add hl-api, add example with trusted computation

aqua/export.aqua

@@ -0,0 +1,78 @@
+module TrustGraph declares *
+import "trust-graph.aqua"
+import "trust-graph-api.aqua"
+
+func add_root_trust_wrapped(node: string, max_chain_len: u32, expires_at_sec: u64) -> ?string:
+    on node:
+        error <- add_root_trust(max_chain_len, expires_at_sec)
+    <- error
+
+func add_root_wrapped(node: string, peer_id: string, max_chain_len: u32) -> AddRootResult:
+    on node:
+        result <- add_root(peer_id, max_chain_len)
+    <- result
+
+func get_weight_wrapped(node: string, peer_id: string) -> WeightResult:
+    on node:
+        result <- get_weight(peer_id)
+    <- result
+
+func issue_trust_wrapped(node: string, issued_for_peer_id: string, expires_at_sec: u64) -> ?Trust, ?string:
+    on node:
+        result, error <- issue_trust(issued_for_peer_id, expires_at_sec)
+    <- result, error
+
+func add_trust_wrapped(node: string, issued_for_peer_id: string, expires_at_sec: u64) -> ?string:
+    on node:
+        error <- add_trust(issued_for_peer_id, expires_at_sec)
+    <- error
+
+func import_trust_wrapped(node: string, trust: Trust) -> ?string:
+    on node:
+        error <- import_trust(trust)
+    <- error
+
+func verify_trust_wrapped(node: string, trust: Trust, issuer_peer_id: string) -> VerifyTrustResult:
+    on node:
+        result <- verify_trust(trust, issuer_peer_id)
+    <- result
+
+func issue_revocation_wrapped(node: string, revoked_peer_id: string) -> ?Revocation, ?string:
+    on node:
+        result, error <- issue_revocation(revoked_peer_id)
+    <- result, error
+
+func revoke_wrapped(node: string, revoked_peer_id: string) -> ?string:
+    on node:
+        error <- revoke(revoked_peer_id)
+    <- error
+
+func import_revocation_wrapped(node: string, revocation: Revocation) -> ?string:
+    on node:
+        error <- import_revocation(revocation)
+    <- error
+
+func get_host_certs_from_wrapped(node: string, issuer: string) -> AllCertsResult:
+    on node:
+        result <- get_host_certs_from(issuer)
+    <- result
+
+func get_all_certs_wrapped(node: string, issued_for: string) -> AllCertsResult:
+    on node:
+        result <- get_all_certs(issued_for)
+    <- result
+
+func get_host_certs_wrapped(node: string) -> AllCertsResult:
+    on node:
+        result <- get_host_certs()
+    <- result
+
+func insert_cert_wrapped(node: string, certificate: Certificate) -> InsertResult:
+    on node:
+        result <- insert_cert(certificate)
+    <- result
+
+func isFluencePeer_wrapped(node: string) -> ?bool, ?string:
+    on node:
+        result, error <- isFluencePeer()
+    <- result, error

aqua/package.json

@@ -6,7 +6,7 @@
     "*.aqua"
   ],
   "dependencies": {
-    "@fluencelabs/aqua-lib": "0.2.0"
+    "@fluencelabs/aqua-lib": "^0.3.1"
   },
   "scripts": {
     "generate-aqua": "../service/build.sh",
@@ -31,6 +31,6 @@
   },
   "homepage": "https://github.com/fluencelabs/trust-graph#readme",
   "devDependencies": {
-    "@fluencelabs/aqua": "0.4.1-240"
+    "@fluencelabs/aqua": "file:../../aqua/npm"
   }
 }

aqua/trust-graph-api.aqua

@@ -1,100 +1,169 @@
 import "trust-graph.aqua"
 import "@fluencelabs/aqua-lib/builtin.aqua"
 
-func get_trust_bytes(node: string, issued_for_peer_id: string, expires_at_sec: u64, issued_at_sec: u64) -> GetTrustBytesResult:
+func add_root(peer_id: string, max_chain_len: u32) -> AddRootResult:
-    on node:
+    weight_factor <- TrustGraph.get_weight_factor(max_chain_len)
-        result <- TrustGraph.get_trust_bytes(issued_for_peer_id, expires_at_sec, issued_at_sec)
+    result <- TrustGraph.add_root(peer_id, weight_factor)
     <- result
 
-func issue_trust(node: string, issued_for_peer_id: string, expires_at_sec: u64, issued_at_sec: u64, trust_bytes: []u8) -> IssueTrustResult:
+func get_weight(peer_id: string) -> WeightResult:
-    on node:
+    timestamp_sec <- Peer.timestamp_sec()
-        result <- TrustGraph.issue_trust(issued_for_peer_id, expires_at_sec, issued_at_sec, trust_bytes)
+    result <- TrustGraph.get_weight(peer_id, timestamp_sec)
     <- result
 
