@devtion/devcli 0.0.0-5d170d3 → 0.0.0-67a4629

package/dist/index.js

@@ -2,28 +2,27 @@
 
 /**
  * @module @p0tion/phase2cli
- * @version 1.0.5
+ * @version 1.1.1
  * @file All-in-one interactive command-line for interfacing with zkSNARK Phase 2 Trusted Setup ceremonies
  * @copyright Ethereum Foundation 2022
  * @license MIT
  * @see [Github]{@link https://github.com/privacy-scaling-explorations/p0tion}
 */
 import { createCommand } from 'commander';
-import fs, { readFileSync, createWriteStream, renameSync } from 'fs';
+import fs, { readFileSync, createWriteStream, existsSync, renameSync } from 'fs';
 import { dirname } from 'path';
 import { fileURLToPath } from 'url';
-import { zKey } from 'snarkjs';
+import { zKey, groth16 } from 'snarkjs';
 import boxen from 'boxen';
 import { pipeline } from 'node:stream';
 import { promisify } from 'node:util';
 import fetch$1 from 'node-fetch';
-import { S3Client, GetObjectCommand } from '@aws-sdk/client-s3';
-import { commonTerms, formatZkeyIndex, getZkeyStorageFilePath, finalContributionIndex, createCustomLoggerForFile, getBucketName, progressToNextContributionStep, permanentlyStoreCurrentContributionTimeAndHash, convertToDoubleDigits, multiPartUpload, verifyContribution, generateGetObjectPreSignedUrl, convertBytesOrKbToGb, numExpIterations, getDocumentById, getParticipantsCollectionPath, fromQueryToFirebaseDocumentInfo, getAllCollectionDocs, extractPrefix, autoGenerateEntropy, vmConfigurationTypes, initializeFirebaseCoreServices, signInToFirebaseWithCredentials, getCurrentFirebaseAuthUser, isCoordinator, parseCeremonyFile, blake512FromPath, checkIfObjectExist, setupCeremony, genesisZkeyIndex, getR1csStorageFilePath, getWasmStorageFilePath, getPotStorageFilePath, extractPoTFromFilename, potFileDownloadMainUrl, createS3Bucket, potFilenameTemplate, getR1CSInfo, getOpenedCeremonies, getCeremonyCircuits, checkParticipantForCeremony, getCurrentActiveParticipantTimeout, getCircuitBySequencePosition, getCircuitContributionsFromContributor, progressToNextCircuitForContribution, resumeContributionAfterTimeoutExpiration, generateValidContributionsAttestation, getContributionsValidityForContributor, getClosedCeremonies, checkAndPrepareCoordinatorForFinalization, computeSHA256ToHex, finalizeCeremony, getVerificationKeyStorageFilePath, verificationKeyAcronym, getVerifierContractStorageFilePath, verifierSmartContractAcronym, finalizeCircuit, exportVkey, exportVerifierContract } from '@p0tion/actions';
+import { commonTerms, formatZkeyIndex, getZkeyStorageFilePath, finalContributionIndex, createCustomLoggerForFile, getBucketName, progressToNextContributionStep, permanentlyStoreCurrentContributionTimeAndHash, convertToDoubleDigits, multiPartUpload, verifyContribution, generateGetObjectPreSignedUrl, convertBytesOrKbToGb, numExpIterations, getDocumentById, getParticipantsCollectionPath, fromQueryToFirebaseDocumentInfo, getAllCollectionDocs, extractPrefix, autoGenerateEntropy, vmConfigurationTypes, initializeFirebaseCoreServices, signInToFirebaseWithCredentials, getCurrentFirebaseAuthUser, isCoordinator, parseCeremonyFile, blake512FromPath, checkIfObjectExist, setupCeremony, genesisZkeyIndex, getR1csStorageFilePath, getWasmStorageFilePath, getPotStorageFilePath, extractPoTFromFilename, potFileDownloadMainUrl, createS3Bucket, potFilenameTemplate, getR1CSInfo, getOpenedCeremonies, getCeremonyCircuits, checkParticipantForCeremony, getCurrentActiveParticipantTimeout, getCircuitBySequencePosition, getCircuitContributionsFromContributor, progressToNextCircuitForContribution, resumeContributionAfterTimeoutExpiration, generateValidContributionsAttestation, getContributionsValidityForContributor, getClosedCeremonies, checkAndPrepareCoordinatorForFinalization, computeSHA256ToHex, finalizeCeremony, getVerificationKeyStorageFilePath, verificationKeyAcronym, getVerifierContractStorageFilePath, verifierSmartContractAcronym, finalizeCircuit, exportVkey, exportVerifierContract, getAllCeremonies } from '@devtion/actions';
 import fetch from '@adobe/node-fetch-retry';
 import { request } from '@octokit/request';
 import { SingleBar, Presets } from 'cli-progress';
 import dotenv from 'dotenv';
-import { GithubAuthProvider, getAuth, signOut } from 'firebase/auth';
+import { GithubAuthProvider, signInWithCustomToken, getAuth, signOut } from 'firebase/auth';
 import { getDiskInfoSync } from 'node-disk-info';
 import ora from 'ora';
 import { Timer } from 'timer-node';
@@ -34,11 +33,13 @@ import Conf from 'conf';
 import prompts from 'prompts';
 import clear from 'clear';
 import figlet from 'figlet';
-import { Readable } from 'stream';
 import { createOAuthDeviceAuth } from '@octokit/auth-oauth-device';
 import clipboard from 'clipboardy';
 import open from 'open';
-import { Timestamp, onSnapshot } from 'firebase/firestore';
+import { Identity } from '@semaphore-protocol/identity';
+import { httpsCallable } from 'firebase/functions';
+import { ApiSdk } from '@bandada/api-sdk';
+import { Timestamp, onSnapshot, doc, collection, getDocs } from 'firebase/firestore';
 import readline from 'readline';
 
 /**
@@ -99,7 +100,7 @@ const CORE_SERVICES_ERRORS = {
     FIREBASE_TOKEN_EXPIRED_REMOVED_PERMISSIONS: `The Github authorization has failed due to lack of association between your account and the CLI`,
     FIREBASE_USER_DISABLED: `The Github account has been suspended by the ceremony coordinator(s), blocking the possibility of contribution. Please, contact them to understand the motivation behind it.`,
     FIREBASE_FAILED_CREDENTIALS_VERIFICATION: `Firebase cannot verify your Github credentials due to network errors. Please, try once again later.`,
-    FIREBASE_NETWORK_ERROR: `Unable to reach Firebase due to network erros. Please, try once again later and make sure your Internet connection is stable.`,
+    FIREBASE_NETWORK_ERROR: `Unable to reach Firebase due to network errors. Please, try once again later and make sure your Internet connection is stable.`,
     FIREBASE_CEREMONY_NOT_OPENED: `There are no ceremonies opened to contributions`,
     FIREBASE_CEREMONY_NOT_CLOSED: `There are no ceremonies ready to finalization`,
     AWS_CEREMONY_BUCKET_CREATION: `Unable to create a new bucket for the ceremony. Something went wrong during the creation. Please, repeat the process by providing a new ceremony name of the ceremony.`,
@@ -252,6 +253,10 @@ const config = new Conf({
         accessToken: {
             type: "string",
             default: ""
+        },
+        bandadaIdentity: {
+            type: "string",
+            default: ""
         }
     }
 });
@@ -312,6 +317,25 @@ const setLocalAccessToken = (token) => config.set("accessToken", token);
  * Delete the stored access token.
