My team and I have been working on a NFT distribution app utilizing the flow blockchain. We have everything working and are ready for our first event but I am having a very difficult time getting everything setup on mainnet. It is working great on testnet but I am stuck at the first step in moving it over to mainnet, getting my contracts onto our account. Here is what I have done.
Created an account at port.onflow using blocto
Switched my blocto account to non custodian
Generated a new key in the account
Updated my flow.json file on my local system with the keys and settings according to this tutorial https://docs.onflow.org/flow-cli/configuration/#advanced-format-1
Attempted to add my contract to the account using the CLI
When I run this command
flow -n mainnet accounts add-contract NFTController \NFTController.cdc --signer mainnet-account
I get this error
Command Error: [Error Code: 1006] invalid proposal key: public key 0 on account e76dc37433d8ce45 does not have a valid signature: [Error Code: 1009] invalid envelope key: public key 0 on account e76dc37433d8ce45 does not have a valid signature: signature is not valid
You can see this on the chain at
Transaction ID: 1b6186a61095a8dba90e39c1ae862c3fccdf2f7bd2e2300253f64f44f3024931
When I created my account on testnet I used https://testnet-faucet.onflow.org/ and used the private that I used when creating the account to sign all transactions. I did not need to generate additional keys. Everything else in the process was the same and ran w/o issues.
My question is 2 fold.
Is there a way to generate a non-custodian account on flow mainnet w/o already have an existing account such as what I did on https://testnet-faucet.onflow.org/
Is the format https://docs.onflow.org/flow-cli/configuration/#advanced-format-1 correct for CLI v 0.33.0? If not what format should I be using?
Any help would be greatly appreciated.
Related
Using flow-cli, if I run flow accounts remove-contract HelloWorld --network testnet --signer testnet-account I get the above error. I created the contract using the same account but unable to remove it from testnet.
I read something about using auth accounts to remove contracts but couldn’t find any relevant examples showing its usecase. Any suggestions?
Do let me know if I can share any more information.
flow version: 0.41.0
account address: 0xf6827b3c1293b661
I am using this guide as reference to remove contract from testnet. https://developers.flow.com/tools/flow-cli/account-remove-contract
Currently, testnet does not allow the removal of contracts, we have made contract removal temporarily permissioned on Testnet – just like it already is on Mainnet.
you can find more details in this post.
https://forum.onflow.org/t/testnet-is-running-secure-cadence/3213
As requested by Preston PHX, I uploaded a full copy of my
code to Dropbox:
My test ASP.NET Web App
I hope this helps someone to identify what I may have done wrong
#####################################
I am trying to use the sample code at https://github.com/paypal/Checkout-NET-SDK/tree/develop/Samples to make contact with the Sandbox but it doesn't work for me. In order to find out why, I ran my code in Visual Studio under Localhost in debugging mode, using several breakpoints.
This line of code in my test page ...
var createOrderResponse = CreateOrderSample.CreateOrder(true).Result;
... displayed the following error:
Inner Exception 2:
HttpException: {"error":"invalid_client","error_description":"Client Authentication failed"}
However, it was the environment function in PayPalClient.cs (modified to use my PAYPAL_CLIENT_ID and PAYPAL_CLIENT_SECRET) that appears to have generated the error:
public static PayPalEnvironment environment()
{
return new SandboxEnvironment(
System.Environment.GetEnvironmentVariable("PAYPAL_CLIENT_ID") != null ?
System.Environment.GetEnvironmentVariable("PAYPAL_CLIENT_ID"):"<<PAYPAL-CLIENT-ID>>",
System.Environment.GetEnvironmentVariable("PAYPAL_CLIENT_SECRET") != null ?
System.Environment.GetEnvironmentVariable("PAYPAL_CLIENT_SECRET"):"<<PAYPAL-CLIENT-SECRET>>");
}
I very carefully copied my PAYPAL_CLIENT_ID and PAYPAL_CLIENT_SECRET from the REST API app I created via the PayPal Developer Dashboard. Apart from that, the GitHub sample code has not been modified. I could see no requirement in the GitHub code to specify a Sandbox URL and assume that this is provided by the PayPalCheckoutSdk via the use of "return new SandboxEnvironment()".
It's not obvious to me why my attempt to connect to this Sandbox account is failing the authentication process. What might I be doing wrong? Is it anything to do with my use of Localhost?
EDIT on 1 Nov 2021 in response to Preston PHX
Creating a new Sandbox Client ID and Secret made no difference. Prompted by another forum post I read some time ago, I also tried using ngrok (for the first time) to open http port 80 to facilitate PayPal testing via Localhost, but the connection to the Sandbox still failed authentication.
