Merge branch 'cartesi:Staging' into Staging

Author: henriquemarlon

cartesi-rollups_versioned_docs/version-2.0/api-reference/backend/introduction.md

@@ -213,7 +213,7 @@ An **Inspect** request involves making an external HTTP API call to the rollups
 
 You can make a simple inspect call from your frontend client to retrieve reports.
 
-To perform an Inspect call, use an HTTP POST request to `<address of the node>/inspect/<application name or address>` with a body containing the request payload. For example:
+To perform an Inspect call, make an HTTP POST request to `<address of the node>/inspect/<application name or address>` with a body containing the request payload. For example:
 
 ```shell
 curl -X POST http://localhost:8080/inspect/0xb483897a2790a5D1a1C5413690bC5933f269b3A9 \

cartesi-rollups_versioned_docs/version-2.0/deployment/introduction.md

@@ -9,11 +9,15 @@ resources:
 
 Applications built on Cartesi Rollups are intended to be deployed to public blockchains so users can access them. This can be done by taking advantage of a cloud-based infrastructure.
 
-Deploying a Cartesi dApp involves two steps: deploying a smart contract that defines your dApp on-chain and then instantiating a node that runs the application’s intended backend logic.
+Deploying a Cartesi dApp involves two steps: deploying a smart contract that defines your dApp on-chain and then instantiating a node that runs the application's intended backend logic.
 
 To facilitate the instantiation of such nodes, Cartesi provides an infrastructure for quickly getting them running in the cloud so the node can be run 24/7. This server will expose a single port to the internet so client applications can communicate with the node.
 
-The Cartesi rollups node is distributed as a Docker image. Any popular cloud provider, like AWS, GCP, Azure, Digital Ocean, or Linode, can run docker containers and hence can be used to host the rollups node. 
+## Public snapshots
+
+For production deployments, applications must use **public snapshots** that are built through public workflows and published as public releases. This ensures transparency, reproducibility, trust, and auditability - essential for the trustless nature of blockchain applications.
+
+[Learn more about public snapshots](./snapshot.md)
 
 ## Deployment process
 
@@ -23,23 +27,20 @@ The `cartesi build` command produces the Cartesi genesis machine, which contains
 
 After deployment, any changes to the application code will generate a different hash and, hence, require another deployment.
 
-The smart contract that represents the application on the base layer can be deployed using the [`CartesiDAppFactory`](../api-reference/contracts/application-factory.md) smart contract.
-
 There are two methods to deploy an application:
 
-1. [Self-hosted deployment](../deployment/self-hosted.md): Deploy the application node using your infrastructure. 
-
-2. Third-party service provider: Outsource running the application node to a service provider. 
+1. [Self-hosted deployment](./self-hosted.md): Deploy the application node using your infrastructure
+2. Third-party service provider: Outsource running the application node to a service provider
 
 :::caution important
-Deployment with a third-party service provider is under development and will be available in a future release.
+Deployment with a third-party service provider is under development and will be available soon.
 :::
 
 ## Supported networks
 
 As stated above, the first step in deploying a new Cartesi dApp to a blockchain requires creating a smart contract on that network that uses the Cartesi Rollups smart contracts. Cartesi has already deployed the Rollups smart contracts to several networks for convenience.
 
-The table below shows the list of all [networks that are currently supported](https://github.com/cartesi/rollups-contracts/tree/v1.4.0/onchain/rollups/deployments) in the latest release:
+The table below shows the list of all [networks that are currently supported](https://usecannon.com/packages/cartesi-rollups) in the latest release:
 
 | Network Name     | Chain ID |
 | ---------------- | -------- |

cartesi-rollups_versioned_docs/version-2.0/deployment/self-hosted.md

@@ -1,171 +1,109 @@
 ---
 id: self-hosted
 title: Self-hosted deployment
-resources:
-  - url: https://www.codecademy.com/article/installing-and-using-postgresql-locally
-    title: Installing and Using PostgreSQL Locally
-  - url: https://docs.digitalocean.com/products/databases/postgresql/how-to/create/
-    title: How to Create PostgreSQL Database Clusters
-  - url: https://www.amazonaws.cn/en/getting-started/tutorials/deploy-docker-containers/
-    title: How to Deploy Docker Container - AWS
-  - url: https://www.digitalocean.com/solutions/docker-hosting
-    title: Deploy Docker Containers on Digital Ocean
-  - url: https://docs.docker.com/reference/cli/docker/image/tag/
-    title: Docker Tag
 ---
 
-The self-hosted deployment involves running your infrastructure locally or on a remote cloud server to host your application node.
