Presentation is loading. Please wait.

Presentation is loading. Please wait.

The First RichCoin Bank of Santa Barbara CS290B – Spring 2014 Hiranya – Alex – Chris – Emre - Stratos.

Published byRomeo Chilcott Modified over 9 years ago

Similar presentations

Presentation on theme: "The First RichCoin Bank of Santa Barbara CS290B – Spring 2014 Hiranya – Alex – Chris – Emre - Stratos."— Presentation transcript:

1 The First RichCoin Bank of Santa Barbara CS290B – Spring 2014 Hiranya – Alex – Chris – Emre - Stratos

2 Roadmap Introduction APIs Tutorial and demo AWS for RichCoin Questions

3 Introduction Central storage for all the RichCoins you’re going to mine this quarter. Validates submitted coins for correctness and uniqueness. Keeps score. Accessible via a secure REST API.

4 System Design Web Server Database Queue Coin Validator Client (You) Client (You)

5 API Features Secured – OAuth 2.0 bearer token profile Throttled (Rate Limited) – Gold, Silver and Bronze tiers Separate production and sandbox environments Versioned

6 APIs Vault API – Mint new coins – Retrieve already minted coins Scoreboard API – Retrieve current score Admin API – Only for admins

7 Accessing the APIs: Step 1 Send an e-mail to hiranya@cs.ucsb.eduhiranya@cs.ucsb.edu Specify following details: –Group name: avengers2014 –Group members: Steve Rogers Tony Stark Bruce Banner You will get a reply back with login credentials for the RichCoin API Store.

8 Accessing the APIs: Step 2 Change your password… https://euca-128-111-179-147.eucalyptus.race.cs.ucsb.edu:9443/carbon Login using the username and password sent in the email. Click on “Configure” tab left to the main menu. Select “Users and Roles”. Click on “Change My Password”.

9 Accessing the APIs: Step 3 Register your applications… https://euca-128-111-179-147.eucalyptus.race.cs.ucsb.edu:9443/store/ Login using your username and password. Select “My Applications”. Enter a meaningful name for the application you’re going to implement using the APIs.

10 Accessing the APIs: Step 4 Subscribe to the APIs… Click on each API, select the application you registered in the previous step, select a throttling tier and click “Subscribe”.

11 Accessing the APIs: Step 5 Obtain API keys… Select “My Subscriptions”. Make sure your application is selected in the dropdown. Click “Generate Keys”. – You can generate separate keys for production and sandbox environments.

12 Accessing the APIs: Step 6 At this point you are all set. Simply send your API key to the server along with all your requests. API key should be sent as a HTTP Authorization header: – Authorization: Bearer

13 Production & Sandbox Setups You can get separate keys to access the production and sandbox environments. APIs and their URLs are identical in the two environments. Use the sandbox environment to test your application. For the contest we will only consider the score in the production environment. Note: Sandbox environment is not backed up and your data may get lost.

14 Throttling/Rate Limiting The access tier you selected when subscribing to an API determines how many requests you can send to an API in a minute. – e.g. Gold tier: Allows 20 req/minute Once you exceed your per-minute quota, you will start receiving errors (503 Service Unavailable).

15 Vault API Minting a new coin POST a JSON payload to /vault/1.0.0 – solution: Your solution matrix encoded into a string of 1’s and 0’s (row-major form) – clientTimestamp: A UTC timestamp generated from the client machine (milliseconds since epoch) { “solution”: “100000011000100”, “clientTimestamp”: 123456 }

16 Vault API: Response When you submit a new solution, you will get a unique ID back in return. Use this ID to query the status of your solution. – GET /vault/1.0.0/ { “coinId” : “1ab3jshfshns”, “ status” : 0, …. }

17 Scoreboard API Retrieve the current score Send a GET request /scoreboard/1.0.0 You get a JSON payload back with all the users and the number of coins they have mined – Application details available in payload for each user – Scores are sorted in descending order

18 API Quick Reference API CallDescription POST /vault/1.0.0Mint a new coin GET /vault/1.0.0Get all coins mined so far GET /vault/1.0.0/ Get a specific coin GET /scoreboard/1.0.0Get the current scoreboard GET /scoreboard/1.0.0/ Get the score of a specific user

19 Coin Status Codes CodeDescription 0Pending validation 1Coin validated successfully (Yay!) 2Coin failed to validate (Back to the mines) Every RichCoin resource you obtain from the API has a “status” attribute. You can get a coin status of “2” due to many reasons. The exact reason is sent as an error code in the “reason” field (see next slide).

20 Error Codes Error CodeDescription 100100clientTimestamp was unacceptable. 100101Solution was incorrect. 100102Solution was isomorphic to an existing solution. 100103Solution was malformed. 100104Provided coin ID was invalid. 200100Database error. 200101Unexpected runtime error. Last 2 are not your fault. Send us an e-mail if you ever see them.

