### Start Mpcium Nodes Source: https://github.com/fystack/mpcium/blob/master/INSTALLATION.md Commands to start individual Mpcium nodes. Each node is started from its respective directory using the `mpcium start` command, specifying the node name. An option to prompt for credentials securely in production is also mentioned. ```bash cd node0 mpcium start -n node0 ``` ```bash cd node1 mpcium start -n node1 ``` ```bash cd node2 mpcium start -n node2 ``` ```bash mpcium start -n node0 --prompt-credentials ``` -------------------------------- ### Clone and Build Mpcium Source: https://github.com/fystack/mpcium/blob/master/INSTALLATION.md This section covers cloning the Mpcium repository from GitHub and building the project. It provides commands for both using `make` and directly with `go install` for the main `mpcium` binary and the `mpcium-cli` utility. ```bash git clone https://github.com/fystack/mpcium.git cd mpcium ``` ```bash make ``` ```bash go install ./cmd/mpcium go install ./cmd/mpcium-cli ``` -------------------------------- ### Generate Mpcium Event Initiator Source: https://github.com/fystack/mpcium/blob/master/INSTALLATION.md Generates the necessary identity and keys for the event initiator. It includes a recommendation to use the `--encrypt` flag for production environments to secure the initiator's credentials. ```bash mpcium-cli generate-initiator ``` -------------------------------- ### Run NATS and Consul with Docker Compose Source: https://github.com/fystack/mpcium/blob/master/INSTALLATION.md This snippet provides a `docker-compose.yaml` file to set up NATS and Consul services for development purposes. It configures NATS with JetStream enabled and Consul with its UI. The commands to start these services in detached mode are also included. ```yaml version: "3" services: nats-server: image: nats:latest container_name: nats-server command: -js --http_port 8222 ports: - "4222:4222" - "8222:8222" - "6222:6222" tty: true restart: always consul: image: consul:1.15.4 container_name: consul ports: - "8500:8500" - "8601:8600/udp" command: "agent -server -ui -node=server-1 -bootstrap-expect=1 -client=0.0.0.0" restart: always ``` ```bash docker compose up -d ``` -------------------------------- ### Register Peers to Consul Source: https://github.com/fystack/mpcium/blob/master/INSTALLATION.md This command registers the previously generated peer configurations with the Consul service, making them discoverable within the cluster. ```bash mpcium-cli register-peers ``` -------------------------------- ### Secure Production Deployment Practices Source: https://github.com/fystack/mpcium/blob/master/INSTALLATION.md Highlights key security measures for production deployment of Mpcium, including using secure NATS and Consul clusters, enabling TLS, encrypting keys using `mpcium-cli`, and using `--prompt-credentials` for sensitive information. ```bash mpcium-cli generate-initiator --encrypt ``` ```bash mpcium-cli generate-identity --node node0 --encrypt ``` -------------------------------- ### Distribute Node Identity Files Source: https://github.com/fystack/mpcium/blob/master/INSTALLATION.md Illustrates how to distribute the generated identity files (`nodeX_identity.json` and private keys) to the respective node directories, ensuring each node has its own identity and can recognize others. ```bash cp identity/node0_identity.json ../node1/identity/node0_identity.json cp identity/node0_identity.json ../node2/identity/node0_identity.json ``` -------------------------------- ### Update config.yaml with Initiator Public Key Source: https://github.com/fystack/mpcium/blob/master/INSTALLATION.md This snippet shows how to extract the public key from the generated `event_initiator.identity.json` file and update the `event_initiator_pubkey` field in the `config.yaml` file. ```json { "public_key": "09be5d070816aadaa1b6638cad33e819a8aed7101626f6bf1e0b427412c3408a" } ``` ```yaml event_initiator_pubkey: "09be5d070816aadaa1b6638cad33e819a8aed7101626f6bf1e0b427412c3408a" ``` -------------------------------- ### Configure Node Identities for Mpcium Source: https://github.com/fystack/mpcium/blob/master/INSTALLATION.md This section details the steps to prepare and generate identities for each node in the Mpcium cluster. It involves creating node-specific directories, copying configuration files, and generating node identities using `mpcium-cli`, with an option for encryption. ```bash mkdir node{0..2} for dir in node{0..2}; do cp config.yaml peers.json "$dir/" mkdir -p "$dir/identity" done ``` ```bash cd node0 mpcium-cli