WIP: nitro auth

2024-03-19 16:49:51 -05:00 · 2024-03-19 16:49:51 -05:00 · 9e87088328
commit 9e87088328
parent 523b5779be
7 changed files with 333 additions and 5 deletions
--- a/stack_orchestrator/data/compose/docker-compose-go-nitro-auth.yml
+++ b/stack_orchestrator/data/compose/docker-compose-go-nitro-auth.yml
@ -0,0 +1,100 @@
+version: '3.7'
+
+services:
+  go-nitro-alice:
+    image: cerc/go-nitro:local
+    hostname: go-nitro-alice
+    restart: on-failure
+    depends_on:
+      # Wait for Nitro contracts to be deployed
+      nitro-contracts:
+        condition: service_completed_successfully
+    environment:
+      CERC_NITRO_CHAIN_URL: ${CERC_NITRO_CHAIN_URL:-ws://fixturenet-eth-geth-1:8546}
+      CERC_NITRO_PK: ${CERC_NITRO_PK_ALICE:-f36f6dd450892224ee113899195ef922a4795d41c32cafb386d9aab6e0b7b0c6}
+      CERC_NITRO_CHAIN_PK: ${CERC_NITRO_CHAIN_PK_ALICE:-888814df89c4358d7ddb3fa4b0213e7331239a80e1f013eaa7b2deca2a41a218}
+      CERC_NITRO_USE_DURABLE_STORE: ${CERC_NITRO_USE_DURABLE_STORE:-true}
+      CERC_NITRO_DURABLE_STORE_FOLDER: ${CERC_NITRO_DURABLE_STORE_FOLDER:-/app/data/nitro-store}
+      CERC_NITRO_MSG_PORT: ${CERC_NITRO_MSG_PORT_ALICE:-3006}
+      CERC_NITRO_WS_MSG_PORT: ${CERC_NITRO_WS_MSG_PORT_ALICE:-5006}
+      CERC_NITRO_RPC_PORT: ${CERC_NITRO_RPC_PORT_ALICE:-4006}
+      CERC_NITRO_BOOT_PEERS: "/dns4/go-nitro-bob/tcp/3007/p2p/16Uiu2HAm7JBTpfJWoUh14ZC5MaCM6TujKp8P8ag4ULPiw6g9Xzba"
+      CERC_NA_ADDRESS: ${CERC_NA_ADDRESS}
+      CERC_VPA_ADDRESS: ${CERC_VPA_ADDRESS}
+      CERC_CA_ADDRESS: ${CERC_CA_ADDRESS}
+      CERC_NITRO_UI_PORT: ${CERC_NITRO_UI_PORT_ALICE:-4106}
+    entrypoint: ["bash", "-c", "/app/run-nitro-node.sh"]
+    volumes:
+      - go_nitro_data_alice:/app/data
+      - nitro_deployment:/app/deployment
+      - ../config/go-nitro/run-nitro-node.sh:/app/run-nitro-node.sh
+    healthcheck:
+      test: ["CMD", "nc", "-vz", "localhost", "4006"]
+      interval: 5s
+      timeout: 5s
+      retries: 100
+      start_period: 100s
+    ports:
+      - "3006:3006"
+      - "4006:4006"
+      - "5006:5006"
+      - "4106:4106"
+
+  go-nitro-bob:
+    image: cerc/go-nitro:local
+    hostname: go-nitro-bob
+    restart: on-failure
+    depends_on:
+      # Wait for Nitro contracts to be deployed
+      nitro-contracts:
+        condition: service_completed_successfully
+    environment:
+      CERC_NITRO_CHAIN_URL: ${CERC_NITRO_CHAIN_URL:-ws://fixturenet-eth-geth-1:8546}
