Skip to content

feat: NUC authentication #98

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jcabrero merged 15 commits into from
May 21, 2025
Merged

feat: NUC authentication #98

jcabrero merged 15 commits into from
May 21, 2025

Conversation

@jcabrero
Copy link
Member

@jcabrero jcabrero commented Apr 25, 2025

This PR includes all the required changes to make sure that nilAI supports authentication with NUCs:

  1. We modified nilAI to use secp256k1 keys, which work natively with NUCs. We added the respective endpoints required to send the public key to any client wanting to connect to nilAI.
  2. We change the database and rate limiting to support NUCs. While the DB still uses a UserModel where some information is repetitive, it can still be usable for now. The rate limit now works per API key, this makes it so that a subscription holder holds the same rate limit for all users.
  3. We include the nilai-auth folder with examples of how a user should set up a server to delegate nilAI valid NUCs and how to consume the service.
  4. We changed docker-compose.dev.yml to include the infrastructure required for nilauth and nilchain. We remove docker-compose.dev.macos.yml, since it is overlapping with what we have in docker-compose.dev.yml.

@jcabrero jcabrero self-assigned this Apr 25, 2025
@jcabrero jcabrero changed the title feat: NUC authentication addition feat: NUC authentication Apr 25, 2025
@jcabrero jcabrero force-pushed the feat/new_payment_logic branch from dd29f47 to e62bd32 Compare May 9, 2025 08:42
@jcabrero jcabrero force-pushed the feat/new_payment_logic branch 3 times, most recently from 6d40da9 to 558617b Compare May 9, 2025 11:51
@jcabrero jcabrero force-pushed the feat/new_payment_logic branch from 558617b to c918b4b Compare May 9, 2025 12:49
@jcabrero jcabrero changed the base branch from feat/improved_attestation_verification to main May 9, 2025 13:05
@jcabrero jcabrero changed the base branch from main to feat/improved_attestation_verification May 9, 2025 13:07
@jcabrero jcabrero force-pushed the feat/improved_attestation_verification branch from c5c0c6a to f5fe0a6 Compare May 9, 2025 14:01
@jcabrero jcabrero changed the base branch from feat/improved_attestation_verification to main May 9, 2025 14:56
@jcabrero jcabrero force-pushed the feat/new_payment_logic branch from 664cf00 to b756f27 Compare May 9, 2025 15:08
@jcabrero jcabrero requested review from lumasepa and mfontanini May 19, 2025 11:33
mfontanini
mfontanini approved these changes May 19, 2025
View reviewed changes
nilai-auth/nilai-auth-server/README.md
@@ -0,0 +1,56 @@
# Nilai Auth Server
Copy link
Member

@mfontanini mfontanini May 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where is this server meant to be ran? Is this running somewhere privately (locally?) that nobody else can hit?

Copy link
Member Author

@jcabrero jcabrero May 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is never run by Nillion on a production environment. It is just meant to be an example for FEs on how to run an intermediate service that delegates the subscription to users. I will introduce a better clarification to say this is just a demo example.

nilai-auth/nuc-helpers/src/nuc_helpers/helpers.py Outdated
Returns:
The balance of the user in UNIL
"""
print("grpc_endpoint", grpc_endpoint)
Copy link
Member

@mfontanini mfontanini May 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: leftover print

nilai-auth/nuc-helpers/src/nuc_helpers/helpers.py Outdated
grpc_endpoint: The endpoint of the grpc server
"""

if get_unil_balance(wallet.address(), grpc_endpoint=grpc_endpoint) < 0:
Copy link
Member

@mfontanini mfontanini May 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can use nilauth_client.subscription_cost to get the cost and compare more accurately against that (probably add a leeway because of gas).

Copy link
Member Author

@jcabrero jcabrero May 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great point!

lumasepa
lumasepa reviewed May 20, 2025
View reviewed changes
nilai-auth/nuc-helpers/src/nuc_helpers/main.py
@@ -0,0 +1,138 @@
from nuc_helpers import (
Copy link
Contributor

@lumasepa lumasepa May 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe this file should be called tests, and invoked using pytest

Copy link
Member Author

@jcabrero jcabrero May 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In fact, with the following PR, I do this, I integrated this code as part of the e2e tests so that all the tests are executing under this scenario.

nilai-auth/nilai-auth-server/README.md
@@ -0,0 +1,56 @@
# Nilai Auth Server
Copy link
Contributor

@lumasepa lumasepa May 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm wondering if this should be a dev/testing helper library instead of a service, why is it a service?

Copy link
Member Author

@jcabrero jcabrero May 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, it is meant to be a dev/testing helper library. It is not a service in itself, but is meant to be a guide for FEs or others to implement a B2B2C scenario where a subscription is delegated.

@jcabrero @lumasepa
Update .github/workflows/ci.yml
2774cde 
Co-authored-by: Sergio Medina <lumasepa@gmail.com>
@jcabrero jcabrero merged commit 138ce56 into main May 21, 2025
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mfontanini mfontanini mfontanini approved these changes

+1 more reviewer

@lumasepa lumasepa lumasepa left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@jcabrero jcabrero

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jcabrero @mfontanini @lumasepa