Andres Gutierrez Application
The issue related to verification was due to the configuration of a valid email provider for sending emails. This involved changing the values either in the emailer service in the backend or in the environment variables.
Note
Regarding sensitive information exposed in environment variables such as API keys, improvements were made both in the backend (DB, emailer, etc.) and in the frontend (firebaseConfig), as can be seen in the repository commits.
The current Ethereum price is added to the profile page by querying the asset and position in the WalletPortfolio view through props.tokensInfo. This was facilitated by adding the Ethereum network to the wallet table.
Note
Design patterns or database-driven dynamism could be applied to optimize blockchain network scaling.
Integrating WalletConnect functionality enables secure communication between wallets and Dapps. WalletConnect establishes a remote connection between two apps/devices, with data transmitted through a bridge server. The connection is initiated by one peer displaying a QR Code or deep link with a standard WalletConnect URI and is established when the counter-party approves the connection request.
Components: A "Connect with WalletConnect" button has been added to the wallet profile page. Evidence of the implementation can be found in repo commit and provided video.
Example URI: wc:e0d3bcf6-6727-4103-89a2-2d1ba7cd727b@1?bridge=https%3A%2F%2F3.bridge.walletconnect.org&key=8e5ed284153adab543b75f25093878593768eacfd618c5484b7d2987bb5fb9d6
Note
GENERAL: Remember to execute the updated scripts (new_mgldefi.sql) from the database to simulate the changes. Using the root user in MySQL is discouraged due to security risks. It's best practice to create separate users with specific permissions for each database task. This adheres to the principle of least privilege, enhances security, facilitates auditing, isolates system components, and simplifies scalability and maintenance. Storing credentials securely in a .env file adds an extra layer of protection against unauthorized access. For the operational convenience of the application, I've decided to retain the .env file within the project. it's important to upholding robust security practices, including the creation of distinct MySQL users with limited privileges:
-- Create a new user
CREATE USER 'myuser'@'localhost' IDENTIFIED BY 'mypassword';
-- Grant permissions to the user on a specific database
GRANT SELECT, INSERT, UPDATE, DELETE ON mydatabase.* TO 'myuser'@'localhost';
-- Flush privileges to apply changes
FLUSH PRIVILEGES;