rwadurian

Commit Graph

Author	SHA1	Message	Date
hailin	5131728835	fix(planting-service): 添加 ADMIN_SERVICE_URL 环境变量 planting-service 的 PrePlantingPublicController 需要调用 admin-service 获取预种配置（含协议文本），但 docker-compose 中缺少 ADMIN_SERVICE_URL 环境变量，导致默认使用 localhost:3010 连接失败。 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-26 21:58:42 -08:00
hailin	b3a3652f21	feat(transfer): 树转让功能全量实现（纯新增，零侵入）实现已认种果树所有权在用户间转让的完整功能。采用方案一：独立 transfer-service 微服务 + Saga 编排器模式。 === 架构设计 === - Saga 编排器 8 步正向流程：卖方确认 → 冻结资金 → 锁定树 → 变更所有权 → 调整算力 → 更新统计 → 结算资金 → 完成 - 补偿回滚：任一步骤失败自动反向补偿（解冻资金 → 解锁树） - 13 种状态：PENDING → SELLER_CONFIRMED → PAYMENT_FROZEN → TREES_LOCKED → OWNERSHIP_TRANSFERRED → CONTRIBUTION_ADJUSTED → STATS_UPDATED → PAYMENT_SETTLED → COMPLETED / CANCELLED / FAILED / ROLLING_BACK / ROLLED_BACK === Phase 1-2: transfer-service（独立微服务） === 新建文件： - Prisma Schema：transfer_orders + transfer_status_logs + outbox_events - Domain：TransferOrder 聚合根 + TransferFeeService（5% 手续费） - Application：TransferApplicationService + SagaOrchestratorService - Infrastructure：Kafka 事件消费/生产 + Outbox Pattern - API：TransferController（用户端）+ AdminTransferController（管理端） - External Clients：wallet/planting/identity-service HTTP 客户端 - Docker + 环境配置 === Phase 3: 现有微服务扩展（纯追加） === planting-service： - Prisma schema 追加 transferLockId 可空字段 - InternalTransferController：锁定/解锁/执行 3 个新端点 - Kafka handlers：transfer-lock/execute/rollback 事件处理 - main.ts 追加 Kafka consumer group 配置 referral-service： - PlantingTransferredHandler：处理转让后团队统计更新 - TeamStatisticsAggregate 追加 handleTransfer() 方法 - TeamStatisticsRepository 追加 adjustForTransfer() 方法 - ProvinceCityDistribution 追加 transferTrees() 方法 contribution-service： - TransferOwnershipHandler：处理所有权变更事件 - TransferAdjustmentService：算力调整（879 行核心逻辑） - Prisma schema 追加 transferOrderId 可空字段 - ContributionAccount 追加 applyTransferAdjustment() 方法 === Phase 4A: wallet-service（3 个新内部端点） === 新建文件： - FreezeForTransferDto / UnfreezeForTransferDto / SettleTransferDto - FreezeForTransferCommand / UnfreezeForTransferCommand / SettleTransferPaymentCommand - InternalTransferWalletController（POST freeze/unfreeze/settle-transfer）修改文件： - wallet-application.service.ts 追加 3 组方法（+437 行）： freezeForTransfer / unfreezeForTransfer / settleTransferPayment （乐观锁 + 3 次重试 + Prisma $transaction + 幂等检查） - 结算操作：单事务内更新 3 个钱包（买方扣减 + 卖方入账 + 手续费归集） === Phase 4B: admin-web（转让管理页面） === 新建文件： - transferService.ts：API 调用服务 + 完整类型定义 - useTransfers.ts：React Query hooks（list/detail/stats/forceCancel） - /transfers/page.tsx：列表页（统计卡片 + 搜索筛选 + 分页 + 13 种状态 badge） - /transfers/[transferOrderNo]/page.tsx：详情页（Saga 时间线 + 状态日志 + 强制取消） - transfers.module.scss：完整样式修改文件： - endpoints.ts 追加 TRANSFERS 端点配置 - Sidebar.tsx 追加「转让管理」菜单项 - hooks/index.ts 追加 useTransfers 导出 === Phase 4C: mobile-app（转让 UI） === 新建文件： - transfer_service.dart：Flutter API 服务 + Model（TransferOrder/Detail/StatusLog） - transfer_list_page.dart：转让记录列表（全部/转出/转入 Tab + 下拉刷新） - transfer_detail_page.dart：转让详情（Saga 时间线 + 