-
Notifications
You must be signed in to change notification settings - Fork 12
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add manual scripts for mesh security
- Loading branch information
Showing
11 changed files
with
1,049 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,122 @@ | ||
| #!/bin/bash | ||
| set -xeu | ||
|
|
||
| # always returns true so set -e doesn't exit if it is not running. | ||
| killall meshd || true | ||
| rm -rf $HOME/.meshd/ | ||
|
|
||
| # make four mesh directories | ||
| mkdir $HOME/.meshd | ||
| cd $HOME/.meshd/ | ||
| mkdir $HOME/.meshd/validator1 | ||
| mkdir $HOME/.meshd/validator2 | ||
| mkdir $HOME/.meshd/validator3 | ||
|
|
||
| # init all three validators | ||
| meshd init --chain-id=testing-1 validator1 --home=$HOME/.meshd/validator1 | ||
| meshd init --chain-id=testing-1 validator2 --home=$HOME/.meshd/validator2 | ||
| meshd init --chain-id=testing-1 validator3 --home=$HOME/.meshd/validator3 | ||
|
|
||
| # create keys for all three validators | ||
| meshd keys add validator1 --keyring-backend=test --home=$HOME/.meshd/validator1 | ||
| meshd keys add validator2 --keyring-backend=test --home=$HOME/.meshd/validator2 | ||
| meshd keys add validator3 --keyring-backend=test --home=$HOME/.meshd/validator3 | ||
|
|
||
| # create validator node with tokens to transfer to the three other nodes | ||
| meshd add-genesis-account $(meshd keys show validator1 -a --keyring-backend=test --home=$HOME/.meshd/validator1) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator1 | ||
| meshd add-genesis-account $(meshd keys show validator2 -a --keyring-backend=test --home=$HOME/.meshd/validator2) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator1 | ||
| meshd add-genesis-account $(meshd keys show validator3 -a --keyring-backend=test --home=$HOME/.meshd/validator3) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator1 | ||
| meshd add-genesis-account $(meshd keys show validator1 -a --keyring-backend=test --home=$HOME/.meshd/validator1) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator2 | ||
| meshd add-genesis-account $(meshd keys show validator2 -a --keyring-backend=test --home=$HOME/.meshd/validator2) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator2 | ||
| meshd add-genesis-account $(meshd keys show validator3 -a --keyring-backend=test --home=$HOME/.meshd/validator3) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator2 | ||
| meshd add-genesis-account $(meshd keys show validator1 -a --keyring-backend=test --home=$HOME/.meshd/validator1) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator3 | ||
| meshd add-genesis-account $(meshd keys show validator2 -a --keyring-backend=test --home=$HOME/.meshd/validator2) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator3 | ||
| meshd add-genesis-account $(meshd keys show validator3 -a --keyring-backend=test --home=$HOME/.meshd/validator3) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator3 | ||
| meshd gentx validator1 1000000000000000000000stake --keyring-backend=test --home=$HOME/.meshd/validator1 --chain-id=testing-1 | ||
| meshd gentx validator2 1000000000000000000000stake --keyring-backend=test --home=$HOME/.meshd/validator2 --chain-id=testing-1 | ||
| meshd gentx validator3 1000000000000000000000stake --keyring-backend=test --home=$HOME/.meshd/validator3 --chain-id=testing-1 | ||
|
|
||
| cp validator2/config/gentx/*.json $HOME/.meshd/validator1/config/gentx/ | ||
| cp validator3/config/gentx/*.json $HOME/.meshd/validator1/config/gentx/ | ||
| meshd collect-gentxs --home=$HOME/.meshd/validator1 | ||
|
|
||
