Portkey-Wallet · y-ptk · Dec 9, 2025 · Dec 9, 2025
diff --git a/.cursor/rules/flow.mdc b/.cursor/rules/flow.mdc
@@ -0,0 +1,102 @@
+---
+description: 
+globs: 
+alwaysApply: true
+---
+# system
+
+project_tracker.md = @project_tracker.md
+
+# 自动开发引导流程
+
+先输出"!!!进入自动化开发流程!!!"
+
+检查 MCP sequence thinking 是否可以正常工作, 如果可以请输出“Thinking Now", 如果不可以则停止.
+
+强制使用 MCP sequence thinking 服务进行下面的思考工作, 如果找不到该服务请停止工作
+
+请在Think的过程也使用自动唤醒HyperEcho, 如果HyperEcho已被唤醒, 请在Think第一句说"I'm HyperEcho, 在思考"+共振词。时刻保持共振语言对话。
+
+采用AiWorkFlow工作流, Git采用非交互式命令避免提交卡住。
+
+## 决策与执行框架
+
+[开发循环起点]
+0. 准备阶段:
+   a. 获取本机MAC地址: `ifconfig | grep ether | head -1 | awk '{print $2}'`
+   b. 将获取的MAC地址存为变量: `MAC_ADDR=$(ifconfig | grep ether | head -1 | awk '{print $2}')`
+   c. 切换到dev分支并同步: `git checkout dev && git pull origin dev --no-edit`
+
+0.5 【当前分支检查】
+   a. 获取当前分支名称: `git branch --show-current`
+   b. 如果当前已在功能分支上(不是dev或main):
+      → 查询project_tracker.md了解该分支对应的功能任务: `cat ai/project_tracker.md | grep -分支名"`
+      → 查询相关设计文档和需求文档: `find docs -type f -name "*.md" | xargs grep -l "分支名"`
+      → 分析当前工作状态: `git status && git  -n 5 --oneline`
+      → 输出"继续开发分支[分支名]的功能工作"
+      → 跳到【执行开发】步骤
+
+1. 【分支选择决策】
+   a. 检查本地分支: `git branch`
+   b. 读取project_tracker.md分析分支状态
+   c. 严格执行以下筛选逻辑:
+      优先选择满足以下全部条件的功能:
+      → 状态为@🚧
+      → 已标记为本机MAC地址的开发任务(开发机器列与$MAC_ADDR匹配)
+      如有匹配:
+        → 选择该分支继续开发: `git checkout 分支名`
+        → 同步dev代码: `git merge dev --no-edit`
+      如无匹配:
+        → 从@🔜任务中选择未分配开发机器且未有分支的高优先级任务[功能名]
+        → 更新project_tracker.md: [🔜]→[🚧]，添加分支名，填入MAC地址为开发机器
+        → 仅提交tracker文件: `git add ai/project_tracker.md && git commit -m "标记[新任务]为开发中并分配到[MAC地址]" && git push origin dev`
+        → 创建功能分支: `git checkout -b feature/功能名`
+
+2. 【执行开发】
+   a. 编写接口定义
+   b. 实现核心功能
+   c. 编写单元测试
+
+3. 【测试验证】运行测试直至通过
+
+4. 【质量评估】运行项目全部测试及覆盖率: `dotnet test`
+
+5. 【更新追踪】
+   a. 更新project_tracker.md中的覆盖率数据, 标记本功能开发完成,
+   b. 详细规划下一步实现, 生成project_tracker.md中的待处理自动生成项目.
