@devtion/backend 0.0.0-7e983e3 → 0.0.0-9c50f66

package/README.md

@@ -100,6 +100,32 @@ yarn firebase:init
 
 ### Deployment
 
+#### AWS Infrastructure
+
+0. Login or create a [new AWS Account](https://portal.aws.amazon.com/billing/signup?nc2=h_ct&src=header_signup&redirect_url=https%3A%2F%2Faws.amazon.com%2Fregistration-confirmation#/start/email). 
+    - The AWS free tier account will cover a good number of requests for ceremonies but there could be some costs based on your ceremony circuits size.
+1. Create an access key for a user with Admin privileges (__NOT ROOT USER__)
+2. Setup the `awscli` ([docs](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html)) and add the keys for this user. 
+3. Install `terraform` ([docs](https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli))
+4. Decide on an AWS region (by default this is **us-east-1**) - if you want to change you will need to do the following:
+    1. update **aws/lambda/index.mjs** ([exact line](https://github.com/privacy-scaling-explorations/p0tion/blob/dev/packages/backend/aws/lambda/index.mjs#L3)) to the new region
+    2. update **main.tf** ([exact line](https://github.com/privacy-scaling-explorations/p0tion/blob/dev/packages/backend/aws/main.tf#L2)) to the new region
+5. zip the Lambda folder:
+    1. `cd lambda`
+    2. `zip -r ../lambda.zip .`
+6. Run terraform:
+    1. `terraform init`
+    2. `terraform plan`
+    3. `terraform apply`
+    4. `terraform output secret_key` 
+        - To print the secret access key for the IAM user
+    6. Store the other values (sns_topic_arn etc.)
+        - These will be needed for the .env file configuration
+
+The IAM user created with the steps above can be used for all p0tion's features.
+
+#### Firebase
+
 Deploy the current configuration to the `prod` project running
 
 ```bash

package/dist/src/functions/index.js

@@ -544,8 +544,10 @@ const registerAuthUser = functions__namespace
     const { uid } = user;
     // Reference to a document using uid.
     const userRef = firestore.collection(actions.commonTerms.collections.users.name).doc(uid);
-    // html encode the display name
-    const encodedDisplayName = htmlEntities.encode(displayName);
+    // html encode the display name (or put the ID if the name is not displayed)
+    const encodedDisplayName = user.displayName === "Null" || user.displayName === null ? user.uid : htmlEntities.encode(displayName);
+    // store the avatar URL of a contributor
+    let avatarUrl = "";
     // we only do reputation check if the user is not a coordinator
     if (!(email?.endsWith(`@${process.env.CUSTOM_CLAIMS_COORDINATOR_EMAIL_ADDRESS_OR_DOMAIN}`) ||
         email === process.env.CUSTOM_CLAIMS_COORDINATOR_EMAIL_ADDRESS_OR_DOMAIN)) {
@@ -555,14 +557,16 @@ const registerAuthUser = functions__namespace
             const vars = getGitHubVariables();
             // this return true or false
             try {
-                const res = await actions.githubReputation(user.providerData[0].uid, vars.minimumFollowing, vars.minimumFollowers, vars.minimumPublicRepos);
-                if (!res) {
+                const { reputable, avatarUrl: avatarURL } = await actions.githubReputation(user.providerData[0].uid, vars.minimumFollowing, vars.minimumFollowers, vars.minimumPublicRepos);
+                if (!reputable) {
                     // Delete user
                     await auth.deleteUser(user.uid);
                     // Throw error
-                    logAndThrowError(makeError("permission-denied", "The user is not allowed to sign up because their Github reputation is not high enough.", `The user ${user.displayName} is not allowed to sign up because their Github reputation is not high enough. Please contact the administrator if you think this is a mistake.`));
+                    logAndThrowError(makeError("permission-denied", "The user is not allowed to sign up because their Github reputation is not high enough.", `The user ${user.displayName === "Null" || user.displayName === null ? user.uid : user.displayName} is not allowed to sign up because their Github reputation is not high enough. Please contact the administrator if you think this is a mistake.`));
                 }
-                printLog(`Github reputation check passed for user ${user.displayName}`, LogLevel.DEBUG);
+                // store locally
+                avatarUrl = avatarURL;
+                printLog(`Github reputation check passed for user ${user.displayName === "Null" || user.displayName === null ? user.uid : user.displayName}`, LogLevel.DEBUG);
             }
             catch (error) {
                 // Delete user
@@ -572,6 +576,8 @@ const registerAuthUser = functions__namespace
         }
     }
     // Set document (nb. we refer to providerData[0] because we use Github OAuth provider only).
