@reclaimprotocol/attestor-core 5.0.1-beta.9 → 5.0.2-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/browser/resources/attestor-browser.min.mjs +4513 -0
- package/lib/client/tunnels/make-rpc-tls-tunnel.d.ts +1 -1
- package/lib/external-rpc/index.js +10397 -3
- package/lib/index.js +8325 -10
- package/lib/server/utils/generics.d.ts +1 -1
- package/lib/server/utils/proxy-session.d.ts +1 -1
- package/lib/types/general.d.ts +0 -1
- package/lib/types/providers.d.ts +3 -2
- package/lib/types/signatures.d.ts +1 -2
- package/lib/utils/generics.d.ts +1 -6
- package/lib/utils/index.d.ts +0 -1
- package/package.json +9 -11
- package/lib/avs/abis/avsDirectoryABI.js +0 -343
- package/lib/avs/abis/delegationABI.js +0 -4
- package/lib/avs/abis/registryABI.js +0 -728
- package/lib/avs/client/create-claim-on-avs.js +0 -168
- package/lib/avs/config.js +0 -26
- package/lib/avs/contracts/ReclaimServiceManager.js +0 -0
- package/lib/avs/contracts/common.js +0 -0
- package/lib/avs/contracts/factories/ReclaimServiceManager__factory.js +0 -1183
- package/lib/avs/contracts/factories/index.js +0 -4
- package/lib/avs/contracts/index.js +0 -6
- package/lib/avs/types/index.js +0 -0
- package/lib/avs/utils/contracts.js +0 -53
- package/lib/avs/utils/register.js +0 -74
- package/lib/avs/utils/tasks.js +0 -48
- package/lib/browser/avs/abis/avsDirectoryABI.d.ts +0 -60
- package/lib/browser/avs/abis/avsDirectoryABI.js +0 -343
- package/lib/browser/avs/abis/delegationABI.d.ts +0 -126
- package/lib/browser/avs/abis/delegationABI.js +0 -4
- package/lib/browser/avs/abis/registryABI.d.ts +0 -136
- package/lib/browser/avs/abis/registryABI.js +0 -728
- package/lib/browser/avs/client/create-claim-on-avs.d.ts +0 -12
- package/lib/browser/avs/client/create-claim-on-avs.js +0 -168
- package/lib/browser/avs/config.d.ts +0 -7
- package/lib/browser/avs/config.js +0 -26
- package/lib/browser/avs/contracts/ReclaimServiceManager.d.ts +0 -601
- package/lib/browser/avs/contracts/ReclaimServiceManager.js +0 -0
- package/lib/browser/avs/contracts/common.d.ts +0 -50
- package/lib/browser/avs/contracts/common.js +0 -0
- package/lib/browser/avs/contracts/factories/ReclaimServiceManager__factory.d.ts +0 -890
- package/lib/browser/avs/contracts/factories/ReclaimServiceManager__factory.js +0 -1183
- package/lib/browser/avs/contracts/factories/index.d.ts +0 -1
- package/lib/browser/avs/contracts/factories/index.js +0 -4
- package/lib/browser/avs/contracts/index.d.ts +0 -3
- package/lib/browser/avs/contracts/index.js +0 -6
- package/lib/browser/avs/types/index.d.ts +0 -55
- package/lib/browser/avs/types/index.js +0 -0
- package/lib/browser/avs/utils/contracts.d.ts +0 -21
- package/lib/browser/avs/utils/contracts.js +0 -53
- package/lib/browser/avs/utils/register.d.ts +0 -27
- package/lib/browser/avs/utils/register.js +0 -74
- package/lib/browser/avs/utils/tasks.d.ts +0 -22
- package/lib/browser/avs/utils/tasks.js +0 -48
- package/lib/browser/client/create-claim.d.ts +0 -5
- package/lib/browser/client/create-claim.js +0 -461
- package/lib/browser/client/index.d.ts +0 -3
- package/lib/browser/client/index.js +0 -3
- package/lib/browser/client/tunnels/make-rpc-tcp-tunnel.d.ts +0 -16
- package/lib/browser/client/tunnels/make-rpc-tcp-tunnel.js +0 -53
- package/lib/browser/client/tunnels/make-rpc-tls-tunnel.d.ts +0 -26
- package/lib/browser/client/tunnels/make-rpc-tls-tunnel.js +0 -127
- package/lib/browser/client/utils/attestor-pool.d.ts +0 -8
- package/lib/browser/client/utils/attestor-pool.js +0 -24
- package/lib/browser/client/utils/client-socket.d.ts +0 -11
- package/lib/browser/client/utils/client-socket.js +0 -120
- package/lib/browser/client/utils/message-handler.d.ts +0 -4
- package/lib/browser/client/utils/message-handler.js +0 -97
- package/lib/browser/config/index.d.ts +0 -31
- package/lib/browser/config/index.js +0 -62
- package/lib/browser/external-rpc/benchmark.d.ts +0 -1
- package/lib/browser/external-rpc/benchmark.js +0 -82
- package/lib/browser/external-rpc/event-bus.d.ts +0 -7
- package/lib/browser/external-rpc/event-bus.js +0 -17
- package/lib/browser/external-rpc/global.d.js +0 -0
- package/lib/browser/external-rpc/handle-incoming-msg.d.ts +0 -2
- package/lib/browser/external-rpc/handle-incoming-msg.js +0 -241
- package/lib/browser/external-rpc/index.d.ts +0 -3
- package/lib/browser/external-rpc/index.js +0 -3
- package/lib/browser/external-rpc/jsc-polyfills/1.d.ts +0 -14
- package/lib/browser/external-rpc/jsc-polyfills/1.js +0 -80
- package/lib/browser/external-rpc/jsc-polyfills/2.d.ts +0 -1
- package/lib/browser/external-rpc/jsc-polyfills/2.js +0 -15
- package/lib/browser/external-rpc/jsc-polyfills/event.d.ts +0 -10
- package/lib/browser/external-rpc/jsc-polyfills/event.js +0 -19
- package/lib/browser/external-rpc/jsc-polyfills/index.d.ts +0 -2
- package/lib/browser/external-rpc/jsc-polyfills/index.js +0 -2
- package/lib/browser/external-rpc/jsc-polyfills/ws.d.ts +0 -21
- package/lib/browser/external-rpc/jsc-polyfills/ws.js +0 -83
- package/lib/browser/external-rpc/setup-browser.d.ts +0 -6
- package/lib/browser/external-rpc/setup-browser.js +0 -33
- package/lib/browser/external-rpc/setup-jsc.d.ts +0 -24
- package/lib/browser/external-rpc/setup-jsc.js +0 -22
- package/lib/browser/external-rpc/types.d.ts +0 -213
