olas-operate-middleware 0.7.0__py3-none-any.whl → 0.8.1__py3-none-any.whl

operate/operate_types.py

@@ -329,3 +329,13 @@ class AssetFundingValues(TypedDict):
 
 
 FundingValues = t.Dict[str, AssetFundingValues]  # str is the asset address
+
+
+@dataclass
+class MechMarketplaceConfig:
+    """Mech Marketplace config."""
+
+    use_mech_marketplace: bool
+    mech_marketplace_address: str
+    priority_mech_address: str
+    priority_mech_service_id: int

operate/quickstart/claim_staking_rewards.py

@@ -73,7 +73,7 @@ def claim_staking_rewards(operate: "OperateApp", config_path: str) -> None:
     config = configure_local_config(template, operate)
     manager = operate.service_manager()
     service = get_service(manager, template)
-    ask_password_if_needed(operate, config)
+    ask_password_if_needed(operate)
 
     # reload manger and config after setting operate.password
     manager = operate.service_manager()

operate/quickstart/reset_staking.py

@@ -82,7 +82,7 @@ def reset_staking(operate: "OperateApp", config_path: str) -> None:
         print("Cancelled.")
         return
 
-    ask_password_if_needed(operate, config)
+    ask_password_if_needed(operate)
     manager = operate.service_manager()
     service = get_service(manager, template)
 

operate/quickstart/run_service.py

@@ -37,14 +37,7 @@ from operate.account.user import UserAccount
 from operate.constants import IPFS_ADDRESS, OPERATE_HOME
 from operate.data import DATA_DIR
 from operate.data.contracts.staking_token.contract import StakingTokenContract
-from operate.ledger.profiles import (
-    DEFAULT_PRIORITY_MECH_ADDRESS,
-    DEFAULT_PRIORITY_MECH_SERVICE_ID,
-    NO_STAKING_PROGRAM_ID,
-    STAKING,
-    get_staking_contract,
-    get_staking_program_mech_type,
-)
+from operate.ledger.profiles import NO_STAKING_PROGRAM_ID, STAKING, get_staking_contract
 from operate.operate_types import (
     Chain,
     LedgerType,
@@ -208,9 +201,6 @@ def configure_local_config(
             )
         os.environ[f"{chain.upper()}_LEDGER_RPC"] = config.rpc[chain]
 
-    if config.password_migrated is None:
-        config.password_migrated = False
-
     config.principal_chain = template["home_chain"]
 
     home_chain = Chain.from_string(config.principal_chain)
@@ -396,15 +386,18 @@ def configure_local_config(
     ):
         print_section("Please enter the arguments that will be used by the service.")
 
-    staking_program_mech_type = get_staking_program_mech_type(config.staking_program_id)
+    service_manager = operate.service_manager()
+    mech_configs = service_manager.get_mech_configs(
+        chain=config.principal_chain,
+        ledger_api=ledger_api,
+        staking_program_id=config.staking_program_id,
+    )
 
     for env_var_name, env_var_data in template["env_variables"].items():
         if env_var_data["provision_type"] == ServiceEnvProvisionType.USER:
             # PRIORITY_MECH_ADDRESS and PRIORITY_MECH_SERVICE_ID are given dynamic default values
             if env_var_name == "PRIORITY_MECH_ADDRESS":
-                env_var_data["value"] = DEFAULT_PRIORITY_MECH_ADDRESS[
-                    staking_program_mech_type
-                ]
+                env_var_data["value"] = mech_configs.priority_mech_address
                 if (
                     env_var_name in config.user_provided_args
                     and env_var_data["value"] != config.user_provided_args[env_var_name]
@@ -412,9 +405,7 @@ def configure_local_config(
                     del config.user_provided_args[env_var_name]
 
             if env_var_name == "PRIORITY_MECH_SERVICE_ID":
-                env_var_data["value"] = str(
-                    DEFAULT_PRIORITY_MECH_SERVICE_ID.get(staking_program_mech_type, 0)
-                )
+                env_var_data["value"] = mech_configs.priority_mech_service_id
                 if (
                     env_var_name in config.user_provided_args
                     and env_var_data["value"] != config.user_provided_args[env_var_name]
@@ -456,7 +447,7 @@ def configure_local_config(
     return config
 