-func verify_trust(node: string, trust: Trust, issuer_peer_id: string) -> VerifyTrustResult:
+func issue_trust(issued_for_peer_id: string, expires_at_sec: u64) -> ?Trust, ?string:
-    on node:
+    issued_at_sec <- Peer.timestamp_sec()
+    bytes <- TrustGraph.get_trust_bytes(issued_for_peer_id, expires_at_sec, issued_at_sec)
+
+    result: ?Trust
+    error: ?string
+    if bytes.success:
+        on %init_peer_id% via HOST_PEER_ID:
+            signature <- Sig.sign(bytes.result)
+        issue_result <- TrustGraph.issue_trust(issued_for_peer_id, expires_at_sec, issued_at_sec, signature)
+        if issue_result.success:
+            result <<- issue_result.trust
+        else:
+            error <<- issue_result.error
+    else:
+        error <<- bytes.error
+    <- result, error
+
+func add_trust(issued_for_peer_id: string, expires_at_sec: u64) -> ?string:
+    trust, issue_error <- issue_trust(issued_for_peer_id, expires_at_sec)
+
+    error: ?string
+    if trust == nil:
+        error <<- issue_error!
+    else:
         timestamp_sec <- Peer.timestamp_sec()
-        result <- TrustGraph.verify_trust(trust, issuer_peer_id, timestamp_sec)
+        add_result <- TrustGraph.add_trust(trust!, %init_peer_id%, timestamp_sec)
+        if add_result.success != true:
+            error <<- add_result.error
+
+    <- error
+
+func add_root_trust(max_chain_len: u32, expires_at_sec: u64) -> ?string:
+    add_root_result <- add_root(%init_peer_id%, max_chain_len)
+    error: *?string
+    if add_root_result.success:
+        error <- add_trust(%init_peer_id%, expires_at_sec)
+    else:
+        -- converting string to ?string
+        tmp: *string
+        tmp <<- add_root_result.error
+        error <<- tmp
+
+    <- error!
+
+func import_trust(trust: Trust) -> ?string:
+    error: ?string
+    timestamp_sec <- Peer.timestamp_sec()
+    add_result <- TrustGraph.add_trust(trust, %init_peer_id%, timestamp_sec)
+    if add_result.success != true:
+        error <<- add_result.error
+
+    <- error
+
+func verify_trust(trust: Trust, issuer_peer_id: string) -> VerifyTrustResult:
+    timestamp_sec <- Peer.timestamp_sec()
+    result <- TrustGraph.verify_trust(trust, issuer_peer_id, timestamp_sec)
     <- result
 
-func add_trust(node: string, trust: Trust, issuer_peer_id: string) -> AddTrustResult:
+func issue_revocation(revoked_peer_id: string) -> ?Revocation, ?string:
-    on node:
+    issued_at_sec <- Peer.timestamp_sec()
+    bytes <- TrustGraph.get_revocation_bytes(revoked_peer_id, issued_at_sec)
+
+    result: ?Revocation
+    error: ?string
+    if bytes.success:
+        on %init_peer_id% via HOST_PEER_ID:
+            signature <- Sig.sign(bytes.result)
+        issue_result <- TrustGraph.issue_revocation(revoked_peer_id, %init_peer_id%, issued_at_sec, signature)
+        if issue_result.success != true:
+            result <<- issue_result.revocation
+        else:
+            error <<- issue_result.error
+    else:
+        error <<- bytes.error
+    <- result, error
+
+func revoke(revoked_peer_id: string) -> ?string:
+    revocation, issue_error <- issue_revocation(revoked_peer_id)
+
+    error: ?string
+    if revocation == nil:
+        error <<- issue_error!
+    else:
         timestamp_sec <- Peer.timestamp_sec()
-        result <- TrustGraph.add_trust(trust, issuer_peer_id, timestamp_sec)
+        add_result <- TrustGraph.revoke(revocation!, timestamp_sec)
-    <- result
+        if add_result.success != true:
+            error <<- add_result.error
 
-func add_root(node: string, peer_id: string, weight_factor: u32) -> AddRootResult:
+    <- error
-    on node:
-        result <- TrustGraph.add_root(peer_id, weight_factor)
-    <- result
 
-func get_weight(node: string, peer_id: string) -> WeightResult:
-    on node:
-        timestamp_sec <- Peer.timestamp_sec()
-        result <- TrustGraph.get_weight(peer_id, timestamp_sec)
-    <- result
 
