bump

* Styling elements required for Node info

* Allowing switching QR between bolt11 and node info for lightning

* Equal width for Bolt11 and Node info buttons

* Certain languages were too verbose for display of "Pay with"

Fixes: #317

BTCPayServer.Tests/BTCPayServer.Tests.csproj

@@ -5,12 +5,16 @@
 
     <IsPackable>false</IsPackable>
     <NoWarn>NU1701,CA1816,CA1308,CA1810,CA2208</NoWarn>
+    <LangVersion>7.2</LangVersion>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.7.2" />
-    <PackageReference Include="xunit" Version="2.3.1" />
-    <PackageReference Include="xunit.runner.visualstudio" Version="2.3.1" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.8.0" />
+    <PackageReference Include="xunit" Version="2.4.0" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="2.4.0">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
+    </PackageReference>
   </ItemGroup>
 
   <ItemGroup>

BTCPayServer.Tests/BTCPayServerTester.cs

@@ -120,30 +120,67 @@ namespace BTCPayServer.Tests
                     .Build();
             _Host.Start();
             InvoiceRepository = (InvoiceRepository)_Host.Services.GetService(typeof(InvoiceRepository));
+            StoreRepository = (StoreRepository)_Host.Services.GetService(typeof(StoreRepository));
 
-            var rateProvider = (BTCPayRateProviderFactory)_Host.Services.GetService(typeof(BTCPayRateProviderFactory));
-            rateProvider.DirectProviders.Clear();
+            if (MockRates)
+            {
+                var rateProvider = (RateProviderFactory)_Host.Services.GetService(typeof(RateProviderFactory));
+                rateProvider.Providers.Clear();
 
-            var coinAverageMock = new MockRateProvider();
-            coinAverageMock.ExchangeRates.Add(new Rating.ExchangeRate()
-            {
-                Exchange = "coinaverage",
-                CurrencyPair = CurrencyPair.Parse("BTC_USD"),
-                BidAsk = new BidAsk(5000m)
-            });
-            coinAverageMock.ExchangeRates.Add(new Rating.ExchangeRate()
-            {
-                Exchange = "coinaverage",
-                CurrencyPair = CurrencyPair.Parse("BTC_CAD"),
-                BidAsk = new BidAsk(4500m)
-            });
-            coinAverageMock.ExchangeRates.Add(new Rating.ExchangeRate()
-            {
-                Exchange = "coinaverage",
-                CurrencyPair = CurrencyPair.Parse("LTC_USD"),
-                BidAsk = new BidAsk(500m)
-            });
-            rateProvider.DirectProviders.Add("coinaverage", coinAverageMock);
+                var coinAverageMock = new MockRateProvider();
+                coinAverageMock.ExchangeRates.Add(new Rating.ExchangeRate()
+                {
+                    Exchange = "coinaverage",
+                    CurrencyPair = CurrencyPair.Parse("BTC_USD"),
+                    BidAsk = new BidAsk(5000m)
+                });
+                coinAverageMock.ExchangeRates.Add(new Rating.ExchangeRate()
+                {
+                    Exchange = "coinaverage",
+                    CurrencyPair = CurrencyPair.Parse("BTC_CAD"),
+                    BidAsk = new BidAsk(4500m)
+                });
+                coinAverageMock.ExchangeRates.Add(new Rating.ExchangeRate()
+                {
+                    Exchange = "coinaverage",
+                    CurrencyPair = CurrencyPair.Parse("LTC_BTC"),
+                    BidAsk = new BidAsk(0.001m)
+                });
+                coinAverageMock.ExchangeRates.Add(new Rating.ExchangeRate()
+                {
+                    Exchange = "coinaverage",
+                    CurrencyPair = CurrencyPair.Parse("LTC_USD"),
+                    BidAsk = new BidAsk(500m)
+                });
+                rateProvider.Providers.Add("coinaverage", coinAverageMock);
+
+                var bitflyerMock = new MockRateProvider();
+                bitflyerMock.ExchangeRates.Add(new Rating.ExchangeRate()
+                {
+                    Exchange = "bitflyer",
+                    CurrencyPair = CurrencyPair.Parse("BTC_JPY"),
+                    BidAsk = new BidAsk(700000m)
+                });
+                rateProvider.Providers.Add("bitflyer", bitflyerMock);
+
+                var quadrigacx = new MockRateProvider();
+                quadrigacx.ExchangeRates.Add(new Rating.ExchangeRate()
+                {
+                    Exchange = "quadrigacx",
+                    CurrencyPair = CurrencyPair.Parse("BTC_CAD"),
+                    BidAsk = new BidAsk(6000m)
+                });
+                rateProvider.Providers.Add("quadrigacx", quadrigacx);
+
+                var bittrex = new MockRateProvider();
+                bittrex.ExchangeRates.Add(new Rating.ExchangeRate()
+                {
+                    Exchange = "bittrex",
+                    CurrencyPair = CurrencyPair.Parse("DOGE_BTC"),
+                    BidAsk = new BidAsk(0.004m)
+                });
+                rateProvider.Providers.Add("bittrex", bittrex);
+            }
         }
 
         public string HostName
@@ -152,6 +189,7 @@ namespace BTCPayServer.Tests
             internal set;
         }
         public InvoiceRepository InvoiceRepository { get; private set; }
+        public StoreRepository StoreRepository { get; private set; }
         public Uri IntegratedLightning { get; internal set; }
         public bool InContainer { get; internal set; }
 
@@ -163,14 +201,14 @@ namespace BTCPayServer.Tests
         public T GetController<T>(string userId = null, string storeId = null) where T : Controller
         {
             var context = new DefaultHttpContext();
-            context.Request.Host = new HostString("127.0.0.1");
+            context.Request.Host = new HostString("127.0.0.1", Port);
             context.Request.Scheme = "http";
             context.Request.Protocol = "http";
             if (userId != null)
             {
                 context.User = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(ClaimTypes.NameIdentifier, userId) }, Policies.CookieAuthentication));
             }
-            if(storeId != null)
+            if (storeId != null)
             {
                 context.SetStoreData(GetService<StoreRepository>().FindStore(storeId, userId).GetAwaiter().GetResult());
             }

BTCPayServer.Tests/ChargeTester.cs

@@ -1,8 +1,9 @@
 using System;
 using System.Collections.Generic;
 using System.Text;
-using BTCPayServer.Payments.Lightning.Charge;
-using BTCPayServer.Payments.Lightning.CLightning;
+using BTCPayServer.Lightning;
+using BTCPayServer.Lightning.Charge;
+using BTCPayServer.Payments.Lightning;
 using NBitcoin;
 
 namespace BTCPayServer.Tests
@@ -15,7 +16,7 @@ namespace BTCPayServer.Tests
         {
             this._Parent = serverTester;
             var url = serverTester.GetEnvironment(environmentName, defaultValue);
-            Client = new ChargeClient(new Uri(url), network);
+            Client = (ChargeClient)LightningClientFactory.CreateClient(url, network);
             P2PHost = _Parent.GetEnvironment(environmentName + "_HOST", defaultHost);
         }        
         public ChargeClient Client { get; set; }

BTCPayServer.Tests/LightningDTester.cs

@@ -2,7 +2,7 @@
 using System.Collections.Generic;
 using System.Text;
 using System.Threading.Tasks;
-using BTCPayServer.Payments.Lightning.CLightning;
+using BTCPayServer.Lightning.CLightning;
 using NBitcoin;
 
 namespace BTCPayServer.Tests
@@ -13,10 +13,10 @@ namespace BTCPayServer.Tests
         public LightningDTester(ServerTester parent, string environmentName, string defaultRPC, string defaultHost, Network network)
         {
             this.parent = parent;
-            RPC = new CLightningRPCClient(new Uri(parent.GetEnvironment(environmentName, defaultRPC)), network);
+            RPC = new CLightningClient(new Uri(parent.GetEnvironment(environmentName, defaultRPC)), network);
         }
 
-        public CLightningRPCClient RPC { get; }
+        public CLightningClient RPC { get; }
         public string P2PHost { get; }
         
     }

BTCPayServer.Tests/Lnd/LndMockTester.cs

@@ -0,0 +1,27 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using BTCPayServer.Lightning.LND;
+using NBitcoin;
+
+namespace BTCPayServer.Tests.Lnd
+{
+    public class LndMockTester
+    {
+        private ServerTester _Parent;
+
+        public LndMockTester(ServerTester serverTester, string environmentName, string defaultValue, string defaultHost, Network network)
+        {
+            this._Parent = serverTester;
+            var url = serverTester.GetEnvironment(environmentName, defaultValue);
+
+            Swagger = new LndSwaggerClient(new LndRestSettings(new Uri(url)) { AllowInsecure = true });
+            Client = new LndClient(Swagger, network);
+            P2PHost = _Parent.GetEnvironment(environmentName + "_HOST", defaultHost);
+        }
+
+        public LndSwaggerClient Swagger { get; set; }
+        public LndClient Client { get; set; }
+        public string P2PHost { get; }
+    }
+}

BTCPayServer.Tests/RateRulesTest.cs

@@ -10,6 +10,19 @@ namespace BTCPayServer.Tests
 {
     public class RateRulesTest
     {
+        [Fact]
+        public void SecondDuplicatedRuleIsIgnored()
+        {
+            StringBuilder builder = new StringBuilder();
+            builder.AppendLine("DOGE_X = 1.1");
+            builder.AppendLine("DOGE_X = 1.2");
+            Assert.True(RateRules.TryParse(builder.ToString(), out var rules));
+            var rule = rules.GetRuleFor(new CurrencyPair("DOGE", "BTC"));
+            rule.Reevaluate();
+            Assert.True(!rule.HasError);
+            Assert.Equal(1.1m, rule.BidAsk.Ask);
+        }
+
         [Fact]
         public void CanParseRateRules()
         {
@@ -46,8 +59,8 @@ namespace BTCPayServer.Tests
             {
                 Assert.Equal(test.Expected, rules.GetRuleFor(CurrencyPair.Parse(test.Pair)).ToString());
             }
-            rules.GlobalMultiplier = 2.32m;
-            Assert.Equal("(bittrex(DOGE_BTC) * gdax(BTC_USD) * 1.1) * 2.32", rules.GetRuleFor(CurrencyPair.Parse("DOGE_USD")).ToString());
+            rules.Spread = 0.2m;
+            Assert.Equal("(bittrex(DOGE_BTC) * gdax(BTC_USD) * 1.1) * (0.8, 1.2)", rules.GetRuleFor(CurrencyPair.Parse("DOGE_USD")).ToString());
             ////////////////
 
             // Check errors conditions
@@ -104,7 +117,7 @@ namespace BTCPayServer.Tests
             rule2.Reevaluate();
             Assert.False(rule2.HasError);
             Assert.Equal("5000 * 2000.4 * 1.1", rule2.ToString(true));
-            Assert.Equal(rule2.Value, 5000m * 2000.4m * 1.1m);
+            Assert.Equal(rule2.BidAsk.Bid, 5000m * 2000.4m * 1.1m);
             ////////
 
             // Make sure parenthesis are correctly calculated
@@ -113,22 +126,22 @@ namespace BTCPayServer.Tests
             builder.AppendLine("BTC_USD = -3 + coinbase(BTC_CAD) + 50 - 5");
             builder.AppendLine("DOGE_BTC = 2000");
             Assert.True(RateRules.TryParse(builder.ToString(), out rules));
-            rules.GlobalMultiplier = 1.1m;
+            rules.Spread = 0.1m;
 
             rule2 = rules.GetRuleFor(CurrencyPair.Parse("DOGE_USD"));
-            Assert.Equal("(2000 * (-3 + coinbase(BTC_CAD) + 50 - 5)) * 1.1", rule2.ToString());
+            Assert.Equal("(2000 * (-3 + coinbase(BTC_CAD) + 50 - 5)) * (0.9, 1.1)", rule2.ToString());
             rule2.ExchangeRates.SetRate("coinbase", CurrencyPair.Parse("BTC_CAD"), new BidAsk(1000m));
             Assert.True(rule2.Reevaluate());
-            Assert.Equal("(2000 * (-3 + 1000 + 50 - 5)) * 1.1", rule2.ToString(true));
-            Assert.Equal((2000m * (-3m + 1000m + 50m - 5m)) * 1.1m, rule2.Value.Value);
+            Assert.Equal("(2000 * (-3 + 1000 + 50 - 5)) * (0.9, 1.1)", rule2.ToString(true));
+            Assert.Equal((2000m * (-3m + 1000m + 50m - 5m)) * 0.9m, rule2.BidAsk.Bid);
 
             // Test inverse
             rule2 = rules.GetRuleFor(CurrencyPair.Parse("USD_DOGE"));
-            Assert.Equal("(1 / (2000 * (-3 + coinbase(BTC_CAD) + 50 - 5))) * 1.1", rule2.ToString());
+            Assert.Equal("(1 / (2000 * (-3 + coinbase(BTC_CAD) + 50 - 5))) * (0.9, 1.1)", rule2.ToString());
             rule2.ExchangeRates.SetRate("coinbase", CurrencyPair.Parse("BTC_CAD"), new BidAsk(1000m));
             Assert.True(rule2.Reevaluate());
-            Assert.Equal("(1 / (2000 * (-3 + 1000 + 50 - 5))) * 1.1", rule2.ToString(true));
-            Assert.Equal((1.0m / (2000m * (-3m + 1000m + 50m - 5m))) * 1.1m, rule2.Value.Value);
+            Assert.Equal("(1 / (2000 * (-3 + 1000 + 50 - 5))) * (0.9, 1.1)", rule2.ToString(true));
+            Assert.Equal((1.0m / (2000m * (-3m + 1000m + 50m - 5m))) * 0.9m, rule2.BidAsk.Bid);
             ////////
 
             // Make sure kraken is not converted to CurrencyPair
@@ -147,12 +160,12 @@ namespace BTCPayServer.Tests
             rule2.ExchangeRates.SetRate("kraken", CurrencyPair.Parse("BTC_USD"), new BidAsk(6000m, 6100m));
             Assert.True(rule2.Reevaluate());
             Assert.Equal("(6000, 6100)", rule2.ToString(true));
-            Assert.Equal(6000m, rule2.Value.Value);
+            Assert.Equal(6000m, rule2.BidAsk.Bid);
             rule2 = rules.GetRuleFor(CurrencyPair.Parse("USD_BTC"));
             rule2.ExchangeRates.SetRate("kraken", CurrencyPair.Parse("BTC_USD"), new BidAsk(6000m, 6100m));
             Assert.True(rule2.Reevaluate());
             Assert.Equal("1 / (6000, 6100)", rule2.ToString(true));
-            Assert.Equal(1m / 6100m, rule2.Value.Value);
+            Assert.Equal(1m / 6100m, rule2.BidAsk.Bid);
 
             // Make sure the inverse has more priority than X_X or CDNT_X
             builder = new StringBuilder();

BTCPayServer.Tests/ServerTester.cs

@@ -18,8 +18,10 @@ using System.Text;
 using System.Threading.Tasks;
 using System.Threading;
 using System.Globalization;
-using BTCPayServer.Payments.Lightning.CLightning;
-using BTCPayServer.Payments.Lightning.Charge;
+using BTCPayServer.Tests.Lnd;
+using BTCPayServer.Payments.Lightning;
+using BTCPayServer.Lightning.CLightning;
+using BTCPayServer.Lightning;
 
 namespace BTCPayServer.Tests
 {
@@ -47,10 +49,12 @@ namespace BTCPayServer.Tests
             LTCExplorerClient = new ExplorerClient(NetworkProvider.GetNetwork("LTC").NBXplorerNetwork, new Uri(GetEnvironment("TESTS_LTCNBXPLORERURL", "http://127.0.0.1:32838/")));
 
             var btc = NetworkProvider.GetNetwork("BTC").NBitcoinNetwork;
-            CustomerLightningD = new CLightningRPCClient(new Uri(GetEnvironment("TEST_CUSTOMERLIGHTNINGD", "tcp://127.0.0.1:30992/")), btc);
-            MerchantLightningD = new CLightningRPCClient(new Uri(GetEnvironment("TEST_MERCHANTLIGHTNINGD", "tcp://127.0.0.1:30993/")), btc);
+            CustomerLightningD = LightningClientFactory.CreateClient(GetEnvironment("TEST_CUSTOMERLIGHTNINGD", "type=clightning;server=tcp://127.0.0.1:30992/"), btc);
+            MerchantLightningD = LightningClientFactory.CreateClient(GetEnvironment("TEST_MERCHANTLIGHTNINGD", "type=clightning;server=tcp://127.0.0.1:30993/"), btc);
 
-            MerchantCharge = new ChargeTester(this, "TEST_MERCHANTCHARGE", "http://api-token:foiewnccewuify@127.0.0.1:54938/", "merchant_lightningd", btc);
+            MerchantCharge = new ChargeTester(this, "TEST_MERCHANTCHARGE", "type=charge;server=http://127.0.0.1:54938/;api-token=foiewnccewuify", "merchant_lightningd", btc);
+
+            MerchantLnd = new LndMockTester(this, "TEST_MERCHANTLND", "https://lnd:lnd@127.0.0.1:53280/", "merchant_lnd", btc);
 
             PayTester = new BTCPayServerTester(Path.Combine(_Directory, "pay"))
             {
@@ -74,69 +78,24 @@ namespace BTCPayServer.Tests
             PayTester.Start();
         }
 
-
-        /// <summary>
-        /// Connect a customer LN node to the merchant LN node
-        /// </summary>
-        public void PrepareLightning()
-        {
-            PrepareLightningAsync().GetAwaiter().GetResult();
-        }
-
-
         /// <summary>
         /// Connect a customer LN node to the merchant LN node
         /// </summary>
         /// <returns></returns>
-        public async Task PrepareLightningAsync()
+        public Task EnsureConnectedToDestinations()
         {
-            while (true)
-            {
-                var skippedStates = new[] { "ONCHAIN", "CHANNELD_SHUTTING_DOWN", "CLOSINGD_SIGEXCHANGE", "CLOSINGD_COMPLETE", "FUNDING_SPEND_SEEN" };
-                var channel = (await CustomerLightningD.ListPeersAsync())
-                            .SelectMany(p => p.Channels)
-                            .Where(c => !skippedStates.Contains(c.State ?? ""))
-                            .FirstOrDefault();
-                switch (channel?.State)
-                {
-                    case null:
-                        var merchantInfo = await WaitLNSynched();
-                        var clightning = new NodeInfo(merchantInfo.Id, MerchantCharge.P2PHost, merchantInfo.Port);
-                        await CustomerLightningD.ConnectAsync(clightning);
-                        var address = await CustomerLightningD.NewAddressAsync();
-                        await ExplorerNode.SendToAddressAsync(address, Money.Coins(0.2m));
-                        ExplorerNode.Generate(1);
-                        await WaitLNSynched();
-                        await Task.Delay(1000);
-                        await CustomerLightningD.FundChannelAsync(clightning, Money.Satoshis(16777215));
-                        break;
-                    case "CHANNELD_AWAITING_LOCKIN":
-                        ExplorerNode.Generate(1);
-                        await WaitLNSynched();
-                        break;
-                    case "CHANNELD_NORMAL":
-                        return;
-                    default:
-                        throw new NotSupportedException(channel?.State ?? "");
-                }
-            }
+            return BTCPayServer.Lightning.Tests.ConnectChannels.ConnectAll(ExplorerNode, GetLightningSenderClients(), GetLightningDestClients());
         }
 
-        private async Task<GetInfoResponse> WaitLNSynched()
+        private IEnumerable<ILightningClient> GetLightningSenderClients()
         {
-            while (true)
-            {
-                var merchantInfo = await MerchantCharge.Client.GetInfoAsync();
-                var blockCount = await ExplorerNode.GetBlockCountAsync();
-                if (merchantInfo.BlockHeight != blockCount)
-                {
-                    await Task.Delay(1000);
-                }
-                else
-                {
-                    return merchantInfo;
-                }
-            }
+            yield return CustomerLightningD;
+        }
+
+        private IEnumerable<ILightningClient> GetLightningDestClients()
+        {
+            yield return MerchantLightningD;
+            yield return MerchantLnd.Client;
         }
 
         public void SendLightningPayment(Invoice invoice)
@@ -148,12 +107,14 @@ namespace BTCPayServer.Tests
         {
             var bolt11 = invoice.CryptoInfo.Where(o => o.PaymentUrls.BOLT11 != null).First().PaymentUrls.BOLT11;
             bolt11 = bolt11.Replace("lightning:", "", StringComparison.OrdinalIgnoreCase);
-            await CustomerLightningD.SendAsync(bolt11);
+            await CustomerLightningD.Pay(bolt11);
         }
 
-        public CLightningRPCClient CustomerLightningD { get; set; }
-        public CLightningRPCClient MerchantLightningD { get; private set; }
+        public ILightningClient CustomerLightningD { get; set; }
+
+        public ILightningClient MerchantLightningD { get; private set; }
         public ChargeTester MerchantCharge { get; private set; }
+        public LndMockTester MerchantLnd { get; set; }
 
         internal string GetEnvironment(string variable, string defaultValue)
         {
@@ -189,9 +150,14 @@ namespace BTCPayServer.Tests
         {
             get; set;
         }
+        public List<string> Stores { get; internal set; } = new List<string>();
 
         public void Dispose()
         {
+            foreach (var store in Stores)
+            {
+                Xunit.Assert.True(PayTester.StoreRepository.DeleteStore(store).GetAwaiter().GetResult());
+            }
             if (PayTester != null)
                 PayTester.Dispose();
         }

BTCPayServer.Tests/TestAccount.cs

@@ -14,6 +14,9 @@ using Xunit;
 using NBXplorer.DerivationStrategy;
 using BTCPayServer.Payments;
 using BTCPayServer.Payments.Lightning;
+using BTCPayServer.Tests.Logging;
+using BTCPayServer.Lightning;
+using BTCPayServer.Lightning.CLightning;
 
 namespace BTCPayServer.Tests
 {
@@ -65,15 +68,16 @@ namespace BTCPayServer.Tests
             var store = this.GetController<UserStoresController>();
             await store.CreateStore(new CreateStoreViewModel() { Name = "Test Store" });
             StoreId = store.CreatedStoreId;
+            parent.Stores.Add(StoreId);
         }
 
         public BTCPayNetwork SupportedNetwork { get; set; }
 
-        public void RegisterDerivationScheme(string crytoCode)
+        public WalletId RegisterDerivationScheme(string crytoCode)
         {
-            RegisterDerivationSchemeAsync(crytoCode).GetAwaiter().GetResult();
+            return RegisterDerivationSchemeAsync(crytoCode).GetAwaiter().GetResult();
         }
-        public async Task RegisterDerivationSchemeAsync(string cryptoCode)
+        public async Task<WalletId> RegisterDerivationSchemeAsync(string cryptoCode)
         {
             SupportedNetwork = parent.NetworkProvider.GetNetwork(cryptoCode);
             var store = parent.PayTester.GetController<StoresController>(UserId, StoreId);
@@ -88,6 +92,8 @@ namespace BTCPayServer.Tests
                 DerivationScheme = DerivationScheme.ToString(),
                 Confirmation = true
             }, cryptoCode);
+
+            return new WalletId(StoreId, cryptoCode);
         }
 
         public DerivationStrategyBase DerivationScheme { get; set; }
@@ -117,7 +123,7 @@ namespace BTCPayServer.Tests
         {
             get; set;
         }
-        
+
         public void RegisterLightningNode(string cryptoCode, LightningConnectionType connectionType)
         {
             RegisterLightningNodeAsync(cryptoCode, connectionType).GetAwaiter().GetResult();
@@ -126,15 +132,24 @@ namespace BTCPayServer.Tests
         public async Task RegisterLightningNodeAsync(string cryptoCode, LightningConnectionType connectionType)
         {
             var storeController = this.GetController<StoresController>();
+
+            string connectionString = null;
+            if (connectionType == LightningConnectionType.Charge)
+                connectionString = "type=charge;server=" + parent.MerchantCharge.Client.Uri.AbsoluteUri;
+            else if (connectionType == LightningConnectionType.CLightning)
+                connectionString = "type=clightning;server=" + ((CLightningClient)parent.MerchantLightningD).Address.AbsoluteUri;
+            else if (connectionType == LightningConnectionType.LndREST)
+                connectionString = $"type=lnd-rest;server={parent.MerchantLnd.Swagger.BaseUrl};allowinsecure=true";
+            else
+                throw new NotSupportedException(connectionType.ToString());
+
             await storeController.AddLightningNode(StoreId, new LightningNodeViewModel()
             {
-                Url = connectionType == LightningConnectionType.Charge ? parent.MerchantCharge.Client.Uri.AbsoluteUri :
-                      connectionType == LightningConnectionType.CLightning ? parent.MerchantLightningD.Address.AbsoluteUri
-                      : throw new NotSupportedException(connectionType.ToString()),
+                ConnectionString = connectionString,
                 SkipPortTest = true
             }, "save", "BTC");
             if (storeController.ModelState.ErrorCount != 0)
                 Assert.False(true, storeController.ModelState.FirstOrDefault().Value.Errors[0].ErrorMessage);
         }
-}
+    }
 }

BTCPayServer.Tests/UnitTest1.cs

@@ -35,9 +35,12 @@ using BTCPayServer.Services.Apps;
 using BTCPayServer.Services.Stores;
 using System.Net.Http;
 using System.Text;
+using BTCPayServer.Models;
 using BTCPayServer.Rating;
 using BTCPayServer.Validation;
 using ExchangeSharp;
+using System.Security.Cryptography.X509Certificates;
+using BTCPayServer.Lightning;
 
 namespace BTCPayServer.Tests
 {
@@ -321,7 +324,7 @@ namespace BTCPayServer.Tests
         [Fact]
         public void RoundupCurrenciesCorrectly()
         {
-            foreach(var test in new[] 
+            foreach (var test in new[]
             {
                 (0.0005m, "$0.0005 (USD)"),
                 (0.001m, "$0.001 (USD)"),
@@ -329,7 +332,7 @@ namespace BTCPayServer.Tests
                 (0.1m, "$0.10 (USD)"),
             })
             {
-                var actual = InvoiceController.FormatCurrency(test.Item1, "USD", new CurrencyNameTable());
+                var actual = new CurrencyNameTable().DisplayFormatCurrency(test.Item1, "USD");
                 Assert.Equal(test.Item2, actual);
             }
         }
@@ -384,17 +387,6 @@ namespace BTCPayServer.Tests
             }
         }
 
-        [Fact]
-        public void CanUseLightMoney()
-        {
-            var light = LightMoney.MilliSatoshis(1);
-            Assert.Equal("0.00000000001", light.ToString());
-
-            light = LightMoney.MilliSatoshis(200000);
-            Assert.Equal(200m, light.ToDecimal(LightMoneyUnit.Satoshi));
-            Assert.Equal(0.00000001m * 200m, light.ToDecimal(LightMoneyUnit.BTC));
-        }
-
         [Fact]
         public void CanSetLightningServer()
         {
@@ -409,14 +401,21 @@ namespace BTCPayServer.Tests
 
                 var testResult = storeController.AddLightningNode(user.StoreId, new LightningNodeViewModel()
                 {
-                    Url = tester.MerchantCharge.Client.Uri.AbsoluteUri
+                    ConnectionString = "type=charge;server=" + tester.MerchantCharge.Client.Uri.AbsoluteUri,
+                    SkipPortTest = true // We can't test this as the IP can't be resolved by the test host :(
                 }, "test", "BTC").GetAwaiter().GetResult();
                 Assert.DoesNotContain("Error", ((LightningNodeViewModel)Assert.IsType<ViewResult>(testResult).Model).StatusMessage, StringComparison.OrdinalIgnoreCase);
                 Assert.True(storeController.ModelState.IsValid);
 
                 Assert.IsType<RedirectToActionResult>(storeController.AddLightningNode(user.StoreId, new LightningNodeViewModel()
                 {
-                    Url = tester.MerchantCharge.Client.Uri.AbsoluteUri
+                    ConnectionString = "type=charge;server=" + tester.MerchantCharge.Client.Uri.AbsoluteUri
+                }, "save", "BTC").GetAwaiter().GetResult());
+
+                // Make sure old connection string format does not work
+                Assert.IsType<ViewResult>(storeController.AddLightningNode(user.StoreId, new LightningNodeViewModel()
+                {
+                    ConnectionString = tester.MerchantCharge.Client.Uri.AbsoluteUri
                 }, "save", "BTC").GetAwaiter().GetResult());
 
                 var storeVm = Assert.IsType<Models.StoreViewModels.StoreViewModel>(Assert.IsType<ViewResult>(storeController.UpdateStore()).Model);
@@ -425,111 +424,41 @@ namespace BTCPayServer.Tests
         }
 
         [Fact]
-        public void CanParseLightningURL()
+        public async Task CanSendLightningPaymentCLightning()
         {
-            LightningConnectionString conn = null;
-            Assert.True(LightningConnectionString.TryParse("/test/a", out conn));
-            Assert.Equal("unix://test/a", conn.ToString());
-            Assert.Equal("unix://test/a", conn.ToUri(true).AbsoluteUri);
-            Assert.Equal("unix://test/a", conn.ToUri(false).AbsoluteUri);
-            Assert.Equal(LightningConnectionType.CLightning, conn.ConnectionType);
-
-            Assert.True(LightningConnectionString.TryParse("unix://test/a", out conn));
-            Assert.Equal("unix://test/a", conn.ToString());
-            Assert.Equal("unix://test/a", conn.ToUri(true).AbsoluteUri);
-            Assert.Equal("unix://test/a", conn.ToUri(false).AbsoluteUri);
-            Assert.Equal(LightningConnectionType.CLightning, conn.ConnectionType);
-
-            Assert.True(LightningConnectionString.TryParse("unix://test/a", out conn));
-            Assert.Equal("unix://test/a", conn.ToString());
-            Assert.Equal("unix://test/a", conn.ToUri(true).AbsoluteUri);
-            Assert.Equal("unix://test/a", conn.ToUri(false).AbsoluteUri);
-            Assert.Equal(LightningConnectionType.CLightning, conn.ConnectionType);
-
-            Assert.True(LightningConnectionString.TryParse("tcp://test/a", out conn));
-            Assert.Equal("tcp://test/a", conn.ToString());
-            Assert.Equal("tcp://test/a", conn.ToUri(true).AbsoluteUri);
-            Assert.Equal("tcp://test/a", conn.ToUri(false).AbsoluteUri);
-            Assert.Equal(LightningConnectionType.CLightning, conn.ConnectionType);
-
-            Assert.True(LightningConnectionString.TryParse("http://aaa:bbb@test/a", out conn));
-            Assert.Equal("http://aaa:bbb@test/a", conn.ToString());
-            Assert.Equal("http://aaa:bbb@test/a", conn.ToUri(true).AbsoluteUri);
-            Assert.Equal("http://test/a", conn.ToUri(false).AbsoluteUri);
-            Assert.Equal(LightningConnectionType.Charge, conn.ConnectionType);
-            Assert.Equal("aaa", conn.Username);
-            Assert.Equal("bbb", conn.Password);
-
-            Assert.False(LightningConnectionString.TryParse("lol://aaa:bbb@test/a", out conn));
-            Assert.False(LightningConnectionString.TryParse("https://test/a", out conn));
-            Assert.False(LightningConnectionString.TryParse("unix://dwewoi:dwdwqd@test/a", out conn));
+            await ProcessLightningPayment(LightningConnectionType.CLightning);
         }
 
         [Fact]
-        public void CanSendLightningPayment2()
+        public async Task CanSendLightningPaymentCharge()
         {
-            using (var tester = ServerTester.Create())
-            {
-                tester.Start();
-                tester.PrepareLightning();
-                var user = tester.NewAccount();
-                user.GrantAccess();
-                user.RegisterLightningNode("BTC", LightningConnectionType.CLightning);
-                user.RegisterDerivationScheme("BTC");
-
-                var invoice = user.BitPay.CreateInvoice(new Invoice()
-                {
-                    Price = 0.01m,
-                    Currency = "USD",
-                    PosData = "posData",
-                    OrderId = "orderId",
-                    ItemDesc = "Some description"
-                });
-
-                tester.SendLightningPayment(invoice);
-
-                Eventually(() =>
-                {
-                    var localInvoice = user.BitPay.GetInvoice(invoice.Id);
-                    Assert.Equal("complete", localInvoice.Status);
-                    Assert.Equal("False", localInvoice.ExceptionStatus.ToString());
-                });
-            }
+            await ProcessLightningPayment(LightningConnectionType.Charge);
         }
 
         [Fact]
-        public void CanSendLightningPayment()
+        public async Task CanSendLightningPaymentLnd()
         {
+            await ProcessLightningPayment(LightningConnectionType.LndREST);
+        }
+
+        async Task ProcessLightningPayment(LightningConnectionType type)
+        {
+            // For easier debugging and testing
+            // LightningLikePaymentHandler.LIGHTNING_TIMEOUT = int.MaxValue;
 
             using (var tester = ServerTester.Create())
             {
                 tester.Start();
-                tester.PrepareLightning();
                 var user = tester.NewAccount();
                 user.GrantAccess();
-                user.RegisterLightningNode("BTC", LightningConnectionType.Charge);
+                user.RegisterLightningNode("BTC", type);
                 user.RegisterDerivationScheme("BTC");
 
-                var invoice = user.BitPay.CreateInvoice(new Invoice()
-                {
-                    Price = 0.01m,
-                    Currency = "USD",
-                    PosData = "posData",
-                    OrderId = "orderId",
-                    ItemDesc = "Some description"
-                });
+                await tester.EnsureConnectedToDestinations();
 
-                tester.SendLightningPayment(invoice);
+                await CanSendLightningPaymentCore(tester, user);
 
-                Eventually(() =>
-                {
-                    var localInvoice = user.BitPay.GetInvoice(invoice.Id);
-                    Assert.Equal("complete", localInvoice.Status);
-                    Assert.Equal("False", localInvoice.ExceptionStatus.ToString());
-                });
-
-
-                Task.WaitAll(Enumerable.Range(0, 5)
+                await Task.WhenAll(Enumerable.Range(0, 5)
                     .Select(_ => CanSendLightningPaymentCore(tester, user))
                     .ToArray());
             }
@@ -537,7 +466,10 @@ namespace BTCPayServer.Tests
 
         async Task CanSendLightningPaymentCore(ServerTester tester, TestAccount user)
         {
-            await Task.Delay(TimeSpan.FromSeconds(RandomUtils.GetUInt32() % 5));
+            // TODO: If this parameter is less than 1 second we start having concurrency problems
+            await Task.Delay(TimeSpan.FromMilliseconds(1000));
+            //
+
             var invoice = await user.BitPay.CreateInvoiceAsync(new Invoice()
             {
                 Price = 0.01m,
@@ -678,6 +610,40 @@ namespace BTCPayServer.Tests
             }
         }
 
+        [Fact]
+        public void CanGetRates()
+        {
+            using (var tester = ServerTester.Create())
+            {
+                tester.Start();
+                var acc = tester.NewAccount();
+                acc.GrantAccess();
+                acc.RegisterDerivationScheme("BTC");
+                acc.RegisterDerivationScheme("LTC");
+
+                var rateController = acc.GetController<RateController>();
+                var GetBaseCurrencyRatesResult = JObject.Parse(((JsonResult)rateController.GetBaseCurrencyRates("BTC", acc.StoreId)
+                    .GetAwaiter().GetResult()).Value.ToJson()).ToObject<DataWrapper<Rate[]>>();
+                Assert.NotNull(GetBaseCurrencyRatesResult);
+                Assert.NotNull(GetBaseCurrencyRatesResult.Data);
+                Assert.Equal(2, GetBaseCurrencyRatesResult.Data.Length);
+                Assert.Single(GetBaseCurrencyRatesResult.Data.Where(o => o.Code == "LTC"));
+
+                var GetRatesResult = JObject.Parse(((JsonResult)rateController.GetRates(null, acc.StoreId)
+                    .GetAwaiter().GetResult()).Value.ToJson()).ToObject<DataWrapper<Rate[]>>();
+                Assert.NotNull(GetRatesResult);
+                Assert.NotNull(GetRatesResult.Data);
+                Assert.Equal(2, GetRatesResult.Data.Length);
+
+                var GetCurrencyPairRateResult = JObject.Parse(((JsonResult)rateController.GetCurrencyPairRate("BTC", "LTC", acc.StoreId)
+                    .GetAwaiter().GetResult()).Value.ToJson()).ToObject<DataWrapper<Rate>>();
+
+                Assert.NotNull(GetCurrencyPairRateResult);
+                Assert.NotNull(GetCurrencyPairRateResult.Data);
+                Assert.Equal("LTC", GetCurrencyPairRateResult.Data.Code);
+            }
+        }
+
         private void AssertSearchInvoice(TestAccount acc, bool expected, string invoiceId, string filter)
         {
             var result = (Models.InvoicingModels.InvoicesModel)((ViewResult)acc.GetController<InvoiceController>().ListInvoices(filter).Result).Model;
@@ -761,6 +727,22 @@ namespace BTCPayServer.Tests
             Assert.Equal("abed2", search.Filters["status"].Skip(1).First());
         }
 
+        [Fact]
+        public void CanParseFingerprint()
+        {
+            Assert.True(SSH.SSHFingerprint.TryParse("4e343c6fc6cfbf9339c02d06a151e1dd", out var unused));
+            Assert.Equal("4e:34:3c:6f:c6:cf:bf:93:39:c0:2d:06:a1:51:e1:dd", unused.ToString());
+            Assert.True(SSH.SSHFingerprint.TryParse("4e:34:3c:6f:c6:cf:bf:93:39:c0:2d:06:a1:51:e1:dd", out unused));
+            Assert.True(SSH.SSHFingerprint.TryParse("SHA256:Wl7CdRgT4u5T7yPMsxSrlFP+HIJJWwidGkzphJ8di5w", out unused));
+            Assert.True(SSH.SSHFingerprint.TryParse("SHA256:Wl7CdRgT4u5T7yPMsxSrlFP+HIJJWwidGkzphJ8di5w=", out unused));
+            Assert.True(SSH.SSHFingerprint.TryParse("Wl7CdRgT4u5T7yPMsxSrlFP+HIJJWwidGkzphJ8di5w=", out unused));
+            Assert.Equal("SHA256:Wl7CdRgT4u5T7yPMsxSrlFP+HIJJWwidGkzphJ8di5w", unused.ToString());
+
+            Assert.True(SSH.SSHFingerprint.TryParse("Wl7CdRgT4u5T7yPMsxSrlFP+HIJJWwidGkzphJ8di5w=", out var f1));
+            Assert.True(SSH.SSHFingerprint.TryParse("SHA256:Wl7CdRgT4u5T7yPMsxSrlFP+HIJJWwidGkzphJ8di5w", out var f2));
+            Assert.Equal(f1.ToString(), f2.ToString());
+        }
+
         [Fact]
         public void TestAccessBitpayAPI()
         {
@@ -839,8 +821,8 @@ namespace BTCPayServer.Tests
                 user.RegisterDerivationScheme("BTC");
                 List<decimal> rates = new List<decimal>();
                 rates.Add(CreateInvoice(tester, user, "coinaverage"));
-                var bitflyer = CreateInvoice(tester, user, "bitflyer");
-                var bitflyer2 = CreateInvoice(tester, user, "bitflyer");
+                var bitflyer = CreateInvoice(tester, user, "bitflyer", "JPY");
+                var bitflyer2 = CreateInvoice(tester, user, "bitflyer", "JPY");
                 Assert.Equal(bitflyer, bitflyer2); // Should be equal because cache
                 rates.Add(bitflyer);
 
@@ -851,7 +833,7 @@ namespace BTCPayServer.Tests
             }
         }
 
-        private static decimal CreateInvoice(ServerTester tester, TestAccount user, string exchange)
+        private static decimal CreateInvoice(ServerTester tester, TestAccount user, string exchange, string currency = "USD")
         {
             var storeController = user.GetController<StoresController>();
             var vm = (RatesViewModel)((ViewResult)storeController.Rates()).Model;
@@ -860,7 +842,7 @@ namespace BTCPayServer.Tests
             var invoice2 = user.BitPay.CreateInvoice(new Invoice()
             {
                 Price = 5000.0m,
-                Currency = "USD",
+                Currency = currency,
                 PosData = "posData",
                 OrderId = "orderId",
                 ItemDesc = "Some description",
@@ -874,12 +856,10 @@ namespace BTCPayServer.Tests
         {
             using (var tester = ServerTester.Create())
             {
-                tester.PayTester.MockRates = false;
                 tester.Start();
                 var user = tester.NewAccount();
                 user.GrantAccess();
                 user.RegisterDerivationScheme("BTC");
-
                 // First we try payment with a merchant having only BTC
                 var invoice1 = user.BitPay.CreateInvoice(new Invoice()
                 {
@@ -890,12 +870,12 @@ namespace BTCPayServer.Tests
                     ItemDesc = "Some description",
                     FullNotifications = true
                 }, Facade.Merchant);
-
+                Assert.Equal(Money.Coins(1.0m), invoice1.BtcPrice);
 
                 var storeController = user.GetController<StoresController>();
                 var vm = (RatesViewModel)((ViewResult)storeController.Rates()).Model;
-                Assert.Equal(1.0, vm.RateMultiplier);
-                vm.RateMultiplier = 0.5;
+                Assert.Equal(0.0, vm.Spread);
+                vm.Spread = 40;
                 storeController.Rates(vm).Wait();
 
 
@@ -909,7 +889,9 @@ namespace BTCPayServer.Tests
                     FullNotifications = true
                 }, Facade.Merchant);
 
-                Assert.True(invoice2.BtcPrice.Almost(invoice1.BtcPrice * 2, 0.00001m));
+                var expectedRate = 5000.0m * 0.6m;
+                var expectedCoins = invoice2.Price / expectedRate;
+                Assert.True(invoice2.BtcPrice.Almost(Money.Coins(expectedCoins), 0.00001m));
             }
         }
 
