chore: add deprecated flags to force early crash when used (#165)

* chore: add deprecated flags to force early crash when used * flags: update memstore flags category description * flags: add verifier deprecated flags + fix some other small things * flags: add deprecation warnings to old memstore flag env-vars * lint: fix lint warning * flags: remove wait_for_finalization from deprecated flags didn't exist before, so shouldnt be deprecated - its a new flag * flags: cleaner deprecated warning (env var appears without surrounding []) * flags: change withEnvPrefix to return single string for better deprecated error msgs * fix: lint caught bug * opsec: prevent private key from being logged
Layr-Labs · Oct 7, 2024 · ded08b0 · ded08b0
1 parent 480324a
commit ded08b0
Show file tree

Hide file tree

Showing 7 changed files with 378 additions and 59 deletions.
diff --git a/cmd/server/entrypoint.go b/cmd/server/entrypoint.go
@@ -8,6 +8,7 @@ import (
 	"github.com/Layr-Labs/eigenda-proxy/flags"
 	"github.com/Layr-Labs/eigenda-proxy/metrics"
 	"github.com/Layr-Labs/eigenda-proxy/server"
+	"github.com/ethereum/go-ethereum/log"
 	"github.com/urfave/cli/v2"
 
 	"github.com/ethereum-optimism/optimism/op-service/ctxinterrupt"
@@ -23,14 +24,13 @@ func StartProxySvr(cliCtx *cli.Context) error {
 	if err := cfg.Check(); err != nil {
 		return err
 	}
-	ctx, ctxCancel := context.WithCancel(cliCtx.Context)
-	defer ctxCancel()
-
-	configJSON, err := json.MarshalIndent(cfg, "", "  ")
+	err := prettyPrintConfig(cliCtx, log)
 	if err != nil {
-		return fmt.Errorf("failed to marshal config: %w", err)
+		return fmt.Errorf("failed to pretty print config: %w", err)
 	}
-	log.Info(fmt.Sprintf("Initializing EigenDA proxy server with config: %v", string(configJSON)))
+
+	ctx, ctxCancel := context.WithCancel(cliCtx.Context)
+	defer ctxCancel()
 
 	daRouter, err := server.LoadStoreRouter(ctx, cfg, log)
 	if err != nil {
@@ -70,3 +70,18 @@ func StartProxySvr(cliCtx *cli.Context) error {
 
 	return ctxinterrupt.Wait(cliCtx.Context)
 }
+
+// TODO: we should probably just change EdaClientConfig struct definition in eigenda-client
+// to have a `json:"-"` tag on the SignerPrivateKeyHex field, to prevent the privateKey from being marshaled at all
+func prettyPrintConfig(cliCtx *cli.Context, log log.Logger) error {
+	// we read a new config which we modify to hide private info in order to log the rest
+	cfg := server.ReadCLIConfig(cliCtx)
+	cfg.EigenDAConfig.EdaClientConfig.SignerPrivateKeyHex = "<HIDDEN>"
+
+	configJSON, err := json.MarshalIndent(cfg, "", "  ")
+	if err != nil {
+		return fmt.Errorf("failed to marshal config: %w", err)
+	}
+	log.Info(fmt.Sprintf("Initializing EigenDA proxy server with config: %v", string(configJSON)))
+	return nil
+}
diff --git a/flags/eigendaflags/cli.go b/flags/eigendaflags/cli.go
@@ -27,8 +27,8 @@ func withFlagPrefix(s string) string {
 	return "eigenda." + s
 }
 
-func withEnvPrefix(envPrefix, s string) []string {
-	return []string{envPrefix + "_EIGENDA_" + s}
+func withEnvPrefix(envPrefix, s string) string {
+	return envPrefix + "_EIGENDA_" + s
 }
 