- package/lib/browser/external-rpc/types.js +0 -0
- package/lib/browser/external-rpc/utils.d.ts +0 -20
- package/lib/browser/external-rpc/utils.js +0 -100
- package/lib/browser/external-rpc/zk.d.ts +0 -14
- package/lib/browser/external-rpc/zk.js +0 -58
- package/lib/browser/index.browser.js +0 -13
- package/lib/browser/index.d.ts +0 -9
- package/lib/browser/index.js +0 -13
- package/lib/browser/mechain/abis/governanceABI.d.ts +0 -50
- package/lib/browser/mechain/abis/governanceABI.js +0 -461
- package/lib/browser/mechain/abis/taskABI.d.ts +0 -157
- package/lib/browser/mechain/abis/taskABI.js +0 -512
- package/lib/browser/mechain/client/create-claim-on-mechain.d.ts +0 -10
- package/lib/browser/mechain/client/create-claim-on-mechain.js +0 -33
- package/lib/browser/mechain/client/index.d.ts +0 -1
- package/lib/browser/mechain/client/index.js +0 -1
- package/lib/browser/mechain/constants/index.d.ts +0 -3
- package/lib/browser/mechain/constants/index.js +0 -8
- package/lib/browser/mechain/index.d.ts +0 -2
- package/lib/browser/mechain/index.js +0 -2
- package/lib/browser/mechain/types/index.d.ts +0 -23
- package/lib/browser/mechain/types/index.js +0 -0
- package/lib/browser/proto/api.d.ts +0 -651
- package/lib/browser/proto/api.js +0 -4250
- package/lib/browser/proto/tee-bundle.d.ts +0 -156
- package/lib/browser/proto/tee-bundle.js +0 -1296
- package/lib/browser/providers/http/index.d.ts +0 -18
- package/lib/browser/providers/http/index.js +0 -640
- package/lib/browser/providers/http/patch-parse5-tree.d.ts +0 -6
- package/lib/browser/providers/http/patch-parse5-tree.js +0 -34
- package/lib/browser/providers/http/utils.d.ts +0 -77
- package/lib/browser/providers/http/utils.js +0 -283
- package/lib/browser/providers/index.d.ts +0 -4
- package/lib/browser/providers/index.js +0 -7
- package/lib/browser/types/bgp.d.ts +0 -11
- package/lib/browser/types/bgp.js +0 -0
- package/lib/browser/types/claims.d.ts +0 -70
- package/lib/browser/types/claims.js +0 -0
- package/lib/browser/types/client.d.ts +0 -163
- package/lib/browser/types/client.js +0 -0
- package/lib/browser/types/general.d.ts +0 -77
- package/lib/browser/types/general.js +0 -0
- package/lib/browser/types/handlers.d.ts +0 -10
- package/lib/browser/types/handlers.js +0 -0
- package/lib/browser/types/index.d.ts +0 -10
- package/lib/browser/types/index.js +0 -10
- package/lib/browser/types/providers.d.ts +0 -161
- package/lib/browser/types/providers.gen.d.ts +0 -443
- package/lib/browser/types/providers.gen.js +0 -16
- package/lib/browser/types/providers.js +0 -0
- package/lib/browser/types/rpc.d.ts +0 -35
- package/lib/browser/types/rpc.js +0 -0
- package/lib/browser/types/signatures.d.ts +0 -28
- package/lib/browser/types/signatures.js +0 -0
- package/lib/browser/types/tunnel.d.ts +0 -18
- package/lib/browser/types/tunnel.js +0 -0
- package/lib/browser/types/zk.d.ts +0 -38
- package/lib/browser/types/zk.js +0 -0
- package/lib/browser/utils/auth.d.ts +0 -8
- package/lib/browser/utils/auth.js +0 -71
- package/lib/browser/utils/b64-json.d.ts +0 -2
- package/lib/browser/utils/b64-json.js +0 -17
- package/lib/browser/utils/claims.d.ts +0 -33
- package/lib/browser/utils/claims.js +0 -89
- package/lib/browser/utils/env.d.ts +0 -3
- package/lib/browser/utils/env.js +0 -19
- package/lib/browser/utils/error.d.ts +0 -26
- package/lib/browser/utils/error.js +0 -54
- package/lib/browser/utils/generics.d.ts +0 -119
- package/lib/browser/utils/generics.js +0 -272
- package/lib/browser/utils/http-parser.d.ts +0 -59
- package/lib/browser/utils/http-parser.js +0 -201
- package/lib/browser/utils/index.browser.js +0 -13
- package/lib/browser/utils/index.d.ts +0 -13
- package/lib/browser/utils/index.js +0 -13
- package/lib/browser/utils/logger.browser.js +0 -88
- package/lib/browser/utils/logger.d.ts +0 -14
- package/lib/browser/utils/logger.js +0 -88
- package/lib/browser/utils/prepare-packets.d.ts +0 -16
- package/lib/browser/utils/prepare-packets.js +0 -69
- package/lib/browser/utils/redactions.d.ts +0 -73
- package/lib/browser/utils/redactions.js +0 -135
- package/lib/browser/utils/retries.d.ts +0 -12
- package/lib/browser/utils/retries.js +0 -26
- package/lib/browser/utils/signatures/eth.d.ts +0 -2
- package/lib/browser/utils/signatures/eth.js +0 -31
- package/lib/browser/utils/signatures/index.d.ts +0 -5
- package/lib/browser/utils/signatures/index.js +0 -12
- package/lib/browser/utils/socket-base.d.ts +0 -23
- package/lib/browser/utils/socket-base.js +0 -96
- package/lib/browser/utils/tls-imports.d.ts +0 -21
- package/lib/browser/utils/tls-imports.js +0 -71
- package/lib/browser/utils/tls.d.ts +0 -2
- package/lib/browser/utils/tls.js +0 -58
- package/lib/browser/utils/ws.d.ts +0 -7
- package/lib/browser/utils/ws.js +0 -22
- package/lib/browser/utils/zk.d.ts +0 -71
- package/lib/browser/utils/zk.js +0 -625
- package/lib/client/create-claim.js +0 -461
- package/lib/client/index.js +0 -3
- package/lib/client/tunnels/make-rpc-tcp-tunnel.js +0 -53
- package/lib/client/tunnels/make-rpc-tls-tunnel.js +0 -127
- package/lib/client/utils/attestor-pool.js +0 -24
- package/lib/client/utils/client-socket.js +0 -120
- package/lib/client/utils/message-handler.js +0 -97
- package/lib/config/index.js +0 -62
- package/lib/external-rpc/benchmark.js +0 -82
