@devtion/actions 0.0.0-7e983e3

package/dist/index.mjs

@@ -0,0 +1,2608 @@
+/**
+ * @module @p0tion/actions
+ * @version 1.0.5
+ * @file A set of actions and helpers for CLI commands
+ * @copyright Ethereum Foundation 2022
+ * @license MIT
+ * @see [Github]{@link https://github.com/privacy-scaling-explorations/p0tion}
+*/
+import mime from 'mime-types';
+import fs, { createWriteStream } from 'fs';
+import fetch from '@adobe/node-fetch-retry';
+import https from 'https';
+import { httpsCallable, httpsCallableFromURL, getFunctions } from 'firebase/functions';
+import { onSnapshot, query, collection, getDocs, doc, getDoc, where, Timestamp, getFirestore } from 'firebase/firestore';
+import { zKey, groth16 } from 'snarkjs';
+import crypto from 'crypto';
+import blake from 'blakejs';
+import { utils } from 'ffjavascript';
+import winston from 'winston';
+import { S3Client, HeadObjectCommand, GetObjectCommand } from '@aws-sdk/client-s3';
+import { pipeline, Readable } from 'stream';
+import { promisify } from 'util';
+import { initializeApp } from 'firebase/app';
+import { signInWithCredential, initializeAuth, getAuth } from 'firebase/auth';
+import { ContractFactory } from 'ethers';
+import solc from 'solc';
+import { EC2Client, RunInstancesCommand, DescribeInstanceStatusCommand, StartInstancesCommand, StopInstancesCommand, TerminateInstancesCommand } from '@aws-sdk/client-ec2';
+import { SSMClient, SendCommandCommand, GetCommandInvocationCommand } from '@aws-sdk/client-ssm';
+import dotenv from 'dotenv';
+
+// Main part for the Hermez Phase 1 Trusted Setup URLs to download PoT files.
+const potFileDownloadMainUrl = `https://hermez.s3-eu-west-1.amazonaws.com/`;
+// Main part for the Hermez Phase 1 Trusted Setup PoT files to be downloaded.
+const potFilenameTemplate = `powersOfTau28_hez_final_`;
+// The genesis zKey index.
+const genesisZkeyIndex = `00000`;
+// The number of exponential iterations to be executed by SnarkJS when finalizing the ceremony.
+const numExpIterations = 10;
+// The Solidity version of the Verifier Smart Contract generated with SnarkJS when finalizing the ceremony.
+const solidityVersion = "0.8.0";
+// The index of the final zKey.
+const finalContributionIndex = "final";
+// The acronym for verification key.
+const verificationKeyAcronym = "vkey";
+// The acronym for Verifier smart contract.
+const verifierSmartContractAcronym = "verifier";
+// The tag for ec2 instances.
+const ec2InstanceTag = "p0tionec2instance";
+// The name of the VM startup script file.
+const vmBootstrapScriptFilename = "bootstrap.sh";
+/**
+ * Define the supported VM configuration types.
+ * @dev the VM configurations can be retrieved at https://aws.amazon.com/ec2/instance-types/
+ * The on-demand prices for the configurations can be retrieved at https://aws.amazon.com/ec2/pricing/on-demand/.
+ * @notice the price has to be intended as on-demand hourly billing usage for Linux OS
+ * VMs located in the us-east-1 region expressed in USD.
+ */
+const vmConfigurationTypes = {
+    t3_large: {
+        type: "t3.large",
+        ram: 8,
+        vcpu: 2,
+        pricePerHour: 0.08352
+    },
+    t3_2xlarge: {
+        type: "t3.2xlarge",
+        ram: 32,
+        vcpu: 8,
+        pricePerHour: 0.3328
+    },
+    c5_9xlarge: {
+        type: "c5.9xlarge",
+        ram: 72,
+        vcpu: 36,
+        pricePerHour: 1.53
+    },
+    c5_18xlarge: {
+        type: "c5.18xlarge",
+        ram: 144,
+        vcpu: 72,
+        pricePerHour: 3.06
+    },
+    c5a_8xlarge: {
+        type: "c5a.8xlarge",
+        ram: 64,
+        vcpu: 32,
+        pricePerHour: 1.232
+    },
+    c6id_32xlarge: {
+        type: "c6id.32xlarge",
+        ram: 256,
+        vcpu: 128,
+        pricePerHour: 6.4512
+    },
+    m6a_32xlarge: {
+        type: "m6a.32xlarge",
+        ram: 512,
+        vcpu: 128,
+        pricePerHour: 5.5296
+    }
+};
+/**
+ * Define the PPoT Trusted Setup ceremony output powers of tau files size (in GB).
+ * @dev the powers of tau files can be retrieved at https://github.com/weijiekoh/perpetualpowersoftau
+ */
+const powersOfTauFiles = [
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_01.ptau",
+        size: 0.000084
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_02.ptau",
+        size: 0.000086
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_03.ptau",
+        size: 0.000091
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_04.ptau",
+        size: 0.0001
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_05.ptau",
+        size: 0.000117
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_06.ptau",
+        size: 0.000153
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_07.ptau",
+        size: 0.000225
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_08.ptau",
+        size: 0.0004
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_09.ptau",
+        size: 0.000658
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_10.ptau",
+        size: 0.0013
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_11.ptau",
+        size: 0.0023
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_12.ptau",
+        size: 0.0046
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_13.ptau",
+        size: 0.0091
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_14.ptau",
+        size: 0.0181
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_15.ptau",
+        size: 0.0361
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_16.ptau",
+        size: 0.0721
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_17.ptau",
+        size: 0.144
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_18.ptau",
+        size: 0.288
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_19.ptau",
+        size: 0.576
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_20.ptau",
+        size: 1.1
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_21.ptau",
+        size: 2.3
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_22.ptau",
+        size: 4.5
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_23.ptau",
+        size: 9.0
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_24.ptau",
+        size: 18.0
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_25.ptau",
+        size: 36.0
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_26.ptau",
+        size: 72.0
+    },
+    {
+        ref: "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_27.ptau",
+        size: 144.0
+    }
+];
+/**
+ * Commonly used terms.
+ * @dev useful for creating paths, references to collections and queries, object properties, folder names, and so on.
+ */
+const commonTerms = {
+    collections: {
+        users: {
+            name: "users",
+            fields: {
+                creationTime: "creationTime",
+                displayName: "displayName",
+                email: "email",
+                emailVerified: "emailVerified",
+                lastSignInTime: "lastSignInTime",
+                lastUpdated: "lastUpdated",
+                name: "name",
+                photoURL: "photoURL"
+            }
+        },
+        participants: {
+            name: "participants",
+            fields: {
+                contributionProgress: "contributionProgress",
+                contributionStartedAt: "contributionStartedAt",
+                contributionStep: "contributionStep",
+                contributions: "contributions",
+                lastUpdated: "lastUpdated",
+                status: "status",
+                verificationStartedAt: "verificationStartedAt"
+            }
+        },
+        ceremonies: {
+            name: "ceremonies",
+            fields: {
+                coordinatorId: "coordinatorId",
+                description: "description",
+                endDate: "endDate",
+                lastUpdated: "lastUpdated",
+                penalty: "penalty",
+                prefix: "prefix",
+                startDate: "startDate",
+                state: "state",
+                timeoutType: "timeoutType",
+                title: "title",
+                type: "type"
+            }
+        },
+        circuits: {
+            name: "circuits",
+            fields: {
+                avgTimings: "avgTimings",
+                compiler: "compiler",
+                description: "description",
+                files: "files",
+                lastUpdated: "lastUpdated",
+                metadata: "metadata",
+                name: "name",
+                prefix: "prefix",
+                sequencePosition: "sequencePosition",
+                template: "template",
+                timeoutMaxContributionWaitingTime: "timeoutMaxContributionWaitingTime",
+                waitingQueue: "waitingQueue",
+                zKeySizeInBytes: "zKeySizeInBytes",
+                verification: "verification"
+            }
+        },
+        contributions: {
+            name: "contributions",
+            fields: {
+                contributionComputationTime: "contributionComputationTime",
+                files: "files",
+                lastUpdated: "lastUpdated",
+                participantId: "participantId",
+                valid: "valid",
+                verificationComputationTime: "verificationComputationTime",
+                zkeyIndex: "zKeyIndex"
+            }
+        },
+        timeouts: {
+            name: "timeouts",
+            fields: {
+                type: "type",
+                startDate: "startDate",
+                endDate: "endDate"
+            }
+        }
+    },
+    foldersAndPathsTerms: {
+        output: `output`,
+        setup: `setup`,
+        contribute: `contribute`,
+        finalize: `finalize`,
+        pot: `pot`,
+        zkeys: `zkeys`,
+        wasm: `wasm`,
+        vkeys: `vkeys`,
+        metadata: `metadata`,
+        transcripts: `transcripts`,
+        attestation: `attestation`,
+        verifiers: `verifiers`
+    },
+    cloudFunctionsNames: {
+        setupCeremony: "setupCeremony",
+        checkParticipantForCeremony: "checkParticipantForCeremony",
+        progressToNextCircuitForContribution: "progressToNextCircuitForContribution",
+        resumeContributionAfterTimeoutExpiration: "resumeContributionAfterTimeoutExpiration",
+        createBucket: "createBucket",
+        generateGetObjectPreSignedUrl: "generateGetObjectPreSignedUrl",
+        progressToNextContributionStep: "progressToNextContributionStep",
+        permanentlyStoreCurrentContributionTimeAndHash: "permanentlyStoreCurrentContributionTimeAndHash",
+        startMultiPartUpload: "startMultiPartUpload",
+        temporaryStoreCurrentContributionMultiPartUploadId: "temporaryStoreCurrentContributionMultiPartUploadId",
+        temporaryStoreCurrentContributionUploadedChunkData: "temporaryStoreCurrentContributionUploadedChunkData",
+        generatePreSignedUrlsParts: "generatePreSignedUrlsParts",
+        completeMultiPartUpload: "completeMultiPartUpload",
+        checkIfObjectExist: "checkIfObjectExist",
+        verifyContribution: "verifycontribution",
+        checkAndPrepareCoordinatorForFinalization: "checkAndPrepareCoordinatorForFinalization",
+        finalizeCircuit: "finalizeCircuit",
+        finalizeCeremony: "finalizeCeremony",
+        downloadCircuitArtifacts: "downloadCircuitArtifacts",
+        transferObject: "transferObject",
+    }
+};
+
+/**
+ * Setup a new ceremony by calling the related cloud function.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param ceremonyInputData <CeremonyInputData> - the input data of the ceremony.
+ * @param ceremonyPrefix <string> - the prefix of the ceremony.
+ * @param circuits <Circuit[]> - the circuits data.
+ * @returns Promise<string> - the unique identifier of the created ceremony.
+ */
+const setupCeremony = async (functions, ceremonyInputData, ceremonyPrefix, circuits) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.setupCeremony);
+    const { data: ceremonyId } = await cf({
+        ceremonyInputData,
+        ceremonyPrefix,
+        circuits
+    });
+    return String(ceremonyId);
+};
+/**
+ * Check the user's current participant status for the ceremony
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @returns <boolean> - true when participant is able to contribute; otherwise false.
+ */
+const checkParticipantForCeremony = async (functions, ceremonyId) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.checkParticipantForCeremony);
+    const { data } = await cf({ ceremonyId });
+    return data;
+};
+/**
+ * Progress the participant to the next circuit preparing for the next contribution.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ */
+const progressToNextCircuitForContribution = async (functions, ceremonyId) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.progressToNextCircuitForContribution);
+    await cf({
+        ceremonyId
+    });
+};
+/**
+ * Resume the contributor circuit contribution from scratch after the timeout expiration.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ */
+const resumeContributionAfterTimeoutExpiration = async (functions, ceremonyId) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.resumeContributionAfterTimeoutExpiration);
+    await cf({
+        ceremonyId
+    });
+};
+/**
+ * Make a request to create a new AWS S3 bucket for a ceremony.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param bucketName <string> - the name of the ceremony bucket.
+ */
+const createS3Bucket = async (functions, bucketName) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.createBucket);
+    await cf({ bucketName });
+};
+/**
+ * Return a pre-signed url for a given object contained inside the provided AWS S3 bucket in order to perform a GET request.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param bucketName <string> - the name of the ceremony bucket.
+ * @param objectKey <string> - the storage path that locates the artifact to be downloaded in the bucket.
+ * @returns <Promise<string>> - the pre-signed url w/ GET request permissions for specified object key.
+ */
+const generateGetObjectPreSignedUrl = async (functions, bucketName, objectKey) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.generateGetObjectPreSignedUrl);
+    const { data: getPreSignedUrl } = await cf({
+        bucketName,
+        objectKey
+    });
+    return String(getPreSignedUrl);
+};
+/**
+ * Progress the participant to the next circuit preparing for the next contribution.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ */
+const progressToNextContributionStep = async (functions, ceremonyId) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.progressToNextContributionStep);
+    await cf({
+        ceremonyId
+    });
+};
+/**
+ * Write the information about current contribution hash and computation time for the current contributor.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @param contributionComputationTime <number> - the time when it was computed
+ * @param contributingHash <string> - the hash of the contribution
+ */
+const permanentlyStoreCurrentContributionTimeAndHash = async (functions, ceremonyId, contributionComputationTime, contributionHash) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.permanentlyStoreCurrentContributionTimeAndHash);
+    await cf({
+        ceremonyId,
+        contributionComputationTime,
+        contributionHash
+    });
+};
+/**
+ * Start a new multi-part upload for a specific object in the given AWS S3 bucket.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param bucketName <string> - the name of the ceremony bucket.
+ * @param objectKey <string> - the storage path that locates the artifact to be downloaded in the bucket.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @returns Promise<string> - the multi-part upload id.
+ */
+const openMultiPartUpload = async (functions, bucketName, objectKey, ceremonyId) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.startMultiPartUpload);
+    const { data: uploadId } = await cf({
+        bucketName,
+        objectKey,
+        ceremonyId
+    });
+    return String(uploadId);
+};
+/**
+ * Write temporary information about the unique identifier about the opened multi-part upload to eventually resume the contribution.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @param uploadId <string> - the unique identifier of the multi-part upload.
+ */
+const temporaryStoreCurrentContributionMultiPartUploadId = async (functions, ceremonyId, uploadId) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.temporaryStoreCurrentContributionMultiPartUploadId);
+    await cf({
+        ceremonyId,
+        uploadId
+    });
+};
+/**
+ * Write temporary information about the etags and part numbers for each uploaded chunk in order to make the upload resumable from last chunk.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @param chunk <ETagWithPartNumber> - the information about the already uploaded chunk.
+ */
+const temporaryStoreCurrentContributionUploadedChunkData = async (functions, ceremonyId, chunk) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.temporaryStoreCurrentContributionUploadedChunkData);
+    await cf({
+        ceremonyId,
+        chunk
+    });
+};
+/**
+ * Generate a new pre-signed url for each chunk related to a started multi-part upload.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param bucketName <string> - the name of the ceremony bucket.
+ * @param objectKey <string> - the storage path that locates the artifact to be downloaded in the bucket.
+ * @param uploadId <string> - the unique identifier of the multi-part upload.
+ * @param numberOfChunks <number> - the number of pre-signed urls to be generated.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @returns Promise<Array<string>> - the set of pre-signed urls (one for each chunk).
+ */
+const generatePreSignedUrlsParts = async (functions, bucketName, objectKey, uploadId, numberOfParts, ceremonyId) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.generatePreSignedUrlsParts);
+    const { data: chunksUrls } = await cf({
+        bucketName,
+        objectKey,
+        uploadId,
+        numberOfParts,
+        ceremonyId
+    });
+    return chunksUrls;
+};
+/**
+ * Complete a multi-part upload for a specific object in the given AWS S3 bucket.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param bucketName <string> - the name of the ceremony bucket.
+ * @param objectKey <string> - the storage path that locates the artifact to be downloaded in the bucket.
+ * @param uploadId <string> - the unique identifier of the multi-part upload.
+ * @param parts Array<ETagWithPartNumber> - the completed .
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @returns Promise<string> - the location of the uploaded ceremony artifact.