 
-def ask_password_if_needed(operate: "OperateApp", config: QuickstartConfig) -> None:
+def ask_password_if_needed(operate: "OperateApp") -> None:
     """Ask password if needed."""
     if operate.user_account is None:
         print_section("Set up local user account")
@@ -466,8 +457,6 @@ def ask_password_if_needed(operate: "OperateApp", config: QuickstartConfig) -> N
             password=password,
             path=operate._path / "user.json",
         )
-        config.password_migrated = True
-        config.store()
     else:
         _password = None
         while _password is None:
@@ -620,8 +609,8 @@ def _ask_funds_from_requirements(
     return False
 
 
-def ensure_enough_funds(operate: "OperateApp", service: Service) -> None:
-    """Ensure enough funds."""
+def _maybe_create_master_eoa(operate: "OperateApp") -> None:
+    """Maybe create the Master EOA."""
     if not operate.wallet_manager.exists(ledger_type=LedgerType.ETHEREUM):
         print("Creating the Master EOA...")
         wallet, mnemonic = operate.wallet_manager.create(
@@ -636,9 +625,12 @@ def ensure_enough_funds(operate: "OperateApp", service: Service) -> None:
         ask_or_get_from_env(
             "Press enter to continue...", False, "CONTINUE", raise_if_missing=False
         )
-    else:
-        wallet = operate.wallet_manager.load(ledger_type=LedgerType.ETHEREUM)
 
+
+def ensure_enough_funds(operate: "OperateApp", service: Service) -> None:
+    """Ensure enough funds."""
+    _maybe_create_master_eoa(operate)
+    wallet = operate.wallet_manager.load(ledger_type=LedgerType.ETHEREUM)
     manager = operate.service_manager()
 
     backup_owner = None
@@ -677,11 +669,12 @@ def run_service(
 
     operate.service_manager().migrate_service_configs()
     operate.wallet_manager.migrate_wallet_configs()
+    ask_password_if_needed(operate)
+    _maybe_create_master_eoa(operate)
 
     config = configure_local_config(template, operate)
     manager = operate.service_manager()
     service = get_service(manager, template)
-    ask_password_if_needed(operate, config)
 
     # reload manger and config after setting operate.password
     manager = operate.service_manager(skip_dependency_check=skip_dependency_check)

operate/quickstart/terminate_on_chain_service.py

@@ -62,7 +62,7 @@ def terminate_service(operate: "OperateApp", config_path: str) -> None:
         return
 
     config = configure_local_config(template, operate)
-    ask_password_if_needed(operate, config)
+    ask_password_if_needed(operate)
     manager = operate.service_manager()
     service = get_service(manager, template)
     ensure_enough_funds(operate, service)

operate/quickstart/utils.py

@@ -277,7 +277,6 @@ class QuickstartConfig(LocalResource):
 
     path: Path
     rpc: Optional[Dict[str, str]] = None
-    password_migrated: Optional[bool] = None
     staking_program_id: Optional[str] = None
     principal_chain: Optional[str] = None
     user_provided_args: Optional[Dict[str, str]] = None

operate/services/agent_runner.py

@@ -71,7 +71,7 @@ AGENTS_SUPPORTED = {
         owner="valory-xyz", repo="optimus", release="v0.0.103"
     ),
     "dvilela/memeooorr": AgentRelease(
-        owner="valory-xyz", repo="meme-ooorr-test", release="v0.0.101"
+        owner="valory-xyz", repo="meme-ooorr", release="v0.0.101"
     ),
 }
 

operate/services/manage.py

@@ -36,7 +36,7 @@ from pathlib import Path
 import requests
 from aea.helpers.base import IPFSHash
 from aea.helpers.logging import setup_logger
-from aea_ledger_ethereum import EthereumCrypto
+from aea_ledger_ethereum import EthereumCrypto, LedgerApi
 from autonomy.chain.base import registry_contracts
 from autonomy.chain.config import CHAIN_PROFILES, ChainType
 
