Feature/bridge validator prod deploy

deployment/CONFIGURATION.md

@@ -4,7 +4,7 @@ Please see the [Configuration](../CONFIGURATION.md) for additional configuration
 
 ## Prerequisites
 
-A functional Ubuntu 16.04 server launched using a trusted hosting provider. For more information, see our tutorials on [setting up a validator node on AWS](https://github.com/poanetwork/wiki/wiki/Validator-Node-on-AWS) or [setting up on non-AWS](https://github.com/poanetwork/wiki/wiki/Validator-Node-Non-AWS).
+A functional Ubuntu 16.04 server launched using a trusted hosting provider.
   * Record the IP address (required for file setup).
   * Setup ssh access to your node via public+private keys (using passwords is less secure). 
   * When creating the node, set a meaningful `hostname` that can identify you (e.g. `validator-0x...`).
@@ -13,7 +13,7 @@ A functional Ubuntu 16.04 server launched using a trusted hosting provider. For
 
 1. Clone this repository and go to the `deployment` folder
 ```
-git clone --recursive https://github.com/poanetwork/tokenbridge
+git clone --recursive https://github.com/gnosischain/tokenbridge
 cd tokenbridge/deployment
 ```
 2. Create the file `hosts.yml` from `hosts.yml.example`
@@ -24,25 +24,21 @@ cp hosts.yml.example hosts.yml
 `hosts.yml` should have the following structure:
 
 ```yaml
-<bridge_name>:
+all:
   children:
     oracle:
-      hosts:
-        <host_ip_A>:
-          ansible_user: <user>
-          ORACLE_VALIDATOR_ADDRESS_PRIVATE_KEY: "<private_key>"
-          #syslog_server_port: "<protocol>://<ip>:<port>" # When this parameter is set all bridge logs will be redirected to <ip>:<port> address.
-        <host_ip_B>:
-          # (...)
-    monitor:
-      hosts:
-        <host_ip_B>:
-          ansible_user: <user>
-          #syslog_server_port: "<protocol>://<ip>:<port>"
-          #monitor_cron_schedule: "*/4 * * * *" # When this parameter is set, it will overwrite default schedule for performing checks
+      children:
+        <group_vars_config>:
+          hosts:
+            <host_ip>:
+              ansible_user: <user>
+              ORACLE_VALIDATOR_ADDRESS_PRIVATE_KEY: "........................." # without 0x
+              #syslog_server_port: "<protocol>://<ip>:<port>" # When this parameter is set all bridge logs will be redirected to <ip>:<port> address.
 ```
 
-The config above would install the Oracle on `<host_ip_A>`, and both Oracle and Monitor on `<host_ip_B>`.
+Deprecated: monitor playbook!
+
+The config above would install the Oracle on `<host_ip>`.
 ```
 
 | Value | Description |
@@ -58,17 +54,13 @@ The config above would install the Oracle on `<host_ip_A>`, and both Oracle and
 3. Copy the bridge name(s) to the hosts.yml file. 
    1. Go to the group_vars folder. 
    `cd group_vars`
-   2. Note the  <bridge_name> and add it to the hosts.yml configuration. For example, if a bridge file is named sokol-kovan.yml, you would change the <bridge_name> value in hosts.yml to sokol-kovan.
-
-## Examples
-
-[Deploy a monitor for multiple bridges](./MONITOR.md)
+   2. Note the <bridge_name> and add it to the hosts.yml configuration. For example, if a bridge file is named native_test.yml, you would change the <bridge_name> value in hosts.yml to native_test.
 
 ## Administrator Configurations
 
 1. The `group_vars/<bridge_name>.yml` file contains the public bridge parameters. This file is prepared by administrators for each bridge. The validator only needs to add the required bridge name in the hosts.yml file to tell Ansible which file to use.
 
-   `group_vars/example.yml` shows an example configuration for the POA/Sokol - POA/Sokol bridge. Parameter values should match values from the .env file for the Oracle. See [Configuration parameters](../../oracle/README.md#configuration-parameters) for details.
+   `group_vars/native_test.yml` shows an example configuration for the XDAI Native Bridge: Chiado - Goerli. Parameter values should match values from the .env file for the Oracle. See [Configuration parameters](../../oracle/README.md#configuration-parameters) for details.