-func get_all_certs(node: string, issued_for: string) -> AllCertsResult:
+func import_revocation(revocation: Revocation) -> ?string:
-    on node:
+    error: ?string
-        timestamp_sec <- Peer.timestamp_sec()
+    timestamp_sec <- Peer.timestamp_sec()
-        result <- TrustGraph.get_all_certs(issued_for, timestamp_sec)
+    add_result <- TrustGraph.revoke(revocation, timestamp_sec)
-    <- result
+    if add_result.success != true:
+        error <<- add_result.error
 
-func get_host_certs(node: string, issued_for: string) -> AllCertsResult:
+    <- error
-    on node:
-        timestamp_sec <- Peer.timestamp_sec()
-        result <- TrustGraph.get_host_certs(timestamp_sec)
-    <- result
 
 func get_host_certs_from(issuer: string) -> AllCertsResult:
     timestamp_sec <- Peer.timestamp_sec()
     result <- TrustGraph.get_host_certs_from(issuer, timestamp_sec)
     <- result
 
-func insert_cert(node: string, certificate: Certificate) -> InsertResult:
+func get_all_certs(issued_for: string) -> AllCertsResult:
-    on node:
+    timestamp_sec <- Peer.timestamp_sec()
-        timestamp_sec <- Peer.timestamp_sec()
+    result <- TrustGraph.get_all_certs(issued_for, timestamp_sec)
-        result <- TrustGraph.insert_cert(certificate, timestamp_sec)
     <- result
 
-func get_revoke_bytes(node: string, revoked_peer_id: string, revoked_at: u64) -> GetRevokeBytesResult:
+func get_host_certs() -> AllCertsResult:
-    on node:
+    timestamp_sec <- Peer.timestamp_sec()
-        result <- TrustGraph.get_revoke_bytes(revoked_peer_id, revoked_at)
+    result <- TrustGraph.get_host_certs(timestamp_sec)
     <- result
 
-func issue_revocation(node: string, revoked_peer_id: string, revoked_by_peer_id: string, revoked_at_sec: u64, signature_bytes: []u8) -> IssueRevocationResult:
+func insert_cert(certificate: Certificate) -> InsertResult:
-    on node:
+    timestamp_sec <- Peer.timestamp_sec()
-        result <- TrustGraph.issue_revocation(revoked_peer_id, revoked_by_peer_id, revoked_at_sec, signature_bytes)
+    result <- TrustGraph.insert_cert(certificate, timestamp_sec)
-    <- result
-
-func revoke(node: string, revocation: Revocation) -> RevokeResult:
-    on node:
-        timestamp_sec <- Peer.timestamp_sec()
-        result <- TrustGraph.revoke(revocation, timestamp_sec)
     <- result
 
+-- helpers for isFluencePeer
 service TrustOp("op"):
   array_length(a: []Trust) -> u32
 
 service BoolOp("op"):
   array_length(a: []bool) -> u32
 
-func isFluencePeer(node: string) -> bool:
+-- returns `true` if current relay is identified as official Fluence Labs peer
-    on node:
+-- returns `false` otherwise
-        certs_result <- get_host_certs_from("12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR")
+func isFluencePeer() -> ?bool, ?string:
-        resultBox: *bool
+    certs_result <- get_host_certs_from("12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR")
-        if certs_result.success:
+    result: ?bool
-            for cert  <- certs_result.certificates:
+    error: ?string
-                len <- TrustOp.array_length(cert.chain)
+    if certs_result.success:
-                if len == 3:
+        for cert  <- certs_result.certificates:
-                    if cert.chain!0.issued_for == "12D3KooWNbZKaPWRZ8wgjGvrxdJFz9Fq5uVwkR6ERV1f74HhPdyB":
+            len <- TrustOp.array_length(cert.chain)
-                        if cert.chain!1.issued_for == "12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR":
+            if len == 3:
-                            resultBox <<- true
+                if cert.chain!0.issued_for == "12D3KooWNbZKaPWRZ8wgjGvrxdJFz9Fq5uVwkR6ERV1f74HhPdyB":
-
+                    if cert.chain!1.issued_for == "12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR":
-        result_len <- BoolOp.array_length(resultBox)
+                        result <<- true
-        result: *bool
+        if result == nil:
-        if result_len == 0:
             result <<- false
-        else:
+    else:
-            result <<- true
+        error <<- certs_result.error
-    <- result!
+    <- result, error
+
+-- labels: example with 3 node trusts/revocations, execution of some conditional code
+-- weights:
+--    if registry is ready:
+--      - can't add record
+--      - after issuing trust you can
+--    if not:
+--      - price-oracle average: on local tg get weight, check tetraplets, calculate average, etc
+-- weights: demo with connectivity [later]
+-- permissions control - registry

