feat(blockchain): production genesis with encrypted keystore, remove admin minting

- Introduce production setup script: scripts/setup_production.py - Generates aitbc1genesis (treasury) and aitbc1treasury (spending) wallets - Encrypts keys via AES-GCM, stores password in keystore/.password (600) - Creates allocations.json and genesis.json with fixed total supply - Sets mint_per_unit=0 (no inflation) - Update make_genesis.py: - Accept allocations file instead of single faucet - Use 'allocations' key in genesis (renamed from 'accounts') - Enforce mint_per_unit=0 in default params - Remove admin mint endpoint: - Deleting MintFaucetRequest and /rpc/admin/mintFaucet from router.py - Removes faucet CLI command from cli/aitbc_cli/commands/blockchain.py - RPC supply endpoint now computes total supply from genesis file (fixed) - Validators endpoint derives list from trusted_proposers config - Config enhancements (config.py): - Add keystore_path and keystore_password_file - Change mint_per_unit default to 0 - main.py: Auto-load proposer private key from keystore into settings.proposer_key (hex) for future use - Launcher scripts: - scripts/mainnet_up.sh: Loads .env.production, derives proposer_id from keystore if needed, starts node + RPC - scripts/devnet_up.sh: Updated to use new allocations-based genesis and proper proposer address - Documentation: - Rewrite blockchain-node/README.md for production model (no faucet, keystore management, multi-chain) - Update MEMORY.md with production blockchain section - Database: Multi-chain support already present via chain_id foreign keys. This change makes the blockchain production‑ready: immutable supply, secure key storage, and removal of dev‑only admin functions. Co-authored-by: Andreas Michael Fleckl <andreas@example.com>
2026-03-16 09:24:07 +00:00
parent f11f277e71
commit 337c68013c
13 changed files with 974 additions and 211 deletions
--- a/apps/blockchain-node/src/aitbc_chain/config.py
+++ b/apps/blockchain-node/src/aitbc_chain/config.py
@@ -31,7 +31,7 @@ class ChainSettings(BaseSettings):
    proposer_id: str = "ait-devnet-proposer"
    proposer_key: Optional[str] = None

-    mint_per_unit: int = 1000
+    mint_per_unit: int = 0  # No new minting after genesis for production
    coordinator_ratio: float = 0.05

    block_time_seconds: int = 2
@@ -58,5 +58,9 @@ class ChainSettings(BaseSettings):
    gossip_backend: str = "memory"
    gossip_broadcast_url: Optional[str] = None

+    # Keystore for proposer private key (future block signing)
+    keystore_path: Path = Path("./keystore")
+    keystore_password_file: Path = Path("./keystore/.password")
+

 settings = ChainSettings()
--- a/apps/blockchain-node/src/aitbc_chain/consensus/poa.py
+++ b/apps/blockchain-node/src/aitbc_chain/consensus/poa.py
@@ -1,7 +1,9 @@
 import asyncio
 import hashlib
+import json
 import re
 from datetime import datetime
+from pathlib import Path
 from typing import Callable, ContextManager, Optional

 from sqlmodel import Session, select
@@ -9,7 +11,7 @@ from sqlmodel import Session, select
 from ..logger import get_logger
 from ..metrics import metrics_registry
 from ..config import ProposerConfig
-from ..models import Block
+from ..models import Block, Account
 from ..gossip import gossip_broker

 _METRIC_KEY_SANITIZE = re.compile(r"[^a-zA-Z0-9_]")
@@ -199,14 +201,17 @@ class PoAProposer:
                height=0,
                hash=block_hash,
                parent_hash="0x00",
-                proposer="genesis",
+                proposer=self._config.proposer_id,  # Use configured proposer as genesis proposer
                timestamp=timestamp,
                tx_count=0,
                state_root=None,
            )
            session.add(genesis)
            session.commit()
-            
+
+            # Initialize accounts from genesis allocations file (if present)
+            await self._initialize_genesis_allocations(session)
+
            # Broadcast genesis block for initial sync
            await gossip_broker.publish(
                "blocks",
@@ -222,6 +227,33 @@ class PoAProposer:
                }
            )

