From 09eb1d71b83c4dd245a331affbb73d5c054f86f6 Mon Sep 17 00:00:00 2001 From: cbe Date: Mon, 12 Jan 2026 22:18:10 -0800 Subject: [PATCH 1/8] feat: scripts and address for main net deploy still needs front-end config --- .github/workflows/deploy-dawn-mainnet.yml | 181 +++++++++++++++++++++ scripts/check-dawn-deployment-readiness.sh | 160 ++++++++++++++++++ scripts/deploy-dawn-mainnet.sh | 101 ++++++++++++ 3 files changed, 442 insertions(+) create mode 100644 .github/workflows/deploy-dawn-mainnet.yml create mode 100755 scripts/check-dawn-deployment-readiness.sh create mode 100755 scripts/deploy-dawn-mainnet.sh diff --git a/.github/workflows/deploy-dawn-mainnet.yml b/.github/workflows/deploy-dawn-mainnet.yml new file mode 100644 index 00000000..7feabd97 --- /dev/null +++ b/.github/workflows/deploy-dawn-mainnet.yml @@ -0,0 +1,181 @@ +name: "Deploy Dawn Mainnet Contracts" + +on: + workflow_dispatch: + inputs: + fund_amount: + description: "Amount of ETH to fund the paymaster (e.g., 0.1)" + required: false + default: "0" + deploy_bundler: + description: "Deploy bundler service" + type: boolean + required: false + default: false + deploy_auth_server: + description: "Deploy auth server" + type: boolean + required: false + default: false + +env: + HUSKY: 0 + CI: true + +jobs: + deploy-contracts: + runs-on: ubuntu-latest + outputs: + contracts: ${{ steps.deploy.outputs.contracts }} + steps: + - uses: actions/checkout@v4 + with: + submodules: recursive + + - name: Setup pnpm + uses: pnpm/action-setup@v4 + with: + version: 9.11.0 + + - name: Use Node.js + uses: actions/setup-node@v4 + with: + node-version: lts/Iron + cache: "pnpm" + + - name: Install dependencies + run: pnpm install -r --frozen-lockfile + + - name: Install contract dependencies + run: pnpm install -r --frozen-lockfile + working-directory: packages/contracts + + - name: Build contracts + run: pnpm build + working-directory: packages/contracts + + - name: Deploy contracts to Dawn Mainnet + id: deploy + env: + WALLET_PRIVATE_KEY: ${{ secrets.DAWN_MAINNET_DEPLOYER_PRIVATE_KEY }} + KEY_REGISTRY_OWNER_PRIVATE_KEY: ${{ secrets.DAWN_MAINNET_KEY_REGISTRY_OWNER_PRIVATE_KEY }} + run: | + # Deploy all contracts + pnpm hardhat deploy \ + --network dawnMainnet \ + --file ../auth-server/stores/dawn-mainnet.json \ + --fund ${{ github.event.inputs.fund_amount }} \ + --keyregistryowner $KEY_REGISTRY_OWNER_PRIVATE_KEY + + # Read the deployed contracts + echo "contracts=$(cat ../auth-server/stores/dawn-mainnet.json)" >> $GITHUB_OUTPUT + working-directory: packages/contracts + + - name: Initialize OIDC Key Registry with Google keys + env: + WALLET_PRIVATE_KEY: ${{ secrets.DAWN_MAINNET_KEY_REGISTRY_OWNER_PRIVATE_KEY }} + run: | + pnpm hardhat run scripts/add-google-keys.ts --network dawnMainnet + working-directory: packages/contracts + + - name: Verify deployment + env: + WALLET_PRIVATE_KEY: ${{ secrets.DAWN_MAINNET_DEPLOYER_PRIVATE_KEY }} + run: | + node verify-dawn-deployment.js + working-directory: packages/contracts + + - name: Upload deployment artifacts + uses: actions/upload-artifact@v4 + with: + name: dawn-mainnet-deployment + path: packages/auth-server/stores/dawn-mainnet.json + retention-days: 90 + + - name: Comment deployment info on commit + uses: actions/github-script@v7 + with: + script: | + const contracts = JSON.parse('${{ steps.deploy.outputs.contracts }}'); + const comment = ` + ## šŸš€ Dawn Mainnet Deployment Complete + + **Network:** Dawn Mainnet (Chain ID: 30715) + **RPC URL:** https://zksync-os-mainnet-dawn.zksync.io + **Block Explorer:** https://zksync-os-mainnet-dawn.staging-scan-v2.zksync.dev + + ### Deployed Contracts + + | Contract | Address | + |----------|---------| + | Factory | \`${contracts.accountFactory}\` | + | WebAuthn Validator | \`${contracts.passkey}\` | + | Session Validator | \`${contracts.session}\` | + | Beacon | \`${contracts.beacon}\` | + | Guardian Recovery | \`${contracts.recovery}\` | + | OIDC Recovery | \`${contracts.recoveryOidc}\` | + | OIDC Key Registry | \`${contracts.oidcKeyRegistry}\` | + | Paymaster | \`${contracts.accountPaymaster}\` | + + ### Next Steps + 1. Add these addresses to \`packages/auth-server/stores/client.ts\` + 2. Update bundler configuration if deploying bundler service + 3. Deploy auth-server if needed + 4. Test account creation and transactions + `; + + github.rest.repos.createCommitComment({ + owner: context.repo.owner, + repo: context.repo.repo, + commit_sha: context.sha, + body: comment + }); + + deploy-bundler: + needs: deploy-contracts + if: ${{ github.event.inputs.deploy_bundler == 'true' }} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Deploy Bundler Service + run: | + echo "Bundler deployment would happen here" + # TODO: Add bundler deployment steps when ready + + deploy-auth-server: + needs: deploy-contracts + if: ${{ github.event.inputs.deploy_auth_server == 'true' }} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Setup pnpm + uses: pnpm/action-setup@v4 + with: + version: 9.11.0 + + - name: Use Node.js + uses: actions/setup-node@v4 + with: + node-version: lts/Iron + cache: "pnpm" + + - name: Download deployment artifacts + uses: actions/download-artifact@v4 + with: + name: dawn-mainnet-deployment + path: packages/auth-server/stores/ + + - name: Install dependencies + run: pnpm install -r --frozen-lockfile + + - name: Build auth server + run: pnpm nx build auth-server + env: + NUXT_PUBLIC_CHAIN_ID: 30715 + + - name: Deploy to Firebase (or other hosting) + run: | + echo "Auth server deployment would happen here" + # TODO: Configure Firebase or other hosting for Dawn Mainnet diff --git a/scripts/check-dawn-deployment-readiness.sh b/scripts/check-dawn-deployment-readiness.sh new file mode 100755 index 00000000..4f5b68aa --- /dev/null +++ b/scripts/check-dawn-deployment-readiness.sh @@ -0,0 +1,160 @@ +#!/bin/bash + +# Dawn Mainnet Pre-Deployment Checklist +# Run this before deploying to ensure everything is ready + +set -e + +echo "šŸ” Dawn Mainnet Pre-Deployment Checklist" +echo "=========================================" +echo "" + +ISSUES=0 + +# Check 1: Environment variables +echo "1. Checking environment variables..." +if [ -z "$WALLET_PRIVATE_KEY" ]; then + echo " āŒ WALLET_PRIVATE_KEY not set" + ISSUES=$((ISSUES + 1)) +else + echo " āœ… WALLET_PRIVATE_KEY set" +fi + +if [ -z "$KEY_REGISTRY_OWNER_PRIVATE_KEY" ]; then + echo " āŒ KEY_REGISTRY_OWNER_PRIVATE_KEY not set" + ISSUES=$((ISSUES + 1)) +else + echo " āœ… KEY_REGISTRY_OWNER_PRIVATE_KEY set" +fi +echo "" + +# Check 2: Cast CLI installed +echo "2. Checking for cast CLI..." +if command -v cast &> /dev/null; then + echo " āœ… cast installed ($(cast --version | head -n1))" +else + echo " āŒ cast not installed" + echo " Install with: curl -L https://foundry.paradigm.xyz | bash && foundryup" + ISSUES=$((ISSUES + 1)) +fi +echo "" + +# Check 3: pnpm installed +echo "3. Checking for pnpm..." +if command -v pnpm &> /dev/null; then + echo " āœ… pnpm installed ($(pnpm --version))" +else + echo " āŒ pnpm not installed" + echo " Install with: npm install -g pnpm" + ISSUES=$((ISSUES + 1)) +fi +echo "" + +# Check 4: Network connectivity +echo "4. Checking Dawn Mainnet connectivity..." +if curl -s -X POST -H "Content-Type: application/json" \ + --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' \ + https://zksync-os-mainnet-dawn.zksync.io | grep -q "result"; then + echo " āœ… Dawn Mainnet RPC accessible" +else + echo " āŒ Cannot connect to Dawn Mainnet RPC" + ISSUES=$((ISSUES + 1)) +fi +echo "" + +# Check 5: Deployer balance +if [ ! -z "$WALLET_PRIVATE_KEY" ]; then + echo "5. Checking deployer wallet balance..." + DEPLOYER_ADDRESS=$(cast wallet address --private-key $WALLET_PRIVATE_KEY 2>/dev/null || echo "") + + if [ ! -z "$DEPLOYER_ADDRESS" ]; then + echo " šŸ“ Deployer address: $DEPLOYER_ADDRESS" + + BALANCE=$(cast balance $DEPLOYER_ADDRESS --rpc-url https://zksync-os-mainnet-dawn.zksync.io 2>/dev/null || echo "0") + BALANCE_ETH=$(cast --to-unit $BALANCE ether 2>/dev/null || echo "0") + + echo " šŸ’° Balance: $BALANCE_ETH ETH" + + # Check if balance is sufficient (at least 0.5 ETH recommended) + BALANCE_GWEI=$(cast --to-unit $BALANCE gwei 2>/dev/null | cut -d. -f1) + if [ "$BALANCE_GWEI" -lt 500000000 ]; then + echo " āš ļø Low balance. Recommended: at least 1 ETH" + echo " Transfer ETH to: $DEPLOYER_ADDRESS" + ISSUES=$((ISSUES + 1)) + else + echo " āœ… Sufficient balance for deployment" + fi + else + echo " āŒ Invalid WALLET_PRIVATE_KEY" + ISSUES=$((ISSUES + 1)) + fi +else + echo "5. Skipping balance check (WALLET_PRIVATE_KEY not set)" +fi +echo "" + +# Check 6: Key registry owner balance +if [ ! -z "$KEY_REGISTRY_OWNER_PRIVATE_KEY" ]; then + echo "6. Checking key registry owner wallet balance..." + OWNER_ADDRESS=$(cast wallet address --private-key $KEY_REGISTRY_OWNER_PRIVATE_KEY 2>/dev/null || echo "") + + if [ ! -z "$OWNER_ADDRESS" ]; then + echo " šŸ“ Owner address: $OWNER_ADDRESS" + + BALANCE=$(cast balance $OWNER_ADDRESS --rpc-url https://zksync-os-mainnet-dawn.zksync.io 2>/dev/null || echo "0") + BALANCE_ETH=$(cast --to-unit $BALANCE ether 2>/dev/null || echo "0") + + echo " šŸ’° Balance: $BALANCE_ETH ETH" + + # Check if balance is sufficient (at least 0.01 ETH recommended) + BALANCE_GWEI=$(cast --to-unit $BALANCE gwei 2>/dev/null | cut -d. -f1) + if [ "$BALANCE_GWEI" -lt 10000000 ]; then + echo " āš ļø Low balance. Recommended: at least 0.1 ETH" + echo " Transfer ETH to: $OWNER_ADDRESS" + ISSUES=$((ISSUES + 1)) + else + echo " āœ… Sufficient