Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(rln): add artifacts and config for rln ceremony #34

Open
wants to merge 3 commits into
base: dev
Choose a base branch
from
Open

chore(rln): add artifacts and config for rln ceremony #34

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8aa96b9
V1 (#22)
daodesigner Jul 12, 2023
6b00c90
chore(rln): add artifacts and config for rln ceremony
curryrasul Jul 13, 2023
66ebda2
fix(rln): fix ceremony config file
curryrasul Jul 14, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
107 changes: 103 additions & 4 deletions .github/pull_request_template.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,122 @@
# DefinitelySetup Pull Request Template
## Title

[Short description of the new ceremony]

## Description

Please provide a detailed description of the ceremony you are proposing.

## Uploads

- [ ] R1CS file
- [ ] wasm file
- [ ] Ceremony config file
Please ensure you have attached these three files to the PR before submitting.

**Process**

- open the PR from a branch named $YOUR_PROJECT_NAME-ceremony
- fill the *p0tionConfig.json* file accordingly:
+ The title of the ceremony will end up being its prefix. Prefixes are simply the title all lowercase, with dashes (*-*) instead of whitespace. For example, given a title of *Example Ceremony*, the prefix will be *example-ceremony*.
+ Fill the rest of the fields with the desired data, ensuring that each circuit details are correct, and that you chose the required Verification method.
+ In the artifacts fields, please add the correct path which should be:
*./ceremonies/$PREFIX/$CIRCUIT_NAME.$EXTENSION* - note that we require both the *r1cs* and the *wasm* files.
+ *Note* that you can use [p0tion phase2cli](https://github.com/privacy-scaling-explorations/p0tion) as follows to verify that the config file is correct:
* `phase2cli validate --template $PATH_TO_THE_TEMPLATE`
- create a directory inside *./ceremonies* and name it with the *prefix* (detailed in the bullet point above).
- ensure that only these three files were added:
+ r1cs
+ wasm
+ p0tionConfig.json
- the destination path of the PR should be either of:
+ main (for production runs)
+ staging (for a test run)
+ development (for a test run using experimental features such as VM verification)

Failing to follow the above instructions, will result in the CI checks failing. If all is done accordingly, an administrator will approve and merge your PR and a ceremony will be setup for you.

## Ceremony Details
Constraint size: Please specify the constraint size of your circuit here.

Note: If the constraint size is less than 1M, your PR will be automatically approved and merged at the end of the week.
Other Parameters: Please list any other parameters for the ceremony here.
**p0tionConfig.json** template:

```json
{
"title": "<CEREMONY_TITLE>",
"description": "<CEREMONY_DESCRIPTION>",
"startDate": "<START_DATE FORMAT: 2023-08-07T00:00:00>",
"endDate": "<END_DATE FORMAT: 2023-09-10T00:00:00>",
"timeoutMechanismType": "<TIMEOUT_MECHANISM FIXED/DYNAMIC>",
"penalty": 10,
"circuits": [
{
"description": "<CIRCUIT_DESCRIPTION>",
"compiler": {
"version": "<COMPILER_VERSION>",
"commitHash": "<COMPILER_COMMIT_HASH>"
},
"template": {
"source": "<HTTPS_URL_OF_THE_CIRCOM_FILE>",
"commitHash": "<TEMPLATE_COMMIT_HASH>",
"paramConfiguration": [6,8,3,2]
},
"verification": {
"cfOrVm": "CF"
},
"artifacts": {
"r1csLocalFilePath": "<PATH_TO_THE_CIRCUIT_R1CS>",
"wasmLocalFilePath": "<PATH_TO_THE_CIRCUIT_WASM>"
},
"name": "<CIRCUIT_NAME>",
"dynamicThreshold": 0,
"fixedTimeWindow": 3600,
"sequencePosition": 1
}
]
}
```

