d-bis/gru_emoney_token-factory
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
15fbc537be57d3fa737cf8fee971f71d869149ab
gru_emoney_token-factory/api/IMPLEMENTATION_STATUS.md
defiQUG 6915dbd319 Add API implementation status documentation
2025-12-12 11:00:30 -08:00

8.9 KiB
Raw Blame History

API Implementation Status

Overview

This document tracks the implementation status of the eMoney Token Factory API surface according to the implementation plan.

Completed Phases

Phase 1: Canonical Schema Foundation

  • JSON Schema registry with all core entities (Token, Lien, ComplianceProfile, Trigger, etc.)
  • Enum definitions (ReasonCodes, TriggerStates, Rails, LienModes)
  • ISO-20022 mapping schemas
  • Schema validation library using Ajv

Phase 2: OpenAPI 3.1 Specification

  • Complete API specification with all endpoints
  • Security schemes (OAuth2, mTLS, API key)
  • Request/response schemas
  • Error handling definitions

Phase 3: GraphQL Schema

  • Complete schema with queries, mutations, subscriptions
  • Type definitions matching canonical schemas

Phase 4: AsyncAPI Specification

  • Event bus contract with all channels
  • Event envelope definitions
  • Kafka/NATS bindings

Phase 5: gRPC/Protobuf Definitions

  • Orchestrator, adapter, and packet service definitions

Phase 6: REST API Implementation

  • Server structure with Express
  • All route definitions (tokens, liens, compliance, mappings, triggers, ISO, packets, bridge)
  • All controllers implemented
  • All services implemented with blockchain integration
  • Middleware (auth, RBAC, idempotency, error handling)
  • Blockchain client with full contract interaction layer

Services Implemented:

  • Token Service (deploy, list, get, update policy, mint, burn, clawback, force-transfer)
  • Lien Service (place, reduce, release, get, list, account liens, encumbrance)
  • Compliance Service (get profile, set compliance, set frozen, set tier, set jurisdiction)
  • Mapping Service (link/unlink account-wallet, get mappings, provider connect)
  • Trigger Service (get, list, validate-and-lock, mark-submitted, confirm-settled/rejected)
  • ISO Service (submit inbound/outbound messages)
  • Packet Service (generate, get, list, download, dispatch, acknowledge)
  • Bridge Service (lock, unlock, get lock status, get corridors)

Blockchain Integration:

  • Complete BlockchainClient with all contract interactions
  • TokenFactory138 operations
  • DebtRegistry operations
  • ComplianceRegistry operations
  • PolicyManager operations
  • BridgeVault operations
  • ERC20 token operations

Phase 7: GraphQL Implementation

  • Apollo Server setup
  • All query resolvers implemented
  • All mutation resolvers implemented
  • Subscription resolvers connected to event bus
  • WebSocket subscriptions support

Phase 8: Event Bus & Webhooks

  • Event bus client (Kafka/NATS)
  • Webhook service with retry logic
  • Webhook management API
  • Dead letter queue support

Phase 9: Orchestrator & ISO-20022 Router

  • Trigger state machine
  • ISO-20022 message normalization
  • Router service with message type mapping

Phase 10: Packet Service

  • Packet generation service
  • PDF/AS4/Email dispatch
  • Acknowledgement tracking

Phase 11: Mapping Service

  • Account-wallet link/unlink
  • Provider integration support
  • Bidirectional lookup endpoints

Phase 12: Postman Collections

  • Complete collection with all API endpoints
  • Pre-request scripts for OAuth2 and idempotency
  • Environment configurations (dev, staging, prod)

Phase 13: SDK Generation

  • OpenAPI generator tooling
  • SDK generation scripts
  • TypeScript SDK template with GraphQL support
  • Generation configurations for Python, Go, Java

Phase 14: Mock Servers & Testing

  • Prism-based REST API mock server
  • GraphQL mock server
  • Rail simulator (Fedwire/SWIFT/SEPA/RTGS)
  • Packet simulator (AS4/Email)
  • Integration test suite
  • Contract validation tests

Phase 15: Documentation & Governance

  • Integration cookbook
  • Error catalog
  • ISO-20022 handbook
  • Versioning policy
  • Swagger UI documentation

Implementation Details

REST API Endpoints

All endpoints from the OpenAPI specification are implemented:

Tokens (/v1/tokens):

  • POST / - Deploy token
  • GET / - List tokens
  • GET /:code - Get token
  • PATCH /:code/policy - Update policy
  • POST /:code/mint - Mint tokens
  • POST /:code/burn - Burn tokens
  • POST /:code/clawback - Clawback tokens
  • POST /:code/force-transfer - Force transfer

Liens (/v1/liens):

  • POST / - Place lien
  • GET / - List liens
  • GET /:lienId - Get lien
  • PATCH /:lienId - Reduce lien
  • DELETE /:lienId - Release lien
  • GET /accounts/:accountRefId/liens - Get account liens
  • GET /accounts/:accountRefId/encumbrance - Get encumbrance