@@ -991,7 +973,7 @@ namespace BTCPayServer.Tests
                 var rateVm = Assert.IsType<RatesViewModel>(Assert.IsType<ViewResult>(store.Rates()).Model);
                 Assert.False(rateVm.ShowScripting);
                 Assert.Equal("coinaverage", rateVm.PreferredExchange);
-                Assert.Equal(1.0, rateVm.RateMultiplier);
+                Assert.Equal(0.0, rateVm.Spread);
                 Assert.Null(rateVm.TestRateRules);
 
                 rateVm.PreferredExchange = "bitflyer";
@@ -1000,13 +982,13 @@ namespace BTCPayServer.Tests
                 Assert.Equal("bitflyer", rateVm.PreferredExchange);
 
                 rateVm.ScriptTest = "BTC_JPY,BTC_CAD";
-                rateVm.RateMultiplier = 1.1;
+                rateVm.Spread = 10;
                 store = user.GetController<StoresController>();
                 rateVm = Assert.IsType<RatesViewModel>(Assert.IsType<ViewResult>(store.Rates(rateVm, "Test").Result).Model);
                 Assert.NotNull(rateVm.TestRateRules);
                 Assert.Equal(2, rateVm.TestRateRules.Count);
                 Assert.False(rateVm.TestRateRules[0].Error);
-                Assert.StartsWith("(bitflyer(BTC_JPY)) * 1.10 =", rateVm.TestRateRules[0].Rule, StringComparison.OrdinalIgnoreCase);
+                Assert.StartsWith("(bitflyer(BTC_JPY)) * (0.9, 1.1) =", rateVm.TestRateRules[0].Rule, StringComparison.OrdinalIgnoreCase);
                 Assert.True(rateVm.TestRateRules[1].Error);
                 Assert.IsType<RedirectToActionResult>(store.Rates(rateVm, "Save").Result);
 
@@ -1019,19 +1001,19 @@ namespace BTCPayServer.Tests
                 rateVm.ScriptTest = "BTC_JPY";
                 rateVm = Assert.IsType<RatesViewModel>(Assert.IsType<ViewResult>(store.Rates(rateVm, "Test").Result).Model);
                 Assert.True(rateVm.ShowScripting);
-                Assert.Contains("(bitflyer(BTC_JPY)) * 1.10 = ", rateVm.TestRateRules[0].Rule, StringComparison.OrdinalIgnoreCase);
+                Assert.Contains("(bitflyer(BTC_JPY)) * (0.9, 1.1) = ", rateVm.TestRateRules[0].Rule, StringComparison.OrdinalIgnoreCase);
 
                 rateVm.ScriptTest = "BTC_USD,BTC_CAD,DOGE_USD,DOGE_CAD";
                 rateVm.Script = "DOGE_X = bittrex(DOGE_BTC) * BTC_X;\n" +
                                 "X_CAD = quadrigacx(X_CAD);\n" +
-                                 "X_X = gdax(X_X);";
-                rateVm.RateMultiplier = 0.5;
+                                 "X_X = coinaverage(X_X);";
+                rateVm.Spread = 50;
                 rateVm = Assert.IsType<RatesViewModel>(Assert.IsType<ViewResult>(store.Rates(rateVm, "Test").Result).Model);
                 Assert.True(rateVm.TestRateRules.All(t => !t.Error));
                 Assert.IsType<RedirectToActionResult>(store.Rates(rateVm, "Save").Result);
                 store = user.GetController<StoresController>();
                 rateVm = Assert.IsType<RatesViewModel>(Assert.IsType<ViewResult>(store.Rates()).Model);
-                Assert.Equal(0.5, rateVm.RateMultiplier);
+                Assert.Equal(50, rateVm.Spread);
                 Assert.True(rateVm.ShowScripting);
                 Assert.Contains("DOGE_X", rateVm.Script, StringComparison.OrdinalIgnoreCase);
             }
@@ -1208,6 +1190,64 @@ namespace BTCPayServer.Tests
             Assert.Equal($"{tpub}-[p2sh]", result.ToString());
         }
 
+        [Fact]
+        public void CanDisablePaymentMethods()
+        {
+            using (var tester = ServerTester.Create())
+            {
+                tester.Start();
+                var user = tester.NewAccount();
+                user.GrantAccess();
+                user.RegisterDerivationScheme("BTC");
+                user.RegisterDerivationScheme("LTC");
+                user.RegisterLightningNode("BTC", LightningConnectionType.CLightning);
+
+                var invoice = user.BitPay.CreateInvoice(new Invoice()
+                {
+                    Price = 1.5m,
+                    Currency = "USD",
+                    PosData = "posData",
+                    OrderId = "orderId",
+                    ItemDesc = "Some description",
+                    FullNotifications = true
+                }, Facade.Merchant);
+
+                Assert.Equal(3, invoice.CryptoInfo.Length);
+
+                var controller = user.GetController<StoresController>();
+                var lightningVM = (LightningNodeViewModel)Assert.IsType<ViewResult>(controller.AddLightningNode(user.StoreId, "BTC")).Model;
+                Assert.True(lightningVM.Enabled);
+                lightningVM.Enabled = false;
+                controller.AddLightningNode(user.StoreId, lightningVM, "save", "BTC").GetAwaiter().GetResult();
+                lightningVM = (LightningNodeViewModel)Assert.IsType<ViewResult>(controller.AddLightningNode(user.StoreId, "BTC")).Model;
+                Assert.False(lightningVM.Enabled);
+
+                var derivationVM = (DerivationSchemeViewModel)Assert.IsType<ViewResult>(controller.AddDerivationScheme(user.StoreId, "BTC")).Model;
+                Assert.True(derivationVM.Enabled);
+                derivationVM.Enabled = false;
+                Assert.IsType<RedirectToActionResult>(controller.AddDerivationScheme(user.StoreId, derivationVM, "BTC").GetAwaiter().GetResult());
+                derivationVM = (DerivationSchemeViewModel)Assert.IsType<ViewResult>(controller.AddDerivationScheme(user.StoreId, "BTC")).Model;
+                // Confirmation
+                controller.AddDerivationScheme(user.StoreId, derivationVM, "BTC").GetAwaiter().GetResult();
+                Assert.False(derivationVM.Enabled);
+                derivationVM = (DerivationSchemeViewModel)Assert.IsType<ViewResult>(controller.AddDerivationScheme(user.StoreId, "BTC")).Model;
+                Assert.False(derivationVM.Enabled);
+
+                invoice = user.BitPay.CreateInvoice(new Invoice()
+                {
+                    Price = 1.5m,
+                    Currency = "USD",
+                    PosData = "posData",
+                    OrderId = "orderId",
+                    ItemDesc = "Some description",
+                    FullNotifications = true
+                }, Facade.Merchant);
+
+                Assert.Single(invoice.CryptoInfo);
+                Assert.Equal("LTC", invoice.CryptoInfo[0].CryptoCode);
+            }
+        }
+
         [Fact]
         public void CanSetPaymentMethodLimits()
         {
@@ -1278,14 +1318,16 @@ namespace BTCPayServer.Tests
                 Assert.IsType<RedirectToActionResult>(apps.UpdatePointOfSale(appId, vmpos).Result);
                 vmpos = Assert.IsType<UpdatePointOfSaleViewModel>(Assert.IsType<ViewResult>(apps.UpdatePointOfSale(appId).Result).Model);
                 Assert.Equal("hello", vmpos.Title);
-                var vmview = Assert.IsType<ViewPointOfSaleViewModel>(Assert.IsType<ViewResult>(apps.ViewPointOfSale(appId).Result).Model);
+
+                var publicApps = user.GetController<AppsPublicController>();
+                var vmview = Assert.IsType<ViewPointOfSaleViewModel>(Assert.IsType<ViewResult>(publicApps.ViewPointOfSale(appId).Result).Model);
                 Assert.Equal("hello", vmview.Title);
                 Assert.Equal(2, vmview.Items.Length);
                 Assert.Equal("good apple", vmview.Items[0].Title);
                 Assert.Equal("orange", vmview.Items[1].Title);
                 Assert.Equal(10.0m, vmview.Items[1].Price.Value);
                 Assert.Equal("$5.00", vmview.Items[0].Price.Formatted);
-                Assert.IsType<RedirectResult>(apps.ViewPointOfSale(appId, 0, null, null, null, null, "orange").Result);
+                Assert.IsType<RedirectResult>(publicApps.ViewPointOfSale(appId, 0, null, null, null, null, "orange").Result);
                 var invoice = user.BitPay.GetInvoices().First();
                 Assert.Equal(10.00m, invoice.Price);
                 Assert.Equal("CAD", invoice.Currency);
@@ -1309,13 +1351,15 @@ namespace BTCPayServer.Tests
                 Assert.NotNull(vm.SelectedAppType);
                 Assert.Null(vm.Name);
                 vm.Name = "test";
+                vm.SelectedAppType = AppType.PointOfSale.ToString();
                 var redirectToAction = Assert.IsType<RedirectToActionResult>(apps.CreateApp(vm).Result);
-                Assert.Equal(nameof(apps.ListApps), redirectToAction.ActionName);
+                Assert.Equal(nameof(apps.UpdatePointOfSale), redirectToAction.ActionName);
                 var appList = Assert.IsType<ListAppsViewModel>(Assert.IsType<ViewResult>(apps.ListApps().Result).Model);
                 var appList2 = Assert.IsType<ListAppsViewModel>(Assert.IsType<ViewResult>(apps2.ListApps().Result).Model);
                 Assert.Single(appList.Apps);
                 Assert.Empty(appList2.Apps);
                 Assert.Equal("test", appList.Apps[0].AppName);
+                Assert.Equal(apps.CreatedAppId, appList.Apps[0].Id);
                 Assert.True(appList.Apps[0].IsOwner);
                 Assert.Equal(user.StoreId, appList.Apps[0].StoreId);
                 Assert.IsType<NotFoundResult>(apps2.DeleteApp(appList.Apps[0].Id).Result);
@@ -1499,15 +1543,17 @@ namespace BTCPayServer.Tests
         [Fact]
         public void CanQueryDirectProviders()
         {
-            var provider = new BTCPayNetworkProvider(NetworkType.Mainnet);
-            var factory = CreateBTCPayRateFactory(provider);
+            var factory = CreateBTCPayRateFactory();
 
             foreach (var result in factory
-                .DirectProviders
-                .Select(p => (ExpectedName: p.Key, ResultAsync: p.Value.GetRatesAsync()))
+                .Providers
+                .Where(p => p.Value is BackgroundFetcherRateProvider)
+                .Select(p => (ExpectedName: p.Key, ResultAsync: p.Value.GetRatesAsync(), Fetcher: (BackgroundFetcherRateProvider)p.Value))
                 .ToList())
             {
+                result.Fetcher.InvalidateCache();
                 var exchangeRates = result.ResultAsync.Result;
+                result.Fetcher.InvalidateCache();
                 Assert.NotNull(exchangeRates);
                 Assert.NotEmpty(exchangeRates);
                 Assert.NotEmpty(exchangeRates.ByExchange[result.ExpectedName]);
@@ -1520,68 +1566,118 @@ namespace BTCPayServer.Tests
                                && e.BidAsk.Bid > 1.0m // 1BTC will always be more than 1USD
                                );
             }
+            // Kraken emit one request only after first GetRates
+            factory.Providers["kraken"].GetRatesAsync().GetAwaiter().GetResult();
         }
 
         [Fact]
         public void CanGetRateCryptoCurrenciesByDefault()
         {
             var provider = new BTCPayNetworkProvider(NetworkType.Mainnet);
-            var factory = CreateBTCPayRateFactory(provider);
-
+            var factory = CreateBTCPayRateFactory();
+            var fetcher = new RateFetcher(factory);
             var pairs =
                     provider.GetAll()
                     .Select(c => new CurrencyPair(c.CryptoCode, "USD"))
                     .ToHashSet();
 
             var rules = new StoreBlob().GetDefaultRateRules(provider);
-            var result = factory.FetchRates(pairs, rules);
+            var result = fetcher.FetchRates(pairs, rules);
             foreach (var value in result)
             {
                 var rateResult = value.Value.GetAwaiter().GetResult();
-                Assert.NotNull(rateResult.Value);
+                Assert.NotNull(rateResult.BidAsk);
             }
         }
 
-        private static BTCPayRateProviderFactory CreateBTCPayRateFactory(BTCPayNetworkProvider provider)
+        private static RateProviderFactory CreateBTCPayRateFactory()
         {
-            return new BTCPayRateProviderFactory(new MemoryCacheOptions() { ExpirationScanFrequency = TimeSpan.FromSeconds(1.0) }, provider, new CoinAverageSettings());
+            return new RateProviderFactory(CreateMemoryCache(), null, new CoinAverageSettings());
+        }
+
+        private static MemoryCacheOptions CreateMemoryCache()
+        {
+            return new MemoryCacheOptions() { ExpirationScanFrequency = TimeSpan.FromSeconds(1.0) };
+        }
+
+        class SpyRateProvider : IRateProvider
+        {
+            public bool Hit { get; set; }
+            public Task<ExchangeRates> GetRatesAsync()
+            {
+                Hit = true;
+                var rates = new ExchangeRates();
+                rates.Add(new ExchangeRate("coinaverage", CurrencyPair.Parse("BTC_USD"), new BidAsk(5000)));
+                return Task.FromResult(rates);
+            }
+
+            public void AssertHit()
+            {
+                Assert.True(Hit, "Should have hit the provider");
+                Hit = false;
+            }
+            public void AssertNotHit()
+            {
+                Assert.False(Hit, "Should have not hit the provider");
+                Hit = false;
+            }
         }
 
         [Fact]
         public void CheckRatesProvider()
         {
-            var provider = new BTCPayNetworkProvider(NetworkType.Mainnet);
-            var coinAverage = new CoinAverageRateProvider();
-            var rates = coinAverage.GetRatesAsync().GetAwaiter().GetResult();
-            Assert.NotNull(rates.GetRate("coinaverage", new CurrencyPair("BTC", "JPY")));
-            var ratesBitpay = new BitpayRateProvider(new Bitpay(new Key(), new Uri("https://bitpay.com/"))).GetRatesAsync().GetAwaiter().GetResult();
-            Assert.NotNull(ratesBitpay.GetRate("bitpay", new CurrencyPair("BTC", "JPY")));
-
+            var spy = new SpyRateProvider();
             RateRules.TryParse("X_X = coinaverage(X_X);", out var rateRules);
 
-            var factory = CreateBTCPayRateFactory(provider);
-            factory.CacheSpan = TimeSpan.FromSeconds(10);
+            var factory = CreateBTCPayRateFactory();
+            factory.Providers.Clear();
+            factory.Providers.Add("coinaverage", new CachedRateProvider("coinaverage", spy, new MemoryCache(CreateMemoryCache())));
+            factory.Providers.Add("bittrex", new CachedRateProvider("bittrex", spy, new MemoryCache(CreateMemoryCache())));
+            factory.CacheSpan = TimeSpan.FromSeconds(1);
 
-            var fetchedRate = factory.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
-            Assert.False(fetchedRate.Cached);
-            fetchedRate = factory.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
-            Assert.True(fetchedRate.Cached);
+            var fetcher = new RateFetcher(factory);
 
-            Thread.Sleep(11000);
-            fetchedRate = factory.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
-            Assert.False(fetchedRate.Cached);
-            fetchedRate = factory.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
-            Assert.True(fetchedRate.Cached);
+            var fetchedRate = fetcher.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
+            spy.AssertHit();
+            fetchedRate = fetcher.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
+            spy.AssertNotHit();
+
+            Thread.Sleep(3000);
+            fetchedRate = fetcher.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
+            spy.AssertHit();
+            fetchedRate = fetcher.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
+            spy.AssertNotHit();
             // Should cache at exchange level so this should hit the cache
-            var fetchedRate2 = factory.FetchRate(CurrencyPair.Parse("LTC_USD"), rateRules).GetAwaiter().GetResult();
-            Assert.True(fetchedRate.Cached);
-            Assert.NotEqual(fetchedRate.Value.Value, fetchedRate2.Value.Value);
+            var fetchedRate2 = fetcher.FetchRate(CurrencyPair.Parse("LTC_USD"), rateRules).GetAwaiter().GetResult();
+            spy.AssertNotHit();
+            Assert.Null(fetchedRate2.BidAsk);
+            Assert.Equal(RateRulesErrors.RateUnavailable, fetchedRate2.Errors.First());
 
             // Should cache at exchange level this should not hit the cache as it is different exchange
             RateRules.TryParse("X_X = bittrex(X_X);", out rateRules);
-            fetchedRate = factory.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
-            Assert.False(fetchedRate.Cached);
+            fetchedRate = fetcher.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
+            spy.AssertHit();
 
+            factory.Providers.Clear();
+            var fetch = new BackgroundFetcherRateProvider(spy);
+            fetch.DoNotAutoFetchIfExpired = true;
+            factory.Providers.Add("bittrex", fetch);
+            fetchedRate = fetcher.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
+            spy.AssertHit();
+            fetchedRate = fetcher.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
+            spy.AssertNotHit();
+            fetch.UpdateIfNecessary().GetAwaiter().GetResult();
+            spy.AssertNotHit();
+            fetch.RefreshRate = TimeSpan.FromSeconds(1.0);
+            Thread.Sleep(1020);
+            fetchedRate = fetcher.FetchRate(CurrencyPair.Parse("BTC_USD"), rateRules).GetAwaiter().GetResult();
+            spy.AssertNotHit();
+            fetch.ValidatyTime = TimeSpan.FromSeconds(1.0);
+            fetch.UpdateIfNecessary().GetAwaiter().GetResult();
+            spy.AssertHit();
+            fetch.GetRatesAsync().GetAwaiter().GetResult();
+            Thread.Sleep(1000);
+            Assert.Throws<InvalidOperationException>(() => fetch.GetRatesAsync().GetAwaiter().GetResult());
         }
 
         private static bool IsMapped(Invoice invoice, ApplicationDbContext ctx)

BTCPayServer.Tests/UnitTestPeusa.cs

@@ -0,0 +1,48 @@
+using System;
+using NBitcoin;
+using Xunit;
+
+namespace BTCPayServer.Tests
+{
+    // Helper class for testing functionality and generating data needed during coding/debuging
+    public class UnitTestPeusa
+    {
+        // Unit test that generates temorary checkout Bitpay page
+        // https://forkbitpay.slack.com/archives/C7M093Z55/p1508293682000217
+
+        // Testnet of Bitpay down
+        //[Fact]
+        //public void BitpayCheckout()
+        //{
+        //    var key = new Key(Encoders.Hex.DecodeData("7b70a06f35562873e3dcb46005ed0fe78e1991ad906e56adaaafa40ba861e056"));
+        //    var url = new Uri("https://test.bitpay.com/");
+        //    var btcpay = new Bitpay(key, url);
+        //    var invoice = btcpay.CreateInvoice(new Invoice()
+        //    {
+
+        //        Price = 5.0,
+        //        Currency = "USD",
+        //        PosData = "posData",
+        //        OrderId = "cdfd8a5f-6928-4c3b-ba9b-ddf438029e73",
+        //        ItemDesc = "Hello from the otherside"
+        //    }, Facade.Merchant);
+
+        //    // go to invoice.Url
+        //    Console.WriteLine(invoice.Url);
+        //}
+
+        // Generating Extended public key to use on http://localhost:14142/stores/{storeId}
+        [Fact]
+        public void GeneratePubkey()
+        {
+            var network = Network.RegTest;
+
+            ExtKey masterKey = new ExtKey();
+            Console.WriteLine("Master key : " + masterKey.ToString(network));
+            ExtPubKey masterPubKey = masterKey.Neuter();
+
+            ExtPubKey pubkey = masterPubKey.Derive(0);
+            Console.WriteLine("PubKey " + 0 + " : " + pubkey.ToString(network));
+        }
+    }
+}

BTCPayServer.Tests/docker-compose.yml

@@ -17,9 +17,10 @@ services:
       TESTS_POSTGRES: User ID=postgres;Host=postgres;Port=5432;Database=btcpayserver
       TESTS_PORT: 80
       TESTS_HOSTNAME: tests
-      TEST_MERCHANTLIGHTNINGD: "/etc/merchant_lightningd_datadir/lightning-rpc"
-      TEST_CUSTOMERLIGHTNINGD: "/etc/customer_lightningd_datadir/lightning-rpc"
-      TEST_MERCHANTCHARGE: http://api-token:foiewnccewuify@lightning-charged:9112/
+      TEST_MERCHANTLIGHTNINGD: "type=clightning;server=/etc/merchant_lightningd_datadir/lightning-rpc"
+      TEST_CUSTOMERLIGHTNINGD: "type=clightning;server=/etc/customer_lightningd_datadir/lightning-rpc"
+      TEST_MERCHANTCHARGE: "type=charge;server=https://lightning-charged:9112/;api-token=foiewnccewuify;allowinsecure=true"
+      TEST_MERCHANTLND: "type=lnd-rest;server=https://lnd:lnd@127.0.0.1:53280/;allowinsecure=true"
       TESTS_INCONTAINER: "true"
     expose:
       - "80"
@@ -33,7 +34,7 @@ services:
 
   # The dev container is not actually used, it is just handy to run `docker-compose up dev` to start all services
   dev: 
-    image: nicolasdorier/docker-bitcoin:0.16.0
+    image: nicolasdorier/docker-bitcoin:0.16.3
     environment:
       BITCOIN_EXTRA_ARGS: |
         regtest=1
@@ -44,9 +45,25 @@ services:
       - customer_lightningd
       - merchant_lightningd
       - lightning-charged
+      - customer_lnd
+      - merchant_lnd
+
+  devlnd: 
+    image: nicolasdorier/docker-bitcoin:0.16.3
+    environment:
+      BITCOIN_EXTRA_ARGS: |
+        regtest=1
+        connect=bitcoind:39388
+    links:
+      - nbxplorer
+      - postgres
+      - customer_lnd
+      - merchant_lnd
+
+
 
   nbxplorer:
-    image: nicolasdorier/nbxplorer:1.0.2.8
+    image: nicolasdorier/nbxplorer:1.0.3.3
     ports:
       - "32838:32838"
     expose: 
@@ -70,7 +87,7 @@ services:
       - litecoind
 
   bitcoind:
-    image: nicolasdorier/docker-bitcoin:0.16.0
+    image: nicolasdorier/docker-bitcoin:0.16.3
     environment:
       BITCOIN_EXTRA_ARGS: |
         rpcuser=ceiwHEbqWI83
@@ -80,16 +97,21 @@ services:
         rpcport=43782
         port=39388
         whitelist=0.0.0.0/0
+        zmqpubrawblock=tcp://0.0.0.0:28332
+        zmqpubrawtx=tcp://0.0.0.0:28333
     ports: 
       - "43782:43782"
+      - "28332:28332"
     expose:
       - "43782" # RPC
       - "39388" # P2P
+      - "28332" # ZMQ
+      - "28333" # ZMQ
     volumes:
       - "bitcoin_datadir:/data"
 
   customer_lightningd:
-    image: nicolasdorier/clightning:0.0.0.20-dev
+    image: nicolasdorier/clightning:v0.6.1-dev
     environment: 
       EXPOSE_TCP: "true"
       LIGHTNINGD_OPT: |
@@ -100,6 +122,7 @@ services:
         announce-addr=customer_lightningd
         log-level=debug
         dev-broadcast-interval=1000
+        dev-bitcoind-poll=1
     ports:
       - "30992:9835" # api port
     expose:
@@ -112,7 +135,7 @@ services:
       - bitcoind
 
   lightning-charged:
-    image: shesek/lightning-charge:0.3.12
+    image: shesek/lightning-charge:0.4.3
     environment:
       NETWORK: regtest
       API_TOKEN: foiewnccewuify
@@ -131,7 +154,7 @@ services:
       - merchant_lightningd
 
   merchant_lightningd:
-    image: nicolasdorier/clightning:0.0.0.20-dev
+    image: nicolasdorier/clightning:v0.6.1-dev
     environment: 
       EXPOSE_TCP: "true"
       LIGHTNINGD_OPT: |
@@ -177,8 +200,63 @@ services:
     expose:
       - "5432"
 
+  merchant_lnd:
+    image: btcpayserver/lnd:0.5-beta
+    environment:
+      LND_CHAIN: "btc"
+      LND_ENVIRONMENT: "regtest"
+      LND_EXTRA_ARGS: |
+        restlisten=0.0.0.0:8080
+        bitcoin.node=bitcoind
+        bitcoind.rpchost=bitcoind:43782
+        bitcoind.zmqpubrawblock=tcp://bitcoind:28332
+        bitcoind.zmqpubrawtx=tcp://bitcoind:28333
+        externalip=merchant_lnd:9735
+        no-macaroons=1
+        debuglevel=debug
+        noseedbackup=1
+        trickledelay=1000
+    ports:
+      - "53280:8080"
+    expose:
+      - "9735"
+    volumes:
+      - "merchant_lnd_datadir:/data"
+      - "bitcoin_datadir:/deps/.bitcoin"
+    links:
+      - bitcoind
+
+  customer_lnd:
+    image: btcpayserver/lnd:0.5-beta
+    environment:
+      LND_CHAIN: "btc"
+      LND_ENVIRONMENT: "regtest"
+      LND_EXTRA_ARGS: |
+        restlisten=0.0.0.0:8080
+        bitcoin.node=bitcoind
+        bitcoind.rpchost=bitcoind:43782
+        bitcoind.zmqpubrawblock=tcp://bitcoind:28332
+        bitcoind.zmqpubrawtx=tcp://bitcoind:28333
+        externalip=customer_lnd:10009
+        no-macaroons=1
+        debuglevel=debug
+        noseedbackup=1
+        trickledelay=1000
+    ports:
+      - "53281:8080"
+    expose:
+      - "8080"
+      - "10009"
+    volumes:
+      - "customer_lnd_datadir:/root/.lnd"
+      - "bitcoin_datadir:/deps/.bitcoin"
+    links:
+      - bitcoind
+
 volumes:
     bitcoin_datadir:
     customer_lightningd_datadir:
     merchant_lightningd_datadir:
     lightning_charge_datadir:
+    customer_lnd_datadir:
+    merchant_lnd_datadir:

BTCPayServer/BTCPayNetwork.cs

@@ -44,6 +44,8 @@ namespace BTCPayServer
         public string CryptoCode { get; internal set; }
         public string BlockExplorerLink { get; internal set; }
         public string UriScheme { get; internal set; }
+        public Money MinFee { get; internal set; }
+        public string DisplayName { get; set; }
 
         [Obsolete("Should not be needed")]
         public bool IsBTC

BTCPayServer/BTCPayNetworkProvider.Bitcoin.cs

@@ -17,12 +17,13 @@ namespace BTCPayServer
             Add(new BTCPayNetwork()
             {
                 CryptoCode = nbxplorerNetwork.CryptoCode,
+                DisplayName = "Bitcoin",
                 BlockExplorerLink = NetworkType == NetworkType.Mainnet ? "https://www.smartbit.com.au/tx/{0}" : "https://testnet.smartbit.com.au/tx/{0}",
                 NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
                 NBXplorerNetwork = nbxplorerNetwork,
                 UriScheme = "bitcoin",
-                CryptoImagePath = "imlegacy/bitcoin-symbol.svg",
-                LightningImagePath = "imlegacy/btc-lightning.svg",
+                CryptoImagePath = "imlegacy/bitcoin.svg",
+                LightningImagePath = "imlegacy/bitcoin-lightning.svg",
                 DefaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NetworkType),
                 CoinType = NetworkType == NetworkType.Mainnet ? new KeyPath("0'") : new KeyPath("1'")
             });

BTCPayServer/BTCPayNetworkProvider.BitcoinGold.cs

@@ -10,6 +10,7 @@ namespace BTCPayServer
             Add(new BTCPayNetwork()
             {
                 CryptoCode = nbxplorerNetwork.CryptoCode,
+                DisplayName = "BGold",
                 BlockExplorerLink = NetworkType == NetworkType.Mainnet ? "https://explorer.bitcoingold.org/insight/tx/{0}/" : "https://test-explorer.bitcoingold.org/insight/tx/{0}",
                 NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
                 NBXplorerNetwork = nbxplorerNetwork,
@@ -19,8 +20,8 @@ namespace BTCPayServer
                     "BTG_X = BTG_BTC * BTC_X",
                     "BTG_BTC = bitfinex(BTG_BTC)",
                 },
-                CryptoImagePath = "imlegacy/btg-symbol.svg",
-                LightningImagePath = "imlegacy/btg-symbol.svg",
+                CryptoImagePath = "imlegacy/btg.svg",
+                LightningImagePath = "imlegacy/btg-lightning.svg",
                 DefaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NetworkType),
                 CoinType = NetworkType == NetworkType.Mainnet ? new KeyPath("156'") : new KeyPath("1'")
             });

BTCPayServer/BTCPayNetworkProvider.Dash.cs

@@ -0,0 +1,35 @@
+using NBitcoin;
+
+namespace BTCPayServer
+{
+    public partial class BTCPayNetworkProvider
+    {
+        public void InitDash()
+        {
+            //not needed: NBitcoin.Altcoins.Dash.Instance.EnsureRegistered();
+            var nbxplorerNetwork = NBXplorerNetworkProvider.GetFromCryptoCode("DASH");
+            Add(new BTCPayNetwork()
+            {
+                CryptoCode = nbxplorerNetwork.CryptoCode,
+                DisplayName = "Dash",
+                BlockExplorerLink = NetworkType == NetworkType.Mainnet
+                    ? "https://insight.dash.org/insight/tx/{0}"
+                    : "https://testnet-insight.dashevo.org/insight/tx/{0}",
+                NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
+                NBXplorerNetwork = nbxplorerNetwork,
+                UriScheme = "dash",
+                DefaultRateRules = new[]
+                    {
+                        "DASH_X = DASH_BTC * BTC_X",
+                        "DASH_BTC = bittrex(DASH_BTC)"
+                    },
+                CryptoImagePath = "imlegacy/dash.png",
+                DefaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NetworkType),
+                //https://github.com/satoshilabs/slips/blob/master/slip-0044.md
+                CoinType = NetworkType == NetworkType.Mainnet ? new KeyPath("5'")
+                    : new KeyPath("1'"),
+                MinFee = Money.Satoshis(1m)
+            });
+        }
+    }
+}

BTCPayServer/BTCPayNetworkProvider.Dogecoin.cs

@@ -16,6 +16,7 @@ namespace BTCPayServer
             Add(new BTCPayNetwork()
             {
                 CryptoCode = nbxplorerNetwork.CryptoCode,
+                DisplayName = "Dogecoin",
                 BlockExplorerLink = NetworkType == NetworkType.Mainnet ? "https://dogechain.info/tx/{0}" : "https://dogechain.info/tx/{0}",
                 NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
                 NBXplorerNetwork = nbxplorerNetwork,
@@ -27,7 +28,8 @@ namespace BTCPayServer
                 },
                 CryptoImagePath = "imlegacy/dogecoin.png",
                 DefaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NetworkType),
-                CoinType = NetworkType == NetworkType.Mainnet ? new KeyPath("3'") : new KeyPath("1'")
+                CoinType = NetworkType == NetworkType.Mainnet ? new KeyPath("3'") : new KeyPath("1'"),
+                MinFee = Money.Coins(1m)
             });
         }
     }

BTCPayServer/BTCPayNetworkProvider.Feathercoin.cs

@@ -16,6 +16,7 @@ namespace BTCPayServer
             Add(new BTCPayNetwork()
             {
                 CryptoCode = nbxplorerNetwork.CryptoCode,
+                DisplayName = "Feathercoin",
                 BlockExplorerLink = NetworkType == NetworkType.Mainnet ? "https://explorer.feathercoin.com/tx/{0}" : "https://explorer.feathercoin.com/tx/{0}",
                 NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
                 NBXplorerNetwork = nbxplorerNetwork,

BTCPayServer/BTCPayNetworkProvider.Groestlcoin.cs

@@ -0,0 +1,35 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using NBitcoin;
+
+namespace BTCPayServer
+{
+    public partial class BTCPayNetworkProvider
+    {
+        public void InitGroestlcoin()
+        {
+
+            var nbxplorerNetwork = NBXplorerNetworkProvider.GetFromCryptoCode("GRS");
+            Add(new BTCPayNetwork()
+            {
+                CryptoCode = nbxplorerNetwork.CryptoCode,
+                DisplayName = "Groestlcoin",
+                BlockExplorerLink = NetworkType == NetworkType.Mainnet ? "https://chainz.cryptoid.info/grs/tx.dws?{0}.htm" : "https://chainz.cryptoid.info/grs-test/tx.dws?{0}.htm",
+                NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
+                NBXplorerNetwork = nbxplorerNetwork,
+                UriScheme = "groestlcoin",
+                DefaultRateRules = new[]
+                {
+                                "GRS_X = GRS_BTC * BTC_X",
+                                "GRS_BTC = bittrex(GRS_BTC)"
+                },
+                CryptoImagePath = "imlegacy/groestlcoin.png",
+                LightningImagePath = "imlegacy/groestlcoin-lightning.png",
+                DefaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NetworkType),
+                CoinType = NetworkType == NetworkType.Mainnet ? new KeyPath("17'") : new KeyPath("1'")
+            });
+        }
+    }
+}

BTCPayServer/BTCPayNetworkProvider.Litecoin.cs

@@ -16,12 +16,13 @@ namespace BTCPayServer
             Add(new BTCPayNetwork()
             {
                 CryptoCode = nbxplorerNetwork.CryptoCode,
+                DisplayName = "Litecoin",
                 BlockExplorerLink = NetworkType == NetworkType.Mainnet ? "https://live.blockcypher.com/ltc/tx/{0}/" : "http://explorer.litecointools.com/tx/{0}",
                 NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
                 NBXplorerNetwork = nbxplorerNetwork,
                 UriScheme = "litecoin",
-                CryptoImagePath = "imlegacy/litecoin-symbol.svg",
-                LightningImagePath = "imlegacy/ltc-lightning.svg",
+                CryptoImagePath = "imlegacy/litecoin.svg",
+                LightningImagePath = "imlegacy/litecoin-lightning.svg",
                 DefaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NetworkType),
                 CoinType = NetworkType == NetworkType.Mainnet ? new KeyPath("2'") : new KeyPath("1'")
             });

BTCPayServer/BTCPayNetworkProvider.Monacoin.cs

@@ -16,6 +16,7 @@ namespace BTCPayServer
             Add(new BTCPayNetwork()
             {
                 CryptoCode = nbxplorerNetwork.CryptoCode,
+                DisplayName = "Monacoin",
                 BlockExplorerLink = NetworkType == NetworkType.Mainnet ? "https://mona.insight.monaco-ex.org/insight/tx/{0}" : "https://testnet-mona.insight.monaco-ex.org/insight/tx/{0}",
                 NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
                 NBXplorerNetwork = nbxplorerNetwork,

BTCPayServer/BTCPayNetworkProvider.Polis.cs

@@ -16,6 +16,7 @@ namespace BTCPayServer
             Add(new BTCPayNetwork()
             {
                 CryptoCode = nbxplorerNetwork.CryptoCode,
+                DisplayName = "Polis",
                 BlockExplorerLink = NetworkType == NetworkType.Mainnet ? "https://insight.polispay.org/tx/{0}" : "https://insight.polispay.org/tx/{0}",
                 NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
                 NBXplorerNetwork = nbxplorerNetwork,

BTCPayServer/BTCPayNetworkProvider.Ufo.cs

@@ -0,0 +1,35 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Services.Rates;
+using NBitcoin;
+using NBXplorer;
+
+namespace BTCPayServer
+{
+    public partial class BTCPayNetworkProvider
+    {
+        public void InitUfo()
+        {
+            var nbxplorerNetwork = NBXplorerNetworkProvider.GetFromCryptoCode("UFO");
+            Add(new BTCPayNetwork()
+            {
+                CryptoCode = nbxplorerNetwork.CryptoCode,
+                DisplayName = "Ufo",
+                BlockExplorerLink = NetworkType == NetworkType.Mainnet ? "https://chainz.cryptoid.info/ufo/tx.dws?{0}" : "https://chainz.cryptoid.info/ufo/tx.dws?{0}",
+                NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
+                NBXplorerNetwork = nbxplorerNetwork,
+                UriScheme = "ufo",
+                DefaultRateRules = new[] 
+                {
+                                "UFO_X = UFO_BTC * BTC_X",
+                                "UFO_BTC = coinexchange(UFO_BTC)"
+                },
+                CryptoImagePath = "imlegacy/ufo.png",
+                DefaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NetworkType),
+                CoinType = NetworkType == NetworkType.Mainnet ? new KeyPath("202'") : new KeyPath("1'")
+            });
+        }
+    }
+}

BTCPayServer/BTCPayNetworkProvider.Viacoin.cs

@@ -0,0 +1,35 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Services.Rates;
+using NBitcoin;
+using NBXplorer;
+
+namespace BTCPayServer
+{
+    public partial class BTCPayNetworkProvider
+    {
+        public void InitViacoin()
+        {
+            var nbxplorerNetwork = NBXplorerNetworkProvider.GetFromCryptoCode("VIA");
+            Add(new BTCPayNetwork()
+            {
+                CryptoCode = nbxplorerNetwork.CryptoCode,
+                DisplayName = "Viacoin",
+                BlockExplorerLink = NetworkType == NetworkType.Mainnet ? "https://explorer.viacoin.org/tx/{0}" : "https://explorer.viacoin.org/tx/{0}",
+                NBitcoinNetwork = nbxplorerNetwork.NBitcoinNetwork,
+                NBXplorerNetwork = nbxplorerNetwork,
+                UriScheme = "viacoin",
+                DefaultRateRules = new[]
+                {
+                                "VIA_X = VIA_BTC * BTC_X",
+                                "VIA_BTC = bittrex(VIA_BTC)"
+                },
+                CryptoImagePath = "imlegacy/viacoin.png",
+                DefaultSettings = BTCPayDefaultSettings.GetDefaultSettings(NetworkType),
+                CoinType = NetworkType == NetworkType.Mainnet ? new KeyPath("14'") : new KeyPath("1'")
+            });
+        }
+    }
+}

BTCPayServer/BTCPayNetworkProvider.cs

@@ -50,8 +50,12 @@ namespace BTCPayServer
             InitDogecoin();
             InitBitcoinGold();
             InitMonacoin();
+            InitDash();
             InitPolis();
             InitFeathercoin();
+            InitGroestlcoin();
+            InitViacoin();
+            //InitUfo();
         }
 
         /// <summary>

BTCPayServer/BTCPayServer.csproj

@@ -2,9 +2,12 @@
   <PropertyGroup>
     <OutputType>Exe</OutputType>
     <TargetFramework>netcoreapp2.1</TargetFramework>
-		<Version>1.0.2.34</Version>
+		<Version>1.0.2.109</Version>
     <NoWarn>NU1701,CA1816,CA1308,CA1810,CA2208</NoWarn>
   </PropertyGroup>
+  <PropertyGroup>
+    <LangVersion>7.3</LangVersion>
+  </PropertyGroup>
   <ItemGroup>
     <Compile Remove="Build\dockerfiles\**" />
     <Compile Remove="wwwroot\bundles\jqueryvalidate\**" />
@@ -30,31 +33,33 @@
     <EmbeddedResource Include="Currencies.txt" />
   </ItemGroup>
   <ItemGroup>
+    <PackageReference Include="BTCPayServer.Lightning.All" Version="1.1.0.1" />
     <PackageReference Include="BuildBundlerMinifier" Version="2.7.385" />
-    <PackageReference Include="DigitalRuby.ExchangeSharp" Version="0.4.1" />
+    <PackageReference Include="DigitalRuby.ExchangeSharp" Version="0.5.3" />
     <PackageReference Include="Hangfire" Version="1.6.19" />
     <PackageReference Include="Hangfire.MemoryStorage" Version="1.5.2" />
     <PackageReference Include="Hangfire.PostgreSql" Version="1.4.8.2" />
-    <PackageReference Include="LedgerWallet" Version="1.0.1.36" />
+    <PackageReference Include="LedgerWallet" Version="2.0.0.2" />
     <PackageReference Include="Meziantou.AspNetCore.BundleTagHelpers" Version="2.0.0" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="2.1.0" />
     <PackageReference Include="Microsoft.Extensions.Logging.Filter" Version="1.1.2" />
     <PackageReference Include="Microsoft.NetCore.Analyzers" Version="2.6.0" />
-    <PackageReference Include="NBitcoin" Version="4.1.1.10" />
-    <PackageReference Include="NBitpayClient" Version="1.0.0.28" />	  
+    <PackageReference Include="NBitcoin" Version="4.1.1.48" />
+    <PackageReference Include="NBitpayClient" Version="1.0.0.30" />	  
     <PackageReference Include="DBreeze" Version="1.87.0" />
-    <PackageReference Include="NBXplorer.Client" Version="1.0.2.10" />
+    <PackageReference Include="NBXplorer.Client" Version="1.0.3" />
     <PackageReference Include="NicolasDorier.CommandLine" Version="1.0.0.2" />
     <PackageReference Include="NicolasDorier.CommandLine.Configuration" Version="1.0.0.3" />
-    <PackageReference Include="NicolasDorier.StandardConfiguration" Version="1.0.0.14" />
+    <PackageReference Include="NicolasDorier.RateLimits" Version="1.0.0.3" />
+    <PackageReference Include="NicolasDorier.StandardConfiguration" Version="1.0.0.18" />
     <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="2.1.0" />
+    <PackageReference Include="SSH.NET" Version="2016.1.0" />
     <PackageReference Include="System.Xml.XmlSerializer" Version="4.3.0" />
     <PackageReference Include="Text.Analyzers" Version="2.6.0" />
   </ItemGroup>
 
 	<ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.App" Version="2.1.0" />
-		<PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version=" 2.1.0" PrivateAssets="All" />
+    <PackageReference Include="Microsoft.AspNetCore.App" Version="2.1.4" />
 		<PackageReference Include="YamlDotNet" Version="4.3.1" />
 	</ItemGroup>
 