aqua/trust-graph.aqua

@@ -75,7 +75,7 @@ service TrustGraph("trust-graph"):
   get_all_certs(issued_for: string, timestamp_sec: u64) -> AllCertsResult
   get_host_certs(timestamp_sec: u64) -> AllCertsResult
   get_host_certs_from(issuer: string, timestamp_sec: u64) -> AllCertsResult
-  get_revoke_bytes(revoked_peer_id: string, revoked_at: u64) -> GetRevokeBytesResult
+  get_revocation_bytes(revoked_peer_id: string, revoked_at: u64) -> GetRevokeBytesResult
   get_trust_bytes(issued_for_peer_id: string, expires_at_sec: u64, issued_at_sec: u64) -> GetTrustBytesResult
   get_weight(peer_id: string, timestamp_sec: u64) -> WeightResult
   get_weight_factor(max_chain_len: u32) -> u32

example/aqua/computation.aqua

@@ -0,0 +1,24 @@
+
+import "@fluencelabs/trust-graph/trust-graph-api.aqua"
+import "@fluencelabs/trust-graph/trust-graph.aqua"
+import "@fluencelabs/aqua-lib/builtin.aqua"
+
+export trusted_computation
+
+service CertOp("op"):
+  array_length(a: []Certificate) -> u32
+
+service TrustedComputation("op"):
+    identity(s: u64) -> u64
+
+func trusted_computation(node: string) -> ?u64:
+    result: ?u64
+    on node:
+        certs_result <- get_host_certs_from(%init_peer_id%)
+        if certs_result.success:
+            len <- CertOp.array_length(certs_result.certificates)
+
+            if len != 0:
+                result <- TrustedComputation.identity(5)
+
+    <- result

example/aqua/export.aqua

@@ -1,10 +1,13 @@
-import get_trust_bytes, issue_trust, verify_trust, add_trust, add_root, get_weight, get_all_certs, insert_cert, get_revoke_bytes, issue_revocation, revoke, isFluencePeer from "../../aqua/trust-graph-api.aqua"
+import "@fluencelabs/trust-graph/export.aqua"
 
-export get_trust_bytes, issue_trust, verify_trust, add_trust, add_root, get_weight, get_all_certs, insert_cert, get_revoke_bytes, issue_revocation, revoke, isFluencePeer
+export issue_trust_wrapped as issue_trust, verify_trust_wrapped as verify_trust, add_trust_wrapped as add_trust, import_trust_wrapped as import_trust
+export add_root_trust_wrapped as add_root_trust, add_root_wrapped as add_root, get_weight_wrapped as get_weight, get_all_certs_wrapped as get_all_certs, insert_cert_wrapped as insert_cert
+export issue_revocation_wrapped as issue_revocation, revoke_wrapped as revoke, isFluencePeer_wrapped as isFluencePeer
 
-import "@fluencelabs/aqua-lib/builtin.aqua"
+import Peer from "@fluencelabs/aqua-lib/builtin.aqua"
 
-func timestamp_sec(node: string) -> u64:
+func timestamp_sec() -> u64:
-    on node:
+    on HOST_PEER_ID:
         result <- Peer.timestamp_sec()
     <- result
+

example/index.ts

@@ -14,9 +14,10 @@
  * limitations under the License.
  */
 
+import {trusted_computation} from "./generated/computation";
 import * as tg from "./generated/export";
-import { Fluence, KeyPair } from "@fluencelabs/fluence";
+import {Fluence, FluencePeer, KeyPair} from "@fluencelabs/fluence";
-import { krasnodar, Node } from "@fluencelabs/fluence-network-environment";
+import {krasnodar, Node, testNet, stage} from "@fluencelabs/fluence-network-environment";
 import assert from "assert";
 const bs58 = require('bs58');
 
@@ -31,42 +32,65 @@ let local: Node[] = [
         multiaddr:
             "/ip4/127.0.0.1/tcp/9991/ws/p2p/12D3KooWRABanQHUn28dxavN9ZS1zZghqoZVAYtFpoN7FdtoGTFv",
     },
+    {
+        peerId: "12D3KooWFpQ7LHxcC9FEBUh3k4nSCC12jBhijJv3gJbi7wsNYzJ5",
+        multiaddr:
+            "/ip4/127.0.0.1/tcp/9992/ws/p2p/12D3KooWFpQ7LHxcC9FEBUh3k4nSCC12jBhijJv3gJbi7wsNYzJ5",
+    },
 ];
 
