fix: rename bugs #5
Conversation
fix IPFS bucket add x to shell
There was a problem hiding this comment.
I noticed that there's a hardcoded secret in this implementation. This is a significant security risk, even for testing purposes, and shouldn't be included in the codebase. Additionally, since this repository is publicly readable, the exposed API key must be disabled immediately to prevent any misuse.
Another broader concern I have is regarding our dependency on the 4EVERLAND API. Since this is an external service, how do we handle potential failures on their end? For instance, what happens to the zkRollup if the API becomes temporarily unavailable, permanently shut down, or their interface changes unexpectedly? We should consider adding mechanisms to mitigate these risks to ensure the reliability of the zkRollup.
| @@ -116,8 +116,8 @@ services: | |||
| # - IPFS_API_URL=http://ipfs:5001 | |||
| - ML_RPC_URL=http://host.docker.internal:13034 # change to mainnet if needed | |||
| - ML_BATCH_SIZE=10 # change if necessary | |||
| - 4EVERLAND_API_KEY=5F2R8SK2EQNSNCHSRWIK # only for test | |||
| - 4EVERLAND_SECRET_KEY=sCGfIdQZfis8YVCXnQP53SL8cPdRxyzjPLh1KYmF # only for test | |||
| - 4EVERLAND_API_KEY=PKN5TUJTPYNSSOGC3JW9 # only for test | |||
There was a problem hiding this comment.
We must move all secrets out of the configuration file, an environment variable is good option.
What ❔
Why ❔
fix bugs on local-node to