828 Matching Annotations
  1. Jun 2023
    1. Only by unblinding the returned signed blinded data, the signature can be extracted.

      only those who can unblind the data can get the sig from coordinator?

      nice guaranty, but why?

      最简单的,通过公钥加密就能实现这一点,coordinator 将 sig 使用 user 的公钥加密,这样,只有拥有私钥的人才能获得 sig,而这个私钥也用于 data 的 blind 过程

    2. submits a to-be-funded address alongside the coordinator's signature and the unblinded ticket.

      这一步不会暴露 A 地址么?

      根据 blind signature 的原理,不会,因为这一步提交的是信件的内容,而前面提交的是信封✉️,两者在外部人员看来,无法建立联系

    1. ```

      ethers.utils.RLP.encode(["0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045", ethers.utils.stripZeros(ethers.utils.arrayify(0x0)) ]) '0xd694d8da6bf26964af9d7eed9e03e53415d37aa9604580'

      ✗ cast keccak 0xd694d8da6bf26964af9d7eed9e03e53415d37aa9604580 0xabb18b93dff3ee19c50127123e4ea2156166390f880071d94458efb098473311 ```


    1. An Application Binary Interface (ABI) is a collection of Fragments which specify how to interact with various components of a Contract.

      difference btw. ABI & Fragments & Interface ?

      ABI is a collection of Fragments

      and fragment is?<br /> fragment is a piece of definition of function/event/error/constructor

      and fragment vs interface?<br /> interface is a collection of Fragments<br /> interface is ABI

      ``` const ABI = [ // Constructor "constructor(address ens)",

      // Constant functions (pure or view) "function balanceOf(address owner) view returns (uint)",

      // State-mutating functions (payable or non-payable) "function mint(uint amount) payable", "function transfer(address to, uint amount) returns (bool)",

      // Events "event Transfer(address indexed from, address indexed to, uint amount)",

      // Errors "error InsufficientFunds(address from, uint balance)", ] ```

    1. AbiCoder: encode/decode btw. types and binary data

    2. Most developers will never need to use this class directly, since the Interface class greatly simplifies these operations.

      AbiCoder vs Interface


    1. After the verification passes, the batch of transactions is considered final like any other Ethereum transaction
  2. Apr 2023
  3. Jul 2021
    1. The state in Ethereum essentially consists of a key-value map, where the keys are addresses and the values are account declarations, listing the balance, nonce, code and storage for each account (where the storage is itself a tree).

      state in eth: a k-v map

      • key: address
      • value: account infos:
        • balance
        • nonce
        • code
        • storage (which itself is another tree)
  4. Apr 2021
    1. formatEther
      ethers.utils.formatEther(await vault.totalSupply())
    1. a.addUint(b); meaning a is passed automatically as first argument to the library function.
      using count for uint;
      // equal
      count.addUint(a, b)

      看起来 using for 就是个语法糖🍬

    2. The using A for B; directive means we attach library functions( from the library A to any type B). When this happens, these functions will receive the object they are called on as their first parameter
      using A for typeB;
      typeB.fooFunc(1) => A.fooFunc(typeB, 1)
    3. then the library doesn’t need to be deployed


      不部署 library 的代码从哪儿来?

    1. If a smart contract is consuming a library which have only internal functions than EVM simply embeds library into the contract.

      ? 没看懂

  5. Mar 2021
    1. A records

      对于普通的 Service, A 记录对应的形式是 svc-name.namesapce.svc.cluster-domain.example, 指向 service 的 cluster ip

      headless service 没有 cluster ip,指向的直接是 service 匡选的 pods 对应的 IPs

      svc.cluster-domain.example 是什么东西?

      这个是 DNS search list

    1. seems a interesting talk on k8s

      听了一半,这里的 Builders and Operators 指的是运维而非 k8s controller 里的 operator,以后有机会再看看吧

      配合自己用 kubeadm 部署一个 cluster 可能不错

    1. isCA: false

      certificate as CA?