  */
 const deleteLocalAccessToken = () => config.delete("accessToken");
+/**
+ * Return the Bandada identity, if present.
+ * @returns <string | undefined> - the Bandada identity if present, otherwise undefined.
+ */
+const getLocalBandadaIdentity = () => config.get("bandadaIdentity");
+/**
+ * Check if the Bandada identity exists in the local storage.
+ * @returns <boolean>
+ */
+const checkLocalBandadaIdentity = () => config.has("bandadaIdentity") && !!config.get("bandadaIdentity");
+/**
+ * Set the Bandada identity.
+ * @param identity <string> - the Bandada identity to be stored.
+ */
+const setLocalBandadaIdentity = (identity) => config.set("bandadaIdentity", identity);
+/**
+ * Delete the stored Bandada identity.
+ */
+const deleteLocalBandadaIdentity = () => config.delete("bandadaIdentity");
 /**
  * Get the complete local file path.
  * @param cwd <string> - the current working directory path.
@@ -367,6 +391,12 @@ const getVerificationKeyLocalFilePath = (completeFilename) => `${verificationKey
  * @returns <string> - the complete final verifier contract path to the file.
  */
 const getVerifierContractLocalFilePath = (completeFilename) => `${verifierContractsLocalFolderPath}/${completeFilename}`;
+/**
+ * Get the complete final attestation file path.
+ * @param completeFilename <string> - the complete filename of the file (name.ext).
+ * @returns <string> - the complete final final attestation path to the file.
+ */
+const getFinalAttestationLocalFilePath = (completeFilename) => `${finalAttestationsLocalFolderPath}/${completeFilename}`;
 /**
  * Get the final transcript file path.
  * @param completeFilename <string> - the complete filename of the file (name.ext).
@@ -416,7 +446,7 @@ const getGithubAuthenticatedUserGists = async (githubToken, params) => {
         headers: {
             authorization: `token ${githubToken}`
         },
-        per_page: params.perPage,
+        per_page: params.perPage, // max items per page = 100.
         page: params.page
     });
     if (response && response.status === 200)
@@ -464,8 +494,9 @@ const getPublicAttestationGist = async (githubToken, publicAttestationFilename)
  * @returns <string> - the third-party provider handle of the user.
  */
 const getUserHandleFromProviderUserId = (providerUserId) => {
-    if (providerUserId.indexOf("-") === -1)
-        showError(THIRD_PARTY_SERVICES_ERRORS.GITHUB_GET_GITHUB_ACCOUNT_INFO, true);
+    if (providerUserId.indexOf("-") === -1) {
+        return providerUserId;
+    }
     return providerUserId.split("-")[0];
 };
 /**
@@ -581,8 +612,18 @@ const publishGist = async (token, content, ceremonyTitle, ceremonyPrefix) => {
  * @returns <string> - the ready to share tweet url.
  */
 const generateCustomUrlToTweetAboutParticipation = (ceremonyName, gistUrl, isFinalizing) => isFinalizing
-    ? `https://twitter.com/intent/tweet?text=I%20have%20finalized%20the%20${ceremonyName}%20Phase%202%20Trusted%20Setup%20ceremony!%20You%20can%20view%20my%20final%20attestation%20here:%20${gistUrl}%20#Ethereum%20#ZKP%20#PSE`
-    : `https://twitter.com/intent/tweet?text=I%20contributed%20to%20the%20${ceremonyName}%20Phase%202%20Trusted%20Setup%20ceremony!%20You%20can%20contribute%20here:%20https://github.com/privacy-scaling-explorations/p0tion%20You%20can%20view%20my%20attestation%20here:%20${gistUrl}%20#Ethereum%20#ZKP`;
+    ? `https://twitter.com/intent/tweet?text=I%20have%20finalized%20the%20${ceremonyName}${ceremonyName.toLowerCase().includes("trusted") ||
+        ceremonyName.toLowerCase().includes("setup") ||
+        ceremonyName.toLowerCase().includes("phase2") ||
+        ceremonyName.toLowerCase().includes("ceremony")
+        ? "!"
+        : "%20Phase%202%20Trusted%20Setup%20ceremony!"}%20You%20can%20view%20my%20final%20attestation%20here:%20${gistUrl}%20#Ethereum%20#ZKP%20#PSE`
+    : `https://twitter.com/intent/tweet?text=I%20contributed%20to%20the%20${ceremonyName}${ceremonyName.toLowerCase().includes("trusted") ||
+        ceremonyName.toLowerCase().includes("setup") ||
+        ceremonyName.toLowerCase().includes("phase2") ||
+        ceremonyName.toLowerCase().includes("ceremony")
+        ? "!"
+        : "%20Phase%202%20Trusted%20Setup%20ceremony!"}%20You%20can%20view%20the%20steps%20to%20contribute%20here:%20https://ceremony.pse.dev%20You%20can%20view%20my%20attestation%20here:%20${gistUrl}%20#Ethereum%20#ZKP`;
 /**
  * Return a custom progress bar.
  * @param type <ProgressBarType> - the type of the progress bar.
@@ -710,13 +751,14 @@ const getLatestUpdatesFromParticipant = async (firestoreDatabase, ceremonyId, pa
  * @param entropyOrBeaconHash <string> - the entropy or beacon hash (only when finalizing) for the contribution.
  * @param contributorOrCoordinatorIdentifier <string> - the identifier of the contributor or coordinator (only when finalizing).
  * @param isFinalizing <boolean> - flag to discriminate between ceremony finalization (true) and contribution (false).
+ * @param circuitsLength <number> - the total number of circuits in the ceremony.
  */
-const handleStartOrResumeContribution = async (cloudFunctions, firestoreDatabase, ceremony, circuit, participant, entropyOrBeaconHash, contributorOrCoordinatorIdentifier, isFinalizing) => {
+const handleStartOrResumeContribution = async (cloudFunctions, firestoreDatabase, ceremony, circuit, participant, entropyOrBeaconHash, contributorOrCoordinatorIdentifier, isFinalizing, circuitsLength) => {
     // Extract data.
     const { prefix: ceremonyPrefix } = ceremony.data;
     const { waitingQueue, avgTimings, prefix: circuitPrefix, sequencePosition } = circuit.data;
     const { completedContributions } = waitingQueue; // = current progress.
