Merge branch 'develop' of github.com:serai-dex/serai into develop

This commit is contained in:
Luke Parker 2022-09-16 12:18:31 -04:00
commit fd6c58805f
No known key found for this signature in database
GPG key ID: F9F1386DB1E119B6
14 changed files with 587 additions and 67 deletions

3
.gitattributes vendored Normal file
View file

@ -0,0 +1,3 @@
# Auto detect text files and perform LF normalization
* text=auto
* text eol=lf

52
deploy/README.md Normal file
View file

@ -0,0 +1,52 @@
# Deploy
## Run with Docker Compose
Running the Serai infrastructure is easy with Docker.
We utilize compose profiles to easily orchestrate various pieces of the infrastructure.
**Example:** `docker compose --profile cluster-coins-sm up`
All commands are assumed to be ran from the deploy folder, not the serai root folder.
### Profiles:
* base - single node, named base
* coins - node clients for coins only (BTC, ETH, XMR)
* cluster-sm - Alice (Validator), Bob, Charlie
* cluster-coins-sm - cluster-sm with coins
* cluter-lg - Alice (Validator), Bob, Charlie, Dave, Eve, Ferdie
* cluster-coins-lg - cluster-lg with coins
* monero - full node monero only
* bitcoin - full node bitcoin only
* ethereum - full node ethereum only
You can supply one or more profiles to the docker compose command to orchestrate the desired components.
**Example:** `docker compose --profile base --profile bitcoin up`
## Orchestration Approach
### Builds
The Serai node is the only piece of our infrastructure that we compile locally and for the first build, it can take 10 minutes or more to complete the image. Images for external coins download binaries, then verify the signatures and checksums of the build. Overall the standard image build process looks like:
**Stage 1 -- Builder**
* Configure environment.
* Get the binary.
* Verify binary using GPG.
* Uncompress binary to prepare image.
**Stage 2 -- Image**
* Copy needed files from builder.
* Move executables to bin folder.
* Copy scripts folder.
* Expose necessary ports.
* Map necessary volumes.
The best way is to build using docker compose, but if you prefer to build using docker directly, each image can be built directly.
**Example:** `docker build ./coins/bitcoin`
### Entrypoint
The Serai full node and external full nodes each are started from an entrypoint script inside the /scripts folder.
To update the scripts on the image you must rebuild the updated images using the --build flag after "up" in docker compose.
**Example:** `docker compose --profile bitcoin up --build`

