diff --git a/kustomize/base/api/wrapper.mjs b/kustomize/base/api/wrapper.mjs new file mode 100644 index 0000000..197ead9 --- /dev/null +++ b/kustomize/base/api/wrapper.mjs @@ -0,0 +1,783 @@ +import crypto from 'node:crypto'; +import http from 'node:http'; +import { spawn } from 'node:child_process'; + +const WRAPPER_PORT = Number.parseInt(String(process.env.PORT || '8787'), 10); +const UPSTREAM_PORT = Number.parseInt(String(process.env.UPSTREAM_PORT || '8788'), 10); +const UPSTREAM_HOST = String(process.env.UPSTREAM_HOST || '127.0.0.1'); +const UPSTREAM_ENTRY = String(process.env.UPSTREAM_ENTRY || '/app/services/api/server.mjs'); + +const HASURA_URL = String(process.env.HASURA_GRAPHQL_URL || 'http://hasura:8080/v1/graphql'); +const HASURA_ADMIN_SECRET = String(process.env.HASURA_ADMIN_SECRET || ''); +const CORS_ORIGIN = String(process.env.CORS_ORIGIN || '*'); + +if (!Number.isInteger(WRAPPER_PORT) || WRAPPER_PORT <= 0) throw new Error('Invalid PORT'); +if (!Number.isInteger(UPSTREAM_PORT) || UPSTREAM_PORT <= 0) throw new Error('Invalid UPSTREAM_PORT'); + +function getIsoNow() { + return new Date().toISOString(); +} + +function sha256Hex(text) { + return crypto.createHash('sha256').update(text, 'utf8').digest('hex'); +} + +function getHeader(req, name) { + const v = req.headers[String(name).toLowerCase()]; + return Array.isArray(v) ? v[0] : v; +} + +function readBearerToken(req) { + const auth = getHeader(req, 'authorization'); + if (auth && typeof auth === 'string') { + const m = auth.match(/^Bearer\s+(.+)$/i); + if (m && m[1]) return m[1].trim(); + } + const apiKey = getHeader(req, 'x-api-key'); + if (apiKey && typeof apiKey === 'string' && apiKey.trim()) return apiKey.trim(); + return undefined; +} + +function withCors(res) { + res.setHeader('access-control-allow-origin', CORS_ORIGIN); + res.setHeader('access-control-allow-methods', 'GET,POST,OPTIONS'); + res.setHeader( + 'access-control-allow-headers', + 'content-type, authorization, x-api-key, x-admin-secret' + ); +} + +function sendJson(res, status, body) { + withCors(res); + res.statusCode = status; + res.setHeader('content-type', 'application/json; charset=utf-8'); + res.end(JSON.stringify(body)); +} + +async function readBodyJson(req, { maxBytes }) { + const chunks = []; + let total = 0; + for await (const chunk of req) { + total += chunk.length; + if (total > maxBytes) throw new Error('payload_too_large'); + chunks.push(chunk); + } + const text = Buffer.concat(chunks).toString('utf8'); + if (!text.trim()) return {}; + try { + return JSON.parse(text); + } catch { + throw new Error('invalid_json'); + } +} + +function parseNumeric(value) { + if (value == null) return null; + if (typeof value === 'number') return Number.isFinite(value) ? value : null; + if (typeof value === 'string') { + const s = value.trim(); + if (!s) return null; + const n = Number(s); + return Number.isFinite(n) ? n : null; + } + return null; +} + +function clampInt(value, min, max) { + const n = Number.parseInt(String(value), 10); + if (!Number.isFinite(n) || !Number.isInteger(n)) return min; + return Math.min(max, Math.max(min, n)); +} + +function clampNumber(value, min, max, fallback) { + const n = typeof value === 'number' ? value : Number(value); + if (!Number.isFinite(n)) return fallback; + return Math.min(max, Math.max(min, n)); +} + +function isUuid(value) { + const s = String(value || '').trim(); + return /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(s); +} + +async function hasuraRequest(query, variables) { + if (!HASURA_ADMIN_SECRET) throw new Error('Missing HASURA_ADMIN_SECRET'); + const