@@ -111,6 +116,50 @@
 	<ItemGroup>
 	  <Folder Include="Build\" />
 	  <Folder Include="wwwroot\vendor\clipboard.js\" />
+	  <Folder Include="wwwroot\vendor\highlightjs\" />
+	</ItemGroup>
+
+	<ItemGroup>
+    <Content Update="Views\Apps\_ViewImports.cshtml">
+      <CopyToPublishDirectory>PreserveNewest</CopyToPublishDirectory>
+      <Pack>$(IncludeRazorContentInPack)</Pack>
+    </Content>
+    <Content Update="Views\Server\SSHService.cshtml">
+      <Pack>$(IncludeRazorContentInPack)</Pack>
+    </Content>
+    <Content Update="Views\Stores\PayButtonEnable.cshtml">
+      <Pack>$(IncludeRazorContentInPack)</Pack>
+    </Content>
+	  <Content Update="Views\Stores\PayButton.cshtml">
+	    <Pack>$(IncludeRazorContentInPack)</Pack>
+	  </Content>
+	  <Content Update="Views\Public\PayButtonHandle.cshtml">
+	    <Pack>$(IncludeRazorContentInPack)</Pack>
+	  </Content>
+	  <Content Update="Views\Server\LNDGRPCServices.cshtml">
+	    <Pack>$(IncludeRazorContentInPack)</Pack>
+	  </Content>
+	  <Content Update="Views\Server\Maintenance.cshtml">
+	    <Pack>$(IncludeRazorContentInPack)</Pack>
+	  </Content>
+	  <Content Update="Views\Server\Services.cshtml">
+	    <Pack>$(IncludeRazorContentInPack)</Pack>
+	  </Content>
+	  <Content Update="Views\Wallets\ListWallets.cshtml">
+	    <Pack>$(IncludeRazorContentInPack)</Pack>
+	  </Content>
+	  <Content Update="Views\Wallets\WalletTransactions.cshtml">
+	    <Pack>$(IncludeRazorContentInPack)</Pack>
+	  </Content>
+	  <Content Update="Views\Wallets\_Nav.cshtml">
+	    <Pack>$(IncludeRazorContentInPack)</Pack>
+	  </Content>
+	  <Content Update="Views\Wallets\_ViewImports.cshtml">
+	    <Pack>$(IncludeRazorContentInPack)</Pack>
+	  </Content>
+	  <Content Update="Views\Wallets\_ViewStart.cshtml">
+	    <Pack>$(IncludeRazorContentInPack)</Pack>
+	  </Content>
 	</ItemGroup>
 
 	<ItemGroup>

BTCPayServer/Configuration/BTCPayServerOptions.cs

@@ -11,6 +11,10 @@ using StandardConfiguration;
 using Microsoft.Extensions.Configuration;
 using NBXplorer;
 using BTCPayServer.Payments.Lightning;
+using Renci.SshNet;
+using NBitcoin.DataEncoders;
+using BTCPayServer.SSH;
+using BTCPayServer.Lightning;
 
 namespace BTCPayServer.Configuration
 {
@@ -74,16 +78,40 @@ namespace BTCPayServer.Configuration
                 setting.ExplorerUri = conf.GetOrDefault<Uri>($"{net.CryptoCode}.explorer.url", net.NBXplorerNetwork.DefaultSettings.DefaultUrl);
                 setting.CookieFile = conf.GetOrDefault<string>($"{net.CryptoCode}.explorer.cookiefile", net.NBXplorerNetwork.DefaultSettings.DefaultCookieFile);
                 NBXplorerConnectionSettings.Add(setting);
-                var lightning = conf.GetOrDefault<string>($"{net.CryptoCode}.lightning", string.Empty);
-                if(lightning.Length != 0)
                 {
-                    if(!LightningConnectionString.TryParse(lightning, out var connectionString, out var error))
+                    var lightning = conf.GetOrDefault<string>($"{net.CryptoCode}.lightning", string.Empty);
+                    if (lightning.Length != 0)
                     {
-                        throw new ConfigException($"Invalid setting {net.CryptoCode}.lightning, you need to pass either " +
-                            $"the absolute path to the unix socket of a running CLightning instance (eg. /root/.lightning/lightning-rpc), " +
-                            $"or the url to a charge server with crendetials (eg. https://apitoken@API_TOKEN_SECRET:charge.example.com/)");
+                        if (!LightningConnectionString.TryParse(lightning, true, out var connectionString, out var error))
+                        {
+                            throw new ConfigException($"Invalid setting {net.CryptoCode}.lightning, " + Environment.NewLine +
+                                $"If you have a lightning server use: 'type=clightning;server=/root/.lightning/lightning-rpc', " + Environment.NewLine +
+                                $"If you have a lightning charge server: 'type=charge;server=https://charge.example.com;api-token=yourapitoken'" + Environment.NewLine +
+                                $"If you have a lnd server: 'type=lnd-rest;server=https://lnd:lnd@lnd.example.com;macaroon=abf239...;certthumbprint=2abdf302...'" + Environment.NewLine +
+                                $"              lnd server: 'type=lnd-rest;server=https://lnd:lnd@lnd.example.com;macaroonfilepath=/root/.lnd/admin.macaroon;certthumbprint=2abdf302...'" + Environment.NewLine +
+                                error);
+                        }
+                        if (connectionString.IsLegacy)
+                        {
+                            Logs.Configuration.LogWarning($"Setting {net.CryptoCode}.lightning will work but use an deprecated format, please replace it by '{connectionString.ToString()}'");
+                        }
+                        InternalLightningByCryptoCode.Add(net.CryptoCode, connectionString);
+                    }
+                }
+
+                {
+                    var lightning = conf.GetOrDefault<string>($"{net.CryptoCode}.external.lnd.grpc", string.Empty);
+                    if (lightning.Length != 0)
+                    {
+                        if (!LightningConnectionString.TryParse(lightning, false, out var connectionString, out var error))
+                        {
+                            throw new ConfigException($"Invalid setting {net.CryptoCode}.external.lnd.grpc, " + Environment.NewLine +
+                                $"lnd server: 'type=lnd-grpc;server=https://lnd.example.com;macaroon=abf239...;certthumbprint=2abdf302...'" + Environment.NewLine +
+                                $"lnd server: 'type=lnd-grpc;server=https://lnd.example.com;macaroonfilepath=/root/.lnd/admin.macaroon;certthumbprint=2abdf302...'" + Environment.NewLine +
+                                error);
+                        }
+                        ExternalServicesByCryptoCode.Add(net.CryptoCode, new ExternalLNDGRPC(connectionString));
                     }
-                    InternalLightningByCryptoCode.Add(net.CryptoCode, connectionString);
                 }
             }
 
@@ -93,15 +121,102 @@ namespace BTCPayServer.Configuration
             BundleJsCss = conf.GetOrDefault<bool>("bundlejscss", true);
             ExternalUrl = conf.GetOrDefault<Uri>("externalurl", null);
 
+            var sshSettings = ParseSSHConfiguration(conf);
+            if ((!string.IsNullOrEmpty(sshSettings.Password) || !string.IsNullOrEmpty(sshSettings.KeyFile)) && !string.IsNullOrEmpty(sshSettings.Server))
+            {
+                int waitTime = 0;
+                while (!string.IsNullOrEmpty(sshSettings.KeyFile) && !File.Exists(sshSettings.KeyFile))
+                {
+                    if(waitTime++ < 5)
+                        System.Threading.Thread.Sleep(1000);
+                    else
+                        throw new ConfigException($"sshkeyfile does not exist");
+                }
+                    
+                if (sshSettings.Port > ushort.MaxValue ||
+                   sshSettings.Port < ushort.MinValue)
+                    throw new ConfigException($"ssh port is invalid");
+                if (!string.IsNullOrEmpty(sshSettings.Password) && !string.IsNullOrEmpty(sshSettings.KeyFile))
+                    throw new ConfigException($"sshpassword or sshkeyfile should be provided, but not both");
+                try
+                {
+                    sshSettings.CreateConnectionInfo();
+                }
+                catch
+                {
+                    throw new ConfigException($"sshkeyfilepassword is invalid");
+                }
+                SSHSettings = sshSettings;
+            }
+
+            var fingerPrints = conf.GetOrDefault<string>("sshtrustedfingerprints", "");
+            if (!string.IsNullOrEmpty(fingerPrints))
+            {
+                foreach (var fingerprint in fingerPrints.Split(';', StringSplitOptions.RemoveEmptyEntries))
+                {
+                    if (!SSHFingerprint.TryParse(fingerprint, out var f))
+                        throw new ConfigException($"Invalid ssh fingerprint format {fingerprint}");
+                    TrustedFingerprints.Add(f);
+                }
+            }
+
             RootPath = conf.GetOrDefault<string>("rootpath", "/");
             if (!RootPath.StartsWith("/", StringComparison.InvariantCultureIgnoreCase))
                 RootPath = "/" + RootPath;
             var old = conf.GetOrDefault<Uri>("internallightningnode", null);
-            if(old != null)
+            if (old != null)
                 throw new ConfigException($"internallightningnode should not be used anymore, use btclightning instead");
         }
+
+        private SSHSettings ParseSSHConfiguration(IConfiguration conf)
+        {
+            var externalUrl = conf.GetOrDefault<Uri>("externalurl", null);
+            var settings = new SSHSettings();
+            settings.Server = conf.GetOrDefault<string>("sshconnection", null);
+            if (settings.Server != null)
+            {
+                var parts = settings.Server.Split(':');
+                if (parts.Length == 2 && int.TryParse(parts[1], out int port))
+                {
+                    settings.Port = port;
+                    settings.Server = parts[0];
+                }
+                else
+                {
+                    settings.Port = 22;
+                }
+
+                parts = settings.Server.Split('@');
+                if (parts.Length == 2)
+                {
+                    settings.Username = parts[0];
+                    settings.Server = parts[1];
+                }
+                else
+                {
+                    settings.Username = "root";
+                }
+            }
+            else if (externalUrl != null)
+            {
+                settings.Port = 22;
+                settings.Username = "root";
+                settings.Server = externalUrl.DnsSafeHost;
+            }
+            settings.Password = conf.GetOrDefault<string>("sshpassword", "");
+            settings.KeyFile = conf.GetOrDefault<string>("sshkeyfile", "");
+            settings.KeyFilePassword = conf.GetOrDefault<string>("sshkeyfilepassword", "");
+            return settings;
+        }
+
+        internal bool IsTrustedFingerprint(byte[] fingerPrint, byte[] hostKey)
+        {
+            return TrustedFingerprints.Any(f => f.Match(fingerPrint, hostKey));
+        }
+
         public string RootPath { get; set; }
         public Dictionary<string, LightningConnectionString> InternalLightningByCryptoCode { get; set; } = new Dictionary<string, LightningConnectionString>();
+        public ExternalServices ExternalServicesByCryptoCode { get; set; } = new ExternalServices();
 
         public BTCPayNetworkProvider NetworkProvider { get; set; }
         public string PostgresConnectionString
@@ -119,6 +234,12 @@ namespace BTCPayServer.Configuration
             get;
             set;
         }
+        public List<SSHFingerprint> TrustedFingerprints { get; set; } = new List<SSHFingerprint>();
+        public SSHSettings SSHSettings
+        {
+            get;
+            set;
+        }
 
         internal string GetRootUri()
         {
@@ -129,4 +250,29 @@ namespace BTCPayServer.Configuration
             return builder.ToString();
         }
     }
+
+    public class ExternalServices : MultiValueDictionary<string, ExternalService>
+    {
+        public IEnumerable<T> GetServices<T>(string cryptoCode) where T : ExternalService
+        {
+            if (!this.TryGetValue(cryptoCode.ToUpperInvariant(), out var services))
+                return Array.Empty<T>();
+            return services.OfType<T>();
+        }
+    }
+
+    public class ExternalService
+    {
+
+    }
+
+    public class ExternalLNDGRPC : ExternalService
+    {
+        public ExternalLNDGRPC(LightningConnectionString connectionString)
+        {
+            ConnectionString = connectionString;
+        }
+
+        public LightningConnectionString ConnectionString { get; set; }
+    }
 }

BTCPayServer/Configuration/DefaultConfiguration.cs

@@ -27,19 +27,25 @@ namespace BTCPayServer.Configuration
             };
             app.HelpOption("-? | -h | --help");
             app.Option("-n | --network", $"Set the network among (mainnet,testnet,regtest) (default: mainnet)", CommandOptionType.SingleValue);
-            app.Option("--testnet | -testnet", $"Use testnet (Deprecated, use --network instead)", CommandOptionType.BoolValue);
-            app.Option("--regtest | -regtest", $"Use regtest (Deprecated, use --network instead)", CommandOptionType.BoolValue);
-            app.Option("--chains | -c", $"Chains to support comma separated (default: btc, available: {chains})", CommandOptionType.SingleValue);
-            app.Option("--postgres", $"Connection string to postgres database (default: sqlite is used)", CommandOptionType.SingleValue);
-            app.Option("--externalurl", $"The expected external url of this service, to use if BTCPay is behind a reverse proxy (default: empty, use the incoming HTTP request to figure out)", CommandOptionType.SingleValue);
-            app.Option("--bundlejscss", $"Bundle javascript and css files for better performance (default: true)", CommandOptionType.SingleValue);
+            app.Option("--testnet | -testnet", $"Use testnet (deprecated, use --network instead)", CommandOptionType.BoolValue);
+            app.Option("--regtest | -regtest", $"Use regtest (deprecated, use --network instead)", CommandOptionType.BoolValue);
+            app.Option("--chains | -c", $"Chains to support as a comma separated (default: btc; available: {chains})", CommandOptionType.SingleValue);
+            app.Option("--postgres", $"Connection string to a PostgreSQL database (default: SQLite)", CommandOptionType.SingleValue);
+            app.Option("--externalurl", $"The expected external URL of this service, to use if BTCPay is behind a reverse proxy (default: empty, use the incoming HTTP request to figure out)", CommandOptionType.SingleValue);
+            app.Option("--bundlejscss", $"Bundle JavaScript and CSS files for better performance (default: true)", CommandOptionType.SingleValue);
             app.Option("--rootpath", "The root path in the URL to access BTCPay (default: /)", CommandOptionType.SingleValue);
+            app.Option("--sshconnection", "SSH server to manage BTCPay under the form user@server:port (default: root@externalhost or empty)", CommandOptionType.SingleValue);
+            app.Option("--sshpassword", "SSH password to manage BTCPay (default: empty)", CommandOptionType.SingleValue);
+            app.Option("--sshkeyfile", "SSH private key file to manage BTCPay (default: empty)", CommandOptionType.SingleValue);
+            app.Option("--sshkeyfilepassword", "Password of the SSH keyfile (default: empty)", CommandOptionType.SingleValue);
+            app.Option("--sshtrustedfingerprints", "SSH Host public key fingerprint or sha256 (default: empty, it will allow untrusted connections)", CommandOptionType.SingleValue);
             foreach (var network in provider.GetAll())
             {
                 var crypto = network.CryptoCode.ToLowerInvariant();
-                app.Option($"--{crypto}explorerurl", $"Url of the NBxplorer for {network.CryptoCode} (default: {network.NBXplorerNetwork.DefaultSettings.DefaultUrl})", CommandOptionType.SingleValue);
+                app.Option($"--{crypto}explorerurl", $"URL of the NBXplorer for {network.CryptoCode} (default: {network.NBXplorerNetwork.DefaultSettings.DefaultUrl})", CommandOptionType.SingleValue);
                 app.Option($"--{crypto}explorercookiefile", $"Path to the cookie file (default: {network.NBXplorerNetwork.DefaultSettings.DefaultCookieFile})", CommandOptionType.SingleValue);
-                app.Option($"--{crypto}lightning", $"Easy configuration of lightning for the server adnistrator: Must be a unix socket of CLightning (lightning-rpc) or URL to a charge server (default: empty)", CommandOptionType.SingleValue);
+                app.Option($"--{crypto}lightning", $"Easy configuration of lightning for the server administrator: Must be a UNIX socket of c-lightning (lightning-rpc) or URL to a charge server (default: empty)", CommandOptionType.SingleValue);
+                app.Option($"--{crypto}externallndgrpc", $"The LND gRPC configuration BTCPay will expose to easily connect to the internal lnd wallet from Zap wallet (default: empty)", CommandOptionType.SingleValue);
             }
             return app;
         }

BTCPayServer/Controllers/AccountController.cs

@@ -17,6 +17,8 @@ using BTCPayServer.Services.Mails;
 using BTCPayServer.Services.Stores;
 using BTCPayServer.Logging;
 using BTCPayServer.Security;
+using System.Globalization;
+using NicolasDorier.RateLimits;
 
 namespace BTCPayServer.Controllers
 {
@@ -69,6 +71,7 @@ namespace BTCPayServer.Controllers
         [HttpPost]
         [AllowAnonymous]
         [ValidateAntiForgeryToken]
+        [RateLimitsFilter(ZoneLimits.Login, Scope = RateLimitsScope.RemoteAddress)]
         public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null)
         {
             ViewData["ReturnUrl"] = returnUrl;
@@ -87,7 +90,7 @@ namespace BTCPayServer.Controllers
                 }
                 // This doesn't count login failures towards account lockout
                 // To enable password failures to trigger account lockout, set lockoutOnFailure: true
-                var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: false);
+                var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: true);
                 if (result.Succeeded)
                 {
                     _logger.LogInformation("User logged in.");
@@ -236,23 +239,25 @@ namespace BTCPayServer.Controllers
 
         [HttpGet]
         [AllowAnonymous]
-        public async Task<IActionResult> Register(string returnUrl = null)
+        public async Task<IActionResult> Register(string returnUrl = null, bool logon = true)
         {
             var policies = await _SettingsRepository.GetSettingAsync<PoliciesSettings>() ?? new PoliciesSettings();
-            if (policies.LockSubscription)
+            if (policies.LockSubscription && !User.IsInRole(Roles.ServerAdmin))
                 return RedirectToAction(nameof(HomeController.Index), "Home");
             ViewData["ReturnUrl"] = returnUrl;
+            ViewData["Logon"] = logon.ToString(CultureInfo.InvariantCulture).ToLowerInvariant();
             return View();
         }
 
         [HttpPost]
         [AllowAnonymous]
         [ValidateAntiForgeryToken]
-        public async Task<IActionResult> Register(RegisterViewModel model, string returnUrl = null)
+        public async Task<IActionResult> Register(RegisterViewModel model, string returnUrl = null, bool logon = true)
         {
             ViewData["ReturnUrl"] = returnUrl;
+            ViewData["Logon"] = logon.ToString(CultureInfo.InvariantCulture).ToLowerInvariant();
             var policies = await _SettingsRepository.GetSettingAsync<PoliciesSettings>() ?? new PoliciesSettings();
-            if (policies.LockSubscription)
+            if (policies.LockSubscription && !User.IsInRole(Roles.ServerAdmin))
                 return RedirectToAction(nameof(HomeController.Index), "Home");
             if (ModelState.IsValid)
             {
@@ -274,7 +279,8 @@ namespace BTCPayServer.Controllers
                     await _emailSender.SendEmailConfirmationAsync(model.Email, callbackUrl);
                     if (!policies.RequiresConfirmedEmail)
                     {
-                        await _signInManager.SignInAsync(user, isPersistent: false);
+                        if(logon)
+                            await _signInManager.SignInAsync(user, isPersistent: false);
                         return RedirectToLocal(returnUrl);
                     }
                     else

BTCPayServer/Controllers/AppsController.PointOfSale.cs

@@ -1,24 +1,11 @@
-using System;
-using Microsoft.EntityFrameworkCore;
-using System.Collections.Generic;
-using System.Linq;
+using System.Text;
+using System.Text.Encodings.Web;
 using System.Threading.Tasks;
 using BTCPayServer.Data;
-using BTCPayServer.Models;
 using BTCPayServer.Models.AppViewModels;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Identity;
-using Microsoft.AspNetCore.Mvc;
-using NBitcoin.DataEncoders;
-using NBitcoin;
 using BTCPayServer.Services.Apps;
-using Newtonsoft.Json;
-using YamlDotNet.RepresentationModel;
-using System.IO;
-using BTCPayServer.Services.Rates;
-using System.Globalization;
-using System.Text;
-using System.Text.Encodings.Web;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
 
 namespace BTCPayServer.Controllers
 {
@@ -86,7 +73,7 @@ namespace BTCPayServer.Controllers
                 }
                 try
                 {
-                    var items = Parse(settings.Template, settings.Currency);
+                    var items = _AppsHelper.Parse(settings.Template, settings.Currency);
                     var builder = new StringBuilder();
                     builder.AppendLine($"<form method=\"POST\" action=\"{encoder.Encode(appUrl)}\">");
                     builder.AppendLine($"  <input type=\"hidden\" name=\"email\" value=\"customer@example.com\" />");
@@ -108,11 +95,11 @@ namespace BTCPayServer.Controllers
         [Route("{appId}/settings/pos")]
         public async Task<IActionResult> UpdatePointOfSale(string appId, UpdatePointOfSaleViewModel vm)
         {
-            if (_Currencies.GetCurrencyData(vm.Currency, false) == null)
+            if (_AppsHelper.GetCurrencyData(vm.Currency, false) == null)
                 ModelState.AddModelError(nameof(vm.Currency), "Invalid currency");
             try
             {
-                Parse(vm.Template, vm.Currency);
+                _AppsHelper.Parse(vm.Template, vm.Currency);
             }
             catch
             {
@@ -134,138 +121,7 @@ namespace BTCPayServer.Controllers
             });
             await UpdateAppSettings(app);
             StatusMessage = "App updated";
-            return RedirectToAction(nameof(UpdatePointOfSale));
-        }
-
-        [HttpGet]
-        [Route("{appId}/pos")]
-        public async Task<IActionResult> ViewPointOfSale(string appId)
-        {
-            var app = await GetApp(appId, AppType.PointOfSale);
-            if (app == null)
-                return NotFound();
-            var settings = app.GetSettings<PointOfSaleSettings>();
-            var currency = _Currencies.GetCurrencyData(settings.Currency, false);
-            double step = currency == null ? 1 : Math.Pow(10, -(currency.Divisibility));
-
-            return View(new ViewPointOfSaleViewModel()
-            {
-                Title = settings.Title,
-                Step = step.ToString(CultureInfo.InvariantCulture),
-                ShowCustomAmount = settings.ShowCustomAmount,
-                Items = Parse(settings.Template, settings.Currency)
-            });
-        }
-
-        private async Task<AppData> GetApp(string appId, AppType appType)
-        {
-            using (var ctx = _ContextFactory.CreateContext())
-            {
-                return await ctx.Apps
-                                .Where(us => us.Id == appId && us.AppType == appType.ToString())
-                                .FirstOrDefaultAsync();
-            }
-        }
-
-        private ViewPointOfSaleViewModel.Item[] Parse(string template, string currency)
-        {
-            var input = new StringReader(template);
-            YamlStream stream = new YamlStream();
-            stream.Load(input);
-            var root = (YamlMappingNode)stream.Documents[0].RootNode;
-            return root
-                .Children
-                .Select(kv => new { Key = (kv.Key as YamlScalarNode)?.Value, Value = kv.Value as YamlMappingNode })
-                .Where(kv => kv.Value != null)
-                .Select(c => new ViewPointOfSaleViewModel.Item()
-                {
-                    Id = c.Key,
-                    Title = c.Value.Children
-                             .Select(kv => new { Key = (kv.Key as YamlScalarNode)?.Value, Value = kv.Value as YamlScalarNode })
-                             .Where(kv => kv.Value != null)
-                             .Where(cc => cc.Key == "title")
-                             .FirstOrDefault()?.Value?.Value ?? c.Key,
-                    Price = c.Value.Children
-                             .Select(kv => new { Key = (kv.Key as YamlScalarNode)?.Value, Value = kv.Value as YamlScalarNode })
-                             .Where(kv => kv.Value != null)
-                             .Where(cc => cc.Key == "price")
-                             .Select(cc => new ViewPointOfSaleViewModel.Item.ItemPrice()
-                             {
-                                 Value = decimal.Parse(cc.Value.Value, CultureInfo.InvariantCulture),
-                                 Formatted = FormatCurrency(cc.Value.Value, currency)
-                             })
-                             .Single()
-                })
-                .ToArray();
-        }
-
-        string FormatCurrency(string price, string currency)
-        {
-            return decimal.Parse(price, CultureInfo.InvariantCulture).ToString("C", _Currencies.GetCurrencyProvider(currency));
-        }
-
-        [HttpPost]
-        [Route("{appId}/pos")]
-        [IgnoreAntiforgeryToken]
-        public async Task<IActionResult> ViewPointOfSale(string appId,
-                                                        decimal amount,
-                                                        string email,
-                                                        string orderId,
-                                                        string notificationUrl,
-                                                        string redirectUrl,
-                                                        string choiceKey)
-        {
-            var app = await GetApp(appId, AppType.PointOfSale);
-            if (string.IsNullOrEmpty(choiceKey) && amount <= 0)
-            {
-                return RedirectToAction(nameof(ViewPointOfSale), new { appId = appId });
-            }
-            if (app == null)
-                return NotFound();
-            var settings = app.GetSettings<PointOfSaleSettings>();
-            if (string.IsNullOrEmpty(choiceKey) && !settings.ShowCustomAmount)
-            {
-                return RedirectToAction(nameof(ViewPointOfSale), new { appId = appId });
-            }
-            string title = null;
-            var price = 0.0m;
-            if (!string.IsNullOrEmpty(choiceKey))
-            {
-                var choices = Parse(settings.Template, settings.Currency);
-                var choice = choices.FirstOrDefault(c => c.Id == choiceKey);
-                if (choice == null)
-                    return NotFound();
-                title = choice.Title;
-                price = choice.Price.Value;
-            }
-            else
-            {
-                if (!settings.ShowCustomAmount)
-                    return NotFound();
-                price = amount;
-                title = settings.Title;
-            }
-            var store = await GetStore(app);
-            var invoice = await _InvoiceController.CreateInvoiceCore(new NBitpayClient.Invoice()
-            {
-                ItemDesc = title,
-                Currency = settings.Currency,
-                Price = price,
-                BuyerEmail = email,
-                OrderId = orderId,
-                NotificationURL = notificationUrl,
-                RedirectURL = redirectUrl,
-                FullNotifications = true
-            }, store, HttpContext.Request.GetAbsoluteRoot());
-            return Redirect(invoice.Data.Url);
-        }
-
-        private async Task<StoreData> GetStore(AppData app)
-        {
-            using (var ctx = _ContextFactory.CreateContext())
-            {
-                return await ctx.Stores.FirstOrDefaultAsync(s => s.Id == app.StoreDataId);
-            }
+            return RedirectToAction(nameof(ListApps));
         }
 
         private async Task UpdateAppSettings(AppData app)

BTCPayServer/Controllers/AppsController.cs

@@ -1,44 +1,47 @@
 using System;
-using Microsoft.EntityFrameworkCore;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
 using BTCPayServer.Data;
 using BTCPayServer.Models;
 using BTCPayServer.Models.AppViewModels;
+using BTCPayServer.Security;
+using BTCPayServer.Services.Apps;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
-using NBitcoin.DataEncoders;
+using Microsoft.EntityFrameworkCore;
 using NBitcoin;
-using BTCPayServer.Services.Apps;
-using BTCPayServer.Services.Rates;
+using NBitcoin.DataEncoders;
 
 namespace BTCPayServer.Controllers
 {
+    [Authorize(AuthenticationSchemes = Policies.CookieAuthentication)]
     [AutoValidateAntiforgeryToken]
     [Route("apps")]
     public partial class AppsController : Controller
     {
-        ApplicationDbContextFactory _ContextFactory;
-        UserManager<ApplicationUser> _UserManager;
-        CurrencyNameTable _Currencies;
-        InvoiceController _InvoiceController;
-
-        [TempData]
-        public string StatusMessage { get; set; }
-
         public AppsController(
             UserManager<ApplicationUser> userManager,
             ApplicationDbContextFactory contextFactory,
-            CurrencyNameTable currencies,
-            InvoiceController invoiceController)
+            BTCPayNetworkProvider networkProvider,
+            AppsHelper appsHelper)
         {
-            _InvoiceController = invoiceController;
             _UserManager = userManager;
             _ContextFactory = contextFactory;
-            _Currencies = currencies;
+            _NetworkProvider = networkProvider;
+            _AppsHelper = appsHelper;
         }
+
+        private UserManager<ApplicationUser> _UserManager;
+        private ApplicationDbContextFactory _ContextFactory;
+        private BTCPayNetworkProvider _NetworkProvider;
+        private AppsHelper _AppsHelper;
+
+        [TempData]
+        public string StatusMessage { get; set; }
+        public string CreatedAppId { get; set; }
+
         public async Task<IActionResult> ListApps()
         {
             var apps = await GetAllApps();
@@ -102,9 +105,9 @@ namespace BTCPayServer.Controllers
                 StatusMessage = "Error: You are not owner of this store";
                 return RedirectToAction(nameof(ListApps));
             }
+            var id = Encoders.Base58.EncodeData(RandomUtils.GetBytes(20));
             using (var ctx = _ContextFactory.CreateContext())
             {
-                var id = Encoders.Base58.EncodeData(RandomUtils.GetBytes(32));
                 var appData = new AppData() { Id = id };
                 appData.StoreDataId = selectedStore;
                 appData.Name = vm.Name;
@@ -113,6 +116,9 @@ namespace BTCPayServer.Controllers
                 await ctx.SaveChangesAsync();
             }
             StatusMessage = "App successfully created";
+            CreatedAppId = id;
+            if (appType == AppType.PointOfSale)
+                return RedirectToAction(nameof(UpdatePointOfSale), new { appId = id });
             return RedirectToAction(nameof(ListApps));
         }
 
@@ -131,21 +137,9 @@ namespace BTCPayServer.Controllers
             });
         }
 
-        private async Task<AppData> GetOwnedApp(string appId, AppType? type = null)
+        private Task<AppData> GetOwnedApp(string appId, AppType? type = null)
         {
-            var userId = GetUserId();
-            using (var ctx = _ContextFactory.CreateContext())
-            {
-                var app = await ctx.UserStore
-                                .Where(us => us.ApplicationUserId == userId && us.Role == StoreRoles.Owner)
-                                .SelectMany(us => us.StoreData.Apps.Where(a => a.Id == appId))
-                   .FirstOrDefaultAsync();
-                if (app == null)
-                    return null;
-                if (type != null && type.Value.ToString() != app.AppType)
-                    return null;
-                return app;
-            }
+            return _AppsHelper.GetAppDataIfOwner(GetUserId(), appId, type);
         }
 
         private async Task<StoreData[]> GetOwnedStores()

BTCPayServer/Controllers/AppsPublicController.cs

@@ -0,0 +1,202 @@
+using System;
+using System.Globalization;
+using System.IO;
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using BTCPayServer.Data;
+using BTCPayServer.Models.AppViewModels;
+using BTCPayServer.Security;
+using BTCPayServer.Services.Apps;
+using BTCPayServer.Services.Rates;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Cors;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+using YamlDotNet.RepresentationModel;
+using static BTCPayServer.Controllers.AppsController;
+
+namespace BTCPayServer.Controllers
+{
+    public class AppsPublicController : Controller
+    {
+        public AppsPublicController(AppsHelper appsHelper, InvoiceController invoiceController)
+        {
+            _AppsHelper = appsHelper;
+            _InvoiceController = invoiceController;
+        }
+
+        private AppsHelper _AppsHelper;
+        private InvoiceController _InvoiceController;
+
+        [HttpGet]
+        [Route("/apps/{appId}/pos")]
+        public async Task<IActionResult> ViewPointOfSale(string appId)
+        {
+            var app = await _AppsHelper.GetApp(appId, AppType.PointOfSale);
+            if (app == null)
+                return NotFound();
+            var settings = app.GetSettings<PointOfSaleSettings>();
+            var currency = _AppsHelper.GetCurrencyData(settings.Currency, false);
+            double step = currency == null ? 1 : Math.Pow(10, -(currency.Divisibility));
+
+            return View(new ViewPointOfSaleViewModel()
+            {
+                Title = settings.Title,
+                Step = step.ToString(CultureInfo.InvariantCulture),
+                ShowCustomAmount = settings.ShowCustomAmount,
+                Items = _AppsHelper.Parse(settings.Template, settings.Currency)
+            });
+        }
+
+        [HttpPost]
+        [Route("/apps/{appId}/pos")]
+        [IgnoreAntiforgeryToken]
+        [EnableCors(CorsPolicies.All)]
+        public async Task<IActionResult> ViewPointOfSale(string appId,
+                                                        decimal amount,
+                                                        string email,
+                                                        string orderId,
+                                                        string notificationUrl,
+                                                        string redirectUrl,
+                                                        string choiceKey)
+        {
+            var app = await _AppsHelper.GetApp(appId, AppType.PointOfSale);
+            if (string.IsNullOrEmpty(choiceKey) && amount <= 0)
+            {
+                return RedirectToAction(nameof(ViewPointOfSale), new { appId = appId });
+            }
+            if (app == null)
+                return NotFound();
+            var settings = app.GetSettings<PointOfSaleSettings>();
+            if (string.IsNullOrEmpty(choiceKey) && !settings.ShowCustomAmount)
+            {
+                return RedirectToAction(nameof(ViewPointOfSale), new { appId = appId });
+            }
+            string title = null;
+            var price = 0.0m;
+            if (!string.IsNullOrEmpty(choiceKey))
+            {
+                var choices = _AppsHelper.Parse(settings.Template, settings.Currency);
+                var choice = choices.FirstOrDefault(c => c.Id == choiceKey);
+                if (choice == null)
+                    return NotFound();
+                title = choice.Title;
+                price = choice.Price.Value;
+            }
+            else
+            {
+                if (!settings.ShowCustomAmount)
+                    return NotFound();
+                price = amount;
+                title = settings.Title;
+            }
+            var store = await _AppsHelper.GetStore(app);
+            store.AdditionalClaims.Add(new Claim(Policies.CanCreateInvoice.Key, store.Id));
+            var invoice = await _InvoiceController.CreateInvoiceCore(new NBitpayClient.Invoice()
+            {
+                ItemDesc = title,
+                Currency = settings.Currency,
+                Price = price,
+                BuyerEmail = email,
+                OrderId = orderId,
+                NotificationURL = notificationUrl,
+                RedirectURL = redirectUrl,
+                FullNotifications = true
+            }, store, HttpContext.Request.GetAbsoluteRoot());
+            return Redirect(invoice.Data.Url);
+        }
+    }
+
+
+    public class AppsHelper
+    {
+        ApplicationDbContextFactory _ContextFactory;
+        CurrencyNameTable _Currencies;
+
+        public AppsHelper(ApplicationDbContextFactory contextFactory, CurrencyNameTable currencies)
+        {
+            _ContextFactory = contextFactory;
+            _Currencies = currencies;
+
+        }
+
+        public async Task<AppData> GetApp(string appId, AppType appType)
+        {
+            using (var ctx = _ContextFactory.CreateContext())
+            {
+                return await ctx.Apps
+                                .Where(us => us.Id == appId &&
+                                             us.AppType == appType.ToString())
+                                .FirstOrDefaultAsync();
+            }
+        }
+
+        public async Task<StoreData> GetStore(AppData app)
+        {
+            using (var ctx = _ContextFactory.CreateContext())
+            {
+                return await ctx.Stores.FirstOrDefaultAsync(s => s.Id == app.StoreDataId);
+            }
+        }
+
+        public ViewPointOfSaleViewModel.Item[] Parse(string template, string currency)
+        {
+            var input = new StringReader(template);
+            YamlStream stream = new YamlStream();
+            stream.Load(input);
+            var root = (YamlMappingNode)stream.Documents[0].RootNode;
+            return root
+                .Children
+                .Select(kv => new { Key = (kv.Key as YamlScalarNode)?.Value, Value = kv.Value as YamlMappingNode })
+                .Where(kv => kv.Value != null)
+                .Select(c => new ViewPointOfSaleViewModel.Item()
+                {
+                    Id = c.Key,
+                    Title = c.Value.Children
+                             .Select(kv => new { Key = (kv.Key as YamlScalarNode)?.Value, Value = kv.Value as YamlScalarNode })
+                             .Where(kv => kv.Value != null)
+                             .Where(cc => cc.Key == "title")
+                             .FirstOrDefault()?.Value?.Value ?? c.Key,
+                    Price = c.Value.Children
+                             .Select(kv => new { Key = (kv.Key as YamlScalarNode)?.Value, Value = kv.Value as YamlScalarNode })
+                             .Where(kv => kv.Value != null)
+                             .Where(cc => cc.Key == "price")
+                             .Select(cc => new ViewPointOfSaleViewModel.Item.ItemPrice()
+                             {
+                                 Value = decimal.Parse(cc.Value.Value, CultureInfo.InvariantCulture),
+                                 Formatted = FormatCurrency(cc.Value.Value, currency)
+                             })
+                             .Single()
+                })
+                .ToArray();
+        }
+
+        public string FormatCurrency(string price, string currency)
+        {
+            return decimal.Parse(price, CultureInfo.InvariantCulture).ToString("C", _Currencies.GetCurrencyProvider(currency));
+        }
+
+        public CurrencyData GetCurrencyData(string currency, bool useFallback)
+        {
+            return _Currencies.GetCurrencyData(currency, useFallback);
+        }
+        public async Task<AppData> GetAppDataIfOwner(string userId, string appId, AppType? type = null)
+        {
+            if (userId == null || appId == null)
+                return null;
+            using (var ctx = _ContextFactory.CreateContext())
+            {
+                var app = await ctx.UserStore
+                                .Where(us => us.ApplicationUserId == userId && us.Role == StoreRoles.Owner)
+                                .SelectMany(us => us.StoreData.Apps.Where(a => a.Id == appId))
+                   .FirstOrDefaultAsync();
+                if (app == null)
+                    return null;
+                if (type != null && type.Value.ToString() != app.AppType)
+                    return null;
+                return app;
+            }
+        }
+    }
+}

BTCPayServer/Controllers/HomeController.cs

@@ -5,6 +5,7 @@ using System.Linq;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Mvc;
 using BTCPayServer.Models;
+using NBitcoin.DataEncoders;
 
 namespace BTCPayServer.Controllers
 {

BTCPayServer/Controllers/InvoiceController.API.cs

@@ -1,26 +1,20 @@
-using BTCPayServer.Authentication;
-using Microsoft.Extensions.Logging;
-using BTCPayServer.Filters;
-using BTCPayServer.Logging;
-using BTCPayServer.Models;
-using Microsoft.AspNetCore.Mvc;
-using NBitpayClient;
-using System;
-using System.Collections.Generic;
+using System;
 using System.Linq;
 using System.Threading.Tasks;
-using BTCPayServer.Data;
-using BTCPayServer.Services.Invoices;
-using Microsoft.AspNetCore.Cors;
-using BTCPayServer.Services.Stores;
-using Microsoft.AspNetCore.Authorization;
+using BTCPayServer.Filters;
+using BTCPayServer.Models;
 using BTCPayServer.Security;
+using BTCPayServer.Services.Invoices;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Cors;
+using Microsoft.AspNetCore.Mvc;
+using NBitpayClient;
 
 namespace BTCPayServer.Controllers
 {
     [EnableCors("BitpayAPI")]
     [BitpayAPIConstraint]
-    [Authorize(Policies.CanUseStore.Key, AuthenticationSchemes = Policies.BitpayAuthentication)]
+    [Authorize(Policies.CanCreateInvoice.Key, AuthenticationSchemes = Policies.BitpayAuthentication)]
     public class InvoiceControllerAPI : Controller
     {
         private InvoiceController _InvoiceController;

BTCPayServer/Controllers/InvoiceController.PaymentProtocol.cs

@@ -1,16 +1,14 @@
-using BTCPayServer.Filters;
-using Microsoft.Extensions.Logging;
-using BTCPayServer.Logging;
-using Microsoft.AspNetCore.Mvc;
-using NBitcoin;
-using NBitcoin.Payment;
-using System;
-using System.Collections.Generic;
+using System;
 using System.Linq;
 using System.Text;
 using System.Threading.Tasks;
-using BTCPayServer.Services.Invoices;
+using BTCPayServer.Filters;
+using BTCPayServer.Logging;
 using BTCPayServer.Payments;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+using NBitcoin;
+using NBitcoin.Payment;
 
 namespace BTCPayServer.Controllers
 {
@@ -78,10 +76,42 @@ namespace BTCPayServer.Controllers
             var wallet = _WalletProvider.GetWallet(network);
             if (wallet == null)
                 return NotFound();
-            var payment = PaymentMessage.Load(Request.Body);
+            var payment = PaymentMessage.Load(Request.Body, network.NBitcoinNetwork);
             var unused = wallet.BroadcastTransactionsAsync(payment.Transactions);
             await _InvoiceRepository.AddRefundsAsync(invoiceId, payment.RefundTo.Select(p => new TxOut(p.Amount, p.Script)).ToArray(), network.NBitcoinNetwork);
             return new PaymentAckActionResult(payment.CreateACK(invoiceId + " is currently processing, thanks for your purchase..."));
         }
     }
+
+
+    public class PaymentRequestActionResult : IActionResult
+    {
+        PaymentRequest req;
+        public PaymentRequestActionResult(PaymentRequest req)
+        {
+            this.req = req;
+        }
+        public Task ExecuteResultAsync(ActionContext context)
+        {
+            context.HttpContext.Response.Headers["Content-Transfer-Encoding"] = "binary";
+            context.HttpContext.Response.ContentType = "application/bitcoin-paymentrequest";
+            req.WriteTo(context.HttpContext.Response.Body);
+            return Task.CompletedTask;
+        }
+    }
+    public class PaymentAckActionResult : IActionResult
+    {
+        PaymentACK req;
+        public PaymentAckActionResult(PaymentACK req)
+        {
+            this.req = req;
+        }
+        public Task ExecuteResultAsync(ActionContext context)
+        {
+            context.HttpContext.Response.Headers["Content-Transfer-Encoding"] = "binary";
+            context.HttpContext.Response.ContentType = "application/bitcoin-paymentack";
+            req.WriteTo(context.HttpContext.Response.Body);
+            return Task.CompletedTask;
+        }
+    }
 }