 
 2. You can also add the following parameters in the `group_vars` to change the default behavior of the playbooks:
 

deployment/EXECUTION.md

@@ -44,7 +44,6 @@ The deployed components have the following services:
 Component | Service Name
 --- | ---
 Oracle | poabridge
-Monitor | tokenbridge-monitor
 
 Use the default `SysVinit` commands to `start`, `stop`, `restart`, and `rebuild` the service and to check the `status` of the service. 
 
@@ -72,8 +71,10 @@ where the _<watcher>_ could be one of the following:
 - `signature-request`
 - `collected-signatures`
 - `affirmation-request`
+- `transfer`
 
 ## Reset nonce counters
+
 In case some tx from your bridge validator account were done outside the bridge, you might need to update nonce counters.
 
 1. ssh to your bridge node and run:

deployment/group_vars/amb_production.yml

@@ -0,0 +1,44 @@
+---
+## General settings
+ORACLE_BRIDGE_MODE: "ARBITRARY_MESSAGE"
+ORACLE_ALLOW_HTTP_FOR_RPC: yes
+ORACLE_LOG_LEVEL: info
+
+## Home contract
+COMMON_HOME_RPC_URL: "https://rpc.ankr.com/gnosis"
+ORACLE_HOME_RPC_POLLING_INTERVAL: 15000
+COMMON_HOME_BRIDGE_ADDRESS: "0x75Df5AF045d91108662D8080fD1FEFAd6aA0bb59"
+
+## Foreign contract
+COMMON_FOREIGN_RPC_URL: "https://mainnet.infura.io/v3/<infura_key>"
+ORACLE_FOREIGN_RPC_POLLING_INTERVAL: 24000
+COMMON_FOREIGN_BRIDGE_ADDRESS: "0x4C36d2919e407f0Cc2Ee3c993ccF8ac26d9CE64e"
+
+ORACLE_TX_REDUNDANCY: true
+ORACLE_HOME_TX_RESEND_INTERVAL: 300000
+
+## Home Gasprice
+COMMON_HOME_GAS_PRICE_SUPPLIER_URL: "eip1559-gas-estimation"
+COMMON_HOME_GAS_PRICE_SPEED_TYPE: "fast"
+COMMON_HOME_GAS_PRICE_FALLBACK: 2000000000      # in wei
+COMMON_HOME_GAS_PRICE_FACTOR: 1
+ORACLE_HOME_GAS_PRICE_UPDATE_INTERVAL: 600000
+
+## Foreign Gasprice
+COMMON_FOREIGN_GAS_PRICE_SUPPLIER_URL: "eip1559-gas-estimation"
+COMMON_FOREIGN_GAS_PRICE_SPEED_TYPE: "fast"
+COMMON_FOREIGN_GAS_PRICE_FALLBACK: 100000000000   # in wei
+COMMON_FOREIGN_GAS_PRICE_FACTOR: 1
+ORACLE_FOREIGN_GAS_PRICE_UPDATE_INTERVAL: 600000
+
+QUEUE_URL: "amqp://rabbit-amb"
+REDIS_URL: "redis://redis-amb"
+
+# disable building and pulling of docker images from the Docker Hub
+# skip_pull: true
+# skip_build: true
+
+## BEGIN Calculated by scripts/getValidatorStartBlocks.js
+# ORACLE_HOME_START_BLOCK: 25106875
+# ORACLE_FOREIGN_START_BLOCK: 16027237
+## END Calculated by scripts/getValidatorStartBlocks.js

deployment/group_vars/amb_test.yml

@@ -0,0 +1,36 @@
+---
+ORACLE_BRIDGE_MODE: "ARBITRARY_MESSAGE"
+ORACLE_LOG_LEVEL: debug
+
+COMMON_HOME_RPC_URL: "https://rpc.chiadochain.net/"
+COMMON_HOME_BRIDGE_ADDRESS: "0x60b0f8800039457de96D1b6c0A13fc270F1C99CE"
+ORACLE_HOME_RPC_POLLING_INTERVAL: 5000
+
+COMMON_FOREIGN_RPC_URL: "https://goerli.infura.io/v3/<infura_key>"
+COMMON_FOREIGN_BRIDGE_ADDRESS: "0xa3264bAFa607BDe904A9A400d2C3a3a3d0C79eA8"
+ORACLE_FOREIGN_RPC_POLLING_INTERVAL: 5000
+
+ORACLE_TX_REDUNDANCY: true