| # cp validator1/config/genesis.json $HOME/.meshd/validator2/config/genesis.json | ||
| # cp validator1/config/genesis.json $HOME/.meshd/validator3/config/genesis.json | ||
|
|
||
|
|
||
| # change app.toml values | ||
| VALIDATOR1_APP_TOML=$HOME/.meshd/validator1/config/app.toml | ||
| VALIDATOR2_APP_TOML=$HOME/.meshd/validator2/config/app.toml | ||
| VALIDATOR3_APP_TOML=$HOME/.meshd/validator3/config/app.toml | ||
|
|
||
| # validator1 | ||
| sed -i -E 's|localhost:9090|localhost:9050|g' $VALIDATOR1_APP_TOML | ||
| sed -i -E 's|127.0.0.1:9090|127.0.0.1:9050|g' $VALIDATOR1_APP_TOML | ||
|
|
||
| # validator2 | ||
| sed -i -E 's|tcp://localhost:1317|tcp://localhost:1316|g' $VALIDATOR2_APP_TOML | ||
| # sed -i -E 's|127.0.0.1:9090|127.0.0.1:9088|g' $VALIDATOR2_APP_TOML | ||
| sed -i -E 's|localhost:9090|localhost:9088|g' $VALIDATOR2_APP_TOML | ||
| # sed -i -E 's|0.0.0.0:9091|0.0.0.0:9089|g' $VALIDATOR2_APP_TOML | ||
| sed -i -E 's|localhost:9091|localhost:9089|g' $VALIDATOR2_APP_TOML | ||
| sed -i -E 's|tcp://0.0.0.0:10337|tcp://0.0.0.0:10347|g' $VALIDATOR2_APP_TOML | ||
|
|
||
| # validator3 | ||
| sed -i -E 's|tcp://localhost:1317|tcp://localhost:1315|g' $VALIDATOR3_APP_TOML | ||
| # sed -i -E 's|127.0.0.1:9090|127.0.0.1:9086|g' $VALIDATOR3_APP_TOML | ||
| sed -i -E 's|localhost:9090|localhost:9086|g' $VALIDATOR3_APP_TOML | ||
| # sed -i -E 's|0.0.0.0:9091|0.0.0.0:9087|g' $VALIDATOR3_APP_TOML | ||
| sed -i -E 's|localhost:9091|localhost:9087|g' $VALIDATOR3_APP_TOML | ||
| sed -i -E 's|tcp://0.0.0.0:10337|tcp://0.0.0.0:10357|g' $VALIDATOR3_APP_TOML | ||
|
|
||
| # change config.toml values | ||
| VALIDATOR1_CONFIG=$HOME/.meshd/validator1/config/config.toml | ||
| VALIDATOR2_CONFIG=$HOME/.meshd/validator2/config/config.toml | ||
| VALIDATOR3_CONFIG=$HOME/.meshd/validator3/config/config.toml | ||
|
|
||
|
|
||
| # validator1 | ||
| sed -i -E 's|allow_duplicate_ip = false|allow_duplicate_ip = true|g' $VALIDATOR1_CONFIG | ||
| sed -i -E 's|prometheus = false|prometheus = true|g' $VALIDATOR1_CONFIG | ||
|
|
||
|
|
||
| # validator2 | ||
| sed -i -E 's|tcp://127.0.0.1:26658|tcp://127.0.0.1:26655|g' $VALIDATOR2_CONFIG | ||
| sed -i -E 's|tcp://127.0.0.1:26657|tcp://127.0.0.1:26654|g' $VALIDATOR2_CONFIG | ||
| sed -i -E 's|tcp://0.0.0.0:26656|tcp://0.0.0.0:26653|g' $VALIDATOR2_CONFIG | ||
| sed -i -E 's|allow_duplicate_ip = false|allow_duplicate_ip = true|g' $VALIDATOR2_CONFIG | ||
| sed -i -E 's|prometheus = false|prometheus = true|g' $VALIDATOR2_CONFIG | ||
| sed -i -E 's|prometheus_listen_addr = ":26660"|prometheus_listen_addr = ":26630"|g' $VALIDATOR2_CONFIG | ||
|
|
||
| # validator3 | ||
| sed -i -E 's|tcp://127.0.0.1:26658|tcp://127.0.0.1:26652|g' $VALIDATOR3_CONFIG | ||
| sed -i -E 's|tcp://127.0.0.1:26657|tcp://127.0.0.1:26651|g' $VALIDATOR3_CONFIG | ||
| sed -i -E 's|tcp://0.0.0.0:26656|tcp://0.0.0.0:26650|g' $VALIDATOR3_CONFIG | ||
| sed -i -E 's|allow_duplicate_ip = false|allow_duplicate_ip = true|g' $VALIDATOR3_CONFIG | ||
| sed -i -E 's|prometheus = false|prometheus = true|g' $VALIDATOR3_CONFIG | ||
| sed -i -E 's|prometheus_listen_addr = ":26660"|prometheus_listen_addr = ":26620"|g' $VALIDATOR3_CONFIG | ||
|
|
||
| # copy validator1 genesis file to validator2-3 | ||
| cp $HOME/.meshd/validator1/config/genesis.json $HOME/.meshd/validator2/config/genesis.json | ||
| cp $HOME/.meshd/validator1/config/genesis.json $HOME/.meshd/validator3/config/genesis.json | ||
|
|
||
| # copy tendermint node id of validator1 to persistent peers of validator2-3 | ||
| node1=$(meshd tendermint show-node-id --home=$HOME/.meshd/validator1) | ||