+ */
+const completeMultiPartUpload = async (functions, bucketName, objectKey, uploadId, parts, ceremonyId) => {
+    // Call completeMultiPartUpload() Cloud Function.
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.completeMultiPartUpload);
+    const { data: location } = await cf({
+        bucketName,
+        objectKey,
+        uploadId,
+        parts,
+        ceremonyId
+    });
+    return String(location);
+};
+/**
+ * Check if a specified object exist in a given AWS S3 bucket.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param bucketName <string> - the name of the ceremony bucket.
+ * @param objectKey <string> - the storage path that locates the artifact to be downloaded in the bucket.
+ * @returns <Promise<string>> - true if and only if the object exists, otherwise false.
+ */
+const checkIfObjectExist = async (functions, bucketName, objectKey) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.checkIfObjectExist);
+    const { data: doesObjectExist } = await cf({
+        bucketName,
+        objectKey
+    });
+    return doesObjectExist;
+};
+/**
+ * Request to verify the newest contribution for the circuit.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @param circuit <FirebaseDocumentInfo> - the document info about the circuit.
+ * @param bucketName <string> - the name of the ceremony bucket.
+ * @param contributorOrCoordinatorIdentifier <string> - the identifier of the contributor or coordinator (only when finalizing).
+ * @param verifyContributionCloudFunctionEndpoint <string> - the endpoint (direct url) necessary to call the V2 Cloud Function.
+ * @returns <Promise<void>> -
+ */
+const verifyContribution = async (functions, ceremonyId, circuit, // any just to avoid breaking the tests.
+bucketName, contributorOrCoordinatorIdentifier, verifyContributionCloudFunctionEndpoint) => {
+    const cf = httpsCallableFromURL(functions, verifyContributionCloudFunctionEndpoint, {
+        timeout: 3600000 // max timeout 60 minutes.
+    });
+    /**
+     * @dev Force a race condition to fix #57.
+     * TL;DR if the cloud function does not return despite having finished its execution, we use
+     * a listener on the circuit, we check and retrieve the info about the correct execution and
+     * return it manually. In other cases, it will be the function that returns either a timeout in case it
+     * remains in execution for too long.
+     */
+    await Promise.race([
+        cf({
+            ceremonyId,
+            circuitId: circuit.id,
+            contributorOrCoordinatorIdentifier,
+            bucketName
+        }),
+        new Promise((resolve) => {
+            setTimeout(() => {
+                const unsubscribeToCeremonyCircuitListener = onSnapshot(circuit.ref, async (changedCircuit) => {
+                    // Check data.
+                    if (!circuit.data || !changedCircuit.data())
+                        throw Error(`Unable to retrieve circuit data from the ceremony.`);
+                    // Extract data.
+                    const { avgTimings: changedAvgTimings, waitingQueue: changedWaitingQueue } = changedCircuit.data();
+                    const { contributionComputation: changedContributionComputation, fullContribution: changedFullContribution, verifyCloudFunction: changedVerifyCloudFunction } = changedAvgTimings;
+                    const { failedContributions: changedFailedContributions, completedContributions: changedCompletedContributions } = changedWaitingQueue;
+                    const { avgTimings: prevAvgTimings, waitingQueue: prevWaitingQueue } = changedCircuit.data();
+                    const { contributionComputation: prevContributionComputation, fullContribution: prevFullContribution, verifyCloudFunction: prevVerifyCloudFunction } = prevAvgTimings;
+                    const { failedContributions: prevFailedContributions, completedContributions: prevCompletedContributions } = prevWaitingQueue;
+                    // Pre-conditions.
+                    const invalidContribution = prevFailedContributions === changedFailedContributions - 1;
+                    const validContribution = prevCompletedContributions === changedCompletedContributions - 1;
+                    const avgTimeUpdates = prevContributionComputation !== changedContributionComputation &&
+                        prevFullContribution !== changedFullContribution &&
+                        prevVerifyCloudFunction !== changedVerifyCloudFunction;
+                    if ((invalidContribution || validContribution) && avgTimeUpdates) {
+                        resolve({});
+                    }
+                });
+                // Unsubscribe from listener.
+                unsubscribeToCeremonyCircuitListener();
+            }, 3600000 - 1000); // 59:59 throws 1s before max time for CF execution.
+        })
+    ]);
+};
+/**
+ * Prepare the coordinator for the finalization of the ceremony.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @returns <Promise<boolean>> - true when the coordinator is ready for finalization; otherwise false.
+ */
+const checkAndPrepareCoordinatorForFinalization = async (functions, ceremonyId) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.checkAndPrepareCoordinatorForFinalization);
+    const { data: isCoordinatorReadyForCeremonyFinalization } = await cf({
+        ceremonyId
+    });
+    return isCoordinatorReadyForCeremonyFinalization;
+};
+/**
+ * Finalize the ceremony circuit.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @param circuitId <string> - the unique identifier of the circuit.
+ * @param bucketName <string> - the name of the ceremony bucket.
+ * @param beacon <string> - the value used to compute the final contribution while finalizing the ceremony.
+ */
+const finalizeCircuit = async (functions, ceremonyId, circuitId, bucketName, beacon) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.finalizeCircuit);
+    await cf({
+        ceremonyId,
+        circuitId,
+        bucketName,
+        beacon
+    });
+};
+/**
+ * Conclude the finalization of the ceremony.
+ * @param functions <Functions> - the Firebase cloud functions object instance.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ */
+const finalizeCeremony = async (functions, ceremonyId) => {
+    const cf = httpsCallable(functions, commonTerms.cloudFunctionsNames.finalizeCeremony);
+    await cf({
+        ceremonyId
+    });
+};
+
+/**
+ * Return the bucket name based on ceremony prefix.
+ * @param ceremonyPrefix <string> - the ceremony prefix.
+ * @param ceremonyPostfix <string> - the ceremony postfix.
+ * @returns <string>
+ */
+const getBucketName = (ceremonyPrefix, ceremonyPostfix) => `${ceremonyPrefix}${ceremonyPostfix}`;
+/**
+ * Get chunks and signed urls related to an object that must be uploaded using a multi-part upload.
+ * @param cloudFunctions <Functions> - the Firebase Cloud Functions service instance.
+ * @param bucketName <string> - the name of the ceremony artifacts bucket (AWS S3).
+ * @param objectKey <string> - the unique key to identify the object inside the given AWS S3 bucket.
+ * @param localFilePath <string> - the local path where the artifact will be downloaded.
+ * @param uploadId <string> - the unique identifier of the multi-part upload.
+ * @param configStreamChunkSize <number> - size of each chunk into which the artifact is going to be splitted (nb. will be converted in MB).
+ * @param [ceremonyId] <string> - the unique identifier of the ceremony.
+ * @returns Promise<Array<ChunkWithUrl>> - the chunks with related pre-signed url.
+ */
+const getChunksAndPreSignedUrls = async (cloudFunctions, bucketName, objectKey, localFilePath, uploadId, configStreamChunkSize, ceremonyId) => {
+    // Prepare a new stream to read the file.
+    const stream = fs.createReadStream(localFilePath, {
+        highWaterMark: configStreamChunkSize * 1024 * 1024 // convert to MB.
+    });
+    // Split in chunks.
+    const chunks = [];
+    for await (const chunk of stream)
+        chunks.push(chunk);
+    // Check if the file is not empty.
+    if (!chunks.length)
+        throw new Error("Unable to split an empty file into chunks.");
+    // Request pre-signed url generation for each chunk.
+    const preSignedUrls = await generatePreSignedUrlsParts(cloudFunctions, bucketName, objectKey, uploadId, chunks.length, ceremonyId);
+    // Map pre-signed urls with corresponding chunks.
+    return chunks.map((val1, index) => ({
+        partNumber: index + 1,
+        chunk: val1,
+        preSignedUrl: preSignedUrls[index]
+    }));
+};
+/**
+ * Forward the request to upload each single chunk of the related ceremony artifact.
+ * @param chunksWithUrls <Array<ChunkWithUrl>> - the array containing each chunk mapped with the corresponding pre-signed urls.
+ * @param contentType <string | false> - the content type of the ceremony artifact.
+ * @param cloudFunctions <Functions> - the Firebase Cloud Functions service instance.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @param alreadyUploadedChunks Array<ETagWithPartNumber> - the temporary information about the already uploaded chunks.
+ * @returns <Promise<Array<ETagWithPartNumber>>> - the completed (uploaded) chunks information.
+ */
+const uploadParts = async (chunksWithUrls, contentType, cloudFunctions, ceremonyId, alreadyUploadedChunks) => {
+    // Keep track of uploaded chunks.
+    const uploadedChunks = alreadyUploadedChunks || [];
+    // Loop through remaining chunks.
+    for (let i = alreadyUploadedChunks ? alreadyUploadedChunks.length : 0; i < chunksWithUrls.length; i += 1) {
+        // Consume the pre-signed url to upload the chunk.
+        // @ts-ignore
+        const response = await fetch(chunksWithUrls[i].preSignedUrl, {
+            retryOptions: {
+                retryInitialDelay: 500,
+                socketTimeout: 60000,
+                retryMaxDuration: 300000 // 5 minutes.
+            },
+            method: "PUT",
+            body: chunksWithUrls[i].chunk,
+            headers: {
+                "Content-Type": contentType.toString(),
+                "Content-Length": chunksWithUrls[i].chunk.length.toString()
+            },
+            agent: new https.Agent({ keepAlive: true })
+        });
+        // Verify the response.
+        if (response.status !== 200 || !response.ok)
+            throw new Error(`Unable to upload chunk number ${i}. Please, terminate the current session and retry to resume from the latest uploaded chunk.`);
+        // Extract uploaded chunk data.
+        const chunk = {
+            ETag: response.headers.get("etag") || undefined,
+            PartNumber: chunksWithUrls[i].partNumber
+        };
+        uploadedChunks.push(chunk);
+        // Temporary store uploaded chunk data to enable later resumable contribution.
+        // nb. this must be done only when contributing (not finalizing).
+        if (!!ceremonyId && !!cloudFunctions)
+            await temporaryStoreCurrentContributionUploadedChunkData(cloudFunctions, ceremonyId, chunk);
+    }
+    return uploadedChunks;
+};
+/**
+ * Upload a ceremony artifact to the corresponding bucket.
+ * @notice this method implements the multi-part upload using pre-signed urls, optimal for large files.
+ * Steps:
+ * 0) Check if current contributor could resume a multi-part upload.
+ *    0.A) If yes, continue from last uploaded chunk using the already opened multi-part upload.
+ *    0.B) Otherwise, start creating a new multi-part upload.
+ * 1) Generate a pre-signed url for each (remaining) chunk of the ceremony artifact.
+ * 2) Consume the pre-signed urls to upload chunks.
+ * 3) Complete the multi-part upload.
+ * @param cloudFunctions <Functions> - the Firebase Cloud Functions service instance.
+ * @param bucketName <string> - the name of the ceremony artifacts bucket (AWS S3).
+ * @param objectKey <string> - the unique key to identify the object inside the given AWS S3 bucket.
+ * @param localPath <string> - the local path where the artifact will be downloaded.
+ * @param configStreamChunkSize <number> - size of each chunk into which the artifact is going to be splitted (nb. will be converted in MB).
+ * @param [ceremonyId] <string> - the unique identifier of the ceremony (used as a double-edge sword - as identifier and as a check if current contributor is the coordinator finalizing the ceremony).
+ * @param [temporaryDataToResumeMultiPartUpload] <TemporaryParticipantContributionData> - the temporary information necessary to resume an already started multi-part upload.
+ */
+const multiPartUpload = async (cloudFunctions, bucketName, objectKey, localFilePath, configStreamChunkSize, ceremonyId, temporaryDataToResumeMultiPartUpload) => {
+    // The unique identifier of the multi-part upload.
+    let multiPartUploadId = "";
+    // The list of already uploaded chunks.
+    let alreadyUploadedChunks = [];
+    // Step (0).
+    if (temporaryDataToResumeMultiPartUpload && !!temporaryDataToResumeMultiPartUpload.uploadId) {
+        // Step (0.A).
+        multiPartUploadId = temporaryDataToResumeMultiPartUpload.uploadId;
+        alreadyUploadedChunks = temporaryDataToResumeMultiPartUpload.chunks;
+    }
+    else {
+        // Step (0.B).
+        // Open a new multi-part upload for the ceremony artifact.
+        multiPartUploadId = await openMultiPartUpload(cloudFunctions, bucketName, objectKey, ceremonyId);
+        // Store multi-part upload identifier on document collection.
+        if (ceremonyId)
+            // Store Multi-Part Upload ID after generation.
+            await temporaryStoreCurrentContributionMultiPartUploadId(cloudFunctions, ceremonyId, multiPartUploadId);
+    }
+    // Step (1).
+    const chunksWithUrlsZkey = await getChunksAndPreSignedUrls(cloudFunctions, bucketName, objectKey, localFilePath, multiPartUploadId, configStreamChunkSize, ceremonyId);
+    // Step (2).
+    const partNumbersAndETagsZkey = await uploadParts(chunksWithUrlsZkey, mime.lookup(localFilePath), // content-type.
+    cloudFunctions, ceremonyId, alreadyUploadedChunks);
+    // Step (3).
+    await completeMultiPartUpload(cloudFunctions, bucketName, objectKey, multiPartUploadId, partNumbersAndETagsZkey, ceremonyId);
+};
+/**
+ * Download an artifact from S3 (only for authorized users)
+ * @param cloudFunctions <Functions> Firebase cloud functions instance.
+ * @param bucketName <string> Name of the bucket where the artifact is stored.
+ * @param storagePath <string> Path to the artifact in the bucket.
+ * @param localPath <string> Path to the local file where the artifact will be saved.
+ */
+const downloadCeremonyArtifact = async (cloudFunctions, bucketName, storagePath, localPath) => {
+    // Request pre-signed url to make GET download request.
+    const getPreSignedUrl = await generateGetObjectPreSignedUrl(cloudFunctions, bucketName, storagePath);
+    // Make fetch to get info about the artifact.
+    // @ts-ignore
+    const response = await fetch(getPreSignedUrl);
+    if (response.status !== 200 && !response.ok)
+        throw new Error(`There was an erorr while downloading the object ${storagePath} from the bucket ${bucketName}. Please check the function inputs and try again.`);
+    const content = response.body;
+    // Prepare stream.
+    const writeStream = createWriteStream(localPath);
+    // Write chunk by chunk.
+    for await (const chunk of content) {
+        // Write chunk.
+        writeStream.write(chunk);
+    }
+};
+/**
+ * Get R1CS file path tied to a particular circuit of a ceremony in the storage.
+ * @notice each R1CS file in the storage must be stored in the following path: `circuits/<circuitPrefix>/<completeR1csFilename>`.
+ * nb. This is a rule that must be satisfied. This is NOT an optional convention.
+ * @param circuitPrefix <string> - the prefix of the circuit.
+ * @param completeR1csFilename <string> - the complete R1CS filename (name + ext).
+ * @returns <string> - the storage path of the R1CS file.
+ */
+const getR1csStorageFilePath = (circuitPrefix, completeR1csFilename) => `${commonTerms.collections.circuits.name}/${circuitPrefix}/${completeR1csFilename}`;
+/**
+ * Get WASM file path tied to a particular circuit of a ceremony in the storage.
+ * @notice each WASM file in the storage must be stored in the following path: `circuits/<circuitPrefix>/<completeWasmFilename>`.
+ * nb. This is a rule that must be satisfied. This is NOT an optional convention.
+ * @param circuitPrefix <string> - the prefix of the circuit.
+ * @param completeWasmFilename <string> - the complete WASM filename (name + ext).
+ * @returns <string> - the storage path of the WASM file.
+ */
+const getWasmStorageFilePath = (circuitPrefix, completeWasmFilename) => `${commonTerms.collections.circuits.name}/${circuitPrefix}/${completeWasmFilename}`;
+/**
+ * Get PoT file path in the storage.
+ * @notice each PoT file in the storage must be stored in the following path: `pot/<completePotFilename>`.
+ * nb. This is a rule that must be satisfied. This is NOT an optional convention.
+ * @param completePotFilename <string> - the complete PoT filename (name + ext).
+ * @returns <string> - the storage path of the PoT file.
