emurgo / yoroi-frontend Goto Github PK
View Code? Open in Web Editor NEWYoroi Wallet - Cardano ADA Wallet - Your gateway to the financial world (extension frontend)
Home Page: https://yoroi-wallet.com/
License: MIT License
Yoroi Wallet - Cardano ADA Wallet - Your gateway to the financial world (extension frontend)
Home Page: https://yoroi-wallet.com/
License: MIT License
This error is described here.
input-output-hk/project-icarus-chrome#168
Note from IOHK:
The only reason this wasn't merged is that it wasn't a priority and it required developing an E2E test
POST /txs/history
seems to return 500 Internal Server Error if we send too many addresses (specifically the limit is apparently 50 addresses, 51 throws an error)
The backend should return a 400 Bad Request with some reasonable explanation
Code that causes this: https://github.com/Emurgo/yoroi-backend-service/blob/ff1efefb2a5db1c75fa2afad086479d9d97f93aa/src/routes.js#L25
Fixed In: #199
I entered the recovery phrase, then go to the screen with the addresses,recovered balance, final balance, etc. which all seemed correct. Then when I clicked the transfer funds button on that screen it just said "Unable to transfer funds"
[2018-10-09T18:26:07-04:00] yoroi-backend-api::sendTx error: {
"stack": "Error: Request failed with status code 400\n at createError (chrome-extension://ffnbelfdoeiohenkjibnmadjiehjhajb/js/vendor.js:44798:15)\n at settle (chrome-extension://ffnbelfdoeiohenkjibnmadjiehjhajb/js/vendor.js:87142:12)\n at XMLHttpRequest.handleLoad (chrome-extension://ffnbelfdoeiohenkjibnmadjiehjhajb/js/vendor.js:44671:7)",
"message": "Request failed with status code 400",
"config": {},
"request": {
"response": "{\"code\":\"InvalidContent\",\"message\":\"Invalid witness\"}"
},
"response": {
"config": {},
"request": {
"response": "{\"code\":\"InvalidContent\",\"message\":\"Invalid witness\"}"
}
}
}
[2018-10-09T18:26:07-04:00] DaedalusTransferStore::transferFunds {
"message": "api.errors.invalidWitnessError: {}",
"name": "t",
"stack": "t: api.errors.invalidWitnessError: {}\n at chrome-extension://ffnbelfdoeiohenkjibnmadjiehjhajb/js/yoroi.bundle.js:1:46978",
"id": "api.errors.invalidWitnessError",
"defaultMessage": "!!!The signature is invalid.",
"values": {}
}
We have a few different environments that you can run Yoroi with (mainnet
, staging
, testnet
, develop
) and we also have one called test
test
is confusing because it sounds like it should be testnet
but actually test
runs on your local machine using localhost.
I suggest we rename test
to localhost
or perhaps another name that clears up the confusion
POST /txs/history
with payload {"addresses":["Ae2tdPwUPEYxYUgxBGgbZXNyj8TMczmHMSjZvm8hJzpt2Y8nDSLtBQAyuZi"],"dateFrom":"2018-01-01T09:44:39.757Z"}
return 502 / 503 occasionally (every 4th or 5th request)
Note: this occurs on staging (https://iohk-staging.yoroiwallet.com/api/txs/history) and mainnet
Tested from Europe/Slovakia
Theory: maybe a single host behind a load-balance is unavailable
Running:
rustup target add wasm32-unknown-unknown --toolchain nightly-2018-06-05
Throws error:
Works when follow following step:
https://www.hellorust.com/setup/wasm-target/
Also in precondition, we should add to install gcc
app/api/ada/_createWalletFromServerData
we should give it a better name.
it only coverts wallet data fetched from localStore to new Wallet
object, there is no server involved.
Even when not connected to Internet (or back-end not running properly ) user does not see and proper warning or info.
Example:
Restor wallet
button, and an error message is show An error occurred, please try later.
, even user tries again and it will say the same error message(very generic),At first place there is already waste of users time, filling WALLET NAME
, RECOVERY PHRASE
, WALLET PASSWORD
, REPEAT PASSWORD
and then it shows an error message(no help showing this error message) which makes things worse.
User would be able to invoke buttons with single key press from keyboard on trezor connect pages
When we migrate a Daedalus wallet, we send all the balance to the first address generated by the Yoroi wallet (even if this address has already been used in a different transaction)
scanSize
during recoveryif (less than 20 unused addresses)
generate a new unused address for migration
else
send to the first address
Easy to program and easily to take into account for any other wallet for Cardano.
