switchboard-xyz
diff --git a/‎infra-apps/vmagent.yaml
Lines changed: 16 additions & 0 deletions b/‎infra-apps/vmagent.yaml
Lines changed: 16 additions & 0 deletions
diff --git a/‎infra-apps/vmetrics-remotewrite.yaml
Lines changed: 0 additions & 7 deletions b/‎infra-apps/vmetrics-remotewrite.yaml
Lines changed: 0 additions & 7 deletions
diff --git a/‎operator-guide.md
Lines changed: 11 additions & 7 deletions b/‎operator-guide.md
Lines changed: 11 additions & 7 deletions
diff --git a/‎scripts/src/bootstrap.ts
Lines changed: 151 additions & 132 deletions b/‎scripts/src/bootstrap.ts
Lines changed: 151 additions & 132 deletions
@@ -0,0 +1,16 @@
+scrape_configs:
+  - job_name: "switchboard-pods"
+    scrape_interval: 60s
+    kubernetes_sd_configs:
+      - role: pod
+    scheme: http
+    metrics_path: /metrics
+    relabel_configs:
+      - source_labels: [__meta_kubernetes_pod_label_should_scrape]
+        regex: scrape
+        action: keep
+      - target_label: operator
+        replacement: "$EXAMPLE_OPERATOR"
+
+remoteWriteUrls:
+  - "http://remote-write.switchboard.xyz/insert/0/prometheus"
@@ -79,13 +79,7 @@ also want to set up prometheus or vmetrics to scrape
 metrics from the oracles, secrets management like 
 infisical, or a log aggregator like loki.
 
-Exposing metrics and logs are strongly encouraged for all oracle operators. To do so, first you must register a domain/subdomain to use for your metrics and logs endpoints respectively. If you are using k3s, then you can find the external ip address by running this command:
-
-```bash
-kubectl -n kube-system get svc traefik
-```
-
-If you are using a different kubernetes distribution and/or ingress controller, you can find that wit this command:
+Exposing metrics and logs are strongly encouraged for all oracle operators. To do so, first you must register a domain/subdomain to use for your metrics and logs endpoints respectively. You can find the external ip address by running this command once your ingress controller is installed:
 
 ```bash
 kubectl get svc --all-namespaces
@@ -107,13 +101,23 @@ helm install \
   --version v1.12.3 \
   --set installCRDs=true \
   --set global.leaderElection.namespace=cert-manager
+helm install ingress-nginx ingress-nginx/ingress-nginx \
+  --namespace ingress-nginx \
+  --create-namespace \
+  --timeout 600s \
+  --debug \
 
 helm repo add infisical-helm-charts 'https://dl.cloudsmith.io/public/infisical/helm-charts/helm/charts/' 
 helm install secrets-operator infisical-helm-charts/secrets-operator
 ```
 
 in order to use the infisical secrets operator, you must first create an infisical account and follow [the setup guide](https://infisical.com/docs/integrations/platforms/kubernetes) and upload secrets with a name/slug that aligns with the infisicalSecretKey and infisicalSecretSlug in your values yaml.
 
+If you are a switchboard partner, you are expected to export your metric data to a centralized instance to better monitor network health.
+```bash
+helm upgrade -i vmagent vm/victoria-metrics-agent -f vmagent.yaml
+```
+
 ### Step 3: Install the Kubernetes SGX Plugin
 
