search

daimo-eth / daimo

Real world Ethereum
https://daimo.com
GNU General Public License v3.0
358 stars 29 forks source link

Log out current account when API cannot find it #1122

Open nounder opened 3 months ago

nounder commented 3 months ago

When target Daimo API changes in the mobile and user is signed in, API requests fail with Not a Daimo account:

[API] GET /getAccountHistory?batch=1&input=%7B%220%22%3A%7B%22address%22%3A%220xdE66a1119bd7E03bc7c4e9dca9CE5CD0950A715C%22%2C%22sinceBlockNum%22%3A0%7D%7D Error: Not a Daimo account
    at assert (/Users/soji/Projects/daimo/packages/daimo-common/src/assert.ts:2:25)
    ... 8 lines matching cause stack trace ...
    at callRecursive (/Users/soji/Projects/daimo/node_modules/@trpc/server/dist/unstable-core-do-not-import/procedureBuilder.js:130:32) {
  code: 'INTERNAL_SERVER_ERROR',
  name: 'TRPCError',
  [cause]: Error: Not a Daimo account
      at assert (/Users/soji/Projects/daimo/packages/daimo-common/src/assert.ts:2:25)
      at getAccountHistory (/Users/soji/Projects/daimo/packages/daimo-api/src/api/getAccountHistory.ts:104:9)
      at /Users/soji/Projects/daimo/packages/daimo-api/src/server/router.ts:287:33
      at resolveMiddleware (/Users/soji/Projects/daimo/node_modules/@trpc/server/dist/unstable-core-do-not-import/procedureBuilder.js:100:36)
      at callRecursive (/Users/soji/Projects/daimo/node_modules/@trpc/server/dist/unstable-core-do-not-import/procedureBuilder.js:130:38)
      at Object.next (/Users/soji/Projects/daimo/node_modules/@trpc/server/dist/unstable-core-do-not-import/procedureBuilder.js:139:32)
      at inputValidatorMiddleware (/Users/soji/Projects/daimo/node_modules/@trpc/server/dist/unstable-core-do-not-import/middleware.js:58:21)
      at processTicksAndRejections (node:internal/process/task_queues:95:5)
      at callRecursive (/Users/soji/Projects/daimo/node_modules/@trpc/server/dist/unstable-core-do-not-import/procedureBuilder.js:130:32)
      at callRecursive (/Users/soji/Projects/daimo/node_modules/@trpc/server/dist/unstable-core-do-not-import/procedureBuilder.js:130:32)
}

When this happens the app should log out current account and ask user to log back in. This way we can ensure that new API is aware of a wallet that is used in the app.

How is this useful?

  1. In development this behavior will make testing multiple API instances easier.
  2. In production this behavior will enable API to trigger a log out in the client. This may prove useful in cases such as:
    • non-standard maintenance work on client side when resetting user state is necessary to fix some pesky bug without asking the user to reinstall the app.
    • Rejecting old clients that are not compatible with current API version.
nounder commented 3 months ago

When I change API from Daimo staging to my local instance (configured with Base Seploia as L2 and using same Shovel database as staging) I get Not a Daimo account error.

I'd expect an account to work across two API instances when they are both configured to use same the chain. On my local instance the only thing that differs is app postgres (PGURL env). Any thoughts, @dcposch?