 // CLIFlags ... used for EigenDA client configuration
@@ -37,68 +37,68 @@ func CLIFlags(envPrefix, category string) []cli.Flag {
 		&cli.StringFlag{
 			Name:     DisperserRPCFlagName,
 			Usage:    "RPC endpoint of the EigenDA disperser.",
-			EnvVars:  withEnvPrefix(envPrefix, "DISPERSER_RPC"),
+			EnvVars:  []string{withEnvPrefix(envPrefix, "DISPERSER_RPC")},
 			Category: category,
 		},
 		&cli.DurationFlag{
 			Name:     StatusQueryTimeoutFlagName,
 			Usage:    "Duration to wait for a blob to finalize after being sent for dispersal. Default is 30 minutes.",
 			Value:    30 * time.Minute,
-			EnvVars:  withEnvPrefix(envPrefix, "STATUS_QUERY_TIMEOUT"),
+			EnvVars:  []string{withEnvPrefix(envPrefix, "STATUS_QUERY_TIMEOUT")},
 			Category: category,
 		},
 		&cli.DurationFlag{
 			Name:     StatusQueryRetryIntervalFlagName,
 			Usage:    "Interval between retries when awaiting network blob finalization. Default is 5 seconds.",
 			Value:    5 * time.Second,
-			EnvVars:  withEnvPrefix(envPrefix, "STATUS_QUERY_INTERVAL"),
+			EnvVars:  []string{withEnvPrefix(envPrefix, "STATUS_QUERY_INTERVAL")},
 			Category: category,
 		},
 		&cli.BoolFlag{
 			Name:     DisableTLSFlagName,
 			Usage:    "Disable TLS for gRPC communication with the EigenDA disperser. Default is false.",
 			Value:    false,
-			EnvVars:  withEnvPrefix(envPrefix, "GRPC_DISABLE_TLS"),
+			EnvVars:  []string{withEnvPrefix(envPrefix, "GRPC_DISABLE_TLS")},
 			Category: category,
 		},
 		&cli.DurationFlag{
 			Name:     ResponseTimeoutFlagName,
 			Usage:    "Total time to wait for a response from the EigenDA disperser. Default is 60 seconds.",
 			Value:    60 * time.Second,
-			EnvVars:  withEnvPrefix(envPrefix, "RESPONSE_TIMEOUT"),
+			EnvVars:  []string{withEnvPrefix(envPrefix, "RESPONSE_TIMEOUT")},
 			Category: category,
 		},
 		&cli.UintSliceFlag{
 			Name:     CustomQuorumIDsFlagName,
 			Usage:    "Custom quorum IDs for writing blobs. Should not include default quorums 0 or 1.",
 			Value:    cli.NewUintSlice(),
-			EnvVars:  withEnvPrefix(envPrefix, "CUSTOM_QUORUM_IDS"),
+			EnvVars:  []string{withEnvPrefix(envPrefix, "CUSTOM_QUORUM_IDS")},
 			Category: category,
 		},
 		&cli.StringFlag{
 			Name:     SignerPrivateKeyHexFlagName,
 			Usage:    "Hex-encoded signer private key. This key should not be associated with an Ethereum address holding any funds.",
-			EnvVars:  withEnvPrefix(envPrefix, "SIGNER_PRIVATE_KEY_HEX"),
+			EnvVars:  []string{withEnvPrefix(envPrefix, "SIGNER_PRIVATE_KEY_HEX")},
 			Category: category,
 		},
 		&cli.UintFlag{
 			Name:     PutBlobEncodingVersionFlagName,
 			Usage:    "Blob encoding version to use when writing blobs from the high-level interface.",
-			EnvVars:  withEnvPrefix(envPrefix, "PUT_BLOB_ENCODING_VERSION"),
+			EnvVars:  []string{withEnvPrefix(envPrefix, "PUT_BLOB_ENCODING_VERSION")},
 			Value:    0,
 			Category: category,
 		},
 		&cli.BoolFlag{
 			Name:     DisablePointVerificationModeFlagName,
 			Usage:    "Disable point verification mode. This mode performs IFFT on data before writing and FFT on data after reading. Disabling requires supplying the entire blob for verification against the KZG commitment.",
-			EnvVars:  withEnvPrefix(envPrefix, "DISABLE_POINT_VERIFICATION_MODE"),
+			EnvVars:  []string{withEnvPrefix(envPrefix, "DISABLE_POINT_VERIFICATION_MODE")},
 			Value:    false,
 			Category: category,
 		},
 		&cli.BoolFlag{
 			Name:     WaitForFinalizationFlagName,
 			Usage:    "Wait for blob finalization before returning from PutBlob.",
-			EnvVars:  withEnvPrefix(envPrefix, "WAIT_FOR_FINALIZATION"),
+			EnvVars:  []string{withEnvPrefix(envPrefix, "WAIT_FOR_FINALIZATION")},
 			Value:    false,
 			Category: category,
 		},