**In-details**:

- title - a string representing the title of your ceremony. Please note that this will form the prefix (more details in the previous section).
- description - a string that can be used to describe a ceremony details
- startDate - the desired start date of your ceremony. Please note that might be changed by the admin.
- endDate - the end date of your ceremony.
- timeoutMechanismType - the type of timeout you would like to use for your ceremony. Options are *FIXED* or *DYNAMIC*. A fixed timeout will always be the same and users who are unable to progress throughout the contribution steps due to either having a slow connection or stopping the ongoing process, will be subject to a timeout of this length. Dynamic on the other hand, will adjust depending on the average time it takes to contribute.
- penalty - how long will a user need to wait before being able to join the waiting queue again
- circuits - an array of circuit object:
- description - a string describing the circuit
- compiler - an object made of:
- version - a string with the compiler version. e.g. "1.0"
- commitHash - a string with the commit id (needs to be a GitHub commit hash)
- template - an object made of:
- source - a string with the URL of the circom file
- commitHash - a string with the commit id (needs to be a GitHub commit hash)
- paramConfiguration - an array of numbers with the parameters of the circuit template
- verification - an object detailing how the circuit's zKeys will be verified
- cfOrVm - a string with either "CF" or "VM". If "VM" the following must be added:
- vmConfigurationType - a string with the VM type - options:
* "t3.large"
* "t3.2xlarge"
* please refer to [AWS docs](https://aws.amazon.com/ec2/instance-types/) for more instance types
- vmDiskSize - a number with the size of the disk
- vmDiskType - a string with the type of the disk - options:
* "gp2"
* "gp3"
* "io1"
* "st1"
* "sc1"
- artifacts - an object with the local paths to the r1cs and wasm
- r1csLocalFilePath - a string with the r1cs path e.g. "./ceremonies/ceremonyPrefix/circuit.r1cs"
- wasmLocalFilePath - a string with the r1cs path e.g. "./ceremonies/ceremonyPrefix/circuit.wasm"
- name - a string with the circuit name
- dynamicThreshold - if selected dynamic timeout please enter the threshold here as a number
- fixedTimeWindow - if selected fixed timeout please enter the time window here as a number
- sequencePosition - a number with the circuit sequence position. Each sequence must be different and it should start from 1. The circuit with the lowest sequence number will be the first one which users will contribute to.

> Note: If the constraint size is less than 1M, your PR will be automatically approved and merged at the end of the week.

## Additional Notes

If there are any additional notes, requirements or special instructions related to this ceremony, please specify them here.

Confirmation
Expand Down
67 changes: 67 additions & 0 deletions .github/workflows/check-pr-files.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
# check that a PR modified the correct files and nothing more
name: Check PR Files

on:
pull_request:
paths:
- 'ceremonies/**'

jobs:
check-files:
runs-on: ubuntu-latest
if: endsWith(github.head_ref, '-ceremony')

steps:
- name: Checkout code
uses: actions/checkout@v2

- name: Get PR number
run: echo "PR_NUMBER=$(jq --raw-output .number $GITHUB_EVENT_PATH)" >> $GITHUB_ENV

- name: Get changed files
id: get-changed-files
uses: jitterbit/get-changed-files@v1
with:
format: 'csv'

- name: Validate files
run: |
changed_files="${{ steps.get-changed-files.outputs.all }}"
IFS=', ' read -r -a files <<< "$changed_files"

echo $GITHUB_HEAD_REF | sed -r 's/-ceremony$//'

if [[ ${#files[@]} -ne 3 ]]; then
echo "The PR should have 3 files changed only"
exit 1
fi

r1cs_files=()
wasm_files=()
json_files=()

for file in "${files[@]}"; do
if [[ $file == *.r1cs ]]; then r1cs_files+=("$file")
elif [[ $file == *.wasm ]]; then wasm_files+=("$file")
elif [[ $file == *p0tionConfig.json ]]; then json_files+=("$file")
fi
done

if [[ ${#r1cs_files[@]} -ne 1 || ${#wasm_files[@]} -ne 1 || ${#json_files[@]} -ne 1 ]]; then
echo "Invalid or missing circuit artifacts"
exit 1
fi

echo "Ceremony artifacts are present"

directory_name="ceremonies/$(echo $GITHUB_HEAD_REF | sed -r 's/-ceremony$//')"

echo "Checking that all files are inside $directory_name"
for file in "${files[@]}"; do
if [[ ! $file =~ ^$directory_name/ ]]; then
echo "Files must be inside the $directory_name directory"
exit 1
fi
done

echo "All checks passed"
47 changes: 47 additions & 0 deletions .github/workflows/deploy-hosting.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
# Deploy to Firebase hosting
name: Deploy to Firebase - deploy on push

# only on selected branches
on:
push:
branches: [main, dev, staging]

jobs:
build_and_deploy_to_firebase_hosting:
defaults:
run:
working-directory: ./web
runs-on: ubuntu-latest
environment:
${{ (github.ref == 'refs/heads/main' && 'p0tion-production') ||
(github.ref == 'refs/heads/staging' && 'p0tion-staging') ||
(github.ref == 'refs/heads/dev' && 'p0tion-development') }}
steps:
- uses: actions/checkout@v3

- name: Install deps and build
run: |
echo "${{ secrets.ENV_FILE }}" > ./.env
npm install -g pnpm
npm install -g firebase-tools
pnpm install
pnpm build

- name: Write serviceAccountKey to a JSON file
uses: jsdaniell/[email protected]
with:
name: "./web/serviceAccountKey.json"
json: ${{ secrets.FIREBASE_SERVICE_ACCOUNT }}

