Let me know if I am on the right train of thought. I'm currently building a dapp that will be based on my own parachain, and I was wondering if by adding this pallet, it would be a way to allow users in my dapp to pay for membership.
Obviously I would have to have some extrinsic functions that are exposed through my dapp so that when they click and pay for membership, in the runtime, the membership pallet will add that user as a member. Can anyone confirm my thoughts on this?
This leads up to another question. Should I just create a smart contract to handle membership logic and deploy it on edgeware or some other parachain that already exists?
obviously I would have to have some extrinsic functions that are exposed through my dapp so that when they click and pay for membership, in the runtime, the membership pallet will add that user as a member. Can anyone confirm my thoughts on this?
You can easily do this. pallet_membership is just a container for members. As you will find in the pallet_membership::Config, there are special origins that can be defined as those who have the authority to add or remove a member.
You need a new pallet that will handle the payment to join new members. Let's call this pallet_membership_payment. Once pallet_membership_payment has received the correct payment, it can call into pallet_membership::add_member with whatever origin is required to satisfy it. Not that even if the origin requirement of add_member is EnsureRoot, pallet_membership_payment can still practically get over it, if it is coded as such.
Should I just create a smart contract to handle membership logic and deploy it on edgeware or some other parachain that already exists.
The answer to this really depends on how much further logic does your application have next to handling this membership via fees. Also, it depends on the smart contract payment model (end user pays the fees) works for you If this is it, then it is pretty simple. You might have an easier time in a smart contract model. But, if you need certain optimisations, less fees, more performance etc. you will probably have to consider being your own (para)chain.
Related
I got a request as a developer to develop a bitcoin exchange site like https://mypatricia.co/ or https://instantcoins.ng/ I am to leverage on third party API like Coinbase, blockchain, it could be anything reliable API.
Users will be able to buy and sell bitcoin. For instance USER A makes an offer. USER B is interested in USER A's offer. When USER B clicks a button, with be a switch from USER A's wallet to USER B's wallet. Before the EXCHANGE is done. USER B is prompted to make payment in local currency.
I have been looking at https://developers.coinbase.com/api/v2#introduction https://api.blockchain.com/v3 I dont know how to go about it.
Is there any other better ones to work with?
There will be some other endpoints like
Where users get list of their orders
check wallet etc
I will appreciate your contribution
This is a very broad topic, so I'm just going to tackle few key points.
Dependency on third-party blockchain data
You can get rate limited
You might be a subjet to a man-in-the-middle attack
The source might (intentionally or unintentionally) send incorrect data.
The data is usually delayed
You'll most likely need to use another tool to create deposit addresses (since the third-party tools will allow you to create only limited amount of addresses on your account).
It's very risky and unreliable to use a third-party data. It's an industry standard to run a full node for each cryptocurrency you work with and access the blockchain data from your own node instead of a third-party API.
Escrowing the offered amount
As per your example, you need to make sure that user A is actually going to transfer the BTC. Since there are no smart contracts in BTC, you need to act as an escrow.
So you need to accept the BTC from user A to their deposit address (only your site should have the private key to this address) before you even allow them to pass their order into the queue.
Order list
Since you're going to be storing the order list on your side, you need to create a separate database and CRUD endpoints to maintain the order list.
In the Hyperledger Fabric Docs, while reading about private data collections I came accross this sentence regarding memberReadOnly:
Utilize a value of false if you would like to encode more granular access control within individual chaincode functions.
If I understand this correctly, this allows me to code into the smart contract specifications that will allow me to limit control to eg. specific clients of one organization instead of all peers of member organizations.
If that is so, I am curious as to how this can be done in the contract. Is there a specific way to handle access control or is it at my own discretion to write code that will enforce it? If you can provide me with any examples it would be very helpful.
To clarify what I mean, I come from Ethereum and what I am essentially asking is whether there is something like the require method in solidity, or would I just use a simple if.
Thanks for any help. If you close question for wrong site, please point me to the right place as I have not been able to find somewhere more relevant.
You didn't understand correctly.
Setting this value (memberOnlyRead) to true means that if a client sends a proposal to a peer, and the client is not in the collection, then if the peer is in the collection and has access to the data - it will refuse with an error automatically no matter the smart contract says.
If it's false, then the peer won't enforce such a thing, and then you have more freedom to code any access control logic you want for the clients.
Here's an abstract question with real world implications.
I have two microservices; let's call them the CreditCardsService and the SubscriptionsService.
