qbtc testnet setup

# qbtc testnet setup ## qbtc (substrate) install subkey ```bash= cargo install --git https://github.com/paritytech/polkadot-sdk subkey sudo cp ~/.cargo/bin/subkey /usr/local/bin/subkey ``` ## qbtcd (deprecated) ### build qbtcd binary for deployment - install build dependencies ```bash= # rpm distros (fedora, centos, etc) sudo dnf install -y \ astyle \ cmake \ gcc \ ninja-build \ openssl-devel \ python3-pytest \ python3-pytest-xdist \ unzip \ xsltproc \ doxygen \ graphviz \ python3-yaml \ valgrind # deb distros (debian, ubuntu, etc) sudo apt-get install -y \ astyle \ cmake \ gcc \ ninja-build \ libssl-dev \ python3-pytest \ python3-pytest-xdist \ unzip \ xsltproc \ doxygen \ graphviz \ python3-yaml \ valgrind ``` #### liboqs take extra care here about static vs. dynamically linked compilation - fetch liboqs ```bash= git clone \ --depth 1 \ --branch 0.11.0 \ https://github.com/open-quantum-safe/liboqs.git \ ~/git/open-quantum-safe/liboqs ``` - configure liboqs - static compile ```bash= cmake \ -S ~/git/open-quantum-safe/liboqs \ -B ~/git/open-quantum-safe/liboqs/build \ -D OQS_USE_OPENSSL=OFF ``` - dynamic compile <sup>*will expect shared libs on any target that installs qbtcd later*</sup>, don't do this (`BUILD_SHARED_LIBS=ON`) if static (qbtcd) binaries are required ```bash= cmake \ -S ~/git/open-quantum-safe/liboqs \ -B ~/git/open-quantum-safe/liboqs/build \ -D BUILD_SHARED_LIBS=ON ``` - build liboqs ```bash= cmake \ --build ~/git/open-quantum-safe/liboqs/build \ --target clean cmake \ --build ~/git/open-quantum-safe/liboqs/build \ --parallel $(nproc --all) ``` - install liboqs ```bash= sudo cmake \ --build ~/git/open-quantum-safe/liboqs/build \ --target install ``` - output - when compiling for shared libs: ```= -- Installing: /usr/local/lib64/cmake/liboqs/liboqsConfig.cmake -- Installing: /usr/local/lib64/cmake/liboqs/liboqsConfigVersion.cmake -- Installing: /usr/local/lib64/pkgconfig/liboqs.pc -- Installing: /usr/local/lib64/liboqs.so.0.11.0 -- Installing: /usr/local/lib64/liboqs.so.6 -- Installing: /usr/local/lib64/liboqs.so -- Installing: /usr/local/lib64/cmake/liboqs/liboqsTargets.cmake -- Installing: /usr/local/lib64/cmake/liboqs/liboqsTargets-noconfig.cmake -- Installing: /usr/local/include/oqs/oqs.h -- Installing: /usr/local/include/oqs/aes_ops.h -- Installing: /usr/local/include/oqs/common.h -- Installing: /usr/local/include/oqs/rand.h -- Installing: /usr/local/include/oqs/sha2_ops.h -- Installing: /usr/local/include/oqs/sha3_ops.h -- Installing: /usr/local/include/oqs/sha3x4_ops.h -- Installing: /usr/local/include/oqs/kem.h -- Installing: /usr/local/include/oqs/sig.h -- Installing: /usr/local/include/oqs/sig_stfl.h -- Installing: /usr/local/include/oqs/kem_bike.h -- Installing: /usr/local/include/oqs/kem_frodokem.h -- Installing: /usr/local/include/oqs/kem_ntruprime.h -- Installing: /usr/local/include/oqs/kem_classic_mceliece.h -- Installing: /usr/local/include/oqs/kem_hqc.h -- Installing: /usr/local/include/oqs/kem_kyber.h -- Installing: /usr/local/include/oqs/kem_ml_kem.h -- Installing: /usr/local/include/oqs/sig_dilithium.h -- Installing: /usr/local/include/oqs/sig_ml_dsa.h -- Installing: /usr/local/include/oqs/sig_falcon.h -- Installing: /usr/local/include/oqs/sig_sphincs.h -- Installing: /usr/local/include/oqs/sig_mayo.h -- Installing: /usr/local/include/oqs/sig_cross.h -- Installing: /usr/local/include/oqs/oqsconfig.h ``` - when compiling static libs: ```= -- Installing: /usr/local/lib64/cmake/liboqs/liboqsConfig.cmake -- Installing: /usr/local/lib64/cmake/liboqs/liboqsConfigVersion.cmake -- Installing: /usr/local/lib64/pkgconfig/liboqs.pc -- Installing: /usr/local/lib64/liboqs.a -- Old export file "/usr/local/lib64/cmake/liboqs/liboqsTargets.cmake" will be replaced. Removing files [/usr/ local/lib64/cmake/liboqs/liboqsTargets-noconfig.cmake]. -- Installing: /usr/local/lib64/cmake/liboqs/liboqsTargets.cmake -- Installing: /usr/local/lib64/cmake/liboqs/liboqsTargets-noconfig.cmake -- Installing: /usr/local/include/oqs/oqs.h -- Installing: /usr/local/include/oqs/aes_ops.h -- Installing: /usr/local/include/oqs/common.h -- Installing: /usr/local/include/oqs/rand.h -- Installing: /usr/local/include/oqs/sha2_ops.h -- Installing: /usr/local/include/oqs/sha3_ops.h -- Installing: /usr/local/include/oqs/sha3x4_ops.h -- Installing: /usr/local/include/oqs/kem.h -- Installing: /usr/local/include/oqs/sig.h -- Installing: /usr/local/include/oqs/sig_stfl.h -- Installing: /usr/local/include/oqs/kem_bike.h -- Installing: /usr/local/include/oqs/kem_frodokem.h -- Installing: /usr/local/include/oqs/kem_ntruprime.h -- Installing: /usr/local/include/oqs/kem_classic_mceliece.h -- Installing: /usr/local/include/oqs/kem_hqc.h -- Installing: /usr/local/include/oqs/kem_kyber.h -- Installing: /usr/local/include/oqs/kem_ml_kem.h -- Installing: /usr/local/include/oqs/sig_dilithium.h -- Installing: /usr/local/include/oqs/sig_ml_dsa.h -- Installing: /usr/local/include/oqs/sig_falcon.h -- Installing: /usr/local/include/oqs/sig_sphincs.h -- Installing: /usr/local/include/oqs/sig_mayo.h -- Installing: /usr/local/include/oqs/sig_cross.h -- Installing: /usr/local/include/oqs/oqsconfig.h ``` ```bash= sudo ldconfig ``` #### liboqs-go - install liboqs-go ```bash= git clone \ --depth 1 \ --branch 0.10.0 \ https://github.com/open-quantum-safe/liboqs-go.git \ ~/git/open-quantum-safe/liboqs-go ``` - configure liboqs-go - shared libs ```bash= export PKG_CONFIG_PATH=${HOME}/git/open-quantum-safe/liboqs-go/.config sed -i -e 's/Version: 0.10.0/Version: 0.11.0/' ~/git/open-quantum-safe/liboqs-go/.config/liboqs-go.pc #sed -i '/Ldflags/d' ~/git/open-quantum-safe/liboqs-go/.config/liboqs-go.pc ``` - fedora ```bash= export LD_LIBRARY_PATH=/usr/lib64:/usr/local/lib64 sed -i -e 's#LIBOQS_LIB_DIR=/usr/local/lib$#LIBOQS_LIB_DIR=/usr/local/lib64#' ~/git/open-quantum-safe/liboqs-go/.config/liboqs-go.pc ``` - static libs ```bash= export PKG_CONFIG_PATH=${HOME}/git/open-quantum-safe/liboqs-go/.config-static sed -i -e 's/Version: 0.10.0/Version: 0.11.0/' ~/git/open-quantum-safe/liboqs-go/.config-static/liboqs-go.pc ``` - fedora ```bash= export LD_LIBRARY_PATH=/usr/lib64:/usr/local/lib64 