+    // In future releases we might want to loop through the providerData array as we support
+    // more providers. 
     await userRef.set({
         name: encodedDisplayName,
         encodedDisplayName,
@@ -584,7 +590,13 @@ const registerAuthUser = functions__namespace
         photoURL: photoURL || "",
         lastUpdated: getCurrentServerTimestampInMillis()
     });
+    // we want to create a new collection for the users to store the avatars
+    const avatarRef = firestore.collection(actions.commonTerms.collections.avatars.name).doc(uid);
+    await avatarRef.set({
+        avatarUrl: avatarUrl || "",
+    });
     printLog(`Authenticated user document with identifier ${uid} has been correctly stored`, LogLevel.DEBUG);
+    printLog(`Authenticated user avatar with identifier ${uid} has been correctly stored`, LogLevel.DEBUG);
 });
 /**
  * Set custom claims for role-based access control on the newly created user.
@@ -1292,6 +1304,7 @@ const coordinate = async (participant, circuit, isSingleParticipantCoordination,
             printLog(`Coordinate - executing scenario A - single - participantResumingAfterTimeoutExpiration`, LogLevel.DEBUG);
             newParticipantStatus = "CONTRIBUTING" /* ParticipantStatus.CONTRIBUTING */;
             newContributionStep = "DOWNLOADING" /* ParticipantContributionStep.DOWNLOADING */;
+            newCurrentContributorId = participant.id;
         }
         // Scenario (B).
         else if (participantIsNotCurrentContributor) {
@@ -1400,53 +1413,6 @@ const waitForVMCommandExecution = (resolve, reject, ssm, vmInstanceId, commandId
         }
     }, 60000); // 1 minute.
 };
-/**
- * Wait until the artifacts have been downloaded.
- * @param {any} resolve the promise.
- * @param {any} reject the promise.
- * @param {string} potTempFilePath the tmp path to the locally downloaded pot file.
- * @param {string} firstZkeyTempFilePath the tmp path to the locally downloaded first zkey file.
- * @param {string} lastZkeyTempFilePath the tmp path to the locally downloaded last zkey file.
- */
-const waitForFileDownload = (resolve, reject, potTempFilePath, firstZkeyTempFilePath, lastZkeyTempFilePath, circuitId, participantId) => {
-    const maxWaitTime = 5 * 60 * 1000; // 5 minutes
-    // every second check if the file download was completed
-    const interval = setInterval(async () => {
-        printLog(`Verifying that the artifacts were downloaded for circuit ${circuitId} and participant ${participantId}`, LogLevel.DEBUG);
-        try {
-            // check if files have been downloaded
-            if (!fs.existsSync(potTempFilePath)) {
-                printLog(`Pot file not found at ${potTempFilePath}`, LogLevel.DEBUG);
-            }
-            if (!fs.existsSync(firstZkeyTempFilePath)) {
-                printLog(`First zkey file not found at ${firstZkeyTempFilePath}`, LogLevel.DEBUG);
-            }
-            if (!fs.existsSync(lastZkeyTempFilePath)) {
-                printLog(`Last zkey file not found at ${lastZkeyTempFilePath}`, LogLevel.DEBUG);
-            }
-            // if all files were downloaded
-            if (fs.existsSync(potTempFilePath) && fs.existsSync(firstZkeyTempFilePath) && fs.existsSync(lastZkeyTempFilePath)) {
-                printLog(`All required files are present on disk.`, LogLevel.INFO);
-                // resolve the promise
-                resolve();
-            }
-        }
-        catch (error) {
-            // if we have an error then we print it as a warning and reject
-            printLog(`Error while downloading files: ${error}`, LogLevel.WARN);
-            reject();
-        }
-        finally {
-            printLog(`Clearing the interval for file download. Circuit ${circuitId} and participant ${participantId}`, LogLevel.DEBUG);
-            clearInterval(interval);
-        }
-    }, 5000);
-    // we want to clean in 5 minutes in case
-    setTimeout(() => {
-        clearInterval(interval);
-        reject(new Error('Timeout exceeded while waiting for files to be downloaded.'));
-    }, maxWaitTime);
-};
 /**
  * This method is used to coordinate the waiting queues of ceremony circuits.
  * @dev this cloud function is triggered whenever an update of a document related to a participant of a ceremony occurs.
@@ -1757,7 +1723,9 @@ const verifycontribution = functionsV2__namespace.https.onCall({ memory: "16GiB"
             const newAvgVerifyCloudFunctionTime = avgVerifyCloudFunctionTime > 0
                 ? (avgVerifyCloudFunctionTime + verifyCloudFunctionTime) / 2
                 : verifyCloudFunctionTime;
-            // Prepare tx to update circuit average contribution/verification time.
+            // Prepare tx to update circuit average contribution/verification time.    