diff --git a/flags/eigendaflags/deprecated.go b/flags/eigendaflags/deprecated.go
@@ -0,0 +1,145 @@
+package eigendaflags
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/urfave/cli/v2"
+)
+
+// All of these flags are deprecated and will be removed in release v2.0.0
+// we leave them here with actions that crash the program to ensure they are not used,
+// and to make it easier for users to find the new flags (instead of silently crashing late during execution
+// because some flag's env var was changed but the user forgot to update it)
+var (
+	DeprecatedDisperserRPCFlagName                 = withDeprecatedFlagPrefix("disperser-rpc")
+	DeprecatedStatusQueryRetryIntervalFlagName     = withDeprecatedFlagPrefix("status-query-retry-interval")
+	DeprecatedStatusQueryTimeoutFlagName           = withDeprecatedFlagPrefix("status-query-timeout")
+	DeprecatedDisableTLSFlagName                   = withDeprecatedFlagPrefix("disable-tls")
+	DeprecatedResponseTimeoutFlagName              = withDeprecatedFlagPrefix("response-timeout")
+	DeprecatedCustomQuorumIDsFlagName              = withDeprecatedFlagPrefix("custom-quorum-ids")
+	DeprecatedSignerPrivateKeyHexFlagName          = withDeprecatedFlagPrefix("signer-private-key-hex")
+	DeprecatedPutBlobEncodingVersionFlagName       = withDeprecatedFlagPrefix("put-blob-encoding-version")
+	DeprecatedDisablePointVerificationModeFlagName = withDeprecatedFlagPrefix("disable-point-verification-mode")
+	DeprecatedWaitForFinalizationFlagName          = withDeprecatedFlagPrefix("wait-for-finalization")
+)
+
+func withDeprecatedFlagPrefix(s string) string {
+	return "eigenda-" + s
+}
+
+func withDeprecatedEnvPrefix(envPrefix, s string) string {
+	return envPrefix + "_" + s
+}
+
+// CLIFlags ... used for EigenDA client configuration
+func DeprecatedCLIFlags(envPrefix, category string) []cli.Flag {
+	return []cli.Flag{
+		&cli.StringFlag{
+			Name:     DeprecatedDisperserRPCFlagName,
+			Usage:    "RPC endpoint of the EigenDA disperser.",
+			EnvVars:  []string{withDeprecatedEnvPrefix(envPrefix, "DISPERSER_RPC")},
+			Category: category,
+			Action: func(*cli.Context, string) error {
+				return fmt.Errorf("flag --%s (env var %s) is deprecated, use --%s (env var %s) instead",
+					DeprecatedDisperserRPCFlagName, withDeprecatedEnvPrefix(envPrefix, "DISPERSER_RPC"),
+					DisperserRPCFlagName, withEnvPrefix(envPrefix, "DISPERSER_RPC"))
+			},
+		},
+		&cli.DurationFlag{
+			Name:     DeprecatedStatusQueryTimeoutFlagName,
+			Usage:    "Duration to wait for a blob to finalize after being sent for dispersal. Default is 30 minutes.",
+			Value:    30 * time.Minute,
+			EnvVars:  []string{withDeprecatedEnvPrefix(envPrefix, "STATUS_QUERY_TIMEOUT")},
+			Category: category,
+			Action: func(*cli.Context, time.Duration) error {
+				return fmt.Errorf("flag --%s (env var %s) is deprecated, use --%s (env var %s) instead",
+					DeprecatedStatusQueryTimeoutFlagName, withDeprecatedEnvPrefix(envPrefix, "STATUS_QUERY_TIMEOUT"),
+					StatusQueryTimeoutFlagName, withEnvPrefix(envPrefix, "STATUS_QUERY_TIMEOUT"))
+			},
+		},
+		&cli.DurationFlag{
+			Name:     DeprecatedStatusQueryRetryIntervalFlagName,
+			Usage:    "Interval between retries when awaiting network blob finalization. Default is 5 seconds.",
+			Value:    5 * time.Second,
+			EnvVars:  []string{withDeprecatedEnvPrefix(envPrefix, "STATUS_QUERY_INTERVAL")},
+			Category: category,
+			Action: func(*cli.Context, time.Duration) error {
+				return fmt.Errorf("flag --%s (env var %s) is deprecated, use --%s (env var %s) instead",
+					DeprecatedStatusQueryRetryIntervalFlagName, withDeprecatedEnvPrefix(envPrefix, "STATUS_QUERY_INTERVAL"),
+					StatusQueryRetryIntervalFlagName, withEnvPrefix(envPrefix, "STATUS_QUERY_INTERVAL"))
+			},
+		},
+		&cli.BoolFlag{
+			Name:     DeprecatedDisableTLSFlagName,
+			Usage:    "Disable TLS for gRPC communication with the EigenDA disperser. Default is false.",
