create-fedi-app 0.1.2 → 0.1.3

package/dist/templates/base/lib/fedi.ts

@@ -7,6 +7,12 @@ export function getFediInternalVersion(): 0 | 1 | 2 | null {
   return window.fediInternal.version as 0 | 1 | 2;
 }
 
+/** True when Fedi rejected a call due to a missing or denied mini-app permission. */
+export function isFediPermissionError(err: unknown): boolean {
+  const message = err instanceof Error ? err.message : String(err);
+  return /permission denied|missing the following permissions/i.test(message);
+}
+
 export function formatSats(sats: number): string {
   if (sats >= 100_000) return `${(sats / 100_000_000).toFixed(6)} BTC`;
   return `${sats.toLocaleString()} sats`;

package/dist/templates/base/lib/lightning/bolt11.ts

@@ -0,0 +1,15 @@
+import { decode } from 'light-bolt11-decoder';
+
+/**
+ * Extracts the payment hash (hex) from a BOLT11 invoice string.
+ */
+export function getPaymentHashFromInvoice(invoice: string): string {
+  const decoded = decode(invoice);
+  const section = decoded.sections.find((s) => s.name === 'payment_hash');
+
+  if (!section || typeof section.value !== 'string') {
+    throw new Error('Invoice missing payment_hash');
+  }
+
+  return section.value;
+}

package/dist/templates/base/lib/lightning/lnurl-pay.ts

@@ -0,0 +1,97 @@
+import { bech32 } from '@scure/base';
+
+export interface ILnurlPayMetadata {
+  callback: string;
+  minSendable: number;
+  maxSendable: number;
+  metadata?: string;
+  tag?: string;
+}
+
+export interface ILnurlPayInvoiceResponse {
+  pr: string;
+  routes?: unknown[];
+  successAction?: { tag: string; message?: string };
+}
+
+/** Decodes a bech32 LNURL string to the underlying HTTPS endpoint. */
+export function decodeLnurlPayAddress(lnurl: string): string {
+  const normalized = lnurl.trim().toLowerCase();
+  if (normalized.startsWith('http://') || normalized.startsWith('https://')) {
+    return lnurl.trim();
+  }
+  const { words } = bech32.decode(normalized, 2000);
+  const bytes = bech32.fromWords(words);
+  return new TextDecoder().decode(bytes);
+}
+
+/** Resolves an LNURL-pay HTTPS endpoint from a bech32 or raw URL string. */
+export function resolveLnurlPayEndpoint(address: string): string {
+  const trimmed = address.trim();
+  if (trimmed.startsWith('http://') || trimmed.startsWith('https://')) {
+    return trimmed;
+  }
+  return decodeLnurlPayAddress(trimmed);
+}
+
+/** Fetches LNURL-pay metadata (LUD-06). */
+export async function fetchLnurlPayMetadata(endpoint: string): Promise<ILnurlPayMetadata> {
+  const res = await fetch(endpoint);
+  if (!res.ok) {
+    throw new Error(`LNURL metadata lookup failed (${res.status})`);
+  }
+
+  const data = (await res.json()) as ILnurlPayMetadata;
+  if (!data.callback || !data.minSendable || !data.maxSendable) {
+    throw new Error('Invalid LNURL-pay metadata response');
+  }
+
+  return data;
+}
+
+/** Requests a BOLT11 invoice from an LNURL-pay callback. */
+export async function requestLnurlPayInvoice(
+  callback: string,
+  amountMsats: number,
+  comment?: string,
+): Promise<string> {
+  const url = new URL(callback);
+  url.searchParams.set('amount', String(amountMsats));
+  if (comment) {
+    url.searchParams.set('comment', comment);
+  }
+
+  const res = await fetch(url.toString());
+  if (!res.ok) {
+    throw new Error(`LNURL invoice request failed (${res.status})`);
+  }
+
+  const data = (await res.json()) as ILnurlPayInvoiceResponse;
+  if (!data.pr) {
+    throw new Error('LNURL response did not include an invoice');
+  }
+
+  return data.pr;
+}
+
+/**
+ * Creates a real BOLT11 invoice via an LNURL-pay address.
+ */
+export async function createLnurlPayInvoice(
+  lnurlAddress: string,
+  amountSats: number,
+  comment?: string,
+): Promise<{ invoice: string; amountMsats: number }> {
+  const endpoint = resolveLnurlPayEndpoint(lnurlAddress);
+  const metadata = await fetchLnurlPayMetadata(endpoint);
+  const amountMsats = amountSats * 1000;
+
+  if (amountMsats < metadata.minSendable || amountMsats > metadata.maxSendable) {
+    throw new Error(
+      `Amount ${amountSats} sats is outside LNURL limits (${Math.floor(metadata.minSendable / 1000)}–${Math.floor(metadata.maxSendable / 1000)} sats)`,
+    );
+  }
+
+  const invoice = await requestLnurlPayInvoice(metadata.callback, amountMsats, comment);
+  return { invoice, amountMsats };
+}

