);
+            StatusMessage = "Rate rules scripting activated";
+            return RedirectToAction(nameof(Rates), new { storeId = StoreData.Id });
+        }
+
+        [HttpGet]
+        [Route("{storeId}/checkout")]
+        public IActionResult CheckoutExperience()
+        {
+            var storeBlob = StoreData.GetStoreBlob();
+            var vm = new CheckoutExperienceViewModel();
+            vm.SetCryptoCurrencies(_ExplorerProvider, StoreData.GetDefaultCrypto());
+            vm.SetLanguages(_LangService, storeBlob.DefaultLang);
+            vm.LightningMaxValue = storeBlob.LightningMaxValue?.ToString() ?? "";
+            vm.OnChainMinValue = storeBlob.OnChainMinValue?.ToString() ?? "";
+            vm.AllowCoinConversion = storeBlob.AllowCoinConversion;
+            vm.RequiresRefundEmail = storeBlob.RequiresRefundEmail;
+            vm.CustomCSS = storeBlob.CustomCSS?.AbsoluteUri;
+            vm.CustomLogo = storeBlob.CustomLogo?.AbsoluteUri;
+            vm.HtmlTitle = storeBlob.HtmlTitle;
+            return View(vm);
+        }
+
+        [HttpPost]
+        [Route("{storeId}/checkout")]
+        public async Task<IActionResult> CheckoutExperience(CheckoutExperienceViewModel model)
+        {
+            CurrencyValue lightningMaxValue = null;
+            if (!string.IsNullOrWhiteSpace(model.LightningMaxValue))
+            {
+                if (!CurrencyValue.TryParse(model.LightningMaxValue, out lightningMaxValue))
+                {
+                    ModelState.AddModelError(nameof(model.LightningMaxValue), "Invalid lightning max value");
+                }
+            }
+
+            CurrencyValue onchainMinValue = null;
+            if (!string.IsNullOrWhiteSpace(model.OnChainMinValue))
+            {
+                if (!CurrencyValue.TryParse(model.OnChainMinValue, out onchainMinValue))
+                {
+                    ModelState.AddModelError(nameof(model.OnChainMinValue), "Invalid on chain min value");
+                }
+            }
+            bool needUpdate = false;
+            var blob = StoreData.GetStoreBlob();
+            if (StoreData.GetDefaultCrypto() != model.DefaultCryptoCurrency)
+            {
+                needUpdate = true;
+                StoreData.SetDefaultCrypto(model.DefaultCryptoCurrency);
+            }
+            model.SetCryptoCurrencies(_ExplorerProvider, model.DefaultCryptoCurrency);
+            model.SetLanguages(_LangService, model.DefaultLang);
+
+            if (!ModelState.IsValid)
+            {
+                return View(model);
+            }
+            blob.DefaultLang = model.DefaultLang;
+            blob.AllowCoinConversion = model.AllowCoinConversion;
+            blob.RequiresRefundEmail = model.RequiresRefundEmail;
+            blob.LightningMaxValue = lightningMaxValue;
+            blob.OnChainMinValue = onchainMinValue;
+            blob.CustomLogo = string.IsNullOrWhiteSpace(model.CustomLogo) ? null : new Uri(model.CustomLogo, UriKind.Absolute);
+            blob.CustomCSS = string.IsNullOrWhiteSpace(model.CustomCSS) ? null : new Uri(model.CustomCSS, UriKind.Absolute);
+            blob.HtmlTitle = string.IsNullOrWhiteSpace(model.HtmlTitle) ? null : model.HtmlTitle;
+            if (StoreData.SetStoreBlob(blob))
+            {
+                needUpdate = true;
+            }
+            if (needUpdate)
+            {
+                await _Repo.UpdateStore(StoreData);
+                StatusMessage = "Store successfully updated";
+            }
+
+            return RedirectToAction(nameof(CheckoutExperience), new
+            {
+                storeId = StoreData.Id
+            });
+        }
+
+        [HttpGet]
+        [Route("{storeId}")]
+        public IActionResult UpdateStore()
+        {
+            var store = HttpContext.GetStoreData();
             if (store == null)
                 return NotFound();
 
@@ -195,19 +424,14 @@ namespace BTCPayServer.Controllers
             var vm = new StoreViewModel();
             vm.Id = store.Id;
             vm.StoreName = store.StoreName;
-            vm.SetCryptoCurrencies(_ExplorerProvider, store.GetDefaultCrypto());
-            vm.SetLanguages(_LangService, storeBlob.DefaultLang);
             vm.StoreWebsite = store.StoreWebsite;
             vm.NetworkFee = !storeBlob.NetworkFeeDisabled;
-            vm.LightningMaxValue = storeBlob.LightningMaxValue?.ToString() ?? "";
             vm.SpeedPolicy = store.SpeedPolicy;
             AddPaymentMethods(store, vm);
-            vm.StatusMessage = StatusMessage;
             vm.MonitoringExpiration = storeBlob.MonitoringExpiration;
             vm.InvoiceExpiration = storeBlob.InvoiceExpiration;
-            vm.RateMultiplier = (double)storeBlob.GetRateMultiplier();
-            vm.PreferredExchange = storeBlob.PreferredExchange.IsCoinAverage() ? "coinaverage" : storeBlob.PreferredExchange;
-            vm.AllowCoinConversion = storeBlob.AllowCoinConversion;
+            vm.LightningDescriptionTemplate = storeBlob.LightningDescriptionTemplate;
+            vm.PaymentTolerance = storeBlob.PaymentTolerance;
             return View(vm);
         }
 
@@ -247,108 +471,72 @@ namespace BTCPayServer.Controllers
 
         [HttpPost]
         [Route("{storeId}")]
-        public async Task<IActionResult> UpdateStore(string storeId, StoreViewModel model)
+        public async Task<IActionResult> UpdateStore(StoreViewModel model)
         {
-            CurrencyValue currencyValue = null;
-            if (!string.IsNullOrWhiteSpace(model.LightningMaxValue))
-            {
-                if(!CurrencyValue.TryParse(model.LightningMaxValue, out currencyValue))
-                {
-                    ModelState.AddModelError(nameof(model.LightningMaxValue), "Invalid currency value");
-                }
-            }
-            if (!ModelState.IsValid)
-            {
-                return View(model);
-            }
-            if (model.PreferredExchange != null)
-                model.PreferredExchange = model.PreferredExchange.Trim().ToLowerInvariant();
-            var store = await _Repo.FindStore(storeId, GetUserId());
-            if (store == null)
-                return NotFound();
-            AddPaymentMethods(store, model);
+            AddPaymentMethods(StoreData, model);
 
             bool needUpdate = false;
-            if (store.SpeedPolicy != model.SpeedPolicy)
+            if (StoreData.SpeedPolicy != model.SpeedPolicy)
             {
                 needUpdate = true;
-                store.SpeedPolicy = model.SpeedPolicy;
+                StoreData.SpeedPolicy = model.SpeedPolicy;
             }
-            if (store.StoreName != model.StoreName)
+            if (StoreData.StoreName != model.StoreName)
             {
                 needUpdate = true;
-                store.StoreName = model.StoreName;
+                StoreData.StoreName = model.StoreName;
             }
-            if (store.StoreWebsite != model.StoreWebsite)
+            if (StoreData.StoreWebsite != model.StoreWebsite)
             {
                 needUpdate = true;
-                store.StoreWebsite = model.StoreWebsite;
+                StoreData.StoreWebsite = model.StoreWebsite;
             }
 
-            if (store.GetDefaultCrypto() != model.DefaultCryptoCurrency)
-            {
-                needUpdate = true;
-                store.SetDefaultCrypto(model.DefaultCryptoCurrency);
-            }
-            model.SetCryptoCurrencies(_ExplorerProvider, model.DefaultCryptoCurrency);
-            model.SetLanguages(_LangService, model.DefaultLang);
-
-            var blob = store.GetStoreBlob();
+            var blob = StoreData.GetStoreBlob();
             blob.NetworkFeeDisabled = !model.NetworkFee;
             blob.MonitoringExpiration = model.MonitoringExpiration;
             blob.InvoiceExpiration = model.InvoiceExpiration;
-            blob.DefaultLang = model.DefaultLang;
-            blob.LightningMaxValue = currencyValue;
+            blob.LightningDescriptionTemplate = model.LightningDescriptionTemplate ?? string.Empty;
+            blob.PaymentTolerance = model.PaymentTolerance;
 
-            bool newExchange = blob.PreferredExchange != model.PreferredExchange;
-            blob.PreferredExchange = model.PreferredExchange;
-
-            blob.SetRateMultiplier(model.RateMultiplier);
-            blob.AllowCoinConversion = model.AllowCoinConversion;
-
-            if (store.SetStoreBlob(blob))
+            if (StoreData.SetStoreBlob(blob))
             {
                 needUpdate = true;
             }
 
-            if (!blob.PreferredExchange.IsCoinAverage() && newExchange)
-            {
-                using (HttpClient client = new HttpClient())
-                {
-                    var rate = await client.GetAsync(model.RateSource);
-                    if (rate.StatusCode == System.Net.HttpStatusCode.NotFound)
-                    {
-                        ModelState.AddModelError(nameof(model.PreferredExchange), $"Unsupported exchange ({model.RateSource})");
-                        return View(model);
-                    }
-                }
-            }
-
             if (needUpdate)
             {
-                await _Repo.UpdateStore(store);
+                await _Repo.UpdateStore(StoreData);
                 StatusMessage = "Store successfully updated";
             }
 
             return RedirectToAction(nameof(UpdateStore), new
             {
-                storeId = storeId
+                storeId = StoreData.Id
             });
         }
 
+        private CoinAverageExchange[] GetSupportedExchanges()
+        {
+            return _CoinAverage.AvailableExchanges
+                    .Select(c => c.Value)
+                    .OrderBy(s => s.Name, StringComparer.OrdinalIgnoreCase)
+                    .ToArray();
+        }
+
         private DerivationStrategy ParseDerivationStrategy(string derivationScheme, Script hint, BTCPayNetwork network)
         {
-            var parser = new DerivationSchemeParser(network.NBitcoinNetwork, network.DefaultSettings.ChainType);
+            var parser = new DerivationSchemeParser(network.NBitcoinNetwork);
             parser.HintScriptPubKey = hint;
             return new DerivationStrategy(parser.Parse(derivationScheme), network);
         }
 
         [HttpGet]
         [Route("{storeId}/Tokens")]
-        public async Task<IActionResult> ListTokens(string storeId)
+        public async Task<IActionResult> ListTokens()
         {
             var model = new TokensViewModel();
-            var tokens = await _TokenRepository.GetTokensByStoreIdAsync(storeId);
+            var tokens = await _TokenRepository.GetTokensByStoreIdAsync(StoreData.Id);
             model.StatusMessage = StatusMessage;
             model.Tokens = tokens.Select(t => new TokenViewModel()
             {
@@ -357,30 +545,43 @@ namespace BTCPayServer.Controllers
                 SIN = t.SIN,
                 Id = t.Value
             }).ToArray();
+
+            model.ApiKey = (await _TokenRepository.GetLegacyAPIKeys(StoreData.Id)).FirstOrDefault();
+            if (model.ApiKey == null)
+                model.EncodedApiKey = "*API Key*";
+            else
+                model.EncodedApiKey = Encoders.Base64.EncodeData(Encoders.ASCII.DecodeData(model.ApiKey));
             return View(model);
         }
 
         [HttpPost]
         [Route("/api-tokens")]
         [Route("{storeId}/Tokens/Create")]
-        public async Task<IActionResult> CreateToken(string storeId, CreateTokenViewModel model)
+        [AllowAnonymous]
+        public async Task<IActionResult> CreateToken(CreateTokenViewModel model)
         {
             if (!ModelState.IsValid)
             {
                 return View(model);
             }
             model.Label = model.Label ?? String.Empty;
-            storeId = model.StoreId ?? storeId;
             var userId = GetUserId();
             if (userId == null)
-                return Unauthorized();
-            var store = await _Repo.FindStore(storeId, userId);
-            if (store == null)
-                return Unauthorized();
-            if (store.Role != StoreRoles.Owner)
+                return Challenge(Policies.CookieAuthentication);
+
+            var store = StoreData;
+            var storeId = StoreData?.Id;
+            if (storeId == null)
             {
-                StatusMessage = "Error: You need to be owner of this store to request pairing codes";
-                return RedirectToAction(nameof(UserStoresController.ListStores), "UserStores");
+                storeId = model.StoreId;
+                store = await _Repo.FindStore(storeId, userId);
+                if (store == null)
+                    return Challenge(Policies.CookieAuthentication);
+            }
+
+            if (!store.HasClaim(Policies.CanModifyStoreSettings.Key))
+            {
+                return Challenge(Policies.CookieAuthentication);
             }
 
             var tokenRequest = new TokenRequest()
@@ -421,11 +622,20 @@ namespace BTCPayServer.Controllers
         [HttpGet]
         [Route("/api-tokens")]
         [Route("{storeId}/Tokens/Create")]
-        public async Task<IActionResult> CreateToken(string storeId)
+        [AllowAnonymous]
+        public async Task<IActionResult> CreateToken()
         {
             var userId = GetUserId();
             if (string.IsNullOrWhiteSpace(userId))
-                return Unauthorized();
+                return Challenge(Policies.CookieAuthentication);
+            var storeId = StoreData?.Id;
+            if (StoreData != null)
+            {
+                if (!StoreData.HasClaim(Policies.CanModifyStoreSettings.Key))
+                {
+                    return Challenge(Policies.CookieAuthentication);
+                }
+            }
             var model = new CreateTokenViewModel();
             model.Facade = "merchant";
             ViewBag.HidePublicKey = storeId == null;
@@ -434,20 +644,25 @@ namespace BTCPayServer.Controllers
             model.StoreId = storeId;
             if (storeId == null)
             {
-                model.Stores = new SelectList(await _Repo.GetStoresByUserId(userId), nameof(StoreData.Id), nameof(StoreData.StoreName), storeId);
+                var stores = await _Repo.GetStoresByUserId(userId);
+                model.Stores = new SelectList(stores.Where(s => s.HasClaim(Policies.CanModifyStoreSettings.Key)), nameof(StoreData.Id), nameof(StoreData.StoreName), storeId);
+                if (model.Stores.Count() == 0)
+                {
+                    StatusMessage = "Error: You need to be owner of at least one store before pairing";
+                    return RedirectToAction(nameof(UserStoresController.ListStores), "UserStores");
+                }
             }
-
             return View(model);
         }
 
 
         [HttpPost]
         [Route("{storeId}/Tokens/Delete")]
-        public async Task<IActionResult> DeleteToken(string storeId, string tokenId)
+        public async Task<IActionResult> DeleteToken(string tokenId)
         {
             var token = await _TokenRepository.GetToken(tokenId);
             if (token == null ||
-                token.StoreId != storeId ||
+                token.StoreId != StoreData.Id ||
                !await _TokenRepository.DeleteToken(tokenId))
                 StatusMessage = "Failure to revoke this token";
             else
@@ -455,11 +670,26 @@ namespace BTCPayServer.Controllers
             return RedirectToAction(nameof(ListTokens));
         }
 
+        [HttpPost]
+        [Route("{storeId}/tokens/apikey")]
+        public async Task<IActionResult> GenerateAPIKey()
+        {
+            var store = HttpContext.GetStoreData();
+            if (store == null)
+                return NotFound();
+            await _TokenRepository.GenerateLegacyAPIKey(StoreData.Id);
+            StatusMessage = "API Key re-generated";
+            return RedirectToAction(nameof(ListTokens));
+        }
 
         [HttpGet]
         [Route("/api-access-request")]
+        [AllowAnonymous]
         public async Task<IActionResult> RequestPairing(string pairingCode, string selectedStore = null)
         {
+            var userId = GetUserId();
+            if (userId == null)
+                return Challenge(Policies.CookieAuthentication);
             if (pairingCode == null)
                 return NotFound();
             var pairing = await _TokenRepository.GetPairingAsync(pairingCode);
@@ -470,7 +700,7 @@ namespace BTCPayServer.Controllers
             }
             else
             {
-                var stores = await _Repo.GetStoresByUserId(GetUserId());
+                var stores = await _Repo.GetStoresByUserId(userId);
                 return View(new PairingModel()
                 {
                     Id = pairing.Id,
@@ -478,7 +708,7 @@ namespace BTCPayServer.Controllers
                     Label = pairing.Label,
                     SIN = pairing.SIN ?? "Server-Initiated Pairing",
                     SelectedStore = selectedStore ?? stores.FirstOrDefault()?.Id,
-                    Stores = stores.Select(s => new PairingModel.StoreViewModel()
+                    Stores = stores.Where(u => u.HasClaim(Policies.CanModifyStoreSettings.Key)).Select(s => new PairingModel.StoreViewModel()
                     {
                         Id = s.Id,
                         Name = string.IsNullOrEmpty(s.StoreName) ? s.Id : s.StoreName
@@ -489,19 +719,22 @@ namespace BTCPayServer.Controllers
 
         [HttpPost]
         [Route("/api-access-request")]
+        [AllowAnonymous]
         public async Task<IActionResult> Pair(string pairingCode, string selectedStore)
         {
             if (pairingCode == null)
                 return NotFound();
-            var store = await _Repo.FindStore(selectedStore, GetUserId());
+            var userId = GetUserId();
+            if (userId == null)
+                return Challenge(Policies.CookieAuthentication);
+            var store = await _Repo.FindStore(selectedStore, userId);
             var pairing = await _TokenRepository.GetPairingAsync(pairingCode);
             if (store == null || pairing == null)
                 return NotFound();
 
-            if (store.Role != StoreRoles.Owner)
+            if (!store.HasClaim(Policies.CanModifyStoreSettings.Key))
             {
-                StatusMessage = "Error: You can't approve a pairing without being owner of the store";
-                return RedirectToAction(nameof(UserStoresController.ListStores), "UserStores");
+                return Challenge(Policies.CookieAuthentication);
             }
 
             var pairingResult = await _TokenRepository.PairWithStoreAsync(pairingCode, store.Id);
@@ -527,6 +760,8 @@ namespace BTCPayServer.Controllers
 
         private string GetUserId()
         {
+            if (User.Identity.AuthenticationType != Policies.CookieAuthentication)
+                return null;
             return _UserManager.GetUserId(User);
         }
     }

BTCPayServer/Controllers/UserStoresController.cs

@@ -5,6 +5,7 @@ using System.Threading;
 using System.Threading.Tasks;
 using BTCPayServer.Models;
 using BTCPayServer.Models.StoreViewModels;
+using BTCPayServer.Security;
 using BTCPayServer.Services.Stores;
 using BTCPayServer.Services.Wallets;
 using Microsoft.AspNetCore.Authorization;
@@ -15,7 +16,7 @@ using NBXplorer.DerivationStrategy;
 namespace BTCPayServer.Controllers
 {
     [Route("stores")]
-    [Authorize(AuthenticationSchemes = "Identity.Application")]
+    [Authorize(AuthenticationSchemes = Policies.CookieAuthentication)]
     [AutoValidateAntiforgeryToken]
     public partial class UserStoresController : Controller
     {
@@ -37,9 +38,9 @@ namespace BTCPayServer.Controllers
         }
         [HttpGet]
         [Route("{storeId}/delete")]
-        public async Task<IActionResult> DeleteStore(string storeId)
+        public IActionResult DeleteStore(string storeId)
         {
-            var store = await _Repo.FindStore(storeId, GetUserId());
+            var store = HttpContext.GetStoreData();
             if (store == null)
                 return NotFound();
             return View("Confirm", new ConfirmModel()
@@ -67,7 +68,7 @@ namespace BTCPayServer.Controllers
         public async Task<IActionResult> DeleteStorePost(string storeId)
         {
             var userId = GetUserId();
-            var store = await _Repo.FindStore(storeId, GetUserId());
+            var store = HttpContext.GetStoreData();
             if (store == null)
                 return NotFound();
             await _Repo.RemoveStore(storeId, userId);
@@ -102,8 +103,8 @@ namespace BTCPayServer.Controllers
                     Id = store.Id,
                     Name = store.StoreName,
                     WebSite = store.StoreWebsite,
-                    IsOwner = store.Role == StoreRoles.Owner,
-                    Balances = store.Role == StoreRoles.Owner ? balances[i].Select(t => t.Result).ToArray() : Array.Empty<string>()
+                    IsOwner = store.HasClaim(Policies.CanModifyStoreSettings.Key),
+                    Balances = store.HasClaim(Policies.CanModifyStoreSettings.Key) ? balances[i].Select(t => t.Result).ToArray() : Array.Empty<string>()
                 });
             }
             return View(result);

BTCPayServer/Data/APIKeyData.cs

@@ -0,0 +1,23 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Data
+{
+    public class APIKeyData
+    {
+        [MaxLength(50)]
+        public string Id
+        {
+            get; set;
+        }
+
+        [MaxLength(50)]
+        public string StoreId
+        {
+            get; set;
+        }
+    }
+}

BTCPayServer/Data/AppData.cs

@@ -0,0 +1,40 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Newtonsoft.Json;
+
+namespace BTCPayServer.Data
+{
+    public class AppData
+    {
+        public string Id { get; set; }
+        public string Name { get; set; }
+        public string StoreDataId
+        {
+            get; set;
+        }
+        public string AppType { get; set; }
+        public StoreData StoreData
+        {
+            get; set;
+        }
+        public DateTimeOffset Created
+        {
+            get; set;
+        }
+        public string Settings { get; set; }
+
+        public T GetSettings<T>() where T : class, new()
+        {
+            if (String.IsNullOrEmpty(Settings))
+                return new T();
+            return JsonConvert.DeserializeObject<T>(Settings);
+        }
+
+        public void SetSettings(object value)
+        {
+            Settings = value == null ? null : JsonConvert.SerializeObject(value);
+        }
+    }
+}

BTCPayServer/Data/ApplicationDbContext.cs

@@ -26,6 +26,11 @@ namespace BTCPayServer.Data
             get; set;
         }
 
+        public DbSet<AppData> Apps
+        {
+            get; set;
+        }
+
         public DbSet<InvoiceEventData> InvoiceEvents
         {
             get; set;
@@ -81,6 +86,11 @@ namespace BTCPayServer.Data
             get; set;
         }
 
+        public DbSet<APIKeyData> ApiKeys
+        {
+            get; set;
+        }
+
         protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
         {
             var isConfigured = optionsBuilder.Options.Extensions.OfType<RelationalOptionsExtension>().Any();
@@ -107,6 +117,12 @@ namespace BTCPayServer.Data
                        t.StoreDataId
                    });
 