I also have a SPA that is supposed to use the SubscriptionsService so that customers can subscribe. To do that, the SubscriptionsService has an endpoint where you can POST a subscription model to create a subscription, and in that model is a creditCardId that points to a credit card that should pay for the subscription. There are certain business rules that say whether or not you can use said credit card for the subscription (expiration is more than 12 months away, it's a VISA, etc). These specific business rules are tied to the SubscriptionsService
The problem is that the team working on the SPA want a /CreditCards endpoint in the SubscriptonsService that returns all valid credit cards of the user that can be used in the subscriptions model. They don't want to implement the same business validation rules in the SPA that are in the SubscriptionsService itself.
To me this seems to go against the SOLID principles that are central to microservice design; specifically separation of concerns. I also ask myself, what precedent is this going to set? Are we going to have to add a /CreditCards endpoint to the OrdersService or any other service that might use creditCardId as a property of it's model?
So the main question is this: What is the best way to design this? Should the business validation logic be duplicated between the frontend and the backend? Should this new endpoint be added to the SubscriptionsService? Should we try to simplify the business logic?
It is a completely fair request and you should offer that endpoint. If you define the rules for what CC is valid for your service, then you should offer any and all help dealing with it too.
Logic should not be repeated. That tend to make systems unmaintainable.
This has less to do with SOLID, although SRP would also say, that if you are responsible for something then any related logic also belongs to you. This concern can not be separated from your service, since it is defined there.
As a solution option, I would perhaps look into whether I can get away with linking to the CC Service since you already have one. Can I redirect the client with a constructed query perhaps to the CC Service to get all relevant CCs, without actually knowing them in the Subscription Service.
What is the best way to design this? Should the business validation
logic be duplicated between the frontend and the backend? Should this
new endpoint be added to the SubscriptionsService? Should we try to
simplify the business logic?
From my point of view, I would integrate "Subscription BC" (S-BC) with "CreditCards BC" (CC-BC). CC-BC is upstream and S-BC is downstream. You could do it with REST API in CC-BC, or with a message queue.
But what I validate is the operation done with a CC, not the CC itself, i.e. validate "is this CC valid for subscription". And that validation is in S-BC.
If the SPA wants to retrieve "the CCs of a user that he/she can use for subscription", it is a functionality of the S-BC.
The client (SPA) should call the the S-BC API to use that functionality, and the S-BC performs the functionality getting the CCs from the CC-BC and doing the validation.
In microservices and DDD the subscriptions service should have a credit cards endpoint if that is data that is relevant to the bounded context of subscriptions.
The creditcards endpoint might serve a slightly different model of data than you would find in the credit cards service itself, because in the context of subscriptions a credit card might look or behave differently. The subscriptions service would have a creditcards table or backing store, probably, to support storing its own schema of creditcards and refer to some source of truth to keep that data in good shape (for example messages about card events on a bus, or some other mechanism).
This enables 3 things, firstly the subscriptions service wont be completely knocked out if cards goes down for a while, it can refer to its own table and work anyway. Secondly your domain code will be more focused as it will only have to deal with the properties of credit cards that really matter to solving the current problem. Finally if your cards store can even have extra domain specific properties that are computed and materialized on store.
Obligatory Fowler link : Bounded Context Pattern
Even when the source of truth is the domain model and ultimately you must have validation at the
domain model level, validation can still be handled at both the domain model level (server side) and
the UI (client side).
Client-side validation is a great convenience for users. It saves time they would otherwise spend
waiting for a round trip to the server that might return validation errors. In business terms, even a few
fractions of seconds multiplied hundreds of times each day adds up to a lot of time, expense, and
frustration. Straightforward and immediate validation enables users to work more efficiently and
produce better quality input and output.
Just as the view model and the domain model are different, view model validation and domain model
validation might be similar but serve a different purpose. If you are concerned about DRY (the Don’t
Repeat Yourself principle), consider that in this case code reuse might also mean coupling, and in enterprise applications it is more important not to couple the server side to the client side than to
follow the DRY principle. (NET-Microservices-Architecture-for-Containerized-NET-Applications book)
I'm looking at knowing, In order to update a asset,
When should I need to write Transaction in lib/script.js
vs.
when should I be using composer-client code using bizNetworkConnection.getAssetRegistry?
I see that I cant use the feature of event emission in later case, Is there any other reason why I should be using it?
Please help me know.
The important thing about writing a Transaction is that it becomes part of the Agreed Smart Contract. So the creation of one or more assets or participants in the same transaction with the associated logic is agreed. This Transaction is a class and can have a specific ACL rule associated with it (also in the smart contract), whereas if you use composer-client you would add individual assets or participants using a generic system transaction AddAsset or AddParticipant.
So writing your code in a Transaction provides a 'better' Blockchain app with a stronger Smart Contract and improved security.
In my app, I want users to be able to add money to their account, and send it to other members when certain services are rendered.
Is there a safe and straightforward to do this with Parse.com? If not, is there a third party someone can recommend?
Parse actually released something for mobile payment processing. It's called 'Stripe.' http://stripe.com/