View file

@ -0,0 +1,55 @@
# Configure Environment
FROM alpine:latest as builder
ENV BITCOIN_VERSION=23.0
ENV GLIBC_VERSION=2.28-r0
ENV BITCOIN_DATA=/home/bitcoin/.bitcoin
WORKDIR /home/bitcoin
RUN apk update \
&& apk --no-cache add ca-certificates gnupg bash su-exec
# Get Binary
# TODO: When bitcoin.org publishes 23.0, retrieve checksums from there.
RUN wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/bitcoin-${BITCOIN_VERSION}-x86_64-linux-gnu.tar.gz \
&& wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/SHA256SUMS \
&& wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/SHA256SUMS.asc
# Verify Binary
# For the PGP keys of builders and developers, refer to
# https://github.com/bitcoin/bitcoin/tree/master/contrib/builder-keys
# Serai recognizes the builder keys for 16/17 signatures
# from the 23.0 release
ENV KEYS 152812300785C96444D3334D17565732E08E5E41 0AD83877C1F0CD1EE9BD660AD7CC770B81FD22A8 590B7292695AFFA5B672CBB2E13FC145CD3F4304 948444FCE03B05BA5AB0591EC37B1C1D44C786EE 9EDAFF80E080659604F4A76B2EBB056FD847F8A7 E777299FC265DD04793070EB944D35F9AC3DB76A F4FC70F07310028424EFC20A8E4256593F177720 D1DBF2C4B96F2DEBF4C16654410108112E7EA81F
ENV KEYS2 4DAF18FE948E7A965B30F9457E296D555E7F63A7 28E72909F1717FE9607754F8A7BEB2621678D37D 74E2DEF5D77260B98BC19438099BAD163C70FBFA 71A3B16735405025D447E8F274810B012346C9A6 E463A93F5F3117EEDE6C7316BD02942421F4889F 9D3CC86A72F8494342EA5FD10A41BDC3F4FAFF1C 287AE4CA1187C68C08B49CB2D11BD4F33F1DB499 F9A8737BF4FF5C89C903DF31DD78544CF91B1514
# Use hardcoded prints to get keys from servers. 2 Different servers used.
RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys ${KEYS} \
&& gpg --keyserver hkp://keys.openpgp.org:80 --recv-keys ${KEYS2}
# verify all sigs and check for valid signature from laanwj -- 71A3
RUN gpg --verify --status-fd 1 --verify SHA256SUMS.asc SHA256SUMS | grep "^\[GNUPG:\] VALIDSIG.*71A3B16735405025D447E8F274810B012346C9A6"
RUN grep bitcoin-${BITCOIN_VERSION}-x86_64-linux-gnu.tar.gz SHA256SUMS | sha256sum -c
# Prepare Image
RUN tar xzvf bitcoin-${BITCOIN_VERSION}-x86_64-linux-gnu.tar.gz
# Prepare Image
FROM ubuntu:latest as image
WORKDIR /home/bitcoin
COPY --from=builder /home/bitcoin/* .
RUN mv bin/* /bin \
&& mv lib/* /lib \
&& mv share/* /share
COPY ./scripts /scripts
EXPOSE 8332 8333 18332 18333 18443 18444
VOLUME ["/home/bitcoin/.bitcoin"]
# Run
CMD ["bitcoind"]

View file

@ -0,0 +1,29 @@
#!/bin/sh
RPC_USER="${RPC_USER:=serai}"
RPC_PASS="${RPC_PASS:=seraidex}"
# address: bcrt1q7kc7tm3a4qljpw4gg5w73cgya6g9nfydtessgs
# private key: cV9X6E3J9jq7R1XR8uPED2JqFxqcd6KrC8XWPy1GchZj7MA7G9Wx
MINER="${MINER:=bcrt1q7kc7tm3a4qljpw4gg5w73cgya6g9nfydtessgs}"
PRIV_KEY="${PRIV_KEY:=cV9X6E3J9jq7R1XR8uPED2JqFxqcd6KrC8XWPy1GchZj7MA7G9Wx}"
BLOCK_TIME=${BLOCK_TIME:=5}
bitcoind -regtest -txindex -fallbackfee=0.000001 -rpcuser=$RPC_USER -rpcpassword=$RPC_PASS -rpcallowip=0.0.0.0/0 -rpcbind=127.0.0.1 -rpcbind=$(hostname) &
# give time to bitcoind to start
while true
do
bitcoin-cli -regtest -rpcuser=$RPC_USER -rpcpassword=$RPC_PASS generatetoaddress 100 $MINER && break
sleep 5
done
bitcoin-cli -regtest -rpcuser=$RPC_USER -rpcpassword=$RPC_PASS createwallet "miner" false false $RPC_PASS false false true &&
bitcoin-cli -regtest -rpcuser=$RPC_USER -rpcpassword=$RPC_PASS walletpassphrase $RPC_PASS 60 &&
bitcoin-cli -regtest -rpcuser=$RPC_USER -rpcpassword=$RPC_PASS importprivkey $PRIV_KEY
# mine a new block every BLOCK_TIME
while true
do
bitcoin-cli -regtest -rpcuser=$RPC_USER -rpcpassword=$RPC_PASS generatetoaddress 1 $MINER
sleep $BLOCK_TIME
done

