@aztec/cli 0.0.1-commit.2eb6648a → 0.0.1-commit.2f68f620
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dest/cmds/aztec_node/block_number.js +1 -1
- package/dest/cmds/aztec_node/get_logs.d.ts +30 -4
- package/dest/cmds/aztec_node/get_logs.d.ts.map +1 -1
- package/dest/cmds/aztec_node/get_logs.js +39 -29
- package/dest/cmds/aztec_node/get_node_info.d.ts +1 -1
- package/dest/cmds/aztec_node/get_node_info.d.ts.map +1 -1
- package/dest/cmds/aztec_node/get_node_info.js +0 -2
- package/dest/cmds/aztec_node/index.d.ts +1 -1
- package/dest/cmds/aztec_node/index.d.ts.map +1 -1
- package/dest/cmds/aztec_node/index.js +13 -3
- package/dest/cmds/infrastructure/setup_l2_contract.d.ts +1 -1
- package/dest/cmds/infrastructure/setup_l2_contract.d.ts.map +1 -1
- package/dest/cmds/infrastructure/setup_l2_contract.js +8 -3
- package/dest/cmds/l1/deploy_l1_contracts_cmd.d.ts +1 -1
- package/dest/cmds/l1/deploy_l1_contracts_cmd.d.ts.map +1 -1
- package/dest/cmds/l1/deploy_l1_contracts_cmd.js +0 -1
- package/dest/cmds/l1/deploy_new_rollup.d.ts +1 -1
- package/dest/cmds/l1/deploy_new_rollup.d.ts.map +1 -1
- package/dest/cmds/l1/deploy_new_rollup.js +2 -4
- package/dest/cmds/l1/update_l1_validators.d.ts +1 -1
- package/dest/cmds/l1/update_l1_validators.d.ts.map +1 -1
- package/dest/cmds/l1/update_l1_validators.js +5 -6
- package/dest/cmds/validator_keys/eth_json_v3_worker.d.ts +2 -0
- package/dest/cmds/validator_keys/eth_json_v3_worker.d.ts.map +1 -0
- package/dest/cmds/validator_keys/eth_json_v3_worker.js +27 -0
- package/dest/cmds/validator_keys/index.d.ts +1 -1
- package/dest/cmds/validator_keys/index.d.ts.map +1 -1
- package/dest/cmds/validator_keys/index.js +2 -1
- package/dest/cmds/validator_keys/new.d.ts +6 -1
- package/dest/cmds/validator_keys/new.d.ts.map +1 -1
- package/dest/cmds/validator_keys/new.js +78 -8
- package/dest/cmds/validator_keys/shared.d.ts +1 -1
- package/dest/cmds/validator_keys/shared.d.ts.map +1 -1
- package/dest/cmds/validator_keys/shared.js +66 -23
- package/dest/config/cached_fetch.d.ts +19 -10
- package/dest/config/cached_fetch.d.ts.map +1 -1
- package/dest/config/cached_fetch.js +110 -32
- package/dest/config/chain_l2_config.d.ts +1 -1
- package/dest/config/chain_l2_config.d.ts.map +1 -1
- package/dest/config/chain_l2_config.js +3 -1
- package/dest/config/generated/networks.d.ts +67 -54
- package/dest/config/generated/networks.d.ts.map +1 -1
- package/dest/config/generated/networks.js +68 -55
- package/dest/config/network_config.d.ts +1 -1
- package/dest/config/network_config.d.ts.map +1 -1
- package/dest/config/network_config.js +6 -2
- package/dest/utils/aztec.d.ts +1 -2
- package/dest/utils/aztec.d.ts.map +1 -1
- package/dest/utils/aztec.js +2 -3
- package/dest/utils/commands.d.ts +14 -6
- package/dest/utils/commands.d.ts.map +1 -1
- package/dest/utils/commands.js +19 -9
- package/dest/utils/inspect.d.ts +1 -1
- package/dest/utils/inspect.d.ts.map +1 -1
- package/dest/utils/inspect.js +11 -11
- package/package.json +30 -30
- package/src/cmds/aztec_node/block_number.ts +1 -1
- package/src/cmds/aztec_node/get_logs.ts +70 -38
- package/src/cmds/aztec_node/get_node_info.ts +0 -2
- package/src/cmds/aztec_node/index.ts +13 -8
- package/src/cmds/infrastructure/setup_l2_contract.ts +8 -3
- package/src/cmds/l1/deploy_l1_contracts_cmd.ts +0 -1
- package/src/cmds/l1/deploy_new_rollup.ts +1 -3
- package/src/cmds/l1/update_l1_validators.ts +5 -6
- package/src/cmds/validator_keys/eth_json_v3_worker.ts +30 -0
- package/src/cmds/validator_keys/index.ts +18 -4
- package/src/cmds/validator_keys/new.ts +107 -8
- package/src/cmds/validator_keys/shared.ts +86 -34
- package/src/config/cached_fetch.ts +119 -31
- package/src/config/chain_l2_config.ts +3 -1
- package/src/config/generated/networks.ts +66 -53
- package/src/config/network_config.ts +6 -2
- package/src/utils/aztec.ts +12 -18
- package/src/utils/commands.ts +22 -9
- package/src/utils/inspect.ts +7 -8
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
import { Wallet } from '@ethersproject/wallet';
|
|
2
|
+
import { parentPort, workerData } from 'worker_threads';
|
|
3
|
+
|
|
4
|
+