res = await fetch(HASURA_URL, { + method: 'POST', + headers: { + 'content-type': 'application/json', + 'x-hasura-admin-secret': HASURA_ADMIN_SECRET, + }, + body: JSON.stringify({ query, variables }), + }); + const text = await res.text(); + if (!res.ok) throw new Error(`Hasura HTTP ${res.status}: ${text}`); + const json = text ? JSON.parse(text) : {}; + if (json.errors?.length) throw new Error(json.errors.map((e) => e.message).join(' | ')); + return json.data; +} + +function normalizeScopes(value) { + if (!value) return []; + if (Array.isArray(value)) return value.map((v) => String(v)).filter(Boolean); + if (typeof value === 'string') { + return value + .split(',') + .map((s) => s.trim()) + .filter(Boolean); + } + return []; +} + +async function requireValidToken(req, requiredScope) { + const token = readBearerToken(req); + if (!token) return { ok: false, status: 401, error: 'missing_token' }; + + const hash = sha256Hex(token); + const query = ` + query ValidToken($hash: String!) { + api_tokens(where: {token_hash: {_eq: $hash}, revoked_at: {_is_null: true}}, limit: 1) { + id + name + scopes + } + } + `; + + let data; + try { + data = await hasuraRequest(query, { hash }); + } catch (err) { + return { ok: false, status: 500, error: String(err?.message || err) }; + } + + const row = data?.api_tokens?.[0]; + if (!row?.id) return { ok: false, status: 401, error: 'invalid_or_revoked_token' }; + const scopes = normalizeScopes(row.scopes); + if (requiredScope && !scopes.includes(requiredScope)) { + return { ok: false, status: 403, error: 'missing_scope' }; + } + + // best-effort touch + const touch = ` + mutation TouchToken($id: uuid!, $ts: timestamptz!) { + update_api_tokens_by_pk(pk_columns: {id: $id}, _set: {last_used_at: $ts}) { id } + } + `; + hasuraRequest(touch, { id: row.id, ts: getIsoNow() }).catch(() => {}); + + return { ok: true, token: { id: row.id, name: row.name } }; +} + +async function readSolPriceUsd() { + try { + const q = ` + query SolPrice { + dlob_stats_latest(where: {market_name: {_eq: "SOL-PERP"}}, limit: 1) { + mid_price + mark_price + oracle_price + } + } + `; + const data = await hasuraRequest(q, {}); + const row = data?.dlob_stats_latest?.[0]; + const p = parseNumeric(row?.mid_price) ?? parseNumeric(row?.mark_price) ?? parseNumeric(row?.oracle_price); + if (p != null && p > 0) return p; + } catch { + // ignore + } + return null; +} + +function getByPath(obj, pathStr) { + if (!obj || typeof obj !== 'object') return undefined; + const parts = String(pathStr || '').split('.').filter(Boolean); + let cur = obj; + for (const p of parts) { + if (!cur || typeof cur !== 'object') return undefined; + cur = cur[p]; + } + return cur; +} + +function readNumberFromPayload(payload, paths) { + for (const p of paths) { + const v = getByPath(payload, p); + const n = parseNumeric(v); + if (n != null) return n; + } + return null; +} + +function readTextFromPayload(payload, paths) { + for (const p of paths) { + const v = getByPath(payload, p); + if (typeof v === 'string' && v.trim()) return v.trim(); + } + return null; +} + +function inferContractSizeUsd(contract) { + return ( + readNumberFromPayload(contract, [ + 'desired.size_usd', + 'desired.sizeUsd', + 'desired.notional_usd', + 'desired.notionalUsd', + 'entry.size_usd', + 'entry.sizeUsd', + 'entry.notional_usd', + 'entry.notionalUsd', + 'entry.order_intent.size_usd', + 'entry.order_intent.sizeUsd', + 'desired.order_intent.size_usd', + 'desired.order_intent.sizeUsd', + ]) || null + ); +} + +function inferContractSide(contract) { + const raw = + readTextFromPayload(contract, [ + 'desired.side', + 