-    console.log(`${theme.text.bold(`\n- Circuit # ${theme.colors.magenta(`${sequencePosition}`)}`)} (Contribution Steps)`);
+    console.log(`${theme.text.bold(`\n- Circuit # ${theme.colors.magenta(`${sequencePosition}/${circuitsLength}`)}`)} (Contribution Steps)`);
     // Get most up-to-date data from the participant document.
     let participantData = await getLatestUpdatesFromParticipant(firestoreDatabase, ceremony.id, participant.id);
     const spinner = customSpinner(`${participantData.contributionStep === "DOWNLOADING" /* ParticipantContributionStep.DOWNLOADING */
@@ -762,6 +804,7 @@ const handleStartOrResumeContribution = async (cloudFunctions, firestoreDatabase
         // Download the latest contribution from bucket.
         await downloadCeremonyArtifact(cloudFunctions, bucketName, lastZkeyStorageFilePath, lastZkeyLocalFilePath);
         console.log(`${theme.symbols.success} Contribution ${theme.text.bold(`#${lastZkeyIndex}`)} correctly downloaded`);
+        await sleep(3000);
         // Advance to next contribution step (COMPUTING) if not finalizing.
         if (!isFinalizing) {
             spinner.text = `Preparing for contribution computation...`;
@@ -789,11 +832,14 @@ const handleStartOrResumeContribution = async (cloudFunctions, firestoreDatabase
             showError(COMMAND_ERRORS.COMMAND_CONTRIBUTE_FINALIZE_NO_TRANSCRIPT_CONTRIBUTION_HASH_MATCH, true);
         // Format contribution hash.
         const contributionHash = matchContributionHash?.at(0)?.replace("\n\t\t", "");
+        await sleep(500);
         // Make request to cloud functions to permanently store the information.
         await permanentlyStoreCurrentContributionTimeAndHash(cloudFunctions, ceremony.id, computingTime, contributionHash);
         // Format computing time.
         const { seconds: computationSeconds, minutes: computationMinutes, hours: computationHours } = getSecondsMinutesHoursFromMillis(computingTime);
         spinner.succeed(`${isFinalizing ? "Contribution" : `Contribution ${theme.text.bold(`#${nextZkeyIndex}`)}`} computation took ${theme.text.bold(`${convertToDoubleDigits(computationHours)}:${convertToDoubleDigits(computationMinutes)}:${convertToDoubleDigits(computationSeconds)}`)}`);
+        // ensure the previous step is completed
+        await sleep(5000);
         // Advance to next contribution step (UPLOADING) if not finalizing.
         if (!isFinalizing) {
             spinner.text = `Preparing for uploading the contribution...`;
@@ -809,12 +855,17 @@ const handleStartOrResumeContribution = async (cloudFunctions, firestoreDatabase
         console.log(`${theme.symbols.success} Contribution ${theme.text.bold(`#${nextZkeyIndex}`)} already computed`);
     // Contribution step = UPLOADING.
     if (isFinalizing || participantData.contributionStep === "UPLOADING" /* ParticipantContributionStep.UPLOADING */) {
-        spinner.text = `Uploading ${isFinalizing ? "final" : "your"} contribution ${!isFinalizing ? theme.text.bold(`#${nextZkeyIndex}`) : ""} to storage.\n${theme.symbols.warning} This step may take a while based on circuit size and your contribution speed. Everything's fine, just be patient.`;
+        spinner.text = `Uploading ${isFinalizing ? "final" : "your"} contribution ${!isFinalizing ? theme.text.bold(`#${nextZkeyIndex}`) : ""} to storage.\n${theme.symbols.warning} This step may take a while based on circuit size and your internet speed. Everything's fine, just be patient.`;
         spinner.start();
-        if (!isFinalizing)
-            await multiPartUpload(cloudFunctions, bucketName, nextZkeyStorageFilePath, nextZkeyLocalFilePath, Number(process.env.CONFIG_STREAM_CHUNK_SIZE_IN_MB), ceremony.id, participantData.tempContributionData);
+        const progressBar = customProgressBar(ProgressBarType.UPLOAD, `your contribution`);
+        if (!isFinalizing) {
+            await multiPartUpload(cloudFunctions, bucketName, nextZkeyStorageFilePath, nextZkeyLocalFilePath, Number(process.env.CONFIG_STREAM_CHUNK_SIZE_IN_MB), ceremony.id, participantData.tempContributionData, progressBar);
+            progressBar.stop();
+        }
         else
             await multiPartUpload(cloudFunctions, bucketName, nextZkeyStorageFilePath, nextZkeyLocalFilePath, Number(process.env.CONFIG_STREAM_CHUNK_SIZE_IN_MB));
+        // small sleep to ensure the previous step is completed
+        await sleep(5000);
         spinner.succeed(`${isFinalizing ? `Contribution` : `Contribution ${theme.text.bold(`#${nextZkeyIndex}`)}`} correctly saved to storage`);
         // Advance to next contribution step (VERIFYING) if not finalizing.
         if (!isFinalizing) {
@@ -992,7 +1043,7 @@ const promptCircomCompiler = async () => {
  * Shows a list of circuits for a single option selection.
  * @dev the circuit names are derived from local R1CS files.
  * @param options <Array<string>> - an array of circuits names.
- * @returns Promise<string> - the name of the choosen circuit.
+ * @returns Promise<string> - the name of the chosen circuit.
  */
 const promptCircuitSelector = async (options) => {
     const { circuitFilename } = await prompts({
@@ -1010,7 +1061,7 @@ const promptCircuitSelector = async (options) => {
  * Shows a list of standard EC2 VM instance types for a single option selection.
  * @notice the suggested VM configuration type is calculated based on circuit constraint size.
  * @param constraintSize <number> - the amount of circuit constraints
- * @returns Promise<string> - the name of the choosen VM type.
+ * @returns Promise<string> - the name of the chosen VM type.
  */
 const promptVMTypeSelector = async (constraintSize) => {
     let suggestedConfiguration = 0;
@@ -1107,7 +1158,7 @@ const promptVMDiskTypeSelector = async () => {
 /**
  * Show a series of questions about the circuits.
  * @param constraintSize <number> - the amount of circuit constraints.
- * @param timeoutMechanismType <CeremonyTimeoutType> - the choosen timeout mechanism type for the ceremony.
+ * @param timeoutMechanismType <CeremonyTimeoutType> - the chosen timeout mechanism type for the ceremony.
  * @param needPromptCircomCompiler <boolean> - a boolean value indicating if the questions related to the Circom compiler version and commit hash must be asked.
  * @param enforceVM <boolean> - a boolean value indicating if the contribution verification could be supported by VM-only approach or not.
  * @returns Promise<Array<Circuit>> - circuit info prompted by the coordinator.
@@ -1120,7 +1171,7 @@ const promptCircuitInputData = async (constraintSize, timeoutMechanismType, same
     let circomVersion = "";
     let circomCommitHash = "";
     let circuitInputData;
-    let useCfOrVm;
+    let cfOrVm;
     let vmDiskType;
     let vmConfigurationType = "";
     const questions = [
@@ -1175,18 +1226,21 @@ const promptCircuitInputData = async (constraintSize, timeoutMechanismType, same
         circomVersion = version;
         circomCommitHash = commitHash;
     }
-    // Ask for prefered contribution verification method (CF vs VM).
+    // Ask for preferred contribution verification method (CF vs VM).
     if (!enforceVM) {
         const { confirmation } = await askForConfirmation(`The contribution verification can be performed using Cloud Functions (CF, cheaper for small contributions but limited to 1M constraints) or custom virtual machines (expensive but could scale up to 30M constraints). Be aware about VM costs and if you wanna learn more, please visit the documentation to have a complete overview about cost estimation of the two mechanisms.\nChoose the contribution verification mechanism`, `CF`, // eq. true.
         `VM` // eq. false.