+            builder.Entity<APIKeyData>()
+                .HasIndex(o => o.StoreId);
+
+            builder.Entity<AppData>()
+                    .HasOne(a => a.StoreData);
+
             builder.Entity<UserStore>()
                  .HasOne(pt => pt.ApplicationUser)
                  .WithMany(p => p.UserStores)

BTCPayServer/Data/StoreData.cs

@@ -14,6 +14,11 @@ using Newtonsoft.Json.Linq;
 using BTCPayServer.Services.Rates;
 using BTCPayServer.Payments;
 using BTCPayServer.JsonConverters;
+using System.ComponentModel.DataAnnotations;
+using BTCPayServer.Services;
+using System.Security.Claims;
+using BTCPayServer.Security;
+using BTCPayServer.Rating;
 
 namespace BTCPayServer.Data
 {
@@ -30,6 +35,11 @@ namespace BTCPayServer.Data
             get; set;
         }
 
+        public List<AppData> Apps
+        {
+            get; set;
+        }
+
         [Obsolete("Use GetDerivationStrategies instead")]
         public string DerivationStrategy
         {
@@ -115,7 +125,7 @@ namespace BTCPayServer.Data
                 }
             }
 
-            if(!existing && supportedPaymentMethod == null && paymentMethodId.IsBTCOnChain)
+            if (!existing && supportedPaymentMethod == null && paymentMethodId.IsBTCOnChain)
             {
                 DerivationStrategy = null;
             }
@@ -146,10 +156,35 @@ namespace BTCPayServer.Data
         }
 
         [NotMapped]
+        [Obsolete]
         public string Role
         {
             get; set;
         }
+
+        public Claim[] GetClaims()
+        {
+            List<Claim> claims = new List<Claim>();
+#pragma warning disable CS0612 // Type or member is obsolete
+            var role = Role;
+#pragma warning restore CS0612 // Type or member is obsolete
+            if (role == StoreRoles.Owner)
+            {
+                claims.Add(new Claim(Policies.CanModifyStoreSettings.Key, Id));
+                claims.Add(new Claim(Policies.CanUseStore.Key, Id));
+            }
+            if (role == StoreRoles.Guest)
+            {
+                claims.Add(new Claim(Policies.CanUseStore.Key, Id));
+            }
+            return claims.ToArray();
+        }
+
+        public bool HasClaim(string claim)
+        {
+            return GetClaims().Any(c => c.Type == claim);
+        }
+
         public byte[] StoreBlob
         {
             get;
@@ -173,7 +208,10 @@ namespace BTCPayServer.Data
 
         public StoreBlob GetStoreBlob()
         {
-            return StoreBlob == null ? new StoreBlob() : new Serializer(Dummy).ToObject<StoreBlob>(Encoding.UTF8.GetString(StoreBlob));
+            var result = StoreBlob == null ? new StoreBlob() : new Serializer(Dummy).ToObject<StoreBlob>(Encoding.UTF8.GetString(StoreBlob));
+            if (result.PreferredExchange == null)
+                result.PreferredExchange = CoinAverageRateProvider.CoinAverageName;
+            return result;
         }
 
         public bool SetStoreBlob(StoreBlob storeBlob)
@@ -187,9 +225,9 @@ namespace BTCPayServer.Data
         }
     }
 
-    public class RateRule
+    public class RateRule_Obsolete
     {
-        public RateRule()
+        public RateRule_Obsolete()
         {
             RuleName = "Multiplier";
         }
@@ -209,6 +247,8 @@ namespace BTCPayServer.Data
         {
             InvoiceExpiration = 15;
             MonitoringExpiration = 60;
+            PaymentTolerance = 0;
+            RequiresRefundEmail = true;
         }
         public bool NetworkFeeDisabled
         {
@@ -218,6 +258,9 @@ namespace BTCPayServer.Data
         {
             get; set;
         }
+
+        public bool RequiresRefundEmail { get; set; }
+
         public string DefaultLang { get; set; }
         [DefaultValue(60)]
         [JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
@@ -237,8 +280,8 @@ namespace BTCPayServer.Data
 
         public void SetRateMultiplier(double rate)
         {
-            RateRules = new List<RateRule>();
-            RateRules.Add(new RateRule() { Multiplier = rate });
+            RateRules = new List<RateRule_Obsolete>();
+            RateRules.Add(new RateRule_Obsolete() { Multiplier = rate });
         }
         public decimal GetRateMultiplier()
         {
@@ -252,36 +295,80 @@ namespace BTCPayServer.Data
             return rate;
         }
 
-        public List<RateRule> RateRules { get; set; } = new List<RateRule>();
+        public List<RateRule_Obsolete> RateRules { get; set; } = new List<RateRule_Obsolete>();
         public string PreferredExchange { get; set; }
 
         [JsonConverter(typeof(CurrencyValueJsonConverter))]
         public CurrencyValue LightningMaxValue { get; set; }
+        [JsonConverter(typeof(CurrencyValueJsonConverter))]
+        public CurrencyValue OnChainMinValue { get; set; }
 
-        public IRateProvider ApplyRateRules(BTCPayNetwork network, IRateProvider rateProvider)
+        [JsonConverter(typeof(UriJsonConverter))]
+        public Uri CustomLogo { get; set; }
+        [JsonConverter(typeof(UriJsonConverter))]
+        public Uri CustomCSS { get; set; }
+        public string HtmlTitle { get; set; }
+
+        public bool RateScripting { get; set; }
+
+        public string RateScript { get; set; }
+
+
+        string _LightningDescriptionTemplate;
+        public string LightningDescriptionTemplate
         {
-            if (!PreferredExchange.IsCoinAverage())
+            get
             {
-                // If the original rateProvider is a cache, use the same inner provider as fallback, and same memory cache to wrap it all
-                if (rateProvider is CachedRateProvider cachedRateProvider)
+                return _LightningDescriptionTemplate ?? "Paid to {StoreName} (Order ID: {OrderId})";
+            }
+            set
+            {
+                _LightningDescriptionTemplate = value;
+            }
+        }
+
+        [DefaultValue(0)]
+        [JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
+        public double PaymentTolerance { get; set; }
+
+        public BTCPayServer.Rating.RateRules GetRateRules(BTCPayNetworkProvider networkProvider)
+        {
+            if (!RateScripting || 
+                string.IsNullOrEmpty(RateScript) || 
+                !BTCPayServer.Rating.RateRules.TryParse(RateScript, out var rules))
+            {
+                return GetDefaultRateRules(networkProvider);
+            }
+            else
+            {
+                rules.GlobalMultiplier = GetRateMultiplier();
+                return rules;
+            }
+        }
+
+        public RateRules GetDefaultRateRules(BTCPayNetworkProvider networkProvider)
+        {
+            StringBuilder builder = new StringBuilder();
+            foreach (var network in networkProvider.GetAll())
+            {
+                if (network.DefaultRateRules.Length != 0)
                 {
-                    rateProvider = new FallbackRateProvider(new IRateProvider[] {
-                        new CoinAverageRateProvider(network.CryptoCode) { Exchange = PreferredExchange },
-                        cachedRateProvider.Inner
-                    });
-                    rateProvider = new CachedRateProvider(network.CryptoCode, rateProvider, cachedRateProvider.MemoryCache) { AdditionalScope = PreferredExchange };
-                }
-                else
-                {
-                    rateProvider = new FallbackRateProvider(new IRateProvider[] {
-                        new CoinAverageRateProvider(network.CryptoCode) { Exchange = PreferredExchange },
-                        rateProvider
-                    });
+                    builder.AppendLine($"// Default rate rules for {network.CryptoCode}");
+                    foreach (var line in network.DefaultRateRules)
+                    {
+                        builder.AppendLine(line);
+                    }
+                    builder.AppendLine($"////////");
+                    builder.AppendLine();
                 }
             }
-            if (RateRules == null || RateRules.Count == 0)
-                return rateProvider;
-            return new TweakRateProvider(network, rateProvider, RateRules.ToList());
+
+            var preferredExchange = string.IsNullOrEmpty(PreferredExchange) ? "coinaverage" : PreferredExchange;
+            builder.AppendLine($"X_X = {preferredExchange}(X_X);");
+
+            BTCPayServer.Rating.RateRules.TryParse(builder.ToString(), out var rules);
+            rules.GlobalMultiplier = GetRateMultiplier();
+            return rules;
         }
     }
 }

BTCPayServer/DerivationSchemeParser.cs

@@ -13,13 +13,11 @@ namespace BTCPayServer
     public class DerivationSchemeParser
     {
         public Network Network { get; set; }
-        public ChainType ChainType { get; set; }
         public Script HintScriptPubKey { get; set; }
 
-        public DerivationSchemeParser(Network expectedNetwork, ChainType chainType)
+        public DerivationSchemeParser(Network expectedNetwork)
         {
             Network = expectedNetwork;
-            ChainType = chainType;
         }
 
         public DerivationStrategyBase Parse(string str)
@@ -43,6 +41,9 @@ namespace BTCPayServer
                 }
             }
 
+            if(!Network.Consensus.SupportSegwit)
+                hintedLabels.Add("legacy");
+
             try
             {
                 var result = new DerivationStrategyFactory(Network).Parse(str);
@@ -75,7 +76,7 @@ namespace BTCPayServer
                     if (data.Length < 4)
                         continue;
                     var prefix = Utils.ToUInt32(data, false);
-                    var standardPrefix = Utils.ToBytes(ChainType == NBXplorer.ChainType.Main ? 0x0488b21eU : 0x043587cf, false);
+                    var standardPrefix = Utils.ToBytes(Network.NetworkType == NetworkType.Mainnet ? 0x0488b21eU : 0x043587cf, false);
                     for (int ii = 0; ii < 4; ii++)
                         data[ii] = standardPrefix[ii];
 

BTCPayServer/Extensions.cs

@@ -25,11 +25,49 @@ using System.Net.WebSockets;
 using BTCPayServer.Services.Invoices;
 using NBitpayClient;
 using BTCPayServer.Payments;
+using Microsoft.AspNetCore.Identity;
+using BTCPayServer.Models;
+using System.Security.Claims;
+using System.Globalization;
+using BTCPayServer.Services;
+using BTCPayServer.Data;
 
 namespace BTCPayServer
 {
     public static class Extensions
     {
+        public static string Prettify(this TimeSpan timeSpan)
+        {
+            if (timeSpan.TotalMinutes < 1)
+            {
+                return $"{(int)timeSpan.TotalSeconds} second{Plural((int)timeSpan.TotalSeconds)}";
+            }
+            if (timeSpan.TotalHours < 1)
+            {
+                return $"{(int)timeSpan.TotalMinutes} minute{Plural((int)timeSpan.TotalMinutes)}";
+            }
+            if (timeSpan.Days < 1)
+            {
+                return $"{(int)timeSpan.TotalHours} hour{Plural((int)timeSpan.TotalHours)}";
+            }
+            return $"{(int)timeSpan.TotalDays} day{Plural((int)timeSpan.TotalDays)}";
+        }
+
+        private static string Plural(int totalDays)
+        {
+            return totalDays > 1 ? "s" : string.Empty;
+        }
+
+        public static string PrettyPrint(this TimeSpan expiration)
+        {
+            StringBuilder builder = new StringBuilder();
+            if (expiration.Days >= 1)
+                builder.Append(expiration.Days.ToString(CultureInfo.InvariantCulture));
+            if (expiration.Hours >= 1)
+                builder.Append(expiration.Hours.ToString("00", CultureInfo.InvariantCulture));
+            builder.Append($"{expiration.Minutes.ToString("00", CultureInfo.InvariantCulture)}:{expiration.Seconds.ToString("00", CultureInfo.InvariantCulture)}");
+            return builder.ToString();
+        }
         public static decimal RoundUp(decimal value, int precision)
         {
             for (int i = 0; i < precision; i++)
@@ -66,12 +104,6 @@ namespace BTCPayServer
             return activeProvider != "Microsoft.EntityFrameworkCore.Sqlite";
         }
 
-        public static bool IsCoinAverage(this string exchangeName)
-        {
-            string[] coinAverages = new[] { "coinaverage", "bitcoinaverage" };
-            return String.IsNullOrWhiteSpace(exchangeName) ? true : coinAverages.Contains(exchangeName, StringComparer.OrdinalIgnoreCase) ? true : false;
-        }
-
         public static async Task<Dictionary<uint256, TransactionResult>> GetTransactions(this BTCPayWallet client, uint256[] hashes, CancellationToken cts = default(CancellationToken))
         {
             hashes = hashes.Distinct().ToArray();
@@ -97,6 +129,14 @@ namespace BTCPayServer
                         request.PathBase.ToUriComponent());
         }
 
+        public static string GetAbsoluteUri(this HttpRequest request, string redirectUrl)
+        {
+            bool isRelative = 
+                (redirectUrl.Length > 0 && redirectUrl[0] == '/')
+                || !new Uri(redirectUrl, UriKind.RelativeOrAbsolute).IsAbsoluteUri;
+            return isRelative ? request.GetAbsoluteRoot() + redirectUrl : redirectUrl;
+        }
+
         public static IServiceCollection ConfigureBTCPayServer(this IServiceCollection services, IConfiguration conf)
         {
             services.Configure<BTCPayServerOptions>(o =>
@@ -106,12 +146,52 @@ namespace BTCPayServer
             return services;
         }
 
-
-        public static BitIdentity GetBitIdentity(this Controller controller, bool throws = true)
+        public static string GetSIN(this ClaimsPrincipal principal)
         {
-            if (!(controller.User.Identity is BitIdentity))
-                return throws ? throw new UnauthorizedAccessException("no-bitid") : (BitIdentity)null;
-            return (BitIdentity)controller.User.Identity;
+            return principal.Claims.Where(c => c.Type == Claims.SIN).Select(c => c.Value).FirstOrDefault();
+        }
+
+        public static string GetStoreId(this ClaimsPrincipal principal)
+        {
+            return principal.Claims.Where(c => c.Type == Claims.OwnStore).Select(c => c.Value).FirstOrDefault();
+        }
+
+        public static void SetIsBitpayAPI(this HttpContext ctx, bool value)
+        {
+            NBitcoin.Extensions.TryAdd(ctx.Items, "IsBitpayAPI", value);
+        }
+
+        public static void AddRange<T>(this HashSet<T> hashSet, IEnumerable<T> items)
+        {
+            foreach(var item in items)
+            {
+                hashSet.Add(item);
+            }
+        }
+        public static bool GetIsBitpayAPI(this HttpContext ctx)
+        {
+            return ctx.Items.TryGetValue("IsBitpayAPI", out object obj) &&
+                  obj is bool b && b;
+        }
+
+        public static void SetBitpayAuth(this HttpContext ctx, (string Signature, String Id, String Authorization) value)
+        {
+            NBitcoin.Extensions.TryAdd(ctx.Items, "BitpayAuth", value);
+        }
+
+        public static (string Signature, String Id, String Authorization) GetBitpayAuth(this HttpContext ctx)
+        {
+            ctx.Items.TryGetValue("BitpayAuth", out object obj);
+            return ((string Signature, String Id, String Authorization))obj;
+        }
+
+        public static StoreData GetStoreData(this HttpContext ctx)
+        {
+            return ctx.Items.TryGet("BTCPAY.STOREDATA") as StoreData;
+        }
+        public static void SetStoreData(this HttpContext ctx, StoreData storeData)
+        {
+            ctx.Items["BTCPAY.STOREDATA"] = storeData;
         }
 
         private static JsonSerializerSettings jsonSettings = new JsonSerializerSettings { ContractResolver = new CamelCasePropertyNamesContractResolver() };
@@ -120,13 +200,5 @@ namespace BTCPayServer
             var res = JsonConvert.SerializeObject(o, Formatting.None, jsonSettings);
             return res;
         }
-
-        public static HtmlString ToJSVariableModel(this object o, string variableName)
-        {
-            var encodedJson = JavaScriptEncoder.Default.Encode(o.ToJson());
-            return new HtmlString($"var {variableName} = JSON.parse('" + encodedJson + "');");
-        }
-
-
     }
 }

BTCPayServer/Filters/OnlyMediaTypeAttribute.cs

@@ -43,9 +43,7 @@ namespace BTCPayServer.Filters
 
         public bool Accept(ActionConstraintContext context)
         {
-            var hasVersion = context.RouteContext.HttpContext.Request.Headers["x-accept-version"].Where(h => h == "2.0.0").Any();
-            var hasIdentity = context.RouteContext.HttpContext.Request.Headers["x-identity"].Any();
-            return (hasVersion || hasIdentity) == IsBitpayAPI;
+            return context.RouteContext.HttpContext.GetIsBitpayAPI() == IsBitpayAPI;
         }
     }
 

BTCPayServer/HostedServices/BaseAsyncService.cs

@@ -0,0 +1,66 @@
+using System;
+using Microsoft.Extensions.Logging;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading;
+using System.Threading.Tasks;
+using BTCPayServer.Services;
+using BTCPayServer.Services.Rates;
+using Microsoft.Extensions.Hosting;
+using BTCPayServer.Logging;
+using System.Runtime.CompilerServices;
+using System.IO;
+using System.Text;
+
+namespace BTCPayServer.HostedServices
+{
+    public abstract class BaseAsyncService : IHostedService
+    {
+        private CancellationTokenSource _Cts;
+        protected Task[] _Tasks;
+
+        public Task StartAsync(CancellationToken cancellationToken)
+        {
+            _Cts = new CancellationTokenSource();
+            _Tasks = InitializeTasks();
+            return Task.CompletedTask;
+        }
+
+        internal abstract Task[] InitializeTasks();
+
+        protected CancellationToken Cancellation
+        {
+            get { return _Cts.Token; }
+        }
+
+        protected async Task CreateLoopTask(Func<Task> act, [CallerMemberName]string caller = null)
+        {
+            await new SynchronizationContextRemover();
+            while (!_Cts.IsCancellationRequested)
+            {
+                try
+                {
+                    await act();
+                }
+                catch (OperationCanceledException) when (_Cts.IsCancellationRequested)
+                {
+                }
+                catch (Exception ex)
+                {
+                    Logs.PayServer.LogWarning(ex, caller + " failed");
+                    try
+                    {
+                        await Task.Delay(TimeSpan.FromMinutes(1), _Cts.Token);
+                    }
+                    catch (OperationCanceledException) when (_Cts.IsCancellationRequested) { }
+                }
+            }
+        }
+
+        public Task StopAsync(CancellationToken cancellationToken)
+        {
+            _Cts.Cancel();
+            return Task.WhenAll(_Tasks);
+        }
+    }
+}

BTCPayServer/HostedServices/CssThemeManager.cs

@@ -0,0 +1,74 @@
+using System;
+using Microsoft.Extensions.Logging;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading;
+using System.Threading.Tasks;
+using BTCPayServer.Logging;
+using Microsoft.Extensions.Hosting;
+using NBXplorer;
+using NBXplorer.Models;
+using System.Collections.Concurrent;
+using BTCPayServer.Events;
+using BTCPayServer.Services;
+
+namespace BTCPayServer.HostedServices
+{
+    public class CssThemeManager
+    {
+        public void Update(ThemeSettings data)
+        {
+            if (String.IsNullOrWhiteSpace(data.BootstrapCssUri))
+                _bootstrapUri = "/vendor/bootstrap4/css/bootstrap.css?v=" + DateTime.Now.Ticks;
+            else
+                _bootstrapUri = data.BootstrapCssUri;
+
+
+            if (String.IsNullOrWhiteSpace(data.CreativeStartCssUri))
+                _creativeStartUri = "/vendor/bootstrap4-creativestart/creative.css?v=" + DateTime.Now.Ticks;
+            else
+                _creativeStartUri = data.CreativeStartCssUri;
+        }
+
+        private string _bootstrapUri;
+        public string BootstrapUri
+        {
+            get { return _bootstrapUri; }
+        }
+
+        private string _creativeStartUri;
+        public string CreativeStartUri
+        {
+            get { return _creativeStartUri; }
+        }
+    }
+
+    public class CssThemeManagerHostedService : BaseAsyncService
+    {
+        private SettingsRepository _SettingsRepository;
+        private CssThemeManager _CssThemeManager;
+
+        public CssThemeManagerHostedService(SettingsRepository settingsRepository, CssThemeManager cssThemeManager)
+        {
+            _SettingsRepository = settingsRepository;
+            _CssThemeManager = cssThemeManager;
+        }
+
+        internal override Task[] InitializeTasks()
+        {
+            return new[]
+            {
+                CreateLoopTask(ListenForThemeChanges)
+            };
+        }
+
+        async Task ListenForThemeChanges()
+        {
+            await new SynchronizationContextRemover();
+            var data = (await _SettingsRepository.GetSettingAsync<ThemeSettings>()) ?? new ThemeSettings();
+            _CssThemeManager.Update(data);
+
+            await _SettingsRepository.WaitSettingsChanged<ThemeSettings>(Cancellation);
+        }
+    }
+}

BTCPayServer/HostedServices/InvoiceNotificationManager.cs

@@ -305,7 +305,10 @@ namespace BTCPayServer.HostedServices
             leases.Add(_EventAggregator.Subscribe<InvoiceEvent>(async e =>
             {
                 var invoice = await _InvoiceRepository.GetInvoice(null, e.InvoiceId);
-                await SaveEvent(invoice.Id, e);
+                List<Task> tasks = new List<Task>();
+
+                // Awaiting this later help make sure invoices should arrive in order
+                tasks.Add(SaveEvent(invoice.Id, e));
 
                 // we need to use the status in the event and not in the invoice. The invoice might now be in another status.
                 if (invoice.FullNotifications)
@@ -315,20 +318,22 @@ namespace BTCPayServer.HostedServices
                        e.Name == "invoice_failedToConfirm" ||
                        e.Name == "invoice_markedInvalid" ||
                        e.Name == "invoice_failedToConfirm" ||
-                       e.Name == "invoice_completed"
+                       e.Name == "invoice_completed" ||
+                       e.Name == "invoice_expiredPaidPartial"
                      )
-                        await Notify(invoice);
+                        tasks.Add(Notify(invoice));
                 }
 
                 if (e.Name == "invoice_confirmed")
                 {
-                    await Notify(invoice);
+                    tasks.Add(Notify(invoice));
                 }
 
                 if (invoice.ExtendedNotifications)
                 {
-                    await Notify(invoice, e.EventCode, e.Name);
+                    tasks.Add(Notify(invoice, e.EventCode, e.Name));
                 }
+                await Task.WhenAll(tasks.ToArray());
             }));
 
 

