forked from OffchainLabs/arbitrum-docs
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'OffchainLabs:master' into master
- Loading branch information
Showing
36 changed files
with
574 additions
and
91 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,15 +1,15 @@ | ||
# Security Audit Reports | ||
|
||
- [Code4rena, 6/17/2024: Arbitrum BoLD](https://code4rena.com/reports/2024-05-arbitrum-foundation) | ||
|
||
- [Trail of Bits, 6/10/2024: Arbitrum Stylus](https://github.com/trailofbits/publications/blob/master/reviews/2024-05-offchain-arbitrumstylus-securityreview.pdf) | ||
|
||
- [Trail of Bits, 5/2/2024: Arbitrum BoLD & Delay Buffer](https://github.com/trailofbits/publications/blob/master/reviews/2024-04-offchainbold-securityreview.pdf) | ||
|
||
- [Trail of Bits, 1/6/2023: Governance, Token Bridge ](https://github.com/ArbitrumFoundation/governance/blob/master/audits/trail_of_bits_governance_report_1_6_2023.pdf) | ||
|
||
- [Trail of Bits, 10/10/2022: Nitro Node & Core Contracts](https://github.com/OffchainLabs/nitro/blob/master/audits/Trail_Of_Bits_Nitro_10_2022.pdf) | ||
|
||
- [ ConsenSys Diligence, 6/24/2022: Nitro Node & Core Contracts](https://github.com/OffchainLabs/nitro/blob/master/audits/ConsenSys_Diligence_Nitro_Contracts_5_2022.pdf) | ||
|
||
- [ ConsenSys Diligence, 11/5/2021: Core Contracts, Token Bridge](https://github.com/OffchainLabs/nitro/blob/master/audits/ConsenSys_Diligence_Arbitrum_Contracts_11_2021.pdf) | ||
| Auditor | Audit date | Audited code | View report | | ||
|-------------------------|------------|------------------------------------------------|-----------------------------------------------------------------------------------------| | ||
| **ConsenSys Diligence** | 11/05/2021 | Core Contracts, Token Bridge | [view](hosted-audit-reports/ConsenSys_Diligence_Arbitrum_Contracts_11_2021.pdf) | | ||
| **ConsenSys Diligence** | 06/24/2022 | Nitro Node & Core Contracts | [view](hosted-audit-reports/ConsenSys_Diligence_Nitro_Contracts_5_2022.pdf) | | ||
| **Trail of Bits** | 10/10/2022 | Nitro Node & Core Contracts | [view](hosted-audit-reports/Trail_Of_Bits_Nitro_10_2022.pdf) | | ||
| **Trail of Bits** | 01/06/2023 | Governance& Token Bridge | [view](hosted-audit-reports/trail_of_bits_governance_report_1_6_2023.pdf) | | ||
| **chainsecurity** | 03/20/2024 | Nova Fee Router Updates (ArbOS 31) | [view](https://www.chainsecurity.com/security-audit/offchain-labs-fund-distribution) | | ||
| **Trail of Bits** | 05/02/2024 | Arbitrum BoLD & Delay Buffer | [view](hosted-audit-reports/2024-04-offchainbold-securityreview.pdf) | | ||
| **Code4rena** | 06/17/2024 | Arbitrum BoLD: Public Audit Competition Report | [view](https://code4rena.com/reports/2024-05-arbitrum-foundation) | | ||
| **Trail of Bits** | 06/10/2024 | Arbitrum Stylus | [view](hosted-audit-reports/2024-05-offchain-arbitrumstylus-securityreview.pdf) | | ||
| **Trail of Bits** | 07/24/2024 | Arbos30 Nitro upgrade | [view](hosted-audit-reports/2024-04-offchain-arbos-30-nitro-upgrade-securityreview.pdf) | | ||
| **Trail of Bits** | 07/24/2024 | Arbos 31 | [view](hosted-audit-reports/2024-04-offchain-arbos-31-securityreview.pdf) | | ||
| **Trail of Bits** | 07/24/2024 | l1-l3-teleporter | [view](hosted-audit-reports/2024-04-offchain-l1-l3-teleporter-securityreview.pdf) | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