确认/取消操作） - transfer_initiate_page.dart：发起转让表单（手续费自动计算）修改文件： - injection_container.dart 追加 transferServiceProvider - route_paths.dart + route_names.dart 追加 3 个路由 - app_router.dart 追加 3 个 GoRoute - profile_page.dart 追加「发起转让」+「转让记录」按钮行 === 基础设施 === - docker-compose.yml 追加 transfer-service 容器配置 - deploy.sh 追加 transfer-service 部署 - init-databases.sh 追加 transfer_db 数据库初始化 === 纯新增原则 === 所有变更均为追加式修改，不修改任何现有业务逻辑： - 新增 nullable 字段（不影响现有数据） - 新增 enum 值（不影响现有枚举使用） - 新增 providers/controllers（不影响现有依赖注入） - 新增页面/路由（不影响现有页面行为）回滚方式：删除 transfer-service 目录 + 移除各服务中带 [2026-02-19] 标记的代码 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-19 03:44:02 -08:00
hailin	2a725af83e	fix: Debezium CDC 全面安全加固 (1.0 + 2.0) 问题背景: - 1.0 生产环境发现 6 个孤儿 replication slot, WAL 积压 8.6GB (已清理) - 1.0 使用 Debezium 2.4, 存在 DBZ-7316 (WAL 无限积压) bug - 1.0 和 2.0 均无 max_slot_wal_keep_size 安全阀 (已在线设置 10GB) - 2.0 outbox connector 使用 pg_logical_emit_message 心跳, 不经 publication - 2.0 outbox connector RegexRouter regex="." 导致 heartbeat 污染消费者修复内容: [docker-compose.yml - 1.0 基础设施] - Debezium: 2.4 → 2.5.4.Final (修复 DBZ-7316) - PostgreSQL: 添加 max_slot_wal_keep_size=10GB - Debezium REST API: 端口绑定 127.0.0.1 (防 SSRF 注入) - PostgreSQL: 端口绑定 127.0.0.1 (防公网直连) - Kafka Connect: 添加 OFFSET_FLUSH_INTERVAL_MS=10s [docker-compose.2.0.yml - 2.0 基础设施] - Debezium: 2.5 → 2.5.4.Final (锁定精确版本) - PostgreSQL: 添加 max_slot_wal_keep_size=10GB - Kafka Connect: 添加 OFFSET_FLUSH_INTERVAL_MS=10s [1.0 Connector 配置 - identity/authorization] - 添加 heartbeat.action.query (INSERT INTO debezium_heartbeat TABLE 方式) - 之前只有 heartbeat.interval.ms 无 action.query, 心跳不生效 [2.0 Outbox Connector 配置 - 5个全部更新] - heartbeat: pg_logical_emit_message → INSERT INTO debezium_heartbeat TABLE 方式 (TABLE 方式经过 publication → Debezium 消费 → 推进 confirmed_flush_lsn) - RegexRouter: regex "." → ".outbox_events" (只路由 outbox 事件, heartbeat 走默认 topic) - table.include.list: 添加 debezium_heartbeat (确保心跳变更生成 Kafka 消息) - publication.autocreate.mode: filtered → disabled (使用预创建的 publication) - auth/contribution: 添加 signal channel 配置 (支持增量快照数据重放) 经验总结: 1. pg_logical_emit_message 写 WAL 但不经 publication, 无法推进 confirmed_flush_lsn 2. RegexRouter regex="." 把所有变更(含 heartbeat)路由到 outbox topic, 污染消费者 3. 删除 Kafka Connect connector 不会自动清理 PostgreSQL replication slot 4. max_slot_wal_keep_size 是 sighup 级参数, 可在线 ALTER SYSTEM + pg_reload_conf Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-15 07:32:13 -08:00
hailin	5b3c391340	fix(infra): 添加 Zookeeper 数据持久化卷，修复 Kafka Cluster ID 冲突 Kafka 有持久化卷但 Zookeeper 没有，导致 down/up 后 ZK 生成新的 Cluster ID，与 Kafka meta.properties 中的旧 ID 冲突。 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-02 10:25:14 -08:00
hailin	6f668d69bd	fix(infra): 添加 Kafka 数据持久化卷，防止容器重建后 Debezium connector 丢失根因：Kafka 没有配置数据卷，容器重建后 debezium_configs/offsets 等内部 topic 丢失，导致 connector 注册信息消失。新 snapshot 的 offset 与旧 processed_events 碰撞，CDC 数据被跳过。 - docker-compose.yml: 添加 kafka_data 命名卷挂载到 /var/lib/kafka/data - register-connectors.sh: 添加环境变量替换、幂等注册、--force/--1.0/--2.0 参数 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-02 10:16:07 -08:00