balance" + fi + else + echo " āŒ Invalid KEY_REGISTRY_OWNER_PRIVATE_KEY" + ISSUES=$((ISSUES + 1)) + fi +else + echo "6. Skipping owner balance check (KEY_REGISTRY_OWNER_PRIVATE_KEY not set)" +fi +echo "" + +# Check 7: Contracts build +echo "7. Checking if contracts are built..." +if [ -d "packages/contracts/artifacts-zk" ]; then + echo " āœ… Contracts appear to be built" +else + echo " āš ļø Contracts not built yet" + echo " Run: cd packages/contracts && pnpm build" +fi +echo "" + +# Check 8: Dependencies installed +echo "8. Checking if dependencies are installed..." +if [ -d "node_modules" ] && [ -d "packages/contracts/node_modules" ]; then + echo " āœ… Dependencies installed" +else + echo " āš ļø Dependencies not fully installed" + echo " Run: pnpm install -r" +fi +echo "" + +# Summary +echo "=========================================" +if [ $ISSUES -eq 0 ]; then + echo "āœ… All checks passed! Ready for deployment." + echo "" + echo "To deploy, run:" + echo " ./scripts/deploy-dawn-mainnet.sh" + exit 0 +else + echo "āŒ Found $ISSUES issue(s). Please fix them before deploying." + echo "" + echo "Need help? See: docs/DAWN_MAINNET_DEPLOYMENT.md" + exit 1 +fi diff --git a/scripts/deploy-dawn-mainnet.sh b/scripts/deploy-dawn-mainnet.sh new file mode 100755 index 00000000..31afdda2 --- /dev/null +++ b/scripts/deploy-dawn-mainnet.sh @@ -0,0 +1,101 @@ +#!/bin/bash + +# Dawn Mainnet Quick Deploy Script +# This script provides a streamlined deployment process for Dawn Mainnet + +set -e # Exit on error + +echo "šŸš€ Dawn Mainnet Deployment Script" +echo "==================================" +echo "" + +# Check prerequisites +echo "šŸ“‹ Checking prerequisites..." + +if [ -z "$WALLET_PRIVATE_KEY" ]; then + echo "āŒ WALLET_PRIVATE_KEY environment variable not set" + echo " Set it with: export WALLET_PRIVATE_KEY=your_private_key" + exit 1 +fi + +if [ -z "$KEY_REGISTRY_OWNER_PRIVATE_KEY" ]; then + echo "āŒ KEY_REGISTRY_OWNER_PRIVATE_KEY environment variable not set" + echo " Set it with: export KEY_REGISTRY_OWNER_PRIVATE_KEY=your_private_key" + exit 1 +fi + +echo "āœ… Environment variables set" +echo "" + +# Get deployer address +DEPLOYER_ADDRESS=$(cast wallet address --private-key $WALLET_PRIVATE_KEY) +echo "šŸ“ Deployer Address: $DEPLOYER_ADDRESS" + +# Check deployer balance +BALANCE=$(cast balance $DEPLOYER_ADDRESS --rpc-url https://zksync-os-mainnet-dawn.zksync.io) +echo "šŸ’° Deployer Balance: $(cast --to-unit $BALANCE ether) ETH" +echo "" + +if [ "$(cast --to-unit $BALANCE ether | cut -d. -f1)" -lt 1 ]; then + echo "āš ļø Warning: Low balance. Recommended: at least 1 ETH for deployment + paymaster funding" + read -p "Continue anyway? (y/N): " -n 1 -r + echo + if [[ ! $REPLY =~ ^[Yy]$ ]]; then + exit 1 + fi +fi + +# Navigate to contracts directory +cd "$(dirname "$0")/../packages/contracts" + +echo "šŸ”Ø Building contracts..." +pnpm build +echo "āœ… Contracts built" +echo "" + +# Ask for paymaster funding amount +read -p "šŸ’µ Enter amount of ETH to fund paymaster (e.g., 0.1, or 0 to skip): " FUND_AMOUNT +echo "" + +# Deploy contracts +echo "šŸš€ Deploying contracts to Dawn Mainnet..." +pnpm hardhat deploy \ + --network