+      CERC_NITRO_PK: ${CERC_NITRO_PK_BOB:-801c8f30853ed4cbfa130298def86c441c00f4a2eefc6e8fc835ae253ad91d7f}
+      CERC_NITRO_CHAIN_PK: ${CERC_NITRO_CHAIN_PK_BOB:-570b909da9669b2f35a0b1ac70b8358516d55ae1b5b3710e95e9a94395090597}
+      CERC_NITRO_USE_DURABLE_STORE: ${CERC_NITRO_USE_DURABLE_STORE:-true}
+      CERC_NITRO_DURABLE_STORE_FOLDER: ${CERC_NITRO_DURABLE_STORE_FOLDER:-/app/data/nitro-store}
+      CERC_NITRO_MSG_PORT: ${CERC_NITRO_MSG_PORT_BOB:-3007}
+      CERC_NITRO_WS_MSG_PORT: ${CERC_NITRO_WS_MSG_PORT_BOB:-5007}
+      CERC_NITRO_RPC_PORT: ${CERC_NITRO_RPC_PORT_BOB:-4007}
+      CERC_NITRO_BOOT_PEERS: "/dns4/go-nitro-alice/tcp/3006/p2p/16Uiu2HAmNUiX7bpCpbo5JdqEebp85ptGU2Vk2AT9E3BykvbwQ3F9"
+      CERC_NA_ADDRESS: ${CERC_NA_ADDRESS}
+      CERC_VPA_ADDRESS: ${CERC_VPA_ADDRESS}
+      CERC_CA_ADDRESS: ${CERC_CA_ADDRESS}
+      CERC_NITRO_UI_PORT: ${CERC_NITRO_UI_PORT_BOB:-4107}
+    entrypoint: ["bash", "-c", "/app/run-nitro-node.sh"]
+    volumes:
+      - go_nitro_data_bob:/app/data
+      - nitro_deployment:/app/deployment
+      - ../config/go-nitro/run-nitro-node.sh:/app/run-nitro-node.sh
+    healthcheck:
+      test: ["CMD", "nc", "-vz", "localhost", "4007"]
+      interval: 5s
+      timeout: 5s
+      retries: 100
+      start_period: 100s
+    ports:
+      - "3007:3007"
+      - "4007:4007"
+      - "5007:5007"
+      - "4107:4107"
+
+  nitro-rpc-client:
+    image: cerc/nitro-rpc-client:local
+    hostname: nitro-rpc-client
+    restart: always
+    environment:
+      CERC_NITRO_RPC_FUND_AMOUNT: ${CERC_NITRO_RPC_FUND_AMOUNT:-2000000}
+      CERC_NITRO_RPC_HOST_ALICE: ${CERC_NITRO_RPC_HOST_ALICE:-go-nitro-alice}
+      CERC_NITRO_RPC_PORT_ALICE: ${CERC_NITRO_RPC_PORT_ALICE:-4006}
+      CERC_NITRO_USE_TLS: ${CERC_NITRO_USE_TLS:-false}
+      CERC_NITRO_ADDRESS_BOB: ${CERC_NITRO_ADDRESS_BOB:-0xe07e314501cc73b24cf45a6577486017300e153c}
+    volumes:
+      - nitro_deployment:/app/deployment
+      - ../config/nitro-rpc-client/start.sh:/app/start.sh
+    command: ["/app/start.sh"]
+
+volumes:
+  go_nitro_data_alice:
+  go_nitro_data_bob:
+  nitro_deployment:
--- a/stack_orchestrator/data/config/go-nitro/run-nitro-node.sh
+++ b/stack_orchestrator/data/config/go-nitro/run-nitro-node.sh
@ -47,4 +47,24 @@ while true; do
  sleep $retry_interval
 done

