feat(idea/vara-eth): introduce service for uploading codes#2443
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces the upload-code-service, a serverless application for Vara.Eth code validation using AWS Lambda, DynamoDB, and SQS. It also refactors blob encoding logic and updates workspace dependencies. Key feedback includes addressing idempotency issues that prevent retries, fixing database field name inconsistencies, and ensuring WASM code is not deleted upon job failure. Security concerns regarding overly permissive IAM roles and error message leakage were noted, alongside recommendations to use HTTP transport instead of WebSockets and to remove unreachable code in the worker.
|
/gemini review latest changes |
There was a problem hiding this comment.
Code Review
This pull request introduces a new serverless service, upload-code-service, designed to handle Vara.Eth code validation requests by serializing submissions through an SQS queue and updating job statuses in DynamoDB. It also includes several dependency updates across the repository. My review highlights critical security concerns regarding the handling of private keys in Lambda environment variables, as well as architectural improvements for the Ethereum client, including switching from WebSocket to HTTP transport and offloading transaction receipt waiting to improve worker efficiency. Additionally, I suggested a more robust approach for parsing the request body in the handler.
osipov-mit
force-pushed
the
do-upload-code-service
branch
from
d22c1e5 to
db72529
Compare
osipov-mit
force-pushed
the
do-upload-code-service
branch
from
db72529 to
bd3a1fb
Compare
…/gear-js into do-upload-code-service
2 participants
No description provided.