+			Value:    false,
+			EnvVars:  []string{withDeprecatedEnvPrefix(envPrefix, "GRPC_DISABLE_TLS")},
+			Category: category,
+			Action: func(*cli.Context, bool) error {
+				return fmt.Errorf("flag --%s (env var %s) is deprecated, use --%s (env var %s) instead",
+					DeprecatedDisableTLSFlagName, withDeprecatedEnvPrefix(envPrefix, "GRPC_DISABLE_TLS"),
+					DisableTLSFlagName, withEnvPrefix(envPrefix, "GRPC_DISABLE_TLS"))
+			},
+		},
+		&cli.DurationFlag{
+			Name:     DeprecatedResponseTimeoutFlagName,
+			Usage:    "Total time to wait for a response from the EigenDA disperser. Default is 60 seconds.",
+			Value:    60 * time.Second,
+			EnvVars:  []string{withDeprecatedEnvPrefix(envPrefix, "RESPONSE_TIMEOUT")},
+			Category: category,
+			Action: func(*cli.Context, time.Duration) error {
+				return fmt.Errorf("flag --%s (env var %s) is deprecated, use --%s (env var %s) instead",
+					DeprecatedResponseTimeoutFlagName, withDeprecatedEnvPrefix(envPrefix, "RESPONSE_TIMEOUT"),
+					ResponseTimeoutFlagName, withEnvPrefix(envPrefix, "RESPONSE_TIMEOUT"))
+			},
+		},
+		&cli.UintSliceFlag{
+			Name:     DeprecatedCustomQuorumIDsFlagName,
+			Usage:    "Custom quorum IDs for writing blobs. Should not include default quorums 0 or 1.",
+			Value:    cli.NewUintSlice(),
+			EnvVars:  []string{withDeprecatedEnvPrefix(envPrefix, "CUSTOM_QUORUM_IDS")},
+			Category: category,
+			Action: func(*cli.Context, []uint) error {
+				return fmt.Errorf("flag --%s (env var %s) is deprecated, use --%s (env var %s) instead",
+					DeprecatedCustomQuorumIDsFlagName, withDeprecatedEnvPrefix(envPrefix, "CUSTOM_QUORUM_IDS"),
+					CustomQuorumIDsFlagName, withEnvPrefix(envPrefix, "CUSTOM_QUORUM_IDS"))
+			},
+		},
+		&cli.StringFlag{
+			Name:     DeprecatedSignerPrivateKeyHexFlagName,
+			Usage:    "Hex-encoded signer private key. This key should not be associated with an Ethereum address holding any funds.",
+			EnvVars:  []string{withDeprecatedEnvPrefix(envPrefix, "SIGNER_PRIVATE_KEY_HEX")},
+			Category: category,
+			Action: func(*cli.Context, string) error {
+				return fmt.Errorf("flag --%s (env var %s) is deprecated, use --%s (env var %s) instead",
+					DeprecatedSignerPrivateKeyHexFlagName, withDeprecatedEnvPrefix(envPrefix, "SIGNER_PRIVATE_KEY_HEX"),
+					SignerPrivateKeyHexFlagName, withEnvPrefix(envPrefix, "SIGNER_PRIVATE_KEY_HEX"))
+			},
+		},
+		&cli.UintFlag{
+			Name:     DeprecatedPutBlobEncodingVersionFlagName,
+			Usage:    "Blob encoding version to use when writing blobs from the high-level interface.",
+			EnvVars:  []string{withDeprecatedEnvPrefix(envPrefix, "PUT_BLOB_ENCODING_VERSION")},
+			Value:    0,
+			Category: category,
+			Action: func(*cli.Context, uint) error {
+				return fmt.Errorf("flag --%s (env var %s) is deprecated, use --%s (env var %s) instead",
+					DeprecatedPutBlobEncodingVersionFlagName, withDeprecatedEnvPrefix(envPrefix, "PUT_BLOB_ENCODING_VERSION"),
+					PutBlobEncodingVersionFlagName, withEnvPrefix(envPrefix, "PUT_BLOB_ENCODING_VERSION"))
+			},
+		},
+		&cli.BoolFlag{
+			Name:     DeprecatedDisablePointVerificationModeFlagName,
+			Usage:    "Disable point verification mode. This mode performs IFFT on data before writing and FFT on data after reading. Disabling requires supplying the entire blob for verification against the KZG commitment.",
+			EnvVars:  []string{withDeprecatedEnvPrefix(envPrefix, "DISABLE_POINT_VERIFICATION_MODE")},
+			Value:    false,
+			Category: category,
+			Action: func(*cli.Context, bool) error {
+				return fmt.Errorf("flag --%s (env var %s) is deprecated, use --%s (env var %s) instead",
+					DeprecatedDisablePointVerificationModeFlagName, withDeprecatedEnvPrefix(envPrefix, "DISABLE_POINT_VERIFICATION_MODE"),
+					DisablePointVerificationModeFlagName, withEnvPrefix(envPrefix, "DISABLE_POINT_VERIFICATION_MODE"))
+			},
+		},
+	}
+}
diff --git a/flags/flags.go b/flags/flags.go
@@ -14,11 +14,13 @@ import (
 )
 
