diff --git a/.docker/conf/api_config.json b/.docker/conf/api_config.json new file mode 100644 index 00000000..e13ed4a8 --- /dev/null +++ b/.docker/conf/api_config.json @@ -0,0 +1,9 @@ +{ + "api_keys": { + "no_route": ["no_key"] + }, + "routes_pow": { + "no_route": 0 + } +} + diff --git a/.docker/conf/compute_miner_whitelist.json b/.docker/conf/compute_miner_whitelist.json new file mode 100644 index 00000000..ce63f028 --- /dev/null +++ b/.docker/conf/compute_miner_whitelist.json @@ -0,0 +1,7 @@ +{ + "compute_miner_whitelist" : { + "active": false, + "miner_api_keys": null, + "miner_addresses": null + } + } \ No newline at end of file diff --git a/.docker/conf/initial_block.json b/.docker/conf/initial_block.json new file mode 100644 index 00000000..9328732c --- /dev/null +++ b/.docker/conf/initial_block.json @@ -0,0 +1,159 @@ +{ + "compute_genesis_tx_in_comment": [ + "/// The TxIn content for genesis block.", + "/// A marketing request: A quote from the the Magna Carta document, the 39th claim.", + "/// This version was updated to be more inclusive." + ], + "compute_genesis_tx_in": "+ (39) No person shall be seized or imprisoned, or stripped of their rights or possessions, or outlawed or exiled, or deprived of their standing in any way, nor will we proceed with force against them, or send others to do so, except by the lawful judgment of their equals or by the law of the land.", + "compute_seed_utxo": { + "000000": [ + { + "public_key": "f4f0c1a951959e88fe343de5a2ebe7efbcb15422090b3549577f424db6851ca5", + "amount": 2 + }, + { + "public_key": "4580540cfe5569cc7e9262ac9b555815c8e955f9f8ae659f1091e6dd9d68731a", + "amount": 1 + }, + { + "public_key": "a557309adf55ad3c1eee7fad684cffa30eef2bffcd6ae0a6736fe4cddd95cd51", + "amount": 1 + }, + { + "public_key": "951134d50fc2a0de62702108c035e0f1c3146aa722f5425ae92d49a68e3b23c5", + "amount": 1 + }, + { + "public_key": "5eafe054031eb556b8164f556d0ba1f3b4a149366794257697e6a4608dd13ada", + "amount": 1 + } + ], + "000001": [ + { + "public_key": "a80fc230590e38bd648dc6bc4b6019d39e841f78657ad5138f351a70b6165c43", + "amount": 5 + } + ], + "000010": [ + { + "public_key": "c111594923b43ddceb8031a5ac3dceeaba566dea24aa6119b62dcefb02ace5b8", + "amount": 123 + } + ], + "000011": [ + { + "public_key": "9caa593f680c373872e4980bf15d119b373966f0e6f11a810718bfbf2e81017a", + "amount": 1234 + }, + { + "public_key": "25564a3a9c22ce3300cbbbcacd030fde8ccc4b6fa38b4481bf4f76b01d537d4f", + "amount": 1235 + } + ] + }, + "user_wallet_seeds": [ + [ + { + "out_point": "0-000010", + "secret_key": "3053020101300506032b6570042204200f49984bb4f0a1276af12b31b81245a47ba56ad4fd9aca163e056dea3ff00f73a123032100c111594923b43ddceb8031a5ac3dceeaba566dea24aa6119b62dcefb02ace5b8", + "public_key": "c111594923b43ddceb8031a5ac3dceeaba566dea24aa6119b62dcefb02ace5b8", + "amount": 123 + } + ], + [ + { + "out_point": "0-000011", + "secret_key": "3053020101300506032b65700422042005c5098f18eb4a85676c167b89455af63709779e6e4bcddf250f20ec35b510b0a1230321009caa593f680c373872e4980bf15d119b373966f0e6f11a810718bfbf2e81017a", + "public_key": "9caa593f680c373872e4980bf15d119b373966f0e6f11a810718bfbf2e81017a", + "amount": 1234 + }, + { + "out_point": "1-000011", + "secret_key": "3053020101300506032b6570042204203ec3e9ad312fdaf4ed144e2498c1439c4301c376eb08827f4eb2da360c34b5d7a12303210025564a3a9c22ce3300cbbbcacd030fde8ccc4b6fa38b4481bf4f76b01d537d4f", + "public_key": "25564a3a9c22ce3300cbbbcacd030fde8ccc4b6fa38b4481bf4f76b01d537d4f", + "amount": 1235 + } + ] + ], + "user_test_auto_gen_setup": { + "user_initial_transactions": [], + "_user_initial_transactions": [ + [ + { + "out_point": "0-000000", + "secret_key": "3053020101300506032b657004220420e2fa624994ec5c6f46e9a991ed8e8791c4d2ce2d7ed05a827bd45416e5a19555a123032100f4f0c1a951959e88fe343de5a2ebe7efbcb15422090b3549577f424db6851ca5", + "public_key": "f4f0c1a951959e88fe343de5a2ebe7efbcb15422090b3549577f424db6851ca5", + "amount": 2 + }, + { + "out_point": "0-000001", + "secret_key": "3053020101300506032b65700422042009784182e825fbd7e53333aa6b5f1d55bc19a992d5cf71253212264825bc89c8a123032100a80fc230590e38bd648dc6bc4b6019d39e841f78657ad5138f351a70b6165c43", + "public_key": "a80fc230590e38bd648dc6bc4b6019d39e841f78657ad5138f351a70b6165c43", + "amount": 5 + } + ] + ] + }, + "generated_keys": [ + { + "secret_key": "3053020101300506032b657004220420e2fa624994ec5c6f46e9a991ed8e8791c4d2ce2d7ed05a827bd45416e5a19555a123032100f4f0c1a951959e88fe343de5a2ebe7efbcb15422090b3549577f424db6851ca5", + "public_key": "f4f0c1a951959e88fe343de5a2ebe7efbcb15422090b3549577f424db6851ca5" + }, + { + "secret_key": "3053020101300506032b6570042204204484d9dda49dd72ba4b0a68a478111d983a78397f8e6cba348ed06ec41a909dba1230321004580540cfe5569cc7e9262ac9b555815c8e955f9f8ae659f1091e6dd9d68731a", + "public_key": "4580540cfe5569cc7e9262ac9b555815c8e955f9f8ae659f1091e6dd9d68731a" + }, + { + "secret_key": "3053020101300506032b657004220420c81822091474ae24a22922ee3ab87fefb838d59710cf1e5fe9e471bf55caa189a123032100a557309adf55ad3c1eee7fad684cffa30eef2bffcd6ae0a6736fe4cddd95cd51", + "public_key": "a557309adf55ad3c1eee7fad684cffa30eef2bffcd6ae0a6736fe4cddd95cd51" + }, + { + "secret_key": "3053020101300506032b65700422042068dca829734887fd5ee3c017b754eaf3a864afc04efe269cd7391be3541dcd5aa123032100951134d50fc2a0de62702108c035e0f1c3146aa722f5425ae92d49a68e3b23c5", + "public_key": "951134d50fc2a0de62702108c035e0f1c3146aa722f5425ae92d49a68e3b23c5" + }, + { + "secret_key": "3053020101300506032b657004220420ddd7806b4b26648c4187c395c4c1c3467f0d06a2afccebbc499fc74edd255d43a1230321005eafe054031eb556b8164f556d0ba1f3b4a149366794257697e6a4608dd13ada", + "public_key": "5eafe054031eb556b8164f556d0ba1f3b4a149366794257697e6a4608dd13ada" + }, + { + "secret_key": "3053020101300506032b65700422042009784182e825fbd7e53333aa6b5f1d55bc19a992d5cf71253212264825bc89c8a123032100a80fc230590e38bd648dc6bc4b6019d39e841f78657ad5138f351a70b6165c43", + "public_key": "a80fc230590e38bd648dc6bc4b6019d39e841f78657ad5138f351a70b6165c43" + }, + { + "secret_key": "3053020101300506032b6570042204200f49984bb4f0a1276af12b31b81245a47ba56ad4fd9aca163e056dea3ff00f73a123032100c111594923b43ddceb8031a5ac3dceeaba566dea24aa6119b62dcefb02ace5b8", + "public_key": "c111594923b43ddceb8031a5ac3dceeaba566dea24aa6119b62dcefb02ace5b8" + }, + { + "secret_key": "3053020101300506032b65700422042005c5098f18eb4a85676c167b89455af63709779e6e4bcddf250f20ec35b510b0a1230321009caa593f680c373872e4980bf15d119b373966f0e6f11a810718bfbf2e81017a", + "public_key": "9caa593f680c373872e4980