newton_cli/commands/
policy_files.rs

1use clap::{Parser, Subcommand};
2use eyre::{Context, Result};
3use newton_prover_config::NewtonAvsConfig;
4use serde::{Deserialize, Serialize};
5use std::path::PathBuf;
6use tracing;
7
8use crate::config::NewtonCliConfig;
9
10/// Policy files commands
11#[derive(Debug, Parser)]
12#[command(name = "policy-files")]
13pub struct PolicyFilesCommand {
14    #[command(subcommand)]
15    pub subcommand: PolicyFilesSubcommand,
16}
17
18#[derive(Debug, Subcommand)]
19pub enum PolicyFilesSubcommand {
20    /// Generate CIDs for policy files
21    #[command(name = "generate-cids")]
22    GenerateCids(GenerateCidsCommand),
23}
24
25/// Generate CIDs command
26#[derive(Debug, Parser)]
27pub struct GenerateCidsCommand {
28    /// Directory containing policy files (defaults to policy-files)
29    #[arg(short, long, default_value = "policy-files")]
30    directory: PathBuf,
31
32    /// Entrypoint (e.g., "newton_trading_agent.allow")
33    #[arg(long)]
34    entrypoint: String,
35
36    /// Pinata JWT (or set PINATA_JWT env var)
37    #[arg(long, env = "PINATA_JWT")]
38    pinata_jwt: Option<String>,
39
40    /// Pinata Gateway (or set PINATA_GATEWAY env var)
41    #[arg(long, env = "PINATA_GATEWAY")]
42    pinata_gateway: Option<String>,
43
44    /// Output file path (defaults to policy-files/policy_cids.json)
45    #[arg(short, long, default_value = "policy-files/policy_cids.json")]
46    output: PathBuf,
47}
48
49#[derive(Debug, Serialize, Deserialize)]
50#[allow(non_snake_case)]
51struct PolicyCids {
52    wasmCid: String,
53    wasmArgs: String,
54    policyCid: String,
55    schemaCid: String,
56    attester: String,
57    entrypoint: String,
58    policyMetadataCid: String,
59    policyDataMetadataCid: String,
60}
61
62#[derive(Debug)]
63struct FileUpload {
64    name: String,
65    path: PathBuf,
66    mime_type: String,
67    default_name_prefix: String,
68    json_key: String, // Key in the PolicyCids struct
69}
70
71impl GenerateCidsCommand {
72    /// Upload a file to Pinata IPFS
73    pub async fn upload_file_to_pinata(
74        file: PathBuf,
75        jwt: String,
76        file_name: String,
77        mime_type: &str,
78    ) -> Result<String> {
79        // Check if file exists
80        if !file.exists() {
81            eyre::bail!("Error: file not found: {:?}", file);
82        }
83
84        // Read file
85        let file_data = std::fs::read(&file).with_context(|| format!("Failed to read file: {:?}", file))?;
86
87        // Get file name from path
88        let file_name_from_path = file.file_name().and_then(|n| n.to_str()).unwrap_or("file");
89
90        // Create multipart form
91        let form = reqwest::multipart::Form::new()
92            .text("pinataOptions", r#"{"cidVersion":1}"#)
93            .text("pinataMetadata", format!(r#"{{"name":"{}"}}"#, file_name))
94            .part(
95                "file",
96                reqwest::multipart::Part::bytes(file_data)
97                    .file_name(file_name_from_path.to_string())
98                    .mime_str(mime_type)
99                    .unwrap(),
100            );
101
102        // Upload to Pinata
103        let client = reqwest::Client::new();
104        let response = client
105            .post("https://api.pinata.cloud/pinning/pinFileToIPFS")
106            .header("Authorization", format!("Bearer {}", jwt))
107            .multipart(form)
108            .send()
109            .await
110            .context("Failed to send request to Pinata")?;
111
112        if !response.status().is_success() {
113            let status = response.status();
114            let error_text = response.text().await.unwrap_or_default();
115            eyre::bail!("Pinata upload failed with status {}: {}", status, error_text);
116        }
117
118        // Parse response
119        let response_json: serde_json::Value = response.json().await.context("Failed to parse Pinata response")?;
120
121        // Extract IPFS hash
122        let ipfs_hash = response_json
