Skip to content

Commit

Permalink
Merge pull request #37 from gnosis/feat/v0.2.0
Browse files Browse the repository at this point in the history
feat: v0.2.0
  • Loading branch information
allemanfredi authored Oct 2, 2024
2 parents becd69e + 8102f2b commit 05370d9
Show file tree
Hide file tree
Showing 290 changed files with 17,227 additions and 20,342 deletions.
2 changes: 1 addition & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -14,11 +14,11 @@
**/.coverage_contracts
**/dist
**/node_modules
**/types
**/.yarn

# files
*.env
*.env-*
*.log
.pnp.*
coverage.json
Expand Down
2 changes: 1 addition & 1 deletion .husky/commit-msg
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
#!/bin/sh
. "$(dirname "$0")/_/husky.sh"

yarn dlx commitlint --edit $1
npx commitlint --edit $1
2 changes: 1 addition & 1 deletion .husky/pre-commit
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
#!/bin/sh
. "$(dirname "$0")/_/husky.sh"

yarn dlx lint-staged
npx lint-staged
1 change: 1 addition & 0 deletions .nvmrc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
v22
786 changes: 0 additions & 786 deletions .yarn/releases/yarn-3.2.1.cjs

This file was deleted.

2 changes: 0 additions & 2 deletions .yarnrc.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,3 @@ nodeLinker: node-modules
plugins:
- path: ".yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs"
spec: "@yarnpkg/plugin-interactive-tools"

yarnPath: .yarn/releases/yarn-3.2.1.cjs
91 changes: 52 additions & 39 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,18 +1,8 @@
> **⚠️ Warning ⚠️**
>
> **⚠️ This code is being actively developed and is not yet production ready.**
>
> **⚠️ DO NOT deploy this code or use deployments of this code for anything valuable.**
---

[![Github Actions][gha-badge]][gha] [![Coverage Status][coveralls-badge]][coveralls]
[![Hardhat][hardhat-badge]][hardhat] [![License: LGPL-3.0-only][license-badge]][license]

![Hashi](hashi.png)

# Hashi 橋

[coveralls]: https://coveralls.io/github/gnosis/hashi?branch=master
[coveralls-badge]: https://coveralls.io/repos/github/gnosis/hashi/badge.svg?branch=main
[gha]: https://github.com/gnosis/hashi/actions
Expand All @@ -22,14 +12,16 @@
[license]: https://www.gnu.org/licenses/lgpl-3.0.en.html
[license-badge]: https://img.shields.io/badge/License-LGPL%20v3.0-blue

# Overview

Hashi is an EVM Hash Oracle Aggregator, designed to facilitate a
[principled approach to cross-chain bridge security](https://ethresear.ch/t/a-principled-approach-to-bridges/14725?u=auryn).

The primary insight being that the vast majority of bridge-related security incidents could have had minimal impact if
the systems relying on them had built in some redundancy. In other words, it's much more secure to require messages be
validated by multiple independent mechanisms, rather than by just one.

We call this setup a **RAIHO** (Redundant Array of Independent Hash Oracles).
For detailed documentation, [read the full guide here](https://crosschain-alliance.gitbook.io/hashi). To explore the real-time cross-chain activity and block headers, visit the Hashi [Explorer](https://hashi-explorer.xyz).

## Features

Expand All @@ -51,52 +43,73 @@ We call this setup a **RAIHO** (Redundant Array of Independent Hash Oracles).
- Query for a unanimously agreed on hash from that full set of oracles.
- Query for a hash agreed upon by a threshold of oracles for a given block on a given chain; the provided oracles must all agree on the hash for the ID, must all be enabled as oracles for the given domain, and must exceed the threshold for the domain.

**GiriGiriBashi** (ギリギリ橋) allows:

- An `owner` account to:
- Initialize the set of oracles for each domain.
- Initialize the threshold of oracles that must agree on a hash for each domain.
- Replace quarantined oracle adapters.
- Set a challenge `bond` `recipient`.
- Anyone to:
- Query for a unanimously agreed on hash from that full set of oracles.
- Query for a hash agreed upon by a threshold of oracles for a given block on a given chain; the provided oracles must all agree on the hash for the ID, must all be enabled as oracles for the given domain, and must exceed the threshold for the domain.
- Challenge an oracle to report on a hash.
- Resolve a challenge, either returning the `bond` to the challenger and quarantining the given oracle, in the case that the oracle does not report in time or reports a conflicting hash, or forwarding the challenge `bond` to the `recipient`.
- Declare a state of no confidence for a given domain, forcing the domain to be re-initialized by `owner`.

