payment-kit 1.27.1 → 1.28.0

package/api/src/queues/payment.ts

@@ -1,7 +1,6 @@
 import isEmpty from 'lodash/isEmpty';
 
 import { BN } from '@ocap/util';
-import pAll from 'p-all';
 import { ensureStakedForGas } from '../integrations/arcblock/stake';
 import { transferErc20FromUser } from '../integrations/ethereum/token';
 import { createEvent } from '../libs/audit';
@@ -47,6 +46,8 @@ import { CHARGE_SUPPORTED_CHAIN_TYPES, EVM_CHAIN_TYPES } from '../libs/constants
 import { getCheckoutSessionSubscriptionIds, getSubscriptionCreateSetup, SlippageOptions } from '../libs/session';
 import { syncStripeSubscriptionAfterRecovery } from '../integrations/stripe/handlers/subscription';
 import { getLock } from '../libs/lock';
+// eslint-disable-next-line import/no-cycle
+import { ensureInvoiceForCheckout } from '../routes/connect/shared';
 
 type PaymentJob = {
   paymentIntentId: string;
@@ -57,7 +58,12 @@ type PaymentJob = {
 };
 
 type DepositVaultJob = {
-  currencyId: string;
+  // Single-currency payload kept for backward compatibility with any in-flight
+  // messages pushed by older workers. New pushes set `currencyIds` instead so one
+  // cron tick emits a single batched job regardless of how many currencies have
+  // vault enabled.
+  currencyId?: string;
+  currencyIds?: string[];
 };
 
 async function updateQuantitySold(checkoutSession: CheckoutSession) {
@@ -106,7 +112,23 @@ const handleDepositVault = async (paymentCurrencyId: string) => {
 export const depositVaultQueue = createQueue<DepositVaultJob>({
   name: 'deposit-vault',
   onJob: async (job) => {
-    await handleDepositVault(job.currencyId);
+    let ids: string[] = [];
+    if (job.currencyIds?.length) {
+      ids = job.currencyIds;
+    } else if (job.currencyId) {
+      ids = [job.currencyId];
+    }
+    for (const currencyId of ids) {
+      try {
+        // eslint-disable-next-line no-await-in-loop
+        await handleDepositVault(currencyId);
+      } catch (error: any) {
+        // Failure in one currency must not poison siblings — original design ran each
+        // on its own queue message so a 3-retry ceiling applied per-currency. Now we
+        // swallow+log to keep that isolation when sharing a single message.
+        logger.error('handleDepositVault failed', { currencyId, error: error?.message || error });
+      }
+    }
   },
   options: {
     concurrency: 1,
@@ -390,7 +412,38 @@ export const handlePaymentSucceed = async (
   if (!invoice && !slashStake) {
     const checkoutSession = await CheckoutSession.findOne({ where: { payment_intent_id: paymentIntent.id } });
     if (checkoutSession) {
-      await updateCheckoutSessionOnPaymentSuccess(paymentIntent, checkoutSession);
+      if (
+        (globalThis as any).__CF_ENV__ &&
+        checkoutSession.mode === 'payment' &&
+        checkoutSession.invoice_creation?.enabled &&
+        !checkoutSession.invoice_id
+      ) {
+        const customer = await Customer.findByPk(checkoutSession.customer_id);
+        if (customer) {
+          try {
+            const result = await ensureInvoiceForCheckout({
+              checkoutSession,
+              paymentIntent,
+              customer,
+              props: {
+                status: 'paid',
+                amount_due: '0',
+                amount_paid: checkoutSession.amount_total,
+                amount_remaining: '0',
+              },
+            });
+            if (result?.invoice) {
+              invoice = result.invoice;
+            }
+          } catch (err: any) {
+            logger.error('Failed to create invoice for checkout session', {
+              checkoutSessionId: checkoutSession.id,
+              error: err?.message,
+            });
+          }
+        }
+      }
+      await updateCheckoutSessionOnPaymentSuccess(paymentIntent, checkoutSession, invoice || undefined);
     }
     return;
   }
@@ -407,6 +460,10 @@ export const handlePaymentSucceed = async (
       status_transitions: { ...invoice.status_transitions, paid_at: dayjs().unix() },
     });
     logger.info(`Invoice ${invoice.id} updated on payment done: ${paymentIntent.id}`);
+
+    // Credit grant processing is triggered by the invoice.paid event listener
+    // (via createEvent in the afterUpdate hook). createEvent self-registers in
+    // __cfPendingJobs__ so it completes in CF Workers before the request ends.
   }
 