type EthJsonV3WorkerData = {
|
|
5
|
+
privateKeyHex: string;
|
|
6
|
+
password: string;
|
|
7
|
+
};
|
|
8
|
+
|
|
9
|
+
type SerializedError = {
|
|
10
|
+
message: string;
|
|
11
|
+
name?: string;
|
|
12
|
+
stack?: string;
|
|
13
|
+
};
|
|
14
|
+
|
|
15
|
+
function serializeError(error: unknown): SerializedError {
|
|
16
|
+
if (error instanceof Error) {
|
|
17
|
+
return { message: error.message, name: error.name, stack: error.stack };
|
|
18
|
+
}
|
|
19
|
+
return { message: String(error) };
|
|
20
|
+
}
|
|
21
|
+
|
|
22
|
+
void (async () => {
|
|
23
|
+
try {
|
|
24
|
+
const { privateKeyHex, password } = workerData as EthJsonV3WorkerData;
|
|
25
|
+
const json = await new Wallet(privateKeyHex).encrypt(password);
|
|
26
|
+
parentPort?.postMessage({ json });
|
|
27
|
+
} catch (error) {
|
|
28
|
+
parentPort?.postMessage({ error: serializeError(error) });
|
|
29
|
+
}
|
|
30
|
+
})();
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import type { LogFn } from '@aztec/foundation/log';
|
|
2
2
|
|
|
3
|
-
import { Command } from 'commander';
|
|
3
|
+
import { Command, Option } from 'commander';
|
|
4
4
|
|
|
5
5
|
import { parseAztecAddress, parseEthereumAddress, parseHex, parseOptionalInteger } from '../../utils/commands.js';
|
|
6
6
|
import { defaultBlsPath } from './utils.js';
|
|
@@ -38,10 +38,24 @@ export function injectCommands(program: Command, log: LogFn) {
|
|
|
38
38
|
.option('--remote-signer <url>', 'Default remote signer URL for accounts in this file')
|
|
39
39
|
.option('--ikm <hex>', 'Initial keying material for BLS (alternative to mnemonic)', value => parseHex(value, 32))
|
|
40
40
|
.option('--bls-path <path>', `EIP-2334 path (default ${defaultBlsPath})`)
|
|
41
|
-
.
|
|
42
|
-
'--password <str>',
|
|
43
|
-
|
|
41
|
+
.addOption(
|
|
42
|
+
new Option('--password <str>', 'Shared password for writing ETH JSON V3 and BLS EIP-2335 keystore files').env(
|
|
43
|
+
'AZTEC_KEYSTORE_PASSWORD',
|
|
44
|
+
),
|
|
45
|
+
)
|
|
46
|
+
.option('--password-file <path>', 'File containing the shared password for writing keystore files')
|
|
47
|
+
.addOption(
|
|
48
|
+
new Option('--eth-password <str>', 'Password for writing ETH JSON V3 keystore files').env(
|
|
49
|
+
'AZTEC_ETH_KEYSTORE_PASSWORD',
|
|
50
|
+
),
|
|
51
|
+
)
|
|
52
|
+
.option('--eth-password-file <path>', 'File containing the password for writing ETH JSON V3 keystore files')
|
|
53
|
+
.addOption(
|
|
54
|
+
new Option('--bls-password <str>', 'Password for writing BLS EIP-2335 keystore files').env(
|
|
55
|
+
'AZTEC_BLS_KEYSTORE_PASSWORD',
|
|
56
|
+
),
|
|
44
57
|
)
|
|
58
|
+
.option('--bls-password-file <path>', 'File containing the password for writing BLS EIP-2335 keystore files')
|
|
45
59
|
.option('--encrypted-keystore-dir <dir>', 'Output directory for encrypted keystore file(s)')
|
|
46
60
|
.option('--json', 'Echo resulting JSON to stdout')
|
|
47
61
|
.option('--staker-output', 'Generate a single staker output JSON file with an array of validator entries')
|
|
@@ -6,7 +6,7 @@ import type { LogFn } from '@aztec/foundation/log';
|
|
|
6
6
|
import type { AztecAddress } from '@aztec/stdlib/aztec-address';
|
|
7
7
|
|
|
8
8
|
import { wordlist } from '@scure/bip39/wordlists/english.js';
|
|
9
|
-
import { writeFile } from 'fs/promises';
|
|
9
|
+
import { readFile, writeFile } from 'fs/promises';
|
|
10
10
|
import { basename, dirname, join } from 'path';
|
|
11
11
|
import { createPublicClient, fallback, http } from 'viem';
|
|
12
12
|
import { generateMnemonic, mnemonicToAccount } from 'viem/accounts';
|
|
@@ -42,6 +42,11 @@ export type NewValidatorKeystoreOptions = {
|
|
|
42
42
|
ikm?: string;
|
|
43
43
|
blsPath?: string;
|
|
44
44
|
password?: string;
|
|
45
|
+
passwordFile?: string;
|
|
46
|
+
ethPassword?: string;
|
|
47
|
+
ethPasswordFile?: string;
|
|
48
|
+
blsPassword?: string;
|
|
49
|
+
blsPasswordFile?: string;
|
|
45
50
|
encryptedKeystoreDir?: string;
|
|
46
51
|
json?: boolean;
|
|
47
52
|
feeRecipient: AztecAddress;
|
|
@@ -53,6 +58,86 @@ export type NewValidatorKeystoreOptions = {
|
|
|
53
58
|
l1ChainId?: number;
|
|
54
59
