Skip to content

Commit

Permalink
Merge pull request #38 from 0xPolygon/jhilliard/agglayer-authorized-s…
Browse files Browse the repository at this point in the history
…igners

Jhilliard/agglayer authorized signers
  • Loading branch information
praetoriansentry authored Apr 1, 2024
2 parents c91d629 + 423eb67 commit 8d91bbd
Show file tree
Hide file tree
Showing 10 changed files with 71 additions and 50 deletions.
46 changes: 22 additions & 24 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,59 +39,57 @@ jobs:
- name: Install yq
run: |
sudo add-apt-repository ppa:rmescandon/yq
sudo apt update
sudo apt install --yes yq
pip3 install yq
# Deploy components.
- name: Disable All Deployment Steps
run: |
yq e '.deploy_l1 = false' --inplace params.yml
yq e '.deploy_zkevm_contracts_on_l1 = false' --inplace params.yml
yq e '.deploy_databases = false' --inplace params.yml
yq e '.deploy_cdk_central_environment = false' --inplace params.yml
yq e '.deploy_cdk_bridge_infra = false' --inplace params.yml
yq e '.deploy_zkevm_permissionless_node = false' --inplace params.yml
yq e '.deploy_observability = false' --inplace params.yml
yq -Y --in-place '.deploy_l1 = false' params.yml
yq -Y --in-place '.deploy_zkevm_contracts_on_l1 = false' params.yml
yq -Y --in-place '.deploy_databases = false' params.yml
yq -Y --in-place '.deploy_cdk_central_environment = false' params.yml
yq -Y --in-place '.deploy_cdk_bridge_infra = false' params.yml
yq -Y --in-place '.deploy_zkevm_permissionless_node = false' params.yml
yq -Y --in-place '.deploy_observability = false' params.yml
- name: Deploy L1
run: |
yq e '.deploy_l1 = true' --inplace params.yml
yq -Y --in-place '.deploy_l1 = true' params.yml
kurtosis run --enclave cdk-v1 --args-file params.yml .
yq e '.deploy_l1 = false' --inplace params.yml # reset
yq -Y --in-place '.deploy_l1 = false' params.yml # reset
- name: Deploy ZkEVM Contracts on L1
run: |
yq e '.deploy_zkevm_contracts_on_l1 = true' --inplace params.yml
yq -Y --in-place '.deploy_zkevm_contracts_on_l1 = true' params.yml
kurtosis run --enclave cdk-v1 --args-file params.yml .
yq e '.deploy_zkevm_contracts_on_l1 = false' --inplace params.yml # reset
yq -Y --in-place '.deploy_zkevm_contracts_on_l1 = false' params.yml # reset
- name: Deploy ZkEVM Node and CDK Peripheral Databases
run: |
yq e '.deploy_databases = true' --inplace params.yml
yq -Y --in-place '.deploy_databases = true' params.yml
kurtosis run --enclave cdk-v1 --args-file params.yml .
yq e '.deploy_databases = false' --inplace params.yml # reset
yq -Y --in-place '.deploy_databases = false' params.yml # reset
- name: Deploy CDK Central Environment
run: |
yq e '.deploy_cdk_central_environment = true' --inplace params.yml
yq -Y --in-place '.deploy_cdk_central_environment = true' params.yml
kurtosis run --enclave cdk-v1 --args-file params.yml .
yq e '.deploy_cdk_central_environment = false' --inplace params.yml # reset
yq -Y --in-place '.deploy_cdk_central_environment = false' params.yml # reset
- name: Deploy CDK Bridge Infrastructure
run: |
yq e '.deploy_cdk_bridge_infra = true' --inplace params.yml
yq -Y --in-place '.deploy_cdk_bridge_infra = true' params.yml
kurtosis run --enclave cdk-v1 --args-file params.yml .
yq e '.deploy_cdk_bridge_infra = false' --inplace params.yml # reset
yq -Y --in-place '.deploy_cdk_bridge_infra = false' params.yml # reset
- name: Deploy ZkEVM Permissionless Node
run: |
yq e '.deploy_zkevm_permissionless_node = true' --inplace params.yml
yq -Y --in-place '.deploy_zkevm_permissionless_node = true' params.yml
kurtosis run --enclave cdk-v1 --args-file params.yml .
yq e '.deploy_zkevm_permissionless_node = false' --inplace params.yml # reset
yq -Y --in-place '.deploy_zkevm_permissionless_node = false' params.yml # reset
- name: Deploy Observability Stack
run: |
yq e '.deploy_observability = true' --inplace params.yml
yq -Y --in-place '.deploy_observability = true' params.yml
kurtosis run --enclave cdk-v1 --args-file params.yml .
yq e '.deploy_observability = false' --inplace params.yml # reset
yq -Y --in-place '.deploy_observability = false' params.yml # reset
39 changes: 20 additions & 19 deletions README.org
Original file line number Diff line number Diff line change
Expand Up @@ -137,51 +137,52 @@ Currently, the deployment process includes the following stages:
5. Deploy CDK/Bridge Infrastructure
6. Deploy Permissionless Node

