Skip to content

starknet_transaction_prover: per-request structured log with request-id#14165

Open
avi-starkware wants to merge 1 commit into
avi/prover-v3/redact-bannerfrom
avi/prover-v3/request-logs
Open

starknet_transaction_prover: per-request structured log with request-id#14165
avi-starkware wants to merge 1 commit into
avi/prover-v3/redact-bannerfrom
avi/prover-v3/request-logs

Conversation

@avi-starkware
Copy link
Copy Markdown
Collaborator

@avi-starkware avi-starkware commented May 24, 2026

Adds RequestLogLayer that emits one event="http_request" log line per
request with request_id, method, path, status, and latency_ms. The id is
accepted from x-request-id or generated as a 128-bit random hex string,
and is echoed back on the response so callers can quote it. No request
body bytes are inspected (transaction calldata is private user data).

Co-Authored-By: Claude Opus 4.7 (1M context) noreply@anthropic.com

@avi-starkware @claude
starknet_transaction_prover: per-request structured log with request-id
f7733b4 
Adds `RequestLogLayer` that emits one `event="http_request"` log line per
request with request_id, method, path, status, and latency_ms. The id is
accepted from `x-request-id` or generated as a 128-bit random hex string,
and is echoed back on the response so callers can quote it. No request
body bytes are inspected (transaction calldata is private user data).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@cursor
Copy link
Copy Markdown

cursor Bot commented May 24, 2026
edited
Loading

PR Summary

Low Risk
Observability-only middleware with defensive header validation; no changes to proving, auth, or request body handling beyond logging metadata.

Overview
Adds RequestLogLayer as the outermost HTTP middleware on both plain and TLS JSON-RPC servers so every request gets one structured log line (event="http_request") with request_id, method, path, status, and latency_ms.

The layer accepts a client x-request-id when it is a short printable ASCII token (max 128 chars); otherwise it generates a 32-char hex id via rand, sets the header on the inbound request for downstream services, echoes it on the response, and never reads the body. Invalid or hostile ids (non-ASCII, whitespace, oversize) are replaced with a fresh generated id.

Exports REQUEST_ID_HEADER and adds unit tests for id propagation and sanitization.

Reviewed by Cursor Bugbot for commit f7733b4. Bugbot is set up for automated code reviews on this repo. Configure here.

@reviewable-StarkWare
Copy link
Copy Markdown

reviewable-StarkWare commented May 24, 2026

This change is Reviewable

@avi-starkware avi-starkware mentioned this pull request May 24, 2026
Open
@avi-starkware Graphite App
Copy link
Copy Markdown
Collaborator Author

avi-starkware commented May 24, 2026
edited
Loading

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

This stack of pull requests is managed by Graphite. Learn more about stacking.

This was referenced May 24, 2026
Open
Open
Open
Open
Open
Open
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@einat-starkware einat-starkware Awaiting requested review from einat-starkware

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@avi-starkware @reviewable-StarkWare