We could also change the restoration behavior so we instead scan 21
addresses but still limit the user to 20
. We would keep the 21st address as a special reserved address for Daedalus migration and send to it if the user's already generated 20
unused addresses.
Is there a default mnemonic to restore the wallet using these test data?
While [ Create a new wallet ] OR [ Restore wallet from backup ] if user presses ESC key or clicks somewhere apart from dialog box anytime then,
Dialog box is closed and user have to repeat whole process even if he has written RECOVERY PHRASE and about to complete the wallet creation.
One Solution:
we should only close dialog box if user presses "X" button.
In Yoroi we have a CachedRequest
object that takes wraps API calls and doesn't reissue them if its result is already cached. However the cache is based off arguments to the function. But what if you want to cache based off a key that isn't part of function arguments?
Good news: in Javascript passing extra arguments to a function does nothing (as if it truncates the unnecessary arguments. See picture below). Therefore you can abuse this to make API calls that cache based on the time of a query. However, if you add extra arguments to these functions in the future, this could cause a problem
Therefore, be careful about adding new arguments to any functions part of the Yoroi API because it could randomly get garbage arguments
I haven't checked how many functions to this, but at the very least getBalance
does this. This is dangerous design for obvious reasons so we should get rid of it.
Example
Above is a screenshot where you can see arguments
has the current date as an argument to getBalance
despite the fact getBalance
takes no argument.
This is because getBalance
is cached by the Date
of the last transaction you've received
environment.API
originally came from the fact that Daedalus was meant to support ETC/ADA/Bitcoin/etc
Yoroi is a Cardano wallet and we won't support other currencies (at least for a long time) so this just causes pointless code bloat.
Even though we don't use this feature, there is an argument to be made to pretend we have this requirement anyway to keep everything clean. I'm definitely tempted by this argument so I'm want to hear what others think
transaction without any fraction remained even try to send all ADA (when want to send ada to make the balance zero)
Too many users send empty logs because they expect that logs are persistent. We should make the logging persistent, maybe we could limit it for 24 hours.
Right now we can pass CI even with ESLint warnings
There is no way to turn warnings -> errors through command line arguments unfortunately. We could turn all warnings in the .eslintrc
to errors but I think the concern for this was that if we make the lint automatically happen on hot reload, it would frustratingly fail your compilation.
I feel like "Do you have access to a working version of your Daedalus wallet?" is not the right question since even if they have a working copy, transferring your funds using the mnemonic is way easier.
Maybe the question should be "Do you have access to your Daedalus 12-word recovery phrase?" (note: if we choose this wording, we would have to flip "yes" and "no")
In the Haskell importer we truncate addresses that are over 2K in size.
If we plan to make this behavior permanent, we should filter out addresses 2K in size from any backend API request.
We could also choose to filter these from the backend-service
side instead.
During CI builds, we often get failure on POST /api/txs/history
which has the error message DateFrom should be a valid datetime
in CircleCI. This is not cause by a date format issue, but rather because the response from /api/txs/history
was invalid.
Location in the code:
https://github.com/Emurgo/yoroi-frontend/blob/develop/features/support/mockServer.js#L62
Proposal
A) Validate req.body
and return the appropriate error message on failure
B) Figure out the root cause
The current LocalStorageApi
causes a lot of code duplication if we add more settings (which we plan to)
There should instead be a type-parameterized class that takes a default value as an argument that we reuse for these settings.
Hopefully this refactoring would also allow us to add // @flow
to the file to enable type-checking
Whenever our server gets into a bad state, users will experience messages like "An error occurred, please try again later"
We should have somewhere in the app a component that shows whether the server is running correctly. Similar to what IOHK has in https://testnet.iohkdev.io/
Additionally, when the server is down, we should have it linked to our Twitter (or maybe a new account that automatically tweets when the server goes online or offline)
Note: we will have to differentiate at least a few different statuses:
best_block_num
is lower than the best_block_num
in user's localstorage
basic idea is to make it like:
app/flowtype.CamelCase.js
Type
and Types
Fixed In:#199
I think this would be a pretty nice UX improvement for users that want to move all of their funds without having to play with the values and fees.
Concept
Sometimes users make transactions to themselves. It's inappropriate to label this as outgoing
or incoming
so we need a new category. I suggest reorganization
to match the terminology used in the Cardano Wallet Spec.
Motivation for such transactions
This will require a UI change (new icon, new way to display the fees, etc)
The current UI for this is at best misleading and depending on your definition also a bug.
Add topics in this issue that you think should be brought up during our weekly developer meeting.