Here's an example of how you can specify the stages to run through.
Here's an example of how you can specify the stages to run through. In
order to run this you'll need [[https://pypi.org/project/yq/][yq]] installed.

#+begin_src bash
# Disable all deployment steps.
yq e '.deploy_l1 = false' --inplace params.yml
yq e '.deploy_zkevm_contracts_on_l1 = false' --inplace params.yml
yq e '.deploy_databases = false' --inplace params.yml
yq e '.deploy_cdk_central_environment = false' --inplace params.yml
yq e '.deploy_cdk_bridge_infra = false' --inplace params.yml
yq e '.deploy_zkevm_permissionless_node = false' --inplace params.yml
yq -Yi '.deploy_l1 = false' params.yml
yq -Yi '.deploy_zkevm_contracts_on_l1 = false' params.yml
yq -Yi '.deploy_databases = false' params.yml
yq -Yi '.deploy_cdk_central_environment = false' params.yml
yq -Yi '.deploy_cdk_bridge_infra = false' params.yml
yq -Yi '.deploy_zkevm_permissionless_node = false' params.yml

# Deploy L1
yq e '.deploy_l1 = true' --inplace params.yml
yq -Yi '.deploy_l1 = true' params.yml
kurtosis run --enclave cdk-v1 --args-file params.yml .
yq e '.deploy_l1 = false' --inplace params.yml # reset
yq -Yi '.deploy_l1 = false' params.yml # reset
# Perform additional tasks...

# Deploy ZkEVM Contracts on L1
yq e '.deploy_zkevm_contracts_on_l1 = true' --inplace params.yml
yq -Yi '.deploy_zkevm_contracts_on_l1 = true' params.yml
kurtosis run --enclave cdk-v1 --args-file params.yml .
yq e '.deploy_zkevm_contracts_on_l1 = false' --inplace params.yml # reset
yq -Yi '.deploy_zkevm_contracts_on_l1 = false' params.yml # reset
# Perform additional tasks...

# Deploy ZkEVM Node and CDK Peripheral Databases
yq e '.deploy_databases = true' --inplace params.yml
yq -Yi '.deploy_databases = true' params.yml
kurtosis run --enclave cdk-v1 --args-file params.yml .
yq e '.deploy_databases = false' --inplace params.yml # reset
yq -Yi '.deploy_databases = false' params.yml # reset
# Perform additional tasks...

# Deploy CDK Central Environment
yq e '.deploy_cdk_central_environment = true' --inplace params.yml
yq -Yi '.deploy_cdk_central_environment = true' params.yml
kurtosis run --enclave cdk-v1 --args-file params.yml .
yq e '.deploy_cdk_central_environment = false' --inplace params.yml # reset
yq -Yi '.deploy_cdk_central_environment = false' params.yml # reset
# Perform additional tasks...

# Deploy CDK Bridge Infrastructure
yq e '.deploy_cdk_bridge_infra = true' --inplace params.yml
yq -Yi '.deploy_cdk_bridge_infra = true' params.yml
kurtosis run --enclave cdk-v1 --args-file params.yml .
yq e '.deploy_cdk_bridge_infra = false' --inplace params.yml # reset
yq -Yi '.deploy_cdk_bridge_infra = false' params.yml # reset
# Perform additional tasks...