   // Mark quotes as paid after successful payment
@@ -1376,15 +1433,26 @@ export async function startDepositVaultQueue() {
   const paymentCurrencies = (await PaymentCurrency.scope('withVaultConfig').findAll({
     include: [{ model: PaymentMethod, as: 'payment_method' }],
   })) as (PaymentCurrency & { payment_method: PaymentMethod })[];
-  await pAll(
-    paymentCurrencies.map((x) => {
-      if (CHARGE_SUPPORTED_CHAIN_TYPES.includes(x.payment_method.type) && x.vault_config?.enabled === true) {
-        depositVaultQueue.push({ id: `deposit-vault-${x.id}`, job: { currencyId: x.id } });
-      }
-      return async () => {};
-    }),
-    {
-      concurrency: 5,
-    }
-  );
+
+  const eligibleIds = paymentCurrencies
+    .filter((x) => CHARGE_SUPPORTED_CHAIN_TYPES.includes(x.payment_method.type) && x.vault_config?.enabled === true)
+    .map((x) => x.id);
+
+  if (eligibleIds.length === 0) {
+    return;
+  }
+
+  // Single aggregated push — the consumer walks the id list internally with
+  // per-currency error isolation. Reduces cron-driven Queue writes from N (one
+  // per currency per 5-minute tick → ~288·N/day) to a constant 288/day (or
+  // fewer when the previous batch hasn't cleared).
+  //
+  // Stable jobId preserves the backpressure the original per-currency IDs
+  // provided: D1's unique constraint rejects a second push while the first
+  // batch is still in D1 (in flight / being consumed). Worst case: next cron
+  // skips one tick, events catch up on the following 5-minute cycle.
+  depositVaultQueue.push({
+    id: 'deposit-vault-batch',
+    job: { currencyIds: eligibleIds },
+  });
 }

package/api/src/queues/refund.ts

@@ -141,7 +141,7 @@ export const handleRefund = async (job: RefundJob) => {
 async function finalizeRefundAfterTransfer(refund: Refund, paymentDetails: any): Promise<void> {
   try {
     // Try to burn credit tokens if this refund is for a credit purchase
-    const totalBurned = await handleOnchainCreditRefund(refund);
+    const totalBurned = await handleCreditRefund(refund);
 
     // All succeeded, update status
     await refund.update({
@@ -506,31 +506,22 @@ events.on('refund.created', (refund: Refund) => {
 });
 
 /**
- * Handle onchain credit refund - burn user-held tokens for credit grants
+ * Handle credit refund - roll back credit grants when a credit purchase is refunded.
  *
- * When a refund is issued for a credit purchase:
- * 1. Find credit grants associated with the invoice
- * 2. For each grant, check if its currency is an onchain credit
- * 3. Calculate how much to burn based on refund amount
- * 4. Only burn user-held tokens (remaining_amount in user's wallet)
- * 5. If user has consumed some credit, only burn what they have left
- *    (the consumed portion stays in system wallet as it corresponds to used services)
- * 6. Update credit grant status
+ * For each grant linked to the refunded invoice:
+ * 1. Compute the proportional amount to claw back (shouldBurn = grantTotal × refundAmount / invoiceTotal).
+ * 2. Clamp to remaining_amount (already-consumed credit stays in the system wallet).
+ * 3. If the grant is on-chain (chain_status === 'mint_completed'), burn user-held tokens first.
+ *    Off-chain grants skip the burn — the refund has already moved fiat/credit back to the user.
+ * 4. Update remaining_amount / status / chain_detail identically in both paths so the
+ *    customer.credit_grant.voided event fires when a grant is fully rolled back.
  *
  * @param refund - The refund record
- * @param paymentDetails - Payment details to update on refund
- * @returns Total amount burned (as string), '0' if nothing to burn
- * @throws Error if burn operation fails
+ * @returns Total amount clawed back from user (as string), undefined if nothing to process
+ * @throws Error if any on-chain burn fails
  */
-/**
- * Handle onchain credit refund - burn user-held tokens for credit grants
- *
- * @param refund - The refund record
- * @returns Total amount burned (as string), undefined if nothing to burn
- * @throws Error if burn operation fails
- */
-export async function handleOnchainCreditRefund(refund: Refund): Promise<string | undefined> {
-  logger.info('Processing onchain credit refund', { refundId: refund.id, invoiceId: refund.invoice_id });
+export async function handleCreditRefund(refund: Refund): Promise<string | undefined> {
+  logger.info('Processing credit refund', { refundId: refund.id, invoiceId: refund.invoice_id });
 
