rid of verifier registry address env var (#59)

* rid of verifier registry address env var * rotate in prog * rotation * - * fixtest
ton-community · Mar 12, 2024 · ef0d74d · Hiwotgetachew · Sep 22, 2024 · ef0d74d
1 parent a99bb61
commit ef0d74d
Show file tree

Hide file tree

Showing 9 changed files with 25 additions and 21 deletions.
diff --git a/.env b/.env
@@ -1,5 +1,4 @@
 SOURCES_REGISTRY=EQD-BJSVUJviud_Qv7Ymfd3qzXdrmV525e3YDzWQoHIAiInL
-VERIFIER_REGISTRY=EQDS0AW7NV1w3nFwx-mmryfpH4OGQ3PXnoFGOJA_8PTHuLrw
 VERIFIER_ID=orbs.com
 IPFS_PROVIDER=tonsource.infura-ipfs.io
 COMPILE_TIMEOUT=5000
diff --git a/README.md b/README.md
@@ -49,7 +49,6 @@ To deploy on heroku, you can use the [func compilation buildpack](https://github
 - `PRIVATE_KEY` - To sign its message cell with a private key, which is verified by the [verifier registry](https://github.com/ton-blockchain/TEPs/pull/91). Provide an ED25519 compatible private key.
 - `SOURCES_REGISTRY` - The address of the sources registry contract (default from .env)
 - `VERIFIER_ID` - Sources verifier id (default from .env)
-- `VERIFIER_REGISTRY` - The address of the verifier registry contract (default from .env)
 
 ## Running
 

diff --git a/script/deploy.sh b/script/deploy.sh
@@ -1,17 +1,11 @@
 #!/bin/bash
 set -e
 
-if [ ! -f ".secret" ]; then
-  echo >&2 "Error: .secret does not exist."
-  exit 1
-fi
-source .secret
-
 if [[ $1 == "testnet" ]]; then
-    values=("prod-testnet-1")
-    echo "Deploying to tesnet only!"
+  values=("prod-testnet-1")
+  echo "Deploying to tesnet only!"
 else
-    values=("prod-testnet-1" "prod-1" "prod-2" "prod-3")
+  values=("prod-testnet-1" "prod-1" "prod-2" "prod-3")
 fi
 
 for heroku_app in "${values[@]}"; do

diff --git a/script/generate-private-key.js b/script/generate-private-key.js
@@ -0,0 +1,8 @@
+const nacl = require("tweetnacl");
+
+const keypair = nacl.sign.keyPair();
+const privKey = Buffer.from(keypair.secretKey).toString("base64");
+const pubKey = Buffer.from(keypair.publicKey).toString("base64");
+
+console.log(`Private key: ${privKey}`);
+console.log(`Public key: ${pubKey}`);
diff --git a/src/check-prerequisites.ts b/src/check-prerequisites.ts
@@ -5,7 +5,6 @@ import { getFuncVersions } from "./fetch-func-versions";
 export async function checkPrerequisites() {
   const missingEnvVars = [
     "VERIFIER_ID",
-    "VERIFIER_REGISTRY",
     "SOURCES_REGISTRY",
     "INFURA_ID",
     "INFURA_SECRET",

diff --git a/src/controller.ts b/src/controller.ts
@@ -29,7 +29,6 @@ interface ControllerConfig {
   privateKey: string;
   sourcesRegistryAddress: string;
   allowReverification: boolean;
-  verifierRegistryAddress: string;
 }
 
 export class Controller {
@@ -53,6 +52,7 @@ export class Controller {
     this.keypair = tweetnacl.sign.keyPair.fromSecretKey(
       Buffer.from(this.config.privateKey, "base64"),
     );
+
     this.tonReaderClient = tonReaderClient;
   }
 
@@ -142,7 +142,7 @@ export class Controller {
 
     const verifierConfig = await this.tonReaderClient.getVerifierConfig(
       this.config.verifierId,
-      this.config.verifierRegistryAddress,
+      this.config.sourcesRegistryAddress,
     );
 
     const { ipfsPointer, codeCellHash, senderAddress, queryId } = validateMessageCell(

diff --git a/src/server.ts b/src/server.ts
@@ -138,7 +138,6 @@ app.get("/hc", (req, res) => {
       allowReverification: !!process.env.ALLOW_REVERIFICATION,
       privateKey: process.env.PRIVATE_KEY!,
       sourcesRegistryAddress: process.env.SOURCES_REGISTRY!,
-      verifierRegistryAddress: process.env.VERIFIER_REGISTRY!,
     },
     new TonReaderClientImpl(),
   );

diff --git a/src/ton-reader-client.ts b/src/ton-reader-client.ts
@@ -5,6 +5,7 @@ import { sha256 } from "./utils";
 import { getHttpEndpoint } from "@orbs-network/ton-access";
 import { ContractVerifier } from "@ton-community/contract-verifier-sdk";
 import { VerifierRegistry } from "./wrappers/verifier-registry";
+import { SourcesRegistry } from "./wrappers/sources-registry";
 
 export type VerifierConfig = {
   verifiers: Buffer[];
@@ -13,7 +14,6 @@ export type VerifierConfig = {
 
 export interface TonReaderClient {
   isProofDeployed(codeCellHash: string, verifierId: string): Promise<boolean | undefined>;
-
   getVerifierConfig(verifierId: string, verifierRegistryAddress: string): Promise<VerifierConfig>;
 }
 
@@ -39,13 +39,20 @@ export function createNullValue(): DictionaryValue<null> {
 export class TonReaderClientImpl implements TonReaderClient {
   async getVerifierConfig(
     verifierId: string,
-    verifierRegistryAddress: string,
+    sourcesRegistryAddress: string,
   ): Promise<VerifierConfig> {
     const tc = await getTonClient();
-    const verifierRegstryContract = tc.open(
-      VerifierRegistry.createFromAddress(Address.parse(verifierRegistryAddress)),
+
+    const sourcesRegistryContract = tc.open(
+      SourcesRegistry.createFromAddress(Address.parse(sourcesRegistryAddress)),
     );
-    const res = await verifierRegstryContract.getVerifier(toBigIntBE(sha256(verifierId)));
+
+    const verifierRegistryAddress = await sourcesRegistryContract.getVerifierRegistryAddress();
+    const verifierRegistryContract = tc.open(
+      VerifierRegistry.createFromAddress(verifierRegistryAddress),
+    );
+
+    const res = await verifierRegistryContract.getVerifier(toBigIntBE(sha256(verifierId)));
     const verifierConfig = res.settings!.beginParse();
 
     const quorum = verifierConfig.loadUint(8);

diff --git a/test/controller.spec.ts b/test/controller.spec.ts
@@ -104,7 +104,6 @@ function makeController(keypair: tweetnacl.SignKeyPair): Controller {
       allowReverification: false,
       sourcesRegistryAddress: randomAddress("sourcesReg").toString(),
       verifierId: VERIFIER_ID,
-      verifierRegistryAddress: randomAddress("verifierReg").toString(),
     },
     stubTonReaderClient,
   );