|
};
|
|
55
60
|
|
|
61
|
+
type PasswordSourceOptions = Pick<
|
|
62
|
+
NewValidatorKeystoreOptions,
|
|
63
|
+
'password' | 'passwordFile' | 'ethPassword' | 'ethPasswordFile' | 'blsPassword' | 'blsPasswordFile'
|
|
64
|
+
>;
|
|
65
|
+
|
|
66
|
+
type PasswordSource = {
|
|
67
|
+
password?: string;
|
|
68
|
+
passwordFile?: string;
|
|
69
|
+
passwordOption: string;
|
|
70
|
+
passwordFileOption: string;
|
|
71
|
+
};
|
|
72
|
+
|
|
73
|
+
function validatePassword(password: string, source: string): string {
|
|
74
|
+
if (password.length === 0) {
|
|
75
|
+
throw new Error(`${source} cannot be empty`);
|
|
76
|
+
}
|
|
77
|
+
return password;
|
|
78
|
+
}
|
|
79
|
+
|
|
80
|
+
function stripOneTrailingNewline(password: string): string {
|
|
81
|
+
if (password.endsWith('\n')) {
|
|
82
|
+
password = password.slice(0, -1);
|
|
83
|
+
}
|
|
84
|
+
if (password.endsWith('\r')) {
|
|
85
|
+
password = password.slice(0, -1);
|
|
86
|
+
}
|
|
87
|
+
return password;
|
|
88
|
+
}
|
|
89
|
+
|
|
90
|
+
async function resolvePasswordSource(source: PasswordSource): Promise<string | undefined> {
|
|
91
|
+
if (source.password !== undefined && source.passwordFile !== undefined) {
|
|
92
|
+
throw new Error(`${source.passwordOption} and ${source.passwordFileOption} cannot be used together`);
|
|
93
|
+
}
|
|
94
|
+
if (source.password !== undefined) {
|
|
95
|
+
return validatePassword(source.password, source.passwordOption);
|
|
96
|
+
}
|
|
97
|
+
if (source.passwordFile !== undefined) {
|
|
98
|
+
if (source.passwordFile.length === 0) {
|
|
99
|
+
throw new Error(`${source.passwordFileOption} cannot be empty`);
|
|
100
|
+
}
|
|
101
|
+
const password = stripOneTrailingNewline(await readFile(source.passwordFile, 'utf-8'));
|
|
102
|
+
return validatePassword(password, source.passwordFileOption);
|
|
103
|
+
}
|
|
104
|
+
|
|
105
|
+
return undefined;
|
|
106
|
+
}
|
|
107
|
+
|
|
108
|
+
async function resolvePasswords(options: PasswordSourceOptions) {
|
|
109
|
+
const sharedPassword = await resolvePasswordSource({
|
|
110
|
+
password: options.password,
|
|
111
|
+
passwordFile: options.passwordFile,
|
|
112
|
+
passwordOption: '--password',
|
|
113
|
+
passwordFileOption: '--password-file',
|
|
114
|
+
});
|
|
115
|
+
const ethPassword =
|
|
116
|
+
(await resolvePasswordSource({
|
|
117
|
+
password: options.ethPassword,
|
|
118
|
+
passwordFile: options.ethPasswordFile,
|
|
119
|
+
passwordOption: '--eth-password',
|
|
120
|
+
passwordFileOption: '--eth-password-file',
|
|
121
|
+
})) ?? sharedPassword;
|
|
122
|
+
const blsPassword =
|
|
123
|
+
(await resolvePasswordSource({
|
|
124
|
+
password: options.blsPassword,
|
|
125
|
+
passwordFile: options.blsPasswordFile,
|
|
126
|
+
passwordOption: '--bls-password',
|
|
127
|
+
passwordFileOption: '--bls-password-file',
|
|
128
|
+
})) ?? sharedPassword;
|
|
129
|
+
|
|
130
|
+
if (ethPassword === undefined && blsPassword === undefined) {
|
|
131
|
+
return {};
|
|
132
|
+
}
|
|
133
|
+
if (ethPassword === undefined || blsPassword === undefined) {
|
|
134
|
+
throw new Error(
|
|
135
|
+
'Both ETH and BLS passwords are required when writing encrypted keystores. Provide --password to use one password for both, or provide both --eth-password and --bls-password.',
|
|
136
|
+
);
|
|
137
|
+
}
|
|
138
|
+
return { ethPassword, blsPassword };
|
|
139
|
+
}
|
|
140
|
+
|
|
56
141
|
export async function newValidatorKeystore(options: NewValidatorKeystoreOptions, log: LogFn) {
|
|
57
142
|
// validate bls-path inputs before proceeding with key generation
|
|
58
143
|
validateBlsPathOptions(options);
|
|
@@ -78,7 +163,12 @@ export async function newValidatorKeystore(options: NewValidatorKeystoreOptions,
|
|
|
78
163
|
blsPath,
|
|
79
164
|
ikm,
|
|
80
165
|
mnemonic: _mnemonic,
|
|
81
|
-
password,
|
|
166
|
+
password: passwordOption,
|
|
167
|
+
passwordFile,
|
|
168
|
+
ethPassword: ethPasswordOption,
|
|
169
|
+
ethPasswordFile,
|
|
170
|
+
blsPassword: blsPasswordOption,
|
|
171
|
+
blsPasswordFile,
|
|
82
172
|
encryptedKeystoreDir,
|
|
83
173
|
stakerOutput,
|
|
84
174
|
gseAddress,
|
|