package/dist/templates/base/lib/lightning/preimage-verify.ts

@@ -0,0 +1,31 @@
+import { sha256 } from '@noble/hashes/sha256';
+
+function hexToBytes(hex: string): Uint8Array {
+  const normalized = hex.replace(/^0x/i, '');
+  const bytes = new Uint8Array(normalized.length / 2);
+  for (let i = 0; i < normalized.length; i += 2) {
+    bytes[i / 2] = Number.parseInt(normalized.slice(i, i + 2), 16);
+  }
+  return bytes;
+}
+
+function bytesToHex(bytes: Uint8Array): string {
+  return Array.from(bytes)
+    .map((b) => b.toString(16).padStart(2, '0'))
+    .join('');
+}
+
+/**
+ * Verifies that a Lightning payment preimage matches the expected payment hash.
+ */
+export function verifyPreimage(preimage: string, paymentHashHex: string): boolean {
+  try {
+    const preimageBytes = hexToBytes(preimage);
+    const hash = sha256(preimageBytes);
+    const expected = hexToBytes(paymentHashHex);
+    if (hash.length !== expected.length) return false;
+    return bytesToHex(hash) === bytesToHex(expected);
+  } catch {
+    return false;
+  }
+}

package/dist/templates/base/lib/nostr/hooks.ts

@@ -21,27 +21,36 @@ export function useNostr() {
     provider: ctx.provider,
     pubkey: ctx.pubkey,
     npub,
+    isAvailable: ctx.isAvailable,
     isLoading: ctx.isLoading,
     error: ctx.error,
-    isConnected: ctx.provider !== null,
+    isConnected: ctx.pubkey !== null,
+    connect: ctx.connect,
   };
 }
 
 export function useIdentity() {
-  const { provider, pubkey, npub } = useNostr();
+  const { provider, pubkey, npub, connect } = useNostr();
   const [isConnecting, setIsConnecting] = useState(false);
 
   const displayNpub = npub ? npub.slice(0, 8) + '...' + npub.slice(-4) : null;
 
   async function getPublicKey(): Promise<string | null> {
+    if (pubkey) return pubkey;
     if (!provider) return null;
-    return provider.getPublicKey();
+    setIsConnecting(true);
+    try {
+      return await connect();
+    } finally {
+      setIsConnecting(false);
+    }
   }
 
   async function signEvent(event: UnsignedNostrEvent): Promise<NostrEvent | null> {
     if (!provider) return null;
     setIsConnecting(true);
     try {
+      await getPublicKey();
       return await provider.signEvent(event);
     } finally {
       setIsConnecting(false);

package/dist/templates/base/lib/nostr/provider.tsx

@@ -1,11 +1,20 @@
-import { createContext, useEffect, useState, type ReactNode } from 'react';
+import {
+  createContext,
+  useCallback,
+  useEffect,
+  useRef,
+  useState,
+  type ReactNode,
+} from 'react';
 import type { NostrProvider as NostrProviderInterface } from '../fedi-types';
 
 interface NostrContextValue {
   provider: NostrProviderInterface | null;
   pubkey: string | null;
+  isAvailable: boolean;
   isLoading: boolean;
   error: Error | null;
+  connect: () => Promise<string | null>;
 }
 
 export const NostrContext = createContext<NostrContextValue | null>(null);
@@ -18,46 +27,56 @@ interface NostrProviderProps {
 export function NostrProvider({ children, mockProvider }: NostrProviderProps) {
   const [provider, setProvider] = useState<NostrProviderInterface | null>(null);
   const [pubkey, setPubkey] = useState<string | null>(null);
+  const [isAvailable, setIsAvailable] = useState(false);
   const [isLoading, setIsLoading] = useState(true);
   const [error, setError] = useState<Error | null>(null);
+  const availableRef = useRef<NostrProviderInterface | null>(null);
 
   useEffect(() => {
     let cancelled = false;
 