BTCPayServer/HostedServices/InvoiceWatcher.cs

@@ -68,6 +68,8 @@ namespace BTCPayServer.HostedServices
 
                 context.Events.Add(new InvoiceEvent(invoice, 1004, "invoice_expired"));
                 invoice.Status = "expired";
+                if(invoice.ExceptionStatus == "paidPartial")
+                    context.Events.Add(new InvoiceEvent(invoice, 2000, "invoice_expiredPaidPartial"));
             }
 
             var payments = invoice.GetPayments().Where(p => p.Accounted).ToArray();
@@ -78,7 +80,7 @@ namespace BTCPayServer.HostedServices
             var network = _NetworkProvider.GetNetwork(paymentMethod.GetId().CryptoCode);
             if (invoice.Status == "new" || invoice.Status == "expired")
             {
-                if (accounting.Paid >= accounting.TotalDue)
+                if (accounting.Paid >= accounting.MinimumTotalDue)
                 {
                     if (invoice.Status == "new")
                     {
@@ -96,17 +98,17 @@ namespace BTCPayServer.HostedServices
                     }
                 }
 
-                if (accounting.Paid < accounting.TotalDue && invoice.GetPayments().Count != 0 && invoice.ExceptionStatus != "paidPartial")
+                if (accounting.Paid < accounting.MinimumTotalDue && invoice.GetPayments().Count != 0 && invoice.ExceptionStatus != "paidPartial")
                 {
-                    invoice.ExceptionStatus = "paidPartial";
-                    context.MarkDirty();
+                        invoice.ExceptionStatus = "paidPartial";
+                        context.MarkDirty();
                 }
             }
 
             // Just make sure RBF did not cancelled a payment
             if (invoice.Status == "paid")
             {
-                if (accounting.Paid == accounting.TotalDue && invoice.ExceptionStatus == "paidOver")
+                if (accounting.MinimumTotalDue <= accounting.Paid && accounting.Paid <= accounting.TotalDue && invoice.ExceptionStatus == "paidOver")
                 {
                     invoice.ExceptionStatus = null;
                     context.MarkDirty();
@@ -118,7 +120,7 @@ namespace BTCPayServer.HostedServices
                     context.MarkDirty();
                 }
 
-                if (accounting.Paid < accounting.TotalDue)
+                if (accounting.Paid < accounting.MinimumTotalDue)
                 {
                     invoice.Status = "new";
                     invoice.ExceptionStatus = accounting.Paid == Money.Zero ? null : "paidPartial";
@@ -134,14 +136,14 @@ namespace BTCPayServer.HostedServices
                    (invoice.MonitoringExpiration < DateTimeOffset.UtcNow)
                    &&
                    // And not enough amount confirmed
-                   (confirmedAccounting.Paid < accounting.TotalDue))
+                   (confirmedAccounting.Paid < accounting.MinimumTotalDue))
                 {
                     await _InvoiceRepository.UnaffectAddress(invoice.Id);
                     context.Events.Add(new InvoiceEvent(invoice, 1013, "invoice_failedToConfirm"));
                     invoice.Status = "invalid";
                     context.MarkDirty();
                 }
-                else if (confirmedAccounting.Paid >= accounting.TotalDue)
+                else if (confirmedAccounting.Paid >= accounting.MinimumTotalDue)
                 {
                     await _InvoiceRepository.UnaffectAddress(invoice.Id);
                     context.Events.Add(new InvoiceEvent(invoice, 1005, "invoice_confirmed"));
@@ -153,7 +155,7 @@ namespace BTCPayServer.HostedServices
             if (invoice.Status == "confirmed")
             {
                 var completedAccounting = paymentMethod.Calculate(p => p.GetCryptoPaymentData().PaymentCompleted(p, network));
-                if (completedAccounting.Paid >= accounting.TotalDue)
+                if (completedAccounting.Paid >= accounting.MinimumTotalDue)
                 {
                     context.Events.Add(new InvoiceEvent(invoice, 1006, "invoice_completed"));
                     invoice.Status = "complete";
@@ -209,16 +211,16 @@ namespace BTCPayServer.HostedServices
             var invoice = await _InvoiceRepository.GetInvoice(null, invoiceId);
             try
             {
-                var now = DateTimeOffset.UtcNow;
-                if (invoice.ExpirationTime > now)
+                var delay = invoice.ExpirationTime - DateTimeOffset.UtcNow;
+                if (delay > TimeSpan.Zero)
                 {
-                    await Task.Delay(invoice.ExpirationTime - now, _Cts.Token);
+                    await Task.Delay(delay, _Cts.Token);
                 }
                 Watch(invoiceId);
-                now = DateTimeOffset.UtcNow;
-                if (invoice.MonitoringExpiration > now)
+                delay = invoice.MonitoringExpiration - DateTimeOffset.UtcNow;
+                if (delay > TimeSpan.Zero)
                 {
-                    await Task.Delay(invoice.MonitoringExpiration - now, _Cts.Token);
+                    await Task.Delay(delay, _Cts.Token);
                 }
                 Watch(invoiceId);
             }
@@ -289,7 +291,7 @@ namespace BTCPayServer.HostedServices
                             if (updateContext.Dirty)
                             {
                                 await _InvoiceRepository.UpdateInvoiceStatus(invoice.Id, invoice.Status, invoice.ExceptionStatus);
-                                updateContext.Events.Add(new InvoiceDataChangedEvent(invoice));
+                                updateContext.Events.Insert(0, new InvoiceDataChangedEvent(invoice));
                             }
 
                             foreach (var evt in updateContext.Events)

BTCPayServer/HostedServices/NBXplorerWaiter.cs

@@ -184,8 +184,8 @@ namespace BTCPayServer.HostedServices
 
             if(status != null && error == null)
             {
-                if(status.ChainType != _Network.NBXplorerNetwork.DefaultSettings.ChainType)
-                    error = $"{_Network.CryptoCode}: NBXplorer is on a different ChainType (actual: {status.ChainType}, expected: {_Network.NBXplorerNetwork.DefaultSettings.ChainType})";
+                if(status.NetworkType != _Network.NBitcoinNetwork.NetworkType)
+                    error = $"{_Network.CryptoCode}: NBXplorer is on a different ChainType (actual: {status.NetworkType}, expected: {_Network.NBitcoinNetwork.NetworkType})";
             }
 
             if (error != null)

BTCPayServer/HostedServices/RatesHostedService.cs

@@ -0,0 +1,71 @@
+using System;
+using Microsoft.Extensions.Logging;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading;
+using System.Threading.Tasks;
+using BTCPayServer.Services;
+using BTCPayServer.Services.Rates;
+using Microsoft.Extensions.Hosting;
+using BTCPayServer.Logging;
+using System.Runtime.CompilerServices;
+using System.IO;
+using System.Text;
+
+namespace BTCPayServer.HostedServices
+{
+    public class RatesHostedService : BaseAsyncService
+    {
+        private SettingsRepository _SettingsRepository;
+        private CoinAverageSettings _coinAverageSettings;
+        BTCPayRateProviderFactory _RateProviderFactory;
+        public RatesHostedService(SettingsRepository repo,
+                                  BTCPayRateProviderFactory rateProviderFactory,
+                                  CoinAverageSettings coinAverageSettings)
+        {
+            this._SettingsRepository = repo;
+            _coinAverageSettings = coinAverageSettings;
+            _RateProviderFactory = rateProviderFactory;
+        }
+
+        internal override Task[] InitializeTasks()
+        {
+            return new[]
+            {
+                CreateLoopTask(RefreshCoinAverageSupportedExchanges),
+                CreateLoopTask(RefreshCoinAverageSettings)
+            };
+        }
+
+        async Task RefreshCoinAverageSupportedExchanges()
+        {
+            await new SynchronizationContextRemover();
+            var tickers = await new CoinAverageRateProvider() { Authenticator = _coinAverageSettings }.GetExchangeTickersAsync();
+            var exchanges = new CoinAverageExchanges();
+            foreach(var item in tickers
+                .Exchanges
+                .Select(c => new CoinAverageExchange(c.Name, c.DisplayName)))
+            {
+                exchanges.Add(item);
+            }
+            _coinAverageSettings.AvailableExchanges = exchanges;
+            await Task.Delay(TimeSpan.FromHours(5), Cancellation);
+        }
+
+        async Task RefreshCoinAverageSettings()
+        {
+            await new SynchronizationContextRemover();
+            var rates = (await _SettingsRepository.GetSettingAsync<RatesSetting>()) ?? new RatesSetting();
+            _RateProviderFactory.CacheSpan = TimeSpan.FromMinutes(rates.CacheInMinutes);
+            if (!string.IsNullOrWhiteSpace(rates.PrivateKey) && !string.IsNullOrWhiteSpace(rates.PublicKey))
+            {
+                _coinAverageSettings.KeyPair = (rates.PublicKey, rates.PrivateKey);
+            }
+            else
+            {
+                _coinAverageSettings.KeyPair = null;
+            }
+            await _SettingsRepository.WaitSettingsChanged<RatesSetting>(Cancellation);
+        }
+    }
+}

BTCPayServer/Hosting/BTCPayServerServices.cs

@@ -38,55 +38,13 @@ using Microsoft.Extensions.Caching.Memory;
 using BTCPayServer.Logging;
 using BTCPayServer.HostedServices;
 using Meziantou.AspNetCore.BundleTagHelpers;
+using System.Security.Claims;
+using BTCPayServer.Security;
 
 namespace BTCPayServer.Hosting
 {
     public static class BTCPayServerServices
     {
-        public class OwnStoreAuthorizationRequirement : IAuthorizationRequirement
-        {
-            public OwnStoreAuthorizationRequirement()
-            {
-            }
-
-            public OwnStoreAuthorizationRequirement(string role)
-            {
-                Role = role;
-            }
-
-            public string Role
-            {
-                get; set;
-            }
-        }
-
-        public class OwnStoreHandler : AuthorizationHandler<OwnStoreAuthorizationRequirement>
-        {
-            StoreRepository _StoreRepository;
-            UserManager<ApplicationUser> _UserManager;
-            public OwnStoreHandler(StoreRepository storeRepository, UserManager<ApplicationUser> userManager)
-            {
-                _StoreRepository = storeRepository;
-                _UserManager = userManager;
-            }
-            protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, OwnStoreAuthorizationRequirement requirement)
-            {
-                object storeId = null;
-                if (!((Microsoft.AspNetCore.Mvc.ActionContext)context.Resource).RouteData.Values.TryGetValue("storeId", out storeId))
-                    context.Succeed(requirement);
-                else if (storeId != null)
-                {
-                    var user = _UserManager.GetUserId(((Microsoft.AspNetCore.Mvc.ActionContext)context.Resource).HttpContext.User);
-                    if (user != null)
-                    {
-                        var store = await _StoreRepository.FindStore((string)storeId, user);
-                        if (store != null)
-                            if (requirement.Role == null || requirement.Role == store.Role)
-                                context.Succeed(requirement);
-                    }
-                }
-            }
-        }
         public static IServiceCollection AddBTCPayServer(this IServiceCollection services)
         {
             services.AddDbContext<ApplicationDbContext>((provider, o) =>
@@ -109,6 +67,7 @@ namespace BTCPayServer.Hosting
             services.AddSingleton<BTCPayServerEnvironment>();
             services.TryAddSingleton<TokenRepository>();
             services.TryAddSingleton<EventAggregator>();
+            services.TryAddSingleton<CoinAverageSettings>();
             services.TryAddSingleton<ApplicationDbContextFactory>(o => 
             {
                 var opts = o.GetRequiredService<BTCPayServerOptions>();
@@ -145,6 +104,9 @@ namespace BTCPayServer.Hosting
                 BlockTarget = 20
             });
 
+            services.AddSingleton<CssThemeManager>();
+            services.AddSingleton<IHostedService, CssThemeManagerHostedService>();
+
             services.AddSingleton<Payments.IPaymentMethodHandler<DerivationStrategy>, Payments.Bitcoin.BitcoinLikePaymentHandler>();
             services.AddSingleton<IHostedService, Payments.Bitcoin.NBXplorerListener>();
 
@@ -154,39 +116,29 @@ namespace BTCPayServer.Hosting
             services.AddSingleton<IHostedService, NBXplorerWaiters>();
             services.AddSingleton<IHostedService, InvoiceNotificationManager>();
             services.AddSingleton<IHostedService, InvoiceWatcher>();
+            services.AddSingleton<IHostedService, RatesHostedService>();
+            services.AddTransient<IConfigureOptions<MvcOptions>, BTCPayClaimsFilter>();
+            services.AddTransient<IConfigureOptions<MvcOptions>, BitpayClaimsFilter>();
 
             services.TryAddSingleton<ExplorerClientProvider>();
             services.TryAddSingleton<Bitpay>(o =>
             {
-                if (o.GetRequiredService<BTCPayServerOptions>().ChainType == ChainType.Main)
+                if (o.GetRequiredService<BTCPayServerOptions>().NetworkType == NetworkType.Mainnet)
                     return new Bitpay(new Key(), new Uri("https://bitpay.com/"));
                 else
                     return new Bitpay(new Key(), new Uri("https://test.bitpay.com/"));
             });
-            services.TryAddSingleton<IRateProviderFactory, CachedDefaultRateProviderFactory>();
+            services.TryAddSingleton<BTCPayRateProviderFactory>();
 
             services.TryAddScoped<IHttpContextAccessor, HttpContextAccessor>();
-            services.TryAddSingleton<IAuthorizationHandler, OwnStoreHandler>();
             services.AddTransient<AccessTokenController>();
             services.AddTransient<InvoiceController>();
             // Add application services.
             services.AddTransient<IEmailSender, EmailSender>();
-
-            services.AddAuthorization(o =>
-            {
-                o.AddPolicy(StorePolicies.CanAccessStores, builder =>
-                {
-                    builder.AddRequirements(new OwnStoreAuthorizationRequirement());
-                });
-
-                o.AddPolicy(StorePolicies.OwnStore, builder =>
-                {
-                    builder.AddRequirements(new OwnStoreAuthorizationRequirement(StoreRoles.Owner));
-                });
-            });
-
             // bundling
 
+            services.AddAuthorization(o => Policies.AddBTCPayPolicies(o));
+
             services.AddBundles();
             services.AddTransient<BundleOptions>(provider =>
             {

BTCPayServer/Hosting/BTCpayMiddleware.cs

@@ -6,37 +6,25 @@ using System.Collections.Generic;
 using System.Text;
 using System.Linq;
 using System.Threading.Tasks;
-using NBitcoin;
-using NBitcoin.Crypto;
-using NBitcoin.DataEncoders;
-using Microsoft.AspNetCore.Http.Internal;
 using System.IO;
 using BTCPayServer.Authentication;
-using System.Security.Principal;
-using NBitpayClient.Extensions;
 using BTCPayServer.Logging;
 using Newtonsoft.Json;
 using BTCPayServer.Models;
 using BTCPayServer.Configuration;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Mvc.Routing;
-using Microsoft.AspNetCore.Http.Extensions;
-using BTCPayServer.Controllers;
 using System.Net.WebSockets;
+using BTCPayServer.Services.Stores;
 
 namespace BTCPayServer.Hosting
 {
     public class BTCPayMiddleware
     {
-        TokenRepository _TokenRepository;
         RequestDelegate _Next;
         BTCPayServerOptions _Options;
 
         public BTCPayMiddleware(RequestDelegate next,
-            TokenRepository tokenRepo,
             BTCPayServerOptions options)
         {
-            _TokenRepository = tokenRepo ?? throw new ArgumentNullException(nameof(tokenRepo));
             _Next = next ?? throw new ArgumentNullException(nameof(next));
             _Options = options ?? throw new ArgumentNullException(nameof(options));
         }
@@ -45,42 +33,16 @@ namespace BTCPayServer.Hosting
         public async Task Invoke(HttpContext httpContext)
         {
             RewriteHostIfNeeded(httpContext);
-            httpContext.Request.Headers.TryGetValue("x-signature", out StringValues values);
-            var sig = values.FirstOrDefault();
-            httpContext.Request.Headers.TryGetValue("x-identity", out values);
-            var id = values.FirstOrDefault();
-            if (!string.IsNullOrEmpty(sig) && !string.IsNullOrEmpty(id))
-            {
-                httpContext.Request.EnableRewind();
-
-                string body = string.Empty;
-                if (httpContext.Request.ContentLength != 0 && httpContext.Request.Body != null)
-                {
-                    using (StreamReader reader = new StreamReader(httpContext.Request.Body, Encoding.UTF8, true, 1024, true))
-                    {
-                        body = reader.ReadToEnd();
-                    }
-                    httpContext.Request.Body.Position = 0;
-                }
-
-                var url = httpContext.Request.GetEncodedUrl();
-                try
-                {
-                    var key = new PubKey(id);
-                    if (BitIdExtensions.CheckBitIDSignature(key, sig, url, body))
-                    {
-                        var bitid = new BitIdentity(key);
-                        httpContext.User = new GenericPrincipal(bitid, Array.Empty<string>());
-                        Logs.PayServer.LogDebug($"BitId signature check success for SIN {bitid.SIN}");
-                    }
-                }
-                catch (FormatException) { }
-                if (!(httpContext.User.Identity is BitIdentity))
-                    Logs.PayServer.LogDebug("BitId signature check failed");
-            }
 
             try
             {
+                var bitpayAuth = GetBitpayAuth(httpContext, out bool isBitpayAuth);
+                var isBitpayAPI = IsBitpayAPI(httpContext, isBitpayAuth);
+                httpContext.SetIsBitpayAPI(isBitpayAPI);
+                if (isBitpayAPI)
+                {
+                    httpContext.SetBitpayAuth(bitpayAuth);
+                }
                 await _Next(httpContext);
             }
             catch (WebSocketException)
@@ -100,6 +62,55 @@ namespace BTCPayServer.Hosting
             }
         }
 
+        private static (string Signature, String Id, String Authorization) GetBitpayAuth(HttpContext httpContext, out bool hasBitpayAuth)
+        {
+            httpContext.Request.Headers.TryGetValue("x-signature", out StringValues values);
+            var sig = values.FirstOrDefault();
+            httpContext.Request.Headers.TryGetValue("x-identity", out values);
+            var id = values.FirstOrDefault();
+            httpContext.Request.Headers.TryGetValue("Authorization", out values);
+            var auth = values.FirstOrDefault();
+            hasBitpayAuth = auth != null || (sig != null && id != null);
+            return (sig, id, auth);
+        }
+
+        private bool IsBitpayAPI(HttpContext httpContext, bool bitpayAuth)
+        {
+            if (!httpContext.Request.Path.HasValue)
+                return false;
+
+            var path = httpContext.Request.Path.Value;
+            if (
+                bitpayAuth &&
+                path == "/invoices" &&
+              httpContext.Request.Method == "POST" &&
+              (httpContext.Request.ContentType ?? string.Empty).StartsWith("application/json", StringComparison.OrdinalIgnoreCase))
+                return true;
+
+            if (
+                bitpayAuth &&
+                path == "/invoices" &&
+              httpContext.Request.Method == "GET")
+                return true;
+
+            if (
+                bitpayAuth &&
+                path.StartsWith("/invoices/", StringComparison.OrdinalIgnoreCase) &&
+                httpContext.Request.Method == "GET")
+                return true;
+
+            if (path.Equals("/rates", StringComparison.OrdinalIgnoreCase) &&
+                httpContext.Request.Method == "GET")
+                return true;
+
+            if (
+                path.Equals("/tokens", StringComparison.Ordinal) && 
+                ( httpContext.Request.Method == "GET" || httpContext.Request.Method == "POST"))
+                return true;
+
+            return false;
+        }
+
         private void RewriteHostIfNeeded(HttpContext httpContext)
         {
             string reverseProxyScheme = null;
@@ -132,7 +143,7 @@ namespace BTCPayServer.Hosting
                     httpContext.Request.Scheme = reverseProxyScheme;
                 }
                 else
-                { 
+                {
                     httpContext.Request.Scheme = _Options.ExternalUrl.Scheme;
                 }
                 if (_Options.ExternalUrl.IsDefaultPort)

BTCPayServer/Hosting/Startup.cs

@@ -76,8 +76,6 @@ namespace BTCPayServer.Hosting
                 .AddEntityFrameworkStores<ApplicationDbContext>()
                 .AddDefaultTokenProviders();
 
-            // Big hack, tests fails because Hangfire fail at initializing at the second test run
-            AddHangfireFix(services);
             services.AddBTCPayServer();
             services.AddMvc(o =>
             {
@@ -93,6 +91,24 @@ namespace BTCPayServer.Hosting
                 options.Password.RequireUppercase = false;
             });
 
+            services.AddHangfire((o) =>
+            {
+                var scope = AspNetCoreJobActivator.Current.BeginScope(null);
+                var options = (ApplicationDbContextFactory)scope.Resolve(typeof(ApplicationDbContextFactory));
+                options.ConfigureHangfireBuilder(o);
+            });
+            services.AddCors(o =>
+            {
+                o.AddPolicy("BitpayAPI", b =>
+                {
+                    b.AllowAnyMethod().AllowAnyHeader().AllowAnyOrigin();
+                });
+            });
+            services.Configure<IOptions<ApplicationInsightsServiceOptions>>(o =>
+            {
+                o.Value.DeveloperMode = _Env.IsDevelopment();
+            });
+
             // Needed to debug U2F for ledger support
             //services.Configure<KestrelServerOptions>(kestrel =>
             //{
@@ -103,51 +119,29 @@ namespace BTCPayServer.Hosting
             //});
         }
 
