From 8b77af9bd6ee2f8582a485d049b23b9d01d4a695 Mon Sep 17 00:00:00 2001 From: Samuel Laferriere Date: Wed, 5 Feb 2025 10:28:43 -0500 Subject: [PATCH 1/3] docs: add srs requirements section to readme (#276) * docs: add srs requirements section to readme * docs: fix readme typo --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index 17aaa187..22d95a2c 100644 --- a/README.md +++ b/README.md @@ -33,6 +33,7 @@ In order to disperse to the EigenDA network in production, or at high throughput - [Deployment Guide](#deployment-guide) - [Hardware Requirements](#hardware-requirements) - [Ethereum Node Requirements](#ethereum-node-requirements) + - [SRS Points Requirements](#srs-points-requirements) - [Deployment Steps](#deployment-steps) - [Env File](#env-file) - [Running via Docker](#running-via-docker) @@ -75,6 +76,10 @@ A normal (non-archival) Ethereum node is sufficient for running the proxy with [ 1. immutable (eg: [securityThresholds](https://github.com/Layr-Labs/eigenda/blob/a6dd724acdf732af483fd2d9a86325febe7ebdcd/contracts/src/core/EigenDAThresholdRegistryStorage.sol#L30)), or 2. are upgradeable but have all the historical versions available in contract storage (eg: [versioninedBlobParams](https://github.com/Layr-Labs/eigenda/blob/a6dd724acdf732af483fd2d9a86325febe7ebdcd/contracts/src/core/EigenDAThresholdRegistryStorage.sol#L27)) +### SRS Points Requirements + +In order to compute (and in our current implementation also verify) KZG commitments, G1 SRS points of size equivalent to the blob size are needed. The points must be loaded into the binary by using the [--eigenda.g1-path](https://github.com/Layr-Labs/eigenda-proxy/blob/147783535bedc117097ddc1c8c1eb7688de29eb6/verify/cli.go#L55) flag. A 32MiB G1 SRS file is available under [./resources/g1.point](./resources/g1.point). This file is also copied inside our distributed [docker images](https://github.com/Layr-Labs/eigenda-proxy/pkgs/container/eigenda-proxy), at [\/resources/g1.point](https://github.com/Layr-Labs/eigenda-proxy/blob/147783535bedc117097ddc1c8c1eb7688de29eb6/Dockerfile#L30). The `--eigenda.g1-path` flag's default value is the relative path `resources/g1.point`, which will work when running the binary from the repo's root directory, as well as inside the container. + ### Deployment Steps ```bash From 18e5a8552f3eb593d1610962926adbb779cc403b Mon Sep 17 00:00:00 2001 From: Gaston Ponti Date: Wed, 5 Feb 2025 13:04:14 -0300 Subject: [PATCH 2/3] feat: public s3 config option (#277) --- README.md | 2 +- store/precomputed_key/s3/cli.go | 2 +- store/precomputed_key/s3/s3.go | 6 ++++++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 22d95a2c..2f70ea64 100644 --- a/README.md +++ b/README.md @@ -285,7 +285,7 @@ To quickly set up monitoring dashboard, add eigenda-proxy metrics endpoint to a | `--metrics.enabled` | `false` | `$EIGENDA_PROXY_METRICS_ENABLED` | Enable the metrics server. | | `--metrics.port` | `7300` | `$EIGENDA_PROXY_METRICS_PORT` | Metrics listening port. | | `--port` | `3100` | `$EIGENDA_PROXY_PORT` | Server listening port. | -| `--s3.credential-type` | | `$EIGENDA_PROXY_S3_CREDENTIAL_TYPE` | Static or iam. | +| `--s3.credential-type` | | `$EIGENDA_PROXY_S3_CREDENTIAL_TYPE` | Static, iam or public. | | `--s3.access-key-id` | | `$EIGENDA_PROXY_S3_ACCESS_KEY_ID` | Access key id for S3 storage. | | `--s3.access-key-id` | | `$EIGENDA_PROXY_S3_ACCESS_KEY_ID` | Access key id for S3 storage. | | `--s3.access-key-secret` | | `$EIGENDA_PROXY_S3_ACCESS_KEY_SECRET` | Access key secret for S3 storage. | diff --git a/store/precomputed_key/s3/cli.go b/store/precomputed_key/s3/cli.go index 49a11241..37ef0789 100644 --- a/store/precomputed_key/s3/cli.go +++ b/store/precomputed_key/s3/cli.go @@ -42,7 +42,7 @@ func CLIFlags(envPrefix, category string) []cli.Flag { }, &cli.StringFlag{ Name: CredentialTypeFlagName, - Usage: "the way to authenticate to S3, options are [iam, static]", + Usage: "the way to authenticate to S3, options are [iam, static, public]", EnvVars: withEnvPrefix(envPrefix, "CREDENTIAL_TYPE"), Category: category, }, diff --git a/store/precomputed_key/s3/s3.go b/store/precomputed_key/s3/s3.go index fc468192..dc23517e 100644 --- a/store/precomputed_key/s3/s3.go +++ b/store/precomputed_key/s3/s3.go @@ -21,6 +21,7 @@ import ( const ( CredentialTypeStatic CredentialType = "static" CredentialTypeIAM CredentialType = "iam" + CredentialTypePublic CredentialType = "public" CredentialTypeUnknown CredentialType = "unknown" ) @@ -30,6 +31,8 @@ func StringToCredentialType(s string) CredentialType { return CredentialTypeStatic case "iam": return CredentialTypeIAM + case "public": + return CredentialTypePublic default: return CredentialTypeUnknown } @@ -138,5 +141,8 @@ func creds(cfg Config) *credentials.Credentials { if cfg.CredentialType == CredentialTypeIAM { return credentials.NewIAM("") } + if cfg.CredentialType == CredentialTypePublic { + return nil + } return credentials.NewStaticV4(cfg.AccessKeyID, cfg.AccessKeySecret, "") } From 97b71bda6e2136a6c0d71be2f7e9642dc840fefc Mon Sep 17 00:00:00 2001 From: anupsv Date: Wed, 5 Feb 2025 16:48:24 -0800 Subject: [PATCH 3/3] Create codeql-scanning.yml (#279) * Create codeql-scanning.yml * adding versions --- .github/workflows/codeql-scanning.yml | 43 +++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 .github/workflows/codeql-scanning.yml diff --git a/.github/workflows/codeql-scanning.yml b/.github/workflows/codeql-scanning.yml new file mode 100644 index 00000000..6858fbf7 --- /dev/null +++ b/.github/workflows/codeql-scanning.yml @@ -0,0 +1,43 @@ +name: "codeql-scanning" + +on: + push: + branches: + - main + - 'release/*' + pull_request: + branches: + - main + - 'release/*' + schedule: + - cron: '0 9 * * *' + +jobs: + CodeQL-Scanning: + + runs-on: ubuntu-latest + + permissions: + contents: read + security-events: write + pull-requests: read + + steps: + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2 + with: + submodules: recursive + + - name: Install golang + uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # 5.3.0 + with: + go-version: '1.21.13' + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@dd746615b3b9d728a6a37ca2045b68ca76d4841a #3.28.8 + with: + languages: go + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@dd746615b3b9d728a6a37ca2045b68ca76d4841a #3.28.8