-    async function init() {
-      let activeProvider: NostrProviderInterface | null = null;
-
-      if (typeof window !== 'undefined' && window.nostr) {
-        activeProvider = window.nostr;
-      } else if (mockProvider !== undefined && process.env.NODE_ENV === 'development') {
-        activeProvider = mockProvider;
+    if (typeof window !== 'undefined' && window.nostr) {
+      availableRef.current = window.nostr;
+      if (!cancelled) {
+        setProvider(window.nostr);
+        setIsAvailable(true);
       }
-
-      if (activeProvider) {
-        try {
-          const pk = await activeProvider.getPublicKey();
-          if (!cancelled) {
-            setProvider(activeProvider);
-            setPubkey(pk);
-          }
-        } catch (err) {
-          if (!cancelled) {
-            setError(err instanceof Error ? err : new Error('Failed to connect Nostr'));
-          }
-        }
+    } else if (mockProvider !== undefined && process.env.NODE_ENV === 'development') {
+      availableRef.current = mockProvider;
+      if (!cancelled) {
+        setProvider(mockProvider);
+        setIsAvailable(true);
       }
-
-      if (!cancelled) setIsLoading(false);
     }
 
-    init();
+    if (!cancelled) setIsLoading(false);
+
     return () => {
       cancelled = true;
     };
   }, [mockProvider]);
 
+  const connect = useCallback(async (): Promise<string | null> => {
+    const active = availableRef.current;
+    if (!active) return null;
+
+    setError(null);
+    try {
+      const pk = await active.getPublicKey();
+      setPubkey(pk);
+      return pk;
+    } catch (err) {
+      const connectError =
+        err instanceof Error ? err : new Error('Failed to connect Nostr');
+      setError(connectError);
+      return null;
+    }
+  }, []);
+
   return (
-    <NostrContext.Provider value={{ provider, pubkey, isLoading, error }}>
+    <NostrContext.Provider
+      value={{ provider, pubkey, isAvailable, isLoading, error, connect }}
+    >
       {children}
     </NostrContext.Provider>
   );

package/dist/templates/base/lib/payment-config.ts

@@ -0,0 +1,54 @@
+/** Default LNURL-pay address for create-fedi-app demo payments (maintainer wallet). */
+export const DEFAULT_LNURL_PAY_ADDRESS =
+  'lnurl1dp68gurn8ghj7un9vd6hyunfdenkgtnrw3exytnfduhkcmnkxyhhqctevdhkgetn9uenzvmxv33kyefj8yerqefk8p3rvd34x93nvdr9vvukgcfexcergv3jxc6kgcm9x4jxydenxvengwf48q6rxwpsxf3ryctpvvenwefswhw4au';
+
+export const PUBLIC_FEDI_APP_REPO = 'https://github.com/keegan-lee/public-fedi-app';
+
+function parsePositiveInt(value: string | undefined, fallback: number): number {
+  const parsed = Number.parseInt(value ?? '', 10);
+  return Number.isFinite(parsed) && parsed > 0 ? parsed : fallback;
+}
+
+/** Server-side LNURL-pay address for invoice generation. */
+export function getLnurlPayAddress(): string {
+  return (
+    process.env.LNURL_PAY_ADDRESS?.trim() ||
+    process.env.NEXT_PUBLIC_LNURL_PAY_ADDRESS?.trim() ||
+    DEFAULT_LNURL_PAY_ADDRESS
+  );
+}
+
+/** Client-safe LNURL-pay address for display and QR codes. */
+export function getPublicLnurlPayAddress(): string {
+  return (
+    process.env.NEXT_PUBLIC_LNURL_PAY_ADDRESS?.trim() ||
+    DEFAULT_LNURL_PAY_ADDRESS
+  );
+}
+
+export function getDemoWeblnSats(): number {
+  return parsePositiveInt(
+    process.env.NEXT_PUBLIC_DEMO_WEBLN_SATS ?? process.env.DEMO_WEBLN_SATS,
+    21,
+  );
+}
+
+export function getDemoGateSats(): number {
+  return parsePositiveInt(
+    process.env.NEXT_PUBLIC_DEMO_GATE_SATS ?? process.env.DEMO_GATE_SATS,
+    7,
+  );
+}
+
+export function getDemoLnurlSats(): number {
+  return parsePositiveInt(
+    process.env.NEXT_PUBLIC_DEMO_LNURL_SATS ?? process.env.DEMO_LNURL_SATS,
+    1,
+  );
+}
+
+/** Truncates an LNURL string for compact UI display. */
+export function truncateLnurl(lnurl: string): string {
+  if (lnurl.length <= 36) return lnurl;
+  return `${lnurl.slice(0, 24)}…${lnurl.slice(-12)}`;
+}

