Add key gen using kms dev + howto

README.md

@@ -12,6 +12,11 @@ https://pkg.go.dev/badge/github.com/ethereum/go-ethereum
 Automated builds are available for stable releases and the unstable master branch. Binary
 archives are published at https://geth.ethereum.org/downloads/.
 
+
+## Run the local testnet with coprocessor
+
+Check [here](./local-testnet/HOWTO.md)
+
 ## Building the source
 
 For prerequisites and detailed build instructions please read the [Installation Instructions](https://geth.ethereum.org/docs/getting-started/installing-geth).

local-testnet/HOWTO.md

@@ -0,0 +1,112 @@
+# How to run local testnet with one coprocessor
+
+1. Ensure you are in local-testnet folder
+2. Run `./setup.sh`
+    1. This command will among other steps generate fhe keys in fhevm-keys
+
+> [!NOTE]
+> Be careful fhevm-go-copro expects fhe keys in FHEVM_GO_KEYS_DIR env variable, if this is already set globally it could potentially overwrite the env variable given to rpc node. 
+3. Check you have 4 tmux sessions
+ ```bash
+tmux ls
+bootnode: 1 windows (created Thu Apr 25 15:07:05 2024)
+rpc1: 1 windows (created Thu Apr 25 15:07:05 2024)
+val1: 1 windows (created Thu Apr 25 15:07:05 2024)
+val2: 1 windows (created Thu Apr 25 15:07:05 2024)
+ ```
+
+ 4. Attach to rpc1 node
+ ```bash
+ tmux a -t rpc1
+ ```
+
+5. Open **Metamask** and import a new account with the following pricate key:
+ `d4251c2bca983ae6d2e19e728ec7fd8b80002cde2ee5c21f3f243fad82852386`
+
+
+Add a **new network** in **Metamask** with the following parameters:
+
+- Network name: `co-pro`
+- New RPC URL: `http://127.0.0.1:8745`
+- Chain ID: `12345`
+- Currency symbol: `LETH`
+
+6. Click on switch to **co-pro**
+
+7. You should have 1 LETH
+
+8. Open [Remix](https://remix.ethereum.org/)
+
+9. Connect your Metamask account with Remix (using __Injected Provider Metamask__)
+
+10. Create a new contracts with the following test content
+
+```Solidity
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.19;
+
+contract FhevmCoproc {
+  // for debugging only
+  function trivialEncrypt(uint32 input) public pure returns (uint256) {
+    return uint256(keccak256(abi.encodePacked(input)));
+  }
+
+  // for debugging only
+  function decrypt(uint256 input) public pure returns (uint256) {
+    return input;
+  }
+
+  function fheAdd(uint256 lhs, uint256 rhs, bytes1 scalar) public pure returns (uint256) {
+    uint8 fheOp = 0;
+    return uint256(keccak256(abi.encodePacked(fheOp, lhs, rhs, scalar)));
+  }
+}
+```
+
+10. In Solidity Compiler tab downgrade compiler to **0.8.19+commit** version and **Compile**
+
+11. In deploy tab, deploy your smart contract
+
+You should see in rpc log:
+```bash
+INFO [04-25|15:47:01.590] Submitted contract creation              hash=0xdcc33a885d5b4424131e8802511eaddcce04aaa6b5b68823f453c801447f169a from=0x1181A1FB7B6de97d4CB06Da82a0037DF1FFe32D0 nonce=1 contract=0x6819e3aDc437fAf9D533490eD3a7552493fCE3B1 value=0
+```
+
+12. The deployed address should be the same one as defined in **setup.sh**
+
+`0x6819e3aDc437fAf9D533490eD3a7552493fCE3B1`
+
+13. Now you can interact with the smart contract.
+
+14. First call Trivial encrypt with a value.
+
+```bash
+INFO [04-25|16:02:23.427] Executing coprocessor payload            input=6d02b1f30000000000000000000000000000000000000000000000000000000000000005 output=920ae4155769cd69c30626f054134b5f003772473f57f84837402df6d166e663
+```
+
+15. Copy output value in the log wich corresponds to the handle of the ciphertext
+
+16. Decrypt it by adding 0x in front of the handle in **Decrypt method** in Remix
+
+17. You should see the plaintext value in the log.
+
+```bash
+Executing coprocessor payload            input=5a4ee440920ae4155769cd69c30626f054134b5f003772473f57f84837402df6d166e663 output=920ae4155769cd69c30626f054134b5f003772473f57f84837402df6d166e663
+Executing captured operation decrypt(uint256)
+Handle 920ae4155769cd69c30626f054134b5f003772473f57f84837402df6d166e663 points to ciphertext decryption of [5]
+
+```
+
+18. You can call FheAdd by giving two handles and 0x00 at the end of the parameter:
+
+`0x920ae4155769cd69c30626f054134b5f003772473f57f84837402df6d166e663, 0x920ae4155769cd69c30626f054134b5f003772473f57f84837402df6d166e663, 0x00`
+
+19. Copy the handle and decrypt it again
+
+```bash
+Executing coprocessor payload            input=5a4ee4403eccf67746858051703095ccf88517351d71412618e5205651f460bf2c692e8b output=3eccf67746858051703095ccf88517351d71412618e5205651f460bf2c692e8b
+Executing captured operation decrypt(uint256)
+Handle 3eccf67746858051703095ccf88517351d71412618e5205651f460bf2c692e8b points to ciphertext decryption of [10]
+
+```
+

