@devtion/backend 0.0.0-92056fa → 0.0.0-9843891

package/src/functions/circuit.ts

@@ -40,9 +40,11 @@ import {
 } from "@devtion/actions"
 import { zKey } from "snarkjs"
 import { CommandInvocationStatus, SSMClient } from "@aws-sdk/client-ssm"
+import { EC2Client } from "@aws-sdk/client-ec2"
+import { HttpsError } from "firebase-functions/v2/https"
 import { FinalizeCircuitData, VerifyContributionData } from "../types/index"
 import { LogLevel } from "../types/enums"
-import { COMMON_ERRORS, logAndThrowError, makeError, printLog, SPECIFIC_ERRORS } from "../lib/errors"
+import { COMMON_ERRORS, logAndThrowError, printLog, SPECIFIC_ERRORS } from "../lib/errors"
 import {
     createEC2Client,
     createSSMClient,
@@ -57,7 +59,6 @@ import {
     sleep,
     uploadFileToBucket
 } from "../lib/utils"
-import { EC2Client } from "@aws-sdk/client-ec2"
 
 dotenv.config()
 
@@ -214,57 +215,80 @@ const coordinate = async (
  * Wait until the command has completed its execution inside the VM.
  * @dev this method implements a custom interval to check 5 times after 1 minute if the command execution
  * has been completed or not by calling the `retrieveCommandStatus` method.
- * @param {any} resolve the promise.
- * @param {any} reject the promise.
  * @param {SSMClient} ssm the SSM client.
  * @param {string} vmInstanceId the unique identifier of the VM instance.
  * @param {string} commandId the unique identifier of the VM command.
  * @returns <Promise<void>> true when the command execution succeed; otherwise false.
  */
-const waitForVMCommandExecution = (
-    resolve: any,
-    reject: any,
-    ssm: SSMClient,
-    vmInstanceId: string,
-    commandId: string
-) => {
-    const interval = setInterval(async () => {
-        try {
-            // Get command status.
-            const cmdStatus = await retrieveCommandStatus(ssm, vmInstanceId, commandId)
-            printLog(`Checking command ${commandId} status => ${cmdStatus}`, LogLevel.DEBUG)
-
-            if (cmdStatus === CommandInvocationStatus.SUCCESS) {
-                printLog(`Command ${commandId} successfully completed`, LogLevel.DEBUG)
-
-                // Resolve the promise.
-                resolve()
-            } else if (cmdStatus === CommandInvocationStatus.FAILED) {
-                logAndThrowError(SPECIFIC_ERRORS.SE_VM_FAILED_COMMAND_EXECUTION)
-                reject()
-            } else if (cmdStatus === CommandInvocationStatus.TIMED_OUT) {
-                logAndThrowError(SPECIFIC_ERRORS.SE_VM_TIMEDOUT_COMMAND_EXECUTION)
-                reject()
-            } else if (cmdStatus === CommandInvocationStatus.CANCELLED) {
-                logAndThrowError(SPECIFIC_ERRORS.SE_VM_CANCELLED_COMMAND_EXECUTION)
-                reject()
-            } else if (cmdStatus === CommandInvocationStatus.DELAYED) {
-                logAndThrowError(SPECIFIC_ERRORS.SE_VM_DELAYED_COMMAND_EXECUTION)
-                reject()
-            }
-        } catch (error: any) {
-            printLog(`Invalid command ${commandId} execution`, LogLevel.DEBUG)
+const waitForVMCommandExecution = (ssm: SSMClient, vmInstanceId: string, commandId: string): Promise<void> =>
+    new Promise((resolve, reject) => {
+        const poll = async () => {
+            try {
+                // Get command status.
+                const cmdStatus = await retrieveCommandStatus(ssm, vmInstanceId, commandId)
+                printLog(`Checking command ${commandId} status => ${cmdStatus}`, LogLevel.DEBUG)
+
+                let error: HttpsError | undefined
+                switch (cmdStatus) {
+                    case CommandInvocationStatus.CANCELLING:
+                    case CommandInvocationStatus.CANCELLED: {
+                        error = SPECIFIC_ERRORS.SE_VM_CANCELLED_COMMAND_EXECUTION
+                        break
+                    }
+                    case CommandInvocationStatus.DELAYED: {
+                        error = SPECIFIC_ERRORS.SE_VM_DELAYED_COMMAND_EXECUTION
+                        break
+                    }
+                    case CommandInvocationStatus.FAILED: {
+                        error = SPECIFIC_ERRORS.SE_VM_FAILED_COMMAND_EXECUTION
+                        break
+                    }
+                    case CommandInvocationStatus.TIMED_OUT: {
+                        error = SPECIFIC_ERRORS.SE_VM_TIMEDOUT_COMMAND_EXECUTION
+                        break
+                    }
+                    case CommandInvocationStatus.IN_PROGRESS:
+                    case CommandInvocationStatus.PENDING: {
+                        // wait a minute and poll again
+                        setTimeout(poll, 60000)
+                        return
+                    }
+                    case CommandInvocationStatus.SUCCESS: {
+                        printLog(`Command ${commandId} successfully completed`, LogLevel.DEBUG)
+
+                        // Resolve the promise.
+                        resolve()
+                        return
+                    }
+                    default: {
+                        logAndThrowError(SPECIFIC_ERRORS.SE_VM_UNKNOWN_COMMAND_STATUS)
+                    }
+                }
+
+                if (error) {
+                    logAndThrowError(error)
+                }
+            } catch (error: any) {
+                printLog(`Invalid command ${commandId} execution`, LogLevel.DEBUG)
 