-./nitro -chainurl ${CERC_NITRO_CHAIN_URL} -msgport ${CERC_NITRO_MSG_PORT} -rpcport ${CERC_NITRO_RPC_PORT} -wsmsgport ${CERC_NITRO_WS_MSG_PORT} -publicip "0.0.0.0" -pk ${CERC_NITRO_PK} -chainpk ${CERC_NITRO_CHAIN_PK} -naaddress ${NA_ADDRESS} -vpaaddress ${VPA_ADDRESS} -caaddress ${CA_ADDRESS} -usedurablestore ${CERC_NITRO_USE_DURABLE_STORE} -durablestorefolder ${CERC_NITRO_DURABLE_STORE_FOLDER} -tlscertfilepath "" -tlsKeyFilepath ""
+if [[ -n "$CERC_NITRO_UI_PORT" ]] && [[ -d "ui" ]]; then
+  for f in `ls ui/assets/*.js`; do
+    sed -i "s/\"CERC_RUNTIME_ENV_RPC_HOST\"/\"localhost:${CERC_NITRO_RPC_PORT}\"/g" "$f"
+  done
+  http-server -p $CERC_NITRO_UI_PORT ui &
+fi
+
+./nitro \
+  -chainurl ${CERC_NITRO_CHAIN_URL} \
+  -msgport ${CERC_NITRO_MSG_PORT} \
+  -rpcport ${CERC_NITRO_RPC_PORT} \
+  -wsmsgport ${CERC_NITRO_WS_MSG_PORT} \
+  -publicip "0.0.0.0" \
+  -pk ${CERC_NITRO_PK} \
+  -chainpk ${CERC_NITRO_CHAIN_PK} \
+  -naaddress ${NA_ADDRESS} \
+  -vpaaddress ${VPA_ADDRESS} \
+  -caaddress ${CA_ADDRESS} \
+  -usedurablestore=${CERC_NITRO_USE_DURABLE_STORE} \
+  -durablestorefolder ${CERC_NITRO_DURABLE_STORE_FOLDER} \
+  -bootpeers "${CERC_NITRO_BOOT_PEERS}"
--- a/stack_orchestrator/data/config/nitro-rpc-client/start.sh
+++ b/stack_orchestrator/data/config/nitro-rpc-client/start.sh
@ -0,0 +1,88 @@
+#!/bin/bash
+
+CERC_NITRO_RPC_FUND_AMOUNT=${CERC_NITRO_RPC_FUND_AMOUNT:-0}
+CERC_NITRO_RPC_HOST_ALICE=${CERC_NITRO_RPC_HOST_ALICE:-go-nitro-alice}
+CERC_NITRO_RPC_PORT_ALICE=${CERC_NITRO_RPC_PORT_ALICE:-4006}
+CERC_NITRO_USE_TLS=${CERC_NITRO_USE_TLS:-false}
+CERC_NITRO_ADDRESS_BOB=${CERC_NITRO_ADDRESS_BOB:-0xe07e314501cc73b24cf45a6577486017300e153c}
+
+
+# Wait till chain endpoint is available
+retry_interval=5
+while true; do
+  nc -z -w 1 "$CERC_NITRO_RPC_HOST_ALICE" "$CERC_NITRO_RPC_PORT_ALICE"
+
+  if [ $? -eq 0 ]; then
+    echo "Nitro endpoint is available"
+    break
+  fi
+
+  echo "Nitro endpoint not yet available, retrying in $retry_interval seconds..."
+  sleep $retry_interval
+done
+
+
+if [[ "$CERC_NITRO_RPC_FUND_AMOUNT" -gt 0 ]]; then
+  nitro-rpc-client -h $CERC_NITRO_RPC_HOST_ALICE \
+                   -p $CERC_NITRO_RPC_PORT_ALICE \
+                   -s=$CERC_NITRO_USE_TLS \
+                   get-all-ledger-channels | \
+                     jq "[.[] | select(.Status == \"Open\") | select(.Balance.Them == \"$CERC_NITRO_ADDRESS_BOB\")] | first" > \
+                     /app/deployment/nitro-ledger-channel-alice-to-bob.json
+  if [[ ! -f "/app/deployment/nitro-ledger-channel-alice-to-bob.json" ]]; then
+    echo "Creating new ledger channel ..."