package/dist/templates/base/lib/webln/hooks.ts

@@ -9,26 +9,35 @@ export function useWebLN() {
   }
   return {
     provider: ctx.provider,
+    isAvailable: ctx.isAvailable,
     isLoading: ctx.isLoading,
     error: ctx.error,
     isConnected: ctx.provider !== null,
+    connect: ctx.connect,
   };
 }
 
 export function usePayment() {
-  const { provider } = useWebLN();
+  const { provider, connect, isAvailable } = useWebLN();
   const [isPaying, setIsPaying] = useState(false);
   const [isCreatingInvoice, setIsCreatingInvoice] = useState(false);
   const [paymentError, setPaymentError] = useState<Error | null>(null);
   const [lastPreimage, setLastPreimage] = useState<string | null>(null);
   const [lastInvoice, setLastInvoice] = useState<string | null>(null);
 
+  async function ensureEnabled() {
+    if (provider) return provider;
+    if (!isAvailable) return null;
+    return connect();
+  }
+
   async function sendPayment(paymentRequest: string) {
-    if (!provider) return null;
+    const active = await ensureEnabled();
+    if (!active) return null;
     setIsPaying(true);
     setPaymentError(null);
     try {
-      const result = await provider.sendPayment(paymentRequest);
+      const result = await active.sendPayment(paymentRequest);
       setLastPreimage(result.preimage);
       return result;
     } catch (err) {
@@ -40,11 +49,12 @@ export function usePayment() {
   }
 
   async function makeInvoice(args: RequestInvoiceArgs | string | number) {
-    if (!provider) return null;
+    const active = await ensureEnabled();
+    if (!active) return null;
     setIsCreatingInvoice(true);
     setPaymentError(null);
     try {
-      const result = await provider.makeInvoice(args);
+      const result = await active.makeInvoice(args);
       setLastInvoice(result.paymentRequest);
       return result;
     } catch (err) {

package/dist/templates/base/lib/webln/provider.tsx

@@ -1,10 +1,20 @@
-import { createContext, useEffect, useState, type ReactNode } from 'react';
+import {
+  createContext,
+  useCallback,
+  useEffect,
+  useRef,
+  useState,
+  type ReactNode,
+} from 'react';
 import type { WebLNProvider as WebLNProviderInterface } from '../fedi-types';
 
 interface WebLNContextValue {
+  /** Enabled WebLN provider; null until `connect()` succeeds. */
   provider: WebLNProviderInterface | null;
+  isAvailable: boolean;
   isLoading: boolean;
   error: Error | null;
+  connect: () => Promise<WebLNProviderInterface | null>;
 }
 
 export const WebLNContext = createContext<WebLNContextValue | null>(null);
@@ -16,36 +26,50 @@ interface WebLNProviderProps {
 
 export function WebLNProvider({ children, mockProvider }: WebLNProviderProps) {
   const [provider, setProvider] = useState<WebLNProviderInterface | null>(null);
+  const [isAvailable, setIsAvailable] = useState(false);
   const [isLoading, setIsLoading] = useState(true);
   const [error, setError] = useState<Error | null>(null);
+  const availableRef = useRef<WebLNProviderInterface | null>(null);
 
   useEffect(() => {
     let cancelled = false;
 
-    async function init() {
-      if (typeof window !== 'undefined' && window.webln) {
-        try {
-          await window.webln.enable();
-          if (!cancelled) setProvider(window.webln);
-        } catch (err) {
-          if (!cancelled) {
-            setError(err instanceof Error ? err : new Error('Failed to enable WebLN'));
-          }
-        }
-      } else if (mockProvider !== undefined && process.env.NODE_ENV !== 'production') {
-        if (!cancelled) setProvider(mockProvider);
-      }
-      if (!cancelled) setIsLoading(false);
+    if (typeof window !== 'undefined' && window.webln) {
+      availableRef.current = window.webln;
+      if (!cancelled) setIsAvailable(true);
+    } else if (mockProvider !== undefined && process.env.NODE_ENV !== 'production') {
+      availableRef.current = mockProvider;
+      if (!cancelled) setIsAvailable(true);
     }
 
