Skip to content

Miscellaneous improvements from the Veridise audit #1820

Miscellaneous improvements from the Veridise audit

Miscellaneous improvements from the Veridise audit #1820

Workflow file for this run

name: CI
on:
push:
branches:
- main
pull_request:
branches:
- main
env:
CARGO_NET_GIT_FETCH_WITH_CLI: true
INFURA_API_KEY: '${{ secrets.INFURA_API_KEY }}'
USER_PRIVATE_KEY: '${{ secrets.USER_PRIVATE_KEY }}'
ETHERSCAN_API_KEY: '${{ secrets.ETHERSCAN_API_KEY }}'
MAINNET_RPC: '${{ secrets.MAINNET_RPC }}'
jobs:
Linter:
runs-on: [self-hosted, nixos, X64]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Use local my-action
uses: ./.github/actions/setup
with:
cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Run yarn format check
run: nix develop -c yarn format:check
Build_All:
runs-on: [self-hosted, nixos, X64]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Use local my-action
uses: ./.github/actions/setup
with:
cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Build all
run: nix develop -c yarn check:build
# EOS_Relayer_Test:
# runs-on: [self-hosted, nixos, X64]
# steps:
# - uses: actions/checkout@v4
# with:
# submodules: recursive
# - name: Use local my-action
# uses: ./.github/actions/setup
# with:
# cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
# - name: Run Verifier in EOS - Relayer test
# run: nix develop -c yarn test './tests/eosLightClient/test-verifier-in-EOS-relay.ts'
Solidity_Validators_Accumulator_Test:
runs-on: [self-hosted, nixos, X64]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name:
uses: ./.github/actions/setup
with:
cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Run Solidity Validators accumulator tests
run: nix develop -c make test-validator-accumulator
# Nim_Light_Client_Compiled_with_Emsctipten_Tests:
# runs-on: [self-hosted, nixos, X64]
# steps:
# - uses: actions/checkout@v4
# with:
# submodules: recursive
# - name: Use local my-action
# uses: ./.github/actions/setup
# with:
# cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
#
# - name: Run Nim Light Client compiled with emsctipten tests
# run: nix develop -c yarn test-emcc './tests/test-nim-to-wasm.ts' 'test-nim-light-client.ts'
Nim_Light_Client_Clang_Test:
runs-on: [self-hosted, nixos, X64]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Use local my-action
uses: ./.github/actions/setup
with:
cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Run Nim Light Client compiled with clang tests
run: nix develop -c yarn test './tests/test-nim-to-wasm.ts' 'test-nim-light-client.ts'
Nim_Groth16_Verifier_Tests:
runs-on: [self-hosted, nixos, X64]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Use local my-action
uses: ./.github/actions/setup
with:
cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Run Nim groth16 verifier tests
run: nix develop -c make test-groth16-verifier
# Disable temporary till we find way to have docker in local setup
# Run_Light_Client_In_Cosmos_Test:
# runs-on: [self-hosted, nixos, X64]
# steps:
# - uses: actions/checkout@v4
# with:
# submodules: recursive
# - name: Use local my-action
# uses: ./.github/actions/setup
# with:
# cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
# - name: Run Light Client in Cosmos test
# run: nix develop -c yarn test './tests/cosmosLightClient/test-nim-light-client-in-cosmos.ts'
# Run_Verifier_In_Cosmos_Test:
# runs-on: [self-hosted, nixos, X64]
# steps:
# - uses: actions/checkout@v4
# with:
# submodules: recursive
# - name: Use local my-action
# uses: ./.github/actions/setup
# with:
# cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
# - name: Run Verifier in Cosmos test
# run: nix develop -c yarn test './tests/cosmosLightClient/test-verifier-in-cosmos.ts'
# Run_Verifier_In_Cosmos_Relay_Tests:
# runs-on: [self-hosted, nixos, X64]
# steps:
# - uses: actions/checkout@v4
# with:
# submodules: recursive
# - name: Use local my-action
# uses: ./.github/actions/setup
# with:
# cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
# - name: Run Verifier in Cosmos - Relayer test
# run: nix develop -c yarn test './tests/cosmosLightClient/test-verifier-in-cosmos-relay.ts'
Run_Circom_Tests:
runs-on: [self-hosted, nixos, X64]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Use local my-action
uses: ./.github/actions/setup
with:
cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Run circom tests
run: nix develop -c make test-circom-circuits
Run_Plonky2_Tests:
runs-on: [self-hosted, nixos, X64]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Use local my-action
uses: ./.github/actions/setup
with:
cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Run plonky2 circuit tests
run: nix develop -c make test-plonky2-circuits
Run_Verify_Given_Proof:
runs-on: [self-hosted, nixos, X64]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Use local my-action
uses: ./.github/actions/setup
with:
cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Run Verify given proof - test using bncurve and constantine
run: nix develop -c nim c -r 'tests/verify_proof/verify_given_proof_test.nim'
Run_Verify_Given_Proof_ffJS:
runs-on: [self-hosted, nixos, X64]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Use local my-action
uses: ./.github/actions/setup
with:
cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Run Verify given proof - test using ffJavascript
run: nix develop -c yarn test ./tests/verify_proof/verify_given_proof_test.ts
Solidity_Verifier_Tests:
runs-on: [self-hosted, nixos, X64]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Use local my-action
uses: ./.github/actions/setup
with:
cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Run Solidity verifier tests
run: nix develop -c make evm-simulation
OneShot_Syncing_Simulation:
runs-on: [self-hosted, nixos, X64]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Use local my-action
uses: ./.github/actions/setup
with:
cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Run one shot syncing simulation
run: nix develop -c make one-shot-syncing-simulation
Bash_Scripts_Building_Circom_Circuits:
runs-on: [self-hosted, nixos, x86-64-v3]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Use local my-action
uses: ./.github/actions/setup
with:
cachix_auth_token: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Run one of the scripts building the circom circuits
run: nix develop -c ./scripts/build-circom-compress-circuits.sh
check:
if: always()
needs:
- Linter
# - EOS_Relayer_Test
- Solidity_Validators_Accumulator_Test
# - Nim_Light_Client_Compiled_with_Emsctipten_Tests
- Nim_Light_Client_Clang_Test
- Nim_Groth16_Verifier_Tests
# - Run_Light_Client_In_Cosmos_Test
# - Run_Verifier_In_Cosmos_Test
- Run_Circom_Tests
# - Run_Verifier_In_Cosmos_Relay_Tests
- Run_Verify_Given_Proof
- Run_Verify_Given_Proof_ffJS
- Solidity_Verifier_Tests
- OneShot_Syncing_Simulation
- Run_Plonky2_Tests
runs-on: [self-hosted, nixos, X64]
steps:
- name: Check if any job failed or was cancelled
if: >-
${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}
run: exit 1
- name: Success
if: >-
${{ !(contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')) }}
run: echo "All dependent jobs succeeded!"