generate-identity --node node0 ``` ```bash mpcium-cli generate-identity --node node0 --encrypt ``` -------------------------------- ### CI/CD Integration Example (GitHub Actions) Source: https://github.com/fystack/mpcium/blob/master/e2e/README.md An example of how to integrate the fystack/mpcium E2E tests into a GitHub Actions workflow. It demonstrates the necessary steps to build the project and run the tests. ```YAML # Example GitHub Actions step - name: Run E2E Tests run: | make cd e2e make test ``` -------------------------------- ### Generate Mpcium Peer Configuration Source: https://github.com/fystack/mpcium/blob/master/INSTALLATION.md This command generates peer configurations for the Mpcium network. It takes the number of peers as an argument and outputs a JSON object containing node identifiers. ```bash mpcium-cli generate-peers -n 3 ``` -------------------------------- ### Configure Mpcium Cluster Settings Source: https://github.com/fystack/mpcium/blob/master/INSTALLATION.md This section details the process of configuring the Mpcium cluster by copying a template `config.yaml` file and editing its parameters. It includes settings for NATS, Consul, MPC threshold, environment, and sensitive information like passwords and public keys. ```bash cp config.yaml.template config.yaml ``` ```yaml nats: url: nats://127.0.0.1:4222 consul: address: localhost:8500 mpc_threshold: 2 environment: development badger_password: "your_badger_password" event_initiator_pubkey: "your_event_initiator_pubkey" ``` -------------------------------- ### Decrypt Private Key using Age Source: https://github.com/fystack/mpcium/blob/master/INSTALLATION.md This snippet demonstrates the command to decrypt a private key file that has been encrypted using 'age'. The command specifies decryption, outputs to a file, and takes the encrypted file as input. ```bash age --decrypt -o event_initiator.key event_initiator.key.age ``` -------------------------------- ### Start MPC Nodes Source: https://github.com/fystack/mpcium/blob/master/README.md Commands to start individual MPC nodes in the cluster. Each node is identified by a name (e.g., node0, node1). ```Shell $ mpcium start -n node0 $ mpcium start -n node1 $ mpcium start -n node2 ``` -------------------------------- ### Generate Strong Password Source: https://github.com/fystack/mpcium/blob/master/INSTALLATION.md A utility command to generate a strong, random password suitable for sensitive fields like `badger_password`. It uses `/dev/urandom` to create a random string of alphanumeric and special characters. ```bash < /dev/urandom tr -dc 'A-Za-z0-9!@#$^&*()-_=+[]{}|;:,.<>?/~' | head -c 16; echo ``` -------------------------------- ### Run MPCium E2E Tests and Cleanup Source: https://github.com/fystack/mpcium/blob/master/e2e/README.md Executes all end-to-end integration tests for the MPCium system and cleans up any generated test artifacts. Assumes Docker and Go are installed and mpcium binaries are built. ```bash make test # Clean up test artifacts make clean ``` -------------------------------- ### E2E Test Expected Output Source: https://github.com/fystack/mpcium/blob/master/e2e/README.md This section displays the expected log output from a successful end-to-end test run, covering infrastructure setup, service connections, MPC node operations, key generation, and verification. ```Log ๐Ÿš€ Setting up test infrastructure... ๐Ÿณ Starting docker-compose stack... โณ Waiting for services to be ready... ๐Ÿ”Œ Setting up service clients... โœ… Consul client connected โœ… NATS client connected ๐Ÿ”ง Setting up test nodes... โœ… Test nodes setup complete ๐Ÿ“‹ Registering peers in Consul... โœ… Registered peer test_node0 with ID xxx โœ… Registered peer test_node1 with ID xxx โœ… Registered peer test_node2 with ID xxx ๐Ÿš€ Starting MPC nodes... โœ… Started node test_node0 (PID: xxx) โœ… Started node test_node1 (PID: xxx) โœ… Started node test_node2 (PID: xxx) ๐Ÿ”‘ Testing key generation... ๐Ÿ“ Generated wallet IDs: [xxx, xxx, xxx] ๐Ÿ” Triggering key generation for wallet xxx โณ Waiting for key generation to complete... โœ… Key generation test completed ๐Ÿ” Verifying key consistency across nodes... ๐Ÿ›‘ Stopping MPC nodes... ๐Ÿ” Checking wallet xxx โœ… Found ECDSA key for wallet xxx in node test_node0 (xxx bytes) โœ… Found ECDSA key for wallet xxx in node test_node1 (xxx bytes) โœ… Found ECDSA key for wallet xxx in node test_node2 (xxx bytes) โœ… Found EdDSA key for wallet xxx in node test_node0 (xxx bytes) โœ… Found EdDSA key for wallet xxx in node test_node1 (xxx bytes) โœ… Found