Is it possible to host web3 and solidity on google appengine?
I am trying to put web3 and solidity on appengine standard environment, wondering if anyone done it and is it possible?
Web3 is just a library written in many flavors like JS, Swift, Kotlin and etc. You can install it inside your web or mobile application.
I assume you're building web DApp here. So, you can host it anywhere you want i.e. shared hosting, VPS, Heroku, AppEngine and etc. You also can host it on IPFS to make it fully decentralized.
Regarding Solidity, that's high level language to write smart-contracts. When you deploy smart-contracts to blockchain (public or private), it translates to bytecode and the EVM will read and operate based on this bytecode.
So, you can't simply deploy that smart-contract to a normal server. You need to deploy it to blockchain node.
If you're developing for Ethereum main net, you have 2 options:
Deploy it via Infura
Run you own Geth node for Ethereum main net and deploy into it
What Infura does is simple. It provides you managed blockchain node. All you need to do is just sign up, get the API key and put it inside your deploy script i.e. truffle.js file.
If you're developing for private blockchain, you also can deploy it to your Geth node for private blockchain. In private blockchain, you can choose to run Proof of Work or Proof of Authority.
I recommend you to use Proof or Authority for private blockchain. It require less compute and the blocks will be processed faster compared to Proof of Work which at some point later, you might face memory leakage problem.
If you are looking for tutorial on how to install Proof of Authority private blockchain, you can refer this good tutorial.
I hope this helps.
Related
I am learning solidity from last 3 months but now I am confused how to connect your contract with frontend (with react or next).
Every developer has their own way of applying it as i am, i want to with the best way
like with hardhat or truffle
Regarding connecting to the provider, #web3-react (docs) is the most used package I believe. It supports a wide variety of connectors (Metamask, ...) and you can find some good examples by googling.
Then you need either "ethers" or "web3js" to send transactions, etc. Choose whatever you're already familiar with.
IMO, A good boilerplate to start coding on web3 is:
Frontend :
ReactJs (CRA)
ethers.js : A great library to let you interact with smartcontract through ABI json file, Events and Transactional functions. This package is considered a MUST USE for a beginner IMO.
#web3-react : Written by creator of Uniswap.org, Good library to work with ethereum compatible wallets, but not necessarily for you to use. you can handle connecting ethereum compatible wallets on your own.
SmartContract :
Hardhat
Ganache
RPC Urls , you may obtain testnet urls by providers like Infura and etc.
Generally speaking of a web3 project, a backend is nothing but a RPC Node who speaks to blockchain, So using ReactJs or NextJs is up to you. But for a beginner I would recommend using ReactJS only. I suggest you look into reputable sources such as Uniswap and OpenZeppelin
I'm sort of restricted to Azure since that is what the client is already using.
But basically, we have this React website which is your typical react-scripts no server website, which means that there's nowhere in Azure Static Webapps to set environment variables for a frontend application.
I saw this on Azure Static Webapps Configuration, but subject to the following restrictions, won't work for my use case because there is no backend API for my frontend application - the backend associated with the frontend is published separately to Azure App services. And I need the secrets on the frontend to use some npm packages that require them, which I would prefer to do on frontend instead of backend.
Are available as environment variables to the backend API of a static web app
Can be used to store secrets used in authentication configuration
Are encrypted at rest
Are copied to staging and production environments
May only be alphanumeric characters, ., and _
I was doing some more research, and this seems to sort of be up the alley of what I'm looking for:
https://learn.microsoft.com/en-us/answers/questions/249842/inject-environment-variables-from-pipeline-to-azur.html
Essentially, I really want to avoid hardcoding secrets into the React code because that's bad practice.
I personally see a few different (potential) options:
Create an endpoint on the backend Spring Boot api that simply serves all environment variables
This is the most trivial to implement but I have concerns about security with this approach. As my frontend has no access to any kind of secrets, there's no way for it to pass a secure token to the backend or anything to authenticate the request, so someone could conceivably have chrome network inspect element tab open, see that I'm making a request to /getEnvironmentVariables, and recreate the request. The only way I can see to prevent this is to have IP restrictions enacted on the backend API, so it only accepts incoming requests from the IP address of my frontend website, but honestly that just sounds like so much overhead to worry about. Especially because we're building the product as more of a POC, so we don't have access to their production environments and can't just test it like that.
Have the Azure Static Webapps Github Actions workflow somehow inject environment variables
So I've actually done something similar with GCP before. In order to login to a GCP service account to deploy the app during continuous build, the workaround was to encode a publicly viewable file that could be freely uploaded to whatever public repo, which could only (realistically) be decrypted using secrets set on the CI/CD pipeline, which would be travis-ci, or in my case, Github Actions. And I know how to set secrets on Github Actions but I'm not sure how realistic a solution like that would be for my use case because decrypting a file is not enough, it has to be formatted or rewritten in such a way that React is able to read it, and I know React is a nightmare working with fs and whatnot, so I'm really worried about the viability of going down a path like that. Maybe a more rudimentary approach might be writing some kind of bash script that could run in the github actions, and using the github actions secrets to store the environment variables I want to inject, run a rudimentary file edit on a small React file that is responsible for just disbursing environment variabless, before packaging with npm and deploying to Azure?
