discounting the lowest risks

To learn why a Funding Rate is needed in the Perpetual Futures Market, please review the section detailing the market.

抵押金

爆仓价格

情景3：用户的头寸为100 BTC, 名义价值为1,000,000 USDT

强行价格: 10,000 - 41,300/20 = 9,587

强行价格: 10,000 - 49,800/5 = 40

账户抵押金下降到维持保证金

Let’s follow the 3rd scenario from the 20x leverage (default) case in the previous section.

imagine the maintenance margin is 30 percent

Different DeFi projects have taken different approaches to implementing this oracle, but they can generally all be classified in one of five ways

storageRoot

parity

Here is the extended code for getting a node in the Merkle Patricia trie:

first nibble

[ f, 1, c, b, 8, 10]

[ 0, f, 1, c, b, 8, 10]

[ 1, 2, 3, 4, 5, ...]

[ 0, 1, 2, 3, 4, 5, ...]

a kilobyte of extra space to store one level per character

This middleware is executed after router processes the request

Handler is processed in the end after all middleware are finished executing.

So what is the benefit of this strange kind of hashing algorithm? Why not just concatenate all the chunks together into a single big chunk and use a regular hashing algorithm on that? The answer is that it allows for a neat mechanism known as Merkle proofs:

For example, summing two numbers costs 3 gas. Multiplying them costs 5 gas. Storing a 256bit word into the blockchain costs 20000 gas, which means storing 1kb of data costs 640000 gas.

For more on objects and prototypes see Object.prototype. For an explanation of object prototypes and the object prototype chains see Inheritance and the prototype chain.

We have introduced another keyword: new. new is strongly related to this. It creates a brand new empty object, and then calls the function specified, with this set to that new object.

Person.prototype is an object shared by all instances of Person

constructor functions

A type switch is a construct that permits several type assertions in series.

An empty interface may hold values of any type

the empty interface

An interface value

Every type implements at least zero methods.

Closing a Short Position means a trader is buying Shares of an Outcome they are short on

two ways: by selling the Shares they hold to another trader in exchange for Ether, or by Settling their Shares with Augur’s smart contracts.

Create Complete Set

Direct Trade

Note that Bob could have also wanted to sell 1 SHARE of A for 0.8 ETH, which would have been a “Ask Outcome A, 1 SHARE for 0.8 ETH”. This would have had created the same result as shown above, even though he has no SHARES.

代码设计模式

provider is a service that handles the authentication of an identity

// As the body of request can't be parsed twice in Play we should force // to parse empty body for UserAwareAction

An endpoint in Play is either an Action or a WebSocket and Silhouette provides mechanisms to secure both of them.

In Silhouette a provider is a service that handles the authentication of an identity.

Events

It can be stateless with the disadvantages that the JWT can’t be invalidated.

Authenticator

stores only some data

Authenticator

Identity

provider

Authenticator

Identity

注意，经过上面的设置，无法调节系统的声音大小了。等用完了录屏的需求，可以按下面的操作恢复系统音量调节的功能。

类之间的关系是我们需要关注的

Heap memory is used by all the parts of the application whereas stack memory is used only by one thread of execution.

Java is pass by value

stack memory contains the reference for it

The current thread must own this object's monitor. The thread releases ownership of this monitor and waits until another thread notifies threads waiting on this object's monitor to wake up either through a call to the notify method or the notifyAll method. The thread then waits until it can re-obtain ownership of the monitor and resumes execution.

Telescope system on moon， 有100 telescopes， 天文学家可以用它们拍照观测，每个观测任务可能会要couple hours和地球通信只能用radio signal，latency会很高；设计系统manage Telescopes, 要fault tolerant，任务调度，deploy update思路：类似long distance data center的manage， moon上多台app server负责控制telescope，每台server会与地球的master用radio作为heartbeat通信；如何deployupdate时，选一台active server发送file，然后分chunk，在moon上peer to peer的用gossip传播update

signing identities

Developer ID certificate

All team members can create their own development certificate. Only a team agent or admin can create a distribution certificate.

Code signing is used in combination with your App ID, provisioning profile, and entitlements

Certificate

content-addressable filesystem

This model of microservices that register themselves to a global registry will have a lot of advantages when it comes to building one or multiple applications using a microservice architectural approach. Eureka on its own won't have that much of use, but as you'll see in the future blogposts, Eureka will be the key element to locate all of our microservices.

effort and reward are completely uncorrelated

推送流程

我的群组列表

Any

unique numbered tag

Server RPC interfaces started to be declared as part of protocol files, with the protocol compiler generating stub classes that users could override with actual implementations of the server's interface.

Java, C++, Python, Java Lite, Ruby, JavaScript, Objective-C, and C#

for serializing structured data

computeClient.add(10, 20)

If omitted, the protocol buffer compiler generates a warning and "proto2" is used as the default. This warning will be turned into an error in a future release.

