Bifrost - alpha version #81
Conversation
services/bifrost/main.go
Outdated
|
|
||
| var checkKeysCmd = &cobra.Command{ | ||
| Use: "check-keys", | ||
| Short: "Displays a few public keys derivied using master public keys", |
services/bifrost/main.go
Outdated
| Use: "version", | ||
| Short: "Print the version number", | ||
| Run: func(cmd *cobra.Command, args []string) { | ||
| fmt.Println("version") |
There was a problem hiding this comment.
Version number is not printed
There was a problem hiding this comment.
OK, tracking in #158
| } | ||
|
|
||
| ethereumListener.Enabled = true | ||
| ethereumListener.NetworkID = "3" |
There was a problem hiding this comment.
Should the NetworkID be from the config file? In case the user wants to use a different test network?
There was a problem hiding this comment.
This code is responsible for stress tests so it should always be testnet.
| TxOutIndex: index, | ||
| ValueSat: output.Value, | ||
| To: addresses[0].EncodeAddress(), | ||
| } |
There was a problem hiding this comment.
Not sure about this, but I think addresses can be more than one. This only picks the first address
There was a problem hiding this comment.
There can be more than one address for multisig outputs. Bifrost receiving addresses are normal P2PKH addresses so always only one address.
| @@ -0,0 +1,440 @@ | |||
| package database | |||
There was a problem hiding this comment.
Can these functions also be used when we implement support for another DB type?
If so maybe we shouldn't just name this postgres.go? or maybe move it into main.go?
What do you think here?
There was a problem hiding this comment.
I don't think there are plans to use other DB engines.
| // the transactions queue for StellarAccountConfigurator to consume. | ||
| // | ||
| // Transaction added to transactions queue should be in a format described in | ||
| // queue.Queue (especialy amounts). Pooling service should not have to deal with any |
There was a problem hiding this comment.
I think this should be queue.Transaction? Also check ethereum_rail.go
| // entry with the same ID was added. | ||
| // This is a critical requirement! Otherwise ETH/BTC may be sent twice to Stellar account. | ||
| // If you don't know what to do, use default AWS SQS FIFO queue or DB queue. | ||
| type Queue interface { |
There was a problem hiding this comment.
Question, has this been implemented?
There was a problem hiding this comment.
Yes, Database implementation Queue works as expected. No implementation for SQS FIFO yet but it's not urgent as we have DB one.
Exactly. |
services/bifrost/README.md
Outdated
|
|
||
| ## Going to production | ||
|
|
||
| * Remember than everyone with master public key and **any** child private key can recover your **master** private key. Do not share your master public key and obviously any private keys. Treat your master public key as if it was a private key. Read more in BIP-0032 [Security](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#security) section. |
There was a problem hiding this comment.
type? (Remember than -> Remember that)
services/bifrost/README.md
Outdated
| ## Going to production | ||
|
|
||
| * Remember than everyone with master public key and **any** child private key can recover your **master** private key. Do not share your master public key and obviously any private keys. Treat your master public key as if it was a private key. Read more in BIP-0032 [Security](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#security) section. | ||
| * Make sure "Sell [your token] for BTC" and/or "Sell [your token] for ETH" exist in Stellar production network. |
There was a problem hiding this comment.
can you provide more information about what this "Sell [your token] for BTC/Ethereum" means (purpose, where to find it, is this referring to a mange offer)?
There was a problem hiding this comment.
In the last stage of the flow BTC/ETH tokens will be exchanged to [your token] on SDEX. Yes, it's manage_offer.
There was a problem hiding this comment.
I think we should update this to reflect that the manage_offer should exist. I completely misinterpreted this to expect that I should look for that text somewhere.
services/bifrost/README.md
Outdated
| * It's a good idea to set "Authorization required" and "Authorization revocable" [flags](https://www.stellar.org/developers/guides/concepts/accounts.html#flags) on issuing account during ICO stage to remove trustlines to accounts with lost keys. | ||
| * Monitor bifrost logs and react to all WARN and ERROR entries. | ||
| * Make sure you are using geth >= 1.7.1 and bitcoin-core >= 0.15.0. | ||
| * Turn off horizon rate limiting. |
There was a problem hiding this comment.
can you add a reason for why they should turn off rate limiting? (shouldn't it be on to help prevent any DDOS attacks?)
services/bifrost/README.md
Outdated
| * Make sure you are using geth >= 1.7.1 and bitcoin-core >= 0.15.0. | ||
| * Turn off horizon rate limiting. | ||
| * Make sure you configured minimum accepted value for Bitcoin and Ethereum transactions to the value you really want. | ||
| * Make sure you start from a fresh DB in production. If Bifrost was running, you stopped it and then started again all the block mined during that that will be processed what can take a lot of time. |
There was a problem hiding this comment.
does blocks mining refer to bitcoin blocks here?
If they start from a fresh db in production then will it not try to catchup to the bitcoin network anyways?
typo? (If Bifrost was running, you stopped it bitcoin-core and then started it again then all the blocks mined during that that time will be processed what which can take a lot of time.
There was a problem hiding this comment.
does blocks mining refer to bitcoin blocks here?
Bitcoin and Ethereum.
If they start from a fresh db in production then will it not try to catchup to the bitcoin network anyways?
