search

JCCDex / ProjectFundingProposal

Jingtum & MOAC Project Funding Proposal
28 stars 8 forks source link

PFP28: 开发基于swtc-lib的swtc-api服务 #37

Closed lospringliu closed 4 years ago

lospringliu commented 5 years ago

鉴于 jingtum-api 不再维护, 而基于api的开发仍然有需求, 基金会认为有必要提供安全的api服务。

修改以前的A计划, 只保留api这块 https://github.com/swtcca/roadmap

要点

组件 内容 参考工时
设计测试 参考jingtum-api保持兼容 5
api服务端 重写, 因为jingtum-api使用的有些东西旧了 10
koa + reactivity + swtc-lib
api客户端 更新swtc-api 2
文档 3

image

lospringliu commented 5 years ago

这是一个安全增强 和 为用户提供最大便利的项目, 目前0.1框架已打好, 三行代码给用户提供自己的api服务

目前jingtum-api好像要活过来了, 其实和这边也有关系。就好像swtc-lib也推着jingtum-lib一样

const proxy = require('swtc-proxy')
proxy.state.funcConfig({server: 'wss://s.jingtum.com:5020'})
proxy.web.listen(3000)
lospringliu commented 5 years ago

文档

Yelvabaoji commented 4 years ago

这个算是完成了,还是没有完成?

Yelvabaoji commented 4 years ago

@lospringliu 这个算完成了吗?下一步应该是什么动作?

lospringliu commented 4 years ago

完成,关掉

lospringliu commented 4 years ago

重开,发现还没有审计 和 支付

lospringliu commented 4 years ago

审计内容

  1. swagger api: https://app.swaggerhub.com/apis/lospringliu/swtc-proxy/v3
  2. server: https://swtcdoc.netlify.app/docs/swtcproxy/ https://github.com/swtcca/swtcproxy
  3. client: https://swtcdoc.netlify.app/docs/api/
  4. codes: https://github.com/swtcca/swtclib , api + proxy , https://github.com/swtcca/swtcproxy
  5. document: https://swtcdoc.netlify.app
wudanjs commented 4 years ago

审计版本: @swtc/api@1.0.7 审计人: wudanjs 审查方法: 在链上实际测试, 测试代码swtcapi-test 审计内容: api所有接口测试 审计结果: 文档中涉及到的所有接口已测完 建议: 1.getAccountBalances方法当传入参数为未激活钱包时,需友好提示用户。 返回结果{ code: 'api:swtclib', message: 'swtclib get an error' } => expected "account not found" at err. 2.获得货币对的挂单列表 ,返回结果跟官方api结果不一致,返回结果未处理。 3.solidity版合约,返回结果ContractState未解析,具体解析过程参考jingtum-lib库中remote.js文件。 4.查询帐号的签名列表getAccountSignerList不通,返回结果如下: { "code": "api:getAccountSignerList", "message": "TypeError: index_1.state.remote.value.requestSignerList is not a function" } 5.多签multiSigned不通,返回结果如下(多签不能通过blob方式传递,只能非签名方式传): { code: 'api:postBlob', message: 'Missing field \'secret\'.' } 6.关系设置,账号属性,lua版合约,目前不涉及,可先删除。

lospringliu commented 4 years ago
  1. 已更改 
    
Xinchuns-MacBook-Pro:ocp4fyre xcliu$ http http://swtcproxy.swtclib.ca:5080/v3/accounts/jhAxkbq77aMZN1cjoFT325FKPKDwXs9SMM/balances
HTTP/1.1 400 Bad Request
Connection: keep-alive
Content-Length: 53
Content-Type: application/json; charset=utf-8
Date: Tue, 23 Jun 2020 16:01:15 GMT