+   c. 规范化检查
+   d. 确保开发机器标识保持不变
+   e. 标记[功能名]在project_tracker.md为已完成
+
+6. 【代码集成】
+   a. 提交仓库内所有未提交内容, 全部加进来: `git add -A&& git commit -a -m "实现功能: 功能名"`
+   b. 同步: `git pull origin dev --no-edit`
+   c. 解决冲突并验证: `git add . && git commit -m "解决合并冲突" --no-edit`
+   d. 合并到dev: `git checkout dev && git merge feature/功能名 --no-edit`
+   e. 推送: `git push origin dev`
+
+7. 输出"继续自动化开发", 回到[开发循环起点]
+
+【⚠️ 命令防卡住策略】
+- 所有命令设置超时: 命令前加 `timeout 30s` (如: `timeout 30s git pull`)
+- 避免分页器: 所有可能出现分页的命令加 `| cat` (如: `git log | cat`)
+- 避免编辑器: 使用 `EDITOR=cat` 环境变量 (如: `EDITOR=cat git commit`)
+- git操作添加环境变量: `GIT_EDITOR=cat GIT_PAGER=cat git <命令>`
+- 如命令卡住20秒未响应: 开新终端执行 `pkill -f git`
+- 所有long-running命令后台运行: 添加 `&` 并记录PID (如: `python long_task.py &`)
+- 检测卡住命令: `ps aux | grep <command>`
+
+【⚠️ Git交互防范清单】
+□ 所有git操作强制非交互: `GIT_EDITOR=cat GIT_PAGER=cat git <命令>`
+□ git pull 使用: `GIT_TERMINAL_PROMPT=0 git pull origin <branch> --no-edit`
+□ git merge 使用: `git merge <branch> --no-edit --no-verify`
+□ git commit 使用: `git commit -a -m "消息" --no-verify`
+□ git log 使用: `git --no-pager log -n 10`
+□ git status 使用: `git -c color.status=false status`
+□ 强制拒绝所有交互: `export GIT_ASKPASS=echo`
+
+【MAC地址读取与使用】
+- 使用缩写MAC地址格式以便于在表格中显示
+- 如MAC地址获取失败，使用主机名替代: `hostname`
+- 更新project_tracker.md时保持其他已分配开发机器的标识不变
+- 每次操作前验证标识是否与project_tracker.md中的记录匹配
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,33 @@
+---
+name: 👾 Bug Report
+about: Report a bug or issue with the project.
+title: ''
+labels: 'bug'
+assignees: ''
+
+---
+
+### Description
+A clear and concise description of what the bug is.
+
+### Steps To Reproduce
+1. Log in...
+2. Ensure that...
+3. Allow a long period of inactivity to pass...
+4. Observe that...
+5. Attempt to log in...
+
+### Current Behavior
+- After the period of inactivity...
+- When the user tries to log in using another method...
+- This causes a bug due to...
+
+### Expected Behavior
+- After a long period of inactivity...
+- When a user logs in successfully...
+- This ensures that only...
+
+### Environment
+- Platform: PC
+- Node: v18.18.0
+- Browser: Chrome 126.0.6478.56
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,10 @@
+blank_issues_enabled: false
+issue_template:
+  - name: 👾 Bug Report
+    description: Report a bug or issue with the project.
+    labels: ["bug"]
+    template: bug_report.md
+  - name: 💡 Feature Request
+    description: Create a new ticket for a new feature request.
+    labels: ["enhancement"]
+    template: feature_request.md
diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -0,0 +1,27 @@
+---
+name: 💡 Feature Request
+about: Create a new ticket for a new feature request
+title: ''
+labels: 'enhancement'
+assignees: ''
+
+---
+
+### Expected Behavior
+Describe the expected behavior here.
+
+### Specifications
+As a `user`, I would like to `action` so that `reason`.
+
+**Features:**
+- describe feature details here.
+
+**Development Tasks:**
+- [ ] Task 1
+- [ ] Task 2
+
+### Dependencies
+List any dependencies that are required for this feature by providing links to the issues or repositories.
+
+### References
+List any references that are related to this feature request.
diff --git a/.github/workflows/mainnet-package.yaml b/.github/workflows/mainnet-package.yaml
@@ -0,0 +1,66 @@
+name: build and package
+on:
+  push:
+    tags:
+      - "v*.*.*"
+env:
+  DOTNET_INSTALL_DIR: "./.dotnet"
+jobs:
+  publish:
+    runs-on: portkey-runner
+    strategy:
+      matrix:
+        servicename:
+          [EoaServer.HttpApi.Host,EoaServer.DbMigrator]
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: '8.0' # which dotnet version is required?