   // If no invoice_id, no credit grants to burn
   if (!refund.invoice_id) {
@@ -549,16 +540,14 @@ export async function handleOnchainCreditRefund(refund: Refund): Promise<string
     throw new Error(`Invoice ${refund.invoice_id} total is zero or negative`);
   }
 
-  // Find ALL credit grants related to this invoice (not filtered by currency_id)
+  // Find ALL credit grants related to this invoice (both on-chain and off-chain).
   const allGrants = await CreditGrant.findAll({
     where: {
       customer_id: refund.customer_id,
       status: ['pending', 'granted'],
     },
   });
-  const creditGrants = allGrants.filter(
-    (grant) => grant.metadata?.invoice_id === refund.invoice_id && CreditGrant.hasOnchainToken(grant)
-  );
+  const creditGrants = allGrants.filter((grant) => grant.metadata?.invoice_id === refund.invoice_id);
 
   if (creditGrants.length === 0) {
     logger.info('No active credit grants found for refund', { refundId: refund.id, invoiceId: refund.invoice_id });
@@ -583,8 +572,19 @@ export async function handleOnchainCreditRefund(refund: Refund): Promise<string
     // eslint-disable-next-line no-await-in-loop
     const grantCurrency = await PaymentCurrency.findByPk(creditGrant.currency_id);
 
-    // Verify currency has token config for burn operation
-    if (!grantCurrency?.token_config) {
+    if (!grantCurrency) {
+      logger.error('Payment currency not found for credit grant refund', {
+        creditGrantId: creditGrant.id,
+        currencyId: creditGrant.currency_id,
+      });
+      // eslint-disable-next-line no-continue
+      continue;
+    }
+
+    const isOnchainGrant = CreditGrant.hasOnchainToken(creditGrant);
+
+    // On-chain path requires token_config to run the burn; off-chain path doesn't touch the chain.
+    if (isOnchainGrant && !grantCurrency.token_config) {
       logger.error('Payment currency token config not found for burn', {
         creditGrantId: creditGrant.id,
         currencyId: creditGrant.currency_id,
@@ -608,6 +608,7 @@ export async function handleOnchainCreditRefund(refund: Refund): Promise<string
     logger.info('Processing credit grant for refund', {
       creditGrantId: creditGrant.id,
       currencyId: grantCurrency.id,
+      isOnchainGrant,
       grantTotal: grantTotalAmount.toString(),
       grantRemaining: grantRemainingAmount.toString(),
       shouldBurn: shouldBurnFromGrant.toString(),
@@ -617,70 +618,81 @@ export async function handleOnchainCreditRefund(refund: Refund): Promise<string
 
     let burnHash: string | null = null;
     let burnError: string | null = null;
+    let clawedBackAmount = new BN(0);
 