Compliance (/v1/compliance):

  • PUT /accounts/:accountRefId - Set account compliance
  • GET /accounts/:accountRefId - Get account compliance
  • PUT /accounts/:accountRefId/freeze - Set freeze
  • PUT /accounts/:accountRefId/tier - Set tier
  • PUT /accounts/:accountRefId/jurisdiction - Set jurisdiction
  • Similar endpoints for wallets

Mappings (/v1/mappings):

  • POST /account-wallet/link - Link account-wallet
  • POST /account-wallet/unlink - Unlink account-wallet
  • GET /accounts/:accountRefId/wallets - Get account wallets
  • GET /wallets/:walletRefId/accounts - Get wallet accounts
  • POST /providers/:provider/connect - Connect provider
  • GET /providers/:provider/connections/:connectionId/status - Get provider status

Triggers (/v1/triggers):

  • GET / - List triggers
  • GET /:triggerId - Get trigger
  • POST /:triggerId/validate-and-lock - Validate and lock
  • POST /:triggerId/mark-submitted - Mark submitted
  • POST /:triggerId/confirm-settled - Confirm settled
  • POST /:triggerId/confirm-rejected - Confirm rejected

ISO (/v1/iso):

  • POST /inbound - Submit inbound message
  • POST /outbound - Submit outbound message

Packets (/v1/packets):

  • POST / - Generate packet
  • GET / - List packets
  • GET /:packetId - Get packet
  • GET /:packetId/download - Download packet
  • POST /:packetId/dispatch - Dispatch packet
  • POST /:packetId/ack - Acknowledge packet

Bridge (/v1/bridge):

  • POST /lock - Lock tokens
  • POST /unlock - Unlock tokens
  • GET /locks/:lockId - Get lock status
  • GET /corridors - Get corridors

GraphQL API

All queries, mutations, and subscriptions from the GraphQL schema are implemented:

Queries:

  • token(code: String!) - Get token
  • tokens(filters, paging) - List tokens
  • lien(lienId: ID!) - Get lien
  • liens(filters, paging) - List liens
  • accountLiens(accountRefId: ID!) - Get account liens
  • accountEncumbrance(accountRefId: ID!) - Get encumbrance
  • compliance(refId: ID!) - Get compliance
  • account(refId: ID!) - Get account with nested data
  • wallet(refId: ID!) - Get wallet
  • trigger(triggerId: ID!) - Get trigger with packets
  • triggers(filters, paging) - List triggers
  • packet(packetId: ID!) - Get packet
  • packets(filters, paging) - List packets
  • bridgeLock(lockId: ID!) - Get bridge lock
  • bridgeCorridors - Get corridors

Mutations:

  • All REST operations mirrored as mutations
  • deployToken, updateTokenPolicy, mintToken, burnToken, etc.
  • placeLien, reduceLien, releaseLien
  • setCompliance, setFreeze
  • linkAccountWallet, unlinkAccountWallet
  • submitInboundMessage, submitOutboundMessage
  • validateAndLockTrigger, markTriggerSubmitted, etc.
  • generatePacket, dispatchPacket, acknowledgePacket
  • bridgeLock, bridgeUnlock

Subscriptions:

  • onTriggerStateChanged(triggerId: ID!)
  • onTriggerCreated
  • onLienChanged(debtorRefId: ID!)
  • onLienPlaced, onLienReleased
  • onPacketStatusChanged(packetId: ID!)
  • onPacketDispatched, onPacketAcknowledged
  • onComplianceChanged(refId: ID!)
  • onFreezeChanged(refId: ID!)
  • onPolicyUpdated(token: String!)

Package Manager

pnpm is now the default package manager:

  • Workspace configuration (pnpm-workspace.yaml)
  • All documentation updated to use pnpm
  • All scripts updated to use pnpm
  • Dockerfiles updated to use pnpm
  • Makefiles updated to use pnpm

Next Steps

  1. Database Integration: Replace in-memory stores with database (PostgreSQL/MongoDB)
  2. Event Indexing: Implement blockchain event indexing for off-chain state
  3. Enhanced Error Handling: Map Solidity reason codes to HTTP status codes
  4. Rate Limiting: Implement rate limiting middleware
  5. Request Logging: Add comprehensive request/response logging
  6. Metrics & Observability: Add OpenTelemetry integration
  7. Testing: Expand integration and unit tests
  8. Production Deployment: Configure for production environments

Notes

  • In-memory stores are used for development/testing. Production should use persistent databases.
  • Blockchain client requires contract addresses via environment variables.
  • Some services have placeholder implementations that should be enhanced with actual business logic.
  • GraphQL resolvers delegate to REST service layer for consistency.
Reference in New Issue View Git Blame Copy Permalink