-            if (!error.toString().includes(commandId)) logAndThrowError(COMMON_ERRORS.CM_INVALID_COMMAND_EXECUTION)
+                const ec2 = await createEC2Client()
 
-            // Reject the promise.
-            reject()
-        } finally {
-            // Clear the interval.
-            clearInterval(interval)
+                // if it errors out, let's just log it as a warning so the coordinator is aware
+                try {
+                    await stopEC2Instance(ec2, vmInstanceId)
+                } catch (error: any) {
+                    printLog(`Error while stopping VM instance ${vmInstanceId} - Error ${error}`, LogLevel.WARN)
+                }
+
+                if (!error.toString().includes(commandId)) logAndThrowError(COMMON_ERRORS.CM_INVALID_COMMAND_EXECUTION)
+
+                // Reject the promise.
+                reject()
+            }
         }
-    }, 60000) // 1 minute.
-}
+
+        setTimeout(poll, 60000)
+    })
 
 /**
  * This method is used to coordinate the waiting queues of ceremony circuits.
@@ -286,9 +310,9 @@ const waitForVMCommandExecution = (
  * - Just completed a contribution or all contributions for each circuit. If yes, coordinate (multi-participant scenario).
  */
 export const coordinateCeremonyParticipant = functionsV1
-    .region('europe-west1')
+    .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB"
     })
     .firestore.document(
         `${commonTerms.collections.ceremonies.name}/{ceremonyId}/${commonTerms.collections.participants.name}/{participantId}`
@@ -387,7 +411,6 @@ export const coordinateCeremonyParticipant = functionsV1
         }
     })
 
-
 /**
  * Recursive function to check whether an EC2 is in a running state
  * @notice required step to run commands
@@ -396,23 +419,18 @@ export const coordinateCeremonyParticipant = functionsV1
  * @param attempts <number> - how many times to retry before failing
  * @returns <Promise<boolean>> - whether the VM was started
  */
-const checkIfVMRunning = async (
-    ec2: EC2Client, 
-    vmInstanceId: string, 
-    attempts = 5
-    ): Promise<boolean> => {
+const checkIfVMRunning = async (ec2: EC2Client, vmInstanceId: string, attempts = 5): Promise<boolean> => {
     // if we tried 5 times, then throw an error
     if (attempts <= 0) logAndThrowError(SPECIFIC_ERRORS.SE_VM_NOT_RUNNING)
 
