v0.7.8

This patch release includes fixes for recently discovered bugs:

• Updating the bot manifest doesn't effect the alert.source.bot.manifest field.
• Updates to shard ID takes up to 1 hour if it is caused by an assignment rotation

What's Changed

• update bot manifest on version updates by @aomerk in #706
• reduce registry update interval by @aomerk in #705

Full Changelog: v0.7.7...v0.7.8

v0.7.7

Forta Public API proxy

This new service will simplify bot request authorization, allowing bot owners to consume the Forta Public API without signing the message or using an API Key. This will make it easier for those who have required subscriptions to use the API, and ensure that they are compliant with the new authorization mechanisms.

Using the new proxy in combiner feed

In addition to the introduction of the proxy service, we have also migrated the Combiner Feed to use the Forta Public API proxy service. This migration aligns with our efforts regarding API key requirements and has surfaced new edge cases that have been addressed to prevent possible bugs. We have also made improvements to the combiner subscription pool, configurability, and end-to-end testing.

New bot metrics

We have added new metrics to better keep track of bot lifecycle. This will provide useful information for bot owners and help them monitor their bots' performance.

• agent.action.run: initial deployment or image update
• agent.action.stop : bot shutdown or image update
• agent.action.update: configuration update, such as changes to sharding
• agent.action.subscribe: handle alert subscription request
• agent.action.unsubscribe: handle alert unsubscription request
• agent.status.running: bot container started running
• agent.status.attached: the scanner connected to the bot container
• agent.start: the scanner sent an initialization request to the bot

Mining fee data

We have added mining fee data to Transaction and Block events, making the following fields available: block.baseFeePerGas, transaction.MaxFeePerGas, and transaction.maxPriorityFeePerGas. This will provide valuable information for those analyzing transaction and block data.

Other improvements

• Simplified scan node config template generated with forta init
• Improved robustness of the registry listener
• Disabled IPFS experiment by default (removes ~/.forta/.ipfs)
• General refactoring

What's Changed

• add public api proxy service by @aomerk in #678
• adapt handle alert feed to support authorization by @aomerk in #686
• Improve subscription validation for fees by @aomerk in #687
• Simplify the config template by @canercidam in #689
• Improve combiner dispatch authorization by @aomerk in #688
• submit metrics on bot restarts by @aomerk in #690
• Add shard id as bot environment variable by @aomerk in #692
• restart bots on manifest and shard changes by @aomerk in #693
• refactoring agent pool handlers by @aomerk in #694
• Add mining fee data to block/tx events by @aomerk in #691
• remove shard restart changes by @aomerk in #697
• Improve handle alert e2e tests by @aomerk in #698
• Improve combiner subscription uniqueness by @aomerk in #699
• Always publish latest bots by @stevenlanders in #700
• Disable IPFS experiment by default by @canercidam in #702
• Improve agent pool metrics by @aomerk in #703

Full Changelog: v0.7.6...v0.7.7

v0.7.6

Protocol improvements

• New environment variables are added to bot containers:
  • FORTA_BOT_OWNER: Bot owner wallet address
  • FORTA_CHAIN_ID: Scanned chain ID
• New finding type SCAM is now supported!

What's Changed

• add owner to bot env vars by @aomerk in #677
• Add forta chain id to bots by @stevenlanders in #679
• add finding type SCAM by @aomerk in #683

Full Changelog: v0.7.5...v0.7.6

v0.7.5

Label metadata

Bots are now able to enrich alert labels with metadata! This allows publishing and feeding back to bots a wider context from every alert and build stronger threat detection capabilities.