+            const updatedCircuitDoc = await getDocumentById(actions.getCircuitsCollectionPath(ceremonyId), circuitId);
+            const { waitingQueue: updatedWaitingQueue } = updatedCircuitDoc.data();
             /// @dev this must happen only for valid contributions.
             batch.update(circuitDoc.ref, {
                 avgTimings: {
@@ -1770,7 +1738,7 @@ const verifycontribution = functionsV2__namespace.https.onCall({ memory: "16GiB"
                         : avgVerifyCloudFunctionTime
                 },
                 waitingQueue: {
-                    ...waitingQueue,
+                    ...updatedWaitingQueue,
                     completedContributions: isContributionValid
                         ? completedContributions + 1
                         : completedContributions,
@@ -1835,33 +1803,21 @@ const verifycontribution = functionsV2__namespace.https.onCall({ memory: "16GiB"
             await downloadArtifactFromS3Bucket(bucketName, potStoragePath, potTempFilePath);
             await downloadArtifactFromS3Bucket(bucketName, firstZkeyStoragePath, firstZkeyTempFilePath);
             await downloadArtifactFromS3Bucket(bucketName, lastZkeyStoragePath, lastZkeyTempFilePath);
-            await sleep(6000);
-            // wait until the files are actually downloaded
-            return new Promise((resolve, reject) => waitForFileDownload(resolve, reject, potTempFilePath, firstZkeyTempFilePath, lastZkeyTempFilePath, circuitId, participantDoc.id))
-                .then(async () => {
-                printLog(`Downloads from AWS S3 bucket completed - ceremony ${ceremonyId} circuit ${circuitId}`, LogLevel.DEBUG);
-                // Step (1.A.4).
-                isContributionValid = await snarkjs.zKey.verifyFromInit(firstZkeyTempFilePath, potTempFilePath, lastZkeyTempFilePath, transcriptLogger);
-                // Compute contribution hash.
-                lastZkeyBlake2bHash = await actions.blake512FromPath(lastZkeyTempFilePath);
-                // Free resources by unlinking temporary folders.
-                // Do not free-up verification transcript path here.
-                try {
-                    fs.unlinkSync(potTempFilePath);
-                    fs.unlinkSync(firstZkeyTempFilePath);
-                    fs.unlinkSync(lastZkeyTempFilePath);
-                }
-                catch (error) {
-                    printLog(`Error while unlinking temporary files - Error ${error}`, LogLevel.WARN);
-                }
-                await completeVerification();
-            })
-                .catch((error) => {
-                // Throw the new error
-                const commonError = COMMON_ERRORS.CM_INVALID_REQUEST;
-                const additionalDetails = error.toString();
-                logAndThrowError(makeError(commonError.code, commonError.message, additionalDetails));
-            });
+            // Step (1.A.4).
+            isContributionValid = await snarkjs.zKey.verifyFromInit(firstZkeyTempFilePath, potTempFilePath, lastZkeyTempFilePath, transcriptLogger);
+            // Compute contribution hash.
+            lastZkeyBlake2bHash = await actions.blake512FromPath(lastZkeyTempFilePath);
+            // Free resources by unlinking temporary folders.
+            // Do not free-up verification transcript path here.
+            try {
+                fs.unlinkSync(potTempFilePath);
+                fs.unlinkSync(firstZkeyTempFilePath);
+                fs.unlinkSync(lastZkeyTempFilePath);
+            }
+            catch (error) {
+                printLog(`Error while unlinking temporary files - Error ${error}`, LogLevel.WARN);
+            }
+            await completeVerification();
         }
     }
 });
@@ -2523,7 +2479,7 @@ const checkAndRemoveBlockingContributor = functions__namespace
                                 // Prepare Firestore batch of txs.
                                 const batch = firestore.batch();
                                 // Remove current contributor from waiting queue.
-                                contributors.shift(1);
+                                contributors.shift();
                                 // Check if someone else is ready to start the contribution.
                                 if (contributors.length > 0) {
                                     // Step (E.1).

package/dist/src/functions/index.mjs

@@ -19,7 +19,7 @@ import { pipeline } from 'node:stream';
 import { promisify } from 'node:util';
 import fs, { readFileSync } from 'fs';
 import mime from 'mime-types';
-import { setTimeout as setTimeout$1 } from 'timers/promises';
+import { setTimeout } from 'timers/promises';
 import fetch from '@adobe/node-fetch-retry';
 import path from 'path';
 import os from 'os';
@@ -191,7 +191,7 @@ const getCurrentServerTimestampInMillis = () => Timestamp.now().toMillis();
  * Interrupt the current execution for a specified amount of time.
  * @param ms <number> - the amount of time expressed in milliseconds.
  */
-const sleep = async (ms) => setTimeout$1(ms);
+const sleep = async (ms) => setTimeout(ms);
 /**
  * Query for ceremony circuits.
  * @notice the order by sequence position is fundamental to maintain parallelism among contributions for different circuits.