 Before installing the SGX plugin, check the latest 
 
@@ -2,154 +2,173 @@ import * as anchor from "@coral-xyz/anchor";
 import * as spl from "@solana/spl-token";
 import type { AccountInfo, AccountMeta } from "@solana/web3.js";
 import {
-    AddressLookupTableProgram,
-    Connection,
-    Keypair,
-    MessageV0,
-    PublicKey,
-    sendAndConfirmTransaction,
-    SystemProgram,
-    Transaction,
-    TransactionInstruction,
-    TransactionMessage,
-    VersionedTransaction,
+  AddressLookupTableProgram,
+  Connection,
+  Keypair,
+  MessageV0,
+  PublicKey,
+  sendAndConfirmTransaction,
+  SystemProgram,
+  Transaction,
+  TransactionInstruction,
+  TransactionMessage,
+  VersionedTransaction,
+  AddressLookupTableAccount,
 } from "@solana/web3.js";
+var resolve = require("resolve-dir");
 import { Big, BigUtils, bs58 } from "@switchboard-xyz/common";
 import { OracleJob } from "@switchboard-xyz/common";
-import * as sb from "@switchboard-xyz/solana.js";
+import * as sb from "@switchboard-xyz/on-demand";
 import { toBufferLE } from "bigint-buffer";
 import * as crypto from "crypto";
 import * as fs from "fs";
 const assert = require("assert");
-
-const walletFile = "/home/scottk/workspace/creds/devnet-wallet";
-// example "/Users/mgild/switchboard_environments_v2/devnet/upgrade_authority/test.json"
-const payerFile = "/home/scottk/workspace/creds/devnet-wallet"
-let PID = new PublicKey("sbattyXrzedoNATfc4L31wC9Mhxsi1BmFhTiN8gDshx");
-// PID = new PublicKey("CR1hCrkKveeWrYYs5kk7rasRM2AH1vZy8s8fn42NBwkq");
-const RPC_URL = "https://api.devnet.solana.com";
-
-
-
-async function fetchLatestSlotHash(
-    connection: Connection
-): Promise<[bigint, string]> {
-    const slotHashesSysvarKey = new PublicKey(
-        "SysvarS1otHashes111111111111111111111111111"
-    );
-    const accountInfo = await connection.getAccountInfo(slotHashesSysvarKey, {
-        commitment: "confirmed",
-        dataSlice: { length: 40, offset: 8 },
-    });
-    let buffer = accountInfo!.data;
-    const slotNumber = buffer.readBigUInt64LE();
-    buffer = buffer.slice(8);
-    return [slotNumber, bs58.encode(buffer)];
-}
-
-async function initWalletFromFile(filePath: string): Promise<anchor.Wallet> {
-    // Read the file
-    const secretKeyString: string = fs.readFileSync(filePath, {
-        encoding: "utf8",
-    });
-    const secretKey: Uint8Array = Uint8Array.from(JSON.parse(secretKeyString));
-
-    // Create a keypair from the secret key
-    const keypair: Keypair = Keypair.fromSecretKey(secretKey);
-
-    // Create a wallet
-    const wallet: anchor.Wallet = new anchor.Wallet(keypair);
-
-    return wallet;
-}
-
-async function initKeypairFromFile(filePath: string): Promise<Keypair> {
-    // Read the file
-    const secretKeyString: string = fs.readFileSync(filePath, {
-        encoding: "utf8",
-    });
-    const secretKey: Uint8Array = Uint8Array.from(JSON.parse(secretKeyString));
-
-    // Create a keypair from the secret key
-    const keypair: Keypair = Keypair.fromSecretKey(secretKey);
-
-    return keypair;
+const yargs = require("yargs/yargs");
+import {
+  InstructionUtils,
+  PullFeed,
+  Queue,
+  RecentSlotHashes,
+} from "@switchboard-xyz/on-demand";
+
+// ts-node bootstrap.ts --queueKey=7n7CSKBhqxM9m9YyLPn7cF6vXvxtZAWMBW42ior8qode --guardianQueue=F4pXZNjaaNmGwXzBhoxs5yaH6f6RKKkj5qgCZKPF9rjg --payerPath=/home/scottk/workspace/creds/devops-keypair.json
+
+let argv = yargs(process.argv).options({
+  queueKey: {
+    type: "string",
+    describe: "Queue to put pull oracle on",
+    demand: false,
+    default: "",
+  },
+  guardianQueue: {
+    type: "string",
+    describe: "Queue to put guardian oracle on",
+    demand: false,
+    default: "",
+  },
+  initQueues: {
+    type: "boolean",
+    describe: "Initialize new queues",
+    demand: false,
+    default: false,
+  },
+  payerPath: {
+    type: "string",
+    describe: "Path to payer keypair",
+    demand: true,
+  },
+}).argv;
+
+async function sendIx(
+  program: anchor.Program,
+  ix: TransactionInstruction,
+  signers: Array<Keypair>
+) {
+  const tx = await InstructionUtils.asV0Tx(program, [ix], []);
+  for (const signer of signers) {
+    tx.sign([signer]);
+  }
+  const sig = await program.provider.connection.sendTransaction(tx);
+  console.log(`signature: ${sig}`);
 }
 