@@ -86,9 +176,18 @@ export async function newValidatorKeystore(options: NewValidatorKeystoreOptions,
|
|
|
86
176
|
l1ChainId,
|
|
87
177
|
} = options;
|
|
88
178
|
|
|
179
|
+
const { ethPassword, blsPassword } = await resolvePasswords({
|
|
180
|
+
password: passwordOption,
|
|
181
|
+
passwordFile,
|
|
182
|
+
ethPassword: ethPasswordOption,
|
|
183
|
+
ethPasswordFile,
|
|
184
|
+
blsPassword: blsPasswordOption,
|
|
185
|
+
blsPasswordFile,
|
|
186
|
+
});
|
|
187
|
+
const shouldEncryptKeystores = ethPassword !== undefined && blsPassword !== undefined;
|
|
89
188
|
const mnemonic = _mnemonic ?? generateMnemonic(wordlist);
|
|
90
189
|
|
|
91
|
-
if (!_mnemonic && !json) {
|
|
190
|
+
if (!_mnemonic && !json && !shouldEncryptKeystores) {
|
|
92
191
|
log('No mnemonic provided, generating new one...');
|
|
93
192
|
log(`Using new mnemonic:`);
|
|
94
193
|
log('');
|
|
@@ -115,11 +214,11 @@ export async function newValidatorKeystore(options: NewValidatorKeystoreOptions,
|
|
|
115
214
|
});
|
|
116
215
|
|
|
117
216
|
// If password provided, write ETH JSON V3 and BLS BN254 keystores and replace plaintext
|
|
118
|
-
if (
|
|
217
|
+
if (shouldEncryptKeystores) {
|
|
119
218
|
const encryptedKeystoreOutDir =
|
|
120
219
|
encryptedKeystoreDir && encryptedKeystoreDir.length > 0 ? encryptedKeystoreDir : keystoreOutDir;
|
|
121
|
-
await writeEthJsonV3ToFile(validators, { outDir: encryptedKeystoreOutDir, password });
|
|
122
|
-
await writeBlsBn254ToFile(validators, { outDir: encryptedKeystoreOutDir, password });
|
|
220
|
+
await writeEthJsonV3ToFile(validators, { outDir: encryptedKeystoreOutDir, password: ethPassword });
|
|
221
|
+
await writeBlsBn254ToFile(validators, { outDir: encryptedKeystoreOutDir, password: blsPassword });
|
|
123
222
|
}
|
|
124
223
|
|
|
125
224
|
const keystore = {
|
|
@@ -145,7 +244,7 @@ export async function newValidatorKeystore(options: NewValidatorKeystoreOptions,
|
|
|
145
244
|
// Process each validator
|
|
146
245
|
for (let i = 0; i < validators.length; i++) {
|
|
147
246
|
const validator = validators[i];
|
|
148
|
-
const outputs = await processAttesterAccounts(validator.attester, gse
|
|
247
|
+
const outputs = await processAttesterAccounts(validator.attester, gse);
|
|
149
248
|
|
|
150
249
|
// Collect all staker outputs
|
|
151
250
|
for (let j = 0; j < outputs.length; j++) {
|
|
@@ -160,7 +259,7 @@ export async function newValidatorKeystore(options: NewValidatorKeystoreOptions,
|
|
|
160
259
|
}
|
|
161
260
|
}
|
|
162
261
|
|
|
163
|
-
const outputData = !_mnemonic ? { ...keystore, generatedMnemonic: mnemonic } : keystore;
|
|
262
|
+
const outputData = !_mnemonic && !shouldEncryptKeystores ? { ...keystore, generatedMnemonic: mnemonic } : keystore;
|
|
164
263
|
|
|
165
264
|
// Handle JSON output
|
|
166
265
|
if (json) {
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { prettyPrintJSON } from '@aztec/cli/utils';
|
|
2
|
+
import { asyncPool } from '@aztec/foundation/async-pool';
|
|
2
3
|
import { deriveBlsPrivateKey } from '@aztec/foundation/crypto/bls';
|
|
3
4
|
import { createBn254Keystore } from '@aztec/foundation/crypto/bls/bn254_keystore';
|
|
4
5
|
import { computeBn254G1PublicKeyCompressed } from '@aztec/foundation/crypto/bn254';
|
|
@@ -10,12 +11,60 @@ import type { AztecAddress } from '@aztec/stdlib/aztec-address';
|
|
|
10
11
|
import { Wallet } from '@ethersproject/wallet';
|
|
11
12
|
import { constants as fsConstants, mkdirSync } from 'fs';
|
|
12
13
|
import { access, writeFile } from 'fs/promises';
|
|
13
|
-
import { homedir } from 'os';
|
|
14
|
+
import { availableParallelism, homedir } from 'os';
|
|
14
15
|
import { dirname, isAbsolute, join } from 'path';
|
|
15
16
|
import { mnemonicToAccount } from 'viem/accounts';
|
|
17
|
+
import { Worker } from 'worker_threads';
|
|
16
18
|
|
|
17
19
|
import { defaultBlsPath } from './utils.js';
|
|
18
20
|
|
|
21
|
+
type EthJsonV3WorkerResult = { json: string } | { error: { message: string; name?: string; stack?: string } };
|
|
22
|
+
|
|
23
|
+
// ethers' default scrypt parameters use substantial memory, so keep worker fan-out bounded.