-async function is_fluence_peer(relay: string) {
+async function add_roots() {
-   let result =  await tg.isFluencePeer(relay);
+    let current_time = await tg.timestamp_sec();
-
+    let far_future = current_time + 9999999;
-    if (result) {
+    for (var node of local) {
-        console.log("Current relay %s identified as Fluence Labs' peer", relay)
+        let error = await tg.add_root_trust(node.peerId, 2, far_future);
-    } else {
+        console.log("Added root trust for %s", node.peerId)
-        console.log("Current relay %s is not Fluence Labs' peer", relay)
+        assert(error == null);
     }
-
 }
 
-async function add_trust_helper(relay: string, issuer_kp: KeyPair, issuer_peer_id: string, issued_for_peer_id: string, expires_at_sec: number, issued_at_sec: number) {
+async function is_fluence_peer(node: string) {
-    let trust_metadata = await tg.get_trust_bytes(relay, issued_for_peer_id, expires_at_sec, issued_at_sec);
+   let [result, error] =  await tg.isFluencePeer(node);
-    const signed_metadata = await issuer_kp.Libp2pPeerId.privKey.sign(Uint8Array.from(trust_metadata.result));
 
-    let trust = await tg.issue_trust(relay, issued_for_peer_id, expires_at_sec, issued_at_sec, Array.from(signed_metadata));
+   console.log("%s %s", result, error);
-    assert(trust.success)
+   if (error !== null) {
-
+       console.error("Something went wrong: %s", error);
-    let result = await tg.verify_trust(relay, trust.trust, issuer_peer_id);
+   } else {
-    assert(result.success)
+       assert(result !== null);
-
+       if (result) {
-    let result_add = await tg.add_trust(relay, trust.trust, issuer_peer_id);
+           console.log("Current relay %s identified as Fluence Labs' peer", Fluence.getStatus().relayPeerId)
-    assert(result_add.success)
+       } else {
+           console.log("Current relay %s is not Fluence Labs' peer", Fluence.getStatus().relayPeerId)
+       }
+   }
 }
 
-async function revoke_helper(node: string, issuer_kp: KeyPair, revoked_by_peer_id: string, revoked_peer_id: string, revoked_at_sec: number) {
+async function add_new_trust_checked(node: string, issued_for_peer_id: string, expires_at_sec: number) {
-    let trust_metadata = await tg.get_revoke_bytes(node, revoked_peer_id, revoked_at_sec);
+    let error = await tg.add_trust(node, issued_for_peer_id, expires_at_sec);
-    const signed_metadata = await issuer_kp.Libp2pPeerId.privKey.sign(Uint8Array.from(trust_metadata.result));
+    if (error !== null) {
+        console.error("%s", error);
+    } else {
+        console.log("Trust to node %s successfully added", node)
+    }
+}
 
-    let revocation = await tg.issue_revocation(node, revoked_peer_id, revoked_by_peer_id, revoked_at_sec, Array.from(signed_metadata));
+async function revoke_checked(node: string, revoked_peer_id: string) {
-    assert(revocation.success)
+    let error = await tg.revoke(node, revoked_peer_id);
+    if (error !== null) {
+        console.error("%s", error);
+    } else {
+        console.log("Trust to node %s revoked", node)
+    }
+}
 
-    let result_add = await tg.revoke(node, revocation.revocation);
+async function exec_trusted_computation(node: string) {
-    assert(result_add.success)
+    let result = await trusted_computation(node)
+
+    if (result !== null) {
+        console.log("Trusted computation on node %s successful, result is %s", node, result)
+    } else {
+        console.log("Trusted computation on node %s failed", node)
+    }
 }
 
 async function main() {
@@ -81,55 +105,30 @@ async function main() {
         Fluence.getStatus().peerId,
         Fluence.getStatus().relayPeerId
     );
-    let relay = local[0].peerId
+
+    await add_roots();
     let nodeA = local[0].peerId
     let nodeB = local[1].peerId
+    let nodeC = local[2].peerId
+    await revoke_checked(nodeB, nodeB);
+    await exec_trusted_computation(nodeA);
+    await exec_trusted_computation(nodeB);
+    await exec_trusted_computation(nodeC);
 
-    // keypair if nodeA specified in local-network/docker-compose.yml
+    let current_time = await tg.timestamp_sec();
-    const issuer_kp = await KeyPair.fromEd25519SK(bs58.decode("29Apzfedhw2Jxh94Jj4rNSmavQ1TkNe8ALYRA7bMegobwp423aLrURxLk32WtXgXHDqoSz7GAT9fQfoMhVd1e5Ww"));
+    let far_future = current_time + 9999999;
 
-    // set nodeA as a root
+    await add_new_trust_checked(nodeB, nodeB, far_future);
-    let add_root_result = await tg.add_root(relay, nodeA, 2);
-    assert(add_root_result.success)
 
