Merge branch 'master' into david/actors-update

.env.deployment.template

@@ -0,0 +1,119 @@
+# ================================================================================
+# [Shared Settings]
+
+# Services to be started during the deployment
+# Leaving it blank will default to 'deployer, worker'
+# Options are: administrator, client, deployer, optimist, worker
+export DEPLOYMENT_SERVICES=
+
+# The network name defined for this deployment
+# Information related to this network is present in config/default.js. See the README.md for additional details
+# Required!
+export ETH_NETWORK=blockchain
+
+# The Ethereum address to be used during the deployment
+# Required!
+export ETH_ADDRESS=0x9C8B2276D490141Ae1440Da660E470E7C0349C63
+
+# The private key related to the Ethereum address set in ETH_ADDRESS
+# Required!
+export ETH_PRIVATE_KEY=0x4775af73d6dc84a0ae76f8726bda4b9ecf187c377229cb39e1afa7a18236a69e
+
+# The blockchain the services will connect to
+# Required!
+export BLOCKCHAIN_URL=ws://blockchain:8546
+
+# Sets the default gas value and price
+# Leaving it blank will fallback to the defined defaults
+export GAS=
+export GAS_PRICE=
+
+# Text free variable indicating the environment name
+export ENVIRONMENT=localhost
+
+# Log level
+export LOG_LEVEL=
+
+# If the logging of HTTP payload is enabled
+export LOG_HTTP_PAYLOAD_ENABLED=
+
+# If the HTTP full data payload should be logged
+export LOG_HTTP_FULL_DATA=
+
+# Number of times the app will try to get the contracts info before giving up
+export AUTOSTART_RETRIES=
+
+# Used by the client & deployer services - defines the 'worker' host. 
+# Leave it blank to get the one started in the docker-compose
+export CIRCOM_WORKER_HOST=
+
+# Used by the client & optimist services
+# Set to 'true' so that client will not wait for the blockchain to initialize
+export USE_EXTERNAL_NODE=
+
+
+# ================================================================================
+# [Administrator]
+
+# MongoDB database connection string
+# Leaving it blank will make the app connect to the mongodb started by the docker-compose
+export ADMIN_MONGO_URL=
+
+
+# ================================================================================
+# [Client]
+
+# MongoDB database connection string
+# Leaving it blank will make the app connect to the mongodb started by the docker-compose
+export CLIENT_MONGO_URL=
+
+# Optimist host the client will connect to
+# Leaving it blank will make the app connect to the mongodb started by the docker-compose
+export OPTIMIST_HOST=
+export OPTIMIST_PORT=
+
+# If the queue should be enabled
+# Leaving it blank will make the apps connect to the RabbitMQ instance
+export ENABLE_QUEUE=
+
+# RabbitMQ host the client will connect to
+# Leaving it blank will make the app connect to the mongodb started by the docker-compose
+export RABBITMQ_HOST=
+export RABBITMQ_PORT=
+
+
+# ================================================================================
+# [Deployer]
+
+# The L2 Token ID that was defined in the settings ('config/default.js') to be used to pay the fees. See nightfall-deployer/README.md.
+# Required!
+FEE_L2_TOKEN_ID=
+
+# When submitting a transaction, Nightfall verifies if the sender address is sanctioned on Chainalysis sanctions screening oracle
+# If set to 'true', a mocked sanctions contract will be deployed, otherwise the Chainalysis sanctions oracle will be used instead.
+# Required!
+export DEPLOY_MOCKED_SANCTIONS_CONTRACT=
+
+# It is enabled by default. Set to 'disable' to disable the whitelisting process. See docs/whitelist.md
+export WHITELISTING=
+
+# The number of Approvers required to authorise `onlyOwner` transactions. See nightfall-administrator/README.md.
+# Required!
+export MULTISIG_SIGNATURE_THRESHOLD=
+
+# A comma separated Ethereum addresses list of the approvers
+# Leave it blank if no approvers are needed
+export MULTISIG_APPROVERS=
+
+# If the Trusted Setup should always run during the deployment
+export ALWAYS_DO_TRUSTED_SETUP=
+
+# If for some reason the contracts deployment went well, but the cirtuits didn't finish well, set to 'true' to skip the contracts' deployment
+export SKIP_DEPLOYMENT=
+
+# If the deployment to run will upgrade contracts 
+export UPGRADE_CONTRACTS=
+
+# When set to anything different of 'false', deploys the Smart Contract mocks, and funds some contracts and users (for Testing)
+# Defaults to 'true' if left blank
+export DEPLOY_MOCK_TOKENS=false

