Layr-Labs · MadelineAu · Nov 25, 2025 · Nov 26, 2025 · Nov 26, 2025 · Nov 26, 2025
@@ -0,0 +1,6 @@
+{
+  "position": 9,
+  "label": "Processes",
+  "collapsible": true,
+  "collapsed": true,
+}
@@ -0,0 +1,31 @@
+---
+title: Deployment Process
+sidebar_position: 1
+---
+
+A deployment follows these steps:
+
+1. Build Phase (if not using pre-built image)
+    - Read Dockerfile
+    - Build for `linux/amd64` platform
+    - Tag image with unique identifier
+
+2. Push Phase
+    - Authenticate with Docker registry
+    - Push image layers
+    - Verify image is accessible
+
+3. Transaction Phase
+    - Sign deployment transaction
+    - Submit to Ethereum (Sepolia testnet)
+    - Wait for confirmation
+
+4. Provisioning Phase
+    - Provision TEE instance
+    - Generate app mnemonic via KMS
+    - Inject environment variables
+    - Start application container
+
+5. Verification Phase
+    - Verify app is running
+    - Return app details and IP
@@ -0,0 +1,44 @@
+---
+title: Upgrade Process
+sidebar_position: 2
+---
+
+An upgrade follows these steps:
+
+1. Build New Image (if not using pre-built)
+    - Build updated application
+    - Tag with new identifier
+
+2. Push Image
+    - Push to registry
+    - Verify accessibility
+
+3. Submit Upgrade Transaction
+    - Sign upgrade transaction
+    - Submit to blockchain
+    - Wait for confirmation
+
+4. Update TEE Instance
+    - Pull new image
+    - Update environment variables
+    - Restart application container
+
+5. Verify Update
+    - Confirm app is running
+    - Verify new version is active
+
+## What Gets Updated
+
+An upgrade updates:
+- Application code (new Docker image)
+- Environment variables (updated .env values)
+- Configuration (TLS, ports, etc.)
+
+What stays the same:
+- App ID
+- TEE wallet address (same MNEMONIC)
+- Instance IP (usually)
+
+:::tip Zero Downtime
+Upgrades aim for minimal downtime, but brief interruptions may occur during container restart. Plan upgrades during maintenance windows for production apps.
+:::
@@ -1,5 +1,5 @@
 {
-  "position": 1,
+  "position": 2,
   "label": "Build",
   "collapsible": true,
   "collapsed": false

@@ -0,0 +1,45 @@
+---
+title: Deployment Examples
+sidebar_position: 3
+---
+
+## Deploy from current directory
+
+```bash
+eigenx app deploy
+```
+
+The CLI will prompt you for deployment configuration.
+
+## Deploy with custom Dockerfile location
+
+```bash
+eigenx app deploy --dockerfile ./docker/Dockerfile.prod
+```
+
+## Deploy with custom .env location
+
+```bash
+eigenx app deploy --env-file ./config/.env.production
+```
+
+## Deploy pre-built image
+
+```bash
+# Build and push manually
+docker build --platform linux/amd64 -t registry.io/user/myapp:v1.0 .
+docker push registry.io/user/myapp:v1.0
+
+# Deploy the image
+eigenx app deploy registry.io/user/myapp:v1.0
+```
+
+## Multi-Environment Deployment
+
+```bash
+# Deploy to mainnet (default)
+eigenx app deploy --env-file .env.mainnet
+
+# Deploy to sepolia testnet
+eigenx app deploy --env-file .env.sepolia --environment sepolia
+```
@@ -0,0 +1,19 @@
+---
+title: Dockerfile Requirements
+sidebar_position: 3
+---
+
+```dockerfile
+# Must target linux/amd64
+FROM --platform=linux/amd64 node:18
+
+# Must run as root (TEE requirement)
+USER root
+
+# Application code
+WORKDIR /app
+COPY . .
+RUN npm install
+
+CMD ["npm", "start"]
+```
@@ -0,0 +1,23 @@
+---
+title: Environment Variables
+sidebar_position: 3
+---
+
+On deployment, the project's `.env` file is encrypted and securely injected into the TEE:
+
+```bash
+# Private variables (encrypted)
+API_KEY=secret-key-here
+DATABASE_URL=postgres://...
+
+# Public variables (visible to users for transparency)
+NETWORK_PUBLIC=sepolia
+VERSION_PUBLIC=1.0.0
+```
+
+Variables ending in `_PUBLIC` are visible onchain for transparency.