-    // Only burn if user has remaining tokens
     if (actualBurnAmount.gt(new BN(0))) {
-      // Get the latest DID for burn (handles DID migration via on-chain state)
-      // eslint-disable-next-line no-await-in-loop
-      const customerState = await getAccountState(grantCurrency, customer.did);
-
-      try {
+      if (isOnchainGrant) {
+        // Get the latest DID for burn (handles DID migration via on-chain state)
         // eslint-disable-next-line no-await-in-loop
-        burnHash = await burnToken({
-          paymentCurrency: grantCurrency,
-          amount: fromUnitToToken(actualBurnAmount.toString(), grantCurrency.decimal),
-          sender: customerState?.address || customer.did,
-          data: {
-            reason: 'credit_grant_refund',
+        const customerState = await getAccountState(grantCurrency, customer.did);
+
+        try {
+          // eslint-disable-next-line no-await-in-loop
+          burnHash = await burnToken({
+            paymentCurrency: grantCurrency,
+            amount: fromUnitToToken(actualBurnAmount.toString(), grantCurrency.decimal),
+            sender: customerState?.address || customer.did,
+            data: {
+              reason: 'credit_grant_refund',
+              creditGrantId: creditGrant.id,
+              refundId: refund.id,
+            },
+          });
+
+          clawedBackAmount = actualBurnAmount;
+          totalBurnedFromUser = totalBurnedFromUser.add(actualBurnAmount);
+
+          logger.info('Successfully burned user tokens for refund', {
+            creditGrantId: creditGrant.id,
+            burnHash,
+            amount: actualBurnAmount.toString(),
+          });
+
+          // Emit burned event to trigger reconciliation
+          events.emit('customer.credit_grant.burned', creditGrant, {
+            burnHash,
+            burnedAmount: actualBurnAmount.toString(),
+          });
+        } catch (error: any) {
+          logger.error('Failed to burn user tokens for refund', {
             creditGrantId: creditGrant.id,
             refundId: refund.id,
-          },
-        });
-
+            error: error.message,
+          });
+          burnError = error.message;
+          lastError = error.message;
+        }
+      } else {
+        // Off-chain grant: refund has already transferred value back to the user; just roll back the ledger.
+        clawedBackAmount = actualBurnAmount;
         totalBurnedFromUser = totalBurnedFromUser.add(actualBurnAmount);
-
-        logger.info('Successfully burned user tokens for refund', {
-          creditGrantId: creditGrant.id,
-          burnHash,
-          amount: actualBurnAmount.toString(),
-        });
-
-        // Emit burned event to trigger reconciliation
-        events.emit('customer.credit_grant.burned', creditGrant, {
-          burnHash,
-          burnedAmount: actualBurnAmount.toString(),
-        });
-      } catch (error: any) {
-        logger.error('Failed to burn user tokens for refund', {
-          creditGrantId: creditGrant.id,
-          refundId: refund.id,
-          error: error.message,
-        });
-        burnError = error.message;
-        lastError = error.message;
       }
     }
 
     // Update credit grant using new chain_detail field
-    const newRemainingAmount = burnHash
-      ? grantRemainingAmount.sub(actualBurnAmount).toString()
-      : grantRemainingAmount.toString();
+    const newRemainingAmount = grantRemainingAmount.sub(clawedBackAmount).toString();
     const isFullyVoided = new BN(newRemainingAmount).eq(new BN(0));
     const chainDetail = creditGrant.chain_detail || {};
 
+    // chain_status only applies to on-chain grants; leave off-chain grants' chain_status untouched.
+    let chainStatusUpdate: CreditGrant['chain_status'] | undefined;
+    if (isOnchainGrant) {
+      if (burnHash) chainStatusUpdate = 'burn_completed';
+      else if (burnError) chainStatusUpdate = 'burn_failed';
+    }
+
     // eslint-disable-next-line no-await-in-loop
     await creditGrant.update({
       status: isFullyVoided ? 'voided' : 'granted',
       remaining_amount: newRemainingAmount,
       voided_at: isFullyVoided ? Math.floor(Date.now() / 1000) : undefined,
-      // eslint-disable-next-line no-nested-ternary
-      chain_status: burnHash ? 'burn_completed' : burnError ? 'burn_failed' : undefined,
+      ...(chainStatusUpdate ? { chain_status: chainStatusUpdate } : {}),
       chain_detail: {
         ...chainDetail,
         refund: {
           id: refund.id,
           burn_hash: burnHash || undefined,
-          burned_amount: burnHash ? actualBurnAmount.toString() : '0',
+          burned_amount: clawedBackAmount.toString(),
           system_retained: systemRetainedAmount.toString(),
           burn_error: burnError || undefined,
         },
@@ -690,14 +702,15 @@ export async function handleOnchainCreditRefund(refund: Refund): Promise<string
 