|
|
24
|
+
const maxEthKeystoreWorkers = Math.max(1, Math.min(4, availableParallelism()));
|
|
25
|
+
|
|
26
|
+
function deserializeWorkerError(error: { message: string; name?: string; stack?: string }) {
|
|
27
|
+
const result = new Error(error.message);
|
|
28
|
+
result.name = error.name ?? result.name;
|
|
29
|
+
result.stack = error.stack;
|
|
30
|
+
return result;
|
|
31
|
+
}
|
|
32
|
+
|
|
33
|
+
function encryptEthJsonV3InWorker(privateKeyHex: string, password: string): Promise<string> {
|
|
34
|
+
return new Promise<string>((resolve, reject) => {
|
|
35
|
+
const worker = new Worker(new URL('./eth_json_v3_worker.js', import.meta.url), {
|
|
36
|
+
workerData: { privateKeyHex, password },
|
|
37
|
+
});
|
|
38
|
+
let settled = false;
|
|
39
|
+
|
|
40
|
+
worker.once('message', (result: EthJsonV3WorkerResult) => {
|
|
41
|
+
settled = true;
|
|
42
|
+
|
|
43
|
+
if ('json' in result) {
|
|
44
|
+
resolve(result.json);
|
|
45
|
+
} else {
|
|
46
|
+
reject(deserializeWorkerError(result.error));
|
|
47
|
+
}
|
|
48
|
+
});
|
|
49
|
+
worker.once('error', error => {
|
|
50
|
+
settled = true;
|
|
51
|
+
reject(error);
|
|
52
|
+
});
|
|
53
|
+
worker.once('exit', code => {
|
|
54
|
+
if (!settled) {
|
|
55
|
+
reject(new Error(`ETH JSON V3 worker stopped with exit code ${code}`));
|
|
56
|
+
}
|
|
57
|
+
});
|
|
58
|
+
});
|
|
59
|
+
}
|
|
60
|
+
|
|
61
|
+
async function encryptEthJsonV3(privateKeyHex: string, password: string): Promise<string> {
|
|
62
|
+
if (process.env.JEST_WORKER_ID !== undefined) {
|
|
63
|
+
return await new Wallet(privateKeyHex).encrypt(password);
|
|
64
|
+
}
|
|
65
|
+
return await encryptEthJsonV3InWorker(privateKeyHex, password);
|
|
66
|
+
}
|
|
67
|
+
|
|
19
68
|
export type ValidatorSummary = { attesterEth?: string; attesterBls?: string; publisherEth?: string[] };
|
|
20
69
|
|
|
21
70
|
export type BuildValidatorsInput = {
|
|
@@ -228,7 +277,7 @@ export async function writeBn254BlsKeystore(
|
|
|
228
277
|
): Promise<string> {
|
|
229
278
|
mkdirSync(outDir, { recursive: true });
|
|
230
279
|
|
|
231
|
-
const keystore = createBn254Keystore(password, privateKeyHex, pubkeyHex, derivationPath);
|
|
280
|
+
const keystore = await createBn254Keystore(password, privateKeyHex, pubkeyHex, derivationPath);
|
|
232
281
|
|
|
233
282
|
const safeBase = fileNameBase.replace(/[^a-zA-Z0-9_-]/g, '_');
|
|
234
283
|
const outPath = join(outDir, `keystore-${safeBase}.json`);
|
|
@@ -241,28 +290,29 @@ export async function writeBlsBn254ToFile(
|
|
|
241
290
|
validators: ValidatorKeyStore[],
|
|
242
291
|
options: { outDir: string; password: string; blsPath?: string },
|
|
243
292
|
): Promise<void> {
|
|
244
|
-
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
293
|
+
await Promise.all(
|
|
294
|
+
validators.map(async (v, i) => {
|
|
295
|
+
if (!v || typeof v !== 'object' || !('attester' in v)) {
|
|
296
|
+
return;
|
|
297
|
+
}
|
|
298
|
+
const att = (v as any).attester;
|
|
250
299
|
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
300
|
+
// Shapes: { bls: <hex> } or { eth: <ethAccount>, bls?: <hex> } or plain EthAccount
|
|
301
|
+
const blsKey: string | undefined = typeof att === 'object' && 'bls' in att ? (att as any).bls : undefined;
|
|
302
|
+
if (!blsKey || typeof blsKey !== 'string') {
|
|
303
|
+
return;
|
|
304
|
+
}
|
|
256
305
|
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
306
|
+
const pub = await computeBlsPublicKeyCompressed(blsKey);
|
|
307
|
+
const path = options.blsPath ?? defaultBlsPath;
|
|
308
|
+
const fileBase = `${String(i + 1)}_${pub.slice(2, 18)}`;
|
|
309
|
+
const keystorePath = await writeBn254BlsKeystore(options.outDir, fileBase, options.password, blsKey, pub, path);
|
|
261
310
|