- package/lib/external-rpc/event-bus.js +0 -17
- package/lib/external-rpc/global.d.js +0 -0
- package/lib/external-rpc/handle-incoming-msg.js +0 -241
- package/lib/external-rpc/jsc-polyfills/1.js +0 -80
- package/lib/external-rpc/jsc-polyfills/2.js +0 -15
- package/lib/external-rpc/jsc-polyfills/event.js +0 -19
- package/lib/external-rpc/jsc-polyfills/index.js +0 -2
- package/lib/external-rpc/jsc-polyfills/ws.js +0 -83
- package/lib/external-rpc/setup-browser.js +0 -33
- package/lib/external-rpc/setup-jsc.js +0 -22
- package/lib/external-rpc/types.js +0 -0
- package/lib/external-rpc/utils.js +0 -100
- package/lib/external-rpc/zk.js +0 -58
- package/lib/index.browser.d.ts +0 -9
- package/lib/mechain/abis/governanceABI.js +0 -461
- package/lib/mechain/abis/taskABI.js +0 -512
- package/lib/mechain/client/create-claim-on-mechain.js +0 -33
- package/lib/mechain/client/index.js +0 -1
- package/lib/mechain/constants/index.js +0 -8
- package/lib/mechain/index.js +0 -2
- package/lib/mechain/types/index.js +0 -0
- package/lib/proto/api.js +0 -4250
- package/lib/proto/tee-bundle.js +0 -1296
- package/lib/providers/http/index.js +0 -640
- package/lib/providers/http/patch-parse5-tree.js +0 -34
- package/lib/providers/http/utils.js +0 -283
- package/lib/providers/index.js +0 -7
- package/lib/scripts/check-avs-registration.js +0 -28
- package/lib/scripts/fallbacks/crypto.js +0 -4
- package/lib/scripts/fallbacks/empty.js +0 -4
- package/lib/scripts/fallbacks/re2.js +0 -7
- package/lib/scripts/fallbacks/snarkjs.js +0 -10
- package/lib/scripts/fallbacks/stwo.js +0 -159
- package/lib/scripts/generate-provider-types.js +0 -101
- package/lib/scripts/generate-receipt.js +0 -101
- package/lib/scripts/generate-toprf-keys.js +0 -24
- package/lib/scripts/jsc-cli-rpc.js +0 -35
- package/lib/scripts/register-avs-operator.js +0 -3
- package/lib/scripts/start-server.js +0 -11
- package/lib/scripts/update-avs-metadata.js +0 -20
- package/lib/scripts/utils.js +0 -10
- package/lib/scripts/whitelist-operator.js +0 -16
- package/lib/server/create-server.js +0 -105
- package/lib/server/handlers/claimTeeBundle.js +0 -232
- package/lib/server/handlers/claimTunnel.js +0 -80
- package/lib/server/handlers/completeClaimOnChain.js +0 -29
- package/lib/server/handlers/createClaimOnChain.js +0 -32
- package/lib/server/handlers/createTaskOnMechain.js +0 -57
- package/lib/server/handlers/createTunnel.js +0 -98
- package/lib/server/handlers/disconnectTunnel.js +0 -8
- package/lib/server/handlers/fetchCertificateBytes.js +0 -57
- package/lib/server/handlers/index.js +0 -25
- package/lib/server/handlers/init.js +0 -33
- package/lib/server/handlers/toprf.js +0 -19
- package/lib/server/index.js +0 -4
- package/lib/server/socket.js +0 -112
- package/lib/server/tunnels/make-tcp-tunnel.js +0 -202
- package/lib/server/utils/apm.js +0 -29
- package/lib/server/utils/assert-valid-claim-request.js +0 -354
- package/lib/server/utils/config-env.js +0 -4
- package/lib/server/utils/dns.js +0 -24
- package/lib/server/utils/gcp-attestation.js +0 -237
- package/lib/server/utils/generics.js +0 -45
- package/lib/server/utils/iso.js +0 -259
- package/lib/server/utils/keep-alive.js +0 -38
- package/lib/server/utils/nitro-attestation.js +0 -249
- package/lib/server/utils/oprf-raw.js +0 -61
- package/lib/server/utils/process-handshake.js +0 -233
- package/lib/server/utils/proxy-session.js +0 -4
- package/lib/server/utils/tee-oprf-mpc-verification.js +0 -86
- package/lib/server/utils/tee-oprf-verification.js +0 -151
- package/lib/server/utils/tee-transcript-reconstruction.js +0 -140
- package/lib/server/utils/tee-verification.js +0 -358
- package/lib/server/utils/validation.js +0 -45
- package/lib/types/bgp.js +0 -0
- package/lib/types/claims.js +0 -0
- package/lib/types/client.js +0 -0
- package/lib/types/general.js +0 -0
- package/lib/types/handlers.js +0 -0
- package/lib/types/index.js +0 -10
- package/lib/types/providers.gen.js +0 -16
- package/lib/types/providers.js +0 -0
- package/lib/types/rpc.js +0 -0
- package/lib/types/signatures.js +0 -0
- package/lib/types/tunnel.js +0 -0
- package/lib/types/zk.js +0 -0
- package/lib/utils/auth.js +0 -71
- package/lib/utils/b64-json.js +0 -17
- package/lib/utils/bgp-listener.js +0 -123
- package/lib/utils/claims.js +0 -89
- package/lib/utils/env.js +0 -19
- package/lib/utils/error.js +0 -54
- package/lib/utils/generics.js +0 -272
- package/lib/utils/http-parser.js +0 -201
- package/lib/utils/index.browser.d.ts +0 -13
- package/lib/utils/index.js +0 -14
- package/lib/utils/logger.browser.d.ts +0 -14
- package/lib/utils/logger.js +0 -82
- package/lib/utils/prepare-packets.js +0 -69
- package/lib/utils/redactions.js +0 -135
- package/lib/utils/retries.js +0 -26
- package/lib/utils/signatures/eth.js +0 -31
- package/lib/utils/signatures/index.js +0 -12
- package/lib/utils/socket-base.js +0 -96
- package/lib/utils/tls-imports.d.ts +0 -21
- package/lib/utils/tls-imports.js +0 -71
- package/lib/utils/tls.js +0 -58
- package/lib/utils/ws.js +0 -22
- package/lib/utils/zk.js +0 -625
|
@@ -1,32 +0,0 @@
|
|
|
1
|
-
import { getContracts } from "../../avs/utils/contracts.js";
|
|
2
|
-
import { createNewClaimRequestOnChain } from "../../avs/utils/tasks.js";
|
|
3
|
-
