Phase 1: Agent SDK Marketplace Integration
- Implement _submit_to_marketplace() with HTTP client to coordinator API
- Implement _update_marketplace_offer() with HTTP client
- Implement assess_capabilities() with GPU detection using nvidia-smi
- Add coordinator_url parameter and AITBCHTTPClient integration
Phase 2: Agent SDK Network Registration
- Implement register_with_network() with HTTP client to coordinator API
- Implement get_reputation() with HTTP client to fetch from API
- Implement get_earnings() with HTTP client to fetch from API
- Implement signature verification in send_message() and receive_message()
- Add coordinator_url parameter and AITBCHTTPClient integration
Phase 3: Coordinator API Enterprise Integration
- Implement generic ERPIntegration base class methods with mock implementations
- Implement generic CRMIntegration base class methods with mock implementations
- Add BillingIntegration base class with generic mock implementations
- Add ComplianceIntegration base class with generic mock implementations
- No third-party integration as requested
Phase 4: Coordinator API Key Management
- Add MockHSMStorage class with in-memory key storage
- Add HSMProviderInterface with mock HSM connection methods
- FileKeyStorage already had all abstract methods implemented
Phase 5: Blockchain Node Multi-Chain Operations
- Implement start_chain() with Ethereum-specific chain startup
- Implement stop_chain() with Ethereum-specific chain shutdown
- Implement sync_chain() with Ethereum consensus (longest-chain rule)
- Add database, RPC server, P2P service, and consensus initialization
Phase 6: Settlement Bridge
- Implement EthereumBridge class extending BridgeAdapter
- Implement _encode_payload() with Ethereum transaction encoding
- Implement _get_gas_estimate() with Web3 client integration
- Add Web3 client initialization and gas estimation with safety buffer
- Migrate agent-coordinator/scripts/agent_daemon.py hardcoded paths to use KEYSTORE_DIR and DATA_DIR
- Migrate wallet/simple_daemon.py hardcoded path to use KEYSTORE_DIR
- Migrate scripts/blockchain_simple.py from logging to aitbc.get_logger
- Migrate hardcoded paths in blockchain_simple.py to use DATA_DIR, CONFIG_DIR, LOG_DIR
- Migrate scripts/blockchain_http_launcher.py from logging to aitbc.get_logger
- Remove logging.basicConfig() calls
- Migrate monitor/monitor.py from logging to aitbc.get_logger and hardcoded paths to DATA_DIR
- Migrate multi-region-load-balancer/main.py from logging to aitbc.get_logger
- Migrate global-infrastructure/main.py from logging to aitbc.get_logger
- Migrate global-ai-agents/main.py from logging to aitbc.get_logger
- Migrate exchange-integration/main.py from logging to aitbc.get_logger
- Migrate trading-engine/main.py from logging to aitbc.get_logger
- Migrate compliance-service/main.py from logging to aitbc.get_logger
- Remove logging.basicConfig() calls from all files
- Migrate plugin-security/main.py from logging to aitbc.get_logger
- Migrate plugin-registry/main.py from logging to aitbc.get_logger
- Migrate plugin-analytics/main.py from logging to aitbc.get_logger
- Migrate plugin-marketplace/main.py from logging to aitbc.get_logger
- Remove logging.basicConfig() calls from all files
- Consolidate aitbc imports in production_miner.py and production_miner_fixed.py
- Migrate hardcoded path in production_miner_fixed.py to use LOG_DIR constant
- Migrate services/sla_collector.py from logging to aitbc.get_logger
- Migrate app/routers/sla.py from logging to aitbc.get_logger
- Consolidate aitbc imports in services/billing_integration.py
- Migrate 3 files from logging to aitbc.get_logger
- scripts/real_marketplace_launcher.py, scripts/marketplace.py, scripts/gpu_marketplace_launcher.py
- Remove logging.basicConfig() from all files
- Migrate 2 files from logging to aitbc.get_logger
- health_monitor.py, real_exchange_integration.py
- Remove logging.basicConfig() from both files
- Migrate 3 files with hardcoded paths to use DATA_DIR constant
- simple_exchange_api.py, scripts/seed_market.py, database.py
- Migrate 10 files from logging to aitbc.get_logger
- combined_main.py, p2p_network.py, chain_sync.py
- network/bridge_manager.py, network/island_manager.py, network/nat_traversal.py
- network/multi_chain_manager.py, network/hub_manager.py, network/hub_discovery.py
- Remove logging.basicConfig() from combined_main.py
- Migrate hardcoded paths in config.py and hub_manager.py to use DATA_DIR and KEYSTORE_DIR constants
- Migrate 69 service files from logging to aitbc.get_logger
- Migrate explorer.py HTTP client from httpx.Client to AITBCHTTPClient
- Migrate config.py hardcoded paths to use DATA_DIR and LOG_DIR constants from aitbc.constants
- Remove duplicate LOG_DIR import in config.py
- All routers already using aitbc utilities
- Replace httpx.Client with aitbc.AITBCHTTPClient in client.py get_blocks endpoint
- Migrate monitoring_dashboard.py from httpx.AsyncClient to AITBCHTTPClient
- Replace httpx with AITBCHTTPClient in blockchain.py get_balance function
- Add NetworkError exception handling across all migrated endpoints
- Remove async context managers in favor of direct AITBCHTTPClient usage
- Remove httpx imports
- Replace httpx.Client with aitbc.AITBCHTTPClient in BitcoinWallet class
- Remove HTTP_CLIENT_AVAILABLE check and httpx import guard
- Replace logging.getLogger with aitbc.get_logger in bitcoin_wallet.py