# Deploy ZkEVM Permissionless Node
yq e '.deploy_zkevm_permissionless_node = true' --inplace params.yml
yq -Yi '.deploy_zkevm_permissionless_node = true' params.yml
kurtosis run --enclave cdk-v1 --args-file params.yml .
yq e '.deploy_zkevm_permissionless_node = false' --inplace params.yml # reset
yq -Yi '.deploy_zkevm_permissionless_node = false' params.yml # reset
#+end_src

** Troubleshooting: Mac users
Expand Down
5 changes: 4 additions & 1 deletion cdk_bridge_infra.star
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,9 @@ def start_agglayer(plan, args):
"zkevm_l2_keystore_password": args["zkevm_l2_keystore_password"],
# addresses
"rollup_manager_address": rollup_manager_address,
"zkevm_l2_proofsigner_address": args[
"zkevm_l2_proofsigner_address"
],
# agglayer db
"zkevm_db_agglayer_hostname": args["zkevm_db_agglayer_hostname"],
"zkevm_db_agglayer_name": args["zkevm_db_agglayer_name"],
Expand Down Expand Up @@ -193,7 +196,7 @@ def start_agglayer(plan, args):
),
},
entrypoint=[
"/app/agglayer",
"/usr/local/bin/agglayer",
],
cmd=["run", "--cfg", "/etc/zkevm/agglayer-config.toml"],
),
Expand Down
6 changes: 6 additions & 0 deletions cdk_central_environment.star
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,11 @@ def run(plan, args):
service_name="contracts" + args["deployment_suffix"],
src="/opt/zkevm/aggregator.keystore",
)
proofsigner_keystore_artifact = plan.store_service_files(
name="proofsigner-keystore",
service_name="contracts" + args["deployment_suffix"],
src="/opt/zkevm/proofsigner.keystore",
)

zkevm_node_package.start_synchronizer(plan, args, config_artifact, genesis_artifact)
zkevm_node_package.start_sequencer(plan, args, config_artifact, genesis_artifact)
Expand All @@ -57,6 +62,7 @@ def run(plan, args):
genesis_artifact,
sequencer_keystore_artifact,
aggregator_keystore_artifact,
proofsigner_keystore_artifact,
)
zkevm_node_package.start_rpc(plan, args, config_artifact, genesis_artifact)
zkevm_node_package.start_eth_tx_manager(
Expand Down
2 changes: 2 additions & 0 deletions lib/zkevm_node.star
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,7 @@ def start_aggregator(
genesis_artifact,
sequencer_keystore_artifact,
aggregator_keystore_artifact,
proofsigner_keystore_artifact,
):
return _start_node_component(
plan,
Expand All @@ -127,6 +128,7 @@ def start_aggregator(
genesis_artifact,
sequencer_keystore_artifact,
aggregator_keystore_artifact,
proofsigner_keystore_artifact,
]
),
components=NODE_COMPONENT.aggregator,
Expand Down
9 changes: 6 additions & 3 deletions params.yml
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,8 @@ zkevm_fork_id: 9
# zkevm_fork_id: 7
zkevm_contracts_repo: https://github.com/0xPolygonHermez/zkevm-contracts.git

zkevm_agglayer_image: nulyjkdhthz/agglayer:v0.1.0
zkevm_bridge_service_image: hermeznetwork/zkevm-bridge-service:v0.4.2
zkevm_agglayer_image: 0xpolygon/agglayer:0.1.1
zkevm_bridge_service_image: hermeznetwork/zkevm-bridge-service:v0.4.2-cdk.1
zkevm_bridge_ui_image: hermeznetwork/zkevm-bridge-ui:multi-network

# Port configuration.
Expand All @@ -62,7 +62,7 @@ zkevm_dac_port: 8484

# Addresses and private keys of the different components.
# They have been generated using the following command:
# polycli wallet inspect --mnemonic 'lab code glass agree maid neutral vessel horror deny frequent favorite soft gate galaxy proof vintage once figure diary virtual scissors marble shrug drop' --addresses 8 | tee keys.txt | jq -r '.Addresses[] | [.ETHAddress, .HexPrivateKey] | @tsv' | awk 'BEGIN{split("sequencer,aggregator,claimtxmanager,timelock,admin,loadtest,agglayer,dac",roles,",")} {print "zkevm_l2_" roles[NR] "_address: \"" $1 "\""; print "zkevm_l2_" roles[NR] "_private_key: \"0x" $2 "\"\n"}'
# polycli wallet inspect --mnemonic 'lab code glass agree maid neutral vessel horror deny frequent favorite soft gate galaxy proof vintage once figure diary virtual scissors marble shrug drop' --addresses 9 | tee keys.txt | jq -r '.Addresses[] | [.ETHAddress, .HexPrivateKey] | @tsv' | awk 'BEGIN{split("sequencer,aggregator,claimtxmanager,timelock,admin,loadtest,agglayer,dac,proofsigner",roles,",")} {print "zkevm_l2_" roles[NR] "_address: \"" $1 "\""; print "zkevm_l2_" roles[NR] "_private_key: \"0x" $2 "\"\n"}'
zkevm_l2_sequencer_address: "0x5b06837A43bdC3dD9F114558DAf4B26ed49842Ed"
zkevm_l2_sequencer_private_key: "0x183c492d0ba156041a7f31a1b188958a7a22eebadca741a7fe64436092dc3181"