         );
-        useCfOrVm = confirmation;
+        cfOrVm = confirmation
+            ? "CF" /* CircuitContributionVerificationMechanism.CF */
+            : "VM" /* CircuitContributionVerificationMechanism.VM */;
     }
-    else
-        useCfOrVm = "VM" /* CircuitContributionVerificationMechanism.VM */;
-    if (useCfOrVm === undefined)
+    else {
+        cfOrVm = "VM" /* CircuitContributionVerificationMechanism.VM */;
+    }
+    if (cfOrVm === undefined)
         showError(COMMAND_ERRORS.COMMAND_ABORT_PROMPT, true);
-    if (!useCfOrVm) {
+    if (cfOrVm === "VM" /* CircuitContributionVerificationMechanism.VM */) {
         // Ask for selecting the specific VM configuration type.
         vmConfigurationType = await promptVMTypeSelector(constraintSize);
         // Ask for selecting the specific VM disk (volume) type.
@@ -1220,9 +1274,7 @@ const promptCircuitInputData = async (constraintSize, timeoutMechanismType, same
                 paramsConfiguration: circuitConfigurationValues
             },
             verification: {
-                cfOrVm: useCfOrVm
-                    ? "CF" /* CircuitContributionVerificationMechanism.CF */
-                    : "VM" /* CircuitContributionVerificationMechanism.VM */,
+                cfOrVm,
                 vm: {
                     vmConfigurationType,
                     vmDiskType
@@ -1258,9 +1310,7 @@ const promptCircuitInputData = async (constraintSize, timeoutMechanismType, same
                 paramsConfiguration: circuitConfigurationValues
             },
             verification: {
-                cfOrVm: useCfOrVm
-                    ? "CF" /* CircuitContributionVerificationMechanism.CF */
-                    : "VM" /* CircuitContributionVerificationMechanism.VM */,
+                cfOrVm,
                 vm: {
                     vmConfigurationType,
                     vmDiskType
@@ -1304,7 +1354,7 @@ const promptCircuitAddition = async () => {
  * Shows a list of pre-computed zKeys for a single option selection.
  * @dev the names are derived from local zKeys files.
  * @param options <Array<string>> - an array of pre-computed zKeys names.
- * @returns Promise<string> - the name of the choosen pre-computed zKey.
+ * @returns Promise<string> - the name of the chosen pre-computed zKey.
  */
 const promptPreComputedZkeySelector = async (options) => {
     const { preComputedZkeyFilename } = await prompts({
@@ -1342,13 +1392,13 @@ const promptNeededPowersForCircuit = async (suggestedSmallestNeededPowers) => {
  * Shows a list of PoT files for a single option selection.
  * @dev the names are derived from local PoT files.
  * @param options <Array<string>> - an array of PoT file names.
- * @returns Promise<string> - the name of the choosen PoT.
+ * @returns Promise<string> - the name of the chosen PoT.
  */
 const promptPotSelector = async (options) => {
     const { potFilename } = await prompts({
         type: "select",
         name: "potFilename",
-        message: theme.text.bold("Select the Powers of Tau file choosen for the circuit"),
+        message: theme.text.bold("Select the Powers of Tau file chosen for the circuit"),
         choices: options.map((option) => {
             console.log(option);
             return { title: option, value: option };
@@ -1418,7 +1468,7 @@ const promptToTypeEntropyOrBeacon = async (isEntropy = true) => {
  * @return <Promise<string>> - the entropy.
  */
 const promptForEntropy = async () => {
-    // Prompt for entropy generation prefered method.
+    // Prompt for entropy generation preferred method.
     const { confirmation } = await askForConfirmation(`Do you prefer to type your entropy or generate it randomly?`, "Manually", "Randomly");
     if (confirmation === undefined)
         showError(COMMAND_ERRORS.COMMAND_ABORT_PROMPT, true);
@@ -1537,16 +1587,27 @@ const checkAuth = async (firebaseApp) => {
         showError(THIRD_PARTY_SERVICES_ERRORS.GITHUB_NOT_AUTHENTICATED, true);
     // Retrieve local access token.
     const token = String(getLocalAccessToken());
-    // Get credentials.
-    const credentials = exchangeGithubTokenForCredentials(token);
-    // Sign in to Firebase using credentials.
-    await signInToFirebase(firebaseApp, credentials);
+    let providerUserId;
+    let username;
+    const isLocalBandadaIdentityStored = checkLocalBandadaIdentity();
+    if (isLocalBandadaIdentityStored) {
+        const userCredentials = await signInWithCustomToken(getAuth(), token);
+        providerUserId = userCredentials.user.uid;
+        username = providerUserId;
+    }
+    else {
+        // Get credentials.
+        const credentials = exchangeGithubTokenForCredentials(token);
+        // Sign in to Firebase using credentials.
+        await signInToFirebase(firebaseApp, credentials);
+        // Get Github unique identifier (handle-id).
+        providerUserId = await getGithubProviderUserId(String(token));
+        username = getUserHandleFromProviderUserId(providerUserId);
+    }
     // Get current authenticated user.
     const user = getCurrentFirebaseAuthUser(firebaseApp);
-    // Get Github unique identifier (handle-id).
-    const providerUserId = await getGithubProviderUserId(String(token));
     // Greet the user.
-    console.log(`Greetings, @${theme.text.bold(getUserHandleFromProviderUserId(providerUserId))} ${theme.emojis.wave}\n`);
+    console.log(`Greetings, @${theme.text.bold(username)} ${theme.emojis.wave}\n`);
     return {
         user,
         token,
@@ -1635,7 +1696,7 @@ const handleAdditionOfCircuitsToCeremony = async (r1csOptions, wasmOptions, cere
             wasmFilename.split(`.${commonTerms.foldersAndPathsTerms.wasm}`)[0]);
         if (matchingWasms.length !== 1)
             showError(COMMAND_ERRORS.COMMAND_SETUP_MISMATCH_R1CS_WASM, true);
-        // Get input data for choosen circuit.
+        // Get input data for chosen circuit.
         const circuitInputData = await getInputDataToAddCircuitToCeremony(choosenCircuitFilename, matchingWasms[0], ceremonyTimeoutMechanismType, sameCircomCompiler, circuitSequencePosition, sharedCircomCompilerData);
         // Store circuit data.
         inputDataForCircuits.push(circuitInputData);
@@ -1725,7 +1786,7 @@ const checkAndDownloadSmallestPowersOfTau = async (powers, ptauCompleteFilename)
  * number of powers greater than or equal to the powers needed by the zKey), the coordinator will be asked
  * to provide a number of powers manually, ranging from the smallest possible to the largest.
  * @param neededPowers <number> - the smallest amount of powers needed by the zKey.
- * @returns Promise<string, string> - the information about the choosen Powers of Tau file for the pre-computed zKey
+ * @returns Promise<string, string> - the information about the chosen Powers of Tau file for the pre-computed zKey
  * along with related powers.
  */
 const handlePreComputedZkeyPowersOfTauSelection = async (neededPowers) => {
@@ -1826,7 +1887,9 @@ const setup = async (cmd) => {
     let ceremonyId = ""; // The unique identifier of the ceremony.
     const { firebaseApp, firebaseFunctions, firestoreDatabase } = await bootstrapCommandExecutionAndServices();
     // Check for authentication.