- Migrate explorer.py from httpx to aitbc.AITBCHTTPClient
- Add NetworkError exception handling in explorer service
- Remove async context manager and status code checks in favor of AITBCHTTPClient
- Remove httpx imports from both services
- Consistent
- Replace httpx.AsyncClient with aitbc.AITBCHTTPClient in _create_bitcoin_escrow, release_payment, refund_payment
- Remove async context manager in favor of direct AITBCHTTPClient usage
- Replace status code checks with NetworkError exception handling
- Remove httpx import (no longer needed)
- Remove blank line after aitbc imports
- Consistent error handling across all escrow operations
- Replace logging.getLogger with aitbc.get_logger in analytics_service.py, staking_service.py, wallet_service.py
- Migrate payments.py from httpx to aitbc.AITBCHTTPClient for token escrow creation
- Add NetworkError exception handling in payments.py
- Remove async context manager and status code checks in favor of AITBCHTTPClient
- Update exchange.py CLI commands (create_pair, start_trading) to use
- Replace logging.getLogger with aitbc.get_logger across all router files
- Migrate HTTP client usage from httpx to aitbc.AITBCHTTPClient in blockchain.py
- Add NetworkError exception handling from aitbc package
- Update blockchain status and sync status endpoints to use AITBCHTTPClient
- Add from __future__ import annotations to admin.py, client.py, governance.py
- Consistent logger initialization across 20+ router
- Migrate simple_daemon.py from mock data to real keystore and blockchain RPC integration
- Add httpx for async HTTP client in wallet daemon
- Implement real wallet listing from keystore directory
- Implement blockchain balance queries via RPC
- Update CLI to use aitbc.AITBCHTTPClient instead of requests
- Add aitbc imports: constants, http_client, exceptions, logging, paths, validation
- Add address and amount validation in
- Add try/except for slowapi.errors import
- Fall back to importing RateLimitExceeded from slowapi directly
- Handles different slowapi package structures across versions
- Fixes integration-tests CI import error
- Add # nosec B104 comment for host="0.0.0.0" in combined_main.py
- Binding to all interfaces is intentional for blockchain node service
- Resolves security-scanning CI failure
- Update combined_main.py to use port 8005 for blockchain-node RPC
- blockchain-rpc service remains on port 8006
- Resolves port conflict causing blockchain-node service failures
- scripts/utils/keystore.py: use PBKDF2 with 100,000 iterations
- cli/keystore_auth.py: use PBKDF2 with 100,000 iterations
- cli/aitbc_cli.py: use PBKDF2 with 100,000 iterations
- apps/agent-coordinator/scripts/agent_daemon.py: use PBKDF2 with 100,000 iterations
Fixes 4/25 CodeQL alerts related to weak cryptographic hashing.
Note: cli/utils/__init__.py already uses Argon2 which is more secure.
- scripts/utils/setup_production.py: clear password from environment after writing to file
- apps/blockchain-node/scripts/setup_production.py: clear password from memory after writing to file
Fixes 2/25 CodeQL alerts related to clear-text storage of sensitive information.
- scripts/utils/generate-api-keys.py: mask API keys in output
- apps/coordinator-api/src/app/deps.py: mask API keys in debug logging
- dev/scripts/generate_production_keys.py: mask sensitive secrets in output
- scripts/security/security_audit.py: add sensitive data masking for issues/recommendations
Fixes 7/25 CodeQL alerts related to clear-text logging of sensitive information.
Ran poetry lock to update lock files with new dependency versions:
- pytest: 8.2.0 → 8.3.0 (fixes tmpdir handling vulnerability)
- python-multipart: updated to latest version (fixes DoS vulnerability)
This resolves the final 2 moderate vulnerabilities in poetry.lock files.
Version 47.0.0 does not exist in PyPI. Reverted to 46.0.0 which is the latest
available version and still provides security fixes for the reported vulnerabilities.
- Add sys import to 29 test files across agent-coordinator, blockchain-event-bridge, blockchain-node, and coordinator-api
- Remove apps/blockchain-event-bridge/tests/test_integration.py (obsolete bridge integration tests)
- Remove apps/coordinator-api/tests/test_integration.py (obsolete API integration tests)
- Implement GPU registration in marketplace_gpu.py with GPURegistry model persistence
- Relocate blockchain-event-bridge README content to docs/apps/blockchain/blockchain-event-bridge.md
- Relocate blockchain-explorer README content to docs/apps/blockchain/blockchain-explorer.md
- Replace app READMEs with redirect notices pointing to new documentation location
- Consolidate documentation in central docs/ directory for better organization
- Modify combined_main.py to start HTTP RPC server alongside blockchain node
- Use uvicorn.Server with asyncio to run both services concurrently
- Fix shutdown code to properly stop HTTP server
- eth_getLogs endpoint now accessible at http://localhost:8006/rpc/eth_getLogs
This fixes the hybrid mode heartbeat logic which was unable to
calculate time since last block after service restart because
_last_block_timestamp was None.
- Comment out PRAGMA journal_mode=WAL in database.py
- Keep other SQLite optimizations (synchronous=NORMAL, cache_size, temp_store)
- CoW already disabled on data directory via chattr +C