-    // add self-signed root trust
+    await exec_trusted_computation(nodeA);
-    const issued_timestamp_sec = await tg.timestamp_sec(relay);
+    await exec_trusted_computation(nodeB);
-    const expires_at_sec = issued_timestamp_sec + 999999999;
+    await exec_trusted_computation(nodeC);
-    await add_trust_helper(relay, issuer_kp, nodeA, nodeB, expires_at_sec, issued_timestamp_sec);
 
-    let root_weight_result = await tg.get_weight(relay, nodeA);
+    await revoke_checked(nodeB, nodeB);
-    assert(root_weight_result.success)
-    console.log("Root weight (nodeA) is: %s", root_weight_result.weight);
-
-    // issue trust by nodeA to nodeB and add to tg
-    await add_trust_helper(relay, issuer_kp, nodeA, nodeB, expires_at_sec, issued_timestamp_sec);
-    let weight_result = await tg.get_weight(relay, nodeB);
-    console.log("Weight of nodeB: is %s", weight_result.weight);
-
-    assert(root_weight_result.weight / 2 === weight_result.weight);
-
-    let certs = await tg.get_all_certs(relay, nodeB);
-    assert(certs.certificates.length === 1);
-    console.log("There is one cert for nodeB with chain len %s", certs.certificates[0].chain.length);
-    console.log("It contains self-signed nodeA root trust and nodeA->nodeB trust");
-
-    // wait to create revoke after trust (because timestamp in secs)
-    await new Promise(f => setTimeout(f, 1000));
-
-    console.log("Now we will revoke trust for nodeB")
-    // revoke nodeB by nodeA
-    await revoke_helper(relay, issuer_kp, nodeA, nodeB, await tg.timestamp_sec(relay));
-
-    let empty_certs = await tg.get_all_certs(relay, nodeB);
-    assert(empty_certs.certificates.length === 0);
-    console.log("Now there is no certs for nodeB");
-
-    console.log("Let's check if our node is Fluence Labs peer");
-    await is_fluence_peer(relay);
-
-    console.log("Now let's check some krasnodar's node");
-    await is_fluence_peer(krasnodar[0].peerId);
 
+    await exec_trusted_computation(nodeA);
+    await exec_trusted_computation(nodeB);
+    await exec_trusted_computation(nodeC);
     return;
 }
 

example/package.json

@@ -13,9 +13,9 @@
   "author": "Fluence Labs",
   "license": "MIT",
   "dependencies": {
-    "@fluencelabs/aqua": "0.5.0-247",
+    "@fluencelabs/aqua": "file:../../aqua/npm",
-    "@fluencelabs/aqua-lib": "0.2.1",
+    "@fluencelabs/aqua-lib": "^0.3.1",
-    "@fluencelabs/fluence": "0.15.1",
+    "@fluencelabs/fluence": "0.0.1-update-avm-to-0-19-8-612.0",
     "@fluencelabs/fluence-network-environment": "^1.0.10",
     "@fluencelabs/trust-graph": "file:../aqua",
     "bs58": "^4.0.1"

local-network/docker-compose.yml

@@ -1,7 +1,7 @@
 # management secret key is NAB5rGwT4qOEB+6nLQawkTfCOV2eiFSjgQK8bfEdZXY=
 services:
   fluence-0: # /ip4/127.0.0.1/tcp/9990/ws/p2p/12D3KooWHBG9oaVx4i3vi6c1rSBUm7MLBmyGmmbHoZ23pmjDCnvK
-    command: -f ed25519 -k 29Apzfedhw2Jxh94Jj4rNSmavQ1TkNe8ALYRA7bMegobwp423aLrURxLk32WtXgXHDqoSz7GAT9fQfoMhVd1e5Ww -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7770 -w 9990 # --bootstraps /dns4/fluence-1/tcp/7771 /dns4/fluence-2/tcp/7772
+    command: -f ed25519 -k 29Apzfedhw2Jxh94Jj4rNSmavQ1TkNe8ALYRA7bMegobwp423aLrURxLk32WtXgXHDqoSz7GAT9fQfoMhVd1e5Ww -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7770 -w 9990 --bootstraps /dns4/fluence-1/tcp/7771 /dns4/fluence-2/tcp/7772
     container_name: fluence-0
     environment:
       RUST_BACKTRACE: full
@@ -11,7 +11,7 @@ services:
     ports:
       - 7770:7770 # tcp
       - 9990:9990 # ws
-      - 5002:5001 # ipfs rpc
+      - 5003:5001 # ipfs rpc
       - 4000:4001 # ipfs swarm
       - 18080:18080 # /metrics
     restart: always
@@ -22,56 +22,58 @@ services:
     networks:
       - fluence
 