BTCPayServer/Controllers/InvoiceController.UI.cs

@@ -1,28 +1,25 @@
-using BTCPayServer.Data;
+using System;
+using System.Collections.Generic;
+using System.Globalization;
+using System.Linq;
+using System.Net.WebSockets;
+using System.Threading;
+using System.Threading.Tasks;
+using BTCPayServer.Data;
+using BTCPayServer.Events;
 using BTCPayServer.Filters;
 using BTCPayServer.Models.InvoicingModels;
+using BTCPayServer.Payments;
+using BTCPayServer.Payments.Lightning;
+using BTCPayServer.Security;
 using BTCPayServer.Services.Invoices;
+using BTCPayServer.Services.Rates;
 using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Cors;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.Rendering;
 using NBitcoin;
 using NBitpayClient;
-using System;
-using System.Collections.Generic;
-using System.Globalization;
-using System.Linq;
-using System.Security.Claims;
-using System.Text;
-using System.Threading.Tasks;
-using BTCPayServer.Services.Rates;
-using System.Net.WebSockets;
-using System.Threading;
-using BTCPayServer.Events;
 using NBXplorer;
-using BTCPayServer.Payments;
-using BTCPayServer.Payments.Lightning;
-using BTCPayServer.Security;
 
 namespace BTCPayServer.Controllers
 {
@@ -34,7 +31,6 @@ namespace BTCPayServer.Controllers
         {
             var invoice = (await _InvoiceRepository.GetInvoices(new InvoiceQuery()
             {
-                UserId = GetUserId(),
                 InvoiceId = invoiceId,
                 IncludeAddresses = true,
                 IncludeEvents = true
@@ -61,7 +57,7 @@ namespace BTCPayServer.Controllers
                 MonitoringDate = invoice.MonitoringExpiration,
                 OrderId = invoice.OrderId,
                 BuyerInformation = invoice.BuyerInformation,
-                Fiat = FormatCurrency((decimal)dto.Price, dto.Currency, _CurrencyNameTable),
+                Fiat = _CurrencyNameTable.DisplayFormatCurrency((decimal)dto.Price, dto.Currency),
                 NotificationUrl = invoice.NotificationURL,
                 RedirectUrl = invoice.RedirectURL,
                 ProductInformation = invoice.ProductInformation,
@@ -175,6 +171,7 @@ namespace BTCPayServer.Controllers
         [Route("invoice")]
         [AcceptMediaTypeConstraint("application/bitcoin-paymentrequest", false)]
         [XFrameOptionsAttribute(null)]
+        [ReferrerPolicyAttribute("origin")]
         public async Task<IActionResult> Checkout(string invoiceId, string id = null, string paymentMethodId = null)
         {
             //Keep compatibility with Bitpay
@@ -186,6 +183,20 @@ namespace BTCPayServer.Controllers
             if (model == null)
                 return NotFound();
 
+
+            _CSP.Add(new ConsentSecurityPolicy("script-src", "'unsafe-eval'")); // Needed by Vue
+            if (!string.IsNullOrEmpty(model.CustomCSSLink) &&
+                Uri.TryCreate(model.CustomCSSLink, UriKind.Absolute, out var uri))
+            {
+                _CSP.Clear();
+            }
+
+            if (!string.IsNullOrEmpty(model.CustomLogoLink) &&
+                Uri.TryCreate(model.CustomLogoLink, UriKind.Absolute, out uri))
+            {
+                _CSP.Clear();
+            }
+
             return View(nameof(Checkout), model);
         }
 
@@ -198,7 +209,7 @@ namespace BTCPayServer.Controllers
             bool isDefaultCrypto = false;
             if (paymentMethodIdStr == null)
             {
-                paymentMethodIdStr = store.GetDefaultCrypto();
+                paymentMethodIdStr = store.GetDefaultCrypto(_NetworkProvider);
                 isDefaultCrypto = true;
             }
 
@@ -216,7 +227,11 @@ namespace BTCPayServer.Controllers
             {
                 if (!isDefaultCrypto)
                     return null;
-                var paymentMethodTemp = invoice.GetPaymentMethods(_NetworkProvider).First();
+                var paymentMethodTemp = invoice.GetPaymentMethods(_NetworkProvider)
+                                               .Where(c=> paymentMethodId.CryptoCode == c.GetId().CryptoCode)
+                                               .FirstOrDefault();
+                if (paymentMethodTemp == null)
+                    paymentMethodTemp = invoice.GetPaymentMethods(_NetworkProvider).First();
                 network = paymentMethodTemp.Network;
                 paymentMethodId = paymentMethodTemp.GetId();
                 paymentMethodIdStr = paymentMethodId.ToString();
@@ -233,6 +248,8 @@ namespace BTCPayServer.Controllers
             {
                 CryptoCode = network.CryptoCode,
                 PaymentMethodId = paymentMethodId.ToString(),
+                PaymentMethodName = GetDisplayName(paymentMethodId, network),
+                CryptoImage = GetImage(paymentMethodId, network),
                 IsLightning = paymentMethodId.PaymentType == PaymentTypes.LightningLike,
                 ServerUrl = HttpContext.Request.GetAbsoluteRoot(),
                 OrderId = invoice.OrderId,
@@ -264,7 +281,6 @@ namespace BTCPayServer.Controllers
                 TxCount = accounting.TxRequired,
                 BtcPaid = accounting.Paid.ToString(),
                 Status = invoice.Status,
-                CryptoImage = "/" + GetImage(paymentMethodId, network),
                 NetworkFee = paymentMethodDetails.GetTxFee(),
                 IsMultiCurrency = invoice.GetPayments().Select(p => p.GetPaymentMethodId()).Concat(new[] { paymentMethod.GetId() }).Distinct().Count() > 1,
                 AllowCoinConversion = storeBlob.AllowCoinConversion,
@@ -273,10 +289,14 @@ namespace BTCPayServer.Controllers
                                           .Select(kv => new PaymentModel.AvailableCrypto()
                                           {
                                               PaymentMethodId = kv.GetId().ToString(),
-                                              CryptoImage = "/" + GetImage(kv.GetId(), kv.Network),
+                                              CryptoCode = kv.GetId().CryptoCode,
+                                              PaymentMethodName = GetDisplayName(kv.GetId(), kv.Network),
+                                              IsLightning = kv.GetId().PaymentType == PaymentTypes.LightningLike,
+                                              CryptoImage = GetImage(kv.GetId(), kv.Network),
                                               Link = Url.Action(nameof(Checkout), new { invoiceId = invoiceId, paymentMethodId = kv.GetId().ToString() })
                                           }).Where(c => c.CryptoImage != "/")
-                .ToList()
+                                          .OrderByDescending(a => a.CryptoCode == "BTC").ThenBy(a => a.PaymentMethodName).ThenBy(a => a.IsLightning ? 1 : 0)
+                                          .ToList()
             };
 
             var expiration = TimeSpan.FromSeconds(model.ExpirationSeconds);
@@ -284,9 +304,17 @@ namespace BTCPayServer.Controllers
             return model;
         }
 
+        private string GetDisplayName(PaymentMethodId paymentMethodId, BTCPayNetwork network)
+        {
+            return paymentMethodId.PaymentType == PaymentTypes.BTCLike ?
+                network.DisplayName : network.DisplayName + " (Lightning)";
+        }
+
         private string GetImage(PaymentMethodId paymentMethodId, BTCPayNetwork network)
         {
-            return (paymentMethodId.PaymentType == PaymentTypes.BTCLike ? Url.Content(network.CryptoImagePath) : Url.Content(network.LightningImagePath));
+            var res = paymentMethodId.PaymentType == PaymentTypes.BTCLike ?
+                Url.Content(network.CryptoImagePath) : Url.Content(network.LightningImagePath);
+            return "/" + res;
         }
 
         private string OrderAmountFromInvoice(string cryptoCode, ProductInformation productInformation)
@@ -295,39 +323,12 @@ namespace BTCPayServer.Controllers
             if (cryptoCode == productInformation.Currency)
                 return null;
 
-            return FormatCurrency(productInformation.Price, productInformation.Currency, _CurrencyNameTable);
+            return _CurrencyNameTable.DisplayFormatCurrency(productInformation.Price, productInformation.Currency);
         }
         private string ExchangeRate(PaymentMethod paymentMethod)
         {
             string currency = paymentMethod.ParentEntity.ProductInformation.Currency;
-            return FormatCurrency(paymentMethod.Rate, currency, _CurrencyNameTable);
-        }
-
-        public static string FormatCurrency(decimal price, string currency, CurrencyNameTable currencies)
-        {
-            var provider = currencies.GetNumberFormatInfo(currency, true);
-            var currencyData = currencies.GetCurrencyData(currency, true);
-            var divisibility = currencyData.Divisibility;
-            while (true)
-            {
-                var rounded = decimal.Round(price, divisibility, MidpointRounding.AwayFromZero);
-                if ((Math.Abs(rounded - price) / price) < 0.001m)
-                {
-                    price = rounded;
-                    break;
-                }
-                divisibility++;
-            }
-            if (divisibility != provider.CurrencyDecimalDigits)
-            {
-                provider = (NumberFormatInfo)provider.Clone();
-                provider.CurrencyDecimalDigits = divisibility;
-            }
-            
-            if (currencyData.Crypto)
-                return price.ToString("C", provider);
-            else
-                return price.ToString("C", provider) + $" ({currency})";
+            return _CurrencyNameTable.DisplayFormatCurrency(paymentMethod.Rate, currency);
         }
 
         [HttpGet]
@@ -356,7 +357,7 @@ namespace BTCPayServer.Controllers
             {
                 leases.Add(_EventAggregator.Subscribe<Events.InvoiceDataChangedEvent>(async o => await NotifySocket(webSocket, o.InvoiceId, invoiceId)));
                 leases.Add(_EventAggregator.Subscribe<Events.InvoiceNewAddressEvent>(async o => await NotifySocket(webSocket, o.InvoiceId, invoiceId)));
-                leases.Add(_EventAggregator.Subscribe<Events.InvoiceEvent>(async o => await NotifySocket(webSocket, o.InvoiceId, invoiceId)));
+                leases.Add(_EventAggregator.Subscribe<Events.InvoiceEvent>(async o => await NotifySocket(webSocket, o.Invoice.Id, invoiceId)));
                 while (true)
                 {
                     var message = await webSocket.ReceiveAsync(DummyBuffer, default(CancellationToken));
@@ -471,7 +472,7 @@ namespace BTCPayServer.Controllers
                 return View(model);
             }
             StatusMessage = null;
-            if (!store.HasClaim(Policies.CanModifyStoreSettings.Key))
+            if (!store.HasClaim(Policies.CanCreateInvoice.Key))
             {
                 ModelState.AddModelError(nameof(model.StoreId), "You need to be owner of this store to create an invoice");
                 return View(model);
@@ -535,8 +536,11 @@ namespace BTCPayServer.Controllers
         [BitpayAPIConstraint(false)]
         public async Task<IActionResult> InvalidatePaidInvoice(string invoiceId)
         {
+            var invoice = await _InvoiceRepository.GetInvoice(null, invoiceId);
+            if (invoice == null)
+                return NotFound();
             await _InvoiceRepository.UpdatePaidInvoiceToInvalid(invoiceId);
-            _EventAggregator.Publish(new InvoiceEvent(invoiceId, 1008, "invoice_markedInvalid"));
+            _EventAggregator.Publish(new InvoiceEvent(invoice.EntityToDTO(_NetworkProvider), 1008, "invoice_markedInvalid"));
             return RedirectToAction(nameof(ListInvoices));
         }
 

BTCPayServer/Controllers/InvoiceController.cs

@@ -1,53 +1,33 @@
-using BTCPayServer.Authentication;
-using System.Reflection;
-using System.Linq;
-using Microsoft.Extensions.Logging;
-using BTCPayServer.Logging;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc;
-using NBitpayClient;
-using System;
+using System;
 using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.Linq;
 using System.Text;
 using System.Threading.Tasks;
-using BTCPayServer.Models;
-using Newtonsoft.Json;
-using System.Globalization;
-using NBitcoin;
-using NBitcoin.DataEncoders;
-using BTCPayServer.Filters;
-using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
-using System.Net;
-using Microsoft.AspNetCore.Identity;
-using Newtonsoft.Json.Linq;
-using Microsoft.AspNetCore.Mvc.ModelBinding;
-using NBitcoin.Payment;
 using BTCPayServer.Data;
-using BTCPayServer.Models.InvoicingModels;
-using System.Security.Claims;
-using BTCPayServer.Services;
-using System.ComponentModel.DataAnnotations;
-using System.Text.RegularExpressions;
-using BTCPayServer.Services.Stores;
-using BTCPayServer.Services.Invoices;
-using BTCPayServer.Services.Rates;
-using BTCPayServer.Services.Wallets;
-using BTCPayServer.Validations;
-
-using Microsoft.EntityFrameworkCore;
-using Microsoft.AspNetCore.Mvc.Routing;
-using NBXplorer.DerivationStrategy;
-using NBXplorer;
-using BTCPayServer.HostedServices;
+using BTCPayServer.Logging;
+using BTCPayServer.Models;
 using BTCPayServer.Payments;
 using BTCPayServer.Rating;
+using BTCPayServer.Security;
+using BTCPayServer.Services.Invoices;
+using BTCPayServer.Services.Rates;
+using BTCPayServer.Services.Stores;
+using BTCPayServer.Services.Wallets;
+using BTCPayServer.Validations;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using NBitcoin;
+using NBitpayClient;
+using Newtonsoft.Json;
 
 namespace BTCPayServer.Controllers
 {
     public partial class InvoiceController : Controller
     {
         InvoiceRepository _InvoiceRepository;
-        BTCPayRateProviderFactory _RateProvider;
+        ContentSecurityPolicies _CSP;
+        RateFetcher _RateProvider;
         StoreRepository _StoreRepository;
         UserManager<ApplicationUser> _UserManager;
         private CurrencyNameTable _CurrencyNameTable;
@@ -60,10 +40,11 @@ namespace BTCPayServer.Controllers
             InvoiceRepository invoiceRepository,
             CurrencyNameTable currencyNameTable,
             UserManager<ApplicationUser> userManager,
-            BTCPayRateProviderFactory rateProvider,
+            RateFetcher rateProvider,
             StoreRepository storeRepository,
             EventAggregator eventAggregator,
             BTCPayWalletProvider walletProvider,
+            ContentSecurityPolicies csp,
             BTCPayNetworkProvider networkProvider)
         {
             _ServiceProvider = serviceProvider;
@@ -75,11 +56,16 @@ namespace BTCPayServer.Controllers
             _EventAggregator = eventAggregator;
             _NetworkProvider = networkProvider;
             _WalletProvider = walletProvider;
+            _CSP = csp;
         }
 
 
         internal async Task<DataWrapper<InvoiceResponse>> CreateInvoiceCore(Invoice invoice, StoreData store, string serverUrl)
         {
+            if (!store.HasClaim(Policies.CanCreateInvoice.Key))
+                throw new UnauthorizedAccessException();
+            InvoiceLogs logs = new InvoiceLogs();
+            logs.Write("Creation of invoice starting");
             var entity = new InvoiceEntity
             {
                 InvoiceTime = DateTimeOffset.UtcNow
@@ -115,12 +101,12 @@ namespace BTCPayServer.Controllers
             entity.Status = "new";
             entity.SpeedPolicy = ParseSpeedPolicy(invoice.TransactionSpeed, store.SpeedPolicy);
 
-
             HashSet<CurrencyPair> currencyPairsToFetch = new HashSet<CurrencyPair>();
             var rules = storeBlob.GetRateRules(_NetworkProvider);
-
+            var excludeFilter = storeBlob.GetExcludedPaymentMethods(); // Here we can compose filters from other origin with PaymentFilter.Any()
             foreach (var network in store.GetSupportedPaymentMethods(_NetworkProvider)
-                                               .Select(c => _NetworkProvider.GetNetwork(c.PaymentId.CryptoCode))
+                                                .Where(s => !excludeFilter.Match(s.PaymentId))
+                                                .Select(c => _NetworkProvider.GetNetwork(c.PaymentId.CryptoCode))
                                                 .Where(c => c != null))
             {
                 currencyPairsToFetch.Add(new CurrencyPair(network.CryptoCode, invoice.Currency));
@@ -133,7 +119,9 @@ namespace BTCPayServer.Controllers
             var rateRules = storeBlob.GetRateRules(_NetworkProvider);
             var fetchingByCurrencyPair = _RateProvider.FetchRates(currencyPairsToFetch, rateRules);
 
+            var fetchingAll = WhenAllFetched(logs, fetchingByCurrencyPair);
             var supportedPaymentMethods = store.GetSupportedPaymentMethods(_NetworkProvider)
+                                               .Where(s => !excludeFilter.Match(s.PaymentId))
                                                .Select(c =>
                                                 (Handler: (IPaymentMethodHandler)_ServiceProvider.GetService(typeof(IPaymentMethodHandler<>).MakeGenericType(c.GetType())),
                                                 SupportedPaymentMethod: c,
@@ -141,65 +129,26 @@ namespace BTCPayServer.Controllers
                                                 .Where(c => c.Network != null)
                                                 .Select(o =>
                                                     (SupportedPaymentMethod: o.SupportedPaymentMethod,
-                                                    PaymentMethod: CreatePaymentMethodAsync(fetchingByCurrencyPair, o.Handler, o.SupportedPaymentMethod, o.Network, entity, store)))
+                                                    PaymentMethod: CreatePaymentMethodAsync(fetchingByCurrencyPair, o.Handler, o.SupportedPaymentMethod, o.Network, entity, store, logs)))
                                                 .ToList();
-
-            List<string> paymentMethodErrors = new List<string>();
             List<ISupportedPaymentMethod> supported = new List<ISupportedPaymentMethod>();
             var paymentMethods = new PaymentMethodDictionary();
-
-            foreach(var pair in fetchingByCurrencyPair)
-            {
-                var rateResult = await pair.Value;
-                bool hasError = false;
-                if(rateResult.Errors.Count != 0)
-                {
-                    var allRateRuleErrors = string.Join(", ", rateResult.Errors.ToArray());
-                    paymentMethodErrors.Add($"{pair.Key}: Rate rule error ({allRateRuleErrors})");
-                    hasError = true;
-                }
-                if(rateResult.ExchangeExceptions.Count != 0)
-                {
-                    foreach(var ex in rateResult.ExchangeExceptions)
-                    {
-                        paymentMethodErrors.Add($"{pair.Key}: Exception reaching exchange {ex.ExchangeName} ({ex.Exception.Message})");
-                    }
-                    hasError = true;
-                }
-                if(hasError)
-                {
-                    paymentMethodErrors.Add($"{pair.Key}: The rule is {rateResult.Rule}");
-                    paymentMethodErrors.Add($"{pair.Key}: Evaluated rule is {rateResult.EvaluatedRule}");
-                }
-            }
-
             foreach (var o in supportedPaymentMethods)
             {
-                try
-                {
-                    var paymentMethod = await o.PaymentMethod;
-                    if (paymentMethod == null)
-                        throw new PaymentMethodUnavailableException("Payment method unavailable");
-                    supported.Add(o.SupportedPaymentMethod);
-                    paymentMethods.Add(paymentMethod);
-                }
-                catch (PaymentMethodUnavailableException ex)
-                {
-                    paymentMethodErrors.Add($"{o.SupportedPaymentMethod.PaymentId.CryptoCode} ({o.SupportedPaymentMethod.PaymentId.PaymentType}): Payment method unavailable ({ex.Message})");
-                }
-                catch (Exception ex)
-                {
-                    paymentMethodErrors.Add($"{o.SupportedPaymentMethod.PaymentId.CryptoCode} ({o.SupportedPaymentMethod.PaymentId.PaymentType}): Unexpected exception ({ex.ToString()})");
-                }
+                var paymentMethod = await o.PaymentMethod;
+                if (paymentMethod == null)
+                    continue;
+                supported.Add(o.SupportedPaymentMethod);
+                paymentMethods.Add(paymentMethod);
             }
 
             if (supported.Count == 0)
             {
                 StringBuilder errors = new StringBuilder();
                 errors.AppendLine("No payment method available for this store");
-                foreach (var error in paymentMethodErrors)
+                foreach (var error in logs.ToList())
                 {
-                    errors.AppendLine(error);
+                    errors.AppendLine(error.ToString());
                 }
                 throw new BitpayHttpException(400, errors.ToString());
             }
@@ -207,71 +156,106 @@ namespace BTCPayServer.Controllers
             entity.SetSupportedPaymentMethods(supported);
             entity.SetPaymentMethods(paymentMethods);
             entity.PosData = invoice.PosData;
-            entity = await _InvoiceRepository.CreateInvoiceAsync(store.Id, entity, paymentMethodErrors, _NetworkProvider);
-
-            _EventAggregator.Publish(new Events.InvoiceEvent(entity, 1001, "invoice_created"));
+            entity = await _InvoiceRepository.CreateInvoiceAsync(store.Id, entity, logs, _NetworkProvider);
+            await fetchingAll;
+            _EventAggregator.Publish(new Events.InvoiceEvent(entity.EntityToDTO(_NetworkProvider), 1001, "invoice_created"));
             var resp = entity.EntityToDTO(_NetworkProvider);
             return new DataWrapper<InvoiceResponse>(resp) { Facade = "pos/invoice" };
         }
 
-        private async Task<PaymentMethod> CreatePaymentMethodAsync(Dictionary<CurrencyPair, Task<RateResult>> fetchingByCurrencyPair, IPaymentMethodHandler handler, ISupportedPaymentMethod supportedPaymentMethod, BTCPayNetwork network, InvoiceEntity entity, StoreData store)
+        private Task WhenAllFetched(InvoiceLogs logs, Dictionary<CurrencyPair, Task<RateResult>> fetchingByCurrencyPair)
         {
-            var storeBlob = store.GetStoreBlob();
-            var rate = await fetchingByCurrencyPair[new CurrencyPair(network.CryptoCode, entity.ProductInformation.Currency)];
-            if (rate.Value == null)
-                return null;
-            PaymentMethod paymentMethod = new PaymentMethod();
-            paymentMethod.ParentEntity = entity;
-            paymentMethod.Network = network;
-            paymentMethod.SetId(supportedPaymentMethod.PaymentId);
-            paymentMethod.Rate = rate.Value.Value;
-            var paymentDetails = await handler.CreatePaymentMethodDetails(supportedPaymentMethod, paymentMethod, store, network);
-            if (storeBlob.NetworkFeeDisabled)
-                paymentDetails.SetNoTxFee();
-            paymentMethod.SetPaymentMethodDetails(paymentDetails);
-
-            Func<Money, Money, bool> compare = null;
-            CurrencyValue limitValue = null;
-            string errorMessage = null;
-            if (supportedPaymentMethod.PaymentId.PaymentType == PaymentTypes.LightningLike &&
-               storeBlob.LightningMaxValue != null)
+            return Task.WhenAll(fetchingByCurrencyPair.Select(async pair =>
             {
-                compare = (a, b) => a > b;
-                limitValue = storeBlob.LightningMaxValue;
-                errorMessage = "The amount of the invoice is too high to be paid with lightning";
-            }
-            else if (supportedPaymentMethod.PaymentId.PaymentType == PaymentTypes.BTCLike &&
-               storeBlob.OnChainMinValue != null)
-            {
-                compare = (a, b) => a < b;
-                limitValue = storeBlob.OnChainMinValue;
-                errorMessage = "The amount of the invoice is too low to be paid on chain";
-            }
-
-            if (compare != null)
-            {
-                var limitValueRate = await fetchingByCurrencyPair[new CurrencyPair(network.CryptoCode, limitValue.Currency)];
-                if (limitValueRate.Value.HasValue)
+                var rateResult = await pair.Value;
+                logs.Write($"{pair.Key}: The rating rule is {rateResult.Rule}");
+                logs.Write($"{pair.Key}: The evaluated rating rule is {rateResult.EvaluatedRule}");
+                if (rateResult.Errors.Count != 0)
                 {
-                    var limitValueCrypto = Money.Coins(limitValue.Value / limitValueRate.Value.Value);
-                    if (compare(paymentMethod.Calculate().Due, limitValueCrypto))
+                    var allRateRuleErrors = string.Join(", ", rateResult.Errors.ToArray());
+                    logs.Write($"{pair.Key}: Rate rule error ({allRateRuleErrors})");
+                }
+                foreach (var ex in rateResult.ExchangeExceptions)
+                {
+                    logs.Write($"{pair.Key}: Exception reaching exchange {ex.ExchangeName} ({ex.Exception.Message})");
+                }
+            }).ToArray());
+        }
+
+        private async Task<PaymentMethod> CreatePaymentMethodAsync(Dictionary<CurrencyPair, Task<RateResult>> fetchingByCurrencyPair, IPaymentMethodHandler handler, ISupportedPaymentMethod supportedPaymentMethod, BTCPayNetwork network, InvoiceEntity entity, StoreData store, InvoiceLogs logs)
+        {
+            try
+            {
+                var storeBlob = store.GetStoreBlob();
+                var preparePayment = handler.PreparePayment(supportedPaymentMethod, store, network);
+                var rate = await fetchingByCurrencyPair[new CurrencyPair(network.CryptoCode, entity.ProductInformation.Currency)];
+                if (rate.BidAsk == null)
+                {
+                    return null;
+                }
+                PaymentMethod paymentMethod = new PaymentMethod();
+                paymentMethod.ParentEntity = entity;
+                paymentMethod.Network = network;
+                paymentMethod.SetId(supportedPaymentMethod.PaymentId);
+                paymentMethod.Rate = rate.BidAsk.Bid;
+                var paymentDetails = await handler.CreatePaymentMethodDetails(supportedPaymentMethod, paymentMethod, store, network, preparePayment);
+                if (storeBlob.NetworkFeeDisabled)
+                    paymentDetails.SetNoTxFee();
+                paymentMethod.SetPaymentMethodDetails(paymentDetails);
+
+                Func<Money, Money, bool> compare = null;
+                CurrencyValue limitValue = null;
+                string errorMessage = null;
+                if (supportedPaymentMethod.PaymentId.PaymentType == PaymentTypes.LightningLike &&
+                   storeBlob.LightningMaxValue != null)
+                {
+                    compare = (a, b) => a > b;
+                    limitValue = storeBlob.LightningMaxValue;
+                    errorMessage = "The amount of the invoice is too high to be paid with lightning";
+                }
+                else if (supportedPaymentMethod.PaymentId.PaymentType == PaymentTypes.BTCLike &&
+                   storeBlob.OnChainMinValue != null)
+                {
+                    compare = (a, b) => a < b;
+                    limitValue = storeBlob.OnChainMinValue;
+                    errorMessage = "The amount of the invoice is too low to be paid on chain";
+                }
+
+                if (compare != null)
+                {
+                    var limitValueRate = await fetchingByCurrencyPair[new CurrencyPair(network.CryptoCode, limitValue.Currency)];
+                    if (limitValueRate.BidAsk != null)
                     {
-                        throw new PaymentMethodUnavailableException(errorMessage);
+                        var limitValueCrypto = Money.Coins(limitValue.Value / limitValueRate.BidAsk.Bid);
+                        if (compare(paymentMethod.Calculate().Due, limitValueCrypto))
+                        {
+                            logs.Write($"{supportedPaymentMethod.PaymentId.CryptoCode}: {errorMessage}");
+                            return null;
+                        }
                     }
                 }
-            }
-            ///////////////
+                ///////////////
 
 
 #pragma warning disable CS0618
-            if (paymentMethod.GetId().IsBTCOnChain)
-            {
-                entity.TxFee = paymentMethod.TxFee;
-                entity.Rate = paymentMethod.Rate;
-                entity.DepositAddress = paymentMethod.DepositAddress;
-            }
+                if (paymentMethod.GetId().IsBTCOnChain)
+                {
+                    entity.TxFee = paymentMethod.TxFee;
+                    entity.Rate = paymentMethod.Rate;
+                    entity.DepositAddress = paymentMethod.DepositAddress;
+                }
 #pragma warning restore CS0618
-            return paymentMethod;
+                return paymentMethod;
+            }
+            catch (PaymentMethodUnavailableException ex)
+            {
+                logs.Write($"{supportedPaymentMethod.PaymentId.CryptoCode}: Payment method unavailable ({ex.Message})");
+            }
+            catch (Exception ex)
+            {
+                logs.Write($"{supportedPaymentMethod.PaymentId.CryptoCode}: Unexpected exception ({ex.ToString()})");
+            }
+            return null;
         }
 
         private SpeedPolicy ParseSpeedPolicy(string transactionSpeed, SpeedPolicy defaultPolicy)

BTCPayServer/Controllers/PaymentRequestActionResult.cs

@@ -1,40 +0,0 @@
-using Microsoft.AspNetCore.Mvc;
-using NBitcoin.Payment;
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-
-namespace BTCPayServer.Controllers
-{
-    public class PaymentRequestActionResult : IActionResult
-    {
-        PaymentRequest req;
-        public PaymentRequestActionResult(PaymentRequest req)
-        {
-            this.req = req;
-        }
-        public Task ExecuteResultAsync(ActionContext context)
-        {
-            context.HttpContext.Response.Headers["Content-Transfer-Encoding"] = "binary";
-            context.HttpContext.Response.ContentType = "application/bitcoin-paymentrequest";
-            req.WriteTo(context.HttpContext.Response.Body);
-            return Task.CompletedTask;
-        }
-    }
-    public class PaymentAckActionResult : IActionResult
-    {
-        PaymentACK req;
-        public PaymentAckActionResult(PaymentACK req)
-        {
-            this.req = req;
-        }
-        public Task ExecuteResultAsync(ActionContext context)
-        {
-            context.HttpContext.Response.Headers["Content-Transfer-Encoding"] = "binary";
-            context.HttpContext.Response.ContentType = "application/bitcoin-paymentack";
-            req.WriteTo(context.HttpContext.Response.Body);
-            return Task.CompletedTask;
-        }
-    }
-}

BTCPayServer/Controllers/PublicController.cs

@@ -0,0 +1,62 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Filters;
+using BTCPayServer.Models.StoreViewModels;
+using BTCPayServer.Services.Stores;
+using Microsoft.AspNetCore.Cors;
+using Microsoft.AspNetCore.Mvc;
+
+namespace BTCPayServer.Controllers
+{
+    public class PublicController : Controller
+    {
+        public PublicController(InvoiceController invoiceController,
+            StoreRepository storeRepository)
+        {
+            _InvoiceController = invoiceController;
+            _StoreRepository = storeRepository;
+        }
+
+        private InvoiceController _InvoiceController;
+        private StoreRepository _StoreRepository;
+
+        [HttpPost]
+        [Route("api/v1/invoices")]
+        [MediaTypeAcceptConstraintAttribute("text/html")]
+        [IgnoreAntiforgeryToken]
+        [EnableCors(CorsPolicies.All)]
+        public async Task<IActionResult> PayButtonHandle([FromForm]PayButtonViewModel model)
+        {
+            var store = await _StoreRepository.FindStore(model.StoreId);
+            if (store == null)
+                ModelState.AddModelError("Store", "Invalid store");
+            else
+            {
+                var storeBlob = store.GetStoreBlob();
+                if (!storeBlob.AnyoneCanInvoice)
+                    ModelState.AddModelError("Store", "Store has not enabled Pay Button");
+            }
+            
+            if (model == null || model.Price <= 0)
+                ModelState.AddModelError("Price", "Price must be greater than 0");
+
+            if (!ModelState.IsValid)
+                return View();
+
+            var invoice = await _InvoiceController.CreateInvoiceCore(new NBitpayClient.Invoice()
+            {
+                Price = model.Price,
+                Currency = model.Currency,
+                ItemDesc = model.CheckoutDesc,
+                OrderId = model.OrderId,
+                BuyerEmail = model.NotifyEmail,
+                NotificationURL = model.ServerIpn,
+                RedirectURL = model.BrowserRedirect,
+                FullNotifications = true
+            }, store, HttpContext.Request.GetAbsoluteRoot());
+            return Redirect(invoice.Data.Url);
+        }
+    }
+}

BTCPayServer/Controllers/RateController.cs

@@ -15,12 +15,12 @@ namespace BTCPayServer.Controllers
 {
     public class RateController : Controller
     {
-        BTCPayRateProviderFactory _RateProviderFactory;
+        RateFetcher _RateProviderFactory;
         BTCPayNetworkProvider _NetworkProvider;
         CurrencyNameTable _CurrencyNameTable;
         StoreRepository _StoreRepo;
         public RateController(
-            BTCPayRateProviderFactory rateProviderFactory,
+            RateFetcher rateProviderFactory,
             BTCPayNetworkProvider networkProvider,
             StoreRepository storeRepo,
             CurrencyNameTable currencyNameTable)
@@ -31,6 +31,49 @@ namespace BTCPayServer.Controllers
             _CurrencyNameTable = currencyNameTable ?? throw new ArgumentNullException(nameof(currencyNameTable));
         }
 
+        [Route("rates/{baseCurrency}")]
+        [HttpGet]
+        [BitpayAPIConstraint]
+        public async Task<IActionResult> GetBaseCurrencyRates(string baseCurrency, string storeId)
+        {
+            storeId = storeId ?? this.HttpContext.GetStoreData()?.Id;
+            var store = this.HttpContext.GetStoreData();
+            if (store == null || store.Id != storeId)
+                store = await _StoreRepo.FindStore(storeId);
+            if (store == null)
+            {
+                var err = Json(new BitpayErrorsModel() { Error = "Store not found" });
+                err.StatusCode = 404;
+                return err;
+            }
+            var supportedMethods = store.GetSupportedPaymentMethods(_NetworkProvider);
+
+            var currencyCodes = supportedMethods.Where(method => !string.IsNullOrEmpty(method.PaymentId.CryptoCode))
+                .Select(method => method.PaymentId.CryptoCode).Distinct();
+
+            var currencypairs = BuildCurrencyPairs(currencyCodes, baseCurrency);
+            
+            var result = await GetRates2(currencypairs, store.Id);
+            var rates = (result as JsonResult)?.Value as Rate[];
+            if (rates == null)
+                return result;
+            return Json(new DataWrapper<Rate[]>(rates));
+        }
+
+
+        [Route("rates/{baseCurrency}/{currency}")]
+        [HttpGet]
+        [BitpayAPIConstraint]
+        public async Task<IActionResult> GetCurrencyPairRate(string baseCurrency, string currency, string storeId)
+        {
+            storeId = storeId ?? this.HttpContext.GetStoreData()?.Id;
+            var result = await GetRates2($"{baseCurrency}_{currency}", storeId);
+            var rates = (result as JsonResult)?.Value as Rate[];
+            if (rates == null)
+                return result;
+            return Json(new DataWrapper<Rate>(rates.First()));
+        }
+
         [Route("rates")]
         [HttpGet]
         [BitpayAPIConstraint]
@@ -44,19 +87,19 @@ namespace BTCPayServer.Controllers
             return Json(new DataWrapper<Rate[]>(rates));
         }
 
+
         [Route("api/rates")]
         [HttpGet]
         public async Task<IActionResult> GetRates2(string currencyPairs, string storeId)
         {
-            if(storeId == null || currencyPairs == null)
+            if (storeId == null)
             {
-                var result = Json(new BitpayErrorsModel() { Error = "You need to specify storeId (in your store settings) and currencyPairs (eg. BTC_USD,LTC_CAD)" });
+                var result = Json(new BitpayErrorsModel() { Error = "You need to specify storeId (in your store settings)" });
                 result.StatusCode = 400;
                 return result;
             }
-
             var store = this.HttpContext.GetStoreData();
-            if(store == null || store.Id != storeId)
+            if (store == null || store.Id != storeId)
                 store = await _StoreRepo.FindStore(storeId);
             if (store == null)
             {
@@ -64,12 +107,30 @@ namespace BTCPayServer.Controllers
                 result.StatusCode = 404;
                 return result;
             }
+
+            if (currencyPairs == null)
+            {
+                var supportedMethods = store.GetSupportedPaymentMethods(_NetworkProvider);
+                var currencyCodes = supportedMethods.Select(method => method.PaymentId.CryptoCode).Distinct();
+                var defaultCrypto = store.GetDefaultCrypto(_NetworkProvider);
+
+                currencyPairs = BuildCurrencyPairs(currencyCodes, defaultCrypto);
+
+                if (string.IsNullOrEmpty(currencyPairs))
+                {
+                    var result = Json(new BitpayErrorsModel() { Error = "You need to specify currencyPairs (eg. BTC_USD,LTC_CAD)" });
+                    result.StatusCode = 400;
+                    return result;
+                }
+            }
+
+
             var rules = store.GetStoreBlob().GetRateRules(_NetworkProvider);
 
             HashSet<CurrencyPair> pairs = new HashSet<CurrencyPair>();
-            foreach(var currency in currencyPairs.Split(','))
+            foreach (var currency in currencyPairs.Split(','))
             {
-                if(!CurrencyPair.TryParse(currency, out var pair))
+                if (!CurrencyPair.TryParse(currency, out var pair))
                 {
                     var result = Json(new BitpayErrorsModel() { Error = $"Currency pair {currency} uncorrectly formatted" });
                     result.StatusCode = 400;
@@ -81,7 +142,7 @@ namespace BTCPayServer.Controllers
             var fetching = _RateProviderFactory.FetchRates(pairs, rules);
             await Task.WhenAll(fetching.Select(f => f.Value).ToArray());
             return Json(pairs
-                            .Select(r => (Pair: r, Value: fetching[r].GetAwaiter().GetResult().Value))
+                            .Select(r => (Pair: r, Value: fetching[r].GetAwaiter().GetResult().BidAsk?.Bid))
                             .Where(r => r.Value.HasValue)
                             .Select(r =>
                             new Rate()
@@ -94,6 +155,20 @@ namespace BTCPayServer.Controllers
                             }).Where(n => n.Name != null).ToArray());
         }
 
+        private static string BuildCurrencyPairs(IEnumerable<string> currencyCodes, string baseCrypto)
+        {
+            StringBuilder currencyPairsBuilder = new StringBuilder();
+            bool first = true;
+            foreach (var currencyCode in currencyCodes)
+            {
+                if(!first)
+                    currencyPairsBuilder.Append(",");
+                first = false;
+                currencyPairsBuilder.Append($"{baseCrypto}_{currencyCode}");
+            }
+            return currencyPairsBuilder.ToString();
+        }
+
         public class Rate
         {
 

BTCPayServer/Controllers/ServerController.cs

@@ -1,13 +1,19 @@
-using BTCPayServer.HostedServices;
+using BTCPayServer.Configuration;
+using Microsoft.Extensions.Logging;
+using BTCPayServer.HostedServices;
 using BTCPayServer.Models;
 using BTCPayServer.Models.ServerViewModels;
+using BTCPayServer.Payments.Lightning;
 using BTCPayServer.Services;
 using BTCPayServer.Services.Mails;
 using BTCPayServer.Services.Rates;
+using BTCPayServer.Services.Stores;
 using BTCPayServer.Validations;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
+using NBitcoin;
+using NBitcoin.DataEncoders;
 using System;
 using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
@@ -16,6 +22,9 @@ using System.Net;
 using System.Net.Http;
 using System.Net.Mail;
 using System.Threading.Tasks;
+using Renci.SshNet;
+using BTCPayServer.Logging;
+using BTCPayServer.Lightning;
 
 namespace BTCPayServer.Controllers
 {
@@ -24,15 +33,27 @@ namespace BTCPayServer.Controllers
     {
         private UserManager<ApplicationUser> _UserManager;
         SettingsRepository _SettingsRepository;
-        private BTCPayRateProviderFactory _RateProviderFactory;
+        private readonly NBXplorerDashboard _dashBoard;
+        private RateFetcher _RateProviderFactory;
+        private StoreRepository _StoreRepository;
+        LightningConfigurationProvider _LnConfigProvider;
+        BTCPayServerOptions _Options;
 
         public ServerController(UserManager<ApplicationUser> userManager,
-            BTCPayRateProviderFactory rateProviderFactory,
-            SettingsRepository settingsRepository)
+            Configuration.BTCPayServerOptions options,
+            RateFetcher rateProviderFactory,
+            SettingsRepository settingsRepository,
+            NBXplorerDashboard dashBoard,
+            LightningConfigurationProvider lnConfigProvider,
+            Services.Stores.StoreRepository storeRepository)
         {
+            _Options = options;
             _UserManager = userManager;
             _SettingsRepository = settingsRepository;
+            _dashBoard = dashBoard;
             _RateProviderFactory = rateProviderFactory;
+            _StoreRepository = storeRepository;
+            _LnConfigProvider = lnConfigProvider;
         }
 
         [Route("server/rates")]
@@ -74,7 +95,7 @@ namespace BTCPayServer.Controllers
             try
             {
                 var service = GetCoinaverageService(vm, true);
-                if(service != null)
+                if (service != null)
                     await service.TestAuthAsync();
             }
             catch
@@ -134,6 +155,179 @@ namespace BTCPayServer.Controllers
             return View(userVM);
         }
 
