chore: remove outdated documentation and reference files
Some checks failed
AITBC CI/CD Pipeline / lint-and-test (3.11) (push) Has been cancelled
AITBC CI/CD Pipeline / lint-and-test (3.12) (push) Has been cancelled
AITBC CI/CD Pipeline / lint-and-test (3.13) (push) Has been cancelled
AITBC CI/CD Pipeline / test-cli (push) Has been cancelled
AITBC CI/CD Pipeline / test-services (push) Has been cancelled
AITBC CI/CD Pipeline / test-production-services (push) Has been cancelled
AITBC CI/CD Pipeline / security-scan (push) Has been cancelled
AITBC CI/CD Pipeline / build (push) Has been cancelled
AITBC CI/CD Pipeline / deploy-staging (push) Has been cancelled
AITBC CI/CD Pipeline / deploy-production (push) Has been cancelled
AITBC CI/CD Pipeline / performance-test (push) Has been cancelled
AITBC CI/CD Pipeline / docs (push) Has been cancelled
AITBC CI/CD Pipeline / release (push) Has been cancelled
AITBC CI/CD Pipeline / notify (push) Has been cancelled
Security Scanning / Bandit Security Scan (apps/coordinator-api/src) (push) Has been cancelled
Security Scanning / Bandit Security Scan (cli/aitbc_cli) (push) Has been cancelled
Security Scanning / Bandit Security Scan (packages/py/aitbc-core/src) (push) Has been cancelled
Security Scanning / Bandit Security Scan (packages/py/aitbc-crypto/src) (push) Has been cancelled
Security Scanning / Bandit Security Scan (packages/py/aitbc-sdk/src) (push) Has been cancelled
Security Scanning / Bandit Security Scan (tests) (push) Has been cancelled
Security Scanning / CodeQL Security Analysis (javascript) (push) Has been cancelled
Security Scanning / CodeQL Security Analysis (python) (push) Has been cancelled
Security Scanning / Dependency Security Scan (push) Has been cancelled
Security Scanning / Container Security Scan (push) Has been cancelled
Security Scanning / OSSF Scorecard (push) Has been cancelled
Security Scanning / Security Summary Report (push) Has been cancelled
AITBC CLI Level 1 Commands Test / test-cli-level1 (3.11) (push) Has been cancelled
AITBC CLI Level 1 Commands Test / test-cli-level1 (3.12) (push) Has been cancelled
AITBC CLI Level 1 Commands Test / test-cli-level1 (3.13) (push) Has been cancelled
AITBC CLI Level 1 Commands Test / test-summary (push) Has been cancelled
Some checks failed
AITBC CI/CD Pipeline / lint-and-test (3.11) (push) Has been cancelled
AITBC CI/CD Pipeline / lint-and-test (3.12) (push) Has been cancelled
AITBC CI/CD Pipeline / lint-and-test (3.13) (push) Has been cancelled
AITBC CI/CD Pipeline / test-cli (push) Has been cancelled
AITBC CI/CD Pipeline / test-services (push) Has been cancelled
AITBC CI/CD Pipeline / test-production-services (push) Has been cancelled
AITBC CI/CD Pipeline / security-scan (push) Has been cancelled
AITBC CI/CD Pipeline / build (push) Has been cancelled
AITBC CI/CD Pipeline / deploy-staging (push) Has been cancelled
AITBC CI/CD Pipeline / deploy-production (push) Has been cancelled
AITBC CI/CD Pipeline / performance-test (push) Has been cancelled
AITBC CI/CD Pipeline / docs (push) Has been cancelled
AITBC CI/CD Pipeline / release (push) Has been cancelled
AITBC CI/CD Pipeline / notify (push) Has been cancelled
Security Scanning / Bandit Security Scan (apps/coordinator-api/src) (push) Has been cancelled
Security Scanning / Bandit Security Scan (cli/aitbc_cli) (push) Has been cancelled
Security Scanning / Bandit Security Scan (packages/py/aitbc-core/src) (push) Has been cancelled