What's Changed

• enable code coverage check by @haseebrabbani in #643
• add metadata to labels by @aomerk in #671
• update core-go by @aomerk in #675
• update core-go by @aomerk in #676

Full Changelog: v0.7.4...v0.7.5

v0.7.4

Improvements

• Reused a new default HTTP client with timeout
• Added docker-compose/standalone/docker-compose.yml and made changes for the new standalone mode (see docs)
• Raised max findings returned from the bot to 50 and max response size to 250K

What's Changed

• Use the default HTTP client from the core repo by @canercidam in #668
• Make local mode docker composable with single file (standalone) by @canercidam in #670
• Raise max findings to 50 by @stevenlanders in #669
• Fix E2E by @canercidam in #672
• Update forta-core-go by @canercidam in #673
• CodeDeploy script improvements by @canercidam in #674

Full Changelog: v0.7.3...v0.7.4

v0.7.3

Delegated staking

We made some follow-up fixes to handle post-delegated staking issues/cases better:

• Removed the deprecated register, enable, disable commands
• Removed all dependencies to the deprecated ScannerRegistry contract (forta-network/forta-core-go#201)
• Using new ENS names (forta-network/forta-core-go#205)
• Removed the enablement check from bot list loading logic
• Detecting the registry contract upgrades periodically instead of doing with a listener

Other improvements

• Added the bot sharding feature to local mode
• Added transaction addresses to alert bloom filters
• Hiding the "Unknown block number" error that started to appear lately in forta status output
• Start sending the autoUpdates field in the version section of batch
• Restart the updater container if updater fails consecutively in getting the ref and downloading, for an hour
• Fixed E2E tests accordingly to the ENS and registry client updates

What's Changed

• Add sharding to local mode by @aomerk in #618
• remove enabled check from registry store by @aomerk in #664
• add tx addresses to bloom filter by @aomerk in #662
• Remove deprecated ScannerRegistry-related commands by @canercidam in #665
• Detect registry contract upgrades periodically by @canercidam in #663
• Hide the unknown block error by @canercidam in #666
• Improve auto-updates by @canercidam in #667

Full Changelog: v0.7.2...v0.7.3

v0.7.2

Improvements

• Add address bloom filter to alerts
• Fix alert subscription chain ID check
• Fix race condition in concurrent read and write of bot config
• Avoid fd leak in the IPFS client used in the updater (see forta-network/forta-core-go#193)
• Enforce passphrase check during forta init (must alphanumeric and 12 characters)

What's Changed

• truncate finding and add bloom filters by @aomerk in #654
• encode bloomfilter bitset in base64 by @aomerk in #655
• convert bloom filter values to hex string by @aomerk in #656
• Fix bad subscription comparison by @aomerk in #657
• fix race conditions in pool agent config by @aomerk in #658
• Require alphanumeric passphrase with 12 characters during init by @canercidam in #659

Full Changelog: v0.7.1...v0.7.2

v0.7.1

Improvements

Bot sharding

Bots are now allowed to specify shards! This means a bot now can work on different portions of the chain data across different nodes. This value needs to be specified in the bot manifest like

{
  "manifest": {
    "chainSettings": {
      "default": {
        "target": 3,
        "shards": 2
    }
  }
}

and this allows launching 6 instances of a bot and distribute by diving the chain data in 2.

Alert combiner bots

Bots that implement handleAlert() are now receiving the labels in the inputted alerts and able to specify the chain ID in the subscriptions.

Delegated staking

The new forta authorize pool command that allows generating registration outputs was improved. This requires manually updating the CLI (through yum or apt).

Now, two types of outputs are supported.

Default:

Please use the registration signature below on https://app.forta.network as soon as possible and do not share with anyone!

eyJyZWdpc3RyYXRpb25JbnB1dCI6eyJzY2FubmVyIjoiMHhjZTQ2Y2Q2NzQ4YWRmMDczNmIxZjc1NTAyMzFkZjg4MDQ2ZWU5YTU4Iiwic2Nhbm5lclBvb2xJZCI6MSwiY2hhaW5JZCI6MSwibWV0YWRhdGEiOiIiLCJ0aW1lc3RhbXAiOjE2NzUyNzUyMDB9LCJzaWduYXR1cmUiOiIweGIwODdiODRlMzI4YWYxZmEwZjYzMWRmM2EzOGYyZjY4YmYzMTdmOTUxNjg3MmEwZTcyNDJlNjcwZTc2ZGQ0MmU3ZDg0MjBmMmM0ODA0OTBlODdhODQ1N2MwZmY5NTJkMGY3ZWFmNjljOWY1Nzc5YjkzZjc2OWZlYWVlZTMwNWFlMWMifQ==