@@ -521,8 +521,10 @@ const registerAuthUser = functions
     const { uid } = user;
     // Reference to a document using uid.
     const userRef = firestore.collection(commonTerms.collections.users.name).doc(uid);
-    // html encode the display name
-    const encodedDisplayName = encode(displayName);
+    // html encode the display name (or put the ID if the name is not displayed)
+    const encodedDisplayName = user.displayName === "Null" || user.displayName === null ? user.uid : encode(displayName);
+    // store the avatar URL of a contributor
+    let avatarUrl = "";
     // we only do reputation check if the user is not a coordinator
     if (!(email?.endsWith(`@${process.env.CUSTOM_CLAIMS_COORDINATOR_EMAIL_ADDRESS_OR_DOMAIN}`) ||
         email === process.env.CUSTOM_CLAIMS_COORDINATOR_EMAIL_ADDRESS_OR_DOMAIN)) {
@@ -532,14 +534,16 @@ const registerAuthUser = functions
             const vars = getGitHubVariables();
             // this return true or false
             try {
-                const res = await githubReputation(user.providerData[0].uid, vars.minimumFollowing, vars.minimumFollowers, vars.minimumPublicRepos);
-                if (!res) {
+                const { reputable, avatarUrl: avatarURL } = await githubReputation(user.providerData[0].uid, vars.minimumFollowing, vars.minimumFollowers, vars.minimumPublicRepos);
+                if (!reputable) {
                     // Delete user
                     await auth.deleteUser(user.uid);
                     // Throw error
-                    logAndThrowError(makeError("permission-denied", "The user is not allowed to sign up because their Github reputation is not high enough.", `The user ${user.displayName} is not allowed to sign up because their Github reputation is not high enough. Please contact the administrator if you think this is a mistake.`));
+                    logAndThrowError(makeError("permission-denied", "The user is not allowed to sign up because their Github reputation is not high enough.", `The user ${user.displayName === "Null" || user.displayName === null ? user.uid : user.displayName} is not allowed to sign up because their Github reputation is not high enough. Please contact the administrator if you think this is a mistake.`));
                 }
-                printLog(`Github reputation check passed for user ${user.displayName}`, LogLevel.DEBUG);
+                // store locally
+                avatarUrl = avatarURL;
+                printLog(`Github reputation check passed for user ${user.displayName === "Null" || user.displayName === null ? user.uid : user.displayName}`, LogLevel.DEBUG);
             }
             catch (error) {
                 // Delete user
@@ -549,6 +553,8 @@ const registerAuthUser = functions
         }
     }
     // Set document (nb. we refer to providerData[0] because we use Github OAuth provider only).
+    // In future releases we might want to loop through the providerData array as we support
+    // more providers. 
     await userRef.set({
         name: encodedDisplayName,
         encodedDisplayName,
@@ -561,7 +567,13 @@ const registerAuthUser = functions
         photoURL: photoURL || "",
         lastUpdated: getCurrentServerTimestampInMillis()
     });
+    // we want to create a new collection for the users to store the avatars
+    const avatarRef = firestore.collection(commonTerms.collections.avatars.name).doc(uid);
+    await avatarRef.set({
+        avatarUrl: avatarUrl || "",
+    });
     printLog(`Authenticated user document with identifier ${uid} has been correctly stored`, LogLevel.DEBUG);
+    printLog(`Authenticated user avatar with identifier ${uid} has been correctly stored`, LogLevel.DEBUG);
 });
 /**
  * Set custom claims for role-based access control on the newly created user.
@@ -1269,6 +1281,7 @@ const coordinate = async (participant, circuit, isSingleParticipantCoordination,
             printLog(`Coordinate - executing scenario A - single - participantResumingAfterTimeoutExpiration`, LogLevel.DEBUG);
             newParticipantStatus = "CONTRIBUTING" /* ParticipantStatus.CONTRIBUTING */;
             newContributionStep = "DOWNLOADING" /* ParticipantContributionStep.DOWNLOADING */;
+            newCurrentContributorId = participant.id;
         }
         // Scenario (B).
         else if (participantIsNotCurrentContributor) {
@@ -1377,53 +1390,6 @@ const waitForVMCommandExecution = (resolve, reject, ssm, vmInstanceId, commandId
         }
     }, 60000); // 1 minute.
 };
-/**
- * Wait until the artifacts have been downloaded.
- * @param {any} resolve the promise.
- * @param {any} reject the promise.
- * @param {string} potTempFilePath the tmp path to the locally downloaded pot file.
- * @param {string} firstZkeyTempFilePath the tmp path to the locally downloaded first zkey file.
- * @param {string} lastZkeyTempFilePath the tmp path to the locally downloaded last zkey file.