Course.parseFrom(protobufStream)

    @Bean    ProtobufHttpMessageConverter protobufHttpMessageConverter() {        return new ProtobufHttpMessageConverter();    }

Feign is a handy project from Netflix that lets you describe a REST API client declaratively with annotations on an interface.

http://ACCOUNTS-SERVICE"

@EnableDiscoveryClient

@EnableDiscoveryClient

Qualifier

User DataSource User EntityManagerFactory (userEntityManager) User TransactionManager (userTransactionManager)

private JdbcTemplate mysqlTemplate;

IaaS

Spring Security 提供了对访问控制列表（Access Control List，ACL）的支持，可以很方便的对不同的领域对象设置针对不同用户的权限

the instance of the recurring event that needs to be set as an exception

Reminders are alarms triggered at a specified time before an event starts. Notifications allow users to find out about changes to events in their calendar.

Calendars

CalendarList

They can occur between two specific points in time (timed) or span a consecutive series of days (all-day).

Calendars can have multiple owners.

has the team calendar as an organizer

Susan's calendar list includes her primary calendar as well as calendars for her team and cello lessons.

4fc39ce3-63b3-4e17-b1c4-5e1ed96fb021

Custom RedisSerializer

maxInactiveIntervalInSeconds

It is important to note that no infrastructure for session expirations is configured for you out of the box. This is because things like session expiration are highly implementation dependent. This means if you require cleaning up expired sessions, you are responsible for cleaning up the expired sessions.

A SessionRepository is in charge of creating, retrieving, and persisting Session instances.

ExpiringSession

This section describes how Spring Session provides transparent integration with HttpSession. The intent is so that user’s can understand what is happening under the covers. This functionality is already integrated and you do NOT need to implement this logic yourself.

By passing in a custom HttpServletRequest implementation into the FilterChain we ensure that anything invoked after our Filter uses the custom HttpSession implementation.

SessionRepositoryRequestWrapper

SessionRepositoryFilter

the Spring Bean by the name springSessionRepositoryFilter is registered with our Servlet Container for every request.

EnableRedisHttpSession

<listener-class>com.mkyong.SessionCounterListener</listener-class>

This guide describes how to use Spring Session to manage multiple simultaneous browser sessions (i.e Google Accounts).

We customize Spring Session’s HttpSession integration to use HTTP headers to convey the current session information instead of cookies.

It is extremely important that Spring Session’s springSessionRepositoryFilter is invoked before Spring Security’s springSecurityFilterChain.

Multiple UI Applications and a Gateway

Here we show how to use Spring Security OAuth together with Spring Cloud to extend our API Gateway to do Single Sign On and OAuth2 token authentication to backend resources.

First the UI server, declaring explicitly that we want all headers to be forwarded (i.e. none are "sensitive"):

Here we show how to build an API Gateway to control the authentication and access to the backend resources using Spring Cloud.

The Resource Server

The Login Page

A Secure Single Page Application

Here we show how to write and run unit tests for the client-side code using the Javascript test framework Jasmine.

Here we show how to modularize the client-side code, and how to use "nice" URL paths without the fragment notation (e.g. "/#/login") which Angular uses by default, but most users dislike.

a UI (HTML and JavaScript) and a Resource server

extracting the authentication responsibilities to a separate server (the Single Sign On pattern).

Cookies

Remember from Part II of this series that Spring Security uses the HttpSession to store authentication data by default. It doesn’t interact directly with the session though: there’s an abstraction layer (SecurityContextRepository) in between that you can use to change the storage backend. If we can point that repository, in our resource server, to a store with an authentication verified by our UI, then we have a way to share authentication between the two servers. The UI server already has such a store (the HttpSession), so if we can distribute that store and open it up to the resource server, we have most of a solution.

Here we start by breaking out the "greeting" resource that we are using as the dynamic content in our application into a separate server, first as an unprotected resource, and then protected by an opaque token.

The HTML resources need to be available to anonymous users, not just ignored by Spring Security, for reasons that will become clear.

$rootScope.authenticated

So, even though the resource is protected and you can’t curl it directly, the browser was able to access the content.

but it is best practice for a production application to consolidate scripts to avoid chatter between the browser and the server (or content delivery network).

XHR

The header is not automatically sent, so the origin is under control.

self.login

var authenticate

实时消息回调

需要回调的类型，目前有两种消息类型可以回调（chat 和 chat_offline）。

* chat 上行消息 
* chat_offline 离线消息

消息历史记录只会保留14天

客户端通过环信服务器进行通信

Secure REST Services Using Spring Security

persistence.xml files should provide a unique name for each "persistence unit". Applications use this name to reference the configuration when obtaining an `javax.persistence.EntityManagerFactory reference.

SecurityContextRepository

If a valid SecurityContext cannot be obtained from the HttpSession for whatever reason

为什么需要两次获取凭证，而不是直接用户授权拿到凭证后就直接获取资源呢

Servlet 容器

Watch out for Unsynchronized Entities

removeByLastname

deleteByLastname

A persistence context is a set of entity instances in which for any persistent entity identity there is a unique entity instance

unit of work

There are two main approaches to design of persistence APIs

representing a conversation between the application and the persistent store

The key to the whole business is the mapping: Which field and which class matches which column and which table.

5 mismatch problems

Persistence simply means that we would like our application’s data to outlive the applications process.

construct a Tree (for the User example) from scratch

Tree Model