View file

@ -0,0 +1,37 @@
# Prepare Environment
FROM alpine:latest as builder
ENV GETH_VERSION=1.10.23-d901d853
WORKDIR /home/ethereum
RUN apk update \
&& apk --no-cache add ca-certificates gnupg bash su-exec
# Get Binary
RUN wget https://gethstore.blob.core.windows.net/builds/geth-linux-amd64-${GETH_VERSION}.tar.gz\
&& wget https://gethstore.blob.core.windows.net/builds/geth-linux-amd64-${GETH_VERSION}.tar.gz.asc
# Verify Binary
# refer to https://geth.ethereum.org/downloads/#openpgp_signatures
# for the PGP keys of builders and developers
ENV KEYS 9BA28146 E058A81C 05A5DDF0 1CCB7DD2
RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys ${KEYS} \
&& gpg --verify geth-linux-amd64-${GETH_VERSION}.tar.gz.asc geth-linux-amd64-${GETH_VERSION}.tar.gz
# Prepare Image
RUN tar xzvf geth-linux-amd64-${GETH_VERSION}.tar.gz
# Prepare Image
FROM ubuntu:latest as image
WORKDIR /home/ethereum
COPY --from=builder /home/ethereum/* .
RUN mv * /bin/
COPY ./scripts /scripts
EXPOSE 8545 8546 30303 30303/udp
# Run
CMD ["geth"]

View file

@ -0,0 +1,2 @@
#!/bin/sh
geth --dev --dev.period 5 --verbosity 2 --networkid 15 --datadir "data" -mine --miner.threads 1 -http --http.addr 0.0.0.0 --http.port 8545 --allow-insecure-unlock --http.api "eth,net,web3,miner,personal,txpool,debug" --http.corsdomain "*" -nodiscover --http.vhosts="*"

View file

@ -0,0 +1,42 @@
# Prepare Environment
FROM alpine:latest as builder
# https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.1.0.tar.bz2
# Verification will fail if MONERO_VERSION doesn't match the latest
# due to the way monero publishes releases. They overwrite a single hashes.txt file
# each release, meaning we can only grab the SHA256 of the latest release.
# Most publish a asc file for each release / build architecture ¯\_(ツ)_/¯
ENV MONERO_VERSION=0.18.1.0
# monero-linux-x64-v0.18.1.0.tar.bz2 - https://github.com/monero-project/monero-site/commit/9dda1e3ccb84aa14dc09ed598a6d438c18363833
ENV GLIBC_VERSION=2.28-r0
WORKDIR /home/monero
RUN apk update \
&& apk --no-cache add ca-certificates gnupg bash su-exec
# Get Binary
RUN wget https://downloads.getmonero.org/cli/monero-linux-x64-v${MONERO_VERSION}.tar.bz2
# Verify Binary -- fingerprint from https://github.com/monero-project/monero-site/issues/1949
ENV KEYS F0AF4D462A0BDF92
RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-sigs-only --receive-keys ${KEYS}
ADD ./temp/hashes-v${MONERO_VERSION}.txt .
RUN gpg --verify hashes-v${MONERO_VERSION}.txt \
&& cat hashes-v${MONERO_VERSION}.txt | grep "$(sha256sum monero-linux-x64-v${MONERO_VERSION}.tar.bz2 | cut -c 1-64)"
# Cleanup
RUN tar -xvjf monero-linux-x64-v${MONERO_VERSION}.tar.bz2 --strip-components=1
# Prepare Image
FROM ubuntu:latest as image
WORKDIR /home/monero
COPY --from=builder /home/monero/* .
RUN mv * /bin/
COPY ./scripts /scripts
EXPOSE 18080 18081
VOLUME /home/monero/.bitmonero
CMD ["monerod"]