sed -i -e 's#LIBOQS_LIB_DIR=/usr/local/lib$#LIBOQS_LIB_DIR=/usr/local/lib64#' ~/git/open-quantum-safe/liboqs-go/.config-static/liboqs-go.pc sed -i -e 's/-lcrypto //' ~/git/open-quantum-safe/liboqs-go/.config-static/liboqs-go.pc ``` - ubuntu ```bash= export LD_LIBRARY_PATH=/usr/local/lib ``` - build liboqs-go ```bash= go clean -C ~/git/open-quantum-safe/liboqs-go -cache go mod -C ~/git/open-quantum-safe/liboqs-go tidy go build -C ~/git/open-quantum-safe/liboqs-go -v examples/kem/kem.go go build -C ~/git/open-quantum-safe/liboqs-go -v examples/sig/sig.go go build -C ~/git/open-quantum-safe/liboqs-go -v examples/rand/rand.go ``` #### qbtcd - build qbtcd (`/tmp/qbtcd`) ```bash= git clone \ git@gitlab.com:qbtc/qbtcd.git \ --branch mining-algo \ --single-branch \ ~/git/qbtc/qbtcd echo "replace github.com/open-quantum-safe/liboqs-go => ${HOME}/git/open-quantum-safe/liboqs-go" >> ~/git/qbtc/qbtcd/go.mod export PKG_CONFIG_PATH=${HOME}/git/open-quantum-safe/liboqs-go/.config go clean -C ~/git/qbtc/qbtcd -cache go mod -C ~/git/qbtc/qbtcd tidy go build \ -C ~/git/qbtc/qbtcd \ -ldflags "-X main.appBuild=$(git --git-dir ~/git/qbtc/qbtcd/.git --work-tree ~/git/qbtc/qbtcd rev-parse --short HEAD)" \ -o /tmp/qbtcd \ -v \ ~/git/qbtc/qbtcd ``` - todo: - [x] modify go build above - [x] to perform a static compile that includes: `/usr/local/lib64/liboqs.so.6` from the open-quantum-safe/liboqs build - [x] to include the commit hash in the semantic version string - [ ] qbtc.deb - [ ] qbtc.rpm - publish qbtcd ```bash= echo $(sha256sum /tmp/qbtcd | cut -d ' ' -f 1) | tee /tmp/qbtcd.sha256 ssh -p 52201 root@mitko sudo mkdir -p /var/lib/qbtc/release scp -P 52201 /tmp/qbtcd root@mitko:/var/lib/qbtc/release/ scp -P 52201 /tmp/qbtcd.sha256 root@mitko:/var/lib/qbtc/release/ ``` - verify publish ```bash= curl --silent --url https://qbtc.zone/release/qbtcd.sha256 ``` ### test qbtc (looks good!) - verify that qbtc runs correctly on a host that has no shared libs or go build environment ```bash= ssh effrafax \ sudo curl \ --fail \ --silent \ --output /usr/local/bin/qbtcd \ --url https://qbtc.zone/release/qbtcd ssh effrafax sudo chmod +x /usr/local/bin/qbtcd ssh effrafax \ sudo curl \ --fail \ --silent \ --output /etc/systemd/system/qbtc.service \ --url https://raw.githubusercontent.com/grenade/rubberneck/main/static/etc/systemd/system/qbtc.service ssh effrafax 'id qbtc || sudo useradd --system --create-home --home-dir /var/lib/qbtc --user-group qbtc' ssh effrafax sudo systemctl enable --now qbtc.service ssh effrafax journalctl -fu qbtc.service ``` systemd unit file: ```ini= [Unit] Description=qbtc node Wants=network-online.target After=network-online.target ConditionPathExists=/usr/local/bin/qbtcd [Service] Type=simple User=qbtc Group=qbtc WorkingDirectory=/var/lib/qbtc ExecStart=/usr/local/bin/qbtcd \ --testnet \ --datadir /var/lib/qbtc \ --listen 0.0.0.0:18333 \ --addpeer 10.0.9.104:18333 \ --maxpeers 125 \ --banthreshold 100 \ --banduration 24h \ --whitelist 10.0.9.0/24 Restart=always RestartSec=3 [Install] WantedBy=multi-user.target ```