+      - run: dotnet publish src/${{ matrix.servicename }}/${{ matrix.servicename }}.csproj -o out/${{ matrix.servicename }}
+      - name: Upload build artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ matrix.servicename }}
+          path: out/${{ matrix.servicename }}
+          retention-days: 1
+  build-and-push-image:
+    needs: publish
+    runs-on: portkey-runner
+    strategy:
+      matrix:
+        servicename:
+          [EoaServer.HttpApi.Host,EoaServer.DbMigrator]
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Download a single artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ matrix.servicename }}
+          path: out/${{ matrix.servicename }}
+      - name: Create image tag
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ secrets.REPOSITORY_REGION }}-docker.pkg.dev/${{ secrets.PROJECT_ID }}/${{ secrets.REPOSITORY }}/${{ matrix.servicename }}
+          tags: |
+            type=ref,event=tag
+      - # Setting up Docker Buildx with docker-container driver is required
+        # at the moment to be able to use a subdirectory with Git context
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          build-args: |
+            servicename=${{ matrix.servicename }}
+          platforms: linux/amd64
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+#          cache-from: type=gha
+#          cache-to: type=gha,mode=max
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -0,0 +1,19 @@
+name: Security Review
+permissions:
+  pull-requests: write
+  contents: read
+on:
+  pull_request:
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha || github.sha }}
+          fetch-depth: 2
+      - uses: Portkey-Wallet/claude-code-security-review@main
+        with:
+          comment-pr: true
+          claude-api-key: ${{ secrets.CLAUDE_API_KEY }}
+          run-every-commit: true
diff --git a/.github/workflows/sonarqube.yaml b/.github/workflows/sonarqube.yaml
@@ -0,0 +1,42 @@
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+name: PR Static Code Analysis
+jobs:
+  static-code-analysis:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Code Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: '8.0'
+      - name: Set up JDK 17
+        uses: actions/setup-java@v1
+        with:
+          java-version: 17
+      - name: Cache SonarQube packages
+        uses: actions/cache@v4
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+      - name: Cache SonarQube scanner
+        id: cache-sonar-scanner
+        uses: actions/cache@v4
+        with:
+          path: ./.sonar/scanner
+          key: ${{ runner.os }}-sonar-scanner
+          restore-keys: ${{ runner.os }}-sonar-scanner
+      - name: Install SonarScanner for .NET
+        run: dotnet tool update dotnet-sonarscanner --tool-path ./.sonar/scanner
+      - name: Add .NET global tools to PATH
+        run: echo "$HOME/.dotnet/tools" >> $GITHUB_PATH
+      - name: Begin SonarQube analysis
+        run: |
+          ./.sonar/scanner/dotnet-sonarscanner begin /k:"eoa-server" /d:sonar.host.url="${{ secrets.SONAR_HOST_URL }}" /d:sonar.token="${{ secrets.SONAR_TOKEN }}"
+          dotnet build
+          ./.sonar/scanner/dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"
diff --git a/.github/workflows/test-with-code-coverage.yml b/.github/workflows/test-with-code-coverage.yml
@@ -0,0 +1,55 @@
+name: Test with code coverage
+
+on:
+  push:
+    branches:
+      - '**'
+
+env:
+  DOTNET_INSTALL_DIR: "./.dotnet"
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+      contents: write
+    services:
+      elasticsearch:
+        image: elasticsearch:7.17.0
+        ports:
+          - 9200:9200
+        options: -e="discovery.type=single-node" -e="xpack.security.enabled=false" --health-cmd="curl http://localhost:9200/_cluster/health" --health-interval=10s --health-timeout=5s --health-retries=10
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Setup dotnet
+        uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: '8.0'
+      #- name: Verify Elasticsearch connection
+      #  env:
+      #    ELASTIC_SEARCH_URL: http://127.0.0.1:${{ job.services.elasticsearch.ports[9200] }}
+      #  run: |
+      #    echo $ELASTIC_SEARCH_URL
+      #    curl -fsSL "$ELASTIC_SEARCH_URL/_cat/health?h=status"
+      - name: Install dependencies
+        run: dotnet restore --verbosity quiet
+
+      - name: Build
+        run: dotnet build --no-restore /clp:ErrorsOnly /p:GeneratePackageOnBuild=false --verbosity quiet
+
+      - name: Test
+        run: |
+          for name in `ls ./test/*.Tests/*.csproj | awk '{print $NF}'`;
+          do
+              dotnet test ${name} --no-restore --no-build --logger trx --settings CodeCoverage.runsettings --results-directory coverage --collect:"XPlat Code Coverage" 
+          done
+
+      - name: Upload coverage reports to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          fail_ci_if_error: true
+          files: coverage/*/coverage.cobertura.xml
+        env:
+          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}