-    await sleep(60000); // Wait for 1 min
-    const isVMRunning = await checkIfRunning(ec2, vmInstanceId) 
+    await sleep(60000) // Wait for 1 min
+    const isVMRunning = await checkIfRunning(ec2, vmInstanceId)
 
     if (!isVMRunning) {
         printLog(`VM not running, ${attempts - 1} attempts remaining. Retrying in 1 minute...`, LogLevel.DEBUG)
-        return await checkIfVMRunning(ec2, vmInstanceId, attempts - 1)
-    } else {
-        return true
+        return checkIfVMRunning(ec2, vmInstanceId, attempts - 1)
     }
+    return true
 }
 
 /**
@@ -442,7 +460,7 @@ const checkIfVMRunning = async (
  * 2) Send all updates atomically to the Firestore database.
  */
 export const verifycontribution = functionsV2.https.onCall(
-    { memory: "16GiB", timeoutSeconds: 3600, region: 'europe-west1' },
+    { memory: "16GiB", timeoutSeconds: 3600, region: "europe-west1" },
     async (request: functionsV2.https.CallableRequest<VerifyContributionData>): Promise<any> => {
         if (!request.auth || (!request.auth.token.participant && !request.auth.token.coordinator))
             logAndThrowError(SPECIFIC_ERRORS.SE_AUTH_NO_CURRENT_AUTH_USER)
@@ -610,9 +628,6 @@ export const verifycontribution = functionsV2.https.onCall(
                         verificationTranscriptTemporaryLocalPath,
                         true
                     )
-
-                    // Stop VM instance.
-                    await stopEC2Instance(ec2, vmInstanceId)
                 } else {
                     // Upload verification transcript.
                     /// nb. do not use multi-part upload here due to small file size.
@@ -689,6 +704,17 @@ export const verifycontribution = functionsV2.https.onCall(
                 })
             }
 
+            // Stop VM instance
+            if (isUsingVM) {
+                // using try and catch as the VM stopping function can throw
+                // however we want to continue without stopping as the
+                // verification was valid, and inform the coordinator
+                try {
+                    await stopEC2Instance(ec2, vmInstanceId)
+                } catch (error: any) {
+                    printLog(`Error while stopping VM instance ${vmInstanceId} - Error ${error}`, LogLevel.WARN)
+                }
+            }
             // Step (1.A.4.C)
             if (!isFinalizing) {
                 // Step (1.A.4.C.1)
@@ -708,7 +734,7 @@ export const verifycontribution = functionsV2.https.onCall(
                         ? (avgVerifyCloudFunctionTime + verifyCloudFunctionTime) / 2
                         : verifyCloudFunctionTime
 
-                // Prepare tx to update circuit average contribution/verification time.    
+                // Prepare tx to update circuit average contribution/verification time.
                 const updatedCircuitDoc = await getDocumentById(getCircuitsCollectionPath(ceremonyId), circuitId)
                 const { waitingQueue: updatedWaitingQueue } = updatedCircuitDoc.data()!
                 /// @dev this must happen only for valid contributions.
@@ -782,9 +808,7 @@ export const verifycontribution = functionsV2.https.onCall(
                 printLog(`Starting the execution of command ${commandId}`, LogLevel.DEBUG)
 
                 // Step (1.A.3.3).
-                return new Promise<void>((resolve, reject) =>
-                    waitForVMCommandExecution(resolve, reject, ssm, vmInstanceId, commandId)
-                )
+                return waitForVMCommandExecution(ssm, vmInstanceId, commandId)
                     .then(async () => {
                         // Command execution successfully completed.
                         printLog(`Command ${commandId} execution has been successfully completed`, LogLevel.DEBUG)
@@ -796,59 +820,57 @@ export const verifycontribution = functionsV2.https.onCall(
 
                         logAndThrowError(COMMON_ERRORS.CM_INVALID_COMMAND_EXECUTION)
                     })
-            } else {
-                // CF approach.
-                printLog(`CF mechanism`, LogLevel.DEBUG)
+            }
 