Sandbox Client ID: AZcb8XrqhJEUO7lS_JtKSe3sdNDLESmo3ekhupDKTL1J9vQCKVOzacCjO3PBQwSfngYkLGa-qS7EUrGV
Secret:
EBEcuPewHdzCB8p0qE1Yszjk2eMyFCstzkL0Diz2WC5IQREsu6cDHr7yFG9a-GDIyljb-KRb2DA6Hoey
I installed curl (plus Bash and Git) on my Windows 10 PC and ran the curl command specified on the get-an-access-token page. I couldn't find a way to post the result here in an easily readable form so I put it in a Word doc and uploaded that to Dropbox.
https://www.dropbox.com/s/knia3y2ighfzxpa/Result%20of%20PayPal%20curl%20command.docx?dl=0
Edit on 2 Nov 2021
As requested by Preston PHX, I have uploaded a copy of the ASP.NET Web App I have been using for my tests to Dropbox.
https://www.dropbox.com/sh/4uclfs2lexv4v42/AAAjoZIN5cEMV1mu0cYi24zKa?dl=0
I've only uploaded the project folder, as I'm guessing that it is unnecessary to upload my Solution files.
Create a new sandbox client ID and secret in the developer dashboard. Test with the new client ID and secret.
If issues persist,
Update your question with both the new sandbox client ID, and the new sandbox secret.
Update your question with a sample curl command to get an access token, showing the entire command and the entire response in your question.
ibmcloud create action through cli is not working . Getting an exception
Unable to authenticate with Cloud Functions: Unable to obtain wsk
authentication key for Org 'xxxxx' and Space 'xxxx': Target Org
'xxxxm' and Space 'xxxx' do not have an auth key; if Space 'dev' was
recently created, try again in a couple minutes.
But I have logged in successfully using ibmcloud login command
Issue is resolved now. The account I created at IBM was lite account where the initial credentials were created with different location. But my ibmcloud login was picking another location api. Even if i could give the api enpoint manually, org and space was not matching. Since it was a Lite account, there was no permission to add another org and space. AFter sending mail to IBM, I could add my credit card details and I could create a new space and creating action worked now
I use this tutorial to deploy a business network on a free bluemix cluster: https://ibm-blockchain.github.io/
I also deploy the REST Server and communicate via Web apps.
All went fine till yesterday. The REST Server was not accessible anymore.
I deleted everything on the cluster using the script delete_all available in the ibm-container-service repository.
I followed the install procedure using the create_all script. I could access the composer playground (port 31080) again but was not really able to deploy an online business network using the "profile" hlfv1. Now it asks at the bottom of the "deploy UI" for credentials.
I don't know what to fill in. I tried to use ID+Password. On this way I was able to deploy but I got access error by clicking on "connect now". I was able to start the REST server then but if i try to access it in the browser (port 31090), I get the feedback that I'm not authorized.
Any ideas?
And do you know which changes have been made in the last month, which could bring these troubles?
Thx
Phil
The tutorial pointed to only covers playground when used with a Web Browser connection not a real fabric. When you deploy to a real fabric you have to provide an initial identity that you want bound to an initial participant in the business network. The initial participant will be of type org.hyperledger.composer.system.NetworkAdmin and given a name of the initial identity name you provide.
This dialog looks like this
To get you started you should select the ID and Secret radio button. Then for Enrollment ID enter admin and for the Enrollment Secret enter adminpw.
This is the name and secret of the bootstrap identity that exists in the fabric-ca server that has been deployed as part of the scripts.
By providing this information that identity will be enrolled and it's public certificate will be bound to a NetworkAdmin participant which will be called admin. This identity admin will then have access to the business network as only identities that are bound to a participant in the business network can have any sort of access.
I have a test console app that successfully retrieves a cert from the local computer Cert store and use this cert to get a token from AAD.
However, when I run this inside of a Windows service, AcquireTokenAsync() does not run and breaks the execution, although the cert is retrieved from the store.
I did notice a private key error : PrivateKey = '_certCred.Certificate.PrivateKey' threw an exception of type 'System.Security.Cryptography.CryptographicException'
Any advice would be helpful
It would be good if we have a source code and information about the accounts you are using so we can see where the certificate is stored, but based on your description:
It is possible that the user on which the service account is running does not have access to the certificate you are trying to access.
One possibility is to configure the service to run as System Account and then select the 'Allow the service to interact with Desktop'.