'entry.side', + 'entry.order_intent.side', + 'desired.order_intent.side', + 'desired.direction', + 'entry.direction', + ]) || ''; + const v = raw.toLowerCase(); + if (v === 'long' || v === 'buy') return 'long'; + if (v === 'short' || v === 'sell') return 'short'; + return null; +} + +function sumCostsFromEvents(events) { + const totals = { + tradeFeeUsd: 0, + txFeeUsd: 0, + slippageUsd: 0, + fundingUsd: 0, + realizedPnlUsd: 0, + txCount: 0, + fillCount: 0, + cancelCount: 0, + modifyCount: 0, + errorCount: 0, + }; + + for (const ev of events || []) { + const t = String(ev?.event_type || '').toLowerCase(); + const payload = ev?.payload && typeof ev.payload === 'object' ? ev.payload : {}; + + const tradeFeeUsd = + readNumberFromPayload(payload, [ + 'realized_fee_usd', + 'trade_fee_usd', + 'fee_usd', + 'fees.trade_fee_usd', + 'fees.usd', + ]) || 0; + const txFeeUsd = + readNumberFromPayload(payload, [ + 'realized_tx_usd', + 'tx_fee_usd', + 'network_fee_usd', + 'fees.tx_fee_usd', + 'fees.network_usd', + ]) || 0; + const slippageUsd = + readNumberFromPayload(payload, [ + 'slippage_usd', + 'realized_slippage_usd', + 'execution_usd', + 'realized_execution_usd', + ]) || 0; + const fundingUsd = readNumberFromPayload(payload, ['funding_usd', 'realized_funding_usd']) || 0; + const pnlUsd = readNumberFromPayload(payload, ['realized_pnl_usd', 'pnl_usd']) || 0; + const txCount = readNumberFromPayload(payload, ['tx_count', 'txCount']) || 0; + + totals.tradeFeeUsd += tradeFeeUsd; + totals.txFeeUsd += txFeeUsd; + totals.slippageUsd += slippageUsd; + totals.fundingUsd += fundingUsd; + totals.realizedPnlUsd += pnlUsd; + totals.txCount += txCount; + + if (t.includes('fill')) totals.fillCount += 1; + if (t.includes('cancel')) totals.cancelCount += 1; + if (t.includes('modify') || t.includes('reprice')) totals.modifyCount += 1; + if (t.includes('error') || String(ev?.severity || '').toLowerCase() === 'error') totals.errorCount += 1; + } + + const totalCostsUsd = totals.tradeFeeUsd + totals.txFeeUsd + totals.slippageUsd + totals.fundingUsd; + + return { + ...totals, + totalCostsUsd, + netPnlUsd: totals.realizedPnlUsd - totalCostsUsd, + }; +} + +function buildCostSeriesFromEvents(events, { maxPoints }) { + const points = []; + const totals = { + tradeFeeUsd: 0, + txFeeUsd: 0, + slippageUsd: 0, + fundingUsd: 0, + realizedPnlUsd: 0, + }; + + for (const ev of events || []) { + const ts = ev?.ts; + if (!ts) continue; + const payload = ev?.payload && typeof ev.payload === 'object' ? ev.payload : {}; + + const tradeFeeUsd = + readNumberFromPayload(payload, [ + 'realized_fee_usd', + 'trade_fee_usd', + 'fee_usd', + 'fees.trade_fee_usd', + 'fees.usd', + ]) || 0; + const txFeeUsd = + readNumberFromPayload(payload, [ + 'realized_tx_usd', + 'tx_fee_usd', + 'network_fee_usd', + 'fees.tx_fee_usd', + 'fees.network_usd', + ]) || 0; + const slippageUsd = + readNumberFromPayload(payload, [ + 'slippage_usd', + 'realized_slippage_usd', + 'execution_usd', + 'realized_execution_usd', + ]) || 0; + const fundingUsd = readNumberFromPayload(payload, ['funding_usd', 'realized_funding_usd']) || 0; + const pnlUsd = readNumberFromPayload(payload, ['realized_pnl_usd', 'pnl_usd']) || 0; + + totals.tradeFeeUsd += tradeFeeUsd; + totals.txFeeUsd += txFeeUsd; + totals.slippageUsd += slippageUsd; + totals.fundingUsd += fundingUsd; + totals.realizedPnlUsd += pnlUsd; + + const totalCostsUsd = totals.tradeFeeUsd + totals.txFeeUsd + totals.slippageUsd + totals.fundingUsd; + points.push({ + ts, + tradeFeeUsd: totals.tradeFeeUsd, + txFeeUsd: totals.txFeeUsd, + slippageUsd: totals.slippageUsd, + fundingUsd: totals.fundingUsd, + totalCostsUsd, + realizedPnlUsd: totals.realizedPnlUsd, + netPnlUsd: totals.realizedPnlUsd - totalCostsUsd, + }); + } + + const cap = Math.max(50, Math.min(10_000, Number(maxPoints) || 600)); + if (points.length <= cap) return points; + + const step = Math.ceil(points.length / cap); + const sampled = []; + for (let i = 0; i < points.length; i += step) sampled.push(points[i]); + const last = points[points.length - 1]; + if (sampled[sampled.length - 1] !