+    nitro-rpc-client -h $CERC_NITRO_RPC_HOST_ALICE \
+                     -p $CERC_NITRO_RPC_PORT_ALICE \
+                     -s=$CERC_NITRO_USE_TLS \
+                     -n \
+                     direct-fund --amount $CERC_NITRO_RPC_FUND_AMOUNT $CERC_NITRO_ADDRESS_BOB
+  fi
+
+
+  nitro-rpc-client -h $CERC_NITRO_RPC_HOST_ALICE \
+                   -p $CERC_NITRO_RPC_PORT_ALICE \
+                   -s=$CERC_NITRO_USE_TLS \
+                   get-all-ledger-channels | \
+                     jq "[.[] | select(.Status == \"Open\") | select(.Balance.Them == \"$CERC_NITRO_ADDRESS_BOB\")] | first" > \
+                     /app/deployment/nitro-ledger-channel-alice-to-bob.json
+
+  ledger_channel=$(jq -r '.ID' /app/deployment/nitro-ledger-channel-alice-to-bob.json)
+
+  if [[ ! -f "/app/deployment/nitro-payment-channels-alice-to-bob.json" ]]; then
+    echo "Creating new payment channel ..."
+    nitro-rpc-client -h $CERC_NITRO_RPC_HOST_ALICE \
+                     -p $CERC_NITRO_RPC_PORT_ALICE \
+                     -s=$CERC_NITRO_USE_TLS \
+                     -n \
+                     virtual-fund --amount $((CERC_NITRO_RPC_FUND_AMOUNT/2)) $CERC_NITRO_ADDRESS_BOB
+  fi
+
+  nitro-rpc-client -h $CERC_NITRO_RPC_HOST_ALICE \
+                   -p $CERC_NITRO_RPC_PORT_ALICE \
+                   -s=$CERC_NITRO_USE_TLS \
+                   get-payment-channels-by-ledger $ledger_channel > \
+                     /app/deployment/nitro-payment-channels-alice-to-bob.json
+
+  echo ""
+  echo "################################################################"
+  echo ""
+
+  echo "LEDGER:"
+  cat /app/deployment/nitro-ledger-channel-alice-to-bob.json | jq
+  echo ""
+  echo ""
+
+  echo "PAYMENT:"
+  cat /app/deployment/nitro-payment-channels-alice-to-bob.json | jq
+  echo ""
+  echo ""
+fi
+
+if [ -n "$1" ]; then
+  exec "$@"
+  exit $?
+fi
+
+while [ 1 -eq 1 ]; do
+  sleep 100
+done
--- a/stack_orchestrator/data/container-build/cerc-go-nitro/Dockerfile
+++ b/stack_orchestrator/data/container-build/cerc-go-nitro/Dockerfile
@ -8,9 +8,19 @@ COPY . .
 RUN go build -v -o nitro .

 # Reduce image size
-FROM debian:bullseye-slim
+FROM node:18-bullseye-slim as builder-ui
 RUN apt-get update
-RUN apt-get install -y ca-certificates jq netcat
+RUN apt-get install -y make
+WORKDIR /app
+COPY . .
+RUN yarn
+RUN VITE_RPC_HOST=CERC_RUNTIME_ENV_RPC_HOST make ui/build
+
+FROM node:18-bullseye-slim
+RUN apt-get update
+RUN apt-get install -y ca-certificates jq netcat make
 RUN rm -rf /var/lib/apt/lists/*
+RUN npm install -g http-server
 WORKDIR /app
 COPY --from=builder /app/nitro .
+COPY --from=builder-ui /app/packages/nitro-gui/dist /app/ui
--- a/stack_orchestrator/data/container-build/cerc-nitro-rpc-client/Dockerfile
+++ b/stack_orchestrator/data/container-build/cerc-nitro-rpc-client/Dockerfile
@ -4,9 +4,10 @@ RUN apk --update --no-cache add python3 alpine-sdk bash curl jq

 WORKDIR /app

-COPY . .
+COPY packages/nitro-rpc-client  .

 RUN echo "Installing dependencies" && \
  yarn

-RUN cd packages/nitro-rpc-client
+RUN yarn build
+RUN ln -s /app/bin/nitro-rpc-client.js /bin/nitro-rpc-client
--- a/stack_orchestrator/data/stacks/fixturenet-nitro-auth/README.md
+++ b/stack_orchestrator/data/stacks/fixturenet-nitro-auth/README.md
@ -0,0 +1,84 @@
+# fixturenet-payments-lite
+
+Instructions to setup and deploy an end-to-end fixturenet-payments-lite stack, on a local machine. Some tips are included for running on a remote cloud machine.
