adding credentials to all write endpoints

Author: arcoraven

src/server/middleware/rate-limit.ts

@@ -4,6 +4,8 @@ import { env } from "../../shared/utils/env";
 import { redis } from "../../shared/utils/redis/redis";
 import { createCustomError } from "./error";
 import { OPENAPI_ROUTES } from "./open-api";
+import { getTransactionCredentials } from "../../shared/lib/transaction/transaction-credentials";
+import { toClientId } from "../../shared/utils/sdk";
 
 const SKIP_RATELIMIT_PATHS = ["/", ...OPENAPI_ROUTES];
 
@@ -13,10 +15,11 @@ export function withRateLimit(server: FastifyInstance) {
       return;
     }
 
-    const epochTimeInMinutes = Math.floor(new Date().getTime() / (1000 * 60));
-    const key = `rate-limit:global:${epochTimeInMinutes}`;
-    const count = await redis.incr(key);
-    redis.expire(key, 2 * 60);
+    const epochMinutes = Math.floor(new Date().getTime() / (1000 * 60));
+
+    const globalRateLimitKey = `rate-limit:global:${epochMinutes}`;
+    const count = await redis.incr(globalRateLimitKey);
+    redis.expire(globalRateLimitKey, 2 * 60);
 
     if (count > env.GLOBAL_RATE_LIMIT_PER_MIN) {
       throw createCustomError(
@@ -25,5 +28,21 @@ export function withRateLimit(server: FastifyInstance) {
         "TOO_MANY_REQUESTS",
       );
     }
+
+    // Lite mode enforces a rate limit per team.
+    if (env.ENGINE_MODE === "lite") {
+      const { clientId } = getTransactionCredentials(request);
+      const clientRateLimitKey = `rate-limit:client-id:${clientId}`;
+      const count = await redis.incr(clientRateLimitKey);
+      redis.expire(globalRateLimitKey, 2 * 60);
+
+      if (count > env.LITE_CLIENT_RATE_LIMIT_PER_MIN) {
+        throw createCustomError(
+          `${env.LITE_CLIENT_RATE_LIMIT_PER_MIN} requests/minute rate limit exceeded. Upgrade to Engine Standard to get a dedicated Engine without rate limits.`,
+          StatusCodes.TOO_MANY_REQUESTS,
+          "TOO_MANY_REQUESTS",
+        );
+      }
+    }
   });
 }

src/server/routes/backend-wallet/sign-message.ts

@@ -12,6 +12,7 @@ import { getChain } from "../../../shared/utils/chain";
 import { createCustomError } from "../../middleware/error";
 import { standardResponseSchema } from "../../schemas/shared-api-schemas";
 import { walletHeaderSchema } from "../../schemas/wallet";
+import { getTransactionCredentials } from "../../../shared/lib/transaction/transaction-credentials";
 
 const requestBodySchema = Type.Object({
   message: Type.String(),
@@ -46,6 +47,7 @@ export async function signMessageRoute(fastify: FastifyInstance) {
       const { message, isBytes, chainId } = request.body;
       const { "x-backend-wallet-address": walletAddress } =
         request.headers as Static<typeof walletHeaderSchema>;
+      const credentials = getTransactionCredentials(request);
 
       if (isBytes && !isHex(message)) {
         throw createCustomError(
@@ -71,6 +73,7 @@ export async function signMessageRoute(fastify: FastifyInstance) {
       const { account } = await walletDetailsToAccount({
         walletDetails,
         chain,
+        credentials,
       });
 
       const messageToSign = isBytes ? { raw: message as Hex } : message;

src/server/routes/contract/write/write.ts

@@ -22,6 +22,7 @@ import {
 import { sanitizeAbi, sanitizeFunctionName } from "../../../utils/abi";
 import { getChainIdFromChain } from "../../../utils/chain";
 import { parseTransactionOverrides } from "../../../utils/transaction-overrides";
+import { getTransactionCredentials } from "../../../../shared/lib/transaction/transaction-credentials";
 
 // INPUT
 const writeRequestBodySchema = Type.Object({
@@ -78,6 +79,7 @@ export async function writeToContract(fastify: FastifyInstance) {
         "x-account-factory-address": accountFactoryAddress,
         "x-account-salt": accountSalt,
       } = request.headers as Static<typeof walletWithAAHeaderSchema>;
+      const credentials = getTransactionCredentials(request);
 
       const chainId = await getChainIdFromChain(chain);
       const contract = await getContractV5({
@@ -129,6 +131,7 @@ export async function writeToContract(fastify: FastifyInstance) {
         txOverrides,
         idempotencyKey,
         shouldSimulate: simulateTx,
+        credentials,
       });
 
       reply.status(StatusCodes.OK).send({

src/server/routes/deploy/prebuilt.ts

@@ -13,6 +13,7 @@ import {
 import { txOverridesWithValueSchema } from "../../schemas/tx-overrides";
 import { walletWithAAHeaderSchema } from "../../schemas/wallet";
 import { getChainIdFromChain } from "../../utils/chain";
+import { getTransactionCredentials } from "../../../shared/lib/transaction/transaction-credentials";
 