+ */
+const getPotStorageFilePath = (completePotFilename) => `${commonTerms.foldersAndPathsTerms.pot}/${completePotFilename}`;
+/**
+ * Get zKey file path tied to a particular circuit of a ceremony in the storage.
+ * @notice each zKey file in the storage must be stored in the following path: `circuits/<circuitPrefix>/contributions/<completeZkeyFilename>`.
+ * nb. This is a rule that must be satisfied. This is NOT an optional convention.
+ * @param circuitPrefix <string> - the prefix of the circuit.
+ * @param completeZkeyFilename <string> - the complete zKey filename (name + ext).
+ * @returns <string> - the storage path of the zKey file.
+ */
+const getZkeyStorageFilePath = (circuitPrefix, completeZkeyFilename) => `${commonTerms.collections.circuits.name}/${circuitPrefix}/${commonTerms.collections.contributions.name}/${completeZkeyFilename}`;
+/**
+ * Get verification key file path tied to a particular circuit of a ceremony in the storage.
+ * @notice each verification key file in the storage must be stored in the following path: `circuits/<circuitPrefix>/<completeVerificationKeyFilename>`.
+ * nb. This is a rule that must be satisfied. This is NOT an optional convention.
+ * @param circuitPrefix <string> - the prefix of the circuit.
+ * @param completeVerificationKeyFilename <string> - the complete verification key filename (name + ext).
+ * @returns <string> - the storage path of the verification key file.
+ */
+const getVerificationKeyStorageFilePath = (circuitPrefix, completeVerificationKeyFilename) => `${commonTerms.collections.circuits.name}/${circuitPrefix}/${completeVerificationKeyFilename}`;
+/**
+ * Get verifier contract file path tied to a particular circuit of a ceremony in the storage.
+ * @notice each verifier contract file in the storage must be stored in the following path: `circuits/<circuitPrefix>/<completeVerificationKeyFilename>`.
+ * nb. This is a rule that must be satisfied. This is NOT an optional convention.
+ * @param circuitPrefix <string> - the prefix of the circuit.
+ * @param completeVerifierContractFilename <string> - the complete verifier contract filename (name + ext).
+ * @returns <string> - the storage path of the verifier contract file.
+ */
+const getVerifierContractStorageFilePath = (circuitPrefix, completeVerifierContractFilename) => `${commonTerms.collections.circuits.name}/${circuitPrefix}/${completeVerifierContractFilename}`;
+/**
+ * Get transcript file path tied to a particular circuit of a ceremony in the storage.
+ * @notice each R1CS file in the storage must be stored in the following path: `circuits/<circuitPrefix>/<completeTranscriptFilename>`.
+ * nb. This is a rule that must be satisfied. This is NOT an optional convention.
+ * @param circuitPrefix <string> - the prefix of the circuit.
+ * @param completeTranscriptFilename <string> - the complete transcript filename (name + ext).
+ * @returns <string> - the storage path of the transcript file.
+ */
+const getTranscriptStorageFilePath = (circuitPrefix, completeTranscriptFilename) => `${commonTerms.collections.circuits.name}/${circuitPrefix}/${commonTerms.foldersAndPathsTerms.transcripts}/${completeTranscriptFilename}`;
+
+/**
+ * Get participants collection path for database reference.
+ * @notice all participants related documents are store under `ceremonies/<ceremonyId>/participants` collection path.
+ * nb. This is a rule that must be satisfied. This is NOT an optional convention.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @returns <string> - the participants collection path.
+ */
+const getParticipantsCollectionPath = (ceremonyId) => `${commonTerms.collections.ceremonies.name}/${ceremonyId}/${commonTerms.collections.participants.name}`;
+/**
+ * Get circuits collection path for database reference.
+ * @notice all circuits related documents are store under `ceremonies/<ceremonyId>/circuits` collection path.
+ * nb. This is a rule that must be satisfied. This is NOT an optional convention.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @returns <string> - the participants collection path.
+ */
+const getCircuitsCollectionPath = (ceremonyId) => `${commonTerms.collections.ceremonies.name}/${ceremonyId}/${commonTerms.collections.circuits.name}`;
+/**
+ * Get contributions collection path for database reference.
+ * @notice all contributions related documents are store under `ceremonies/<ceremonyId>/circuits/<circuitId>/contributions` collection path.
+ * nb. This is a rule that must be satisfied. This is NOT an optional convention.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @param circuitId <string> - the unique identifier of the circuit.
+ * @returns <string> - the contributions collection path.
+ */
+const getContributionsCollectionPath = (ceremonyId, circuitId) => `${getCircuitsCollectionPath(ceremonyId)}/${circuitId}/${commonTerms.collections.contributions.name}`;
+/**
+ * Get timeouts collection path for database reference.
+ * @notice all timeouts related documents are store under `ceremonies/<ceremonyId>/participants/<participantId>/timeouts` collection path.
+ * nb. This is a rule that must be satisfied. This is NOT an optional convention.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @param participantId <string> - the unique identifier of the participant.
+ * @returns <string> - the timeouts collection path.
+ */
+const getTimeoutsCollectionPath = (ceremonyId, participantId) => `${getParticipantsCollectionPath(ceremonyId)}/${participantId}/${commonTerms.collections.timeouts.name}`;
+/**
+ * Helper for query a collection based on certain constraints.
+ * @param firestoreDatabase <Firestore> - the Firestore service instance associated to the current Firebase application.
+ * @param collection <string> - the name of the collection.
+ * @param queryConstraints <Array<QueryConstraint>> - a sequence of where conditions.
+ * @returns <Promise<QuerySnapshot<DocumentData>>> - return the matching documents (if any).
+ */
+const queryCollection = async (firestoreDatabase, collection$1, queryConstraints) => {
+    // Make a query.
+    const q = query(collection(firestoreDatabase, collection$1), ...queryConstraints);
+    // Get docs.
+    const snap = await getDocs(q);
+    return snap;
+};
+/**
+ * Helper for obtaining uid and data for query document snapshots.
+ * @param queryDocSnap <Array<QueryDocumentSnapshot>> - the array of query document snapshot to be converted.
+ * @returns Array<FirebaseDocumentInfo>
+ */
+const fromQueryToFirebaseDocumentInfo = (queryDocSnap) => queryDocSnap.map((document) => ({
+    id: document.id,
+    ref: document.ref,
+    data: document.data()
+}));
+/**
+ * Fetch for all documents in a collection.
+ * @param firestoreDatabase <Firestore> - the Firestore service instance associated to the current Firebase application.
+ * @param collection <string> - the name of the collection.
+ * @returns <Promise<Array<QueryDocumentSnapshot<DocumentData>>>> - return all documents (if any).
+ */
+const getAllCollectionDocs = async (firestoreDatabase, collection$1) => (await getDocs(collection(firestoreDatabase, collection$1))).docs;
+/**
+ * Get a specific document from database.
+ * @param firestoreDatabase <Firestore> - the Firestore service instance associated to the current Firebase application.
+ * @param collection <string> - the name of the collection.
+ * @param documentId <string> - the unique identifier of the document in the collection.
+ * @returns <Promise<DocumentSnapshot<DocumentData>>> - return the document from Firestore.
+ */
+const getDocumentById = async (firestoreDatabase, collection, documentId) => {
+    const docRef = doc(firestoreDatabase, collection, documentId);
+    return getDoc(docRef);
+};
+/**
+ * Query for opened ceremonies.
+ * @param firestoreDatabase <Firestore> - the Firestore service instance associated to the current Firebase application.
+ * @returns <Promise<Array<FirebaseDocumentInfo>>>
+ */
+const getOpenedCeremonies = async (firestoreDatabase) => {
+    const runningStateCeremoniesQuerySnap = await queryCollection(firestoreDatabase, commonTerms.collections.ceremonies.name, [
+        where(commonTerms.collections.ceremonies.fields.state, "==", "OPENED" /* CeremonyState.OPENED */),
+        where(commonTerms.collections.ceremonies.fields.endDate, ">=", Date.now())
+    ]);
+    return fromQueryToFirebaseDocumentInfo(runningStateCeremoniesQuerySnap.docs);
+};
+/**
+ * Query for ceremony circuits.
+ * @notice the order by sequence position is fundamental to maintain parallelism among contributions for different circuits.
+ * @param firestoreDatabase <Firestore> - the Firestore service instance associated to the current Firebase application.
+ * @param ceremonyId <string> - the ceremony unique identifier.
+ * @returns Promise<Array<FirebaseDocumentInfo>> - the ceremony' circuits documents ordered by sequence position.
+ */
+const getCeremonyCircuits = async (firestoreDatabase, ceremonyId) => fromQueryToFirebaseDocumentInfo(await getAllCollectionDocs(firestoreDatabase, getCircuitsCollectionPath(ceremonyId))).sort((a, b) => a.data.sequencePosition - b.data.sequencePosition);
+/**
+ * Query for a specific ceremony' circuit contribution from a given contributor (if any).
+ * @notice if the caller is a coordinator, there could be more than one contribution (= the one from finalization applies to this criteria).
+ * @param firestoreDatabase <Firestore> - the Firestore service instance associated to the current Firebase application.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @param circuitId <string> - the unique identifier of the circuit.
+ * @param participantId <string> - the unique identifier of the participant.
+ * @returns <Promise<Array<FirebaseDocumentInfo>>> - the document info about the circuit contributions from contributor.
+ */
+const getCircuitContributionsFromContributor = async (firestoreDatabase, ceremonyId, circuitId, participantId) => {
+    const participantContributionsQuerySnap = await queryCollection(firestoreDatabase, getContributionsCollectionPath(ceremonyId, circuitId), [where(commonTerms.collections.contributions.fields.participantId, "==", participantId)]);
+    return fromQueryToFirebaseDocumentInfo(participantContributionsQuerySnap.docs);
+};
+/**
+ * Query for the active timeout from given participant for a given ceremony (if any).
+ * @param ceremonyId <string> - the identifier of the ceremony.
+ * @param participantId <string> - the identifier of the participant.
+ * @returns <Promise<Array<FirebaseDocumentInfo>>> - the document info about the current active participant timeout.
+ */
+const getCurrentActiveParticipantTimeout = async (firestoreDatabase, ceremonyId, participantId) => {
+    const participantTimeoutQuerySnap = await queryCollection(firestoreDatabase, getTimeoutsCollectionPath(ceremonyId, participantId), [where(commonTerms.collections.timeouts.fields.endDate, ">=", Timestamp.now().toMillis())]);
+    return fromQueryToFirebaseDocumentInfo(participantTimeoutQuerySnap.docs);
+};
+/**
+ * Query for the closed ceremonies.
+ * @notice a ceremony is closed when the period for receiving new contributions has ended.
+ * @dev when the ceremony is closed it becomes ready for finalization.
+ * @param firestoreDatabase <Firestore> - the Firestore service instance associated to the current Firebase application.
+ * @returns <Promise<Array<FirebaseDocumentInfo>>> - the list of closed ceremonies.
+ */
+const getClosedCeremonies = async (firestoreDatabase) => {
+    const closedCeremoniesQuerySnap = await queryCollection(firestoreDatabase, commonTerms.collections.ceremonies.name, [
+        where(commonTerms.collections.ceremonies.fields.state, "==", "CLOSED" /* CeremonyState.CLOSED */),
+        where(commonTerms.collections.ceremonies.fields.endDate, "<=", Date.now())
+    ]);
+    return fromQueryToFirebaseDocumentInfo(closedCeremoniesQuerySnap.docs);
+};
+
+/**
+ * @hidden
+ */
+const toHexByte = (byte) => (byte < 0x10 ? `0${byte.toString(16)}` : byte.toString(16));
+/**
+ * Converts Uint8Array to hexadecimal string.
+ * @param buffer arbritrary length of data
+ * @returns hexadecimal string
+ */
+const toHex = (buffer) => Array.from(buffer).map(toHexByte).join("");
+/**
+ * Get 512 bit blake hash of the contents of given path.
+ * @param data buffer or hexadecimal string
+ * @returns 64 byte hexadecimal string
+ */
+const blake512FromPath = async (path) => {
+    const context = blake.blake2bInit(64, undefined);
+    const hash = await new Promise((resolve) => {
+        fs.createReadStream(path)
+            .on("data", (chunk) => {
+            blake.blake2bUpdate(context, chunk);
+        })
+            .on("end", () => {
+            resolve(toHex(blake.blake2bFinal(context)));
+        });
+    });
+    return hash;
+};
+/**
+ * Return the SHA256 hash (HEX format) of a given value
+ * @param value <string> - the value to be hashed.
+ * @returns <string> - the HEX format of the SHA256 hash of the given value
+ */
+const computeSHA256ToHex = (value) => crypto.createHash("sha256").update(value).digest("hex");
+/**
+ * Helper function that can be used to compare whether two files' hashes are equal or not.
+ * @param path1 <string> Path to the first file.
+ * @param path2 <string> Path to the second file.
+ * @returns <Promise<boolean>> Whether the files are equal or not.
