Feat/on demand blocks txs

apps/block_scout_web/lib/block_scout_web/controllers/api/v2/block_controller.ex

@@ -30,12 +30,14 @@ defmodule BlockScoutWeb.API.V2.BlockController do
   import Explorer.MicroserviceInterfaces.Metadata, only: [maybe_preload_metadata: 1]
   import Explorer.Chain.Address.Reputation, only: [reputation_association: 0]
 
+  alias BlockScoutWeb.AccessHelper
   alias BlockScoutWeb.API.V2.{
     Ethereum.DepositController,
     Ethereum.DepositView,
     TransactionView,
     WithdrawalView
   }
+  alias Indexer.Fetcher.OnDemand.Block, as: BlockOnDemand
 
   alias BlockScoutWeb.Schemas.API.V2.ErrorResponses.NotFoundResponse
   alias Explorer.Chain
@@ -159,11 +161,11 @@ defmodule BlockScoutWeb.API.V2.BlockController do
   Function to handle GET requests to `/api/v2/blocks/:block_hash_or_number_param` endpoint.
   """
   @spec block(Plug.Conn.t(), map()) ::
-          {:error, :not_found | {:invalid, :hash | :number}}
+          {:error, :not_found | {:invalid, :hash | :number} | :rate_limited}
           | {:lost_consensus, {:error, :not_found} | {:ok, Explorer.Chain.Block.t()}}
           | Plug.Conn.t()
   def block(conn, %{block_hash_or_number_param: block_hash_or_number}) do
-    with {:ok, block} <- block_param_to_block(block_hash_or_number, @block_params) do
+    with {:ok, block} <- block_param_to_block(block_hash_or_number, @block_params, conn) do
       conn
       |> put_status(200)
       |> render(:block, %{block: block})
@@ -179,8 +181,16 @@ defmodule BlockScoutWeb.API.V2.BlockController do
       {:ok, _block} = ok_response ->
         ok_response
 
-      _ ->
-        {:lost_consensus, Chain.nonconsensus_block_by_number(number, @api_true)}
+      {:error, :not_found} ->
+        # Check if block exists but lost consensus
+        case Chain.nonconsensus_block_by_number(number, @api_true) do
+          {:ok, _block} = lost_consensus_block ->
+            {:lost_consensus, lost_consensus_block}
+
+          {:error, :not_found} ->
+            # Block doesn't exist at all - allow on-demand fetch
+            {:error, :not_found}
+        end
     end
   end
 
@@ -692,9 +702,53 @@ defmodule BlockScoutWeb.API.V2.BlockController do
     end
   end
 
-  defp block_param_to_block(block_hash_or_number, options \\ @api_true) do
+  defp block_param_to_block(block_hash_or_number, options \\ @api_true, conn \\ nil) do
     with {:ok, type, value} <- parse_block_hash_or_number_param(block_hash_or_number) do
-      fetch_block(type, value, options)
+      case fetch_block(type, value, options) do
+        {:ok, _block} = result ->
+          result
+
+        {:error, :not_found} ->
+          # Try on-demand fetch
+          try_on_demand_block_fetch(type, value, options, conn)
+
+        {:lost_consensus, _} = result ->
+          result
+      end
+    end
+  end
+
+  defp try_on_demand_block_fetch(_type, _value, _options, nil), do: {:error, :not_found}
+
+  defp try_on_demand_block_fetch(:hash, hash, options, conn) do
+    ip = AccessHelper.conn_to_ip_string(conn)
+
+    case BlockOnDemand.fetch_by_hash(ip, hash) do
+      {:ok, _block} ->
+        # Re-fetch with full associations
+        Chain.hash_to_block(hash, options)
+
+      {:error, :rate_limited} ->
+        {:error, :rate_limited}
+
+      {:error, _} ->
+        {:error, :not_found}
+    end
+  end
+
+  defp try_on_demand_block_fetch(:number, number, options, conn) do
+    ip = AccessHelper.conn_to_ip_string(conn)
+
+    case BlockOnDemand.fetch_by_number(ip, number) do
+      {:ok, block} ->
+        # Re-fetch with full associations
+        Chain.hash_to_block(block.hash, options)
+
+      {:error, :rate_limited} ->
+        {:error, :rate_limited}
+
+      {:error, _} ->
+        {:error, :not_found}
     end
   end
 end

apps/block_scout_web/lib/block_scout_web/controllers/api/v2/fallback_controller.ex

@@ -127,6 +127,17 @@ defmodule BlockScoutWeb.API.V2.FallbackController do
     |> call({:not_found, nil})
   end
 
+  def call(conn, {:error, :rate_limited}) do
+    Logger.warning(fn ->
+      ["On-demand fetch rate limited"]
+    end)
+
+    conn
+    |> put_status(:too_many_requests)
+    |> put_view(ApiView)
+    |> render(:message, %{message: "Too many on-demand fetch requests. Please try again later."})
+  end
+
   def call(conn, {:error, %Changeset{} = changeset}) do
     conn
     |> put_status(:unprocessable_entity)

apps/block_scout_web/lib/block_scout_web/controllers/api/v2/transaction_controller.ex

@@ -61,6 +61,7 @@ defmodule BlockScoutWeb.API.V2.TransactionController do
   alias Explorer.Chain.ZkSync.Reader, as: ZkSyncReader
   alias Indexer.Fetcher.OnDemand.FirstTrace, as: FirstTraceOnDemand
   alias Indexer.Fetcher.OnDemand.NeonSolanaTransactions, as: NeonSolanaTransactions
+  alias Indexer.Fetcher.OnDemand.Transaction, as: TransactionOnDemand
 
   action_fallback(BlockScoutWeb.API.V2.FallbackController)
 