EdDSA key for wallet xxx in node test_node2 (xxx bytes) โœ… Key consistency verification completed ๐Ÿงน Cleaning up test environment... โœ… Cleanup completed ``` -------------------------------- ### Run MPCium E2E Tests (Manual) Source: https://github.com/fystack/mpcium/blob/master/e2e/README.md Navigates to the e2e directory and executes the end-to-end tests after ensuring the mpcium binaries have been built. ```bash cd e2e make test ``` -------------------------------- ### Run Integration Tests Source: https://github.com/fystack/mpcium/blob/master/README.md Commands to navigate to the end-to-end testing directory and execute integration tests using a Makefile. ```Shell cd e2e make test ``` -------------------------------- ### Run Unit Tests Source: https://github.com/fystack/mpcium/blob/master/README.md Command to execute all unit tests for the project using the Go testing framework. ```Shell go test ./... -v ``` -------------------------------- ### Build MPCium Binaries Source: https://github.com/fystack/mpcium/blob/master/e2e/README.md Builds the necessary mpcium and mpcium-cli binaries required for running the end-to-end tests. This command should be executed from the root directory of the project. ```bash make ``` -------------------------------- ### Go Client for MPC Wallet Creation Source: https://github.com/fystack/mpcium/blob/master/README.md A Go client implementation that connects to NATS, initializes an MPC client, subscribes to wallet creation results, and initiates a new wallet creation request. ```Go import ( "github.com/fystack/mpcium/client" "github.com/nats-io/nats.go" ) func main () { natsConn, err := nats.Connect(natsURL) if err != nil { logger.Fatal("Failed to connect to NATS", err) } defer natsConn.Close() mpcClient := client.NewMPCClient(client.Options{ NatsConn: natsConn, KeyPath: "./event_initiator.key", }) err = mpcClient.OnWalletCreationResult(func(event event.KeygenSuccessEvent) { logger.Info("Received wallet creation result", "event", event) }) if err != nil { logger.Fatal("Failed to subscribe to wallet-creation results", err) } walletID := uuid.New().String() if err := mpcClient.CreateWallet(walletID); err != nil { logger.Fatal("CreateWallet failed", err) } logger.Info("CreateWallet sent, awaiting result...", "walletID", walletID) } ``` -------------------------------- ### Initialize Encrypted BadgerDB KV Store Source: https://github.com/fystack/mpcium/blob/master/SECURITY.md Initializes a BadgerDB key-value store with encryption enabled. It requires a database path and a password retrieved from configuration for decryption. ```Go // BadgerDB with mandatory encryption b BadgerKV, err := kvstore.NewBadgerKVStore( dbPath, []byte(viper.GetString("badger_password")), ) ``` -------------------------------- ### Troubleshooting Process Issues (Bash) Source: https://github.com/fystack/mpcium/blob/master/e2e/README.md Steps to troubleshoot test failures caused by lingering processes. Includes checking for running 'mpcium' processes, killing them, and performing a full cleanup. ```Bash 1. Check for running processes: ps aux | grep mpcium ``` ```Bash 2. Kill any found processes: pkill -f mpcium ``` ```Bash 3. Clean up completely: make cleanup-test-env ``` ```Bash 4. Run tests again: go test -v -run TestKeyGeneration ``` -------------------------------- ### Debug MPCium Tests with Verbose Output Source: https://github.com/fystack/mpcium/blob/master/e2e/README.md Runs the Go end-to-end tests with verbose output and a longer timeout to aid in debugging failures. This command is typically run from the 'e2e' directory. ```go go test -v -timeout=10m ./... ``` -------------------------------- ### Manual Test Environment Cleanup (Bash) Source: https://github.com/fystack/mpcium/blob/master/e2e/README.md Provides multiple bash commands for manually cleaning up the test environment, including killing processes, stopping Docker containers, and removing artifacts. ```Bash # Option 1: Use the cleanup script directly cd e2e ./cleanup_test_env.sh ``` ```Bash # Option 2: Use the Makefile target make cleanup-test-env ``` ```Bash # Option 3: Manual cleanup commands cd e2e # Kill MPC processes pgrep -f "mpcium" | xargs kill -TERM # Stop Docker containers docker compose -f docker-compose.test.yaml down -v --remove-orphans # Remove test artifacts rm -rf test_node* *.log ``` -------------------------------- ### Golang Client for mpcium Source: https://github.com/fystack/mpcium/blob/master/README.md This Go client provides the necessary functionality to interact with the mpcium MPC