-        // Big hack, tests fails if only call AddHangfire because Hangfire fail at initializing at the second test run
-        private void AddHangfireFix(IServiceCollection services)
-        {
-            Action<IGlobalConfiguration> configuration = o =>
-            {
-                var scope = AspNetCoreJobActivator.Current.BeginScope(null);
-                var options = (ApplicationDbContextFactory)scope.Resolve(typeof(ApplicationDbContextFactory));
-                options.ConfigureHangfireBuilder(o);
-            };
-
-            ServiceCollectionDescriptorExtensions.TryAddSingleton<Action<IGlobalConfiguration>>(services, (IServiceProvider serviceProvider) => new Action<IGlobalConfiguration>((config) =>
-           {
-               ILoggerFactory service = ServiceProviderServiceExtensions.GetService<ILoggerFactory>(serviceProvider);
-               if (service != null)
-               {
-                   Hangfire.GlobalConfigurationExtensions.UseLogProvider<AspNetCoreLogProvider>(config, new AspNetCoreLogProvider(service));
-               }
-               IServiceScopeFactory service2 = ServiceProviderServiceExtensions.GetService<IServiceScopeFactory>(serviceProvider);
-               if (service2 != null)
-               {
-                   Hangfire.GlobalConfigurationExtensions.UseActivator<AspNetCoreJobActivator>(config, new AspNetCoreJobActivator(service2));
-               }
-               configuration(config);
-           }));
-
-            services.AddHangfire(configuration);
-            services.AddCors(o =>
-            {
-                o.AddPolicy("BitpayAPI", b =>
-                {
-                    b.AllowAnyMethod().AllowAnyHeader().AllowAnyOrigin();
-                });
-            });
-
-            services.Configure<IOptions<ApplicationInsightsServiceOptions>>(o =>
-            {
-                o.Value.DeveloperMode = _Env.IsDevelopment();
-            });
-        }
-
         public void Configure(
             IApplicationBuilder app,
             IHostingEnvironment env,
             IServiceProvider prov,
+            BTCPayServerOptions options,
             ILoggerFactory loggerFactory)
+        {
+            Logs.Configure(loggerFactory);
+            Logs.Configuration.LogInformation($"Root Path: {options.RootPath}");
+            if (options.RootPath.Equals("/", StringComparison.OrdinalIgnoreCase))
+            {
+                ConfigureCore(app, env, prov, loggerFactory, options);
+            }
+            else
+            {
+                app.Map(options.RootPath, appChild =>
+                {
+                    ConfigureCore(appChild, env, prov, loggerFactory, options);
+                });
+            }
+        }
+
+        private static void ConfigureCore(IApplicationBuilder app, IHostingEnvironment env, IServiceProvider prov, ILoggerFactory loggerFactory, BTCPayServerOptions options)
         {
             if (env.IsDevelopment())
             {
@@ -155,9 +149,6 @@ namespace BTCPayServer.Hosting
                 app.UseBrowserLink();
             }
 
-
-            Logs.Configure(loggerFactory);
-
             //App insight do not that by itself...
             loggerFactory.AddApplicationInsights(prov, LogLevel.Information);
 
@@ -165,7 +156,11 @@ namespace BTCPayServer.Hosting
             app.UseStaticFiles();
             app.UseAuthentication();
             app.UseHangfireServer();
-            app.UseHangfireDashboard("/hangfire", new DashboardOptions() { Authorization = new[] { new NeedRole(Roles.ServerAdmin) } });
+            app.UseHangfireDashboard("/hangfire", new DashboardOptions()
+            {
+                AppPath = options.GetRootUri(),
+                Authorization = new[] { new NeedRole(Roles.ServerAdmin) }
+            });
             app.UseWebSockets();
             app.UseMvc(routes =>
             {

BTCPayServer/JsonConverters/CurrencyValueJsonConverter.cs

@@ -15,7 +15,6 @@ namespace BTCPayServer.JsonConverters
             return typeof(CurrencyValue).GetTypeInfo().IsAssignableFrom(objectType.GetTypeInfo());
         }
 
-        Type longType = typeof(long).GetTypeInfo();
         public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
         {
             try

BTCPayServer/JsonConverters/UriJsonConverter.cs

@@ -0,0 +1,38 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using System.Reflection;
+using Newtonsoft.Json;
+using NBitcoin.JsonConverters;
+
+namespace BTCPayServer.JsonConverters
+{
+    public class UriJsonConverter : JsonConverter
+    {
+        public override bool CanConvert(Type objectType)
+        {
+            return typeof(Uri).GetTypeInfo().IsAssignableFrom(objectType.GetTypeInfo());
+        }
+
+        public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
+        {
+            try
+            {
+                return reader.TokenType == JsonToken.Null ? null :
+                       Uri.TryCreate((string)reader.Value, UriKind.Absolute, out var result) ? result :
+                       throw new JsonObjectException("Invalid Currency value", reader);
+            }
+            catch (InvalidCastException)
+            {
+                throw new JsonObjectException("Invalid Currency value", reader);
+            }
+        }
+
+        public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer)
+        {
+            if (value != null)
+                writer.WriteValue(((Uri)value).AbsoluteUri);
+        }
+    }
+}

BTCPayServer/Migrations/20180402095640_appdata.Designer.cs

@@ -0,0 +1,537 @@
+// <auto-generated />
+using BTCPayServer.Data;
+using BTCPayServer.Services.Invoices;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Metadata;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Storage;
+using Microsoft.EntityFrameworkCore.Storage.Internal;
+using System;
+
+namespace BTCPayServer.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    [Migration("20180402095640_appdata")]
+    partial class appdata
+    {
+        protected override void BuildTargetModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder
+                .HasAnnotation("ProductVersion", "2.0.1-rtm-125");
+
+            modelBuilder.Entity("BTCPayServer.Data.AddressInvoiceData", b =>
+                {
+                    b.Property<string>("Address")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<DateTimeOffset?>("CreatedTime");
+
+                    b.Property<string>("InvoiceDataId");
+
+                    b.HasKey("Address");
+
+                    b.HasIndex("InvoiceDataId");
+
+                    b.ToTable("AddressInvoices");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.AppData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("AppType");
+
+                    b.Property<DateTimeOffset>("Created");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Settings");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("StoreDataId");
+
+                    b.ToTable("Apps");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.HistoricalAddressInvoiceData", b =>
+                {
+                    b.Property<string>("InvoiceDataId");
+
+                    b.Property<string>("Address");
+
+                    b.Property<DateTimeOffset>("Assigned");
+
+                    b.Property<string>("CryptoCode");
+
+                    b.Property<DateTimeOffset?>("UnAssigned");
+
+                    b.HasKey("InvoiceDataId", "Address");
+
+                    b.ToTable("HistoricalAddressInvoices");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.InvoiceData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<byte[]>("Blob");
+
+                    b.Property<DateTimeOffset>("Created");
+
+                    b.Property<string>("CustomerEmail");
+
+                    b.Property<string>("ExceptionStatus");
+
+                    b.Property<string>("ItemCode");
+
+                    b.Property<string>("OrderId");
+
+                    b.Property<string>("Status");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("StoreDataId");
+
+                    b.ToTable("Invoices");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.InvoiceEventData", b =>
+                {
+                    b.Property<string>("InvoiceDataId");
+
+                    b.Property<string>("UniqueId");
+
+                    b.Property<string>("Message");
+
+                    b.Property<DateTimeOffset>("Timestamp");
+
+                    b.HasKey("InvoiceDataId", "UniqueId");
+
+                    b.ToTable("InvoiceEvents");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PairedSINData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("Facade");
+
+                    b.Property<string>("Label");
+
+                    b.Property<DateTimeOffset>("PairingTime");
+
+                    b.Property<string>("SIN");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("SIN");
+
+                    b.HasIndex("StoreDataId");
+
+                    b.ToTable("PairedSINData");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PairingCodeData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<DateTime>("DateCreated");
+
+                    b.Property<DateTimeOffset>("Expiration");
+
+                    b.Property<string>("Facade");
+
+                    b.Property<string>("Label");
+
+                    b.Property<string>("SIN");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.Property<string>("TokenValue");
+
+                    b.HasKey("Id");
+
+                    b.ToTable("PairingCodes");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PaymentData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<bool>("Accounted");
+
+                    b.Property<byte[]>("Blob");
+
+                    b.Property<string>("InvoiceDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("InvoiceDataId");
+
+                    b.ToTable("Payments");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PendingInvoiceData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.HasKey("Id");
+
+                    b.ToTable("PendingInvoices");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.RefundAddressesData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<byte[]>("Blob");
+
+                    b.Property<string>("InvoiceDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("InvoiceDataId");
+
+                    b.ToTable("RefundAddresses");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.SettingData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("Value");
+
+                    b.HasKey("Id");
+
+                    b.ToTable("Settings");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.StoreData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("DefaultCrypto");
+
+                    b.Property<string>("DerivationStrategies");
+
+                    b.Property<string>("DerivationStrategy");
+
+                    b.Property<int>("SpeedPolicy");
+
+                    b.Property<byte[]>("StoreBlob");
+
+                    b.Property<byte[]>("StoreCertificate");
+
+                    b.Property<string>("StoreName");
+
+                    b.Property<string>("StoreWebsite");
+
+                    b.HasKey("Id");
+
+                    b.ToTable("Stores");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.UserStore", b =>
+                {
+                    b.Property<string>("ApplicationUserId");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.Property<string>("Role");
+
+                    b.HasKey("ApplicationUserId", "StoreDataId");
+
+                    b.HasIndex("StoreDataId");
+
+                    b.ToTable("UserStore");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Models.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<int>("AccessFailedCount");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256);
+
+                    b.Property<bool>("EmailConfirmed");
+
+                    b.Property<bool>("LockoutEnabled");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("PasswordHash");
+
+                    b.Property<string>("PhoneNumber");
+
+                    b.Property<bool>("PhoneNumberConfirmed");
+
+                    b.Property<bool>("RequiresEmailConfirmation");
+
+                    b.Property<string>("SecurityStamp");
+
+                    b.Property<bool>("TwoFactorEnabled");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasName("UserNameIndex");
+
+                    b.ToTable("AspNetUsers");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasName("RoleNameIndex");
+
+                    b.ToTable("AspNetRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("ProviderKey");
+
+                    b.Property<string>("ProviderDisplayName");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("RoleId");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Value");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.AddressInvoiceData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
+                        .WithMany("AddressInvoices")
+                        .HasForeignKey("InvoiceDataId");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.AppData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany("Apps")
+                        .HasForeignKey("StoreDataId");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.HistoricalAddressInvoiceData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData")
+                        .WithMany("HistoricalAddressInvoices")
+                        .HasForeignKey("InvoiceDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.InvoiceData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany()
+                        .HasForeignKey("StoreDataId");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.InvoiceEventData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData")
+                        .WithMany("Events")
+                        .HasForeignKey("InvoiceDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PaymentData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
+                        .WithMany("Payments")
+                        .HasForeignKey("InvoiceDataId");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.RefundAddressesData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
+                        .WithMany("RefundAddresses")
+                        .HasForeignKey("InvoiceDataId");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.UserStore", b =>
+                {
+                    b.HasOne("BTCPayServer.Models.ApplicationUser", "ApplicationUser")
+                        .WithMany("UserStores")
+                        .HasForeignKey("ApplicationUserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany("UserStores")
+                        .HasForeignKey("StoreDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("BTCPayServer.Models.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("BTCPayServer.Models.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+
+                    b.HasOne("BTCPayServer.Models.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("BTCPayServer.Models.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}

BTCPayServer/Migrations/20180402095640_appdata.cs

@@ -0,0 +1,45 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+using System;
+using System.Collections.Generic;
+
+namespace BTCPayServer.Migrations
+{
+    public partial class appdata : Migration
+    {
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.CreateTable(
+                name: "Apps",
+                columns: table => new
+                {
+                    Id = table.Column<string>(nullable: false),
+                    AppType = table.Column<string>(nullable: true),
+                    Created = table.Column<DateTimeOffset>(nullable: false),
+                    Name = table.Column<string>(nullable: true),
+                    Settings = table.Column<string>(nullable: true),
+                    StoreDataId = table.Column<string>(nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_Apps", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_Apps_Stores_StoreDataId",
+                        column: x => x.StoreDataId,
+                        principalTable: "Stores",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Restrict);
+                });
+
+            migrationBuilder.CreateIndex(
+                name: "IX_Apps_StoreDataId",
+                table: "Apps",
+                column: "StoreDataId");
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropTable(
+                name: "Apps");
+        }
+    }
+}

BTCPayServer/Migrations/20180429083930_legacyapikey.Designer.cs

@@ -0,0 +1,553 @@
+// <auto-generated />
+using BTCPayServer.Data;
+using BTCPayServer.Services.Invoices;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Metadata;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Storage;
+using Microsoft.EntityFrameworkCore.Storage.Internal;
+using System;
+
+namespace BTCPayServer.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    [Migration("20180429083930_legacyapikey")]
+    partial class legacyapikey
+    {
+        protected override void BuildTargetModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder
+                .HasAnnotation("ProductVersion", "2.0.2-rtm-10011");
+
+            modelBuilder.Entity("BTCPayServer.Data.AddressInvoiceData", b =>
+                {
+                    b.Property<string>("Address")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<DateTimeOffset?>("CreatedTime");
+
+                    b.Property<string>("InvoiceDataId");
+
+                    b.HasKey("Address");
+
+                    b.HasIndex("InvoiceDataId");
+
+                    b.ToTable("AddressInvoices");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.APIKeyData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd()
+                        .HasMaxLength(50);
+
+                    b.Property<string>("StoreId")
+                        .HasMaxLength(50);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("StoreId");
+
+                    b.ToTable("ApiKeys");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.AppData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("AppType");
+
+                    b.Property<DateTimeOffset>("Created");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Settings");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("StoreDataId");
+
+                    b.ToTable("Apps");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.HistoricalAddressInvoiceData", b =>
+                {
+                    b.Property<string>("InvoiceDataId");
+
+                    b.Property<string>("Address");
+
+                    b.Property<DateTimeOffset>("Assigned");
+
+                    b.Property<string>("CryptoCode");
+
+                    b.Property<DateTimeOffset?>("UnAssigned");
+
+                    b.HasKey("InvoiceDataId", "Address");
+
+                    b.ToTable("HistoricalAddressInvoices");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.InvoiceData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<byte[]>("Blob");
+
+                    b.Property<DateTimeOffset>("Created");
+
+                    b.Property<string>("CustomerEmail");
+
+                    b.Property<string>("ExceptionStatus");
+
+                    b.Property<string>("ItemCode");
+
+                    b.Property<string>("OrderId");
+
+                    b.Property<string>("Status");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("StoreDataId");
+
+                    b.ToTable("Invoices");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.InvoiceEventData", b =>
+                {
+                    b.Property<string>("InvoiceDataId");
+
+                    b.Property<string>("UniqueId");
+
+                    b.Property<string>("Message");
+
+                    b.Property<DateTimeOffset>("Timestamp");
+
+                    b.HasKey("InvoiceDataId", "UniqueId");
+
+                    b.ToTable("InvoiceEvents");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PairedSINData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("Facade");
+
+                    b.Property<string>("Label");
+
+                    b.Property<DateTimeOffset>("PairingTime");
+
+                    b.Property<string>("SIN");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("SIN");
+
+                    b.HasIndex("StoreDataId");
+
+                    b.ToTable("PairedSINData");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PairingCodeData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<DateTime>("DateCreated");
+
+                    b.Property<DateTimeOffset>("Expiration");
+
+                    b.Property<string>("Facade");
+
+                    b.Property<string>("Label");
+
+                    b.Property<string>("SIN");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.Property<string>("TokenValue");
+
+                    b.HasKey("Id");
+
+                    b.ToTable("PairingCodes");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PaymentData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<bool>("Accounted");
+
+                    b.Property<byte[]>("Blob");
+
+                    b.Property<string>("InvoiceDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("InvoiceDataId");
+
+                    b.ToTable("Payments");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PendingInvoiceData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.HasKey("Id");
+
+                    b.ToTable("PendingInvoices");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.RefundAddressesData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<byte[]>("Blob");
+
+                    b.Property<string>("InvoiceDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("InvoiceDataId");
+
+                    b.ToTable("RefundAddresses");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.SettingData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("Value");
+
+                    b.HasKey("Id");
+
+                    b.ToTable("Settings");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.StoreData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("DefaultCrypto");
+
+                    b.Property<string>("DerivationStrategies");
+
+                    b.Property<string>("DerivationStrategy");
+
+                    b.Property<int>("SpeedPolicy");
+
+                    b.Property<byte[]>("StoreBlob");
+
+                    b.Property<byte[]>("StoreCertificate");
+
+                    b.Property<string>("StoreName");
+
+                    b.Property<string>("StoreWebsite");
+
+                    b.HasKey("Id");
+
+                    b.ToTable("Stores");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.UserStore", b =>
+                {
+                    b.Property<string>("ApplicationUserId");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.Property<string>("Role");
+
+                    b.HasKey("ApplicationUserId", "StoreDataId");
+
+                    b.HasIndex("StoreDataId");
+
+                    b.ToTable("UserStore");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Models.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<int>("AccessFailedCount");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256);
+
+                    b.Property<bool>("EmailConfirmed");
+
+                    b.Property<bool>("LockoutEnabled");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("PasswordHash");
+
+                    b.Property<string>("PhoneNumber");
+
+                    b.Property<bool>("PhoneNumberConfirmed");
+
+                    b.Property<bool>("RequiresEmailConfirmation");
+
+                    b.Property<string>("SecurityStamp");
+
+                    b.Property<bool>("TwoFactorEnabled");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasName("UserNameIndex");
+
+                    b.ToTable("AspNetUsers");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasName("RoleNameIndex");
+
+                    b.ToTable("AspNetRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("ProviderKey");
+
+                    b.Property<string>("ProviderDisplayName");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("RoleId");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Value");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.AddressInvoiceData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
+                        .WithMany("AddressInvoices")
+                        .HasForeignKey("InvoiceDataId");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.AppData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany("Apps")
+                        .HasForeignKey("StoreDataId");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.HistoricalAddressInvoiceData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData")
+                        .WithMany("HistoricalAddressInvoices")
+                        .HasForeignKey("InvoiceDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.InvoiceData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany()
+                        .HasForeignKey("StoreDataId");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.InvoiceEventData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData")
+                        .WithMany("Events")
+                        .HasForeignKey("InvoiceDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PaymentData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
+                        .WithMany("Payments")
+                        .HasForeignKey("InvoiceDataId");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.RefundAddressesData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
+                        .WithMany("RefundAddresses")
+                        .HasForeignKey("InvoiceDataId");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.UserStore", b =>
+                {
+                    b.HasOne("BTCPayServer.Models.ApplicationUser", "ApplicationUser")
+                        .WithMany("UserStores")
+                        .HasForeignKey("ApplicationUserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany("UserStores")
+                        .HasForeignKey("StoreDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("BTCPayServer.Models.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("BTCPayServer.Models.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+
+                    b.HasOne("BTCPayServer.Models.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("BTCPayServer.Models.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}

BTCPayServer/Migrations/20180429083930_legacyapikey.cs

@@ -0,0 +1,35 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+using System;
+using System.Collections.Generic;
+
+namespace BTCPayServer.Migrations
+{
+    public partial class legacyapikey : Migration
+    {
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.CreateTable(
+                name: "ApiKeys",
+                columns: table => new
+                {
+                    Id = table.Column<string>(maxLength: 50, nullable: false),
+                    StoreId = table.Column<string>(maxLength: 50, nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_ApiKeys", x => x.Id);
+                });
+
+            migrationBuilder.CreateIndex(
+                name: "IX_ApiKeys_StoreId",
+                table: "ApiKeys",
+                column: "StoreId");
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropTable(
+                name: "ApiKeys");
+        }
+    }
+}

BTCPayServer/Migrations/ApplicationDbContextModelSnapshot.cs

@@ -1,9 +1,12 @@
 // <auto-generated />
 using BTCPayServer.Data;
+using BTCPayServer.Services.Invoices;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Metadata;
 using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Storage;
+using Microsoft.EntityFrameworkCore.Storage.Internal;
 using System;
 
 namespace BTCPayServer.Migrations
@@ -15,7 +18,7 @@ namespace BTCPayServer.Migrations
         {
 #pragma warning disable 612, 618
             modelBuilder
-                .HasAnnotation("ProductVersion", "2.0.1-rtm-125");
+                .HasAnnotation("ProductVersion", "2.0.2-rtm-10011");
 
             modelBuilder.Entity("BTCPayServer.Data.AddressInvoiceData", b =>
                 {
@@ -33,6 +36,44 @@ namespace BTCPayServer.Migrations
                     b.ToTable("AddressInvoices");
                 });
 
+            modelBuilder.Entity("BTCPayServer.Data.APIKeyData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd()
+                        .HasMaxLength(50);
+
+                    b.Property<string>("StoreId")
+                        .HasMaxLength(50);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("StoreId");
+
+                    b.ToTable("ApiKeys");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.AppData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("AppType");
+
+                    b.Property<DateTimeOffset>("Created");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Settings");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("StoreDataId");
+
+                    b.ToTable("Apps");
+                });
+
             modelBuilder.Entity("BTCPayServer.Data.HistoricalAddressInvoiceData", b =>
                 {
                     b.Property<string>("InvoiceDataId");
@@ -404,6 +445,13 @@ namespace BTCPayServer.Migrations
                         .HasForeignKey("InvoiceDataId");
                 });
 
+            modelBuilder.Entity("BTCPayServer.Data.AppData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany("Apps")
+                        .HasForeignKey("StoreDataId");
+                });
+
             modelBuilder.Entity("BTCPayServer.Data.HistoricalAddressInvoiceData", b =>
                 {
                     b.HasOne("BTCPayServer.Data.InvoiceData")

BTCPayServer/Models/AppViewModels/CreateAppViewModel.cs

@@ -0,0 +1,57 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Data;
+using BTCPayServer.Services.Apps;
+using Microsoft.AspNetCore.Mvc.Rendering;
+
+namespace BTCPayServer.Models.AppViewModels
+{
+    public class CreateAppViewModel
+    {
+        public CreateAppViewModel()
+        {
+            SetApps();
+        }
+        class Format
+        {
+            public string Name { get; set; }
+            public string Value { get; set; }
+        }
+        [Required]
+        [MaxLength(50)]
+        [MinLength(1)]
+        public string Name { get; set; }
+
+        [Display(Name = "Store")]
+        public string SelectedStore { get; set; }
+
+        public void SetStores(StoreData[] stores)
+        {
+            var defaultStore = stores[0].Id;
+            var choices = stores.Select(o => new Format() { Name = o.StoreName, Value = o.Id }).ToArray();
+            var chosen = choices.FirstOrDefault(f => f.Value == defaultStore) ?? choices.FirstOrDefault();
+            Stores = new SelectList(choices, nameof(chosen.Value), nameof(chosen.Name), chosen);
+            SelectedStore = chosen.Value;
+        }
+
+        public SelectList Stores { get; set; }
+
+        [Display(Name = "App type")]
+        public string SelectedAppType { get; set; }
+
+        public SelectList AppTypes { get; set; }
+
+        void SetApps()
+        {
+            var defaultAppType = AppType.PointOfSale.ToString();
+            var choices = typeof(AppType).GetEnumNames().Select(o => new Format() { Name = o, Value = o }).ToArray();
+            var chosen = choices.FirstOrDefault(f => f.Value == defaultAppType) ?? choices.FirstOrDefault();
+            AppTypes = new SelectList(choices, nameof(chosen.Value), nameof(chosen.Name), chosen);
+            SelectedAppType = chosen.Value;
+        }
+
+    }
+}