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
311
|
+
if (typeof att === 'object') {
|
|
312
|
+
(att as any).bls = { path: keystorePath, password: options.password };
|
|
313
|
+
}
|
|
314
|
+
}),
|
|
315
|
+
);
|
|
266
316
|
}
|
|
267
317
|
|
|
268
318
|
/** Writes an Ethereum JSON V3 keystore using ethers, returns absolute path */
|
|
@@ -274,8 +324,7 @@ export async function writeEthJsonV3Keystore(
|
|
|
274
324
|
): Promise<string> {
|
|
275
325
|
const safeBase = fileNameBase.replace(/[^a-zA-Z0-9_-]/g, '_');
|
|
276
326
|
mkdirSync(outDir, { recursive: true });
|
|
277
|
-
const
|
|
278
|
-
const json = await wallet.encrypt(password);
|
|
327
|
+
const json = await encryptEthJsonV3(privateKeyHex, password);
|
|
279
328
|
const outPath = join(outDir, `keystore-eth-${safeBase}.json`);
|
|
280
329
|
await writeFile(outPath, json, { encoding: 'utf-8' });
|
|
281
330
|
return outPath;
|
|
@@ -286,13 +335,16 @@ export async function writeEthJsonV3ToFile(
|
|
|
286
335
|
validators: ValidatorKeyStore[],
|
|
287
336
|
options: { outDir: string; password: string },
|
|
288
337
|
): Promise<void> {
|
|
289
|
-
const
|
|
338
|
+
const tasks: (() => Promise<void>)[] = [];
|
|
339
|
+
|
|
340
|
+
const maybeQueueEncryptEth = (account: any, label: string, setEncryptedAccount: (account: any) => void) => {
|
|
290
341
|
if (typeof account === 'string' && account.startsWith('0x') && account.length === 66) {
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
342
|
+
tasks.push(async () => {
|
|
343
|
+
const fileBase = `${label}_${account.slice(2, 10)}`;
|
|
344
|
+
const path = await writeEthJsonV3Keystore(options.outDir, fileBase, options.password, account);
|
|
345
|
+
setEncryptedAccount({ path, password: options.password });
|
|
346
|
+
});
|
|
294
347
|
}
|
|
295
|
-
return account;
|
|
296
348
|
};
|
|
297
349
|
|
|
298
350
|
for (let i = 0; i < validators.length; i++) {
|
|
@@ -304,23 +356,23 @@ export async function writeEthJsonV3ToFile(
|
|
|
304
356
|
// attester may be string (eth), object with eth, or remote signer
|
|
305
357
|
const att = (v as any).attester;
|
|
306
358
|
if (typeof att === 'string') {
|
|
307
|
-
(
|
|
359
|
+
maybeQueueEncryptEth(att, `attester_${i + 1}`, account => ((v as any).attester = account));
|
|
308
360
|
} else if (att && typeof att === 'object' && 'eth' in att) {
|
|
309
|
-
(att as any).eth
|
|
361
|
+
maybeQueueEncryptEth((att as any).eth, `attester_${i + 1}`, account => ((att as any).eth = account));
|
|
310
362
|
}
|
|
311
363
|
|
|
312
364
|
// publisher can be single or array
|
|
313
365
|
if ('publisher' in v) {
|
|
314
366
|
const pub = (v as any).publisher;
|
|
315
367
|
if (Array.isArray(pub)) {
|
|
316
|
-
const out: any[] = [];
|
|
317
368
|
for (let j = 0; j < pub.length; j++) {
|
|
318
|
-
|
|
369
|
+
maybeQueueEncryptEth(pub[j], `publisher_${i + 1}_${j + 1}`, account => (pub[j] = account));
|
|
319
370
|
}
|
|
320
|
-
(v as any).publisher = out;
|
|
321
371
|
} else if (pub !== undefined) {
|
|
322
|
-
(
|
|
372
|
+
maybeQueueEncryptEth(pub, `publisher_${i + 1}`, account => ((v as any).publisher = account));
|
|
323
373
|
}
|
|
324
374
|
}
|
|
325
375
|
}
|
|
376
|
+
|
|
377
|
+
await asyncPool(maxEthKeystoreWorkers, tasks, task => task());
|
|
326
378
|
}
|
|
@@ -1,24 +1,48 @@
|
|
|
1
1
|
import { createLogger } from '@aztec/aztec.js/log';
|
|
2
2
|
|
|
3
|
-
import { mkdir, readFile,
|
|
3
|
+
import { mkdir, readFile, writeFile } from 'fs/promises';
|
|
4
4
|
import { dirname } from 'path';
|
|
5
5
|
|
|
6
6
|
export interface CachedFetchOptions {
|
|
7
|
-
/**
|
|
8
|
-
cacheDurationMs: number;
|
|
9
|
-
/** The cache file */
|
|
7
|
+
/** The cache file path for storing data. If not provided, no caching is performed. */
|
|
10
8
|
cacheFile?: string;