-    init();
+    if (!cancelled) setIsLoading(false);
+
     return () => {
       cancelled = true;
     };
   }, [mockProvider]);
 
+  const connect = useCallback(async (): Promise<WebLNProviderInterface | null> => {
+    const available = availableRef.current;
+    if (!available) return null;
+
+    setError(null);
+    try {
+      await available.enable();
+      setProvider(available);
+      return available;
+    } catch (err) {
+      const connectError =
+        err instanceof Error ? err : new Error('Failed to enable WebLN');
+      setError(connectError);
+      return null;
+    }
+  }, []);
+
   return (
-    <WebLNContext.Provider value={{ provider, isLoading, error }}>
+    <WebLNContext.Provider
+      value={{ provider, isAvailable, isLoading, error, connect }}
+    >
       {children}
     </WebLNContext.Provider>
   );

package/dist/templates/base/package.json

@@ -21,6 +21,7 @@
     "zod": "^3",
     "clsx": "^2",
     "tailwind-merge": "^2",
+    "light-bolt11-decoder": "^3.2.0",
     "qrcode.react": "^4"
   },
   "devDependencies": {

package/dist/templates/modules/ai-chat-gated/components/ai/PaymentGate.tsx

@@ -1,6 +1,6 @@
 'use client';
 
-import { useCallback, useEffect, useState } from 'react';
+import { useCallback, useState } from 'react';
 import { PayButton } from '../webln/PayButton';
 import { formatSats } from '../../lib/payment-history';
 
@@ -14,7 +14,6 @@ type TInvoiceResponse = {
   invoice: string;
   amountSats: number;
   memo: string;
-  devPreimage?: string;
 };
 
 interface IPaymentGateProps {
@@ -71,26 +70,6 @@ export function PaymentGate({
     return data;
   }, [amountSats, memo, onError]);
 
-  useEffect(() => {
-    if (
-      process.env.NODE_ENV !== 'development' ||
-      !invoiceData?.devPreimage ||
-      step !== 'ready'
-    ) {
-      return;
-    }
-
-    const timer = window.setTimeout(() => {
-      onPaymentConfirmed({
-        paymentId: invoiceData.paymentId,
-        preimage: invoiceData.devPreimage!,
-      });
-      reset();
-    }, 5000);
-
-    return () => window.clearTimeout(timer);
-  }, [invoiceData, step, onPaymentConfirmed, reset]);
-
   async function handlePrepare() {
     if (disabled || step === 'loading') return;
     await requestInvoice();
@@ -143,12 +122,6 @@ export function PaymentGate({
         />
       )}
 
-      {process.env.NODE_ENV === 'development' && step === 'ready' && (
-        <p className="text-center text-xs" style={{ color: 'var(--color-text-subtle)' }}>
-          Simulated payment in 5 seconds (dev only)
-        </p>
-      )}
-
       {error && (
         <p className="text-xs" style={{ color: 'var(--color-error, #ef4444)' }} role="alert">
           {error}

package/dist/templates/modules/ai-rules/rules/OVERVIEW.md

@@ -45,7 +45,8 @@ Fedi also injects `window.fediInternal` (optional, versioned) for app-discovery
 2. **Never install NIP-07 browser extension adapters.** `window.nostr` is already there.
 3. **Always guard injected APIs with `typeof window.X !== 'undefined'`** before calling them — SSR and non-Fedi browsers will not have them.
 4. **This is an App Router project** — components that use browser APIs or React hooks must have `'use client'` at the top.
-5. **Do not add `window.webln.enable()` calls** — the `@create-fedi-app/webln` provider handles this automatically.
+5. **WebLN requires explicit `connect()`** — call `connect()` from `useWebLN()` on user action before payments; do not call `window.webln.enable()` on page load.
+6. **fediInternal v2 methods require user gesture** — never call `getInstalledMiniApps()` or `installMiniApp()` on mount; handle `manageInstalledMiniApps` denials with `isFediPermissionError()`.
 