+ */
+const compareHashes = async (path1, path2) => {
+    const hash1 = await blake512FromPath(path1);
+    const hash2 = await blake512FromPath(path2);
+    return hash1 === hash2;
+};
+
+/**
+ * Parse and validate that the ceremony configuration is correct
+ * @notice this does not upload any files to storage
+ * @param path <string> - the path to the configuration file
+ * @param cleanup <boolean> - whether to delete the r1cs file after parsing
+ * @returns any - the data to pass to the cloud function for setup and the circuit artifacts
+ */
+const parseCeremonyFile = async (path, cleanup = false) => {
+    // check that the path exists
+    if (!fs.existsSync(path))
+        throw new Error("The provided path to the configuration file does not exist. Please provide an absolute path and try again.");
+    try {
+        // read the data
+        const data = JSON.parse(fs.readFileSync(path).toString());
+        // verify that the data is correct
+        if (data['timeoutMechanismType'] !== "DYNAMIC" /* CeremonyTimeoutType.DYNAMIC */ && data['timeoutMechanismType'] !== "FIXED" /* CeremonyTimeoutType.FIXED */)
+            throw new Error("Invalid timeout type. Please choose between DYNAMIC and FIXED.");
+        // validate that we have at least 1 circuit input data
+        if (!data.circuits || data.circuits.length === 0)
+            throw new Error("You need to provide the data for at least 1 circuit.");
+        // validate that the end date is in the future
+        let endDate;
+        let startDate;
+        try {
+            endDate = new Date(data.endDate);
+            startDate = new Date(data.startDate);
+        }
+        catch (error) {
+            throw new Error("The dates should follow this format: 2023-07-04T00:00:00.");
+        }
+        if (endDate <= startDate)
+            throw new Error("The end date should be greater than the start date.");
+        const currentDate = new Date();
+        if (endDate <= currentDate || startDate <= currentDate)
+            throw new Error("The start and end dates should be in the future.");
+        // validate penalty
+        if (data.penalty <= 0)
+            throw new Error("The penalty should be greater than zero.");
+        const circuits = [];
+        const urlPattern = /(https?:\/\/[^\s]+)/g;
+        const commitHashPattern = /^[a-f0-9]{40}$/i;
+        const circuitArtifacts = [];
+        for (let i = 0; i < data.circuits.length; i++) {
+            const circuitData = data.circuits[i];
+            const artifacts = circuitData.artifacts;
+            circuitArtifacts.push({
+                artifacts: artifacts
+            });
+            const r1csPath = artifacts.r1csStoragePath;
+            const wasmPath = artifacts.wasmStoragePath;
+            // where we storing the r1cs downloaded
+            const localR1csPath = `./${circuitData.name}.r1cs`;
+            // check that the artifacts exist in S3
+            // we don't need any privileges to download this
+            // just the correct region
+            const s3 = new S3Client({ region: artifacts.region });
+            try {
+                await s3.send(new HeadObjectCommand({
+                    Bucket: artifacts.bucket,
+                    Key: r1csPath
+                }));
+            }
+            catch (error) {
+                throw new Error(`The r1cs file (${r1csPath}) seems to not exist. Please ensure this is correct and that the object is publicly available.`);
+            }
+            try {
+                await s3.send(new HeadObjectCommand({
+                    Bucket: artifacts.bucket,
+                    Key: wasmPath
+                }));
+            }
+            catch (error) {
+                throw new Error(`The wasm file (${wasmPath}) seems to not exist. Please ensure this is correct and that the object is publicly available.`);
+            }
+            // download the r1cs to extract the metadata
+            const command = new GetObjectCommand({ Bucket: artifacts.bucket, Key: artifacts.r1csStoragePath });
+            const response = await s3.send(command);
+            const streamPipeline = promisify(pipeline);
+            if (response.$metadata.httpStatusCode !== 200)
+                throw new Error("There was an error while trying to download the r1cs file. Please check that the file has the correct permissions (public) set.");
+            if (response.Body instanceof Readable)
+                await streamPipeline(response.Body, fs.createWriteStream(localR1csPath));
+            // extract the metadata from the r1cs
+            const metadata = getR1CSInfo(localR1csPath);
+            // validate that the circuit hash and template links are valid
+            const template = circuitData.template;
+            const URLMatch = template.source.match(urlPattern);
+            if (!URLMatch || URLMatch.length === 0 || URLMatch.length > 1)
+                throw new Error("You should provide the URL to the circuits templates on GitHub.");
+            const hashMatch = template.commitHash.match(commitHashPattern);
+            if (!hashMatch || hashMatch.length === 0 || hashMatch.length > 1)
+                throw new Error("You should provide a valid commit hash of the circuit templates.");
+            // calculate the hash of the r1cs file
+            const r1csBlake2bHash = await blake512FromPath(localR1csPath);
+            const circuitPrefix = extractPrefix(circuitData.name);
+            // filenames
+            const doubleDigitsPowers = convertToDoubleDigits(metadata.pot);
+            const r1csCompleteFilename = `${circuitData.name}.r1cs`;
+            const wasmCompleteFilename = `${circuitData.name}.wasm`;
+            const smallestPowersOfTauCompleteFilenameForCircuit = `${potFilenameTemplate}${doubleDigitsPowers}.ptau`;
+            const firstZkeyCompleteFilename = `${circuitPrefix}_${genesisZkeyIndex}.zkey`;
+            // storage paths 
+            const r1csStorageFilePath = getR1csStorageFilePath(circuitPrefix, r1csCompleteFilename);
+            const wasmStorageFilePath = getWasmStorageFilePath(circuitPrefix, wasmCompleteFilename);
+            const potStorageFilePath = getPotStorageFilePath(smallestPowersOfTauCompleteFilenameForCircuit);
+            const zkeyStorageFilePath = getZkeyStorageFilePath(circuitPrefix, firstZkeyCompleteFilename);
+            const files = {
+                potFilename: smallestPowersOfTauCompleteFilenameForCircuit,
+                r1csFilename: r1csCompleteFilename,
+                wasmFilename: wasmCompleteFilename,
+                initialZkeyFilename: firstZkeyCompleteFilename,
+                potStoragePath: potStorageFilePath,
+                r1csStoragePath: r1csStorageFilePath,
+                wasmStoragePath: wasmStorageFilePath,
+                initialZkeyStoragePath: zkeyStorageFilePath,
+                r1csBlake2bHash: r1csBlake2bHash
+            };
+            // validate that the compiler hash is a valid hash 
+            const compiler = circuitData.compiler;
+            const compilerHashMatch = compiler.commitHash.match(commitHashPattern);
+            if (!compilerHashMatch || compilerHashMatch.length === 0 || compilerHashMatch.length > 1)
+                throw new Error("You should provide a valid commit hash of the circuit compiler.");
+            // validate that the verification options are valid
+            const verification = circuitData.verification;
+            if (verification.cfOrVm !== "CF" && verification.cfOrVm !== "VM")
+                throw new Error("Please enter a valid verification mechanism: either CF or VM");
+            // @todo VM parameters verification
+            // if (verification['cfOrVM'] === "VM") {}
+            // check that the timeout is provided for the correct configuration
+            let dynamicThreshold;
+            let fixedTimeWindow;
+            let circuit = {};
+            if (data.timeoutMechanismType === "DYNAMIC" /* CeremonyTimeoutType.DYNAMIC */) {
+                if (circuitData.dynamicThreshold <= 0)
+                    throw new Error("The dynamic threshold should be > 0.");
+                dynamicThreshold = circuitData.dynamicThreshold;
+                // the Circuit data for the ceremony setup
+                circuit = {
+                    name: circuitData.name,
+                    description: circuitData.description,
+                    prefix: circuitPrefix,
+                    sequencePosition: i + 1,
+                    metadata: metadata,
+                    files: files,
+                    template: template,
+                    compiler: compiler,
+                    verification: verification,
+                    dynamicThreshold: dynamicThreshold,
+                    avgTimings: {
+                        contributionComputation: 0,
+                        fullContribution: 0,
+                        verifyCloudFunction: 0
+                    },
+                };
+            }
+            if (data.timeoutMechanismType === "FIXED" /* CeremonyTimeoutType.FIXED */) {
+                if (circuitData.fixedTimeWindow <= 0)
+                    throw new Error("The fixed time window threshold should be > 0.");
+                fixedTimeWindow = circuitData.fixedTimeWindow;
+                // the Circuit data for the ceremony setup
+                circuit = {
+                    name: circuitData.name,
+                    description: circuitData.description,
+                    prefix: circuitPrefix,
+                    sequencePosition: i + 1,
+                    metadata: metadata,
+                    files: files,
+                    template: template,
+                    compiler: compiler,
+                    verification: verification,
+                    fixedTimeWindow: fixedTimeWindow,
+                    avgTimings: {
+                        contributionComputation: 0,
+                        fullContribution: 0,
+                        verifyCloudFunction: 0
+                    },
+                };
+            }
+            circuits.push(circuit);
+            // remove the local r1cs download (if used for verifying the config only vs setup)
+            if (cleanup)
+                fs.unlinkSync(localR1csPath);
+        }
+        const setupData = {
+            ceremonyInputData: {
+                title: data.title,
+                description: data.description,
+                startDate: startDate.valueOf(),
+                endDate: endDate.valueOf(),
+                timeoutMechanismType: data.timeoutMechanismType,
+                penalty: data.penalty
+            },
+            ceremonyPrefix: extractPrefix(data.title),
+            circuits: circuits,
+            circuitArtifacts: circuitArtifacts
+        };
+        return setupData;
+    }
+    catch (error) {
+        throw new Error(`Error while parsing up the ceremony setup file. ${error.message}`);
+    }
+};
+/**
+ * Extract data from a R1CS metadata file generated with a custom file-based logger.
+ * @notice useful for extracting metadata circuits contained in the generated file using a logger
+ * on the `r1cs.info()` method of snarkjs.
+ * @param fullFilePath <string> - the full path of the file.
+ * @param keyRgx <RegExp> - the regular expression linked to the key from which you want to extract the value.
+ * @returns <string> - the stringified extracted value.
+ */
+const extractR1CSInfoValueForGivenKey = (fullFilePath, keyRgx) => {
+    // Read the logger file.
+    const fileContents = fs.readFileSync(fullFilePath, "utf-8");
+    // Check for the matching value.
+    const matchingValue = fileContents.match(keyRgx);
+    if (!matchingValue)
+        throw new Error(`Unable to retrieve circuit metadata. Possible causes may involve an error while using the logger. Please, check whether the corresponding \`.log\` file is present in your local \`output/setup/metadata\` folder. In any case, we kindly ask you to terminate the current session and repeat the process.`);
+    // Elaborate spaces and special characters to extract the value.
+    // nb. this is a manual process which follows this custom arbitrary extraction rule
+    // accordingly to the output produced by the `r1cs.info()` method from snarkjs library.
+    return matchingValue?.at(0)?.split(":")[1].replace(" ", "").split("#")[0].replace("\n", "");
+};
+/**
+ * Calculate the smallest amount of Powers of Tau needed for a circuit with a constraint size.
+ * @param constraints <number> - the number of circuit constraints (extracted from metadata).
+ * @param outputs <number> - the number of circuit outputs (extracted from metadata)
+ * @returns <number> - the smallest amount of Powers of Tau for the given constraint size.
+ */
+const computeSmallestPowersOfTauForCircuit = (constraints, outputs) => {
+    let power = 2;
+    let tau = 2 ** power;
+    while (constraints + outputs > tau) {
+        power += 1;
+        tau = 2 ** power;
+    }
+    return power;
+};
+/**
+ * Transform a number in a zKey index format.
+ * @dev this method is aligned with the number of characters of the genesis zKey index (which is a constant).
+ * @param progress <number> - the progression in zKey index.
+ * @returns <string> - the progression in a zKey index format (`XYZAB`).
+ */
+const formatZkeyIndex = (progress) => {
+    let index = progress.toString();
+    // Pad with zeros if the progression has less digits.
+    while (index.length < genesisZkeyIndex.length) {
+        index = `0${index}`;
+    }
+    return index;
+};
+/**
+ * Extract the amount of powers from Powers of Tau file name.
+ * @dev the PoT files must follow these convention (i_am_a_pot_file_09.ptau) where the numbers before '.ptau' are the powers.
+ * @param potCompleteFilename <string> - the complete filename of the Powers of Tau file.
+ * @returns <number> - the amount of powers.
+ */
+const extractPoTFromFilename = (potCompleteFilename) => Number(potCompleteFilename.split("_").pop()?.split(".").at(0));
+/**
+ * Extract a prefix consisting of alphanumeric and underscore characters from a string with arbitrary characters.
+ * @dev replaces all special symbols and whitespaces with an underscore char ('_'). Convert all uppercase chars to lowercase.
+ * @notice example: str = 'Multiplier-2!2.4.zkey'; output prefix = 'multiplier_2_2_4.zkey'.
+ * NB. Prefix extraction is a key process that conditions the name of the ceremony artifacts, download/upload from/to storage, collections paths.
+ * @param str <string> - the arbitrary string from which to extract the prefix.
+ * @returns <string> - the resulting prefix.
+ */
+const extractPrefix = (str) => 
+// eslint-disable-next-line no-useless-escape
+str.replace(/[`\s~!@#$%^&*()|+\-=?;:'",.<>\{\}\[\]\\\/]/gi, "-").toLowerCase();
+/**
+ * Automate the generation of an entropy for a contribution.
+ * @dev Took inspiration from here https://github.com/glamperd/setup-mpc-ui/blob/master/client/src/state/Compute.tsx#L112.
+ * @todo we need to improve the entropy generation (too naive).
+ * @returns <string> - the auto-generated entropy.
+ */
+const autoGenerateEntropy = () => new Uint8Array(256).map(() => Math.random() * 256).toString();
+/**
+ * Check and return the circuit document based on its sequence position among a set of circuits (if any).
+ * @dev there should be only one circuit with a provided sequence position. This method checks and return an
+ * error if none is found.
+ * @param circuits <Array<FirebaseDocumentInfo>> - the set of ceremony circuits documents.
+ * @param sequencePosition <number> - the sequence position (index) of the circuit to be found and returned.
+ * @returns <FirebaseDocumentInfo> - the document of the circuit in the set of circuits that has the provided sequence position.
+ */
+const getCircuitBySequencePosition = (circuits, sequencePosition) => {
+    // Filter by sequence position.
+    const matchedCircuits = circuits.filter((circuitDocument) => circuitDocument.data.sequencePosition === sequencePosition);
+    if (matchedCircuits.length !== 1)
+        throw new Error(`Unable to find the circuit having position ${sequencePosition}. Run the command again and, if this error persists please contact the coordinator.`);
+    return matchedCircuits.at(0);
+};
+/**
+ * Convert bytes or chilobytes into gigabytes with customizable precision.
+ * @param bytesOrKb <number> - the amount of bytes or chilobytes to be converted.
+ * @param isBytes <boolean> - true when the amount to be converted is in bytes; otherwise false (= Chilobytes).
+ * @returns <number> - the converted amount in GBs.
+ */
+const convertBytesOrKbToGb = (bytesOrKb, isBytes) => Number(bytesOrKb / 1024 ** (isBytes ? 3 : 2));
+/**
+ * Get the validity of contributors' contributions for each circuit of the given ceremony (if any).
+ * @param firestoreDatabase <Firestore> - the Firestore service instance associated to the current Firebase application.
+ * @param circuits <Array<FirebaseDocumentInfo>> - the array of ceremony circuits documents.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @param participantId <string> - the unique identifier of the contributor.
+ * @param isFinalizing <boolean> - flag to discriminate between ceremony finalization (true) and contribution (false).
+ * @returns <Promise<Array<ContributionValidity>>> - a list of contributor contributions together with contribution validity (based on coordinator verification).
+ */
+const getContributionsValidityForContributor = async (firestoreDatabase, circuits, ceremonyId, participantId, isFinalizing) => {
+    const contributionsValidity = [];
+    for await (const circuit of circuits) {
+        // Get circuit contribution from contributor.
+        const circuitContributionsFromContributor = await getCircuitContributionsFromContributor(firestoreDatabase, ceremonyId, circuit.id, participantId);
+        // Check for ceremony finalization (= there could be more than one contribution).
+        const contribution = isFinalizing
+            ? circuitContributionsFromContributor
+                .filter((contributionDocument) => contributionDocument.data.zkeyIndex === finalContributionIndex)
+                .at(0)
+            : circuitContributionsFromContributor.at(0);
+        if (!contribution)
+            throw new Error("Unable to retrieve contributions for the participant. There may have occurred a database-side error. Please, we kindly ask you to terminate the current session and repeat the process");
+        contributionsValidity.push({
+            contributionId: contribution?.id,
+            circuitId: circuit.id,
+            valid: contribution?.data.valid
+        });
+    }
+    return contributionsValidity;
+};
+/**
+ * Return the public attestation preamble for given contributor.
+ * @param contributorIdentifier <string> - the identifier of the contributor (handle, name, uid).
+ * @param ceremonyName <string> - the name of the ceremony.
+ * @param isFinalizing <boolean> - true when the coordinator is finalizing the ceremony, otherwise false.
+ * @returns <string> - the public attestation preamble.
+ */
+const getPublicAttestationPreambleForContributor = (contributorIdentifier, ceremonyName, isFinalizing) => `Hey, I'm ${contributorIdentifier} and I have ${isFinalizing ? "finalized" : "contributed to"} the ${ceremonyName} MPC Phase2 Trusted Setup ceremony.\nThe following are my contribution signatures:`;
+/**
+ * Check and prepare public attestation for the contributor made only of its valid contributions.
+ * @param firestoreDatabase <Firestore> - the Firestore service instance associated to the current Firebase application.
+ * @param circuits <Array<FirebaseDocumentInfo>> - the array of ceremony circuits documents.
+ * @param ceremonyId <string> - the unique identifier of the ceremony.
+ * @param participantId <string> - the unique identifier of the contributor.
+ * @param participantContributions <Array<Co> - the document data of the participant.
+ * @param contributorIdentifier <string> - the identifier of the contributor (handle, name, uid).
+ * @param ceremonyName <string> - the name of the ceremony.
+ * @param isFinalizing <boolean> - true when the coordinator is finalizing the ceremony, otherwise false.
+ * @returns <Promise<string>> - the public attestation for the contributor.
+ */
+const generateValidContributionsAttestation = async (firestoreDatabase, circuits, ceremonyId, participantId, participantContributions, contributorIdentifier, ceremonyName, isFinalizing) => {
+    // Generate the attestation preamble for the contributor.
+    let publicAttestation = getPublicAttestationPreambleForContributor(contributorIdentifier, ceremonyName, isFinalizing);
+    // Get contributors' contributions validity.
+    const contributionsWithValidity = await getContributionsValidityForContributor(firestoreDatabase, circuits, ceremonyId, participantId, isFinalizing);
+    for await (const contributionWithValidity of contributionsWithValidity) {
+        // Filter for the related contribution document info.
+        const matchedContributions = participantContributions.filter((contribution) => contribution.doc === contributionWithValidity.contributionId);
+        if (matchedContributions.length === 0)
+            throw new Error(`Unable to retrieve given circuit contribution information. This could happen due to some errors while writing the information on the database.`);
+        if (matchedContributions.length > 1)
+            throw new Error(`Duplicated circuit contribution information. Please, contact the coordinator.`);
+        const participantContribution = matchedContributions.at(0);
+        // Get circuit document (the one for which the contribution was calculated).