123            .get("IpfsHash")
124            .and_then(|v| v.as_str())
125            .ok_or_else(|| eyre::eyre!("IPFS hash not found in response"))?;
126
127        Ok(ipfs_hash.to_string())
128    }
129
130    /// Display upload results
131    pub fn display_upload_results(ipfs_hash: &str, gateway: &str) {
132        // Construct gateway links
133        let gateway_link = if gateway.ends_with('/') {
134            format!("{}{}", gateway, ipfs_hash)
135        } else {
136            format!("{}/{}", gateway, ipfs_hash)
137        };
138
139        tracing::info!(ipfs_hash = %ipfs_hash, "Uploaded to IPFS");
140        tracing::info!(gateway_link = %gateway_link, "Direct IPFS Link");
141        tracing::info!("Public IPFS Link: https://ipfs.io/ipfs/{}", ipfs_hash);
142    }
143
144    /// Execute the generate-cids command
145    pub async fn execute(self: Box<Self>, _config: NewtonAvsConfig<NewtonCliConfig>) -> Result<()> {
146        // Get Pinata credentials
147        let jwt = self
148            .pinata_jwt
149            .ok_or_else(|| eyre::eyre!("Pinata JWT is required. Set PINATA_JWT env var or use --pinata-jwt"))?;
150
151        let gateway = self.pinata_gateway.ok_or_else(|| {
152            eyre::eyre!("Pinata Gateway is required. Set PINATA_GATEWAY env var or use --pinata-gateway")
153        })?;
154
155        // Define all files to upload in the correct order
156        let files_to_upload = vec![
157            FileUpload {
158                name: "policy.wasm".to_string(),
159                path: self.directory.join("policy.wasm"),
160                mime_type: "application/wasm".to_string(),
161                default_name_prefix: "newton-policy-wasm".to_string(),
162                json_key: "wasmCid".to_string(),
163            },
164            FileUpload {
165                name: "wasm_args.json".to_string(),
166                path: self.directory.join("wasm_args.json"),
167                mime_type: "application/json".to_string(),
168                default_name_prefix: "newton-policy-wasm-args".to_string(),
169                json_key: "wasmArgs".to_string(),
170            },
171            FileUpload {
172                name: "policy.rego".to_string(),
173                path: self.directory.join("policy.rego"),
174                mime_type: "text/plain".to_string(),
175                default_name_prefix: "newton-policy".to_string(),
176                json_key: "policyCid".to_string(),
177            },
178            FileUpload {
179                name: "params_schema.json".to_string(),
180                path: self.directory.join("params_schema.json"),
181                mime_type: "application/json".to_string(),
182                default_name_prefix: "newton-policy-schema".to_string(),
183                json_key: "schemaCid".to_string(),
184            },
185            FileUpload {
186                name: "policy_metadata.json".to_string(),
187                path: self.directory.join("policy_metadata.json"),
188                mime_type: "application/json".to_string(),
189                default_name_prefix: "newton-policy-metadata".to_string(),
190                json_key: "policyMetadataCid".to_string(),
191            },
192            FileUpload {
193                name: "policy_data_metadata.json".to_string(),
194                path: self.directory.join("policy_data_metadata.json"),
195                mime_type: "application/json".to_string(),
196                default_name_prefix: "newton-policy-data-metadata".to_string(),
197                json_key: "policyDataMetadataCid".to_string(),
198            },
199        ];
200
201        tracing::info!(directory = %self.directory.display(), "Starting policy files upload");
202
203        let mut ipfs_hashes: std::collections::HashMap<String, String> = std::collections::HashMap::new();
204        // Upload each file and collect IPFS hashes
205        for file_upload in files_to_upload {
206            tracing::info!(file = %file_upload.name, "Processing file");