-    const { user, providerUserId } = cmd.auth ? await authWithToken(firebaseApp, cmd.auth) : await checkAuth(firebaseApp);
+    const { user, providerUserId } = cmd.auth
+        ? await authWithToken(firebaseApp, cmd.auth)
+        : await checkAuth(firebaseApp);
     // Preserve command execution only for coordinators.
     if (!(await isCoordinator(user)))
         showError(COMMAND_ERRORS.COMMAND_NOT_COORDINATOR, true);
@@ -1843,7 +1906,7 @@ const setup = async (cmd) => {
     // if there is the file option, then set up the non interactively
     if (cmd.template) {
         // 1. parse the file
-        // tmp data - do not cleanup files as we need them 
+        // tmp data - do not cleanup files as we need them
         const spinner = customSpinner(`Parsing ${theme.text.bold(cmd.template)} setup configuration file...`, `clock`);
         spinner.start();
         const setupCeremonyData = await parseCeremonyFile(cmd.template);
@@ -1853,8 +1916,6 @@ const setup = async (cmd) => {
         // create a new bucket
         const bucketName = await handleCeremonyBucketCreation(firebaseFunctions, ceremonySetupData.ceremonyPrefix);
         console.log(`\n${theme.symbols.success} Ceremony bucket name: ${theme.text.bold(bucketName)}`);
-        // create S3 clienbt
-        const s3 = new S3Client({ region: 'us-east-1' });
         // loop through each circuit
         for await (const circuit of setupCeremonyData.circuits) {
             // Local paths.
@@ -1864,25 +1925,24 @@ const setup = async (cmd) => {
             const potLocalPathAndFileName = getPotLocalFilePath(circuit.files.potFilename);
             const zkeyLocalPathAndFileName = getZkeyLocalFilePath(circuit.files.initialZkeyFilename);
             // 2. download the pot and wasm files
-            const streamPipeline = promisify(pipeline);
             await checkAndDownloadSmallestPowersOfTau(convertToDoubleDigits(circuit.metadata?.pot), circuit.files.potFilename);
-            // download the wasm to calculate the hash
-            const spinner = customSpinner(`Downloading the ${theme.text.bold(`#${circuit.name}`)} WASM file from the project's bucket...`, `clock`);
+            // 3. generate the zKey
+            const spinner = customSpinner(`Generating genesis zKey for circuit ${theme.text.bold(circuit.name)}...`, `clock`);
             spinner.start();
-            const command = new GetObjectCommand({ Bucket: ceremonySetupData.circuitArtifacts[index].artifacts.bucket, Key: ceremonySetupData.circuitArtifacts[index].artifacts.wasmStoragePath });
-            const response = await s3.send(command);
-            if (response.$metadata.httpStatusCode !== 200) {
-                throw new Error("There was an error while trying to download the wasm file. Please check that the file has the correct permissions (public) set.");
+            if (existsSync(zkeyLocalPathAndFileName)) {
+                spinner.succeed(`The genesis zKey for circuit ${theme.text.bold(circuit.name)} is already present on disk`);
             }
-            if (response.Body instanceof Readable)
-                await streamPipeline(response.Body, createWriteStream(wasmLocalPathAndFileName));
-            spinner.stop();
-            // 3. generate the zKey
-            await zKey.newZKey(r1csLocalPathAndFileName, getPotLocalFilePath(circuit.files.potFilename), zkeyLocalPathAndFileName, undefined);
+            else {
+                await zKey.newZKey(r1csLocalPathAndFileName, getPotLocalFilePath(circuit.files.potFilename), zkeyLocalPathAndFileName, undefined);
+                spinner.succeed(`Generation of the genesis zKey for circuit ${theme.text.bold(circuit.name)} completed successfully`);
+            }
+            const hashSpinner = customSpinner(`Calculating hashes for circuit ${theme.text.bold(circuit.name)}...`, `clock`);
+            hashSpinner.start();
             // 4. calculate the hashes
             const wasmBlake2bHash = await blake512FromPath(wasmLocalPathAndFileName);
             const potBlake2bHash = await blake512FromPath(getPotLocalFilePath(circuit.files.potFilename));
             const initialZkeyBlake2bHash = await blake512FromPath(zkeyLocalPathAndFileName);
+            hashSpinner.succeed(`Hashes for circuit ${theme.text.bold(circuit.name)} calculated successfully`);
             // 5. upload the artifacts
             // Upload zKey to Storage.
             await handleCircuitArtifactUploadToStorage(firebaseFunctions, bucketName, circuit.files.initialZkeyStoragePath, zkeyLocalPathAndFileName, circuit.files.initialZkeyFilename);
@@ -1900,9 +1960,9 @@ const setup = async (cmd) => {
             // 6 update the setup data object
             ceremonySetupData.circuits[index].files = {
                 ...circuit.files,
-                potBlake2bHash: potBlake2bHash,
-                wasmBlake2bHash: wasmBlake2bHash,
-                initialZkeyBlake2bHash: initialZkeyBlake2bHash
+                potBlake2bHash,
+                wasmBlake2bHash,
+                initialZkeyBlake2bHash
             };
             ceremonySetupData.circuits[index].zKeySizeInBytes = getFileStats(zkeyLocalPathAndFileName).size;
         }
@@ -2110,16 +2170,29 @@ const expirationCountdownForGithubOAuth = (expirationInSeconds) => {
  */
 const onVerification = async (verification) => {
     // Copy code to clipboard.
-    clipboard.writeSync(verification.user_code);
-    clipboard.readSync();
+    let noClipboard = false;
+    try {
+        clipboard.writeSync(verification.user_code);
+        clipboard.readSync();
+    }
+    catch (error) {
+        noClipboard = true;
+    }
     // Display data.
-    console.log(`${theme.symbols.warning} Visit ${theme.text.bold(theme.text.underlined(verification.verification_uri))} on this device to generate a new token and authenticate`);
-    console.log(`${theme.symbols.info} Your auth code: ${theme.text.bold(verification.user_code)} (${theme.emojis.clipboard} ${theme.symbols.success})\n`);
+    console.log(`${theme.symbols.warning} Visit ${theme.text.bold(theme.text.underlined(verification.verification_uri))} on this device to generate a new token and authenticate\n`);
+    console.log(theme.colors.magenta(figlet.textSync("Code is Below", { font: "ANSI Shadow" })), "\n");
+    const message = !noClipboard ? `has been copied to your clipboard (${theme.emojis.clipboard})` : ``;
+    console.log(`${theme.symbols.info} Your auth code: ${theme.text.bold(verification.user_code)} ${message} ${theme.symbols.success}\n`);
     const spinner = customSpinner(`Redirecting to Github...`, `clock`);
     spinner.start();
     await sleep(10000); // ~10s to make users able to read the CLI.
-    // Automatically open the page (# Step 2).
-    await open(verification.verification_uri);
+    try {
+        // Automatically open the page (# Step 2).