+        const circuitDocument = await getDocumentById(firestoreDatabase, getCircuitsCollectionPath(ceremonyId), contributionWithValidity.circuitId);
+        const contributionDocument = await getDocumentById(firestoreDatabase, getContributionsCollectionPath(ceremonyId, contributionWithValidity.circuitId), participantContribution.doc);
+        if (!contributionDocument.data() || !circuitDocument.data())
+            throw new Error(`Something went wrong when retrieving the data from the database`);
+        // Extract data.
+        const { sequencePosition, prefix } = circuitDocument.data();
+        const { zkeyIndex } = contributionDocument.data();
+        // Update public attestation.
+        publicAttestation = `${publicAttestation}\n\nCircuit # ${sequencePosition} (${prefix})\nContributor # ${zkeyIndex > 0 ? Number(zkeyIndex) : zkeyIndex}\n${participantContribution.hash}`;
+    }
+    return publicAttestation;
+};
+/**
+ * Create a custom logger to write logs on a local file.
+ * @param filename <string> - the name of the output file (where the logs are going to be written).
+ * @param level <winston.LoggerOptions["level"]> - the option for the logger level (e.g., info, error).
+ * @returns <Logger> - a customized winston logger for files.
+ */
+const createCustomLoggerForFile = (filename, level = "info") => winston.createLogger({
+    level,
+    transports: new winston.transports.File({
+        filename,
+        format: winston.format.printf((log) => log.message),
+        level
+    })
+});
+/**
+ * Return an amount of bytes read from a file to a particular location in the form of a buffer.
+ * @param localFilePath <string> - the local path where the artifact will be downloaded.
+ * @param offset <number> - the index of the line to be read (0 from the start).
+ * @param length <number> - the length of the line to be read.
+ * @param position <ReadPosition> - the position inside the file.
+ * @returns <Buffer> - the buffer w/ the read bytes.
+ */
+const readBytesFromFile = (localFilePath, offset, length, position) => {
+    // Open the file (read mode).
+    const fileDescriptor = fs.openSync(localFilePath, "r");
+    // Prepare buffer.
+    const buffer = Buffer.alloc(length);
+    // Read bytes.
+    fs.readSync(fileDescriptor, buffer, offset, length, position);
+    // Return the read bytes.
+    return buffer;
+};
+/**
+ * Return the info about the R1CS file.ù
+ * @dev this method was built taking inspiration from
+ * https://github.com/weijiekoh/circom-helper/blob/master/ts/read_num_inputs.ts#L5.
+ * You can find the specs of R1CS file here
+ * https://github.com/iden3/r1csfile/blob/master/doc/r1cs_bin_format.md
+ * @param localR1CSFilePath <string> - the local path to the R1CS file.
+ * @returns <CircuitMetadata> - the info about the R1CS file.
+ */
+const getR1CSInfo = (localR1CSFilePath) => {
+    /**
+     *    ┏━━━━┳━━━━━━━━━━━━━━━━━┓
+     *    ┃ 4  │   72 31 63 73   ┃     Magic  "r1cs"
+     *    ┗━━━━┻━━━━━━━━━━━━━━━━━┛
+     *    ┏━━━━┳━━━━━━━━━━━━━━━━━┓
+     *    ┃ 4  │   01 00 00 00   ┃       Version 1
+     *    ┗━━━━┻━━━━━━━━━━━━━━━━━┛
+     *    ┏━━━━┳━━━━━━━━━━━━━━━━━┓
+     *    ┃ 4  │   03 00 00 00   ┃       Number of Sections
+     *    ┗━━━━┻━━━━━━━━━━━━━━━━━┛
+     *    ┏━━━━┳━━━━━━━━━━━━━━━━━┳━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━┓
+     *    ┃ 4  │ sectionType     ┃  8  │   SectionSize          ┃
+     *    ┗━━━━┻━━━━━━━━━━━━━━━━━┻━━━━━┻━━━━━━━━━━━━━━━━━━━━━━━━┛
+     *    ┏━━━━━━━━━━━━━━━━━━━━━┓
+     *    ┃                     ┃
+     *    ┃                     ┃
+     *    ┃                     ┃
+     *    ┃  Section Content    ┃
+     *    ┃                     ┃
+     *    ┃                     ┃
+     *    ┃                     ┃
+     *    ┗━━━━━━━━━━━━━━━━━━━━━┛
+     *
+     *    ┏━━━━┳━━━━━━━━━━━━━━━━━┳━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━┓
+     *    ┃ 4  │ sectionType     ┃  8  │   SectionSize          ┃
+     *    ┗━━━━┻━━━━━━━━━━━━━━━━━┻━━━━━┻━━━━━━━━━━━━━━━━━━━━━━━━┛
+     *    ┏━━━━━━━━━━━━━━━━━━━━━┓
+     *    ┃                     ┃
+     *    ┃                     ┃
+     *    ┃                     ┃
+     *    ┃  Section Content    ┃
+     *    ┃                     ┃
+     *    ┃                     ┃
+     *    ┃                     ┃
+     *    ┗━━━━━━━━━━━━━━━━━━━━━┛
+     *
+     *     ...
+     *     ...
+     *     ...
+     */
+    // Prepare state.
+    let pointer = 0; // selector to particular file data position in order to read data.
+    let wires = 0;
+    let publicOutputs = 0;
+    let publicInputs = 0;
+    let privateInputs = 0;
+    let labels = 0;
+    let constraints = 0;
+    try {
+        // Get 'number of section' (jump magic r1cs and version1 data).
+        const numberOfSections = utils.leBuff2int(readBytesFromFile(localR1CSFilePath, 0, 4, 8));
+        // Jump to first section.
+        pointer = 12;
+        // For each section
+        for (let i = 0; i < numberOfSections; i++) {
+            // Read section type.
+            const sectionType = utils.leBuff2int(readBytesFromFile(localR1CSFilePath, 0, 4, pointer));
+            // Jump to section size.
+            pointer += 4;
+            // Read section size
+            const sectionSize = Number(utils.leBuff2int(readBytesFromFile(localR1CSFilePath, 0, 8, pointer)));
+            // If at header section (0x00000001 : Header Section).
+            if (sectionType === BigInt(1)) {
+                // Read info from header section.
+                /**
+                 *  ┏━━━━┳━━━━━━━━━━━━━━━━━┓
+                 *  ┃ 4  │   20 00 00 00   ┃               Field Size in bytes (fs)
+                 *  ┗━━━━┻━━━━━━━━━━━━━━━━━┛
+                 *  ┏━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
+                 *  ┃ fs │   010000f0 93f5e143 9170b979 48e83328 5d588181 b64550b8 29a031e1 724e6430 ┃  Prime size
+                 *  ┗━━━━┻━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
+                 *  ┏━━━━┳━━━━━━━━━━━━━━━━━┓
+                 *  ┃ 32 │   01 00 00 00   ┃               nWires
+                 *  ┗━━━━┻━━━━━━━━━━━━━━━━━┛
+                 *  ┏━━━━┳━━━━━━━━━━━━━━━━━┓
+                 *  ┃ 32 │   01 00 00 00   ┃               nPubOut
+                 *  ┗━━━━┻━━━━━━━━━━━━━━━━━┛
+                 *  ┏━━━━┳━━━━━━━━━━━━━━━━━┓
+                 *  ┃ 32 │   01 00 00 00   ┃               nPubIn
+                 *  ┗━━━━┻━━━━━━━━━━━━━━━━━┛
+                 *  ┏━━━━┳━━━━━━━━━━━━━━━━━┓
+                 *  ┃ 32 │   01 00 00 00   ┃               nPrvIn
+                 *  ┗━━━━┻━━━━━━━━━━━━━━━━━┛
+                 *  ┏━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
+                 *  ┃ 64 │   01 00 00 00 00 00 00 00   ┃   nLabels
+                 *  ┗━━━━┻━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
+                 *  ┏━━━━┳━━━━━━━━━━━━━━━━━┓
+                 *  ┃ 32 │   01 00 00 00   ┃               mConstraints
+                 *  ┗━━━━┻━━━━━━━━━━━━━━━━━┛
+                 */
+                pointer += sectionSize - 20;
+                // Read R1CS info.
+                wires = Number(utils.leBuff2int(readBytesFromFile(localR1CSFilePath, 0, 4, pointer)));
+                pointer += 4;
+                publicOutputs = Number(utils.leBuff2int(readBytesFromFile(localR1CSFilePath, 0, 4, pointer)));
+                pointer += 4;
+                publicInputs = Number(utils.leBuff2int(readBytesFromFile(localR1CSFilePath, 0, 4, pointer)));
+                pointer += 4;
+                privateInputs = Number(utils.leBuff2int(readBytesFromFile(localR1CSFilePath, 0, 4, pointer)));
+                pointer += 4;
+                labels = Number(utils.leBuff2int(readBytesFromFile(localR1CSFilePath, 0, 8, pointer)));
+                pointer += 8;
+                constraints = Number(utils.leBuff2int(readBytesFromFile(localR1CSFilePath, 0, 4, pointer)));
+            }
+            pointer += 8 + Number(sectionSize);
+        }
+        return {
+            curve: "bn-128",
+            wires,
+            constraints,
+            privateInputs,
+            publicInputs,
+            labels,
+            outputs: publicOutputs,
+            pot: computeSmallestPowersOfTauForCircuit(constraints, publicOutputs)
+        };
+    }
+    catch (err) {
+        throw new Error(`The R1CS file you provided would not appear to be correct. Please, check that you have provided a valid R1CS file and repeat the process.`);
+    }
+};
+/**
+ * Return a string with double digits if the provided input is one digit only.
+ * @param in <number> - the input number to be converted.
+ * @returns <string> - the two digits stringified number derived from the conversion.
+ */
+const convertToDoubleDigits = (amount) => (amount < 10 ? `0${amount}` : amount.toString());
+
+/**
+ * Verify that a zKey is valid
+ * @param r1csLocalFilePath <string> path to the r1cs file
+ * @param zkeyLocalPath <string> path to the zKey file
+ * @param potLocalFilePath <string> path to the PoT file
+ * @param logger <any> logger instance
+ * @returns <boolean> true if the zKey is valid, false otherwise
+ */
+const verifyZKey = async (r1csLocalFilePath, zkeyLocalPath, potLocalFilePath, logger) => {
+    if (!fs.existsSync(r1csLocalFilePath))
+        throw new Error(`R1CS file not found at ${r1csLocalFilePath}`);
+    if (!fs.existsSync(zkeyLocalPath))
+        throw new Error(`zKey file not found at ${zkeyLocalPath}`);
+    if (!fs.existsSync(potLocalFilePath))
+        throw new Error(`PoT file not found at ${potLocalFilePath}`);
+    const res = await zKey.verifyFromR1cs(r1csLocalFilePath, potLocalFilePath, zkeyLocalPath, logger);
+    return res;
+};
+/**
+ * Generates a GROTH16 proof
+ * @param circuitInput <object> Input to the circuit
+ * @param zkeyFilePath <string> Path to the proving key
+ * @param wasmFilePath <string> Path to the compiled circuit
+ * @param logger <any> Optional logger
+ * @returns <Promise<object>> The proof
+ */
+const generateGROTH16Proof = async (circuitInput, zkeyFilePath, wasmFilePath, logger) => {
+    try {
+        const { proof, publicSignals } = await groth16.fullProve(circuitInput, wasmFilePath, zkeyFilePath, logger);
+        return {
+            proof,
+            publicSignals
+        };
+    }
+    catch (error) {
+        throw new Error("There was an error while generating a proof. Please check that the input is correct, as well as the required system paths; and please try again.");
+    }
+};
+/**
+ * Verifies a GROTH16 proof
+ * @param verificationKeyPath <string> Path to the verification key
+ * @param publicSignals <object> Public signals
+ * @param proof <object> Proof
+ * @returns <Promise<boolean>> Whether the proof is valid or not
+ */
+const verifyGROTH16Proof = async (verificationKeyPath, publicSignals, proof) => {
+    const verificationKey = JSON.parse(fs.readFileSync(verificationKeyPath).toString());
+    const success = await groth16.verify(verificationKey, publicSignals, proof);
+    return success;
+};
+/**
+ * Helper method to extract the Solidity verifier
+ * from a final zKey file and save it to a local file.
+ * @param finalZkeyPath <string> The path to the zKey file.
+ * @return <any> The Solidity verifier code.
+ */
+const exportVerifierContract = async (finalZkeyPath, templatePath) => {
+    // Extract verifier.
+    let verifierCode = await zKey.exportSolidityVerifier(finalZkeyPath, {
+        groth16: fs.readFileSync(templatePath).toString()
+    }, console);
+    // Update solidity version.
+    verifierCode = verifierCode.replace(/pragma solidity \^\d+\.\d+\.\d+/, `pragma solidity ^${solidityVersion}`);
+    return verifierCode;
+};
+/**
+ * Helpers method to extract the vKey from a final zKey file
+ * @param finalZkeyPath <string> The path to the zKey file.
+ * @return <any> The vKey.
+ */
+const exportVkey = async (finalZkeyPath) => {
+    const verificationKeyJSONData = await zKey.exportVerificationKey(finalZkeyPath);
+    return verificationKeyJSONData;
+};
+/**
+ * Helper method to extract the Solidity verifier and the Verification key
+ * from a final zKey file and save them to local files.
+ * @param finalZkeyPath <string> The path to the zKey file.
+ * @param verifierLocalPath <string> The path to the local file where the verifier will be saved.
+ * @param vKeyLocalPath <string> The path to the local file where the vKey will be saved.
+ * @param templatePath <string> The path to the template file.