local-testnet/Makefile

@@ -0,0 +1,32 @@
+KMS_DEV_TAG = v0.3.3-pre-13
+ROOT_DIR = $(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))
+TEST_KEYS_PATH = ${ROOT_DIR}/fhevm-keys
+TEMP_KEY_GEN = ./.temp_keygen
+
+${TEST_KEYS_PATH}/cks ${TEST_KEYS_PATH}/pks ${TEST_KEYS_PATH}/sks ${TEST_KEYS_PATH}/default-software-keys:
+	# make sure to have a fresh dir for keys
+	rm -rf ${TEMP_KEY_GEN}
+	mkdir ${TEMP_KEY_GEN}
+	# start a kms that will generate keys
+	docker run --rm -v ${ROOT_DIR}/${TEMP_KEY_GEN}:/keys ghcr.io/zama-ai/kms-dev:${KMS_DEV_TAG} /app/kms/bin/kms-gen /keys/
+	# move keys
+	mkdir -p ${TEST_KEYS_PATH}
+	cp ${TEMP_KEY_GEN}/default-software-keys.bin ${TEST_KEYS_PATH}
+	cp ${TEMP_KEY_GEN}/cks.bin ${TEST_KEYS_PATH}/cks
+	cp ${TEMP_KEY_GEN}/cks.bin ${TEST_KEYS_PATH}/cks.bin
+	cp ${TEMP_KEY_GEN}/sks.bin ${TEST_KEYS_PATH}/sks
+	cp ${TEMP_KEY_GEN}/pks.bin ${TEST_KEYS_PATH}/pks
+	# clean
+	rm -rf ${TEMP_KEY_GEN}
+
+gen-keys: ${TEST_KEYS_PATH}/cks ${TEST_KEYS_PATH}/pks ${TEST_KEYS_PATH}/sks ${TEST_KEYS_PATH}/default-software-keys.bin
+
+clean:
+	rm -rf node1
+	rm -rf ../node1
+	rm -rf node2
+	rm -rf ../node2
+	rm -rf node3
+	rm -rf ../node3
+	rm -rf ../bootnode
+	rm genesis.json

local-testnet/setup.sh

@@ -5,17 +5,7 @@ make geth
 go build ./cmd/bootnode
 popd
 
-if ! which fhevm-tfhe-cli
-then
-	echo fhevm-tfhe-cli is not installed
-	exit 1
-fi
-
-if [ ! -d ./fhevm-keys ]
-then
-	mkdir fhevm-keys
-	fhevm-tfhe-cli generate-keys -d fhevm-keys
-fi
+make gen-keys
 
 # build with 'make geth' in root directory
 GETH=../build/bin/geth