View file

@ -0,0 +1,20 @@
#!/bin/sh
# Setup Environment
RPC_USER="${RPC_USER:=serai}"
RPC_PASS="${RPC_PASS:=seraidex}"
MINER="${MINER:=xmraddr}"
BLOCK_TIME=${BLOCK_TIME:=5}
# Run Monero
monerod --regtest --rpc-login ${RPC_USER}:${RPC_PASS} \
--rpc-access-control-origins * --rpc-bind-ip=0.0.0.0 --offline \
--fixed-difficulty=1 --non-interactive --start-mining ${MINER} \
--mining-threads 1 --bg-mining-enable --detach
# give time to monerod to start
while true; do
sleep 5
done
# Create wallet from PRIV_KEY in monero wallet

View file

@ -0,0 +1,48 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
# This GPG-signed message exists to confirm the SHA256 sums of Monero binaries.
#
# Please verify the signature against the key for binaryFate in the
# source code repository (/utils/gpg_keys).
#
#
## CLI
0ea5ddb0630d6657810d38b1968ae76ba8e54806f46a2cc9bd02602f999aa741 monero-android-armv7-v0.18.1.0.tar.bz2
ca8c9daeaee758d482d5cde94912d33b2f62656719c821b2a496fd81c0d52a79 monero-android-armv8-v0.18.1.0.tar.bz2
1076d260b8b8fe513653916dabfa3c3790030836750d3af6bca56fc138a06af1 monero-freebsd-x64-v0.18.1.0.tar.bz2
ecba059a2dbbef9f059e37c0f329df037501752dd871719b41104c5d4c6d358b monero-linux-armv7-v0.18.1.0.tar.bz2
69e2bba6d5bd8fcf4986f59f232fdfd33b4ae2ce0959fd59567b153b923e057e monero-linux-armv8-v0.18.1.0.tar.bz2
9318e522a5cf95bc856772f15d7507fdef2c028e01f70d020078ad5e208f1304 monero-linux-x64-v0.18.1.0.tar.bz2
3d54dc813116955537a4a5ae4a0a3943d9d32842e076c223ea096551db438158 monero-linux-x86-v0.18.1.0.tar.bz2
065766f5799c6b972145e2b27830a584c18f64bdd276f31801493b7ef9e51b3c monero-mac-armv8-v0.18.1.0.tar.bz2
da87ac5c713f17985cd57bcd007ec76ffe75123cb546cd655edb14fdd8c3d745 monero-mac-x64-v0.18.1.0.tar.bz2
d0e2b3255163ec0499de42639cc86cf4ddae0bc5fa65aa7377ff9c40305da8fd monero-win-x64-v0.18.1.0.zip
ed18233503b6135a29732a79b261b50aced24b99686843bc11e7e9fb2d50cf42 monero-win-x86-v0.18.1.0.zip
0e4cb82d5f0c455536526c9f3105d1c8f683d4c0ad18a69972c0863944b01328 monero-source-v0.18.1.0.tar.bz2
#
## GUI
9b2c8978f96e8c9662373b427ef320ccd9d652d346435a8487a756bf55cf43ff monero-gui-install-win-x64-v0.18.1.0.exe
6c993b622516d85555d8962767b39c79a3b3614cbdf0ab9f62fa07e3826498d0 monero-gui-linux-x64-v0.18.1.0.tar.bz2
0b06351b370863dce8fff9d8659a8235b98505c61c7e4f5af23843b161d92186 monero-gui-mac-x64-v0.18.1.0.dmg
39c4290a01072cc8fe8eabaa2c61598421a72eac6011eccd16a2a63e89323fa2 monero-gui-win-x64-v0.18.1.0.zip
ecb33e329af5cf671b562a0c14a562a7b061736a0f75733dc862b29e9176797c monero-gui-source-v0.18.1.0.tar.bz2
#
#
# ~binaryFate
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEgaxZH+nEtlxYBq/D8K9NRioL35IFAmL04d8ACgkQ8K9NRioL
35II+A/+J2z+VbOIc4ZZdHRuwOchGcyyafpmtQM3JqSNCtlo3y2973yuUSWen26T
MSkwsOIinGxsRllAdTyoJPTvv0Ohl2vVqbigAvrtuti9h0C75mX1AdBY7C2ot37L
6flWDcBdE1VJOsZqPpUj6MsF8738H/n1z4KAjA5WZB7bJerHB3bFu4J5TjUFmhM1
Uf+uH28V7hJUd3sWAe6okbJWsexfLdof1jvpg5sH7Mb2XhP6C8bJVDVXYzDOZoan
zYB9IcBAP9pY9xp6F1M33n5Un+75ShyyTrGjRc8Fbbgr/SpsTZZ5YKwoVAEnMH3K
AEOLFDZEhzO4j0BoyeV/K9q6bzSSsrbyo1yQ38UWT3yCJYpQJWKmFJHvMz0/N1xH
pMpuc5otmRiYddB/PgRp+uKzQzq6ye1LYh3PmvU8b9yaE+2XxqXR8cTUNid0E5gQ
iXZjuLD06nDCtSe7m2Duj9W39PeB3M+kALU27KOjcio7WG0H2O0TJqVyBnBbviYi
PpCa5sBbr9NxdgRLWEaFfynaVa7ls3NkaO9ipN0tRJ6uUuAxuEgzBRpL+cYHK+fo
ZD223xP8Z33ZF+DIe6D+sCDW/UJNGCK3PBuDSQrzXSQkysQj2+mcQ9JNFIkY+Xm2
SvDIaTuLAZLo6DXxzPPBuKB1iYWh0LUmAMaCOM220j/eKq9Y5yA=
=M0wB
-----END PGP SIGNATURE-----