+ */
+const exportVerifierAndVKey = async (finalZkeyPath, verifierLocalPath, vKeyLocalPath, templatePath) => {
+    const verifierCode = await exportVerifierContract(finalZkeyPath, templatePath);
+    fs.writeFileSync(verifierLocalPath, verifierCode);
+    const verificationKeyJSONData = await exportVkey(finalZkeyPath);
+    fs.writeFileSync(vKeyLocalPath, JSON.stringify(verificationKeyJSONData));
+};
+/**
+ * Generate a zKey from scratch (useful to compute either the genesis or final zKey)
+ * @param isFinalizing <boolean> Whether the ceremony is finalizing or not
+ * @param r1csLocalPath <string> The path to the local r1cs file
+ * @param potLocalPath <string> The path to the local pot file
+ * @param zkeyLocalPath <string> The path to save the generated zKey
+ * @param logger <any> The logger instance
+ * @param finalContributionZKeyLocalPath <string> The path to the local zkey file of the final contribution (only for final zKey)
+ * @param coordinatorIdentifier <string> The identifier of the coordinator (only for final zKey)
+ * @param beacon <string> The beacon value for the last contribution (only for final zKey)
+ */
+const generateZkeyFromScratch = async (isFinalizing, r1csLocalPath, potLocalPath, zkeyLocalPath, logger, finalContributionZKeyLocalPath, coordinatorIdentifier, beacon) => {
+    if (!fs.existsSync(r1csLocalPath) || !fs.existsSync(potLocalPath))
+        throw new Error("There was an error while opening the local files. Please make sure that you provided the right paths and try again.");
+    if (isFinalizing) {
+        if (!fs.existsSync(finalContributionZKeyLocalPath))
+            throw new Error("There was an error while opening the last zKey generated by a contributor. Please make sure that you provided the right path and try again.");
+        await zKey.beacon(finalContributionZKeyLocalPath, zkeyLocalPath, coordinatorIdentifier, beacon, numExpIterations, logger);
+    }
+    else
+        await zKey.newZKey(r1csLocalPath, potLocalPath, zkeyLocalPath, logger);
+};
+/**
+ * Helper function used to compare two ceremony artifacts
+ * @param firebaseFunctions <Functions> Firebase functions object
+ * @param localPath1 <string> Local path to store the first artifact
+ * @param localPath2 <string> Local path to store the second artifact
+ * @param storagePath1 <string> Storage path to the first artifact
+ * @param storagePath2 <string> Storage path to the second artifact
+ * @param bucketName1 <string> Bucket name of the first artifact
+ * @param bucketName2 <string> Bucket name of the second artifact
+ * @param cleanup <boolean> Whether to delete the downloaded files or not
+ * @returns <Promise<boolean>> true if the hashes match, false otherwise
+ */
+const compareCeremonyArtifacts = async (firebaseFunctions, localPath1, localPath2, storagePath1, storagePath2, bucketName1, bucketName2, cleanup) => {
+    // 1. download files
+    await downloadCeremonyArtifact(firebaseFunctions, bucketName1, storagePath1, localPath1);
+    await downloadCeremonyArtifact(firebaseFunctions, bucketName2, storagePath2, localPath2);
+    // 2. compare hashes
+    const res = await compareHashes(localPath1, localPath2);
+    // 3. cleanup
+    if (cleanup) {
+        fs.unlinkSync(localPath1);
+        fs.unlinkSync(localPath2);
+    }
+    // 4. return result
+    return res;
+};
+/**
+ * Given a ceremony prefix, download all the ceremony artifacts
+ * @param functions <Functions> firebase functions instance
+ * @param firestore <Firestore> firebase firestore instance
+ * @param ceremonyPrefix <string> ceremony prefix
+ * @param outputDirectory <string> output directory where to
+ * @returns <Promise<CeremonyArtifacts[]>> array of ceremony artifacts
+ */
+const downloadAllCeremonyArtifacts = async (functions, firestore, ceremonyPrefix, outputDirectory) => {
+    // mkdir if not exists
+    if (!fs.existsSync(outputDirectory)) {
+        fs.mkdirSync(outputDirectory);
+    }
+    if (!process.env.CONFIG_CEREMONY_BUCKET_POSTFIX)
+        throw new Error("CONFIG_CEREMONY_BUCKET_POSTFIX not set. Please review your env file and try again.");
+    const ceremonyArtifacts = [];
+    // find the ceremony given the prefix
+    const ceremonyQuery = await queryCollection(firestore, commonTerms.collections.ceremonies.name, [
+        where(commonTerms.collections.ceremonies.fields.prefix, "==", ceremonyPrefix)
+    ]);
+    // get the data
+    const ceremonyData = fromQueryToFirebaseDocumentInfo(ceremonyQuery.docs);
+    if (ceremonyData.length === 0)
+        throw new Error("Ceremony not found. Please review your ceremony prefix and try again.");
+    const ceremony = ceremonyData.at(0);
+    // reconstruct the bucket name
+    const bucketName = getBucketName(ceremonyPrefix, process.env.CONFIG_CEREMONY_BUCKET_POSTFIX);
+    const circuits = await getCeremonyCircuits(firestore, ceremony.id);
+    if (circuits.length === 0)
+        throw new Error("No circuits found for this ceremony. Please review your ceremony prefix and try again.");
+    // for each circuit we have to download artifacts
+    for (const circuit of circuits) {
+        // make a directory for storing the circuit artifacts
+        const circuitDir = `${outputDirectory}/${ceremony.data.prefix}/${circuit.data.prefix}`;
+        fs.mkdirSync(circuitDir, { recursive: true });
+        // get all required file names in storage and for local storage
+        const { potStoragePath } = circuit.data.files;
+        const potLocalPath = `${circuitDir}/${circuit.data.files.potFilename}`;
+        const { r1csStoragePath } = circuit.data.files;
+        const r1csLocalPath = `${circuitDir}/${circuit.data.files.r1csFilename}`;
+        const contributions = circuit.data.waitingQueue.completedContributions;
+        const zkeyIndex = formatZkeyIndex(contributions);
+        const lastZKeyStoragePath = getZkeyStorageFilePath(circuit.data.prefix, `${circuit.data.prefix}_${zkeyIndex}.zkey`);
+        const lastZKeyLocalPath = `${circuitDir}/${circuit.data.prefix}_${zkeyIndex}.zkey`;
+        const finalZKeyName = `${circuit.data.prefix}_${finalContributionIndex}.zkey`;
+        const finalZkeyStoragePath = getZkeyStorageFilePath(circuit.data.prefix, finalZKeyName);
+        const finalZKeyLocalPath = `${circuitDir}/${finalZKeyName}`;
+        const verifierStoragePath = getVerifierContractStorageFilePath(circuit.data.prefix, `${verifierSmartContractAcronym}.sol`);
+        const verifierLocalPath = `${circuitDir}/${circuit.data.prefix}_${verifierSmartContractAcronym}.sol`;
+        const vKeyStoragePath = getVerificationKeyStorageFilePath(circuit.data.prefix, `${verificationKeyAcronym}.json`);
+        const vKeyLocalPath = `${circuitDir}/${circuit.data.prefix}_${verificationKeyAcronym}.json`;
+        const wasmStoragePath = getWasmStorageFilePath(circuit.data.prefix, `${circuit.data.prefix}.wasm`);
+        const wasmLocalPath = `${circuitDir}/${circuit.data.prefix}.wasm`;
+        // download everything
+        await downloadCeremonyArtifact(functions, bucketName, potStoragePath, potLocalPath);
+        await downloadCeremonyArtifact(functions, bucketName, r1csStoragePath, r1csLocalPath);
+        await downloadCeremonyArtifact(functions, bucketName, lastZKeyStoragePath, lastZKeyLocalPath);
+        await downloadCeremonyArtifact(functions, bucketName, finalZkeyStoragePath, finalZKeyLocalPath);
+        await downloadCeremonyArtifact(functions, bucketName, verifierStoragePath, verifierLocalPath);
+        await downloadCeremonyArtifact(functions, bucketName, vKeyStoragePath, vKeyLocalPath);
+        await downloadCeremonyArtifact(functions, bucketName, wasmStoragePath, wasmLocalPath);
+        ceremonyArtifacts.push({
+            circuitPrefix: circuit.data.prefix,
+            circuitId: circuit.id,
+            directoryRoot: circuitDir,
+            potLocalFilePath: potLocalPath,
+            r1csLocalFilePath: r1csLocalPath,
+            finalZkeyLocalFilePath: finalZKeyLocalPath,
+            lastZkeyLocalFilePath: lastZKeyLocalPath,
+            verifierLocalFilePath: verifierLocalPath,
+            verificationKeyLocalFilePath: vKeyLocalPath,
+            wasmLocalFilePath: wasmLocalPath
+        });
+    }
+    return ceremonyArtifacts;
+};
+/**
+ * Fetch the final contribution beacon from Firestore
+ * @param firestore <Firestore> firebase firestore instance
+ * @param ceremonyId <string> ceremony id
+ * @param circuitId <string> circuit id
+ * @param participantId <string> participant id
+ * @returns <Promise<string>> final contribution beacon
+ */
+const getFinalContributionBeacon = async (firestore, ceremonyId, circuitId, participantId) => {
+    const contributions = await getCircuitContributionsFromContributor(firestore, ceremonyId, circuitId, participantId);
+    const filtered = contributions
+        .filter((contributionDocument) => contributionDocument.data.zkeyIndex === finalContributionIndex)
+        .at(0);
+    if (!filtered)
+        throw new Error("Final contribution not found. Please check that you provided the correct input data and try again.");
+    return filtered.data.beacon.value;
+};
+
+/**
+ * This method initialize a Firebase app if no other app has already been initialized.
+ * @param options <FirebaseOptions> - an object w/ every necessary Firebase option to init app.
+ * @returns <FirebaseApp> - the initialized Firebase app object.
+ */
+const initializeFirebaseApp = (options) => initializeApp(options);
+/**
+ * This method returns the Firestore database instance associated to the given Firebase application.
+ * @param app <FirebaseApp> - the Firebase application.
+ * @returns <Firestore> - the Firebase Firestore associated to the application.
+ */
+const getFirestoreDatabase = (app) => getFirestore(app);
+/**
+ * This method returns the Cloud Functions instance associated to the given Firebase application.
+ * @param app <FirebaseApp> - the Firebase application.
+ * @returns <Functions> - the Cloud Functions associated to the application.
+ */
+const getFirebaseFunctions = (app) => getFunctions(app, 'europe-west1');
+/**
+ * Retrieve the configuration variables for the AWS services (S3, EC2).
+ * @returns <AWSVariables> - the values of the AWS services configuration variables.
+ */
+const getAWSVariables = () => {
+    if (!process.env.AWS_ACCESS_KEY_ID ||
+        !process.env.AWS_SECRET_ACCESS_KEY ||
+        !process.env.AWS_REGION ||
+        !process.env.AWS_ROLE_ARN ||
+        !process.env.AWS_AMI_ID)
+        throw new Error("Could not retrieve the AWS environment variables. Please, verify your environment configuration and retry");
+    return {
+        accessKeyId: process.env.AWS_ACCESS_KEY_ID,
+        secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY,
+        region: process.env.AWS_REGION || "us-east-1",
+        roleArn: process.env.AWS_ROLE_ARN,
+        amiId: process.env.AWS_AMI_ID
+    };
+};
+/**
+ * Return the core Firebase services instances (App, Database, Functions).
+ * @param apiKey <string> - the API key specified in the application config.
+ * @param authDomain <string> - the authDomain string specified in the application config.
+ * @param projectId <string> - the projectId specified in the application config.
+ * @param messagingSenderId <string> - the messagingSenderId specified in the application config.
+ * @param appId <string> - the appId specified in the application config.
+ * @returns <Promise<FirebaseServices>>
+ */
+const initializeFirebaseCoreServices = async (apiKey, authDomain, projectId, messagingSenderId, appId) => {
+    const firebaseApp = initializeFirebaseApp({
+        apiKey,
+        authDomain,
+        projectId,
+        messagingSenderId,
+        appId
+    });
+    const firestoreDatabase = getFirestoreDatabase(firebaseApp);
+    const firebaseFunctions = getFirebaseFunctions(firebaseApp);
+    return {
+        firebaseApp,
+        firestoreDatabase,
+        firebaseFunctions
+    };
+};
+
+/**
+ * Sign in w/ OAuth 2.0 token.
+ * @param firebaseApp <FirebaseApp> - the configured instance of the Firebase App in use.
+ * @param credentials <OAuthCredential> - the OAuth credential generated from token exchange.
+ */
+const signInToFirebaseWithCredentials = async (firebaseApp, credentials) => signInWithCredential(initializeAuth(firebaseApp), credentials);
+/**
+ * Return the current authenticated user in the given Firebase Application.
+ * @param firebaseApp <FirebaseApp> - the configured instance of the Firebase App in use.
+ * @returns <User> - the object containing the data about the current authenticated user in the given Firebase application.
+ */
+const getCurrentFirebaseAuthUser = (firebaseApp) => {
+    const user = getAuth(firebaseApp).currentUser;
+    if (!user)
+        throw new Error(`Unable to find the user currently authenticated with Firebase. Verify that the Firebase application is properly configured and repeat user authentication before trying again.`);
+    return user;
+};
+/**
+ * Check if the user can claim to be a coordinator.
+ * @param user <User> - the user to be checked.
+ * @returns Promise<boolean> - true if the user is a coordinator, false otherwise.
+ */
+const isCoordinator = async (user) => {
+    const userTokenAndClaims = await user.getIdTokenResult();
+    return !!userTokenAndClaims.claims.coordinator;
+};
+
+/**
+ * Formats part of a GROTH16 SNARK proof
+ * @link adapted from SNARKJS p256 function
+ * @param proofPart <any> a part of a proof to be formatted
+ * @returns <string> the formatted proof part
+ */
+const p256 = (proofPart) => {
+    let nProofPart = proofPart.toString(16);
+    while (nProofPart.length < 64)
+        nProofPart = `0${nProofPart}`;
+    nProofPart = `0x${nProofPart}`;
+    return nProofPart;
+};
+/**
+ * This function formats the calldata for Solidity
+ * @link adapted from SNARKJS formatSolidityCalldata function
+ * @dev this function is supposed to be called with
+ * @dev the output of generateGROTH16Proof
+ * @param circuitInput <string[]> Inputs to the circuit
+ * @param _proof <object> Proof
+ * @returns <SolidityCalldata> The calldata formatted for Solidity
+ */
+const formatSolidityCalldata = (circuitInput, _proof) => {
+    try {
+        const proof = utils.unstringifyBigInts(_proof);
+        // format the public inputs to the circuit
+        const formattedCircuitInput = [];
+        for (const cInput of circuitInput) {
+            formattedCircuitInput.push(p256(utils.unstringifyBigInts(cInput)));
+        }
+        // construct calldata
+        const calldata = {
+            arg1: [p256(proof.pi_a[0]), p256(proof.pi_a[1])],
+            arg2: [
+                [p256(proof.pi_b[0][1]), p256(proof.pi_b[0][0])],
+                [p256(proof.pi_b[1][1]), p256(proof.pi_b[1][0])]
+            ],
+            arg3: [p256(proof.pi_c[0]), p256(proof.pi_c[1])],
+            arg4: formattedCircuitInput
+        };
+        return calldata;
+    }
+    catch (error) {
+        throw new Error("There was an error while formatting the calldata. Please make sure that you are calling this function with the output of the generateGROTH16Proof function, and then please try again.");
+    }
+};
+/**
+ * Verify a GROTH16 SNARK proof on chain
+ * @param contract <Contract> The contract instance
+ * @param proof <SolidityCalldata> The calldata formatted for Solidity
+ * @returns <Promise<boolean>> Whether the proof is valid or not
+ */
+const verifyGROTH16ProofOnChain = async (contract, proof) => {
+    const res = await contract.verifyProof(proof.arg1, proof.arg2, proof.arg3, proof.arg4);
+    return res;
+};
+/**
+ * Compiles a contract given a path
+ * @param contractPath <string> path to the verifier contract
+ * @returns <Promise<any>> the compiled contract
+ */
+const compileContract = async (contractPath) => {
+    if (!fs.existsSync(contractPath))
+        throw new Error("The contract path does not exist. Please make sure that you are passing a valid path to the contract and try again.");
+    const data = fs.readFileSync(contractPath).toString();
+    const input = {
+        language: "Solidity",
+        sources: {
+            Verifier: { content: data }
+        },
+        settings: {
+            outputSelection: {
+                "*": {
+                    "*": ["*"]
+                }
+            }
+        }
+    };
+    try {
+        const compiled = JSON.parse(solc.compile(JSON.stringify(input), { import: { contents: "" } }));
+        return compiled.contracts.Verifier.Verifier;
+    }
+    catch (error) {
+        throw new Error("There was an error while compiling the smart contract. Please check that the file is not corrupted and try again.");
+    }
+};
+/**
+ * Deploy the verifier contract
+ * @param contractFactory <ContractFactory> The contract factory
+ * @returns <Promise<Contract>> The contract instance
+ */
+const deployVerifierContract = async (contractPath, signer) => {
+    const compiledContract = await compileContract(contractPath);
+    // connect to hardhat node running locally
+    const contractFactory = new ContractFactory(compiledContract.abi, compiledContract.evm.bytecode.object, signer);
+    const contract = await contractFactory.deploy();