hailin	0d47fadf59	feat(kafka): add EXTERNAL listener on port 9093 for LAN access Add a third Kafka listener (EXTERNAL://0.0.0.0:9093) so that 2.0 standalone services on other servers (e.g. 192.168.1.10) can connect to 1.0's Kafka at 192.168.1.111:9093. Listeners now: - PLAINTEXT (kafka:29092) - internal Docker network - PLAINTEXT_HOST (localhost:9092) - host-local access - EXTERNAL (192.168.1.111:9093) - LAN access for remote services Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-01 19:49:34 -08:00
hailin	48720d1846	feat(blockchain): 1.0 blockchain-service 同步添加 RPC 端点自动故障转移与 mining-blockchain-service (2.0) 保持一致的故障转移方案：当 RPC 端点连续失败超过 3 分钟后自动轮转到下一个备选端点。新增文件： - rpc-provider-manager.service.ts: RPC 故障转移管理器（与 2.0 相同逻辑）修改文件： - blockchain.config.ts: 新增 rpcUrls 配置字段 - chain-config.service.ts: 新增 rpcUrls 属性和 parseRpcUrls 解析方法 - domain.module.ts: 注册并导出 RpcProviderManager - index.ts: 导出 RpcProviderManager - evm-provider.adapter.ts: 委托 RpcProviderManager 获取 provider，所有方法通过 executeWithFailover 包裹 - erc20-transfer.service.ts: 移除本地 providers Map，改用 RpcProviderManager，新增 isRpcConnectionError 区分 RPC 网络错误与合约执行错误 - docker-compose.yml: blockchain-service 添加 KAVA_RPC_URLS 默认 4 个端点 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-01 07:36:02 -08:00
hailin	83384acdac	fix(mining-service): Redis DB 11 冲突修复，迁移至 DB 16 问题： mining-service (2.0) 与 blockchain-service (1.0) 共用 Redis DB 11，存在数据污染和资源抢占风险。虽然当前 Key 前缀不同 (mining:* vs blockchain:)，但缺乏结构性隔离保障。方案： - 将 mining-service Redis DB 从 11 迁移到 16 (超出默认 0-15 范围) - Redis 基础设施配置增加 --databases 20，支持 DB 16+ - 同步修正 .env.example 与代码默认值不一致的问题 (原 .env=1, 代码=11) 修改清单： - mining-service/infrastructure.module.ts: 代码默认值 11 → 16 - mining-service/redis.service.ts: fallback 默认值 1 → 16 - mining-service/.env.example: REDIS_DB=1 → REDIS_DB=16 - docker-compose.2.0.yml: mining-service REDIS_DB 11 → 16 + 注释 - docker-compose.yml: Redis 添加 --databases 20 - docker-compose.infra.yml: Redis 添加 --databases 20 - docker-compose.windows.yml: Redis 添加 --databases 20 部署注意： 1. 需重启 Redis 容器使 --databases 20 生效 2. 需重启 mining-service 使新 DB 16 生效 3. 旧 DB 11 中 mining-service 的残留数据可手动清理: redis-cli -n 11 KEYS "mining:" \| xargs redis-cli -n 11 DEL Redis DB 分配表 (修改后): 1.0: DB 0-11 (identity=0, wallet=1, ..., blockchain=11) 2.0: DB 8,10,12-16 (blockchain=8, contribution=10, trading=12, admin=13, auth=14, wallet=15, mining=16) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-30 02:22:20 -08:00
hailin	11eb1f8a04	fix(postgres): 增加数据库最大连接数到 300 - max_connections: 100 -> 300 - max_replication_slots: 10 -> 20 - max_wal_senders: 10 -> 20 支持更多服务和 Debezium connectors 同时连接 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-12 02:29:35 -08:00
hailin	4d944b06e5	fix(admin-service): 添加uploads目录的volume持久化配置问题：admin-service重新部署后，上传的APK文件会丢失原因：主docker-compose.yml中admin-service未配置volume挂载，导致容器重建时/app/uploads目录数据丢失修复： - 添加admin_uploads_data volume挂载到/app/uploads - 添加UPLOAD_DIR环境变量 - 在volumes部分声明admin_uploads_data 影响范围：仅影响admin-service的文件存储持久化 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-08 21:00:31 -08:00