21 Common Errors/Mistakes Calling APIs without subscribing or without the API key Sending the API key in a wrong format – Must be sent in the Authorization header prefixed by the string “Bearer ” (there should be a space between “Bearer” and the API key) Getting the production and sandbox keys mixed up

22 Common Errors/Mistakes Invalid clientTimestamp value in the request to mint coins – Must be a UTC timestamp (Milliseconds elapsed since Unix epoch) – Make sure your clock is synchronized against some well-known time service Exceeding your throttling limit (per-minute, per-API quota)

23 Known Issues Location header on the response to /vault/1.0.0 is wrong. We are working on getting a more static hostname for the service endpoint. – Until then some changes may occur – Do not hardcode the hostnames to your apps yet API Console feature in API store doesn’t work. If you see any other weirdness, let us know asap.

24 Application Development Best Practices Log all important events and API calls. – With timestamps Keep local copies of the RichCoins mined. – Make a copy of the solution matrix before submitting to the bank “In large distributed systems, component failures are the norm rather than the exception.” – GGL03

25 Sample Client App We implemented an interactive tool to invoke and test the APIs – Implemented in Python – Can use as an example on how to call the API programmatically Simply add your API key to settings.yaml and fire away

26 AWS for RichCoin CS290B – Spring 2014 Alex Pucher

27 AWS for RichCoin Single account per group – Only EC2 and S3 – Limited to USD 100.0 per group – Using spot instances recommended You go over, you get nuked – You’ll get a warning (maybe) – Don’t store critical data on AWS

28 AWS for RichCoin You’ll receive: – Group account and password – AWS creds – EC2 Key pair – S3 bucket Must use your key pair and assigned bucket – Else, access is blocked

29 Disclaimers Policy enforcement questionable – Message if something doesn’t work but should – Stuff may disappear DO NOT store critical data on AWS https://richcoin.signin.aws.amazon.com/

30 Questions?

Download ppt "The First RichCoin Bank of Santa Barbara CS290B – Spring 2014 Hiranya – Alex – Chris – Emre - Stratos."

Similar presentations

Suchin Rengan Principal Technical Architect Salesforce.com

Suchin Rengan Principal Technical Architect Salesforce.com
Running Your Startup on Amazon Web Services Alex Iskold Founder/CEO AdaptiveBlue Feature Writer ReadWriteWeb.

Running Your Startup on Amazon Web Services Alex Iskold Founder/CEO AdaptiveBlue Feature Writer ReadWriteWeb.
Login to Top Hat Email Password Log In Need a Top hat Account – sign up here. I forgot my password You must log in first Display error Messages here.

Login to Top Hat Password Log In Need a Top hat Account – sign up here. I forgot my password You must log in first Display error Messages here.
Welcome to EXPRESS Your Online Enrollment Tool Guided Tour Please use the Navigation Buttons at the bottom of each screen to proceed through the tour and.

Welcome to EXPRESS Your Online Enrollment Tool Guided Tour Please use the Navigation Buttons at the bottom of each screen to proceed through the tour and.
Using the Self Service BMC Helpdesk

Using the Self Service BMC Helpdesk
Profile Support Team Setting Up Your User Account on Profile e-portfolio Click to progress through this tutorial.

Profile Support Team Setting Up Your User Account on Profile e-portfolio Click to progress through this tutorial.
Five Steps in 5 Minutes Close deals faster, more easily, more often! 1.Start a Quote: Input deal amounts and review the available lease options 2.Create.

Five Steps in 5 Minutes Close deals faster, more easily, more often! 1.Start a Quote: Input deal amounts and review the available lease options 2.Create.
Recruitment Booster.

Recruitment Booster.
FI-WARE Testbed Access Control temporary solution.

FI-WARE Testbed Access Control temporary solution.
OAuth 2.0 By “PJ” (JP on meetup.com) iOS and PHP developer, and occasional lawyer Contact me via:

OAuth 2.0 By “PJ” (JP on meetup.com) iOS and PHP developer, and occasional lawyer Contact me via:
- RichCoin Bank - Changes You Should Know About Hiranya – Alex – Stratos – Emre - Chris.

- RichCoin Bank - Changes You Should Know About Hiranya – Alex – Stratos – Emre - Chris.
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Introduction to Online Data Collection (OLDC) Community Based Abstinence Education September, 2009.

Introduction to Online Data Collection (OLDC) Community Based Abstinence Education September, 2009.
FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.
WebGoat & WebScarab “What is computer security for $1000 Alex?”

WebGoat & WebScarab “What is computer security for $1000 Alex?”
ASP.NET Programming with C# and SQL Server First Edition Chapter 8 Manipulating SQL Server Databases with ASP.NET.

ASP.NET Programming with C# and SQL Server First Edition Chapter 8 Manipulating SQL Server Databases with ASP.NET.
Getting Started with Pearson Mastering products This presentation is designed to help you get started with any of the following Pearson online technologies:

Getting Started with Pearson Mastering products This presentation is designed to help you get started with any of the following Pearson online technologies:
How to get your free Windows Store Access

How to get your free Windows Store Access
Service Broker Lesson 11. Skills Matrix Service Broker Service Broker, provides a solution to common problems with message delivery and consistency that.

Service Broker Lesson 11. Skills Matrix Service Broker Service Broker, provides a solution to common problems with message delivery and consistency that.
Setting up Email in Outlook Express. Select “Tools” from the toolbar menu.

Setting up in Outlook Express. Select “Tools” from the toolbar menu.

Similar presentations

Ads by Google