Merge pull request #129 from exfinen/cert-fix

Use same cert on all party servers
ZKStats · Dec 27, 2024 · 732c8bd · 732c8bd
2 parents 54146ca + b66778f
commit 732c8bd
Show file tree

Hide file tree

Showing 4 changed files with 36 additions and 16 deletions.
diff --git a/mpc_demo_infra/computation_party_server/docker/.gitignore b/mpc_demo_infra/computation_party_server/docker/.gitignore
@@ -1,3 +1,5 @@
 ssl_certs/fullchain.pem
 ssl_certs/privkey.pem
+*.pem
+*.key
 
diff --git a/mpc_demo_infra/computation_party_server/docker/Dockerfile b/mpc_demo_infra/computation_party_server/docker/Dockerfile
@@ -34,14 +34,14 @@ RUN git clone --recursive https://github.com/ZKStats/MP-SPDZ.git
 COPY CONFIG.mine /root/MP-SPDZ
 RUN cd MP-SPDZ \
     && git checkout demo_client \
-    && make -j$(nproc) malicious-rep-ring-party.x \
-    && Scripts/setup-ssl.sh 3 \
-    && mv Player-Data/P${PARTY_ID}.* /root \
-    && rm -f Player-Data/P*.{pem,key} \
-    && mv /root/P${PARTY_ID}.* Player-Data
+    && make -j$(nproc) malicious-rep-ring-party.x
 
 COPY .env.party /root/mpc-demo-infra/
 COPY ssl_certs/ /root/mpc-demo-infra/ssl_certs/
+COPY P${PARTY_ID}.key /root/MP-SPDZ/Player-Data/
+COPY P0.pem /root/MP-SPDZ/Player-Data/
+COPY P1.pem /root/MP-SPDZ/Player-Data/
+COPY P2.pem /root/MP-SPDZ/Player-Data/
 
 RUN sed -i "s/^PORT=.*/PORT=${PORT}/" /root/mpc-demo-infra/.env.party \
     && sed -i "s/^PARTY_ID=.*/PARTY_ID=${PARTY_ID}/" /root/mpc-demo-infra/.env.party

diff --git a/mpc_demo_infra/computation_party_server/docker/README.md b/mpc_demo_infra/computation_party_server/docker/README.md
@@ -16,15 +16,31 @@ This document assumes that:
 
 ## Configuring server
 ### Common configuration
-Edit `mpc_demo_infra/computation_party_server/docker/.env.party` as follows:
-```
-PARTY_HOSTS=["prod-party-0.mpcstats.org","prod-party-1.mpcstats.org","prod-party-2.mpcstats.org"]
-PARTY_PORTS=["8006","8007","8008"]
-```
+1. Clone the `MP-SPDZ` repository
+   ```bash
+   git clone git@github.com:ZKStats/MP-SPDZ.git
+   ```
 
-```
-COORDINATION_SERVER_URL=https://prod-coord.mpcstats.org:8005
-```
+2. Create certificates
+   ```bash
+   cd MP-SPDZ
+   ./Scripts/setup-ssl.sh 3
+   ```
+
+3. Copy the certificates to the `<mpc-demo-infra repository root>/computation_party_server/docker/` directory
+   ```bash
+   cp Player-Data/P*.{pem,key} <mp-demo-infra repository root>/mpc_demo_infra/computation_party_server/docker/
+   ```
+
+4. Edit `mpc_demo_infra/computation_party_server/docker/.env.party` as follows:
+   ```
+   PARTY_HOSTS=["prod-party-0.mpcstats.org","prod-party-1.mpcstats.org","prod-party-2.mpcstats.org"]
+   PARTY_PORTS=["8006","8007","8008"]
+   ```
+
+   ```
+   COORDINATION_SERVER_URL=https://prod-coord.mpcstats.org:8005
+   ```
 
 ### Per-server configuration
 
@@ -50,7 +66,7 @@ To use a different MPC scheme:
    ```
    The protocol name should be the name of the `.x` file generated in the previous step with `-party.x` suffix removed. i.e. `malicious-rep-ring` for `malicious-rep-ring-party.x`.
 
-For the list of available schemes, refer to the `Protocols` section in the [MP-SPDZ README](https://github.com/exfinen/MP-SPDZ?tab=readme-ov-file).
+For the list of available schemes, refer to the `Protocols` section in the [MP-SPDZ README](https://github.com/ZKStats/MP-SPDZ?tab=readme-ov-file).
 
 ## Running the servers
 To run the servers on each party’s host, follow these steps:
@@ -64,7 +80,7 @@ cd mpc-demo-infra/mpc_demo_infra/computation_party_server/docker
 ```bash
 export PORT=%PORT%
 export PARTY_ID=%PARTY_ID%
-docker build --build-arg PORT={PORT} --build-arg PARTY_ID=${PARTY_ID} -t party .
-docker run --init -it -p 8000-9000:8000-9000 -e PARTY_ID=${PARTY_ID} party 
+docker build --build-arg PORT=${PORT} --build-arg PARTY_ID=${PARTY_ID} -t party .
+docker run --init -it -p 8000-8030:8000-8030 -e PARTY_ID=${PARTY_ID} party
 ```
 
diff --git a/mpc_demo_infra/coordination_server/docker/.gitignore b/mpc_demo_infra/coordination_server/docker/.gitignore
@@ -1,3 +1,5 @@
 ssl_certs/fullchain.pem
 ssl_certs/privkey.pem
+*.pem
+*.key