@@ -52,19 +52,18 @@ from operate.ledger import PUBLIC_RPCS, get_currency_denom
 from operate.ledger.profiles import (
     CONTRACTS,
     DEFAULT_MASTER_EOA_FUNDS,
-    DEFAULT_PRIORITY_MECH_ADDRESS,
-    DEFAULT_PRIORITY_MECH_SERVICE_ID,
+    DEFAULT_PRIORITY_MECH,
     OLAS,
     STAKING,
     USDC,
     WRAPPED_NATIVE_ASSET,
     get_staking_contract,
-    get_staking_program_mech_type,
 )
 from operate.operate_types import (
     Chain,
     FundingValues,
     LedgerConfig,
+    MechMarketplaceConfig,
     OnChainState,
     ServiceEnvProvisionType,
     ServiceTemplate,
@@ -520,6 +519,103 @@ class ServiceManager:
                 chain=chain,
             )
 
+    def get_mech_configs(
+        self,
+        chain: str,
+        ledger_api: LedgerApi,
+        staking_program_id: str | None = None,
+    ) -> MechMarketplaceConfig:
+        """Get the mech configs."""
+        sftxb = self.get_eth_safe_tx_builder(
+            ledger_config=LedgerConfig(
+                chain=Chain(chain),
+                rpc=ledger_api.api.provider.endpoint_uri,
+            )
+        )
+        staking_contract = get_staking_contract(
+            chain=chain,
+            staking_program_id=staking_program_id,
+        )
+        if staking_contract is None:
+            return MechMarketplaceConfig(
+                use_mech_marketplace=False,
+                mech_marketplace_address=ZERO_ADDRESS,
+                priority_mech_address=ZERO_ADDRESS,
+                priority_mech_service_id=0,
+            )
+
+        target_staking_params = sftxb.get_staking_params(
+            staking_contract=get_staking_contract(
+                chain=chain,
+                staking_program_id=staking_program_id,
+            ),
+        )
+
+        try:
+            # Try if activity checker is a MechActivityChecker contract
+            mech_activity_contract = t.cast(
+                MechActivityContract,
+                MechActivityContract.from_dir(
+                    directory=str(DATA_DIR / "contracts" / "mech_activity")
+                ),
+            )
+
+            priority_mech_address = (
+                mech_activity_contract.get_instance(
+                    ledger_api=ledger_api,
+                    contract_address=target_staking_params["activity_checker"],
+                )
+                .functions.agentMech()
+                .call()
+            )
+            use_mech_marketplace = False
+            mech_marketplace_address = ZERO_ADDRESS
+            priority_mech_service_id = 0
+
+        except Exception:  # pylint: disable=broad-except
+            # Try if activity checker is a RequesterActivityChecker contract
+            try:
+                requester_activity_checker = t.cast(
+                    RequesterActivityCheckerContract,
+                    RequesterActivityCheckerContract.from_dir(
+                        directory=str(
+                            DATA_DIR / "contracts" / "requester_activity_checker"
+                        )
+                    ),
+                )
+
+                mech_marketplace_address = (
+                    requester_activity_checker.get_instance(
+                        ledger_api=ledger_api,
+                        contract_address=target_staking_params["activity_checker"],
+                    )
+                    .functions.mechMarketplace()
+                    .call()
+                )
+
+                use_mech_marketplace = True
+                priority_mech_address, priority_mech_service_id = DEFAULT_PRIORITY_MECH[
+                    mech_marketplace_address
+                ]
+
+            except Exception as e:  # pylint: disable=broad-except
+                self.logger.error(f"{e}: {traceback.format_exc()}")
+                self.logger.warning(
+                    "Cannot determine type of activity checker contract. Using default parameters. "
+                    "NOTE: This will be an exception in the future!"
+                )
+                priority_mech_address = "0x77af31De935740567Cf4fF1986D04B2c964A786a"
+                use_mech_marketplace = False
+                mech_marketplace_address = ZERO_ADDRESS
+                priority_mech_service_id = 0
+
+        return MechMarketplaceConfig(
+            use_mech_marketplace=use_mech_marketplace,
+            mech_marketplace_address=mech_marketplace_address,
+            priority_mech_address=priority_mech_address,
+            priority_mech_service_id=priority_mech_service_id,
+        )
+
     def _deploy_service_onchain_from_safe(  # pylint: disable=too-many-statements,too-many-locals
         self,
         service_config_id: str,
@@ -556,10 +652,6 @@ class ServiceManager:
         self.logger.info(f"Service state: {on_chain_state.name}")
 