== last) sampled.push(last); + return sampled; +} + +function proxyToUpstream(req, res) { + const url = new URL(req.url || '/', `http://${req.headers.host || 'localhost'}`); + + const headers = { ...req.headers }; + delete headers.host; + delete headers.connection; + + const opts = { + host: UPSTREAM_HOST, + port: UPSTREAM_PORT, + method: req.method, + path: url.pathname + url.search, + headers, + }; + + const upstreamReq = http.request(opts, (upstreamRes) => { + withCors(res); + res.statusCode = upstreamRes.statusCode || 502; + + for (const [k, v] of Object.entries(upstreamRes.headers || {})) { + if (!k) continue; + if (k.toLowerCase() === 'content-length') continue; + if (k.toLowerCase().startsWith('access-control-')) continue; + if (v != null) res.setHeader(k, v); + } + + upstreamRes.pipe(res); + }); + + upstreamReq.on('error', (err) => { + sendJson(res, 502, { ok: false, error: String(err?.message || err) }); + }); + + req.pipe(upstreamReq); +} + +async function handleMonitor(req, res, url) { + const auth = await requireValidToken(req, 'read'); + if (!auth.ok) { + sendJson(res, auth.status, { ok: false, error: auth.error }); + return; + } + + const pathname = url.pathname; + const parts = pathname.split('/').filter(Boolean); + const contractId = parts[2]; + if (!isUuid(contractId)) { + sendJson(res, 400, { ok: false, error: 'invalid_contract_id' }); + return; + } + + const limit = clampInt(url.searchParams.get('eventsLimit') || '2000', 10, 50_000); + const wantSeries = (url.searchParams.get('series') || '').trim() === '1'; + const seriesMax = clampInt(url.searchParams.get('seriesMax') || '600', 50, 10_000); + + const qContract = ` + query ContractByPk($id: uuid!) { + bot_contracts_by_pk(id: $id) { + id + decision_id + bot_id + model_version + market_name + subaccount_id + status + desired + entry + manage + exit + gates + created_at + updated_at + last_heartbeat_at + ended_at + reason + } + } + `; + const qEvents = ` + query ContractEvents($id: uuid!, $limit: Int!) { + bot_events(where: {contract_id: {_eq: $id}}, order_by: {ts: asc}, limit: $limit) { + ts + contract_id + decision_id + bot_id + market_name + event_type + severity + payload + } + } + `; + + try { + const data = await hasuraRequest(qContract, { id: contractId }); + const contract = data?.bot_contracts_by_pk; + if (!contract?.id) { + sendJson(res, 404, { ok: false, error: 'contract_not_found' }); + return; + } + + const evData = await hasuraRequest(qEvents, { id: contractId, limit }); + const events = evData?.bot_events || []; + const costs = sumCostsFromEvents(events); + const series = wantSeries ? buildCostSeriesFromEvents(events, { maxPoints: seriesMax }) : null; + + const sizeUsd = inferContractSizeUsd(contract); + const side = inferContractSide(contract); + + let closeEst = null; + if (contract.market_name && sizeUsd != null) { + const qSlip = ` + query Slippage($market: String!) { + dlob_slippage_latest(where: {market_name: {_eq: $market}}) { + market_name + side + size_usd + mid_price + vwap_price + worst_price + impact_bps + fill_pct + updated_at + } + } + `; + const slipData = await