Expand All @@ -87,6 +87,9 @@ zkevm_l2_agglayer_private_key: "0x1d45f90c0a9814d8b8af968fa0677dab2a8ff0266f33b1
zkevm_l2_dac_address: "0x5951F5b2604c9B42E478d5e2B2437F44073eF9A6"
zkevm_l2_dac_private_key: "0x85d836ee6ea6f48bae27b31535e6fc2eefe056f2276b9353aafb294277d8159b"

zkevm_l2_proofsigner_address: "0x7569cc70950726784c8D3bB256F48e43259Cb445"
zkevm_l2_proofsigner_private_key: "0x77254a70a02223acebf84b6ed8afddff9d3203e31ad219b2bf900f4780cf9b51"

# Keystore password.
zkevm_l2_keystore_password: pSnv6Dh5s9ahuzGzH9RoCDrKAMddaX3m

Expand Down
3 changes: 3 additions & 0 deletions templates/agglayer-config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@
# TODO switch this to permissionless
1 = "http://zkevm-node-rpc{{.deployment_suffix}}:{{.zkevm_rpc_http_port}}"

[ProofSigners]
# 1 = "{{.zkevm_l2_proofsigner_address}}"

[RPC]
Host = "0.0.0.0"
Port = {{.zkevm_agglayer_port}}
Expand Down
2 changes: 1 addition & 1 deletion templates/dac-config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ Timeout = "1m"
RetryPeriod = "5s"
BlockBatchSize = "64"
GenesisBlock = "0"
TrackSequencer = true
TrackSequencer = false

[Log]
Environment = "development" # "production" or "development"
Expand Down
5 changes: 5 additions & 0 deletions templates/run-contract-setup.sh
Original file line number Diff line number Diff line change
Expand Up @@ -178,5 +178,10 @@ mv tmp.keys/UTC* dac.keystore
chmod a+r dac.keystore
rm -rf tmp.keys

polycli parseethwallet --hexkey "{{.zkevm_l2_proofsigner_private_key}}" --password "{{.zkevm_l2_keystore_password}}" --keystore tmp.keys
mv tmp.keys/UTC* proofsigner.keystore
chmod a+r proofsigner.keystore
rm -rf tmp.keys

touch .init-complete.lock
popd
4 changes: 2 additions & 2 deletions templates/trusted-node/node-config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ Outputs = ["stderr"]
[State.Batch.Constraints]
MaxTxsPerBatch = 300
MaxBatchBytesSize = 120000
# TODO Why did this change
MaxCumulativeGasUsed = 1125899906842624
MaxKeccakHashes = 2145
MaxPoseidonHashes = 252357
Expand Down Expand Up @@ -153,9 +154,8 @@ UpgradeEtrogBatchNumber = 0
BatchProofL1BlockConfirmations = 2
{{if .is_cdk_validium}}
## CDK Validium Specific Settings

# We should double check if this is necessary. I don't remember why the aggregator needs this
SequencerPrivateKey = {Path = "/etc/zkevm/sequencer.keystore", Password = "{{.zkevm_l2_keystore_password}}"}
# SequencerPrivateKey = {Path = "/etc/zkevm/proofsigner.keystore", Password = "{{.zkevm_l2_keystore_password}}"}
SettlementBackend = "agglayer" # "l1"
AggLayerTxTimeout = "600s"
AggLayerURL = "http://zkevm-agglayer{{.deployment_suffix}}:{{.zkevm_agglayer_port}}"
Expand Down

0 comments on commit 8d91bbd

Please sign in to comment.