     logger.info('Credit grant processed for refund', {
       creditGrantId: creditGrant.id,
+      isOnchainGrant,
       newStatus: isFullyVoided ? 'voided' : 'granted',
       newRemainingAmount,
-      burnedFromUser: burnHash ? actualBurnAmount.toString() : '0',
+      clawedBack: clawedBackAmount.toString(),
       systemRetained: systemRetainedAmount.toString(),
     });
   }
 
-  logger.info('Completed onchain credit refund processing', {
+  logger.info('Completed credit refund processing', {
     refundId: refund.id,
     processedCount: creditGrants.length,
     totalBurnedFromUser: totalBurnedFromUser.toString(),

package/api/src/queues/subscription.ts

@@ -4,6 +4,7 @@ import { BN } from '@ocap/util';
 import { Op } from 'sequelize';
 import { createEvent } from '../libs/audit';
 import { ensurePassportRevoked } from '../integrations/blocklet/passport';
+// eslint-disable-next-line import/no-cycle
 import { batchHandleStripeSubscriptions } from '../integrations/stripe/resource';
 import { wallet } from '../libs/auth';
 import { getExchangeRateService } from '../libs/exchange-rate';

package/api/src/routes/checkout-sessions.ts

@@ -1617,6 +1617,29 @@ router.post('/:id/skip-payment-method', user, ensureCheckoutSessionOpen, async (
 });
 
 // for checkout page
+// Lightweight status-only endpoint for polling.
+// Returns only status fields — no includes, no joins, single D1 query.
+// Used by waitForCheckoutComplete to minimize D1 load during payment processing.
+router.get('/status/:id', user, async (req, res) => {
+  const doc = await CheckoutSession.findByPk(req.params.id, {
+    attributes: ['id', 'status', 'payment_status', 'payment_intent_id'],
+  });
+  if (!doc) {
+    return res.status(404).json({ error: 'Checkout session not found' });
+  }
+
+  const piStatus = doc.payment_intent_id
+    ? await PaymentIntent.findByPk(doc.payment_intent_id, {
+        attributes: ['status', 'last_payment_error'],
+      }).then((pi) => (pi ? { status: pi.status, last_payment_error: pi.last_payment_error } : null))
+    : null;
+
+  return res.json({
+    checkoutSession: { status: doc.status, payment_status: doc.payment_status },
+    paymentIntent: piStatus,
+  });
+});
+
 router.get('/retrieve/:id', user, async (req, res) => {
   const doc = await CheckoutSession.findByPk(req.params.id);
 
@@ -1625,9 +1648,10 @@ router.get('/retrieve/:id', user, async (req, res) => {
     return;
   }
 
-  let subscriptions: Subscription[] = [];
+  // Check if subscription status needs updating (conditional write — must happen before reads)
+  let subscriptionIds: string[] = [];
   if (['subscription', 'setup'].includes(doc.mode)) {
-    const subscriptionIds = getCheckoutSessionSubscriptionIds(doc);
+    subscriptionIds = getCheckoutSessionSubscriptionIds(doc);
     if (
       doc.success_subscription_count &&
       doc.success_subscription_count >= subscriptionIds.length &&
@@ -1638,41 +1662,56 @@ router.get('/retrieve/:id', user, async (req, res) => {
         payment_status: 'paid',
       });
     }
-    subscriptions = await Subscription.findAll({
-      where: { id: subscriptionIds },
-      attributes: ['id', 'description', 'status', 'current_period_start', 'current_period_end', 'latest_invoice_id'],
-    });
   }
 
