eos-nation / bpvalidate Goto Github PK

Currently if an API endpoint or SSL endpoint ends with a slash, there ends up being a double-slash on the request, whch fails. This can be improved.

It would be good to see all the results of what has passed in addition to what has not passed.

All endpoints should be available on both IPv4 and IPv6

Remote endpoints sometimes are not reachable due to routing issues or whatever. Rather than having the report flip/flop between fail/ok, it would be better to cache the connection results for 1 hour or so.

Change get_actions request (that checks for v1 history) to be limited to only ask for 100 actions. Well working APIs might limit the number of actions returned.

cleos -u https://api.eoslaomao.com get table theblacklist theblacklist producerhash

Hello Matthew,

Big fan of your tool for showing overall BP statuses. I noticed our disclosure URL is marked as a 503 error. This seems to have started happening yesterday out of the blue. Any thoughts about how this test could be made more robust as our URL has not been 503ing for me in the browser?

https://validate.eosnation.io/producers/eosiodetroit.html

When a bp has a super long name, it causes the title to wrap and push the accolades off the bottom of the card.

This would allow some monitoring tools to more easily parse the output.

Sort by most recent release to oldest release:

• 1.7.3 (most recent) first items
• 1.4.4 (oldest) last items

https://validate.eosnation.io/mainnet/reports/api_versions.html

Is a warning on cloudflare that has no cookies requirement necessary?

allow multiples signing keys

The cookie message is related to session cookies from cloudflare (or anywhere else). It checks if the server returns cookies or not. My understanding is that cloudflare always returns cookies and cannot be turned off.

So thus the warning about cloudflare. I have never used cloudflare, so I am relying on what others have told me.

The issue arises when you want to add mutiple BP endpoints into a loadbalancer. Then if every endpoint uses its own cookies, that's a hassle to deal with.

Externalize all strings into configuration files.

Store a history of validation errors so you can see trends over time.

Currently the validator complains that if there are no endpoints filed in a node block, then the section is useless. It would be better if the validator instead checks if node_type = producer and then make sure the endpoints are not filled in.

BP should never expose their producer.

These sections are not useless as if someone is considering mapping the data. They would want to show where a BP are producing.

make the API serializer test have different block number per chain. It needs to test big blocks and those are different on each chain.

So people know when it will refresh again show when bp will next be validated

If url to be tested contains a hash, validate that the content returned includes the hash. If the web page is generated dynamically by javascript, this would require a full render of the page to determine.

Hello All

We are facing an issue related with our County code , we have set AE from http://www.nationsonline.org/oneworld/country_code_list.htm for United Arab Emirates

but we are still facing error in validator detection .
for more info kindly check
https://validate.eosnation.io/eos/producers/eosarabianet.html
https://uae.eosarabia.net/bp.json

Regards,

Hi!
Report contains "no valid HTTP or HTTPS API endpoints provided in any node; see above messages" although our bp.json provided such information.
Report for telos: https://validate.eosnation.io/telos/producers/eostribeprod.html
BP json for telos: https://eostribe.io/telos/bp.json

An ❌ Error should occur if the following =>

producer_public_key (bp.json) or producer_key (regproducer on chain) is associated to any active/owner accounts.

$ cleos get accounts <PUBLIC KEY>
{
  "account_names": []
}

👍 If account_names is empty
👎 if account_names is equal to producer account

curl -d '{"account_name": "eosnationftw"}' https://api.eosn.io/v1/chain/get_account
Make sure you get balances back.

For each IP address assign to an endpoint (IPv4/IPv6) collect basic whois information about it. Then reports can be generated by who is the network provider.

Everyone should have an SSL endpoint

CPU speed on API nodes really matters.

some test results with delegatebw
2.7GHz AWS (r4.x2large) node - ~3100us
4.4GHz bare metal node - ~1900us

There a way to link directly to the scorecard overview with preselections? So like regprod, org, and endpoint = yes url?

The validator sends too many requests too fast to some endpoints and ends up getting 429 errors. Add some sleeps between requests to avoid this problem.