-                const potStoragePath = getPotStorageFilePath(files.potFilename)
-                const firstZkeyStoragePath = getZkeyStorageFilePath(prefix, `${prefix}_${genesisZkeyIndex}.zkey`)
-                // Prepare temporary file paths.
-                // (nb. these are needed to download the necessary artifacts for verification from AWS S3).
-                verificationTranscriptTemporaryLocalPath = createTemporaryLocalPath(
-                    verificationTranscriptCompleteFilename
-                )
-                const potTempFilePath = createTemporaryLocalPath(`${circuitId}_${participantDoc.id}.pot`)
-                const firstZkeyTempFilePath = createTemporaryLocalPath(`${circuitId}_${participantDoc.id}_genesis.zkey`)
-                const lastZkeyTempFilePath = createTemporaryLocalPath(`${circuitId}_${participantDoc.id}_last.zkey`)
-
-                // Create and populate transcript.
-                const transcriptLogger = createCustomLoggerForFile(verificationTranscriptTemporaryLocalPath)
-                transcriptLogger.info(
-                    `${
-                        isFinalizing ? `Final verification` : `Verification`
-                    } transcript for ${prefix} circuit Phase 2 contribution.\n${
-                        isFinalizing ? `Coordinator ` : `Contributor # ${Number(lastZkeyIndex)}`
-                    } (${contributorOrCoordinatorIdentifier})\n`
-                )
+            // CF approach.
+            printLog(`CF mechanism`, LogLevel.DEBUG)
+
+            const potStoragePath = getPotStorageFilePath(files.potFilename)
+            const firstZkeyStoragePath = getZkeyStorageFilePath(prefix, `${prefix}_${genesisZkeyIndex}.zkey`)
+            // Prepare temporary file paths.
+            // (nb. these are needed to download the necessary artifacts for verification from AWS S3).
+            verificationTranscriptTemporaryLocalPath = createTemporaryLocalPath(verificationTranscriptCompleteFilename)
+            const potTempFilePath = createTemporaryLocalPath(`${circuitId}_${participantDoc.id}.pot`)
+            const firstZkeyTempFilePath = createTemporaryLocalPath(`${circuitId}_${participantDoc.id}_genesis.zkey`)
+            const lastZkeyTempFilePath = createTemporaryLocalPath(`${circuitId}_${participantDoc.id}_last.zkey`)
+
+            // Create and populate transcript.
+            const transcriptLogger = createCustomLoggerForFile(verificationTranscriptTemporaryLocalPath)
+            transcriptLogger.info(
+                `${
+                    isFinalizing ? `Final verification` : `Verification`
+                } transcript for ${prefix} circuit Phase 2 contribution.\n${
+                    isFinalizing ? `Coordinator ` : `Contributor # ${Number(lastZkeyIndex)}`
+                } (${contributorOrCoordinatorIdentifier})\n`
+            )
 
-                // Step (1.A.2).
-                await downloadArtifactFromS3Bucket(bucketName, potStoragePath, potTempFilePath)
-                await downloadArtifactFromS3Bucket(bucketName, firstZkeyStoragePath, firstZkeyTempFilePath)
-                await downloadArtifactFromS3Bucket(bucketName, lastZkeyStoragePath, lastZkeyTempFilePath)
-
-                // Step (1.A.4).
-                isContributionValid = await zKey.verifyFromInit(
-                    firstZkeyTempFilePath,
-                    potTempFilePath,
-                    lastZkeyTempFilePath,
-                    transcriptLogger
-                )
-                
-                // Compute contribution hash.
-                lastZkeyBlake2bHash = await blake512FromPath(lastZkeyTempFilePath)
+            // Step (1.A.2).
+            await downloadArtifactFromS3Bucket(bucketName, potStoragePath, potTempFilePath)
+            await downloadArtifactFromS3Bucket(bucketName, firstZkeyStoragePath, firstZkeyTempFilePath)
+            await downloadArtifactFromS3Bucket(bucketName, lastZkeyStoragePath, lastZkeyTempFilePath)
 
-                // Free resources by unlinking temporary folders.
-                // Do not free-up verification transcript path here.
-                try {
-                    fs.unlinkSync(potTempFilePath)
-                    fs.unlinkSync(firstZkeyTempFilePath)
-                    fs.unlinkSync(lastZkeyTempFilePath)
-                } catch (error: any) {
-                    printLog(`Error while unlinking temporary files - Error ${error}`, LogLevel.WARN)
-                }  
+            // Step (1.A.4).
+            isContributionValid = await zKey.verifyFromInit(
+                firstZkeyTempFilePath,
+                potTempFilePath,
+                lastZkeyTempFilePath,
+                transcriptLogger
+            )
 
-                await completeVerification()
+            // Compute contribution hash.
+            lastZkeyBlake2bHash = await blake512FromPath(lastZkeyTempFilePath)
+
+            // Free resources by unlinking temporary folders.
+            // Do not free-up verification transcript path here.
+            try {
+                fs.unlinkSync(potTempFilePath)
+                fs.unlinkSync(firstZkeyTempFilePath)
+                fs.unlinkSync(lastZkeyTempFilePath)
+            } catch (error: any) {
+                printLog(`Error while unlinking temporary files - Error ${error}`, LogLevel.WARN)
             }
+
+            await completeVerification()
         }
     }
 )
@@ -859,9 +881,9 @@ export const verifycontribution = functionsV2.https.onCall(
  * this does not happen if the participant is actually the coordinator who is finalizing the ceremony.
  */
 export const refreshParticipantAfterContributionVerification = functionsV1
-    .region('europe-west1')
+    .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB"
     })
     .firestore.document(
         `/${commonTerms.collections.ceremonies.name}/{ceremony}/${commonTerms.collections.circuits.name}/{circuit}/${commonTerms.collections.contributions.name}/{contributions}`
@@ -942,9 +964,9 @@ export const refreshParticipantAfterContributionVerification = functionsV1
  * and verification key extracted from the circuit final contribution (as part of the ceremony finalization process).
  */
 export const finalizeCircuit = functionsV1
-    .region('europe-west1')
+    .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB"
     })
     .https.onCall(async (data: FinalizeCircuitData, context: functionsV1.https.CallableContext) => {
         if (!context.auth || !context.auth.token.coordinator) logAndThrowError(COMMON_ERRORS.CM_NOT_COORDINATOR_ROLE)

package/src/functions/index.ts

@@ -31,6 +31,8 @@ export {
     generatePreSignedUrlsParts,
     completeMultiPartUpload
 } from "./storage"
+export { bandadaValidateProof } from "./bandada"
+export { checkNonceOfSIWEAddress } from "./siwe"
 export { checkAndRemoveBlockingContributor, resumeContributionAfterTimeoutExpiration } from "./timeout"
 
 admin.initializeApp()

