@devtion/actions 0.0.0-270e9e0 → 0.0.0-2ed8e18

package/src/helpers/utils.ts

@@ -1,18 +1,18 @@
 import { Firestore } from "firebase/firestore"
-import fs, { ReadPosition } from "fs"
+import fs, { ReadPosition, createWriteStream } from "fs"
 import { utils as ffUtils } from "ffjavascript"
 import winston, { Logger } from "winston"
-import { S3Client, GetObjectCommand, HeadObjectCommand } from "@aws-sdk/client-s3"
-import { 
-    CircuitMetadata, 
-    Contribution, 
-    CircuitDocument, 
+import fetch from "@adobe/node-fetch-retry"
+import {
+    CircuitMetadata,
+    Contribution,
+    CircuitDocument,
     CircuitInputData,
-    ContributionValidity, 
-    FirebaseDocumentInfo, 
-    SetupCeremonyData, 
+    ContributionValidity,
+    FirebaseDocumentInfo,
+    SetupCeremonyData,
     CeremonySetupTemplate,
-    CeremonySetupTemplateCircuitArtifacts,
+    CeremonySetupTemplateCircuitArtifacts
 } from "../types/index"
 import { finalContributionIndex, genesisZkeyIndex, potFilenameTemplate } from "./constants"
 import {
@@ -22,14 +22,14 @@ import {
     getContributionsCollectionPath
 } from "./database"
 import { CeremonyTimeoutType } from "../types/enums"
-import { 
-    getPotStorageFilePath, 
-    getR1csStorageFilePath, 
-    getWasmStorageFilePath, 
+import {
+    getPotStorageFilePath,
+    getR1csStorageFilePath,
+    getWasmStorageFilePath,
     getZkeyStorageFilePath
 } from "./storage"
 import { blake512FromPath } from "./crypto"
-import { Readable, pipeline } from "stream"
+import { pipeline } from "stream"
 import { promisify } from "util"
 
 /**
@@ -41,23 +41,29 @@ import { promisify } from "util"
  */
 export const parseCeremonyFile = async (path: string, cleanup: boolean = false): Promise<SetupCeremonyData> => {
     // check that the path exists
-    if (!fs.existsSync(path)) throw new Error("The provided path to the configuration file does not exist. Please provide an absolute path and try again.")
-    
+    if (!fs.existsSync(path))
+        throw new Error(
+            "The provided path to the configuration file does not exist. Please provide an absolute path and try again."
+        )
+
     try {
         // read the data
         const data: CeremonySetupTemplate = JSON.parse(fs.readFileSync(path).toString())
 
         // verify that the data is correct
-        if (data['timeoutMechanismType'] !== CeremonyTimeoutType.DYNAMIC && data['timeoutMechanismType'] !== CeremonyTimeoutType.FIXED) 
+        if (
+            data["timeoutMechanismType"] !== CeremonyTimeoutType.DYNAMIC &&
+            data["timeoutMechanismType"] !== CeremonyTimeoutType.FIXED
+        )
             throw new Error("Invalid timeout type. Please choose between DYNAMIC and FIXED.")
-        
+
         // validate that we have at least 1 circuit input data
-        if (!data.circuits || data.circuits.length === 0) 
+        if (!data.circuits || data.circuits.length === 0)
             throw new Error("You need to provide the data for at least 1 circuit.")
 
         // validate that the end date is in the future
-        let endDate: Date 
-        let startDate: Date 
+        let endDate: Date
+        let startDate: Date
         try {
             endDate = new Date(data.endDate)
             startDate = new Date(data.startDate)
@@ -66,12 +72,12 @@ export const parseCeremonyFile = async (path: string, cleanup: boolean = false):
         }
 
         if (endDate <= startDate) throw new Error("The end date should be greater than the start date.")
-    
+
         const currentDate = new Date()
 
-        if (endDate <= currentDate || startDate <= currentDate) 
+        if (endDate <= currentDate || startDate <= currentDate)
             throw new Error("The start and end dates should be in the future.")
-        
+
         // validate penalty
         if (data.penalty <= 0) throw new Error("The penalty should be greater than zero.")
 
