wip

Author: h4x3rotab

kms/auth-eth/.env.example

@@ -0,0 +1,17 @@
+# Example environment configuration for local testing
+
+# Server configuration
+PORT=8000
+HOST=127.0.0.1
+
+# Ethereum configuration
+ETH_RPC_URL=http://127.0.0.1:8545
+KMS_CONTRACT_ADDR=0x0000000000000000000000000000000000000000
+
+# For testing with local Anvil node (Foundry):
+# ETH_RPC_URL=http://127.0.0.1:8545
+# KMS_CONTRACT_ADDR=<deployed_contract_address>
+
+# For testing with testnet:
+# ETH_RPC_URL=https://rpc.sepolia.org
+# KMS_CONTRACT_ADDR=<your_deployed_contract_address>

kms/auth-eth/TESTING.md

@@ -0,0 +1,53 @@
+# Testing Guide for DStack KMS Auth
+
+Complete testing with **Foundry only** - no Hardhat dependencies.
+
+## 🏗️ Smart Contract Testing
+
+```bash
+npm run test:foundry:all    # All smart contract tests (36 tests)
+```
+
+Covers: Core logic, upgrades, authorization, gas optimization
+
+## 🌐 API Server Testing
+
+### Unit Tests (Fast)
+```bash
+npm test                    # Jest with mocked blockchain (4 tests)
+```
+
+### Integration Tests (Real Blockchain)
+```bash
+npm run test:full           # Complete: Anvil + Deploy + API tests + Cleanup
+```
+
+This automatically:
+1. Starts Anvil node
+2. Deploys contracts 
+3. Starts API server
+4. Tests all endpoints
+5. Cleans up
+
+## 🔧 Manual Testing
+
+### Start Services
+```bash
+npm run test:full:keep      # Keep Anvil + API server running
+```
+
+### Test Endpoints
+```bash
+curl http://127.0.0.1:8000/                    # Health check
+curl -X POST http://127.0.0.1:8000/bootAuth/app \
+  -H "Content-Type: application/json" \
+  -d '{"tcbStatus":"UpToDate","advisoryIds":[],"mrAggregated":"0x1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef","osImageHash":"0xabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcd","mrSystem":"0x9012901290129012901290129012901290129012901290129012901290129012","appId":"0x9012345678901234567890123456789012345678","composeHash":"0xabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcd","instanceId":"0x3456789012345678901234567890123456789012","deviceId":"0xef12ef12ef12ef12ef12ef12ef12ef12ef12ef12ef12ef12ef12ef12ef12ef12"}'
+```
+
+## 🚀 CI/CD Pipeline
+
+```bash
+npm test                    # Fast unit tests
+npm run test:foundry:all    # Complete contract tests  
+npm run build               # Build check
+```

kms/auth-eth/anvil-test.log

@@ -0,0 +1,58 @@
+
+
+                             _   _
+                            (_) | |
+      __ _   _ __   __   __  _  | |
+     / _` | | '_ \  \ \ / / | | | |
+    | (_| | | | | |  \ V /  | | | |
+     \__,_| |_| |_|   \_/   |_| |_|
+
+    1.2.3-stable (a813a2cee7 2025-06-08T15:42:40.147013149Z)
+    https://github.com/foundry-rs/foundry
+
+Available Accounts
+==================
+
+(0) 0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266 (100.000000000000000000 ETH)
+(1) 0x70997970C51812dc3A010C7d01b50e0d17dc79C8 (100.000000000000000000 ETH)
+(2) 0x3C44CdDdB6a900fa2b585dd299e03d12FA4293BC (100.000000000000000000 ETH)
+
+Private Keys
+==================
+
+(0) 0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80
+(1) 0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d
+(2) 0x5de4111afa1a4b94908f83103eb1f1706367c2e68ca870fc3fb9a804cdab365a
+
+Wallet
+==================
+Mnemonic:          test test test test test test test test test test test junk
+Derivation path:   m/44'/60'/0'/0/
+
+
+Chain ID
+==================
+
+31337
+
+Base Fee
+==================
+
+1000000000
+
+Gas Limit
+==================
+
+30000000
+
+Genesis Timestamp
+==================
+
+1753701293
+
+Genesis Number
+==================
+
+0
+
+Listening on 127.0.0.1:8545

kms/auth-eth/broadcast/Deploy.s.sol/31337/run-1753703030.json

@@ -11,7 +11,9 @@
     "test:watch": "jest --watch",
     "test:coverage": "jest --coverage",
     "test:foundry": "forge test --ffi",
-    "test:foundry:core": "forge test --ffi --match-path \"test/DstackApp.t.sol\" && forge test --ffi --match-path \"test/DstackKms.t.sol\" && forge test --ffi --match-path \"test/UpgradesBasic.t.sol\""
+    "test:foundry:all": "forge clean && forge build && forge test --ffi",
+    "test:full": "./scripts/test-with-anvil.sh",
+    "test:full:keep": "./scripts/test-with-anvil.sh --keep-running"
   },
   "dependencies": {
     "@fastify/swagger": "^8.12.0",