+  // Parallelize: Subscription lookup + Price.expand are independent (save ~85ms D1 RTT)
   const rawLineItems = doc.line_items;
+  const [subscriptions, expandedLineItems] = await Promise.all([
+    subscriptionIds.length > 0
+      ? Subscription.findAll({
+          where: { id: subscriptionIds },
+          attributes: [
+            'id',
+            'description',
+            'status',
+            'current_period_start',
+            'current_period_end',
+            'latest_invoice_id',
+          ],
+        })
+      : ([] as Subscription[]),
+    Price.expand(rawLineItems, { upsell: true }),
+  ]);
   // @ts-ignore
-  doc.line_items = await Price.expand(rawLineItems, { upsell: true });
+  doc.line_items = expandedLineItems;
 
   // Recover discount config for open sessions if checkout_session.discounts was unexpectedly cleared.
   if (!doc.discounts?.length && doc.status === 'open' && doc.payment_status !== 'paid') {
     await recoverDiscountConfigFromRecords(doc);
   }
 
-  // Enhance line items with coupon information if discounts are applied
+  // Parallelize: coupon info expansion + discount details are independent (save ~85ms D1 RTT)
+  let enhancedDiscounts: any;
   if (doc.discounts?.length) {
-    doc.line_items = await expandLineItemsWithCouponInfo(
-      doc.line_items as TLineItemExpanded[],
-      doc.discounts,
-      doc.currency_id
-    );
+    const [expandedItems, discountDetails] = await Promise.all([
+      expandLineItemsWithCouponInfo(doc.line_items as TLineItemExpanded[], doc.discounts, doc.currency_id),
+      expandDiscountsWithDetails(doc.discounts),
+    ]);
+    doc.line_items = expandedItems;
+    enhancedDiscounts = discountDetails;
+  } else {
+    enhancedDiscounts = await expandDiscountsWithDetails(doc.discounts);
   }
 
-  // Expand discounts with complete details
-  const enhancedDiscounts = await expandDiscountsWithDetails(doc.discounts);
-
   // Handle dynamic pricing: create or reuse quotes
-  // Skip quote generation when checkout session is confirmed and should not change:
-  // 1. Payment completed (payment_status === 'paid')
-  // 2. Subscription created (has subscription_id) - includes free trial scenarios
-  // 3. Status is 'complete'
   const isCheckoutConfirmed = doc.payment_status === 'paid' || doc.status === 'complete' || !!doc.subscription_id;
   const forceRefresh = req.query.forceRefresh === '1' || req.query.forceRefresh === 'true';
 
+  // Start PaymentIntent fetch early — runs in parallel with quote processing (save ~85ms D1 RTT)
+  const paymentIntentPromise = doc.payment_intent_id
+    ? PaymentIntent.findByPk(doc.payment_intent_id)
+    : Promise.resolve(null);
+
   let quotes = {};
   let rateUnavailable = false;
   let rateError: string | undefined;
@@ -1740,8 +1779,8 @@ router.get('/retrieve/:id', user, async (req, res) => {
     rateError = error.message || 'Failed to process price quotes';
   }
 
-  // check payment intent
-  const paymentIntent = doc.payment_intent_id ? await PaymentIntent.findByPk(doc.payment_intent_id) : null;
+  // Await PaymentIntent that was started in parallel with quotes
+  const paymentIntent = await paymentIntentPromise;
   if ((forceRefresh || quotesRefreshed) && !isCheckoutConfirmed) {
     if (doc.metadata?.quote_locked_at) {
       await doc.update({
@@ -1753,19 +1792,26 @@ router.get('/retrieve/:id', user, async (req, res) => {
     }
   }
 