Time: 14:00 - 15:00 (JST)
Hangout link: https://hangouts.google.com/hangouts/_/qvdzenjqzzffbhigjj2gugtjcme
Tentative Agenda:
We have two copies of our ToS: one for the mainnet
and one for else
The logic for this switch is located here
Is there actually any reason to have this feature? We inherited it from Daedalus but they don't use it either (in fact, looking now I see that one of their ToS is an outdated version of the other which kind of proves my point that this is bad duplication)
When the Yoroi error logs are non-empty, every entry has a timestamp associated to it so we can easily correlated with out backend AWS logs.
However, we occasionally have bugs that for some reason do not show up in the error logs. To help debug these, we should print a timestamp in the error logs to get a rough estimate of when the bug happened so we can then match that against our backend logs.
Note: The example errors in this issue all originate from accidentally having 2 copies of Yoroi running in the same browser so don't bother investigating them.
Errors such as
OPTIONS https://iohk-mainnet.yoroiwallet.com/api/txs/history 502
OPTIONS https://iohk-mainnet.yoroiwallet.com/api/txs/history net::ERR_NETWORK_CHANGED
are generic network errors that occur in the console but don't show up when you try and download logs as they were not explicitly generated by Yoroi. However, these errors cause real errors later on.
This can actually get really bad in cases such as uncaught exceptions which appear in the Chrome log but don't actually show up in the Yoroi logs
Example: The follow doesn't show up if you download Yoroi logs
yoroi.bundle.js:1 Uncaught (in promise)
t {id: "api.errors.GenericApiError", defaultMessage: "!!!An error occurred, please try again later.", values: {…}, message: "api.errors.GenericApiError: {}", name: "t", …}
defaultMessage: "!!!An error occurred, please try again later."
id: "api.errors.GenericApiError"
values: {}
message: "api.errors.GenericApiError: {}"
name: "t"
stack: "t: api.errors.GenericApiError: {}↵ at t.<anonymous> (chrome-extension://ffnbelfdoeiohenkjibnmadjiehjhajb/js/yoroi.bundle.js:1:132197)↵ at a (chrome-extension://ffnbelfdoeiohenkjibnmadjiehjhajb/js/yoroi.bundle.js:1:421708)↵ at c._invoke (chrome-extension://ffnbelfdoeiohenkjibnmadjiehjhajb/js/yoroi.bundle.js:1:423112)↵ at c.e.(anonymous function) [as throw] (chrome-extension://ffnbelfdoeiohenkjibnmadjiehjhajb/js/yoroi.bundle.js:1:421887)↵ at r (chrome-extension://ffnbelfdoeiohenkjibnmadjiehjhajb/js/yoroi.bundle.js:1:6312)↵ at chrome-extension://ffnbelfdoeiohenkjibnmadjiehjhajb/js/yoroi.bundle.js:1:6427
Suggested fix:
Provide an ability to initiate sending funds apps dialogs based on "quick links" with universal URL Scheme.
It will allows to open compatible applications on "send screen" with preinstalled data like receiver address, amount of funds to send and token symbol (for the future multi-currency cardano blockchain support) from QR Codes, online shops and etc.
Example:
http://kxp.one/cardano.html?address="< some address >"&amount="100"&token="ADA"
or https://send.cardano.org?address="< some address >"&amount="100"&token="ADA"
or whatever you decide...
For URLScheme this link will looks like
cardano://send?address="< some address >"&amount="100"&token="ADA"
Web page logic:
Internal page script should check available apps that could open URLScheme (for iOS and Android apps) or to call chrome extension method. Then redirect inside the available one with focus on sending funds context with preinstalled context info.
For Yoroi chrome extension:
Try to call custom js function:
function cardanoSendFunction() {
chrome.runtime.sendMessage('ffnbelfdoeiohenkjibnmadjiehjhajb', {
message: "cardano://send?address="< some address >"&amount="100"&token="ADA""
});
}
where: "ffnbelfdoeiohenkjibnmadjiehjhajb" - Yoroi chrome store extension ID.
If it fails, then - you don't have supported chrome extension.
Next try to call URL Scheme link. If it fails too -> present verified apps download page.
(already tested - should works safely)
"background": {
"page": "background.html"
},
...
"externally_connectable": {
"matches": ["*://*.kxp.one/*"]
},
...
"permissions": [
"tabs",
"storage"
],
chrome.runtime.onMessageExternal.addListener(< some function >);
Please visit official vendors pages for more info. It must be easy to implement. I did it many times.
Apple URL Scheme Guide:
https://developer.apple.com/documentation/uikit/core_app/allowing_apps_and_websites_to_link_to_your_content/defining_a_custom_url_scheme_for_your_app?language=objc
Android Guide:
https://developer.android.com/training/app-links/deep-linking
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.