 // INPUTS
 const requestSchema = prebuiltDeployParamSchema;
@@ -83,6 +84,7 @@ export async function deployPrebuilt(fastify: FastifyInstance) {
         "x-account-address": accountAddress,
         "x-idempotency-key": idempotencyKey,
       } = request.headers as Static<typeof walletWithAAHeaderSchema>;
+      const credentials = getTransactionCredentials(request);
 
       const sdk = await getSdk({ chainId, walletAddress, accountAddress });
       const tx = await sdk.deployer.deployBuiltInContract.prepare(
@@ -103,6 +105,7 @@ export async function deployPrebuilt(fastify: FastifyInstance) {
         extension: "deploy-prebuilt",
         idempotencyKey,
         txOverrides,
+        credentials,
       });
 
       reply.status(StatusCodes.OK).send({

src/server/routes/deploy/prebuilts/edition-drop.ts

@@ -20,6 +20,7 @@ import { standardResponseSchema } from "../../../schemas/shared-api-schemas";
 import { txOverridesWithValueSchema } from "../../../schemas/tx-overrides";
 import { walletWithAAHeaderSchema } from "../../../schemas/wallet";
 import { getChainIdFromChain } from "../../../utils/chain";
+import { getTransactionCredentials } from "../../../../shared/lib/transaction/transaction-credentials";
 
 // INPUTS
 const requestSchema = prebuiltDeployContractParamSchema;
@@ -87,6 +88,7 @@ export async function deployPrebuiltEditionDrop(fastify: FastifyInstance) {
         "x-account-address": accountAddress,
         "x-idempotency-key": idempotencyKey,
       } = request.headers as Static<typeof walletWithAAHeaderSchema>;
+      const credentials = getTransactionCredentials(request);
 
       const sdk = await getSdk({ chainId, walletAddress, accountAddress });
       const tx = await sdk.deployer.deployBuiltInContract.prepare(
@@ -109,6 +111,7 @@ export async function deployPrebuiltEditionDrop(fastify: FastifyInstance) {
         deployedContractType: "edition-drop",
         idempotencyKey,
         txOverrides,
+        credentials,
       });
 
       reply.status(StatusCodes.OK).send({

src/server/routes/deploy/prebuilts/edition.ts

@@ -19,6 +19,7 @@ import { standardResponseSchema } from "../../../schemas/shared-api-schemas";
 import { txOverridesWithValueSchema } from "../../../schemas/tx-overrides";
 import { walletWithAAHeaderSchema } from "../../../schemas/wallet";
 import { getChainIdFromChain } from "../../../utils/chain";
+import { getTransactionCredentials } from "../../../../shared/lib/transaction/transaction-credentials";
 
 // INPUTS
 const requestSchema = prebuiltDeployContractParamSchema;
@@ -87,6 +88,7 @@ export async function deployPrebuiltEdition(fastify: FastifyInstance) {
         "x-account-address": accountAddress,
         "x-idempotency-key": idempotencyKey,
       } = request.headers as Static<typeof walletWithAAHeaderSchema>;
+      const credentials = getTransactionCredentials(request);
 
       const sdk = await getSdk({ chainId, walletAddress, accountAddress });
       const tx = await sdk.deployer.deployBuiltInContract.prepare(
@@ -109,6 +111,7 @@ export async function deployPrebuiltEdition(fastify: FastifyInstance) {
         deployedContractType: "edition",
         idempotencyKey,
         txOverrides,
+        credentials,
       });
 
       reply.status(StatusCodes.OK).send({

src/server/routes/deploy/prebuilts/marketplace-v3.ts

@@ -16,6 +16,7 @@ import { standardResponseSchema } from "../../../schemas/shared-api-schemas";
 import { txOverridesWithValueSchema } from "../../../schemas/tx-overrides";
 import { walletWithAAHeaderSchema } from "../../../schemas/wallet";
 import { getChainIdFromChain } from "../../../utils/chain";
+import { getTransactionCredentials } from "../../../../shared/lib/transaction/transaction-credentials";
 