nodes. It enables communication and operations with the distributed wallet generation system. The client is part of the main mpcium repository. ```Go package client import ( "context" "crypto/ecdsa" "crypto/ed25519" "crypto/rand" "encoding/hex" "errors" "fmt" "log" "net" "os" "os/signal" "sync" "syscall" "time" "github.com/dgraph-io/badger/v3" "github.com/google/uuid" "github.com/nats-io/nats.go" "github.com/patrickmn/go-cache" "github.com/fystack/mpcium/pkg/crypto" "github.com/fystack/mpcium/pkg/models" "github.com/fystack/mpcium/pkg/proto" "github.com/fystack/mpcium/pkg/tss" "google.golang.org/protobuf/proto" ) // Client represents an mpcium client. type Client struct { conn *nats.Conn nodeID string nodeKey ed25519.PrivateKey nodeCert []byte publicKey ed25519.PublicKey // ... other fields } // NewClient creates a new mpcium client. func NewClient(natsURL, nodeID string, nodeKey ed25519.PrivateKey, nodeCert []byte) (*Client, error) { // ... implementation details ... return &Client{}, } // GenerateKeyPair generates a new ECDSA key pair. func (c *Client) GenerateKeyPair(ctx context.Context, curveType models.CurveType) (string, error) { // ... implementation details ... return "", nil } // Sign signs a message using a generated key pair. func (c *Client) Sign(ctx context.Context, keyID string, message []byte) (string, error) { // ... implementation details ... return "", nil } // ... other client methods ... ``` -------------------------------- ### Inspect MPCium Test Artifacts Source: https://github.com/fystack/mpcium/blob/master/e2e/README.md Provides commands to inspect the test databases and configuration files after running the MPCium end-to-end tests. This is useful for debugging by allowing manual examination of the test environment. ```bash # Inspect test databases ls -la test_db/ # Check test node configurations cat test_node0/config.yaml ``` -------------------------------- ### Sign and Verify Mpcium Messages Source: https://github.com/fystack/mpcium/blob/master/SECURITY.md Demonstrates signing a message using a node's identity and subsequently verifying the signature upon receipt. This is crucial for message authentication in the Mpcium network. ```Go // Messages are signed before transmission signature, err := s.identityStore.SignMessage(&tssMsg) if err != nil { s.ErrCh <- fmt.Errorf("failed to sign message: %w", err) return } tssMsg.Signature = signature // Messages are verified upon receipt if !s.verifyMessageSignature(message) { return fmt.Errorf("invalid message signature") } ``` -------------------------------- ### Configure TLS for NATS and Consul Source: https://github.com/fystack/mpcium/blob/master/SECURITY.md Configures TLS for NATS and HTTPS for Consul connections, essential for secure production communication. It specifies the URLs and authentication details. ```YAML nats: url: tls://127.0.0.1:4222 # Required TLS for production username: "" password: "" consul: address: https://consul.example.com # Required HTTPS for production ``` -------------------------------- ### View MPCium Test Container Logs Source: https://github.com/fystack/mpcium/blob/master/e2e/README.md Retrieves logs from the NATS and Consul test containers used during the MPCium end-to-end testing process. This is crucial for diagnosing issues related to the test infrastructure. ```bash docker logs nats-server-test docker logs consul-test ``` -------------------------------- ### Generate Mpcium Node Identity Source: https://github.com/fystack/mpcium/blob/master/SECURITY.md Generates a unique Ed25519 keypair for a Mpcium node, specifying peers and optionally encrypting the identity. This is a command-line operation. ```Shell go run cmd/mpcium-cli/main.go generate-identity --node=node0 --peers=peers.json --encrypt ``` -------------------------------- ### Generate High Entropy Password Source: https://github.com/fystack/mpcium/blob/master/SECURITY.md Generates a random password of 16 characters using a combination of alphanumeric and special characters. This is used for securing private keys. ```Shell < /dev/urandom tr -dc 'A-Za-z0-9!@#$^&\*()-\_=+[]{}|;:,.<>?/~' | head -c 16; echo ``` -------------------------------- ### Decrypt Private Key with Age Source: https://github.com/fystack/mpcium/blob/master/SECURITY.md Decrypts a private key file that has been encrypted using the Age encryption tool. This command is used to access sensitive key material. ```Shell # Decrypt private key for use age --decrypt -o event_initiator.key event_initiator.key.age ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.