@@ -87,58 +93,49 @@ export const parseCeremonyFile = async (path: string, cleanup: boolean = false):
             circuitArtifacts.push({
                 artifacts: artifacts
             })
-            const r1csPath = artifacts.r1csStoragePath
-            const wasmPath = artifacts.wasmStoragePath
 
             // where we storing the r1cs downloaded
             const localR1csPath = `./${circuitData.name}.r1cs`
-
-            // check that the artifacts exist in S3
-            // we don't need any privileges to download this
-            // just the correct region
-            const s3 = new S3Client({region: artifacts.region})
-
-            try {
-                await s3.send(new HeadObjectCommand({
-                    Bucket: artifacts.bucket,
-                    Key: r1csPath 
-                }))
-            } catch (error: any) {
-                throw new Error(`The r1cs file (${r1csPath}) seems to not exist. Please ensure this is correct and that the object is publicly available.`)
-            }
-            
-            try {
-                await s3.send(new HeadObjectCommand({
-                    Bucket: artifacts.bucket,
-                    Key: wasmPath 
-                }))
-            } catch (error: any) {
-                throw new Error(`The wasm file (${wasmPath}) seems to not exist. Please ensure this is correct and that the object is publicly available.`)
-            }
+            // where we storing the wasm downloaded
+            const localWasmPath = `./${circuitData.name}.wasm`
 
             // download the r1cs to extract the metadata
-            const command = new GetObjectCommand({ Bucket: artifacts.bucket, Key: artifacts.r1csStoragePath })
-            const response = await s3.send(command)
             const streamPipeline = promisify(pipeline)
 
-            if (response.$metadata.httpStatusCode !== 200) 
-                throw new Error("There was an error while trying to download the r1cs file. Please check that the file has the correct permissions (public) set.")
+            // Make the call.
+            const responseR1CS = await fetch(artifacts.r1csStoragePath)
+
+            // Handle errors.
+            if (!responseR1CS.ok && responseR1CS.status !== 200)
+                throw new Error(
+                    `There was an error while trying to download the r1cs file for circuit ${circuitData.name}. Please check that the file has the correct permissions (public) set.`
+                )
+
+            await streamPipeline(responseR1CS.body!, createWriteStream(localR1csPath))
+            // Write the file locally
 
-            if (response.Body instanceof Readable) 
-                await streamPipeline(response.Body, fs.createWriteStream(localR1csPath))
-            
             // extract the metadata from the r1cs
             const metadata = getR1CSInfo(localR1csPath)
 
+            // download wasm too to ensure it's available
+            const responseWASM = await fetch(artifacts.wasmStoragePath)
+            if (!responseWASM.ok && responseWASM.status !== 200)
+                throw new Error(
+                    `There was an error while trying to download the WASM file for circuit ${circuitData.name}. Please check that the file has the correct permissions (public) set.`
+                )
+            await streamPipeline(responseWASM.body!, createWriteStream(localWasmPath))
+
             // validate that the circuit hash and template links are valid
             const template = circuitData.template
 
             const URLMatch = template.source.match(urlPattern)
-            if (!URLMatch || URLMatch.length === 0 || URLMatch.length > 1) throw new Error("You should provide the URL to the circuits templates on GitHub.")
+            if (!URLMatch || URLMatch.length === 0 || URLMatch.length > 1)
+                throw new Error("You should provide the URL to the circuits templates on GitHub.")
 
             const hashMatch = template.commitHash.match(commitHashPattern)
-            if (!hashMatch || hashMatch.length === 0 || hashMatch.length > 1) throw new Error("You should provide a valid commit hash of the circuit templates.")
-            
+            if (!hashMatch || hashMatch.length === 0 || hashMatch.length > 1)
+                throw new Error("You should provide a valid commit hash of the circuit templates.")
+
             // calculate the hash of the r1cs file
             const r1csBlake2bHash = await blake512FromPath(localR1csPath)
 
@@ -151,12 +148,12 @@ export const parseCeremonyFile = async (path: string, cleanup: boolean = false):
             const smallestPowersOfTauCompleteFilenameForCircuit = `${potFilenameTemplate}${doubleDigitsPowers}.ptau`
             const firstZkeyCompleteFilename = `${circuitPrefix}_${genesisZkeyIndex}.zkey`
 
-            // storage paths 
+            // storage paths
             const r1csStorageFilePath = getR1csStorageFilePath(circuitPrefix, r1csCompleteFilename)
             const wasmStorageFilePath = getWasmStorageFilePath(circuitPrefix, wasmCompleteFilename)
             const potStorageFilePath = getPotStorageFilePath(smallestPowersOfTauCompleteFilenameForCircuit)
             const zkeyStorageFilePath = getZkeyStorageFilePath(circuitPrefix, firstZkeyCompleteFilename)
-    
+
             const files: any = {
                 potFilename: smallestPowersOfTauCompleteFilenameForCircuit,
                 r1csFilename: r1csCompleteFilename,
@@ -169,14 +166,15 @@ export const parseCeremonyFile = async (path: string, cleanup: boolean = false):
                 r1csBlake2bHash: r1csBlake2bHash
             }
 
-            // validate that the compiler hash is a valid hash 
+            // validate that the compiler hash is a valid hash
             const compiler = circuitData.compiler
             const compilerHashMatch = compiler.commitHash.match(commitHashPattern)
-            if (!compilerHashMatch || compilerHashMatch.length === 0 || compilerHashMatch.length > 1) throw new Error("You should provide a valid commit hash of the circuit compiler.")
+            if (!compilerHashMatch || compilerHashMatch.length === 0 || compilerHashMatch.length > 1)
+                throw new Error("You should provide a valid commit hash of the circuit compiler.")
 