 // INPUTS
 const requestSchema = prebuiltDeployContractParamSchema;
@@ -78,6 +79,7 @@ export async function deployPrebuiltMarketplaceV3(fastify: FastifyInstance) {
         "x-account-address": accountAddress,
         "x-idempotency-key": idempotencyKey,
       } = request.headers as Static<typeof walletWithAAHeaderSchema>;
+      const credentials = getTransactionCredentials(request);
 
       const sdk = await getSdk({ chainId, walletAddress, accountAddress });
       const tx = await sdk.deployer.deployBuiltInContract.prepare(
@@ -100,6 +102,7 @@ export async function deployPrebuiltMarketplaceV3(fastify: FastifyInstance) {
         deployedContractType: "marketplace-v3",
         idempotencyKey,
         txOverrides,
+        credentials,
       });
 
       reply.status(StatusCodes.OK).send({

src/server/routes/deploy/prebuilts/multiwrap.ts

@@ -17,6 +17,7 @@ import { standardResponseSchema } from "../../../schemas/shared-api-schemas";
 import { txOverridesWithValueSchema } from "../../../schemas/tx-overrides";
 import { walletWithAAHeaderSchema } from "../../../schemas/wallet";
 import { getChainIdFromChain } from "../../../utils/chain";
+import { getTransactionCredentials } from "../../../../shared/lib/transaction/transaction-credentials";
 
 // INPUTS
 const requestSchema = prebuiltDeployContractParamSchema;
@@ -81,6 +82,7 @@ export async function deployPrebuiltMultiwrap(fastify: FastifyInstance) {
         "x-account-address": accountAddress,
         "x-idempotency-key": idempotencyKey,
       } = request.headers as Static<typeof walletWithAAHeaderSchema>;
+      const credentials = getTransactionCredentials(request);
 
       const sdk = await getSdk({ chainId, walletAddress, accountAddress });
       const tx = await sdk.deployer.deployBuiltInContract.prepare(
@@ -103,6 +105,7 @@ export async function deployPrebuiltMultiwrap(fastify: FastifyInstance) {
         deployedContractType: "multiwrap",
         idempotencyKey,
         txOverrides,
+        credentials,
       });
 
       reply.status(StatusCodes.OK).send({

src/server/routes/deploy/prebuilts/nft-collection.ts

@@ -19,6 +19,7 @@ import { standardResponseSchema } from "../../../schemas/shared-api-schemas";
 import { txOverridesWithValueSchema } from "../../../schemas/tx-overrides";
 import { walletWithAAHeaderSchema } from "../../../schemas/wallet";
 import { getChainIdFromChain } from "../../../utils/chain";
+import { getTransactionCredentials } from "../../../../shared/lib/transaction/transaction-credentials";
 
 // INPUTS
 const requestSchema = prebuiltDeployContractParamSchema;
@@ -84,6 +85,7 @@ export async function deployPrebuiltNFTCollection(fastify: FastifyInstance) {
         "x-account-address": accountAddress,
         "x-idempotency-key": idempotencyKey,
       } = request.headers as Static<typeof walletWithAAHeaderSchema>;
+      const credentials = getTransactionCredentials(request);
 
       const sdk = await getSdk({ chainId, walletAddress, accountAddress });
       const tx = await sdk.deployer.deployBuiltInContract.prepare(
@@ -106,6 +108,7 @@ export async function deployPrebuiltNFTCollection(fastify: FastifyInstance) {
         deployedContractType: "nft-collection",
         idempotencyKey,
         txOverrides,
+        credentials,
       });
 
       reply.status(StatusCodes.OK).send({

src/server/routes/deploy/prebuilts/nft-drop.ts

@@ -20,6 +20,7 @@ import { standardResponseSchema } from "../../../schemas/shared-api-schemas";
 import { txOverridesWithValueSchema } from "../../../schemas/tx-overrides";
 import { walletWithAAHeaderSchema } from "../../../schemas/wallet";
 import { getChainIdFromChain } from "../../../utils/chain";
+import { getTransactionCredentials } from "../../../../shared/lib/transaction/transaction-credentials";
 
 // INPUTS
 const requestSchema = prebuiltDeployContractParamSchema;
@@ -87,6 +88,7 @@ export async function deployPrebuiltNFTDrop(fastify: FastifyInstance) {
         "x-account-address": accountAddress,
         "x-idempotency-key": idempotencyKey,
       } = request.headers as Static<typeof walletWithAAHeaderSchema>;
+      const credentials = getTransactionCredentials(request);
 
       const sdk = await getSdk({ chainId, walletAddress, accountAddress });
       const tx = await sdk.deployer.deployBuiltInContract.prepare(
@@ -109,6 +111,7 @@ export async function deployPrebuiltNFTDrop(fastify: FastifyInstance) {
         deployedContractType: "nft-drop",
         idempotencyKey,
         txOverrides,
+        credentials,
       });
 
       reply.status(StatusCodes.OK).send({