 ## Links
 

package/dist/templates/modules/ai-rules/rules/fedi-api.md

@@ -72,6 +72,26 @@ await window.fediInternal.installMiniApp({
 
 Triggers Fedi's native UI to add a Mini App to the user's home screen. Resolves when the user confirms (or rejects) the install prompt.
 
+## Permissions (`manageInstalledMiniApps`)
+
+Both `getInstalledMiniApps()` and `installMiniApp()` require Fedi's **`manageInstalledMiniApps`** permission. Fedi prompts on first call. **Never invoke these methods on page load** — only after a user taps a button.
+
+Detect permission denials with `isFediPermissionError()` from `lib/fedi.ts`:
+
+```ts
+import { isFediPermissionError } from '../lib/fedi';
+
+try {
+  await getInstalledMiniApps!();
+} catch (err) {
+  if (isFediPermissionError(err)) {
+    // Show ManageMiniAppsPermissionHint + manual retry
+  }
+}
+```
+
+If the user denied with "Remember my choice", they must reset the permission in Fedi mini app settings before retrying.
+
 ## useFediInternal() hook
 
 ```ts

package/dist/templates/modules/ecash-balance/app/demo/ecash/page.tsx

@@ -1,19 +1,25 @@
 'use client';
 
 import Link from 'next/link';
-import { useState } from 'react';
+import { useEffect, useState } from 'react';
 import { BalanceDisplay } from '../../../components/fedi/BalanceDisplay';
 import { FediVersionBadge } from '../../../components/fedi/FediVersionBadge';
+import type { IInstallMiniAppProps } from '../../../components/fedi/InstallMiniAppButton';
 
-const DEMO_INSTALL_APP = {
+const DEFAULT_INSTALL_APP: IInstallMiniAppProps = {
   id: 'com.create-fedi-app.demo',
-  title: 'Fedi Demo App',
+  title: process.env.NEXT_PUBLIC_APP_NAME ?? 'Fedi Demo App',
   url: 'https://example.com',
   description: 'Sample mini app entry for the ecash-balance demo.',
 };
 
 export default function EcashDemoPage() {
   const [howItWorksOpen, setHowItWorksOpen] = useState(false);
+  const [installApp, setInstallApp] = useState<IInstallMiniAppProps>(DEFAULT_INSTALL_APP);
+
+  useEffect(() => {
+    setInstallApp((prev) => ({ ...prev, url: window.location.origin }));
+  }, []);
 
   return (
     <div className="min-h-dvh bg-[var(--color-bg)] font-[family-name:var(--font-body)] text-[var(--color-text)]">
@@ -49,11 +55,14 @@ export default function EcashDemoPage() {
                 Environment &amp; installed apps
               </h2>
               <p className="text-sm leading-[1.65] text-[var(--color-text-muted)]">
-                On fediInternal v2, lists installed mini app URLs (click to open) and can trigger
-                Fedi&apos;s native install sheet via <code className="font-mono text-xs">installMiniApp()</code>.
+                On fediInternal v2, tap <strong className="text-[var(--color-text)]">Load installed apps</strong>{' '}
+                to list mini app URLs or use{' '}
+                <code className="font-mono text-xs">installMiniApp()</code> to trigger Fedi&apos;s
+                native install sheet. Both require the user to grant{' '}
+                <code className="font-mono text-xs">manageInstalledMiniApps</code> when Fedi prompts.
               </p>
             </div>
-            <BalanceDisplay installApp={DEMO_INSTALL_APP} />
+            <BalanceDisplay installApp={installApp} />
           </section>
 
           <section className="space-y-3">
@@ -100,6 +109,14 @@ export default function EcashDemoPage() {
                   <code className="font-mono text-xs">undefined</code>. Show an &quot;Open in
                   Fedi&quot; prompt instead of failing silently.
                 </p>
+                <p>
+                  <code className="font-mono text-xs">getInstalledMiniApps()</code> and{' '}
+                  <code className="font-mono text-xs">installMiniApp()</code> require Fedi&apos;s{' '}
+                  <code className="font-mono text-xs">manageInstalledMiniApps</code> permission. Call
+                  them only after a user taps a button — Fedi shows Allow/Deny on first use. If the
+                  user denies with &quot;Remember my choice&quot;, reset the permission in Fedi mini
+                  app settings before retrying.
+                </p>
                 <p>
                   Use <code className="font-mono text-xs">installMiniApp()</code> to suggest
                   companion apps to your users. Fedi shows a native confirmation sheet; your mini app