BTCPayServer/Models/AppViewModels/ListAppsViewModel.cs

@@ -0,0 +1,24 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Models.AppViewModels
+{
+    public class ListAppsViewModel
+    {
+        public class ListAppViewModel
+        {
+            public string Id { get; set; }
+            public string StoreName { get; set; }
+            public string StoreId { get; set; }
+            public string AppName { get; set; }
+            public string AppType { get; set; }
+            public bool IsOwner { get; set; }
+            public string UpdateAction { get { return "Update" + AppType; } }
+            public string ViewAction { get { return "View" + AppType; } }
+        }
+
+        public ListAppViewModel[] Apps { get; set; }
+    }
+}

BTCPayServer/Models/AppViewModels/UpdatePointOfSaleViewModel.cs

@@ -0,0 +1,24 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Models.AppViewModels
+{
+    public class UpdatePointOfSaleViewModel
+    {
+        [Required]
+        [MaxLength(30)]
+        public string Title { get; set; }
+        [Required]
+        [MaxLength(5)]
+        public string Currency { get; set; }
+        [Required]
+        [MaxLength(5000)]
+        public string Template { get; set; }
+
+        [Display(Name = "User can input custom amount")]
+        public bool ShowCustomAmount { get; set; }
+    }
+}

BTCPayServer/Models/AppViewModels/ViewPointOfSaleViewModel.cs

@@ -0,0 +1,26 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Models.AppViewModels
+{
+    public class ViewPointOfSaleViewModel
+    {
+        public class Item
+        {
+            public class ItemPrice
+            {
+                public string Formatted { get; set; }
+                public decimal Value { get; set; }
+            }
+            public string Id { get; set; }
+            public ItemPrice Price { get; set; }
+            public string Title { get; set; }
+        }
+        public bool ShowCustomAmount { get; set; }
+        public string Step { get; set; }
+        public string Title { get; set; }
+        public Item[] Items { get; set; }
+    }
+}

BTCPayServer/Models/ConfirmModel.cs

@@ -19,5 +19,6 @@ namespace BTCPayServer.Models
         {
             get; set;
         }
+        public string ButtonClass { get; set; } = "btn-danger";
     }
 }

BTCPayServer/Models/InvoiceResponse.cs

@@ -42,7 +42,6 @@ namespace BTCPayServer.Models
     {
         //"url":"https://test.bitpay.com/invoice?id=9saCHtp1zyPcNoi3rDdBu8"
         [JsonProperty("url")]
-        [Obsolete("Use CryptoInfo.Url instead")]
         public string Url
         {
             get; set;

BTCPayServer/Models/InvoicingModels/InvoiceDetailsModel.cs

@@ -18,6 +18,7 @@ namespace BTCPayServer.Models.InvoicingModels
             public string Address { get; internal set; }
             public string Rate { get; internal set; }
             public string PaymentUrl { get; internal set; }
+            public string Overpaid { get; set; }
         }
         public class AddressModel
         {
@@ -27,7 +28,7 @@ namespace BTCPayServer.Models.InvoicingModels
         }
         public class Payment
         {
-            public string PaymentMethod { get; set; }
+            public string Crypto { get; set; }
             public string Confirmations
             {
                 get; set;
@@ -72,7 +73,13 @@ namespace BTCPayServer.Models.InvoicingModels
             get; set;
         } = new List<CryptoPayment>();
 
-        public List<Payment> Payments { get; set; } = new List<Payment>();
+        public List<Payment> OnChainPayments { get; set; } = new List<Payment>();
+        public List<OffChainPayment> OffChainPayments { get; set; } = new List<OffChainPayment>();
+        public class OffChainPayment
+        {
+            public string Crypto { get; set; }
+            public string BOLT11 { get; set; }
+        }
 
         public string Status
         {

BTCPayServer/Models/InvoicingModels/InvoicesModel.cs

@@ -49,6 +49,8 @@ namespace BTCPayServer.Models.InvoicingModels
         {
             get; set;
         }
+        public bool ShowCheckout { get; set; }
+        public string ExceptionStatus { get; set; }
         public string AmountCurrency
         {
             get; set;

BTCPayServer/Models/InvoicingModels/PaymentModel.cs

@@ -13,7 +13,9 @@ namespace BTCPayServer.Models.InvoicingModels
             public string CryptoImage { get; set; }
             public string Link { get; set; }
         }
-
+        public string HtmlTitle { get; set; }
+        public string CustomCSSLink { get; set; }
+        public string CustomLogoLink { get; set; }
         public string DefaultLang { get; set; }
         public List<AvailableCrypto> AvailableCryptos { get; set; } = new List<AvailableCrypto>();
         public bool IsLightning { get; set; }
@@ -23,6 +25,7 @@ namespace BTCPayServer.Models.InvoicingModels
         public string BtcAddress { get; set; }
         public string BtcDue { get; set; }
         public string CustomerEmail { get; set; }
+        public bool RequiresRefundEmail { get; set; }
         public int ExpirationSeconds { get; set; }
         public string Status { get; set; }
         public string MerchantRefLink { get; set; }
@@ -42,11 +45,13 @@ namespace BTCPayServer.Models.InvoicingModels
 
         public string OrderId { get; set; }
         public string CryptoImage { get; set; }
-        public string NetworkFeeDescription { get; internal set; }
+        public decimal NetworkFee { get; set; }
+        public bool IsMultiCurrency { get; set; }
         public int MaxTimeMinutes { get; internal set; }
         public string PaymentType { get; internal set; }
         public string PaymentMethodId { get; internal set; }
 
         public bool AllowCoinConversion { get; set; }
+        public string PeerInfo { get; set; }
     }
 }

BTCPayServer/Models/ServerViewModels/EmailsViewModel.cs

@@ -18,8 +18,7 @@ namespace BTCPayServer.Models.ServerViewModels
         {
             get; set;
         }
-
-        [Required]
+        
         [EmailAddress]
         public string TestEmail
         {

BTCPayServer/Models/ServerViewModels/RatesViewModel.cs

@@ -0,0 +1,20 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Services.Rates;
+
+namespace BTCPayServer.Models.ServerViewModels
+{
+    public class RatesViewModel
+    {
+        [Display(Name = "Bitcoin average api keys")]
+        public string PublicKey { get; set; }
+        public string PrivateKey { get; set; }
+        [Display(Name = "Cache the rates for ... minutes")]
+        [Range(0, 60)]
+        public int CacheMinutes { get; set; }
+        public GetRateLimitsResponse RateLimits { get; internal set; }
+    }
+}

BTCPayServer/Models/StoreViewModels/CheckoutExperienceViewModel.cs

@@ -0,0 +1,72 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Services;
+using Microsoft.AspNetCore.Mvc.Rendering;
+
+namespace BTCPayServer.Models.StoreViewModels
+{
+    public class CheckoutExperienceViewModel
+    {
+        class Format
+        {
+            public string Name { get; set; }
+            public string Value { get; set; }
+        }
+        public SelectList CryptoCurrencies { get; set; }
+        public SelectList Languages { get; set; }
+
+        [Display(Name = "Default crypto currency on checkout")]
+        public string DefaultCryptoCurrency { get; set; }
+        [Display(Name = "Default language on checkout")]
+        public string DefaultLang { get; set; }
+        [Display(Name = "Allow conversion through third party (Shapeshift, Changelly...)")]
+        public bool AllowCoinConversion
+        {
+            get; set;
+        }
+        [Display(Name = "Do not propose lightning payment if value of the invoice is above...")]
+        [MaxLength(20)]
+        public string LightningMaxValue { get; set; }
+
+        [Display(Name = "Requires a refund email")]
+        public bool RequiresRefundEmail
+        {
+            get; set;
+        }
+
+        [Display(Name = "Do not propose on chain payment if the value of the invoice is below...")]
+        [MaxLength(20)]
+        public string OnChainMinValue { get; set; }
+
+        [Display(Name = "Link to a custom CSS stylesheet")]
+        [Url]
+        public string CustomCSS { get; set; }
+        [Display(Name = "Link to a custom logo")]
+        [Url]
+        public string CustomLogo { get; set; }
+
+        [Display(Name = "Custom HTML title to display on Checkout page")]
+        public string HtmlTitle { get; set; }
+
+
+        public void SetCryptoCurrencies(ExplorerClientProvider explorerProvider, string defaultCrypto)
+        {
+            var choices = explorerProvider.GetAll().Select(o => new Format() { Name = o.Item1.CryptoCode, Value = o.Item1.CryptoCode }).ToArray();
+            var chosen = choices.FirstOrDefault(f => f.Value == defaultCrypto) ?? choices.FirstOrDefault();
+            CryptoCurrencies = new SelectList(choices, nameof(chosen.Value), nameof(chosen.Name), chosen);
+            DefaultCryptoCurrency = chosen.Name;
+        }
+
+        public void SetLanguages(LanguageService langService, string defaultLang)
+        {
+            defaultLang = defaultLang ?? "en-US";
+            var choices = langService.GetLanguages().Select(o => new Format() { Name = o.DisplayName, Value = o.Code }).ToArray();
+            var chosen = choices.FirstOrDefault(f => f.Value == defaultLang) ?? choices.FirstOrDefault();
+            Languages = new SelectList(choices, nameof(chosen.Value), nameof(chosen.Name), chosen);
+            DefaultLang = chosen.Value;
+        }
+    }
+}

BTCPayServer/Models/StoreViewModels/DerivationSchemeViewModel.cs

@@ -4,6 +4,7 @@ using System.ComponentModel.DataAnnotations;
 using System.Linq;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Mvc.Rendering;
+using NBitcoin;
 
 namespace BTCPayServer.Models.StoreViewModels
 {
@@ -29,5 +30,6 @@ namespace BTCPayServer.Models.StoreViewModels
 
         public string ServerUrl { get; set; }
         public string StatusMessage { get; internal set; }
+        public KeyPath RootKeyPath { get; set; }
     }
 }

BTCPayServer/Models/StoreViewModels/LightningNodeViewModel.cs

@@ -23,5 +23,6 @@ namespace BTCPayServer.Models.StoreViewModels
         }
         public string StatusMessage { get; set; }
         public string InternalLightningNode { get; internal set; }
+        public bool SkipPortTest { get; set; }
     }
 }

BTCPayServer/Models/StoreViewModels/RatesViewModel.cs

@@ -0,0 +1,66 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Rating;
+using BTCPayServer.Services.Rates;
+using Microsoft.AspNetCore.Mvc.Rendering;
+
+namespace BTCPayServer.Models.StoreViewModels
+{
+    public class RatesViewModel
+    {
+        public class TestResultViewModel
+        {
+            public string CurrencyPair { get; set; }
+            public string Rule { get; set; }
+            public bool Error { get; set; }
+        }
+        class Format
+        {
+            public string Name { get; set; }
+            public string Value { get; set; }
+        }
+        public void SetExchangeRates(CoinAverageExchange[] supportedList, string preferredExchange)
+        {
+            var defaultStore = preferredExchange ?? CoinAverageRateProvider.CoinAverageName;
+            var choices = supportedList.Select(o => new Format() { Name = o.Display, Value = o.Name }).ToArray();
+            var chosen = choices.FirstOrDefault(f => f.Value == defaultStore) ?? choices.FirstOrDefault();
+            Exchanges = new SelectList(choices, nameof(chosen.Value), nameof(chosen.Name), chosen);
+            PreferredExchange = chosen.Value;
+        }
+
+        public List<TestResultViewModel> TestRateRules { get; set; }
+
+        public SelectList Exchanges { get; set; }
+
+        public bool ShowScripting { get; set; }
+
+        [Display(Name = "Rate rules")]
+        [MaxLength(2000)]
+        public string Script { get; set; }
+        public string DefaultScript { get; set; }
+        public string ScriptTest { get; set; }
+        public CoinAverageExchange[] AvailableExchanges { get; set; }
+
+        [Display(Name = "Multiply the rate by ...")]
+        [Range(0.01, 10.0)]
+        public double RateMultiplier
+        {
+            get;
+            set;
+        }
+
+        [Display(Name = "Preferred price source (eg. bitfinex, bitstamp...)")]
+        public string PreferredExchange { get; set; }
+
+        public string RateSource
+        {
+            get
+            {
+                return PreferredExchange == CoinAverageRateProvider.CoinAverageName ? "https://apiv2.bitcoinaverage.com/indices/global/ticker/short" : $"https://apiv2.bitcoinaverage.com/exchanges/{PreferredExchange}";
+            }
+        }
+    }
+}

BTCPayServer/Models/StoreViewModels/StoreViewModel.cs

@@ -1,5 +1,6 @@
 using BTCPayServer.Services;
 using BTCPayServer.Services.Invoices;
+using BTCPayServer.Services.Rates;
 using BTCPayServer.Validations;
 using Microsoft.AspNetCore.Mvc.Rendering;
 using System;
@@ -17,11 +18,7 @@ namespace BTCPayServer.Models.StoreViewModels
             public string Crypto { get; set; }
             public string Value { get; set; }
         }
-        class Format
-        {
-            public string Name { get; set; }
-            public string Value { get; set; }
-        }
+
         public StoreViewModel()
         {
 
@@ -48,27 +45,8 @@ namespace BTCPayServer.Models.StoreViewModels
 
         public List<StoreViewModel.DerivationScheme> DerivationSchemes { get; set; } = new List<StoreViewModel.DerivationScheme>();
 
-        [Display(Name = "Preferred price source (eg. bitfinex, bitstamp...)")]
-        public string PreferredExchange { get; set; }
-
-        public string RateSource
-        {
-            get
-            {
-                return PreferredExchange.IsCoinAverage() ? "https://apiv2.bitcoinaverage.com/indices/global/ticker/short" : $"https://apiv2.bitcoinaverage.com/exchanges/{PreferredExchange}";
-            }
-        }
-
-        [Display(Name = "Multiply the original rate by ...")]
-        [Range(0.01, 10.0)]
-        public double RateMultiplier
-        {
-            get;
-            set;
-        }
-
         [Display(Name = "Invoice expires if the full amount has not been paid after ... minutes")]
-        [Range(1, 60 * 24 * 31)]
+        [Range(1, 60 * 24 * 24)]
         public int InvoiceExpiration
         {
             get;
@@ -76,18 +54,13 @@ namespace BTCPayServer.Models.StoreViewModels
         }
 
         [Display(Name = "Payment invalid if transactions fails to confirm ... minutes after invoice expiration")]
-        [Range(10, 60 * 24 * 31)]
+        [Range(10, 60 * 24 * 24)]
         public int MonitoringExpiration
         {
             get;
             set;
         }
 
-
-        [Display(Name = "Do not propose lightning payment if value of the invoice is above...")]
-        [MaxLength(20)]
-        public string LightningMaxValue { get; set; }
-
         [Display(Name = "Consider the invoice confirmed when the payment transaction...")]
         public SpeedPolicy SpeedPolicy
         {
@@ -100,23 +73,8 @@ namespace BTCPayServer.Models.StoreViewModels
             get; set;
         }
 
-        [Display(Name = "Allow conversion through third party (Shapeshift, Changelly...)")]
-        public bool AllowCoinConversion
-        {
-            get; set;
-        }
-
-        public string StatusMessage
-        {
-            get; set;
-        }
-        public SelectList CryptoCurrencies { get; set; }
-        public SelectList Languages { get; set; }
-
-        [Display(Name = "Default crypto currency on checkout")]
-        public string DefaultCryptoCurrency { get; set; }
-        [Display(Name = "Default language on checkout")]
-        public string DefaultLang { get; set; }
+        [Display(Name = "Description template of the lightning invoice")]
+        public string LightningDescriptionTemplate { get; set; }
 
         public class LightningNode
         {
@@ -128,21 +86,12 @@ namespace BTCPayServer.Models.StoreViewModels
             get; set;
         } = new List<LightningNode>();
 
-        public void SetCryptoCurrencies(ExplorerClientProvider explorerProvider, string defaultCrypto)
+        [Display(Name = "Consider the invoice paid even if the paid amount is ... % less than expected")]
+        [Range(0, 100)]
+        public double PaymentTolerance
         {
-            var choices = explorerProvider.GetAll().Select(o => new Format() { Name = o.Item1.CryptoCode, Value = o.Item1.CryptoCode }).ToArray();
-            var chosen = choices.FirstOrDefault(f => f.Value == defaultCrypto) ?? choices.FirstOrDefault();
-            CryptoCurrencies = new SelectList(choices, nameof(chosen.Value), nameof(chosen.Name), chosen);
-            DefaultCryptoCurrency = chosen.Name;
-        }
-
-        public void SetLanguages(LanguageService langService, string defaultLang)
-        {
-            defaultLang = defaultLang ?? "en-US";
-            var choices = langService.GetLanguages().Select(o => new Format() { Name = o.DisplayName, Value = o.Code }).ToArray();
-            var chosen = choices.FirstOrDefault(f => f.Value == defaultLang) ?? choices.FirstOrDefault();
-            Languages = new SelectList(choices, nameof(chosen.Value), nameof(chosen.Name), chosen);
-            DefaultLang = chosen.Value;
+            get;
+            set;
         }
     }
 }

BTCPayServer/Models/StoreViewModels/TokensViewModel.cs

@@ -68,5 +68,9 @@ namespace BTCPayServer.Models.StoreViewModels
             get;
             set;
         }
+
+        [Display(Name = "API Key")]
+        public string ApiKey { get; set; }
+        public string EncodedApiKey { get; set; }
     }
 }

BTCPayServer/MultiValueDictionary.cs

@@ -1111,4 +1111,17 @@ namespace BTCPayServer
             #endregion
         }
     }
+
+    public static class MultiValueDictionaryExtensions
+    {
+        public static MultiValueDictionary<TKey, TValue> ToMultiValueDictionary<TInput, TKey, TValue>(this IEnumerable<TInput> collection, Func<TInput, TKey> keySelector, Func<TInput, TValue> valueSelector)
+        {
+            var dictionary = new MultiValueDictionary<TKey, TValue>();
+            foreach(var item in collection)
+            {
+                dictionary.Add(keySelector(item), valueSelector(item));
+            }
+            return dictionary;
+        }
+    }
 }

BTCPayServer/Payments/Bitcoin/BitcoinLikePaymentHandler.cs

@@ -27,8 +27,10 @@ namespace BTCPayServer.Payments.Bitcoin
             _WalletProvider = walletProvider;
         }
 
-        public override async Task<IPaymentMethodDetails> CreatePaymentMethodDetails(DerivationStrategy supportedPaymentMethod, PaymentMethod paymentMethod, BTCPayNetwork network)
+        public override async Task<IPaymentMethodDetails> CreatePaymentMethodDetails(DerivationStrategy supportedPaymentMethod, PaymentMethod paymentMethod, StoreData store, BTCPayNetwork network)
         {
+            if (!_ExplorerProvider.IsAvailable(network))
+                throw new PaymentMethodUnavailableException($"Full node not available");
             var getFeeRate = _FeeRateProviderFactory.CreateFeeProvider(network).GetFeeRateAsync();
             var getAddress = _WalletProvider.GetWallet(network).ReserveAddressAsync(supportedPaymentMethod.DerivationStrategyBase);
             Payments.Bitcoin.BitcoinLikeOnChainPaymentMethod onchainMethod = new Payments.Bitcoin.BitcoinLikeOnChainPaymentMethod();
@@ -37,10 +39,5 @@ namespace BTCPayServer.Payments.Bitcoin
             onchainMethod.DepositAddress = (await getAddress).ToString();
             return onchainMethod;
         }
-
-        public override Task<bool> IsAvailable(DerivationStrategy supportedPaymentMethod, BTCPayNetwork network)
-        {
-            return Task.FromResult(_ExplorerProvider.IsAvailable(network));
-        }
     }
 }

BTCPayServer/Payments/IPaymentMethodHandler.cs

@@ -2,6 +2,7 @@
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
+using BTCPayServer.Data;
 using BTCPayServer.Services.Invoices;
 
 namespace BTCPayServer.Payments
@@ -11,52 +12,33 @@ namespace BTCPayServer.Payments
     /// </summary>
     public interface IPaymentMethodHandler
     {
-        /// <summary>
-        /// Returns true if the dependencies for a specific payment method are satisfied. 
-        /// </summary>
-        /// <param name="supportedPaymentMethod"></param>
-        /// <param name="network"></param>
-        /// <returns>true if this payment method is available</returns>
-        Task<bool> IsAvailable(ISupportedPaymentMethod supportedPaymentMethod, BTCPayNetwork network);
-
         /// <summary>
         /// Create needed to track payments of this invoice
         /// </summary>
         /// <param name="supportedPaymentMethod"></param>
         /// <param name="paymentMethod"></param>
+        /// <param name="store"></param>
         /// <param name="network"></param>
         /// <returns></returns>
-        Task<IPaymentMethodDetails> CreatePaymentMethodDetails(ISupportedPaymentMethod supportedPaymentMethod, PaymentMethod paymentMethod, BTCPayNetwork network);
+        Task<IPaymentMethodDetails> CreatePaymentMethodDetails(ISupportedPaymentMethod supportedPaymentMethod, PaymentMethod paymentMethod, StoreData store, BTCPayNetwork network);
     }
 
     public interface IPaymentMethodHandler<T> : IPaymentMethodHandler where T : ISupportedPaymentMethod
     {
-        Task<bool> IsAvailable(T supportedPaymentMethod, BTCPayNetwork network);
-        Task<IPaymentMethodDetails> CreatePaymentMethodDetails(T supportedPaymentMethod, PaymentMethod paymentMethod, BTCPayNetwork network);
+        Task<IPaymentMethodDetails> CreatePaymentMethodDetails(T supportedPaymentMethod, PaymentMethod paymentMethod, StoreData store, BTCPayNetwork network);
     }
 
     public abstract class PaymentMethodHandlerBase<T> : IPaymentMethodHandler<T> where T : ISupportedPaymentMethod
     {
-        public abstract Task<IPaymentMethodDetails> CreatePaymentMethodDetails(T supportedPaymentMethod, PaymentMethod paymentMethod, BTCPayNetwork network);
+        public abstract Task<IPaymentMethodDetails> CreatePaymentMethodDetails(T supportedPaymentMethod, PaymentMethod paymentMethod, StoreData store, BTCPayNetwork network);
 
-        Task<IPaymentMethodDetails> IPaymentMethodHandler.CreatePaymentMethodDetails(ISupportedPaymentMethod supportedPaymentMethod, PaymentMethod paymentMethod, BTCPayNetwork network)
+        Task<IPaymentMethodDetails> IPaymentMethodHandler.CreatePaymentMethodDetails(ISupportedPaymentMethod supportedPaymentMethod, PaymentMethod paymentMethod, StoreData store, BTCPayNetwork network)
         {
             if (supportedPaymentMethod is T method)
             {
-                return CreatePaymentMethodDetails(method, paymentMethod, network);
+                return CreatePaymentMethodDetails(method, paymentMethod, store, network);
             }
             throw new NotSupportedException("Invalid supportedPaymentMethod");
         }
-
-        public abstract Task<bool> IsAvailable(T supportedPaymentMethod, BTCPayNetwork network);
-
-        Task<bool> IPaymentMethodHandler.IsAvailable(ISupportedPaymentMethod supportedPaymentMethod, BTCPayNetwork network)
-        {
-            if(supportedPaymentMethod is T method)
-            { 
-                return IsAvailable(method, network);
-            }
-            return Task.FromResult(false);
-        }
     }
 }