package/src/functions/participant.ts

@@ -44,9 +44,9 @@ dotenv.config()
  * @dev true when the participant can participate (1.A, 3.B, 1.D); otherwise false.
  */
 export const checkParticipantForCeremony = functions
-    .region('europe-west1')
+    .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB"
     })
     .https.onCall(async (data: { ceremonyId: string }, context: functions.https.CallableContext) => {
         if (!context.auth || (!context.auth.token.participant && !context.auth.token.coordinator))
@@ -134,7 +134,7 @@ export const checkParticipantForCeremony = functions
                 participantDoc.ref.update({
                     status: ParticipantStatus.EXHUMED,
                     contributions,
-                    tempContributionData: tempContributionData ? tempContributionData : FieldValue.delete(),
+                    tempContributionData: tempContributionData || FieldValue.delete(),
                     contributionStep: ParticipantContributionStep.DOWNLOADING,
                     contributionStartedAt: 0,
                     verificationStartedAt: FieldValue.delete(),
@@ -175,9 +175,9 @@ export const checkParticipantForCeremony = functions
  * 2) the participant has just finished the contribution for a circuit (contributionProgress != 0 && status = CONTRIBUTED && contributionStep = COMPLETED).
  */
 export const progressToNextCircuitForContribution = functions
-    .region('europe-west1')
+    .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB"
     })
     .https.onCall(async (data: { ceremonyId: string }, context: functions.https.CallableContext): Promise<void> => {
         if (!context.auth || (!context.auth.token.participant && !context.auth.token.coordinator))
@@ -233,9 +233,9 @@ export const progressToNextCircuitForContribution = functions
  * 5) Completed contribution computation and verification.
  */
 export const progressToNextContributionStep = functions
-    .region('europe-west1')
+    .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB"
     })
     .https.onCall(async (data: { ceremonyId: string }, context: functions.https.CallableContext) => {
         if (!context.auth || (!context.auth.token.participant && !context.auth.token.coordinator))
@@ -296,9 +296,9 @@ export const progressToNextContributionStep = functions
  * @dev enable the current contributor to resume a contribution from where it had left off.
  */
 export const permanentlyStoreCurrentContributionTimeAndHash = functions
-    .region('europe-west1')
+    .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB"
     })
     .https.onCall(
         async (data: PermanentlyStoreCurrentContributionTimeAndHash, context: functions.https.CallableContext) => {
@@ -355,9 +355,9 @@ export const permanentlyStoreCurrentContributionTimeAndHash = functions
  * @dev enable the current contributor to resume a multi-part upload from where it had left off.
  */
 export const temporaryStoreCurrentContributionMultiPartUploadId = functions
-    .region('europe-west1')
+    .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB"
     })
     .https.onCall(
         async (data: TemporaryStoreCurrentContributionMultiPartUploadId, context: functions.https.CallableContext) => {
@@ -409,9 +409,9 @@ export const temporaryStoreCurrentContributionMultiPartUploadId = functions
  * @dev enable the current contributor to resume a multi-part upload from where it had left off.
  */
 export const temporaryStoreCurrentContributionUploadedChunkData = functions
-    .region('europe-west1')
+    .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB"
     })
     .https.onCall(
         async (data: TemporaryStoreCurrentContributionUploadedChunkData, context: functions.https.CallableContext) => {
@@ -469,9 +469,9 @@ export const temporaryStoreCurrentContributionUploadedChunkData = functions
  * contributed to every selected ceremony circuits (= DONE).
  */
 export const checkAndPrepareCoordinatorForFinalization = functions
-    .region('europe-west1')
+    .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB"
     })
     .https.onCall(async (data: { ceremonyId: string }, context: functions.https.CallableContext): Promise<boolean> => {
         if (!context.auth || !context.auth.token.coordinator) logAndThrowError(COMMON_ERRORS.CM_NOT_COORDINATOR_ROLE)