+        [Route("server/maintenance")]
+        public IActionResult Maintenance()
+        {
+            MaintenanceViewModel vm = new MaintenanceViewModel();
+            vm.UserName = "btcpayserver";
+            vm.DNSDomain = this.Request.Host.Host;
+            vm.SetConfiguredSSH(_Options.SSHSettings);
+            if (IPAddress.TryParse(vm.DNSDomain, out var unused))
+                vm.DNSDomain = null;
+            return View(vm);
+        }
+        [Route("server/maintenance")]
+        [HttpPost]
+        public async Task<IActionResult> Maintenance(MaintenanceViewModel vm, string command)
+        {
+            if (!ModelState.IsValid)
+                return View(vm);
+            vm.SetConfiguredSSH(_Options.SSHSettings);
+            if (command == "changedomain")
+            {
+                if (string.IsNullOrWhiteSpace(vm.DNSDomain))
+                {
+                    ModelState.AddModelError(nameof(vm.DNSDomain), $"Required field");
+                    return View(vm);
+                }
+                vm.DNSDomain = vm.DNSDomain.Trim().ToLowerInvariant();
+                if (vm.DNSDomain.Equals(this.Request.Host.Host, StringComparison.OrdinalIgnoreCase))
+                    return View(vm);
+                if (IPAddress.TryParse(vm.DNSDomain, out var unused))
+                {
+                    ModelState.AddModelError(nameof(vm.DNSDomain), $"This should be a domain name");
+                    return View(vm);
+                }
+                if (vm.DNSDomain.Equals(this.Request.Host.Host, StringComparison.InvariantCultureIgnoreCase))
+                {
+                    ModelState.AddModelError(nameof(vm.DNSDomain), $"The server is already set to use this domain");
+                    return View(vm);
+                }
+                var builder = new UriBuilder();
+                using (var client = new HttpClient(new HttpClientHandler()
+                {
+                    ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator
+                }))
+                {
+                    try
+                    {
+                        builder.Scheme = this.Request.Scheme;
+                        builder.Host = vm.DNSDomain;
+                        var addresses1 = Dns.GetHostAddressesAsync(this.Request.Host.Host);
+                        var addresses2 = Dns.GetHostAddressesAsync(vm.DNSDomain);
+                        await Task.WhenAll(addresses1, addresses2);
+
+                        var addressesSet = addresses1.GetAwaiter().GetResult().Select(c => c.ToString()).ToHashSet();
+                        var hasCommonAddress = addresses2.GetAwaiter().GetResult().Select(c => c.ToString()).Any(s => addressesSet.Contains(s));
+                        if (!hasCommonAddress)
+                        {
+                            ModelState.AddModelError(nameof(vm.DNSDomain), $"Invalid host ({vm.DNSDomain} is not pointing to this BTCPay instance)");
+                            return View(vm);
+                        }
+                    }
+                    catch (Exception ex)
+                    {
+                        var messages = new List<object>();
+                        messages.Add(ex.Message);
+                        if (ex.InnerException != null)
+                            messages.Add(ex.InnerException.Message);
+                        ModelState.AddModelError(nameof(vm.DNSDomain), $"Invalid domain ({string.Join(", ", messages.ToArray())})");
+                        return View(vm);
+                    }
+                }
+
+                var error = RunSSH(vm, $"changedomain.sh {vm.DNSDomain}");
+                if (error != null)
+                    return error;
+
+                builder.Path = null;
+                builder.Query = null;
+                StatusMessage = $"Domain name changing... the server will restart, please use \"{builder.Uri.AbsoluteUri}\"";
+            }
+            else if (command == "update")
+            {
+                var error = RunSSH(vm, $"btcpay-update.sh");
+                if (error != null)
+                    return error;
+                StatusMessage = $"The server might restart soon if an update is available...";
+            }
+            else
+            {
+                return NotFound();
+            }
+            return RedirectToAction(nameof(Maintenance));
+        }
+
+        public static string RunId = Encoders.Hex.EncodeData(NBitcoin.RandomUtils.GetBytes(32));
+        [HttpGet]
+        [Route("runid")]
+        [AllowAnonymous]
+        public IActionResult SeeRunId(string expected = null)
+        {
+            if (expected == RunId)
+                return Ok();
+            return BadRequest();
+        }
+
+        private IActionResult RunSSH(MaintenanceViewModel vm, string ssh)
+        {
+            ssh = $"sudo bash -c '. /etc/profile.d/btcpay-env.sh && nohup {ssh} > /dev/null 2>&1 & disown'";
+            var sshClient = _Options.SSHSettings == null ? vm.CreateSSHClient(this.Request.Host.Host)
+                                                         : new SshClient(_Options.SSHSettings.CreateConnectionInfo());
+
+            if (_Options.TrustedFingerprints.Count != 0)
+            {
+                sshClient.HostKeyReceived += (object sender, Renci.SshNet.Common.HostKeyEventArgs e) =>
+                {
+                    if (_Options.TrustedFingerprints.Count == 0)
+                    {
+                        Logs.Configuration.LogWarning($"SSH host fingerprint for {e.HostKeyName} is untrusted, start BTCPay with -sshtrustedfingerprints \"{Encoders.Hex.EncodeData(e.FingerPrint)}\"");
+                        e.CanTrust = true; // Not a typo, we want the connection to succeed with a warning
+                    }
+                    else
+                    {
+                        e.CanTrust = _Options.IsTrustedFingerprint(e.FingerPrint, e.HostKey);
+                        if(!e.CanTrust)
+                            Logs.Configuration.LogError($"SSH host fingerprint for {e.HostKeyName} is untrusted, start BTCPay with -sshtrustedfingerprints \"{Encoders.Hex.EncodeData(e.FingerPrint)}\"");
+                    }
+                };
+            }
+            else
+            {
+
+            }
+
+            try
+            {
+                sshClient.Connect();
+            }
+            catch (Renci.SshNet.Common.SshAuthenticationException)
+            {
+                ModelState.AddModelError(nameof(vm.Password), "Invalid credentials");
+                sshClient.Dispose();
+                return View(vm);
+            }
+            catch (Exception ex)
+            {
+                var message = ex.Message;
+                if (ex is AggregateException aggrEx && aggrEx.InnerException?.Message != null)
+                {
+                    message = aggrEx.InnerException.Message;
+                }
+                ModelState.AddModelError(nameof(vm.UserName), $"Connection problem ({message})");
+                sshClient.Dispose();
+                return View(vm);
+            }
+
+            var sshCommand = sshClient.CreateCommand(ssh);
+            sshCommand.CommandTimeout = TimeSpan.FromMinutes(1.0);
+            sshCommand.BeginExecute(ar =>
+            {
+                try
+                {
+                    Logs.PayServer.LogInformation("Running SSH command: " + ssh);
+                    var result = sshCommand.EndExecute(ar);
+                    Logs.PayServer.LogInformation("SSH command executed: " + result);
+                }
+                catch (Exception ex)
+                {
+                    Logs.PayServer.LogWarning("Error while executing SSH command: " + ex.Message);
+                }
+                sshClient.Dispose();
+            });
+            return null;
+        }
+
         private static bool IsAdmin(IList<string> roles)
         {
             return roles.Contains(Roles.ServerAdmin, StringComparer.Ordinal);
@@ -188,6 +382,7 @@ namespace BTCPayServer.Controllers
             if (user == null)
                 return NotFound();
             await _UserManager.DeleteAsync(user);
+            await _StoreRepository.CleanUnreachableStores();
             StatusMessage = "User deleted";
             return RedirectToAction(nameof(ListUsers));
         }
@@ -220,6 +415,150 @@ namespace BTCPayServer.Controllers
             return View(settings);
         }
 
+        [Route("server/services")]
+        public IActionResult Services()
+        {
+            var result = new ServicesViewModel();
+            foreach (var cryptoCode in _Options.ExternalServicesByCryptoCode.Keys)
+            {
+                {
+                    int i = 0;
+                    foreach (var grpcService in _Options.ExternalServicesByCryptoCode.GetServices<ExternalLNDGRPC>(cryptoCode))
+                    {
+                        result.LNDServices.Add(new ServicesViewModel.LNDServiceViewModel()
+                        {
+                            Crypto = cryptoCode,
+                            Type = "gRPC",
+                            Index = i++,
+                        });
+                    }
+                }
+            }
+            result.HasSSH = _Options.SSHSettings != null;
+            return View(result);
+        }
+
+        [Route("server/services/lnd-grpc/{cryptoCode}/{index}")]
+        public IActionResult LNDGRPCServices(string cryptoCode, int index, uint? nonce)
+        {
+            if (!_dashBoard.IsFullySynched(cryptoCode, out var unusud))
+            {
+                StatusMessage = $"Error: {cryptoCode} is not fully synched";
+                return RedirectToAction(nameof(Services));
+            }
+            var external = GetExternalLNDConnectionString(cryptoCode, index);
+            if (external == null)
+                return NotFound();
+            var model = new LNDGRPCServicesViewModel();
+
+            model.Host = $"{external.BaseUri.DnsSafeHost}:{external.BaseUri.Port}";
+            model.SSL = external.BaseUri.Scheme == "https";
+            if (external.CertificateThumbprint != null)
+            {
+                model.CertificateThumbprint = Encoders.Hex.EncodeData(external.CertificateThumbprint);
+            }
+            if (external.Macaroon != null)
+            {
+                model.Macaroon = Encoders.Hex.EncodeData(external.Macaroon);
+            }
+
+            if (nonce != null)
+            {
+                var configKey = GetConfigKey("lnd-grpc", cryptoCode, index, nonce.Value);
+                var lnConfig = _LnConfigProvider.GetConfig(configKey);
+                if (lnConfig != null)
+                {
+                    model.QRCodeLink = $"{this.Request.GetAbsoluteRoot().WithTrailingSlash()}lnd-config/{configKey}/lnd.config";
+                    model.QRCode = $"config={model.QRCodeLink}";
+                }
+            }
+
+            return View(model);
+        }
+
+        private static uint GetConfigKey(string type, string cryptoCode, int index, uint nonce)
+        {
+            return (uint)HashCode.Combine(type, cryptoCode, index, nonce);
+        }
+
+        [Route("lnd-config/{configKey}/lnd.config")]
+        [AllowAnonymous]
+        public IActionResult GetLNDConfig(uint configKey)
+        {
+            var conf = _LnConfigProvider.GetConfig(configKey);
+            if (conf == null)
+                return NotFound();
+            return Json(conf);
+        }
+
+        [Route("server/services/lnd-grpc/{cryptoCode}/{index}")]
+        [HttpPost]
+        public IActionResult LNDGRPCServicesPOST(string cryptoCode, int index)
+        {
+            var external = GetExternalLNDConnectionString(cryptoCode, index);
+            if (external == null)
+                return NotFound();
+            LightningConfigurations confs = new LightningConfigurations();
+            LightningConfiguration conf = new LightningConfiguration();
+            conf.Type = "grpc";
+            conf.ChainType = _Options.NetworkType.ToString();
+            conf.CryptoCode = cryptoCode;
+            conf.Host = external.BaseUri.DnsSafeHost;
+            conf.Port = external.BaseUri.Port;
+            conf.SSL = external.BaseUri.Scheme == "https";
+            conf.Macaroon = external.Macaroon == null ? null : Encoders.Hex.EncodeData(external.Macaroon);
+            conf.CertificateThumbprint = external.CertificateThumbprint == null ? null : Encoders.Hex.EncodeData(external.CertificateThumbprint);
+            confs.Configurations.Add(conf);
+
+            var nonce = RandomUtils.GetUInt32();
+            var configKey = GetConfigKey("lnd-grpc", cryptoCode, index, nonce);
+            _LnConfigProvider.KeepConfig(configKey, confs);
+            return RedirectToAction(nameof(LNDGRPCServices), new { cryptoCode = cryptoCode, nonce = nonce });
+        }
+
+        private LightningConnectionString GetExternalLNDConnectionString(string cryptoCode, int index)
+        {
+            var connectionString = _Options.ExternalServicesByCryptoCode.GetServices<ExternalLNDGRPC>(cryptoCode).Skip(index).Select(c => c.ConnectionString).FirstOrDefault();
+            if (connectionString == null)
+                return null;
+            connectionString = connectionString.Clone();
+            if (connectionString.MacaroonFilePath != null)
+            {
+                try
+                {
+                    connectionString.Macaroon = System.IO.File.ReadAllBytes(connectionString.MacaroonFilePath);
+                    connectionString.MacaroonFilePath = null;
+                }
+                catch
+                {
+                    Logging.Logs.Configuration.LogWarning($"{cryptoCode}: The macaroon file path of the external LND grpc config was not found ({connectionString.MacaroonFilePath})");
+                    return null;
+                }
+            }
+            return connectionString;
+        }
+
+        [Route("server/services/ssh")]
+        public IActionResult SSHService(bool downloadKeyFile = false)
+        {
+            var settings = _Options.SSHSettings;
+            if (settings == null)
+                return NotFound();
+            if (downloadKeyFile)
+            {
+                if (!System.IO.File.Exists(settings.KeyFile))
+                    return NotFound();
+                return File(System.IO.File.ReadAllBytes(settings.KeyFile), "application/octet-stream", "id_rsa");
+            }
+            SSHServiceViewModel vm = new SSHServiceViewModel();
+            string port = settings.Port == 22 ? "" : $" -p {settings.Port}";
+            vm.CommandLine = $"ssh {settings.Username}@{settings.Server}{port}";
+            vm.Password = settings.Password;
+            vm.KeyFilePassword = settings.KeyFilePassword;
+            vm.HasKeyFile = !string.IsNullOrEmpty(settings.KeyFile);
+            return View(vm);
+        }
+
         [Route("server/theme")]
         public async Task<IActionResult> Theme()
         {
@@ -243,7 +582,7 @@ namespace BTCPayServer.Controllers
             {
                 try
                 {
-                    if(!model.Settings.IsComplete())
+                    if (!model.Settings.IsComplete())
                     {
                         model.StatusMessage = "Error: Required fields missing";
                         return View(model);

BTCPayServer/Controllers/StoresController.BTCLike.cs

@@ -34,7 +34,7 @@ namespace BTCPayServer.Controllers
             }
 
             DerivationSchemeViewModel vm = new DerivationSchemeViewModel();
-            vm.ServerUrl = GetStoreUrl(storeId);
+            vm.ServerUrl = WalletsController.GetLedgerWebsocketUrl(this.HttpContext, cryptoCode, null);
             vm.CryptoCode = cryptoCode;
             vm.RootKeyPath = network.GetRootKeyPath();
             SetExistingValues(store, vm);
@@ -44,6 +44,7 @@ namespace BTCPayServer.Controllers
         private void SetExistingValues(StoreData store, DerivationSchemeViewModel vm)
         {
             vm.DerivationScheme = GetExistingDerivationStrategy(vm.CryptoCode, store)?.DerivationStrategyBase.ToString();
+            vm.Enabled = !store.GetStoreBlob().IsExcluded(new PaymentMethodId(vm.CryptoCode, PaymentTypes.BTCLike));
         }
 
         private DerivationStrategy GetExistingDerivationStrategy(string cryptoCode, StoreData store)
@@ -59,7 +60,7 @@ namespace BTCPayServer.Controllers
         [Route("{storeId}/derivations/{cryptoCode}")]
         public async Task<IActionResult> AddDerivationScheme(string storeId, DerivationSchemeViewModel vm, string cryptoCode)
         {
-            vm.ServerUrl = GetStoreUrl(storeId);
+            vm.ServerUrl = WalletsController.GetLedgerWebsocketUrl(this.HttpContext, cryptoCode, null);
             vm.CryptoCode = cryptoCode;
             var store = HttpContext.GetStoreData();
             if (store == null)
@@ -78,6 +79,11 @@ namespace BTCPayServer.Controllers
             }
 
             PaymentMethodId paymentMethodId = new PaymentMethodId(network.CryptoCode, PaymentTypes.BTCLike);
+            var exisingStrategy = store.GetSupportedPaymentMethods(_NetworkProvider)
+                                       .Where(c => c.PaymentId == paymentMethodId)
+                                       .OfType<DerivationStrategy>()
+                                       .Select(c => c.DerivationStrategyBase.ToString())
+                                       .FirstOrDefault();
             DerivationStrategy strategy = null;
             try
             {
@@ -94,10 +100,32 @@ namespace BTCPayServer.Controllers
                 return View(vm);
             }
 
-            if (!vm.Confirmation && strategy != null)
-                return ShowAddresses(vm, strategy);
+            var showAddress = (vm.Confirmation && !string.IsNullOrWhiteSpace(vm.HintAddress)) || // Testing hint address
+                              (!vm.Confirmation && strategy != null && exisingStrategy != strategy.DerivationStrategyBase.ToString());  // Checking addresses after setting xpub
 
-            if (vm.Confirmation && !string.IsNullOrWhiteSpace(vm.HintAddress))
+            if (!showAddress)
+            {
+                try
+                {
+                    if (strategy != null)
+                        await wallet.TrackAsync(strategy.DerivationStrategyBase);
+                    store.SetSupportedPaymentMethod(paymentMethodId, strategy);
+
+                    var storeBlob = store.GetStoreBlob();
+                    storeBlob.SetExcluded(paymentMethodId, !vm.Enabled);
+                    store.SetStoreBlob(storeBlob);
+                }
+                catch
+                {
+                    ModelState.AddModelError(nameof(vm.DerivationScheme), "Invalid Derivation Scheme");
+                    return View(vm);
+                }
+
+                await _Repo.UpdateStore(store);
+                StatusMessage = $"Derivation scheme for {network.CryptoCode} has been modified.";
+                return RedirectToAction(nameof(UpdateStore), new { storeId = storeId });
+            }
+            else if (!string.IsNullOrEmpty(vm.HintAddress))
             {
                 BitcoinAddress address = null;
                 try
@@ -123,26 +151,8 @@ namespace BTCPayServer.Controllers
                 vm.StatusMessage = "Address successfully found, please verify that the rest is correct and click on \"Confirm\"";
                 ModelState.Remove(nameof(vm.HintAddress));
                 ModelState.Remove(nameof(vm.DerivationScheme));
-                return ShowAddresses(vm, strategy);
-            }
-            else
-            {
-                try
-                {
-                    if (strategy != null)
-                        await wallet.TrackAsync(strategy.DerivationStrategyBase);
-                    store.SetSupportedPaymentMethod(paymentMethodId, strategy);
-                }
-                catch
-                {
-                    ModelState.AddModelError(nameof(vm.DerivationScheme), "Invalid Derivation Scheme");
-                    return View(vm);
-                }
-
-                await _Repo.UpdateStore(store);
-                StatusMessage = $"Derivation scheme for {network.CryptoCode} has been modified.";
-                return RedirectToAction(nameof(UpdateStore), new { storeId = storeId });
             }
+            return ShowAddresses(vm, strategy);
         }
 
         private IActionResult ShowAddresses(DerivationSchemeViewModel vm, DerivationStrategy strategy)
@@ -161,262 +171,5 @@ namespace BTCPayServer.Controllers
             vm.Confirmation = true;
             return View(vm);
         }
-
-
-        public class GetInfoResult
-        {
-            public int RecommendedSatoshiPerByte { get; set; }
-            public double Balance { get; set; }
-        }
-
-        public class SendToAddressResult
-        {
-            public string TransactionId { get; set; }
-        }
-
-        [HttpGet]
-        [Route("{storeId}/ws/ledger")]
-        public async Task<IActionResult> LedgerConnection(
-            string storeId,
-            string command,
-            // getinfo
-            string cryptoCode = null,
-            // getxpub
-            int account = 0,
-            // sendtoaddress
-            string destination = null, string amount = null, string feeRate = null, string substractFees = null
-            )
-        {
-            if (!HttpContext.WebSockets.IsWebSocketRequest)
-                return NotFound();
-            var store = HttpContext.GetStoreData();
-            if (store == null)
-                return NotFound();
-
-            var webSocket = await HttpContext.WebSockets.AcceptWebSocketAsync();
-
-            var hw = new HardwareWalletService(webSocket);
-            object result = null;
-            try
-            {
-                BTCPayNetwork network = null;
-                if (cryptoCode != null)
-                {
-                    network = _NetworkProvider.GetNetwork(cryptoCode);
-                    if (network == null)
-                        throw new FormatException("Invalid value for crypto code");
-                }
-
-                BitcoinAddress destinationAddress = null;
-                if (destination != null)
-                {
-                    try
-                    {
-                        destinationAddress = BitcoinAddress.Create(destination, network.NBitcoinNetwork);
-                    }
-                    catch { }
-                    if (destinationAddress == null)
-                        throw new FormatException("Invalid value for destination");
-                }
-
-                FeeRate feeRateValue = null;
-                if (feeRate != null)
-                {
-                    try
-                    {
-                        feeRateValue = new FeeRate(Money.Satoshis(int.Parse(feeRate, CultureInfo.InvariantCulture)), 1);
-                    }
-                    catch { }
-                    if (feeRateValue == null || feeRateValue.FeePerK <= Money.Zero)
-                        throw new FormatException("Invalid value for fee rate");
-                }
-
-                Money amountBTC = null;
-                if (amount != null)
-                {
-                    try
-                    {
-                        amountBTC = Money.Parse(amount);
-                    }
-                    catch { }
-                    if (amountBTC == null || amountBTC <= Money.Zero)
-                        throw new FormatException("Invalid value for amount");
-                }
-
-                bool subsctractFeesValue = false;
-                if (substractFees != null)
-                {
-                    try
-                    {
-                        subsctractFeesValue = bool.Parse(substractFees);
-                    }
-                    catch { throw new FormatException("Invalid value for subtract fees"); }
-                }
-                if (command == "test")
-                {
-                    result = await hw.Test();
-                }
-                if (command == "getxpub")
-                {
-                    var getxpubResult = await hw.GetExtPubKey(network, account);
-                    result = getxpubResult;
-                }
-                if (command == "getinfo")
-                {
-                    var strategy = GetDirectDerivationStrategy(store, network);
-                    var strategyBase = GetDerivationStrategy(store, network);
-                    if (strategy == null || await hw.GetKeyPath(network, strategy) == null)
-                    {
-                        throw new Exception($"This store is not configured to use this ledger");
-                    }
-
-                    var feeProvider = _FeeRateProvider.CreateFeeProvider(network);
-                    var recommendedFees = feeProvider.GetFeeRateAsync();
-                    var balance = _WalletProvider.GetWallet(network).GetBalance(strategyBase);
-                    result = new GetInfoResult() { Balance = (double)(await balance).ToDecimal(MoneyUnit.BTC), RecommendedSatoshiPerByte = (int)(await recommendedFees).GetFee(1).Satoshi };
-                }
-
-                if (command == "sendtoaddress")
-                {
-                    if (!_Dashboard.IsFullySynched(network.CryptoCode, out var summary))
-                        throw new Exception($"{network.CryptoCode}: not started or fully synched");
-                    var strategy = GetDirectDerivationStrategy(store, network);
-                    var strategyBase = GetDerivationStrategy(store, network);
-                    var wallet = _WalletProvider.GetWallet(network);
-                    var change = wallet.GetChangeAddressAsync(strategyBase);
-
-                    var unspentCoins = await wallet.GetUnspentCoins(strategyBase);
-                    var changeAddress = await change;
-                    var send = new[] { (
-                        destination: destinationAddress as IDestination, 
-                        amount: amountBTC,
-                        substractFees: subsctractFeesValue) };
-
-                    foreach (var element in send)
-                    {
-                        if (element.destination == null)
-                            throw new ArgumentNullException(nameof(element.destination));
-                        if (element.amount == null)
-                            throw new ArgumentNullException(nameof(element.amount));
-                        if (element.amount <= Money.Zero)
-                            throw new ArgumentOutOfRangeException(nameof(element.amount), "The amount should be above zero");
-                    }
-
-                    var foundKeyPath = await hw.GetKeyPath(network, strategy);
-                    if (foundKeyPath == null)
-                    {
-                        throw new HardwareWalletException($"This store is not configured to use this ledger");
-                    }
-
-                    TransactionBuilder builder = new TransactionBuilder();
-                    builder.StandardTransactionPolicy.MinRelayTxFee = summary.Status.BitcoinStatus.MinRelayTxFee;
-                    builder.SetConsensusFactory(network.NBitcoinNetwork);
-                    builder.AddCoins(unspentCoins.Select(c => c.Coin).ToArray());
-
-                    foreach (var element in send)
-                    {
-                        builder.Send(element.destination, element.amount);
-                        if (element.substractFees)
-                            builder.SubtractFees();
-                    }
-                    builder.SetChange(changeAddress.Item1);
-                    builder.SendEstimatedFees(feeRateValue);
-                    builder.Shuffle();
-                    var unsigned = builder.BuildTransaction(false);
-
-                    var keypaths = new Dictionary<Script, KeyPath>();
-                    foreach (var c in unspentCoins)
-                    {
-                        keypaths.TryAdd(c.Coin.ScriptPubKey, c.KeyPath);
-                    }
-
-                    var hasChange = unsigned.Outputs.Count == 2;
-                    var usedCoins = builder.FindSpentCoins(unsigned);
-
-                    Dictionary<uint256, Transaction> parentTransactions = new Dictionary<uint256, Transaction>();
-
-                    if(!strategy.Segwit)
-                    {
-                        var parentHashes = usedCoins.Select(c => c.Outpoint.Hash).ToHashSet();
-                        var explorer = _ExplorerProvider.GetExplorerClient(network);
-                        var getTransactionAsyncs = parentHashes.Select(h => (Op: explorer.GetTransactionAsync(h), Hash: h)).ToList();
-                        foreach(var getTransactionAsync in getTransactionAsyncs)
-                        {
-                            var tx = (await getTransactionAsync.Op);
-                            if(tx == null)
-                                throw new Exception($"Parent transaction {getTransactionAsync.Hash} not found");
-                            parentTransactions.Add(tx.Transaction.GetHash(), tx.Transaction);
-                        }
-                    }
-
-                    var transaction = await hw.SignTransactionAsync(usedCoins.Select(c => new SignatureRequest
-                    {
-                        InputTransaction = parentTransactions.TryGet(c.Outpoint.Hash),
-                        InputCoin = c,
-                        KeyPath = foundKeyPath.Derive(keypaths[c.TxOut.ScriptPubKey]),
-                        PubKey = strategy.Root.Derive(keypaths[c.TxOut.ScriptPubKey]).PubKey
-                    }).ToArray(), unsigned, hasChange ? foundKeyPath.Derive(changeAddress.Item2) : null);
-                    
-                    try
-                    {
-                        var broadcastResult = await wallet.BroadcastTransactionsAsync(new List<Transaction>() { transaction });
-                        if (!broadcastResult[0].Success)
-                        {
-                            throw new Exception($"RPC Error while broadcasting: {broadcastResult[0].RPCCode} {broadcastResult[0].RPCCodeMessage} {broadcastResult[0].RPCMessage}");
-                        }
-                    }
-                    catch (Exception ex)
-                    {
-                        throw new Exception("Error while broadcasting: " + ex.Message);
-                    }
-                    wallet.InvalidateCache(strategyBase);
-                    result = new SendToAddressResult() { TransactionId = transaction.GetHash().ToString() };
-                }
-            }
-            catch (OperationCanceledException)
-            { result = new LedgerTestResult() { Success = false, Error = "Timeout" }; }
-            catch (Exception ex)
-            { result = new LedgerTestResult() { Success = false, Error = ex.Message }; }
-
-            try
-            {
-                if (result != null)
-                {
-                    UTF8Encoding UTF8NOBOM = new UTF8Encoding(false);
-                    var bytes = UTF8NOBOM.GetBytes(JsonConvert.SerializeObject(result, _MvcJsonOptions.SerializerSettings));
-                    await webSocket.SendAsync(new ArraySegment<byte>(bytes), WebSocketMessageType.Text, true, new CancellationTokenSource(2000).Token);
-                }
-            }
-            catch { }
-            finally
-            {
-                await webSocket.CloseSocket();
-            }
-
-            return new EmptyResult();
-        }
-
-        private DirectDerivationStrategy GetDirectDerivationStrategy(StoreData store, BTCPayNetwork network)
-        {
-            var strategy = GetDerivationStrategy(store, network);
-            var directStrategy = strategy as DirectDerivationStrategy;
-            if (directStrategy == null)
-                directStrategy = (strategy as P2SHDerivationStrategy).Inner as DirectDerivationStrategy;
-            return directStrategy;
-        }
-
-        private DerivationStrategyBase GetDerivationStrategy(StoreData store, BTCPayNetwork network)
-        {
-            var strategy = store
-                            .GetSupportedPaymentMethods(_NetworkProvider)
-                            .OfType<DerivationStrategy>()
-                            .FirstOrDefault(s => s.Network.NBitcoinNetwork == network.NBitcoinNetwork);
-            if (strategy == null)
-            {
-                throw new Exception($"Derivation strategy for {network.CryptoCode} is not set");
-            }
-
-            return strategy.DerivationStrategyBase;
-        }
     }
 }

BTCPayServer/Controllers/StoresController.LightningLike.cs

@@ -5,12 +5,12 @@ using System.Linq;
 using System.Threading.Tasks;
 using BTCPayServer.Models.StoreViewModels;
 using BTCPayServer.Payments;
-using BTCPayServer.Payments.Lightning.CLightning;
 using Microsoft.AspNetCore.Mvc;
 using BTCPayServer.Payments.Lightning;
 using System.Net;
 using BTCPayServer.Data;
 using System.Threading;
+using BTCPayServer.Lightning;
 
 namespace BTCPayServer.Controllers
 {
@@ -24,18 +24,20 @@ namespace BTCPayServer.Controllers
             var store = HttpContext.GetStoreData();
             if (store == null)
                 return NotFound();
-            LightningNodeViewModel vm = new LightningNodeViewModel();
-            vm.CryptoCode = cryptoCode;
-            vm.InternalLightningNode = GetInternalLighningNode(cryptoCode)?.ToUri(true)?.AbsoluteUri;
+            LightningNodeViewModel vm = new LightningNodeViewModel
+            {
+                CryptoCode = cryptoCode,
+                InternalLightningNode = GetInternalLighningNode(cryptoCode)?.ToString()
+            };
             SetExistingValues(store, vm);
             return View(vm);
         }
 
         private void SetExistingValues(StoreData store, LightningNodeViewModel vm)
         {
-            vm.Url = GetExistingLightningSupportedPaymentMethod(vm.CryptoCode, store)?.GetLightningUrl()?.ToString();
+            vm.ConnectionString = GetExistingLightningSupportedPaymentMethod(vm.CryptoCode, store)?.GetLightningUrl()?.ToString();
+            vm.Enabled = !store.GetStoreBlob().IsExcluded(new PaymentMethodId(vm.CryptoCode, PaymentTypes.LightningLike));
         }
-
         private LightningSupportedPaymentMethod GetExistingLightningSupportedPaymentMethod(string cryptoCode, StoreData store)
         {
             var id = new PaymentMethodId(cryptoCode, PaymentTypes.LightningLike);
@@ -65,7 +67,7 @@ namespace BTCPayServer.Controllers
             var network = vm.CryptoCode == null ? null : _ExplorerProvider.GetNetwork(vm.CryptoCode);
 
             var internalLightning = GetInternalLighningNode(network.CryptoCode);
-            vm.InternalLightningNode = internalLightning?.ToUri(true)?.AbsoluteUri;
+            vm.InternalLightningNode = internalLightning?.ToString();
             if (network == null)
             {
                 ModelState.AddModelError(nameof(vm.CryptoCode), "Invalid network");
@@ -74,33 +76,57 @@ namespace BTCPayServer.Controllers
 
             PaymentMethodId paymentMethodId = new PaymentMethodId(network.CryptoCode, PaymentTypes.LightningLike);
             Payments.Lightning.LightningSupportedPaymentMethod paymentMethod = null;
-            if (!string.IsNullOrEmpty(vm.Url))
+            if (!string.IsNullOrEmpty(vm.ConnectionString))
             {
-                if (!LightningConnectionString.TryParse(vm.Url, out var connectionString, out var error))
+                if (!LightningConnectionString.TryParse(vm.ConnectionString, false, out var connectionString, out var error))
                 {
-                    ModelState.AddModelError(nameof(vm.Url), $"Invalid URL ({error})");
+                    ModelState.AddModelError(nameof(vm.ConnectionString), $"Invalid URL ({error})");
                     return View(vm);
                 }
 
-                var internalDomain = internalLightning?.ToUri(false)?.DnsSafeHost;
-                bool isLocal = (internalDomain == "127.0.0.1" || internalDomain == "localhost");
+                if(connectionString.ConnectionType == LightningConnectionType.LndGRPC)
+                {
+                    ModelState.AddModelError(nameof(vm.ConnectionString), $"BTCPay does not support gRPC connections");
+                    return View(vm);
+                }
+
+                var internalDomain = internalLightning?.BaseUri?.DnsSafeHost;
 
                 bool isInternalNode = connectionString.ConnectionType == LightningConnectionType.CLightning ||
                                       connectionString.BaseUri.DnsSafeHost == internalDomain ||
-                                      isLocal;
+                                      (internalDomain == "127.0.0.1" || internalDomain == "localhost");
 
-                if (connectionString.BaseUri.Scheme == "http" && !isLocal)
+                if (connectionString.BaseUri.Scheme == "http")
                 {
-                    if (!isInternalNode || (isInternalNode && !CanUseInternalLightning()))
+                    if (!isInternalNode)
                     {
-                        ModelState.AddModelError(nameof(vm.Url), "The url must be HTTPS");
+                        ModelState.AddModelError(nameof(vm.ConnectionString), "The url must be HTTPS");
+                        return View(vm);
+                    }
+                }
+
+                if(connectionString.MacaroonFilePath != null)
+                {
+                    if(!CanUseInternalLightning())
+                    {
+                        ModelState.AddModelError(nameof(vm.ConnectionString), "You are not authorized to use macaroonfilepath");
+                        return View(vm);
+                    }
+                    if(!System.IO.File.Exists(connectionString.MacaroonFilePath))
+                    {
+                        ModelState.AddModelError(nameof(vm.ConnectionString), "The macaroonfilepath file does exist");
+                        return View(vm);
+                    }
+                    if(!System.IO.Path.IsPathRooted(connectionString.MacaroonFilePath))
+                    {
+                        ModelState.AddModelError(nameof(vm.ConnectionString), "The macaroonfilepath should be fully rooted");
                         return View(vm);
                     }
                 }
 
                 if (isInternalNode && !CanUseInternalLightning())
                 {
-                    ModelState.AddModelError(nameof(vm.Url), "Unauthorized url");
+                    ModelState.AddModelError(nameof(vm.ConnectionString), "Unauthorized url");
                     return View(vm);
                 }
 
@@ -110,39 +136,42 @@ namespace BTCPayServer.Controllers
                 };
                 paymentMethod.SetLightningUrl(connectionString);
             }
-            if (command == "save")
+
+            switch (command)
             {
-                store.SetSupportedPaymentMethod(paymentMethodId, paymentMethod);
-                await _Repo.UpdateStore(store);
-                StatusMessage = $"Lightning node modified ({network.CryptoCode})";
-                return RedirectToAction(nameof(UpdateStore), new { storeId = storeId });
-            }
-            else // if(command == "test")
-            {
-                if (paymentMethod == null)
-                {
-                    ModelState.AddModelError(nameof(vm.Url), "Missing url parameter");
+                case "save":
+                    var storeBlob = store.GetStoreBlob();
+                    storeBlob.SetExcluded(paymentMethodId, !vm.Enabled);
+                    store.SetStoreBlob(storeBlob);
+                    store.SetSupportedPaymentMethod(paymentMethodId, paymentMethod);
+                    await _Repo.UpdateStore(store);
+                    StatusMessage = $"Lightning node modified ({network.CryptoCode})";
+                    return RedirectToAction(nameof(UpdateStore), new { storeId = storeId });
+                case "test" when paymentMethod == null:
+                    ModelState.AddModelError(nameof(vm.ConnectionString), "Missing url parameter");
                     return View(vm);
-                }
-                var handler = (LightningLikePaymentHandler)_ServiceProvider.GetRequiredService<IPaymentMethodHandler<Payments.Lightning.LightningSupportedPaymentMethod>>();
-                try
-                {
-                    var info = await handler.Test(paymentMethod, network);
-                    if (!vm.SkipPortTest)
+                case "test":
+                    var handler = (LightningLikePaymentHandler)_ServiceProvider.GetRequiredService<IPaymentMethodHandler<Payments.Lightning.LightningSupportedPaymentMethod>>();
+                    try
                     {
-                        using (CancellationTokenSource cts = new CancellationTokenSource(TimeSpan.FromSeconds(20)))
+                        var info = await handler.Test(paymentMethod, network);
+                        if (!vm.SkipPortTest)
                         {
-                            await handler.TestConnection(info, cts.Token);
+                            using (CancellationTokenSource cts = new CancellationTokenSource(TimeSpan.FromSeconds(20)))
+                            {
+                                await handler.TestConnection(info, cts.Token);
+                            }
                         }
+                        vm.StatusMessage = $"Connection to the lightning node succeeded ({info})";
+                    }
+                    catch (Exception ex)
+                    {
+                        vm.StatusMessage = $"Error: {ex.Message}";
+                        return View(vm);
                     }
-                    vm.StatusMessage = $"Connection to the lightning node succeed ({info})";
-                }
-                catch (Exception ex)
-                {
-                    vm.StatusMessage = $"Error: {ex.Message}";
                     return View(vm);
-                }
-                return View(vm);
+                default:
+                    return View(vm);
             }
         }
 

BTCPayServer/Controllers/StoresController.cs

@@ -1,8 +1,13 @@
-using BTCPayServer.Authentication;
+using System;
+using System.Collections.Generic;
+using System.Globalization;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Authentication;
 using BTCPayServer.Configuration;
 using BTCPayServer.Data;
-using BTCPayServer.HostedServices;
 using BTCPayServer.Models;
+using BTCPayServer.Models.AppViewModels;
 using BTCPayServer.Models.StoreViewModels;
 using BTCPayServer.Rating;
 using BTCPayServer.Security;
@@ -11,21 +16,13 @@ using BTCPayServer.Services.Rates;
 using BTCPayServer.Services.Stores;
 using BTCPayServer.Services.Wallets;
 using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Cors;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.Rendering;
-using Microsoft.Extensions.Options;
 using NBitcoin;
 using NBitcoin.DataEncoders;
-using NBXplorer.DerivationStrategy;
-using System;
-using System.Collections.Generic;
-using System.Globalization;
-using System.Linq;
-using System.Net.Http;
-using System.Threading;
-using System.Threading.Tasks;
 
 namespace BTCPayServer.Controllers
 {
@@ -35,28 +32,25 @@ namespace BTCPayServer.Controllers
     [AutoValidateAntiforgeryToken]
     public partial class StoresController : Controller
     {
-        BTCPayRateProviderFactory _RateFactory;
+        RateFetcher _RateFactory;
         public string CreatedStoreId { get; set; }
         public StoresController(
-            NBXplorerDashboard dashboard,
             IServiceProvider serviceProvider,
             BTCPayServerOptions btcpayServerOptions,
             BTCPayServerEnvironment btcpayEnv,
-            IOptions<MvcJsonOptions> mvcJsonOptions,
             StoreRepository repo,
             TokenRepository tokenRepo,
             UserManager<ApplicationUser> userManager,
             AccessTokenController tokenController,
             BTCPayWalletProvider walletProvider,
             BTCPayNetworkProvider networkProvider,
-            BTCPayRateProviderFactory rateFactory,
+            RateFetcher rateFactory,
             ExplorerClientProvider explorerProvider,
             IFeeProviderFactory feeRateProvider,
             LanguageService langService,
             IHostingEnvironment env)
         {
             _RateFactory = rateFactory;
-            _Dashboard = dashboard;
             _Repo = repo;
             _TokenRepository = tokenRepo;
             _UserManager = userManager;
@@ -66,19 +60,16 @@ namespace BTCPayServer.Controllers
             _Env = env;
             _NetworkProvider = networkProvider;
             _ExplorerProvider = explorerProvider;
-            _MvcJsonOptions = mvcJsonOptions.Value;
             _FeeRateProvider = feeRateProvider;
             _ServiceProvider = serviceProvider;
             _BtcpayServerOptions = btcpayServerOptions;
             _BTCPayEnv = btcpayEnv;
         }
-        NBXplorerDashboard _Dashboard;
         BTCPayServerOptions _BtcpayServerOptions;
         BTCPayServerEnvironment _BTCPayEnv;
         IServiceProvider _ServiceProvider;
         BTCPayNetworkProvider _NetworkProvider;
         private ExplorerClientProvider _ExplorerProvider;
-        private MvcJsonOptions _MvcJsonOptions;
         private IFeeProviderFactory _FeeRateProvider;
         BTCPayWalletProvider _WalletProvider;
         AccessTokenController _TokenController;
@@ -94,21 +85,6 @@ namespace BTCPayServer.Controllers
             get; set;
         }
 
-        [HttpGet]
-        [Route("{storeId}/wallet/{cryptoCode}")]
-        public IActionResult Wallet(string cryptoCode)
-        {
-            WalletModel model = new WalletModel();
-            model.ServerUrl = GetStoreUrl(StoreData.Id);
-            model.CryptoCurrency = cryptoCode;
-            return View(model);
-        }
-
-        private string GetStoreUrl(string storeId)
-        {
-            return HttpContext.Request.GetAbsoluteRoot() + "/stores/" + storeId + "/";
-        }
-
         [HttpGet]
         [Route("{storeId}/users")]
         public async Task<IActionResult> StoreUsers()
@@ -200,7 +176,7 @@ namespace BTCPayServer.Controllers
             var storeBlob = StoreData.GetStoreBlob();
             var vm = new RatesViewModel();
             vm.SetExchangeRates(GetSupportedExchanges(), storeBlob.PreferredExchange ?? CoinAverageRateProvider.CoinAverageName);
-            vm.RateMultiplier = (double)storeBlob.GetRateMultiplier();
+            vm.Spread = (double)(storeBlob.Spread * 100m);
             vm.Script = storeBlob.GetRateRules(_NetworkProvider).ToString();
             vm.DefaultScript = storeBlob.GetDefaultRateRules(_NetworkProvider).ToString();
             vm.AvailableExchanges = GetSupportedExchanges();
@@ -225,7 +201,7 @@ namespace BTCPayServer.Controllers
             model.AvailableExchanges = GetSupportedExchanges();
 
             blob.PreferredExchange = model.PreferredExchange;
-            blob.SetRateMultiplier(model.RateMultiplier);
+            blob.Spread = (decimal)model.Spread / 100.0m;
 
             if (!model.ShowScripting)
             {
@@ -283,7 +259,7 @@ namespace BTCPayServer.Controllers
                     {
                         CurrencyPair = fetch.Key.ToString(),
                         Error = testResult.Errors.Count != 0,
-                        Rule = testResult.Errors.Count == 0 ? testResult.Rule + " = " + testResult.Value.Value.ToString(CultureInfo.InvariantCulture) 
+                        Rule = testResult.Errors.Count == 0 ? testResult.Rule + " = " + testResult.BidAsk.Bid.ToString(CultureInfo.InvariantCulture)
                                                             : testResult.EvaluatedRule
                     });
                 }
@@ -313,7 +289,7 @@ namespace BTCPayServer.Controllers
                 Action = "Continue",
                 Title = "Rate rule scripting",
                 Description = scripting ?
-                                "This action will mofify your current rate sources. Are you sure to turn on rate rules scripting? (Advanced users)"
+                                "This action will modify your current rate sources. Are you sure to turn on rate rules scripting? (Advanced users)"
                                 : "This action will delete your rate script. Are you sure to turn off rate rules scripting?",
                 ButtonClass = "btn-primary"
             });
@@ -338,7 +314,7 @@ namespace BTCPayServer.Controllers
         {
             var storeBlob = StoreData.GetStoreBlob();
             var vm = new CheckoutExperienceViewModel();
-            vm.SetCryptoCurrencies(_ExplorerProvider, StoreData.GetDefaultCrypto());
+            vm.SetCryptoCurrencies(_ExplorerProvider, StoreData.GetDefaultCrypto(_NetworkProvider));
             vm.SetLanguages(_LangService, storeBlob.DefaultLang);
             vm.LightningMaxValue = storeBlob.LightningMaxValue?.ToString() ?? "";
             vm.OnChainMinValue = storeBlob.OnChainMinValue?.ToString() ?? "";
@@ -373,7 +349,7 @@ namespace BTCPayServer.Controllers
             }
             bool needUpdate = false;
             var blob = StoreData.GetStoreBlob();
-            if (StoreData.GetDefaultCrypto() != model.DefaultCryptoCurrency)
+            if (StoreData.GetDefaultCrypto(_NetworkProvider) != model.DefaultCryptoCurrency)
             {
                 needUpdate = true;
                 StoreData.SetDefaultCrypto(model.DefaultCryptoCurrency);
@@ -423,8 +399,10 @@ namespace BTCPayServer.Controllers
             vm.StoreName = store.StoreName;
             vm.StoreWebsite = store.StoreWebsite;
             vm.NetworkFee = !storeBlob.NetworkFeeDisabled;
+            vm.AnyoneCanCreateInvoice = storeBlob.AnyoneCanInvoice;
             vm.SpeedPolicy = store.SpeedPolicy;
-            AddPaymentMethods(store, vm);
+            vm.CanDelete = _Repo.CanDeleteStores();
+            AddPaymentMethods(store, storeBlob, vm);
             vm.MonitoringExpiration = storeBlob.MonitoringExpiration;
             vm.InvoiceExpiration = storeBlob.InvoiceExpiration;
             vm.LightningDescriptionTemplate = storeBlob.LightningDescriptionTemplate;
@@ -433,8 +411,9 @@ namespace BTCPayServer.Controllers
         }
 