+    async def _initialize_genesis_allocations(self, session: Session) -> None:
+        """Create Account entries from the genesis allocations file."""
+        # Look for genesis file relative to project root: data/{chain_id}/genesis.json
+        # Alternatively, use a path from config (future improvement)
+        genesis_path = Path(f"./data/{self._config.chain_id}/genesis.json")
+        if not genesis_path.exists():
+            self._logger.warning("Genesis allocations file not found; skipping account initialization", extra={"path": str(genesis_path)})
+            return
+
+        with open(genesis_path) as f:
+            genesis_data = json.load(f)
+
+        allocations = genesis_data.get("allocations", [])
+        created = 0
+        for alloc in allocations:
+            addr = alloc["address"]
+            balance = int(alloc["balance"])
+            nonce = int(alloc.get("nonce", 0))
+            # Check if account already exists (idempotent)
+            acct = session.get(Account, (self._config.chain_id, addr))
+            if acct is None:
+                acct = Account(chain_id=self._config.chain_id, address=addr, balance=balance, nonce=nonce)
+                session.add(acct)
+                created += 1
+        session.commit()
+        self._logger.info("Initialized genesis accounts", extra={"count": created, "total": len(allocations)})
+
    def _fetch_chain_head(self) -> Optional[Block]:
        with self._session_factory() as session:
            return session.exec(select(Block).order_by(Block.height.desc()).limit(1)).first()
--- a/apps/blockchain-node/src/aitbc_chain/main.py
+++ b/apps/blockchain-node/src/aitbc_chain/main.py
@@ -1,7 +1,10 @@
 from __future__ import annotations

 import asyncio
+import json
+import os
 from contextlib import asynccontextmanager
+from pathlib import Path
 from typing import Optional

 from .config import settings
@@ -14,6 +17,73 @@ from .mempool import init_mempool

 logger = get_logger(__name__)

+def _load_keystore_password() -> str:
+    """Load keystore password from file or environment."""
+    pwd_file = settings.keystore_password_file
+    if pwd_file.exists():
+        return pwd_file.read_text().strip()
+    env_pwd = os.getenv("KEYSTORE_PASSWORD")
+    if env_pwd:
+        return env_pwd
+    raise RuntimeError(f"Keystore password not found. Set in {pwd_file} or KEYSTORE_PASSWORD env.")
+
+def _load_private_key_from_keystore(keystore_dir: Path, password: str, target_address: Optional[str] = None) -> Optional[bytes]:
+    """Load an ed25519 private key from the keystore.
+    If target_address is given, find the keystore file with matching address.
+    Otherwise, return the first key found.
+    """
+    if not keystore_dir.exists():
+        return None
+    for kf in keystore_dir.glob("*.json"):
+        try:
+            with open(kf) as f:
+                data = json.load(f)
+            addr = data.get("address")
+            if target_address and addr != target_address:
+                continue
+            # Decrypt
+            from cryptography.hazmat.primitives.asymmetric import ed25519
+            from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
+            from cryptography.hazmat.primitives import hashes
+            from cryptography.hazmat.primitives.ciphers.aead import AESGCM
+            from cryptography.hazmat.backends import default_backend
+
+            crypto = data["crypto"]
+            kdfparams = crypto["kdfparams"]
+            salt = bytes.fromhex(kdfparams["salt"])
+            kdf = PBKDF2HMAC(
+                algorithm=hashes.SHA256(),
+                length=32,
+                salt=salt,
+                iterations=kdfparams["c"],
+                backend=default_backend()
+            )
+            key = kdf.derive(password.encode('utf-8'))
+            nonce = bytes.fromhex(crypto["cipherparams"]["nonce"])
+            ciphertext = bytes.fromhex(crypto["ciphertext"])
+            aesgcm = AESGCM(key)
+            private_bytes = aesgcm.decrypt(nonce, ciphertext, None)
+            # Verify it's ed25519
+            priv_key = ed25519.Ed25519PrivateKey.from_private_bytes(private_bytes)
+            return private_bytes
+        except Exception:
+            continue
+    return None
+
+# Attempt to load proposer private key from keystore if not set
+if not settings.proposer_key:
+    try:
+        pwd = _load_keystore_password()
+        key_bytes = _load_private_key_from_keystore(settings.keystore_path, pwd, target_address=settings.proposer_id)
+        if key_bytes:
+            # Encode as hex for easy storage; not yet used for signing
+            settings.proposer_key = key_bytes.hex()
+            logger.info("Loaded proposer private key from keystore", extra={"proposer_id": settings.proposer_id})
+        else:
+            logger.warning("Proposer private key not found in keystore; block signing disabled", extra={"proposer_id": settings.proposer_id})
+    except Exception as e:
+        logger.warning("Failed to load proposer key from keystore", extra={"error": str(e)})
+

 class BlockchainNode:
    def __init__(self) -> None:
--- a/apps/blockchain-node/src/aitbc_chain/rpc/router.py
+++ b/apps/blockchain-node/src/aitbc_chain/rpc/router.py
@@ -61,11 +61,6 @@ class EstimateFeeRequest(BaseModel):
    payload: Dict[str, Any] = Field(default_factory=dict)