-#  fluence-1: # /ip4/127.0.0.1/tcp/9991/ws/p2p/12D3KooWRABanQHUn28dxavN9ZS1zZghqoZVAYtFpoN7FdtoGTFv
+  fluence-1: # /ip4/127.0.0.1/tcp/9991/ws/p2p/12D3KooWRABanQHUn28dxavN9ZS1zZghqoZVAYtFpoN7FdtoGTFv
-#    command: -f ed25519 -k 5fNENMwkUT4dW3hPs9ZwqV4qA5pdTtUChTazAx9Awe2Vpz1yaJu3VCmcEZow6YgdFBGoZoFAZUZBbF3c2Ebd2iL -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7771 -w 9991 --bootstraps /dns4/fluence-0/tcp/7770 /dns4/fluence-2/tcp/7772 #/dns4/kras-00.fluence.dev/tcp/7770
+    command: -f ed25519 -k 5fNENMwkUT4dW3hPs9ZwqV4qA5pdTtUChTazAx9Awe2Vpz1yaJu3VCmcEZow6YgdFBGoZoFAZUZBbF3c2Ebd2iL -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7771 -w 9991 --bootstraps /dns4/fluence-0/tcp/7770 /dns4/fluence-2/tcp/7772 #/dns4/kras-00.fluence.dev/tcp/7770
-#    container_name: fluence-1
+    container_name: fluence-1
-#    environment:
+    environment:
-#      RUST_BACKTRACE: full
+      RUST_BACKTRACE: full
-#      RUST_LOG: info,network=trace,aquamarine=info,aquamarine::actor=info,tokio_threadpool=info,tokio_reactor=info,mio=info,tokio_io=info,soketto=info,yamux=info,multistream_select=info,libp2p_secio=info,libp2p_websocket::framed=info,libp2p_ping=info,libp2p_core::upgrade::apply=info,libp2p_kad::kbucket=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,particle_server::behaviour::identify=info,libp2p_mplex=info,libp2p_identify=info,walrus=info,particle_protocol::libp2p_protocol::upgrade=info,kademlia::behaviour=info
+      RUST_LOG: info,network=trace,aquamarine=info,aquamarine::actor=info,tokio_threadpool=info,tokio_reactor=info,mio=info,tokio_io=info,soketto=info,yamux=info,multistream_select=info,libp2p_secio=info,libp2p_websocket::framed=info,libp2p_ping=info,libp2p_core::upgrade::apply=info,libp2p_kad::kbucket=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,particle_server::behaviour::identify=info,libp2p_mplex=info,libp2p_identify=info,walrus=info,particle_protocol::libp2p_protocol::upgrade=info,kademlia::behaviour=info
-#      WASM_LOG: info
+      WASM_LOG: info
-#    image: fluencelabs/node:latest
+    image: fluencelabs/node:latest
-#    ports:
+    ports:
-#      - 7771:7771 # tcp
+      - 7771:7771 # tcp
-#      - 9991:9991 # ws
+      - 9991:9991 # ws
-#      - 5001:5001 # ipfs rpc
+      - 5001:5001 # ipfs rpc
-#      - 4001:4001 # ipfs swarm
+      - 4001:4001 # ipfs swarm
-#      - 18081:18080 # /metrics
+      - 18081:18080 # /metrics
-#    restart: always
+    restart: always
-#    volumes:
+    volumes:
-#      - fluence-1:/.fluence
+      - fluence-1:/.fluence
-#      - data-1:/config
+      - data-1:/config
-#    networks:
+      - ./builtins_secret_key.ed25519:/.fluence/v1/builtins_secret_key.ed25519
-#      - fluence
+    networks:
-#
+      - fluence
-#  fluence-2: # /ip4/127.0.0.1/tcp/9992/ws/p2p/12D3KooWFpQ7LHxcC9FEBUh3k4nSCC12jBhijJv3gJbi7wsNYzJ5
+
-#    command: -f ed25519 -k 5DTs9LQS8Ay2dM8xBcikDRwYLMcanhsC6tynSSgpLyBZEv5Ey34LVw1fYcCuUj9A9EfvQJB2bsaGhSRoHQ7D6UE5 -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7772 -w 9992 --bootstraps /dns4/fluence-0/tcp/7770 /dns4/fluence-1/tcp/7771 #/dns4/kras-00.fluence.dev/tcp/7770
+  fluence-2: # /ip4/127.0.0.1/tcp/9992/ws/p2p/12D3KooWFpQ7LHxcC9FEBUh3k4nSCC12jBhijJv3gJbi7wsNYzJ5
-#    container_name: fluence-2
+    command: -f ed25519 -k 5DTs9LQS8Ay2dM8xBcikDRwYLMcanhsC6tynSSgpLyBZEv5Ey34LVw1fYcCuUj9A9EfvQJB2bsaGhSRoHQ7D6UE5 -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7772 -w 9992 --bootstraps /dns4/fluence-0/tcp/7770 /dns4/fluence-1/tcp/7771 #/dns4/kras-00.fluence.dev/tcp/7770
-#    environment:
+    container_name: fluence-2
-#      RUST_BACKTRACE: full
+    environment:
-#      RUST_LOG: info,network=trace,aquamarine=info,aquamarine::actor=info,tokio_threadpool=info,tokio_reactor=info,mio=info,tokio_io=info,soketto=info,yamux=info,multistream_select=info,libp2p_secio=info,libp2p_websocket::framed=info,libp2p_ping=info,libp2p_core::upgrade::apply=info,libp2p_kad::kbucket=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,particle_server::behaviour::identify=info,libp2p_mplex=info,libp2p_identify=info,walrus=info,particle_protocol::libp2p_protocol::upgrade=info,kademlia::behaviour=info
+      RUST_BACKTRACE: full
-#      WASM_LOG: info
+      RUST_LOG: info,network=trace,aquamarine=info,aquamarine::actor=info,tokio_threadpool=info,tokio_reactor=info,mio=info,tokio_io=info,soketto=info,yamux=info,multistream_select=info,libp2p_secio=info,libp2p_websocket::framed=info,libp2p_ping=info,libp2p_core::upgrade::apply=info,libp2p_kad::kbucket=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,particle_server::behaviour::identify=info,libp2p_mplex=info,libp2p_identify=info,walrus=info,particle_protocol::libp2p_protocol::upgrade=info,kademlia::behaviour=info
-#    image: fluencelabs/node:latest
+      WASM_LOG: info
-#    ports:
+    image: fluencelabs/node:latest
-#      - 7772:7772 # tcp
+    ports:
-#      - 9992:9992 # ws
+      - 7772:7772 # tcp
-#      - 5002:5001 # ipfs rpc
+      - 9992:9992 # ws
-#      - 4002:4001 # ipfs swarm
+      - 5002:5001 # ipfs rpc
-#      - 18082:18080 # /metrics
+      - 4002:4001 # ipfs swarm
-#    restart: always
+      - 18082:18080 # /metrics
-#    volumes:
+    restart: always
-#      - fluence-2:/.fluence
+    volumes:
-#      - data-2:/config
+      - fluence-2:/.fluence
-#    networks:
+      - data-2:/config
-#      - fluence
+      - ./builtins_secret_key.ed25519:/.fluence/v1/builtins_secret_key.ed25519
+    networks:
+      - fluence
 
