Automated DKG Init

.github/.env.lynx.act

@@ -0,0 +1,10 @@
+ACTIONS_RUNTIME_TOKEN=dummy
+ACTIONS_RUNTIME_URL=dummy ACT=true act
+DKG_INITIATOR_ADDRESS=0x3B42d26E19FF860bC4dEbB920DD8caA53F93c600
+DKG_AUTHORITY_ADDRESS=0x3B42d26E19FF860bC4dEbB920DD8caA53F93c600
+ECOSYSTEM=polygon
+NETWORK=amoy
+DOMAIN=lynx
+DURATION=86400
+ACCESS_CONTROLLER=GlobalAllowList
+FEE_MODEL=0x14EB9BB700E45D2Ee9233056b8cc341276c688Ba

.github/.secrets.act.template

@@ -0,0 +1,5 @@
+DKG_INITIATOR_PRIVATE_KEY=
+DKG_INITIATOR_PASSPHRASE=
+RPC_PROVIDER=
+WEB3_INFURA_API_KEY=
+POLYGONSCAN_API_KEY=

.github/README.md

@@ -0,0 +1,18 @@
+# How to run the DKG workflow locally with act
+
+To run the DKG workflow locally, you need to have act installed. 
+
+https://github.com/nektos/act
+
+Verify the values in `.env.lynx.act` and `.secrets` file completed with the 
+necessary environment variables (see the template files in the same directory `.secrets.act.template`).
+
+Then you can run the following command:
+
+```bash
+act workflow_dispatch -j initiate_dkg \
+--env-file .github/.env.lynx.act \
+--secret-file .github/.secrets \
+--container-architecture linux/amd64 \
+--artifact-server-path /tmp/artifacts
+```

.github/scripts/import_account.py

@@ -0,0 +1,26 @@
+#!/usr/bin/env python3
+
+import os
+
+from ape_accounts import import_account_from_private_key
+
+
+def main():
+    try:
+        passphrase = os.environ["DKG_INITIATOR_PASSPHRASE"]
+        private_key = os.environ["DKG_INITIATOR_PRIVATE_KEY"]
+    except KeyError:
+        raise Exception(
+            "There are missing environment variables."
+            "Please set DKG_INITIATOR_PASSPHRASE and DKG_INITIATOR_PRIVATE_KEY."
+        )
+    account = import_account_from_private_key(
+        'automation',
+        passphrase,
+        private_key
+    )
+    print(f"Account imported: {account.address}")
+
+
+if __name__ == '__main__':
+    main()

.github/scripts/initiate_dkg.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+echo "Heartbeat: Initiate Ritual"
+
+echo "Network ${ECOSYSTEM}:${NETWORK}:${RPC_PROVIDER}"
+echo "Authority: ${DKG_AUTHORITY_ADDRESS}"
+echo "Access Controller: ${ACCESS_CONTROLLER}"
+echo "Fee Model: ${FEE_MODEL}"
+echo "Duration: ${DURATION}"
+
+ape run initiate_ritual                           \
+--heartbeat                                       \
+--auto                                            \
+--account automation                              \
+--network ${ECOSYSTEM}:${NETWORK}:${RPC_PROVIDER} \
+--domain ${DOMAIN}                                \
+--access-controller ${ACCESS_CONTROLLER}          \
+--authority ${DKG_AUTHORITY_ADDRESS}              \
+--fee-model ${FEE_MODEL}                          \
+--duration ${DURATION}                            \
+
+echo "All Heartbeat Rituals Initiated"
+