 
-        private void AddPaymentMethods(StoreData store, StoreViewModel vm)
+        private void AddPaymentMethods(StoreData store, StoreBlob storeBlob, StoreViewModel vm)
         {
+            var excludeFilters = storeBlob.GetExcludedPaymentMethods();
             var derivationByCryptoCode =
                 store
                 .GetSupportedPaymentMethods(_NetworkProvider)
@@ -446,7 +425,9 @@ namespace BTCPayServer.Controllers
                 vm.DerivationSchemes.Add(new StoreViewModel.DerivationScheme()
                 {
                     Crypto = network.CryptoCode,
-                    Value = strategy?.DerivationStrategyBase?.ToString() ?? string.Empty
+                    Value = strategy?.DerivationStrategyBase?.ToString() ?? string.Empty,
+                    WalletId = new WalletId(store.Id, network.CryptoCode),
+                    Enabled = !excludeFilters.Match(new Payments.PaymentMethodId(network.CryptoCode, Payments.PaymentTypes.BTCLike))
                 });
             }
 
@@ -458,20 +439,20 @@ namespace BTCPayServer.Controllers
             foreach (var network in _NetworkProvider.GetAll())
             {
                 var lightning = lightningByCryptoCode.TryGet(network.CryptoCode);
+                var paymentId = new Payments.PaymentMethodId(network.CryptoCode, Payments.PaymentTypes.LightningLike);
                 vm.LightningNodes.Add(new StoreViewModel.LightningNode()
                 {
                     CryptoCode = network.CryptoCode,
-                    Address = lightning?.GetLightningUrl()?.BaseUri.AbsoluteUri ?? string.Empty
+                    Address = lightning?.GetLightningUrl()?.BaseUri.AbsoluteUri ?? string.Empty,
+                    Enabled = !excludeFilters.Match(paymentId)
                 });
             }
         }
 
         [HttpPost]
         [Route("{storeId}")]
-        public async Task<IActionResult> UpdateStore(StoreViewModel model)
+        public async Task<IActionResult> UpdateStore(StoreViewModel model, string command = null)
         {
-            AddPaymentMethods(StoreData, model);
-
             bool needUpdate = false;
             if (StoreData.SpeedPolicy != model.SpeedPolicy)
             {
@@ -490,6 +471,7 @@ namespace BTCPayServer.Controllers
             }
 
             var blob = StoreData.GetStoreBlob();
+            blob.AnyoneCanInvoice = model.AnyoneCanCreateInvoice;
             blob.NetworkFeeDisabled = !model.NetworkFee;
             blob.MonitoringExpiration = model.MonitoringExpiration;
             blob.InvoiceExpiration = model.InvoiceExpiration;
@@ -511,11 +493,34 @@ namespace BTCPayServer.Controllers
             {
                 storeId = StoreData.Id
             });
+
+        }
+
+        [HttpGet]
+        [Route("{storeId}/delete")]
+        public IActionResult DeleteStore(string storeId)
+        {
+            return View("Confirm", new ConfirmModel()
+            {
+                Action = "Delete this store",
+                Title = "Delete this store",
+                Description = "This action is irreversible and will remove all information related to this store. (Invoices, Apps etc...)",
+                ButtonClass = "btn-danger"
+            });
+        }
+
+        [HttpPost]
+        [Route("{storeId}/delete")]
+        public async Task<IActionResult> DeleteStorePost(string storeId)
+        {
+            await _Repo.DeleteStore(StoreData.Id);
+            StatusMessage = "Success: Store successfully deleted";
+            return RedirectToAction(nameof(UserStoresController.ListStores), "UserStores");
         }
 
         private CoinAverageExchange[] GetSupportedExchanges()
         {
-            return _RateFactory.GetSupportedExchanges()
+            return _RateFactory.RateProviderFactory.GetSupportedExchanges()
                     .Select(c => c.Value)
                     .OrderBy(s => s.Name, StringComparer.OrdinalIgnoreCase)
                     .ToArray();
@@ -761,5 +766,54 @@ namespace BTCPayServer.Controllers
                 return null;
             return _UserManager.GetUserId(User);
         }
+
+
+
+        // TODO: Need to have talk about how architect default currency implementation
+        // For now we have also hardcoded USD for Store creation and then Invoice creation
+        const string DEFAULT_CURRENCY = "USD";
+
+        [Route("{storeId}/paybutton")]
+        public IActionResult PayButton()
+        {
+            var store = StoreData;
+
+            var storeBlob = store.GetStoreBlob();
+            if (!storeBlob.AnyoneCanInvoice)
+            {
+                return View("PayButtonEnable", null);
+            }
+
+            var appUrl = HttpContext.Request.GetAbsoluteRoot().WithTrailingSlash();
+            var model = new PayButtonViewModel
+            {
+                Price = 10,
+                Currency = DEFAULT_CURRENCY,
+                ButtonSize = 2,
+                UrlRoot = appUrl,
+                PayButtonImageUrl = appUrl + "img/paybutton/pay.png",
+                StoreId = store.Id
+            };
+            return View(model);
+        }
+
+        [HttpPost]
+        [Route("{storeId}/paybutton")]
+        public async Task<IActionResult> PayButton(bool enableStore)
+        {
+            var blob = StoreData.GetStoreBlob();
+            blob.AnyoneCanInvoice = enableStore;
+            if (StoreData.SetStoreBlob(blob))
+            {
+                await _Repo.UpdateStore(StoreData);
+                StatusMessage = "Store successfully updated";
+            }
+
+            return RedirectToAction(nameof(PayButton), new
+            {
+                storeId = StoreData.Id
+            });
+
+        }
     }
 }

BTCPayServer/Controllers/UserStoresController.cs

@@ -23,33 +23,16 @@ namespace BTCPayServer.Controllers
         private StoreRepository _Repo;
         private BTCPayNetworkProvider _NetworkProvider;
         private UserManager<ApplicationUser> _UserManager;
-        private BTCPayWalletProvider _WalletProvider;
 
         public UserStoresController(
             UserManager<ApplicationUser> userManager,
             BTCPayNetworkProvider networkProvider,
-            BTCPayWalletProvider walletProvider,
             StoreRepository storeRepository)
         {
             _Repo = storeRepository;
             _NetworkProvider = networkProvider;
             _UserManager = userManager;
-            _WalletProvider = walletProvider;
-        }
-        [HttpGet]
-        [Route("{storeId}/delete")]
-        public IActionResult DeleteStore(string storeId)
-        {
-            var store = HttpContext.GetStoreData();
-            if (store == null)
-                return NotFound();
-            return View("Confirm", new ConfirmModel()
-            {
-                Title = "Delete store " + store.StoreName,
-                Description = "This store will still be accessible to users sharing it",
-                Action = "Delete"
-            });
-        }
+        }        
 
         [HttpGet]
         [Route("create")]
@@ -63,8 +46,23 @@ namespace BTCPayServer.Controllers
             get; set;
         }
 
+        [HttpGet]
+        [Route("{storeId}/me/delete")]
+        public IActionResult DeleteStore(string storeId)
+        {
+            var store = HttpContext.GetStoreData();
+            if (store == null)
+                return NotFound();
+            return View("Confirm", new ConfirmModel()
+            {
+                Title = "Delete store " + store.StoreName,
+                Description = "This store will still be accessible to users sharing it",
+                Action = "Delete"
+            });
+        }
+
         [HttpPost]
-        [Route("{storeId}/delete")]
+        [Route("{storeId}/me/delete")]
         public async Task<IActionResult> DeleteStorePost(string storeId)
         {
             var userId = GetUserId();
@@ -84,17 +82,6 @@ namespace BTCPayServer.Controllers
         {
             StoresViewModel result = new StoresViewModel();
             var stores = await _Repo.GetStoresByUserId(GetUserId());
-
-            var balances = stores
-                                .Select(s => s.GetSupportedPaymentMethods(_NetworkProvider)
-                                              .OfType<DerivationStrategy>()
-                                              .Select(d => ((Wallet: _WalletProvider.GetWallet(d.Network),
-                                                            DerivationStrategy: d.DerivationStrategyBase)))
-                                              .Where(_ => _.Wallet != null)
-                                              .Select(async _ => (await GetBalanceString(_)) + " " + _.Wallet.Network.CryptoCode))
-                                .ToArray();
-
-            await Task.WhenAll(balances.SelectMany(_ => _));
             for (int i = 0; i < stores.Length; i++)
             {
                 var store = stores[i];
@@ -103,8 +90,7 @@ namespace BTCPayServer.Controllers
                     Id = store.Id,
                     Name = store.StoreName,
                     WebSite = store.StoreWebsite,
-                    IsOwner = store.HasClaim(Policies.CanModifyStoreSettings.Key),
-                    Balances = store.HasClaim(Policies.CanModifyStoreSettings.Key) ? balances[i].Select(t => t.Result).ToArray() : Array.Empty<string>()
+                    IsOwner = store.HasClaim(Policies.CanModifyStoreSettings.Key)
                 });
             }
             return View(result);
@@ -121,25 +107,12 @@ namespace BTCPayServer.Controllers
             var store = await _Repo.CreateStore(GetUserId(), vm.Name);
             CreatedStoreId = store.Id;
             StatusMessage = "Store successfully created";
-            return RedirectToAction(nameof(ListStores));
-        }
-
-        private static async Task<string> GetBalanceString((BTCPayWallet Wallet, DerivationStrategyBase DerivationStrategy) _)
-        {
-            using (CancellationTokenSource cts = new CancellationTokenSource(TimeSpan.FromSeconds(10)))
+            return RedirectToAction(nameof(StoresController.UpdateStore), "Stores", new
             {
-                try
-                {
-                    return (await _.Wallet.GetBalance(_.DerivationStrategy, cts.Token)).ToString();
-                }
-                catch
-                {
-                    return "--";
-                }
-            }
+                storeId = store.Id
+            });
         }
 
-
         private string GetUserId()
         {
             return _UserManager.GetUserId(User);

BTCPayServer/Controllers/WalletsController.cs

@@ -0,0 +1,493 @@
+using System;
+using System.Collections.Generic;
+using System.Globalization;
+using System.Linq;
+using System.Net.WebSockets;
+using System.Text;
+using System.Threading;
+using System.Threading.Tasks;
+using BTCPayServer.Data;
+using BTCPayServer.HostedServices;
+using BTCPayServer.ModelBinders;
+using BTCPayServer.Models;
+using BTCPayServer.Models.WalletViewModels;
+using BTCPayServer.Security;
+using BTCPayServer.Services;
+using BTCPayServer.Services.Rates;
+using BTCPayServer.Services.Stores;
+using BTCPayServer.Services.Wallets;
+using LedgerWallet;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
+using NBitcoin;
+using NBXplorer.DerivationStrategy;
+using Newtonsoft.Json;
+using static BTCPayServer.Controllers.StoresController;
+
+namespace BTCPayServer.Controllers
+{
+    [Route("wallets")]
+    [Authorize(AuthenticationSchemes = Policies.CookieAuthentication)]
+    [AutoValidateAntiforgeryToken]
+    public partial class WalletsController : Controller
+    {
+        public StoreRepository Repository { get; }
+        public BTCPayNetworkProvider NetworkProvider { get; }
+        public ExplorerClientProvider ExplorerClientProvider { get; }
+
+        private readonly UserManager<ApplicationUser> _userManager;
+        private readonly IOptions<MvcJsonOptions> _mvcJsonOptions;
+        private readonly NBXplorerDashboard _dashboard;
+
+        private readonly IFeeProviderFactory _feeRateProvider;
+        private readonly BTCPayWalletProvider _walletProvider;
+        public RateFetcher RateFetcher { get; }
+        CurrencyNameTable _currencyTable;
+        public WalletsController(StoreRepository repo,
+                                 CurrencyNameTable currencyTable,
+                                 BTCPayNetworkProvider networkProvider,
+                                 UserManager<ApplicationUser> userManager,
+                                 IOptions<MvcJsonOptions> mvcJsonOptions,
+                                 NBXplorerDashboard dashboard,
+                                 RateFetcher rateProvider,
+                                 ExplorerClientProvider explorerProvider,
+                                 IFeeProviderFactory feeRateProvider,
+                                 BTCPayWalletProvider walletProvider)
+        {
+            _currencyTable = currencyTable;
+            Repository = repo;
+            RateFetcher = rateProvider;
+            NetworkProvider = networkProvider;
+            _userManager = userManager;
+            _mvcJsonOptions = mvcJsonOptions;
+            _dashboard = dashboard;
+            ExplorerClientProvider = explorerProvider;
+            _feeRateProvider = feeRateProvider;
+            _walletProvider = walletProvider;
+        }
+
+        public async Task<IActionResult> ListWallets()
+        {
+            var wallets = new ListWalletsViewModel();
+            var stores = await Repository.GetStoresByUserId(GetUserId());
+
+            var onChainWallets = stores
+                                .SelectMany(s => s.GetSupportedPaymentMethods(NetworkProvider)
+                                              .OfType<DerivationStrategy>()
+                                              .Select(d => ((Wallet: _walletProvider.GetWallet(d.Network),
+                                                            DerivationStrategy: d.DerivationStrategyBase,
+                                                            Network: d.Network)))
+                                              .Where(_ => _.Wallet != null)
+                                              .Select(_ => (Wallet: _.Wallet,
+                                                            Store: s,
+                                                            Balance: GetBalanceString(_.Wallet, _.DerivationStrategy),
+                                                            DerivationStrategy: _.DerivationStrategy,
+                                                            Network: _.Network)))
+                                              .ToList();
+
+            foreach (var wallet in onChainWallets)
+            {
+                ListWalletsViewModel.WalletViewModel walletVm = new ListWalletsViewModel.WalletViewModel();
+                wallets.Wallets.Add(walletVm);
+                walletVm.Balance = await wallet.Balance + " " + wallet.Wallet.Network.CryptoCode;
+                if (!wallet.Store.HasClaim(Policies.CanModifyStoreSettings.Key))
+                {
+                    walletVm.Balance = "";
+                }
+                walletVm.CryptoCode = wallet.Network.CryptoCode;
+                walletVm.StoreId = wallet.Store.Id;
+                walletVm.Id = new WalletId(wallet.Store.Id, wallet.Network.CryptoCode);
+                walletVm.StoreName = wallet.Store.StoreName;
+                walletVm.IsOwner = wallet.Store.HasClaim(Policies.CanModifyStoreSettings.Key);
+            }
+
+            return View(wallets);
+        }
+
+        [HttpGet]
+        [Route("{walletId}")]
+        public async Task<IActionResult> WalletTransactions(
+            [ModelBinder(typeof(WalletIdModelBinder))]
+            WalletId walletId)
+        {
+            var store = await Repository.FindStore(walletId.StoreId, GetUserId());
+            DerivationStrategy paymentMethod = GetPaymentMethod(walletId, store);
+            if (paymentMethod == null)
+                return NotFound();
+
+            var wallet = _walletProvider.GetWallet(paymentMethod.Network);
+            var transactions = await wallet.FetchTransactions(paymentMethod.DerivationStrategyBase);
+
+            var model = new ListTransactionsViewModel();
+            foreach (var tx in transactions.UnconfirmedTransactions.Transactions.Concat(transactions.ConfirmedTransactions.Transactions))
+            {
+                var vm = new ListTransactionsViewModel.TransactionViewModel();
+                model.Transactions.Add(vm);
+                vm.Id = tx.TransactionId.ToString();
+                vm.Link = string.Format(CultureInfo.InvariantCulture, paymentMethod.Network.BlockExplorerLink, vm.Id);
+                vm.Timestamp = tx.Timestamp;
+                vm.Positive = tx.BalanceChange >= Money.Zero;
+                vm.Balance = tx.BalanceChange.ToString();
+            }
+            model.Transactions = model.Transactions.OrderByDescending(t => t.Timestamp).ToList();
+            return View(model);
+        }
+
+
+        [HttpGet]
+        [Route("{walletId}/send")]
+        public async Task<IActionResult> WalletSend(
+            [ModelBinder(typeof(WalletIdModelBinder))]
+            WalletId walletId, string defaultDestination = null, string defaultAmount = null)
+        {
+            if (walletId?.StoreId == null)
+                return NotFound();
+            var store = await Repository.FindStore(walletId.StoreId, GetUserId());
+            DerivationStrategy paymentMethod = GetPaymentMethod(walletId, store);
+            if (paymentMethod == null)
+                return NotFound();
+
+            var storeData = store.GetStoreBlob();
+            var rateRules = store.GetStoreBlob().GetRateRules(NetworkProvider);
+            rateRules.Spread = 0.0m;
+            var currencyPair = new Rating.CurrencyPair(paymentMethod.PaymentId.CryptoCode, GetCurrencyCode(storeData.DefaultLang) ?? "USD");
+            WalletModel model = new WalletModel()
+            {
+                DefaultAddress = defaultDestination,
+                DefaultAmount = defaultAmount,
+                ServerUrl = GetLedgerWebsocketUrl(this.HttpContext, walletId.CryptoCode, paymentMethod.DerivationStrategyBase),
+                CryptoCurrency = walletId.CryptoCode
+            };
+
+            using (CancellationTokenSource cts = new CancellationTokenSource())
+            {
+                try
+                {
+                    cts.CancelAfter(TimeSpan.FromSeconds(5));
+                    var result = await RateFetcher.FetchRate(currencyPair, rateRules).WithCancellation(cts.Token);
+                    if (result.BidAsk != null)
+                    {
+                        model.Rate = result.BidAsk.Center;
+                        model.Divisibility = _currencyTable.GetNumberFormatInfo(currencyPair.Right, true).CurrencyDecimalDigits;
+                        model.Fiat = currencyPair.Right;
+                    }
+                    else
+                    {
+                        model.RateError = $"{result.EvaluatedRule} ({string.Join(", ", result.Errors.OfType<object>().ToArray())})";
+                    }
+                }
+                catch (Exception ex) { model.RateError = ex.Message; }
+            }
+            return View(model);
+        }
+
+        private string GetCurrencyCode(string defaultLang)
+        {
+            if (defaultLang == null)
+                return null;
+            try
+            {
+                var ri = new RegionInfo(defaultLang);
+                return ri.ISOCurrencySymbol;
+            }
+            catch (ArgumentException) { }
+            return null;
+        }
+
+        private DerivationStrategy GetPaymentMethod(WalletId walletId, StoreData store)
+        {
+            if (store == null || !store.HasClaim(Policies.CanModifyStoreSettings.Key))
+                return null;
+
+            var paymentMethod = store
+                            .GetSupportedPaymentMethods(NetworkProvider)
+                            .OfType<DerivationStrategy>()
+                            .FirstOrDefault(p => p.PaymentId.PaymentType == Payments.PaymentTypes.BTCLike && p.PaymentId.CryptoCode == walletId.CryptoCode);
+            return paymentMethod;
+        }
+
+        private static async Task<string> GetBalanceString(BTCPayWallet wallet, DerivationStrategyBase derivationStrategy)
+        {
+            using (CancellationTokenSource cts = new CancellationTokenSource(TimeSpan.FromSeconds(10)))
+            {
+                try
+                {
+                    return (await wallet.GetBalance(derivationStrategy, cts.Token)).ToString();
+                }
+                catch
+                {
+                    return "--";
+                }
+            }
+        }
+
+        private string GetUserId()
+        {
+            return _userManager.GetUserId(User);
+        }
+
+        public static string GetLedgerWebsocketUrl(HttpContext httpContext, string cryptoCode, DerivationStrategyBase derivationStrategy)
+        {
+            return $"{httpContext.Request.GetAbsoluteRoot().WithTrailingSlash()}ws/ledger/{cryptoCode}/{derivationStrategy?.ToString() ?? string.Empty}";
+        }
+
+        [HttpGet]
+        [Route("/ws/ledger/{cryptoCode}/{derivationScheme?}")]
+        public async Task<IActionResult> LedgerConnection(
+            string command,
+            // getinfo
+            string cryptoCode = null,
+            // getxpub
+            [ModelBinder(typeof(ModelBinders.DerivationSchemeModelBinder))]
+            DerivationStrategyBase derivationScheme = null,
+            int account = 0,
+            // sendtoaddress
+            string destination = null, string amount = null, string feeRate = null, string substractFees = null
+            )
+        {
+            if (!HttpContext.WebSockets.IsWebSocketRequest)
+                return NotFound();
+            var webSocket = await HttpContext.WebSockets.AcceptWebSocketAsync();
+
+            using (var normalOperationTimeout = new CancellationTokenSource())
+            using (var signTimeout = new CancellationTokenSource())
+            {
+                normalOperationTimeout.CancelAfter(TimeSpan.FromMinutes(30));
+                var hw = new HardwareWalletService(webSocket);
+                object result = null;
+                try
+                {
+                    BTCPayNetwork network = null;
+                    if (cryptoCode != null)
+                    {
+                        network = NetworkProvider.GetNetwork(cryptoCode);
+                        if (network == null)
+                            throw new FormatException("Invalid value for crypto code");
+                    }
+
+                    BitcoinAddress destinationAddress = null;
+                    if (destination != null)
+                    {
+                        try
+                        {
+                            destinationAddress = BitcoinAddress.Create(destination, network.NBitcoinNetwork);
+                        }
+                        catch { }
+                        if (destinationAddress == null)
+                            throw new FormatException("Invalid value for destination");
+                    }
+
+                    FeeRate feeRateValue = null;
+                    if (feeRate != null)
+                    {
+                        try
+                        {
+                            feeRateValue = new FeeRate(Money.Satoshis(int.Parse(feeRate, CultureInfo.InvariantCulture)), 1);
+                        }
+                        catch { }
+                        if (feeRateValue == null || feeRateValue.FeePerK <= Money.Zero)
+                            throw new FormatException("Invalid value for fee rate");
+                    }
+
+                    Money amountBTC = null;
+                    if (amount != null)
+                    {
+                        try
+                        {
+                            amountBTC = Money.Parse(amount);
+                        }
+                        catch { }
+                        if (amountBTC == null || amountBTC <= Money.Zero)
+                            throw new FormatException("Invalid value for amount");
+                    }
+
+                    bool subsctractFeesValue = false;
+                    if (substractFees != null)
+                    {
+                        try
+                        {
+                            subsctractFeesValue = bool.Parse(substractFees);
+                        }
+                        catch { throw new FormatException("Invalid value for subtract fees"); }
+                    }
+                    if (command == "test")
+                    {
+                        result = await hw.Test(normalOperationTimeout.Token);
+                    }
+                    if (command == "getxpub")
+                    {
+                        var getxpubResult = await hw.GetExtPubKey(network, account, normalOperationTimeout.Token);
+                        result = getxpubResult;
+                    }
+                    if (command == "getinfo")
+                    {
+                        var strategy = GetDirectDerivationStrategy(derivationScheme);
+                        if (strategy == null || await hw.GetKeyPath(network, strategy, normalOperationTimeout.Token) == null)
+                        {
+                            throw new Exception($"This store is not configured to use this ledger");
+                        }
+
+                        var feeProvider = _feeRateProvider.CreateFeeProvider(network);
+                        var recommendedFees = feeProvider.GetFeeRateAsync();
+                        var balance = _walletProvider.GetWallet(network).GetBalance(derivationScheme);
+                        result = new GetInfoResult() { Balance = (double)(await balance).ToDecimal(MoneyUnit.BTC), RecommendedSatoshiPerByte = (int)(await recommendedFees).GetFee(1).Satoshi };
+                    }
+
+                    if (command == "sendtoaddress")
+                    {
+                        if (!_dashboard.IsFullySynched(network.CryptoCode, out var summary))
+                            throw new Exception($"{network.CryptoCode}: not started or fully synched");
+                        var strategy = GetDirectDerivationStrategy(derivationScheme);
+                        var wallet = _walletProvider.GetWallet(network);
+                        var change = wallet.GetChangeAddressAsync(derivationScheme);
+
+                        var unspentCoins = await wallet.GetUnspentCoins(derivationScheme);
+                        var changeAddress = await change;
+                        var send = new[] { (
+                        destination: destinationAddress as IDestination,
+                        amount: amountBTC,
+                        substractFees: subsctractFeesValue) };
+
+                        foreach (var element in send)
+                        {
+                            if (element.destination == null)
+                                throw new ArgumentNullException(nameof(element.destination));
+                            if (element.amount == null)
+                                throw new ArgumentNullException(nameof(element.amount));
+                            if (element.amount <= Money.Zero)
+                                throw new ArgumentOutOfRangeException(nameof(element.amount), "The amount should be above zero");
+                        }
+
+                        var foundKeyPath = await hw.GetKeyPath(network, strategy, normalOperationTimeout.Token);
+                        if (foundKeyPath == null)
+                        {
+                            throw new HardwareWalletException($"This store is not configured to use this ledger");
+                        }
+
+                        TransactionBuilder builder = new TransactionBuilder();
+                        builder.StandardTransactionPolicy.MinRelayTxFee = summary.Status.BitcoinStatus.MinRelayTxFee;
+                        builder.SetConsensusFactory(network.NBitcoinNetwork);
+                        builder.AddCoins(unspentCoins.Select(c => c.Coin).ToArray());
+
+                        foreach (var element in send)
+                        {
+                            builder.Send(element.destination, element.amount);
+                            if (element.substractFees)
+                                builder.SubtractFees();
+                        }
+                        builder.SetChange(changeAddress.Item1);
+
+                        if (network.MinFee == null)
+                        {
+                            builder.SendEstimatedFees(feeRateValue);
+                        }
+                        else
+                        {
+                            var estimatedFee = builder.EstimateFees(feeRateValue);
+                            if (network.MinFee > estimatedFee)
+                                builder.SendFees(network.MinFee);
+                            else
+                                builder.SendEstimatedFees(feeRateValue);
+                        }
+                        builder.Shuffle();
+                        var unsigned = builder.BuildTransaction(false);
+
+                        var keypaths = new Dictionary<Script, KeyPath>();
+                        foreach (var c in unspentCoins)
+                        {
+                            keypaths.TryAdd(c.Coin.ScriptPubKey, c.KeyPath);
+                        }
+
+                        var hasChange = unsigned.Outputs.Count == 2;
+                        var usedCoins = builder.FindSpentCoins(unsigned);
+
+                        Dictionary<uint256, Transaction> parentTransactions = new Dictionary<uint256, Transaction>();
+
+                        if (!strategy.Segwit)
+                        {
+                            var parentHashes = usedCoins.Select(c => c.Outpoint.Hash).ToHashSet();
+                            var explorer = ExplorerClientProvider.GetExplorerClient(network);
+                            var getTransactionAsyncs = parentHashes.Select(h => (Op: explorer.GetTransactionAsync(h), Hash: h)).ToList();
+                            foreach (var getTransactionAsync in getTransactionAsyncs)
+                            {
+                                var tx = (await getTransactionAsync.Op);
+                                if (tx == null)
+                                    throw new Exception($"Parent transaction {getTransactionAsync.Hash} not found");
+                                parentTransactions.Add(tx.Transaction.GetHash(), tx.Transaction);
+                            }
+                        }
+
+
+                        signTimeout.CancelAfter(TimeSpan.FromMinutes(5));
+                        var transaction = await hw.SignTransactionAsync(usedCoins.Select(c => new SignatureRequest
+                        {
+                            InputTransaction = parentTransactions.TryGet(c.Outpoint.Hash),
+                            InputCoin = c,
+                            KeyPath = foundKeyPath.Derive(keypaths[c.TxOut.ScriptPubKey]),
+                            PubKey = strategy.Root.Derive(keypaths[c.TxOut.ScriptPubKey]).PubKey
+                        }).ToArray(), unsigned, hasChange ? foundKeyPath.Derive(changeAddress.Item2) : null, signTimeout.Token);
+                        try
+                        {
+                            var broadcastResult = await wallet.BroadcastTransactionsAsync(new List<Transaction>() { transaction });
+                            if (!broadcastResult[0].Success)
+                            {
+                                throw new Exception($"RPC Error while broadcasting: {broadcastResult[0].RPCCode} {broadcastResult[0].RPCCodeMessage} {broadcastResult[0].RPCMessage}");
+                            }
+                        }
+                        catch (Exception ex)
+                        {
+                            throw new Exception("Error while broadcasting: " + ex.Message);
+                        }
+                        wallet.InvalidateCache(derivationScheme);
+                        result = new SendToAddressResult() { TransactionId = transaction.GetHash().ToString() };
+                    }
+                }
+                catch (OperationCanceledException)
+                { result = new LedgerTestResult() { Success = false, Error = "Timeout" }; }
+                catch (Exception ex)
+                { result = new LedgerTestResult() { Success = false, Error = ex.Message }; }
+                finally { hw.Dispose(); }
+                try
+                {
+                    if (result != null)
+                    {
+                        UTF8Encoding UTF8NOBOM = new UTF8Encoding(false);
+                        var bytes = UTF8NOBOM.GetBytes(JsonConvert.SerializeObject(result, _mvcJsonOptions.Value.SerializerSettings));
+                        await webSocket.SendAsync(new ArraySegment<byte>(bytes), WebSocketMessageType.Text, true, new CancellationTokenSource(2000).Token);
+                    }
+                }
+                catch { }
+                finally
+                {
+                    await webSocket.CloseSocket();
+                }
+            }
+            return new EmptyResult();
+        }
+
+        private DirectDerivationStrategy GetDirectDerivationStrategy(DerivationStrategyBase strategy)
+        {
+            if (strategy == null)
+                throw new Exception("The derivation scheme is not provided");
+            var directStrategy = strategy as DirectDerivationStrategy;
+            if (directStrategy == null)
+                directStrategy = (strategy as P2SHDerivationStrategy).Inner as DirectDerivationStrategy;
+            return directStrategy;
+        }
+    }
+
+
+    public class GetInfoResult
+    {
+        public int RecommendedSatoshiPerByte { get; set; }
+        public double Balance { get; set; }
+    }
+
+    public class SendToAddressResult
+    {
+        public string TransactionId { get; set; }
+    }
+}

BTCPayServer/CorsPolicies.cs

@@ -0,0 +1,12 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer
+{
+    public static class CorsPolicies
+    {
+        public const string All = "BTCPAY_ALL";
+    }
+}

BTCPayServer/Data/APIKeyData.cs

@@ -19,5 +19,7 @@ namespace BTCPayServer.Data
         {
             get; set;
         }
+
+        public StoreData StoreData { get; set; }
     }
 }

BTCPayServer/Data/ApplicationDbContext.cs

@@ -102,14 +102,27 @@ namespace BTCPayServer.Data
         {
             base.OnModelCreating(builder);
             builder.Entity<InvoiceData>()
-                .HasIndex(o => o.StoreDataId);
+                .HasOne(o => o.StoreData)
+                .WithMany(a => a.Invoices).OnDelete(DeleteBehavior.Cascade);
+            builder.Entity<InvoiceData>().HasIndex(o => o.StoreDataId);
+
 
             builder.Entity<PaymentData>()
-                .HasIndex(o => o.InvoiceDataId);
+                   .HasOne(o => o.InvoiceData)
+                   .WithMany(i => i.Payments).OnDelete(DeleteBehavior.Cascade);
+            builder.Entity<PaymentData>()
+                   .HasIndex(o => o.InvoiceDataId);
 
+
+            builder.Entity<RefundAddressesData>()
+                   .HasOne(o => o.InvoiceData)
+                   .WithMany(i => i.RefundAddresses).OnDelete(DeleteBehavior.Cascade);
             builder.Entity<RefundAddressesData>()
                 .HasIndex(o => o.InvoiceDataId);
 
+            builder.Entity<UserStore>()
+                   .HasOne(o => o.StoreData)
+                   .WithMany(i => i.UserStores).OnDelete(DeleteBehavior.Cascade);
             builder.Entity<UserStore>()
                    .HasKey(t => new
                    {
@@ -117,9 +130,16 @@ namespace BTCPayServer.Data
                        t.StoreDataId
                    });
 
+            builder.Entity<APIKeyData>()
+                   .HasOne(o => o.StoreData)
+                   .WithMany(i => i.APIKeys)
+                   .HasForeignKey(i => i.StoreId).OnDelete(DeleteBehavior.Cascade);
             builder.Entity<APIKeyData>()
                 .HasIndex(o => o.StoreId);
 
+            builder.Entity<AppData>()
+                   .HasOne(o => o.StoreData)
+                   .WithMany(i => i.Apps).OnDelete(DeleteBehavior.Cascade);
             builder.Entity<AppData>()
                     .HasOne(a => a.StoreData);
 
@@ -133,6 +153,10 @@ namespace BTCPayServer.Data
                 .WithMany(t => t.UserStores)
                 .HasForeignKey(pt => pt.StoreDataId);
 
+
+            builder.Entity<AddressInvoiceData>()
+                   .HasOne(o => o.InvoiceData)
+                   .WithMany(i => i.AddressInvoices).OnDelete(DeleteBehavior.Cascade);
             builder.Entity<AddressInvoiceData>()
 #pragma warning disable CS0618
                 .HasKey(o => o.Address);
@@ -141,12 +165,24 @@ namespace BTCPayServer.Data
             builder.Entity<PairingCodeData>()
                 .HasKey(o => o.Id);
 
+            builder.Entity<PendingInvoiceData>()
+                .HasOne(o => o.InvoiceData)
+                .WithMany(o => o.PendingInvoices)
+                .HasForeignKey(o => o.Id).OnDelete(DeleteBehavior.Cascade);
+
+
+            builder.Entity<PairedSINData>()
+                   .HasOne(o => o.StoreData)
+                   .WithMany(i => i.PairedSINs).OnDelete(DeleteBehavior.Cascade);
             builder.Entity<PairedSINData>(b =>
             {
                 b.HasIndex(o => o.SIN);
                 b.HasIndex(o => o.StoreDataId);
             });
 
+            builder.Entity<HistoricalAddressInvoiceData>()
+                   .HasOne(o => o.InvoiceData)
+                   .WithMany(i => i.HistoricalAddressInvoices).OnDelete(DeleteBehavior.Cascade);
             builder.Entity<HistoricalAddressInvoiceData>()
                 .HasKey(o => new
                 {
@@ -156,6 +192,10 @@ namespace BTCPayServer.Data
 #pragma warning restore CS0618
                 });
 
+
+            builder.Entity<InvoiceEventData>()
+                   .HasOne(o => o.InvoiceData)
+                   .WithMany(i => i.Events).OnDelete(DeleteBehavior.Cascade);
             builder.Entity<InvoiceEventData>()
                 .HasKey(o => new
                 {

BTCPayServer/Data/ApplicationDbContextFactory.cs

@@ -29,6 +29,15 @@ namespace BTCPayServer.Data
             _Type = type;
         }
 
+
+        public DatabaseType Type
+        {
+            get
+            {
+                return _Type;
+            }
+        }
+
         public ApplicationDbContext CreateContext()
         {
             var builder = new DbContextOptionsBuilder<ApplicationDbContext>();

BTCPayServer/Data/HistoricalAddressInvoiceData.cs

@@ -12,6 +12,11 @@ namespace BTCPayServer.Data
             get; set;
         }
 
+        public InvoiceData InvoiceData
+        {
+            get; set;
+        }
+
         /// <summary>
         /// Some crypto currencies share same address prefix
         /// For not having exceptions thrown by two address on different network, we suffix by "#CRYPTOCODE" 

BTCPayServer/Data/InvoiceData.cs

@@ -80,5 +80,6 @@ namespace BTCPayServer.Data
         {
             get; set;
         }
+        public List<PendingInvoiceData> PendingInvoices { get; set; }
     }
 }

BTCPayServer/Data/InvoiceEventData.cs

@@ -11,6 +11,10 @@ namespace BTCPayServer.Data
         {
             get; set;
         }
+        public InvoiceData InvoiceData
+        {
+            get; set;
+        }
         public string UniqueId { get; internal set; }
         public DateTimeOffset Timestamp
         {

BTCPayServer/Data/PairedSINData.cs

@@ -21,6 +21,9 @@ namespace BTCPayServer.Data
         {
             get; set;
         }
+
+        public StoreData StoreData { get; set; }
+
         public string Label
         {
             get;

BTCPayServer/Data/PendingInvoiceData.cs

@@ -11,5 +11,6 @@ namespace BTCPayServer.Data
         {
             get; set;
         }
+        public InvoiceData InvoiceData { get; set; }
     }
 }

BTCPayServer/Data/StoreData.cs

@@ -34,12 +34,13 @@ namespace BTCPayServer.Data
         {
             get; set;
         }
-
         public List<AppData> Apps
         {
             get; set;
         }
 
+        public List<InvoiceData> Invoices { get; set; }
+
         [Obsolete("Use GetDerivationStrategies instead")]
         public string DerivationStrategy
         {
@@ -165,24 +166,25 @@ namespace BTCPayServer.Data
         public Claim[] GetClaims()
         {
             List<Claim> claims = new List<Claim>();
+            claims.AddRange(AdditionalClaims);
 #pragma warning disable CS0612 // Type or member is obsolete
             var role = Role;
 #pragma warning restore CS0612 // Type or member is obsolete
             if (role == StoreRoles.Owner)
             {
                 claims.Add(new Claim(Policies.CanModifyStoreSettings.Key, Id));
-                claims.Add(new Claim(Policies.CanUseStore.Key, Id));
             }
-            if (role == StoreRoles.Guest)
+
+            if(role == StoreRoles.Owner || role == StoreRoles.Guest || GetStoreBlob().AnyoneCanInvoice)
             {
-                claims.Add(new Claim(Policies.CanUseStore.Key, Id));
+                claims.Add(new Claim(Policies.CanCreateInvoice.Key, Id));
             }
             return claims.ToArray();
         }
 
         public bool HasClaim(string claim)
         {
-            return GetClaims().Any(c => c.Type == claim);
+            return GetClaims().Any(c => c.Type == claim && c.Value == Id);
         }
 
         public byte[] StoreBlob
@@ -192,11 +194,16 @@ namespace BTCPayServer.Data
         }
         [Obsolete("Use GetDefaultCrypto instead")]
         public string DefaultCrypto { get; set; }
+        public List<PairedSINData> PairedSINs { get; set; }
+        public IEnumerable<APIKeyData> APIKeys { get; set; }
+
+        [NotMapped]
+        public List<Claim> AdditionalClaims { get; set; } = new List<Claim>();
 
 #pragma warning disable CS0618
-        public string GetDefaultCrypto()
+        public string GetDefaultCrypto(BTCPayNetworkProvider networkProvider = null)
         {
-            return DefaultCrypto ?? "BTC";
+            return DefaultCrypto ?? (networkProvider == null ? "BTC" : GetSupportedPaymentMethods(networkProvider).Select(p => p.PaymentId.CryptoCode).FirstOrDefault() ?? "BTC");
         }
         public void SetDefaultCrypto(string defaultCryptoCurrency)
         {
@@ -278,23 +285,9 @@ namespace BTCPayServer.Data
             set;
         }
 
-        public void SetRateMultiplier(double rate)
-        {
-            RateRules = new List<RateRule_Obsolete>();
-            RateRules.Add(new RateRule_Obsolete() { Multiplier = rate });
-        }
-        public decimal GetRateMultiplier()
-        {
-            decimal rate = 1.0m;
-            if (RateRules == null || RateRules.Count == 0)
-                return rate;
-            foreach (var rule in RateRules)
-            {
-                rate = rule.Apply(null, rate);
-            }
-            return rate;
-        }
+        public decimal Spread { get; set; } = 0.0m;
 
+        [Obsolete]
         public List<RateRule_Obsolete> RateRules { get; set; } = new List<RateRule_Obsolete>();
         public string PreferredExchange { get; set; }
 