+This guide explains how to run a Cartesi Rollups node locally on your machine for development and testing purposes on **testnet**.
 
-Here are the requirements:
+:::warning Production Warning
+**This self-hosted approach should NOT be used in *production*.** 
 
-- Wallet with sufficient funds on the chosen network.
-- A cloud server
-- A PostgreSQL database
-- A web3 provider for interacting with the selected network
+While this setup works with testnet environments, it's designed exclusively for development purposes. It lacks critical production requirements such as:
 
-## Initiating deployment
-
-1. Compile your application into RISC-V architecture and consequently build a Cartesi machine by running:
-
-   ```shell
-    cartesi build
-   ```
-
-2. Run the command below to start the deployment process.
-
-   ```shell
-     cartesi deploy --hosting self-hosted --webapp https://sunodo.io/deploy
-   ```
-
-  The command generates a Docker image containing the rollups node and machine. You will be redirected to a web application to deploy the necessary smart contracts.
-
-  ![img](../../../static/img/v1.3/deploy.png)
-
-## Deploying the contracts
-
-On the deploy web interface, the hash of the Cartesi machine will be automatically configured.
-
-1. Connect your wallet to set the application chain’s base layer and deployer account.
-
-2. Create a wallet specifically for Cartesi rollups node transactions. The Cartesi rollups node will use this wallet to submit transactions to the base layer. Paste the public address of this wallet.
-
-  :::note create a wallet
-  You can use [Cast](https://book.getfoundry.sh/reference/cast/cast-wallet-new-mnemonic) to create a new wallet by running `cast wallet new-mnemonic --words 24`. For increased security, you can use a wallet managed by [AWS KMS](https://aws.amazon.com/blogs/database/part1-use-aws-kms-to-securely-manage-ethereum-accounts/).
-  :::
-
-3. After successful deployment, the node’s configuration is presented in a `.env` file and a `.toml` format. This config file includes the addresses of the deployed smart contracts and information on the base layer chain.
-
-  You will need the `.env` when [hosting the node on the cloud provider](./self-hosted.md/#hosting-on-a-cloud-provider) and the `.toml` file when [hosting on Fly.io](./self-hosted.md/#hosting-on-flyio).
-
-<!-- <video width="100%" controls poster="/static/img/v1.3/deploy.png">
-    <source src="/videos/Deploy_Success.mp4" type="video/mp4" />
-    Your browser does not support video tags.
-</video> -->
-
-
-## Hosting the node
-
-You’ll need a server to host the application node and keep it operational 24/7. This server will expose a single port for client access to the rollups node APIs through GraphQL or Inspect requests.
-
-
-The server requirements depend on your application's expected usage and the specifications of the Cartesi machine you're using, such as its RAM size and total capacity. Consider a minimum of 8GB of RAM, and adjust as needed.
-
-
-The Cartesi rollups node is distributed as a Docker image. Any popular cloud provider, like AWS, GCP, Azure, Digital Ocean, or Linode, can run docker containers and hence can be used to host the rollups node.
-
-Alternatively, you can use a service like [Fly.io](https://fly.io/) to deploy your application node.
-
-### Hosting on a cloud provider
-
-1. Download the `.env` configuration file into the root directory of your application.
-
-1. Obtain HTTP and WebSocket URLs from a web3 provider for the `CARTESI_BLOCKCHAIN_HTTP_ENDPOINT` and `CARTESI_BLOCKCHAIN_WS_ENDPOINT` variables.
-
-  Here is an example from [Alchemy](https://dashboard.alchemy.com/):
-
-  ![img](../../../static/img/v1.3/alchemy.png)
-
-  :::caution important
-  The web3 provider URLs and wallet mnemonic are sensitive information that can compromise your application and funds. You should keep it **secure** and **private** at all times.
-  :::
+- Public snapshot verification
+- Proper security hardening
+- Production-grade infrastructure
+:::
 
-1. Create a PostgreSQL database and configure the connection string in the `.env` file.
+## Prerequisites
 
-  The connection string for a PostgreSQL database must be configured at the `CARTESI_POSTGRES_ENDPOINT` variable.
+Before starting, ensure you have the following installed:
 
-  You can use any PostgreSQL database, whether managed by a cloud provider or set up on your local infrastructure. The key configuration required is the connection string, encompassing the database URL, username, password, and name. The node necessitates a PostgreSQL database to store the application state, which is accessible via the [GraphQL API](../api-reference/graphql/basics.md).
+- Cartesi CLI: An easy-to-use tool for developing and deploying your dApps.
 
-1. With all the config variables set, here is how you can run the node on your local machine:
+- Docker Desktop 4.x: The required tool to distribute the Cartesi Rollups framework and its dependencies.
 
