thenewboston-blockchain / thenewboston-node Goto Github PK
View Code? Open in Web Editor NEWNode for thenewboston digital currency network.
Home Page: https://thenewboston.com
License: MIT License
Node for thenewboston digital currency network.
Home Page: https://thenewboston.com
License: MIT License
Resolves this TODO:
# TODO(dmu) CRITICAL: Validate account balances
Prioritized list of features:
TODO:
FileSystemStorage
can perfectly incapsulate this logicYou are testing thenewboston_node.business_logic.blockchain.base.BlockchainBase by testing thenewboston_node.business_logic.blockchain.memory_blockchain.MemoryBlockchain (we already have some tests implemented this way)
There are some backup methods that are overridden in thenewboston_node.business_logic.blockchain.memory_blockchain.MemoryBlockchain . These methods should have separate tests.
DEPENDS ON:
Documentation:
https://docs.google.com/document/d/1kU0qxuJQC8PybSEZ8OHOUldx8b7TFJg9c79TjZrsVHQ/edit?usp=sharing
See how it is implemented for account root file. Consider all nested keys
Expose online API documentation: https://www.django-rest-framework.org/topics/documenting-your-api/
Deploy Node somewhere so frontend developers can is it as a source of online documentation and for testing
DEPENDS ON:
TODO:
In PR https://github.com/thenewboston-developers/thenewboston-node/pull/154/files#diff-21b702ae2b51eab764bcb0017f28589b8e8eabd55f4653818d711c4eb6839922 you can see new validators are used. Refactor the rest of the models to use them. Add new validators as needed
At least take all tests from thenewboston_node/business_logic/tests/test_memory_blockchain and add them for file blockchain as well. This minimum, but I guess we need more tests for file blockchain especially related to various optimizations.
Partial blockchains - blockchains starting from block number > 0
Resolves this TODO:
# TODO(dmu) CRITICAL: Support partial blockchains
As per discussion https://docs.google.com/document/d/1_6OCmqL0OK5UiWJROe-EbRYAQa9s-iuIIQOdv_Vd5Bs/edit?disco=AAAAMUjT3hY rename "account balance" to "account state" (containing "account balance" as amount of money left on the account and "account lock" as special value to verify the validity of the account balance)
Such transfer requests should not pass validation
Instead of FileBlockchain managing directories where blocks and account root file are stored let's delegate it to storages. So we pass directory to storage on creation and forget about it on FileBlockchain
level. Like this:
block_directory = '...'
block_storage = PathOptimizedFileSystemStorage(path=block_directory)
account_root_files_directory = '...'
account_root_files_storage = PathOptimizedFileSystemStorage(path=account_root_files_directory)
This will also enhance security. Right now we pass absolute file paths to storages so you can overwrite something by a mistake. After we pass base directory to the storage it will operate only on files within this directory.
TODO:
Blockchain structures have various hexadecimal values: account numbers, node identifiers, signatures, hashes. All of them are represented in memory and JSON as hexadecimal strings. We probably can live with it, but when it come to persisting to disk we would like store them as true binary.
Implement this feature by overriding from_messagepack() and to_messagepack() methods. This should reduce size of the persisted data (before compression about 2 times, implement a unittest proving that).
Please, be aware that messagepack has some automatic utf-8 decoding with string. Make sure you do not mess up with it.
Make generate_blockchain.py a management command since we decided to stay with Django
Put it to core
application for now.
Similar to how it is implemented in alpha version
Resolves this TODO:
# TODO(dmu) CRITICAL: Validate balance values
Resolves this TODO:
# TODO(dmu) CRITICAL: Validate last_block_number and last_block_identifiers point to correct blocks
TODO:
file.lock
for account root file and add block placed in the blockchain root (base_directory
kwarg)add_block()
and unlock on exit -> raise BlockchainLockedError
if trying to operate on locked blockchainadd_account_root_file()
and unlock on exit -> raise BlockchainLockedError
if trying to operate on locked blockchainBlockchainUnlockedError
if the blockchain is not locked as expectedDEPENDS ON:
Operations to be implemented:
TODO:
The aim it to avoid parallel support of documentation, so as soon as you make the change you can regenerate the documentation.
Requirements:
TODO:
"node_type": "PRIMARY_VALIDATOR"
DEPENDS ON:
TODO:
Bug Description
While analyzing the GitHub repos, I found that there are some secret keys being left open in the wild. It might lead to security threat for thenewboston.
Steps to Reproduce
Links and Secrets
THENEWBOSTON_NODE_SECRET_KEY=90oqi[f[ohfipuuapugrp83yq09=40=oasdngkj
SECRET_KEY = 'g#$0(*8%8af27k7-e!ll^!-4yxomcx8ljv_o&_z*zhvi)f8&e7'
SECRET_KEY = '90oqi[f[ohfipuuapugrp83yq09=40=oasdngkj'
Expected behavior
Secrets should not have been left publicly
Actual behavior
Secret keys are being leaked
Account Number
362019f00e72fbe002497c667ab0d4fe4f4ac1ff8785724d0a69d39fe957fead
TODO:
Cover at least these cases if they are not already covered:
TODO:
Resolve issues related to the conversation below:
Dmitry Mugtasimov 6 hours ago
def test_missing_transaction():
"""Block with missing transaction should be invalid"""
block = {
'account_number': '0cdd4ba04456ca169baca3d66eace869520c62fe84421329086e03d91a68acdb',
'message': {
'balance_key': '0cdd4ba04456ca169baca3d66eace869520c62fe84421329086e03d91a68acdb',
'txs': [
{
'amount': 1,
'recipient': '5e12967707909e62b2bb2036c209085a784fabbc3deccefee70052b6181c8ed8'
},
{
'amount': 4,
'fee': BANK,
'recipient': 'ad1f8845c6a1abb6011a2a434a079a087c460657aad54329a84b406dce8bf314'
}
]
},
'signature': 'cfcba759125dfbaaefa627c4a41db4e5052705875d01228e5e280e13d403483fff495157b53192a6c1032ee815429f4979c0b4beb10d259fae3692123cf01f0d'
}
is_valid, account_balance = is_block_valid(block=block)
assert not is_valid
this test passes because of signature validation fails, not because PV fee transaction is missing. Do we need to validate completeness of transactions: existence of 2 fee transaction and the main money transfer transaction?
Bucky:computer: 5 hours ago
Yep we do. Blocks should contain both fees in addition to the main money Tx. We can rename 'fee': BANK to 'fee': NODE as well since we no longer have “Banks”. So:
fee: PV
fee: NODE
We also have the edge case where the node itself is currently the PV for the network. In this case they are still able to receive blocks like any other node, however instead of forwarding that block to another PV it will just process it itself. Maybe still including both fees in the block with the same recipient is the easiest solution? It would make it clear from a data point of view, however we do also have logic in place to ensure that users can not send multiple Txs to the same recipient within the same block. Any ideas on how we could structure that?
Review the code and unittests and suggest unittest code coverage improvements. Add the suggestions as comments to this task. Once you do it will we will create substasks and prioritized them for implementation.
DEPENDS ON:
TODO:
self.storage = PathOptimizedFileSystemStorage()
->
self.account_root_files_storage = PathOptimizedFileSystemStorage()
self.blocks_storage = PathOptimizedFileSystemStorage()
This way we can apply different depth and caching policy
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.