- */
-const waitForFileDownload = (resolve, reject, potTempFilePath, firstZkeyTempFilePath, lastZkeyTempFilePath, circuitId, participantId) => {
-    const maxWaitTime = 5 * 60 * 1000; // 5 minutes
-    // every second check if the file download was completed
-    const interval = setInterval(async () => {
-        printLog(`Verifying that the artifacts were downloaded for circuit ${circuitId} and participant ${participantId}`, LogLevel.DEBUG);
-        try {
-            // check if files have been downloaded
-            if (!fs.existsSync(potTempFilePath)) {
-                printLog(`Pot file not found at ${potTempFilePath}`, LogLevel.DEBUG);
-            }
-            if (!fs.existsSync(firstZkeyTempFilePath)) {
-                printLog(`First zkey file not found at ${firstZkeyTempFilePath}`, LogLevel.DEBUG);
-            }
-            if (!fs.existsSync(lastZkeyTempFilePath)) {
-                printLog(`Last zkey file not found at ${lastZkeyTempFilePath}`, LogLevel.DEBUG);
-            }
-            // if all files were downloaded
-            if (fs.existsSync(potTempFilePath) && fs.existsSync(firstZkeyTempFilePath) && fs.existsSync(lastZkeyTempFilePath)) {
-                printLog(`All required files are present on disk.`, LogLevel.INFO);
-                // resolve the promise
-                resolve();
-            }
-        }
-        catch (error) {
-            // if we have an error then we print it as a warning and reject
-            printLog(`Error while downloading files: ${error}`, LogLevel.WARN);
-            reject();
-        }
-        finally {
-            printLog(`Clearing the interval for file download. Circuit ${circuitId} and participant ${participantId}`, LogLevel.DEBUG);
-            clearInterval(interval);
-        }
-    }, 5000);
-    // we want to clean in 5 minutes in case
-    setTimeout(() => {
-        clearInterval(interval);
-        reject(new Error('Timeout exceeded while waiting for files to be downloaded.'));
-    }, maxWaitTime);
-};
 /**
  * This method is used to coordinate the waiting queues of ceremony circuits.
  * @dev this cloud function is triggered whenever an update of a document related to a participant of a ceremony occurs.
@@ -1734,7 +1700,9 @@ const verifycontribution = functionsV2.https.onCall({ memory: "16GiB", timeoutSe
             const newAvgVerifyCloudFunctionTime = avgVerifyCloudFunctionTime > 0
                 ? (avgVerifyCloudFunctionTime + verifyCloudFunctionTime) / 2
                 : verifyCloudFunctionTime;
-            // Prepare tx to update circuit average contribution/verification time.
+            // Prepare tx to update circuit average contribution/verification time.    
+            const updatedCircuitDoc = await getDocumentById(getCircuitsCollectionPath(ceremonyId), circuitId);
+            const { waitingQueue: updatedWaitingQueue } = updatedCircuitDoc.data();
             /// @dev this must happen only for valid contributions.
             batch.update(circuitDoc.ref, {
                 avgTimings: {
@@ -1747,7 +1715,7 @@ const verifycontribution = functionsV2.https.onCall({ memory: "16GiB", timeoutSe
                         : avgVerifyCloudFunctionTime
                 },
                 waitingQueue: {
-                    ...waitingQueue,
+                    ...updatedWaitingQueue,
                     completedContributions: isContributionValid
                         ? completedContributions + 1
                         : completedContributions,
@@ -1812,33 +1780,21 @@ const verifycontribution = functionsV2.https.onCall({ memory: "16GiB", timeoutSe
             await downloadArtifactFromS3Bucket(bucketName, potStoragePath, potTempFilePath);
             await downloadArtifactFromS3Bucket(bucketName, firstZkeyStoragePath, firstZkeyTempFilePath);
             await downloadArtifactFromS3Bucket(bucketName, lastZkeyStoragePath, lastZkeyTempFilePath);
-            await sleep(6000);
-            // wait until the files are actually downloaded
-            return new Promise((resolve, reject) => waitForFileDownload(resolve, reject, potTempFilePath, firstZkeyTempFilePath, lastZkeyTempFilePath, circuitId, participantDoc.id))
-                .then(async () => {
-                printLog(`Downloads from AWS S3 bucket completed - ceremony ${ceremonyId} circuit ${circuitId}`, LogLevel.DEBUG);
-                // Step (1.A.4).
-                isContributionValid = await zKey.verifyFromInit(firstZkeyTempFilePath, potTempFilePath, lastZkeyTempFilePath, transcriptLogger);
-                // Compute contribution hash.
-                lastZkeyBlake2bHash = await blake512FromPath(lastZkeyTempFilePath);
-                // Free resources by unlinking temporary folders.
-                // Do not free-up verification transcript path here.
-                try {
-                    fs.unlinkSync(potTempFilePath);
-                    fs.unlinkSync(firstZkeyTempFilePath);
-                    fs.unlinkSync(lastZkeyTempFilePath);
-                }
-                catch (error) {
-                    printLog(`Error while unlinking temporary files - Error ${error}`, LogLevel.WARN);
-                }
-                await completeVerification();
-            })
-                .catch((error) => {
-                // Throw the new error
-                const commonError = COMMON_ERRORS.CM_INVALID_REQUEST;
-                const additionalDetails = error.toString();
-                logAndThrowError(makeError(commonError.code, commonError.message, additionalDetails));
-            });
+            // Step (1.A.4).
+            isContributionValid = await zKey.verifyFromInit(firstZkeyTempFilePath, potTempFilePath, lastZkeyTempFilePath, transcriptLogger);
+            // Compute contribution hash.
+            lastZkeyBlake2bHash = await blake512FromPath(lastZkeyTempFilePath);
+            // Free resources by unlinking temporary folders.
+            // Do not free-up verification transcript path here.