I meant Bifrost DB. The Bitcoin and Ethereum nodes should stay in sync all the time. Will fix this.
services/bifrost/bifrost.cfg
Outdated
|
|
||
| [database] | ||
| type="postgres" | ||
| dsn="postgres:https://bartek@localhost/bifrost?sslmode=disable" |
There was a problem hiding this comment.
should we remove sslmode=disable here to encourage encrypted db connections?
services/bifrost/common/main.go
Outdated
| logger := log.DefaultLogger | ||
|
|
||
| if serviceName != "" { | ||
| logger = logger.WithField("service", serviceName) |
There was a problem hiding this comment.
why save in logger, could just return here and then always return log.DefaultLogger below instead of creating above.
| pooled boolean NOT NULL DEFAULT false, | ||
| PRIMARY KEY (id), | ||
| UNIQUE (transaction_id, asset_code), | ||
| CONSTRAINT valid_asset_code CHECK (char_length(asset_code) >= 3), |
There was a problem hiding this comment.
can we not have an asset_code that is less then 3 characters long?
There was a problem hiding this comment.
Currently we only support BTC and ETH. We will update this CHECK if there is new asset with less or more than 3 chars. Changed >= to =.
| return nil | ||
| } | ||
|
|
||
| func (l *Listener) processBlocks(blockNumber uint64) { |
There was a problem hiding this comment.
this function seems common between btc and ethereum implementation. Can we extract this into it's own component that takes in the logInterval (20 minutes vs. 3 minutes), logIntervalString (string representation of logInterval), and Storage? -- see comment in Storage for interface change suggestion to support this extraction
|
|
||
| // Storage is an interface that must be implemented by an object using | ||
| // persistent storage. | ||
| type Storage interface { |
There was a problem hiding this comment.
this interface is serving the same purpose as that of the bitcoin Storage. They can both be the same interface by generalizing the method names on this interface and we can have one BitcoinStorage implementation and another EthereumStorage implementation. Will make it possible to then extract the logic in processBlocks up above.
There was a problem hiding this comment.
We should address this issue since there's a fair amount of code duplication going on here via copy-paste, which can make code maintenance a lot more costly later on.
| masterPublicKey *bip32.Key | ||
| } | ||
|
|
||
| func EthToWei(eth string) (*big.Int, error) { |
There was a problem hiding this comment.
this is also common, can extract to an object that takes in the multiplier (weiInEth or satInBtc) and also unitName (satoshi / wei) for the error message.
|
I think the code is good for Alpha version for developers and community to test. @nikhilsaraf can you approve? |
There was a problem hiding this comment.
Approving as an alpha version to let the ball roll on this and to not be a blocker since this has already been used in production and we should get it out asap.
Please address some of the leftover comments (particularly design comments) when you get back to this code.
| return db, err | ||
| } | ||
|
|
||
| func createServer(cfg config.Config, stressTest bool) *server.Server { |
There was a problem hiding this comment.
this function is very long, for the next change, can you break it up? -- maybe split up the for loop blocks into their own functions.
| Short: "Starts stress test", | ||
| Long: `During stress test bitcoin and ethereum transaction will be generated randomly. | ||
| This command will create 3 server.Server's listening on ports 8000-8002.`, | ||
| Run: func(cmd *cobra.Command, args []string) { |
There was a problem hiding this comment.
here too, could split up this function and move to it's own named function rather than inline since it's quite large
| @@ -0,0 +1,399 @@ | |||
| // Skip this file in Go <1.8 because it's using http.Server.Shutdown | |||
There was a problem hiding this comment.
why is the architecture.png image here? -- I thought it was only for the design doc?
Demo app
https://bifrost.stellar.org/
Work in progress: do not use in production, do not merge.
This is MVP version of Bifrost [design doc]. Bifrost accepts coins from other blockchains and issues them on Stellar blockchain.
TODO (random order):
Recovery mechanism inRecovery mechanism in stellar.AccountConfigurator #123stellar.AccountConfigurator, continue configuring accounts after crash, power down, etc.CloudWatch/Loggly driver for logging.CloudWatch/Loggly driver for logging #121Frontend: Send back unused lumens (10 XLM for ETH trust line)?Frontend SDK #120Recaptcha inPrevent address exhaustion attack #119/generate-ethereum-address?Rate-limitPrevent address exhaustion attack #119/generate*endpoints.Embedded service log.Allow settingMakeAccess-Control-Allow-Originwhite list.Access-Control-Allow-Originheader value configurable #124In address association table, mark successful payments to make finding non-empty addresses easier.Mark successful payments in address association table #122CLI command to check if master public key derives correct addresses (and if user can derive private keys).CLI command to check if master public key derives correct addresses #117Frontend SDKFrontend SDK #120Recovery transactions.Recovery transactions #116Check if horizon connected to correct network.Check if horizon connected to correct network and synchronized #118stellar.AccountConfigurator.github.com/r3labs/ssepackage can be used (license).ethereum.Transactioninstead of usinggithub.com/ethereum/go-ethereum/core/types.Transaction.AmountToBtc,AmountToEth->AmountToStellar.ethereum.Listener, add requirement to README.Create trust lines with limit so no more than limit is sent?Sign responses sent to frontend app?Everyone should use SSL so not required.ethereum.Listenerconnected to correct network. (Possible?)ethereum.Listenerdoesn't see new blocks in 3 (?) minutes.--debug.