Security Scanning / Bandit Security Scan (packages/py/aitbc-crypto/src) (push) Has been cancelled
Security Scanning / Bandit Security Scan (packages/py/aitbc-sdk/src) (push) Has been cancelled
Security Scanning / Bandit Security Scan (tests) (push) Has been cancelled
Security Scanning / CodeQL Security Analysis (javascript) (push) Has been cancelled
Security Scanning / CodeQL Security Analysis (python) (push) Has been cancelled
Security Scanning / Dependency Security Scan (push) Has been cancelled
Security Scanning / Container Security Scan (push) Has been cancelled
Security Scanning / OSSF Scorecard (push) Has been cancelled
Security Scanning / Security Summary Report (push) Has been cancelled
AITBC CLI Level 1 Commands Test / test-cli-level1 (3.11) (push) Has been cancelled
AITBC CLI Level 1 Commands Test / test-cli-level1 (3.12) (push) Has been cancelled
AITBC CLI Level 1 Commands Test / test-cli-level1 (3.13) (push) Has been cancelled
AITBC CLI Level 1 Commands Test / test-summary (push) Has been cancelled
- Remove debugging service documentation (DEBUgging_SERVICES.md) - Remove development logs policy and quick reference guides - Remove E2E test creation summary - Remove gift certificate example file - Remove GitHub pull summary documentation
This commit is contained in:
138
docs/deployment/SETUP_PRODUCTION.md
Normal file
138
docs/deployment/SETUP_PRODUCTION.md
Normal file
@@ -0,0 +1,138 @@
|
||||
# Production Blockchain Setup Guide
|
||||
|
||||
## Overview
|
||||
|
||||
This guide sets up the AITBC blockchain in production mode with:
|
||||
- Proper cryptographic key management (encrypted keystore)
|
||||
- Fixed supply with predefined allocations (no admin minting)
|
||||
- Secure configuration (localhost-only RPC, removed admin endpoints)
|
||||
- Multi-chain support (devnet preserved)
|
||||
|
||||
## Steps
|
||||
|
||||
### 1. Generate Keystore for `aitbc1genesis`
|
||||
|
||||
Run as `aitbc` user:
|
||||
|
||||
```bash
|
||||
sudo -u aitbc /opt/aitbc/apps/blockchain-node/.venv/bin/python /opt/aitbc/scripts/keystore.py aitbc1genesis --output-dir /opt/aitbc/keystore
|
||||
```
|
||||
|
||||
- Enter a strong encryption password (store in password manager).
|
||||
- **COPY** the printed private key (hex). Save it securely; you'll need it for `.env`.
|
||||
- File: `/opt/aitbc/keystore/aitbc1genesis.json` (600)
|
||||
|
||||
### 2. Generate Keystore for `aitbc1treasury`
|
||||
|
||||
```bash
|
||||
sudo -u aitbc /opt/aitbc/apps/blockchain-node/.venv/bin/python /opt/aitbc/scripts/keystore.py aitbc1treasury --output-dir /opt/aitbc/keystore
|
||||
```
|
||||
|
||||
- Choose another strong password.
|
||||
- **COPY** the printed private key.
|
||||
- File: `/opt/aitbc/keystore/aitbc1treasury.json` (600)
|
||||
|
||||
### 3. Initialize Production Database
|
||||
|
||||
```bash
|
||||
# Create data directory
|
||||
sudo mkdir -p /opt/aitbc/data/ait-mainnet
|
||||
sudo chown -R aitbc:aitbc /opt/aitbc/data/ait-mainnet
|
||||
|
||||
# Run init script
|
||||
export DB_PATH=/opt/aitbc/data/ait-mainnet/chain.db
|
||||
export CHAIN_ID=ait-mainnet
|
||||
sudo -E -u aitbc /opt/aitbc/apps/blockchain-node/.venv/bin/python /opt/aitbc/scripts/init_production_genesis.py --chain-id ait-mainnet --db-path "$DB_PATH"
|
||||
```
|
||||
|
||||
Verify:
|
||||
|
||||
```bash
|
||||
sqlite3 /opt/aitbc/data/ait-mainnet/chain.db "SELECT address, balance FROM account ORDER BY balance DESC;"
|
||||
```
|
||||
|
||||
Expected: 13 rows with balances from `ALLOCATIONS`.