hailin	2781ffccc1	fix(postgres): 增加 max_wal_senders 到 10 支持更多 CDC connector - max_replication_slots: 4 -> 10 - max_wal_senders: 4 -> 10 - 修复 authorization-connector FAILED 的问题 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-07 21:53:25 -08:00
hailin	83f84b9d7c	feat(admin-service): 添加 CDC 分类账流水同步新增 wallet/planting/authorization 服务的 CDC 数据同步：状态表同步: - WalletAccountQueryView: 钱包账户余额状态 - WithdrawalOrderQueryView: 提现订单状态 - FiatWithdrawalOrderQueryView: 法币提现订单 - PlantingOrderQueryView: 认种订单状态 - PlantingPositionQueryView: 持仓状态 - ContractSigningTaskQueryView: 合同签约任务 - AuthorizationRoleQueryView: 授权角色 - MonthlyAssessmentQueryView: 月度考核 - SystemAccountQueryView: 系统账户余额分类账流水同步: - WalletLedgerEntryView: 钱包流水分类账 - FundAllocationView: 认种资金分配记录 - SystemAccountLedgerView: 系统账户流水其他: - Debezium Connect 端口改为 8084 避免冲突 - 更新连接器配置添加流水表 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-07 19:29:27 -08:00
hailin	b5ebf8a615	feat(admin-service): 实现 Debezium CDC 数据同步 - 新增 CdcConsumerService 消费 PostgreSQL WAL 变更事件 - 配置 Debezium Connect 服务和 PostgreSQL 逻辑复制 - 更新 deploy.sh 支持 Debezium 启动和连接器管理 - 新增 identity-postgres-connector 配置同步 user_accounts 表 - 保留原有 Outbox 机制用于业务领域事件 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-07 18:35:53 -08:00
hailin	838d5c1d3b	feat(reporting): fix system account report to use wallet-service data The system account balances were showing 0 because data was being fetched from authorization-service.system_accounts table instead of the actual wallet-service.wallet_accounts table where funds are stored. Changes: - wallet-service: Add getAllSystemAccounts() method to query all system accounts (fixed S, province 9, city 8*) with actual balances - wallet-service: Add /wallets/statistics/all-system-accounts API endpoint - reporting-service: Update SystemAccountReportApplicationService to fetch data from wallet-service instead of authorization-service - reporting-service: Fix default service URLs to use correct container names and ports (rwa-wallet-service:3001, rwa-reward-service:3005) - docker-compose: Add WALLET_SERVICE_URL and REWARD_SERVICE_URL env vars for reporting-service 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-04 23:10:20 -08:00
hailin	ea93bafe7e	fix(leaderboard): add REFERRAL_SERVICE_URL to docker-compose The leaderboard-service needs to connect to referral-service for team statistics data. Without this environment variable, it falls back to localhost:3004 which fails inside Docker network. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-04 03:47:00 -08:00
hailin	c392142562	feat(blockchain): 切换到dUSDT(绿积分)合约 - KAVA主网合约信息: - 地址: 0xA9F3A35dBa8699c8C681D8db03F0c1A8CEB9D7c3 - 名称: Durian USDT (dUSDT) - 精度: 6位 - 网络: KAVA EVM Mainnet (Chain ID: 2222) - 链接: https://kavascan.com/address/0xA9F3A35dBa8699c8C681D8db03F0c1A8CEB9D7c3 修改: - blockchain.config.ts: 更新默认合约地址 - chain-config.service.ts: 更新默认合约地址 - docker-compose.yml: NETWORK_MODE改为mainnet，配置KAVA主网 - .env.example: 更新合约地址和注释 - KAVA_NETWORK.md: 标注dUSDT为当前使用合约 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-02 04:31:11 -08:00
