- Changed bare except clauses to specific exception types in web3_utils.py, testing.py, messages.py, and message_storage.py
- Replaced print() calls with logger in testing.py, agent_discovery.py, compliance_agent.py, coordinator.py, trading_agent.py, keys.py, escrow.py, persistent_spending_tracker.py, sync_cli.py, and client.py
- Added logger initialization using get_logger(__name__) in compliance_agent.py, coordinator.py, trading_agent.py, keys.py, escrow.py, persistent_spending_tracker.py, and client.py
- Removed hardcoded secret
Fixed hardcoded IP addresses in production code by replacing them with
environment variables or config settings:
- apps/blockchain-node/src/aitbc_chain/sync_cli.py: Use AITBC_SYNC_SOURCE
and AITBC_SYNC_IMPORT_URL env vars for RPC URLs
- apps/blockchain-node/src/aitbc_chain/app.py: Use AITBC_TRUSTED_IPS
env var for rate limiting bypass
- apps/coordinator-api/src/app/routers/client.py: Use settings.blockchain_rpc_url
for RPC endpoint
- dev/scripts/dev_heartbeat.py: Use AITBC_LOCAL_RPC and AITBC_GENESIS_RPC
env vars for RPC URLs
- cli/aitbc_cli.py: Use AITBC_FOLLOWER_HOST and AITBC_FOLLOWER_PORT
env vars for network peer display
This makes the codebase more portable and configurable for different
deployment environments.
Deleted .bak, .backup, and .orig files:
- 2 .orig files from blockchain-node
- 9 .bak files from cli commands
- 1 .bak file from dev scripts
- 1 .backup file from docs
- 1 .bak file from scripts
These files add noise and should not be tracked in git.
- Fixed bare except clauses in dev/examples/wallet.py
- Fixed bare except clauses in dev/gpu/gpu_exchange_status.py (2 clauses)
- Fixed bare except clauses in dev/gpu/gpu_miner_host.py
- Fixed bare except clauses in dev/onboarding/auto-onboard.py
- Fixed bare except clauses in dev/onboarding/onboarding-monitor.py
- Fixed bare except clauses in dev/scripts/dev_heartbeat.py
- Fixed bare except clauses in tests/integration/test_blockchain_simple.py (3 clauses)
- Fixed bare except clause in tests/integration/test_full_workflow.py
- Fixed bare except clause in tests/load_test.py
- Fixed bare except clause in tests/security/test_confidential_transactions.py
- Fixed bare except clause in tests/verification/test_coordinator.py
- All bare except clauses now use proper Exception handling
- Addresses remaining ruff E722 warnings in non-critical code
- Replace all 2,087 uses of datetime.utcnow() across 294 files
- Add UTC import to datetime statements where needed
- Addresses Python 3.12+ deprecation warning (report item #3)
- scripts/utils/generate-api-keys.py: mask API keys in output
- apps/coordinator-api/src/app/deps.py: mask API keys in debug logging
- dev/scripts/generate_production_keys.py: mask sensitive secrets in output
- scripts/security/security_audit.py: add sensitive data masking for issues/recommendations
Fixes 7/25 CodeQL alerts related to clear-text logging of sensitive information.
Development Artifact Cleanup:
✅ BROTHER_NODE REORGANIZATION: Moved development test node to appropriate location
- dev/test-nodes/brother_node/: Moved from root directory for better organization
- Contains development configuration, test logs, and test chain data
- No impact on production systems - purely development/testing artifact
✅ DEVELOPMENT ARTIFACTS IDENTIFIED:
- Chain ID: aitbc-brother-chain (test/development chain)
- Ports: 8010 (P2P) and 8011 (RPC) - different from production
- Environment: .env file with test configuration
- Logs: rpc.log and node.log from development testing session (March 15, 2026)
✅ ROOT DIRECTORY CLEANUP: Removed development clutter from production directory
- brother_node/ moved to dev/test-nodes/brother_node/
- Root directory now contains only production-ready components
- Development artifacts properly organized in dev/ subdirectory
DIRECTORY STRUCTURE IMPROVEMENT:
📁 dev/test-nodes/: Development and testing node configurations
🏗️ Root Directory: Clean production structure with only essential components
🧪 Development Isolation: Test environments separated from production
BENEFITS:
✅ Clean Production Directory: No development artifacts in root
✅ Better Organization: Development nodes grouped in dev/ subdirectory
✅ Clear Separation: Production vs development environments clearly distinguished
✅ Maintainability: Easier to identify and manage development components
RESULT: Successfully moved brother_node development artifact to dev/test-nodes/ subdirectory, cleaning up the root directory while preserving development testing environment for future use.
- Add transaction data to RPC responses (get_block, get_blocks_range)
- Fix import_block to handle transactions parameter
- Change database paths to absolute paths for consistency
- Make dev_heartbeat.py executable
- Add production genesis initialization scripts
- Add keystore management for production
- Add production node runner
- Add setup production automation
- Add AI memory system for development tracking
- Add translation cache service
- Add development heartbeat monitoring
- Update blockchain RPC router
- Update coordinator API main configuration
- Update secure pickle service
- Update claim task script
- Update blockchain service configuration
- Update gitignore for production files
Resolves conflicts by accepting PR branch changes
- Add production genesis initialization scripts
- Add keystore management for production
- Add production node runner
- Add setup production automation
- Add AI memory system for development tracking
- Add translation cache service
- Add development heartbeat monitoring
- Update blockchain RPC router
- Update coordinator API main configuration
- Update secure pickle service
- Update claim task script
- Update blockchain service configuration
- Update gitignore for production files
- Introduce production setup script: scripts/setup_production.py
- Generates aitbc1genesis (treasury) and aitbc1treasury (spending) wallets
- Encrypts keys via AES-GCM, stores password in keystore/.password (600)
- Creates allocations.json and genesis.json with fixed total supply
- Sets mint_per_unit=0 (no inflation)
- Update make_genesis.py:
- Accept allocations file instead of single faucet
- Use 'allocations' key in genesis (renamed from 'accounts')
- Enforce mint_per_unit=0 in default params
- Remove admin mint endpoint:
- Deleting MintFaucetRequest and /rpc/admin/mintFaucet from router.py
- Removes faucet CLI command from cli/aitbc_cli/commands/blockchain.py
- RPC supply endpoint now computes total supply from genesis file (fixed)
- Validators endpoint derives list from trusted_proposers config
- Config enhancements (config.py):
- Add keystore_path and keystore_password_file
- Change mint_per_unit default to 0
- main.py: Auto-load proposer private key from keystore into settings.proposer_key (hex) for future use
- Launcher scripts:
- scripts/mainnet_up.sh: Loads .env.production, derives proposer_id from keystore if needed, starts node + RPC
- scripts/devnet_up.sh: Updated to use new allocations-based genesis and proper proposer address
- Documentation:
- Rewrite blockchain-node/README.md for production model (no faucet, keystore management, multi-chain)
- Update MEMORY.md with production blockchain section
- Database: Multi-chain support already present via chain_id foreign keys.
This change makes the blockchain production‑ready: immutable supply, secure key storage, and removal of dev‑only admin functions.
Co-authored-by: Andreas Michael Fleckl <andreas@example.com>
- Change file mode from 644 to 755 for all project files
- Add chain_id parameter to get_balance RPC endpoint with default "ait-devnet"
- Rename Miner.extra_meta_data to extra_metadata for consistency