BTCPayServer/Payments/Lightning/CLightning/CLightningInvoice.cs

@@ -7,7 +7,7 @@ using Newtonsoft.Json;
 
 namespace BTCPayServer.Payments.Lightning.CLightning
 {
-    public class CreateInvoiceResponse
+    public class CLightningInvoice
     {
         [JsonConverter(typeof(NBitcoin.JsonConverters.UInt256JsonConverter))]
         [JsonProperty("payment_hash")]

BTCPayServer/Payments/Lightning/CLightning/CLightningRPCClient.cs

@@ -7,7 +7,6 @@ using System.Net.Sockets;
 using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
-using BTCPayServer.Payments.Lightning.Charge;
 using Mono.Unix;
 using NBitcoin;
 using NBitcoin.RPC;
@@ -42,9 +41,9 @@ namespace BTCPayServer.Payments.Lightning.CLightning
             Network = network;
         }
 
-        public Task<GetInfoResponse> GetInfoAsync(CancellationToken cancellation = default(CancellationToken))
+        public Task<Charge.GetInfoResponse> GetInfoAsync(CancellationToken cancellation = default(CancellationToken))
         {
-            return SendCommandAsync<GetInfoResponse>("getinfo", cancellation: cancellation);
+            return SendCommandAsync<Charge.GetInfoResponse>("getinfo", cancellation: cancellation);
         }
 
         public Task SendAsync(string bolt11)
@@ -168,24 +167,24 @@ namespace BTCPayServer.Payments.Lightning.CLightning
 
         async Task<LightningInvoice> ILightningInvoiceClient.GetInvoice(string invoiceId, CancellationToken cancellation)
         {
-            var invoices = await SendCommandAsync<ChargeInvoice[]>("listinvoices", new[] { invoiceId }, false, true, cancellation);
+            var invoices = await SendCommandAsync<CLightningInvoice[]>("listinvoices", new[] { invoiceId }, false, true, cancellation);
             if (invoices.Length == 0)
                 return null;
-            return ChargeClient.ToLightningInvoice(invoices[0]);
+            return ToLightningInvoice(invoices[0]);
         }
 
         static NBitcoin.DataEncoders.DataEncoder InvoiceIdEncoder = NBitcoin.DataEncoders.Encoders.Base58;
-        async Task<LightningInvoice> ILightningInvoiceClient.CreateInvoice(LightMoney amount, TimeSpan expiry, CancellationToken cancellation)
+        async Task<LightningInvoice> ILightningInvoiceClient.CreateInvoice(LightMoney amount, string description, TimeSpan expiry, CancellationToken cancellation)
         {
             var id = InvoiceIdEncoder.EncodeData(RandomUtils.GetBytes(20));
-            var invoice = await SendCommandAsync<CreateInvoiceResponse>("invoice", new object[] { amount.MilliSatoshi, id, "" }, cancellation: cancellation);
+            var invoice = await SendCommandAsync<CLightningInvoice>("invoice", new object[] { amount.MilliSatoshi, id, description ?? "", Math.Max(0,  (int)expiry.TotalSeconds) }, cancellation: cancellation);
             invoice.Label = id;
             invoice.MilliSatoshi = amount;
             invoice.Status = "unpaid";
             return ToLightningInvoice(invoice);
         }
 
-        private static LightningInvoice ToLightningInvoice(CreateInvoiceResponse invoice)
+        private static LightningInvoice ToLightningInvoice(CLightningInvoice invoice)
         {
             return new LightningInvoice()
             {
@@ -204,9 +203,9 @@ namespace BTCPayServer.Payments.Lightning.CLightning
         long lastInvoiceIndex = 99999999999;
         async Task<LightningInvoice> ILightningListenInvoiceSession.WaitInvoice(CancellationToken cancellation)
         {
-            var chargeInvoice = await SendCommandAsync<CreateInvoiceResponse>("waitanyinvoice", new object[] { lastInvoiceIndex }, cancellation: cancellation);
-            lastInvoiceIndex = chargeInvoice.PayIndex.Value;
-            return ToLightningInvoice(chargeInvoice);
+            var invoice = await SendCommandAsync<CLightningInvoice>("waitanyinvoice", new object[] { lastInvoiceIndex }, cancellation: cancellation);
+            lastInvoiceIndex = invoice.PayIndex.Value;
+            return ToLightningInvoice(invoice);
         }
 
         async Task<LightningNodeInformation> ILightningInvoiceClient.GetInfo(CancellationToken cancellation)

BTCPayServer/Payments/Lightning/Charge/ChargeClient.cs

@@ -48,8 +48,10 @@ namespace BTCPayServer.Payments.Lightning.Charge
         {
             var message = CreateMessage(HttpMethod.Post, "invoice");
             Dictionary<string, string> parameters = new Dictionary<string, string>();
-            parameters.Add("msatoshi", request.Amont.MilliSatoshi.ToString(CultureInfo.InvariantCulture));
+            parameters.Add("msatoshi", request.Amount.MilliSatoshi.ToString(CultureInfo.InvariantCulture));
             parameters.Add("expiry", ((int)request.Expiry.TotalSeconds).ToString(CultureInfo.InvariantCulture));
+            if(request.Description != null)
+                parameters.Add("description", request.Description);
             message.Content = new FormUrlEncodedContent(parameters);
             var result = await _Client.SendAsync(message, cancellation);
             result.EnsureSuccessStatusCode();
@@ -130,6 +132,8 @@ namespace BTCPayServer.Payments.Lightning.Charge
         async Task<LightningInvoice> ILightningInvoiceClient.GetInvoice(string invoiceId, CancellationToken cancellation)
         {
             var invoice = await GetInvoice(invoiceId, cancellation);
+            if (invoice == null)
+                return null;
             return ChargeClient.ToLightningInvoice(invoice);
         }
 
@@ -150,9 +154,9 @@ namespace BTCPayServer.Payments.Lightning.Charge
             };
         }
 
-        async Task<LightningInvoice> ILightningInvoiceClient.CreateInvoice(LightMoney amount, TimeSpan expiry, CancellationToken cancellation)
+        async Task<LightningInvoice> ILightningInvoiceClient.CreateInvoice(LightMoney amount, string description, TimeSpan expiry, CancellationToken cancellation)
         {
-            var invoice = await CreateInvoiceAsync(new CreateInvoiceRequest() { Amont = amount, Expiry = expiry });
+            var invoice = await CreateInvoiceAsync(new CreateInvoiceRequest() { Amount = amount, Expiry = expiry, Description = description ?? "" });
             return new LightningInvoice() { Id = invoice.Id, Amount = amount, BOLT11 = invoice.PayReq, Status = "unpaid" };
         }
 

BTCPayServer/Payments/Lightning/Charge/CreateInvoiceRequest.cs

@@ -7,7 +7,8 @@ namespace BTCPayServer.Payments.Lightning.Charge
 {
     public class CreateInvoiceRequest
     {
-        public LightMoney Amont { get; set; }
+        public LightMoney Amount { get; set; }
         public TimeSpan Expiry { get; set; }
+        public string Description { get; set; }
     }
 }

BTCPayServer/Payments/Lightning/ILightningInvoiceClient.cs

@@ -29,7 +29,7 @@ namespace BTCPayServer.Payments.Lightning
     public interface ILightningInvoiceClient
     {
         Task<LightningInvoice> GetInvoice(string invoiceId, CancellationToken cancellation = default(CancellationToken));
-        Task<LightningInvoice> CreateInvoice(LightMoney amount, TimeSpan expiry, CancellationToken cancellation = default(CancellationToken));
+        Task<LightningInvoice> CreateInvoice(LightMoney amount, string description, TimeSpan expiry, CancellationToken cancellation = default(CancellationToken));
         Task<ILightningListenInvoiceSession> Listen(CancellationToken cancellation = default(CancellationToken));
         Task<LightningNodeInformation> GetInfo(CancellationToken cancellation = default(CancellationToken));
     }

BTCPayServer/Payments/Lightning/LightningLikePaymentHandler.cs

@@ -5,6 +5,7 @@ using System.Net;
 using System.Net.Sockets;
 using System.Threading;
 using System.Threading.Tasks;
+using BTCPayServer.Data;
 using BTCPayServer.HostedServices;
 using BTCPayServer.Payments.Lightning.Charge;
 using BTCPayServer.Payments.Lightning.CLightning;
@@ -23,42 +24,44 @@ namespace BTCPayServer.Payments.Lightning
             _LightningClientFactory = lightningClientFactory;
             _Dashboard = dashboard;
         }
-        public override async Task<IPaymentMethodDetails> CreatePaymentMethodDetails(LightningSupportedPaymentMethod supportedPaymentMethod, PaymentMethod paymentMethod, BTCPayNetwork network)
+        public override async Task<IPaymentMethodDetails> CreatePaymentMethodDetails(LightningSupportedPaymentMethod supportedPaymentMethod, PaymentMethod paymentMethod, StoreData store, BTCPayNetwork network)
         {
+            var storeBlob = store.GetStoreBlob();
+            var test = Test(supportedPaymentMethod, network);
             var invoice = paymentMethod.ParentEntity;
             var due = Extensions.RoundUp(invoice.ProductInformation.Price / paymentMethod.Rate, 8);
             var client = _LightningClientFactory.CreateClient(supportedPaymentMethod, network);
             var expiry = invoice.ExpirationTime - DateTimeOffset.UtcNow;
             if (expiry < TimeSpan.Zero)
                 expiry = TimeSpan.FromSeconds(1);
-            var lightningInvoice = await client.CreateInvoice(new LightMoney(due, LightMoneyUnit.BTC), expiry);
+
+            LightningInvoice lightningInvoice = null;
+            try
+            {
+                string description = storeBlob.LightningDescriptionTemplate;
+                description = description.Replace("{StoreName}", store.StoreName ?? "", StringComparison.OrdinalIgnoreCase)
+                                         .Replace("{ItemDescription}", invoice.ProductInformation.ItemDesc ?? "", StringComparison.OrdinalIgnoreCase)
+                                         .Replace("{OrderId}", invoice.OrderId ?? "", StringComparison.OrdinalIgnoreCase);
+                lightningInvoice = await client.CreateInvoice(new LightMoney(due, LightMoneyUnit.BTC), description, expiry);
+            }
+            catch (Exception ex)
+            {
+                throw new PaymentMethodUnavailableException($"Impossible to create lightning invoice ({ex.Message})", ex);
+            }
+            var nodeInfo = await test;
             return new LightningLikePaymentMethodDetails()
             {
                 BOLT11 = lightningInvoice.BOLT11,
-                InvoiceId = lightningInvoice.Id
+                InvoiceId = lightningInvoice.Id,
+                NodeInfo = nodeInfo.ToString()
             };
         }
 
-        public async override Task<bool> IsAvailable(LightningSupportedPaymentMethod supportedPaymentMethod, BTCPayNetwork network)
-        {
-            try
-            {
-                await Test(supportedPaymentMethod, network);
-                return true;
-            }
-            catch { return false; }
-        }
-
-        /// <summary>
-        /// Used for testing
-        /// </summary>
-        public bool SkipP2PTest { get; set; }
-
         public async Task<NodeInfo> Test(LightningSupportedPaymentMethod supportedPaymentMethod, BTCPayNetwork network)
         {
             if (!_Dashboard.IsFullySynched(network.CryptoCode, out var summary))
-                throw new Exception($"Full node not available");
-            
+                throw new PaymentMethodUnavailableException($"Full node not available");
+
             var cts = new CancellationTokenSource(5000);
             var client = _LightningClientFactory.CreateClient(supportedPaymentMethod, network);
             LightningNodeInformation info = null;
@@ -68,64 +71,53 @@ namespace BTCPayServer.Payments.Lightning
             }
             catch (OperationCanceledException) when (cts.IsCancellationRequested)
             {
-                throw new Exception($"The lightning node did not replied in a timely maner");
+                throw new PaymentMethodUnavailableException($"The lightning node did not replied in a timely maner");
             }
             catch (Exception ex)
             {
-                throw new Exception($"Error while connecting to the API ({ex.Message})");
+                throw new PaymentMethodUnavailableException($"Error while connecting to the API ({ex.Message})");
             }
 
-            if(info.Address == null)
+            if (info.Address == null)
             {
-                throw new Exception($"No lightning node public address has been configured");
+                throw new PaymentMethodUnavailableException($"No lightning node public address has been configured");
             }
 
             var blocksGap = Math.Abs(info.BlockHeight - summary.Status.ChainHeight);
             if (blocksGap > 10)
             {
-                throw new Exception($"The lightning is not synched ({blocksGap} blocks)");
+                throw new PaymentMethodUnavailableException($"The lightning is not synched ({blocksGap} blocks)");
             }
 
-            try
-            {
-                if(!SkipP2PTest)
-                    await TestConnection(info.Address, info.P2PPort, cts.Token);
-            }
-            catch (Exception ex)
-            {
-                throw new Exception($"Error while connecting to the lightning node via {info.Address}:{info.P2PPort} ({ex.Message})");
-            }
             return new NodeInfo(info.NodeId, info.Address, info.P2PPort);
         }
 
-        private async Task<bool> TestConnection(string addressStr, int port, CancellationToken cancellation)
+        public async Task TestConnection(NodeInfo nodeInfo, CancellationToken cancellation)
         {
-            IPAddress address = null;
             try
             {
-                address = IPAddress.Parse(addressStr);
-            }
-            catch
-            {
+                IPAddress address = null;
                 try
                 {
-                    address = (await Dns.GetHostAddressesAsync(addressStr)).FirstOrDefault();
+                    address = IPAddress.Parse(nodeInfo.Host);
                 }
-                catch { }
-            }
-
-            if (address == null)
-                throw new Exception($"DNS did not resolved {addressStr}");
-
-            using (var tcp = new Socket(address.AddressFamily, SocketType.Stream, ProtocolType.Tcp))
-            {
-                try
+                catch
                 {
-                    await WithTimeout(tcp.ConnectAsync(new IPEndPoint(address, port)), cancellation);
+                    address = (await Dns.GetHostAddressesAsync(nodeInfo.Host)).FirstOrDefault();
+                }
+
+                if (address == null)
+                    throw new PaymentMethodUnavailableException($"DNS did not resolved {nodeInfo.Host}");
+
+                using (var tcp = new Socket(address.AddressFamily, SocketType.Stream, ProtocolType.Tcp))
+                {
+                    await WithTimeout(tcp.ConnectAsync(new IPEndPoint(address, nodeInfo.Port)), cancellation);
                 }
-                catch { return false; }
             }
-            return true;
+            catch (Exception ex)
+            {
+                throw new PaymentMethodUnavailableException($"Error while connecting to the lightning node via {nodeInfo.Host}:{nodeInfo.Port} ({ex.Message})");
+            }
         }
 
         static Task WithTimeout(Task task, CancellationToken token)

BTCPayServer/Payments/Lightning/LightningLikePaymentMethodDetails.cs

@@ -9,6 +9,7 @@ namespace BTCPayServer.Payments.Lightning
     {
         public string BOLT11 { get; set; }
         public string InvoiceId { get; set; }
+        public string NodeInfo { get; set; }
 
         public string GetPaymentDestination()
         {

BTCPayServer/Payments/Lightning/LightningListener.cs

@@ -52,9 +52,20 @@ namespace BTCPayServer.Payments.Lightning
 
             _ListenPoller = new Timer(async s =>
             {
-                await Task.WhenAll((await _InvoiceRepository.GetPendingInvoices())
-                .Select(async invoiceId => await EnsureListening(invoiceId, true))
-                .ToArray());
+                try
+                {
+                    await Task.WhenAll((await _InvoiceRepository.GetPendingInvoices())
+                    .Select(async invoiceId => await EnsureListening(invoiceId, true))
+                    .ToArray());
+                }
+                catch (AggregateException ex)
+                {
+                    Logs.PayServer.LogError(ex.InnerException ?? ex.InnerExceptions.FirstOrDefault(), $"Lightning: Uncaught error");
+                }
+                catch (Exception ex)
+                {
+                    Logs.PayServer.LogError(ex, $"Lightning: Uncaught error");
+                }
             }, null, 0, (int)PollInterval.TotalMilliseconds);
             leases.Add(_ListenPoller);
             return Task.CompletedTask;
@@ -90,7 +101,16 @@ namespace BTCPayServer.Payments.Lightning
                 if (poll)
                 {
                     var charge = _LightningClientFactory.CreateClient(lightningSupportedMethod, network);
-                    var chargeInvoice = await charge.GetInvoice(lightningMethod.InvoiceId);
+                    LightningInvoice chargeInvoice = null;
+                    try
+                    {
+                        chargeInvoice = await charge.GetInvoice(lightningMethod.InvoiceId);
+                    }
+                    catch(Exception ex)
+                    {
+                        Logs.PayServer.LogError(ex, $"{lightningSupportedMethod.CryptoCode} (Lightning): Can't connect to the lightning server");
+                        continue;
+                    }
                     if (chargeInvoice == null)
                         continue;
                     if (chargeInvoice.Status == "paid")

BTCPayServer/Payments/PaymentMethodUnavailableException.cs

@@ -0,0 +1,19 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Payments
+{
+    public class PaymentMethodUnavailableException : Exception
+    {
+        public PaymentMethodUnavailableException(string message) : base(message)
+        {
+
+        }
+        public PaymentMethodUnavailableException(string message, Exception inner) : base(message, inner)
+        {
+
+        }
+    }
+}

BTCPayServer/Rating/CurrencyPair.cs

@@ -0,0 +1,104 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Rating
+{
+    public class CurrencyPair
+    {
+        static readonly BTCPayNetworkProvider _NetworkProvider = new BTCPayNetworkProvider(NBitcoin.NetworkType.Mainnet);
+        public CurrencyPair(string left, string right)
+        {
+            if (right == null)
+                throw new ArgumentNullException(nameof(right));
+            if (left == null)
+                throw new ArgumentNullException(nameof(left));
+            Right = right.ToUpperInvariant();
+            Left = left.ToUpperInvariant();
+        }
+        public string Left { get; private set; }
+        public string Right { get; private set; }
+
+        public static CurrencyPair Parse(string str)
+        {
+            if (!TryParse(str, out var result))
+                throw new FormatException("Invalid currency pair");
+            return result;
+        }
+        public static bool TryParse(string str, out CurrencyPair value)
+        {
+            if (str == null)
+                throw new ArgumentNullException(nameof(str));
+            value = null;
+            str = str.Trim();
+            if (str.Length > 12)
+                return false;
+            var splitted = str.Split(new[] { '_', '-' }, StringSplitOptions.RemoveEmptyEntries);
+            if (splitted.Length == 2)
+            {
+                value = new CurrencyPair(splitted[0], splitted[1]);
+                return true;
+            }
+            else if (splitted.Length == 1)
+            {
+                var currencyPair = splitted[0];
+                if (currencyPair.Length < 6 || currencyPair.Length > 10)
+                    return false;
+                if (currencyPair.Length == 6)
+                { 
+                    value = new CurrencyPair(currencyPair.Substring(0,3), currencyPair.Substring(3, 3));
+                    return true;
+                }
+                for (int i = 3; i < 5; i++)
+                {
+                    var potentialCryptoName = currencyPair.Substring(0, i);
+                    var network = _NetworkProvider.GetNetwork(potentialCryptoName);
+                    if (network != null)
+                    {
+                        value = new CurrencyPair(network.CryptoCode, currencyPair.Substring(i));
+                        return true;
+                    }
+                }
+            }
+
+            return false;
+        }
+
+
+        public override bool Equals(object obj)
+        {
+            CurrencyPair item = obj as CurrencyPair;
+            if (item == null)
+                return false;
+            return ToString().Equals(item.ToString(), StringComparison.OrdinalIgnoreCase);
+        }
+        public static bool operator ==(CurrencyPair a, CurrencyPair b)
+        {
+            if (System.Object.ReferenceEquals(a, b))
+                return true;
+            if (((object)a == null) || ((object)b == null))
+                return false;
+            return a.ToString() == b.ToString();
+        }
+
+        public static bool operator !=(CurrencyPair a, CurrencyPair b)
+        {
+            return !(a == b);
+        }
+
+        public override int GetHashCode()
+        {
+            return ToString().GetHashCode(StringComparison.OrdinalIgnoreCase);
+        }
+        public override string ToString()
+        {
+            return $"{Left}_{Right}";
+        }
+
+        public CurrencyPair Inverse()
+        {
+            return new CurrencyPair(Right, Left);
+        }
+    }
+}

BTCPayServer/Rating/ExchangeRates.cs

@@ -0,0 +1,96 @@
+using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Globalization;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Rating
+{
+    public class ExchangeRates : IEnumerable<ExchangeRate>
+    {
+        Dictionary<string, ExchangeRate> _AllRates = new Dictionary<string, ExchangeRate>();
+        public ExchangeRates()
+        {
+
+        }
+        public ExchangeRates(IEnumerable<ExchangeRate> rates)
+        {
+            foreach (var rate in rates)
+            {
+                Add(rate);
+            }
+        }
+        List<ExchangeRate> _Rates = new List<ExchangeRate>();
+        public MultiValueDictionary<string, ExchangeRate> ByExchange
+        {
+            get;
+            private set;
+        } = new MultiValueDictionary<string, ExchangeRate>();
+
+        public void Add(ExchangeRate rate)
+        {
+            // 1 DOGE is always 1 DOGE
+            if (rate.CurrencyPair.Left == rate.CurrencyPair.Right)
+                return;
+            var key = $"({rate.Exchange}) {rate.CurrencyPair}";
+            if (_AllRates.TryAdd(key, rate))
+            {
+                _Rates.Add(rate);
+                ByExchange.Add(rate.Exchange, rate);
+            }
+            else
+            {
+                if (rate.Value.HasValue)
+                {
+                    _AllRates[key].Value = rate.Value;
+                }
+            }
+        }
+
+        public IEnumerator<ExchangeRate> GetEnumerator()
+        {
+            return _Rates.GetEnumerator();
+        }
+
+        IEnumerator IEnumerable.GetEnumerator()
+        {
+            return GetEnumerator();
+        }
+
+        public void SetRate(string exchangeName, CurrencyPair currencyPair, decimal value)
+        {
+            if (ByExchange.TryGetValue(exchangeName, out var rates))
+            {
+                var rate = rates.FirstOrDefault(r => r.CurrencyPair == currencyPair);
+                if (rate != null)
+                    rate.Value = value;
+            }
+        }
+        public decimal? GetRate(string exchangeName, CurrencyPair currencyPair)
+        {
+            if (currencyPair.Left == currencyPair.Right)
+                return 1.0m;
+            if (ByExchange.TryGetValue(exchangeName, out var rates))
+            {
+                var rate = rates.FirstOrDefault(r => r.CurrencyPair == currencyPair);
+                if (rate != null)
+                    return rate.Value;
+            }
+            return null;
+        }
+    }
+    public class ExchangeRate
+    {
+        public string Exchange { get; set; }
+        public CurrencyPair CurrencyPair { get; set; }
+        public decimal? Value { get; set; }
+
+        public override string ToString()
+        {
+            if (Value == null)
+                return $"{Exchange}({CurrencyPair})";
+            return $"{Exchange}({CurrencyPair}) == {Value.Value.ToString(CultureInfo.InvariantCulture)}";
+        }
+    }
+}