@@ -313,6 +306,8 @@ namespace BTCPayServer.Data
 
         public string RateScript { get; set; }
 
+        public bool AnyoneCanInvoice { get; set; }
+
 
         string _LightningDescriptionTemplate;
         public string LightningDescriptionTemplate
@@ -333,15 +328,15 @@ namespace BTCPayServer.Data
 
         public BTCPayServer.Rating.RateRules GetRateRules(BTCPayNetworkProvider networkProvider)
         {
-            if (!RateScripting || 
-                string.IsNullOrEmpty(RateScript) || 
+            if (!RateScripting ||
+                string.IsNullOrEmpty(RateScript) ||
                 !BTCPayServer.Rating.RateRules.TryParse(RateScript, out var rules))
             {
                 return GetDefaultRateRules(networkProvider);
             }
             else
             {
-                rules.GlobalMultiplier = GetRateMultiplier();
+                rules.Spread = Spread;
                 return rules;
             }
         }
@@ -367,8 +362,37 @@ namespace BTCPayServer.Data
             builder.AppendLine($"X_X = {preferredExchange}(X_X);");
 
             BTCPayServer.Rating.RateRules.TryParse(builder.ToString(), out var rules);
-            rules.GlobalMultiplier = GetRateMultiplier();
+            rules.Spread = Spread;
             return rules;
         }
+
+        [Obsolete("Use GetExcludedPaymentMethods instead")]
+        public string[] ExcludedPaymentMethods { get; set; }
+
+        public IPaymentFilter GetExcludedPaymentMethods()
+        {
+#pragma warning disable CS0618 // Type or member is obsolete
+            if (ExcludedPaymentMethods == null || ExcludedPaymentMethods.Length == 0)
+                return PaymentFilter.Never();
+            return PaymentFilter.Any(ExcludedPaymentMethods.Select(p => PaymentFilter.WhereIs(PaymentMethodId.Parse(p))).ToArray());
+#pragma warning restore CS0618 // Type or member is obsolete
+        }
+
+        public bool IsExcluded(PaymentMethodId paymentMethodId)
+        {
+            return GetExcludedPaymentMethods().Match(paymentMethodId);
+        }
+
+        public void SetExcluded(PaymentMethodId paymentMethodId, bool value)
+        {
+#pragma warning disable CS0618 // Type or member is obsolete
+            var methods = new HashSet<string>(ExcludedPaymentMethods ?? Array.Empty<string>());
+            if (value)
+                methods.Add(paymentMethodId.ToString());
+            else
+                methods.Remove(paymentMethodId.ToString());
+            ExcludedPaymentMethods = methods.ToArray();
+#pragma warning restore CS0618 // Type or member is obsolete
+        }
     }
 }

BTCPayServer/DerivationSchemeParser.cs

@@ -72,7 +72,7 @@ namespace BTCPayServer
                 }
                 try
                 {
-                    var data = Encoders.Base58Check.DecodeData(parts[i]);
+                    var data = Network.GetBase58CheckEncoder().DecodeData(parts[i]);
                     if (data.Length < 4)
                         continue;
                     var prefix = Utils.ToUInt32(data, false);
@@ -80,7 +80,7 @@ namespace BTCPayServer
                     for (int ii = 0; ii < 4; ii++)
                         data[ii] = standardPrefix[ii];
 
-                    var derivationScheme = new BitcoinExtPubKey(Encoders.Base58Check.EncodeData(data), Network).ToString();
+                    var derivationScheme = new BitcoinExtPubKey(Network.GetBase58CheckEncoder().EncodeData(data), Network).ToString();
                     electrumMapping.TryGetValue(prefix, out string[] labels);
                     if (labels != null)
                     {

BTCPayServer/DerivationStrategy.cs

@@ -32,7 +32,7 @@ namespace BTCPayServer
 
         public BTCPayNetwork Network { get { return this._Network; } }
 
-        public DerivationStrategyBase DerivationStrategyBase { get { return this._DerivationStrategy; } }
+        public DerivationStrategyBase DerivationStrategyBase => this._DerivationStrategy;
 
         public PaymentMethodId PaymentId => new PaymentMethodId(Network.CryptoCode, PaymentTypes.BTCLike);
 

BTCPayServer/Events/InvoiceEvent.cs

@@ -8,24 +8,20 @@ namespace BTCPayServer.Events
 {
     public class InvoiceEvent
     {
-        public InvoiceEvent(InvoiceEntity invoice, int code, string name) : this(invoice.Id, code, name)
+        public InvoiceEvent(Models.InvoiceResponse invoice, int code, string name)
         {
-
-        }
-        public InvoiceEvent(string invoiceId, int code, string name)
-        {
-            InvoiceId = invoiceId;
+            Invoice = invoice;
             EventCode = code;
             Name = name;
         }
 
-        public string InvoiceId { get; set; }
+        public Models.InvoiceResponse Invoice { get; set; }
         public int EventCode { get; set; }
         public string Name { get; set; }
 
         public override string ToString()
         {
-            return $"Invoice {InvoiceId} new event: {Name} ({EventCode})";
+            return $"Invoice {Invoice.Id} new event: {Name} ({EventCode})";
         }
     }
 }

BTCPayServer/Extensions.cs

@@ -31,6 +31,7 @@ using System.Security.Claims;
 using System.Globalization;
 using BTCPayServer.Services;
 using BTCPayServer.Data;
+using Microsoft.EntityFrameworkCore.Infrastructure;
 
 namespace BTCPayServer
 {
@@ -82,6 +83,15 @@ namespace BTCPayServer
             return activeProvider != "Microsoft.EntityFrameworkCore.Sqlite";
         }
 
+        public static bool SupportDropForeignKey(this Microsoft.EntityFrameworkCore.Migrations.Migration migration, string activeProvider)
+        {
+            return activeProvider != "Microsoft.EntityFrameworkCore.Sqlite";
+        }
+        public static bool SupportDropForeignKey(this DatabaseFacade facade)
+        {
+            return facade.ProviderName != "Microsoft.EntityFrameworkCore.Sqlite";
+        }
+
         public static async Task<Dictionary<uint256, TransactionResult>> GetTransactions(this BTCPayWallet client, uint256[] hashes, CancellationToken cts = default(CancellationToken))
         {
             hashes = hashes.Distinct().ToArray();
@@ -98,6 +108,26 @@ namespace BTCPayServer
             return str + "/";
         }
 
+        public static void SetHeaderOnStarting(this HttpResponse resp, string name, string value)
+        {
+            if (resp.HasStarted)
+                return;
+            resp.OnStarting(() =>
+            {
+                SetHeader(resp, name, value);
+                return Task.CompletedTask;
+            });
+        }
+
+        public static void SetHeader(this HttpResponse resp, string name, string value)
+        {
+            var existing = resp.Headers[name].FirstOrDefault();
+            if (existing != null && value == null)
+                resp.Headers.Remove(name);
+            else
+                resp.Headers[name] = value;
+        }
+
         public static string GetAbsoluteRoot(this HttpRequest request)
         {
             return string.Concat(
@@ -107,9 +137,26 @@ namespace BTCPayServer
                         request.PathBase.ToUriComponent());
         }
 
+        public static string GetCurrentUrl(this HttpRequest request)
+        {
+            return string.Concat(
+                        request.Scheme,
+                        "://",
+                        request.Host.ToUriComponent(),
+                        request.PathBase.ToUriComponent(),
+                        request.Path.ToUriComponent());
+        }
+
+        public static string GetCurrentPath(this HttpRequest request)
+        {
+            return string.Concat(
+                        request.PathBase.ToUriComponent(),
+                        request.Path.ToUriComponent());
+        }
+
         public static string GetAbsoluteUri(this HttpRequest request, string redirectUrl)
         {
-            bool isRelative = 
+            bool isRelative =
                 (redirectUrl.Length > 0 && redirectUrl[0] == '/')
                 || !new Uri(redirectUrl, UriKind.RelativeOrAbsolute).IsAbsoluteUri;
             return isRelative ? request.GetAbsoluteRoot() + redirectUrl : redirectUrl;
@@ -141,7 +188,7 @@ namespace BTCPayServer
 
         public static void AddRange<T>(this HashSet<T> hashSet, IEnumerable<T> items)
         {
-            foreach(var item in items)
+            foreach (var item in items)
             {
                 hashSet.Add(item);
             }
@@ -157,6 +204,30 @@ namespace BTCPayServer
             NBitcoin.Extensions.TryAdd(ctx.Items, "BitpayAuth", value);
         }
 
+        public static async Task<T> WithCancellation<T>(this Task<T> task, CancellationToken cancellationToken)
+        {
+            using (var delayCTS = CancellationTokenSource.CreateLinkedTokenSource(cancellationToken))
+            {
+                var waiting = Task.Delay(-1, delayCTS.Token);
+                var doing = task;
+                await Task.WhenAny(waiting, doing);
+                delayCTS.Cancel();
+                cancellationToken.ThrowIfCancellationRequested();
+                return await doing;
+            }
+        }
+        public static async Task WithCancellation(this Task task, CancellationToken cancellationToken)
+        {
+            using (var delayCTS = CancellationTokenSource.CreateLinkedTokenSource(cancellationToken))
+            {
+                var waiting = Task.Delay(-1, delayCTS.Token);
+                var doing = task;
+                await Task.WhenAny(waiting, doing);
+                delayCTS.Cancel();
+                cancellationToken.ThrowIfCancellationRequested();
+            }
+        }
+
         public static (string Signature, String Id, String Authorization) GetBitpayAuth(this HttpContext ctx)
         {
             ctx.Items.TryGetValue("BitpayAuth", out object obj);

BTCPayServer/Filters/ContentSecurityPolicyAttribute.cs

@@ -0,0 +1,106 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using BTCPayServer.Security;
+using Microsoft.AspNetCore.Mvc.Filters;
+
+namespace BTCPayServer.Filters
+{
+    public interface IContentSecurityPolicy : IFilterMetadata { }
+    public class ContentSecurityPolicyAttribute : Attribute, IActionFilter, IContentSecurityPolicy
+    {
+        public void OnActionExecuted(ActionExecutedContext context)
+        {
+
+        }
+
+        public bool AutoSelf { get; set; } = true;
+        public bool UnsafeInline { get; set; } = true;
+        public bool FixWebsocket { get; set; } = true;
+        public string FontSrc { get; set; } = null;
+        public string ImgSrc { get; set; } = null;
+        public string DefaultSrc { get; set; }
+        public string StyleSrc { get; set; }
+        public string ScriptSrc { get; set; }
+
+        public void OnActionExecuting(ActionExecutingContext context)
+        {
+            if (context.IsEffectivePolicy<IContentSecurityPolicy>(this))
+            {
+                var policies = context.HttpContext.RequestServices.GetService(typeof(ContentSecurityPolicies)) as ContentSecurityPolicies;
+                if (policies == null)
+                    return;
+                if (DefaultSrc != null)
+                {
+                    policies.Add(new ConsentSecurityPolicy("default-src", DefaultSrc));
+                }
+                if (UnsafeInline)
+                {
+                    policies.Add(new ConsentSecurityPolicy("script-src", "'unsafe-inline'"));
+                }
+                if (!string.IsNullOrEmpty(FontSrc))
+                {
+                    policies.Add(new ConsentSecurityPolicy("font-src", FontSrc));
+                }
+
+                if (!string.IsNullOrEmpty(ImgSrc))
+                {
+                    policies.Add(new ConsentSecurityPolicy("img-src", ImgSrc));
+                }
+
+                if (!string.IsNullOrEmpty(StyleSrc))
+                {
+                    policies.Add(new ConsentSecurityPolicy("style-src", StyleSrc));
+                }
+
+                if (!string.IsNullOrEmpty(ScriptSrc))
+                {
+                    policies.Add(new ConsentSecurityPolicy("script-src", ScriptSrc));
+                }
+
+                if (FixWebsocket && AutoSelf) // Self does not match wss:// and ws:// :(
+                {
+                    var request = context.HttpContext.Request;
+
+                    var url = string.Concat(
+                            request.Scheme.Equals("http", StringComparison.OrdinalIgnoreCase) ? "ws" : "wss",
+                            "://",
+                            request.Host.ToUriComponent(),
+                            request.PathBase.ToUriComponent());
+                    policies.Add(new ConsentSecurityPolicy("connect-src", url));
+                }
+
+                context.HttpContext.Response.OnStarting(() =>
+                {
+                    if (!policies.HasRules)
+                        return Task.CompletedTask;
+                    if (AutoSelf)
+                    {
+                        bool hasSelf = false;
+                        foreach (var group in policies.Rules.GroupBy(p => p.Name))
+                        {
+                            hasSelf = group.Any(g => g.Value.Contains("'self'", StringComparison.OrdinalIgnoreCase));
+                            if (!hasSelf && !group.Any(g => g.Value.Contains("'none'", StringComparison.OrdinalIgnoreCase) ||
+                                               g.Value.Contains("*", StringComparison.OrdinalIgnoreCase)))
+                            {
+                                policies.Add(new ConsentSecurityPolicy(group.Key, "'self'"));
+                                hasSelf = true;
+                            }
+                            if (hasSelf)
+                            {
+                                foreach (var authorized in policies.Authorized)
+                                {
+                                    policies.Add(new ConsentSecurityPolicy(group.Key, authorized));
+                                }
+                            }
+                        }
+                    }
+                    context.HttpContext.Response.SetHeader("Content-Security-Policy", policies.ToString());
+                    return Task.CompletedTask;
+                });
+            }
+        }
+    }
+}

BTCPayServer/Filters/OnlyMediaTypeAttribute.cs

@@ -28,6 +28,28 @@ namespace BTCPayServer.Filters
         }
     }
 
+    public class MediaTypeAcceptConstraintAttribute : Attribute, IActionConstraint
+    {
+        public MediaTypeAcceptConstraintAttribute(string mediaType)
+        {
+            MediaType = mediaType ?? throw new ArgumentNullException(nameof(mediaType));
+        }
+
+        public string MediaType
+        {
+            get; set;
+        }
+
+        public int Order => 100;
+
+        public bool Accept(ActionConstraintContext context)
+        {
+            if (!context.RouteContext.HttpContext.Request.Headers.ContainsKey("Accept"))
+                return false;
+            return context.RouteContext.HttpContext.Request.Headers["Accept"].ToString().StartsWith(MediaType, StringComparison.Ordinal);
+        }
+    }
+
     public class BitpayAPIConstraintAttribute : Attribute, IActionConstraint
     {
         public BitpayAPIConstraintAttribute(bool isBitpayAPI = true)

BTCPayServer/Filters/ReferrerPolicyAttribute.cs

@@ -0,0 +1,30 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Mvc.Filters;
+
+namespace BTCPayServer.Filters
+{
+    public interface IReferrerPolicy : IFilterMetadata { }
+    public class ReferrerPolicyAttribute : Attribute, IActionFilter
+    {
+        public ReferrerPolicyAttribute(string value)
+        {
+            Value = value;
+        }
+        public string Value { get; set; }
+        public void OnActionExecuted(ActionExecutedContext context)
+        {
+
+        }
+
+        public void OnActionExecuting(ActionExecutingContext context)
+        {
+            if (context.IsEffectivePolicy<ReferrerPolicyAttribute>(this))
+            {
+                context.HttpContext.Response.SetHeaderOnStarting("Referrer-Policy", Value);
+            }
+        }
+    }
+}

BTCPayServer/Filters/XContentTypeOptionsAttribute.cs

@@ -0,0 +1,25 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Mvc.Filters;
+
+namespace BTCPayServer.Filters
+{
+    public class XContentTypeOptionsAttribute : Attribute, IActionFilter
+    {
+        public XContentTypeOptionsAttribute(string value)
+        {
+            Value = value;
+        }
+        public void OnActionExecuted(ActionExecutedContext context)
+        {
+        }
+
+        public string Value { get; set; }
+        public void OnActionExecuting(ActionExecutingContext context)
+        {
+            context.HttpContext.Response.SetHeaderOnStarting("X-Content-Type-Options", Value);
+        }
+    }
+}

BTCPayServer/Filters/XFrameOptionsAttribute.cs

@@ -23,11 +23,10 @@ namespace BTCPayServer.Filters
 
         public void OnActionExecuting(ActionExecutingContext context)
         {
-            var existing = context.HttpContext.Response.Headers["x-frame-options"].FirstOrDefault();
-            if (existing != null && Value == null)
-                context.HttpContext.Response.Headers.Remove("x-frame-options");
-            else
-                context.HttpContext.Response.Headers["x-frame-options"] = Value;
+            if (context.IsEffectivePolicy<XFrameOptionsAttribute>(this))
+            {
+                context.HttpContext.Response.SetHeaderOnStarting("X-Frame-Options", Value);
+            }
         }
     }
 }

BTCPayServer/Filters/XXSSProtectionAttribute.cs

@@ -0,0 +1,23 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Mvc.Filters;
+using Microsoft.AspNetCore.Mvc.ViewFeatures;
+using Microsoft.AspNetCore.Mvc.ViewFeatures.Internal;
+
+namespace BTCPayServer.Filters
+{
+    public class XXSSProtectionAttribute : Attribute, IActionFilter
+    {
+        public void OnActionExecuted(ActionExecutedContext context)
+        {
+        }
+
+        public void OnActionExecuting(ActionExecutingContext context)
+        {
+            context.HttpContext.Response.SetHeaderOnStarting("X-XSS-Protection", "1; mode=block");
+        }
+        
+    }
+}

BTCPayServer/HostedServices/CheckConfigurationHostedService.cs

@@ -0,0 +1,76 @@
+using System;
+using Microsoft.Extensions.Logging;
+using Microsoft.EntityFrameworkCore;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Data;
+using BTCPayServer.Services;
+using Microsoft.Extensions.Hosting;
+using System.Threading;
+using BTCPayServer.Configuration;
+using BTCPayServer.Logging;
+using NBitcoin.DataEncoders;
+
+namespace BTCPayServer.HostedServices
+{
+    public class CheckConfigurationHostedService : IHostedService
+    {
+        private readonly BTCPayServerOptions _options;
+
+        public CheckConfigurationHostedService(BTCPayServerOptions options)
+        {
+            _options = options;
+        }
+
+        public Task StartAsync(CancellationToken cancellationToken)
+        {
+            new Thread(() =>
+            {
+                if (_options.SSHSettings != null)
+                {
+                    Logs.Configuration.LogInformation($"SSH settings detected, testing connection to {_options.SSHSettings.Username}@{_options.SSHSettings.Server} on port {_options.SSHSettings.Port} ...");
+                    var connection = new Renci.SshNet.SshClient(_options.SSHSettings.CreateConnectionInfo());
+                    connection.HostKeyReceived += (object sender, Renci.SshNet.Common.HostKeyEventArgs e) =>
+                    {
+                        e.CanTrust = true;
+                        if (!_options.IsTrustedFingerprint(e.FingerPrint, e.HostKey))
+                        {
+                            Logs.Configuration.LogWarning($"SSH host fingerprint for {e.HostKeyName} is untrusted, start BTCPay with -sshtrustedfingerprints \"{Encoders.Hex.EncodeData(e.FingerPrint)}\"");
+                        }
+                    };
+                    try
+                    {
+                        connection.Connect();
+                        connection.Disconnect();
+                        Logs.Configuration.LogInformation($"SSH connection succeeded");
+                    }
+                    catch (Renci.SshNet.Common.SshAuthenticationException)
+                    {
+                        Logs.Configuration.LogWarning($"SSH invalid credentials");
+                    }
+                    catch (Exception ex)
+                    {
+                        var message = ex.Message;
+                        if (ex is AggregateException aggrEx && aggrEx.InnerException?.Message != null)
+                        {
+                            message = aggrEx.InnerException.Message;
+                        }
+                        Logs.Configuration.LogWarning($"SSH connection issue: {message}");
+                    }
+                    finally
+                    {
+                        connection.Dispose();
+                    }
+                }
+            })
+            { IsBackground = true }.Start();
+            return Task.CompletedTask;
+        }
+
+        public Task StopAsync(CancellationToken cancellationToken)
+        {
+            return Task.CompletedTask;
+        }
+    }
+}

BTCPayServer/HostedServices/CssThemeManager.cs

@@ -11,6 +11,8 @@ using NBXplorer.Models;
 using System.Collections.Concurrent;
 using BTCPayServer.Events;
 using BTCPayServer.Services;
+using Microsoft.AspNetCore.Mvc.Filters;
+using BTCPayServer.Security;
 
 namespace BTCPayServer.HostedServices
 {
@@ -50,6 +52,33 @@ namespace BTCPayServer.HostedServices
         }
     }
 
+    public class ContentSecurityPolicyCssThemeManager : Attribute, IActionFilter, IOrderedFilter
+    {
+        public int Order => 1001;
+
+        public void OnActionExecuted(ActionExecutedContext context)
+        {
+            
+        }
+
+        public void OnActionExecuting(ActionExecutingContext context)
+        {
+            var manager = context.HttpContext.RequestServices.GetService(typeof(CssThemeManager)) as CssThemeManager;
+            var policies = context.HttpContext.RequestServices.GetService(typeof(ContentSecurityPolicies)) as ContentSecurityPolicies;
+            if (manager != null && policies != null)
+            {
+                if(manager.CreativeStartUri != null && Uri.TryCreate(manager.CreativeStartUri, UriKind.Absolute, out var uri))
+                {
+                    policies.Clear();
+                }
+                if (manager.BootstrapUri != null && Uri.TryCreate(manager.BootstrapUri, UriKind.Absolute, out uri))
+                {
+                    policies.Clear();
+                }
+            }
+        }
+    }
+
     public class CssThemeManagerHostedService : BaseAsyncService
     {
         private SettingsRepository _SettingsRepository;

BTCPayServer/HostedServices/InvoiceNotificationManager.cs

@@ -202,7 +202,8 @@ namespace BTCPayServer.HostedServices
                 PaymentSubtotals = dto.PaymentSubtotals,
                 PaymentTotals = dto.PaymentTotals,
                 AmountPaid = dto.AmountPaid,
-                ExchangeRates = dto.ExchangeRates
+                ExchangeRates = dto.ExchangeRates,
+                
             };
 
             // We keep backward compatibility with bitpay by passing BTC info to the notification
@@ -308,7 +309,9 @@ namespace BTCPayServer.HostedServices
         {
             leases.Add(_EventAggregator.Subscribe<InvoiceEvent>(async e =>
             {
-                var invoice = await _InvoiceRepository.GetInvoice(null, e.InvoiceId);
+                var invoice = await _InvoiceRepository.GetInvoice(null, e.Invoice.Id);
+                if (invoice == null)
+                    return;
                 List<Task> tasks = new List<Task>();
 
                 // Awaiting this later help make sure invoices should arrive in order

BTCPayServer/HostedServices/InvoiceWatcher.cs

@@ -66,10 +66,10 @@ namespace BTCPayServer.HostedServices
                 context.MarkDirty();
                 await _InvoiceRepository.UnaffectAddress(invoice.Id);
 
-                context.Events.Add(new InvoiceEvent(invoice, 1004, "invoice_expired"));
+                context.Events.Add(new InvoiceEvent(invoice.EntityToDTO(_NetworkProvider), 1004, "invoice_expired"));
                 invoice.Status = "expired";
                 if(invoice.ExceptionStatus == "paidPartial")
-                    context.Events.Add(new InvoiceEvent(invoice, 2000, "invoice_expiredPaidPartial"));
+                    context.Events.Add(new InvoiceEvent(invoice.EntityToDTO(_NetworkProvider), 2000, "invoice_expiredPaidPartial"));
             }
 
             var payments = invoice.GetPayments().Where(p => p.Accounted).ToArray();
@@ -84,7 +84,7 @@ namespace BTCPayServer.HostedServices
                 {
                     if (invoice.Status == "new")
                     {
-                        context.Events.Add(new InvoiceEvent(invoice, 1003, "invoice_paidInFull"));
+                        context.Events.Add(new InvoiceEvent(invoice.EntityToDTO(_NetworkProvider), 1003, "invoice_paidInFull"));
                         invoice.Status = "paid";
                         invoice.ExceptionStatus = accounting.Paid > accounting.TotalDue ? "paidOver" : null;
                         await _InvoiceRepository.UnaffectAddress(invoice.Id);
@@ -93,7 +93,7 @@ namespace BTCPayServer.HostedServices
                     else if (invoice.Status == "expired" && invoice.ExceptionStatus != "paidLate")
                     {
                         invoice.ExceptionStatus = "paidLate";
-                        context.Events.Add(new InvoiceEvent(invoice, 1009, "invoice_paidAfterExpiration"));
+                        context.Events.Add(new InvoiceEvent(invoice.EntityToDTO(_NetworkProvider), 1009, "invoice_paidAfterExpiration"));
                         context.MarkDirty();
                     }
                 }
@@ -139,14 +139,14 @@ namespace BTCPayServer.HostedServices
                    (confirmedAccounting.Paid < accounting.MinimumTotalDue))
                 {
                     await _InvoiceRepository.UnaffectAddress(invoice.Id);
-                    context.Events.Add(new InvoiceEvent(invoice, 1013, "invoice_failedToConfirm"));
+                    context.Events.Add(new InvoiceEvent(invoice.EntityToDTO(_NetworkProvider), 1013, "invoice_failedToConfirm"));
                     invoice.Status = "invalid";
                     context.MarkDirty();
                 }
                 else if (confirmedAccounting.Paid >= accounting.MinimumTotalDue)
                 {
                     await _InvoiceRepository.UnaffectAddress(invoice.Id);
-                    context.Events.Add(new InvoiceEvent(invoice, 1005, "invoice_confirmed"));
+                    context.Events.Add(new InvoiceEvent(invoice.EntityToDTO(_NetworkProvider), 1005, "invoice_confirmed"));
                     invoice.Status = "confirmed";
                     context.MarkDirty();
                 }
@@ -157,7 +157,7 @@ namespace BTCPayServer.HostedServices
                 var completedAccounting = paymentMethod.Calculate(p => p.GetCryptoPaymentData().PaymentCompleted(p, network));
                 if (completedAccounting.Paid >= accounting.MinimumTotalDue)
                 {
-                    context.Events.Add(new InvoiceEvent(invoice, 1006, "invoice_completed"));
+                    context.Events.Add(new InvoiceEvent(invoice.EntityToDTO(_NetworkProvider), 1006, "invoice_completed"));
                     invoice.Status = "complete";
                     context.MarkDirty();
                 }
@@ -249,13 +249,13 @@ namespace BTCPayServer.HostedServices
             {
                 if (b.Name == "invoice_created")
                 {
-                    Watch(b.InvoiceId);
-                    await Wait(b.InvoiceId);
+                    Watch(b.Invoice.Id);
+                    await Wait(b.Invoice.Id);
                 }
 
                 if (b.Name == "invoice_receivedPayment")
                 {
-                    Watch(b.InvoiceId);
+                    Watch(b.Invoice.Id);
                 }
             }));
             return Task.CompletedTask;

BTCPayServer/HostedServices/MigratorHostedService.cs

@@ -0,0 +1,120 @@
+using System;
+using Microsoft.Extensions.Logging;
+using Microsoft.EntityFrameworkCore;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Data;
+using BTCPayServer.Services;
+using BTCPayServer.Services.Stores;
+using BTCPayServer.Logging;
+
+namespace BTCPayServer.HostedServices
+{
+    public class MigratorHostedService : BaseAsyncService
+    {
+        private ApplicationDbContextFactory _DBContextFactory;
+        private StoreRepository _StoreRepository;
+        private BTCPayNetworkProvider _NetworkProvider;
+        private SettingsRepository _Settings;
+        public MigratorHostedService(
+            BTCPayNetworkProvider networkProvider,
+            StoreRepository storeRepository,
+            ApplicationDbContextFactory dbContextFactory,
+            SettingsRepository settingsRepository)
+        {
+            _DBContextFactory = dbContextFactory;
+            _StoreRepository = storeRepository;
+            _NetworkProvider = networkProvider;
+            _Settings = settingsRepository;
+        }
+        internal override Task[] InitializeTasks()
+        {
+            return new[]
+            {
+                Update()
+            };
+        }
+
+        private async Task Update()
+        {
+            try
+            {
+                var settings = (await _Settings.GetSettingAsync<MigrationSettings>()) ?? new MigrationSettings();
+                if (!settings.DeprecatedLightningConnectionStringCheck)
+                {
+                    await DeprecatedLightningConnectionStringCheck();
+                    settings.DeprecatedLightningConnectionStringCheck = true;
+                    await _Settings.UpdateSetting(settings);
+                }
+                if (!settings.UnreachableStoreCheck)
+                {
+                    await UnreachableStoreCheck();
+                    settings.UnreachableStoreCheck = true;
+                    await _Settings.UpdateSetting(settings);
+                }
+                if (!settings.ConvertMultiplierToSpread)
+                {
+                    await ConvertMultiplierToSpread();
+                    settings.ConvertMultiplierToSpread = true;
+                    await _Settings.UpdateSetting(settings);
+                }
+            }
+            catch (Exception ex)
+            {
+                Logs.PayServer.LogError(ex, "Error on the MigratorHostedService");
+                throw;
+            }
+        }
+
+        private async Task ConvertMultiplierToSpread()
+        {
+            using (var ctx = _DBContextFactory.CreateContext())
+            {
+                foreach (var store in await ctx.Stores.ToArrayAsync())
+                {
+                    var blob = store.GetStoreBlob();
+#pragma warning disable CS0612 // Type or member is obsolete
+                    decimal multiplier = 1.0m;
+                    if (blob.RateRules != null && blob.RateRules.Count != 0)
+                    {
+                        foreach (var rule in blob.RateRules)
+                        {
+                            multiplier = rule.Apply(null, multiplier);
+                        }
+                    }
+                    blob.RateRules = null;
+                    blob.Spread = Math.Min(1.0m, Math.Max(0m, -(multiplier - 1.0m)));
+                    store.SetStoreBlob(blob);
+#pragma warning restore CS0612 // Type or member is obsolete
+                }
+                await ctx.SaveChangesAsync();
+            }
+        }
+
+        private Task UnreachableStoreCheck()
+        {
+            return _StoreRepository.CleanUnreachableStores();
+        }
+
+        private async Task DeprecatedLightningConnectionStringCheck()
+        {
+            using (var ctx = _DBContextFactory.CreateContext())
+            {
+                foreach (var store in await ctx.Stores.ToArrayAsync())
+                {
+                    foreach (var method in store.GetSupportedPaymentMethods(_NetworkProvider).OfType<Payments.Lightning.LightningSupportedPaymentMethod>())
+                    {
+                        var lightning = method.GetLightningUrl();
+                        if (lightning.IsLegacy)
+                        {
+                            method.SetLightningUrl(lightning);
+                            store.SetSupportedPaymentMethod(method.PaymentId, method);
+                        }
+                    }
+                }
+                await ctx.SaveChangesAsync();
+            }
+        }
+    }
+}

BTCPayServer/HostedServices/RatesHostedService.cs

@@ -18,9 +18,9 @@ namespace BTCPayServer.HostedServices
     {
         private SettingsRepository _SettingsRepository;
         private CoinAverageSettings _coinAverageSettings;
-        BTCPayRateProviderFactory _RateProviderFactory;
+        RateProviderFactory _RateProviderFactory;
         public RatesHostedService(SettingsRepository repo,
-                                  BTCPayRateProviderFactory rateProviderFactory,
+                                  RateProviderFactory rateProviderFactory,
                                   CoinAverageSettings coinAverageSettings)
         {
             this._SettingsRepository = repo;
@@ -33,16 +33,41 @@ namespace BTCPayServer.HostedServices
             return new[]
             {
                 CreateLoopTask(RefreshCoinAverageSupportedExchanges),
-                CreateLoopTask(RefreshCoinAverageSettings)
+                CreateLoopTask(RefreshCoinAverageSettings),
+                CreateLoopTask(RefreshRates)
             };
         }
+        async Task RefreshRates()
+        {
+
+            using (var timeout = CancellationTokenSource.CreateLinkedTokenSource(Cancellation))
+            {
+                timeout.CancelAfter(TimeSpan.FromSeconds(20.0));
+                try
+                {
+                    await Task.WhenAll(_RateProviderFactory.Providers
+                                    .Select(p => (Fetcher: p.Value as BackgroundFetcherRateProvider, ExchangeName: p.Key)).Where(p => p.Fetcher != null)
+                                    .Select(p => p.Fetcher.UpdateIfNecessary().ContinueWith(t =>
+                                    {
+                                        if (t.Result.Exception != null)
+                                        {
+                                            Logs.PayServer.LogWarning($"Error while contacting {p.ExchangeName}: {t.Result.Exception.Message}");
+                                        }
+                                    }, TaskScheduler.Default))
+                                    .ToArray()).WithCancellation(timeout.Token);
+                }
+                catch (OperationCanceledException) when (timeout.IsCancellationRequested)
+                {
+                }
+            }
+            await Task.Delay(TimeSpan.FromSeconds(30), Cancellation);
+        }
 
         async Task RefreshCoinAverageSupportedExchanges()
         {
-            await new SynchronizationContextRemover();
             var tickers = await new CoinAverageRateProvider() { Authenticator = _coinAverageSettings }.GetExchangeTickersAsync();
             var exchanges = new CoinAverageExchanges();
-            foreach(var item in tickers
+            foreach (var item in tickers
                 .Exchanges
                 .Select(c => new CoinAverageExchange(c.Name, c.DisplayName)))
             {
@@ -54,7 +79,6 @@ namespace BTCPayServer.HostedServices
 
         async Task RefreshCoinAverageSettings()
         {
-            await new SynchronizationContextRemover();
             var rates = (await _SettingsRepository.GetSettingAsync<RatesSetting>()) ?? new RatesSetting();
             _RateProviderFactory.CacheSpan = TimeSpan.FromMinutes(rates.CacheInMinutes);
             if (!string.IsNullOrWhiteSpace(rates.PrivateKey) && !string.IsNullOrWhiteSpace(rates.PublicKey))

BTCPayServer/Hosting/BTCPayServerServices.cs

@@ -39,6 +39,9 @@ using BTCPayServer.HostedServices;
 using Meziantou.AspNetCore.BundleTagHelpers;
 using System.Security.Claims;
 using BTCPayServer.Security;
+using Microsoft.AspNetCore.Mvc.ModelBinding;
+using NBXplorer.DerivationStrategy;
+using NicolasDorier.RateLimits;
 
 namespace BTCPayServer.Hosting
 {
@@ -51,6 +54,7 @@ namespace BTCPayServer.Hosting
                 var factory = provider.GetRequiredService<ApplicationDbContextFactory>();
                 factory.ConfigureBuilder(o);
             });
+            services.AddHttpClient();
             services.TryAddSingleton<SettingsRepository>();
             services.TryAddSingleton<InvoicePaymentNotification>();
             services.TryAddSingleton<BTCPayServerOptions>(o => o.GetRequiredService<IOptions<BTCPayServerOptions>>().Value);
@@ -84,7 +88,6 @@ namespace BTCPayServer.Hosting
                 }
                 return dbContext;
             });
-            services.TryAddSingleton<Payments.Lightning.LightningClientFactory>();
 
             services.TryAddSingleton<BTCPayNetworkProvider>(o => 
             {
@@ -92,6 +95,9 @@ namespace BTCPayServer.Hosting
                 return opts.NetworkProvider;
             });
 
+            services.TryAddSingleton<AppsHelper>();
+
+            services.TryAddSingleton<LightningConfigurationProvider>();
             services.TryAddSingleton<LanguageService>();
             services.TryAddSingleton<NBXplorerDashboard>();
             services.TryAddSingleton<StoreRepository>();
@@ -104,11 +110,19 @@ namespace BTCPayServer.Hosting
             });
 
             services.AddSingleton<CssThemeManager>();
+            services.Configure<MvcOptions>((o) => {
+                o.Filters.Add(new ContentSecurityPolicyCssThemeManager());
+                o.ModelMetadataDetailsProviders.Add(new SuppressChildValidationMetadataProvider(typeof(WalletId)));
+                o.ModelMetadataDetailsProviders.Add(new SuppressChildValidationMetadataProvider(typeof(DerivationStrategyBase)));
+            });
             services.AddSingleton<IHostedService, CssThemeManagerHostedService>();
+            services.AddSingleton<IHostedService, MigratorHostedService>();
 
             services.AddSingleton<Payments.IPaymentMethodHandler<DerivationStrategy>, Payments.Bitcoin.BitcoinLikePaymentHandler>();
             services.AddSingleton<IHostedService, Payments.Bitcoin.NBXplorerListener>();
 
+            services.AddSingleton<IHostedService, HostedServices.CheckConfigurationHostedService>();
+
             services.AddSingleton<Payments.IPaymentMethodHandler<Payments.Lightning.LightningSupportedPaymentMethod>, Payments.Lightning.LightningLikePaymentHandler>();
             services.AddSingleton<IHostedService, Payments.Lightning.LightningListener>();
 
@@ -126,7 +140,8 @@ namespace BTCPayServer.Hosting
                 else
                     return new Bitpay(new Key(), new Uri("https://test.bitpay.com/"));
             });
-            services.TryAddSingleton<BTCPayRateProviderFactory>();
+            services.TryAddSingleton<RateProviderFactory>();
+            services.TryAddSingleton<RateFetcher>();
 
             services.TryAddScoped<IHttpContextAccessor, HttpContextAccessor>();
             services.AddTransient<AccessTokenController>();
@@ -143,11 +158,19 @@ namespace BTCPayServer.Hosting
             {
                 var opts = provider.GetRequiredService<BTCPayServerOptions>();
                 var bundle = new BundleOptions();
-                bundle.UseMinifiedFiles = opts.BundleJsCss;
+                bundle.UseBundles = opts.BundleJsCss;
                 bundle.AppendVersion = true;
                 return bundle;
             });
 
+            services.AddCors(options=> 
+            {
+                options.AddPolicy(CorsPolicies.All, p=>p.AllowAnyHeader().AllowAnyMethod().AllowAnyOrigin());
+            });
+
+            var rateLimits = new RateLimitService();
+            rateLimits.SetZone($"zone={ZoneLimits.Login} rate=5r/min burst=3 nodelay");
+            services.AddSingleton(rateLimits);
             return services;
         }
 

BTCPayServer/Hosting/BTCpayMiddleware.cs

@@ -100,12 +100,12 @@ namespace BTCPayServer.Hosting
                 (isJson || httpContext.Request.Query.ContainsKey("token")))
                 return true;
 
-            if (path.Equals("/rates", StringComparison.OrdinalIgnoreCase) &&
+            if (path.StartsWith("/rates", StringComparison.OrdinalIgnoreCase) &&
                 httpContext.Request.Method == "GET")
                 return true;
 
             if (
-                path.Equals("/tokens", StringComparison.Ordinal) && 
+                path.Equals("/tokens", StringComparison.Ordinal) &&
                 ( httpContext.Request.Method == "GET" || httpContext.Request.Method == "POST"))
                 return true;
 
@@ -140,13 +140,9 @@ namespace BTCPayServer.Hosting
                 if (reverseProxyScheme != null && _Options.ExternalUrl.Scheme != reverseProxyScheme)
                 {
                     if (reverseProxyScheme == "http" && _Options.ExternalUrl.Scheme == "https")
-                        Logs.PayServer.LogWarning($"BTCPay ExternalUrl setting expected to use scheme '{_Options.ExternalUrl.Scheme}' externally, but the reverse proxy uses scheme '{reverseProxyScheme}'");
-                    httpContext.Request.Scheme = reverseProxyScheme;
-                }
-                else
-                {
-                    httpContext.Request.Scheme = _Options.ExternalUrl.Scheme;
+                        Logs.PayServer.LogWarning($"BTCPay ExternalUrl setting expected to use scheme '{_Options.ExternalUrl.Scheme}' externally, but the reverse proxy uses scheme '{reverseProxyScheme}' (X-Forwarded-Port), forcing ExternalUrl");
                 }
+                httpContext.Request.Scheme = _Options.ExternalUrl.Scheme;
                 if (_Options.ExternalUrl.IsDefaultPort)
                     httpContext.Request.Host = new HostString(_Options.ExternalUrl.Host);
                 else

BTCPayServer/Hosting/Startup.cs

@@ -39,6 +39,7 @@ using Microsoft.AspNetCore.Mvc.Cors.Internal;
 using Microsoft.AspNetCore.Server.Kestrel.Core;
 using System.Net;
 using Meziantou.AspNetCore.BundleTagHelpers;
+using BTCPayServer.Security;
 
 namespace BTCPayServer.Hosting
 {
@@ -79,8 +80,19 @@ namespace BTCPayServer.Hosting
             services.AddMvc(o =>
             {
                 o.Filters.Add(new XFrameOptionsAttribute("DENY"));
+                o.Filters.Add(new XContentTypeOptionsAttribute("nosniff"));
+                o.Filters.Add(new XXSSProtectionAttribute());
+                o.Filters.Add(new ReferrerPolicyAttribute("same-origin"));
+                //o.Filters.Add(new ContentSecurityPolicyAttribute()
+                //{
+                //    FontSrc = "'self' https://fonts.gstatic.com/",
+                //    ImgSrc = "'self' data:",
+                //    DefaultSrc = "'none'",
+                //    StyleSrc = "'self' 'unsafe-inline'",
+                //    ScriptSrc = "'self' 'unsafe-inline'"
+                //});
             });
-
+            services.TryAddScoped<ContentSecurityPolicies>();
             services.Configure<IdentityOptions>(options =>
             {
                 options.Password.RequireDigit = false;
@@ -88,6 +100,9 @@ namespace BTCPayServer.Hosting
                 options.Password.RequireLowercase = false;
                 options.Password.RequireNonAlphanumeric = false;
                 options.Password.RequireUppercase = false;
+                options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(5);
+                options.Lockout.MaxFailedAccessAttempts = 5;
+                options.Lockout.AllowedForNewUsers = true;
             });
 
             services.AddHangfire((o) =>
@@ -143,6 +158,7 @@ namespace BTCPayServer.Hosting
                 app.UseDeveloperExceptionPage();
             }
 
+            app.UseCors();
             app.UsePayServer();
             app.UseStaticFiles();
             app.UseAuthentication();
@@ -153,6 +169,7 @@ namespace BTCPayServer.Hosting
                 Authorization = new[] { new NeedRole(Roles.ServerAdmin) }
             });
             app.UseWebSockets();
+            app.UseStatusCodePages();
             app.UseMvc(routes =>
             {
                 routes.MapRoute(