.github/workflows/heartbeat.yml

@@ -0,0 +1,56 @@
+name: Heartbeat DKG
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * 1'  # Every Monday at 00:00
+
+jobs:
+  initiate_dkg:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: '3.12.4'
+
+    - name: Install dependencies
+      run: |
+        sed -i '/^nucypher-core==/d' requirements.txt
+        pip3 install -e . -r requirements.txt
+
+    - name: Import Ape Account
+      run: .github/scripts/import_account.py
+      env:
+        DKG_INITIATOR_PRIVATE_KEY: ${{ secrets.DKG_INITIATOR_PRIVATE_KEY }}
+        DKG_INITIATOR_PASSPHRASE: ${{ secrets.DKG_INITIATOR_PASSPHRASE }}
+
+    - name: Initiate Ritual
+      run: .github/scripts/initiate_dkg.sh
+      env:
+
+        # Secret environment variables (secrets)
+        APE_ACCOUNTS_automation_PASSPHRASE: ${{ secrets.DKG_INITIATOR_PASSPHRASE }}
+        RPC_PROVIDER: ${{ secrets.RPC_PROVIDER }}
+        WEB3_INFURA_API_KEY: ${{ secrets.WEB3_INFURA_API_KEY }}
+        POLYGONSCAN_API_KEY: ${{ secrets.POLYGONSCAN_API_KEY }}
+
+        # Non-secret environment variables (config)
+        DKG_INITIATOR_ADDRESS: ${{ vars.DKG_INITIATOR_ADDRESS }}
+        DKG_AUTHORITY_ADDRESS: ${{ vars.DKG_AUTHORITY_ADDRESS }}
+        DOMAIN: ${{ vars.DOMAIN }}
+        NETWORK: ${{ vars.NETWORK }}
+        ECOSYSTEM: ${{ vars.ECOSYSTEM }}
+        ACCESS_CONTROLLER: ${{ vars.ACCESS_CONTROLLER }}
+        FEE_MODEL: ${{ vars.FEE_MODEL }}
+        DURATION: ${{ vars.DURATION }}
+
+    - name: Upload Artifact
+      uses: actions/upload-artifact@v3
+      with:
+        name: heartbeat-rituals
+        path: heartbeat-rituals.json

.gitignore

@@ -17,3 +17,4 @@ env
 .cache/
 dist/
 .cosine/
+.github/.secrets

deployment/constants.py

@@ -62,3 +62,5 @@
     LYNX: "https://porter-lynx.nucypher.io/get_ursulas",
     TAPIR: "https://porter-tapir.nucypher.io/get_ursulas",
 }
+
+HEARTBEAT_ARTIFACT_FILENAME = "heartbeat-rituals.json"

deployment/params.py

@@ -9,6 +9,7 @@
 from ape.cli.choices import select_account
 from ape.contracts.base import ContractContainer, ContractInstance, ContractTransactionHandler
 from ape.utils import EMPTY_BYTES32, ZERO_ADDRESS
+from ape_test import TestAccount
 from eth_typing import ChecksumAddress
 from eth_utils import to_checksum_address
 from ethpm_types import MethodABI
@@ -480,15 +481,16 @@ class Transactor:
     Represents an ape account plus validated/annotated transaction execution.
     """
 
-    def __init__(self, account: typing.Optional[AccountAPI] = None, non_interactive: bool = False):
-        if non_interactive and not account:
-            raise ValueError("'non_interactive' can only be used if an account is provided")
-
-        self._non_interactive = non_interactive
+    def __init__(self, account: typing.Optional[AccountAPI] = None, autosign: bool = False):
         if account is None:
             self._account = select_account()
         else:
             self._account = account
+        if autosign:
+            print("WARNING: Autosign is enabled. Transactions will be signed automatically.")
+        self._autosign = autosign
+        if not isinstance(self._account, TestAccount):
+            self._account.set_autosign(autosign)
 
     def get_account(self) -> AccountAPI:
         """Returns the transactor account."""
@@ -506,8 +508,7 @@ def transact(self, method: ContractTransactionHandler, *args) -> ReceiptAPI:
         else:
             message = f"{base_message} with no arguments"
         print(message)
-
-        if not self._non_interactive:
+        if not self._autosign:
             _continue()
 
         result = method(
@@ -534,9 +535,9 @@ def __init__(
         path: Path,
         verify: bool,
         account: typing.Optional[AccountAPI] = None,
-        non_interactive: bool = False,
+        autosign: bool = False,
     ):
-        super().__init__(account, non_interactive)
+        super().__init__(account, autosign)
 
         check_plugins()
         self.path = path
@@ -554,7 +555,7 @@ def __init__(
         self.verify = verify
         self._print_deployment_info()
 
-        if not self._non_interactive:
+        if not self._autosign:
             # Confirms the start of the deployment.
             _continue()
 
