feat(API): add /diagnostics endpoint for system-wide debug snapshot

[TheLastCicada]

Summary

Adds a new top-level GET /diagnostics endpoint that returns a single JSON object summarizing CADT, Chia, DataLayer, and host machine state — intended for sysadmins and users debugging a CADT install. Mounted as a sibling of /health (not under /v1 or /v2); branched off v2-rc2.

What the response includes

• CADT: version, config directory + file, V1/V2 database paths, datalayer URL + file-server URL, simulator flag, per-version { enabled, readOnly, isGovernanceBody, apiKeyConfigured, governanceBodyId, homeOrgId }.
• Chia network: configured (from CADT config) vs actual (from wallet get_network_info) and a matches flag.
• Wallet: rpcUrl, reachable, connectionError (string when unreachable, including for AggregateErrors with empty messages), synced, balanceXch, pending-transactions block (reuses wallet-health.js shaping), trusted-peer cross-reference against wallet.trusted_peers from chia's config.yaml.
• Full node: best-effort mTLS call to local full-node RPC (get_blockchain_state + get_connections) — degrades to reachable: false if the certs aren't present.
• DataLayer: reachability + subscriptions list with per-store generation/target-generation and a synced flag (Number.isFinite guard so undefined === undefined doesn't falsely report synced); bounded-concurrency worker pool with a 30 s wall-clock budget that emits truncated: true if cut off.
• Services flags: aggregate walletReachable / fullNodeReachable / datalayerReachable.
• chia-tools probe: chia-tools --version (then version as fallback) with a 5 s timeout; distinguishes "not installed" from "installed but broken".
• Process scan: POSIX ps -eo scan for chia binaries with multi-version detection; reports supported: false on Windows.
• System: platform/arch, CPU model + cores (via os.cpus()), total/free RAM, free/total disk on the partition holding ${CHIA_ROOT} (via fs.promises.statfs).

Design properties

• Degrades gracefully: every external call is wrapped in settle(label, producer, timeoutMs) that races against a hard wall-clock deadline. Failures become { ok: false, error } rather than throwing; one wedged subsystem can't block the rest of the response. Worst-case wall-clock ~30 s; healthy responses come back in well under a second.
• Survives "the wallet is down" / "migrations are slow": /diagnostics lives in HEALTH_ENDPOINTS, and isHealthEndpoint skips were added to the wallet-synced, home-org-synced, and all-data-synced header middlewares so the endpoint isn't blocked by the wallet RPC's 300 s socket timeout or by waitForMigrations() when the DB layer itself is the broken subsystem.
• Auth: enforced by the existing global API-key middleware. No duplicate check needed.
• READ_ONLY: response is reduced to non-sensitive public fields (CADT version, configured network, system info, chia-tools probe, process scan) and short-circuits before the wallet/datalayer/full-node RPC fan-out — matches the precedent in src/routes/wallet-health.js so a public observer node doesn't make per-request authenticated wallet RPC calls on unauthenticated public hits.

Files

File	Purpose
src/routes/diagnostics.js	Response builder, settle, collectSubscriptions, buildTrustedPeerView, normalizeNodeId
src/utils/system-info.js	CPU/RAM (os) + disk (fs.promises.statfs)
src/utils/chia-process-scan.js	POSIX ps scan + chia-binary regex
src/utils/chia-tools-probe.js	chia-tools --version / version fallback, extractVersion regex
src/datalayer/fullNodeRpc.js	mTLS client for get_blockchain_state / get_connections
src/datalayer/wallet.js	adds getWalletConnections() for trusted-peer cross-reference
src/middleware.js	mounts GET /diagnostics, adds it to HEALTH_ENDPOINTS, adds health-endpoint skip to three header middlewares
tests/v2/integration/diagnostics.spec.js	HTTP integration tests (22 cases)
tests/v2/integration/diagnostics-helpers.spec.js	Pure unit tests for the helpers (24 cases)
tests/v2/live-api/wallet-health.live.spec.js	Live-API smoke test against a real CADT install

Test plan

• npm run test:v1 — 146 passing, 0 failing
• npm run test:v2 — 1619 passing, 0 failing (includes 46 new diagnostics tests)
• Pre-push multi-persona review (10 reviewers in parallel: senior-engineer, simplicity/reuse, scope/tone/correctness, domain-context, root-cause/layer, concurrency/cancellation, protocol/schema, observability/diagnostics, test-quality/coverage, generic pre-push-diff-review). All critical findings addressed; warnings/info items either fixed or deliberately deferred with rationale.
• Live-API smoke check via npm run test:v2:live:wallet-health against a real CADT + Chia install (runs in CI; the live test added a /diagnostics describe block that asserts response shape, types, and reasonable value ranges without pinning specific environment values).

Matrix coverage (READ_ONLY × API key configured × key provided)

READ_ONLY	API key	Key in request	Expected	Test
false	no	n/a	200 full	basic-shape tests
false	yes	correct	200 full	accepts requests with the correct x-api-key header
false	yes	wrong (length mismatch)	403	rejects requests with a wrong-length x-api-key header
false	yes	wrong (equal length)	403	rejects requests with a wrong-but-equal-length x-api-key header
false	yes	none	403	rejects unauthenticated requests when CADT_API_KEY is configured
true	no	n/a	200 reduced	public observer node (READ_ONLY=true, no API key): returns 200 with reduced fields without auth
true	yes	correct	200 reduced	READ_ONLY=true + API key configured + correct key: returns 200 with reduced fields
true	yes	wrong	403	READ_ONLY=true + API key configured + wrong key: rejects with 403
true	yes	none	403	READ_ONLY=true + API key configured + no key provided: rejects with 403

Manual smoke check (suggested for reviewers)

# Healthy install
curl -s -H "x-api-key: \$CADT_API_KEY" http://localhost:31310/diagnostics | jq .

# With wallet stopped (verify graceful degradation)
chia stop wallet
curl -s -H "x-api-key: \$CADT_API_KEY" http://localhost:31310/diagnostics | jq '.chia.wallet'
# Expect: { reachable: false, connectionError: "Wallet RPC at ... did not respond", ... }
chia start wallet

---

Note

Medium Risk
Adds a new unauthenticated-by-default (unless API key configured) diagnostics surface that executes local process/CLI probes and multiple RPC calls; mistakes could leak sensitive operational data or add startup/runtime latency despite timeouts and read-only gating.

Overview
Adds a new top-level GET /diagnostics endpoint that returns a single JSON snapshot of CADT config/state plus Chia wallet/full-node/datalayer reachability and host system metrics, with per-section ok/warning/critical status aggregation and hard timeouts to degrade gracefully.

To support this, introduces new helpers for OS info (system-info.js), local Chia process scanning (chia-process-scan.js), chia-tools detection (chia-tools-probe.js), and a minimal mTLS full-node RPC client (fullNodeRpc.js), plus extends wallet.js with get_version and get_connections helpers.

Middleware now treats /diagnostics as a health-style endpoint (bypassing rate limits, startup gates, and synced-header probes) while explicitly blocking the route when READ_ONLY is enabled; startup additionally logs a fire-and-forget diagnostics snapshot after migrations complete. Tests add broad unit/integration/live-api coverage for response shape, auth gating, and helper edge cases.

^{Reviewed by Cursor Bugbot for commit 28b0a1e. Bugbot is set up for automated code reviews on this repo. Configure here.}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 28b0a1e. Configure here.}