bf15d119b373966f0e6f11a810718bfbf2e81017a" + }, + { + "secret_key": "3053020101300506032b6570042204203ec3e9ad312fdaf4ed144e2498c1439c4301c376eb08827f4eb2da360c34b5d7a12303210025564a3a9c22ce3300cbbbcacd030fde8ccc4b6fa38b4481bf4f76b01d537d4f", + "public_key": "25564a3a9c22ce3300cbbbcacd030fde8ccc4b6fa38b4481bf4f76b01d537d4f" + }, + { + "secret_key": "3053020101300506032b657004220420a1523e379f175c6b5843936605a263adefb219f4dbd3db97aeb550cbabcfa4caa12303210069bfaf94b4860503696e05ad10b929a1abbc87fcb0d35d9859d6fdf2fe79af03", + "public_key": "69bfaf94b4860503696e05ad10b929a1abbc87fcb0d35d9859d6fdf2fe79af03" + }, + { + "secret_key": "3053020101300506032b6570042204201cd87f8d2840351aadcb7e2482f38ab9b8c8c03ef043925f72c9d8c5bd2fc1fca12303210075e9af1934d46102baf1aa78a987771bf993bd3ef334d3677955e9f5efa4edfc", + "public_key": "75e9af1934d46102baf1aa78a987771bf993bd3ef334d3677955e9f5efa4edfc" + }, + { + "secret_key": "3053020101300506032b657004220420bd9c7482a3c8c473449e4cf007c3685bce25402ac33d1e1ac12440a7fb7c4572a123032100560862d7143695202334fae706a93f6bdae04a2962d2cdeb0aeb246c2df511a8", + "public_key": "560862d7143695202334fae706a93f6bdae04a2962d2cdeb0aeb246c2df511a8" + }, + { + "secret_key": "3053020101300506032b657004220420d511613be615e4aeed1b1aa70e315f214c2f8d4dab62c8fe89eb184f19c0f61fa1230321000804814edbdd3d5fc3d1a60a59a81d23f26c2fc502f23943f315629b13714704", + "public_key": "0804814edbdd3d5fc3d1a60a59a81d23f26c2fc502f23943f315629b137147" + }, + { + "secret_key": "3053020101300506032b657004220420ecaf7af4fee9f4d16b87d358e42f5a7601986cdb30bd635ae90913e86625a318a1230321009ff9f98bb3ddb95ecdd2d4f0b87594b300706135d5755c1a901dfb9b29ec6773", + "public_key": "9ff9f98bb3ddb95ecdd2d4f0b87594b300706135d5755c1a901dfb9b29ec6773" + }, + { + "secret_key": "3053020101300506032b6570042204205da342cf2fed19d3f398dc07d0490825f57c1e8727258299b31813131cbf260ea123032100ab7fa23583e4949bf34418795ddd724118364ba86d3c70509e6ad819b8945507", + "public_key": "ab7fa23583e4949bf34418795ddd724118364ba86d3c70509e6ad819b8945507" + } + ] +} \ No newline at end of file diff --git a/.docker/conf/node_settings.toml b/.docker/conf/node_settings.toml new file mode 100644 index 00000000..ab415d32 --- /dev/null +++ b/.docker/conf/node_settings.toml @@ -0,0 +1,43 @@ +compute_db_mode = { Test = 0 } +storage_db_mode = { Test = 0 } +miner_db_mode = { Test = 0 } +user_db_mode = { Test = 1000 } +user_api_port = 3000 +storage_api_port = 3001 +compute_api_port = 3003 +miner_api_port = 3004 +compute_raft = 1 +storage_raft = 1 +compute_partition_full_size = 1 +compute_minimum_miner_pool_len = 1 +compute_mining_event_timeout = 30000 +jurisdiction = "US" +backup_block_modulo = 4 +peer_limit = 1000 +#backup_restore = true + +[compute_unicorn_fixed_param] +modulus = "6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057151" +iterations = 2 +security = 1 + +[user_test_auto_gen_setup] +user_setup_tx_chunk_size = 5 +user_setup_tx_in_per_tx = 3 +user_setup_tx_max_count = 100000 + +#first node is leader +[[compute_nodes]] +address = "127.0.0.1:12300" + +[[storage_nodes]] +address = "127.0.0.1:12330" + +[[miner_nodes]] +address = "127.0.0.1:12340" + +[[user_nodes]] +address = "127.0.0.1:12360" + +[[user_nodes]] +address = "127.0.0.1:12361" \ No newline at end