-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
An event driven Bisq stack with interaction over localhost or TOR websocket #8
Comments
Usage examples1 - You are developing a new Bisq moduleLet us imagine a fictional Bisq module called Foo which eg, interacts with the network to do some analysis and reporting about valuable insight. Maybe you also want it to provide a report template to be served over html. Step one
At this point you can do
Step two
You will now have a deployable module, ready for testing. Step three
You are now ready to provide Foo as a deployable Bisq module. 2 - A professional trader needs Bisq automation and reportingLet us imagine a trader who has a wide portfolio of coin assets. They need to maintain 3 Bisq instances on different base markets and already have an automated trading logic routine that they have written and maintain in the fictional language called "NotJava". They have called this Bar. Additionally, they would like to go on holiday, or business trips, and monitor their portfolio via a remote interface. If they see that Bar is not agreeing with their gut instinct, they want to be able to intervene manually. (bisq-front is currently at proof of concept, so these steps are feasible but fictional) Step one
Step two
A happy trader is up and running. |
I agree that we should have some business objects performing actions in a stateless manner, i.e. instead of operating with stateful CreateOfferDataModel, there should be some service or manager that accepts just those 8 input params (paymentAccountId, currency, amount, price, etc.). |
As to API I think it should be just a loadable extension like in Arquillian. It works on top of Service Provider Interfaces https://docs.oracle.com/javase/tutorial/ext/basics/spi.html |
I don't see much point in hiding REST API behind WebSockets. WebSockets could be some addition used to get real-time updates on asynchronous events, but most of the traffic should go directly to the API (over TOR of course). |
@blabno Whether the javaFx GUI or the API is trying to create an offer is irrelevant. Bisq must run the same code from the same place. This works. What needs refinement is sequencing logic (which is handled in viewmodels for the gui). If the request is coming from elsewhere, it needs an
Please have a look here: https://github.com/citkane/bisq-business/tree/master/business/src/main/java/io/bisq/business/actions . We can discuss on Friday why this is already working statefully, but what we do not want to do is get tangled up in re-building logic which already exists, is tested and works for a few years already. Let us forget about the semantic of API for this paragraph. We are looking for REST endpoints. This is provided by Spring, which is already an integral part of the overall Bisq architecture. Any dev creating a Bisq module should be able to provide an API easily, out of the Bisq box, by declaring very simple REST endpoints on the We want to constrain any possibility of connection to Bisq to localhost only. The security model lies outside of a Bisq shaded jar. If we try to be absolute about the security model and open a Bisq module to the outside world, we are inviting a world of pain. There is an architecture that makes things simpler, more re-useable and easier to maintain. This is what I am proposing here. |
What kind of Why constrain to localhost, this won't grant much security? It won't protect you against |
Spring isn't supposed to do anything, it just does it. It uses For eg, we define the REST classpath here: https://github.com/citkane/bisq-engine/blob/master/engine/src/main/java/io/bisq/engine/app/SwaggerConfig.java This is why the REST methods are so clean and simple.
is not going to give me anything unless I am sitting at a browser running on 'localhost', which is the same as having access to the GUI running on localhost, which is why wallets should be encrypted. So, we can use the existing Bisq logic to check any API call for wallet encryption, the same as we check if TAC's have been accepted here: https://github.com/citkane/bisq-business/blob/fd8498ccf535f363cebd9677d3780ec2cc660689/business/src/main/java/io/bisq/business/Handlers.java#L47 |
@blabno , just to be clear, all of the above is functional. You can clone it, compile it and test it. |
Closing due to inactivity and, per the guidance in #11, the fact that this proposal isn't really something discrete that can be approved or rejected. Nothing wrong, by the way—examples like this one help show us how we need to refine proposals to make it a manageable process for everyone. What I liked about this proposal is the raw initiative that it took to put together. What I didn't like is that it proposed too much, and demanded too much of me to be able to form a decision about it. There were multiple new components involved, and the whole thing was overwhelming. I couldn't justify digging into it at the expense of everything else I needed to do, and I (for better or worse) assumed that because it was so broad in scope, and because it was submitted by someone who has not contributed to Bisq before, that it almost certainly would not be something I'd give a 👍 to as-is. The net effect was that I ignored this proposal. Perhaps that is the same experience others had, I don't know. I think that successful proposals from new(er) contributors will be small and well-defined ones. The more experience, track record and reputation one has, the more it becomes reasonable to request (and actually get) other contributors' attention with more ambitious proposals like this one. |
This is a "proof of concept proposal" that assembles a number of "in progress" modules into a modified application stack architecture. All modules work in a Regtest environment.
Move all business logic and data models into a common module
https://github.com/citkane/bisq-business
Slack: #business-logic
This presently has basic logic and methods to set up a bisq user, create offers and fulfill trade through to completion. It already works with
bisq-engine
to provide logic for REST endpoints, and awaits minor refactoring to somegui
packages to become a drop-in provider there also.Provide a bootable, shade'able shell module which provides REST endpoints to localhost
https://github.com/citkane/bisq-engine
Slack: #engine
Business logic and further functionality drops into the shell by modular packing. Theoretically, it is possible to build any distribute-able, run-able jar purely from the POM and by providing correct REST interface classpaths to drop-in sub-modules.
Provide a packaging wrapper to the shaded.jar that can receive a websocket data-stream from TOR and translate it to calls to localhost REST/API interfaces.
https://github.com/citkane/bisq-front
Slack: #front
At the moment this is providing a web GUI to drive basic Bisq trading. This is just one usage, and the GUI needs to be factored out into a package of it's own.
it will further provide the security model for access control to the data stream and will be also be able to direct communication on localhost between Bisq and other third party logic, such as automated trading bots, automated payment API's or network reporting tools.
Given that, once the encrypted websocket is established, data transfer over TOR becomes use-ably fast as the connection is held open and TOR does not seek new routes until the connection is closed. This can be used to transmit both events and data.
With this in mind, and a bit of work to for
bisq-engine
to provide event broadcasting, the javaFXgui
can be plausibly refactored to workas is
as a remote thin client, or remain as an integrated desktop interface under ONE architecture and codebase. The road is now also open for mobile apps and web front-ends.The text was updated successfully, but these errors were encountered: