@devtion/devcli 0.0.0-004e6ad

package/package.json

@@ -0,0 +1,108 @@
+{
+  "name": "@devtion/devcli",
+  "type": "module",
+  "version": "0.0.0-004e6ad",
+  "description": "All-in-one interactive command-line for interfacing with zkSNARK Phase 2 Trusted Setup ceremonies",
+  "repository": "git@github.com:privacy-scaling-explorations/p0tion.git",
+  "homepage": "https://github.com/privacy-scaling-explorations/p0tion",
+  "bugs": "https://github.com/privacy-scaling-explorations/p0tion/issues",
+  "license": "MIT",
+  "bin": "dist/index.js",
+  "main": "dist/index.js",
+  "types": "dist/types/index.d.ts",
+  "engines": {
+    "node": ">=16.14.0"
+  },
+  "files": [
+    "dist/",
+    "src/",
+    "types/",
+    "README.md"
+  ],
+  "keywords": [
+    "typescript",
+    "zero-knowledge",
+    "zk-snarks",
+    "phase-2",
+    "trusted-setup",
+    "ceremony",
+    "snarkjs",
+    "circom"
+  ],
+  "scripts": {
+    "build": "rimraf dist && rollup -c rollup.config.ts --configPlugin typescript",
+    "build:watch": "rollup -c rollup.config.ts -w --configPlugin typescript",
+    "start": "ts-node --esm ./src/index.ts",
+    "auth": "yarn start auth",
+    "auth:siwe": "yarn start auth-siwe",
+    "auth:bandada": "yarn start auth-bandada",
+    "contribute": "yarn start contribute",
+    "clean": "yarn start clean",
+    "list": "yarn start list",
+    "logout": "yarn start logout",
+    "validate": "yarn start validate",
+    "ceremony:participants": "yarn start ceremony participants",
+    "coordinate:setup": "yarn start coordinate setup",
+    "coordinate:observe": "yarn start coordinate observe",
+    "coordinate:finalize": "yarn start coordinate finalize",
+    "docs": "typedoc src/**/*.ts --out ../../docs/phase2cli"
+  },
+  "devDependencies": {
+    "@types/clear": "^0.1.2",
+    "@types/cli-progress": "^3.11.0",
+    "@types/figlet": "^1.5.6",
+    "@types/mime-types": "^2.1.1",
+    "@types/node-emoji": "^1.8.2",
+    "@types/node-fetch": "^2.6.3",
+    "@types/ora": "^3.2.0",
+    "@types/prompts": "^2.4.4",
+    "@types/rollup-plugin-auto-external": "^2.0.2",
+    "@types/winston": "^2.4.4",
+    "rollup-plugin-auto-external": "^2.0.0",
+    "rollup-plugin-cleanup": "^3.2.1",
+    "rollup-plugin-copy": "^3.5.0",
+    "rollup-plugin-typescript2": "^0.34.1",
+    "solc": "^0.8.19",
+    "ts-node": "^10.9.1",
+    "typescript": "^5.0.4"
+  },
+  "dependencies": {
+    "@adobe/node-fetch-retry": "^2.2.0",
+    "@aws-sdk/client-s3": "^3.329.0",
+    "@bandada/api-sdk": "^1.0.0-beta.1",
+    "@devtion/actions": "latest",
+    "@octokit/auth-oauth-app": "^5.0.5",
+    "@octokit/auth-oauth-device": "^4.0.4",
+    "@octokit/request": "^6.2.3",
+    "@semaphore-protocol/identity": "^3.15.1",
+    "blakejs": "^1.2.1",
+    "boxen": "^7.1.0",
+    "chalk": "^5.2.0",
+    "clear": "^0.1.0",
+    "cli-progress": "^3.12.0",
+    "clipboardy": "^3.0.0",
+    "commander": "^10.0.1",
+    "conf": "^11.0.1",
+    "dotenv": "^16.0.3",
+    "ethers": "^6.9.0",
+    "figlet": "^1.6.0",
+    "firebase": "^9.21.0",
+    "log-symbols": "^5.1.0",
+    "mime-types": "^2.1.35",
+    "node-disk-info": "^1.3.0",
+    "node-emoji": "^1.11.0",
+    "node-fetch": "^3.3.1",
+    "open": "^9.1.0",
+    "ora": "^6.3.0",
+    "prompts": "^2.4.2",
+    "rimraf": "^5.0.0",
+    "rollup": "^3.21.6",
+    "snarkjs": "0.7.3",
+    "timer-node": "^5.0.7",
+    "winston": "^3.8.2"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "gitHead": "8f3da5596cd864cdd387a32c05622efeaf0c10f7"
+}

package/src/commands/auth.ts

@@ -0,0 +1,214 @@
+#!/usr/bin/env node
+import { createOAuthDeviceAuth } from "@octokit/auth-oauth-device"
+import { Verification } from "@octokit/auth-oauth-device/dist-types/types.js"
+import clipboard from "clipboardy"
+import dotenv from "dotenv"
+import open from "open"
+import figlet from "figlet"
+import { fileURLToPath } from "url"
+import { dirname } from "path"
+import { GENERIC_ERRORS, showError } from "../lib/errors.js"
+import {
+    checkLocalAccessToken,
+    getLocalAccessToken,
+    setLocalAccessToken,
+    setLocalAuthMethod
+} from "../lib/localConfigs.js"
+import { bootstrapCommandExecutionAndServices, signInToFirebase } from "../lib/services.js"
+import theme from "../lib/theme.js"
+import {
+    customSpinner,
+    exchangeGithubTokenForCredentials,
+    getGithubProviderUserId,
+    getUserHandleFromProviderUserId,
+    sleep,
+    terminate
+} from "../lib/utils.js"
+
+const packagePath = `${dirname(fileURLToPath(import.meta.url))}`
+dotenv.config({
+    path: packagePath.includes(`src/lib`)
+        ? `${dirname(fileURLToPath(import.meta.url))}/../../.env`
+        : `${dirname(fileURLToPath(import.meta.url))}/.env`
+})
+
+/**
+ * Custom countdown which throws an error when expires.
+ * @param expirationInSeconds <number> - the expiration time in seconds.
+ */
+export const expirationCountdownForGithubOAuth = (expirationInSeconds: number) => {
+    // Prepare data.
+    let secondsCounter = expirationInSeconds <= 60 ? expirationInSeconds : 60
+    const interval = 1 // 1s.
+
+    setInterval(() => {
+        if (expirationInSeconds !== 0) {
+            // Update time and seconds counter.
+            expirationInSeconds -= interval
+            secondsCounter -= interval
+
+            if (secondsCounter % 60 === 0) secondsCounter = 0
+
+            // Notify user.
+            process.stdout.write(
+                `${theme.symbols.warning} Expires in ${theme.text.bold(
+                    theme.colors.magenta(`00:${Math.floor(expirationInSeconds / 60)}:${secondsCounter}`)
+                )}\r`
+            )
+        } else {
+            process.stdout.write(`\n\n`) // workaround to \r.
+            showError(GENERIC_ERRORS.GENERIC_COUNTDOWN_EXPIRATION, true)
+        }
+    }, interval * 1000) // ms.
+}
+
+/**
+ * Callback to manage the data requested for Github OAuth2.0 device flow.
+ * @param verification <Verification> - the data from Github OAuth2.0 device flow.
+ */
+export const onVerification = async (verification: Verification): Promise<void> => {
+    // Copy code to clipboard.
+    let noClipboard = false
+    try {
+        clipboard.writeSync(verification.user_code)
+        clipboard.readSync()
+    } catch (error) {
+        noClipboard = true
+    }
+
+    // Display data.
+    console.log(
+        `${theme.symbols.warning} Visit ${theme.text.bold(
+            theme.text.underlined(verification.verification_uri)
+        )} on this device to generate a new token and authenticate\n`
+    )
+
+    console.log(theme.colors.magenta(figlet.textSync("Code is Below", { font: "ANSI Shadow" })), "\n")
+
+    const message = !noClipboard ? `has been copied to your clipboard (${theme.emojis.clipboard})` : ``
+    console.log(
+        `${theme.symbols.info} Your auth code: ${theme.text.bold(verification.user_code)} ${message} ${
+            theme.symbols.success
+        }\n`
+    )
+
+    const spinner = customSpinner(`Redirecting to Github...`, `clock`)
+    spinner.start()
+
+    await sleep(10000) // ~10s to make users able to read the CLI.
+
+    try {
+        // Automatically open the page (# Step 2).
+        await open(verification.verification_uri)
+    } catch (error: any) {
+        console.log(`${theme.symbols.info} Please authenticate via GitHub at ${verification.verification_uri}`)
+    }
+
+    spinner.stop()
+
+    // Countdown for time expiration.
+    expirationCountdownForGithubOAuth(verification.expires_in)
+}
+
+/**
+ * Return the Github OAuth 2.0 token using manual Device Flow authentication process.
+ * @param clientId <string> - the client id for the CLI OAuth app.
+ * @returns <string> the Github OAuth 2.0 token.
+ */
+export const executeGithubDeviceFlow = async (clientId: string): Promise<string> => {
+    /**
+     * Github OAuth 2.0 Device Flow.
+     * # Step 1: Request device and user verification codes and gets auth verification uri.
+     * # Step 2: The app prompts the user to enter a user verification code at https://github.com/login/device.
+     * # Step 3: The app polls/asks for the user authentication status.
+     */
+
+    const clientType = "oauth-app"
+    const tokenType = "oauth"
+
+    // # Step 1.
+    const auth = createOAuthDeviceAuth({
+        clientType,
+        clientId,
+        scopes: ["gist"],
+        onVerification
+    })
+
+    // # Step 3.
+    const { token } = await auth({
+        type: tokenType
+    })
+
+    return token
+}
+
+/**
+ * Auth command.
+ * @notice The auth command allows a user to make the association of their Github account with the CLI by leveraging OAuth 2.0 as an authentication mechanism.
+ * @dev Under the hood, the command handles a manual Device Flow following the guidelines in the Github documentation.
+ */
+const auth = async () => {
+    const { firebaseApp } = await bootstrapCommandExecutionAndServices()
+
+    // Console more context for the user.
+    console.log(
+        `${theme.symbols.info} ${theme.text.bold(
+            `You are about to authenticate on this CLI using your Github account (device flow - OAuth 2.0 mechanism).\n${
+                theme.symbols.warning
+            } Please, note that only read and write permission for ${theme.text.italic(
+                `gists`
+            )} will be required in order to publish your contribution transcript!`
+        )}\n`
+    )
+
+    const spinner = customSpinner(`Checking authentication token...`, `clock`)
+    spinner.start()
+
+    await sleep(5000)
+
+    // Manage OAuth Github token.
+    const isLocalTokenStored = checkLocalAccessToken()
+
+    if (!isLocalTokenStored) {
+        spinner.fail(`No local authentication token found\n`)
+
+        // Generate a new access token using Github Device Flow (OAuth 2.0).
+        const newToken = await executeGithubDeviceFlow(String(process.env.AUTH_GITHUB_CLIENT_ID))
+
+        // Store the new access token.
+        setLocalAuthMethod("github")
+        setLocalAccessToken(newToken)
+    } else spinner.succeed(`Local authentication token found\n`)
+
+    // Get access token from local store.
+    const token = getLocalAccessToken()
+
+    // Exchange token for credential.
+    const credentials = exchangeGithubTokenForCredentials(String(token))
+
+    spinner.text = `Authenticating...`
+    spinner.start()
+
+    // Sign-in to Firebase using credentials.
+    await signInToFirebase(firebaseApp, credentials)
+
+    // Get Github handle.
+    const providerUserId = await getGithubProviderUserId(String(token))
+
+    spinner.succeed(
+        `You are authenticated as ${theme.text.bold(
+            `@${getUserHandleFromProviderUserId(providerUserId)}`
+        )} and now able to interact with zk-SNARK Phase2 Trusted Setup ceremonies`
+    )
+
+    // Console more context for the user.
+    console.log(
+        `\n${theme.symbols.warning} You can always log out by running the ${theme.text.bold(
+            `phase2cli logout`
+        )} command`
+    )
+
+    terminate(providerUserId)
+}
+
+export default auth

package/src/commands/authBandada.ts

@@ -0,0 +1,120 @@
+import { Identity } from "@semaphore-protocol/identity"
+
+import { commonTerms } from "@devtion/actions"
+import { httpsCallable } from "firebase/functions"
+import { groth16 } from "snarkjs"
+import { getAuth, signInWithCustomToken } from "firebase/auth"
+import prompts from "prompts"
+import { getLocalDirname } from "../lib/files.js"
+import theme from "../lib/theme.js"
+import { customSpinner } from "../lib/utils.js"
+import { VerifiedBandadaResponse } from "../types/index.js"
+import { showError } from "../lib/errors.js"
+import { bootstrapCommandExecutionAndServices } from "../lib/services.js"
+import { addMemberToGroup, isGroupMember } from "../lib/bandada.js"
+import {
+    checkLocalBandadaIdentity,
+    deleteLocalAccessToken,
+    deleteLocalAuthMethod,
+    deleteLocalBandadaIdentity,
+    getLocalBandadaIdentity,
+    setLocalAccessToken,
+    setLocalAuthMethod,
+    setLocalBandadaIdentity
+} from "../lib/localConfigs.js"
+
+const { BANDADA_DASHBOARD_URL, BANDADA_GROUP_ID } = process.env
+
+const authBandada = async () => {
+    try {
+        const { firebaseFunctions } = await bootstrapCommandExecutionAndServices()
+        const spinner = customSpinner(`Checking identity string for Semaphore...`, `clock`)
+        spinner.start()
+        // 1. check if _identity string exists in local storage
+        let identityString: string | unknown
+        const isIdentityStringStored = checkLocalBandadaIdentity()
+        if (isIdentityStringStored) {
+            identityString = getLocalBandadaIdentity()
+            spinner.succeed(`Identity seed found\n`)
+        } else {
+            spinner.warn(`Identity seed not found\n`)
+            // 2. generate a random _identity string and save it in local storage
+            const { seed } = await prompts({
+                type: "text",
+                name: "seed",
+                message: theme.text.bold(`Enter a secret string to use as your identity seed in Semaphore:`),
+                initial: false
+            })
+            identityString = seed as string
+            setLocalBandadaIdentity(identityString as string)
+        }
+        // 3. create a semaphore identity with _identity string as a seed
+        const identity = new Identity(identityString as string)
+
+        // 4. check if the user is a member of the group
+        console.log(`Checking Bandada membership...`)
+        const isMember = await isGroupMember(BANDADA_GROUP_ID, identity)
+        if (!isMember) {
+            await addMemberToGroup(BANDADA_GROUP_ID, BANDADA_DASHBOARD_URL, identity)
+        }
+
+        // 5. generate a proof that the user owns the commitment.
+        spinner.text = `Generating proof of identity...`
+        spinner.start()
+        // publicSignals = [hash(externalNullifier, identityNullifier), commitment]
+
+        const initDirectoryName = getLocalDirname()
+        const directoryName = initDirectoryName.includes("/src") ? "." : initDirectoryName
+
+        const { proof, publicSignals } = await groth16.fullProve(
+            {
+                identityTrapdoor: identity.trapdoor,
+                identityNullifier: identity.nullifier,
+                externalNullifier: BANDADA_GROUP_ID
+            },
+            `${directoryName}/public/mini-semaphore.wasm`,
+            `${directoryName}/public/mini-semaphore.zkey`
+        )
+        spinner.succeed(`Proof generated.\n`)
+        spinner.text = `Sending proof to verification...`
+        spinner.start()
+        // 6. send proof to a cloud function that verifies it and checks membership
+        const cf = httpsCallable(firebaseFunctions, commonTerms.cloudFunctionsNames.bandadaValidateProof)
+        const result = await cf({
+            proof,
+            publicSignals
+        })
+        const { valid, token, message } = result.data as VerifiedBandadaResponse
+        if (!valid) {
+            showError(message, true)
+            deleteLocalAuthMethod()
+            deleteLocalAccessToken()
+            deleteLocalBandadaIdentity()
+        }
+        spinner.succeed(`Proof verified.\n`)
+        spinner.text = `Authenticating...`
+        spinner.start()
+        // 7. Auth to p0tion firebase
+        const credentials = await signInWithCustomToken(getAuth(), token)
+        setLocalAuthMethod("bandada")
+        setLocalAccessToken(token)
+        spinner.succeed(`Authenticated as ${theme.text.bold(credentials.user.uid)}.`)
+
+        console.log(
+            `\n${theme.symbols.warning} You can always log out by running the ${theme.text.bold(
+                `phase2cli logout`
+            )} command`
+        )
+    } catch (error) {
+        // Delete local token.
+        console.log("An error crashed the process. Deleting local token and identity.")
+        console.error(error)
+        deleteLocalAuthMethod()
+        deleteLocalAccessToken()
+        deleteLocalBandadaIdentity()
+    }
+
+    process.exit(0)
+}
+
+export default authBandada

package/src/commands/authSIWE.ts

@@ -0,0 +1,185 @@
+import open from "open"
+import figlet from "figlet"
+import clipboard from "clipboardy"
+import fetch from "node-fetch"
+import { getAuth, signInWithCustomToken } from "firebase/auth"
+import { httpsCallable } from "firebase/functions"
+import { commonTerms } from "@devtion/actions"
+import { showError } from "../lib/errors.js"
+import { bootstrapCommandExecutionAndServices } from "../lib/services.js"
+import theme from "../lib/theme.js"
+import { customSpinner, sleep } from "../lib/utils.js"
+import { CheckNonceOfSIWEAddressResponse, OAuthDeviceCodeResponse, OAuthTokenResponse } from "../types/index.js"
+import {
+    checkLocalAccessToken,
+    deleteLocalAccessToken,
+    deleteLocalAuthMethod,
+    getLocalAccessToken,
+    setLocalAccessToken,
+    setLocalAuthMethod
+} from "../lib/localConfigs.js"
+
+const showVerificationCodeAndUri = async (OAuthDeviceCode: OAuthDeviceCodeResponse) => {
+    // Copy code to clipboard.
+    let noClipboard = false
+    try {
+        clipboard.writeSync(OAuthDeviceCode.user_code)
+        clipboard.readSync()
+    } catch (error) {
+        noClipboard = true
+    }
+    // Display data.
+    console.log(
+        `${theme.symbols.warning} Visit ${theme.text.bold(
+            theme.text.underlined(OAuthDeviceCode.verification_uri_complete)
+        )} on this device to generate a new token and authenticate\n`
+    )
+    console.log(theme.colors.magenta(figlet.textSync("Code is Below", { font: "ANSI Shadow" })), "\n")
+
+    const message = !noClipboard ? `has been copied to your clipboard (${theme.emojis.clipboard})` : ``
+    console.log(
+        `${theme.symbols.info} Your auth code: ${theme.text.bold(OAuthDeviceCode.user_code)} ${message} ${
+            theme.symbols.success
+        }\n`
+    )
+    const spinner = customSpinner(`Redirecting to Sign In With Ethereum...`, `clock`)
+    spinner.start()
+    await sleep(10000) // ~10s to make users able to read the CLI.
+    try {
+        // Automatically open the page (# Step 2).
+        await open(OAuthDeviceCode.verification_uri_complete)
+    } catch (error: any) {
+        console.log(
+            `${theme.symbols.info} Please authenticate via SIWE at ${OAuthDeviceCode.verification_uri_complete}`
+        )
+    }
+    spinner.stop()
+}
+
+/**
+ * Return the token to sign in to Firebase after passing the SIWE Device Flow
+ * @param clientId <string> - The client id of the Auth0 application.
+ * @param firebaseFunctions <any> - The Firebase functions instance to call the cloud function
+ * @returns <string> - The token to sign in to Firebase
+ */
+const executeSIWEDeviceFlow = async (clientId: string, firebaseFunctions: any): Promise<string> => {
+    // Call Auth0 endpoint to request device code uri
+    const OAuthDeviceCode = (await fetch(`${process.env.AUTH0_APPLICATION_URL}/oauth/device/code`, {
+        method: "POST",
+        headers: { "content-type": "application/json" },
+        body: JSON.stringify({
+            client_id: clientId,
+            scope: "openid",
+            audience: `${process.env.AUTH0_APPLICATION_URL}/api/v2/`
+        })
+    }).then((_res) => _res.json())) as OAuthDeviceCodeResponse
+    if (OAuthDeviceCode.error) {
+        showError(OAuthDeviceCode.error_description, true)
+        deleteLocalAuthMethod()
+        deleteLocalAccessToken()
+    }
+    await showVerificationCodeAndUri(OAuthDeviceCode)
+    // Poll Auth0 endpoint until you get token or request expires
+    let isSignedIn = false
+    let isExpired = false
+    let auth0Token = ""
+    while (!isSignedIn && !isExpired) {
+        // Call Auth0 endpoint to request token
+        const OAuthToken = (await fetch(`${process.env.AUTH0_APPLICATION_URL}/oauth/token`, {
+            method: "POST",
+            headers: { "content-type": "application/json" },
+            body: JSON.stringify({
+                client_id: clientId,
+                device_code: OAuthDeviceCode.device_code,
+                grant_type: "urn:ietf:params:oauth:grant-type:device_code"
+            })
+        }).then((_res) => _res.json())) as OAuthTokenResponse