hasuraRequest(qSlip, { market: contract.market_name }); + const rows = slipData?.dlob_slippage_latest || []; + + const pickNearest = (wantedSide) => { + const candidates = rows.filter((r) => String(r.side || '').toLowerCase() === wantedSide); + if (!candidates.length) return null; + let best = null; + let bestD = Infinity; + for (const r of candidates) { + const s = parseNumeric(r.size_usd); + if (s == null) continue; + const d = Math.abs(s - sizeUsd); + if (d < bestD) { + bestD = d; + best = r; + } + } + return best; + }; + + closeEst = { + requestedSizeUsd: sizeUsd, + entrySide: side, + suggestedCloseSide: side === 'long' ? 'sell' : side === 'short' ? 'buy' : null, + buy: pickNearest('buy'), + sell: pickNearest('sell'), + }; + } + + sendJson(res, 200, { + ok: true, + contract, + eventsCount: events.length, + costs, + series, + closeEstimate: closeEst, + }); + } catch (err) { + sendJson(res, 500, { ok: false, error: String(err?.message || err) }); + } +} + +async function handleEstimate(req, res) { + const auth = await requireValidToken(req, 'read'); + if (!auth.ok) { + sendJson(res, auth.status, { ok: false, error: auth.error }); + return; + } + + let body; + try { + body = await readBodyJson(req, { maxBytes: 256 * 1024 }); + } catch (err) { + const msg = String(err?.message || err); + if (msg === 'payload_too_large') { + sendJson(res, 413, { ok: false, error: 'payload_too_large' }); + return; + } + sendJson(res, 400, { ok: false, error: 'invalid_json' }); + return; + } + + const market = String(body?.market_name || body?.market || '').trim(); + if (!market) { + sendJson(res, 400, { ok: false, error: 'missing_market' }); + return; + } + + const notionalUsd = parseNumeric(body?.notional_usd ?? body?.notionalUsd ?? body?.size_usd ?? body?.sizeUsd); + if (!(notionalUsd != null && notionalUsd > 0)) { + sendJson(res, 400, { ok: false, error: 'invalid_notional_usd' }); + return; + } + + const entrySideRaw = String(body?.side || 'long').trim().toLowerCase(); + const entrySide = entrySideRaw === 'short' ? 'short' : 'long'; + + const orderType = String(body?.order_type || body?.orderType || 'market').trim().toLowerCase(); + const isMarket = orderType === 'market' || orderType === 'taker'; + + const takerBps = clampNumber(parseNumeric(body?.fee_taker_bps) ?? 5, 0, 1000, 5); + const makerBps = clampNumber(parseNumeric(body?.fee_maker_bps) ?? 0, -1000, 1000, 0); + const feeBps = isMarket ? takerBps : makerBps; + + let txFeeUsdEst = parseNumeric(body?.tx_fee_usd_est); + if (txFeeUsdEst == null) { + const baseLamports = 5000; + const sigs = 1; + const priorityLamports = 0; + const lamports = baseLamports * sigs + priorityLamports; + const sol = lamports / 1_000_000_000; + const solUsd = await readSolPriceUsd(); + txFeeUsdEst = solUsd != null ? sol * solUsd : 0; + } + txFeeUsdEst = clampNumber(txFeeUsdEst, 0, 100, 0); + + const expectedReprices = clampInt(body?.expected_reprices_per_entry ?? body?.expectedReprices ?? '0', 0, 500); + const modifyTxCount = clampInt(body?.modify_tx_count ?? body?.modifyTxCount ?? '2', 0, 10); + + try { + const qSlip = ` + query Slippage($market: String!) { + dlob_slippage_latest(where: {market_name: {_eq: $market}}) { + market_name + side + size_usd + mid_price + vwap_price + worst_price + impact_bps + fill_pct + updated_at + } + } + `; + const slipData = await hasuraRequest(qSlip, { market }); + const rows = slipData?.dlob_slippage_latest || []; + const wantedSide = entrySide === 'long' ? 