+
+:::important Auto-Generated MNEMONIC
+The `MNEMONIC` environment variable is **automatically provided by KMS** at runtime. Any mnemonic in `.env.example` is just
+a placeholder. The TEE overwrites it with your app's unique, persistent KMS-generated mnemonic.
+:::
@@ -0,0 +1,46 @@
+---
+title: Follow Best Practices
+sidebar_position: 5
+---
+
+## Deployment Best Practices
+
+### Security
+
+Use public variables for transparency
+
+```bash
+# .env
+VERSION_PUBLIC=1.0.0
+NETWORK_PUBLIC=sepolia
+SECRET_API_KEY=secret-here  # Private
+```
+
+### Reliability
+
+1. Health checks in your app
+
+```javascript
+// Example health endpoint
+app.get('/health', (req, res) => {
+  res.json({ status: 'healthy', version: process.env.VERSION_PUBLIC })
+})
+```
+
+2. Graceful shutdown
+
+```javascript
+process.on('SIGTERM', async () => {
+  console.log('SIGTERM received, shutting down gracefully')
+  await cleanup()
+  process.exit(0)
+})
+```
+
+3. Logging
+
+```javascript
+console.log('App started')
+console.error('Error occurred:', error)
+// Logs are visible via: eigenx app logs
+```
@@ -0,0 +1,43 @@
+---
+title: Troubleshoot Deployment
+sidebar_position: 6
+---
+
+## Build fails: platform mismatch
+
+Ensure your Dockerfile specifies the platform:
+
+```dockerfile
+FROM --platform=linux/amd64 node:18
+```
+
+## Push fails: authentication required
+
+Login to Docker registry:
+
+```bash
+docker login
+```
+
+## Transaction fails: insufficient funds
+
+Get Sepolia ETH (for `sepolia` environment) or Mainnet ETH (for `mainnet-alpha` environment):
+
+```bash
+eigenx auth whoami  # Get your address
+# Visit faucet and request funds
+```
+
+## App fails to start
+
+Check logs:
+
+```bash
+eigenx app logs <app-id>
+```
+
+Common issues:
+- Missing environment variables
+- Port binding issues
+- Application crashes
+- Incorrect entrypoint/command
@@ -1,4 +1,4 @@
 {
-  "position": 3,
+  "position": 1,
   "label": "Manage Authentication Keys"
 }
@@ -0,0 +1,76 @@
+---
+title: Create Authentication Keys
+sidebar_position: 1
+---
+
+:::important 
+EigenCompute uses two types of keys: 
+* Authentication keys for deployments and protocol interactions.
+* TEE mnemonic for applications and wallet functionality inside the TEE. 
+
+For more information on EigenCompute keys, refer to the [Keys](../../concepts/keys-overview.md) concept topic. 
+:::
+
+New authentication keys are required for: 
+
+* First time set up to generate a key when you don't have one.
+* Multiple environments to generate separate keys for dev, testnet, and mainnet.
+* Testing to create separate keys for testing.
+
+## Create and securely store an authentication key
+
+To create and securely store an authentication key: 
+
+```
+eigenx auth generate --store
+```
+
+An authentication key is created and stored in the OS keyring: 
+
+```
+Generated new private key
+Address: 0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb1
+
+✓ Private key stored securely in OS keyring
+✓ You can now use eigenx commands without additional authentication
+```
+
+:::warning
+The private key is securely stored while you remain authenticated to EigenCompute.
+
+If you log out of EigenCompute and have not backed up the private key that was generated for you, you will be unable to access your deployed application.
+
+If you generate another EigenCompute key and overwrite the existing private key without first having backed up the private key that was generated for you, you will be unable to access your deployed application.
+:::
+
+To create and securely store an authentication key for a specific environment:
+
+```
+eigenx auth generate --store --environment sepolia
+```
+
+:::tip
+To list available deployment environments, use `eigenx environment list`
+:::
+
+## Create and display an authentication key
+
+:::caution 
+Logging in by providing your private key directly in the command line is not recommended. It is recommended to [securely store 
+authentication keys in the OS keyring](#create-and-securely-store-an-authentication-key).
+:::
+
+To create and display an authentication key: 
+
+```
+eigenx auth generate
+```
+
+An authentication key is created and displayed:
+
+```
+Generated new private key: 0x1234567890abcdef...
+Address: 0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb1
+
+⚠️  Private key not stored. Use --store flag to save it securely.
+```