185 changes: 185 additions & 0 deletions
185
arbitrum-docs/for-devs/third-party-docs/TheGraph/thegraph.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,185 @@ | ||
# The Graph | ||
|
||
Getting historical data on a smart contract can be frustrating when building a dApp. [The Graph](https://thegraph.com/) provides an easy way to query smart contract data through APIs known as subgraphs, which utilize `GraphQL`. The Graph's infrastructure relies on a decentralized network of indexers, enabling your dApp to become truly decentralized. | ||
|
||
## Quick start | ||
|
||
These subgraphs only take a few minutes to set up and get running. To get started, follow these three steps: | ||
|
||
1. [Initialize your subgraph project](#1-initialize-your-subgraph-project) | ||
2. [Deploy & publish](#2-deploy--publish) | ||
3. [Query from your dApp](#sample-query) | ||
|
||
Pricing: **All developers receive 100K free monthly queries on the decentralized network**. After these free queries, you only pay based on usage at $4 for every 100K queries. | ||
|
||
Here's a step by step walkthrough: | ||
|
||
## 1. Initialize your subgraph project | ||
|
||
### Create a subgraph on Subgraph Studio | ||
|
||
Go to the [Subgraph Studio](https://thegraph.com/studio/) and connect your wallet. Once your wallet is connected, you can begin by clicking "Create a Subgraph". Please choose a good name for the subgraph: this name can't be edited later. It is recommended to use Title Case: "Subgraph Name Chain Name." | ||
|
||
![Create a Subgraph](https://lh7-us.googleusercontent.com/docsz/AD_4nXf8OTdwMxlKQGKzIF_kYR7NPKeh9TmWnZBYxb7ft_YbdOdx_VVtbp6PslN7N1KGUzNpIDCmaXppdrllM1cw_J4L8Na03BXOWzJTK1POCve0nkRjQYgWJ60QHAdtQ4Niy83SMM8m0F0f-N-AJj4PDqDPlA5M?key=fnI6SyFgXU9SZRNX5C5vPQ) | ||
|
||
You will then land on your subgraph's page. All the CLI commands you need will be visible on the right side of the page: | ||
|
||
![CLI commands](https://lh7-us.googleusercontent.com/docsz/AD_4nXe3YvCxiOH_LupSWe8zh9AmP-VrV4PlOq3f7Ix6hNlBUYcANUFuLuVIWR74OGiBs0nrugTyT0v3o6RPmTsgHONdv_ZJNWtcDWEkRntXPHlQGFcqmEBa-D6j4aoIPzUKYdOJMVUPu8O3fwjdZ4IaXXZoTzY?key=fnI6SyFgXU9SZRNX5C5vPQ) | ||
|
||
### Install the Graph CLI | ||
|
||
On your local machine, run the following: | ||
|
||
```shell | ||
npm install -g @graphprotocol/graph-cli | ||
``` | ||
|
||
### Initialize your Subgraph | ||
|
||
You can copy this directly from your subgraph page to include your specific subgraph slug: | ||
|
||
```shell | ||
graph init --studio <SUBGRAPH_SLUG> | ||
``` | ||
|
||
You'll be prompted to provide some info on your subgraph like this: | ||
|
||
![cli sample](https://lh7-us.googleusercontent.com/docsz/AD_4nXdTAUsUb5vbs3GtCrhKhuXM1xYoqqooYTxw6lfJfYtLJNP8GKVOhTPmjxlM1b6Qpx-pXNVOzRuc8BL12wZXqy4MIj8ja0tp15znfuJD_Mg84SSNj3JpQ4d31lNTxPYnpba4UOzZx8pmgOIsbI7vCz70v9gC?key=fnI6SyFgXU9SZRNX5C5vPQ) | ||
|
||
Simply have your contract verified on the block explorer, and the CLI will automatically obtain the ABI and set up your subgraph. The default settings will generate an entity for each event. | ||
|
||
## 2. Deploy & publish | ||
|
||
### Deploy to Subgraph Studio | ||
|
||
First, run these commands in your terminal | ||
|
||
```shell | ||
graph codegen | ||
graph build | ||
``` | ||
|
||