-async function keypairFromJson(secretKeyString: string): Promise<Keypair> {
-    const secretKey: Uint8Array = Uint8Array.from(JSON.parse(secretKeyString));
-
-    // Create a keypair from the secret key
-    return Keypair.fromSecretKey(secretKey);
+function keypairFromJson(secretKeyString: string): Keypair {
+  const secretKey: Uint8Array = Uint8Array.from(JSON.parse(secretKeyString));
+  return Keypair.fromSecretKey(secretKey);
 }
 
-export function logEnvVariables(
-    env: Array<[string, string | anchor.web3.PublicKey]>,
-    pre = "Make sure to add the following to your .env file:"
-) {
-    console.log(
-        `\n${pre}\n\t${env
-            .map(([key, value]) => `${key.toUpperCase()}=${value}`)
-            .join("\n\t")}\n`
-    );
+function initKeypairFromFile(filePath: string): Keypair {
+  const secretKeyString = fs.readFileSync(filePath, { encoding: "utf8" });
+  return keypairFromJson(secretKeyString);
 }
 
 (async () => {
-    const ORACLE_IP = "127.0.0.1";
-
-    let PID = new PublicKey("sbattyXrzedoNATfc4L31wC9Mhxsi1BmFhTiN8gDshx");
-    PID = sb.SB_ON_DEMAND_PID;
-    const connection = new Connection(
-        RPC_URL,
-        "confirmed"
-    );
-
-    const wallet = await initWalletFromFile(
-        walletFile
-    );
-    const devnetPayer = await initKeypairFromFile(
-        payerFile
+  let PID;
+  PID = sb.SB_ON_DEMAND_PID;
+  const connection = new Connection(
+    "https://api.devnet.solana.com",
+    "confirmed"
+  );
+  const devnetPayer = initKeypairFromFile(
+    resolve(argv.payerPath || "./payer.json")
+  );
+  const wallet = new anchor.Wallet(devnetPayer);
+  const provider = new anchor.AnchorProvider(connection, wallet, {});
+  const idl = await anchor.Program.fetchIdl(PID, provider);
+  const program = new anchor.Program(idl!, PID, provider);
+  let queueKey = argv.queueKey;
+  let guardianQueueKey = argv.guardianQueue;
+  console.log(`Queue: ${queueKey}`);
+  console.log(`GuardianQueue: ${guardianQueueKey}`);
+  if (argv.initQueues) {
+    try {
+      const [state, stateInitSig] = await sb.State.create(program);
+      console.log(`State: ${state.pubkey.toBase58()} Sig: ${stateInitSig}`);
+    } catch (e) {}
+    const state = new sb.State(program);
+    const [queue, queueCreateSig] = await sb.Queue.create(program, {});
+    console.log(`Queue: ${queue.pubkey.toBase58()} Sig: ${queueCreateSig}`);
+    queueKey = queue.pubkey.toBase58();
+    const [guardianQueue, guardianQueueCreateSig] = await sb.Queue.create(
+      program,
+      {}
     );
-    const provider = new anchor.AnchorProvider(connection, wallet, {});
-    const idl = await anchor.Program.fetchIdl(PID, provider);
-    const program = new anchor.Program(idl!, PID, provider);
-    const switchboardProgram = sb.SwitchboardProgram.from(
-        connection,
-        devnetPayer,
-        sb.SB_V2_PID,
-        PID
+    guardianQueueKey = guardianQueue.pubkey.toBase58();
+    console.log(
+      `GuardianQueue: ${queue.pubkey.toBase58()} Sig: ${guardianQueueCreateSig}`
     );
-
-    const [slotNumber, slotHash] = await fetchLatestSlotHash(connection);