 version: "3.5"
 volumes:
   fluence-0:
-#  fluence-1:
+  fluence-1:
-#  fluence-2:
+  fluence-2:
   data-0:
-#  data-1:
+  data-1:
-#  data-2:
+  data-2:
 
 networks:
   fluence: 

service/src/service_api.rs

@@ -198,7 +198,7 @@ fn add_trust(trust: Trust, issuer_peer_id: String, timestamp_sec: u64) -> AddTru
 }
 
 #[marine]
-fn get_revoke_bytes(revoked_peer_id: String, revoked_at: u64) -> GetRevokeBytesResult {
+fn get_revocation_bytes(revoked_peer_id: String, revoked_at: u64) -> GetRevokeBytesResult {
     wrapped_try(|| {
         let public_key = extract_public_key(revoked_peer_id)?;
         Ok(trust_graph::Revocation::signature_bytes(

service/src/storage_impl.rs

@@ -321,7 +321,6 @@ impl Storage for SQLiteStorage {
         let mut roots = vec![];
 
         while let Some(row) = cursor.next()? {
-            log::info!("row: {:?}", row);
             let pk = row[0].as_string().ok_or(PublicKeyConversion)?;
             let pk: PK = PK::from_str(pk).map_err(|e| PublicKeyFromStr(e.to_string()))?;
 

service/src/tests.rs

@@ -201,7 +201,7 @@ mod service_tests {
         revoked_peer_id: &PeerId,
         revoked_at_sec: u64,
     ) -> Revocation {
-        let result = trust_graph.get_revoke_bytes(revoked_peer_id.to_base58(), revoked_at_sec);
+        let result = trust_graph.get_revocation_bytes(revoked_peer_id.to_base58(), revoked_at_sec);
         assert!(result.success, "{}", result.error);
 
         let revoke_bytes = issuer_kp.sign(&result.result).unwrap().to_vec().to_vec();