kms/auth-eth/broadcast/Deploy.s.sol/31337/run-1753703062.json

@@ -0,0 +1,159 @@
+#!/bin/bash
+# Complete local testing workflow with Anvil
+
+set -e
+
+echo "🔧 Starting complete local testing workflow..."
+
+# Check if anvil is available
+if ! command -v anvil &> /dev/null; then
+    echo "❌ Error: anvil not found. Install Foundry first:"
+    echo "curl -L https://foundry.paradigm.xyz | bash"
+    echo "foundryup"
+    exit 1
+fi
+
+# Clean up any existing processes
+echo "🧹 Cleaning up existing processes..."
+pkill -f "anvil" || true
+pkill -f "ts-node src/main.ts" || true
+sleep 1
+
+# Start Anvil in the background
+echo "🚀 Starting Anvil local node..."
+anvil --host 0.0.0.0 --port 8545 --accounts 10 --balance 1000 > anvil.log 2>&1 &
+ANVIL_PID=$!
+
+# Wait for Anvil to start
+echo "⏳ Waiting for Anvil to start..."
+sleep 3
+
+# Deploy contracts
+echo "📦 Deploying contracts..."
+PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 \
+ETHERSCAN_API_KEY=dummy \
+forge script script/Deploy.s.sol:DeployScript --broadcast --rpc-url http://127.0.0.1:8545 > deploy.log 2>&1
+
+if [ $? -ne 0 ]; then
+    echo "❌ Contract deployment failed. Check deploy.log"
+    kill $ANVIL_PID
+    exit 1
+fi
+
+# Extract contract addresses from deployment logs  
+KMS_ADDR=$(grep "DstackKms proxy deployed to:" deploy.log | awk '{print $NF}' || echo "")
+
+if [ -z "$KMS_ADDR" ]; then
+    echo "❌ Could not extract KMS contract address from deployment"
+    echo "💡 Check deploy.log for deployment details"
+    kill $ANVIL_PID
+    exit 1
+fi
+
+echo "✅ Contracts deployed!"
+echo "   KMS Address: $KMS_ADDR"
+
+# Set environment variables
+export ETH_RPC_URL=http://127.0.0.1:8545
+export KMS_CONTRACT_ADDR=$KMS_ADDR
+
+# Build TypeScript
+echo "🔨 Building TypeScript..."
+npm run build
+
+# Start the API server in background
+echo "🌐 Starting API server..."
+npm run dev > server.log 2>&1 &
+SERVER_PID=$!
+
+# Wait for server to start
+echo "⏳ Waiting for API server to start..."
+sleep 5
+
+# Test the API
+echo "🧪 Testing API endpoints..."
+
+# Inline API test
+node -e "
+const mockBootInfo = {
+  tcbStatus: 'UpToDate',
+  advisoryIds: [],
+  mrAggregated: '0x1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef',
+  osImageHash: '0xabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcd',
+  mrSystem: '0x9012901290129012901290129012901290129012901290129012901290129012',
+  appId: '0x9012345678901234567890123456789012345678',
+  composeHash: '0xabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcd',
+  instanceId: '0x3456789012345678901234567890123456789012',
+  deviceId: '0xef12ef12ef12ef12ef12ef12ef12ef12ef12ef12ef12ef12ef12ef12ef12ef12'
+};
+
+async function testAPI() {
+  const baseUrl = 'http://127.0.0.1:8000';
+  console.log('1️⃣ Health check...');
+  const health = await fetch(baseUrl + '/');
+  console.log('   Status:', health.status);
+  
+  console.log('2️⃣ App authorization...');  
+  const app = await fetch(baseUrl + '/bootAuth/app', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(mockBootInfo)
+  });
+  console.log('   Status:', app.status);
+  
+  console.log('3️⃣ KMS authorization...');
+  const kms = await fetch(baseUrl + '/bootAuth/kms', {
+    method: 'POST', 
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(mockBootInfo)
+  });
+  console.log('   Status:', kms.status);
+  
+  console.log('4️⃣ Invalid request...');
+  const invalid = await fetch(baseUrl + '/bootAuth/app', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ mrAggregated: '0x1234' })
+  });
+  console.log('   Status:', invalid.status);
+}
+
+testAPI().then(() => console.log('✅ API tests completed!')).catch(console.error);
+""
+
+echo ""
+echo "✅ All tests completed successfully!"
+echo ""
+echo "📊 Services running:"
+echo "   Anvil: PID $ANVIL_PID (http://127.0.0.1:8545)"
+echo "   API Server: PID $SERVER_PID (http://127.0.0.1:8000)"
+echo "   KMS Contract: $KMS_ADDR"
+echo ""
+echo "🔍 Logs available in:"
+echo "   Anvil: anvil.log"
+echo "   Deployment: deploy.log" 
+echo "   Server: server.log"
+echo ""
+echo "🛑 To stop services:"
+echo "   kill $ANVIL_PID $SERVER_PID"
+
+# Function to cleanup on exit
+cleanup() {
+    echo ""
+    echo "🛑 Stopping services..."
+    kill $ANVIL_PID $SERVER_PID 2>/dev/null || true
+    echo "✅ Cleanup completed"
+}
+
+# Set trap to cleanup on script exit
+trap cleanup EXIT
+
+# Keep script running or exit based on argument
+if [ "$1" = "--keep-running" ]; then
+    echo "🔄 Services will keep running. Press Ctrl+C to stop."
+    wait
+else
+    echo "ℹ️  Use '--keep-running' to keep services running"
+    echo "🛑 Stopping services in 10 seconds..."
+    sleep 10
+fi