TLDR: I have a window in github actions when I have access to a linux environment and any environment variables I want, in which I want to somehow inject into React during ci/cd before deployment.
I want to build a web application using a mixture of App Engine Standard and Flexible Environment as described in the Google docs (flexible as microservice where third party software is needed, standard for everything else).
I need the mentioned microservice to run latex, a few linux tools and python. What is the best way to go from here?
My guess is:
Build a docker container from a Linux OS and use either Google Pub/Sub, Google Task Queue or plain HTTP for communication with the Standard Env App.
But how is this custom runtime then managed by Google regarding security updates, scaling, loadbalancing and everything else promised in the docs?
Sorry for the rather generic question, the infos are thin IMHO and so I have to ask.
It would be your responsability to re-build the custom runtime images (done during every app deployment) to incorporate security updates. If your Dockerfile references other Google-supplied base images then the security updates for them will be automatically picked up in the process. But for any additional packages or customisations you added to your runtime you may need to incorporate the updates yourself.
Scaling depends on your app's configuration (your responsability), see Service scaling settings.
Google automatically load-balances traffic across your app's instances.
I just when trough this tutorial about Using
Firebase and App Engine Standard Environment in an Android App
It was grate but I wonder now can anyone upload and replace my servlet code. Like do I need to set up some firewall somewhere. I read the docs
about
Using Networks and Firewalls
but I cannot see any hands-on how to apply this, it´s really advanced and if someone could break it down, what I need to do to only allow me to access the code.
I´m a bit new to this but when working with this tutorial
Build an Android App Using Firebase and the App Engine Flexible
Environment
I got this email from CloudPlatform-noreply saying I must maintain a Firewalls :
Dear Developer, We noticed that your Google Cloud Project has open
project firewalls. This could make your instance vulnerable to
compromises since anyone on the internet can access and establish a
connection to the instance. The following project has open firewalls:
Playchat (ID: playchat-4cc1d) Google Cloud Platform provides the
flexibility for you to configure your project to your specific needs.
We recommend updating your settings to only allow access to the ports
that your project requires. You can review your project's settings by
inspecting the output of gcloud compute firewall-rules or by visiting
the firewall settings page on the GCP Console. Learn more about using
firewalls and secure connections to VM instances.
What do I need to be afraid of here - what does "since anyone on the internet can access and establish a connection to the instance." really mean?
I want my Firebase signed in users to be able to access only
Source code deployment
The only people that can deploy source code to your app are ones that you've given access to in the IAM permissions pages in the Cloud Platform Console. People there need Owner or have the specific role of "App Engine Admin" or "App Engine Deployer".
Connecting to your instances
If you are using the App Engine standard environment there are no virtual machine instances. The standard environment is purely a platform as a service, not your typical hosting environment with servers.
If you are using the App Engine flexible environment, your code does run on virtual machine instances. However, those instances by default are locked down. You can enable SSH for debugging purposes. These connections however use the tokens via your authorized gcloud installation to connect. All this is just to say, that by default your instances are locked down and even in the debug mode they are still pretty secure.
Overall, your code is secure by default. Protecting your resources is actually probably more about protecting your Gmail account and thus its connected resources like your Cloud Platform projects. Protect your account with two-factor authentication, don't give people more access to your project than they require, and lastly don't enable debugging unless you need it and even then close it down when you're done.
This question is cross-posted on bitcoin.stackexchange, stackoverflow and bitcointalks.
I'm planning to build an application on Google App Engine that will heavily make use of Bitcoin trading. I've been Googling along a little but I couldn't find whether it is possible to run Bitcoin itself on App Engine (with Java). I have some experience with App Engine, but limited to a pure web-app centered usage.
I've read about a few people that have made applications using Bitcoin with App Engine as well that are hosting Bitcoin separately on an Amazon EC2 instance.
So, does anyone here either has experience with running Bitcoin in App Engine for Java or would anyone have an idea how this could possibly be done?
I know there are a lot of Bitcoin applications out there, I'd like to know how these manage their Bitcoin traffic.
I'm trying to avoid needing a separate Amazon service running all the time next to App Engine.
In fact, receiving Bitcoin can easily be done by using passive APIs like blockexplorer or blockchain, so I'm considering to find a reliable API to handle my outgoing payments. But this approach causes extreme dependency on this API service, which I actually want to avoid as much as possible.
I think you summed up the possiblities already.
depend on an external service providing notifications for
transactions and sending them i would advise against this.
have a second server running permanently and connect to it using json-rpc
running any type of p2p node on app engine will fail, because of the threading limitations on GAE.
a third possibility would be to use a stratum/electrum supernode, that way you are dependant on a 3rd party service, but at least it is well documented and you can set up one yourself easily. AFAIK, stratum is based on http.
source: i programmed a GAE app dealing with bitcoins about 6 monts ago. (using the second server approach)