@@ -194,7 +195,7 @@ defmodule BlockScoutWeb.API.V2.TransactionController do
       [necessity_by_association: necessity_by_association]
       |> Keyword.merge(@api_true)
 
-    with {:ok, transaction, _transaction_hash} <- validate_transaction(transaction_hash_string, params, options),
+    with {:ok, transaction, _transaction_hash} <- validate_transaction(transaction_hash_string, params, options, conn),
          preloaded <-
            Chain.preload_token_transfers(
              transaction,
@@ -1181,13 +1182,41 @@ defmodule BlockScoutWeb.API.V2.TransactionController do
           | {:not_found, {:error, :not_found}}
           | {:restricted_access, true}
           | {:ok, Transaction.t(), Hash.t()}
-  def validate_transaction(transaction_hash_string, params, options \\ @api_true) do
+  def validate_transaction(transaction_hash_string, params, options \\ @api_true, conn \\ nil) do
     with {:format, {:ok, transaction_hash}} <- {:format, Chain.string_to_full_hash(transaction_hash_string)},
          {:not_found, {:ok, transaction}} <-
-           {:not_found, Chain.hash_to_transaction(transaction_hash, options)},
+           {:not_found, fetch_or_demand_transaction(transaction_hash, options, conn)},
          {:ok, false} <- AccessHelper.restricted_access?(to_string(transaction.from_address_hash), params),
          {:ok, false} <- AccessHelper.restricted_access?(to_string(transaction.to_address_hash), params) do
       {:ok, transaction, transaction_hash}
     end
   end
+
+  defp fetch_or_demand_transaction(transaction_hash, options, conn) do
+    case Chain.hash_to_transaction(transaction_hash, options) do
+      {:ok, _transaction} = result ->
+        result
+
+      {:error, :not_found} ->
+        try_on_demand_transaction_fetch(transaction_hash, options, conn)
+    end
+  end
+
+  defp try_on_demand_transaction_fetch(_transaction_hash, _options, nil), do: {:error, :not_found}
+
+  defp try_on_demand_transaction_fetch(transaction_hash, options, conn) do
+    ip = AccessHelper.conn_to_ip_string(conn)
+
+    case TransactionOnDemand.fetch_by_hash(ip, transaction_hash) do
+      {:ok, _transaction} ->
+        # Re-fetch with full associations
+        Chain.hash_to_transaction(transaction_hash, options)
+
+      {:error, :rate_limited} ->
+        {:error, :rate_limited}
+
+      {:error, _} ->
+        {:error, :not_found}
+    end
+  end
 end

apps/block_scout_web/lib/block_scout_web/endpoint.ex

@@ -81,7 +81,8 @@ defmodule BlockScoutWeb.Endpoint do
 
     # 'x-apollo-tracing' header for https://www.graphqlbin.com to work with our GraphQL endpoint
     # 'updated-gas-oracle' header for /api/v2/stats endpoint, added to support cross-origin requests (e.g. multichain search explorer)
-    plug(CORSPlug,
+    # CORS origin can be configured via API_V2_CORS_ALLOWED_ORIGIN env var (supports comma-separated multiple origins)
+    plug(BlockScoutWeb.Plugs.DynamicCORS,
       headers:
         [
           "x-apollo-tracing",

apps/block_scout_web/lib/block_scout_web/plugs/dynamic_cors.ex

@@ -0,0 +1,39 @@
+defmodule BlockScoutWeb.Plugs.DynamicCORS do
+  @moduledoc """
+  A wrapper around CORSPlug that reads the allowed origin from
+  API_V2_CORS_ALLOWED_ORIGIN environment variable at runtime.
+
+  Supports:
+  - Single origin: "https://example.com"
+  - Multiple origins (comma-separated): "https://example1.com,https://example2.com"
+  - Wildcard: "*" (default if not set)
+  """
+
+  @behaviour Plug
+
+  @impl true
+  def init(opts), do: opts
+
+  @impl true
+  def call(conn, opts) do
+    origin = get_cors_origin()
+    cors_opts = Keyword.put(opts, :origin, origin)
+    CORSPlug.call(conn, CORSPlug.init(cors_opts))
+  end
+
+  defp get_cors_origin do
+    case System.get_env("API_V2_CORS_ALLOWED_ORIGIN") do
+      nil -> "*"
+      "" -> "*"
+      "*" -> "*"
+      origins ->
+        origins
+        |> String.split(",")
+        |> Enum.map(&String.trim/1)
+        |> case do
+          [single] -> single
+          multiple -> multiple
+        end
+    end
+  end
+end

apps/explorer/lib/explorer/chain/import/runner/addresses.ex

@@ -264,18 +264,16 @@ defmodule Explorer.Chain.Import.Runner.Addresses do
     if Enum.empty?(ordered_created_contract_hashes) do
       {:ok, []}
     else
-      query =
-        from(t in Transaction,
-          where: t.created_contract_address_hash in ^ordered_created_contract_hashes,
-          # Enforce Transaction ShareLocks order (see docs: sharelocks.md)
-          order_by: t.hash,
-          lock: "FOR NO KEY UPDATE"
-        )
-
+      # Citus-compatible: Remove subquery JOIN and FOR NO KEY UPDATE lock
+      # transactions is distributed by hash - FOR NO KEY UPDATE causes 0A000 errors
+      # Direct WHERE IN is more efficient than subquery pattern
+      # Note: order_by is NOT supported in update_all, removed from query
       try do
         {_, result} =
           repo.update_all(
-            from(t in Transaction, join: s in subquery(query), on: t.hash == s.hash),
+            from(t in Transaction,
+              where: t.created_contract_address_hash in ^ordered_created_contract_hashes
+            ),
             [set: [created_contract_code_indexed_at: timestamps.updated_at]],
             timeout: timeout
           )