Merge branch 'proto' into add_bootstrap_node

gevulotnetwork · Jan 21, 2024 · 22b4354 · 22b4354
2 parents 892d1e4 + c4ea88a
commit 22b4354
Show file tree

Hide file tree

Showing 24 changed files with 1,460 additions and 157 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -4,6 +4,7 @@ exclude = [
 ]
 members = [
   "crates/node",
+  "crates/cli",
   "crates/shim",
   "crates/shim-ffi",
   "crates/tests/test-programs",

diff --git a/Containerfile b/Containerfile
@@ -0,0 +1,32 @@
+FROM rust:1-bookworm
+
+COPY ./Cargo.* ./
+COPY ./crates ./crates
+
+RUN apt-get update && apt-get install -y \
+  libssl-dev \
+  protobuf-compiler
+
+RUN cargo build --release
+
+FROM debian:bookworm
+
+# Copy Gevulot node bin from earlier build step.
+COPY --from=0 target/release/gevulot /gevulot
+
+# Install QEMU.
+RUN apt-get update && apt-get install -y --no-install-recommends \
+  ca-certificates \
+  curl \
+  qemu-system
+
+# Install Ops.
+RUN /bin/curl -Lo /bin/ops https://storage.googleapis.com/cli/linux/ops && chmod 755 /bin/ops && /bin/ops update
+
+COPY ./crates/node/migrations /migrations
+
+RUN mkdir -p /var/lib/gevulot
+RUN /gevulot generate node-key
+
+CMD ["run"]
+ENTRYPOINT ["/gevulot"]
diff --git a/crates/cli/Cargo.toml b/crates/cli/Cargo.toml
@@ -0,0 +1,27 @@
+[package]
+name = "gevulot-cli"
+version = "0.1.0"
+edition = "2021"
+license = "MIT OR Apache-2.0"
+
+[dependencies]
+anyhow = "1.0.71"
+blake3 = { version = "1.5", features = [ "mmap" ] }
+clap = { version = "4.0.29", features = ["derive"] }
+futures-util = { version = "0.3", default-features = false }
+gevulot-node = { path = "../node" }
+hex = "0.4"
+http-body-util = "0.1"
+hyper = { version = "1", features = ["full"] }
+hyper-util = { version = "0.1", features = ["full"] }
+indicatif = "0.17.7"
+libsecp256k1 = "0.7"
+log = "0.4.20"
+rand = { version = "0.8", features = [ "std_rng" ] }
+serde = { version = "1.0", features = ["derive"] }
+serde_json = { version = "1.0"}
+sha3 = "0.10"
+tracing-subscriber = "0.3.18"
+tokio = { version = "1", features = [ "full" ] }
+tokio-util = "0.7"
+url = "2.5.0"
diff --git a/crates/cli/README.md b/crates/cli/README.md
@@ -0,0 +1,72 @@
+# Gevulot cli tool
+
+Gevulot cli tool allows to send commands / transactions to a Gevulot node.
+
+## Available commands
+
+The commands provided by gevulot-cli are:
+ * **generate-key** : Generate a secret key in the specified file. The secret key is used to sign the Tx sent to the node.
+ * **deploy**: Send a deploy Tx to the node to deploy the specified prover / verifier.
+ * **exec** : Send a run Tx to be executed by the node.
+ * **calculate-hash**: Calculate the Hash of the specified file.
+
+ For detailed information use : gevulot-cli --help
+
+### Common parameters
+
+ * -j, --jsonurl: URL of the node JSON-RPC access point. Default: http://localhost:9944
+ * -k, --keyfile: Path to a secret key file. Default: localkey.pki
+
+### Deploy command
+
+This command allows to deploy a compiled prover / verified image to the node specified with the --jsonurl parameter.
+
+The deployment can be done using file installed on the same host as the gevulot-cli tool. In this case the --prover and / or --verifier contains the path to the image to deploy. The Gevulot node try to open an http connection to the gevulot-cli host. Use `--listen-addr` to specify the http bind address used by gevulot-cli (default 127.0.0.1:8080). 