import { getEnvVariable } from "../../utils/env.js";
|
|
4
|
-
import { AttestorError, ethersStructToPlainObject } from "../../utils/index.js";
|
|
5
|
-
const ACCEPT_CLAIM_PAYMENT_REQUESTS = getEnvVariable("ACCEPT_CLAIM_PAYMENT_REQUESTS") === "1";
|
|
6
|
-
const createClaimOnChain = async ({ chainId: chainIdNum, jsonCreateClaimRequest, requestSignature }) => {
|
|
7
|
-
if (!ACCEPT_CLAIM_PAYMENT_REQUESTS) {
|
|
8
|
-
throw new AttestorError(
|
|
9
|
-
"ERROR_PAYMENT_REFUSED",
|
|
10
|
-
"Payment requests are not accepted at this time"
|
|
11
|
-
);
|
|
12
|
-
}
|
|
13
|
-
const chainId = chainIdNum.toString();
|
|
14
|
-
const { wallet } = getContracts(chainId.toString());
|
|
15
|
-
const request = JSON.parse(jsonCreateClaimRequest);
|
|
16
|
-
const { task, tx } = await createNewClaimRequestOnChain({
|
|
17
|
-
request,
|
|
18
|
-
owner: request.owner,
|
|
19
|
-
payer: wallet,
|
|
20
|
-
chainId,
|
|
21
|
-
requestSignature
|
|
22
|
-
});
|
|
23
|
-
const plainTask = ethersStructToPlainObject(task);
|
|
24
|
-
return {
|
|
25
|
-
txHash: tx?.hash ?? "",
|
|
26
|
-
taskIndex: Number(task.taskIndex),
|
|
27
|
-
jsonTask: JSON.stringify(plainTask)
|
|
28
|
-
};
|
|
29
|
-
};
|
|
30
|
-
export {
|
|
31
|
-
createClaimOnChain
|
|
32
|
-
};
|
|
@@ -1,57 +0,0 @@
|
|
|
1
|
-
import { Contract, JsonRpcProvider, randomBytes, Wallet } from "ethers";
|
|
2
|
-
import { governanceABI } from "../../mechain/abis/governanceABI.js";
|
|
3
|
-
import { taskABI } from "../../mechain/abis/taskABI.js";
|
|
4
|
-
import { GOVERNANCE_CONTRACT_ADDRESS, RPC_URL, TASK_CONTRACT_ADDRESS } from "../../mechain/constants/index.js";
|
|
5
|
-
import { getEnvVariable } from "../../utils/env.js";
|
|
6
|
-
const createTaskOnMechain = async ({
|
|
7
|
-
timestamp
|
|
8
|
-
}) => {
|
|
9
|
-
const { taskContract } = await getContracts();
|
|
10
|
-
const seed = randomBytes(32);
|
|
11
|
-
const result = await taskContract.createNewTaskRequest.staticCall(
|
|
12
|
-
seed,
|
|
13
|
-
timestamp
|
|
14
|
-
);
|
|
15
|
-
const taskId = result[0];
|
|
16
|
-
const requiredAttestors = await taskContract.requiredAttestors();
|
|
17
|
-
const hosts = [];
|
|
18
|
-
for (let i = 0; i < requiredAttestors; i++) {
|
|
19
|
-
hosts.push(result[1][i].host);
|
|
20
|
-
}
|
|
21
|
-
const tx = await taskContract.createNewTaskRequest(seed, timestamp);
|
|
22
|
-
await tx.wait();
|
|
23
|
-
return {
|
|
24
|
-
taskId,
|
|
25
|
-
requiredAttestors,
|
|
26
|
-
hosts
|
|
27
|
-
};
|
|
28
|
-
};
|
|
29
|
-
async function getContracts() {
|
|
30
|
-
const privateKey = getEnvVariable("MECHAIN_PRIVATE_KEY");
|
|
31
|
-
const taskContractAddress = getEnvVariable("TASK_CONTRACT_ADDRESS") || TASK_CONTRACT_ADDRESS;
|
|
32
|
-
const governanceContractAddress = getEnvVariable("GOVERNANCE_CONTRACT_ADDRESS") || GOVERNANCE_CONTRACT_ADDRESS;
|
|
33
|
-
if (!privateKey) {
|
|
34
|
-
throw new Error("MECHAIN_PRIVATE_KEY environment variable is not set");
|
|
35
|
-
}
|
|
36
|
-
try {
|
|
37
|
-
const provider = new JsonRpcProvider(RPC_URL);
|
|
38
|
-
await provider.getNetwork();
|
|
39
|
-
const signer = new Wallet(privateKey, provider);
|
|
40
|
-
const taskContract = new Contract(
|
|
41
|
-
taskContractAddress,
|
|
42
|
-
taskABI,
|
|
43
|
-
signer
|
|
44
|
-
);
|
|
45
|
-
const governanceContract = new Contract(
|
|
46
|
-
governanceContractAddress,
|
|
47
|
-
governanceABI,
|
|
48
|
-
signer
|
|
49
|
-
);
|
|
50
|
-
return { taskContract, governanceContract };
|
|
51
|
-
} catch (error) {
|
|
52
|
-
throw new Error(`Failed to initialize contracts: ${error.message || error}`);
|
|
53
|
-
}
|
|
54
|
-
}
|
|
55
|
-
export {
|
|
56
|
-
createTaskOnMechain
|
|
57
|
-
};
|
|
@@ -1,98 +0,0 @@
|
|
|
1
|
-
import { makeTcpTunnel } from "../../server/tunnels/make-tcp-tunnel.js";
|
|
2
|
-
import { getApm } from "../../server/utils/apm.js";
|
|
3
|
-
import { resolveHostnames } from "../../server/utils/dns.js";
|
|
4
|
-
import { AttestorError } from "../../utils/index.js";
|
|
5
|
-
const createTunnel = async ({ id, ...opts }, { tx, logger, client }) => {
|
|
6
|
-
if (client.tunnels[id]) {
|
|
7
|
-
throw AttestorError.badRequest(`Tunnel "${id}" already exists`);
|
|
8
|
-
}
|
|
9
|
-
const allowedHosts = client.metadata?.auth?.data?.hostWhitelist;
|
|
10
|
-
if (allowedHosts?.length && !allowedHosts.includes(opts.host)) {
|
|
11
|
-
throw AttestorError.badRequest(
|
|
12
|
-
`Host "${opts.host}" not allowed by auth request`
|
|
13
|
-
);
|
|
14
|
-
}
|
|
15
|
-
let cancelBgp;
|
|
16
|
-
const apm = getApm();
|
|
17
|
-
const sessionTx = apm?.startTransaction("tunnelConnection", { childOf: tx });
|
|
18
|
-
sessionTx?.setLabel("tunnelId", id.toString());
|
|
19
|
-
sessionTx?.setLabel("hostPort", `${opts.host}:${opts.port}`);
|
|
20
|
-
sessionTx?.setLabel("geoLocation", opts.geoLocation);
|
|
21
|
-
sessionTx?.setLabel("proxySessionId", opts.proxySessionId);
|
|
22
|
-
try {
|
|
23
|
-
const tunnel = await makeTcpTunnel({
|
|
24
|
-
...opts,
|
|
25
|
-
logger,
|
|
26
|
-
onMessage(message) {
|
|
27
|
-
if (!client.isOpen) {
|
|
28
|
-
logger.warn("client is closed, dropping message");
|
|
29
|
-
return;
|
|
30
|
-
}
|
|
31
|
-
return client.sendMessage({ tunnelMessage: { tunnelId: id, message } });
|
|
32
|
-
},
|
|
33
|
-
onClose(err) {
|
|
