- Migrate plugin-security/main.py from logging to aitbc.get_logger
- Migrate plugin-registry/main.py from logging to aitbc.get_logger
- Migrate plugin-analytics/main.py from logging to aitbc.get_logger
- Migrate plugin-marketplace/main.py from logging to aitbc.get_logger
- Remove logging.basicConfig() calls from all files
- Consolidate aitbc imports in production_miner.py and production_miner_fixed.py
- Migrate hardcoded path in production_miner_fixed.py to use LOG_DIR constant
- Migrate services/sla_collector.py from logging to aitbc.get_logger
- Migrate app/routers/sla.py from logging to aitbc.get_logger
- Consolidate aitbc imports in services/billing_integration.py
- Migrate 3 files from logging to aitbc.get_logger
- scripts/real_marketplace_launcher.py, scripts/marketplace.py, scripts/gpu_marketplace_launcher.py
- Remove logging.basicConfig() from all files
- Migrate 2 files from logging to aitbc.get_logger
- health_monitor.py, real_exchange_integration.py
- Remove logging.basicConfig() from both files
- Migrate 3 files with hardcoded paths to use DATA_DIR constant
- simple_exchange_api.py, scripts/seed_market.py, database.py
- Migrate 10 files from logging to aitbc.get_logger
- combined_main.py, p2p_network.py, chain_sync.py
- network/bridge_manager.py, network/island_manager.py, network/nat_traversal.py
- network/multi_chain_manager.py, network/hub_manager.py, network/hub_discovery.py
- Remove logging.basicConfig() from combined_main.py
- Migrate hardcoded paths in config.py and hub_manager.py to use DATA_DIR and KEYSTORE_DIR constants
- Migrate 69 service files from logging to aitbc.get_logger
- Migrate explorer.py HTTP client from httpx.Client to AITBCHTTPClient
- Migrate config.py hardcoded paths to use DATA_DIR and LOG_DIR constants from aitbc.constants
- Remove duplicate LOG_DIR import in config.py
- All routers already using aitbc utilities
- Replace httpx.Client with aitbc.AITBCHTTPClient in client.py get_blocks endpoint
- Migrate monitoring_dashboard.py from httpx.AsyncClient to AITBCHTTPClient
- Replace httpx with AITBCHTTPClient in blockchain.py get_balance function
- Add NetworkError exception handling across all migrated endpoints
- Remove async context managers in favor of direct AITBCHTTPClient usage
- Remove httpx imports
- Replace httpx.Client with aitbc.AITBCHTTPClient in BitcoinWallet class
- Remove HTTP_CLIENT_AVAILABLE check and httpx import guard
- Replace logging.getLogger with aitbc.get_logger in bitcoin_wallet.py
- Migrate explorer.py from httpx to aitbc.AITBCHTTPClient
- Add NetworkError exception handling in explorer service
- Remove async context manager and status code checks in favor of AITBCHTTPClient
- Remove httpx imports from both services
- Consistent
- Replace httpx.AsyncClient with aitbc.AITBCHTTPClient in _create_bitcoin_escrow, release_payment, refund_payment
- Remove async context manager in favor of direct AITBCHTTPClient usage
- Replace status code checks with NetworkError exception handling
- Remove httpx import (no longer needed)
- Remove blank line after aitbc imports
- Consistent error handling across all escrow operations
- Replace logging.getLogger with aitbc.get_logger in analytics_service.py, staking_service.py, wallet_service.py
- Migrate payments.py from httpx to aitbc.AITBCHTTPClient for token escrow creation
- Add NetworkError exception handling in payments.py
- Remove async context manager and status code checks in favor of AITBCHTTPClient
- Update exchange.py CLI commands (create_pair, start_trading) to use
- Replace logging.getLogger with aitbc.get_logger across all router files
- Migrate HTTP client usage from httpx to aitbc.AITBCHTTPClient in blockchain.py
- Add NetworkError exception handling from aitbc package
- Update blockchain status and sync status endpoints to use AITBCHTTPClient
- Add from __future__ import annotations to admin.py, client.py, governance.py
- Consistent logger initialization across 20+ router
- Migrate simple_daemon.py from mock data to real keystore and blockchain RPC integration
- Add httpx for async HTTP client in wallet daemon
- Implement real wallet listing from keystore directory
- Implement blockchain balance queries via RPC
- Update CLI to use aitbc.AITBCHTTPClient instead of requests
- Add aitbc imports: constants, http_client, exceptions, logging, paths, validation
- Add address and amount validation in
- Add try/except for slowapi.errors import
- Fall back to importing RateLimitExceeded from slowapi directly
- Handles different slowapi package structures across versions
- Fixes integration-tests CI import error
- Add # nosec B104 comment for host="0.0.0.0" in combined_main.py
- Binding to all interfaces is intentional for blockchain node service
- Resolves security-scanning CI failure
- Update combined_main.py to use port 8005 for blockchain-node RPC
- blockchain-rpc service remains on port 8006
- Resolves port conflict causing blockchain-node service failures
- scripts/utils/keystore.py: use PBKDF2 with 100,000 iterations
- cli/keystore_auth.py: use PBKDF2 with 100,000 iterations
- cli/aitbc_cli.py: use PBKDF2 with 100,000 iterations
- apps/agent-coordinator/scripts/agent_daemon.py: use PBKDF2 with 100,000 iterations
Fixes 4/25 CodeQL alerts related to weak cryptographic hashing.
