Fantom Oracle Backend Service Built on Golang

The repository contains implementation of high performance blockchain backend service for oracle contracts off-chain world interaction.

The Oracle Backend service is responsible for monitoring oracle smart contracts activity on block chain, especially for emitted events on contracts, and respond with relevant data from off-chain world needed to perform on-chain actions. Special modules can also feed on-chain contracts with external data, based on specified criteria, timer, or API response.

Building the source

Building Oracle Backend requires GIT package and Go (version 1.14 or later is recommended). You can install it using your favourite package manager. The latest version of Go can be installed directly from GoLang Website.

Once you have the Go environment ready, clone the Watchdog repository from GitHub and build the binary package:

git clone https://github.com/Fantom-foundation/Fantom-Oracle-Backend.git
go build -o ./build/oracle ./cmd/oracle

The build output is build/watchdog executable.

You don't need to clone the project into $GOPATH due to Go Modules tooling, use any suitable location. We recommend moving the built Oracle Backend binary to your bin path and using Systemd unit to manage the Backend as a service for production use.

Running the Oracle Backend server

You need access to an RPC interface of an Opera Lachesis node to run the Oracle Backend server. Please follow Lachesis instructions to build and run the node. You can obtain access to a remotely running instance of Lachesis, too.

We recommend using local IPC channel for communication between a Lachesis node and the Oracle Backend server for performance and security reasons. Please consider security implications of opening Lachesis RPC to outside world access.

System.d Service unit file

To run the Oracle Backend as a system service on Linux, create a service unit file on appropriate location. The actual place for putting the service file may vary by Linux distribution. For example, you can use /etc/systemd/system/oracle.service file path on Ubuntu systems.

We assume you want to use /var/opera/oracle as the working directory for the Watchdog and that you copied the Watchdog binary to /usr/bin/oracle. In that case, the recommended .service file content is:

[Unit]
Description=Fantom Oracle Backend service
After=network.target auditd.service

[Service]
Type=simple
User=opera
Group=opera
WorkingDirectory=/var/opera/oracle
ExecStart=/usr/bin/oracle \
            --rpc /var/opera/lachesis/data/lachesis.ipc \
            --cfg /var/opera/oracle/modules.json \
            --log NOTICE
OOMScoreAdjust=-900
Restart=on-failure
RestartSec=5s

[Install]
WantedBy=multi-user.target
Alias=oracle.service

Adjust the service unit file to match your path and configuration details for Opera RPC interface, work path and Oracle Backend binary file location.

Don't forget to update the System.d status to be able to use the new service file to start and stop the Watchdog: systemctl daemon-reload. Manage the service start/stop using usual System.d commands, i.e. systemctl start oracle.service.

Download details:

Author: Fantom-foundation
Source code: https://github.com/Fantom-foundation/Fantom-Oracle-Backend
License: MIT license

#fantom #blockchain #oracle #go #golang

What is GEEK

Buddha Community

Fantom Oracle Backend Service Built on Golang

The repository contains implementation of high performance blockchain backend service for oracle contracts off-chain world interaction.

The Oracle Backend service is responsible for monitoring oracle smart contracts activity on block chain, especially for emitted events on contracts, and respond with relevant data from off-chain world needed to perform on-chain actions. Special modules can also feed on-chain contracts with external data, based on specified criteria, timer, or API response.

Building the source

Building Oracle Backend requires GIT package and Go (version 1.14 or later is recommended). You can install it using your favourite package manager. The latest version of Go can be installed directly from GoLang Website.

Once you have the Go environment ready, clone the Watchdog repository from GitHub and build the binary package:

git clone https://github.com/Fantom-foundation/Fantom-Oracle-Backend.git
go build -o ./build/oracle ./cmd/oracle

The build output is build/watchdog executable.

You don't need to clone the project into $GOPATH due to Go Modules tooling, use any suitable location. We recommend moving the built Oracle Backend binary to your bin path and using Systemd unit to manage the Backend as a service for production use.

Running the Oracle Backend server

You need access to an RPC interface of an Opera Lachesis node to run the Oracle Backend server. Please follow Lachesis instructions to build and run the node. You can obtain access to a remotely running instance of Lachesis, too.

We recommend using local IPC channel for communication between a Lachesis node and the Oracle Backend server for performance and security reasons. Please consider security implications of opening Lachesis RPC to outside world access.

System.d Service unit file

To run the Oracle Backend as a system service on Linux, create a service unit file on appropriate location. The actual place for putting the service file may vary by Linux distribution. For example, you can use /etc/systemd/system/oracle.service file path on Ubuntu systems.

We assume you want to use /var/opera/oracle as the working directory for the Watchdog and that you copied the Watchdog binary to /usr/bin/oracle. In that case, the recommended .service file content is:

[Unit]
Description=Fantom Oracle Backend service
After=network.target auditd.service

[Service]
Type=simple
User=opera
Group=opera
WorkingDirectory=/var/opera/oracle
ExecStart=/usr/bin/oracle \
            --rpc /var/opera/lachesis/data/lachesis.ipc \
            --cfg /var/opera/oracle/modules.json \
            --log NOTICE
OOMScoreAdjust=-900
Restart=on-failure
RestartSec=5s

[Install]
WantedBy=multi-user.target
Alias=oracle.service

Adjust the service unit file to match your path and configuration details for Opera RPC interface, work path and Oracle Backend binary file location.