+    await contract.deployed();
+    return contract;
+};
+/**
+ * Verify a ceremony validity
+ * 1. Download all artifacts
+ * 2. Verify that the zkeys are valid
+ * 3. Extract the verifier and the vKey
+ * 4. Generate a proof and verify it locally
+ * 5. Deploy Verifier contract and verify the proof on-chain
+ * @param functions <Functions> firebase functions instance
+ * @param firestore <Firestore> firebase firestore instance
+ * @param ceremonyPrefix <string> ceremony prefix
+ * @param outputDirectory <string> output directory where to store the ceremony artifacts
+ * @param circuitInputsPath <string> path to the circuit inputs file
+ * @param verifierTemplatePath <string> path to the verifier template file
+ * @param signer <Signer> signer for contract interaction
+ * @param logger <any> logger for printing snarkjs output
+ */
+const verifyCeremony = async (functions, firestore, ceremonyPrefix, outputDirectory, circuitInputsPath, verifierTemplatePath, signer, logger) => {
+    // 1. download all ceremony artifacts
+    const ceremonyArtifacts = await downloadAllCeremonyArtifacts(functions, firestore, ceremonyPrefix, outputDirectory);
+    // if there are no ceremony artifacts, we throw an error
+    if (ceremonyArtifacts.length === 0)
+        throw new Error("There was an error while downloading all ceremony artifacts. Please review your ceremony prefix and try again.");
+    // extract the circuit inputs
+    if (!fs.existsSync(circuitInputsPath))
+        throw new Error("The circuit inputs file does not exist. Please check the path and try again.");
+    const circuitsInputs = JSON.parse(fs.readFileSync(circuitInputsPath).toString());
+    // find the ceremony given the prefix
+    const ceremonyQuery = await queryCollection(firestore, commonTerms.collections.ceremonies.name, [
+        where(commonTerms.collections.ceremonies.fields.prefix, "==", ceremonyPrefix)
+    ]);
+    // get the ceremony data - no need to do an existence check as
+    // we already checked that the ceremony exists in downloafAllCeremonyArtifacts
+    const ceremonyData = fromQueryToFirebaseDocumentInfo(ceremonyQuery.docs);
+    const ceremony = ceremonyData.at(0);
+    // this is required to re-generate the final zKey
+    const { coordinatorId } = ceremony.data;
+    const ceremonyId = ceremony.id;
+    // we verify each circuit separately
+    for (const ceremonyArtifact of ceremonyArtifacts) {
+        // get the index of the circuit in the list of circuits
+        const inputIndex = ceremonyArtifacts.indexOf(ceremonyArtifact);
+        // 2. verify the final zKey
+        const isValid = await verifyZKey(ceremonyArtifact.r1csLocalFilePath, ceremonyArtifact.finalZkeyLocalFilePath, ceremonyArtifact.potLocalFilePath, logger);
+        if (!isValid)
+            throw new Error(`The zkey for Circuit ${ceremonyArtifact.circuitPrefix} is not valid. Please check that the artifact is correct. If not, you might have to re run the final contribution to compute a valid final zKey.`);
+        // 3. get the final contribution beacon
+        const contributionBeacon = await getFinalContributionBeacon(firestore, ceremonyId, ceremonyArtifact.circuitId, coordinatorId);
+        const generatedFinalZkeyPath = `${ceremonyArtifact.directoryRoot}/${ceremonyArtifact.circuitPrefix}_${finalContributionIndex}_verification.zkey`;
+        // 4. re generate the zkey using the beacon and check hashes
+        await generateZkeyFromScratch(true, ceremonyArtifact.r1csLocalFilePath, ceremonyArtifact.potLocalFilePath, generatedFinalZkeyPath, logger, ceremonyArtifact.lastZkeyLocalFilePath, coordinatorId, contributionBeacon);
+        const zKeysMatching = await compareHashes(generatedFinalZkeyPath, ceremonyArtifact.finalZkeyLocalFilePath);
+        if (!zKeysMatching)
+            throw new Error(`The final zkey for the Circuit ${ceremonyArtifact.circuitPrefix} does not match the one generated from the beacon. Please confirm manually by downloading from the S3 bucket.`);
+        // 5. extract the verifier and the vKey
+        const verifierLocalPath = `${ceremonyArtifact.directoryRoot}/${ceremonyArtifact.circuitPrefix}_${verifierSmartContractAcronym}_verification.sol`;
+        const vKeyLocalPath = `${ceremonyArtifact.directoryRoot}/${ceremonyArtifact.circuitPrefix}_${verificationKeyAcronym}_verification.json`;
+        await exportVerifierAndVKey(ceremonyArtifact.finalZkeyLocalFilePath, verifierLocalPath, vKeyLocalPath, verifierTemplatePath);
+        // 6. verify that the generated verifier and vkey match the ones downloaded from S3
+        const verifierMatching = await compareHashes(verifierLocalPath, ceremonyArtifact.verifierLocalFilePath);
+        if (!verifierMatching)
+            throw new Error(`The verifier contract for the Contract ${ceremonyArtifact.circuitPrefix} does not match the one downloaded from S3. Please confirm manually by downloading from the S3 bucket.`);
+        const vKeyMatching = await compareHashes(vKeyLocalPath, ceremonyArtifact.verificationKeyLocalFilePath);
+        if (!vKeyMatching)
+            throw new Error(`The verification key for the Contract ${ceremonyArtifact.circuitPrefix} does not match the one downloaded from S3. Please confirm manually by downloading from the S3 bucket.`);
+        // 7. generate a proof and verify it locally (use either of the downloaded or generated as the hashes will have matched at this point)
+        const { proof, publicSignals } = await generateGROTH16Proof(circuitsInputs[inputIndex], ceremonyArtifact.finalZkeyLocalFilePath, ceremonyArtifact.wasmLocalFilePath, logger);
+        const isProofValid = await verifyGROTH16Proof(vKeyLocalPath, publicSignals, proof);
+        if (!isProofValid)
+            throw new Error(`Could not verify the proof for Circuit ${ceremonyArtifact.circuitPrefix}. Please check that the artifacts are correct as well as the inputs to the circuit, and try again.`);
+        // 8. deploy Verifier contract and verify the proof on-chain
+        const verifierContract = await deployVerifierContract(verifierLocalPath, signer);
+        const formattedProof = await formatSolidityCalldata(publicSignals, proof);
+        const isProofValidOnChain = await verifyGROTH16ProofOnChain(verifierContract, formattedProof);
+        if (!isProofValidOnChain)
+            throw new Error(`Could not verify the proof on-chain for Circuit ${ceremonyArtifact.circuitPrefix}. Please check that the artifacts are correct as well as the inputs to the circuit, and try again.`);
+    }
+};
+
+/**
+ * This function will return the number of public repos of a user
+ * @param user <string> The username of the user
+ * @returns <number> The number of public repos
+ */
+const getNumberOfPublicReposGitHub = async (user) => {
+    const response = await fetch(`https://api.github.com/user/${user}/repos`, {
+        method: "GET",
+        headers: {
+            Authorization: `token ${process.env.GITHUB_ACCESS_TOKEN}`
+        }
+    });
+    if (response.status !== 200)
+        throw new Error("It was not possible to retrieve the number of public repositories. Please try again.");
+    const jsonData = await response.json();
+    return jsonData.length;
+};
+/**
+ * This function will return the number of followers of a user
+ * @param user <string> The username of the user
+ * @returns <number> The number of followers
+ */
+const getNumberOfFollowersGitHub = async (user) => {
+    const response = await fetch(`https://api.github.com/user/${user}/followers`, {
+        method: "GET",
+        headers: {
+            Authorization: `token ${process.env.GITHUB_ACCESS_TOKEN}`
+        }
+    });
+    if (response.status !== 200)
+        throw new Error("It was not possible to retrieve the number of followers. Please try again.");
+    const jsonData = await response.json();
+    return jsonData.length;
+};
+/**
+ * This function will return the number of following of a user
+ * @param user <string> The username of the user
+ * @returns <number> The number of following users
+ */
+const getNumberOfFollowingGitHub = async (user) => {
+    const response = await fetch(`https://api.github.com/user/${user}/following`, {
+        method: "GET",
+        headers: {
+            Authorization: `token ${process.env.GITHUB_ACCESS_TOKEN}`
+        }
+    });
+    if (response.status !== 200)
+        throw new Error("It was not possible to retrieve the number of following. Please try again.");
+    const jsonData = await response.json();
+    return jsonData.length;
+};
+/**
+ * This function will check if the user is reputable enough to be able to use the app
+ * @param userLogin <string> The username of the user
+ * @param minimumAmountOfFollowing <number> The minimum amount of following the user should have
+ * @param minimumAmountOfFollowers <number> The minimum amount of followers the user should have
+ * @param minimumAmountOfPublicRepos <number> The minimum amount of public repos the user should have
+ * @returns <boolean> True if the user is reputable enough, false otherwise
+ */
+const githubReputation = async (userLogin, minimumAmountOfFollowing, minimumAmountOfFollowers, minimumAmountOfPublicRepos) => {
+    if (!process.env.GITHUB_ACCESS_TOKEN)
+        throw new Error("The GitHub access token is missing. Please insert a valid token to be used for anti-sybil checks on user registation, and then try again.");
+    const following = await getNumberOfFollowingGitHub(userLogin);
+    const repos = await getNumberOfPublicReposGitHub(userLogin);
+    const followers = await getNumberOfFollowersGitHub(userLogin);
+    if (following < minimumAmountOfFollowing ||
+        repos < minimumAmountOfPublicRepos ||
+        followers < minimumAmountOfFollowers)
+        return false;
+    return true;
+};
+
+/**
+ * Define different states of a ceremony.
+ * @enum {string}
+ * - SCHEDULED: when the ceremony setup has been properly completed but the contribution period has not yet started.
+ * - OPENED: when the contribution period has started.
+ * - PAUSED: When the coordinator has manually paused the ceremony (NB. currently not possible because the relevant functionality has not yet been implemented).
+ * - CLOSED: when the contribution period has finished.
+ * - FINALIZED: when the ceremony finalization has been properly completed.
+ */
+var CeremonyState;
+(function (CeremonyState) {
+    CeremonyState["SCHEDULED"] = "SCHEDULED";
+    CeremonyState["OPENED"] = "OPENED";
+    CeremonyState["PAUSED"] = "PAUSED";
+    CeremonyState["CLOSED"] = "CLOSED";
+    CeremonyState["FINALIZED"] = "FINALIZED";
+})(CeremonyState || (CeremonyState = {}));
+/**
+ * Define the type of Trusted Setup ceremony (Phase 1 or Phase 2).
+ * @enum {string}
+ * - PHASE1: when the ceremony is a Phase 1 Trusted Setup ceremony.
+ * - PHASE2: when the ceremony is a Phase 2 Trusted Setup ceremony.
+ */
+var CeremonyType;
+(function (CeremonyType) {
+    CeremonyType["PHASE1"] = "PHASE1";
+    CeremonyType["PHASE2"] = "PHASE2";
+})(CeremonyType || (CeremonyType = {}));
+/**
+ * Define different status of a participant.
+ * @enum {string}
+ * - CREATED: when the participant document has been created in the database.
+ * - WAITING: when the participant is waiting for a contribution (i.e., is currently queued or is waiting for its status to be checked after a timeout expiration).
+ * - READY: when the participant is ready for a contribution.
+ * - CONTRIBUTING: when the participant is currently contributing (i.e., not queued anymore, but the current contributor at this time).
+ * - CONTRIBUTED: when the participant has completed successfully the contribution for all circuits in a ceremony. The participant may need to wait for the latest contribution verification while having this status.
+ * - DONE: when the participant has completed contributions and verifications from coordinator.
+ * - FINALIZING: when the coordinator is currently finalizing the ceremony.
+ * - FINALIZED: when the coordinator has successfully finalized the ceremony.
+ * - TIMEDOUT: when the participant has been timedout while contributing. This may happen due to network or memory issues, un/intentional crash, or contributions lasting for too long.
+ * - EXHUMED: when the participant is ready to resume the contribution after a timeout expiration.
+ */
+var ParticipantStatus;
+(function (ParticipantStatus) {
+    ParticipantStatus["CREATED"] = "CREATED";
+    ParticipantStatus["WAITING"] = "WAITING";
+    ParticipantStatus["READY"] = "READY";
+    ParticipantStatus["CONTRIBUTING"] = "CONTRIBUTING";
+    ParticipantStatus["CONTRIBUTED"] = "CONTRIBUTED";
+    ParticipantStatus["DONE"] = "DONE";
+    ParticipantStatus["FINALIZING"] = "FINALIZING";
+    ParticipantStatus["FINALIZED"] = "FINALIZED";
+    ParticipantStatus["TIMEDOUT"] = "TIMEDOUT";
+    ParticipantStatus["EXHUMED"] = "EXHUMED";
+})(ParticipantStatus || (ParticipantStatus = {}));
+/**
+ * Define different steps during which the participant may be during the contribution.
+ * @enum {string}
+ * - DOWNLOADING: when the participant is doing the download of the last contribution (from previous participant).
+ * - COMPUTING: when the participant is actively computing the contribution.
+ * - UPLOADING: when the participant is uploading the computed contribution.
+ * - VERIFYING: when the participant is waiting from verification results from the coordinator.
+ * - COMPLETED: when the participant has received the verification results from the coordinator and completed the contribution steps.
+ */
+var ParticipantContributionStep;
+(function (ParticipantContributionStep) {
+    ParticipantContributionStep["DOWNLOADING"] = "DOWNLOADING";
+    ParticipantContributionStep["COMPUTING"] = "COMPUTING";
+    ParticipantContributionStep["UPLOADING"] = "UPLOADING";
+    ParticipantContributionStep["VERIFYING"] = "VERIFYING";
+    ParticipantContributionStep["COMPLETED"] = "COMPLETED";
+})(ParticipantContributionStep || (ParticipantContributionStep = {}));
+/**
+ * Define what type of timeout was performed.
+ * @enum {string}
+ * - BLOCKING_CONTRIBUTION: when the current contributor was blocking the waiting queue.
+ * - BLOCKING_CLOUD_FUNCTION: when the contribution verification has gone beyond the time limit.
+ */
+var TimeoutType;
+(function (TimeoutType) {
+    TimeoutType["BLOCKING_CONTRIBUTION"] = "BLOCKING_CONTRIBUTION";
+    TimeoutType["BLOCKING_CLOUD_FUNCTION"] = "BLOCKING_CLOUD_FUNCTION";
+})(TimeoutType || (TimeoutType = {}));
+/**
+ * Define what type of timeout mechanism is currently adopted for a ceremony.
+ * @enum {string}
+ * - DYNAMIC: self-update approach based on latest contribution time.
+ * - FIXED: approach based on a fixed amount of time.
+ */
+var CeremonyTimeoutType;
+(function (CeremonyTimeoutType) {
+    CeremonyTimeoutType["DYNAMIC"] = "DYNAMIC";
+    CeremonyTimeoutType["FIXED"] = "FIXED";
+})(CeremonyTimeoutType || (CeremonyTimeoutType = {}));
+/**
+ * Define request type for pre-signed urls.
+ */
+var RequestType;
+(function (RequestType) {
+    RequestType["PUT"] = "PUT";
+    RequestType["GET"] = "GET";
+})(RequestType || (RequestType = {}));
+/**
+ * Define the environment in use when testing.
+ * @enum {string}
+ * - DEVELOPMENT: tests are performed on the local Firebase emulator instance.
+ * - PRODUCTION: tests are performed on the remote (deployed) Firebase application.
+ */
+var TestingEnvironment;
+(function (TestingEnvironment) {
+    TestingEnvironment["DEVELOPMENT"] = "DEVELOPMENT";
+    TestingEnvironment["PRODUCTION"] = "PRODUCTION";
+})(TestingEnvironment || (TestingEnvironment = {}));
+/**
+ * Define what type of contribution verification mechanism is currently adopted for a circuit.
+ * @enum {string}
+ * - CF: Cloud Functions.
+ * - VM: Virtual Machine.
+ */
+var CircuitContributionVerificationMechanism;
+(function (CircuitContributionVerificationMechanism) {
+    CircuitContributionVerificationMechanism["CF"] = "CF";
+    CircuitContributionVerificationMechanism["VM"] = "VM";
+})(CircuitContributionVerificationMechanism || (CircuitContributionVerificationMechanism = {}));
+/**
+ * Define the supported VM volume types.
+ * @dev the VM volume types can be retrieved at https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html
+ * @enum {string}
+ * - GP2: General Purpose SSD version 2.
+ * - GP3: General Purpose SSD version 3.
+ * - IO1: Provisioned IOPS SSD volumes version 1.
+ * - ST1: Throughput Optimized HDD volumes.
+ * - SC1: Cold HDD volumes.
+ */
+var DiskTypeForVM;
+(function (DiskTypeForVM) {
+    DiskTypeForVM["GP2"] = "gp2";
+    DiskTypeForVM["GP3"] = "gp3";
+    DiskTypeForVM["IO1"] = "io1";
+    DiskTypeForVM["ST1"] = "st1";
+    DiskTypeForVM["SC1"] = "sc1";
+})(DiskTypeForVM || (DiskTypeForVM = {}));
+
+dotenv.config();
+/**
+ * Create a new AWS EC2 client.
+ * @returns <Promise<EC2Client>> - the EC2 client instance.
+ */
+const createEC2Client = async () => {
+    // Get the AWS variables.
+    const { accessKeyId, secretAccessKey, region } = getAWSVariables();
+    // Instantiate the new client.
+    return new EC2Client({
+        credentials: {
+            accessKeyId,
+            secretAccessKey
+        },
+        region
+    });
+};
+/**
+ * Create a new AWS SSM client.