+  // Parallelize independent lookups — saves 2 D1 round-trips (~170ms)
+  const [paymentMethods, paymentLink, customer] = await Promise.all([
+    getPaymentMethods(doc),
+    doc.payment_link_id ? PaymentLink.findByPk(doc.payment_link_id) : null,
+    req.user ? Customer.findOne({ where: { did: req.user.did } }) : null,
+  ]);
+
   res.json({
     checkoutSession: {
       ...doc.toJSON(),
       discounts: enhancedDiscounts,
       subscriptions,
     },
-    quotes, // Include quotes information for frontend
-    rateUnavailable, // Warning flag for frontend
-    rateError, // Error message for frontend
-    paymentMethods: await getPaymentMethods(doc),
-    paymentLink: doc.payment_link_id ? await PaymentLink.findByPk(doc.payment_link_id) : null,
+    quotes,
+    rateUnavailable,
+    rateError,
+    paymentMethods,
+    paymentLink,
     paymentIntent,
-    customer: req.user ? await Customer.findOne({ where: { did: req.user.did } }) : null,
+    customer,
     ...(stopAcceptingOrders ? { stopAcceptingOrders: true } : {}),
   });
 });
@@ -2623,7 +2669,6 @@ async function prefetchQuotesForCheckoutSession(checkoutSession: CheckoutSession
 router.put('/:id/submit', user, ensureCheckoutSessionOpen, async (req, res) => {
   let consumedQuotes: PriceQuote[] = [];
   const checkoutSession = req.doc as CheckoutSession;
-
   try {
     if (!req.user) {
       return res.status(403).json({ code: 'REQUIRE_LOGIN', error: 'Please login to continue' });
@@ -3696,10 +3741,17 @@ router.post('/:id/fast-checkout-confirm', user, ensureCheckoutSessionOpen, async
       }
     }
 
-    const paymentCurrency = await PaymentCurrency.findByPk(checkoutSession.currency_id);
+    // Parallel: load currency + customer (independent lookups)
+    const [paymentCurrency, customer] = await Promise.all([
+      PaymentCurrency.findByPk(checkoutSession.currency_id),
+      Customer.findByPkOrDid(req.user.did),
+    ]);
     if (!paymentCurrency) {
       return res.status(400).json({ error: 'Payment currency not found' });
     }
+    if (!customer) {
+      return res.status(400).json({ error: '' });
+    }
 
     const paymentMethod = await PaymentMethod.findByPk(paymentCurrency.payment_method_id);
     if (!paymentMethod) {
@@ -3717,12 +3769,6 @@ router.post('/:id/fast-checkout-confirm', user, ensureCheckoutSessionOpen, async
       }
     }
 
-    const customer = await Customer.findByPkOrDid(req.user.did);
-    if (!customer) {
-      return res.status(400).json({ error: '' });
-    }
-
-    // check if customer can make new purchase
     const canMakeNewPurchase = await customer.canMakeNewPurchase(checkoutSession.invoice_id);
     if (!canMakeNewPurchase) {
       return res.status(403).json({
@@ -3890,7 +3936,6 @@ router.post('/:id/fast-checkout-confirm', user, ensureCheckoutSessionOpen, async
         canFastPay = true;
       }
     } else if (isPayment && paymentIntent && canFastPay) {
-      // if we can complete purchase without any wallet interaction
       delegation = await isDelegationSufficientForPayment({
         paymentMethod,
         paymentCurrency,
@@ -3956,12 +4001,6 @@ router.post('/:id/fast-checkout-confirm', user, ensureCheckoutSessionOpen, async
       await quoteService.markQuotesAsPaidByInvoice(paymentIntent.invoice_id);
     }
 
-    logger.info('Checkout session submitted successfully', {
-      sessionId: req.params.id,
-      paymentIntentId: paymentIntent?.id,
-      customerId: customer?.id,
-    });
-
     return res.json({
       paymentIntent,
       checkoutSession,

package/api/src/routes/connect/change-payment.ts

@@ -82,6 +82,8 @@ export default {
             items,
             requiredStake,
             slippageConfig: subscription?.slippage_config || undefined,
+            // Reuse DelegateState fetched above — avoids a duplicate chain RPC on CF cold isolates
+            delegateState: delegation.state,
           }),
         });
       }

package/api/src/routes/connect/change-plan.ts

@@ -114,6 +114,8 @@ export default {
             billingThreshold,
             items,
             slippageConfig: subscription?.slippage_config || undefined,
+            // Reuse DelegateState fetched above — avoids a duplicate chain RPC on CF cold isolates
+            delegateState: delegation.state,
           }),
         });
       }