| node2=$(meshd tendermint show-node-id --home=$HOME/.meshd/validator2) | ||
| node3=$(meshd tendermint show-node-id --home=$HOME/.meshd/validator3) | ||
| sed -i -E "s|persistent_peers = \"\"|persistent_peers = \"$node1@localhost:26656,$node2@localhost:26656,$node3@localhost:26656\"|g" $HOME/.meshd/validator1/config/config.toml | ||
| sed -i -E "s|persistent_peers = \"\"|persistent_peers = \"$node1@localhost:26656,$node2@localhost:26656,$node3@localhost:26656\"|g" $HOME/.meshd/validator2/config/config.toml | ||
| sed -i -E "s|persistent_peers = \"\"|persistent_peers = \"$node1@localhost:26656,$node2@localhost:26656,$node3@localhost:26656\"|g" $HOME/.meshd/validator3/config/config.toml | ||
|
|
||
|
|
||
| # # start all three validators/ | ||
| # meshd start --home=$HOME/.meshd/validator1 | ||
| screen -S mesh1 -t mesh1 -d -m meshd start --home=$HOME/.meshd/validator1 | ||
| screen -S mesh2 -t mesh2 -d -m meshd start --home=$HOME/.meshd/validator2 | ||
| screen -S mesh3 -t mesh3 -d -m meshd start --home=$HOME/.meshd/validator3 | ||
| # meshd start --home=$HOME/.meshd/validator3 | ||
|
|
||
| sleep 7 | ||
|
|
||
| meshd tx bank send $(meshd keys show validator1 -a --keyring-backend=test --home=$HOME/.meshd/validator1) $(meshd keys show validator2 -a --keyring-backend=test --home=$HOME/.meshd/validator2) 100000stake --keyring-backend=test --chain-id=testing-1 -y --home=$HOME/.meshd/validator1 --fees 100000000000000osmo | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| #!/bin/bash | ||
| killall meshd || true | ||
| rm -rf $HOME/.meshd/ | ||
|
|
||
|
|
||
| meshd keys add val --keyring-backend test | ||
| meshd keys add test1 --keyring-backend test | ||
| meshd keys add test2 --keyring-backend test | ||
| meshd keys add test3 --keyring-backend test | ||
|
|
||
| # init chain | ||
| meshd init test-1 --chain-id testt | ||
|
|
||
| # Change parameter token denominations to stake | ||
| cat $HOME/.meshd/config/genesis.json | jq '.app_state["staking"]["params"]["bond_denom"]="stake"' > $HOME/.meshd/config/tmp_genesis.json && mv $HOME/.meshd/config/tmp_genesis.json $HOME/.meshd/config/genesis.json | ||
| cat $HOME/.meshd/config/genesis.json | jq '.app_state["crisis"]["constant_fee"]["denom"]="stake"' > $HOME/.meshd/config/tmp_genesis.json && mv $HOME/.meshd/config/tmp_genesis.json $HOME/.meshd/config/genesis.json | ||
| cat $HOME/.meshd/config/genesis.json | jq '.app_state["gov"]["deposit_params"]["min_deposit"][0]["denom"]="stake"' > $HOME/.meshd/config/tmp_genesis.json && mv $HOME/.meshd/config/tmp_genesis.json $HOME/.meshd/config/genesis.json | ||
| cat $HOME/.meshd/config/genesis.json | jq '.app_state["mint"]["params"]["mint_denom"]="stake"' > $HOME/.meshd/config/tmp_genesis.json && mv $HOME/.meshd/config/tmp_genesis.json $HOME/.meshd/config/genesis.json | ||
|
|
||
| # Allocate genesis accounts (cosmos formatted addresses) | ||
| meshd add-genesis-account val 1000000000000stake --keyring-backend test | ||
| meshd add-genesis-account test1 1000000000stake --keyring-backend test | ||
| meshd add-genesis-account test2 1000000000stake --keyring-backend test | ||
| meshd add-genesis-account test3 50000000stake --keyring-backend test | ||
|
|
||
| # Sign genesis transaction | ||
| meshd gentx val 1000000stake --keyring-backend test --chain-id testt | ||
|
|
||
| # Collect genesis tx | ||
| meshd collect-gentxs | ||
|
|
||
| # Run this to ensure everything worked and that the genesis file is setup correctly | ||
| meshd validate-genesis | ||
|
|
||
| # Start the node (remove the --pruning=nothing flag if historical queries are not needed) | ||
|
|
||
|
|
||
