Skip to content

Commit

Permalink
Merge branch 'main' into epociask--feat-init-v2-scaffolds
Browse files Browse the repository at this point in the history
  • Loading branch information
@ethenotethan
ethenotethan authored Feb 6, 2025
2 parents 5ea4d48 + 97b71bd commit c47aa1b
Show file tree
Hide file tree
Showing 4 changed files with 56 additions and 2 deletions.
43 changes: 43 additions & 0 deletions .github/workflows/codeql-scanning.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
name: "codeql-scanning"

on:
push:
branches:
- main
- 'release/*'
pull_request:
branches:
- main
- 'release/*'
schedule:
- cron: '0 9 * * *'

jobs:
CodeQL-Scanning:

runs-on: ubuntu-latest

permissions:
contents: read
security-events: write
pull-requests: read

steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
with:
submodules: recursive

- name: Install golang
uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # 5.3.0
with:
go-version: '1.21.13'

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@dd746615b3b9d728a6a37ca2045b68ca76d4841a #3.28.8
with:
languages: go

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@dd746615b3b9d728a6a37ca2045b68ca76d4841a #3.28.8
7 changes: 6 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ In order to disperse to the EigenDA network in production, or at high throughput
- [Deployment Guide](#deployment-guide)
- [Hardware Requirements](#hardware-requirements)
- [Ethereum Node Requirements](#ethereum-node-requirements)
- [SRS Points Requirements](#srs-points-requirements)
- [Deployment Steps](#deployment-steps)
- [Env File](#env-file)
- [Running via Docker](#running-via-docker)
Expand Down Expand Up @@ -75,6 +76,10 @@ A normal (non-archival) Ethereum node is sufficient for running the proxy with [
1. immutable (eg: [securityThresholds](https://github.com/Layr-Labs/eigenda/blob/a6dd724acdf732af483fd2d9a86325febe7ebdcd/contracts/src/core/EigenDAThresholdRegistryStorage.sol#L30)), or
2. are upgradeable but have all the historical versions available in contract storage (eg: [versioninedBlobParams](https://github.com/Layr-Labs/eigenda/blob/a6dd724acdf732af483fd2d9a86325febe7ebdcd/contracts/src/core/EigenDAThresholdRegistryStorage.sol#L27))

### SRS Points Requirements

In order to compute (and in our current implementation also verify) KZG commitments, G1 SRS points of size equivalent to the blob size are needed. The points must be loaded into the binary by using the [--eigenda.g1-path](https://github.com/Layr-Labs/eigenda-proxy/blob/147783535bedc117097ddc1c8c1eb7688de29eb6/verify/cli.go#L55) flag. A 32MiB G1 SRS file is available under [./resources/g1.point](./resources/g1.point). This file is also copied inside our distributed [docker images](https://github.com/Layr-Labs/eigenda-proxy/pkgs/container/eigenda-proxy), at [\<WORKDIR\>/resources/g1.point](https://github.com/Layr-Labs/eigenda-proxy/blob/147783535bedc117097ddc1c8c1eb7688de29eb6/Dockerfile#L30). The `--eigenda.g1-path` flag's default value is the relative path `resources/g1.point`, which will work when running the binary from the repo's root directory, as well as inside the container.

### Deployment Steps

```bash
Expand Down Expand Up @@ -280,7 +285,7 @@ To quickly set up monitoring dashboard, add eigenda-proxy metrics endpoint to a
| `--metrics.enabled` | `false` | `$EIGENDA_PROXY_METRICS_ENABLED` | Enable the metrics server. |
| `--metrics.port` | `7300` | `$EIGENDA_PROXY_METRICS_PORT` | Metrics listening port. |
| `--port` | `3100` | `$EIGENDA_PROXY_PORT` | Server listening port. |
| `--s3.credential-type` | | `$EIGENDA_PROXY_S3_CREDENTIAL_TYPE` | Static or iam. |
| `--s3.credential-type` | | `$EIGENDA_PROXY_S3_CREDENTIAL_TYPE` | Static, iam or public. |
| `--s3.access-key-id` | | `$EIGENDA_PROXY_S3_ACCESS_KEY_ID` | Access key id for S3 storage. |
| `--s3.access-key-id` | | `$EIGENDA_PROXY_S3_ACCESS_KEY_ID` | Access key id for S3 storage. |
| `--s3.access-key-secret` | | `$EIGENDA_PROXY_S3_ACCESS_KEY_SECRET` | Access key secret for S3 storage. |
Expand Down
2 changes: 1 addition & 1 deletion store/precomputed_key/s3/cli.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ func CLIFlags(envPrefix, category string) []cli.Flag {
},
&cli.StringFlag{
Name: CredentialTypeFlagName,
Usage: "the way to authenticate to S3, options are [iam, static]",
Usage: "the way to authenticate to S3, options are [iam, static, public]",
EnvVars: withEnvPrefix(envPrefix, "CREDENTIAL_TYPE"),
Category: category,
},
Expand Down
6 changes: 6 additions & 0 deletions store/precomputed_key/s3/s3.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ import (
const (
CredentialTypeStatic CredentialType = "static"
CredentialTypeIAM CredentialType = "iam"
CredentialTypePublic CredentialType = "public"
CredentialTypeUnknown CredentialType = "unknown"
)

Expand All @@ -30,6 +31,8 @@ func StringToCredentialType(s string) CredentialType {
return CredentialTypeStatic
case "iam":
return CredentialTypeIAM
case "public":
return CredentialTypePublic
default:
return CredentialTypeUnknown
}
Expand Down Expand Up @@ -138,5 +141,8 @@ func creds(cfg Config) *credentials.Credentials {
if cfg.CredentialType == CredentialTypeIAM {
return credentials.NewIAM("")
}
if cfg.CredentialType == CredentialTypePublic {
return nil
}
return credentials.NewStaticV4(cfg.AccessKeyID, cfg.AccessKeySecret, "")
}

0 comments on commit c47aa1b

Please sign in to comment.