 const (
-	EigenDAClientCategory = "EigenDA Client"
-	MemstoreFlagsCategory = "Memstore (replaces EigenDA when enabled)"
-	RedisCategory         = "Redis Cache/Fallback"
-	S3Category            = "S3 Cache/Fallback"
-	VerifierCategory      = "KZG and Cert Verifier"
+	EigenDAClientCategory      = "EigenDA Client"
+	EigenDADeprecatedCategory  = "DEPRECATED EIGENDA CLIENT FLAGS -- THESE WILL BE REMOVED IN V2.0.0"
+	MemstoreFlagsCategory      = "Memstore (for testing purposes - replaces EigenDA backend)"
+	RedisCategory              = "Redis Cache/Fallback"
+	S3Category                 = "S3 Cache/Fallback"
+	VerifierCategory           = "KZG and Cert Verifier"
+	VerifierDeprecatedCategory = "DEPRECATED VERIFIER FLAGS -- THESE WILL BE REMOVED IN V2.0.0"
 )
 
 const (
@@ -76,8 +78,10 @@ func init() {
 	Flags = append(Flags, oplog.CLIFlags(EnvVarPrefix)...)
 	Flags = append(Flags, opmetrics.CLIFlags(EnvVarPrefix)...)
 	Flags = append(Flags, eigendaflags.CLIFlags(EnvVarPrefix, EigenDAClientCategory)...)
+	Flags = append(Flags, eigendaflags.DeprecatedCLIFlags(EnvVarPrefix, EigenDADeprecatedCategory)...)
 	Flags = append(Flags, redis.CLIFlags(EnvVarPrefix, RedisCategory)...)
 	Flags = append(Flags, s3.CLIFlags(EnvVarPrefix, S3Category)...)
 	Flags = append(Flags, memstore.CLIFlags(EnvVarPrefix, MemstoreFlagsCategory)...)
 	Flags = append(Flags, verify.CLIFlags(EnvVarPrefix, VerifierCategory)...)
+	Flags = append(Flags, verify.DeprecatedCLIFlags(EnvVarPrefix, VerifierDeprecatedCategory)...)
 }
diff --git a/store/generated_key/memstore/cli.go b/store/generated_key/memstore/cli.go
@@ -1,6 +1,8 @@
 package memstore
 
 import (
+	"fmt"
+	"os"
 	"time"
 