.eslintignore

@@ -16,3 +16,4 @@ typechain-types/
 config/geth/data
 backup/
 coverage/
+docker/volumes

bin/deploy-contracts

@@ -0,0 +1,78 @@
+#! /bin/bash
+set -e
+
+# select a Geth or Ganache client
+if [ -z "$1" ]; then
+  echo "Please, inform the .env file to be used for deploying!"
+  exit 1
+fi
+
+DEPLOYMENT_ENV_FILE=$1
+
+if [ -z "${DEPLOYMENT_SERVICES}" ]; then
+  DEPLOYMENT_SERVICES=$(cat ${DEPLOYMENT_ENV_FILE} | sed  -n -e 's/^export DEPLOYMENT_SERVICES=//p')
+
+  if [ -z "${DEPLOYMENT_SERVICES}" ]; then
+    DEPLOYMENT_SERVICES="deployer,worker"
+  fi
+fi
+
+if [ -z "${NO_SERVICES_SETUP}" ]; then
+  echo -e "Building applications...\n"
+
+  # Install node dependencies
+  npm ci
+
+  # build common-files
+  cd common-files && npm ci && cd ..
+
+  OS_ARCH=$(uname -m)
+  NO_CACHE_FLAG=''
+
+  # Workaround when building in a Mac
+  if [ $OS_ARCH != "x86_64" ]; then
+    NO_CACHE_FLAG='--no-cache'
+  fi
+
+  echo -e "Building the contaners's images: ${DEPLOYMENT_SERVICES}\n"
+
+  docker build ${NO_CACHE_FLAG} -t ghcr.io/eyblockchain/local-circom -f docker/circom.Dockerfile .
+
+  if [[ "${DEPLOYMENT_SERVICES}" == *"deployer"* ]]; then
+    docker-compose -f docker/docker-compose.deployment.yml --env-file $DEPLOYMENT_ENV_FILE build ${NO_CACHE_FLAG} deployer
+  fi
+
+  if [[ "${DEPLOYMENT_SERVICES}" == *"worker"* ]]; then
+    docker-compose -f docker/docker-compose.deployment.yml --env-file $DEPLOYMENT_ENV_FILE build ${NO_CACHE_FLAG} worker
+  fi
+
+  if [[ "${DEPLOYMENT_SERVICES}" == *"administrator"* ]]; then
+    docker-compose -f docker/docker-compose.deployment.yml --env-file $DEPLOYMENT_ENV_FILE build ${NO_CACHE_FLAG} administrator
+  fi
+
+  if [[ "${DEPLOYMENT_SERVICES}" == *"client"* ]]; then
+    docker-compose -f docker/docker-compose.deployment.yml --env-file $DEPLOYMENT_ENV_FILE build ${NO_CACHE_FLAG} client
+  fi
+
+  if [[ "${DEPLOYMENT_SERVICES}" == *"optimist"* ]]; then
+    docker-compose -f docker/docker-compose.deployment.yml --env-file $DEPLOYMENT_ENV_FILE build ${NO_CACHE_FLAG} optimist
+  fi
+
+  echo -e "Build finished!\n"
+fi
+
+echo -e "Creating volumes folders...\n"
+
+# create the volumes folders
+mkdir -p docker/volumes/build
+mkdir -p docker/volumes/proving_files
+
+echo -e "Starting the services: ${DEPLOYMENT_SERVICES}\n"
+
+DEPLOYMENT_COMPOSER_FILES="-f docker/docker-compose.deployment.yml"
+
+docker-compose $DEPLOYMENT_COMPOSER_FILES --env-file $DEPLOYMENT_ENV_FILE -p 'nightfall_3' up -d ${DEPLOYMENT_SERVICES//,/ }
+
+echo -e "Deployment services started!\n"
+
+docker-compose -p 'nightfall_3' $DEPLOYMENT_COMPOSER_FILES --env-file $DEPLOYMENT_ENV_FILE logs -f ${DEPLOYMENT_SERVICES//,/ }

bin/start-nightfall

@@ -34,8 +34,6 @@ while [ -n "$1" ]; do
                                     ;;
       -a  | --adversary)            ADVERSARY="-f docker/docker-compose.adversary.yml"
                                     ;;
-      -mpc)                         export MPC="true"
-                                    ;;
       * )                           usage
                               exit 1
     esac
@@ -47,6 +45,7 @@ if [ -z "$FILE" ]; then
   usage
   exit 1
 fi
+
 # shut down cleanly in the event of a cntl-c etc. We don't want to leave containers running
 trap "docker-compose $FILE $DEV $ADVERSARY -p 'nightfall_3' down --remove-orphans -t 1; exit 1" SIGHUP SIGINT SIGTERM
 

common-files/utils/contract.mjs

@@ -9,6 +9,7 @@ import logger from './logger.mjs';
 
 export const web3 = Web3.connection();
 