of file diff --git a/.docker/conf/tls_certificates.json b/.docker/conf/tls_certificates.json new file mode 100644 index 00000000..ec02c3ee --- /dev/null +++ b/.docker/conf/tls_certificates.json @@ -0,0 +1,11 @@ +{ + "file_comment": [ + "/// !!! AUTOGENERATED: DO NOT EDIT !!!", + "/// Generated with: src/bin/node_settings_gen_key_certs.sh" + ], + "tls_config": { + "pem_certificates": {}, + "pem_pkcs8_private_keys": {}, + "socket_name_mapping": {} + } +} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 00000000..a31b9c8b --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,24 @@ +name: build-deploy +on: + push: + branches: + - main + - initial-workflow + +permissions: + contents: read + packages: write + security-events: write + +jobs: + build: + uses: ablockofficial/platform/.github/workflows/build.yml@main + with: + REGISTRY: ${{ vars.REGISTRY }} + REPOSITORY: ${{ vars.REPOSITORY }} + scan-image: + uses: ablockofficial/platform/.github/workflows/scan-image.yml@main + secrets: inherit + needs: build + with: + IMAGE: ${{ vars.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} \ No newline at end of file diff --git a/Cargo.toml b/Cargo.toml index 6343ddea..c0b8b9ee 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -22,7 +22,7 @@ merkletree = "0.21.0" merkle-log = "0.0.3" moka = { version = "0.8.1", features = ["future"] } naom = { version = "1.3.0" } -keccak_prime = { git = "https://github.com/ABlockOfficial/Keccak-Prime" } +keccak_prime = { version = "0.1.0" } protobuf = "~2.0" raft = "0.5.0" rand = "0.7.3" diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..0b6a37cb --- /dev/null +++ b/Dockerfile @@ -0,0 +1,42 @@ +FROM rust:1.73.0-slim-bullseye AS chef + +RUN apt-get update && apt-get -y --no-install-recommends install git build-essential m4 llvm libclang-dev diffutils curl +RUN cargo install cargo-chef +WORKDIR /a-block +ENV CARGO_TARGET_DIR=/a-block + +FROM chef AS planner + +COPY . . +RUN cargo chef prepare --recipe-path recipe.json + +FROM chef AS builder +COPY --from=planner /a-block/recipe.json /a-block/recipe.json +RUN cargo chef cook --release --recipe-path /a-block/recipe.json +COPY . . +RUN cargo build --release + +# Use distroless +FROM cgr.dev/chainguard/glibc-dynamic:latest + +USER nonroot + +# Set these in the environment to override [use once we have env vars available] +ENV NODE_TYPE="compute" +ENV CONFIG="/etc/node_settings.toml" +ENV TLS_CONFIG="/etc/tls_certificates.json" +ENV INITIAL_BLOCK_CONFIG="/etc/initial_block.json" +ENV API_CONFIG="/etc/api_config.json" +ENV API_USE_TLS="0" +ENV COMPUTE_MINER_WHITELIST="/etc/compute_miner_whitelist.json" +ENV RUST_LOG=info,debug + +# Copy node bin +COPY --from=builder /a-block/release/node ./node + +# Default config for the node +COPY .docker/conf/* /etc/. + +ENTRYPOINT ["./node"] +CMD ["compute"] + diff --git a/src/bin/node/compute.rs b/src/bin/node/compute.rs index 3134303c..bb6242ff 100644 --- a/src/bin/node/compute.rs +++ b/src/bin/node/compute.rs @@ -125,40 +125,52 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { Arg::with_name("config") .long("config") .short("c") + .env("CONFIG") .help("Run the compute node using the given config file.") .takes_value(true), ) .arg( Arg::with_name("tls_config") .long("tls_config") + .env("TLS_CONFIG") .help("Use