176
deploy/docker-compose.yml Normal file
View file

@ -0,0 +1,176 @@
version: "3.9"
name: serai-dev
# ------------------------------------------------------------
# Services
# ------------------------------------------------------------
# Profiles:
# base - single node, unidentified
# coins - node clients for coins only (BTC, ETH, XMR)
# cluster-sm - Alice, Bob, Charlie
# cluster-coins-sm - cluster-sm with coins
# cluter-lg - Alice, Bob, Charlie, Dave, Eve, Ferdie
# cluster-coins-lg - cluster-lg with coins
# monero - full node monero only
# bitcoin - full node bitcoin only
# ethereum - full node ethereum only
# Example: docker compose --profile bitcoin up
volumes:
serai-base:
serai-alice:
serai-bob:
serai-charlie:
serai-dave:
serai-eve:
serai-ferdie:
services:
_serai:
&serai_defaults
restart: unless-stopped
image: serai:dev
profiles:
- _
build:
context: ../
dockerfile: ./deploy/serai/Dockerfile
args:
TAG: serai
entrypoint: /scripts/entry-dev.sh
volumes:
- "./serai/scripts:/scripts"
serai-base:
&serai
<<: *serai_defaults
hostname: serai-base
profiles:
- base
environment:
CHAIN: dev
NAME: base
serai-alice:
&serai
<<: *serai_defaults
hostname: serai-alice
profiles:
- alice
- cluster-sm
- cluster-coins-sm
- cluster-lg
- cluster-coins-lg
environment:
CHAIN: dev
NAME: Alice
VALIDATOR: true
serai-bob:
&serai
<<: *serai_defaults
hostname: serai-bob
profiles:
- bob
- cluster-sm
- cluster-coins-sm
- cluster-lg
- cluster-coins-lg
environment:
CHAIN: dev
NAME: Bob
serai-charlie:
&serai
<<: *serai_defaults
hostname: serai-charlie
profiles:
- charlie
- cluster-sm
- cluster-coins-sm
- cluster-lg
- cluster-coins-lg
environment:
CHAIN: dev
NAME: Charlie
serai-dave:
&serai
<<: *serai_defaults
hostname: serai-dave
profiles:
- dave
- cluster-lg
- cluster-coins-lg
environment:
CHAIN: dev
NAME: Dave
serai-eve:
&serai
<<: *serai_defaults
hostname: serai-eve
profiles:
- eve
- cluster-lg
- cluster-coins-lg
environment:
CHAIN: dev
NAME: Eve
serai-ferdie:
&serai
<<: *serai_defaults
hostname: serai-ferdie
profiles:
- ferdie
- cluster-lg
- cluster-coins-lg
environment:
CHAIN: dev
NAME: Ferdie
# Processor Services
# Coin Services
bitcoin:
profiles:
- single-coins
- cluster-coins-sm
- cluster-coins-lg
- coins
- bitcoin
build:
context: ./coins/bitcoin/
restart: unless-stopped
volumes:
- "./coins/bitcoin/scripts:/scripts"
entrypoint: /scripts/entry-dev.sh
ethereum:
profiles:
- single-coins
- cluster-coins-sm
- cluster-coins-lg
- coins
- ethereum
build:
context: ./coins/ethereum/
restart: unless-stopped
volumes:
- "./coins/ethereum/scripts:/scripts"
entrypoint: /scripts/entry-dev.sh
monero:
profiles:
- single-coins
- cluster-coins-sm
- cluster-coins-lg
- coins
- monero
build:
context: ./coins/monero/
restart: unless-stopped
volumes:
- "./coins/monero/temp:/temp"
- "./coins/monero/scripts:/scripts"
entrypoint: /scripts/entry-dev.sh

