AIBlockOfficial · BHouwens · Aug 20, 2024 · Feb 24, 2024 · Feb 24, 2024 · Feb 24, 2024
@@ -0,0 +1,11 @@
+name: code-scan
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+jobs:
+  scan-code:
+    uses: aiblockofficial/workflows/.github/workflows/scan-code.yml@main
@@ -0,0 +1,28 @@
+name: build-scan
+
+on:
+  push:
+    branches: 
+      - main
+      - develop
+
+permissions:
+  contents: read
+  packages: write
+  security-events: write
+
+env:
+  CARGO_TERM_COLOR: always
+
+jobs:
+  build: 
+    uses: aiblockofficial/workflows/.github/workflows/build.yml@main
+    with: 
+      REGISTRY:  ${{ vars.REGISTRY }}
+      REPOSITORY: ${{ vars.REPOSITORY }}
+  scan-image:
+    uses: aiblockofficial/workflows/.github/workflows/scan-image.yml@main
+    secrets: inherit
+    needs: build
+    with:
+      IMAGE: ${{ vars.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }}
@@ -0,0 +1,16 @@
+name: manual-build-and-push
+
+permissions:
+  contents: read
+  packages: write
+  security-events: write
+
+env:
+  CARGO_TERM_COLOR: always
+
+jobs:
+  build:
+    uses: aiblockofficial/workflows/.github/workflows/build.yml@main
+    with:
+      REGISTRY: ${{ vars.REGISTRY }}
+      REPOSITORY: ${{ vars.REPOSITORY }}
@@ -0,0 +1,17 @@
+name: build-and-push
+
+on:
+  release:
+    types: [published]
+
+permissions:
+  contents: read
+  packages: write
+  security-events: write
+
+jobs:
+  build:
+    uses: aiblockofficial/workflows/.github/workflows/build.yml@main
+    with:
+      REGISTRY: ${{ vars.REGISTRY }}
+      REPOSITORY: ${{ vars.REPOSITORY }}
@@ -0,0 +1,6 @@
+# Accept the risk
+
+
+# Ignore misconfigurations
+# https://avd.aquasec.com/misconfig/dockerfile/general/avd-ds-0001/
+AVD-DS-0001
@@ -1,6 +1,6 @@
 [package]
 name = "valence"
-version = "0.1.1"
+version = "0.1.2"
 edition = "2021"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
@@ -23,5 +23,4 @@ tracing = "0.1.37"
 tracing-subscriber = "0.3.17"
 tracing-futures = "0.2.3"
 warp = "0.3.5"
-valence_core = "0.1.3"
-valence_market = "0.1.0"
+valence_core = "0.1.8"
@@ -31,19 +31,14 @@ RUN cargo build --target x86_64-unknown-linux-musl --release
 ####################################################################################################
 ## Final image
 ####################################################################################################
-FROM alpine
+FROM cgr.dev/chainguard/glibc-dynamic:latest
 
-# Import from builder.
-COPY --from=builder /etc/passwd /etc/passwd
-COPY --from=builder /etc/group /etc/group
+USER nonroot
 
 WORKDIR /valence
 
 # Copy our build
 COPY --from=builder /valence/target/x86_64-unknown-linux-musl/release/valence ./
 COPY --from=builder /valence/config.toml ./
 
-# Use an unprivileged user.
-USER valence:valence
-
 CMD ["/valence/valence"]
@@ -33,8 +33,9 @@
       <a href="#getting-started">Getting Started</a>
       <ul>
         <li><a href="#prerequisites">Prerequisites</a></li>
-        <li><a href="#running-the-server">Running The Server</a></li>
-        </ul>
+        <li><a href="#installation">Installation</a></li>
+        <li><a href="#running-the-server">Running the server</a></li>
+      </ul>
     </li>
     <li>
       <a href="#how-it-works">How it Works</a>
@@ -44,6 +45,7 @@
             <ul>
                 <li><a href="#set_data">set_data</a></li>
                 <li><a href="#get_data">get_data</a></li>
+                <li><a href="#del_data">del_data</a></li>
             </ul>
         </li>
         <li><a href="#further-work">Further Work</a></li>
@@ -89,7 +91,7 @@ docker build -t valence .
 
 ..
 