             // validate that the verification options are valid
             const verification = circuitData.verification
-            if (verification.cfOrVm !== "CF" && verification.cfOrVm !== "VM") 
+            if (verification.cfOrVm !== "CF" && verification.cfOrVm !== "VM")
                 throw new Error("Please enter a valid verification mechanism: either CF or VM")
 
             // @todo VM parameters verification
@@ -189,8 +187,7 @@ export const parseCeremonyFile = async (path: string, cleanup: boolean = false):
             let circuit: CircuitDocument | CircuitInputData = {} as CircuitDocument | CircuitInputData
 
             if (data.timeoutMechanismType === CeremonyTimeoutType.DYNAMIC) {
-                if (circuitData.dynamicThreshold <= 0) 
-                    throw new Error("The dynamic threshold should be > 0.")
+                if (circuitData.dynamicThreshold <= 0) throw new Error("The dynamic threshold should be > 0.")
                 dynamicThreshold = circuitData.dynamicThreshold
 
                 // the Circuit data for the ceremony setup
@@ -198,7 +195,7 @@ export const parseCeremonyFile = async (path: string, cleanup: boolean = false):
                     name: circuitData.name,
                     description: circuitData.description,
                     prefix: circuitPrefix,
-                    sequencePosition: i+1,
+                    sequencePosition: i + 1,
                     metadata: metadata,
                     files: files,
                     template: template,
@@ -209,23 +206,20 @@ export const parseCeremonyFile = async (path: string, cleanup: boolean = false):
                         contributionComputation: 0,
                         fullContribution: 0,
                         verifyCloudFunction: 0
-                    },
-                    
+                    }
                 }
             }
 
             if (data.timeoutMechanismType === CeremonyTimeoutType.FIXED) {
-                if (circuitData.fixedTimeWindow <= 0) 
-                    throw new Error("The fixed time window threshold should be > 0.")
+                if (circuitData.fixedTimeWindow <= 0) throw new Error("The fixed time window threshold should be > 0.")
                 fixedTimeWindow = circuitData.fixedTimeWindow
 
-
                 // the Circuit data for the ceremony setup
                 circuit = {
                     name: circuitData.name,
                     description: circuitData.description,
                     prefix: circuitPrefix,
-                    sequencePosition: i+1,
+                    sequencePosition: i + 1,
                     metadata: metadata,
                     files: files,
                     template: template,
@@ -236,16 +230,15 @@ export const parseCeremonyFile = async (path: string, cleanup: boolean = false):
                         contributionComputation: 0,
                         fullContribution: 0,
                         verifyCloudFunction: 0
-                    },
-                    
+                    }
                 }
             }
 
-
             circuits.push(circuit)
 
-            // remove the local r1cs download (if used for verifying the config only vs setup)
+            // remove the local r1cs and wasm downloads (if used for verifying the config only vs setup)
             if (cleanup) fs.unlinkSync(localR1csPath)
+            fs.unlinkSync(localWasmPath)
         }
 
         const setupData: SetupCeremonyData = {
@@ -263,7 +256,6 @@ export const parseCeremonyFile = async (path: string, cleanup: boolean = false):
         }
 
         return setupData
-
     } catch (error: any) {
         throw new Error(`Error while parsing up the ceremony setup file. ${error.message}`)
     }
@@ -457,9 +449,11 @@ export const getPublicAttestationPreambleForContributor = (
     ceremonyName: string,
     isFinalizing: boolean
 ) =>
-    `Hey, I'm ${contributorIdentifier} and I have ${
-        isFinalizing ? "finalized" : "contributed to"
-    } the ${ceremonyName} MPC Phase2 Trusted Setup ceremony.\nThe following are my contribution signatures:`
+    `Hey, I'm ${contributorIdentifier} and I have ${isFinalizing ? "finalized" : "contributed to"} the ${ceremonyName}${
+        ceremonyName.toLowerCase().includes("trusted setup") || ceremonyName.toLowerCase().includes("ceremony")
+            ? "."
+            : " MPC Phase2 Trusted Setup ceremony."
+    }\nThe following are my contribution signatures:`
 