'buy' : 'sell'; + const candidates = rows.filter((r) => String(r.side || '').toLowerCase() === wantedSide); + + let best = null; + let bestD = Infinity; + for (const r of candidates) { + const s = parseNumeric(r.size_usd); + if (s == null) continue; + const d = Math.abs(s - notionalUsd); + if (d < bestD) { + bestD = d; + best = r; + } + } + + const impactBps = parseNumeric(best?.impact_bps) ?? 0; + const slippageUsd = (notionalUsd * impactBps) / 10_000; + const tradeFeeUsd = (notionalUsd * feeBps) / 10_000; + const modifyCostUsd = expectedReprices * modifyTxCount * txFeeUsdEst; + const totalUsd = tradeFeeUsd + slippageUsd + txFeeUsdEst + modifyCostUsd; + const totalBps = (totalUsd / notionalUsd) * 10_000; + + sendJson(res, 200, { + ok: true, + input: { + market_name: market, + notional_usd: notionalUsd, + side: entrySide, + order_type: orderType, + fee_bps: feeBps, + tx_fee_usd_est: txFeeUsdEst, + expected_reprices_per_entry: expectedReprices, + }, + dlob: best + ? { + size_usd: best.size_usd, + side: best.side, + mid_price: best.mid_price, + vwap_price: best.vwap_price, + impact_bps: best.impact_bps, + fill_pct: best.fill_pct, + updated_at: best.updated_at, + } + : null, + breakdown: { + trade_fee_usd: tradeFeeUsd, + slippage_usd: slippageUsd, + tx_fee_usd: txFeeUsdEst, + expected_modify_usd: modifyCostUsd, + total_usd: totalUsd, + total_bps: totalBps, + breakeven_bps: totalBps, + }, + }); + } catch (err) { + sendJson(res, 500, { ok: false, error: String(err?.message || err) }); + } +} + +let upstreamChild = null; + +function startUpstream() { + const env = { ...process.env, PORT: String(UPSTREAM_PORT) }; + upstreamChild = spawn('node', [UPSTREAM_ENTRY], { env, stdio: 'inherit' }); + upstreamChild.on('exit', (code, signal) => { + console.error(`upstream exited: code=${code} signal=${signal}`); + }); +} + +function shutdown() { + if (upstreamChild && !upstreamChild.killed) upstreamChild.kill('SIGTERM'); +} + +process.on('SIGTERM', shutdown); +process.on('SIGINT', shutdown); + +startUpstream(); + +const server = http.createServer(async (req, res) => { + if (req.method === 'OPTIONS') { + withCors(res); + res.statusCode = 204; + res.end(); + return; + } + + const url = new URL(req.url || '/', `http://${req.headers.host || 'localhost'}`); + const pathname = url.pathname; + + if (req.method === 'GET' && pathname === '/healthz') { + // Check upstream quickly; if it's down, we fail readiness. + const opts = { host: UPSTREAM_HOST, port: UPSTREAM_PORT, path: '/healthz', method: 'GET', timeout: 800 }; + const upstreamOk = await new Promise((resolve) => { + const r = http.request(opts, (rr) => { + rr.resume(); + resolve(rr.statusCode === 200); + }); + r.on('timeout', () => { + r.destroy(); + resolve(false); + }); + r.on('error', () => resolve(false)); + r.end(); + }); + + if (!upstreamOk) { + sendJson(res, 503, { ok: false, error: 'upstream_not_ready' }); + return; + } + + sendJson(res, 200, { + ok: true, + service: 'trade-api-wrapper', + startedAt: getIsoNow(), + upstream: { host: UPSTREAM_HOST, port: UPSTREAM_PORT }, + }); + return; + } + + if (req.method === 'POST' && pathname === '/v1/contracts/costs/estimate') { + await handleEstimate(req, res); + return; + } + + if (req.method === 'GET' && pathname.startsWith('/v1/contracts/') && pathname.endsWith('/monitor')) { + await handleMonitor(req, res, url); + return; + } + + proxyToUpstream(req, res); +}); + +server.listen(WRAPPER_PORT, () => { + console.log( + JSON.stringify( + { + service: 'trade-api-wrapper', + port: WRAPPER_PORT, + upstream: { entry: UPSTREAM_ENTRY, host: UPSTREAM_HOST, port: UPSTREAM_PORT }, + hasuraUrl: HASURA_URL, + hasuraAdminSecret: HASURA_ADMIN_SECRET ? '***' : undefined, + }, + null, + 2 + ) + ); +});