+            try {
+                fs.unlinkSync(potTempFilePath);
+                fs.unlinkSync(firstZkeyTempFilePath);
+                fs.unlinkSync(lastZkeyTempFilePath);
+            }
+            catch (error) {
+                printLog(`Error while unlinking temporary files - Error ${error}`, LogLevel.WARN);
+            }
+            await completeVerification();
         }
     }
 });
@@ -2500,7 +2456,7 @@ const checkAndRemoveBlockingContributor = functions
                                 // Prepare Firestore batch of txs.
                                 const batch = firestore.batch();
                                 // Remove current contributor from waiting queue.
-                                contributors.shift(1);
+                                contributors.shift();
                                 // Check if someone else is ready to start the contribution.
                                 if (contributors.length > 0) {
                                     // Step (E.1).

package/dist/types/functions/circuit.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"circuit.d.ts","sourceRoot":"","sources":["../../../src/functions/circuit.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,WAAW,MAAM,uBAAuB,CAAA;AACpD,OAAO,KAAK,WAAW,MAAM,uBAAuB,CAAA;AAyCpD,OAAO,EAAuB,sBAAsB,EAAE,MAAM,gBAAgB,CAAA;AAyR5E;;;;;;;;;;;;;;;;;;GAkBG;AACH,eAAO,MAAM,6BAA6B,4FAoGpC,CAAA;AA8BN;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,eAAO,MAAM,kBAAkB,0EAya9B,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,+CAA+C,wEA4EtD,CAAA;AAEN;;;;GAIG;AACH,eAAO,MAAM,eAAe,uDA8EtB,CAAA"}
+{"version":3,"file":"circuit.d.ts","sourceRoot":"","sources":["../../../src/functions/circuit.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,WAAW,MAAM,uBAAuB,CAAA;AACpD,OAAO,KAAK,WAAW,MAAM,uBAAuB,CAAA;AAyCpD,OAAO,EAAuB,sBAAsB,EAAE,MAAM,gBAAgB,CAAA;AAkO5E;;;;;;;;;;;;;;;;;;GAkBG;AACH,eAAO,MAAM,6BAA6B,4FAoGpC,CAAA;AA8BN;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,eAAO,MAAM,kBAAkB,0EA0Z9B,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,+CAA+C,wEA4EtD,CAAA;AAEN;;;;GAIG;AACH,eAAO,MAAM,eAAe,uDA8EtB,CAAA"}

package/dist/types/functions/user.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../../../src/functions/user.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,SAAS,MAAM,oBAAoB,CAAA;AAW/C;;;;;GAKG;AACH,eAAO,MAAM,gBAAgB,mEAuFvB,CAAA;AACN;;;;GAIG;AACH,eAAO,MAAM,6BAA6B,mEA+BpC,CAAA"}
+{"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../../../src/functions/user.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,SAAS,MAAM,oBAAoB,CAAA;AAW/C;;;;;GAKG;AACH,eAAO,MAAM,gBAAgB,mEAsGvB,CAAA;AACN;;;;GAIG;AACH,eAAO,MAAM,6BAA6B,mEA+BpC,CAAA"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@devtion/backend",
-  "version": "0.0.0-7e983e3",
+  "version": "0.0.0-9c50f66",
   "description": "MPC Phase 2 backend for Firebase services management",
   "repository": "git@github.com:privacy-scaling-explorations/p0tion.git",
   "homepage": "https://github.com/privacy-scaling-explorations/p0tion",
@@ -67,7 +67,7 @@
     "@aws-sdk/client-ssm": "^3.357.0",
     "@aws-sdk/middleware-endpoint": "^3.329.0",
     "@aws-sdk/s3-request-presigner": "^3.329.0",
-    "@p0tion/actions": "^1.0.5",
+    "@devtion/actions": "latest",
     "blakejs": "^1.2.1",
     "dotenv": "^16.0.3",
     "ethers": "5.7.2",
@@ -85,5 +85,5 @@
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "afae72061a3b366b05508de53fe91e9b254cc3d5"
+  "gitHead": "1285984f567fe9c2456c6033fad3159d0b4c9393"
 }

package/src/functions/circuit.ts

@@ -131,6 +131,7 @@ const coordinate = async (
 
             newParticipantStatus = ParticipantStatus.CONTRIBUTING
             newContributionStep = ParticipantContributionStep.DOWNLOADING
+            newCurrentContributorId = participant.id
         }
         // Scenario (B).
         else if (participantIsNotCurrentContributor) {
@@ -265,62 +266,6 @@ const waitForVMCommandExecution = (
     }, 60000) // 1 minute.
 }
 
-/**
- * Wait until the artifacts have been downloaded.
- * @param {any} resolve the promise.
- * @param {any} reject the promise.
- * @param {string} potTempFilePath the tmp path to the locally downloaded pot file.
- * @param {string} firstZkeyTempFilePath the tmp path to the locally downloaded first zkey file.