+        await open(verification.verification_uri);
+    }
+    catch (error) {
+        console.log(`${theme.symbols.info} Please authenticate via GitHub at ${verification.verification_uri}`);
+    }
     spinner.stop();
     // Countdown for time expiration.
     expirationCountdownForGithubOAuth(verification.expires_in);
@@ -2190,6 +2263,100 @@ const auth = async () => {
     terminate(providerUserId);
 };
 
+const { BANDADA_API_URL } = process.env;
+const bandadaApi = new ApiSdk(BANDADA_API_URL);
+const addMemberToGroup = async (groupId, dashboardUrl, identity) => {
+    const commitment = identity.commitment.toString();
+    const group = await bandadaApi.getGroup(groupId);
+    const providerName = group.credentials.id.split("_")[0].toLowerCase();
+    // 6. open a new window with the url:
+    const url = `${dashboardUrl}credentials?group=${groupId}&member=${commitment}&provider=${providerName}`;
+    console.log(`${theme.text.bold(`Verification URL:`)} ${theme.text.underlined(url)}`);
+    open(url);
+    const { confirmation } = await askForConfirmation("Did you join the Bandada group in the browser?");
+    if (!confirmation)
+        showError("You must join the Bandada group to continue the login process", true);
+};
+const isGroupMember = async (groupId, identity) => {
+    const commitment = identity.commitment.toString();
+    const isMember = await bandadaApi.isGroupMember(groupId, commitment);
+    return isMember;
+};
+
+const { BANDADA_DASHBOARD_URL, BANDADA_GROUP_ID } = process.env;
+const authBandada = async () => {
+    try {
+        const { firebaseFunctions } = await bootstrapCommandExecutionAndServices();
+        const spinner = customSpinner(`Checking identity string for Semaphore...`, `clock`);
+        spinner.start();
+        // 1. check if _identity string exists in local storage
+        let identityString;
+        const isIdentityStringStored = checkLocalBandadaIdentity();
+        if (isIdentityStringStored) {
+            identityString = getLocalBandadaIdentity();
+            spinner.succeed(`Identity seed found\n`);
+        }
+        else {
+            spinner.warn(`Identity seed not found\n`);
+            // 2. generate a random _identity string and save it in local storage
+            const { seed } = await prompts({
+                type: "text",
+                name: "seed",
+                message: theme.text.bold(`Enter a secret string to use as your identity seed in Semaphore:`),
+                initial: false
+            });
+            identityString = seed;
+            setLocalBandadaIdentity(identityString);
+        }
+        // 3. create a semaphore identity with _identity string as a seed
+        const identity = new Identity(identityString);
+        // 4. check if the user is a member of the group
+        console.log(`Checking Bandada membership...`);
+        const isMember = await isGroupMember(BANDADA_GROUP_ID, identity);
+        if (!isMember) {
+            await addMemberToGroup(BANDADA_GROUP_ID, BANDADA_DASHBOARD_URL, identity);
+        }
+        // 5. generate a proof that the user owns the commitment.
+        spinner.text = `Generating proof of identity...`;
+        spinner.start();
+        // publicSignals = [hash(externalNullifier, identityNullifier), commitment]
+        const { proof, publicSignals } = await groth16.fullProve({
+            identityTrapdoor: identity.trapdoor,
+            identityNullifier: identity.nullifier,
+            externalNullifier: BANDADA_GROUP_ID
+        }, `${dirname(fileURLToPath(import.meta.url))}/public/mini-semaphore.wasm`, `${dirname(fileURLToPath(import.meta.url))}/public/mini-semaphore.zkey`);
+        spinner.succeed(`Proof generated.\n`);
+        spinner.text = `Sending proof to verification...`;
+        spinner.start();
+        // 6. send proof to a cloud function that verifies it and checks membership
+        const cf = httpsCallable(firebaseFunctions, commonTerms.cloudFunctionsNames.bandadaValidateProof);
+        const result = await cf({
+            proof,
+            publicSignals
+        });
+        const { valid, token, message } = result.data;
+        if (!valid) {
+            showError(message, true);
+        }
+        spinner.succeed(`Proof verified.\n`);
+        spinner.text = `Authenticating...`;
+        spinner.start();
+        // 7. Auth to p0tion firebase
+        const userCredentials = await signInWithCustomToken(getAuth(), token);
+        setLocalAccessToken(token);
+        spinner.succeed(`Authenticated as ${theme.text.bold(userCredentials.user.uid)}.`);
+        console.log(`\n${theme.symbols.warning} You can always log out by running the ${theme.text.bold(`phase2cli logout`)} command`);
+    }
+    catch (error) {
+        // Delete local token.
+        console.log("An error crashed the process. Deleting local token and identity.");
+        console.error(error);
+        deleteLocalAccessToken();
+        deleteLocalBandadaIdentity();
+    }
+    process.exit(0);
+};
+
 /**
  * Return the verification result for latest contribution.
  * @param firestoreDatabase <Firestore> - the Firestore service instance associated to the current Firebase application.
@@ -2381,8 +2548,12 @@ const handlePublicAttestation = async (firestoreDatabase, circuits, ceremonyId,
     // Write public attestation locally.
     writeFile(getAttestationLocalFilePath(`${ceremonyPrefix}_${commonTerms.foldersAndPathsTerms.attestation}.log`), Buffer.from(publicAttestation));
     await sleep(1000); // workaround for file descriptor unexpected close.
-    const gistUrl = await publishGist(participantAccessToken, publicAttestation, ceremonyName, ceremonyPrefix);
-    console.log(`\n${theme.symbols.info} Your public attestation has been successfully posted as Github Gist (${theme.text.bold(theme.text.underlined(gistUrl))})`);
+    let gistUrl = "";
+    const isBandada = checkLocalBandadaIdentity();
+    if (!isBandada) {
+        gistUrl = await publishGist(participantAccessToken, publicAttestation, ceremonyName, ceremonyPrefix);
+        console.log(`\n${theme.symbols.info} Your public attestation has been successfully posted as Github Gist (${theme.text.bold(theme.text.underlined(gistUrl))})`);
+    }
     // Prepare a ready-to-share tweet.
     await handleTweetGeneration(ceremonyName, gistUrl);
 };
@@ -2407,7 +2578,6 @@ const listenToCeremonyCircuitDocumentChanges = (firestoreDatabase, ceremonyId, p
         const { avgTimings, waitingQueue } = changedCircuit.data();
         const { fullContribution, verifyCloudFunction } = avgTimings;
         const { currentContributor } = waitingQueue;
-        // Get circuit current contributor participant document.
         const circuitCurrentContributor = await getDocumentById(firestoreDatabase, getParticipantsCollectionPath(ceremonyId), currentContributor);
         // Check data.
         if (!circuitCurrentContributor.data())
@@ -2566,8 +2736,8 @@ const listenToParticipantDocumentChanges = async (firestoreDatabase, cloudFuncti
                 // Communicate resume / start of the contribution to participant.
                 await simpleLoader(`${changedContributionStep === "DOWNLOADING" /* ParticipantContributionStep.DOWNLOADING */ ? `Starting` : `Resuming`} your contribution...`, `clock`, 3000);
                 // Start / Resume the contribution for the participant.
-                await handleStartOrResumeContribution(cloudFunctions, firestoreDatabase, ceremony, circuit, participant, entropy, providerUserId, false // not finalizing.
-                );
+                await handleStartOrResumeContribution(cloudFunctions, firestoreDatabase, ceremony, circuit, participant, entropy, providerUserId, false, // not finalizing.