34
|
-
cancelBgp?.();
|
|
35
|
-
if (err) {
|
|
36
|
-
apm?.captureError(err, { parent: sessionTx });
|
|
37
|
-
sessionTx?.setOutcome("failure");
|
|
38
|
-
} else {
|
|
39
|
-
sessionTx?.setOutcome("success");
|
|
40
|
-
}
|
|
41
|
-
sessionTx?.end();
|
|
42
|
-
if (!client.isOpen) {
|
|
43
|
-
return;
|
|
44
|
-
}
|
|
45
|
-
client.sendMessage({
|
|
46
|
-
tunnelDisconnectEvent: {
|
|
47
|
-
tunnelId: id,
|
|
48
|
-
error: err ? AttestorError.fromError(err).toProto() : void 0
|
|
49
|
-
}
|
|
50
|
-
}).catch((err2) => {
|
|
51
|
-
logger.error(
|
|
52
|
-
{ err: err2 },
|
|
53
|
-
"failed to send tunnel disconnect event"
|
|
54
|
-
);
|
|
55
|
-
});
|
|
56
|
-
}
|
|
57
|
-
});
|
|
58
|
-
try {
|
|
59
|
-
await checkForBgp(tunnel);
|
|
60
|
-
} catch (err) {
|
|
61
|
-
logger.warn(
|
|
62
|
-
{ err, host: opts.host },
|
|
63
|
-
"failed to start BGP overlap check"
|
|
64
|
-
);
|
|
65
|
-
}
|
|
66
|
-
client.tunnels[id] = tunnel;
|
|
67
|
-
return {};
|
|
68
|
-
} catch (err) {
|
|
69
|
-
apm?.captureError(err, { parent: sessionTx });
|
|
70
|
-
sessionTx?.setOutcome("failure");
|
|
71
|
-
sessionTx?.end();
|
|
72
|
-
cancelBgp?.();
|
|
73
|
-
throw err;
|
|
74
|
-
}
|
|
75
|
-
async function checkForBgp(tunnel) {
|
|
76
|
-
if (!client.bgpListener) {
|
|
77
|
-
return;
|
|
78
|
-
}
|
|
79
|
-
const ips = await resolveHostnames(opts.host);
|
|
80
|
-
cancelBgp = client.bgpListener.onOverlap(ips, (info) => {
|
|
81
|
-
logger.warn(
|
|
82
|
-
{ info, host: opts.host },
|
|
83
|
-
"BGP announcement overlap detected"
|
|
84
|
-
);
|
|
85
|
-
sessionTx?.addLabels({ bgpOverlap: true, ...info });
|
|
86
|
-
void tunnel?.close(
|
|
87
|
-
new AttestorError(
|
|
88
|
-
"ERROR_BGP_ANNOUNCEMENT_OVERLAP",
|
|
89
|
-
`BGP announcement overlap detected for ${opts.host}`
|
|
90
|
-
)
|
|
91
|
-
);
|
|
92
|
-
});
|
|
93
|
-
logger.debug({ ips }, "checking for BGP overlap");
|
|
94
|
-
}
|
|
95
|
-
};
|
|
96
|
-
export {
|
|
97
|
-
createTunnel
|
|
98
|
-
};
|
|
@@ -1,57 +0,0 @@
|
|
|
1
|
-
import { concatenateUint8Arrays, loadX509FromPem } from "@reclaimprotocol/tls";
|
|
2
|
-
import { CERT_ALLOWED_MIMETYPES, MAX_CERT_SIZE_BYTES } from "../../config/index.js";
|
|
3
|
-
import { AttestorError } from "../../utils/error.js";
|
|
4
|
-
const fetchCertificateBytes = async ({ url }) => {
|
|
5
|
-
const res = await fetch(url, {
|
|
6
|
-
redirect: "follow",
|
|
7
|
-
signal: AbortSignal.timeout(1e4)
|
|
8
|
-
});
|
|
9
|
-
if (!res.ok) {
|
|
10
|
-
res.body?.cancel("Not ok");
|
|
11
|
-
throw new AttestorError(
|
|
12
|
-
"ERROR_CERTIFICATE_FETCH_FAILED",
|
|
13
|
-
`Failed to fetch certificate from URL: ${url}, status: ${res.status}`
|
|
14
|
-
);
|
|
15
|
-
}
|
|
16
|
-
const contentType = res.headers.get("content-type");
|
|
17
|
-
if (!contentType || !CERT_ALLOWED_MIMETYPES.includes(contentType)) {
|
|
18
|
-
res.body?.cancel("Mismatch");
|
|
19
|
-
throw new AttestorError(
|
|
20
|
-
"ERROR_CERTIFICATE_FETCH_FAILED",
|
|
21
|
-
`Invalid content-type when fetching certificate from URL: ${url}, content-type: ${contentType}`
|
|
22
|
-
);
|
|
23
|
-
}
|
|
24
|
-
if (!res.body) {
|
|
25
|
-
throw new AttestorError(
|
|
26
|
-
"ERROR_CERTIFICATE_FETCH_FAILED",
|
|
27
|
-
`No body in response when fetching certificate from URL: ${url}`
|
|
28
|
-
);
|
|
29
|
-
}
|
|
30
|
-
let total = 0;
|
|
31
|
-
const byteArr = [];
|
|
32
|
-
for await (const chunk of res.body) {
|
|
33
|
-
total += chunk.length;
|
|
34
|
-
if (total > MAX_CERT_SIZE_BYTES) {
|
|
35
|
-
res.body.cancel("Too many bytes");
|
|
36
|
-
throw new AttestorError(
|
|
37
|
-
"ERROR_CERTIFICATE_FETCH_FAILED",
|
|
38
|
-
`Certificate size exceeds maximum limit of ${MAX_CERT_SIZE_BYTES}b`
|
|
39
|
-
);
|
|
40
|
-
}
|
|
41
|
-
byteArr.push(chunk);
|
|
42
|
-
}
|
|
43
|
-
const bytes = concatenateUint8Arrays(byteArr);
|
|
44
|
-
try {
|
|
45
|
-
const cert = loadX509FromPem(bytes);
|
|
46
|
-
TLS_INTERMEDIATE_CA_CACHE[url] = cert;
|
|
47
|
-
} catch (err) {
|
|
48
|
-
throw new AttestorError(
|
|
49
|
-
"ERROR_CERTIFICATE_FETCH_FAILED",
|
|
50
|
-
`Failed to parse certificate, error: ${err.message}`
|
|
51
|
-
);
|
|
52
|
-
}
|
|
53
|
-
return { bytes: concatenateUint8Arrays(byteArr) };
|
|
54
|
-
};
|
|
55
|
-
export {
|
|
56
|
-
fetchCertificateBytes
|
|
57
|
-
};
|
|
@@ -1,25 +0,0 @@
|
|
|
1
|
-
import { claimTeeBundle } from "../../server/handlers/claimTeeBundle.js";
|
|
2
|
-
import { claimTunnel } from "../../server/handlers/claimTunnel.js";
|
|
3
|
-
import { completeClaimOnChain } from "../../server/handlers/completeClaimOnChain.js";
|
|
4
|
-
import { createClaimOnChain } from "../../server/handlers/createClaimOnChain.js";
|
|
5
|
-
import { createTaskOnMechain } from "../../server/handlers/createTaskOnMechain.js";
|
|
6
|
-
import { createTunnel } from "../../server/handlers/createTunnel.js";
|
|
7
|
-
import { disconnectTunnel } from "../../server/handlers/disconnectTunnel.js";
|
|
8
|
-
import { fetchCertificateBytes } from "../../server/handlers/fetchCertificateBytes.js";
|
|
9
|
-
import { init } from "../../server/handlers/init.js";
|
|
10
|
-
import { toprf } from "../../server/handlers/toprf.js";
|
|
11
|
-
const HANDLERS = {
|
|
12
|
-
createTunnel,
|
|
13
|
-
disconnectTunnel,
|
|
14
|
-
claimTunnel,
|
|
