add genkey script

ac1f7a64 · vicotor · 85514844 · ac1f7a64 · ac1f7a64 · ac1f7a64
Commit ac1f7a64 authored Nov 14, 2025 by vicotor
7 changed files
--- a/.dockerignore
+++ b/.dockerignore
+.data
 data
 build
 keys
+secret
--- a/config.toml
+++ b/config.toml
-debug = true
+debug = false
+aeskey = "/app/keys/aes.key"
+otpkey = "/app/keys/val.otp"

-[[chains]]
-name = "hpb"
-rpc = "https://hpbnode.com"
-initial_height = 23240125
-batch_block = 100
-confirm_block_count = 2
-bridge_contract = "0x9a06d0CfAFc19a4bfe0ecd5f8bC20A26a88fA227"
-validator_private_key = "fc35cdedfab10b7218ae68b45146736bc66513452000f1fa411ff7a9c1f33439"
-
-[[chains]]
-name = "bit"
-rpc = "https://rpc.mova.bitheart.org"
-initial_height = 1123988
-batch_block = 100
-confirm_block_count = 2
-bridge_contract = "0x9a06d0CfAFc19a4bfe0ecd5f8bC20A26a88fA227"
-validator_private_key = "fc35cdedfab10b7218ae68b45146736bc66513452000f1fa411ff7a9c1f33439"

 [mysql]
-#host = "bridgedb"
-host = "127.0.0.1"
+host = "bridgedb"
 port = 3306
 user = "root"
 password = "XN2UARuys3zy4Oux"
@@ -28,8 +12,19 @@ database = "bridge"
 max_conn = 20
 max_idle_conn = 10

-[server]
-listen = ":8080"
-invalid_headers = [
-    "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)",
-]
\ No newline at end of file
+
+[[chains]]
+name = "hole"
+rpc = "https://rpc.hole.bitheart.org"
+batch_block = 100
+confirm_block_count = 2
+initial_height = 868351
+bridge_contract = "0xceEC8799139C698De532e363DA7395E25F409775"
+
+[[chains]]
+name = "movadev"
+rpc = "https://rpc.mova.bitheart.org"
+batch_block = 50
+confirm_block_count = 2
+initial_height = 869401
+bridge_contract = "0xA2d532F956770611647EcBab19d87d380145d0Cf"
--- a/config/config.go
+++ b/config/config.go
@@ -10,7 +10,6 @@ type Config struct {
 	OTPKeyPath string                  `toml:"otpkey"`
 	Chains     map[string]*ChainConfig `toml:"chains"`
 	MySQL      MySQLConfig
-	Server     ServerConfig
 }

 type ChainConfig struct {
@@ -21,7 +20,6 @@ type ChainConfig struct {
 	BehindBlock    int    `toml:"behind_block"`
 	BridgeContract string `toml:"bridge_contract"`
 	Interval       int    `toml:"interval"` // in seconds
-	//ValidatorPrivateKey string `toml:"validator_private_key"`
 	ChainId        int64  `toml:"chain_id"` // Will be populated by code
 }

@@ -35,11 +33,6 @@ type MySQLConfig struct {
 	MaxIdleConn int `toml:"max_idle_conn"`
 }

-type ServerConfig struct {
-	Listen         string
-	InvalidHeaders []string `toml:"invalid_headers"`
-}
-
 func New(confPath string) (*Config, error) {
 	var cfg Config
 	cfg.Chains = make(map[string]*ChainConfig)

--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -4,10 +4,10 @@ networks:

 services:
  bridgedb:
-    image: mysql:8
+    image: mysql:8.0
    container_name: bridgedb
    volumes:
-      - ./.data/db:/var/lib/mysql
+      - ./data/db:/var/lib/mysql
    environment:
      MYSQL_ROOT_PASSWORD: "XN2UARuys3zy4Oux"
      MYSQL_DATABASE: "bridge"
@@ -27,8 +27,7 @@ services:
      bridgedb:
        condition: service_healthy
    volumes:
-      - ./aes.key:/app/aes.key
-      - ./val.otp:/app/val.otp
+      - ./keys:/app/keys
      - ./config.toml:/app/config.toml
    command:
      - "/bin/sh"

--- a/genkey.sh
+++ b/genkey.sh
@@ -2,3 +2,4 @@
 docker run -it -v "${PWD}:/app" --rm token-bridge:latest validator genkey --output keys/aes.key
 docker run -it -v "${PWD}:/app" --rm token-bridge:latest validator encrypt --in secret/val.pk --out secret/val.fpk --aes keys/aes.key
 docker run -it -v "${PWD}:/app" --rm token-bridge:latest validator onetime --in secret/val.fpk --out keys/val.otp
+rm -f secret/val.fpk
--- a/model/db/db.go
+++ b/model/db/db.go
@@ -9,6 +9,7 @@ type Height struct {
 	IntValue int64  `gorm:"type:int;not null"` // 配置value
 }

+// 数据库记录增加验证者签名，用于防止数据库记录被修改.
 type BridgeEvent struct {
 	FromChain       int64  `gorm:"type:int;comment:源链"`
 	OutTimestamp    int64  `gorm:"type:int;comment:Out时间戳"`
@@ -31,6 +32,7 @@ type BridgeEvent struct {
 	ToChainTxHash   string `gorm:"type:varchar(255);comment:目标链交易hash"`
 	ToChainStatus   int    `gorm:"type:int;comment:目标链状态"` // 0未执行, 1等待确认, 2已执行, 3已拒绝
 	ValidatorStatus int    `gorm:"type:int;comment:验证者状态"` // 0未验证, 1已确认, 2已拒绝, 3操作失败
+	SignatureOut    string `gorm:"type:varchar(255);comment:源链信息签名"`
 	gorm.Model
 }


--- a/readme.md
+++ b/readme.md
@@ -7,19 +7,19 @@

 # How to use
 1. make docker
-2. prepare a validator private key, write it to `val.pk`
+2. prepare a validator private key, write it to `secret/val.pk`
 3. prepare a aes key.
 ```
-docker run -it -v "${PWD}:/app" --rm token-bridge:latest validator genkey --output aes.key 
+docker run -it -v "${PWD}:/app" --rm token-bridge:latest validator genkey --output keys/aes.key 
 ```
-4. crypt the private key with aes key, named it as validator.fpk 
+4. crypt the private key with aes key, named it as val.fpk 
 ```
-docker run -it -v "${PWD}:/app" --rm token-bridge:latest validator encrypt --in val.pk --out val.fpk --aes aes.key
+docker run -it -v "${PWD}:/app" --rm token-bridge:latest validator encrypt --in secret/val.pk --out secret/val.fpk --aes keys/aes.key
 ```

 5. generate one-time-key for the validator.
 ```
-docker run -it -v "${PWD}:/app" --rm token-bridge:latest validator onetime --in val.fpk --out val.otp
+docker run -it -v "${PWD}:/app" --rm token-bridge:latest validator onetime --in secret/val.fpk --out keys/val.otp
 ```

 6. keep the `val.pk` safe and delete `val.pk`, `val.fpk` from the server. Must keep `aes.key` and `val.otp` exist.