**Yaho** (ヤッホー) allows users to:

- dispatch arbitrary messages via Hashi, which:
- emits the hash of arbitrary messages as events
- stores the arbitrary message in storage
- stores the hash of arbitrary message in storage
- relay previously stored messages to any number of message adapters
- dispatch messages and relay them to adapters in a single call

**Yaru** (やる) allows `owner` to:

- execute arbitrary messages passed from Yaho

**Hashi Zodiac Module** allows users to:
# Working with Hashi

- Control an avatar (like a Safe) on one chain from a `controller` address on another chain, via messages passed over hashi.
- Define an instance of Yaho which can pass it messages.
- Define a `chainId` (usually called `domain` elsewhere in this repo).
- Define a foreign `controller` address.
**Node**
This repository targets v18 of node. We recommend using [nvm](https://github.com/nvm-sh/nvm) to manage your node version.
Once installed, you should change versions automatically with the `.nvmrc` file.

Hashi's additional redundancy obviously comes with a higher gas cost, along with moving only as quickly as the slowest
oracle in a given set. However, this trade-off seems well worth it given the scope and frequency of past bridge-related
security incidents.
**Docker**
Make sure you have the correct version of [Docker](https://www.docker.com/) installed on your machine.
You may refer to `Dockerfile` under each workspace and `docker-compose.yml` on the root for more details regarding the build process.

## Audits
## Project Structure

1. `packages/common`: Common logic that will be used across multiple workspaces.
2. `packages/evm`: On chain components includes Solidity smart contracts, deploy tasks, tests. Built with [Hardhat](https://hardhat.org/).
3. `packages/executor`: A service utilized to execute messages once they have achieved consensus.
4. `packages/relayer`: A service used to relay batches of dispatched messages through Yaho to the reporter contracts.
5. `packages/reporter`: Script to call Reporter contract's `dispatchBlocks` function of different oracle from source chain to destination chain.

Hashi has been audited by the [G0 group](https://github.com/g0-group).
# Workspaces

All issues and notes of the audit have been addressed as of commit hash [9f373635](https://github.com/gnosis/hashi/tree/9f373635730b59478bf23215906fdb5ad525d3b7/packages/evm/contracts).
This monorepo uses [Yarn Workspaces](https://yarnpkg.com/features/workspaces). Installing dependencies can be done from the root directory of the repository.

- Installing dependencies

```sh
git clone https://github.com/gnosis/hashi # Clone the repo
cd hashi
nvm use
yarn install
```

## Build & Run

To build & run each packages, navigate to each package separately, check the README.md in each workspace for more details.

## Run Docker

Before running docker for the workspace, insert the correct environment variable in .env.

```sh
cp .env.example .env
```

Build & run
Run the following command to build and run all the services.

```sh
docker compose up --build
```

## Audits

The audit results are available as a [pdf in this repo](https://github.com/gnosis/hashi/blob/main/packages/evm/contracts/docs/audits/HashiMay2023.pdf).
Hashi has been audited by G0, Omega and Least Authority.

Please note, there have been changes to contract code since this audit. A subsequent audit of the changed code is pending.
The audit results can be found [here](https://crosschain-alliance.gitbook.io/hashi/meta/audits).

## Security and Liability

Expand Down
File renamed without changes.
Binary file added audits/g0-HashiMar2024.pdf
Binary file not shown.
54 changes: 54 additions & 0 deletions docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
version: "3.8"

services:
mongodb:
image: mongo:latest
container_name: mongodb
ports:
- "27017:27017"
networks:
- mongo-network
volumes:
- mongo-data:/data/db

hashi_relayer:
build:
context: .
dockerfile: packages/relayer/Dockerfile
container_name: hashi_relayer
networks:
- mongo-network
depends_on:
- mongodb

hashi_executor:
build:
context: .
dockerfile: packages/executor/Dockerfile
container_name: hashi_executor
networks:
- mongo-network
depends_on:
- mongodb

hashi_reporter:
build:
context: .
dockerfile: packages/reporter/Dockerfile
container_name: hashi_reporter