         current_staking_program = self._get_current_staking_program(service, chain)
-        staking_program_mech_type = get_staking_program_mech_type(
-            user_params.staking_program_id
-        )
-        self.logger.info(f"{staking_program_mech_type=}")
         fallback_params = dict(  # nosec
             staking_contract=NULL_ADDRESS,
             agent_ids=[user_params.agent_id],
@@ -588,94 +680,29 @@ class ServiceManager:
         # TODO A customized, arbitrary computation mechanism should be devised.
         env_var_to_value = {}
         if chain == service.home_chain:
-            # Try if activity checker is a MechActivityChecker contract
-            try:
-                mech_activity_contract = t.cast(
-                    MechActivityContract,
-                    MechActivityContract.from_dir(
-                        directory=str(DATA_DIR / "contracts" / "mech_activity")
-                    ),
-                )
-
-                agent_mech = (
-                    mech_activity_contract.get_instance(
-                        ledger_api=sftxb.ledger_api,
-                        contract_address=target_staking_params["activity_checker"],
-                    )
-                    .functions.agentMech()
-                    .call()
-                )
-                use_mech_marketplace = False
-                mech_marketplace_address = ZERO_ADDRESS
-                priority_mech_address = ZERO_ADDRESS
-                priority_mech_service_id = DEFAULT_PRIORITY_MECH_SERVICE_ID.get(
-                    staking_program_mech_type, 0
-                )
-
-            except Exception:  # pylint: disable=broad-except
-                # Try if activity checker is a RequesterActivityChecker contract
-                try:
-                    requester_activity_checker = t.cast(
-                        RequesterActivityCheckerContract,
-                        RequesterActivityCheckerContract.from_dir(
-                            directory=str(
-                                DATA_DIR / "contracts" / "requester_activity_checker"
-                            )
-                        ),
-                    )
-
-                    mech_marketplace_address = (
-                        requester_activity_checker.get_instance(
-                            ledger_api=sftxb.ledger_api,
-                            contract_address=target_staking_params["activity_checker"],
-                        )
-                        .functions.mechMarketplace()
-                        .call()
-                    )
+            mech_configs: MechMarketplaceConfig = self.get_mech_configs(
+                chain=chain,
+                ledger_api=sftxb.ledger_api,
+                staking_program_id=user_params.staking_program_id,
+            )
 
-                    use_mech_marketplace = True
-                    if (
-                        "PRIORITY_MECH_ADDRESS" in service.env_variables
-                        and service.env_variables["PRIORITY_MECH_ADDRESS"][
-                            "provision_type"
-                        ]
-                        == ServiceEnvProvisionType.USER
-                    ):
-                        agent_mech = priority_mech_address = service.env_variables[
-                            "PRIORITY_MECH_ADDRESS"
-                        ]["value"]
-                    else:
-                        agent_mech = (
-                            priority_mech_address
-                        ) = DEFAULT_PRIORITY_MECH_ADDRESS[staking_program_mech_type]
-
-                    if (
-                        "PRIORITY_MECH_SERVICE_ID" in service.env_variables
-                        and service.env_variables["PRIORITY_MECH_SERVICE_ID"][
-                            "provision_type"
-                        ]
-                        == ServiceEnvProvisionType.USER
-                    ):
-                        priority_mech_service_id = service.env_variables[
-                            "PRIORITY_MECH_SERVICE_ID"
-                        ]["value"]
-                    else:
-                        priority_mech_service_id = DEFAULT_PRIORITY_MECH_SERVICE_ID.get(
-                            staking_program_mech_type, 0
-                        )
+            if (
+                "PRIORITY_MECH_ADDRESS" in service.env_variables
+                and service.env_variables["PRIORITY_MECH_ADDRESS"]["provision_type"]
+                == ServiceEnvProvisionType.USER
+            ):
+                mech_configs.priority_mech_address = service.env_variables[
+                    "PRIORITY_MECH_ADDRESS"
+                ]["value"]
 
