Initial Commit

Co-authored-by: Michael Kaplan <michael@avalabs.org>
Co-authored-by: Cam Schultz <cameron.schultz@avalabs.org>
Co-authored-by: Matthew Lam <matthew.lam@avalabs.org>
Co-authored-by: Linguan Yang <linguan.yang@avalabs.org>
Co-authored-by: Anatoliy Dutchak <anatoliy.dutchak@avalabs.org>
Co-authored-by: Geoff Stuart <geoffrey.stuart@avalabs.org>

.github/CODEOWNERS

@@ -0,0 +1,3 @@
+# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners#codeowners-syntax
+
+* @michaelkaplan13 @cam-schultz @minghinmatthewlam @gwen917 @geoff-vball @bernard-avalabs

.github/dependabot.yml

@@ -0,0 +1,22 @@
+# Copyright (C) 2023, Ava Labs, Inc. All rights reserved.
+# See the file LICENSE for licensing terms.
+
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "gomod" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "gitsubmodule"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/workflows/codeql.yml

@@ -0,0 +1,59 @@
+# Copyright (C) 2023, Ava Labs, Inc. All rights reserved.
+# See the file LICENSE for licensing terms.
+
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches:
+      - main
+
+  pull_request:
+    branches:
+      - '*'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+
+        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        queries: security-extended,security-and-quality
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2

.github/workflows/release.yaml

@@ -0,0 +1,36 @@
+# Copyright (C) 2023, Ava Labs, Inc. All rights reserved.
+# See the file LICENSE for licensing terms.
+
+name: Prod - release Docker image
+
+on:
+  release:
+    types: [published]
+jobs:
+  push_to_registry:
+    name: Push Docker image to Docker Hub
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v3
+
+      # Needed for multi-platform builds
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      # Needed for multi-platform builds
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Log in to Docker Hub
+        uses: docker/#-action@v2
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Build and Push to Docker Hub
+        uses: docker/build-push-action@v4
+        with:
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: avaplatform/awm-relayer:${{ github.event.release.tag_name }}, avaplatform/awm-relayer:latest

.github/workflows/snyk.yml

@@ -0,0 +1,33 @@
+# Copyright (C) 2023, Ava Labs, Inc. All rights reserved.
+# See the file LICENSE for licensing terms.
+
+name: Snyk Golang
+on:
+  push:
+    branches-ignore:
+      - "dependabot/**"
+  pull_request:
+    branches:
+      - "dependabot/**"
+
+jobs:
+  golang-snyk:
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          path: awm-relayer
+
+      - name: Run Snyk
+        uses: snyk/actions/golang@master
+        continue-on-error: true # To make sure that SARIF upload gets called
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --sarif-file-output=snyk.sarif --all-projects --detection-depth=4
+
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: snyk.sarif

.github/workflows/test.yml

@@ -0,0 +1,36 @@
+# Copyright (C) 2023, Ava Labs, Inc. All rights reserved.
+# See the file LICENSE for licensing terms.
+
+name: Run Relayer Unit Tests
+
+on:
+  push:
+    branches:
+      - '*'
+
+jobs:
+  build-test-relayer:
+    runs-on: ubuntu-20.04
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+      with:
+        path: awm-relayer
+
+    - name: Setup Go
+      uses: actions/setup-go@v4
+      with:
+        go-version: '1.20.7'
+
+    - name: Build Relayer
+      run: |
+        cd awm-relayer
+        go mod tidy
+        ./scripts/build.sh
+
+    - name: Run Relayer Unit Tests
+      run: |
+        cd awm-relayer
+        go test ./...
+