hailin	bf7f4af88d	fix(docker-compose): 添加 referral-service 的 WALLET_SERVICE_URL 配置 referral-service 需要调用 wallet-service 确认扣款，但缺少环境变量配置导致使用默认 localhost:3002 无法访问 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-25 08:59:53 -08:00
hailin	c657fb5a19	feat(planting-service): 实现合同签名和PDF云存储功能 - 添加 MinIO 存储服务，支持上传签名图片和已签署 PDF - 添加 signedPdfUrl 字段到数据库模型 - 修改签署流程：生成 PDF、嵌入签名、上传到云存储 - 修复前端签署 API 响应处理 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-25 03:35:15 -08:00
hailin	e4f27b3134	fix(docker): 添加阿里云KYC环境变量到docker-compose 在identity-service中添加: - ALIYUN_KYC_ENABLED - ALIYUN_KYC_ENDPOINT - ALIYUN_KYC_SCENE_ID 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-24 23:46:12 -08:00
hailin	7ae6af7841	fix(docker): 添加 Kafka/Zookeeper JVM 时区配置 - 添加 KAFKA_OPTS="-Duser.timezone=Asia/Shanghai" 设置 JVM 时区 - 挂载 /usr/share/zoneinfo 确保容器内有完整的时区数据 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-23 19:14:46 -08:00
hailin	bb16844220	fix(docker): 为 zookeeper 和 kafka 挂载时区文件 confluentinc 镜像不支持 TZ 环境变量，需要挂载宿主机时区文件： - /etc/localtime - /etc/timezone 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-23 19:06:28 -08:00
hailin	65e9422fe5	chore(docker): 统一所有服务时区配置为 Asia/Shanghai 为所有 Docker 服务添加 TZ=Asia/Shanghai 环境变量，确保日志时间和定时任务使用中国时区： - 基础设施: postgres, redis, zookeeper, kafka - 应用服务: identity, wallet, backup, planting, referral, reward, mpc, leaderboard, reporting, authorization, admin, blockchain 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-23 18:29:20 -08:00
hailin	6572ef22c5	fix(docker): 移除 authorization-service 对 reward-service 的启动依赖避免循环依赖：authorization-service <-> reward-service 使用 fallback 机制处理服务暂时不可用的情况（与 referral-service 类似） 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-23 05:17:35 -08:00
hailin	16a3e76588	fix(authorization): 配置 REWARD_SERVICE_URL 环境变量 - 在 .env.example 添加 REWARD_SERVICE_URL 配置 - 在 docker-compose.yml 添加 REWARD_SERVICE_URL 和 REWARD_SERVICE_ENABLED 环境变量 - 在 docker-compose.windows.yml 添加相同配置 - authorization-service 依赖 reward-service 启动 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-23 05:15:20 -08:00
hailin	e4f2a61ecb	fix(authorization-service): 添加 identity-service 连接配置 authorization-service 缺少 IDENTITY_SERVICE_URL 和 IDENTITY_SERVICE_ENABLED 环境变量配置，导致无法获取用户信息（昵称、头像）。 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-23 01:31:45 -08:00
hailin	9bc7bb1200	fix(withdraw): 修复提取功能短信验证和手续费计算 - 修复 wallet-service 调用 identity-service 的 API 路径（添加 /user 前缀） - 修复 identity-client 默认端口从 3001 改为 3000 - 添加 docker-compose 中 IDENTITY_SERVICE_URL 环境变量配置 - 手续费改为按 0.1% 费率动态计算（前后端统一） - 最小提取金额从 10 改为 100 - 文案修改：Kava EVM 网络 → Kava安全网络，接收地址 → 接收账号 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-22 03:14:22 -08:00