15
|
-
claimTeeBundle,
|
|
16
|
-
init,
|
|
17
|
-
createClaimOnChain,
|
|
18
|
-
completeClaimOnChain,
|
|
19
|
-
toprf,
|
|
20
|
-
createTaskOnMechain,
|
|
21
|
-
fetchCertificateBytes
|
|
22
|
-
};
|
|
23
|
-
export {
|
|
24
|
-
HANDLERS
|
|
25
|
-
};
|
|
@@ -1,33 +0,0 @@
|
|
|
1
|
-
import { getBytes } from "ethers";
|
|
2
|
-
import { getAttestorAddress } from "../../server/utils/generics.js";
|
|
3
|
-
import { assertValidAuthRequest } from "../../utils/auth.js";
|
|
4
|
-
import { getEnvVariable } from "../../utils/env.js";
|
|
5
|
-
import { AttestorError } from "../../utils/index.js";
|
|
6
|
-
import { SIGNATURES } from "../../utils/signatures/index.js";
|
|
7
|
-
const TOPRF_PUBLIC_KEY = getEnvVariable("TOPRF_PUBLIC_KEY");
|
|
8
|
-
const init = async (initRequest, { client }) => {
|
|
9
|
-
if (client.isInitialised) {
|
|
10
|
-
throw AttestorError.badRequest("Client already initialised");
|
|
11
|
-
}
|
|
12
|
-
if (!SIGNATURES[initRequest.signatureType]) {
|
|
13
|
-
throw AttestorError.badRequest("Unsupported signature type");
|
|
14
|
-
}
|
|
15
|
-
if (initRequest.clientVersion <= 0) {
|
|
16
|
-
throw AttestorError.badRequest("Unsupported client version");
|
|
17
|
-
}
|
|
18
|
-
await assertValidAuthRequest(initRequest.auth, initRequest.signatureType);
|
|
19
|
-
if (initRequest.auth?.data) {
|
|
20
|
-
client.logger = client.logger.child({
|
|
21
|
-
userId: initRequest.auth.data.id
|
|
22
|
-
});
|
|
23
|
-
}
|
|
24
|
-
client.metadata = initRequest;
|
|
25
|
-
client.isInitialised = true;
|
|
26
|
-
return {
|
|
27
|
-
toprfPublicKey: TOPRF_PUBLIC_KEY ? getBytes(TOPRF_PUBLIC_KEY) : new Uint8Array(),
|
|
28
|
-
attestorAddress: getAttestorAddress(initRequest.signatureType)
|
|
29
|
-
};
|
|
30
|
-
};
|
|
31
|
-
export {
|
|
32
|
-
init
|
|
33
|
-
};
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
import { getBytes } from "ethers";
|
|
2
|
-
import { getEnvVariable } from "../../utils/env.js";
|
|
3
|
-
import { getEngineString, makeDefaultOPRFOperator } from "../../utils/index.js";
|
|
4
|
-
const toprf = async ({ maskedData, engine }, { logger }) => {
|
|
5
|
-
const PRIVATE_KEY_STR = getEnvVariable("TOPRF_SHARE_PRIVATE_KEY");
|
|
6
|
-
const PUBLIC_KEY_STR = getEnvVariable("TOPRF_SHARE_PUBLIC_KEY");
|
|
7
|
-
if (!PRIVATE_KEY_STR || !PUBLIC_KEY_STR) {
|
|
8
|
-
throw new Error("private/public keys not set. Cannot execute OPRF");
|
|
9
|
-
}
|
|
10
|
-
const PRIVATE_KEY = getBytes(PRIVATE_KEY_STR);
|
|
11
|
-
const PUBLIC_KEY = getBytes(PUBLIC_KEY_STR);
|
|
12
|
-
const engineStr = getEngineString(engine);
|
|
13
|
-
const operator = makeDefaultOPRFOperator("chacha20", engineStr, logger);
|
|
14
|
-
const res = await operator.evaluateOPRF(PRIVATE_KEY, maskedData);
|
|
15
|
-
return { ...res, publicKeyShare: PUBLIC_KEY };
|
|
16
|
-
};
|
|
17
|
-
export {
|
|
18
|
-
toprf
|
|
19
|
-
};
|
package/lib/server/index.js
DELETED
package/lib/server/socket.js
DELETED
|
@@ -1,112 +0,0 @@
|
|
|
1
|
-
import { promisify } from "util";
|
|
2
|
-
import { handleMessage } from "../client/utils/message-handler.js";
|
|
3
|
-
import { DEFAULT_RPC_TIMEOUT_MS } from "../config/index.js";
|
|
4
|
-
import { HANDLERS } from "../server/handlers/index.js";
|
|
5
|
-
import { getApm } from "../server/utils/apm.js";
|
|
6
|
-
import { getInitialMessagesFromQuery } from "../server/utils/generics.js";
|
|
7
|
-
import { AttestorError, generateSessionId } from "../utils/index.js";
|
|
8
|
-
import { AttestorSocket } from "../utils/socket-base.js";
|
|
9
|
-
class AttestorServerSocket extends AttestorSocket {
|
|
10
|
-
tunnels = {};
|
|
11
|
-
sessionId;
|
|
12
|
-
bgpListener;
|
|
13
|
-
constructor(socket, sessionId, bgpListener, logger) {
|
|
14
|
-
super(socket, {}, logger);
|
|
15
|
-
this.sessionId = sessionId;
|
|
16
|
-
this.bgpListener = bgpListener;
|
|
17
|
-
this.addEventListener("rpc-request", handleRpcRequest.bind(this));
|
|
18
|
-
this.addEventListener("tunnel-message", handleTunnelMessage.bind(this));
|
|
19
|
-
this.addEventListener("connection-terminated", () => {
|
|
20
|
-
for (const tunnelId in this.tunnels) {
|
|
21
|
-
const tunnel = this.tunnels[tunnelId];
|
|
22
|
-
void tunnel.close(new Error("WS session terminated"));
|
|
23
|
-
}
|
|
24
|
-
});
|
|
25
|
-
}
|
|
26
|
-
getTunnel(tunnelId) {
|
|
27
|
-
const tunnel = this.tunnels[tunnelId];
|
|
28
|
-
if (!tunnel) {
|
|
29
|
-
throw new AttestorError(
|
|
30
|
-
"ERROR_NOT_FOUND",
|
|
31
|
-
`Tunnel "${tunnelId}" not found`
|
|
32
|
-
);
|
|
33
|
-
}
|
|
34
|
-
return tunnel;
|
|
35
|
-
}
|
|
36
|
-
removeTunnel(tunnelId) {
|
|
37
|
-
delete this.tunnels[tunnelId];
|
|
38
|
-
}
|
|
39
|
-
static async acceptConnection(socket, { req, logger, bgpListener }) {
|
|
40
|
-
const bindSend = socket.send.bind(socket);
|
|
41
|
-
socket.send = promisify(bindSend);
|
|
42
|
-
const sessionId = generateSessionId();
|
|
43
|
-
logger = logger.child({ sessionId });
|
|
44
|
-
const client = new AttestorServerSocket(
|
|
45
|
-
socket,
|
|
46
|
-
sessionId,
|
|
47
|
-
bgpListener,
|
|
48
|
-
logger
|
|
49
|
-
);
|
|
50
|
-
try {
|
|
51
|
-
const initMsgs = getInitialMessagesFromQuery(req);
|
|
52
|
-
logger.trace(
|
|
53
|
-
{ initMsgs: initMsgs.length },
|
|
54
|
-
"new connection, validating..."