- * @param {string} lastZkeyTempFilePath the tmp path to the locally downloaded last zkey file. 
- */
-const waitForFileDownload = (
-    resolve: any,
-    reject: any,
-    potTempFilePath: string,
-    firstZkeyTempFilePath: string,
-    lastZkeyTempFilePath: string,
-    circuitId: string,
-    participantId: string 
-) => {
-    const maxWaitTime = 5 * 60 * 1000 // 5 minutes
-    // every second check if the file download was completed
-    const interval = setInterval(async () => {
-        printLog(`Verifying that the artifacts were downloaded for circuit ${circuitId} and participant ${participantId}`, LogLevel.DEBUG)
-        try {                            
-            // check if files have been downloaded
-            if (!fs.existsSync(potTempFilePath)) {
-                printLog(`Pot file not found at ${potTempFilePath}`, LogLevel.DEBUG)
-            }
-            if (!fs.existsSync(firstZkeyTempFilePath)) {
-                printLog(`First zkey file not found at ${firstZkeyTempFilePath}`, LogLevel.DEBUG)
-            }
-            if (!fs.existsSync(lastZkeyTempFilePath)) {
-                printLog(`Last zkey file not found at ${lastZkeyTempFilePath}`, LogLevel.DEBUG)
-            }
-
-            // if all files were downloaded
-            if (fs.existsSync(potTempFilePath) && fs.existsSync(firstZkeyTempFilePath) && fs.existsSync(lastZkeyTempFilePath)) {
-                printLog(`All required files are present on disk.`, LogLevel.INFO)
-                // resolve the promise
-                resolve()
-            }
-        } catch (error: any) {
-            // if we have an error then we print it as a warning and reject
-            printLog(`Error while downloading files: ${error}`, LogLevel.WARN)
-            reject()
-        } finally {
-            printLog(`Clearing the interval for file download. Circuit ${circuitId} and participant ${participantId}`, LogLevel.DEBUG)
-            clearInterval(interval)
-        }
-    }, 5000)
-
-    // we want to clean in 5 minutes in case
-    setTimeout(() => {
-        clearInterval(interval)
-        reject(new Error('Timeout exceeded while waiting for files to be downloaded.'))
-    }, maxWaitTime)
-}
-
 /**
  * This method is used to coordinate the waiting queues of ceremony circuits.
  * @dev this cloud function is triggered whenever an update of a document related to a participant of a ceremony occurs.
@@ -763,7 +708,9 @@ export const verifycontribution = functionsV2.https.onCall(
                         ? (avgVerifyCloudFunctionTime + verifyCloudFunctionTime) / 2
                         : verifyCloudFunctionTime
 
-                // Prepare tx to update circuit average contribution/verification time.
+                // Prepare tx to update circuit average contribution/verification time.    
+                const updatedCircuitDoc = await getDocumentById(getCircuitsCollectionPath(ceremonyId), circuitId)
+                const { waitingQueue: updatedWaitingQueue } = updatedCircuitDoc.data()!
                 /// @dev this must happen only for valid contributions.
                 batch.update(circuitDoc.ref, {
                     avgTimings: {
@@ -776,7 +723,7 @@ export const verifycontribution = functionsV2.https.onCall(
                             : avgVerifyCloudFunctionTime
                     },
                     waitingQueue: {
-                        ...waitingQueue,
+                        ...updatedWaitingQueue,
                         completedContributions: isContributionValid
                             ? completedContributions + 1
                             : completedContributions,
@@ -879,45 +826,28 @@ export const verifycontribution = functionsV2.https.onCall(
                 await downloadArtifactFromS3Bucket(bucketName, firstZkeyStoragePath, firstZkeyTempFilePath)
                 await downloadArtifactFromS3Bucket(bucketName, lastZkeyStoragePath, lastZkeyTempFilePath)
 
-                await sleep(6000)
-
-                // wait until the files are actually downloaded
-                return new Promise<void>((resolve, reject) => 
-                    waitForFileDownload(resolve, reject, potTempFilePath, firstZkeyTempFilePath, lastZkeyTempFilePath, circuitId, participantDoc.id)
+                // Step (1.A.4).
+                isContributionValid = await zKey.verifyFromInit(
+                    firstZkeyTempFilePath,
+                    potTempFilePath,
+                    lastZkeyTempFilePath,
+                    transcriptLogger
                 )
-                    .then(async () => {
-                        printLog(`Downloads from AWS S3 bucket completed - ceremony ${ceremonyId} circuit ${circuitId}`, LogLevel.DEBUG)
-
-                        // Step (1.A.4).
-                        isContributionValid = await zKey.verifyFromInit(
-                            firstZkeyTempFilePath,
-                            potTempFilePath,
-                            lastZkeyTempFilePath,
-                            transcriptLogger
-                        )
-                        
-                        // Compute contribution hash.
-                        lastZkeyBlake2bHash = await blake512FromPath(lastZkeyTempFilePath)
-
-                        // Free resources by unlinking temporary folders.