+        if (OAuthToken.error) {
+            if (OAuthToken.error === "authorization_pending") {
+                // Wait for the user to sign in
+                await sleep(OAuthDeviceCode.interval * 1000)
+            } else if (OAuthToken.error === "slow_down") {
+                // Wait for the user to sign in
+                await sleep(OAuthDeviceCode.interval * 1000 * 2)
+            } else if (OAuthToken.error === "expired_token") {
+                // The user didn't sign in on time
+                isExpired = true
+            }
+        } else {
+            // The user signed in
+            isSignedIn = true
+            auth0Token = OAuthToken.access_token
+        }
+    }
+    // Send token to cloud function to check nonce, create user and retrieve token
+    const cf = httpsCallable(firebaseFunctions, commonTerms.cloudFunctionsNames.checkNonceOfSIWEAddress)
+    const result = await cf({
+        auth0Token
+    })
+    const { token, valid, message } = result.data as CheckNonceOfSIWEAddressResponse
+    if (!valid) {
+        showError(message, true)
+        deleteLocalAuthMethod()
+        deleteLocalAccessToken()
+    }
+    return token
+}
+
+/**
+ * Auth command using Sign In With Ethereum
+ * @notice The auth command allows a user to make the association of their Ethereum account with the CLI by leveraging SIWE as an authentication mechanism.
+ * @dev Under the hood, the command handles a manual Device Flow following the guidelines in the SIWE documentation.
+ */
+const authSIWE = async () => {
+    try {
+        const { firebaseFunctions } = await bootstrapCommandExecutionAndServices()
+        // Console more context for the user.
+        console.log(
+            `${theme.symbols.info} ${theme.text.bold(
+                `You are about to authenticate on this CLI using your Ethereum address (device flow - OAuth 2.0 mechanism).\n${theme.symbols.warning} Please, note that only a Sign-in With Ethereum signature will be required`
+            )}\n`
+        )
+        const spinner = customSpinner(`Checking authentication token...`, `clock`)
+        spinner.start()
+        await sleep(5000)
+
+        // Manage OAuth Github or SIWE token.
+        const isLocalTokenStored = checkLocalAccessToken()
+
+        if (!isLocalTokenStored) {
+            spinner.fail(`No local authentication token found\n`)
+
+            // Generate a new access token using Github Device Flow (OAuth 2.0).
+            const newToken = await executeSIWEDeviceFlow(String(process.env.AUTH_SIWE_CLIENT_ID), firebaseFunctions)
+
+            // Store the new access token.
+            setLocalAuthMethod("siwe")
+            setLocalAccessToken(newToken)
+        } else spinner.succeed(`Local authentication token found\n`)
+
+        // Get access token from local store.
+        const token = String(getLocalAccessToken())
+
+        spinner.text = `Authenticating...`
+        spinner.start()
+
+        // Exchange token for credential.
+        const credentials = await signInWithCustomToken(getAuth(), token)
+        spinner.succeed(`Authenticated as ${theme.text.bold(credentials.user.uid)}.`)
+
+        console.log(
+            `\n${theme.symbols.warning} You can always log out by running the ${theme.text.bold(
+                `phase2cli logout`
+            )} command`
+        )
+        process.exit(0)
+    } catch (error) {
+        // Delete local token.
+        console.log("An error crashed the process. Deleting local token and identity.")
+        console.error(error)
+        deleteLocalAuthMethod()
+        deleteLocalAccessToken()
+    }
+}
+
+export default authSIWE

package/src/commands/ceremony/index.ts

@@ -0,0 +1,20 @@
+import { Command } from "commander"
+import listParticipants from "./listParticipants.js"
+
+const setCeremonyCommands = (program: Command) => {
+    const ceremony = program.command("ceremony").description("manage ceremonies")
+
+    ceremony
+        .command("participants")
+        .description("retrieve participants list of a ceremony")
+        .requiredOption(
+            "-c, --ceremony <string>",
+            "the prefix of the ceremony you want to retrieve information about",
+            ""
+        )
+        .action(listParticipants)
+
+    return ceremony
+}
+
+export default setCeremonyCommands