diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..0fbe460 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,36 @@ +# Build artifacts +target/ +**/target/ + +# RocksDB data +rocksdb/ +**/rocksdb/ + +# Git +.git/ +.gitignore + +# IDE +.vscode/ +.idea/ +*.swp +*.swo +*~ + +# OS +.DS_Store +Thumbs.db + +# CI/CD +.github/ +ci_scripts/ + +# Documentation +*.md +!README.md + +# Configs (copy selectively if needed) +configs/ + +# License +LICENSE diff --git a/.github/workflows/publish_image.yml b/.github/workflows/publish_image.yml new file mode 100644 index 0000000..7f070e3 --- /dev/null +++ b/.github/workflows/publish_image.yml @@ -0,0 +1,44 @@ +name: Publish Sequencer Runner Image + +on: + workflow_dispatch: + +jobs: + publish: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to registry + uses: docker/login-action@v3 + with: + registry: ${{ secrets.DOCKER_REGISTRY }} + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Extract metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ secrets.DOCKER_REGISTRY }}/${{ github.repository }}/sequencer_runner + tags: | + type=ref,event=branch + type=ref,event=pr + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=sha,prefix={{branch}}- + type=raw,value=latest,enable={{is_default_branch}} + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: . + file: ./sequencer_runner/Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max diff --git a/.gitignore b/.gitignore index 61e1536..a2c2587 100644 --- a/.gitignore +++ b/.gitignore @@ -6,4 +6,6 @@ data/ .idea/ .vscode/ rocksdb -Cargo.lock \ No newline at end of file +Cargo.lock +sequencer_runner/data/ +storage.json \ No newline at end of file diff --git a/sequencer_runner/Dockerfile b/sequencer_runner/Dockerfile new file mode 100644 index 0000000..a41b586 --- /dev/null +++ b/sequencer_runner/Dockerfile @@ -0,0 +1,72 @@ +# Chef stage - uses pre-built cargo-chef image +FROM lukemathwalker/cargo-chef:latest-rust-1.91.1-slim-trixie AS chef + +# Install build dependencies +RUN apt-get update && apt-get install -y \ + pkg-config \ + libssl-dev \ + libclang-dev \ + clang \ + && rm -rf /var/lib/apt/lists/* + +# RUN find / -regex ".*libcrypto.so.3.*" + +WORKDIR /sequencer_runner + +# Planner stage - generates dependency recipe +FROM chef AS planner +COPY . . +RUN cargo chef prepare --bin sequencer_runner --recipe-path recipe.json + +# Builder stage - builds dependencies and application +FROM chef AS builder +COPY --from=planner /sequencer_runner/recipe.json recipe.json +# Build dependencies only (this layer will be cached) +RUN cargo chef cook --bin sequencer_runner --release --recipe-path recipe.json + +# Copy source code +COPY . . + +# Build the actual application +RUN cargo build --release --bin sequencer_runner + +# Strip debug symbols to reduce binary size +RUN strip /sequencer_runner/target/release/sequencer_runner + +# Runtime stage - minimal image +FROM debian:trixie-slim + +# Create non-root user for security +RUN useradd -m -u 1000 -s /bin/bash sequencer_user && \ + mkdir -p /sequencer_runner /etc/sequencer_runner && \ + chown -R sequencer_user:sequencer_user /sequencer_runner /etc/sequencer_runner + +WORKDIR /sequencer_runner + +# Copy binary from builder +COPY --from=builder --chown=sequencer_user:sequencer_user /sequencer_runner/target/release/sequencer_runner /usr/local/bin/sequencer_runner + +# Switch to non-root user +USER sequencer_user + +# Volume for configuration directory +VOLUME ["/etc/sequencer_runner"] + +# Expose default port +EXPOSE 3040 + +# Health check (TODO #244: Replace when a real health endpoint is