dawnMainnet \ + --file ../auth-server/stores/dawn-mainnet.json \ + --fund $FUND_AMOUNT \ + --keyregistryowner $KEY_REGISTRY_OWNER_PRIVATE_KEY + +echo "āœ… Contracts deployed" +echo "" + +# Initialize OIDC Key Registry +echo "šŸ”‘ Initializing OIDC Key Registry with Google keys..." +ORIGINAL_WALLET=$WALLET_PRIVATE_KEY +export WALLET_PRIVATE_KEY=$KEY_REGISTRY_OWNER_PRIVATE_KEY +pnpm hardhat run scripts/add-google-keys.ts --network dawnMainnet +export WALLET_PRIVATE_KEY=$ORIGINAL_WALLET +echo "āœ… OIDC Key Registry initialized" +echo "" + +# Verify deployment +echo "šŸ” Verifying deployment..." +export WALLET_PRIVATE_KEY=$ORIGINAL_WALLET +node verify-dawn-deployment.js +echo "" + +# Display next steps +echo "āœ… Deployment Complete!" +echo "" +echo "šŸ“ Next Steps:" +echo "1. Update packages/auth-server/stores/client.ts with deployed addresses" +echo " (Addresses saved in: packages/auth-server/stores/dawn-mainnet.json)" +echo "" +echo "2. Deploy bundler service with the new contract addresses" +echo "" +echo "3. Deploy auth-server:" +echo " cd packages/auth-server" +echo " NUXT_PUBLIC_CHAIN_ID=30715 pnpm build" +echo "" +echo "4. Test the deployment end-to-end" +echo "" +echo "šŸ“„ Full deployment guide: docs/DAWN_MAINNET_DEPLOYMENT.md" From 09c10031f3251d2d38a3c1c8bbcf97f0c83bcda8 Mon Sep 17 00:00:00 2001 From: cbe Date: Mon, 12 Jan 2026 23:03:09 -0800 Subject: [PATCH 2/8] feat: add addresses also try to fix the server in prod --- packages/auth-server/app.vue | 13 ++++--- packages/auth-server/stores/client.ts | 38 ++++++++++++++++++- packages/auth-server/stores/dawn-mainnet.json | 10 +++++ 3 files changed, 55 insertions(+), 6 deletions(-) create mode 100644 packages/auth-server/stores/dawn-mainnet.json diff --git a/packages/auth-server/app.vue b/packages/auth-server/app.vue index 2580964f..daf72fd1 100644 --- a/packages/auth-server/app.vue +++ b/packages/auth-server/app.vue @@ -10,11 +10,14 @@ import { createAppKit } from "@reown/appkit/vue"; const { defaultChain } = useClientStore(); const { metadata, projectId, wagmiAdapter } = useAppKit(); -createAppKit({ - adapters: [wagmiAdapter], - networks: [defaultChain], - projectId, - metadata, +// Defer AppKit initialization until after mount to avoid SSR/initialization issues +onMounted(() => { + createAppKit({ + adapters: [wagmiAdapter], + networks: [defaultChain], + projectId, + metadata, + }); }); // BigInt polyfill diff --git a/packages/auth-server/stores/client.ts b/packages/auth-server/stores/client.ts index ff4e9862..53e07d08 100644 --- a/packages/auth-server/stores/client.ts +++ b/packages/auth-server/stores/client.ts @@ -42,17 +42,40 @@ const zksyncOsLocal = defineChain({ }, }); -export const supportedChains = [localhost, zksyncOsTestnet, zksyncOsLocal]; +const dawnMainnet = defineChain({ + id: 30715, + name: "Dawn Mainnet", + nativeCurrency: { + name: "Ether", + symbol: "ETH", + decimals: 18, + }, + rpcUrls: { + default: { + http: ["https://zksync-os-mainnet-dawn.zksync.io"], + }, + }, + blockExplorers: { + default: { + name: "Dawn Mainnet Explorer", + url: "https://zksync-os-mainnet-dawn.staging-scan-v2.zksync.dev", + }, + }, +}); + +export const supportedChains = [localhost, zksyncOsTestnet, zksyncOsLocal, dawnMainnet]; export type SupportedChainId = (typeof supportedChains)[number]["id"]; export const blockExplorerUrlByChain: Record = { [localhost.id]: "http://localhost:3010", [zksyncOsTestnet.id]: "https://zksync-os-testnet-alpha.staging-scan-v2.zksync.dev", [zksyncOsLocal.id]: "", + [dawnMainnet.id]: "https://zksync-os-mainnet-dawn.staging-scan-v2.zksync.dev", }; export const blockExplorerApiByChain: Record = { [localhost.id]: "http://localhost:3020", [zksyncOsTestnet.id]: "https://block-explorer-api.zksync-os-testnet-alpha.zksync.dev/api", [zksyncOsLocal.id]: "", + [dawnMainnet.id]: "https://block-explorer-api.zksync-os-mainnet-dawn.zksync.io", }; type ChainContracts = { @@ -79,6 +102,16 @@ export const contractsByChain: Record = { bundlerUrl: "https://bundler-api.stage-sso.zksync.dev", beacon: "0x1D779D791B55a093dE60da664C3F301a87f96C62", }, + [dawnMainnet.id]: { + eoaValidator: "0xe7f1725E7734CE288F8367e1Bb143E90bb3F0512", + webauthnValidator: "0x5FC8d32690cc91D4c39d9d3abcBD16989F875707", + sessionValidator: "0xCf7Ed3AccA5a467e9e704C703E8D87F634fB0Fc9", + factory: "0xB7f8BC63BbcaD18155201308C8f3540b07f84F5e", + bundlerUrl: "https://bundler-api.dawn-mainnet.zksync.io", // Update with actual bundler URL when available + beacon: "0x8A791620dd6260079BF849Dc5567aDC3F2FdC318", + guardianExecutor: "0xa513E6E4b8f2a923D98304ec87F64353C4D5C853", + accountPaymaster: "0x959922bE3CAee4b8Cd9a407cc3ac1C251C2007B1", // MockPaymaster + }, }; export const chainParameters: Record = { @@ -91,6 +124,9 @@ export const chainParameters: Record = [zksyncOsTestnet.id]: { blockTime: 1, }, + [dawnMainnet.id]: { + blockTime: 1, + }, }; export const useClientStore = defineStore("client", () => { diff --git a/packages/auth-server/stores/dawn-mainnet.json b/packages/auth-server/stores/dawn-mainnet.json new file mode 100644 index 00000000..3304c992 --- /dev/null +++ b/packages/auth-server/stores/dawn-mainnet.json @@ -0,0 +1,10 @@ +{ + "eoaValidator": "0xe7f1725E7734CE288F8367e1Bb143E90bb3F0512", + "sessionValidator": "0xCf7Ed3AccA5a467e9e704C703E8D87F634fB0Fc9", + "webauthnValidator": "0x5FC8d32690cc91D4c39d9d3abcBD16989F875707", + "guardianExecutor": "0xa513E6E4b8f2a923D98304ec87F64353C4D5C853", + "accountImplementation": "0x2279B7A0a67DB372996a5FaB50D91eAA73d2eBe6", + "beacon": "0x8A791620dd6260079BF849Dc5567aDC3F2FdC318", + "factory": "0xB7f8BC63BbcaD18155201308C8f3540b07f84F5e", + "entryPoint": "0x9A9f2CCfdE556A7E9Ff0848998Aa4a0CFD8863AE" +} From 2e011640c64e5ebed59699406e9758fe5e723330 Mon Sep 17 00:00:00 2001 From: cbe Date: Tue, 13 Jan 2026 01:16:47 -0800 Subject: [PATCH 3/8] fix: remove appkit breaks page loading --- packages/auth-server/app.vue | 17 +----- packages/auth-server/composables/useAppKit.ts | 8 ++- packages/auth-server/plugins/appkit.client.ts | 55 +++++++++++++++++++ 3 files changed, 62 insertions(+), 18 deletions(-) create mode 100644 packages/auth-server/plugins/appkit.client.ts diff --git a/packages/auth-server/app.vue b/packages/auth-server/app.vue index daf72fd1..36455795 100644 --- a/packages/auth-server/app.vue +++ b/packages/auth-server/app.vue @@ -5,22 +5,7 @@