|
|
55
|
-
);
|
|
56
|
-
for (const msg of initMsgs) {
|
|
57
|
-
await handleMessage.call(client, msg);
|
|
58
|
-
}
|
|
59
|
-
logger.debug("connection accepted");
|
|
60
|
-
} catch (err) {
|
|
61
|
-
logger.error({ err }, "error in new connection");
|
|
62
|
-
if (client.isOpen) {
|
|
63
|
-
await client.terminateConnection(
|
|
64
|
-
err instanceof AttestorError ? err : AttestorError.badRequest(err.message)
|
|
65
|
-
);
|
|
66
|
-
}
|
|
67
|
-
return;
|
|
68
|
-
}
|
|
69
|
-
return client;
|
|
70
|
-
}
|
|
71
|
-
}
|
|
72
|
-
async function handleTunnelMessage({ data: { tunnelId, message } }) {
|
|
73
|
-
try {
|
|
74
|
-
const tunnel = this.getTunnel(tunnelId);
|
|
75
|
-
await tunnel.write(message);
|
|
76
|
-
} catch (err) {
|
|
77
|
-
this.logger?.error({ err, tunnelId }, "error writing to tunnel");
|
|
78
|
-
}
|
|
79
|
-
}
|
|
80
|
-
async function handleRpcRequest({ data: { data, requestId, respond, type } }) {
|
|
81
|
-
const logger = this.logger.child({ rpc: type, requestId });
|
|
82
|
-
const apm = getApm();
|
|
83
|
-
const tx = apm?.startTransaction(type);
|
|
84
|
-
tx?.setLabel("requestId", requestId);
|
|
85
|
-
tx?.setLabel("sessionId", this.sessionId.toString());
|
|
86
|
-
const userId = this.metadata.auth?.data?.id;
|
|
87
|
-
if (userId) {
|
|
88
|
-
tx?.setLabel("authUserId", userId);
|
|
89
|
-
}
|
|
90
|
-
const timeout = setTimeout(() => {
|
|
91
|
-
logger.warn({ type, requestId }, "RPC took too long to respond");
|
|
92
|
-
}, DEFAULT_RPC_TIMEOUT_MS);
|
|
93
|
-
try {
|
|
94
|
-
logger.debug({ data }, "handling RPC request");
|
|
95
|
-
const handler = HANDLERS[type];
|
|
96
|
-
const res = await handler(data, { client: this, logger, tx });
|
|
97
|
-
respond(res);
|
|
98
|
-
logger.debug({ res }, "handled RPC request");
|
|
99
|
-
tx?.setOutcome("success");
|
|
100
|
-
} catch (err) {
|
|
101
|
-
logger.error({ err }, "error in RPC request");
|
|
102
|
-
respond(AttestorError.fromError(err));
|
|
103
|
-
tx?.setOutcome("failure");
|
|
104
|
-
apm?.captureError(err, { parent: tx });
|
|
105
|
-
} finally {
|
|
106
|
-
clearTimeout(timeout);
|
|
107
|
-
tx?.end();
|
|
108
|
-
}
|
|
109
|
-
}
|
|
110
|
-
export {
|
|
111
|
-
AttestorServerSocket
|
|
112
|
-
};
|
|
@@ -1,202 +0,0 @@
|
|
|
1
|
-
import { HttpsProxyAgent } from "https-proxy-agent";
|
|
2
|
-
import { Socket } from "net";
|
|
3
|
-
import { CONNECTION_TIMEOUT_MS } from "../../config/index.js";
|
|
4
|
-
import { resolveHostnames } from "../../server/utils/dns.js";
|
|
5
|
-
import { isValidCountryCode } from "../../server/utils/iso.js";
|
|
6
|
-
import { isValidProxySessionId } from "../../utils/generics.js";
|
|
7
|
-
import { getEnvVariable } from "../../utils/env.js";
|
|
8
|
-
import { AttestorError } from "../../utils/index.js";
|
|
9
|
-
const HTTPS_PROXY_URL = getEnvVariable("HTTPS_PROXY_URL");
|
|
10
|
-
const makeTcpTunnel = async ({
|
|
11
|
-
onClose,
|
|
12
|
-
onMessage,
|
|
13
|
-
logger,
|
|
14
|
-
...opts
|
|
15
|
-
}) => {
|
|
16
|
-
const transcript = [];
|
|
17
|
-
const socket = await connectTcp({ ...opts, logger });
|
|
18
|
-
let closed = false;
|
|
19
|
-
socket.on("data", (message) => {
|
|
20
|
-
if (closed) {
|
|
21
|
-
logger.warn("socket is closed, dropping message");
|
|
22
|
-
return;
|
|
23
|
-
}
|
|
24
|
-
onMessage?.(message);
|
|
25
|
-
transcript.push({ sender: "server", message });
|
|
26
|
-
});
|
|
27
|
-
socket.once("close", () => onSocketClose(void 0));
|
|
28
|
-
return {
|
|
29
|
-
socket,
|
|
30
|
-
transcript,
|
|
31
|
-
createRequest: opts,
|
|
32
|
-
async write(data) {
|
|
33
|
-
transcript.push({ sender: "client", message: data });
|
|
34
|
-
await new Promise((resolve, reject) => {
|
|
35
|
-
socket.write(data, (err) => {
|
|
36
|
-
if (err) {
|
|
37
|
-
reject(err);
|
|
38
|
-
} else {
|
|
39
|
-
resolve();
|
|
40
|
-
}
|
|
41
|
-
});
|
|
42
|
-
});
|
|
43
|
-
},
|
|
44
|
-
close(err) {
|
|
45
|
-
if (closed) {
|
|
46
|
-
return;
|
|
47
|
-
}
|
|
48
|
-
socket.destroy(err);
|
|
49
|
-
}
|
|
50
|
-
};
|
|
51
|
-
function onSocketClose(err) {
|
|
52
|
-
if (closed) {
|
|
53
|
-
return;
|
|
54
|
-
}
|
|
55
|
-
logger.debug({ err }, "closing socket");
|
|
56
|
-
closed = true;
|
|
57
|
-
onClose?.(err);
|
|
58
|
-
onClose = void 0;
|
|
59
|
-
}
|
|
60
|
-
};
|
|
61
|
-
async function connectTcp({ host, port, geoLocation, proxySessionId, logger }) {
|
|
62
|
-
let connectTimeout;
|
|
63
|
-
let socket;
|
|
64
|
-
try {
|
|
65
|
-
await new Promise(async (resolve, reject) => {
|
|
66
|
-
try {
|
|
67
|
-
connectTimeout = setTimeout(
|
|
68
|
-
() => reject(
|
|
69
|
-
new AttestorError(
|
|
70
|
-
"ERROR_NETWORK_ERROR",
|
|
71
|
-
"Server connection timed out"
|
|
72
|
-
)
|
|
73
|
-
),
|
|
74
|
-
CONNECTION_TIMEOUT_MS
|
|
75
|
-
);
|
|
76
|
-
socket = await getSocket({
|
|
77
|
-
host,
|
|
78
|
-
port,
|
|
79
|
-
geoLocation,
|
|
80
|
-
proxySessionId,
|
|
81
|
-
logger
|
|
82
|
-
});
|
|
83
|
-
socket.once("connect", resolve);
|
|
84
|
-
socket.once("error", reject);
|
|
85
|
-
socket.once("end", () => reject(
|
|
86
|
-
new AttestorError(
|
|
87
|
-
"ERROR_NETWORK_ERROR",
|
|
88
|
-
"connection closed"
|
|
89
|
-
)
|
|
90
|
-
));
|
|
91
|
-