BTCPayServer/JsonConverters/LightMoneyJsonConverter.cs

@@ -1,43 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Newtonsoft.Json;
-using System.Reflection;
-using BTCPayServer.Payments.Lightning;
-using NBitcoin.JsonConverters;
-using System.Globalization;
-
-namespace BTCPayServer.JsonConverters
-{
-    public class LightMoneyJsonConverter : JsonConverter
-    {
-        public override bool CanConvert(Type objectType)
-        {
-            return typeof(LightMoneyJsonConverter).GetTypeInfo().IsAssignableFrom(objectType.GetTypeInfo());
-        }
-
-        Type longType = typeof(long).GetTypeInfo();
-        public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
-        {
-            try
-            {
-                return reader.TokenType == JsonToken.Null ? null :
-                    reader.TokenType == JsonToken.Integer ?
-                                                longType.IsAssignableFrom(reader.ValueType) ? new LightMoney((long)reader.Value)
-                                                                                            : new LightMoney(long.MaxValue) :
-                    reader.TokenType == JsonToken.String ? new LightMoney(long.Parse((string)reader.Value, CultureInfo.InvariantCulture)) 
-                    : null;
-            }
-            catch (InvalidCastException)
-            {
-                throw new JsonObjectException("Money amount should be in millisatoshi", reader);
-            }
-        }
-
-        public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer)
-        {
-            writer.WriteValue(((LightMoney)value).MilliSatoshi);
-        }
-    }
-}

BTCPayServer/Logging/InvoiceLog.cs

@@ -0,0 +1,37 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Logging
+{
+    public class InvoiceLog
+    {
+        public DateTimeOffset Timestamp { get; set; }
+        public string Log { get; set; }
+
+        public override string ToString()
+        {
+            return $"{Timestamp.UtcDateTime}: {Log}";
+        }
+    }
+    public class InvoiceLogs
+    {
+        List<InvoiceLog> _InvoiceLogs = new List<InvoiceLog>();
+        public void Write(string data)
+        {
+            lock (_InvoiceLogs)
+            {
+                _InvoiceLogs.Add(new InvoiceLog() { Timestamp = DateTimeOffset.UtcNow, Log = data });
+            }
+        }
+
+        public List<InvoiceLog> ToList()
+        {
+            lock (_InvoiceLogs)
+            {
+                return _InvoiceLogs.ToList();
+            }
+        }
+    }
+}

BTCPayServer/Logging/Logs.cs

@@ -15,9 +15,14 @@ namespace BTCPayServer.Logging
         }
         public static void Configure(ILoggerFactory factory)
         {
-            Configuration = factory.CreateLogger("Configuration");
-            PayServer = factory.CreateLogger("PayServer");
-            Events = factory.CreateLogger("Events");
+            if (factory == null)
+                Configure(new FuncLoggerFactory(n => NullLogger.Instance));
+            else
+            {
+                Configuration = factory.CreateLogger("Configuration");
+                PayServer = factory.CreateLogger("PayServer");
+                Events = factory.CreateLogger("Events");
+            }
         }
         public static ILogger Configuration
         {

BTCPayServer/Migrations/20180719095626_CanDeleteStores.Designer.cs

@@ -0,0 +1,578 @@
+// <auto-generated />
+using System;
+using BTCPayServer.Data;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+
+namespace BTCPayServer.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    [Migration("20180719095626_CanDeleteStores")]
+    partial class CanDeleteStores
+    {
+        protected override void BuildTargetModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder
+                .HasAnnotation("ProductVersion", "2.1.0-rtm-30799");
+
+            modelBuilder.Entity("BTCPayServer.Data.AddressInvoiceData", b =>
+                {
+                    b.Property<string>("Address")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<DateTimeOffset?>("CreatedTime");
+
+                    b.Property<string>("InvoiceDataId");
+
+                    b.HasKey("Address");
+
+                    b.HasIndex("InvoiceDataId");
+
+                    b.ToTable("AddressInvoices");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.APIKeyData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd()
+                        .HasMaxLength(50);
+
+                    b.Property<string>("StoreId")
+                        .HasMaxLength(50);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("StoreId");
+
+                    b.ToTable("ApiKeys");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.AppData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("AppType");
+
+                    b.Property<DateTimeOffset>("Created");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Settings");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("StoreDataId");
+
+                    b.ToTable("Apps");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.HistoricalAddressInvoiceData", b =>
+                {
+                    b.Property<string>("InvoiceDataId");
+
+                    b.Property<string>("Address");
+
+                    b.Property<DateTimeOffset>("Assigned");
+
+                    b.Property<string>("CryptoCode");
+
+                    b.Property<DateTimeOffset?>("UnAssigned");
+
+                    b.HasKey("InvoiceDataId", "Address");
+
+                    b.ToTable("HistoricalAddressInvoices");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.InvoiceData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<byte[]>("Blob");
+
+                    b.Property<DateTimeOffset>("Created");
+
+                    b.Property<string>("CustomerEmail");
+
+                    b.Property<string>("ExceptionStatus");
+
+                    b.Property<string>("ItemCode");
+
+                    b.Property<string>("OrderId");
+
+                    b.Property<string>("Status");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("StoreDataId");
+
+                    b.ToTable("Invoices");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.InvoiceEventData", b =>
+                {
+                    b.Property<string>("InvoiceDataId");
+
+                    b.Property<string>("UniqueId");
+
+                    b.Property<string>("Message");
+
+                    b.Property<DateTimeOffset>("Timestamp");
+
+                    b.HasKey("InvoiceDataId", "UniqueId");
+
+                    b.ToTable("InvoiceEvents");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PairedSINData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("Facade");
+
+                    b.Property<string>("Label");
+
+                    b.Property<DateTimeOffset>("PairingTime");
+
+                    b.Property<string>("SIN");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("SIN");
+
+                    b.HasIndex("StoreDataId");
+
+                    b.ToTable("PairedSINData");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PairingCodeData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<DateTime>("DateCreated");
+
+                    b.Property<DateTimeOffset>("Expiration");
+
+                    b.Property<string>("Facade");
+
+                    b.Property<string>("Label");
+
+                    b.Property<string>("SIN");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.Property<string>("TokenValue");
+
+                    b.HasKey("Id");
+
+                    b.ToTable("PairingCodes");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PaymentData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<bool>("Accounted");
+
+                    b.Property<byte[]>("Blob");
+
+                    b.Property<string>("InvoiceDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("InvoiceDataId");
+
+                    b.ToTable("Payments");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PendingInvoiceData", b =>
+                {
+                    b.Property<string>("Id");
+
+                    b.HasKey("Id");
+
+                    b.ToTable("PendingInvoices");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.RefundAddressesData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<byte[]>("Blob");
+
+                    b.Property<string>("InvoiceDataId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("InvoiceDataId");
+
+                    b.ToTable("RefundAddresses");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.SettingData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("Value");
+
+                    b.HasKey("Id");
+
+                    b.ToTable("Settings");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.StoreData", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("DefaultCrypto");
+
+                    b.Property<string>("DerivationStrategies");
+
+                    b.Property<string>("DerivationStrategy");
+
+                    b.Property<int>("SpeedPolicy");
+
+                    b.Property<byte[]>("StoreBlob");
+
+                    b.Property<byte[]>("StoreCertificate");
+
+                    b.Property<string>("StoreName");
+
+                    b.Property<string>("StoreWebsite");
+
+                    b.HasKey("Id");
+
+                    b.ToTable("Stores");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.UserStore", b =>
+                {
+                    b.Property<string>("ApplicationUserId");
+
+                    b.Property<string>("StoreDataId");
+
+                    b.Property<string>("Role");
+
+                    b.HasKey("ApplicationUserId", "StoreDataId");
+
+                    b.HasIndex("StoreDataId");
+
+                    b.ToTable("UserStore");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Models.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<int>("AccessFailedCount");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256);
+
+                    b.Property<bool>("EmailConfirmed");
+
+                    b.Property<bool>("LockoutEnabled");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("PasswordHash");
+
+                    b.Property<string>("PhoneNumber");
+
+                    b.Property<bool>("PhoneNumberConfirmed");
+
+                    b.Property<bool>("RequiresEmailConfirmation");
+
+                    b.Property<string>("SecurityStamp");
+
+                    b.Property<bool>("TwoFactorEnabled");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasName("UserNameIndex");
+
+                    b.ToTable("AspNetUsers");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasName("RoleNameIndex");
+
+                    b.ToTable("AspNetRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("ProviderKey");
+
+                    b.Property<string>("ProviderDisplayName");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("RoleId");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Value");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens");
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.AddressInvoiceData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
+                        .WithMany("AddressInvoices")
+                        .HasForeignKey("InvoiceDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.APIKeyData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany("APIKeys")
+                        .HasForeignKey("StoreId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.AppData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany("Apps")
+                        .HasForeignKey("StoreDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.HistoricalAddressInvoiceData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
+                        .WithMany("HistoricalAddressInvoices")
+                        .HasForeignKey("InvoiceDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.InvoiceData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany("Invoices")
+                        .HasForeignKey("StoreDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.InvoiceEventData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
+                        .WithMany("Events")
+                        .HasForeignKey("InvoiceDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PairedSINData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany("PairedSINs")
+                        .HasForeignKey("StoreDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PaymentData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
+                        .WithMany("Payments")
+                        .HasForeignKey("InvoiceDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PendingInvoiceData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
+                        .WithMany("PendingInvoices")
+                        .HasForeignKey("Id")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.RefundAddressesData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
+                        .WithMany("RefundAddresses")
+                        .HasForeignKey("InvoiceDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.UserStore", b =>
+                {
+                    b.HasOne("BTCPayServer.Models.ApplicationUser", "ApplicationUser")
+                        .WithMany("UserStores")
+                        .HasForeignKey("ApplicationUserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany("UserStores")
+                        .HasForeignKey("StoreDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("BTCPayServer.Models.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("BTCPayServer.Models.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+
+                    b.HasOne("BTCPayServer.Models.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("BTCPayServer.Models.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}

BTCPayServer/Migrations/20180719095626_CanDeleteStores.cs

@@ -0,0 +1,172 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+namespace BTCPayServer.Migrations
+{
+    public partial class CanDeleteStores : Migration
+    {
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            if (this.SupportDropForeignKey(migrationBuilder.ActiveProvider))
+            {
+                migrationBuilder.DropForeignKey(
+                name: "FK_AddressInvoices_Invoices_InvoiceDataId",
+                table: "AddressInvoices");
+
+                migrationBuilder.DropForeignKey(
+                    name: "FK_Apps_Stores_StoreDataId",
+                    table: "Apps");
+
+                migrationBuilder.DropForeignKey(
+                    name: "FK_Invoices_Stores_StoreDataId",
+                    table: "Invoices");
+
+                migrationBuilder.DropForeignKey(
+                    name: "FK_Payments_Invoices_InvoiceDataId",
+                    table: "Payments");
+
+                migrationBuilder.DropForeignKey(
+                    name: "FK_RefundAddresses_Invoices_InvoiceDataId",
+                    table: "RefundAddresses");
+
+                migrationBuilder.AddForeignKey(
+                    name: "FK_AddressInvoices_Invoices_InvoiceDataId",
+                    table: "AddressInvoices",
+                    column: "InvoiceDataId",
+                    principalTable: "Invoices",
+                    principalColumn: "Id",
+                    onDelete: ReferentialAction.Cascade);
+
+                migrationBuilder.AddForeignKey(
+                    name: "FK_ApiKeys_Stores_StoreId",
+                    table: "ApiKeys",
+                    column: "StoreId",
+                    principalTable: "Stores",
+                    principalColumn: "Id",
+                    onDelete: ReferentialAction.Cascade);
+
+                migrationBuilder.AddForeignKey(
+                    name: "FK_Apps_Stores_StoreDataId",
+                    table: "Apps",
+                    column: "StoreDataId",
+                    principalTable: "Stores",
+                    principalColumn: "Id",
+                    onDelete: ReferentialAction.Cascade);
+
+                migrationBuilder.AddForeignKey(
+                    name: "FK_Invoices_Stores_StoreDataId",
+                    table: "Invoices",
+                    column: "StoreDataId",
+                    principalTable: "Stores",
+                    principalColumn: "Id",
+                    onDelete: ReferentialAction.Cascade);
+
+                migrationBuilder.AddForeignKey(
+                    name: "FK_PairedSINData_Stores_StoreDataId",
+                    table: "PairedSINData",
+                    column: "StoreDataId",
+                    principalTable: "Stores",
+                    principalColumn: "Id",
+                    onDelete: ReferentialAction.Cascade);
+
+                migrationBuilder.AddForeignKey(
+                    name: "FK_Payments_Invoices_InvoiceDataId",
+                    table: "Payments",
+                    column: "InvoiceDataId",
+                    principalTable: "Invoices",
+                    principalColumn: "Id",
+                    onDelete: ReferentialAction.Cascade);
+
+                migrationBuilder.AddForeignKey(
+                    name: "FK_PendingInvoices_Invoices_Id",
+                    table: "PendingInvoices",
+                    column: "Id",
+                    principalTable: "Invoices",
+                    principalColumn: "Id",
+                    onDelete: ReferentialAction.Cascade);
+
+                migrationBuilder.AddForeignKey(
+                    name: "FK_RefundAddresses_Invoices_InvoiceDataId",
+                    table: "RefundAddresses",
+                    column: "InvoiceDataId",
+                    principalTable: "Invoices",
+                    principalColumn: "Id",
+                    onDelete: ReferentialAction.Cascade);
+            }
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropForeignKey(
+                name: "FK_AddressInvoices_Invoices_InvoiceDataId",
+                table: "AddressInvoices");
+
+            migrationBuilder.DropForeignKey(
+                name: "FK_ApiKeys_Stores_StoreId",
+                table: "ApiKeys");
+
+            migrationBuilder.DropForeignKey(
+                name: "FK_Apps_Stores_StoreDataId",
+                table: "Apps");
+
+            migrationBuilder.DropForeignKey(
+                name: "FK_Invoices_Stores_StoreDataId",
+                table: "Invoices");
+
+            migrationBuilder.DropForeignKey(
+                name: "FK_PairedSINData_Stores_StoreDataId",
+                table: "PairedSINData");
+
+            migrationBuilder.DropForeignKey(
+                name: "FK_Payments_Invoices_InvoiceDataId",
+                table: "Payments");
+
+            migrationBuilder.DropForeignKey(
+                name: "FK_PendingInvoices_Invoices_Id",
+                table: "PendingInvoices");
+
+            migrationBuilder.DropForeignKey(
+                name: "FK_RefundAddresses_Invoices_InvoiceDataId",
+                table: "RefundAddresses");
+
+            migrationBuilder.AddForeignKey(
+                name: "FK_AddressInvoices_Invoices_InvoiceDataId",
+                table: "AddressInvoices",
+                column: "InvoiceDataId",
+                principalTable: "Invoices",
+                principalColumn: "Id",
+                onDelete: ReferentialAction.Restrict);
+
+            migrationBuilder.AddForeignKey(
+                name: "FK_Apps_Stores_StoreDataId",
+                table: "Apps",
+                column: "StoreDataId",
+                principalTable: "Stores",
+                principalColumn: "Id",
+                onDelete: ReferentialAction.Restrict);
+
+            migrationBuilder.AddForeignKey(
+                name: "FK_Invoices_Stores_StoreDataId",
+                table: "Invoices",
+                column: "StoreDataId",
+                principalTable: "Stores",
+                principalColumn: "Id",
+                onDelete: ReferentialAction.Restrict);
+
+            migrationBuilder.AddForeignKey(
+                name: "FK_Payments_Invoices_InvoiceDataId",
+                table: "Payments",
+                column: "InvoiceDataId",
+                principalTable: "Invoices",
+                principalColumn: "Id",
+                onDelete: ReferentialAction.Restrict);
+
+            migrationBuilder.AddForeignKey(
+                name: "FK_RefundAddresses_Invoices_InvoiceDataId",
+                table: "RefundAddresses",
+                column: "InvoiceDataId",
+                principalTable: "Invoices",
+                principalColumn: "Id",
+                onDelete: ReferentialAction.Restrict);
+        }
+    }
+}

BTCPayServer/Migrations/ApplicationDbContextModelSnapshot.cs

@@ -1,13 +1,9 @@
 // <auto-generated />
+using System;
 using BTCPayServer.Data;
-using BTCPayServer.Services.Invoices;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
-using Microsoft.EntityFrameworkCore.Metadata;
-using Microsoft.EntityFrameworkCore.Migrations;
-using Microsoft.EntityFrameworkCore.Storage;
-using Microsoft.EntityFrameworkCore.Storage.Internal;
-using System;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
 
 namespace BTCPayServer.Migrations
 {
@@ -18,7 +14,7 @@ namespace BTCPayServer.Migrations
         {
 #pragma warning disable 612, 618
             modelBuilder
-                .HasAnnotation("ProductVersion", "2.0.2-rtm-10011");
+                .HasAnnotation("ProductVersion", "2.1.0-rtm-30799");
 
             modelBuilder.Entity("BTCPayServer.Data.AddressInvoiceData", b =>
                 {
@@ -202,8 +198,7 @@ namespace BTCPayServer.Migrations
 
             modelBuilder.Entity("BTCPayServer.Data.PendingInvoiceData", b =>
                 {
-                    b.Property<string>("Id")
-                        .ValueGeneratedOnAdd();
+                    b.Property<string>("Id");
 
                     b.HasKey("Id");
 
@@ -442,19 +437,29 @@ namespace BTCPayServer.Migrations
                 {
                     b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
                         .WithMany("AddressInvoices")
-                        .HasForeignKey("InvoiceDataId");
+                        .HasForeignKey("InvoiceDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.APIKeyData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany("APIKeys")
+                        .HasForeignKey("StoreId")
+                        .OnDelete(DeleteBehavior.Cascade);
                 });
 
             modelBuilder.Entity("BTCPayServer.Data.AppData", b =>
                 {
                     b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
                         .WithMany("Apps")
-                        .HasForeignKey("StoreDataId");
+                        .HasForeignKey("StoreDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
                 });
 
             modelBuilder.Entity("BTCPayServer.Data.HistoricalAddressInvoiceData", b =>
                 {
-                    b.HasOne("BTCPayServer.Data.InvoiceData")
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
                         .WithMany("HistoricalAddressInvoices")
                         .HasForeignKey("InvoiceDataId")
                         .OnDelete(DeleteBehavior.Cascade);
@@ -463,30 +468,49 @@ namespace BTCPayServer.Migrations
             modelBuilder.Entity("BTCPayServer.Data.InvoiceData", b =>
                 {
                     b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
-                        .WithMany()
-                        .HasForeignKey("StoreDataId");
+                        .WithMany("Invoices")
+                        .HasForeignKey("StoreDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
                 });
 
             modelBuilder.Entity("BTCPayServer.Data.InvoiceEventData", b =>
                 {
-                    b.HasOne("BTCPayServer.Data.InvoiceData")
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
                         .WithMany("Events")
                         .HasForeignKey("InvoiceDataId")
                         .OnDelete(DeleteBehavior.Cascade);
                 });
 
+            modelBuilder.Entity("BTCPayServer.Data.PairedSINData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.StoreData", "StoreData")
+                        .WithMany("PairedSINs")
+                        .HasForeignKey("StoreDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
             modelBuilder.Entity("BTCPayServer.Data.PaymentData", b =>
                 {
                     b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
                         .WithMany("Payments")
-                        .HasForeignKey("InvoiceDataId");
+                        .HasForeignKey("InvoiceDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("BTCPayServer.Data.PendingInvoiceData", b =>
+                {
+                    b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
+                        .WithMany("PendingInvoices")
+                        .HasForeignKey("Id")
+                        .OnDelete(DeleteBehavior.Cascade);
                 });
 
             modelBuilder.Entity("BTCPayServer.Data.RefundAddressesData", b =>
                 {
                     b.HasOne("BTCPayServer.Data.InvoiceData", "InvoiceData")
                         .WithMany("RefundAddresses")
-                        .HasForeignKey("InvoiceDataId");
+                        .HasForeignKey("InvoiceDataId")
+                        .OnDelete(DeleteBehavior.Cascade);
                 });
 
             modelBuilder.Entity("BTCPayServer.Data.UserStore", b =>

BTCPayServer/ModelBinders/DerivationSchemeModelBinder.cs

@@ -0,0 +1,58 @@
+using Microsoft.AspNetCore.Mvc.ModelBinding;
+using NBitcoin;
+using System.Reflection;
+using System;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Mvc.Internal;
+using NBXplorer.DerivationStrategy;
+
+namespace BTCPayServer.ModelBinders
+{
+    public class DerivationSchemeModelBinder : IModelBinder
+    {
+        public DerivationSchemeModelBinder()
+        {
+
+        }
+
+        #region IModelBinder Members
+
+        public Task BindModelAsync(ModelBindingContext bindingContext)
+        {
+            if (!typeof(DerivationStrategyBase).GetTypeInfo().IsAssignableFrom(bindingContext.ModelType))
+            {
+                return Task.CompletedTask;
+            }
+
+            ValueProviderResult val = bindingContext.ValueProvider.GetValue(
+                bindingContext.ModelName);
+            if (val == null)
+            {
+                return Task.CompletedTask;
+            }
+
+            string key = val.FirstValue as string;
+            if (key == null)
+            {
+                return Task.CompletedTask;
+            }
+
+            var networkProvider = (BTCPayNetworkProvider)bindingContext.HttpContext.RequestServices.GetService(typeof(BTCPayNetworkProvider));
+            var cryptoCode = bindingContext.ValueProvider.GetValue("cryptoCode").FirstValue;
+            var network = networkProvider.GetNetwork(cryptoCode ?? "BTC");
+            try
+            {
+                var data = new DerivationStrategyFactory(network.NBitcoinNetwork).Parse(key);
+                if (!bindingContext.ModelType.IsInstanceOfType(data))
+                {
+                    throw new FormatException("Invalid destination type");
+                }
+                bindingContext.Result = ModelBindingResult.Success(data);
+            }
+            catch { throw new FormatException("Invalid derivation scheme"); }
+            return Task.CompletedTask;
+        }
+
+        #endregion
+    }
+}

BTCPayServer/ModelBinders/WalletIdModelBinder.cs

@@ -0,0 +1,39 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Mvc.ModelBinding;
+
+namespace BTCPayServer.ModelBinders
+{
+    public class WalletIdModelBinder : IModelBinder
+    {
+        public Task BindModelAsync(ModelBindingContext bindingContext)
+        {
+            if (!typeof(WalletId).GetTypeInfo().IsAssignableFrom(bindingContext.ModelType))
+            {
+                return Task.CompletedTask;
+            }
+
+            ValueProviderResult val = bindingContext.ValueProvider.GetValue(
+                bindingContext.ModelName);
+            if (val == null)
+            {
+                return Task.CompletedTask;
+            }
+
+            string key = val.FirstValue as string;
+            if (key == null)
+            {
+                return Task.CompletedTask;
+            }
+
+            if(WalletId.TryParse(key, out var walletId))
+            {
+                bindingContext.Result = ModelBindingResult.Success(walletId);
+            }
+            return Task.CompletedTask;
+        }
+    }
+}

BTCPayServer/Models/AppViewModels/ListAppsViewModel.cs

@@ -15,6 +15,7 @@ namespace BTCPayServer.Models.AppViewModels
             public string AppName { get; set; }
             public string AppType { get; set; }
             public bool IsOwner { get; set; }
+
             public string UpdateAction { get { return "Update" + AppType; } }
             public string ViewAction { get { return "View" + AppType; } }
         }

BTCPayServer/Models/InvoicingModels/PaymentModel.cs

@@ -12,6 +12,9 @@ namespace BTCPayServer.Models.InvoicingModels
             public string PaymentMethodId { get; set; }
             public string CryptoImage { get; set; }
             public string Link { get; set; }
+            public string PaymentMethodName { get; set; }
+            public bool IsLightning { get; set; }
+            public string CryptoCode { get; set; }
         }
         public string HtmlTitle { get; set; }
         public string CustomCSSLink { get; set; }
@@ -30,8 +33,7 @@ namespace BTCPayServer.Models.InvoicingModels
         public string Status { get; set; }
         public string MerchantRefLink { get; set; }
         public int MaxTimeSeconds { get; set; }
-
-        // These properties are not used in client side code
+        
         public string StoreName { get; set; }
         public string ItemDesc { get; set; }
         public string TimeLeft { get; set; }
@@ -45,12 +47,13 @@ namespace BTCPayServer.Models.InvoicingModels
         public string StoreEmail { get; set; }
 
         public string OrderId { get; set; }
-        public string CryptoImage { get; set; }
         public decimal NetworkFee { get; set; }
         public bool IsMultiCurrency { get; set; }
-        public int MaxTimeMinutes { get; internal set; }
-        public string PaymentType { get; internal set; }
-        public string PaymentMethodId { get; internal set; }
+        public int MaxTimeMinutes { get; set; }
+        public string PaymentType { get; set; }
+        public string PaymentMethodId { get; set; }
+        public string PaymentMethodName { get; set; }
+        public string CryptoImage { get; set; }
 
         public bool AllowCoinConversion { get; set; }
         public string PeerInfo { get; set; }

BTCPayServer/Models/ServerViewModels/LNDGRPCServicesViewModel.cs

@@ -0,0 +1,17 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Models.ServerViewModels
+{
+    public class LNDGRPCServicesViewModel
+    {
+        public string Host { get; set; }
+        public bool SSL { get; set; }
+        public string Macaroon { get; set; }
+        public string CertificateThumbprint { get; set; }
+        public string QRCode { get; set; }
+        public string QRCodeLink { get; set; }
+    }
+}

BTCPayServer/Models/ServerViewModels/MaintenanceViewModel.cs

@@ -0,0 +1,37 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.Linq;
+using System.Threading.Tasks;
+using BTCPayServer.Configuration;
+using BTCPayServer.SSH;
+using Renci.SshNet;
+
+namespace BTCPayServer.Models.ServerViewModels
+{
+    public class MaintenanceViewModel
+    {
+        public bool ExposedSSH { get; set; }
+        [Required]
+        public string UserName { get; set; }
+        [Required]
+        [DataType(DataType.Password)]
+        public string Password { get; set; }
+        [Display(Name = "Change domain")]
+        public string DNSDomain { get; set; }
+        public SshClient CreateSSHClient(string host)
+        {
+            return new SshClient(host, UserName, Password);
+        }
+
+        internal void SetConfiguredSSH(SSHSettings settings)
+        {
+            if(settings != null)
+            {
+                ExposedSSH = true;
+                UserName = "unknown";
+                Password = "unknown";
+            }
+        }
+    }
+}

BTCPayServer/Models/ServerViewModels/SSHServiceViewModel.cs

@@ -0,0 +1,15 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Models.ServerViewModels
+{
+    public class SSHServiceViewModel
+    {
+        public string CommandLine { get; set; }
+        public string Password { get; set; }
+        public string KeyFilePassword { get; set; }
+        public bool HasKeyFile { get; set; }
+    }
+}

BTCPayServer/Models/ServerViewModels/ServicesViewModel.cs

@@ -0,0 +1,19 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Models.ServerViewModels
+{
+    public class ServicesViewModel
+    {
+        public class LNDServiceViewModel
+        {
+            public string Crypto { get; set; }
+            public string Type { get; set; }
+            public int Index { get; set; }
+        }
+        public List<LNDServiceViewModel> LNDServices { get; set; } = new List<LNDServiceViewModel>();
+        public bool HasSSH { get; set; }
+    }
+}

BTCPayServer/Models/StoreViewModels/DerivationSchemeViewModel.cs

@@ -27,6 +27,7 @@ namespace BTCPayServer.Models.StoreViewModels
         [Display(Name = "Hint address")]
         public string HintAddress { get; set; }
         public bool Confirmation { get; set; }
+        public bool Enabled { get; set; } = true;
 
         public string ServerUrl { get; set; }
         public string StatusMessage { get; internal set; }

BTCPayServer/Models/StoreViewModels/LightningNodeViewModel.cs

@@ -9,8 +9,8 @@ namespace BTCPayServer.Models.StoreViewModels
 {
     public class LightningNodeViewModel
     {
-        [Display(Name = "Lightning charge url")]
-        public string Url
+        [Display(Name = "Connection string")]
+        public string ConnectionString
         {
             get;
             set;
@@ -24,5 +24,6 @@ namespace BTCPayServer.Models.StoreViewModels
         public string StatusMessage { get; set; }
         public string InternalLightningNode { get; internal set; }
         public bool SkipPortTest { get; set; }
+        public bool Enabled { get; set; } = true;
     }
 }

BTCPayServer/Models/StoreViewModels/PayButtonViewModel.cs

@@ -0,0 +1,32 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Models.StoreViewModels
+{
+    public class PayButtonViewModel
+    {
+        public decimal Price { get; set; }
+        public string InvoiceId { get; set; }
+        [Required]
+        public string Currency { get; set; }
+        public string CheckoutDesc { get; set; }
+        public string OrderId { get; set; }
+        public int ButtonSize { get; set; }
+        [Url]
+        public string ServerIpn { get; set; }
+        [Url]
+        public string BrowserRedirect { get; set; }
+        [EmailAddress]
+        public string NotifyEmail { get; set; }
+
+        public string StoreId { get; set; }
+
+        // Data that influences Pay Button UI, but not invoice creation
+        public string UrlRoot { get; set; }
+        public List<string> CurrencyDropdown { get; set; }
+        public string PayButtonImageUrl { get; set; }
+    }
+}

BTCPayServer/Models/StoreViewModels/RatesViewModel.cs

@@ -44,9 +44,9 @@ namespace BTCPayServer.Models.StoreViewModels
         public string ScriptTest { get; set; }
         public CoinAverageExchange[] AvailableExchanges { get; set; }
 
-        [Display(Name = "Multiply the rate by... (Setting to 1.01 would apply a discount of 1% to the purchase)")]
-        [Range(0.01, 10.0)]
-        public double RateMultiplier
+        [Display(Name = "Add a spread on exchange rate of ... %")]
+        [Range(0.0, 100.0)]
+        public double Spread
         {
             get;
             set;

BTCPayServer/Models/StoreViewModels/StoreViewModel.cs

@@ -18,6 +18,8 @@ namespace BTCPayServer.Models.StoreViewModels
         {
             public string Crypto { get; set; }
             public string Value { get; set; }
+            public WalletId WalletId { get; set; }
+            public bool Enabled { get; set; }
         }
 
         public StoreViewModel()
@@ -25,6 +27,7 @@ namespace BTCPayServer.Models.StoreViewModels
 
         }
 
+        public bool CanDelete { get; set; }
         public string Id { get; set; }
         [Display(Name = "Store Name")]
         [Required]
@@ -44,6 +47,9 @@ namespace BTCPayServer.Models.StoreViewModels
             set;
         }
 
+        [Display(Name = "Allow anyone to create invoice")]
+        public bool AnyoneCanCreateInvoice { get; set; }
+
         public List<StoreViewModel.DerivationScheme> DerivationSchemes { get; set; } = new List<StoreViewModel.DerivationScheme>();
 
         [Display(Name = "Invoice expires if the full amount has not been paid after ... minutes")]
@@ -81,6 +87,7 @@ namespace BTCPayServer.Models.StoreViewModels
         {
             public string CryptoCode { get; set; }
             public string Address { get; set; }
+            public bool Enabled { get; set; }
         }
         public List<LightningNode> LightningNodes
         {

BTCPayServer/Models/StoreViewModels/StoresViewModel.cs

@@ -34,10 +34,6 @@ namespace BTCPayServer.Models.StoreViewModels
                 get;
                 set;
             }
-            public string[] Balances
-            {
-                get; set;
-            }
         }
     }
 }

BTCPayServer/Models/WalletViewModels/ListTransactionsViewModel.cs

@@ -0,0 +1,20 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Models.WalletViewModels
+{
+    public class ListTransactionsViewModel
+    {
+        public class TransactionViewModel
+        {
+            public DateTimeOffset Timestamp { get; set; }
+            public string Id { get; set; }
+            public string Link { get; set; }
+            public bool Positive { get; set; }
+            public string Balance { get; set; }
+        }
+        public List<TransactionViewModel> Transactions { get; set; } = new List<TransactionViewModel>();
+    }
+}

BTCPayServer/Models/WalletViewModels/ListWalletsViewModel.cs

@@ -0,0 +1,22 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Models.WalletViewModels
+{
+    public class ListWalletsViewModel
+    {
+        public class WalletViewModel
+        {
+            public string StoreName { get; set; }
+            public string StoreId { get; set; }
+            public string CryptoCode { get; set; }
+            public string Balance { get; set; }
+            public bool IsOwner { get; set; }
+            public WalletId Id { get; set; }
+        }
+
+        public List<WalletViewModel> Wallets { get; set; } = new List<WalletViewModel>();
+    }
+}

BTCPayServer/Models/WalletViewModels/WalletModel.cs

@@ -5,7 +5,7 @@ using System.Linq;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Mvc.Rendering;
 
-namespace BTCPayServer.Models.StoreViewModels
+namespace BTCPayServer.Models.WalletViewModels
 {
     public class WalletModel
     {
@@ -15,5 +15,12 @@ namespace BTCPayServer.Models.StoreViewModels
             get;
             set;
         }
+        public string DefaultAddress { get; set; }
+        public string DefaultAmount { get; set; }
+
+        public decimal? Rate { get; set; }
+        public int Divisibility { get; set; }
+        public string Fiat { get; set; }
+        public string RateError { get; set; }
     }
 }

BTCPayServer/Payments/Bitcoin/BitcoinLikePaymentHandler.cs

@@ -27,16 +27,30 @@ namespace BTCPayServer.Payments.Bitcoin
             _WalletProvider = walletProvider;
         }
 
-        public override async Task<IPaymentMethodDetails> CreatePaymentMethodDetails(DerivationStrategy supportedPaymentMethod, PaymentMethod paymentMethod, StoreData store, BTCPayNetwork network)
+        class Prepare
+        {
+            public Task<FeeRate> GetFeeRate;
+            public Task<BitcoinAddress> ReserveAddress;
+        }
+
+        public override object PreparePayment(DerivationStrategy supportedPaymentMethod, StoreData store, BTCPayNetwork network)
+        {
+            return new Prepare()
+            {
+                GetFeeRate = _FeeRateProviderFactory.CreateFeeProvider(network).GetFeeRateAsync(),
+                ReserveAddress = _WalletProvider.GetWallet(network).ReserveAddressAsync(supportedPaymentMethod.DerivationStrategyBase)
+            };
+        }
+
+        public override async Task<IPaymentMethodDetails> CreatePaymentMethodDetails(DerivationStrategy supportedPaymentMethod, PaymentMethod paymentMethod, StoreData store, BTCPayNetwork network, object preparePaymentObject)
         {
             if (!_ExplorerProvider.IsAvailable(network))
                 throw new PaymentMethodUnavailableException($"Full node not available");
-            var getFeeRate = _FeeRateProviderFactory.CreateFeeProvider(network).GetFeeRateAsync();
-            var getAddress = _WalletProvider.GetWallet(network).ReserveAddressAsync(supportedPaymentMethod.DerivationStrategyBase);
+            var prepare = (Prepare)preparePaymentObject;
             Payments.Bitcoin.BitcoinLikeOnChainPaymentMethod onchainMethod = new Payments.Bitcoin.BitcoinLikeOnChainPaymentMethod();
-            onchainMethod.FeeRate = await getFeeRate;
+            onchainMethod.FeeRate = await prepare.GetFeeRate;
             onchainMethod.TxFee = onchainMethod.FeeRate.GetFee(100); // assume price for 100 bytes
-            onchainMethod.DepositAddress = (await getAddress).ToString();
+            onchainMethod.DepositAddress = (await prepare.ReserveAddress).ToString();
             return onchainMethod;
         }
     }

BTCPayServer/Payments/Bitcoin/NBXplorerListener.cs

@@ -161,7 +161,7 @@ namespace BTCPayServer.Payments.Bitcoin
                                             {
                                                 var payment = await _InvoiceRepository.AddPayment(invoice.Id, DateTimeOffset.UtcNow, paymentData, network.CryptoCode);
                                                 if(payment != null)
-                                                    await ReceivedPayment(wallet, invoice.Id, payment, evt.DerivationStrategy);
+                                                    await ReceivedPayment(wallet, invoice, payment, evt.DerivationStrategy);
                                             }
                                             else
                                             {
@@ -207,6 +207,8 @@ namespace BTCPayServer.Payments.Bitcoin
         async Task<InvoiceEntity> UpdatePaymentStates(BTCPayWallet wallet, string invoiceId)
         {
             var invoice = await _InvoiceRepository.GetInvoice(null, invoiceId, false);
+            if (invoice == null)
+                return null;
             List<PaymentEntity> updatedPaymentEntities = new List<PaymentEntity>();
             var transactions = await wallet.GetTransactions(GetAllBitcoinPaymentData(invoice)
                     .Select(p => p.Outpoint.Hash)
@@ -315,6 +317,8 @@ namespace BTCPayServer.Payments.Bitcoin
             foreach (var invoiceId in invoices)
             {
                 var invoice = await _InvoiceRepository.GetInvoice(null, invoiceId, true);
+                if (invoice == null)
+                    continue;
                 var alreadyAccounted = GetAllBitcoinPaymentData(invoice).Select(p => p.Outpoint).ToHashSet();
                 var strategy = GetDerivationStrategy(invoice, network);
                 if (strategy == null)
@@ -332,8 +336,12 @@ namespace BTCPayServer.Payments.Bitcoin
                     var payment = await _InvoiceRepository.AddPayment(invoice.Id, coin.Timestamp, paymentData, network.CryptoCode).ConfigureAwait(false);
                     alreadyAccounted.Add(coin.Coin.Outpoint);
                     if (payment != null)
-                        invoice = await ReceivedPayment(wallet, invoice.Id, payment, strategy);
-                    totalPayment++;
+                    {
+                        invoice = await ReceivedPayment(wallet, invoice, payment, strategy);
+                        if(invoice == null)
+                            continue;
+                        totalPayment++;
+                    }
                 }
             }
             return totalPayment;
@@ -346,10 +354,12 @@ namespace BTCPayServer.Payments.Bitcoin
                           .FirstOrDefault();
         }
 
-        private async Task<InvoiceEntity> ReceivedPayment(BTCPayWallet wallet, string invoiceId, PaymentEntity payment, DerivationStrategyBase strategy)
+        private async Task<InvoiceEntity> ReceivedPayment(BTCPayWallet wallet, InvoiceEntity invoice, PaymentEntity payment, DerivationStrategyBase strategy)
         {
             var paymentData = (BitcoinLikePaymentData)payment.GetCryptoPaymentData();
-            var invoice = (await UpdatePaymentStates(wallet, invoiceId));
+            invoice = (await UpdatePaymentStates(wallet, invoice.Id));
+            if (invoice == null)
+                return null;
             var paymentMethod = invoice.GetPaymentMethod(wallet.Network, PaymentTypes.BTCLike, _ExplorerClients.NetworkProviders);
             if (paymentMethod != null &&
                 paymentMethod.GetPaymentMethodDetails() is BitcoinLikeOnChainPaymentMethod btc &&
@@ -358,13 +368,13 @@ namespace BTCPayServer.Payments.Bitcoin
             {
                 var address = await wallet.ReserveAddressAsync(strategy);
                 btc.DepositAddress = address.ToString();
-                await _InvoiceRepository.NewAddress(invoiceId, btc, wallet.Network);
-                _Aggregator.Publish(new InvoiceNewAddressEvent(invoiceId, address.ToString(), wallet.Network));
+                await _InvoiceRepository.NewAddress(invoice.Id, btc, wallet.Network);
+                _Aggregator.Publish(new InvoiceNewAddressEvent(invoice.Id, address.ToString(), wallet.Network));
                 paymentMethod.SetPaymentMethodDetails(btc);
                 invoice.SetPaymentMethod(paymentMethod);
             }
             wallet.InvalidateCache(strategy);
-            _Aggregator.Publish(new InvoiceEvent(invoiceId, 1002, "invoice_receivedPayment"));
+            _Aggregator.Publish(new InvoiceEvent(invoice.EntityToDTO(_NetworkProvider), 1002, "invoice_receivedPayment"));
             return invoice;
         }
         public Task StopAsync(CancellationToken cancellationToken)

BTCPayServer/Payments/IPaymentFilter.cs

@@ -0,0 +1,74 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BTCPayServer.Payments
+{
+    public interface IPaymentFilter
+    {
+        bool Match(PaymentMethodId paymentMethodId);
+    }
+
+    public class PaymentFilter
+    {
+        class NeverPaymentFilter : IPaymentFilter
+        {
+
+            private static readonly NeverPaymentFilter _Instance = new NeverPaymentFilter();
+            public static NeverPaymentFilter Instance
+            {
+                get
+                {
+                    return _Instance;
+                }
+            }
+            public bool Match(PaymentMethodId paymentMethodId)
+            {
+                return false;
+            }
+        }
+        class CompositePaymentFilter : IPaymentFilter
+        {
+            private readonly IPaymentFilter[] _filters;
+
+            public CompositePaymentFilter(IPaymentFilter[] filters)
+            {
+                _filters = filters;
+            }
+            public bool Match(PaymentMethodId paymentMethodId)
+            {
+                return _filters.Any(f => f.Match(paymentMethodId));
+            }
+        }
+        class PaymentIdFilter : IPaymentFilter
+        {
+            private readonly PaymentMethodId _paymentMethodId;
+
+            public PaymentIdFilter(PaymentMethodId paymentMethodId)
+            {
+                _paymentMethodId = paymentMethodId;
+            }
+            public bool Match(PaymentMethodId paymentMethodId)
+            {
+                return paymentMethodId == _paymentMethodId;
+            }
+        }
+        public static IPaymentFilter Never()
+        {
+            return NeverPaymentFilter.Instance;
+        }
+        public static IPaymentFilter Any(IPaymentFilter[] filters)
+        {
+            if (filters == null)
+                throw new ArgumentNullException(nameof(filters));
+            return new CompositePaymentFilter(filters);
+        }
+        public static IPaymentFilter WhereIs(PaymentMethodId paymentMethodId)
+        {
+            if (paymentMethodId == null)
+                throw new ArgumentNullException(nameof(paymentMethodId));
+            return new PaymentIdFilter(paymentMethodId);
+        }
+    }
+}