BTCPayServer/Rating/RateRules.cs

@@ -0,0 +1,503 @@
+using System;
+using System.Collections.Generic;
+using System.Globalization;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.CodeAnalysis;
+using Microsoft.CodeAnalysis.CSharp;
+using Microsoft.CodeAnalysis.CSharp.Syntax;
+
+namespace BTCPayServer.Rating
+{
+    public enum RateRulesErrors
+    {
+        Ok,
+        TooMuchNestedCalls,
+        InvalidCurrencyIdentifier,
+        NestedInvocation,
+        UnsupportedOperator,
+        MissingArgument,
+        DivideByZero,
+        PreprocessError,
+        RateUnavailable,
+        InvalidExchangeName,
+    }
+    public class RateRules
+    {
+        class NormalizeCurrencyPairsRewritter : CSharpSyntaxRewriter
+        {
+            public List<RateRulesErrors> Errors = new List<RateRulesErrors>();
+
+            bool IsInvocation;
+            public override SyntaxNode VisitInvocationExpression(InvocationExpressionSyntax node)
+            {
+                if (IsInvocation)
+                {
+                    Errors.Add(RateRulesErrors.NestedInvocation);
+                    return base.VisitInvocationExpression(node);
+                }
+                if (node.Expression is IdentifierNameSyntax id)
+                {
+                    IsInvocation = true;
+                    var arglist = (ArgumentListSyntax)this.Visit(node.ArgumentList);
+                    IsInvocation = false;
+                    return SyntaxFactory.InvocationExpression(SyntaxFactory.IdentifierName(id.Identifier.ValueText.ToLowerInvariant()), arglist)
+                                        .WithTriviaFrom(id);
+                }
+                else
+                {
+                    Errors.Add(RateRulesErrors.InvalidExchangeName);
+                    return node;
+                }
+            }
+            public override SyntaxNode VisitIdentifierName(IdentifierNameSyntax node)
+            {
+                if (CurrencyPair.TryParse(node.Identifier.ValueText, out var currencyPair))
+                {
+                    return SyntaxFactory.IdentifierName(currencyPair.ToString())
+                                        .WithTriviaFrom(node);
+                }
+                else
+                {
+                    Errors.Add(RateRulesErrors.InvalidCurrencyIdentifier);
+                    return base.VisitIdentifierName(node);
+                }
+            }
+        }
+        class RuleList : CSharpSyntaxWalker
+        {
+            public Dictionary<CurrencyPair, (ExpressionSyntax Expression, SyntaxNode Trivia)> ExpressionsByPair = new Dictionary<CurrencyPair, (ExpressionSyntax Expression, SyntaxNode Trivia)>();
+            public override void VisitAssignmentExpression(AssignmentExpressionSyntax node)
+            {
+                if (node.Kind() == SyntaxKind.SimpleAssignmentExpression
+                    && node.Left is IdentifierNameSyntax id
+                    && node.Right is ExpressionSyntax expression)
+                {
+                    if (CurrencyPair.TryParse(id.Identifier.ValueText, out var currencyPair))
+                    {
+                        expression = expression.WithTriviaFrom(expression);
+                        ExpressionsByPair.Add(currencyPair, (expression, id));
+                    }
+                }
+                base.VisitAssignmentExpression(node);
+            }
+
+            public SyntaxNode GetSyntaxNode()
+            {
+                return SyntaxFactory.Block(
+                        ExpressionsByPair.Select(e =>
+                                SyntaxFactory.ExpressionStatement(
+                                    SyntaxFactory.AssignmentExpression(SyntaxKind.SimpleAssignmentExpression,
+                                            SyntaxFactory.IdentifierName(e.Key.ToString()).WithTriviaFrom(e.Value.Trivia),
+                                            e.Value.Expression)
+                                    ))
+                    );
+            }
+        }
+
+        SyntaxNode root;
+        RuleList ruleList;
+
+        public decimal GlobalMultiplier { get; set; } = 1.0m;
+
+        RateRules(SyntaxNode root)
+        {
+            ruleList = new RuleList();
+            ruleList.Visit(root);
+            // Remove every irrelevant statements
+            this.root = ruleList.GetSyntaxNode();
+        }
+        public static bool TryParse(string str, out RateRules rules)
+        {
+            return TryParse(str, out rules, out var unused);
+        }
+        public static bool TryParse(string str, out RateRules rules, out List<RateRulesErrors> errors)
+        {
+            rules = null;
+            errors = null;
+            var expression = CSharpSyntaxTree.ParseText(str, new CSharpParseOptions(LanguageVersion.Default).WithKind(SourceCodeKind.Script));
+            var rewriter = new NormalizeCurrencyPairsRewritter();
+            // Rename BTC_usd to BTC_USD and verify structure
+            var root = rewriter.Visit(expression.GetRoot());
+            if (rewriter.Errors.Count > 0)
+            {
+                errors = rewriter.Errors;
+                return false;
+            }
+            rules = new RateRules(root);
+            return true;
+        }
+
+        public RateRule GetRuleFor(CurrencyPair currencyPair)
+        {
+            if (currencyPair.Left == "X" || currencyPair.Right == "X")
+                throw new ArgumentException(paramName: nameof(currencyPair), message: "Invalid X currency");
+            var candidate = FindBestCandidate(currencyPair);
+            if (GlobalMultiplier != decimal.One)
+            {
+                candidate = CreateExpression($"({candidate}) * {GlobalMultiplier.ToString(CultureInfo.InvariantCulture)}");
+            }
+            return new RateRule(this, currencyPair, candidate);
+        }
+        
+        public ExpressionSyntax FindBestCandidate(CurrencyPair p)
+        {
+            var invP = p.Inverse();
+            var candidates = new List<(CurrencyPair Pair, int Prioriy, ExpressionSyntax Expression, bool Inverse)>();
+            foreach (var pair in new[]
+            {
+                (Pair: p, Priority: 0, Inverse: false),
+                (Pair: new CurrencyPair(p.Left, "X"), Priority: 1, Inverse: false),
+                (Pair: new CurrencyPair("X", p.Right), Priority: 1, Inverse: false),
+                (Pair: invP, Priority: 2, Inverse: true),
+                (Pair: new CurrencyPair(invP.Left, "X"), Priority: 3, Inverse: true),
+                (Pair: new CurrencyPair("X", invP.Right), Priority: 3, Inverse: true),
+                (Pair: new CurrencyPair("X", "X"), Priority: 4, Inverse: false)
+            })
+            {
+                if (ruleList.ExpressionsByPair.TryGetValue(pair.Pair, out var expression))
+                {
+                    candidates.Add((pair.Pair, pair.Priority, expression.Expression, pair.Inverse));
+                }
+            }
+            if (candidates.Count == 0)
+                return CreateExpression($"ERR_NO_RULE_MATCH({p})");
+            var best = candidates
+                    .OrderBy(c => c.Prioriy)
+                    .ThenBy(c => c.Expression.Span.Start)
+                    .First();
+            return best.Inverse
+                   ? CreateExpression($"1 / {invP}")
+                   : best.Expression;
+        }
+
+        internal static ExpressionSyntax CreateExpression(string str)
+        {
+            return (ExpressionSyntax)CSharpSyntaxTree.ParseText(str, new CSharpParseOptions(LanguageVersion.Default).WithKind(SourceCodeKind.Script)).GetRoot().ChildNodes().First().ChildNodes().First().ChildNodes().First();
+        }
+
+        public override string ToString()
+        {
+            return root.NormalizeWhitespace("", "\n")
+                .ToFullString()
+                .Replace("{\n", string.Empty, StringComparison.OrdinalIgnoreCase)
+                            .Replace("\n}", string.Empty, StringComparison.OrdinalIgnoreCase);
+        }
+    }
+
+    public class RateRule
+    {
+        class ReplaceExchangeRateRewriter : CSharpSyntaxRewriter
+        {
+            public List<RateRulesErrors> Errors = new List<RateRulesErrors>();
+            public ExchangeRates Rates;
+            public override SyntaxNode VisitInvocationExpression(InvocationExpressionSyntax node)
+            {
+                var exchangeName = node.Expression.ToString();
+                if (exchangeName.StartsWith("ERR_", StringComparison.OrdinalIgnoreCase))
+                {
+                    Errors.Add(RateRulesErrors.PreprocessError);
+                    return base.VisitInvocationExpression(node);
+                }
+
+                var currencyPair = node.ArgumentList.ChildNodes().FirstOrDefault()?.ToString();
+                if (currencyPair == null || !CurrencyPair.TryParse(currencyPair, out var pair))
+                {
+                    Errors.Add(RateRulesErrors.InvalidCurrencyIdentifier);
+                    return RateRules.CreateExpression($"ERR_INVALID_CURRENCY_PAIR({node.ToString()})");
+                }
+                else
+                {
+                    var rate = Rates.GetRate(exchangeName, pair);
+                    if (rate == null)
+                    {
+                        Errors.Add(RateRulesErrors.RateUnavailable);
+                        return RateRules.CreateExpression($"ERR_RATE_UNAVAILABLE({exchangeName}, {pair.ToString()})");
+                    }
+                    else
+                    {
+                        var token = SyntaxFactory.ParseToken(rate.Value.ToString(CultureInfo.InvariantCulture));
+                        return SyntaxFactory.LiteralExpression(SyntaxKind.NumericLiteralExpression, token);
+                    }
+                }
+            }
+        }
+
+        class CalculateWalker : CSharpSyntaxWalker
+        {
+            public Stack<decimal> Values = new Stack<decimal>();
+            public List<RateRulesErrors> Errors = new List<RateRulesErrors>();
+
+            public override void VisitPrefixUnaryExpression(PrefixUnaryExpressionSyntax node)
+            {
+                base.VisitPrefixUnaryExpression(node);
+                bool invalid = false;
+                switch (node.Kind())
+                {
+                    case SyntaxKind.UnaryMinusExpression:
+                    case SyntaxKind.UnaryPlusExpression:
+                        if (Values.Count < 1)
+                        {
+                            invalid = true;
+                            Errors.Add(RateRulesErrors.MissingArgument);
+                        }
+                        break;
+                    default:
+                        invalid = true;
+                        Errors.Add(RateRulesErrors.UnsupportedOperator);
+                        break;
+                }
+
+                if (invalid)
+                    return;
+
+                switch (node.Kind())
+                {
+                    case SyntaxKind.UnaryMinusExpression:
+                        Values.Push(-Values.Pop());
+                        break;
+                    case SyntaxKind.UnaryPlusExpression:
+                        Values.Push(+Values.Pop());
+                        break;
+                    default:
+                        throw new NotSupportedException("Should never happen");
+                }
+            }
+
+            public override void VisitBinaryExpression(BinaryExpressionSyntax node)
+            {
+                base.VisitBinaryExpression(node);
+
+
+                bool invalid = false;
+                switch (node.Kind())
+                {
+                    case SyntaxKind.AddExpression:
+                    case SyntaxKind.MultiplyExpression:
+                    case SyntaxKind.DivideExpression:
+                    case SyntaxKind.SubtractExpression:
+                        if (Values.Count < 2)
+                        {
+                            invalid = true;
+                            Errors.Add(RateRulesErrors.MissingArgument);
+                        }
+                        break;
+                }
+
+                if (invalid)
+                    return;
+
+                var b = Values.Pop();
+                var a = Values.Pop();
+
+                switch (node.Kind())
+                {
+                    case SyntaxKind.AddExpression:
+                        Values.Push(a + b);
+                        break;
+                    case SyntaxKind.MultiplyExpression:
+                        Values.Push(a * b);
+                        break;
+                    case SyntaxKind.DivideExpression:
+                        if (b == decimal.Zero)
+                        {
+                            Errors.Add(RateRulesErrors.DivideByZero);
+                        }
+                        else
+                        {
+                            Values.Push(a / b);
+                        }
+                        break;
+                    case SyntaxKind.SubtractExpression:
+                        Values.Push(a - b);
+                        break;
+                    default:
+                        throw new NotSupportedException("Should never happen");
+                }
+            }
+
+            public override void VisitLiteralExpression(LiteralExpressionSyntax node)
+            {
+                switch (node.Kind())
+                {
+                    case SyntaxKind.NumericLiteralExpression:
+                        Values.Push(decimal.Parse(node.ToString(), CultureInfo.InvariantCulture));
+                        break;
+                }
+            }
+        }
+
+        class HasBinaryOperations : CSharpSyntaxWalker
+        {
+            public bool Result = false;
+            public override void VisitBinaryExpression(BinaryExpressionSyntax node)
+            {
+                base.VisitBinaryExpression(node);
+                switch (node.Kind())
+                {
+                    case SyntaxKind.AddExpression:
+                    case SyntaxKind.MultiplyExpression:
+                    case SyntaxKind.DivideExpression:
+                    case SyntaxKind.MinusToken:
+                        Result = true;
+                        break;
+                }
+            }
+        }
+        class FlattenExpressionRewriter : CSharpSyntaxRewriter
+        {
+            RateRules parent;
+            public FlattenExpressionRewriter(RateRules parent, CurrencyPair pair)
+            {
+                Context.Push(pair);
+                this.parent = parent;
+            }
+
+            public ExchangeRates ExchangeRates = new ExchangeRates();
+            public Stack<CurrencyPair> Context { get; set; } = new Stack<CurrencyPair>();
+            bool IsInvocation;
+            public override SyntaxNode VisitInvocationExpression(InvocationExpressionSyntax node)
+            {
+                IsInvocation = true;
+                _ExchangeName = node.Expression.ToString();
+                var result = base.VisitInvocationExpression(node);
+                IsInvocation = false;
+                return result;
+            }
+
+            string _ExchangeName = null;
+
+            public List<RateRulesErrors> Errors = new List<RateRulesErrors>();
+            const int MaxNestedCount = 8;
+            public override SyntaxNode VisitIdentifierName(IdentifierNameSyntax node)
+            {
+                if (CurrencyPair.TryParse(node.Identifier.ValueText, out var currentPair))
+                {
+                    var ctx = Context.Peek();
+
+                    var replacedPair = new CurrencyPair(left: currentPair.Left == "X" ? ctx.Left : currentPair.Left,
+                                                       right: currentPair.Right == "X" ? ctx.Right : currentPair.Right);
+                    if (IsInvocation) // eg. replace bittrex(BTC_X) to bittrex(BTC_USD)
+                    {
+                        ExchangeRates.Add(new ExchangeRate() { CurrencyPair = replacedPair, Exchange = _ExchangeName });
+                        return SyntaxFactory.IdentifierName(replacedPair.ToString());
+                    }
+                    else // eg. replace BTC_X to BTC_USD, then replace by the expression for BTC_USD
+                    {
+                        var bestCandidate = parent.FindBestCandidate(replacedPair);
+                        if (Context.Count > MaxNestedCount)
+                        {
+                            Errors.Add(RateRulesErrors.TooMuchNestedCalls);
+                            return RateRules.CreateExpression($"ERR_TOO_MUCH_NESTED_CALLS({replacedPair})");
+                        }
+                        Context.Push(replacedPair);
+                        var replaced = Visit(bestCandidate);
+                        if (replaced is ExpressionSyntax expression)
+                        {
+                            var hasBinaryOps = new HasBinaryOperations();
+                            hasBinaryOps.Visit(expression);
+                            if (hasBinaryOps.Result)
+                            {
+                                replaced = SyntaxFactory.ParenthesizedExpression(expression);
+                            }
+                        }
+                        Context.Pop();
+                        if (Errors.Contains(RateRulesErrors.TooMuchNestedCalls))
+                        {
+                            return RateRules.CreateExpression($"ERR_TOO_MUCH_NESTED_CALLS({replacedPair})");
+                        }
+                        return replaced;
+                    }
+                }
+                return base.VisitIdentifierName(node);
+            }
+        }
+        private SyntaxNode expression;
+        FlattenExpressionRewriter flatten;
+
+        public RateRule(RateRules parent, CurrencyPair currencyPair, SyntaxNode candidate)
+        {
+            flatten = new FlattenExpressionRewriter(parent, currencyPair);
+            this.expression = flatten.Visit(candidate);
+        }
+
+        public ExchangeRates ExchangeRates
+        {
+            get
+            {
+                return flatten.ExchangeRates;
+            }
+        }
+
+
+        public bool Reevaluate()
+        {
+            _Value = null;
+            _EvaluatedNode = null;
+            _Evaluated = null;
+            Errors.Clear();
+
+            var rewriter = new ReplaceExchangeRateRewriter();
+            rewriter.Rates = ExchangeRates;
+            var result = rewriter.Visit(this.expression);
+            Errors.AddRange(rewriter.Errors);
+            _Evaluated = result.NormalizeWhitespace("", "\n").ToString();
+            if (HasError)
+                return false;
+
+            var calculate = new CalculateWalker();
+            calculate.Visit(result);
+            if (calculate.Values.Count != 1 || calculate.Errors.Count != 0)
+            {
+                Errors.AddRange(calculate.Errors);
+                return false;
+            }
+            _Value = calculate.Values.Pop();
+            _EvaluatedNode = result;
+            return true;
+        }
+
+
+        private readonly HashSet<RateRulesErrors> _Errors = new HashSet<RateRulesErrors>();
+        public HashSet<RateRulesErrors> Errors
+        {
+            get
+            {
+                return _Errors;
+            }
+        }
+
+        SyntaxNode _EvaluatedNode;
+        string _Evaluated;
+        public bool HasError
+        {
+            get
+            {
+                return _Errors.Count != 0;
+            }
+        }
+
+        public string ToString(bool evaluated)
+        {
+            if (!evaluated)
+                return ToString();
+            if (_Evaluated == null)
+                return "Call Evaluate() first";
+            return _Evaluated;
+        }
+
+        public override string ToString()
+        {
+            return expression.NormalizeWhitespace("", "\n").ToString();
+        }
+
+        decimal? _Value;
+        public decimal? Value
+        {
+            get
+            {
+                return _Value;
+            }
+        }
+    }
+}

BTCPayServer/SearchString.cs

@@ -21,7 +21,7 @@ namespace BTCPayServer
                     .Select(t => t.Split(new char[] { ':' }, StringSplitOptions.RemoveEmptyEntries))
                     .Where(kv => kv.Length == 2)
                     .Select(kv => new KeyValuePair<string, string>(kv[0].ToLowerInvariant(), kv[1]))
-                    .ToDictionary(o => o.Key, o => o.Value);
+                    .ToMultiValueDictionary(o => o.Key, o => o.Value);
 
             foreach(var filter in splitted)
             {
@@ -38,8 +38,8 @@ namespace BTCPayServer
             get;
             private set;
         }
-
-        public Dictionary<string, string> Filters { get; private set; }
+        
+        public MultiValueDictionary<string, string> Filters { get; private set; }
 
         public override string ToString()
         {

BTCPayServer/Security/BTCPayClaimsFilter.cs

@@ -0,0 +1,66 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using BTCPayServer.Models;
+using BTCPayServer.Services.Stores;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+using Microsoft.AspNetCore.Mvc.Infrastructure;
+using Microsoft.Extensions.Options;
+
+namespace BTCPayServer.Security
+{
+
+    public class BTCPayClaimsFilter : IAsyncAuthorizationFilter, IConfigureOptions<MvcOptions>
+    {
+        UserManager<ApplicationUser> _UserManager;
+        StoreRepository _StoreRepository;
+        public BTCPayClaimsFilter(
+            UserManager<ApplicationUser> userManager,
+            StoreRepository storeRepository)
+        {
+            _UserManager = userManager;
+            _StoreRepository = storeRepository;
+        }
+
+        void IConfigureOptions<MvcOptions>.Configure(MvcOptions options)
+        {
+            options.Filters.Add(typeof(BTCPayClaimsFilter));
+        }
+
+        public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
+        {
+            var principal = context.HttpContext.User;
+            if (!context.HttpContext.GetIsBitpayAPI())
+            {
+                var identity = ((ClaimsIdentity)principal.Identity);
+                if (principal.IsInRole(Roles.ServerAdmin))
+                {
+                    identity.AddClaim(new Claim(Policies.CanModifyServerSettings.Key, "true"));
+                }
+                if (context.RouteData.Values.TryGetValue("storeId", out var storeId))
+                {
+                    var claim = identity.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier);
+                    if (claim != null)
+                    {
+                        var store = await _StoreRepository.FindStore((string)storeId, claim.Value);
+                        if (store == null)
+                            context.Result = new ChallengeResult(Policies.CookieAuthentication);
+                        else
+                        {
+                            context.HttpContext.SetStoreData(store);
+                            if (store != null)
+                            {
+                                identity.AddClaims(store.GetClaims());
+                            }
+                        }
+                    }
+                }
+            }
+        }
+    }
+}