available) +HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ + CMD curl http://localhost:3040 \ + -H "Content-Type: application/json" \ + -d "{ \ + \"jsonrpc\": \"2.0\", \ + \"method\": \"hello\", \ + \"params\": {}, \ + \"id\": 1 \ + }" || exit 1 + +# Run the application +ENV RUST_LOG=info + +CMD ["sequencer_runner", "/etc/sequencer_runner"] diff --git a/sequencer_runner/configs/docker/sequencer_config.json b/sequencer_runner/configs/docker/sequencer_config.json new file mode 100644 index 0000000..56101f4 --- /dev/null +++ b/sequencer_runner/configs/docker/sequencer_config.json @@ -0,0 +1,158 @@ +{ + "home": "/var/lib/sequencer_runner", + "override_rust_log": null, + "genesis_id": 1, + "is_genesis_random": true, + "max_num_tx_in_block": 20, + "mempool_max_size": 10000, + "block_create_timeout_millis": 10000, + "port": 3040, + "initial_accounts": [ + { + "account_id": "BLgCRDXYdQPMMWVHYRFGQZbgeHx9frkipa8GtpG2Syqy", + "balance": 10000 + }, + { + "account_id": "Gj1mJy5W7J5pfmLRujmQaLfLMWidNxQ6uwnhb666ZwHw", + "balance": 20000 + } + ], + "initial_commitments": [ + { + "npk": [ + 63, + 202, + 178, + 231, + 183, + 82, + 237, + 212, + 216, + 221, + 215, + 255, + 153, + 101, + 177, + 161, + 254, + 210, + 128, + 122, + 54, + 190, + 230, + 151, + 183, + 64, + 225, + 229, + 113, + 1, + 228, + 97 + ], + "account": { + "program_owner": [ + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0 + ], + "balance": 10000, + "data": [], + "nonce": 0 + } + }, + { + "npk": [ + 192, + 251, + 166, + 243, + 167, + 236, + 84, + 249, + 35, + 136, + 130, + 172, + 219, + 225, + 161, + 139, + 229, + 89, + 243, + 125, + 194, + 213, + 209, + 30, + 23, + 174, + 100, + 244, + 124, + 74, + 140, + 47 + ], + "account": { + "program_owner": [ + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0 + ], + "balance": 20000, + "data": [], + "nonce": 0 + } + } + ], + "signing_key": [ + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37, + 37 + ] +} \ No newline at end of file diff --git a/sequencer_runner/docker-compose.yml b/sequencer_runner/docker-compose.yml new file mode 100644 index 0000000..5301962 --- /dev/null +++ b/sequencer_runner/docker-compose.yml @@ -0,0 +1,14 @@ +services: + sequencer_runner: + image: lssa/sequencer_runner + build: + context: .. + dockerfile: sequencer_runner/Dockerfile + container_name: sequencer_runner + ports: + - "3040:3040" + volumes: + # Mount configuration folder + - ./configs/docker:/etc/sequencer_runner + # Mount data folder + - ./data:/var/lib/sequencer_runner diff --git a/wallet/configs/debug/wallet_config.json b/wallet/configs/debug/wallet_config.json new file mode 100644 index 0000000..ad7b279 --- /dev/null +++ b/wallet/configs/debug/wallet_config.json @@ -0,0 +1,547 @@ +{ + "override_rust_log": null, + "sequencer_addr": "http://127.0.0.1:3040", + "seq_poll_timeout_millis": 12000, + "seq_tx_poll_max_blocks": 5, + "seq_poll_max_retries": 5, + "seq_block_poll_max_amount": 100, + "initial_accounts": [ + { + "Public": { + "account_id": "BLgCRDXYdQPMMWVHYRFGQZbgeHx9frkipa8GtpG2Syqy", + "pub_sign_key": [ + 16, + 162, + 106, + 154, + 236, + 125, + 52, + 184, + 35, + 100, + 238, + 174, + 69, + 197, + 41, + 77, + 187, + 10, + 118, + 75, + 0, + 11, + 148, + 238, + 185, + 181, + 133, + 17, + 220, + 72, + 124, + 77 + ] + } + }, + { + "Public": { + "account_id": "Gj1mJy5W7J5pfmLRujmQaLfLMWidNxQ6uwnhb666ZwHw", + "pub_sign_key": [ + 113, + 121, + 64, + 177, + 204, + 85, + 229, + 214, + 178, + 6, + 109, + 191, + 29, + 154, + 63, + 38, + 242, + 18, + 244, + 219, + 8, + 208, + 35, + 136, + 23, + 127, + 207, + 237, + 216, + 169, + 190, + 27 + ] + } + }, + { + "Private": { + "account_id": "3oCG8gqdKLMegw4rRfyaMQvuPHpcASt7xwttsmnZLSkw", + "account": { + "program_owner": [ + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0 + ], + "balance": 10000, + "data": [], + "nonce": 0 + }, + "key_chain": { + "secret_spending_key": [ + 251, + 82, + 235, + 1, + 146, + 96, + 30, + 81, + 162, + 234, + 33, + 15, + 123, + 129, + 116, + 0, + 84, + 136, + 176, + 70, + 190, + 224, + 161, + 54, + 134, + 142, + 154, + 1, + 18, + 251, + 242, + 189 + ], + "private_key_holder": { + "nullifier_secret_key": [ + 29, + 250, + 10, + 187, + 35, + 123, + 180, + 250, + 246, + 97, + 216, + 153, + 44, + 156, + 16, + 93, + 241, + 26, + 174, + 219, + 72, + 84, + 34, + 247, + 112, + 101, + 217, + 243, + 189, + 173, + 75, + 20 + ], + "incoming_viewing_secret_key": [ + 251, + 201, + 22, + 154, + 100, + 165, + 218, + 108, + 163, + 190, + 135, + 91, + 145, + 84, + 69, + 241, + 46, + 117, + 217, + 110, + 197, + 248, + 91, + 193, + 14, + 104, + 88, + 103, + 67, + 153, + 182, + 158 + ], + "outgoing_viewing_secret_key": [ + 25, + 67, + 121, + 76, + 175, + 100, + 30, + 198, + 105, + 123, + 49, + 169, + 75, + 178, + 75, + 210, + 100, + 143, + 210, + 243, + 228, + 243, + 21, + 18, + 36, + 84, + 164, + 186, + 139, + 113, + 214, + 12 + ] + }, + "nullifer_public_key": [ + 63, + 202, + 178, + 231, + 183, + 82, + 237, + 212, + 216, + 221, + 215, + 255, + 153, + 101, + 177, + 161, + 254, + 210, + 128, + 122, + 54, + 190, + 230, + 151, + 183, + 64, + 225, + 229, + 113, + 1, + 228, + 97 + ], + "incoming_viewing_public_key": [ + 3, + 235, + 139, + 131, + 237, + 177, + 122, + 189, + 6, + 177, + 167, + 178, + 202, + 117, + 246, + 58, + 28, + 65, + 132, + 79, + 220, + 139, + 119, + 243, + 187, + 160, + 212, + 121, + 61, + 247, + 116, + 72, + 205 + ] + } + } + }, + { + "Private": { + "account_id": "AKTcXgJ1xoynta1Ec7y6Jso1z1JQtHqd7aPQ1h9er6xX", + "account": { + "program_owner": [ + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0 + ], + "balance": 20000, + "data": [], + "nonce": 0 + }, + "key_chain": { + "secret_spending_key": [ + 238, + 171, + 241, + 69, + 111, + 217, + 85, + 64, + 19, + 82, + 18, + 189, + 32, + 91, + 78, + 175, + 107, + 7, + 109, + 60, + 52, + 44, + 243, + 230, + 72, + 244, + 192, + 92, + 137, + 33, + 118, + 254 + ], + "private_key_holder": { + "nullifier_secret_key": [ + 25, + 211, + 215, + 119, + 57, + 223, + 247, + 37, + 245, + 144, + 122, + 29, + 118, + 245, + 83, + 228, + 23, + 9, + 101, + 120, + 88, + 33, + 238, + 207, + 128, + 61, + 110, + 2, + 89, + 62, + 164, + 13 + ], + "incoming_viewing_secret_key": [ + 193, + 181, + 14, + 196, + 142, + 84, + 15, + 65, + 128, + 101, + 70, + 196, + 241, + 47, + 130, + 221, + 23, + 146, + 161, + 237, + 221, + 40, + 19, + 126, + 59, + 15, + 169, + 236, + 25, + 105, + 104, + 231 + ], + "outgoing_viewing_secret_key": [ + 20, + 170, + 220, + 108, + 41, + 23, + 155, + 217, + 247, + 190, + 175, + 168, + 247, + 34, + 105, + 134, + 114, + 74, + 104, + 91, + 211, + 62, + 126, + 13, + 130, + 100, + 241, + 214, + 250, + 236, + 38, + 150 + ] + }, + "nullifer_public_key": [ + 192, + 251, + 166, + 243, + 167, + 236, + 84, + 249, + 35, + 136, + 130, + 172, + 219, + 225, + 161, + 139, + 229, + 89, + 243, + 125, + 194, + 213, + 209, + 30, + 23, + 174, + 100, + 244, + 124, + 74, + 140, + 47 + ], + "incoming_viewing_public_key": [ + 2, + 181, + 98, + 93, + 216, + 241, + 241, + 110, + 58, + 198, + 119, + 174, + 250, + 184, + 1, + 204, + 200, + 173, + 44, + 238, + 37, + 247, + 170, + 156, + 100, + 254, + 116, + 242, + 28, + 183, + 187, + 77, + 255 + ] + } + } + } + ], + "basic_auth": null +} \ No newline at end of file