@@ -597,7 +598,7 @@ def _deploy_contract(
         self, container: ContractContainer, resolved_params: OrderedDict
     ) -> ContractInstance:
         contract_name = container.contract_type.name
-        if not self._non_interactive:
+        if not self._autosign:
             _confirm_resolution(resolved_params, contract_name)
         deployment_params = [container, *resolved_params.values()]
         kwargs = self._get_kwargs()

deployment/utils.py

@@ -1,13 +1,15 @@
 import json
 import os
+from itertools import zip_longest
 from pathlib import Path
-from typing import Dict, List, Optional
+from typing import Dict, List, Optional, Tuple
 
 import requests
 import yaml
 from ape import networks, project
 from ape.contracts import ContractContainer, ContractInstance
 from ape_etherscan.utils import API_KEY_ENV_KEY_MAP
+from eth_utils import to_checksum_address, to_int
 
 from deployment.constants import ARTIFACTS_DIR, MAINNET, PORTER_SAMPLING_ENDPOINTS
 from deployment.networks import is_local_network
@@ -71,7 +73,9 @@ def validate_config(config: Dict) -> Path:
 
     registry_chain_ids = map(int, _load_json(registry_filepath).keys())
     if config_chain_id in registry_chain_ids:
-        raise ValueError(f"Deployment is already published for chain_id {config_chain_id}.")
+        raise ValueError(
+            f"Deployment is already published for chain_id {config_chain_id}."
+        )
 
     return registry_filepath
 
@@ -99,7 +103,7 @@ def check_infura_plugin() -> None:
     """Checks that the ape-infura plugin is installed."""
     if is_local_network():
         return  # unnecessary for local deployment
-    if networks.provider.name != 'infura':
+    if networks.provider.name != "infura":
         return  # unnecessary when using a provider different than infura
     try:
         import ape_infura  # noqa: F401
@@ -205,3 +209,46 @@ def sample_nodes(
 
     result = sorted(ursulas, key=lambda x: x.lower())
     return result
+
+
+def _generate_heartbeat_cohorts(addresses: List[str]) -> Tuple[Tuple[str, ...], ...]:
+    """
+    In the realm of addresses, where keys unlock boundless potential,
+    we gather them, two by two, like travelers on a shared path.
+    Yet, should a lone wanderer remain, we weave them into a final trio—
+    a constellation of three, shimmering in quiet order.
+§
+    Each group, a harmony of case-insensitive sequence,
+    arranged with care, untouched in form, yet softened in placement.
+
+    No address stands alone. No ledger is left incomplete.
+    """
+    if not addresses:
+        raise ValueError("The list of Ethereum addresses cannot be empty.")
+
+    # Form pairs, stepping in twos, embracing a final trio if needed
+    groups = [tuple(addresses[i: i + 2]) for i in range(0, len(addresses) - 1, 2)]
+
+    # If unpaired, merge the last two into a final trio
+    if len(addresses) % 2:
+        groups[-1] += (addresses[-1],)
+
+    # Return each group in case-insensitive order, immutable as stone
+    return tuple(map(lambda group: tuple(sorted(group, key=str.lower)), groups))
+
+
+def get_heartbeat_cohorts(taco_application: ContractContainer) -> Tuple[Tuple[str, ...], ...]:
+    data = taco_application.getActiveStakingProviders(
+        0,  # start index
+        1000,  # max number of staking providers
+        1,  # min duration of staking
+    )
+    staked, staking_providers_info = data
+    staking_providers = dict()
+    for info in staking_providers_info:
+        staking_provider_address = to_checksum_address(info[0:20])
+        staking_provider_authorized_tokens = to_int(info[20:32])
+        staking_providers[staking_provider_address] = staking_provider_authorized_tokens
+
+    cohorts = _generate_heartbeat_cohorts(list(staking_providers))
+    return cohorts

scripts/ci/deploy_child.py

@@ -16,7 +16,7 @@ def main():
             filepath=CONSTRUCTOR_PARAMS_FILEPATH,
             verify=VERIFY,
             account=test_account,
-            non_interactive=True,
+            autosign=True,
         )
 
         mock_polygon_child = deployer.deploy(project.MockPolygonChild)