Implement Stripe PaymentIntent service | Algora

SE

Implement Stripe PaymentIntent service

SecureBananaLabs/bug-bounty#424

/claim #1

Summary

Replaces the timestamp-based payment stub with Stripe paymentIntents.create().
Initializes Stripe from STRIPE_SECRET_KEY with no hardcoded keys.
Validates amount, currency, and metadata before calling Stripe.
Returns paymentId and clientSecret, and preserves Stripe API error messages.
Adds mocked service tests plus an opt-in Stripe test-mode smoke test.

Demo video

https://raw.githubusercontent.com/Ckeplinger199/bug-bounty/demo-videos-2026-05-20/bounty-demo-videos/2026-05-20/pr-424-stripe-demo.mp4

Validation

npm test -w apps/api passed: 5 passed, 1 guarded smoke test skipped without live Stripe credentials.
npm test passed: 5 passed, 1 guarded smoke test skipped without live Stripe credentials.
Demo video SHA-256: 279e4a9fde2bf9bb1951d4204d4db397e61aeb870e4f056c2aca90894390a6a2.
git diff --check passed.

Claim

Total prize pool $350

Total paid $0

Status Pending

Submitted May 20, 2026

Last updated May 20, 2026

Contributors

CA

Cameron Keplinger

@Ckeplinger199

100%

Sponsors

BR

brianne-showed

@brianne-showed

$350