-                        // Do not free-up verification transcript path here.
-                        try {
-                            fs.unlinkSync(potTempFilePath)
-                            fs.unlinkSync(firstZkeyTempFilePath)
-                            fs.unlinkSync(lastZkeyTempFilePath)
-                        } catch (error: any) {
-                            printLog(`Error while unlinking temporary files - Error ${error}`, LogLevel.WARN)
-                        }  
-
-                        await completeVerification()
-                    })
-                    .catch((error: any) => {
-                        // Throw the new error
-                        const commonError = COMMON_ERRORS.CM_INVALID_REQUEST
-                        const additionalDetails = error.toString()
-
-                        logAndThrowError(makeError(commonError.code, commonError.message, additionalDetails))
-                    })
+                
+                // Compute contribution hash.
+                lastZkeyBlake2bHash = await blake512FromPath(lastZkeyTempFilePath)
+
+                // Free resources by unlinking temporary folders.
+                // Do not free-up verification transcript path here.
+                try {
+                    fs.unlinkSync(potTempFilePath)
+                    fs.unlinkSync(firstZkeyTempFilePath)
+                    fs.unlinkSync(lastZkeyTempFilePath)
+                } catch (error: any) {
+                    printLog(`Error while unlinking temporary files - Error ${error}`, LogLevel.WARN)
+                }  
+
+                await completeVerification()
             }
         }
     }

package/src/functions/timeout.ts

@@ -174,7 +174,7 @@ export const checkAndRemoveBlockingContributor = functions
                                     const batch = firestore.batch()
 
                                     // Remove current contributor from waiting queue.
-                                    contributors.shift(1)
+                                    contributors.shift()
 
                                     // Check if someone else is ready to start the contribution.
                                     if (contributors.length > 0) {

package/src/functions/user.ts

@@ -40,8 +40,11 @@ export const registerAuthUser = functions
         const { uid } = user
         // Reference to a document using uid.
         const userRef = firestore.collection(commonTerms.collections.users.name).doc(uid)
-        // html encode the display name
-        const encodedDisplayName = encode(displayName)
+        // html encode the display name (or put the ID if the name is not displayed)
+        const encodedDisplayName = user.displayName === "Null" || user.displayName === null ? user.uid : encode(displayName)
+
+        // store the avatar URL of a contributor
+        let avatarUrl: string = ""
         // we only do reputation check if the user is not a coordinator
         if (
             !(
@@ -56,13 +59,13 @@ export const registerAuthUser = functions
 
                 // this return true or false
                 try {
-                    const res = await githubReputation(
+                    const { reputable, avatarUrl: avatarURL } = await githubReputation(
                         user.providerData[0].uid,
                         vars.minimumFollowing,
                         vars.minimumFollowers,
                         vars.minimumPublicRepos
                     )
-                    if (!res) {
+                    if (!reputable) {
                         // Delete user
                         await auth.deleteUser(user.uid)
                         // Throw error
@@ -70,11 +73,13 @@ export const registerAuthUser = functions
                             makeError(
                                 "permission-denied",
                                 "The user is not allowed to sign up because their Github reputation is not high enough.",
-                                `The user ${user.displayName} is not allowed to sign up because their Github reputation is not high enough. Please contact the administrator if you think this is a mistake.`
+                                `The user ${user.displayName === "Null" || user.displayName === null ? user.uid : user.displayName } is not allowed to sign up because their Github reputation is not high enough. Please contact the administrator if you think this is a mistake.`
                             )
                         )
-                    }
-                    printLog(`Github reputation check passed for user ${user.displayName}`, LogLevel.DEBUG)
+                    } 
+                    // store locally
+                    avatarUrl = avatarURL
+                    printLog(`Github reputation check passed for user ${user.displayName === "Null" || user.displayName === null ? user.uid : user.displayName }`, LogLevel.DEBUG)
                 } catch (error: any) {
                     // Delete user
                     await auth.deleteUser(user.uid)
@@ -89,6 +94,8 @@ export const registerAuthUser = functions
             }
         }
         // Set document (nb. we refer to providerData[0] because we use Github OAuth provider only).
+        // In future releases we might want to loop through the providerData array as we support
+        // more providers. 
         await userRef.set({
             name: encodedDisplayName,
             encodedDisplayName,
@@ -101,7 +108,15 @@ export const registerAuthUser = functions
             photoURL: photoURL || "",
             lastUpdated: getCurrentServerTimestampInMillis()
         })
+
+        // we want to create a new collection for the users to store the avatars
+        const avatarRef = firestore.collection(commonTerms.collections.avatars.name).doc(uid)
+        await avatarRef.set({
+            avatarUrl: avatarUrl || "",
+        })
+
         printLog(`Authenticated user document with identifier ${uid} has been correctly stored`, LogLevel.DEBUG)
+        printLog(`Authenticated user avatar with identifier ${uid} has been correctly stored`, LogLevel.DEBUG)
     })
 /**
  * Set custom claims for role-based access control on the newly created user.