Note: cli/utils/__init__.py already uses Argon2 which is more secure.
- scripts/utils/setup_production.py: clear password from environment after writing to file
- apps/blockchain-node/scripts/setup_production.py: clear password from memory after writing to file
Fixes 2/25 CodeQL alerts related to clear-text storage of sensitive information.
- scripts/utils/generate-api-keys.py: mask API keys in output
- apps/coordinator-api/src/app/deps.py: mask API keys in debug logging
- dev/scripts/generate_production_keys.py: mask sensitive secrets in output
- scripts/security/security_audit.py: add sensitive data masking for issues/recommendations
Fixes 7/25 CodeQL alerts related to clear-text logging of sensitive information.
Ran poetry lock to update lock files with new dependency versions:
- pytest: 8.2.0 → 8.3.0 (fixes tmpdir handling vulnerability)
- python-multipart: updated to latest version (fixes DoS vulnerability)
This resolves the final 2 moderate vulnerabilities in poetry.lock files.
Version 47.0.0 does not exist in PyPI. Reverted to 46.0.0 which is the latest
available version and still provides security fixes for the reported vulnerabilities.
- Add sys import to 29 test files across agent-coordinator, blockchain-event-bridge, blockchain-node, and coordinator-api
- Remove apps/blockchain-event-bridge/tests/test_integration.py (obsolete bridge integration tests)
- Remove apps/coordinator-api/tests/test_integration.py (obsolete API integration tests)
- Implement GPU registration in marketplace_gpu.py with GPURegistry model persistence
- Relocate blockchain-event-bridge README content to docs/apps/blockchain/blockchain-event-bridge.md
- Relocate blockchain-explorer README content to docs/apps/blockchain/blockchain-explorer.md
- Replace app READMEs with redirect notices pointing to new documentation location
- Consolidate documentation in central docs/ directory for better organization
- Modify combined_main.py to start HTTP RPC server alongside blockchain node
- Use uvicorn.Server with asyncio to run both services concurrently
- Fix shutdown code to properly stop HTTP server
- eth_getLogs endpoint now accessible at http://localhost:8006/rpc/eth_getLogs
This fixes the hybrid mode heartbeat logic which was unable to
calculate time since last block after service restart because
_last_block_timestamp was None.
- Comment out PRAGMA journal_mode=WAL in database.py
- Keep other SQLite optimizations (synchronous=NORMAL, cache_size, temp_store)
- CoW already disabled on data directory via chattr +C
- Add status fields to Receipt model (status, claimed_at, claimed_by)
- Add RECEIPT_CLAIM handling to state_transition.py with validation and reward minting
- Add type field to Transaction model for reliable transaction type storage
- Update router to use TransactionRequest model to preserve type field
- Update poa.py to extract type from mempool transaction content and store only original payload
- Add RECEIPT_CLAIM to GasType enum with gas schedule
- Add MESSAGE transaction type to router.py valid_types
- Add MESSAGE handling to state_transition.py (value=0, fee-only)
- Add GasType.MESSAGE to gas schedules
- Re-enable state root computation in poa.py
- Change SQLite journal_mode to WAL for corruption prevention
- Add chattr +C to setup.sh for Btrfs CoW prevention
- Change SQLite journal mode from DELETE to WAL for better concurrency
- Add chattr +C to /var/lib/aitbc in setup.sh to disable Btrfs Copy-on-Write
- Add fallback logging when chattr is unavailable or fails
- Prevent SQLite corruption on Btrfs filesystems by ensuring overwrite-in-place behavior
- Add default_peer_rpc_url configuration parameter
- Update bulk sync fallback to use default_peer_rpc_url instead of gossip_broadcast_url
- Fixes 'unsupported protocol redis://' error in bulk sync
- gossip_broadcast_url is for Redis backend, not HTTP RPC calls
- Add _calculate_dynamic_batch_size method to sync.py
- Scale batch size based on gap size:
- Small gaps (< 100): 20-50 blocks for precision
- Medium gaps (100-500): 50-100 blocks
- Large gaps (> 500): 100-200 blocks for speed
- Add min_bulk_sync_batch_size and max_bulk_sync_batch_size config params
- Update bulk_import_from to use dynamic batch size
- Replaces fixed 50-block batch size with adaptive sizing
- Increase block_time_seconds from 2 to 10 seconds
- Reduces block generation frequency
- Helps with sync gap recovery by giving more time between blocks