-                except Exception:  # pylint: disable=broad-except
-                    self.logger.warning(
-                        "Cannot determine type of activity checker contract. Using default parameters. "
-                        "NOTE: This will be an exception in the future!"
-                    )
-                    agent_mech = DEFAULT_PRIORITY_MECH_ADDRESS[
-                        staking_program_mech_type
-                    ]
-                    use_mech_marketplace = False
-                    mech_marketplace_address = ZERO_ADDRESS
-                    priority_mech_address = ZERO_ADDRESS
-                    priority_mech_service_id = 0
+            if (
+                "PRIORITY_MECH_SERVICE_ID" in service.env_variables
+                and service.env_variables["PRIORITY_MECH_SERVICE_ID"]["provision_type"]
+                == ServiceEnvProvisionType.USER
+            ):
+                mech_configs.priority_mech_service_id = service.env_variables[
+                    "PRIORITY_MECH_SERVICE_ID"
+                ]["value"]
 
             env_var_to_value.update(
                 {
@@ -693,10 +720,10 @@ class ServiceManager:
                         "staking_contract"
                     ),
                     "MECH_MARKETPLACE_CONFIG": (
-                        f'{{"mech_marketplace_address":"{mech_marketplace_address}",'
-                        f'"priority_mech_address":"{priority_mech_address}",'
+                        f'{{"mech_marketplace_address":"{mech_configs.mech_marketplace_address}",'
+                        f'"priority_mech_address":"{mech_configs.priority_mech_address}",'
                         f'"priority_mech_staking_instance_address":"0x998dEFafD094817EF329f6dc79c703f1CF18bC90",'
-                        f'"priority_mech_service_id":{priority_mech_service_id},'
+                        f'"priority_mech_service_id":{mech_configs.priority_mech_service_id},'
                         f'"requester_staking_instance_address":"{target_staking_params.get("staking_contract")}",'
                         f'"response_timeout":300}}'
                     ),
@@ -706,9 +733,9 @@ class ServiceManager:
                     "MECH_ACTIVITY_CHECKER_CONTRACT": target_staking_params.get(
                         "activity_checker"
                     ),
-                    "MECH_CONTRACT_ADDRESS": agent_mech,
+                    "MECH_CONTRACT_ADDRESS": mech_configs.priority_mech_address,
                     "MECH_REQUEST_PRICE": "10000000000000000",
-                    "USE_MECH_MARKETPLACE": use_mech_marketplace,
+                    "USE_MECH_MARKETPLACE": mech_configs.use_mech_marketplace,
                 }
             )
 

operate/services/service.py

@@ -88,6 +88,7 @@ from operate.operate_types import (
 from operate.resource import LocalResource
 from operate.services.deployment_runner import run_host_deployment, stop_host_deployment
 from operate.services.utils import tendermint
+from operate.utils.ssl import create_ssl_certificate
 
 
 # pylint: disable=no-member,redefined-builtin,too-many-instance-attributes,too-many-locals
@@ -686,13 +687,35 @@ class Deployment(LocalResource):
         service = Service.load(path=self.path)
 
         if use_docker or use_kubernetes:
-            service.update_env_variables_values({"STORE_PATH": "/data"})
+            ssl_key_path, ssl_cert_path = create_ssl_certificate(
+                ssl_dir=service.path / PERSISTENT_DATA_DIR / "ssl"
+            )
+            service.update_env_variables_values(
+                {
+                    "STORE_PATH": "/data",
+                    "SSL_KEY_PATH": (
+                        Path("/data") / "ssl" / ssl_key_path.name
+                    ).as_posix(),
+                    "SSL_CERT_PATH": (
+                        Path("/data") / "ssl" / ssl_cert_path.name
+                    ).as_posix(),
+                }
+            )
             service.consume_env_variables()
             if use_docker:
                 self._build_docker(force=force, chain=chain)
             if use_kubernetes:
                 self._build_kubernetes(force=force)
         else:
+            ssl_key_path, ssl_cert_path = create_ssl_certificate(
+                ssl_dir=service.path / DEPLOYMENT / "ssl"
+            )
+            service.update_env_variables_values(
+                {
+                    "SSL_KEY_PATH": str(ssl_key_path),
+                    "SSL_CERT_PATH": str(ssl_cert_path),
+                }
+            )
             service.consume_env_variables()
             self._build_host(force=force, chain=chain)
 

