Comments on public_webservices.md

[lrettig]

Permalink: https://github.com/spacemeshos/product/blob/51d319fbc237ae33fcf3bfff0de0e06e1143bf03/public_webservices.md

Each endpoint needs to support up to 20 requests per second from clients.

Do we want any sort of DoS attack protection? Authentication or API key? How do we prevent one disgruntled client from disrupting everyone's access to the API/explorer/dash?

Related question: Do we want to use load balancing? This should be pretty straightforward for the JSON gateway API; it may be a little harder for GRPC.

We will setup friendly urls for explore and dash on the DNS level and the service needs to be configured to support them. e.g. https://118.explore.sm.io for network id 118 explorer.

Personally I think https://explore.sm.io/118 is a much more memorable URL

The explorer and dash services should be monitored with alerts and its backend should be restarted in case of failure.

Do we want monitoring and service alerts, maybe to Slack?

Phase I

This document only covers Phase I. What do later phases entail?

[avive]

So to clarify, phase I - what is deployed is fully monitored and the api is load balanced and it is easy to add more machines to it. I don't think we need api key or any special DoS protection. I'd like to keep this super simple for 0.2. Also Smapp in wallet-only mode is a major client - we don't want to issue an api access key to smapp.