calimero-server 0.10.0

Core Calimero infrastructure and tools
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226

# calimero-server - HTTP/WS/SSE Server

HTTP, WebSocket, and Server-Sent Events server for Admin API, JSON-RPC, and real-time subscriptions.

## Package Identity

- **Crate**: `calimero-server`
- **Entry**: `src/lib.rs`
- **Framework**: axum (HTTP), tokio (async)

## Commands

```bash
# Build
cargo build -p calimero-server

# Test
cargo test -p calimero-server
```

## File Organization

```
src/
├── lib.rs                    # Server initialization
├── config.rs                 # Server configuration
├── admin.rs                  # Admin API module parent
├── admin/
│   ├── handlers.rs           # Handlers module parent
│   ├── handlers/
│   │   ├── applications.rs   # Applications handlers parent
│   │   ├── applications/
│   │   │   ├── get_application.rs
│   │   │   ├── install_application.rs
│   │   │   ├── install_dev_application.rs
│   │   │   ├── list_applications.rs
│   │   │   └── uninstall_application.rs
│   │   ├── context.rs        # Context handlers parent
│   │   ├── context/
│   │   │   ├── create_context.rs
│   │   │   ├── delete_context.rs
│   │   │   ├── get_context.rs
│   │   │   ├── get_context_ids.rs
│   │   │   ├── get_context_identities.rs
│   │   │   ├── get_context_storage.rs
│   │   │   ├── get_contexts_for_application.rs
│   │   │   ├── get_contexts_with_executors_for_application.rs
│   │   │   ├── invite_to_context.rs
│   │   │   ├── invite_to_context_open_invitation.rs
│   │   │   ├── invite_specialized_node.rs
│   │   │   ├── join_context.rs
│   │   │   ├── join_context_open_invitation.rs
│   │   │   ├── grant_capabilities.rs
│   │   │   ├── revoke_capabilities.rs
│   │   │   ├── sync.rs
│   │   │   └── update_context_application.rs
│   │   ├── identity.rs       # Identity handlers parent
│   │   ├── identity/
│   │   │   └── generate_context_identity.rs
│   │   ├── alias.rs          # Alias handlers parent
│   │   ├── alias/
│   │   │   ├── create_alias.rs
│   │   │   ├── delete_alias.rs
│   │   │   ├── list_aliases.rs
│   │   │   └── lookup_alias.rs
│   │   ├── blob.rs           # Blob handlers
│   │   ├── peers.rs           # Peer handlers
│   │   ├── proposals.rs       # Proposal handlers
│   │   ├── tee.rs             # TEE handlers parent
│   │   ├── tee/
│   │   │   ├── attest.rs
│   │   │   ├── info.rs
│   │   │   └── verify_quote.rs
│   │   ├── packages.rs        # Package handlers
│   │   ├── list_packages.rs   # List packages
│   │   ├── list_versions.rs   # List versions
│   │   └── get_latest_version.rs  # Get latest version
│   ├── service.rs            # Admin service setup
│   ├── storage.rs            # Admin storage
│   └── storage/
│       └── ssl.rs            # SSL storage
├── jsonrpc.rs                # JSON-RPC module parent
├── jsonrpc/
│   └── execute.rs            # JSON-RPC execution
├── ws.rs                     # WebSocket module parent
├── ws/
│   ├── subscribe.rs          # WS subscription
│   └── unsubscribe.rs        # WS unsubscription
├── sse.rs                    # SSE module parent
├── sse/
│   ├── config.rs             # SSE config
│   ├── events.rs             # SSE events
│   ├── handlers.rs           # SSE handlers
│   └── ...
├── auth.rs                   # Authentication middleware
└── metrics.rs                # Prometheus metrics
primitives/                   # calimero-server-primitives
└── src/
    ├── lib.rs                # Shared types
    ├── jsonrpc.rs            # JSON-RPC types
    └── admin.rs              # Admin API types
```

## API Endpoints

### Admin API

```
GET  /admin-api/contexts              # List contexts
POST /admin-api/contexts              # Create context
GET  /admin-api/contexts/:id          # Get context
DELETE /admin-api/contexts/:id        # Delete context

GET  /admin-api/applications          # List apps
POST /admin-api/applications          # Install app
GET  /admin-api/applications/:id      # Get app

POST /admin-api/contexts/:id/invite   # Invite member
POST /admin-api/contexts/:id/join     # Join context
```

### JSON-RPC

```
POST /jsonrpc                         # JSON-RPC 2.0 endpoint
```

### WebSocket

```
WS   /ws                              # WebSocket connection
```

### SSE

```
GET  /events                          # Server-sent events
```

## Patterns

### Admin Handler Pattern

- ✅ DO: Follow pattern in `src/admin/handlers/context.rs`

```rust
// src/admin/handlers/context.rs
use axum::extract::{Path, State};
use axum::Json;

pub async fn get_context(
    Path(context_id): Path<ContextId>,
    State(state): State<AppState>,
) -> Result<Json<ContextResponse>, ApiError> {
    // Implementation
}

pub async fn create_context(
    State(state): State<AppState>,
    Json(request): Json<CreateContextRequest>,
) -> Result<Json<ContextResponse>, ApiError> {
    // Implementation
}
```

### Router Setup

```rust
// src/admin/service.rs
use axum::Router;
use axum::routing::{get, post, delete};

pub fn admin_router() -> Router<AppState> {
    Router::new()
        .route("/contexts", get(list_contexts).post(create_context))
        .route("/contexts/:id", get(get_context).delete(delete_context))
}
```

## Key Files

| File                                                     | Purpose                 |
| -------------------------------------------------------- | ----------------------- |
| `src/lib.rs`                                             | Server setup            |
| `src/admin/service.rs`                                   | Admin router setup      |
| `src/admin/handlers/context.rs`                          | Context handlers parent |
| `src/admin/handlers/context/create_context.rs`           | Context creation        |
| `src/admin/handlers/applications.rs`                     | App handlers parent     |
| `src/admin/handlers/applications/install_application.rs` | App install             |
| `src/jsonrpc/execute.rs`                                 | JSON-RPC execution      |
| `src/ws/subscribe.rs`                                    | WS subscriptions        |
| `src/sse/handlers.rs`                                    | SSE handlers            |
| `primitives/src/jsonrpc.rs`                              | JSON-RPC types          |
| `primitives/src/admin.rs`                                | Admin API types         |

## JIT Index

```bash
# Find all handlers
rg -n "pub async fn" src/admin/handlers/

# Find route definitions
rg -n "\.route\(" src/

# Find API types
rg -n "pub struct.*Request" primitives/src/

# Find auth middleware
rg -n "pub async fn" src/auth.rs
```

## Authentication

Authentication handled via middleware in `src/auth.rs`:

- JWT token validation
- Node authorization
- Request signing verification

## Common Gotchas

- Admin API requires authentication
- JSON-RPC follows JSON-RPC 2.0 spec
- WebSocket requires context subscription
- SSE streams are per-context
- All responses use consistent error format