+ORACLE_HOME_TX_RESEND_INTERVAL: 300000
+
+COMMON_HOME_GAS_PRICE_SUPPLIER_URL: "eip1559-gas-estimation"
+COMMON_HOME_GAS_PRICE_SPEED_TYPE: "fast"
+COMMON_HOME_GAS_PRICE_FALLBACK: 1000000000
+COMMON_HOME_GAS_PRICE_FACTOR: 1
+ORACLE_HOME_GAS_PRICE_UPDATE_INTERVAL: 600000
+
+COMMON_FOREIGN_GAS_PRICE_FALLBACK: 10000000000
+COMMON_FOREIGN_GAS_PRICE_FACTOR: 1
+ORACLE_FOREIGN_GAS_PRICE_UPDATE_INTERVAL: 600000
+
+ORACLE_ALLOW_HTTP_FOR_RPC: false
+
+# =
+QUEUE_URL: "amqp://rabbit-amb"
+REDIS_URL: "redis://redis-amb"
+#!=
+
+## BEGIN Calculated by scripts/getValidatorStartBlocks.js
+# ORACLE_HOME_START_BLOCK: 849859
+# ORACLE_FOREIGN_START_BLOCK: 7951812
+## END Calculated by scripts/getValidatorStartBlocks.js

deployment/group_vars/native_production.yml

@@ -0,0 +1,40 @@
+---
+## General settings
+ORACLE_BRIDGE_MODE: "ERC_TO_NATIVE"
+ORACLE_ALLOW_HTTP_FOR_RPC: yes
+ORACLE_LOG_LEVEL: info
+
+## Home contract
+COMMON_HOME_RPC_URL: "https://rpc.ankr.com/gnosis"
+ORACLE_HOME_RPC_POLLING_INTERVAL: 15000
+COMMON_HOME_BRIDGE_ADDRESS: "0x7301CFA0e1756B71869E93d4e4Dca5c7d0eb0AA6"
+
+## Foreign contract
+COMMON_FOREIGN_RPC_URL: "https://mainnet.infura.io/v3/<infura_key>"
+ORACLE_FOREIGN_RPC_POLLING_INTERVAL: 24000
+COMMON_FOREIGN_BRIDGE_ADDRESS: "0x4aa42145Aa6Ebf72e164C9bBC74fbD3788045016"
+
+ORACLE_TX_REDUNDANCY: true
+ORACLE_HOME_TX_RESEND_INTERVAL: 300000
+
+## Home Gasprice
+COMMON_HOME_GAS_PRICE_SUPPLIER_URL: "eip1559-gas-estimation"
+COMMON_HOME_GAS_PRICE_SPEED_TYPE: "fast"
+COMMON_HOME_GAS_PRICE_FALLBACK: 2000000000      # in wei
+COMMON_HOME_GAS_PRICE_FACTOR: 1
+ORACLE_HOME_GAS_PRICE_UPDATE_INTERVAL: 600000
+
+## Foreign Gasprice
+COMMON_FOREIGN_GAS_PRICE_SUPPLIER_URL: "eip1559-gas-estimation"
+COMMON_FOREIGN_GAS_PRICE_SPEED_TYPE: "fast"
+COMMON_FOREIGN_GAS_PRICE_FALLBACK: 100000000000   # in wei
+COMMON_FOREIGN_GAS_PRICE_FACTOR: 1
+ORACLE_FOREIGN_GAS_PRICE_UPDATE_INTERVAL: 600000
+
+QUEUE_URL: "amqp://rabbit"
+REDIS_URL: "redis://redis"
+
+## BEGIN Calculated by scripts/getValidatorStartBlocks.js
+# ORACLE_HOME_START_BLOCK: 25106875
+# ORACLE_FOREIGN_START_BLOCK: 16027237
+## END Calculated by scripts/getValidatorStartBlocks.js

deployment/group_vars/native_test.yml

@@ -0,0 +1,36 @@
+---
+ORACLE_BRIDGE_MODE: "ERC_TO_NATIVE"
+ORACLE_LOG_LEVEL: debug
+
+COMMON_HOME_RPC_URL: "https://rpc.chiadochain.net/"
+COMMON_HOME_BRIDGE_ADDRESS: "0x1558B3D83D56bDF55Db1E9410AAdBD2F79057228"
+ORACLE_HOME_RPC_POLLING_INTERVAL: 5000
+
+COMMON_FOREIGN_RPC_URL: "https://goerli.infura.io/v3/<infura_key>"
+COMMON_FOREIGN_BRIDGE_ADDRESS: "0x71cf72bdc6b3f77a12c7521e34c711c7dec0c336"
+ORACLE_FOREIGN_RPC_POLLING_INTERVAL: 5000
+
+ORACLE_TX_REDUNDANCY: true
+ORACLE_HOME_TX_RESEND_INTERVAL: 300000
+
+COMMON_HOME_GAS_PRICE_SUPPLIER_URL: "eip1559-gas-estimation"
+COMMON_HOME_GAS_PRICE_SPEED_TYPE: "fast"
+COMMON_HOME_GAS_PRICE_FALLBACK: 1000000000