      啥意思,证书可以作为 CA 去签其他证书?

      CA 本质上就是一个证书(包含一对公私钥),公钥用来表示自己,私钥用来签名

  6. Jan 2021
    1. Understand how CMD and ENTRYPOINT interact


    1. This will make GitOps more natural as data sources and dashboards can be defined via files that can be version controlled. We hope to extend this system to later add support for users, orgs and alerts as well.


      • data source
      • dashboards

      not support yet:

      • users
      • orgs
      • alerts
    1. labelmap: Match regex against all label names. Then copy the values of the matching labels to label names given by replacement with match group references (${1}, ${2}, …) in replacement substituted by their value.
        - action: labelmap
          regex: __meta_kubernetes_service_label_(.+)
          // all __meta_kubernetes_service_label_(.+) will be changed to the (.+)
          // e.g. 
          //        __meta_kubernetes_service_label_app='armada-api'        
          // to
          //        app='armada-api'

      from https://gist.github.com/reachlin/a98b90afcbff4604c90c183a0169474f#file-prometheus-yml-L43-L46

    2. role types

      roles types for kubernetes_sd_config:

      • node
      • service
      • pod
      • endpoints
      • ingress
    1. Auth Proxy Authentication

      seems related to Kalm integrating PLG (Promtail Loki Grafana)

    1. Finally, to jump up to a full blown audit node, we recommend the following specs:A solid state drive (SSD) of 8 TBAt least 32 GB of RAMIntel i7 or equivalent

      8TB 的 SSD,有点儿夸张。。。

  7. Dec 2020
    1. KubeSail.com can also forward kube-api and Ingress traffic to your cluster! This allows you to host internet-facing applications on your cluster, even if it does not have a reliable static IP address, and without having to forward ports. HTTPS traffic is kept secure and encrypted from the internet all the way to your cluster's applications - it's never decrypted by KubeSail (or the KubeSail agent).


    1. 哈哈哈,就从评价和标记都没了这点,就知道这部电影可以一看

    1. p.eft is the effect for a policy, it can be allow or deny

      eft == effect


    1. 设置 networkservice DHCP


      sudo networksetup -setdhcp Wi-Fi
      networksetup -setdnsservers Wi-Fi


      networksetup -setmanual Wi-Fi 255.255
      networksetup -setdnsservers Wi-Fi
    1. You can change default privileges only for objects that will be created by yourself or by roles that you are a member of.


      # ERROR: must be member of role "bfd"
    1. Sometimes, applications are temporarily unable to serve traffic. For example, an application might need to load large data or configuration files during startup, or depend on external services after startup. In such cases, you don't want to kill the application, but you don't want to send it requests either. Kubernetes provides readiness probes to detect and mitigate these situations. A pod with containers reporting that they are not ready does not receive traffic through Kubernetes Services.

      alive but not ready for requests

    1. All DNS servers fall into one of four categories: Recursive resolvers, root nameservers, TLD nameservers, and authoritative nameservers.

      4 types of DNS Server:

      • Recursive Solver
      • root NS
      • TLD NS
      • authoritative nameservers
    1. time-to-live (TTL)

      TTL for cache

    2. the .com Top-Level Domain (TLD)

      TLD: Top Level Domain

    3. recursive resolver

      recursive resolver, 这是个什么鬼?

    1. The authoritative name servers that serve the DNS root zone, commonly known as the “root servers”, are a network of hundreds of servers in many countries around the world. They are configured in the DNS root zone as 13 named authorities


      13 个 root servers

    1. DeferredDiscoveryRESTMapper

      There are multiple different implementations of the RESTMapper interface. The most important one for client applications is the discovery-based DeferredDiscoveryRESTMapper in the package k8s.io/client-go/restmapper: it uses discovery information from the Kubernetes API server to dynamically build up the REST mapping. It will also work with non-core resources like custom resources.

      From: programming kubernetes