+
+## Setup
+
+Clone required repositories:
+
+```bash
+laconic-so --stack fixturenet-nitro setup-repositories --pull
+```
+
+Build the container imagesfixturenet-payments-lite:
+
+```bash
+laconic-so --stack fixturenet-nitro build-containers
+```
+
+## Deploy
+
+Deploy the stack:
+
+```bash
+laconic-so --stack fixturenet-nitro deploy --cluster payments up
+```
+
+```bash
+# Exposed on host ports:
+# 32***: geth in statediffing mode and ipld-eth-server(s)
+# 4005: in-process go-nitro node's RPC endpoint
+# 3005: in-process go-nitro node's p2p TCP endpoint
+# 5005: in-process go-nitro node's p2p WS endpoint
+# 4006: out-of-process go-nitro node's RPC endpoint
+# 3006: out-of-process go-nitro node's p2p TCP endpoint
+# 5006: out-of-process go-nitro node's p2p WS endpoint
+# 15432: MobyMask v3 watcher's db endpoint
+# 3001: MobyMask v3 watcher endpoint
+# 9090: MobyMask v3 watcher relay node endpoint
+# 8080: MobyMask snap
+# 3004: MobyMask v3 app
+# 42070: Ponder indexer-1
+# 42071: Ponder indexer-2
+# 42069: Ponder watcher
+```
+
+If running in the cloud, ensure all the of the above ports are open. The geth port can be retrieved with:
+
+```bash
+docker port payments-fixturenet-eth-geth-1-1 8545
+```
+
+Then for every port above, run each line in a new terminal window (or use `screen`):
+
+```bash
+ssh -L 4005:localhost:4005 user@<your-ip>
+ssh -L 5005:localhost:5005 user@<your-ip>
+ssh -L 8081:localhost:8081 user@<your-ip>
+# ... and so on for every port
+```
+
+This will allow you to access the entirety of the app as if it were running locally.
+
+## Demo
+
+- Follow the [mobymask-demo](./mobymask-demo.md) to try out MobyMask end-to-end payments.
+- Follow the [ponder-demo](./ponder-demo.md) to try out Ponder end-to-end payments.
+
+## Clean up
+
+Stop all the services running in background:
+
+```bash
+laconic-so --stack fixturenet-nitro deploy --cluster payments down 30
+```
+
+Clear volumes created by this stack:
+
+```bash
+# List all relevant volumes
+docker volume ls -q --filter "name=payments"
+
+# Remove all the listed volumes
+docker volume rm $(docker volume ls -q --filter "name=payments")
+```
--- a/stack_orchestrator/data/stacks/fixturenet-nitro-auth/stack.yml
+++ b/stack_orchestrator/data/stacks/fixturenet-nitro-auth/stack.yml
@ -0,0 +1,25 @@
+version: "1.0"
+name: fixturenet-nitro-auth
+description: "Stack to demonstrate payments between various services"
+repos:
+  # fixturenet repos
+  - git.vdb.to/cerc-io/go-ethereum@v1.11.6-statediff-v5
+  - git.vdb.to/cerc-io/lighthouse
+  # nitro repo
+  - github.com/cerc-io/go-nitro@v0.1.2-ts-port-0.1.9
+containers:
+  # fixturenet images
+  - cerc/go-ethereum
+  - cerc/lighthouse
+  - cerc/lighthouse-cli
+  - cerc/fixturenet-eth-genesis
+  - cerc/fixturenet-eth-geth
+  - cerc/fixturenet-eth-lighthouse
+  # nitro
+  - cerc/nitro-contracts
+  - cerc/go-nitro
+  - cerc/nitro-rpc-client
+pods:
+  - fixturenet-eth
+  - nitro-contracts
+  - go-nitro-auth