BTCPayServer/Security/BitpayClaimsFilter.cs

@@ -0,0 +1,196 @@
+using System;
+using Microsoft.Extensions.Logging;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Routing;
+using Microsoft.AspNetCore.Http.Extensions;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Security.Claims;
+using System.Text;
+using System.Threading.Tasks;
+using BTCPayServer.Authentication;
+using BTCPayServer.Models;
+using BTCPayServer.Services;
+using BTCPayServer.Services.Stores;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc.Filters;
+using Microsoft.AspNetCore.Mvc.Infrastructure;
+using Microsoft.Extensions.Options;
+using NBitcoin;
+using NBitcoin.DataEncoders;
+using NBitpayClient;
+using NBitpayClient.Extensions;
+using Newtonsoft.Json.Linq;
+using BTCPayServer.Logging;
+using Microsoft.AspNetCore.Http.Internal;
+
+namespace BTCPayServer.Security
+{
+    public class BitpayClaimsFilter : IAsyncAuthorizationFilter, IConfigureOptions<MvcOptions>
+    {
+        UserManager<ApplicationUser> _UserManager;
+        StoreRepository _StoreRepository;
+        TokenRepository _TokenRepository;
+
+        public BitpayClaimsFilter(
+            UserManager<ApplicationUser> userManager,
+            TokenRepository tokenRepository,
+            StoreRepository storeRepository)
+        {
+            _UserManager = userManager;
+            _StoreRepository = storeRepository;
+            _TokenRepository = tokenRepository;
+        }
+
+        void IConfigureOptions<MvcOptions>.Configure(MvcOptions options)
+        {
+            options.Filters.Add(typeof(BitpayClaimsFilter));
+        }
+
+        public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
+        {
+            var principal = context.HttpContext.User;
+            if (context.HttpContext.GetIsBitpayAPI())
+            {
+                var bitpayAuth = context.HttpContext.GetBitpayAuth();
+                string storeId = null;
+                var failedAuth = false;
+                if (!string.IsNullOrEmpty(bitpayAuth.Signature) && !string.IsNullOrEmpty(bitpayAuth.Id))
+                {
+                    storeId = await CheckBitId(context.HttpContext, bitpayAuth.Signature, bitpayAuth.Id);
+                    if (!context.HttpContext.User.Claims.Any(c => c.Type == Claims.SIN))
+                    {
+                        Logs.PayServer.LogDebug("BitId signature check failed");
+                        failedAuth = true;
+                    }
+                }
+                else if (!string.IsNullOrEmpty(bitpayAuth.Authorization))
+                {
+                    storeId = await CheckLegacyAPIKey(context.HttpContext, bitpayAuth.Authorization);
+                    if (storeId == null)
+                    {
+                        Logs.PayServer.LogDebug("API key check failed");
+                        failedAuth = true;
+                    }
+                }
+
+                if (storeId != null)
+                {
+                    var identity = ((ClaimsIdentity)context.HttpContext.User.Identity);
+                    identity.AddClaim(new Claim(Claims.OwnStore, storeId));
+                    var store = await _StoreRepository.FindStore(storeId);
+                    context.HttpContext.SetStoreData(store);
+                }
+                else if (failedAuth)
+                {
+                    throw new BitpayHttpException(401, "Can't access to store");
+                }
+            }
+        }
+
+        private async Task<string> CheckBitId(HttpContext httpContext, string sig, string id)
+        {
+            httpContext.Request.EnableRewind();
+
+            string storeId = null;
+            string body = string.Empty;
+            if (httpContext.Request.ContentLength != 0 && httpContext.Request.Body != null)
+            {
+                using (StreamReader reader = new StreamReader(httpContext.Request.Body, Encoding.UTF8, true, 1024, true))
+                {
+                    body = reader.ReadToEnd();
+                }
+                httpContext.Request.Body.Position = 0;
+            }
+
+            var url = httpContext.Request.GetEncodedUrl();
+            try
+            {
+                var key = new PubKey(id);
+                if (BitIdExtensions.CheckBitIDSignature(key, sig, url, body))
+                {
+                    var sin = key.GetBitIDSIN();
+                    var identity = ((ClaimsIdentity)httpContext.User.Identity);
+                    identity.AddClaim(new Claim(Claims.SIN, sin));
+
+                    string token = null;
+                    if (httpContext.Request.Query.TryGetValue("token", out var tokenValues))
+                    {
+                        token = tokenValues[0];
+                    }
+
+                    if (token == null && !String.IsNullOrEmpty(body) && httpContext.Request.Method == "POST")
+                    {
+                        try
+                        {
+                            token = JObject.Parse(body)?.Property("token")?.Value?.Value<string>();
+                        }
+                        catch { }
+                    }
+
+                    if (token != null)
+                    {
+                        var bitToken = await GetTokenPermissionAsync(sin, token);
+                        if (bitToken == null)
+                        {
+                            return null;
+                        }
+                        storeId = bitToken.StoreId;
+                    }
+                }
+            }
+            catch (FormatException) { }
+            return storeId;
+        }
+
+        private async Task<string> CheckLegacyAPIKey(HttpContext httpContext, string auth)
+        {
+            var splitted = auth.Split(' ', StringSplitOptions.RemoveEmptyEntries);
+            if (splitted.Length != 2 || !splitted[0].Equals("Basic", StringComparison.OrdinalIgnoreCase))
+            {
+                return null;
+            }
+
+            string apiKey = null;
+            try
+            {
+                apiKey = Encoders.ASCII.EncodeData(Encoders.Base64.DecodeData(splitted[1]));
+            }
+            catch
+            {
+                return null;
+            }
+            return await _TokenRepository.GetStoreIdFromAPIKey(apiKey);
+        }
+
+        private async Task<BitTokenEntity> GetTokenPermissionAsync(string sin, string expectedToken)
+        {
+            var actualTokens = (await _TokenRepository.GetTokens(sin)).ToArray();
+            actualTokens = actualTokens.SelectMany(t => GetCompatibleTokens(t)).ToArray();
+
+            var actualToken = actualTokens.FirstOrDefault(a => a.Value.Equals(expectedToken, StringComparison.Ordinal));
+            if (expectedToken == null || actualToken == null)
+            {
+                Logs.PayServer.LogDebug($"No token found for facade {Facade.Merchant} for SIN {sin}");
+                return null;
+            }
+            return actualToken;
+        }
+
+        private IEnumerable<BitTokenEntity> GetCompatibleTokens(BitTokenEntity token)
+        {
+            if (token.Facade == Facade.Merchant.ToString())
+            {
+                yield return token.Clone(Facade.User);
+                yield return token.Clone(Facade.PointOfSale);
+            }
+            if (token.Facade == Facade.PointOfSale.ToString())
+            {
+                yield return token.Clone(Facade.User);
+            }
+            yield return token;
+        }
+    }
+}

BTCPayServer/Security/Policies.cs

@@ -0,0 +1,38 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+
+namespace BTCPayServer.Security
+{
+    public static class Policies
+    {
+        public const string CookieAuthentication = "Identity.Application";
+        public static AuthorizationOptions AddBTCPayPolicies(this AuthorizationOptions options)
+        {
+            AddClaim(options, CanUseStore.Key);
+            AddClaim(options, CanModifyStoreSettings.Key);
+            AddClaim(options, CanModifyServerSettings.Key);
+            return options;
+        }
+
+        private static void AddClaim(AuthorizationOptions options, string key)
+        {
+            options.AddPolicy(key, o => o.RequireClaim(key));
+        }
+
+        public class CanModifyServerSettings
+        {
+            public const string Key = "btcpay.store.canmodifyserversettings";
+        }
+        public class CanUseStore
+        {
+            public const string Key = "btcpay.store.canusestore";
+        }
+        public class CanModifyStoreSettings
+        {
+            public const string Key = "btcpay.store.canmodifystoresettings";
+        }
+    }
+}

BTCPayServer/Services/Apps/AppType.cs

@@ -0,0 +1,12 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Services.Apps
+{
+    public enum AppType
+    {
+        PointOfSale
+    }
+}

BTCPayServer/Services/BTCPayServerEnvironment.cs

@@ -6,6 +6,7 @@ using System.Reflection;
 using System.Threading.Tasks;
 using System.Text;
 using NBXplorer;
+using NBitcoin;
 
 namespace BTCPayServer.Services
 {
@@ -20,13 +21,13 @@ namespace BTCPayServer.Services
 			Build = "Release";
 #endif
             Environment = env;
-            ChainType = provider.NBXplorerNetworkProvider.ChainType;
+            NetworkType = provider.NetworkType;
         }
         public IHostingEnvironment Environment
         {
             get; set;
         }
-        public ChainType ChainType { get; set; }
+        public NetworkType NetworkType { get; set; }
         public string Version
         {
             get; set;
@@ -40,7 +41,7 @@ namespace BTCPayServer.Services
         {
             get
             {
-                return ChainType == ChainType.Regtest && Environment.IsDevelopment();
+                return NetworkType == NetworkType.Regtest && Environment.IsDevelopment();
             }
         }
         public override string ToString()

BTCPayServer/Services/Claims.cs

@@ -0,0 +1,15 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Services
+{
+    public class Claims
+    {
+        public const string SIN = "BITID_SIN";
+
+        public const string OwnStore = "BTCPAY_OWN_STORE";
+    }
+}

BTCPayServer/Services/Fees/NBxplorerFeeProvider.cs

@@ -39,6 +39,8 @@ namespace BTCPayServer.Services.Fees
         ExplorerClient _ExplorerClient;
         public async Task<FeeRate> GetFeeRateAsync()
         {
+            if (!_ExplorerClient.Network.SupportEstimatesSmartFee)
+                return _Factory.Fallback;
             try
             {
                 return (await _ExplorerClient.GetFeeRateAsync(_Factory.BlockTarget).ConfigureAwait(false)).FeeRate;

BTCPayServer/Services/HardwareWalletService.cs

@@ -1,4 +1,5 @@
 using System;
+using Microsoft.Extensions.Logging;
 using System.Collections.Generic;
 using System.Linq;
 using System.Net.WebSockets;
@@ -82,12 +83,13 @@ namespace BTCPayServer.Services
             if (network == null)
                 throw new ArgumentNullException(nameof(network));
 
-            var path = new KeyPath("49'").Derive(network.CoinType).Derive(account, true);
+            var segwit = network.NBitcoinNetwork.Consensus.SupportSegwit;
+            var path = network.GetRootKeyPath().Derive(account, true);
             var pubkey = await GetExtPubKey(_Ledger, network, path, false);
             var derivation = new DerivationStrategyFactory(network.NBitcoinNetwork).CreateDirectDerivationStrategy(pubkey, new DerivationStrategyOptions()
             {
-                P2SH = true,
-                Legacy = false
+                P2SH = segwit,
+                Legacy = !segwit
             });
             return new GetXPubResult() { ExtPubKey = derivation.ToString(), KeyPath = path };
         }
@@ -97,10 +99,14 @@ namespace BTCPayServer.Services
             try
             {
                 var pubKey = await ledger.GetWalletPubKeyAsync(account);
-                if (pubKey.Address.Network != network.NBitcoinNetwork)
+                try
                 {
-                    if (network.DefaultSettings.ChainType == NBXplorer.ChainType.Main)
-                        throw new Exception($"The opened ledger app should be for {network.NBitcoinNetwork.Name}, not for {pubKey.Address.Network}");
+                    pubKey.GetAddress(network.NBitcoinNetwork);
+                }
+                catch
+                {
+                    if (network.NBitcoinNetwork.NetworkType == NetworkType.Mainnet)
+                        throw new Exception($"The opened ledger app does not seems to support {network.NBitcoinNetwork.Name}.");
                 }
                 var fingerprint = onlyChaincode ? new byte[4] : (await ledger.GetWalletPubKeyAsync(account.Parent)).UncompressedPublicKey.Compress().Hash.ToBytes().Take(4).ToArray();
                 var extpubkey = new ExtPubKey(pubKey.UncompressedPublicKey.Compress(), pubKey.ChainCode, (byte)account.Indexes.Length, fingerprint, account.Indexes.Last()).GetWif(network.NBitcoinNetwork);
@@ -125,9 +131,13 @@ namespace BTCPayServer.Services
 
         private static async Task<KeyPath> GetKeyPath(LedgerClient ledger, BTCPayNetwork network, DirectDerivationStrategy directStrategy)
         {
+            List<KeyPath> derivations = new List<KeyPath>();
+            if(network.NBitcoinNetwork.Consensus.SupportSegwit)
+                derivations.Add(new KeyPath("49'"));
+            derivations.Add(new KeyPath("44'"));
             KeyPath foundKeyPath = null;
             foreach (var account in
-                                  new[] { new KeyPath("49'"), new KeyPath("44'") }
+                                  derivations
                                   .Select(purpose => purpose.Derive(network.CoinType))
                                   .SelectMany(coinType => Enumerable.Range(0, 5).Select(i => coinType.Derive(i, true))))
             {
@@ -189,6 +199,7 @@ namespace BTCPayServer.Services
 
             TransactionBuilder builder = new TransactionBuilder();
             builder.StandardTransactionPolicy.MinRelayTxFee = minTxRelayFee;
+            builder.SetConsensusFactory(network.NBitcoinNetwork);
             builder.AddCoins(coins.Select(c=>c.Coin).ToArray());
 
             foreach (var element in send)
@@ -235,6 +246,5 @@ namespace BTCPayServer.Services
         public string ExtPubKey { get; set; }
         [JsonConverter(typeof(NBitcoin.JsonConverters.KeyPathJsonConverter))]
         public KeyPath KeyPath { get; set; }
-        public int CoinType { get; internal set; }
     }
 }

BTCPayServer/Services/Invoices/InvoiceEntity.cs

@@ -314,6 +314,7 @@ namespace BTCPayServer.Services.Invoices
         }
         public bool ExtendedNotifications { get; set; }
         public List<InvoiceEventData> Events { get; internal set; }
+        public double PaymentTolerance { get; set; }
 
         public bool IsExpired()
         {
@@ -337,15 +338,16 @@ namespace BTCPayServer.Services.Invoices
                 Flags = new Flags() { Refundable = Refundable }
             };
 
+            dto.Url = ServerUrl.WithTrailingSlash() + $"invoice?id=" + Id;
             dto.CryptoInfo = new List<NBitpayClient.InvoiceCryptoInfo>();
-            foreach (var info in this.GetPaymentMethods(networkProvider, true))
+            foreach (var info in this.GetPaymentMethods(networkProvider))
             {
                 var accounting = info.Calculate();
                 var cryptoInfo = new NBitpayClient.InvoiceCryptoInfo();
                 cryptoInfo.CryptoCode = info.GetId().CryptoCode;
                 cryptoInfo.PaymentType = info.GetId().PaymentType.ToString();
                 cryptoInfo.Rate = info.Rate;
-                cryptoInfo.Price = Money.Coins(ProductInformation.Price / cryptoInfo.Rate).ToString();
+                cryptoInfo.Price = (accounting.TotalDue - accounting.NetworkFee).ToString();
 
                 cryptoInfo.Due = accounting.Due.ToString();
                 cryptoInfo.Paid = accounting.Paid.ToString();
@@ -359,14 +361,13 @@ namespace BTCPayServer.Services.Invoices
                 {
                     { ProductInformation.Currency, (double)cryptoInfo.Rate }
                 };
-
+                var paymentId = info.GetId();
                 var scheme = info.Network.UriScheme;
-                var cryptoSuffix = cryptoInfo.CryptoCode == "BTC" ? "" : "/" + cryptoInfo.CryptoCode;
-                cryptoInfo.Url = ServerUrl.WithTrailingSlash() + $"invoice{cryptoSuffix}?id=" + Id;
+                cryptoInfo.Url = ServerUrl.WithTrailingSlash() + $"i/{paymentId}/{Id}";
 
-
-                if (info.GetId().PaymentType == PaymentTypes.BTCLike)
+                if (paymentId.PaymentType == PaymentTypes.BTCLike)
                 {
+                    var cryptoSuffix = cryptoInfo.CryptoCode == "BTC" ? "" : "/" + cryptoInfo.CryptoCode;
                     cryptoInfo.PaymentUrls = new NBitpayClient.InvoicePaymentUrls()
                     {
                         BIP72 = $"{scheme}:{cryptoInfo.Address}?amount={cryptoInfo.Due}&r={ServerUrl.WithTrailingSlash() + ($"i/{Id}{cryptoSuffix}")}",
@@ -375,7 +376,7 @@ namespace BTCPayServer.Services.Invoices
                         BIP21 = $"{scheme}:{cryptoInfo.Address}?amount={cryptoInfo.Due}",
                     };
                 }
-                var paymentId = info.GetId();
+                
                 if (paymentId.PaymentType == PaymentTypes.LightningLike)
                 {
                     cryptoInfo.PaymentUrls = new NBitpayClient.InvoicePaymentUrls()
@@ -386,7 +387,6 @@ namespace BTCPayServer.Services.Invoices
 #pragma warning disable CS0618
                 if (info.CryptoCode == "BTC" && paymentId.PaymentType == PaymentTypes.BTCLike)
                 {
-                    dto.Url = cryptoInfo.Url;
                     dto.BTCPrice = cryptoInfo.Price;
                     dto.Rate = cryptoInfo.Rate;
                     dto.ExRates = cryptoInfo.ExRates;
@@ -396,8 +396,7 @@ namespace BTCPayServer.Services.Invoices
                     dto.PaymentUrls = cryptoInfo.PaymentUrls;
                 }
 #pragma warning restore CS0618
-                if (!info.IsPhantomBTC)
-                    dto.CryptoInfo.Add(cryptoInfo);
+                dto.CryptoInfo.Add(cryptoInfo);
             }
 
             Populate(ProductInformation, dto);
@@ -405,7 +404,6 @@ namespace BTCPayServer.Services.Invoices
 
             dto.Token = Encoders.Base58.EncodeData(RandomUtils.GetBytes(16)); //No idea what it is useful for
             dto.Guid = Guid.NewGuid().ToString();
-
             dto.ExceptionStatus = ExceptionStatus == null ? new JValue(false) : new JValue(ExceptionStatus);
             return dto;
         }
@@ -432,26 +430,15 @@ namespace BTCPayServer.Services.Invoices
             return GetPaymentMethod(new PaymentMethodId(network.CryptoCode, paymentType), networkProvider);
         }
 
-        public PaymentMethodDictionary GetPaymentMethods(BTCPayNetworkProvider networkProvider, bool alwaysIncludeBTC = false)
+        public PaymentMethodDictionary GetPaymentMethods(BTCPayNetworkProvider networkProvider)
         {
             PaymentMethodDictionary rates = new PaymentMethodDictionary(networkProvider);
             var serializer = new Serializer(Dummy);
-            PaymentMethod phantom = null;
 #pragma warning disable CS0618
-            // Legacy
-            if (alwaysIncludeBTC)
-            {
-                var btcNetwork = networkProvider?.GetNetwork("BTC");
-                phantom = new PaymentMethod() { ParentEntity = this, IsPhantomBTC = true, Rate = Rate, CryptoCode = "BTC", TxFee = TxFee, FeeRate = new FeeRate(TxFee, 100), DepositAddress = DepositAddress, Network = btcNetwork };
-                if (btcNetwork != null || networkProvider == null)
-                    rates.Add(phantom);
-            }
             if (PaymentMethod != null)
             {
                 foreach (var prop in PaymentMethod.Properties())
                 {
-                    if (prop.Name == "BTC" && phantom != null)
-                        rates.Remove(phantom);
                     var r = serializer.ToObject<PaymentMethod>(prop.Value.ToString());
                     var paymentMethodId = PaymentMethodId.Parse(prop.Name);
                     r.CryptoCode = paymentMethodId.CryptoCode;
@@ -537,6 +524,10 @@ namespace BTCPayServer.Services.Invoices
         /// Total amount of network fee to pay to the invoice
         /// </summary>
         public Money NetworkFee { get; set; }
+        /// <summary>
+        /// Minimum required to be paid in order to accept invocie as paid
+        /// </summary>
+        public Money MinimumTotalDue { get; set; }
     }
 
     public class PaymentMethod
@@ -635,20 +626,17 @@ namespace BTCPayServer.Services.Invoices
         [Obsolete("Use ((BitcoinLikeOnChainPaymentMethod)GetPaymentMethod()).DepositAddress")]
         public string DepositAddress { get; set; }
 
-        [JsonIgnore]
-        public bool IsPhantomBTC { get; set; }
-
         public PaymentMethodAccounting Calculate(Func<PaymentEntity, bool> paymentPredicate = null)
         {
             paymentPredicate = paymentPredicate ?? new Func<PaymentEntity, bool>((p) => true);
-            var paymentMethods = ParentEntity.GetPaymentMethods(null, IsPhantomBTC);
+            var paymentMethods = ParentEntity.GetPaymentMethods(null);
 
             var totalDue = ParentEntity.ProductInformation.Price / Rate;
             var paid = 0m;
             var cryptoPaid = 0.0m;
 
             int precision = 8;
-            var paidTxFee = 0m;
+            var totalDueNoNetworkCost = Money.Coins(Extensions.RoundUp(totalDue, precision));
             bool paidEnough = paid >= Extensions.RoundUp(totalDue, precision);
             int txRequired = 0;
             var payments =
@@ -662,9 +650,8 @@ namespace BTCPayServer.Services.Invoices
                     if (!paidEnough)
                     {
                         totalDue += txFee;
-                        paidTxFee += txFee;
                     }
-                    paidEnough |= paid >= Extensions.RoundUp(totalDue, precision);
+                    paidEnough |= Extensions.RoundUp(paid, precision) >= Extensions.RoundUp(totalDue, precision);
                     if (GetId() == _.GetPaymentMethodId())
                     {
                         cryptoPaid += _.GetCryptoPaymentData().GetValue();
@@ -680,16 +667,16 @@ namespace BTCPayServer.Services.Invoices
             {
                 txRequired++;
                 totalDue += GetTxFee();
-                paidTxFee += GetTxFee();
             }
 
             accounting.TotalDue = Money.Coins(Extensions.RoundUp(totalDue, precision));
-            accounting.Paid = Money.Coins(paid);
+            accounting.Paid = Money.Coins(Extensions.RoundUp(paid, precision));
             accounting.TxRequired = txRequired;
-            accounting.CryptoPaid = Money.Coins(cryptoPaid);
+            accounting.CryptoPaid = Money.Coins(Extensions.RoundUp(cryptoPaid, precision));
             accounting.Due = Money.Max(accounting.TotalDue - accounting.Paid, Money.Zero);
             accounting.DueUncapped = accounting.TotalDue - accounting.Paid;
-            accounting.NetworkFee = Money.Coins(paidTxFee);
+            accounting.NetworkFee = accounting.TotalDue - totalDueNoNetworkCost;
+            accounting.MinimumTotalDue = Money.Max(Money.Satoshis(1), Money.Satoshis(accounting.TotalDue.Satoshi * (1.0m - ((decimal)ParentEntity.PaymentTolerance / 100.0m))));
             return accounting;
         }
 
@@ -762,7 +749,7 @@ namespace BTCPayServer.Services.Invoices
                 paymentData.Outpoint = Outpoint;
                 return paymentData;
             }
-            if(GetPaymentMethodId().PaymentType== PaymentTypes.LightningLike)
+            if (GetPaymentMethodId().PaymentType == PaymentTypes.LightningLike)
             {
                 return JsonConvert.DeserializeObject<Payments.Lightning.LightningLikePaymentData>(CryptoPaymentData);
             }