hailin	173640b869	feat(identity-service): 添加阿里云短信服务配置到 docker-compose 在 identity-service 的环境变量中添加阿里云 SMS 配置： - ALIYUN_ACCESS_KEY_ID: 阿里云 AccessKey ID - ALIYUN_ACCESS_KEY_SECRET: 阿里云 AccessKey Secret - ALIYUN_SMS_SIGN_NAME: 短信签名（默认：榴莲皇后） - ALIYUN_SMS_TEMPLATE_CODE: 短信模板代码 - ALIYUN_SMS_ENDPOINT: API 端点（默认：dysmsapi.aliyuncs.com） - SMS_ENABLED: 是否启用真实发送（默认：false，使用模拟模式）配置后需在 .env 文件或系统环境变量中设置实际值。 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2025-12-20 05:46:27 -08:00
hailin	9ea3d03b73	fix(admin-service): 在主 docker-compose.yml 中添加 Kafka 配置在 backend/services/docker-compose.yml 中为 admin-service 添加: - KAFKA_BROKERS=kafka:29092 - KAFKA_CLIENT_ID=admin-service - KAFKA_CONSUMER_GROUP=admin-service-user-sync - kafka 服务依赖确保生产环境部署时能正确连接 Kafka 同步用户数据。 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-20 03:18:33 -08:00
hailin	9cac91b5f0	feat(blockchain): 将提现转账从私钥签名改为 MPC 签名背景: - 原实现使用 HOT_WALLET_PRIVATE_KEY 进行热钱包签名 - 私钥直接存储存在安全风险 - 系统已有 MPC 基础设施，应该复用改动内容: 1. 新增 MPC 签名客户端 - infrastructure/mpc/mpc-signing.client.ts: 调用 mpc-service 的签名 API - 支持创建签名会话、轮询等待、获取签名结果 2. 重构 ERC20 转账服务 - domain/services/erc20-transfer.service.ts: 从私钥签名改为 MPC 签名 - 移除 Wallet 依赖，改用 Transaction 手动构建交易 - 使用 MPC 签名后广播已签名交易 3. 新增初始化服务 - mpc-transfer-initializer.service.ts: 启动时注入 MPC 客户端 - 解决 Domain 层和 Infrastructure 层的循环依赖 4. 新增热钱包初始化脚本 - scripts/init-hot-wallet.sh: 便捷创建系统热钱包的 MPC 密钥 - 支持配置门限值、用户名等参数 5. 更新配置 - 移除 HOT_WALLET_PRIVATE_KEY 依赖 - 新增 MPC_SERVICE_URL, HOT_WALLET_USERNAME, HOT_WALLET_ADDRESS - 更新 docker-compose.yml 和 .env.example 部署前需要: 1. 运行 init-hot-wallet.sh 初始化热钱包 2. 配置 HOT_WALLET_USERNAME 和 HOT_WALLET_ADDRESS 3. 向热钱包充值 USDT 和原生币(gas) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-15 08:04:17 -08:00
hailin	1a97a9df54	fix(reward): add WALLET_SERVICE_URL to reward-service 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-14 04:52:24 -08:00
hailin	ee9265f357	fix(docker): remove cyclic dependency between referral-service and authorization-service 两个服务互相调用，形成循环依赖。移除 depends_on 约束，使用 fallback 机制处理服务暂时不可用的情况。 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-11 02:50:04 -08:00
hailin	1a5925494e	feat(referral): integrate authorization-service for community/province/city rights allocation ## Problem 社区/省/市权益分配一直返回 null，导致所有权益都分配给系统账户而非正确的授权用户。原因：referral-service 的 getReferralContext 接口中 nearestCommunity、nearestProvinceAuth、 nearestCityAuth 三个字段硬编码为 null，注释说"需要后续实现"但一直未实现。 ## Solution 1. 新建 AuthorizationServiceClient 调用 authorization-service 的内部 API - /api/v1/authorization/nearest-community - /api/v1/authorization/nearest-province - /api/v1/authorization/nearest-city 2. 修改 InternalReferralController 使用并行查询获取授权信息 3. 添加 fallback 机制：authorization-service 不可用时返回 null（保持现有行为） 4. docker-compose.yml 添加 AUTHORIZATION_SERVICE_URL 环境变量 ## Files Changed - backend/services/referral-service/src/infrastructure/external/authorization-service.client.ts (new) - backend/services/referral-service/src/api/controllers/referral.controller.ts - backend/services/referral-service/src/modules/infrastructure.module.ts - backend/services/docker-compose.yml 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-11 02:10:33 -08:00