} catch (err) {
|
|
92
|
-
reject(err);
|
|
93
|
-
}
|
|
94
|
-
});
|
|
95
|
-
logger.debug({ addr: `${host}:${port}` }, "connected");
|
|
96
|
-
return socket;
|
|
97
|
-
} catch (err) {
|
|
98
|
-
socket?.end();
|
|
99
|
-
throw err;
|
|
100
|
-
} finally {
|
|
101
|
-
clearTimeout(connectTimeout);
|
|
102
|
-
}
|
|
103
|
-
}
|
|
104
|
-
async function getSocket(opts) {
|
|
105
|
-
const { logger } = opts;
|
|
106
|
-
try {
|
|
107
|
-
return await _getSocket(opts);
|
|
108
|
-
} catch (err) {
|
|
109
|
-
if (!(err instanceof AttestorError) || err.data?.code !== 403) {
|
|
110
|
-
throw err;
|
|
111
|
-
}
|
|
112
|
-
const addrs = await resolveHostnames(opts.host);
|
|
113
|
-
logger.info(
|
|
114
|
-
{ addrs, host: opts.host },
|
|
115
|
-
"failed to connect due to restricted IP, trying via raw addr"
|
|
116
|
-
);
|
|
117
|
-
for (const addr of addrs) {
|
|
118
|
-
try {
|
|
119
|
-
return await _getSocket({ ...opts, host: addr });
|
|
120
|
-
} catch (err2) {
|
|
121
|
-
logger.error(
|
|
122
|
-
{ addr, err: err2 },
|
|
123
|
-
"failed to connect to host"
|
|
124
|
-
);
|
|
125
|
-
}
|
|
126
|
-
}
|
|
127
|
-
throw err;
|
|
128
|
-
}
|
|
129
|
-
}
|
|
130
|
-
async function _getSocket({
|
|
131
|
-
host,
|
|
132
|
-
port,
|
|
133
|
-
geoLocation,
|
|
134
|
-
proxySessionId,
|
|
135
|
-
logger
|
|
136
|
-
}) {
|
|
137
|
-
const socket = new Socket();
|
|
138
|
-
if ((proxySessionId || geoLocation) && !HTTPS_PROXY_URL) {
|
|
139
|
-
logger.warn(
|
|
140
|
-
{ geoLocation, proxySessionId },
|
|
141
|
-
"geoLocation or proxySessionId provided but no proxy URL found"
|
|
142
|
-
);
|
|
143
|
-
geoLocation = "";
|
|
144
|
-
proxySessionId = "";
|
|
145
|
-
}
|
|
146
|
-
if (!geoLocation && !proxySessionId) {
|
|
147
|
-
socket.connect({ host, port });
|
|
148
|
-
return socket;
|
|
149
|
-
}
|
|
150
|
-
if (!isValidCountryCode(geoLocation)) {
|
|
151
|
-
throw AttestorError.badRequest(
|
|
152
|
-
`Geolocation "${geoLocation}" is invalid. Must be 2 letter ISO country code`,
|
|
153
|
-
{ geoLocation }
|
|
154
|
-
);
|
|
155
|
-
}
|
|
156
|
-
if (proxySessionId && !isValidProxySessionId(proxySessionId)) {
|
|
157
|
-
throw AttestorError.badRequest(
|
|
158
|
-
`proxySessionId "${proxySessionId}" is invalid. Must be a lowercase alphanumeric string of length 8-14 characters. eg. "mystring12345", "something1234".`,
|
|
159
|
-
{ proxySessionId }
|
|
160
|
-
);
|
|
161
|
-
}
|
|
162
|
-
const agentUrl = HTTPS_PROXY_URL.replace(
|
|
163
|
-
"{{geoLocation}}",
|
|
164
|
-
geoLocation?.toLowerCase() || ""
|
|
165
|
-
).replace(
|
|
166
|
-
"{{proxySessionId}}",
|
|
167
|
-
proxySessionId ? `-session-${proxySessionId}` : ""
|
|
168
|
-
);
|
|
169
|
-
const agent = new HttpsProxyAgent(agentUrl);
|
|
170
|
-
const waitForProxyRes = new Promise((resolve) => {
|
|
171
|
-
socket.once("proxyConnect", resolve);
|
|
172
|
-
});
|
|
173
|
-
const proxySocket = await agent.connect(
|
|
174
|
-
// ignore, because https-proxy-agent
|
|
175
|
-
// expects an http request object
|
|
176
|
-
// @ts-ignore
|
|
177
|
-
socket,
|
|
178
|
-
{ host, port, timeout: CONNECTION_TIMEOUT_MS }
|
|
179
|
-
);
|
|
180
|
-
const res = await waitForProxyRes;
|
|
181
|
-
if (res.statusCode !== 200) {
|
|
182
|
-
logger.error(
|
|
183
|
-
{ geoLocation, proxySessionId, res },
|
|
184
|
-
"Proxy geo location or session id failed"
|
|
185
|
-
);
|
|
186
|
-
throw new AttestorError(
|
|
187
|
-
"ERROR_PROXY_ERROR",
|
|
188
|
-
`Proxy via ${geoLocation ? `geo location "${geoLocation}"` : ""}${geoLocation && proxySessionId ? ", or " : ""}${proxySessionId ? `session id "${proxySessionId}"` : ""} failed with status code: ${res.statusCode}, message: ${res.statusText}`,
|
|
189
|
-
{
|
|
190
|
-
code: res.statusCode,
|
|
191
|
-
message: res.statusText
|
|
192
|
-
}
|
|
193
|
-
);
|
|
194
|
-
}
|
|
195
|
-
process.nextTick(() => {
|
|
196
|
-
proxySocket.emit("connect");
|
|
197
|
-
});
|
|
198
|
-
return proxySocket;
|
|
199
|
-
}
|
|
200
|
-
export {
|
|
201
|
-
makeTcpTunnel
|
|
202
|
-
};
|
package/lib/server/utils/apm.js
DELETED
|
@@ -1,29 +0,0 @@
|
|
|
1
|
-
import ElasticAPM from "elastic-apm-node";
|
|
2
|
-
import { getEnvVariable } from "../../utils/env.js";
|
|
3
|
-
import { logger } from "../../utils/logger.js";
|
|
4
|
-
let apm;
|
|
5
|
-
function getApm() {
|
|
6
|
-
if (!getEnvVariable("ELASTIC_APM_SERVER_URL") || !getEnvVariable("ELASTIC_APM_SECRET_TOKEN")) {
|
|
7
|
-
logger.info(
|
|
8
|
-
"ELASTIC_APM_SERVER_URL or ELASTIC_APM_SECRET_TOKEN not found in env, APM agent not initialised"
|
|
9
|
-
);
|
|
10
|
-
return void 0;
|
|
11
|
-
}
|
|
12
|
-
if (!apm) {
|
|
13
|
-
const sampleRate = +(getEnvVariable("ELASTIC_APM_SAMPLE_RATE") || "0.1");
|
|
14
|
-
apm = ElasticAPM.start({
|
|
15
|
-
serviceName: "reclaim_attestor",
|
|
16
|
-
serviceVersion: "4.0.0",
|
|
17
|
-
transactionSampleRate: sampleRate,
|
|
18
|
-
instrumentIncomingHTTPRequests: true,
|
|
19
|
-
usePathAsTransactionName: true,
|
|
20
|
-
instrument: true,
|
|
21
|
-
captureHeaders: true
|
|
22
|
-
});
|
|
23
|
-
logger.info("initialised APM agent");
|
|
24
|
-
}
|
|
25
|
-
return apm;
|
|
26
|
-
}
|
|
27
|
-
export {
|
|
28
|
-
getApm
|
|
29
|
-
};
|