package/src/functions/siwe.ts

@@ -0,0 +1,77 @@
+import dotenv from "dotenv"
+import fetch from "@adobe/node-fetch-retry"
+import * as functions from "firebase-functions"
+import { getAuth } from "firebase-admin/auth"
+import admin from "firebase-admin"
+import { Auth0UserInfo, CheckNonceOfSIWEAddressRequest, CheckNonceOfSIWEAddressResponse } from "../types"
+import { setEthProvider } from "../lib/services"
+
+dotenv.config()
+
+export const checkNonceOfSIWEAddress = functions
+    .region("europe-west1")
+    .runWith({ memory: "1GB" })
+    .https.onCall(async (data: CheckNonceOfSIWEAddressRequest): Promise<CheckNonceOfSIWEAddressResponse> => {
+        try {
+            const { auth0Token } = data
+            const result = (await fetch(`${process.env.AUTH0_APPLICATION_URL}/userinfo`, {
+                method: "GET",
+                headers: {
+                    "content-type": "application/json",
+                    authorization: `Bearer ${auth0Token}`
+                }
+            }).then((_res) => _res.json())) as Auth0UserInfo
+            if (!result.sub) {
+                return {
+                    valid: false,
+                    message: "No user detected. Please check device flow token"
+                }
+            }
+            const auth = getAuth()
+            // check nonce
+            const parts = result.sub.split("|")
+            const address = decodeURIComponent(parts[2]).split(":")[2]
+
+            const minimumNonce = Number(process.env.ETH_MINIMUM_NONCE)
+            const nonceBlockHeight = "latest" // process.env.ETH_NONCE_BLOCK_HEIGHT
+            // look up nonce for address @block
+            let nonceOk = true
+            if (minimumNonce > 0) {
+                const provider = setEthProvider()
+                console.log(`got provider - block # ${await provider.getBlockNumber()}`)
+                const nonce = await provider.getTransactionCount(address, nonceBlockHeight)
+                console.log(`nonce ${nonce}`)
+                nonceOk = nonce >= minimumNonce
+            }
+            console.log(`checking nonce ${nonceOk}`)
+            if (!nonceOk) {
+                return {
+                    valid: false,
+                    message: "Eth address does not meet the nonce requirements"
+                }
+            }
+            try {
+                await admin.auth().createUser({
+                    displayName: address,
+                    uid: address
+                })
+            } catch (error: any) {
+                // if user already exist then just pass
+                if (error.code !== "auth/uid-already-exists") {
+                    throw new Error(error)
+                }
+            }
+            const token = await auth.createCustomToken(address)
+            return {
+                valid: true,
+                token
+            }
+        } catch (error) {
+            return {
+                valid: false,
+                message: `Something went wrong ${error}`
+            }
+        }
+    })
+
+export default checkNonceOfSIWEAddress

package/src/functions/storage.ts

@@ -134,7 +134,7 @@ const checkIfBucketIsDedicatedToCeremony = async (bucketName: string) => {
 export const createBucket = functions
     .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB"
     })
     .https.onCall(async (data: CreateBucketData, context: functions.https.CallableContext) => {
         // Check if the user has the coordinator claim.
@@ -193,8 +193,10 @@ export const createBucket = functions
                         CORSConfiguration: {
                             CORSRules: [
                                 {
-                                    AllowedMethods: ["GET"],
-                                    AllowedOrigins: ["*"]
+                                    AllowedMethods: ["GET", "PUT"],
+                                    AllowedOrigins: ["*"],
+                                    ExposeHeaders: ["ETag", "Content-Length"],
+                                    AllowedHeaders: ["*"]
                                 }
                             ]
                         }
@@ -236,7 +238,7 @@ export const createBucket = functions
 export const checkIfObjectExist = functions
     .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB"
     })
     .https.onCall(async (data: BucketAndObjectKeyData, context: functions.https.CallableContext): Promise<boolean> => {
         // Check if the user has the coordinator claim.
@@ -292,7 +294,7 @@ export const checkIfObjectExist = functions
 export const generateGetObjectPreSignedUrl = functions
     .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB"
     })
     .https.onCall(async (data: BucketAndObjectKeyData, context: functions.https.CallableContext): Promise<any> => {
         if (!context.auth) logAndThrowError(COMMON_ERRORS.CM_NOT_AUTHENTICATED)
@@ -339,7 +341,7 @@ export const generateGetObjectPreSignedUrl = functions
 export const startMultiPartUpload = functions
     .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "2GB"
     })
     .https.onCall(async (data: StartMultiPartUploadData, context: functions.https.CallableContext): Promise<any> => {
         if (!context.auth || (!context.auth.token.participant && !context.auth.token.coordinator))
@@ -407,7 +409,8 @@ export const startMultiPartUpload = functions
 export const generatePreSignedUrlsParts = functions
     .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "1GB",
+        timeoutSeconds: 300
     })
     .https.onCall(
         async (
@@ -484,7 +487,7 @@ export const generatePreSignedUrlsParts = functions
 export const completeMultiPartUpload = functions
     .region("europe-west1")
     .runWith({
-        memory: "512MB"
+        memory: "2GB"
     })
     .https.onCall(async (data: CompleteMultiPartUploadData, context: functions.https.CallableContext): Promise<any> => {
         if (!context.auth || (!context.auth.token.participant && !context.auth.token.coordinator))