hailin	003bef1c76	fix(reward): add REFERRAL_SERVICE_URL and AUTHORIZATION_SERVICE_URL reward-service was trying to connect to localhost instead of Docker network service names, causing connection refused errors. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-10 16:48:47 -08:00
hailin	ccef23f5b0	feat(authorization): integrate with referral-service for team statistics - Add InternalTeamStatisticsController in referral-service for service-to-service API - Create ReferralServiceClient in authorization-service to fetch real team statistics - Replace MockTeamStatisticsRepository with real HTTP client implementation - Configure docker-compose with REFERRAL_SERVICE_URL for authorization-service This enables authorization-service to get real team planting counts from referral-service for authorization assessment and activation logic. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-10 16:30:35 -08:00
hailin	5ecb13974f	fix(backup-service): add mpc-service to allowed services 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-10 15:42:40 -08:00
hailin	660e5ea3a0	fix(mpc-service): add backup service environment variables Add BACKUP_SERVICE_URL, BACKUP_SERVICE_ENABLED, and SERVICE_JWT_SECRET to mpc-service configuration to enable backup share storage. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-10 15:39:52 -08:00
hailin	31c3c24a12	fix(reward-service): correct healthcheck endpoint path to /api/v1/health	2025-12-10 12:48:26 -08:00
hailin	4b4b09f046	fix(docker): add BASE_URL env for admin-service 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-09 07:31:32 -08:00
hailin	addcfa56e4	feat(blockchain): switch to testnet mode	2025-12-09 04:05:24 -08:00
hailin	001b6501a0	feat(deposit): add deposit balance API and Kafka consumer for deposit events Blockchain Service: - Add /api/v1/deposit/balances endpoint to query on-chain USDT balances - Add JWT authentication (passport, passport-jwt) - Add JwtStrategy, JwtAuthGuard, Public decorator Wallet Service: - Add Kafka consumer for blockchain.deposits topic - Add DepositConfirmedHandler to process deposit events and update wallet balance Infrastructure: - Add JWT_SECRET env var to blockchain-service in docker-compose.yml - Add blockchain-service routes to Kong API Gateway Frontend: - Fix deposit_service.dart API path (remove duplicate /api prefix) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-12-09 02:29:31 -08:00
hailin	d983525aa5	fix(wallet): resolve account creation and wallet status query issues This commit fixes three critical bugs that prevented the wallet creation flow from completing successfully: 1. mpc-service: extraPayload not included in Kafka messages - KeygenCompletedEvent's extraPayload (containing userId, accountSequence, username, derivedAddresses) was being set dynamically but not serialized - identity-service received events without userId and skipped processing - Fix: Merge extraPayload into the published payload in event-publisher 2. mpc-service: KAFKA_BROKERS