Skip to content

feat: network guard, rate limiter, alerting, historical charts, and read-only mode#12

Merged
btcneves merged 2 commits into
mainfrom
feat/final-product-polish
May 8, 2026
Merged

feat: network guard, rate limiter, alerting, historical charts, and read-only mode#12
btcneves merged 2 commits into
mainfrom
feat/final-product-polish

Conversation

@btcneves
Copy link
Copy Markdown
Owner

@btcneves btcneves commented May 8, 2026

Summary

  • Network guard — detects Bitcoin chain (regtest/testnet/mainnet) on startup and enforces read-only mode outside regtest; all write-protected endpoints return 403 with chain context on mainnet/testnet; NODESCOPE_FORCE_READONLY env var for manual override
  • Rate limiter middleware — sliding-window protection per IP with configurable RATE_LIMIT_RPM (default 600) and RATE_LIMIT_WRITE_RPM (default 30); exempt paths for SSE and health checks
  • Alerts service — full CRUD for metric-based alert rules (mempool_size, mempool_bytes, minfee, rpc_offline) with gt/lt/eq/gte/lte operators and info/warning/critical severities; GET /alerts/evaluate for live trigger check
  • Charts service — background snapshot loop storing mempool time-series; GET /charts/{metric}?range=1h|6h|24h for sparkline data; HistoricalChartsPanel with SVG polylines
  • ReadOnlyBanner — orange warning banner shown across all views when node is not regtest
  • Updated AlertingPanel, HistoricalDashboard, ClusterMempoolPanel and all remaining components to consume new endpoints and bilingual i18n keys
  • Refreshed docs screenshots and docs/api.md with new endpoints

Test plan

  • Start stack in regtest (make up) — ReadOnlyBanner must NOT appear, all write actions work
  • Set NODESCOPE_FORCE_READONLY=true, restart — ReadOnlyBanner appears, mutation endpoints return 403
  • Create an alert rule via POST /alerts/configs, trigger it by pushing mempool over threshold, verify GET /alerts/active returns it
  • GET /charts/mempool_size?range=1h returns data after ~1 min of uptime; HistoricalChartsPanel renders sparklines
  • Hammer the API past RATE_LIMIT_RPM — verify 429 responses
  • npm run lint && npm run format:check pass in frontend/
  • pytest tests/ passes (including test_network_guard.py)

btcneves added 2 commits May 8, 2026 16:04
@btcneves
feat: add network guard, rate limiter, alerting, charts, and read-onl…
4dd3650 
…y mode

- Network guard detects chain (regtest/testnet/mainnet) and enforces read-only
  mode outside regtest; write-protected endpoints return 403 on mainnet/testnet
- Rate limiter middleware with configurable sliding-window budgets (RPM per IP,
  separate tighter limit for mutating endpoints); NODESCOPE_FORCE_READONLY env var
- Alerts service: CRUD for metric-based alert rules (mempool_size, bytes, minfee,
  rpc_offline) with gt/lt/eq/gte/lte operators and info/warning/critical severities
- Charts service: background snapshot loop storing time-series of mempool metrics;
  GET /charts/{metric}?range=1h|6h|24h for sparkline data
- ReadOnlyBanner component shown across all views when node is not regtest
- HistoricalChartsPanel with SVG polyline sparklines for mempool_size/bytes/minfee
- Updated AlertingPanel, HistoricalDashboard, ClusterMempoolPanel, and remaining
  components to consume new endpoints and i18n keys
- 50 files: 4 new API modules, 2 new frontend components, updated docs and assets
@btcneves
style: ruff format api/app.py (long decorator lines)
62e461e
@btcneves btcneves merged commit 1d00a8b into main May 8, 2026
5 checks passed
@btcneves btcneves deleted the feat/final-product-polish branch May 8, 2026 19:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@btcneves