+                circuits.length);
             }
             // Scenario (3.A).
             else if (isWaitingForContribution)
@@ -2616,7 +2786,9 @@ const listenToParticipantDocumentChanges = async (firestoreDatabase, cloudFuncti
                     // Get latest contribution verification result.
                     await getLatestVerificationResult(firestoreDatabase, ceremony.id, circuit.id, participant.id);
                 // Get next circuit for contribution.
-                const nextCircuit = getCircuitBySequencePosition(circuits, changedContributionProgress + 1);
+                const nextCircuit = timeoutExpired
+                    ? getCircuitBySequencePosition(circuits, changedContributionProgress)
+                    : getCircuitBySequencePosition(circuits, changedContributionProgress + 1);
                 // Check disk space requirements for participant.
                 const wannaGenerateAttestation = await handleDiskSpaceRequirementForNextContribution(cloudFunctions, ceremony.id, nextCircuit.data.sequencePosition, nextCircuit.data.zKeySizeInBytes, timeoutExpired, providerUserId);
                 // Check if the participant would like to generate a new attestation.
@@ -2654,11 +2826,12 @@ const listenToParticipantDocumentChanges = async (firestoreDatabase, cloudFuncti
  */
 const contribute = async (opt) => {
     const { firebaseApp, firebaseFunctions, firestoreDatabase } = await bootstrapCommandExecutionAndServices();
-    // Check for authentication.
-    const { user, providerUserId, token } = await checkAuth(firebaseApp);
     // Get options.
     const ceremonyOpt = opt.ceremony;
     const entropyOpt = opt.entropy;
+    const { auth } = opt;
+    // Check for authentication.
+    const { user, providerUserId, token } = auth ? await authWithToken(firebaseApp, auth) : await checkAuth(firebaseApp);
     // Prepare data.
     let selectedCeremony;
     // Retrieve the opened ceremonies.
@@ -2694,7 +2867,7 @@ const contribute = async (opt) => {
     const userDoc = await getDocumentById(firestoreDatabase, commonTerms.collections.users.name, user.uid);
     const userData = userDoc.data();
     if (!userData) {
-        spinner.fail(`Unfortunately we could not find a user document with your information. This likely means that you did not pass the GitHub reputation checks and therefore are not elegible to contribute to any ceremony. Please contact the coordinator if you believe this to be an error.`);
+        spinner.fail(`Unfortunately we could not find a user document with your information. This likely means that you did not pass the GitHub reputation checks and therefore are not eligible to contribute to any ceremony. If you believe you pass the requirements, it might be possible that your profile is private and we were not able to fetch your real statistics, in this case please consider making your profile public for the duration of the contribution. Please contact the coordinator if you believe this to be an error.`);
         process.exit(0);
     }
     // Check the user's current participant readiness for contribution status (eligible, already contributed, timed out).
@@ -2845,7 +3018,7 @@ const observe = async () => {
         // Preserve command execution only for coordinators].
         if (!(await isCoordinator(user)))
             showError(COMMAND_ERRORS.COMMAND_NOT_COORDINATOR, true);
-        // Get running cerimonies info (if any).
+        // Get running ceremonies info (if any).
         const runningCeremoniesDocs = await getOpenedCeremonies(firestoreDatabase);
         // Ask to select a ceremony.
         const ceremony = await promptForCeremonySelection(runningCeremoniesDocs, false);
@@ -2894,7 +3067,7 @@ const handleVerificationKey = async (cloudFunctions, bucketName, finalZkeyLocalF
     spinner.text = "Writing verification key...";
     // Write the verification key locally.
     writeLocalJsonFile(verificationKeyLocalFilePath, vKey);
-    await sleep(3000); // workaound for file descriptor.
+    await sleep(3000); // workaround for file descriptor.
     // Upload verification key to storage.
     await multiPartUpload(cloudFunctions, bucketName, verificationKeyStorageFilePath, verificationKeyLocalFilePath, Number(process.env.CONFIG_STREAM_CHUNK_SIZE_IN_MB));
     spinner.succeed(`Verification key correctly saved on storage`);
@@ -2914,13 +3087,13 @@ const handleVerifierSmartContract = async (cloudFunctions, bucketName, finalZkey
     const packagePath = `${dirname(fileURLToPath(import.meta.url))}`;
     const verifierPath = packagePath.includes(`src/commands`)
         ? `${dirname(fileURLToPath(import.meta.url))}/../../../../node_modules/snarkjs/templates/verifier_groth16.sol.ejs`
-        : `${dirname(fileURLToPath(import.meta.url))}/../../../node_modules/snarkjs/templates/verifier_groth16.sol.ejs`;
+        : `${dirname(fileURLToPath(import.meta.url))}/../node_modules/snarkjs/templates/verifier_groth16.sol.ejs`;
     // Export the Solidity verifier smart contract.
     const verifierCode = await exportVerifierContract(finalZkeyLocalFilePath, verifierPath);
     spinner.text = `Writing verifier smart contract...`;
     // Write the verification key locally.
     writeFile(verifierContractLocalFilePath, verifierCode);
-    await sleep(3000); // workaound for file descriptor.
+    await sleep(3000); // workaround for file descriptor.
     // Upload verifier smart contract to storage.
     await multiPartUpload(cloudFunctions, bucketName, verifierContractStorageFilePath, verifierContractLocalFilePath, Number(process.env.CONFIG_STREAM_CHUNK_SIZE_IN_MB));
     spinner.succeed(`Verifier smart contract correctly saved on storage`);
@@ -2941,11 +3114,12 @@ const handleVerifierSmartContract = async (cloudFunctions, bucketName, finalZkey
  * @param participant <FirebaseDocumentInfo> - the Firestore document of the participant (coordinator).
  * @param beacon <string> - the value used to compute the final contribution while finalizing the ceremony.
  * @param coordinatorIdentifier <string> - the identifier of the coordinator.
+ * @param circuitsLength <number> - the number of circuits in the ceremony.
  */
-const handleCircuitFinalization = async (cloudFunctions, firestoreDatabase, ceremony, circuit, participant, beacon, coordinatorIdentifier) => {
+const handleCircuitFinalization = async (cloudFunctions, firestoreDatabase, ceremony, circuit, participant, beacon, coordinatorIdentifier, circuitsLength) => {
     // Step (1).
-    await handleStartOrResumeContribution(cloudFunctions, firestoreDatabase, ceremony, circuit, participant, computeSHA256ToHex(beacon), coordinatorIdentifier, true);
-    await sleep(2000); // workaound for descriptors.
+    await handleStartOrResumeContribution(cloudFunctions, firestoreDatabase, ceremony, circuit, participant, computeSHA256ToHex(beacon), coordinatorIdentifier, true, circuitsLength);
+    await sleep(2000); // workaround for descriptors.
     // Extract data.
     const { prefix: circuitPrefix } = circuit.data;
     const { prefix: ceremonyPrefix } = ceremony.data;
@@ -2979,10 +3153,11 @@ const handleCircuitFinalization = async (cloudFunctions, firestoreDatabase, cere
  * @dev For proper execution, the command requires the coordinator to be authenticated with a GitHub account (run auth command first) in order to
  * handle sybil-resistance and connect to GitHub APIs to publish the gist containing the final public attestation.