Then, invoke these commands to authenticate and deploy your subgraph. You can copy these commands directly from your subgraph's page in Studio to include your specific deploy key and subgraph slug: | ||
|
||
```shell | ||
graph auth --studio <DEPLOY_KEY> | ||
graph deploy --studio <SUBGRAPH_SLUG> | ||
``` | ||
|
||
You will be asked for a version label. You can enter something like `V0.0.1`, but you're free to choose the format. | ||
|
||
### Test your subgraph | ||
|
||
You can test your subgraph by making a sample query in the playground section. The Details tab will show you an API endpoint. You can use that endpoint to test from your dApp. | ||
|
||
![Playground](https://lh7-us.googleusercontent.com/docsz/AD_4nXf3afwSins8_eO7BceGPN79VvwolDxmFNUnkPk0zAJCaUA-3-UAAjVvrMzwr7q9vNYWdrEUNgm2De2VfQpWauiT87RkFc-cVfoPSsQbYSgsmwhyY1-tpPdv2J1H4JAMq70nfWBhb8PszZBFjsbDAaJ5eto?key=fnI6SyFgXU9SZRNX5C5vPQ) | ||
|
||
### Publish your subgraph to The Graph's decentralized network | ||
|
||
Once your subgraph is ready for production, you can publish it to the decentralized network. On your subgraph's page in Subgraph Studio, click on the Publish button: | ||
|
||
![publish button](https://edgeandnode.notion.site/image/https%3A%2F%2Fprod-files-secure.s3.us-west-2.amazonaws.com%2Fa7d6afae-8784-4b15-a90e-ee8f6ee007ba%2F2f9c4526-123d-4164-8ea8-39959c8babbf%2FUntitled.png?table=block&id=37005371-76b4-4780-b044-040a570e3af6&spaceId=a7d6afae-8784-4b15-a90e-ee8f6ee007ba&width=1420&userId=&cache=v2) | ||
|
||
Before you can query your subgraph, Indexers need to begin serving queries on it. In order to streamline this process, you can curate your own subgraph using `$GRT`. | ||
|
||
When publishing, you'll see the option to curate your subgraph. As of May 2024, it is recommended that you curate your own subgraph with at least 3,000 `$GRT` to ensure that it is indexed and available for querying as soon as possible. | ||
|
||
![Publish screen](https://lh7-us.googleusercontent.com/docsz/AD_4nXerUr-IgWjwBZvp9Idvz5hTq8AFB0n_VlXCzyDtUxKaCTANT4gkk-2O77oW-a0ZWOh3hnqQsY7zcSaLeCQin9XU1NTX1RVYOLFX9MuVxBEqcMryqgnGQKx-MbDnOWKuMoLBhgyVWQereg3cdWtCPcTQKFU?key=fnI6SyFgXU9SZRNX5C5vPQ) | ||
|
||
## 3. Query your Subgraph | ||
|
||
Congratulations! You can now query your subgraph on the decentralized network! | ||
|
||
You can start querying any subgraph on the decentralized network by passing a `GraphQL` query into the subgraph's query URL, which can be found at the top of its Explorer page. | ||
|
||
Here's an example from the [CryptoPunks Ethereum subgraph](https://thegraph.com/explorer/subgraphs/HdVdERFUe8h61vm2fDyycHgxjsde5PbB832NHgJfZNqK) by Messari: | ||
|
||
![Query URL](https://lh7-us.googleusercontent.com/docsz/AD_4nXebivsPOUjPHAa3UVtvxoYTFXaGBao9pQOAJvFK0S7Uv0scfL6TcTVjmNCzT4DgsIloAQyrPTCqHjFPtmjyrzoKkfSeV28FjS32F9-aJJm0ILAHey2gqMr7Seu4IqPz2d__QotsWG3OKv2dEghiD74eypzs?key=fnI6SyFgXU9SZRNX5C5vPQ) | ||
|
||
The query URL for this subgraph is: | ||
|
||
```shell | ||
https://gateway-arbitrum.network.thegraph.com/api/**[api-key]**/subgraphs/id/HdVdERFUe8h61vm2fDyycHgxjsde5PbB832NHgJfZNqK | ||
``` | ||
|
||
Now, you simply need to fill in your own API Key to start sending `GraphQL` queries to this endpoint. | ||
|
||
### Getting your own API key | ||
|
||