-    const bootstrappedQueue = (await sb.AttestationQueueAccount.bootstrapNewQueue(
-        switchboardProgram
-    )) as any;
-    console.log(bootstrappedQueue);
-
-    const attestationQueueAccount = bootstrappedQueue.attestationQueue.account;
-    const verifierOracleAccount = bootstrappedQueue.verifier.account;
-    const quoteKeypair2 = Keypair.generate();
-
-    const [verifier2, signature] = await attestationQueueAccount.createVerifier({
-        createPermissions: true,
-        keypair: quoteKeypair2,
+    const setConfigIx = await state.setConfigsIx({
+      queue: guardianQueue.pubkey,
+      newAuthority: devnetPayer.publicKey,
+      minQuoteVerifyVotes: new anchor.BN(1),
+    });
+    const setConfigTx = await InstructionUtils.asV0Tx(program, [setConfigIx]);
+    setConfigTx.sign([devnetPayer]);
+    const setConfigSig = await connection.sendTransaction(setConfigTx);
+    console.log(`Set Config Sig: ${setConfigSig}`);
+  }
+  const queue = new sb.Queue(program, new PublicKey(queueKey));
+  const guardianQueue = new sb.Queue(program, new PublicKey(guardianQueueKey));
+  const stateAccount = new sb.State(program);
+  const state = new sb.State(program);
+  const [oracle1, oracleCreateSig1] = await sb.Oracle.create(program, {
+    queue: queue.pubkey,
+  });
+  const [guardianOracle1, goracleCreateSig1] = await sb.Oracle.create(program, {
+    queue: guardianQueue.pubkey,
+  });
+  if (argv.initQueues) {
+    await sendIx(
+      program,
+      await sb.Permission.setIx(program, {
+        authority: devnetPayer.publicKey,
+        grantee: oracle1.pubkey,
+        granter: queue.pubkey,
         enable: true,
-        queueAuthorityPubkey: devnetPayer.publicKey,
+        permission: sb.SwitchboardPermission.PermitOracleHeartbeat,
+      }),
+      [devnetPayer]
+    );
+    await sendIx(
+      program,
+      await sb.Permission.setIx(program, {
         authority: devnetPayer.publicKey,
-        queueAccount: attestationQueueAccount.publicKey,
-        registryKey: new Uint8Array(64).fill(0),
-    });
-    console.log(verifier2.publicKey);
-
-    logEnvVariables([
-        ["SWITCHBOARD_ATTESTATION_QUEUE_KEY", attestationQueueAccount.publicKey],
-        ["SWITCHBOARD_VERIFIER_ORACLE_KEY", verifierOracleAccount.publicKey],
-        ["SWITCHBOARD_VERIFIER_ORACLE_KEY2", verifier2.publicKey.toString()],
-    ]);
-
-    const y = bootstrappedQueue.signatures.map((s: any, i: any): any => {
-        return { name: `bootstrap_queue #${i + 1}`, tx: s };
-    });
-    console.log(y);
-    return;
+        granter: guardianQueue.pubkey,
+        grantee: guardianOracle1.pubkey,
+        enable: true,
+        permission: sb.SwitchboardPermission.PermitOracleHeartbeat,
+      }),
+      [devnetPayer]
+    );
+  }
+
+  console.log(`
+  export QUEUE=${queue.pubkey.toBase58()}
+  export GUARDIAN_QUEUE=${guardianQueue.pubkey.toBase58()}
+  export STATE=${state.pubkey.toBase58()}
+  export PID=${PID.toBase58()}
+  export ORACLE1=${oracle1.pubkey.toBase58()}
+  export GUARDIAN_ORACLE1=${guardianOracle1.pubkey.toBase58()}
+  `);
+  return;
 })();