From 5ca0147ac32f8b170a9efdb7c23c5f5349b35eed Mon Sep 17 00:00:00 2001
From: Tanya S <120410716+stubbsta@users.noreply.github.com>
Date: Tue, 28 May 2024 16:20:17 +0200
Subject: [PATCH] All nwaku nodes use own account (#57)

* read keys from foundry config and write to shared file

* each nwaku service uses its index to retrieve a private key for keystore

* remove node index related code, no longer needed

* removed additional script and files

* fixed scipt shell reference in run_nwaku
---
 docker-compose.yml | 13 +++++++----
 run_nwaku.sh       | 56 ++++++++++++++++++++++++++++++++++++----------
 2 files changed, 53 insertions(+), 16 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index c89da5b..4f5f4d9 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -21,11 +21,13 @@ services:
         --port=8545
         --host=0.0.0.0
         --chain-id=1337
-        --accounts=1
+        --accounts=${NUM_NWAKU_NODES:-5}
         --allow-origin=*
         --block-time=12
         --silent
-        --config-out=anvil-config.txt
+        --config-out=/shared/anvil-config.txt
+    volumes:
+      - privatekeys-volume:/shared
     networks:
       - simulation
 
@@ -74,7 +76,6 @@ services:
     entrypoint: sh
     environment:
       - RPC_URL=${RPC_URL:-http://foundry:8545}
-      - PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80
       - RLN_CONTRACT_ADDRESS=0x9fE46736679d2D9a65F0992F2272dE9f3c7fa6e0
       - RLN_CREDENTIAL_PATH=/keystore.json
       - RLN_CREDENTIAL_PASSWORD=passw123
@@ -82,6 +83,7 @@ services:
       - '/opt/run_nwaku.sh'
     volumes:
       - ./run_nwaku.sh:/opt/run_nwaku.sh:Z
+      - privatekeys-volume:/shared
     depends_on:
       contract-repo-deployer:
         condition: service_completed_successfully
@@ -216,4 +218,7 @@ services:
       - redis
       - foundry
     networks:
-      - simulation
\ No newline at end of file
+      - simulation
+
+volumes:
+  privatekeys-volume:
\ No newline at end of file
diff --git a/run_nwaku.sh b/run_nwaku.sh
index 8a69e0e..e4a6c4c 100755
--- a/run_nwaku.sh
+++ b/run_nwaku.sh
@@ -1,13 +1,16 @@
 #!/bin/sh
 
-# Install bind-tools package used for domainname resolution
+# Install bind-tools package used for domainname resolution and jq for json parsing
 apk add bind-tools
+apk add jq
 
 if test -f .env; then
   echo "Using .env file"  
   . $(pwd)/.env
 fi
 
+IP=$(ip a | grep "inet " | grep -Fv 127.0.0.1 | sed 's/.*inet \([^/]*\).*/\1/')
+
 # Function to extract IP address from URL, resolve the IP and replace it in the original URL
 get_ip_address_and_replace() {
     local url=$1
@@ -33,29 +36,58 @@ else
     fi
 fi
 
+#Function to get the index of the container and use it to retrieve a private key to be used to generate the keystore
+get_private_key(){
+
+  # Read the JSON file
+  json_content=$(cat /shared/anvil-config.txt)
+
+  # Extract private_keys json array using jq
+  private_keys=$(echo "$json_content" | jq -r '.private_keys[]')
+
+  # get the service specified in the docker-compose.yml 
+  # by a reverse DNS lookup on the IP
+  SERVICE=`dig -x $IP +short | cut -d'_' -f2`
+
+  # the number of replicas is equal to the A records 
+  # associated with the service name
+  COUNT=`dig $SERVICE +short | wc -l`
+
+  # extract the replica number from the same PTR entry
+  INDEX=`dig -x $IP +short | sed 's/.*_\([0-9]*\)\..*/\1/'`
+
+  # iterate through list of private keys and get the one corresponding to the container index
+  # we need to iterate because array objects cannot be used in /bin/ash (Alpine) and a separate script would need to be called to use bash
+  current_index=1
+  for key in $private_keys
+  do
+    if [ $current_index -eq $INDEX ]; then
+      echo $key
+      break
+    fi
+    current_index=$((current_index+1))
+  done
+}
+
 if test -f .$RLN_CREDENTIAL_PATH; then
   echo "$RLN_CREDENTIAL_PATH already exists. Use it instead of creating a new one."
 else
+  private_key="$(get_private_key)"
+  echo "Private key: $private_key"
+
+  echo "Generating RLN keystore"
   /usr/bin/wakunode generateRlnKeystore \
     --rln-relay-eth-client-address="$RPC_URL" \
-    --rln-relay-eth-private-key=$PRIVATE_KEY  \
+    --rln-relay-eth-private-key=$private_key  \
     --rln-relay-eth-contract-address=$RLN_CONTRACT_ADDRESS \
     --rln-relay-cred-path=$RLN_CREDENTIAL_PATH \
     --rln-relay-cred-password=$RLN_CREDENTIAL_PASSWORD \
+    --log-level=INFO \
     --execute
 fi
 
-IP=$(ip a | grep "inet " | grep -Fv 127.0.0.1 | sed 's/.*inet \([^/]*\).*/\1/')
-
 echo "I am a nwaku node"
 
-# Get an unique node index based on the container's IP
-FOURTH_OCTET=${IP##*.}
-THIRD_OCTET="${IP%.*}"; THIRD_OCTET="${THIRD_OCTET##*.}"
-NODE_INDEX=$((FOURTH_OCTET + 256 * THIRD_OCTET))
-
-echo "NODE_INDEX $NODE_INDEX"
-
 RETRIES=${RETRIES:=10}
 
 while [ -z "${BOOTSTRAP_ENR}" ] && [ ${RETRIES} -ge 0 ]; do
@@ -87,7 +119,7 @@ exec /usr/bin/wakunode\
       --dns-discovery=true\
       --discv5-discovery=true\
       --discv5-enr-auto-update=True\
-      --log-level=INFO\
+      --log-level=DEBUG\
       --metrics-server=True\
       --metrics-server-address=0.0.0.0\
       --discv5-bootstrap-node=${BOOTSTRAP_ENR}\