| screen -S meshx -t meshx -d -m meshd start | ||
|
|
||
| sleep 7 | ||
|
|
||
| test2=$(meshd keys show test1 --keyring-backend test -a) | ||
| val2=$(meshd keys show val --keyring-backend test -a) | ||
|
|
||
| meshd tx bank send $val2 $test2 100000stake --chain-id testt --keyring-backend test --fees 10stake -y #--node tcp://127.0.0.1:26657 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,195 @@ | ||
| # !/bin/bash | ||
| killall meshd || true | ||
| killall rly || true | ||
| # deploy chain 1 | ||
| ./scripts/mesh/testibc/chain1.sh | ||
| # deploy chain 2 | ||
| ./scripts/mesh/testibc/chain2.sh | ||
| sleep 7 | ||
| ./scripts/mesh/testibc/instantiate.sh | ||
| # run relayer | ||
| ./scripts/mesh/testibc/rly.sh | ||
|
|
||
| home1node1=$HOME/.meshd/chain1/node1 | ||
| home2node1=$HOME/.meshd/chain2/node1 | ||
| node2=tcp://127.0.0.1:26667 | ||
|
|
||
| virtual_staking=$(meshd q wasm list-contract-by-code 2 --output json | jq -r '.contracts[0]' ) | ||
| converter=$(meshd q wasm list-contract-by-code 3 --output json | jq -r '.contracts[0]' ) | ||
| vault=$(meshd q wasm list-contract-by-code 1 --output json --node $node2 | jq -r '.contracts[0]' ) | ||
| native_staking=$(meshd q wasm list-contract-by-code 3 --output json --node $node2 | jq -r '.contracts[0]' ) | ||
| ext_staking=$(meshd q wasm list-contract-by-code 4 --output json --node $node2 | jq -r '.contracts[0]' ) | ||
| test1_provider_addr=$(meshd keys show test1 --keyring-backend test --home=$home2node1 --address) | ||
|
|
||
| # Set virtual staking max cap | ||
| meshd tx meshsecurity submit-proposal set-virtual-staking-max-cap $virtual_staking 100000000stake --title "a title" --summary "a summary" --from test1 --keyring-backend test --home=$home1node1 --chain-id chain-1 -y --deposit 10000000stake | ||
|
|
||
| sleep 7 | ||
|
|
||
| meshd tx gov vote 1 yes --from val1 --keyring-backend test --home=$home1node1 --chain-id chain-1 -y | ||
|
|
||
| sleep 5 | ||
|
|
||
| # Update mesh security provider module's params | ||
| gov_addr=$(meshd q auth --node $node2 module-account gov -o json | jq ".account.base_account.address") | ||
|
|
||
| echo "gov addr: $gov_addr" | ||
| proposal=$(cat <<EOF | ||
| { | ||
| "messages": [ | ||
| { | ||
| "@type": "/osmosis.meshsecurityprovider.MsgUpdateParams", | ||
| "authority": $gov_addr, | ||
| "params": { | ||
| "vault_address": "$vault", | ||
| "native_staking_address": "$native_staking" | ||
| } | ||
| } | ||
| ], | ||
| "metadata": "ipfs://CID", | ||
| "deposit": "100000000stake", | ||
| "title": "Update params", | ||
| "summary": "Update params" | ||
| } | ||
| EOF | ||
| ) | ||
| echo $proposal | ||
| echo $proposal > ./scripts/mesh/update_params.json | ||
| meshd tx gov submit-proposal ./scripts/mesh/update_params.json --from test1 --keyring-backend test --home=$home2node1 --node $node2 --chain-id chain-2 -y | ||
|
|
||
| sleep 7 | ||
|
|
||
| meshd tx gov vote 1 yes --from val1 --keyring-backend test --home=$home2node1 --chain-id chain-2 --node $node2 -y | ||
|
|
||
| sleep 30 | ||
|
|
||
| # stake from provider(chain2) '{"bond":{}}'=======bond============ | ||
| meshd tx wasm execute $vault '{"bond":{"amount":{"amount": "20000000", "denom":"stake"}}}' --from test1 --home=$home2node1 --chain-id chain-2 --keyring-backend test --node $node2 --fees 1stake -y --gas 15406929 | ||
|
|
||
| sleep 7 | ||
|
|
||
| account_query=$(cat <<EOF | ||
| { | ||
| "account_details": { | ||
| "account": "$test1_provider_addr" | ||
| } | ||
| } | ||
| EOF | ||
| ) | ||
|
|
||
| meshd q wasm state smart $vault "$account_query" --node $node2 | ||
|
|
||