# Conditional deployment based on the target branch
- name: Deploy
run: |
if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
pnpm deploy:prod
elif [[ "${{ github.ref }}" == "refs/heads/dev" ]]; then
pnpm deploy:dev
elif [[ "${{ github.ref }}" == "refs/heads/staging" ]]; then
pnpm deploy:staging
fi
env:
GOOGLE_APPLICATION_CREDENTIALS: ./serviceAccountKey.json
59 changes: 59 additions & 0 deletions .github/workflows/setup-ceremony.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
name: Setup ceremony

# this will only run on pushes to main/staing/dev
on:
push:
branches: [ main, staging, dev ]

jobs:
setup:
runs-on: ubuntu-latest
environment:
${{ (github.ref == 'refs/heads/main' && 'p0tion-production') ||
(github.ref == 'refs/heads/staging' && 'p0tion-staging') ||
(github.ref == 'refs/heads/dev' && 'p0tion-development') }}
steps:
- uses: actions/checkout@v2

- name: Set up Node.js
uses: actions/setup-node@v2
with:
node-version: '16'

# install p0tion
- name: Install p0tion globally
run: npm install -g @p0tion/phase2cli

# write env to file
- name: Write env locally
run: |
echo "${{ secrets.PHASE2CLI_ENV_FILE }}" > ./.env

# List ceremonies that have already been created
- name: List existing ceremonies
id: list_ceremonies
run: |
echo "$(phase2cli list)" > existing_ceremonies.txt
cat existing_ceremonies.txt

# List all the ceremonies in ./ceremonies
- name: List all ceremonies
id: list_all_ceremonies
run: |
echo "$(ls -d ceremonies/* | cut -d'/' -f2)" > dir_output.txt
cat dir_output.txt

# want to setup only ceremonies that have not been setup already
- name: Run p0tion and setup ceremony
run: |
IFS=',' read -ra EXISTING_CEREMONIES <<< $(cat existing_ceremonies.txt)
ALL_CEREMONIES=()
while IFS= read -r line; do
ALL_CEREMONIES+=("$line")
done < dir_output.txt

for ceremony in "${ALL_CEREMONIES[@]}"; do
if [[ ! " ${EXISTING_CEREMONIES[@]} " =~ " ${ceremony} " ]]; then
phase2cli coordinate setup --template "./ceremonies/$ceremony/p0tionConfig.json" --auth "${{ secrets.ACCESS_TOKEN }}"
fi
done
38 changes: 38 additions & 0 deletions .github/workflows/validate-ceremony-setup.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
# Run for each PR that changes files in the ceremonies directory
name: Check PR with new ceremony files

on:
pull_request:
paths:
- 'ceremonies/**'

jobs:
check:
runs-on: ubuntu-latest
if: endsWith(github.head_ref, '-ceremony')

steps:
- name: Checkout code
uses: actions/checkout@v2

- name: Setup Node.js
uses: actions/setup-node@v2
with:
node-version: '16'

- name: Install p0tion
run: npm install -g @p0tion/phase2cli

# we want to validate that the p0tionConfig.json file is valid
- name: Run npm script and check output
run: |
echo $GITHUB_HEAD_REF
result=$(phase2cli validate --template ./ceremonies/$(echo $GITHUB_HEAD_REF | sed -r 's/-ceremony$//')/p0tionConfig.json)
if [[ "$result" != "true" ]]; then
echo "NPM script returned false."
exit 1
fi
echo "The ceremony files are valid and the circuits have < 1M constraints"
env:
# read only token when the PR originates from a fork
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
40 changes: 40 additions & 0 deletions .github/workflows/validate-directory-and-prefix.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
# We need the directory of the ceremony to match the prefix of the ceremony.
name: Validate Directory name and prefix

on:
pull_request:

jobs:
verify:
runs-on: ubuntu-latest
if: endsWith(github.head_ref, '-ceremony')

steps:
- uses: actions/checkout@v2

- name: Set up Node.js
uses: actions/setup-node@v2
with:
node-version: '16'

- name: Install jq
run: sudo apt-get install jq -y

- name: Read JSON and get title
run: |
title=$(jq -r '.title' ./ceremonies/$(echo $GITHUB_HEAD_REF | sed -r 's/-ceremony$//')/p0tionConfig.json)
echo "Title: $title"
echo "TITLE=$title" >> $GITHUB_ENV

- name: Transform and compare
run: |
prefix=$(echo "${TITLE}" | tr '[:upper:]' '[:lower:]' | tr ' ' '-' | tr -dc '[:alnum:]-\n\r')
echo "Converted Prefix: $prefix"
DIR_NAME="$(echo $GITHUB_HEAD_REF | sed -r 's/-ceremony$//')"
echo "Dir name: $DIR_NAME"
if [ "$prefix" != $DIR_NAME ]; then
echo "Error: The ceremony artifacts directory name and ceremony prefix do not match!"
exit 1
else
echo "Directory name and ceremony prefix match."
fi
Loading