staking-api-service
Description
The staking-api-service is an API service that facilitates staking operations. It serves as an interface between users and the staking infrastructure, handling requests, retrieving network data, and managing staking-related transactions.
This module is responsible for
providing staking-related API services — including retrieving network status and staking-transaction data
database management — interacting with staking-related records in MongoDB
handling request processing — including CLI commands and background job execution
observability — exposing metrics and health checks for service monitoring
Here are its key functionalities:
Network-information retrieval — fetches and provides blockchain network status
Database integration — manages staking-data storage and retrieval in MongoDB
API endpoint management — handles and validates API requests related to staking
Queue processing — processes messages for handling staking-related tasks asynchronously
Security and observability — implements logging, metrics, and monitoring tools
Invariants
API endpoints should be protected against unauthorized access and abuse.
Staking transactions should not be duplicated if reprocessed.
Test coverage
Cases covered
Network-information retrieval — ensuring API correctly fetches blockchain network status and validating that retrieved data is structured and accurate
Database interaction — ensuring database queries retrieve and store staking data correctly and validating proper indexing and performance optimizations
API endpoint handling — ensuring API endpoints correctly process staking-related requests
Cases not covered
The system does not have explicit tests for API authentication and role-based authorization.
Attack surface
If API endpoints are not secured, attackers could access sensitive staking data. Proper authentication and authorization should be enforced to prevent unauthorized access. If input validation is insufficient, attackers may attempt SQL/NoSQL injection. All queries should use parameterized statements to mitigate this risk.