| # Compare tokens and select the operator address with the larger tokens value | ||
| validators=$(meshd q staking validators --output json --node $node2) | ||
| tokens_0=$(echo "$validators" | jq -r '.validators[0].tokens') | ||
| tokens_1=$(echo "$json_data" | jq -r '.validators[1].tokens') | ||
|
|
||
| if (( tokens_0 > tokens_1 )); then | ||
| val2_provider_addr=$(echo "$validators" | jq -r '.validators[0].operator_address') | ||
| else | ||
| val2_provider_addr=$(echo "$validators" | jq -r '.validators[1].operator_address') | ||
| fi | ||
|
|
||
| echo "validator 2: $val2_provider_addr" | ||
|
|
||
| # Stake 10_000_000 stake to val 1 provider chain | ||
| stake_msg=$(cat <<EOF | ||
| {"validator": "$val2_provider_addr"} | ||
| EOF | ||
| ) | ||
| encode_msg=$(echo "$stake_msg" | base64) | ||
|
|
||
| stake_local_msg=$(cat <<EOF | ||
| { | ||
| "stake_local":{ | ||
| "amount": { | ||
| "denom":"stake", | ||
| "amount":"10000000" | ||
| }, | ||
| "msg":"$encode_msg" | ||
| } | ||
| } | ||
| EOF | ||
| ) | ||
|
|
||
|
|
||
| meshd tx wasm execute $vault "$stake_local_msg" --from test1 --home=$home2node1 --chain-id chain-2 --keyring-backend test --node $node2 --fees 1stake -y --gas 15406929 | ||
|
|
||
| # Wait a while for relaying tx to consumer chain | ||
| sleep 20 | ||
|
|
||
| account_query=$(cat <<EOF | ||
| { | ||
| "account_details": { | ||
| "account": "$test1_provider_addr" | ||
| } | ||
| } | ||
| EOF | ||
| ) | ||
| meshd q wasm state smart $vault "$account_query" --node $node2 | ||
|
|
||
| # Stop running validator 2 to make it jail | ||
| pid=$(ps waux | grep -i screen | grep -i mesh2-node2 | grep -v grep | awk '{print $2}' | xargs -I{} pgrep -P {} | xargs -I{} pgrep -P {} | xargs -I{} ps -w -p {} | grep meshd | awk '{print $1}') | ||
| kill -9 $pid | ||
|
|
||
| # wait for 2 minutes to jail validator | ||
| sleep 120 | ||
|
|
||
| meshd q staking validator $val2_provider_addr --node $node2 | ||
|
|
||
| val2_status=$(meshd q staking validator $val2_provider_addr --node $node2 -o json| jq '.jailed') | ||
| echo "jailed: $val2_status" | ||
|
|
||
| # Get proxy contract | ||
| proxy_by_owner_query=$(cat <<EOF | ||
| { | ||
| "proxy_by_owner": {"owner": "$test1_provider_addr"} | ||
| } | ||
| EOF | ||
| ) | ||
| native_staking_proxy=$(meshd q wasm state smart $native_staking "$proxy_by_owner_query" --node $node2 -o json | jq -r '.data.proxy') | ||
|
|
||
| echo "proxy address: $native_staking_proxy" | ||
|
|
||
| # Unstake | ||
| unstake_msg=$(cat <<EOF | ||
| { | ||
| "unstake":{ | ||
| "validator":"$val2_provider_addr", | ||
| "amount": { | ||
| "denom":"stake", | ||
| "amount":"10000000" | ||
| } | ||
| } | ||
| } | ||
| EOF | ||
| ) | ||
|
|
||
| meshd tx wasm execute $native_staking_proxy "$unstake_msg" --from test1 --home=$home2node1 --chain-id chain-2 --keyring-backend test --node $node2 --fees 1stake -y --gas 15406929 | ||
|
|
||
| sleep 7 | ||
|
|
||
| meshd tx wasm execute $native_staking_proxy '{"release_unbonded": {}}' --from test1 --home=$home2node1 --chain-id chain-2 --keyring-backend test --node $node2 --fees 1stake -y --gas 15406929 | ||
|
|
||
| sleep 7 | ||
| account_query=$(cat <<EOF | ||
| { | ||
| "account": { | ||
| "account": "$test1_provider_addr" | ||
| } | ||
| } | ||
| EOF | ||
| ) | ||
|
|
||
| meshd q wasm state smart $vault "$account_query" --node $node2 | ||
|
|
||
| account_query=$(cat <<EOF | ||
| { | ||
| "account_details": { | ||
| "account": "$test1_provider_addr" | ||
| } | ||
| } | ||
| EOF | ||
| ) | ||
|
|
||
| meshd q wasm state smart $vault "$account_query" --node $node2 |
Oops, something went wrong.