207
208            // Check if file exists
209            if !file_upload.path.exists() {
210                // For wasm_args.json, it's optional, so use empty string
211                if file_upload.name == "wasm_args.json" {
212                    tracing::warn!("Warning: {} not found, using empty string...", file_upload.name);
213                    ipfs_hashes.insert(file_upload.json_key.clone(), String::new());
214                    continue;
215                }
216                eyre::bail!("Error: {} not found in {:?}", file_upload.name, self.directory);
217            }
218
219            // Generate file name
220            let file_name = format!(
221                "{}-{}",
222                file_upload.default_name_prefix,
223                chrono::Utc::now().format("%Y%m%d-%H%M%S")
224            );
225
226            tracing::info!(path = %file_upload.path.display(), "Uploading to Pinata IPFS");
227
228            match Self::upload_file_to_pinata(file_upload.path.clone(), jwt.clone(), file_name, &file_upload.mime_type)
229                .await
230            {
231                Ok(ipfs_hash) => {
232                    Self::display_upload_results(&ipfs_hash, &gateway);
233                    ipfs_hashes.insert(file_upload.json_key.clone(), ipfs_hash);
234                }
235                Err(e) => {
236                    eyre::bail!("Error uploading {}: {}", file_upload.name, e);
237                }
238            }
239        }
240
241        // Create PolicyCids struct
242        let policy_cids = PolicyCids {
243            wasmCid: ipfs_hashes
244                .get("wasmCid")
245                .ok_or_else(|| eyre::eyre!("Missing wasmCid"))?
246                .clone(),
247            wasmArgs: ipfs_hashes.get("wasmArgs").unwrap_or(&String::new()).clone(),
248            policyCid: ipfs_hashes
249                .get("policyCid")
250                .ok_or_else(|| eyre::eyre!("Missing policyCid"))?
251                .clone(),
252            schemaCid: ipfs_hashes
253                .get("schemaCid")
254                .ok_or_else(|| eyre::eyre!("Missing schemaCid"))?
255                .clone(),
256            attester: "0x4883282094755C01cd0d15dFE74753c9E189d194".to_string(),
257            entrypoint: self.entrypoint.clone(),
258            policyMetadataCid: ipfs_hashes
259                .get("policyMetadataCid")
260                .ok_or_else(|| eyre::eyre!("Missing policyMetadataCid"))?
261                .clone(),
262            policyDataMetadataCid: ipfs_hashes
263                .get("policyDataMetadataCid")
264                .ok_or_else(|| eyre::eyre!("Missing policyDataMetadataCid"))?
265                .clone(),
266        };
267
268        // Write to JSON file
269        let json_content =
270            serde_json::to_string_pretty(&policy_cids).context("Failed to serialize policy_cids to JSON")?;
271
272        // Create parent directory if it doesn't exist
273        if let Some(parent) = self.output.parent() {
274            std::fs::create_dir_all(parent).with_context(|| format!("Failed to create directory: {:?}", parent))?;
275        }
276
277        std::fs::write(&self.output, json_content)
278            .with_context(|| format!("Failed to write to file: {:?}", self.output))?;
279
280        tracing::info!(output_file = %self.output.display(), "Created policy_cids.json");
281
282        let output_content = std::fs::read_to_string(&self.output)?;
283        tracing::info!(content = %output_content, "Policy CIDs content");
284
285        Ok(())
286    }
287}
288
289impl PolicyFilesCommand {
290    /// Execute the policy-files command
291    pub async fn execute(self: Box<Self>, config: NewtonAvsConfig<NewtonCliConfig>) -> eyre::Result<()> {
292        match self.subcommand {
293            PolicyFilesSubcommand::GenerateCids(command) => {
294                Box::new(command).execute(config).await?;
295            }
296        }
297        Ok(())
298    }
299}