![API keys](https://lh7-us.googleusercontent.com/docsz/AD_4nXdz7H8hSRf2XqrU0jN3p3KbmuptHvQJbhRHOJh67nBfwh8RVnhTsCFDGA_JQUFizyMn7psQO0Vgk6Vy7cKYH47OyTq5PqycB0xxLyF4kSPsT7hYdMv2MEzAo433sJT6VlQbUAzgPnSxKI9a5Tn3ShSzaxI?key=fnI6SyFgXU9SZRNX5C5vPQ) | ||
|
||
In Subgraph Studio, you'll see the "API Keys" menu at the top of the page. Here, you can create API Keys. | ||
|
||
## Appendix | ||
|
||
### Sample query | ||
|
||
This query shows the most expensive CryptoPunks sold. | ||
|
||
```graphql | ||
{ | ||
trades(orderBy: priceETH, orderDirection: desc) { | ||
priceETH | ||
tokenId | ||
} | ||
} | ||
``` | ||
|
||
Passing this into the query URL returns this result: | ||
|
||
```graphql | ||
{ | ||
"data": { | ||
"trades": [ | ||
{ | ||
"priceETH": "124457.067524886018255505", | ||
"tokenId": "9998" | ||
}, | ||
{ | ||
"priceETH": "8000", | ||
"tokenId": "5822" | ||
}, | ||
// ... | ||
``` | ||
|
||
💡 Trivia: Looking at the top sales on [CryptoPunks website](https://cryptopunks.app/cryptopunks/topsales) it looks like the top sale is Punk #5822, not #9998. Why? Because they censored the flash-loan sale that happened. | ||
|
||
### Sample code | ||
|
||
```js | ||
const axios = require('axios'); | ||
|
||
const graphqlQuery = `{ | ||
trades(orderBy: priceETH, orderDirection: desc) { | ||
priceETH | ||
tokenId | ||
} | ||
}`; | ||
const queryUrl = | ||
'https://gateway-arbitrum.network.thegraph.com/api/[api-key]/subgraphs/id/HdVdERFUe8h61vm2fDyycHgxjsde5PbB832NHgJfZNqK'; | ||
|
||
const graphQLRequest = { | ||
method: 'post', | ||
url: queryUrl, | ||
data: { | ||
query: graphqlQuery, | ||
}, | ||
}; | ||
|
||
// Send the `GraphQL` query | ||
axios(graphQLRequest) | ||
.then((response) => { | ||
// Handle the response here | ||
const data = response.data.data; | ||
console.log(data); | ||
}) | ||
.catch((error) => { | ||
// Handle any errors | ||
console.error(error); | ||
}); | ||
``` | ||
|
||
### Additional resources: | ||
|
||
- To explore all the ways you can optimize & customize your subgraph for better performance, read more about [creating a subgraph here](https://thegraph.com/docs/en/developing/creating-a-subgraph/). | ||
- You can find more information in our article about [querying data from your subgraph](https://thegraph.com/docs/en/querying/querying-the-graph/). |
Binary file added
BIN
+927 KB
...trum-docs/hosted-audit-reports/2024-04-offchain-arbos-30-nitro-upgrade-securityreview.pdf
Binary file not shown.
Binary file added
BIN
+827 KB
arbitrum-docs/hosted-audit-reports/2024-04-offchain-arbos-31-securityreview.pdf
Binary file not shown.
Binary file added
BIN
+838 KB
arbitrum-docs/hosted-audit-reports/2024-04-offchain-l1-l3-teleporter-securityreview.pdf
Binary file not shown.
Binary file added
BIN
+909 KB
arbitrum-docs/hosted-audit-reports/2024-04-offchainbold-securityreview.pdf
Binary file not shown.
Binary file added
BIN
+1.91 MB
arbitrum-docs/hosted-audit-reports/2024-05-offchain-arbitrumstylus-securityreview.pdf
Binary file not shown.
Binary file added
BIN
+3.82 MB
arbitrum-docs/hosted-audit-reports/ConsenSys_Diligence_Arbitrum_Contracts_11_2021.pdf
Binary file not shown.
Binary file added
BIN
+2.94 MB
arbitrum-docs/hosted-audit-reports/ConsenSys_Diligence_Nitro_Contracts_5_2022.pdf
Binary file not shown.
Binary file not shown.
Binary file added
BIN
+1.06 MB
arbitrum-docs/hosted-audit-reports/trail_of_bits_governance_report_1_6_2023.pdf
Binary file not shown.
Oops, something went wrong.