-class MintFaucetRequest(BaseModel):
-    address: str
-    amount: int = Field(gt=0)
-
-
@router.get("/head", summary="Get current chain head")
 async def get_head(chain_id: str = "ait-devnet") -> Dict[str, Any]:
    metrics_registry.increment("rpc_get_head_total")
@@ -530,24 +525,6 @@ async def estimate_fee(request: EstimateFeeRequest) -> Dict[str, Any]:
    }


-@router.post("/admin/mintFaucet", summary="Mint devnet funds to an address")
-async def mint_faucet(request: MintFaucetRequest, chain_id: str = "ait-devnet") -> Dict[str, Any]:
-    metrics_registry.increment("rpc_mint_faucet_total")
-    start = time.perf_counter()
-    with session_scope() as session:
-        account = session.get(Account, (chain_id, request.address))
-        if account is None:
-            account = Account(chain_id=chain_id, address=request.address, balance=request.amount)
-            session.add(account)
-        else:
-            account.balance += request.amount
-        session.commit()
-        updated_balance = account.balance
-    metrics_registry.increment("rpc_mint_faucet_success_total")
-    metrics_registry.observe("rpc_mint_faucet_duration_seconds", time.perf_counter() - start)
-    return {"address": request.address, "balance": updated_balance}
-
-
 class ImportBlockRequest(BaseModel):
    height: int
    hash: str
@@ -663,15 +640,27 @@ async def get_token_supply(chain_id: str = "ait-devnet") -> Dict[str, Any]:
    start = time.perf_counter()
    
    with session_scope() as session:
-        # Simple implementation for now
+        # Sum balances of all accounts in this chain
+        result = session.exec(select(func.sum(Account.balance)).where(Account.chain_id == chain_id)).one_or_none()
+        circulating = int(result) if result is not None else 0
+
+        # Total supply is read from genesis (fixed), or fallback to circulating if unavailable
+        # Try to locate genesis file
+        genesis_path = Path(f"./data/{chain_id}/genesis.json")
+        total_supply = circulating  # default fallback
+        if genesis_path.exists():
+            try:
+                with open(genesis_path) as f:
+                    g = json.load(f)
+                total_supply = sum(a["balance"] for a in g.get("allocations", []))
+            except Exception:
+                total_supply = circulating
+
        response = {
            "chain_id": chain_id,
-            "total_supply": 1000000000,  # 1 billion from genesis
-            "circulating_supply": 0,  # No transactions yet
-            "faucet_balance": 1000000000,  # All tokens in faucet
-            "faucet_address": "ait1faucet000000000000000000000000000000000",
+            "total_supply": total_supply,
+            "circulating_supply": circulating,
            "mint_per_unit": cfg.mint_per_unit,
-            "total_accounts": 0
        }
        
        metrics_registry.observe("rpc_supply_duration_seconds", time.perf_counter() - start)
@@ -682,30 +671,35 @@ async def get_token_supply(chain_id: str = "ait-devnet") -> Dict[str, Any]:
 async def get_validators(chain_id: str = "ait-devnet") -> Dict[str, Any]:
    """List blockchain validators (authorities)"""
    from ..config import settings as cfg
-    
+
    metrics_registry.increment("rpc_validators_total")
    start = time.perf_counter()
-    
-    # For PoA chain, validators are the authorities from genesis
-    # In a full implementation, this would query the actual validator set
+
+    # Build validator set from trusted_proposers config (comma-separated)
+    trusted = [p.strip() for p in cfg.trusted_proposers.split(",") if p.strip()]
+    if not trusted:
+        # Fallback to the node's own proposer_id as the sole validator
+        trusted = [cfg.proposer_id]
+
    validators = [
        {
-            "address": "ait1devproposer000000000000000000000000000000",
+            "address": addr,
            "weight": 1,
            "status": "active",
-            "last_block_height": None,  # Would be populated from actual validator tracking
+            "last_block_height": None,  # Could be populated from metrics
            "total_blocks_produced": None
        }
+        for addr in trusted
    ]
-    
+
    response = {
        "chain_id": chain_id,
        "validators": validators,
        "total_validators": len(validators),
-        "consensus_type": "PoA",  # Proof of Authority
+        "consensus_type": "PoA",
        "proposer_id": cfg.proposer_id
    }
-    
+
    metrics_registry.observe("rpc_validators_duration_seconds", time.perf_counter() - start)
    return response