With --polygonscan flag

Please use the registerScannerNode() inputs below on https://polygonscan.com as soon as possible and do not share with anyone!

req      : ["0xCE46cD6748ADF0736b1f7550231df88046eE9a58","0x1","0x1","","0x63daabb3"]
signature: 0x85d6a0eda0cd1aaa1c3b5f9ae4b753befb4e62ad6244acee3a25c9ee2f3ff4ca5ce76f0e383e4104216d52ea84d0fd68f42dff5f64cb9374ff2bfc3ac0ec90d71b

Other improvements

• Avoid a panic that causes repeating initialize() calls to bots
• Add registry API inspection
• Speed up E2E tests
• Make registry chain ID configurable in config.yml (useful for development)
• Change the default registry API from polygon-rpc.com to Ankr
• Add drop metric for combiner bots

What's Changed

• Fix e2e tests by @aomerk in #638
• Add drop metric for handle alert by @aomerk in #642
• Make registry chain ID configurable by @canercidam in #641
• Improve bot sharding by @aomerk in #640
• Add label support to handle alert feed by @aomerk in #645
• Registration: make default output a base64 encoded token and change -v to --polygonscan by @canercidam in #644
• Speed up E2E tests by @canercidam in #646
• make scanner dispatch sharded feeds by @aomerk in #647
• Avoid forta-scanner container crashes during assignment checks by @canercidam in #648
• Make log fields camel case by @canercidam in #651
• Fix E2E tests after sharding changes by @canercidam in #652
• stop overwriting agent config by @aomerk in #653

Full Changelog: v0.7.0...v0.7.1

v0.7.0

Improvements

Delegated staking support

Node services and CLI are updated to support the new contract interfaces and the new registration method of the oncoming delegated staking feature. The new forta authorize pool command generates an EIP-712 signature to allow wallets to register the node to one of their pools. (Note: This command is not useful just yet - stick to forta register)

Other improvements

• Detect when proxy is not set (if scan is WebSocket)
• Add code coverage commands

What's Changed

• add code coverage commands by @haseebrabbani in #629
• Delegated staking: Add new registration by @canercidam in #578
• Make runner fail if proxy is not specified when scan is websocket by @canercidam in #632
• Fix contract updater bug by @canercidam in #633
• Update forta-core-go and make minor adjustments by @canercidam in #637

Full Changelog: v0.6.3...v0.7.0

v0.6.3

Improvements

Offset detection between scan and proxy APIs

The nodes are now measuring the offset between the scan and the proxy APIs. Sometimes, when a bot receives an input, it needs to query the chain through to the proxy (e.g. an eth_call request) to understand the chain state better. When proxy API is behind the scan API, due to large synchronization delays, these proxy requests fail and cause the bot to not produce a finding. This distance is now measured and reported by the nodes.

Websocket support for scanning

The scan API can now be set as a websocket endpoint! This helps reduce the fluctuations in the latest blocks scanned with the help of block header notifications.

Other improvements

• Including chain IDs in combination alerts
• Using separate queries per input alert subscriptions
• Fixing release build (glibc error, Ubuntu brownout)
• Fix passphrase check in local mode

What's Changed

• Fix combiner query collisions by @aomerk in #615
• fix glibc issue by @aomerk in #617
• Support offset detect inspection by @aomerk in #614
• Reduce retry interval, make it configurable and support websockets by @canercidam in #620
• Inject chain id to combination alerts by @aomerk in #623
• Fix handle alert chain id query by @aomerk in #624
• Always decrypt the key first on forta run by @canercidam in #622
• Fix handle alert chain id by @aomerk in #625
• Fix offset inspection by @aomerk in #627
• Use Ubuntu 20.04 in release workflow and fix release dependency by @canercidam in #626

Full Changelog: v0.6.2...v0.6.3