-  ```
-  docker run --env-file <env-file> -p 10000:10000 <image-id>
-  ```
+For more details about the installation process for each of these tools, please refer to the [this section](../development/installation.md).
 
-  Replace `<env-file>` and `<image-id>` with the `.env` file name and `sha256` hash of your Cartesi machine.
+## Configuration
 
-  The image can be tagged using [docker tag](https://docs.docker.com/reference/cli/docker/image/tag/).
+Before running the node, you need to configure your `.env` file with the following environment variables:
 
-  You can deploy your node with a cloud provider or use any managed container solution, like Kubernetes. 
+```shell
+BLOCKCHAIN_ID=<blockchain-id>
+AUTH_KIND="private_key_file"
+PRIVATE_KEY_FILE="/run/secrets/pk"
+BLOCKCHAIN_WS_ENDPOINT="<ws-endpoint>"
+BLOCKCHAIN_HTTP_ENDPOINT="<http-endpoint>"
+```
 
-### Hosting on fly.io
+**Important notes:**
 
-Fly.io is a platform where you can conveniently deploy applications packaged as Docker containers.
+| Variable | Description |
+|----------|-------------|
+| `BLOCKCHAIN_ID` | Replace `<blockchain-id>` with your blockchain network ID |
+| `BLOCKCHAIN_WS_ENDPOINT` | Replace `<ws-endpoint>` with your WebSocket endpoint |
+| `BLOCKCHAIN_HTTP_ENDPOINT` | Replace `<http-endpoint>` with your HTTP endpoint |
+| `PRIVATE_KEY_FILE` | Points to the private key file created in [**step 2**](#setting-up-the-local-node) |
+| `AUTH_KIND` | Set to `"private_key_file"` for local development |
 
-:::caution important
-If deploying to Fly.io from macOS with Apple Silicon, create a Docker image for `linux/amd64` with: `cartesi deploy build --platform linux/amd64`
-:::
+## Setting up the local node
 
-1. [Install the flyctl CLI](https://fly.io/docs/hands-on/install-flyctl/)
+1. **Download the Cartesi Rollups Node docker compose file in your project root:**
 
-1. [Create an account](https://fly.io/docs/hands-on/sign-up-sign-in/)
+   ```shell
+   curl -L https://raw.githubusercontent.com/cartesi/docs/refs/heads/docs/deployment/cartesi-rollups_versioned_docs/version-2.0/deployment/src/compose.local.yaml -o compose.local.yaml
+   ```
 
-1. Create an application:
+2. **Create a secret for private key storage:**
 
    ```shell
-   $ fly app create <app-name>
-   New app created: <app-name>
+   mkdir -p secrets
+   echo "YOUR_PRIVATE_KEY" > secrets/pk
    ```
 
-1. Create a Postgres database application:
+   :::danger Security
+   Ensure the `secrets/` directory is in a secure location and has restricted permissions, different from the project root to avoid leaking your private key.
+   :::
+
+3. **Build the application with the Cartesi CLI:**
 
    ```shell
-   fly postgres create --initial-cluster-size 1 --name <app-name>-database --vm-size shared-cpu-1x --volume-size 1
+   cartesi build
    ```
 
-   Save the connection string provided by the command output.
+   This command compiles your application into RISC-V architecture and creates a Cartesi machine snapshot locally.
 
-1. Attach database to the node application:
+4. **Run the Cartesi Rollups Node with the application's initial snapshot attached:**
 
    ```shell
-   fly postgres attach <app-name>-database -a <app-name>
+   docker compose -f compose.local.yaml --env-file .env up -d
    ```
 
-1. Download `fly.toml` file from deploying the contracts and move it to your application directory:
+   This starts the local node using the configuration from your `.env` file.
 
-   ![deploy self-hosted config](../../../static/img/v1.3/fly.png)
+5. **Deploy and register the application to the node:**
 
-1. Edit the `fly.toml` file to change all occurrences of `<app-name>` to the name of your application
+   ```shell
+   docker compose --project-name cartesi-rollups-node \
+        exec advancer cartesi-rollups-cli deploy application <app-name> /var/lib/cartesi-rollups-node/snapshot \
+        --epoch-length 720 \
+        --self-hosted \
+        --salt <salt> \
+        --json
+   ```
 
-1. Create secrets for sensitive configuration with the actual values:
+   Replace `<app-name>` with your application name and `<salt>` with a unique identifier. The salt must be unique for each deployment and cannot be repeated. You can generate a unique salt using:
 
    ```shell
-   fly secrets set -a <app-name> CARTESI_BLOCKCHAIN_HTTP_ENDPOINT=<web3-provider-http-endpoint>
-   fly secrets set -a <app-name> CARTESI_BLOCKCHAIN_WS_ENDPOINT=<web3-provider-ws-endpoint>
-   fly secrets set -a <app-name> CARTESI_AUTH_MNEMONIC=`<mnemonic>`
-   fly secrets set -a <app-name> CARTESI_POSTGRES_ENDPOINT=<connection_string>
+   cast keccak256 "your-unique-string"
    ```
 
-   Set value of the `connection_string` as provided by step 4.
-
-1. Deploy the node:
+   After this process, you'll have your application deployed and registered to the node.
 
-   Tag the image produced at the beginning of the process and push it to the Fly.io registry:
+## Accessing the node
 
-   ```shell
-   flyctl auth docker
-   docker image tag <image-id> registry.fly.io/<app-name>
-   docker image push registry.fly.io/<app-name>
-   fly deploy -a <app-name>
-   ```
+Once running, your local Cartesi Rollups Node will be accessible through the standard APIs:
 
-  
+- Inspect endpoint: `http://localhost:10012`
+- JSON-RPC endpoint: `http://localhost:10011`