🚀 Backend API server for Picule decentralized protocol
Revolutionary value-backed NFTs with permanently locked liquidity that eliminates rug pulls and creates intrinsic NFT value.
- Express.js server with security middleware
- The Graph subgraph integration for blockchain data
- React Query compatible API endpoints
- In-memory caching with incremental updates
- DDoS protection with IP blacklisting
- CORS security with domain whitelisting
# Clone repository
git clone https://github.com/Vantana1995/picule-protocol-server
cd picule-server
# Install dependencies
npm install
# Create configuration files
New-Item -ItemType File -Name "config/config.js"
New-Item -ItemType File -Name "middleware/cors.js"
# Create environment file
New-Item -ItemType File -Name ".env"# The Graph Subgraph
SUBGRAPH_URL=https://gateway.thegraph.com/api/YOUR_API_KEY/subgraphs/id/ExJ4cYqWhnWJyMd5N2gNU3QD21u8m6bYiBTERPnisWPN
# Server Settings
PORT=3001
NODE_ENV=production
LOG_LEVEL=info
Update middleware/cors.js:
- Replace IP addresses with your actual IPs:
// Your local development IP
"http://YOUR_LOCAL_IP:3000";
// Admin IP whitelist
const adminIPs = ["127.0.0.1", "::1", "localhost", "YOUR_IP_HERE"];- Update allowed origins:
const allowedOrigins = ["https://picule.xyz"];npm run dev
# or
node index.jsnpm startServer will be available at http://localhost:3001
GET /health- Server health checkGET /api/ico-requests- All ICO requestsGET /api/ico-requests?active=true- Active ICOs onlyGET /api/contributions- All contributionsGET /api/projects- All projectsGET /api/listings- NFT marketplace listingsGET /api/sales- NFT salesGET /api/tokens- DEX tokensGET /api/pairs- DEX pairsGET /api/stats/global- Global statisticsGET /api/stats/marketplace- Marketplace statisticsGET /api/status- Server and cache status
POST /api/admin/refresh- Force cache refreshPOST /api/admin/update- Manual update triggerGET /api/admin/whitelist- View CORS whitelist
- Normal users: 30 requests per minute
- DDoS protection: 20 requests per 30 seconds → 15min block
- Permanent ban: After 5 DDoS warnings
- Blacklist system: Temporary and permanent bans
- Admin whitelist: Restricted access to admin endpoints
- CORS protection: Domain-based access control
- X-Frame-Options: DENY
- X-Content-Type-Options: nosniff
- X-XSS-Protection: 1; mode=block
- Content-Security-Policy: default-src 'none'
- Initial Load: Fetches all data from The Graph subgraph
- Incremental Updates: Every 10 seconds, checks for new blocks
- Smart Caching: Only fetches new data when blockchain state changes
- Real-time API: Serves cached data instantly to clients
curl http://localhost:3001/healthcurl http://localhost:3001/api/statuscurl http://localhost:3001/api/stats/cache# Install Node.js
curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt-get install -y nodejs
# Install PM2
npm install -g pm2
# Run with PM2
pm2 start index.js --name picule-server
pm2 startup
pm2 saveserver {
listen 80;
server_name your-domain.com;
location / {
proxy_pass http://localhost:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}Port already in use:
sudo lsof -ti:3001 | xargs kill -9CORS errors:
- Check domain in
allowedOrigins - Verify request origin header
DDoS protection triggered:
- Check IP in admin whitelist
- Reduce request frequency
Subgraph connection issues:
- Verify API key in .env
- Check The Graph service status
# View real-time logs
tail -f logs/server.log
# PM2 logs
pm2 logs picule-server- Picule Protocol Frontend
- Smart Contracts
- The Graph Subgraph(https://thegraph.com/explorer/subgraphs/ExJ4cYqWhnWJyMd5N2gNU3QD21u8m6bYiBTERPnisWPN?view=Query&chain=arbitrum-one)
MIT License
Built with ❤️ for the Picule Protocol ecosystem