+const retries = config.RETRIES;
 const options = config.WEB3_OPTIONS;
 
 let cachedContracts = {};
@@ -124,7 +125,7 @@ export async function waitForContract(contractName) {
   let errorCount = 0;
   let error;
   let instance;
-  while (errorCount < 600) {
+  while (errorCount < retries) {
     try {
       error = undefined;
       const address = await getContractAddress(contractName); // eslint-disable-line no-await-in-loop
@@ -136,6 +137,8 @@ export async function waitForContract(contractName) {
       instance = await getContractInstance(contractName, address); // eslint-disable-line no-await-in-loop
       return instance;
     } catch (err) {
+      if (errorCount % 20 === 0) logger.error(err);
+
       error = err;
       errorCount++;
 

config/default.js

@@ -85,6 +85,8 @@ module.exports = {
   WEBSOCKET_PORT: process.env.WEBSOCKET_PORT || 8080,
   WEBSOCKET_PING_TIME: 15000,
   CIRCOM_WORKER_HOST: process.env.CIRCOM_WORKER_HOST || 'worker',
+  DEPLOY_MOCKED_SANCTIONS_CONTRACT: process.env.DEPLOY_MOCKED_SANCTIONS_CONTRACT,
+  FEE_L2_TOKEN_ID: process.env.FEE_L2_TOKEN_ID || 'MATIC',
   RABBITMQ_HOST: process.env.RABBITMQ_HOST || 'amqp://rabbitmq',
   RABBITMQ_PORT: process.env.RABBITMQ_PORT || 5672,
   ENABLE_QUEUE: process.env.ENABLE_QUEUE || 1,
@@ -97,7 +99,6 @@ module.exports = {
   ETH_NETWORK: process.env.ETH_NETWORK || 'blockchain',
   WHITELISTING: process.env.WHITELISTING,
   UPGRADE_CONTRACTS: process.env.UPGRADE_CONTRACTS,
-
   SANCTIONS_CONTRACT:
     process.env.TEST_SANCTIONS_CONTRACT || '0x40C57923924B5c5c5455c48D93317139ADDaC8fb',
   MULTISIG: {
@@ -190,12 +191,6 @@ module.exports = {
       isWithdrawing: false,
     },
   }, // used as an enum to mirror the Shield contracts enum for vk types. The keys of this object must correspond to a 'folderpath' (the .zok file without the '.zok' bit)
-  MPC: {
-    MPC_PARAMS_URL:
-      process.env.MPC_PARAMS_URL ||
-      'https://nightfallv3-proving-files.s3.eu-west-1.amazonaws.com/phase2/mpc_params',
-  },
-  // 'https://nightfallv3-proving-files.s3.eu-west-1.amazonaws.com/testnet/proving_files',
   DEPLOYMENT_FILES_URL: {
     CIRCUIT_FILES_URL: process.env.CIRCUIT_FILES_URL,
     CONTRACT_FILES_URL: process.env.CONTRACT_FILES_URL,

doc/sanctions_list.md

@@ -1,9 +1,7 @@
 # Checking sanctions list
 
-Nightfall automatically checks the Chainalysis sanctions screening oracle [contract](https://go.chainalysis.com/chainalysis-oracle-docs.html#:~:text=The%20Chainalysis%20oracle%20is%20a,included%20in%20a%20sanctions%20designation).
+When submitting a transaction, Nightfall automatically checks the sender address against Chainalysis sanctions screening oracle [contract](https://go.chainalysis.com/chainalysis-oracle-docs.html#:~:text=The%20Chainalysis%20oracle%20is%20a,included%20in%20a%20sanctions%20designation).
 
 Although this check arguably forms part of a KYC check, it is not done via the KYC interface. This is because the sanctions contract already exposes its own interface, and manages its own blacklisting, thus there is nothing for Nightfall to do, other than to check the mapping held by the Chainalysis contract via the `SanctionsListInterface.sol` interface.
 
-When testing, Nightfall uses a stub contract to simulate the Chainalysis one.  This has one sanctions-listed user (set in the default config's `TEST_OPTIONS` section) for test purposes. Nightfall will autmatically deploy this stub if the default config `SANCTIONS_CONTRACT` constant is set to anything other than an Ethereum address, in which case it will not deploy a stub but will call the sanctions list interface at that address.
-
-
+When testing, Nightfall can use a stub contract to simulate the Chainalysis one. This has one sanctions-listed user (set in the default config's `TEST_OPTIONS` section) for test purposes. The environment variable `DEPLOY_MOCKED_SANCTIONS_CONTRACT` allows one to control which contract will be used in the deployment - setting to `true` will make Nightfall to use the stub (mocked contract), while setting it to `false` will make it to use the Chainalysis one.

docker/docker-compose.client.yml

@@ -55,7 +55,6 @@ services:
       LOG_LEVEL: ${LOG_LEVEL:-debug}
       LOG_HTTP_PAYLOAD_ENABLED: ${LOG_HTTP_PAYLOAD_ENABLED:-true}
       LOG_HTTP_FULL_DATA: ${LOG_HTTP_FULL_DATA:-false}
-      #MPC: ${MPC:-true}
       #ETH_NETWORK: ${ETH_NETWORK}
       CIRCUIT_FILES_URL: ${CIRCUIT_FILES_URL:-https://nightfallv3-proving-files-tmp-demo.s3.eu-central-1.amazonaws.com/proving_files}