operate/utils/ssl.py

@@ -0,0 +1,133 @@
+# -*- coding: utf-8 -*-
+# ------------------------------------------------------------------------------
+#
+#   Copyright 2025 Valory AG
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+#
+# ------------------------------------------------------------------------------
+
+"""SSL certificate utilities."""
+
+import datetime
+import logging
+import typing as t
+from pathlib import Path
+
+from cryptography import x509
+from cryptography.hazmat.primitives import hashes, serialization
+from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.x509.oid import NameOID
+
+
+def create_ssl_certificate(
+    ssl_dir: Path,
+    key_filename: str = "key.pem",
+    cert_filename: str = "cert.pem",
+    validity_days: int = 365,
+    key_size: int = 2048,
+    common_name: str = "localhost",
+) -> t.Tuple[Path, Path]:
+    """
+    Create SSL certificate and private key files.
+
+    Args:
+        ssl_dir: Path to the ssl directory
+        key_filename: Name of the private key file
+        cert_filename: Name of the certificate file
+        validity_days: Number of days the certificate is valid
+        key_size: RSA key size in bits
+        common_name: Common name for the certificate
+
+    Returns:
+        Tuple of (key_path, cert_path) as Path objects
+    """
+    logger = logging.getLogger(__name__)
+
+    # Create SSL directory
+    ssl_dir.mkdir(parents=True, exist_ok=True)
+
+    key_path = ssl_dir / key_filename
+    cert_path = ssl_dir / cert_filename
+
+    # Generate RSA private key
+    private_key = rsa.generate_private_key(
+        public_exponent=65537,
+        key_size=key_size,
+    )
+
+    # Create certificate subject and issuer
+    subject = issuer = x509.Name(
+        [
+            x509.NameAttribute(NameOID.COUNTRY_NAME, "CH"),
+            x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "Local"),
+            x509.NameAttribute(NameOID.LOCALITY_NAME, "Local"),
+            x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Valory AG"),
+            x509.NameAttribute(NameOID.COMMON_NAME, common_name),
+        ]
+    )
+
+    # Create certificate
+    cert = (
+        x509.CertificateBuilder()
+        .subject_name(subject)
+        .issuer_name(issuer)
+        .public_key(private_key.public_key())
+        .serial_number(1)
+        .not_valid_before(datetime.datetime.now(datetime.timezone.utc))
+        .not_valid_after(
+            datetime.datetime.now(datetime.timezone.utc)
+            + datetime.timedelta(days=validity_days)
+        )
+        .add_extension(
+            x509.BasicConstraints(ca=False, path_length=None),
+            critical=True,
+        )
+        .add_extension(
+            x509.KeyUsage(
+                digital_signature=True,
+                key_encipherment=True,
+                key_agreement=False,
+                key_cert_sign=False,
+                crl_sign=False,
+                content_commitment=False,
+                data_encipherment=False,
+                encipher_only=False,
+                decipher_only=False,
+            ),
+            critical=True,
+        )
+        .add_extension(
+            x509.ExtendedKeyUsage([x509.ExtendedKeyUsageOID.SERVER_AUTH]),
+            critical=True,
+        )
+        .sign(private_key, hashes.SHA256())
+    )
+
+    # Write private key to file
+    with open(key_path, "wb") as f:
+        f.write(
+            private_key.private_bytes(
+                encoding=serialization.Encoding.PEM,
+                format=serialization.PrivateFormat.PKCS8,
+                encryption_algorithm=serialization.NoEncryption(),
+            )
+        )
+
+    # Write certificate to file
+    with open(cert_path, "wb") as f:
+        f.write(cert.public_bytes(serialization.Encoding.PEM))
+
+    logger.info(f"SSL certificate created successfully at {key_path} and {cert_path}")
+
+    return key_path, cert_path