Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(raiko): all-in-one dependency install script #427

Merged
merged 8 commits into from
Dec 17, 2024
Merged

feat(raiko): all-in-one dependency install script #427

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
8b8d292
init
RogerLamTd Dec 6, 2024
c9ea96a
use v2/proof
RogerLamTd Dec 9, 2024
abfcfc6
update response format
RogerLamTd Dec 9, 2024
6a5526b
add finding instance id instruction
RogerLamTd Dec 9, 2024
8290a0d
Merge branch 'main' into raiko-dep-setup-script
RogerLamTd Dec 9, 2024
c30a52e
Merge branch 'main' into raiko-dep-setup-script
RogerLamTd Dec 9, 2024
0cb067c
Merge branch 'main' into raiko-dep-setup-script
RogerLamTd Dec 17, 2024
69d3fcc
Merge branch 'main' into raiko-dep-setup-script
smtmfft Dec 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 28 additions & 8 deletions docs/README_Docker_and_RA.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,27 @@

This tutorial was created to assist you in setting up Raiko and its SGX dependencies using a Docker container. Configuring SGX can be complex without a detailed guide to walk you through each step. This tutorial strives to provide a comprehensive walkthrough, leaving no detail unaddressed.

> **_NOTE:_** Currently, raiko v1.3.0 sometimes encounters OOM errors (Out of Memory). We recommend that you do NOT use 1.3.0 in production as this can lead to losses. Please instead use 1.3.0-edmm ONLY if you have a SGX-2 enabled machine (i.e. pull the image with `docker pull us-docker.pkg.dev/evmchain/images/raiko:1.3.0-edmm` and proceed as normal). If you have bootstrapped and started using the 1.3.0 image, you will have to redo the process with the 1.3.0-edmm image if you wish to continue proving without error. We are working on a hotfixed version at the moment, thank you for your patience.

## Recommended Specs

We recommended 4 cores and 8GB memory for running Raiko. 8 cores and 16GB memory is ideal; the bare minimum is 2 cores and 4GB memory (tentative).

We also recommend an EPC (Enclave memory) size of 4GB for mainnet, to prevent OOM errors. You can check your machine's EPC size by running `./script/check-epc-size.sh`.

## Installing Dependencies

To make the process of setup a bit more straightforward, we've provided a script to install dependencies and check your machine's FMSPC in one go. Please prepare your Intel API Key before running.

```bash
cd raiko
sudo bash script/raiko-setup.sh
source ~/.bashrc
foundryup
```

The script does NOT include Docker as that is dependent on your distribution, please follow the docs to install the CLI.

After running this script your machine should be setup and you may skip to the `2. Generating PCCS Certificates` part of the guide and continue as normal.

## Prerequisites

Intel SGX is a technology that involves a considerable amount of configuration. Given its high level of configurability, the setup of your infrastructure may vary significantly depending on the attestation type (EPID, ECDSA) and other parameters. While we've strived to minimize the manual effort required to prepare the development environment, there are certain prerequisites that are challenging, if not impossible, to automate using Dockerfiles. This section outlines these prerequisites.
Expand Down Expand Up @@ -284,11 +297,11 @@ docker compose build raiko
If you do not wish to build the image locally, you can optionally pull them from our registry.

```
docker pull us-docker.pkg.dev/evmchain/images/raiko:1.3.0-edmm
docker pull us-docker.pkg.dev/evmchain/images/raiko:1.4.0
docker pull us-docker.pkg.dev/evmchain/images/pccs:latest
```

If you do this step, you need to change your raiko docker-compose.yml to use this image. Navigate to `raiko/docker` and search for `raiko:latest` and change all instances to `raiko:1.3.0-edmm`.
If you do this step, you need to change your raiko docker-compose.yml to use this image. Navigate to `raiko/docker` and search for `raiko:latest` and change all instances to `raiko:1.4.0`.

You can continue on with the following steps as usual after this.

Expand Down Expand Up @@ -390,6 +403,9 @@ It should look like this:
emit InstanceAdded(id: 1, instance: 0xc369eedf4C69CacceDa551390576EAd2383E6f9E, replaced: 0x0000000000000000000000000000000000000000, validSince: 1708704201 [1.708e9])
```

If you accidentally cleared your terminal or somehow otherwise fail to view this event log, you can find this value in the Etherscan at your prover EOA.
You should see a new transaction with the method `Register Instance` sent to the respective `SGX_VERIFIER_ADDRESS`; viewing the transaction details and accessing the transaction receipt event logs should show the InstanceAdded event!

## Running Raiko

Once you've completed the above steps, you can actually run a prover.
Expand Down Expand Up @@ -453,7 +469,7 @@ Opt {
Once your Raiko instance is running, you can verify if it was started properly as follows:

```
curl --location 'http://localhost:8080/proof' \
curl --location 'http://localhost:8080/v2/proof' \
--header 'Content-Type: application/json' \
--data '{
"proof_type": "sgx",
Expand All @@ -476,9 +492,13 @@ The response should look like this:
```
{
"data": {
"output": null,
"proof": "0x00000206c3694ecb5c....6e0e7a36546bf98caa7bb4ac2cd4f917c2102116167e42c54849f15044c032e1c",
"quote": "03000200000000000a000f00939a72....0a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a00"
"proof": {
"input": "0x.....",
"kzg_proof": "null",
"proof": "0x.....",
"quote": "03000200000000000a000f00939a72....0a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a00",
"uuid": null
}
},
"status": "ok"
}
Expand Down
Empty file modified script/check-epc-size.sh
100644 → 100755
View file
Open in desktop
Empty file.
38 changes: 38 additions & 0 deletions script/raiko-setup.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
#!/bin/bash

apt-get -qq install -y cpuid git build-essential wget python-is-python3 debhelper zip libcurl4-openssl-dev pkgconf libboost-dev libboost-system-dev libboost-thread-dev protobuf-c-compiler libprotobuf-c-dev protobuf-compiler

count=$(cpuid | grep -ic "SGX: Software Guard Extensions supported = true")

if [ $count -lt 1 ]
then
echo "This machine does not have SGX support"
exit 1
fi

linux_ver=$(uname -r | grep -ic "6.*")

if [ $linux_ver -lt 1 ]
then
echo "Please ensure that your Linux kernel version is `6.0` or above."
exit 1
fi

echo "deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main" | tee /etc/apt/sources.list.d/intel-sgx.list > /dev/null

wget -q -O - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add -

apt -qq update

apt -qq install sgx-pck-id-retrieval-tool

echo "Please enter your Intel PCS Service API key"

read -r API_KEY

PCKIDRetrievalTool -f /tmp/pckid.csv && pckid=$(cat /tmp/pckid.csv) && ppid=$(echo "$pckid" | awk -F "," '{print $1}') && cpusvn=$(echo "$pckid" | awk -F "," '{print $3}') && pcesvn=$(echo "$pckid" | awk -F "," '{print $4}') && pceid=$(echo "$pckid" | awk -F "," '{print $2}') && curl -v "https://api.trustedservices.intel.com/sgx/certification/v4/pckcert?encrypted_ppid=${ppid}&cpusvn=${cpusvn}&pcesvn=${pcesvn}&pceid=${pceid}" -H "Ocp-Apim-Subscription-Key:${API_KEY}" 2>&1 | grep -i "SGX-FMSPC"

echo "If your FMSPC is not on the list, please create a GitHub issue to have it added. If not, you will not be able to run Raiko."

curl -fsSL https://get.pnpm.io/install.sh | sh -
curl -L https://foundry.paradigm.xyz | bash