Report: https://validate.eosnation.io/producers/bpeosindexio.html

Issue:

The TLS enpoint verification fails with this error: invalid URL value=<500 Can't connect to api.bp.eosindex.io:443 (SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed)> for field=<node[1].ssl_endpoint> for url=<https://api.bp.eosindex.io>

However, as you can see on https://api.bp.eosindex.io, TLS is working and the certificate is valid.

If TLSv1 and TLSv1.1 are enabled, suggest to disable them.

curl -i -X OPTIONS http://jungle.eosn.io/v1/chain/get_info
HTTP/1.1 204 No Content
Server: nginx/1.14.2
Date: Thu, 01 Aug 2019 00:04:39 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

replace: cannot find server_version in response; contact @mdarwin on telegram and provide the information'

Make sure errors are generated when the country is not valid in the lookup table (but still 2 uppercase letters)

https://validate.eosnation.io/producers/eosnationftw.html

Easy access to bp.json directly from the BP report page

Fetching first block only applies for nodeos with full block synced, for nodes that use snapshots wouldn't have all blocks.

Shouldn't this be a warning and not an error?

invalid block one, value=<400 Bad Request>, field=<node[0].api_endpoint>, having node_type=, api_url=http://api.moonxwitheos.com:8888/v1/chain/get_block, post_data=<{"block_num_or_id": "1", "json": true}>

Hello,

After compiling mainnet -1.2.3 pull am getting version number c12d82b7 however the server on the validate page (https://github.com/EOS-Nation/bpvalidate/blob/master/config/versions.csv) for mainnet-1.2.3 is cb3645ae

Added get_supported_apis RPC API (#6572)

A new RPC API /v1/node/get_supported_apis has been added to allow applications to discover the current set of activated plugins on an API server. This information can then allow applications to intelligently render their UI elements customized for the capabilities provided by the API server.

I noticed the above error come up for Aloha's results on WAX, which was due to a Sweden outage. If that history query fails or is too slow it shouldn't impact the scorecard of others, so maybe skip any dependent checks in that case.

Sort the versions report in reverse alphabetical order. This hlighlights the better bps.

Better yet parse the version numbers so the sorting knows understands the decimal points in the version number in case any position has more than 1 digit.

create report so it is easy to get reports by node_type

https://steemit.com/eos/@greymass/an-eos-smart-contract-for-block-producer-information

at least the following filter by name, class+score, top21/paid standby. country for fun.

curl --request POST
--url http://mainnet.eosn.io/v1/chain/get_abi
--header 'accept: application/json'
--header 'content-type: application/json' -d '{"account_name": "eosio"}' | jq '.abi.structs[]' | less

is_producer is deprecated, add warning if it is there

See https://github.com/jhthorsen/json-validator

see EOS-Mainnet/eos#50 (comment)

https://github.com/bancorprotocol/eos-producer-heartbeat-plugin

https://medium.com/@cc32d9/apidirectory-a-catalog-of-eosio-api-endpoints-71f6f0736f3c

All public endpoints should have filters so as to return useful content. Check these filters are enabled.

Example => doesn't return any content

$ curl -d '{"pos":-1,"offset":-20,"account_name": "eosio.ram"}' -X POST https://api.eosn.io/v1/history/get_actions
{"actions":[],"last_irreversible_block":3056616}

Example => returns content

$ curl -d '{"pos":-1,"offset":-20,"account_name": "eosio.ram"}' -X POST http://api.eosnewyork.io/v1/history/get_actions | jq .
{
  "actions": [
    {
      "global_action_seq": 8374113,
      "account_action_seq": 292302,
      "block_num": 3056922,
      "block_time": "2018-06-28T08:51:02.500",
      "action_trace": {
        "receipt": {
          "receiver": "eosio.token",
...
}

We are seeing this message on the tool, "duplicate peer for field=<node[1].p2p_endpoint> for host=publicnode.cypherglass.com:9876"

Have the same IP for all of our P2P and/or API endpoints is as designed because that IP points to a globally redundant anycast IP into a load balancing service.