Don't forget to update the System.d status to be able to use the new service file to start and stop the Watchdog: systemctl daemon-reload. Manage the service start/stop using usual System.d commands, i.e. systemctl start oracle.service.

Download details:

Author: Fantom-foundation
Source code: https://github.com/Fantom-foundation/Fantom-Oracle-Backend
License: MIT license

#fantom #blockchain #oracle #go #golang

Oracle Kills 402 Bugs in Massive October Patch Update

Business software giant Oracle is urging customers to update their systems in the October release of its quarterly Critical Patch Update (CPU), which fixes 402 vulnerabilities across various product families.

Well over half (272) of these vulnerabilities open products up to remote exploitation without authentication. That means that the flaw may be exploited over a network without requiring user credentials.

The majority of the flaws are in Oracle Financial Services Applications (53), Oracle MySQL (53), Oracle Communications (52), Oracle Fusion Middleware (46), Oracle Retail Applications (28) and Oracle E-Business Suite (27). But overall, 27 Oracle product families are affected by the flaws. Users can find a patch availability document for each product, available here.

“Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches,” according to the company’s release on Tuesday. “In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.”

While details of the flaws themselves are scant, two of the critical vulnerabilities disclosed by Oracle rank the highest severity score – 10 out of 10 – on the CVSS scale.

These include a flaw in the self-service analytics component of Oracle Healthcare Foundation, which is a unified healthcare-analytics platform that is part of the Oracle Health Science Applications suite. The flaw (CVE-2020-1953), which can be remotely exploited without requiring any user credentials, requires no user interaction and is easy to exploit, according to Oracle. Affected supported versions include 7.1.1, 7.2.0, 7.2.1 and 7.3.0.

The second severe flaw (CVE-2020-14871) exists in the pluggable authentication module of Oracle Solaris, its enterprise operating system for Oracle Database and Java applications (part of the Oracle Systems risk matrix). The flaw is also remotely exploitable without user credentials, requires no user interaction and is a “low-complexity” attack. Versions 10 and 11 are affected.

Sixty-five of the vulnerabilities also had a CVSS base score of 9.8 (and six had a score of 9.4) out of 10, making them critical in severity.

Oracle did offer some workarounds, advising that for attacks that require certain privileges or access to certain packages, removing the privileges or the ability to access the packages from users that do not need the privileges may help reduce the risk of successful attack. Users can also reduce the risk of successful attack by blocking network protocols required by an attack.

However, both these approaches may break application functionality, and Oracle does not recommend that either approach be considered a long-term solution as neither corrects the underlying problem.

“Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update security patches as soon as possible,” according to the company.

Oracle releases its CPUs on the Tuesday closest to the 17th day of January, April, July and October.

Previous quarterly updates have stomped out hundreds of bugs across the company’s product lines, including one in April that patched 405. There are also out-of-band updates; in June for instance, Oracle warned of a critical remote code-execution flaw in its WebLogic Server being actively exploited in the wild.

#vulnerabilities #web security #cpu #critical patch update #cve-2020-14871 #cve-2020-1953 #oracle #oracle communications #oracle e-business suite #oracle financial services applications #oracle fusion middleware #oracle mysql #oracle retail applications #quarterly patch update #remote code execution #security update

Hire Backend Developers India

Are you looking to hire experienced Backend Developers at a reasonable cost to boost-up your IT business?

Hire Backend Developers India and accomplish their business goals swiftly. Backend developers in HourlyDeveloper.io are well versed in writing complex functional protocols. They also have exceptional hands-on experience in using the latest technologies that give you custom, secure, and strong backend layers for your website and applications.

Consult with experts:- https://bit.ly/2WlYvA7

#hire backend developers india #backend developers #backend development company #backend development services #backend development #backend

Hire Dedicated Backend Developers

Want to create a backend for a web or mobile app using PHP & JS frameworks?

Hire Dedicated Backend Developers who offer end-to-end, robust, scalable, and innovative website solutions. HourlyDeveloper.io technical analysts will also guide you on improving your web presence using their expertise. Also, we ensure your optimum level of freedom and control over your projects.

Let’s connect with our experts: https://bit.ly/2YLhmFZBackend Development Services

#hire dedicated backend developers #backend developers #backend development company #backend development services #backend development #backend

Golang vs. Node.JS: Who Trumps the Battle of Backend Frameworks?

Full blog here

The backend of your application is truly the essential part of your product. No matter how much you appreciate the design, the application’s success lies in its backend. A scalable backend that effectively implements the required business logic is the primary goal of programmers.

Therefore, it is crucial to choose the most powerful and scalable technology. There are plenty of languages ​​in the market that can form the backend of any application, Node.js and Golang are the two most popular technologies among them.

They are real and developed languages ​​that have recently been used in various outstanding projects. Golang is an open-source programming language, whereas Node.js is an open-source server framework. They both are gaining popularity for various reasons.

According to a development stat, it is observed that almost 50% out of 58,543 respondents use Node.js as their preferred app development tool.

Golang, on the other hand, has overtaken other programming languages in the application development market and has gained huge recognition over the past few years.

But, which backend framework is best for you? In this article, I’ll make a healthy comparison of two of Google’s most popular backend development tools based on several essential features and various other factors.

Golang developers for hire

#best backend frameworks #node or golang #golang or nodejs #nodejs vs golang #golang vs nodejs #top backend frameworks