|
|
9
|
+
/** Fallback max-age in milliseconds when server sends no Cache-Control header. Defaults to 5 minutes. */
|
|
10
|
+
defaultMaxAgeMs?: number;
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
/** Cache metadata stored in a sidecar .meta file alongside the data file. */
|
|
14
|
+
interface CacheMeta {
|
|
15
|
+
etag?: string;
|
|
16
|
+
expiresAt: number;
|
|
17
|
+
}
|
|
18
|
+
|
|
19
|
+
const DEFAULT_MAX_AGE_MS = 5 * 60 * 1000; // 5 minutes
|
|
20
|
+
|
|
21
|
+
/** Extracts max-age value in milliseconds from a Response's Cache-Control header. Returns undefined if not present. */
|
|
22
|
+
export function parseMaxAge(response: { headers: { get(name: string): string | null } }): number | undefined {
|
|
23
|
+
const cacheControl = response.headers.get('cache-control');
|
|
24
|
+
if (!cacheControl) {
|
|
25
|
+
return undefined;
|
|
26
|
+
}
|
|
27
|
+
const match = cacheControl.match(/max-age=(\d+)/);
|
|
28
|
+
if (!match) {
|
|
29
|
+
return undefined;
|
|
30
|
+
}
|
|
31
|
+
return parseInt(match[1], 10) * 1000;
|
|
11
32
|
}
|
|
12
33
|
|
|
13
34
|
/**
|
|
14
|
-
* Fetches data from a URL with file-based caching
|
|
15
|
-
*
|
|
35
|
+
* Fetches data from a URL with file-based HTTP conditional caching.
|
|
36
|
+
*
|
|
37
|
+
* Data is stored as raw JSON in the cache file (same format as the server returns).
|
|
38
|
+
* Caching metadata (ETag, expiry) is stored in a separate sidecar `.meta` file.
|
|
39
|
+
* This keeps the data file human-readable and backward-compatible with older code.
|
|
16
40
|
*
|
|
17
41
|
* @param url - The URL to fetch from
|
|
18
|
-
* @param
|
|
19
|
-
* @param
|
|
20
|
-
* @param
|
|
21
|
-
* @returns The fetched and parsed JSON data, or undefined if fetch fails
|
|
42
|
+
* @param options - Caching options
|
|
43
|
+
* @param fetch - Fetch implementation (defaults to globalThis.fetch)
|
|
44
|
+
* @param log - Logger instance
|
|
45
|
+
* @returns The fetched and parsed JSON data, or undefined if fetch fails
|
|
22
46
|
*/
|
|
23
47
|
export async function cachedFetch<T = any>(
|
|
24
48
|
url: string,
|
|
@@ -26,42 +50,106 @@ export async function cachedFetch<T = any>(
|
|
|
26
50
|
fetch = globalThis.fetch,
|
|
27
51
|
log = createLogger('cached_fetch'),
|
|
28
52
|
): Promise<T | undefined> {
|
|
29
|
-
const {
|
|
53
|
+
const { cacheFile, defaultMaxAgeMs = DEFAULT_MAX_AGE_MS } = options;
|
|
54
|
+
|
|
55
|
+
// If no cacheFile, just fetch normally without caching
|
|
56
|
+
if (!cacheFile) {
|
|
57
|
+
return fetchAndParse<T>(url, fetch, log);
|
|
58
|
+
}
|
|
59
|
+
|
|
60
|
+
const metaFile = cacheFile + '.meta';
|
|
30
61
|
|
|
31
|
-
// Try to read
|
|
62
|
+
// Try to read metadata
|
|
63
|
+
let meta: CacheMeta | undefined;
|
|
32
64
|
try {
|
|
33
|
-
|
|
34
|
-
const info = await stat(cacheFile);
|
|
35
|
-
if (info.mtimeMs + cacheDurationMs > Date.now()) {
|
|
36
|
-
const cachedData = JSON.parse(await readFile(cacheFile, 'utf-8'));
|
|
37
|
-
return cachedData;
|
|
38
|
-
}
|
|
39
|
-
}
|
|
65
|
+
meta = JSON.parse(await readFile(metaFile, 'utf-8'));
|
|
40
66
|
} catch {
|
|
41
|
-
log.trace('
|
|
67
|
+
log.trace('No usable cache metadata found');
|
|
42
68
|
}
|
|
43
69
|
|
|
70
|
+
// Try to read cached data
|
|
71
|
+
let cachedData: T | undefined;
|
|
44
72
|
try {
|
|
45
|
-
|
|
73
|
+
cachedData = JSON.parse(await readFile(cacheFile, 'utf-8'));
|
|
74
|
+
} catch {
|
|
75
|
+
log.trace('No usable cached data found');
|
|
76
|
+
}
|
|
77
|
+
|
|
78
|
+
// If metadata and data exist and cache is fresh, return directly
|
|
79
|
+
if (meta && cachedData !== undefined && meta.expiresAt > Date.now()) {
|
|
80
|
+
return cachedData;
|
|
81
|
+
}
|
|
82
|
+
|
|
83
|
+
// Cache is stale or missing — make a (possibly conditional) request