file to provide tls configuration options.") .takes_value(true), ) .arg( Arg::with_name("api_config") .long("api_config") + .env("API_CONFIG") .help("Use file to provide api configuration options.") .takes_value(true), ) .arg( Arg::with_name("api_port") .long("api_port") + .env("API_PORT") .help("The port to run the http API from") .takes_value(true), ) .arg( Arg::with_name("api_use_tls") .long("api_use_tls") - .env("ABLOCK_API_USE_TLS") + .env("API_USE_TLS") .help("Whether to use TLS for API: 0 to disable") .takes_value(true), ) .arg( Arg::with_name("initial_block_config") .long("initial_block_config") + .env("INITIAL_BLOCK_CONFIG") .help("Run the compute node using the given initial block config file.") .takes_value(true), ) + .arg( + Arg::with_name("compute_miner_whitelist") + .long("compute_miner_whitelist") + .env("COMPUTE_MINER_WHITELIST") + .help("Specify miner whitelist config for compute nodes.") + .takes_value(true), + ) .arg( Arg::with_name("index") .short("i") diff --git a/src/bin/node/miner.rs b/src/bin/node/miner.rs index c594b9fb..39eff6a0 100644 --- a/src/bin/node/miner.rs +++ b/src/bin/node/miner.rs @@ -226,43 +226,49 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { Arg::with_name("config") .long("config") .short("c") + .env("CONFIG") .help("Run the miner node using the given config file.") .takes_value(true), ) .arg( Arg::with_name("tls_config") .long("tls_config") + .env("TLS_CONFIG") .help("Use file to provide tls configuration options.") .takes_value(true), ) .arg( Arg::with_name("mining_api_key") .long("mining_api_key") + .env("MINING_API_KEY") .help("Use an API key to participate in mining.") .takes_value(true), ) .arg( Arg::with_name("initial_block_config") .long("initial_block_config") + .env("INITIAL_BLOCK_CONFIG") .help("Run the compute node using the given initial block config file.") .takes_value(true), ) .arg( Arg::with_name("api_config") .long("api_config") + .env("API_CONFIG") .help("Use file to provide api configuration options.") .takes_value(true), ) .arg( Arg::with_name("api_port") .long("api_port") + .env("API_PORT") .help("The port to run the http API from") .takes_value(true), ) .arg( Arg::with_name("api_use_tls") .long("api_use_tls") - .env("ABLOCK_API_USE_TLS") + .env("API_USE_TLS") .help("Whether to use TLS for API: 0 to disable") .takes_value(true), ) @@ -306,14 +312,14 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { .arg( Arg::with_name("tls_certificate_override") .long("tls_certificate_override") - .env("ABLOCK_TLS_CERTIFICATE") + .env("TLS_CERTIFICATE") .help("Use PEM certificate as a string to use for this node TLS certificate.") .takes_value(true), ) .arg( Arg::with_name("tls_private_key_override") .long("tls_private_key_override") - .env("ABLOCK_TLS_PRIVATE_KEY") + .env("TLS_PRIVATE_KEY") .help("Use PKCS8 private key as a string to use for this node TLS certificate.") .takes_value(true), ) diff --git a/src/bin/node/storage.rs b/src/bin/node/storage.rs index 234080df..77231a99 100644 --- a/src/bin/node/storage.rs +++ b/src/bin/node/storage.rs @@ -122,18 +122,21 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { Arg::with_name("config") .long("config") .short("c") + .env("CONFIG") .help("Run