+COMMON_HOME_GAS_PRICE_FACTOR: 1
+ORACLE_HOME_GAS_PRICE_UPDATE_INTERVAL: 600000
+
+COMMON_FOREIGN_GAS_PRICE_FALLBACK: 30000000000
+COMMON_FOREIGN_GAS_PRICE_FACTOR: 1
+ORACLE_FOREIGN_GAS_PRICE_UPDATE_INTERVAL: 600000
+
+ORACLE_ALLOW_HTTP_FOR_RPC: false
+
+# =
+QUEUE_URL: "amqp://rabbit"
+REDIS_URL: "redis://redis"
+#!=
+
+## BEGIN Calculated by scripts/getValidatorStartBlocks.js
+# ORACLE_HOME_START_BLOCK: 838278
+# ORACLE_FOREIGN_START_BLOCK: 7949543
+## END Calculated by scripts/getValidatorStartBlocks.js

deployment/hosts.yml.example

@@ -1,15 +1,13 @@
 ---
-sokol-kovan:
+# EXECUTION COMMAND:
+# ansible-playbook -e 'ansible_python_interpreter=/usr/bin/python3' -i hosts.yml site.yml --ask-become --limit <group_vars_config>
+all:
   children:
     oracle:
-      hosts:
-        127.0.0.1:
-          ansible_user: ubuntu
-          ORACLE_VALIDATOR_ADDRESS_PRIVATE_KEY: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-          #syslog_server_port: "udp://127.0.0.1:514"
-    monitor:
-      hosts:
-        127.0.0.1:
-          ansible_user: ubuntu
-          #syslog_server_port: "<protocol>://<ip>:<port>"
-          #monitor_cron_schedule: "*/4 * * * *"
+      children:
+        <group_vars_config>:
+          hosts:
+            <host_ip>:
+              ansible_user: <user>
+              ORACLE_VALIDATOR_ADDRESS_PRIVATE_KEY: "........................." # without 0x
+              #syslog_server_port: "<protocol>://<ip>:<port>" # When this parameter is set all bridge logs will be redirected to <ip>:<port> address.

deployment/roles/oracle/templates/poabridge.j2

@@ -36,7 +36,15 @@ start(){
     cd $WORKDIR
     sudo -u "{{ compose_service_user }}" /usr/local/bin/docker-compose $composefileoverride down -v
     sudo -u "{{ compose_service_user }}" /usr/local/bin/docker-compose $composefileoverride rm -fv
-    sudo -u "{{ compose_service_user }}" ORACLE_VALIDATOR_ADDRESS=$vaddr ORACLE_VALIDATOR_ADDRESS_PRIVATE_KEY=$vkey /usr/local/bin/docker-compose $composefileoverride up --detach
+    sudo -u "{{ compose_service_user }}" \
+    ORACLE_VALIDATOR_ADDRESS=$vaddr ORACLE_VALIDATOR_ADDRESS_PRIVATE_KEY=$vkey \
+    /usr/local/bin/docker-compose $composefileoverride up --detach
+
+    # this containers are not used in production because a validator should not execute a claim in the foreign network
+    sudo -u "{{ compose_service_user }}" \
+    ORACLE_VALIDATOR_ADDRESS=$vaddr ORACLE_VALIDATOR_ADDRESS_PRIVATE_KEY=$vkey \
+    /usr/local/bin/docker-compose $composefileoverride \
+    stop bridge_senderforeign bridge_collected
 }
 
 stop(){

deployment/site.yml

@@ -4,8 +4,9 @@
   become: true
   roles:
     - { role: oracle }
-- name: Install Monitor
-  hosts: monitor
-  become: true
-  roles:
-    - { role: monitor }
+# @TODO deprecated
+# - name: Install Monitor
+#   hosts: monitor
+#   become: true
+#   roles:
+#     - { role: monitor }