.gitignore

@@ -0,0 +1,4 @@
+build/
+__debug_bin
+
+.vscode*

CONTRIBUTING.md

@@ -0,0 +1,49 @@
+# How to Contribute to AWM Relayer
+
+## Setup
+
+To start developing on AWM Relayer, you'll need Golang >= v1.18.1.
+
+## Issues
+
+### Security
+
+- Do not open up a GitHub issue if it relates to a security vulnerability in AWM Relayer, and instead refer to our [security policy](./SECURITY.md).
+
+### Making an Issue
+
+- Check that the issue you're filing doesn't already exist by searching under [issues](https://github.com/ava-labs/awm-relayer/issues).
+- If you're unable to find an open issue addressing the problem, [open a new one](https://github.com/ava-labs/awm-relayer/issues/new/choose). Be sure to include a *title and clear description* with as much relevant information as possible.
+
+## Features
+
+- If you want to start a discussion about the development of a new feature or the modfiication of an existing one, start a thread under GitHub [discussions](https://github.com/ava-labs/awm-relayer/discussions/categories/ideas).
+- Post a thread about your idea and why it should be added to AWM Relayer.
+- Don't start working on a pull request until you've received positive feedback from the maintainers.
+
+## Pull Request Guidelines
+
+- Open a new GitHub pull request containing your changes.
+- Ensure the PR description clearly describes the problem and solution, and how the change was tested. Include the relevant issue number if applicable.
+- If your PR isn't ready to be reviewed just yet, you can open it as a draft to collect early feedback on your changes.
+- Once the PR is ready for review, mark it as ready-for-review and request review from one of the maintainers.
+
+### Testing
+
+#### Local
+
+- Run the unit tests
+
+```sh
+go test ./...
+```
+
+### Continuous Integration (CI)
+
+- Pull requests will generally not be approved or merged unless they pass CI.
+
+## Other
+
+### Do you have questions about the source code?
+
+- Ask any question about AWM Relayer under GitHub [discussions](https://github.com/ava-labs/teleporter/discussions/categories/q-a).

Dockerfile

@@ -0,0 +1,17 @@
+### Build Stage ###
+FROM golang:1.20.7-bullseye as build
+
+WORKDIR /go/src
+# Copy the code into the container
+COPY . .
+RUN go mod tidy
+# Build awm-relayer
+RUN bash ./scripts/build.sh
+
+### RUN Stage ###
+FROM golang:1.20.7
+COPY --from=build /go/src/build/awm-relayer /usr/bin/awm-relayer
+EXPOSE 8080
+USER 1001
+CMD ["start"]
+ENTRYPOINT ["/usr/bin/awm-relayer"]

LICENSE

@@ -0,0 +1,66 @@
+Copyright (C) 2023, Ava Labs, Inc. All rights reserved.
+
+Ecosystem License
+Version: 1.1
+
+Subject to the terms herein, Ava Labs, Inc. (**“Ava Labs”**) hereby grants you
+a limited, royalty-free, worldwide, non-sublicensable, non-transferable,
+non-exclusive license to use, copy, modify, create derivative works based on,
+and redistribute the Software, in source code, binary, or any other form,
+including any modifications or derivative works of the Software (collectively,
+**“Licensed Software”**), in each case subject to this Ecosystem License
+(**“License”**).
+
+This License applies to all copies, modifications, derivative works, and any
+other form or usage of the Licensed Software. You will include and display
+this License, without modification, with all uses of the Licensed Software,
+regardless of form.
+
+You will use the Licensed Software solely (i) in connection with the Avalanche
+Public Blockchain platform, having a NetworkID of 1 (Mainnet) or 5 (Fuji), and
+associated blockchains, comprised exclusively of the Avalanche X-Chain,
+C-Chain, P-Chain and any subnets linked to the P-Chain (“Avalanche Authorized
+Platform”) or (ii) for non-production, testing or research purposes within the
+Avalanche ecosystem, in each case, without any commercial application
+(“Non-Commercial Use”); provided that this License does not permit use of the
+Licensed Software in connection with (a) any forks of the Avalanche Authorized
+Platform or (b) in any manner not operationally connected to the Avalanche
+Authorized Platform other than, for the avoidance of doubt, the limited
+exception for Non-Commercial Use. Ava Labs may publicly announce changes or
+additions to the Avalanche Authorized Platform, which may expand or modify
+usage of the Licensed Software. Upon such announcement, the Avalanche
+Authorized Platform will be deemed to be the then-current iteration of such
+platform.
+
+You hereby acknowledge and agree to the terms set forth at
+www.avalabs.org/important-notice.
+
+If you use the Licensed Software in violation of this License, this License
+will automatically terminate and Ava Labs reserves all rights to seek any
+remedy for such violation.
+
+Except for uses explicitly permitted in this License, Ava Labs retains all
+rights in the Licensed Software, including without limitation the ability to
+modify it.
+
+Except as required or explicitly permitted by this License, you will not use
+any Ava Labs names, logos, or trademarks without Ava Labs’ prior written
+consent.
+
+You may use this License for software other than the “Licensed Software”
+specified above, as long as the only change to this License is the definition
+of the term “Licensed Software.”
+
+The Licensed Software may reference third party components. You acknowledge
+and agree that these third party components may be governed by a separate
+license or terms and that you will comply with them.
+
+**TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE LICENSED SOFTWARE IS PROVIDED
+ON AN “AS IS” BASIS, AND AVA LABS EXPRESSLY DISCLAIMS AND EXCLUDES ALL
+REPRESENTATIONS, WARRANTIES AND OTHER TERMS AND CONDITIONS, WHETHER EXPRESS OR
+IMPLIED, INCLUDING WITHOUT LIMITATION BY OPERATION OF LAW OR BY CUSTOM,
+STATUTE OR OTHERWISE, AND INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTY,
+TERM, OR CONDITION OF NON-INFRINGEMENT, MERCHANTABILITY, TITLE, OR FITNESS FOR
+PARTICULAR PURPOSE. YOU USE THE LICENSED SOFTWARE AT YOUR OWN RISK. AVA LABS
+EXPRESSLY DISCLAIMS ALL LIABILITY (INCLUDING FOR ALL DIRECT, CONSEQUENTIAL OR
+OTHER DAMAGES OR LOSSES) RELATED TO ANY USE OF THE LICENSED SOFTWARE.**