|
||||
|
||||
### 4. Configure `.env` for Production
|
||||
|
||||
Edit `/opt/aitbc/apps/blockchain-node/.env`:
|
||||
|
||||
```ini
|
||||
CHAIN_ID=ait-mainnet
|
||||
SUPPORTED_CHAINS=ait-mainnet
|
||||
DB_PATH=./data/ait-mainnet/chain.db
|
||||
PROPOSER_ID=aitbc1genesis
|
||||
PROPOSER_KEY=0x<PRIVATE_KEY_HEX_FROM_STEP_1>
|
||||
PROPOSER_INTERVAL_SECONDS=5
|
||||
BLOCK_TIME_SECONDS=2
|
||||
|
||||
RPC_BIND_HOST=127.0.0.1
|
||||
RPC_BIND_PORT=8006
|
||||
P2P_BIND_HOST=127.0.0.2
|
||||
P2P_BIND_PORT=8005
|
||||
|
||||
MEMPOOL_BACKEND=database
|
||||
MIN_FEE=0
|
||||
GOSSIP_BACKEND=memory
|
||||
```
|
||||
|
||||
Replace `<PRIVATE_KEY_HEX_FROM_STEP_1>` with the actual hex string (include `0x` prefix if present).
|
||||
|
||||
### 5. Restart Services
|
||||
|
||||
```bash
|
||||
sudo systemctl daemon-reload
|
||||
sudo systemctl restart aitbc-blockchain-node aitbc-blockchain-rpc
|
||||
```
|
||||
|
||||
Check status:
|
||||
|
||||
```bash
|
||||
sudo systemctl status aitbc-blockchain-node
|
||||
sudo journalctl -u aitbc-blockchain-node -f
|
||||
```
|
||||
|
||||
### 6. Verify RPC
|
||||
|
||||
Query the head:
|
||||
|
||||
```bash
|
||||
curl "http://127.0.0.1:8006/head?chain_id=ait-mainnet" | jq
|
||||
```
|
||||
|
||||
Expected output:
|
||||
|
||||
```json
|
||||
{
|
||||
"height": 0,
|
||||
"hash": "0x...",
|
||||
"timestamp": "2025-01-01T00:00:00",
|
||||
"tx_count": 0
|
||||
}
|
||||
```
|
||||
|
||||
## Optional: Add Balance Query Endpoint
|
||||
|
||||
If you need to check account balances via RPC, I can add a simple endpoint `/account/{address}`. Request it if needed.
|
||||
|
||||
## Clean Up Devnet (Optional)
|
||||
|
||||
To free resources, you can archive the old devnet DB:
|
||||
|
||||
```bash
|
||||
sudo mv /opt/aitbc/apps/blockchain-node/data/devnet /opt/aitbc/apps/blockchain-node/data/devnet.bak
|
||||
```
|
||||
|
||||
## Notes
|
||||
|
||||
- Admin minting (`/admin/mintFaucet`) has been removed.
|
||||
- RPC is bound to localhost only; external access should go through a reverse proxy with TLS and API key.
|
||||
- The `aitbc1treasury` account exists but cannot spend until wallet daemon integration is complete.
|
||||
- All other service accounts are watch-only. Generate additional keystores if they need to sign.
|
||||
- Back up the keystore files and encryption passwords immediately.
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
- **Proposer not starting**: Check `PROPOSER_KEY` format (hex, with 0x prefix sometimes required). Ensure DB is initialized.
|
||||
- **DB initialization error**: Verify `DB_PATH` points to a writable location and that the directory exists.
|
||||
- **RPC unreachable**: Confirm RPC bound to 127.0.0.1:8006 and firewall allows local access.
|
||||
Reference in New Issue
Block a user