 	"github.com/Layr-Labs/eigenda-proxy/verify"
@@ -18,39 +20,63 @@ func withFlagPrefix(s string) string {
 	return "memstore." + s
 }
 
-func withEnvPrefix(envPrefix, s string) []string {
-	return []string{envPrefix + "_MEMSTORE_" + s}
+func withEnvPrefix(envPrefix, s string) string {
+	return envPrefix + "_MEMSTORE_" + s
 }
 
-// CLIFlags ... used for Redis backend configuration
+// if these deprecated env vars are used, we force the user to update their config
+// in the flags' actions
+func withDeprecatedEnvPrefix(_, s string) string {
+	return "MEMSTORE_" + s
+}
+
+// CLIFlags ... used for memstore backend configuration
 // category is used to group the flags in the help output (see https://cli.urfave.org/v2/examples/flags/#grouping)
 func CLIFlags(envPrefix, category string) []cli.Flag {
 	return []cli.Flag{
 		&cli.BoolFlag{
 			Name:     EnabledFlagName,
-			Usage:    "Whether to use mem-store for DA logic.",
-			EnvVars:  withEnvPrefix(envPrefix, "ENABLED"),
+			Usage:    "Whether to use memstore for DA logic.",
+			EnvVars:  []string{withEnvPrefix(envPrefix, "ENABLED"), withDeprecatedEnvPrefix(envPrefix, "ENABLED")},
 			Category: category,
+			Action: func(_ *cli.Context, _ bool) error {
+				if _, ok := os.LookupEnv(withDeprecatedEnvPrefix(envPrefix, "ENABLED")); ok {
+					return fmt.Errorf("env var %s is deprecated for flag %s, use %s instead",
+						withDeprecatedEnvPrefix(envPrefix, "ENABLED"),
+						EnabledFlagName,
+						withEnvPrefix(envPrefix, "ENABLED"))
+				}
+				return nil
+			},
 		},
 		&cli.DurationFlag{
 			Name:     ExpirationFlagName,
 			Usage:    "Duration that a memstore blob/commitment pair is allowed to live.",
 			Value:    25 * time.Minute,
-			EnvVars:  withEnvPrefix(envPrefix, "EXPIRATION"),
+			EnvVars:  []string{withEnvPrefix(envPrefix, "EXPIRATION"), withDeprecatedEnvPrefix(envPrefix, "EXPIRATION")},
 			Category: category,
+			Action: func(_ *cli.Context, _ time.Duration) error {
+				if _, ok := os.LookupEnv(withDeprecatedEnvPrefix(envPrefix, "EXPIRATION")); ok {
+					return fmt.Errorf("env var %s is deprecated for flag %s, use %s instead",
+						withDeprecatedEnvPrefix(envPrefix, "EXPIRATION"),
+						ExpirationFlagName,
+						withEnvPrefix(envPrefix, "EXPIRATION"))
+				}
+				return nil
+			},
 		},
 		&cli.DurationFlag{
 			Name:     PutLatencyFlagName,
 			Usage:    "Artificial latency added for memstore backend to mimic EigenDA's dispersal latency.",
 			Value:    0,
-			EnvVars:  withEnvPrefix(envPrefix, "PUT_LATENCY"),
+			EnvVars:  []string{withEnvPrefix(envPrefix, "PUT_LATENCY")},
 			Category: category,
 		},
 		&cli.DurationFlag{
 			Name:     GetLatencyFlagName,
 			Usage:    "Artificial latency added for memstore backend to mimic EigenDA's retrieval latency.",
 			Value:    0,
-			EnvVars:  withEnvPrefix(envPrefix, "GET_LATENCY"),
+			EnvVars:  []string{withEnvPrefix(envPrefix, "GET_LATENCY")},
 			Category: category,
 		},
 	}