{ "code": "api:swtclib", "message": "Account not found." }

2. 暂时不打算处理,看后面 @swtc/rpc的情况再决定
3. 解析将在 @swtc/lib更新中实现, @swtc/proxy中尽量避免对输出作额外解析
4. 这应该测试时刻api服务和后台是断开状态,这个会自动尝试重连
```shell
Xinchuns-MacBook-Pro:ocp4fyre xcliu$ http http://swtcproxy.swtclib.ca:5080/v3/accounts/jpmKEm2sUevfpFjS7QHdT8Sx7ZGoEXTJAz/signerlist
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2938
Content-Type: application/json; charset=utf-8
Date: Tue, 23 Jun 2020 16:07:45 GMT
response-time: 4ms
{
    "account": "jpmKEm2sUevfpFjS7QHdT8Sx7ZGoEXTJAz",
    "account_objects": [
        {
            "Flags": 0,
            "LedgerEntryType": "SignerList",
            "OwnerNode": "0000000000000000",
            "PreviousTxnID": "5917B3F760BFC0F5BFE5EF5EAE2642FDEE6908606E37FE76561C7A7F137B76C9",
            "PreviousTxnLgrSeq": 15203720,
            "SignerEntries": [
                {
                    "SignerEntry": {
                        "Account": "jfdqBEDsbk3eMSXX2t7CGeu2RPkEjHs6ie",
                        "SignerWeight": 3
                    }
                },
                {
                    "SignerEntry": {
                        "Account": "jfqiMxoT228vp3dMrXKnJXo6V9iYEx94pt",
                        "SignerWeight": 3
                    }
                }
            ],
            "SignerQuorum": 5,
            "index": "4A017344F9068871DC873D548052FFFF7271B86DDEB68AA93A515A5D0228BC21"
        }
    ],
    "ledger_current_index": 16308218,
    "validated": false
}
  1. 多签的endpoint是 /v3/multisign , post的数据是多签的 Transaction.tx_json 
    
Xinchuns-MacBook-Pro:ocp4fyre xcliu$ echo '{"TransactionType":"Payment","Flags":0,"Sequence":53,"Amount":"1000000","Fee":"20000","SigningPubKey":"","Account":"jpmKEm2sUevfpFjS7QHdT8Sx7ZGoEXTJAz","Destination":"jfqiMxoT228vp3dMrXKnJXo6V9iYEx94pt","Signers":[{"Signer":{"SigningPubKey":"0261DD84455B92BDFD59C1DB2A5BD9CE1A3AF0FD531A08EEB2EE354C3BB230B878","TxnSignature":"3045022100A77582E4E4404A8E4292C432D49E2912860E039C03358FAB1D48A9F06DEC77630220191EDDA19C20830B719E72CB45F3CAC7F0E9D78D47A267E4FAC6BE98E7900ECE","Account":"jfdqBEDsbk3eMSXX2t7CGeu2RPkEjHs6ie"}},{"Signer":{"SigningPubKey":"ED68635043BC70DE82272BF5990642400CF79089B2ABCF8EF9D10FFFB96A658763","TxnSignature":"2A6BAA96D7FB66104392C5A930D770073A6159CA3A1635B98F4BADF42E2788129C426719BE69360B3536457366647CE5CD8A149E8245DC3A83FBB74B793E8C0F","Account":"jfqiMxoT228vp3dMrXKnJXo6V9iYEx94pt"}}]}' | http POST http://swtcproxy.swtclib.ca:5080/v3/multisign
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1685
Content-Type: application/json; charset=utf-8
Date: Tue, 23 Jun 2020 16:30:47 GMT
response-time: 52ms

{ "engine_result": "telINSUF_FUND", "engine_result_code": -391, "engine_result_message": "Fund insufficient.", "tx_blob": "120000220000000024000000356140000000000F4240684000000000004E20730081141359AA928F4D98FDB3D93E8B690C80D37DED11C383144B0DECFADE9D4170260CD5BA9EC1CF065CA88946FCED73210261DD84455B92BDFD59C1DB2A5BD9CE1A3AF0FD531A08EEB2EE354C3BB230B87874473045022100A77582E4E4404A8E4292C432D49E2912860E039C03358FAB1D48A9F06DEC77630220191EDDA19C20830B719E72CB45F3CAC7F0E9D78D47A267E4FAC6BE98E7900ECE811448C7F1F5E9D4D0FC0D3F16F1606ACCCFB8D51463E1ED7321ED68635043BC70DE82272BF5990642400CF79089B2ABCF8EF9D10FFFB96A65876374402A6BAA96D7FB66104392C5A930D770073A6159CA3A1635B98F4BADF42E2788129C426719BE69360B3536457366647CE5CD8A149E8245DC3A83FBB74B793E8C0F81144B0DECFADE9D4170260CD5BA9EC1CF065CA88946E1F1", "tx_json": { "Account": "jpmKEm2sUevfpFjS7QHdT8Sx7ZGoEXTJAz", "Amount": "1000000", "Destination": "jfqiMxoT228vp3dMrXKnJXo6V9iYEx94pt", "Fee": "20000", "Flags": 0, "Sequence": 53, "Signers": [ { "Signer": { "Account": "jfdqBEDsbk3eMSXX2t7CGeu2RPkEjHs6ie", "SigningPubKey": "0261DD84455B92BDFD59C1DB2A5BD9CE1A3AF0FD531A08EEB2EE354C3BB230B878", "TxnSignature": "3045022100A77582E4E4404A8E4292C432D49E2912860E039C03358FAB1D48A9F06DEC77630220191EDDA19C20830B719E72CB45F3CAC7F0E9D78D47A267E4FAC6BE98E7900ECE" } }, { "Signer": { "Account": "jfqiMxoT228vp3dMrXKnJXo6V9iYEx94pt", "SigningPubKey": "ED68635043BC70DE82272BF5990642400CF79089B2ABCF8EF9D10FFFB96A658763", "TxnSignature": "2A6BAA96D7FB66104392C5A930D770073A6159CA3A1635B98F4BADF42E2788129C426719BE69360B3536457366647CE5CD8A149E8245DC3A83FBB74B793E8C0F" } } ], "SigningPubKey": "", "TransactionType": "Payment", "hash": "3428F94866E42C0E7AB45F0303FB0F40E61AFD5DDB5A4EEAA2C867E243DD2D56" } }


6. 关系设置和帐号属性在 @swtc/lib中已实现的保留, lua合约文档中已标记为删除
zhinan commented 4 years ago

@wudanjs 请确认修改,并附上钱包地址

wudanjs commented 4 years ago

修改已通过。 钱包地址:jKCQAZwwN2sQG3Mb56GmWVqxkgpLwwAZuR

zhinan commented 4 years ago

@AnFengDe 已审核完毕,可以付款并关闭Issue.

AnFengDe commented 4 years ago

支付记录 审计支付