the storage node using the given config file.") .takes_value(true), ) .arg( Arg::with_name("tls_config") .long("tls_config") + .env("TLS_CONFIG") .help("Use file to provide tls configuration options.") .takes_value(true), ) .arg( Arg::with_name("api_config") .long("api_config") + .env("API_CONFIG") .help("Use file to provide api configuration options.") .takes_value(true), ) @@ -148,20 +151,21 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { Arg::with_name("api_port") .short("p") .long("api_port") + .env("API_PORT") .help("Run the API for the storage node as the specified port") .takes_value(true), ) .arg( Arg::with_name("api_use_tls") .long("api_use_tls") - .env("ABLOCK_API_USE_TLS") + .env("API_USE_TLS") .help("Whether to use TLS for API: 0 to disable") .takes_value(true), ) .arg( Arg::with_name("tls_private_key_override") .long("tls_private_key_override") - .env("ABLOCK_TLS_PRIVATE_KEY") + .env("TLS_PRIVATE_KEY") .help("Use PKCS8 private key as a string to use for this node TLS certificate.") .takes_value(true), ) diff --git a/src/bin/node/user.rs b/src/bin/node/user.rs index 6202ff61..eb87d4cd 100644 --- a/src/bin/node/user.rs +++ b/src/bin/node/user.rs @@ -102,37 +102,42 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { Arg::with_name("config") .long("config") .short("c") + .env("CONFIG") .help("Run the user node using the given config file.") .takes_value(true), ) .arg( Arg::with_name("tls_config") .long("tls_config") + .env("TLS_CONFIG") .help("Use file to provide tls configuration options.") .takes_value(true), ) .arg( Arg::with_name("initial_block_config") .long("initial_block_config") + .env("INITIAL_BLOCK_CONFIG") .help("Run the compute node using the given initial block config file.") .takes_value(true), ) .arg( Arg::with_name("api_config") .long("api_config") + .env("API_CONFIG") .help("Use file to provide api configuration options.") .takes_value(true), ) .arg( Arg::with_name("api_port") .long("api_port") + .env("API_PORT") .help("The port to run the http API from") .takes_value(true), ) .arg( Arg::with_name("api_use_tls") .long("api_use_tls") - .env("ABLOCK_API_USE_TLS") + .env("API_USE_TLS") .help("Whether to use TLS for API: 0 to disable") .takes_value(true), ) @@ -170,14 +175,14 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { .arg( Arg::with_name("tls_certificate_override") .long("tls_certificate_override") - .env("ABLOCK_TLS_CERTIFICATE") + .env("TLS_CERTIFICATE") .help("Use PEM certificate as a string to use for this node TLS certificate.") .takes_value(true), ) .arg( Arg::with_name("tls_private_key_override") .long("tls_private_key_override") - .env("ABLOCK_TLS_PRIVATE_KEY") + .env("TLS_PRIVATE_KEY") .help("Use PKCS8 private key as a string to use for this node TLS certificate.") .takes_value(true), ) diff --git a/src/db_utils.rs b/src/db_utils.rs index 6311b274..334b5028 100644 --- a/src/db_utils.rs +++ b/src/db_utils.rs @@ -577,7 +577,7 @@ fn check_old_includes_new<'a>( /// /// ### Arguments /// -/// * `db_moode` - Mode for the database. +/// * `db_mode` - Mode for the database. /// * `db_spec` - Database specification. /// * `old_db` - Old in memory Database to try to open. /// * `custom_db_spec` - Custom database specification.