hostname mismatch - mpc-service used KAFKA_BROKERS=rwa-kafka:29092 - Kafka advertises itself as kafka:29092 in cluster metadata - During consumer group rebalance, mpc-service couldn't connect to the coordinator address returned by Kafka - Fix: Use kafka:29092 to match Kafka's advertised listener 3. blockchain-service: recovery_mnemonics table missing - RecoveryMnemonic model exists in schema.prisma but not in migration - prisma migrate deploy found no pending migrations - Address derivation failed with "table does not exist" error - Fix: Use prisma db push instead of migrate deploy to sync schema Tested: E2E flow now completes successfully - POST /user/auto-create creates account - MPC keygen completes and publishes event with extraPayload - blockchain-service derives addresses and saves recovery mnemonic - GET /user/wallet returns status=ready with 3 addresses and mnemonic 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-12-08 07:57:17 -08:00
hailin	1a5bafec1a	fix: add api/v1 prefix to BLOCKCHAIN_SERVICE_URL	2025-12-08 00:09:54 -08:00
hailin	3df55fcd6a	fix: add BLOCKCHAIN_SERVICE_URL=http://blockchain-service:3012 for mnemonic verification	2025-12-08 00:04:39 -08:00
hailin	56de1bff83	revert: remove BLOCKCHAIN_SERVICE_URL override, use default port 3000	2025-12-07 23:57:59 -08:00
hailin	a7a7b6b8f6	fix(services): add BLOCKCHAIN_SERVICE_URL to identity-service Fix mnemonic verification by connecting to blockchain-service on port 3012 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-07 23:50:55 -08:00
hailin	b1e51bd73b	fix: change MINIO_PUBLIC_URL from cdn to minio.szaiai.com CDN domain has nginx host header issue, use minio.szaiai.com directly 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-07 22:26:30 -08:00
hailin	91c8bba80d	fix(identity-service): configure MinIO to connect to external server - Update MINIO_ENDPOINT from localhost to 192.168.1.100 (Server A) - Add MinIO environment variables to docker-compose.yml - Set MINIO_PUBLIC_URL to https://cdn.szaiai.com for CDN access - Add MinIO config section to backend/services/.env.example 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-07 22:22:55 -08:00
hailin	845dd857b0	fix(mpc-service): add BLOCKCHAIN_SERVICE_URL config Configure correct blockchain-service URL (port 3012) for address derivation. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-12-07 02:08:43 -08:00
hailin	3925b19229	fix(mpc-service): use JWT auth instead of X-API-Key mpc-account-service expects JWT Bearer tokens, not X-API-Key header. Added JWT token generation and use MPC_JWT_SECRET env var. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-12-07 02:02:17 -08:00
hailin	7588c9efb7	fix(mpc-service): use explicit container names for rwa services When mpc-service joins mpc-system network, 'postgres' resolves to mpc-postgres. Use explicit names (rwa-postgres, rwa-redis, rwa-kafka) to avoid conflicts. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-12-07 01:55:52 -08:00

1 2

69 Commits