42
deploy/serai/Dockerfile Normal file
View file

@ -0,0 +1,42 @@
FROM docker.io/paritytech/ci-linux:production as builder
LABEL description="STAGE 1: Build"
# Add files for build
ADD substrate /serai/substrate
ADD processor /serai/processor
ADD coins /serai/coins
ADD crypto /serai/crypto
ADD contracts /serai/contracts
ADD Cargo.toml /serai
ADD AGPL-3.0 /serai
WORKDIR /serai
# Update Rust
RUN rustup update
# Install Solc @ 0.8.16
RUN pip3 install solc-select
RUN solc-select install 0.8.16
RUN solc-select use 0.8.16
# Build it
RUN cargo build --release
# Mount for Cache
RUN --mount=type=cache,target=/usr/local/cargo/registry \
--mount=type=cache,target=/serai/target
# Prepare Image
FROM ubuntu:latest as image
LABEL description="STAGE 2: Copy and Run"
WORKDIR /home/serai
# Copy necessary files to run node
COPY --from=builder /serai/target/release/* /bin/
COPY --from=builder /serai/AGPL-3.0 .
# Run node
EXPOSE 30333 9615 9933 9944
CMD ["serai-node"]

View file

@ -0,0 +1,6 @@
#!/bin/bash
if [[ -z $VALIDATOR ]]; then
serai-node --chain $CHAIN --name $NAME
else
serai-node --chain $CHAIN --name $NAME --validator
fi

View file

@ -46,8 +46,16 @@ pub fn development_config() -> Result<ChainSpec, &'static str> {
vec![
get_account_id_from_seed::<sr25519::Public>("Alice"),
get_account_id_from_seed::<sr25519::Public>("Bob"),
get_account_id_from_seed::<sr25519::Public>("Charlie"),
get_account_id_from_seed::<sr25519::Public>("Dave"),
get_account_id_from_seed::<sr25519::Public>("Eve"),
get_account_id_from_seed::<sr25519::Public>("Ferdie"),
get_account_id_from_seed::<sr25519::Public>("Alice//stash"),
get_account_id_from_seed::<sr25519::Public>("Bob//stash"),
get_account_id_from_seed::<sr25519::Public>("Charlie//stash"),
get_account_id_from_seed::<sr25519::Public>("Dave//stash"),
get_account_id_from_seed::<sr25519::Public>("Eve//stash"),
get_account_id_from_seed::<sr25519::Public>("Ferdie//stash"),
],
)
},