+ * @returns <Promise<SSMClient>> - the SSM client instance.
+ */
+const createSSMClient = async () => {
+    // Get the AWS variables.
+    const { accessKeyId, secretAccessKey, region } = getAWSVariables();
+    // Instantiate the new client.
+    return new SSMClient({
+        credentials: {
+            accessKeyId,
+            secretAccessKey
+        },
+        region
+    });
+};
+/**
+ * Return the list of bootstrap commands to be executed.
+ * @dev the startup commands must be suitable for a shell script.
+ * @param bucketName <string> - the name of the AWS S3 bucket.
+ * @returns <Array<string>> - the list of startup commands to be executed.
+ */
+const vmBootstrapCommand = (bucketName) => [
+    "#!/bin/bash",
+    `aws s3 cp s3://${bucketName}/${vmBootstrapScriptFilename} ${vmBootstrapScriptFilename}`,
+    `chmod +x ${vmBootstrapScriptFilename} && bash ${vmBootstrapScriptFilename}` // grant permission and execute.
+];
+/**
+ * Return the list of Node environment (and packages) installation plus artifact caching for contribution verification.
+ * @param zKeyPath <string> - the path to zKey artifact inside AWS S3 bucket.
+ * @param potPath <string> - the path to ptau artifact inside AWS S3 bucket.
+ * @param snsTopic <string> - the SNS topic ARN.
+ * @param region <string> - the AWS region.
+ * @returns <Array<string>> - the array of commands to be run by the EC2 instance.
+ */
+const vmDependenciesAndCacheArtifactsCommand = (zKeyPath, potPath, snsTopic, region) => [
+    "#!/bin/bash",
+    'MARKER_FILE="/var/run/my_script_ran"',
+    // eslint-disable-next-line no-template-curly-in-string
+    "if [ -e ${MARKER_FILE} ]; then",
+    "exit 0",
+    "else",
+    // eslint-disable-next-line no-template-curly-in-string
+    "touch ${MARKER_FILE}",
+    "sudo yum update -y",
+    "curl -sL https://rpm.nodesource.com/setup_16.x | sudo bash - ",
+    "sudo yum install -y nodejs",
+    "npm install -g snarkjs",
+    `aws s3 cp s3://${zKeyPath} /var/tmp/genesisZkey.zkey`,
+    `aws s3 cp s3://${potPath} /var/tmp/pot.ptau`,
+    "wget https://github.com/BLAKE3-team/BLAKE3/releases/download/1.4.0/b3sum_linux_x64_bin -O /var/tmp/blake3.bin",
+    "chmod +x /var/tmp/blake3.bin",
+    "INSTANCE_ID=$(ec2-metadata -i | awk '{print $2}')",
+    `aws sns publish --topic-arn ${snsTopic} --message "$INSTANCE_ID" --region ${region}`,
+    "fi"
+];
+/**
+ * Return the list of commands for contribution verification.
+ * @dev this method generates the verification transcript as well.
+ * @param bucketName <string> - the name of the AWS S3 bucket.
+ * @param lastZkeyStoragePath <string> - the last zKey storage path.
+ * @param verificationTranscriptStoragePathAndFilename <string> - the verification transcript storage path.
+ * @returns Array<string> - the list of commands for contribution verification.
+ */
+const vmContributionVerificationCommand = (bucketName, lastZkeyStoragePath, verificationTranscriptStoragePathAndFilename) => [
+    `aws s3 cp s3://${bucketName}/${lastZkeyStoragePath} /var/tmp/lastZKey.zkey > /var/tmp/log.txt`,
+    `snarkjs zkvi /var/tmp/genesisZkey.zkey /var/tmp/pot.ptau /var/tmp/lastZKey.zkey > /var/tmp/verification_transcript.log`,
+    `aws s3 cp /var/tmp/verification_transcript.log s3://${bucketName}/${verificationTranscriptStoragePathAndFilename} &>/dev/null`,
+    `/var/tmp/blake3.bin /var/tmp/verification_transcript.log | awk '{print $1}'`,
+    `rm /var/tmp/lastZKey.zkey /var/tmp/verification_transcript.log /var/tmp/log.txt &>/dev/null`
+];
+/**
+ * Compute the VM disk size.
+ * @dev the disk size is computed using the zKey size in bytes taking into consideration
+ * the verification task (2 * zKeySize) + ptauSize + OS/VM (~8GB).
+ * @param zKeySizeInBytes <number> the size of the zKey in bytes.
+ * @param pot <number> the amount of powers needed for the circuit (index of the PPoT file).
+ * @return <number> the configuration of the VM disk size in GB.
+ */
+const computeDiskSizeForVM = (zKeySizeInBytes, pot) => Math.ceil(2 * convertBytesOrKbToGb(zKeySizeInBytes, true) + powersOfTauFiles[pot - 1].size) + 8;
+/**
+ * Creates a new EC2 instance
+ * @param ec2 <EC2Client> - the instance of the EC2 client.
+ * @param commands <Array<string>> - the list of commands to be run on the EC2 instance.
+ * @param instanceType <string> - the type of the EC2 VM instance.
+ * @param diskSize <number> - the size of the disk (volume) of the VM.
+ * @param diskType <DiskTypeForVM> - the type of the disk (volume) of the VM.
+ * @returns <Promise<P0tionEC2Instance>> the instance that was created
+ */
+const createEC2Instance = async (ec2, commands, instanceType, volumeSize, diskType) => {
+    // Get the AWS variables.
+    const { amiId, roleArn } = getAWSVariables();
+    // Parametrize the VM EC2 instance.
+    const params = {
+        ImageId: amiId,
+        InstanceType: instanceType,
+        MaxCount: 1,
+        MinCount: 1,
+        // nb. to find this: iam -> roles -> role_name.
+        IamInstanceProfile: {
+            Arn: roleArn
+        },
+        // nb. for running commands at the startup.
+        UserData: Buffer.from(commands.join("\n")).toString("base64"),
+        BlockDeviceMappings: [
+            {
+                DeviceName: "/dev/xvda",
+                Ebs: {
+                    DeleteOnTermination: true,
+                    VolumeSize: volumeSize,
+                    VolumeType: diskType
+                }
+            }
+        ],
+        // tag the resource
+        TagSpecifications: [
+            {
+                ResourceType: "instance",
+                Tags: [
+                    {
+                        Key: "Name",
+                        Value: ec2InstanceTag
+                    },
+                    {
+                        Key: "Initialized",
+                        Value: "false"
+                    }
+                ]
+            }
+        ]
+    };
+    try {
+        // Create a new command instance.
+        const command = new RunInstancesCommand(params);
+        // Send the command for execution.
+        const response = await ec2.send(command);
+        if (response.$metadata.httpStatusCode !== 200)
+            throw new Error(`Something went wrong when creating the EC2 instance. More details ${response}`);
+        // Create a new EC2 VM instance.
+        return {
+            instanceId: response.Instances[0].InstanceId,
+            imageId: response.Instances[0].ImageId,
+            instanceType: response.Instances[0].InstanceType,
+            keyName: response.Instances[0].KeyName,
+            launchTime: response.Instances[0].LaunchTime.toISOString()
+        };
+    }
+    catch (error) {
+        throw new Error(`Something went wrong when creating the EC2 instance. More details ${error}`);
+    }
+};
+/**
+ * Check if the current VM EC2 instance is running by querying the status.
+ * @param ec2 <EC2Client> - the instance of the EC2 client.
+ * @param instanceId <string> - the unique identifier of the EC2 VM instance.
+ * @returns <Promise<boolean>> - true if the current status of the EC2 VM instance is 'running'; otherwise false.
+ */
+const checkIfRunning = async (ec2Client, instanceId) => {
+    // Generate a new describe status command.
+    const command = new DescribeInstanceStatusCommand({
+        InstanceIds: [instanceId]
+    });
+    // Run the command.
+    const response = await ec2Client.send(command);
+    if (response.$metadata.httpStatusCode !== 200)
+        throw new Error(`Something went wrong when retrieving the EC2 instance (${instanceId}) status. More details ${response}`);
+    return response.InstanceStatuses[0].InstanceState.Name === "running";
+};
+/**
+ * Start an EC2 VM instance.
+ * @dev the instance must have been created previously.
+ * @param ec2 <EC2Client> - the instance of the EC2 client.
+ * @param instanceId <string> - the unique identifier of the EC2 VM instance.
+ */
+const startEC2Instance = async (ec2, instanceId) => {
+    // Generate a new start instance command.
+    const command = new StartInstancesCommand({
+        InstanceIds: [instanceId],
+        DryRun: false
+    });
+    // Run the command.
+    const response = await ec2.send(command);
+    if (response.$metadata.httpStatusCode !== 200)
+        throw new Error(`Something went wrong when starting the EC2 instance (${instanceId}). More details ${response}`);
+};
+/**
+ * Stop an EC2 VM instance.
+ * @dev the instance must have been in a running status.
+ * @param ec2 <EC2Client> - the instance of the EC2 client.
+ * @param instanceId <string> - the unique identifier of the EC2 VM instance.
+ */
+const stopEC2Instance = async (ec2, instanceId) => {
+    // Generate a new stop instance command.
+    const command = new StopInstancesCommand({
+        InstanceIds: [instanceId],
+        DryRun: false
+    });
+    // Run the command.
+    const response = await ec2.send(command);
+    if (response.$metadata.httpStatusCode !== 200)
+        throw new Error(`Something went wrong when stopping the EC2 instance (${instanceId}). More details ${response}`);
+};
+/**
+ * Terminate an EC2 VM instance.
+ * @param ec2 <EC2Client> - the instance of the EC2 client.
+ * @param instanceId <string> - the unique identifier of the EC2 VM instance.
+ */
+const terminateEC2Instance = async (ec2, instanceId) => {
+    // Generate a new terminate instance command.
+    const command = new TerminateInstancesCommand({
+        InstanceIds: [instanceId],
+        DryRun: false
+    });
+    // Run the command.
+    const response = await ec2.send(command);
+    if (response.$metadata.httpStatusCode !== 200)
+        throw new Error(`Something went wrong when terminating the EC2 instance (${instanceId}). More details ${response}`);
+};
+/**
+ * Run a command on an EC2 VM instance by using SSM.
+ * @dev this method returns the command identifier for checking the status and retrieve
+ * the output of the command execution later on.
+ * @param ssm <SSMClient> - the instance of the sSM client.
+ * @param instanceId <string> - the unique identifier of the EC2 VM instance.
+ * @param commands <Array<string>> - the list of commands.
+ * @return <Promise<string>> - the unique identifier of the command.
+ */
+const runCommandUsingSSM = async (ssm, instanceId, commands) => {
+    // Generate a new send command input command.
+    const params = {
+        DocumentName: "AWS-RunShellScript",
+        InstanceIds: [instanceId],
+        Parameters: {
+            commands
+        },
+        TimeoutSeconds: 1200
+    };
+    try {
+        // Run the command.
+        const response = await ssm.send(new SendCommandCommand(params));
+        // if (response.$metadata.httpStatusCode !== 200)
+        //     throw new Error(
+        //         `Something went wrong when trying to run a command on the EC2 instance (${instanceId}). More details ${response}`
+        //     )
+        return response.Command.CommandId;
+    }
+    catch (error) {
+        throw new Error(`Something went wrong when trying to run a command on the EC2 instance. More details ${error}`);
+    }
+};
+/**
+ * Get the output of an SSM command executed on an EC2 VM instance.
+ * @param ssm <SSMClient> - the instance of the sSM client.
+ * @param instanceId <string> - the unique identifier of the EC2 VM instance.
+ * @param commandId <string> - the unique identifier of the command.
+ * @return <Promise<string>> - the command output.
+ */
+const retrieveCommandOutput = async (ssm, instanceId, commandId) => {
+    // Generate a new get command invocation command.
+    const command = new GetCommandInvocationCommand({
+        CommandId: commandId,
+        InstanceId: instanceId
+    });
+    try {
+        // Run the command.
+        const response = await ssm.send(command);
+        return response.StandardOutputContent;
+    }
+    catch (error) {
+        throw new Error(`Something went wrong when trying to retrieve the command ${commandId} output on the EC2 instance (${instanceId}). More details ${error}`);
+    }
+};
+/**
+ * Get the status of an SSM command executed on an EC2 VM instance.
+ * @param ssm <SSMClient> - the instance of the sSM client.
+ * @param instanceId <string> - the unique identifier of the EC2 VM instance.
+ * @param commandId <string> - the unique identifier of the command.
+ * @return <Promise<string>> - the command status.
+ */
+const retrieveCommandStatus = async (ssm, instanceId, commandId) => {
+    // Generate a new get command invocation command.
+    const command = new GetCommandInvocationCommand({
+        CommandId: commandId,
+        InstanceId: instanceId
+    });
+    try {
+        // Run the command.
+        const response = await ssm.send(command);
+        return response.Status;
+    }
+    catch (error) {
+        throw new Error(`Something went wrong when trying to retrieve the command ${commandId} status on the EC2 instance (${instanceId}). More details ${error}`);
+    }
+};
+
+export { CeremonyState, CeremonyTimeoutType, CeremonyType, CircuitContributionVerificationMechanism, DiskTypeForVM, ParticipantContributionStep, ParticipantStatus, RequestType, TestingEnvironment, TimeoutType, autoGenerateEntropy, blake512FromPath, checkAndPrepareCoordinatorForFinalization, checkIfObjectExist, checkIfRunning, checkParticipantForCeremony, commonTerms, compareCeremonyArtifacts, compareHashes, compileContract, completeMultiPartUpload, computeDiskSizeForVM, computeSHA256ToHex, computeSmallestPowersOfTauForCircuit, convertBytesOrKbToGb, convertToDoubleDigits, createCustomLoggerForFile, createEC2Client, createEC2Instance, createS3Bucket, createSSMClient, downloadAllCeremonyArtifacts, downloadCeremonyArtifact, ec2InstanceTag, exportVerifierAndVKey, exportVerifierContract, exportVkey, extractPoTFromFilename, extractPrefix, extractR1CSInfoValueForGivenKey, finalContributionIndex, finalizeCeremony, finalizeCircuit, formatSolidityCalldata, formatZkeyIndex, fromQueryToFirebaseDocumentInfo, generateGROTH16Proof, generateGetObjectPreSignedUrl, generatePreSignedUrlsParts, generateValidContributionsAttestation, generateZkeyFromScratch, genesisZkeyIndex, getAllCollectionDocs, getBucketName, getCeremonyCircuits, getCircuitBySequencePosition, getCircuitContributionsFromContributor, getCircuitsCollectionPath, getClosedCeremonies, getContributionsCollectionPath, getContributionsValidityForContributor, getCurrentActiveParticipantTimeout, getCurrentFirebaseAuthUser, getDocumentById, getOpenedCeremonies, getParticipantsCollectionPath, getPotStorageFilePath, getPublicAttestationPreambleForContributor, getR1CSInfo, getR1csStorageFilePath, getTimeoutsCollectionPath, getTranscriptStorageFilePath, getVerificationKeyStorageFilePath, getVerifierContractStorageFilePath, getWasmStorageFilePath, getZkeyStorageFilePath, githubReputation, initializeFirebaseCoreServices, isCoordinator, multiPartUpload, numExpIterations, p256, parseCeremonyFile, permanentlyStoreCurrentContributionTimeAndHash, potFileDownloadMainUrl, potFilenameTemplate, powersOfTauFiles, progressToNextCircuitForContribution, progressToNextContributionStep, queryCollection, resumeContributionAfterTimeoutExpiration, retrieveCommandOutput, retrieveCommandStatus, runCommandUsingSSM, setupCeremony, signInToFirebaseWithCredentials, solidityVersion, startEC2Instance, stopEC2Instance, temporaryStoreCurrentContributionMultiPartUploadId, temporaryStoreCurrentContributionUploadedChunkData, terminateEC2Instance, toHex, verificationKeyAcronym, verifierSmartContractAcronym, verifyCeremony, verifyContribution, verifyGROTH16Proof, verifyGROTH16ProofOnChain, verifyZKey, vmBootstrapCommand, vmBootstrapScriptFilename, vmConfigurationTypes, vmContributionVerificationCommand, vmDependenciesAndCacheArtifactsCommand };