-### 🏎️ Running
+### 🏎️ Running the server
 
 To use the server as is, you can simply run the following in the root folder of the repo:
 
@@ -133,14 +135,17 @@ Sets data in the Redis instance and marks it for pending retrieval in the server
 }
 ```
 
-The body of the `set_data` call would contain the data being exchanged:
+The body of the `set_data` call would contain the `value_id` for that entry and the `data` being exchanged :
 
 ```json
 {
+    "data_id": "EntryId"
     "data": "hello Bob"
 }
 ```
 
+`data_id` is required and allows for mutiple entries under one address. If the `data_id` value is the same as an existing entry for that address, it is updated. If the `data_id` is unique it will be added to the hashmap for that address
+
 The headers that Alice sends in her call will be validated by the Valence, after which they'll be stored at Bob's address for his later retrieval using the `get_data` call.
 
 ..
@@ -152,12 +157,31 @@ Gets pending data from the server for a given address. To retrieve data for Bob,
 [
     {
         "address": "76e...dd6",     // Bob's public key address
+        "public_key": "a4c...e45"   // Bob's public key corresponding to his address
         "signature": "b9f...506",   // Bob's signature of the public key
+    }
+]
+```
+
+If `data_id` is provided in the request (`get_data/[value_id]`), the specific entry associated to that id is retrieved. If no `data_id` is provided, the full hashmap is retrieved.
+
+Again, the Valence will validate the signature before returning the data to Bob.
+
+##### **<img src="https://img.shields.io/badge/DEL-FF0000" alt="DEL"/> `del_data`**
+Delete pending data from the server for a given address. To delete data for Bob, he only has to supply his credentials in the call header:
+
+```json
+[
+    {
+        "address": "76e...dd6",     // Bob's public key address
         "public_key": "a4c...e45"   // Bob's public key corresponding to his address
+        "signature": "b9f...506",   // Bob's signature of the public key
     }
 ]
 ```
 
+If `data_id` is provided in the request (`del_data/[value_id]`), the specific entry associated to that id is deleted. If no `data_id` is provided, the full hashmap is deleted.
+
 Again, the Valence will validate the signature before returning the data to Bob.
 
 **For best practice, it's recommended that Alice and Bob encrypt their data using their private keys, before exchanging it with each other.** This ensures that the data exchange is E2E encrypted, and that the Valence maintains no knowledge of the data's content.
@@ -171,7 +195,7 @@ Again, the Valence will validate the signature before returning the data to Bob.
 - [x] Match public key to address for `get_data` (resolved by using address directly for retrieval)
 - [ ] Add a rate limiting mechanism
 - [x] Set Redis keys to expire (handle cache lifetimes)
-- [ ] Handle multiple data entries per address
+- [x] Handle multiple data entries per address
 - [ ] Add tests
 
 <p align="left">(<a href="#top">back to top</a>)</p>

@@ -4,13 +4,13 @@ extern_port = 3030
 cache_url = "redis://0.0.0.0"
 cache_port = "6379"
 cache_password = ""
-db_protocol = "mongodb://"
-db_url = "0.0.0.0"
+db_protocol = "mongodb://127.0.0.1"
+db_url = ""
 db_port = "27017"
-db_user = "root"
-db_password = "example"
+db_user = ""
+db_password = ""
 body_limit = 4096
 cache_ttl = 600 # cache lifetime in seconds
 
 # Plug-in options
-market = true
+market = false
@@ -1,7 +1,14 @@
 version: '3'
+
+networks:
+  app-tier:
+    driver: bridge
+
 services:
   cache:
     image: redis:6.2.6-alpine
+    networks:
+      - app-tier
     restart: always
     ports:
       - 6379:6379
@@ -10,37 +17,37 @@ services:
     command: redis-server --save 20 1 --loglevel warning
     volumes:
       - cache:/data/cache
-    container_name: cache
   db:
-    image: mongo
+    image: bitnami/mongodb:7.0.5
+    networks:
+      - app-tier
     restart: always
     ports:
       - 27017:27017
     expose:
       - 27017
-    environment:
-      MONGO_INITDB_ROOT_USERNAME: root
-      MONGO_INITDB_ROOT_PASSWORD: example
-    volumes:
-      - db:/data/db
-    container_name: db
-  valence:
-    build: .
-    image: valence
-    ports:
-      - 3030:3030
-    expose:
-      - 3030
-    restart: always
-    depends_on:
-      - cache
-      - db
-    links:
-      - cache
-      - db
-    volumes:
-      - ${PWD}/logs:/app/logs
-    container_name: valence
+    # environment:
+    #   MONGODB_ROOT_USER: root
+    # volumes:
+    #   - db:/data/db
+  # valence:
+  #   build: .
+  #   image: valence
+  #   networks:
+  #     - app-tier
+  #   ports:
+  #     - 3030:3030
+  #   expose:
+  #     - 3030
+  #   restart: always
+  #   depends_on:
+  #     - cache
+  #     - db
+  #   # links:
+  #   #   - cache
+  #   #   - db
+  #   volumes:
+  #     - ${PWD}/logs:/app/logs
 volumes:
   cache:
     driver: local