README.md

@@ -0,0 +1,39 @@
+# awm-relayer
+
+Standalone relayer for cross-chain Avalanche Warp Message delivery.
+
+## Usage
+---
+### Building
+Build the relayer by running the included build script:
+```
+./scripts/build.sh
+```
+
+Build a Docker image by running the included build script:
+```
+./scripts/build-local-image.sh
+```
+### Running
+The relayer binary accepts a path to a JSON configuration file as the sole argument. Command line configuration arguments are not currently supported.
+```
+./build/awm-relayer --config-file path-to-config
+```
+
+## Architecture
+---
+**Note:** The relayer in its current state supports Teleporter messages between `subnet-evm` instances. A handful of abstractions have been added to make the relayer extensible to other Warp message formats and VM types, but this work is ongoing.
+### Components
+The relayer consists of the following components:
+- At the global level:
+    - *P2P App Network*: issues signature `AppRequests`
+    - *P-Chain client*: gets the validators for a subnet
+- Per Source subnet
+    - *Subscriber*: listens for logs pertaining to cross-chain message transactions
+- Per Destination subnet
+    - *Destination RPC client*: broadcasts transactions to the destination
+
+### Data flow
+<div align="center">
+  <img src="resources/relayer-diagram.png?raw=true">
+</div>

SECURITY.md

@@ -0,0 +1,17 @@
+# Security Policy
+
+Avalanche takes the security of the platform and of its users very seriously. We and our community recognize the critical role of external security researchers and developers and welcome responsible disclosures. Valid reports will be eligible for a reward (terms and conditions apply).
+
+## Reporting a Vulnerability
+
+**Please do not file a public ticket** mentioning the vulnerability. To disclose a vulnerability submit it through our [Bug Bounty Program](https://hackenproof.com/avalanche).
+
+Vulnerabilities must be disclosed to us privately with reasonable time to respond, and avoid compromise of other users and accounts, or loss of funds that are not your own. We do not reward spam or social engineering vulnerabilities.
+
+Do not test for or validate any security issues in the live Avalanche networks (Mainnet and Fuji testnet), confirm all exploits in a local private testnet.
+
+Please refer to the [Bug Bounty Page](https://hackenproof.com/avalanche) for the most up-to-date program rules and scope.
+
+## Supported Versions
+
+Please use the most recently released version to perform testing and to validate security issues.