+If the host that executes gevulot-cli cannot be reached by the node using http, the image can be installed on an http host that is visible to the node and the url can be specified. In this case the --prover and / or --verifier parameters contains the hash of the image. Use the **calculate-hash** command to get the Hash of an image file. To specify the distant image http url use the --proverimgurl and / or --verifierimgurl 
+
+For more information use: `gevulot-cli deploy --help`
+
+#### Examples:
+
+To deploy local images: 
+```
+gevulot-cli -- deploy --name test --prover ./prover --verifier ./verifier
+```
+
+To deploy a local prover and a distant verifier: 
+```
+gevulot-cli -- deploy --name test --prover ../../target/debug/prover --verifier 491907d04032869088ef9b81004639ed1bb185f0413a261f74faaa0aa943d3f3 --verifierimgurl http://...
+```
+
+### Exec command
+
+This command allows to execute a workflow of task on the nodes. A task is an execution of a program on the node. Deployed prover or verifier are programs.
+
+The tasks are defined using a json format. Use `--tasks` parameter to specify a list of execution tasks or steps.
+
+#### Example of steps:
+
+To execute the program with the specified hash with arguments `--nonce=42`: 
+```
+{"program":"9616d42b0d82c1ed06eab8eaa26680261ad831012bbf3ad8303738a53bf85c7c","cmd_args":[{"name":"--nonce","value":"42"}],"inputs":[]}
+```
+
+To execute a program with input of type output for the program data: 
+```
+{"program":"37ef718f473a96e2dd56ac27fc175bfa08f4a30e34bdff5802e2f5071265a942", "cmd_args":[],"inputs":[{"Output":{"source_program":"9616d42b0d82c1ed06eab8eaa26680261ad831012bbf3ad8303738a53bf85c7c","file_name":"/workspace/proof.dat"}}]}
+```
+
+A command using these steps:
+```
+gelulot-cli -- exec --tasks '[{"program":"9616d42b0d82c1ed06eab8eaa26680261ad831012bbf3ad8303738a53bf85c7c","cmd_args":[{"name":"--nonce","value":"42"}],"inputs":[]},{"program":"37ef718f473a96e2dd56ac27fc175bfa08f4a30e34bdff5802e2f5071265a942","cmd_args":[],"inputs":[{"Output":{"source_program":"9616d42b0d82c1ed06eab8eaa26680261ad831012bbf3ad8303738a53bf85c7c","file_name":"/workspace/proof.dat"}}]}]'
+```
+
+## License
+
+This library is licensed under either of the following licenses, at your discretion.
+
+[Apache License Version 2.0](LICENSE-APACHE)
+
+[MIT License](LICENSE-MIT)
+
+Any contribution that you submit to this library shall be dual licensed as above (as defined in the Apache v2 License), without any additional terms or conditions.
diff --git a/crates/cli/src/keyfile.rs b/crates/cli/src/keyfile.rs
@@ -0,0 +1,23 @@
+use libsecp256k1::SecretKey;
+use rand::rngs::StdRng;
+use rand::SeedableRng;
+use std::fs;
+use std::path::PathBuf;
+
+pub fn create_key_file(file_path: &PathBuf) -> crate::BoxResult<()> {
+    let key = SecretKey::random(&mut StdRng::from_entropy());
+    let key_array = key.serialize();
+    if !file_path.as_path().exists() {
+        Ok(fs::write(file_path, &key_array[..])?)
+    } else {
+        Err(Box::new(std::io::Error::new(
+            std::io::ErrorKind::Other,
+            "Key file already exist. Can't erase it.",
+        )))
+    }
+}
+
+pub fn read_key_file(file_path: &PathBuf) -> crate::BoxResult<SecretKey> {
+    let key_array = fs::read(file_path)?;
+    Ok(SecretKey::parse_slice(&key_array)?)
+}