  */
-const finalize = async () => {
+const finalize = async (opt) => {
     const { firebaseApp, firebaseFunctions, firestoreDatabase } = await bootstrapCommandExecutionAndServices();
     // Check for authentication.
-    const { user, providerUserId, token: coordinatorAccessToken } = await checkAuth(firebaseApp);
+    const { auth } = opt;
+    const { user, providerUserId, token: coordinatorAccessToken } = auth ? await authWithToken(firebaseApp, auth) : await checkAuth(firebaseApp);
     // Preserve command execution only for coordinators.
     if (!(await isCoordinator(user)))
         showError(COMMAND_ERRORS.COMMAND_NOT_COORDINATOR, true);
@@ -3017,7 +3192,7 @@ const finalize = async () => {
     const circuits = await getCeremonyCircuits(firestoreDatabase, selectedCeremony.id);
     // Handle finalization for each ceremony circuit.
     for await (const circuit of circuits)
-        await handleCircuitFinalization(firebaseFunctions, firestoreDatabase, selectedCeremony, circuit, participant, beacon, providerUserId);
+        await handleCircuitFinalization(firebaseFunctions, firestoreDatabase, selectedCeremony, circuit, participant, beacon, providerUserId, circuits.length);
     process.stdout.write(`\n`);
     const spinner = customSpinner(`Wrapping up the finalization of the ceremony...`, "clock");
     spinner.start();
@@ -3032,7 +3207,7 @@ const finalize = async () => {
     // Generate attestation with final contributions.
     const publicAttestation = await generateValidContributionsAttestation(firestoreDatabase, circuits, selectedCeremony.id, participant.id, contributions, providerUserId, ceremonyName, true);
     // Write public attestation locally.
-    writeFile(getAttestationLocalFilePath(`${prefix}_${finalContributionIndex}_${commonTerms.foldersAndPathsTerms.attestation}.log`), Buffer.from(publicAttestation));
+    writeFile(getFinalAttestationLocalFilePath(`${prefix}_${finalContributionIndex}_${commonTerms.foldersAndPathsTerms.attestation}.log`), Buffer.from(publicAttestation));
     await sleep(3000); // workaround for file descriptor unexpected close.
     const gistUrl = await publishGist(coordinatorAccessToken, publicAttestation, ceremonyName, prefix);
     console.log(`\n${theme.symbols.info} Your public final attestation has been successfully posted as Github Gist (${theme.text.bold(theme.text.underlined(gistUrl))})`);
@@ -3094,6 +3269,7 @@ const logout = async () => {
             await signOut(auth);
             // Delete local token.
             deleteLocalAccessToken();
+            deleteLocalBandadaIdentity();
             await sleep(3000); // ~3s.
             spinner.stop();
             console.log(`${theme.symbols.success} Logout successfully completed`);
@@ -3155,6 +3331,37 @@ const listCeremonies = async () => {
     }
 };
 
+const listParticipants = async () => {
+    try {
+        const { firestoreDatabase } = await bootstrapCommandExecutionAndServices();
+        const allCeremonies = await getAllCeremonies(firestoreDatabase);
+        const selectedCeremony = await promptForCeremonySelection(allCeremonies, true);
+        const docRef = doc(firestoreDatabase, commonTerms.collections.ceremonies.name, selectedCeremony.id);
+        const participantsRef = collection(docRef, "participants");
+        const participantsSnapshot = await getDocs(participantsRef);
+        const participants = participantsSnapshot.docs.map((participantDoc) => participantDoc.data().userId);
+        console.log(participants);
+        /* const usersRef = collection(firestoreDatabase, "users")
+        const usersSnapshot = await getDocs(usersRef)
+        const users = usersSnapshot.docs.map((userDoc) => userDoc.data())
+        console.log(users) */
+    }
+    catch (err) {
+        showError(`Something went wrong: ${err.toString()}`, true);
+    }
+    process.exit(0);
+};
+
+const setCeremonyCommands = (program) => {
+    const ceremony = program.command("ceremony").description("manage ceremonies");
+    ceremony
+        .command("participants")
+        .description("retrieve participants list of a ceremony")
+        .requiredOption("-c, --ceremony <string>", "the prefix of the ceremony you want to retrieve information about", "")
+        .action(listParticipants);
+    return ceremony;
+};
+
 // Get pkg info (e.g., name, version).
 const packagePath = `${dirname(fileURLToPath(import.meta.url))}/..`;
 const { description, version, name } = JSON.parse(readFileSync(`${packagePath}/package.json`, "utf8"));
@@ -3163,44 +3370,48 @@ const program = createCommand();
 program.name(name).description(description).version(version);
 // User commands.
 program.command("auth").description("authenticate yourself using your Github account (OAuth 2.0)").action(auth);
+program
+    .command("auth-bandada")
+    .description("authenticate yourself in a privacy-perserving manner using Bandada")
+    .action(authBandada);
 program
     .command("contribute")
     .description("compute contributions for a Phase2 Trusted Setup ceremony circuits")
     .option("-c, --ceremony <string>", "the prefix of the ceremony you want to contribute for", "")
     .option("-e, --entropy <string>", "the entropy (aka toxic waste) of your contribution", "")
+    .option("-a, --auth <string>", "the Github OAuth 2.0 token", "")
     .action(contribute);
 program
     .command("clean")
     .description("clean up output generated by commands from the current working directory")
     .action(clean);
-program
-    .command("list")
-    .description("List all ceremonies prefixes")
-    .action(listCeremonies);
+program.command("list").description("List all ceremonies prefixes").action(listCeremonies);
 program
     .command("logout")
     .description("sign out from Firebae Auth service and delete Github OAuth 2.0 token from local storage")
     .action(logout);
 program
     .command("validate")
-    .description("Validate that a Ceremony Setup file is correct")
+    .description("validate that a Ceremony Setup file is correct")
     .requiredOption("-t, --template <path>", "The path to the ceremony setup template", "")
     .option("-c, --constraints <number>", "The number of constraints to check against")
     .action(validate);
 // Only coordinator commands.
-const ceremony = program.command("coordinate").description("commands for coordinating a ceremony");
-ceremony
+const coordinate = program.command("coordinate").description("commands for coordinating a ceremony");
+coordinate
     .command("setup")
     .description("setup a Groth16 Phase 2 Trusted Setup ceremony for zk-SNARK circuits")
-    .option('-t, --template <path>', 'The path to the ceremony setup template', '')
-    .option('-a, --auth <string>', 'The Github OAuth 2.0 token', '')
+    .option("-t, --template <path>", "The path to the ceremony setup template", "")
+    .option("-a, --auth <string>", "The Github OAuth 2.0 token", "")
     .action(setup);
-ceremony
+coordinate
     .command("observe")
     .description("observe in real-time the waiting queue of each ceremony circuit")
     .action(observe);
-ceremony
+coordinate
     .command("finalize")
     .description("finalize a Phase2 Trusted Setup ceremony by applying a beacon, exporting verification key and verifier contract")
+    .option("-a, --auth <string>", "the Github OAuth 2.0 token", "")
     .action(finalize);
+setCeremonyCommands(program);
 program.parseAsync(process.argv);