 /**
  * Check and prepare public attestation for the contributor made only of its valid contributions.
@@ -740,4 +734,4 @@ export const getR1CSInfo = (localR1CSFilePath: string): CircuitMetadata => {
  * @param in <number> - the input number to be converted.
  * @returns <string> - the two digits stringified number derived from the conversion.
  */
-export const convertToDoubleDigits = (amount: number): string => (amount < 10 ? `0${amount}` : amount.toString())
+export const convertToDoubleDigits = (amount: number): string => (amount < 10 ? `0${amount}` : amount.toString())

package/src/helpers/vm.ts

@@ -82,7 +82,7 @@ export const vmDependenciesAndCacheArtifactsCommand = (
     zKeyPath: string,
     potPath: string,
     snsTopic: string,
-    region: string 
+    region: string
 ): Array<string> => [
     "#!/bin/bash",
     'MARKER_FILE="/var/run/my_script_ran"',
@@ -93,8 +93,13 @@ export const vmDependenciesAndCacheArtifactsCommand = (
     // eslint-disable-next-line no-template-curly-in-string
     "touch ${MARKER_FILE}",
     "sudo yum update -y",
-    "curl -sL https://rpm.nodesource.com/setup_16.x | sudo bash - ",
-    "sudo yum install -y nodejs",
+    "curl -O https://nodejs.org/dist/v16.13.0/node-v16.13.0-linux-x64.tar.xz",
+    "tar -xf node-v16.13.0-linux-x64.tar.xz",
+    "mv node-v16.13.0-linux-x64 nodejs",
+    "sudo mv nodejs /opt/",
+    "echo 'export NODEJS_HOME=/opt/nodejs' >> /etc/profile",
+    "echo 'export PATH=$NODEJS_HOME/bin:$PATH' >> /etc/profile",
+    "source /etc/profile",
     "npm install -g snarkjs",
     `aws s3 cp s3://${zKeyPath} /var/tmp/genesisZkey.zkey`,
     `aws s3 cp s3://${potPath} /var/tmp/pot.ptau`,
@@ -118,6 +123,7 @@ export const vmContributionVerificationCommand = (
     lastZkeyStoragePath: string,
     verificationTranscriptStoragePathAndFilename: string
 ): Array<string> => [
+    `source /etc/profile`,
     `aws s3 cp s3://${bucketName}/${lastZkeyStoragePath} /var/tmp/lastZKey.zkey > /var/tmp/log.txt`,
     `snarkjs zkvi /var/tmp/genesisZkey.zkey /var/tmp/pot.ptau /var/tmp/lastZKey.zkey > /var/tmp/verification_transcript.log`,
     `aws s3 cp /var/tmp/verification_transcript.log s3://${bucketName}/${verificationTranscriptStoragePathAndFilename} &>/dev/null`,

package/src/index.ts

@@ -87,7 +87,7 @@ export {
     verifyContribution,
     checkAndPrepareCoordinatorForFinalization,
     finalizeCircuit,
-    finalizeCeremony    
+    finalizeCeremony
 } from "./helpers/functions"
 export { toHex, blake512FromPath, computeSHA256ToHex, compareHashes } from "./helpers/crypto"
 export {
@@ -159,4 +159,4 @@ export {
     createEC2Client,
     vmContributionVerificationCommand,
     retrieveCommandStatus
-} from "./helpers/vm"
+} from "./helpers/vm"

package/src/types/index.ts

@@ -620,7 +620,6 @@ export type SetupCeremonyData = {
     circuitArtifacts: Array<CeremonySetupTemplateCircuitArtifacts>
 }
 
-
 export type CeremonySetupTemplateCircuitArtifacts = {
     artifacts: {
         bucket: string
@@ -640,11 +639,16 @@ export type CeremonySetupTemplateCircuitName = {
 }
 
 export type CeremonySetupTemplate = {
-    title: string 
+    title: string
     description: string
     startDate: string
     endDate: string
     timeoutMechanismType: CeremonyTimeoutType
-    penalty: number 
-    circuits: Array<CircuitDocument & CeremonySetupTemplateCircuitArtifacts & CeremonySetupTemplateCircuitTimeout & CeremonySetupTemplateCircuitName>
-}
+    penalty: number
+    circuits: Array<
+        CircuitDocument &
+            CeremonySetupTemplateCircuitArtifacts &
+            CeremonySetupTemplateCircuitTimeout &
+            CeremonySetupTemplateCircuitName
+    >
+}