Add full monorepo: virtual-banker, backend, frontend, docs, scripts, deployment

Co-authored-by: Cursor <cursoragent@cursor.com>

scripts/verify-rpc-permissions.sh

@@ -0,0 +1,115 @@
+#!/usr/bin/env bash
+# Verify RPC Node Account Permissioning Configuration
+# Checks if account permissioning is enabled and if deployer is whitelisted
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
+
+source "$PROJECT_ROOT/.env" 2>/dev/null || source "$PROJECT_ROOT/../.env" 2>/dev/null || true
+
+RPC_URL="${RPC_URL_138:-http://192.168.11.250:8545}"
+DEPLOYER=$(cast wallet address "$PRIVATE_KEY" 2>/dev/null || echo "")
+
+if [ -z "$DEPLOYER" ]; then
+    echo "Error: PRIVATE_KEY not set or invalid"
+    exit 1
+fi
+
+echo "╔══════════════════════════════════════════════════════════════╗"
+echo "║     RPC NODE ACCOUNT PERMISSIONING CHECK                    ║"
+echo "╚══════════════════════════════════════════════════════════════╝"
+echo ""
+echo "RPC Endpoint: $RPC_URL"
+echo "Deployer: $DEPLOYER"
+echo ""
+
+# Check if we can query the RPC
+echo "=== RPC Connectivity ==="
+BLOCK=$(cast block-number --rpc-url "$RPC_URL" 2>/dev/null || echo "")
+if [ -z "$BLOCK" ]; then
+    echo "❌ Cannot connect to RPC endpoint"
+    exit 1
+fi
+echo "✅ RPC is accessible (Block: $BLOCK)"
+echo ""
+
+# Check configuration files
+echo "=== Configuration Files ==="
+CONFIG_DIRS=(
+    "$PROJECT_ROOT/../smom-dbis-138/config"
+    "$PROJECT_ROOT/../smom-dbis-138-proxmox/config"
+)
+
+PERM_ACCOUNTS_FILE=""
+for dir in "${CONFIG_DIRS[@]}"; do
+    if [ -f "$dir/permissions-accounts.toml" ]; then
+        PERM_ACCOUNTS_FILE="$dir/permissions-accounts.toml"
+        break
+    fi
+done
+
+if [ -n "$PERM_ACCOUNTS_FILE" ]; then
+    echo "Found: $PERM_ACCOUNTS_FILE"
+    echo ""
+    echo "Contents:"
+    cat "$PERM_ACCOUNTS_FILE"
+    echo ""
+    
+    # Check if allowlist is empty
+    if grep -q "accounts-allowlist=\[\]" "$PERM_ACCOUNTS_FILE" || grep -q "^accounts-allowlist=\[$" "$PERM_ACCOUNTS_FILE"; then
+        echo "✅ Allowlist is EMPTY - All accounts are allowed"
+    else
+        # Check if deployer is in allowlist
+        if grep -qi "$DEPLOYER" "$PERM_ACCOUNTS_FILE"; then
+            echo "✅ Deployer is in allowlist"
+        else
+            echo "⚠️  Deployer is NOT in allowlist"
+            echo "   Add deployer address to allowlist:"
+            echo "   $DEPLOYER"
+        fi
+    fi
+else
+    echo "⚠️  permissions-accounts.toml not found in standard locations"
+fi
+echo ""
+
+# Check RPC node config files
+echo "=== RPC Node Configuration ==="
+RPC_CONFIG_FILES=(
+    "$PROJECT_ROOT/../smom-dbis-138/config/config-rpc-core.toml"
+    "$PROJECT_ROOT/../smom-dbis-138/config/config-rpc-perm.toml"
+    "$PROJECT_ROOT/../smom-dbis-138/config/config-rpc-public.toml"
+)
+
+for config_file in "${RPC_CONFIG_FILES[@]}"; do
+    if [ -f "$config_file" ]; then
+        echo "Checking: $(basename "$config_file")"
+        if grep -q "permissions-accounts-config-file-enabled=true" "$config_file"; then
+            echo "  ⚠️  Account permissioning is ENABLED"
+            PERM_FILE=$(grep "permissions-accounts-config-file=" "$config_file" | cut -d'"' -f2 || echo "")
+            if [ -n "$PERM_FILE" ]; then
+                echo "  Config file: $PERM_FILE"
+            fi
+        else
+            echo "  ✅ Account permissioning is DISABLED or not configured"
+        fi
+        echo ""
+    fi
+done
+
+echo "=== Recommendations ==="
+if [ -n "$PERM_ACCOUNTS_FILE" ] && ! grep -qi "$DEPLOYER" "$PERM_ACCOUNTS_FILE" && ! grep -q "accounts-allowlist=\[\]" "$PERM_ACCOUNTS_FILE"; then
+    echo "1. Add deployer to account allowlist:"
+    echo "   $DEPLOYER"
+    echo ""
+    echo "2. Update permissions-accounts.toml on all RPC nodes"
+    echo ""
+    echo "3. Restart RPC nodes after updating configuration"
+else
+    echo "✅ Account permissioning configuration appears correct"
+    echo "   (Allowlist is empty or deployer is whitelisted)"
+fi
+echo ""
+