hashi_rpc:
build:
context: .
dockerfile: packages/rpc/Dockerfile
ports:
- "3000:3000"
container_name: hashi_rpc

networks:
mongo-network:
driver: bridge

volumes:
mongo-data:
driver: local
Binary file modified hashi.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
18 changes: 5 additions & 13 deletions package.json
Original file line number Diff line number Diff line change
@@ -1,23 +1,12 @@
{
"private": true,
"name": "hashi",
"description": "",
"author": {
"name": "gnosis",
"url": "https://github.com/gnosis"
},
"scripts": {
"prepare": "husky install",
"preinstall": "yarn contracts:install",
"build": "yarn contracts:build",
"test": "yarn contracts:test",
"lint": "yarn contracts:lint",
"coverage": "yarn contracts:coverage",
"contracts:install": "cd packages/evm && yarn install",
"contracts:build": "cd packages/evm && yarn build",
"contracts:test": "cd packages/evm && yarn test",
"contracts:lint": "cd packages/evm && yarn lint",
"contracts:coverage": "cd packages/evm && yarn coverage"
"prepare": "husky install"
},
"devDependencies": {
"@commitlint/cli": "^17.5.1",
Expand All @@ -26,5 +15,8 @@
"prettier": "^2.8.7",
"prettier-plugin-solidity": "^1.0.0"
},
"packageManager": "yarn@3.2.1"
"workspaces": [
"packages/*"
],
"packageManager": "yarn@1.22.22+sha512.a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e"
}
2 changes: 2 additions & 0 deletions packages/common/.eslintignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
**/dist
**/node_modules
21 changes: 21 additions & 0 deletions packages/common/.eslintrc.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
extends:
- "eslint:recommended"
- "plugin:@typescript-eslint/eslint-recommended"
- "plugin:@typescript-eslint/recommended"
- "prettier"
parser: "@typescript-eslint/parser"
parserOptions:
project: "tsconfig.json"
plugins:
- "@typescript-eslint"
root: true
rules:
"@typescript-eslint/no-floating-promises":
- error
- ignoreIIFE: true
ignoreVoid: true
"@typescript-eslint/no-inferrable-types": "off"
"@typescript-eslint/no-unused-vars":
- error
- argsIgnorePattern: "_"
varsIgnorePattern: "_"
2 changes: 2 additions & 0 deletions packages/common/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
logs/
tsconfig.tsbuildinfo
2 changes: 2 additions & 0 deletions packages/common/.prettierignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
**/dist
**/node_modules
7 changes: 7 additions & 0 deletions packages/common/.prettierrc.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
bracketSpacing: true
printWidth: 120
proseWrap: "always"
singleQuote: false
tabWidth: 2
trailingComma: "all"
semi: false
21 changes: 21 additions & 0 deletions packages/common/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# Common

Common logic that will be used across multiple workspaces/packages.

## Usage

### Install

Please make sure you have run `yarn install` on the root level.

```sh
cd ../.. # To the root level
nvm use
yarn install
```

### Compile

```sh
yarn compile
```
33 changes: 33 additions & 0 deletions packages/common/package.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
{
"name": "@gnosis/hashi-common",
"version": "0.1.0",
"private": true,
"author": {
"name": "gnosis",
"url": "https://github.com/gnosis"
},
"main": "dist/index.js",
"types": "dist/index.d.ts",
"scripts": {
"postinstall": "yarn compile",
"compile": "tsc",
"lint": "eslint --ignore-path ./.eslintignore --ext .js,.ts .",
"prettier:check": "prettier --check \"**/*.{js,json,md,sol,ts,yml}\"",
"prettier:write": "prettier --write \"**/*.{js,json,md,sol,ts,yml}\""
},
"dependencies": {
"viem": "^2.9.28",
"winston": "^3.11.0"
},
"devDependencies": {
"@tsconfig/node22": "^22.0.0",
"@types/node": "^20.8.9",
"@typescript-eslint/eslint-plugin": "^6.7.5",
"@typescript-eslint/parser": "^6.7.5",
"eslint": "^8.51.0",
"eslint-config-prettier": "^9.0.0",
"prettier": "^3.0.3",
"ts-node": "^10.9.1",
"typescript": "^5.2.2"
}
}
Loading

0 comments on commit 05370d9

Please sign in to comment.