Description

In order to check the last version of the API we need a simple endpoint that returns that version as a string.

Description

Currently the APY shown on OBE does not match the APY shown on teloscan
We probably didn't apply the correction that we applied to teloscan

Task

• Correct APY calculation

Acceptance

• While fixedRatio is 1, APY should be same for both EVM (Teloscan) and REX (OBE/Web wallet)

Description
Update fastify-oas

Solution

• upgrade fastify-oas to lastest version
• update swaggerOpts.js to adopt changes in swagger options properties (server/host) see release notes for 3.0.8

Description

We need to incorporate the Metakeep service to provide a web2 solution for non-crypto users. To do that we authenticate the user in the front end using GoogleOneTop but then we need to create an account for that user.

To do so, we need to incorporate a new endpoint to create an account securely.

Description
Update webpack to current version (5.*) to resolve security issue

Description

We have successfully deployed the last version of the API on Testnet and it worked as expected. Now we need to deploy the same API on Mainnet but make some cleanups first:

• remove the v1/accounts/random endpoint
• update the v1/accounts/version number

A partner has reported being unable to verify their contracts:

We have deployed our contracts to production, but we are unable to verify it, sourcify is showing that the contracts are successfully verified but thats not the case, contract address is : "0xF708e11A7C94abdE8f6217B13e6fE39C8b9cC0a6", Do you know the resons behind it ??

JT investigated, and it seems sourcify has changed their API in some way:

AxiosError: Request failed with status code 404 at settle (file:///nodes/api-prod/node_modules/axios/lib/core/settle.js:19:12) at IncomingMessage.handleStreamEnd (file:///nodes/api-prod/node_modules/axios/lib/adapters/http.js:585:11) at IncomingMessage.emit (events.js:412:35) at IncomingMessage.emit (domain.js:470:12) at endReadableNT (internal/streams/readable.js:1317:12) at processTicksAndRejections (internal/process/task_queues.js:82:21) { code: 'ERR_BAD_REQUEST', config: { transitional: { silentJSONParsing: true, forcedJSONParsing: true, clarifyTimeoutError: false }, adapter: [ 'xhr', 'http' ], transformRequest: [ [Function: transformRequest] ], transformResponse: [ [Function: transformResponse] ], timeout: 0, xsrfCookieName: 'XSRF-TOKEN', xsrfHeaderName: 'X-XSRF-TOKEN', maxContentLength: -1, maxBodyLength: -1, env: { FormData: [Function], Blob: null }, validateStatus: [Function: validateStatus], headers: Object [AxiosHeaders] { Accept: 'application/json, text/plain, */*', 'Content-Type': undefined, 'User-Agent': 'axios/1.6.2', 'Accept-Encoding': 'gzip, compress, deflate, br' }, method: 'get', url: 'https://sourcify.dev/server/files/contracts/any/40?page=0', data: undefined

It appears that a change on Sourcify's side has broken contract verification.

Current requests for https://sourcify.dev/server/files/contracts/40 are being met with a 404 and:

"error": "Cannot fetch more than 200 contracts (1075 full matches, 152 partial matches), please use /contracts/{full|any}/40 with pagination", "message": "Cannot fetch more than 200 contracts (1075 full matches, 152 partial matches), please use /contracts/{full|any}/40 with pagination"

I am going to try modifying the script to use https://sourcify.dev/server/files/contracts/full/40, which appears to work and does not require pagination (yet).

Problems

1. Amount of contracts is ever increasing and we are checking all of them to see if they are verified.
2. Orgs/Devs verify their contracts and sometimes have to wait 10 minutes to see that it was verified.
3. If we changed to only check new contracts for verification old contracts could never have their verification status changed.

Proposed solution

1. Create a queue, if a contract was deployed in the last week we include it on the list and check the list every 10 minutes on sourcify for verification.

2. Add support for single contract verification on a route that can be triggered by the front end. Then we can add button on each unverified contract page on teloscan todo a individual check for the contract so any old or new contract can be checked once verified.

Description

• add APY method for evm
• add APY method for native
• pull & restart pm2 on dev
• pull & restart pm2 on prod

For CMC/CoinGecko they want a numeric response and the tokens route returns the amount + symbol which they cannot parse. This is a longstanding request by Appics.

Description
Investigate rex table queries and results for endpoints /staked/rex, supply/staked, and rex/staked to ensure we are return accurate values. Retain legacy endpoints with duplicated functionality for now.

Notes

• see different table query used by DefiLlama: https://github.com/DefiLlama/DefiLlama-Adapters/blob/main/projects/telosRex.js and compare return values

Description
serverless-* packages need to be updated to resolve security issues with current versions

Solution

• update serverless-bundle (87, 49, 84, 78, 79, 35, 36, 37, 38, 40, 41, 42, 59, 34)
• update serverless-offline (84, 85, 70, 71, 77, 66, 62, 67, 39)
• update serverless-webpack (84, 85)

Description
update fastify-* versions to resolve security issues with current versions

Solution

- [ ] update fastify-oas (moved to #57 )

• update fastify-swagger
• update fastify-file-upload

Description

Overview

Currently, the developer has to wait for up to 10 minutes to have their contract show up. To optimize the contract deployment process, we should put an API route on api.telos.net that lets you bump a contract verification sync from sourcify, and similarly add one for teloscan indexer. So once the contract is verified, a developer can click a button on teloscan to make it show sooner than the 10 minutes interval.

Acceptance criteria

• New route that allows to bump a contract verification sync from sourcify
• Replicate feature to teloscan-indexer

Technical considerations

Tasks

Description

Description
Add endpoint to generate bootstrap token used for Topper Pay widget link forwarding

Tasks

• add widget pk as AWS secret
• add lib to generate token
• add route that accepts address as optional query param
• add optional sandbox flag for testing
• exclude route from swagger

Description

Overview

Artemis would like to track our token burns on their dashboard.

Burns occur as the retire action on contract eosio.token

I belive returning a total tokens burned number would suffice.

Perhaps /v1/supply/burns