|
|
84
|
+
try {
|
|
85
|
+
const headers: Record<string, string> = {};
|
|
86
|
+
if (meta?.etag && cachedData !== undefined) {
|
|
87
|
+
headers['If-None-Match'] = meta.etag;
|
|
88
|
+
}
|
|
89
|
+
|
|
90
|
+
const response = await fetch(url, { headers });
|
|
91
|
+
|
|
92
|
+
if (response.status === 304 && cachedData !== undefined) {
|
|
93
|
+
// Not modified — recompute expiry from new response headers and return cached data
|
|
94
|
+
const maxAgeMs = parseMaxAge(response) ?? defaultMaxAgeMs;
|
|
95
|
+
await writeMetaFile(metaFile, { etag: meta?.etag, expiresAt: Date.now() + maxAgeMs }, log);
|
|
96
|
+
return cachedData;
|
|
97
|
+
}
|
|
98
|
+
|
|
46
99
|
if (!response.ok) {
|
|
47
100
|
log.warn(`Failed to fetch from ${url}: ${response.status} ${response.statusText}`);
|
|
48
|
-
return
|
|
101
|
+
return cachedData;
|
|
49
102
|
}
|
|
50
103
|
|
|
51
|
-
|
|
104
|
+
// 200 — parse new data and cache it
|
|
105
|
+
const data = (await response.json()) as T;
|
|
106
|
+
const maxAgeMs = parseMaxAge(response) ?? defaultMaxAgeMs;
|
|
107
|
+
const etag = response.headers.get('etag') ?? undefined;
|
|
52
108
|
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
} catch (err) {
|
|
59
|
-
log.warn('Failed to cache data on disk: ' + cacheFile, { cacheFile, err });
|
|
60
|
-
}
|
|
109
|
+
await ensureDir(cacheFile, log);
|
|
110
|
+
await Promise.all([
|
|
111
|
+
writeFile(cacheFile, JSON.stringify(data), 'utf-8'),
|
|
112
|
+
writeFile(metaFile, JSON.stringify({ etag, expiresAt: Date.now() + maxAgeMs }), 'utf-8'),
|
|
113
|
+
]);
|
|
61
114
|
|
|
62
115
|
return data;
|
|
116
|
+
} catch (err) {
|
|
117
|
+
log.warn(`Failed to fetch from ${url}`, { err });
|
|
118
|
+
return cachedData;
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
|
|
122
|
+
async function fetchAndParse<T>(
|
|
123
|
+
url: string,
|
|
124
|
+
fetch: typeof globalThis.fetch,
|
|
125
|
+
log: ReturnType<typeof createLogger>,
|
|
126
|
+
): Promise<T | undefined> {
|
|
127
|
+
try {
|
|
128
|
+
const response = await fetch(url);
|
|
129
|
+
if (!response.ok) {
|
|
130
|
+
log.warn(`Failed to fetch from ${url}: ${response.status} ${response.statusText}`);
|
|
131
|
+
return undefined;
|
|
132
|
+
}
|
|
133
|
+
return (await response.json()) as T;
|
|
63
134
|
} catch (err) {
|
|
64
135
|
log.warn(`Failed to fetch from ${url}`, { err });
|
|
65
136
|
return undefined;
|
|
66
137
|
}
|
|
67
138
|
}
|
|
139
|
+
|
|
140
|
+
async function ensureDir(filePath: string, log: ReturnType<typeof createLogger>) {
|
|
141
|
+
try {
|
|
142
|
+
await mkdir(dirname(filePath), { recursive: true });
|
|
143
|
+
} catch (err) {
|
|
144
|
+
log.warn('Failed to create cache directory for: ' + filePath, { err });
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
|
|
148
|
+
async function writeMetaFile(metaFile: string, meta: CacheMeta, log: ReturnType<typeof createLogger>) {
|
|
149
|
+
try {
|
|
150
|
+
await mkdir(dirname(metaFile), { recursive: true });
|
|
151
|
+
await writeFile(metaFile, JSON.stringify(meta), 'utf-8');
|
|
152
|
+
} catch (err) {
|
|
153
|
+
log.warn('Failed to write cache metadata: ' + metaFile, { err });
|
|
154
|
+
}
|
|
155
|
+
}
|
|
@@ -45,7 +45,9 @@ export function enrichEnvironmentWithChainName(networkName: NetworkNames) {
|
|
|
45
45
|
}
|
|
46
46
|
|
|
47
47
|
// Apply generated network config from defaults.yml
|
|
48
|
-
|
|
48
|
+
// For devnet iterations (v4-devnet-1, etc.), use the base devnet config
|
|
49
|
+
const configKey = /^v\d+-devnet-\d+$/.test(networkName) ? 'devnet' : networkName;
|
|
50
|
+
const generatedConfig = NetworkConfigs[configKey];
|
|
49
51
|
if (generatedConfig) {
|
|
50
52
|
enrichEnvironmentWithNetworkConfig(generatedConfig);
|
|
51
53
|
}
|