chore(vetkeys): migrate basic_bls_signing to icp-cli and @icp-sdk/vetkeys#1352
Open
marc0olo wants to merge 21 commits into
Open
chore(vetkeys): migrate basic_bls_signing to icp-cli and @icp-sdk/vetkeys#1352marc0olo wants to merge 21 commits into
marc0olo wants to merge 21 commits into
Conversation
…keys - Replace dfx.json with icp.yaml (Rust and Motoko backends) - Use @icp-sdk/vetkeys@0.5.0-beta.0 instead of @dfinity/vetkeys - Use @icp-sdk/auth@7.1.0 and @icp-sdk/core@5.4.0 - Update Motoko ic-vetkeys to 0.5.0, Rust ic-vetkeys to 0.7.0 - Add moc 1.5.1 toolchain to mops.toml - Replace dfx generate with @icp-sdk/bindgen in gen_bindings.sh - Add CI workflow for both Rust and Motoko backends - Drop icp.ninja support (dfx.json removed) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Drop channel = "1.88.0" and profile = "default" from rust-toolchain.toml; use stable Rust from provision script to avoid the cargo component error introduced in 1.88.0 where cargo is no longer a standalone component - Remove cargo install candid-extractor from CI; the guard in gen_bindings.sh skips make extract-candid when the binary is absent, using the committed .did Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The icp CLI's @dfinity/asset-canister recipe symlinks frontend/ into the backend subdirectory during build. Bash's `cd ../..` operates on logical paths, so it lands back in the backend dir instead of the example root, causing bindgen to look for `<backend>/rust/backend/backend.did`. Use `pwd -P` to resolve the script's physical location and derive absolute paths for the example root, frontend dir, and the .did file. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Replace AuthClient.create() with new AuthClient({ identityProvider })
- Replace client.login({onSuccess,onError}) with await client.signIn()
- Replace client.logout() with client.signOut()
- Await authClient.getIdentity() (now async in v7)
- isAuthenticated() is now synchronous (no await)
- Fix ic_root_key → IC_ROOT_KEY (CanisterEnv type uses uppercase)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
ic-vetkeys 0.7.0 requires ic-cdk ^0.20.1 which uses ic-cdk-executor ^2.0.0. The previously pinned ic-cdk 0.18.3 requires ic-cdk-executor ^1.0.0. Since ic-cdk-executor uses `links`, only one version can exist in the graph. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
In ic-cdk 0.20, the management_canister module was extracted into the separate ic-cdk-management-canister crate. Update imports from ic_cdk::management_canister to ic_cdk_management_canister. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Change test_key_1 → key_1 in all icp.yaml: icp-cli 0.2.7 only provisions vetkd:Bls12_381_G2:key_1 (TestThresholdKeys subnet with test_key_1 is not yet supported by icp-cli). The vetkeys library itself uses key_1 in its own icp.yaml files. - Add --yes flag to npx @icp-sdk/bindgen to suppress the install confirmation prompt during local builds - basic_ibe: wrap event listeners in try-catch so errors are caught and shown (not silent unhandled rejections); add console.error() alongside alert() so errors are visible and copyable in DevTools Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…vetkeys Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace manual Actor.createActor(idlFactory, ...) with the generated
createActor(canisterId, { agent }) function and typed Backend wrapper
class from the bindgen-generated declarations. Removes direct imports
of idlFactory, Actor, and ActorSubclass.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add Folder Structure section explaining rust/, motoko/, frontend/ layout and why backends are in subdirectories (shared frontend via symlinks) - Replace vague "from the X folder" wording with explicit `cd X` commands - Fix `npm run dev` → `npm run dev:rust` / `npm run dev:motoko` (bare `dev` script intentionally errors with a "specify a backend" message) - Add `cd frontend` before all dev commands (package.json is in frontend/, not at the example root) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…d.ai - rootKey: pass rootKey: canisterEnv?.IC_ROOT_KEY directly; undefined is fine when on mainnet (HttpAgent ignores it) - identityProvider local: use /authorize path instead of /#authorize hash - identityProvider production: use https://id.ai instead of undefined Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…work-launcher) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace provision scripts + macOS + Linux dual-platform setup with single Ubuntu job using icp-dev-env Docker images: - ghcr.io/dfinity/icp-dev-env-rust:0.1.0 for Rust backends - ghcr.io/dfinity/icp-dev-env-motoko:0.1.0 for Motoko backends Eliminates: provision-darwin/linux.sh, pre-download-launcher.sh, actions/setup-node, cargo install candid-extractor, ICP_CLI_GITHUB_TOKEN, and macOS runners. Consistent with hello_world and who_am_i examples. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Follows hello_world/who_am_i naming (no language prefix, no -example suffix), keeping vetkeys- namespace prefix for grouping. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Workflow name: vetkeys-{example} (no rust- prefix)
Job IDs: rust and motoko (example name not needed in job context)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The icp-dev-env container downloads the network launcher from GitHub on first run. Without authentication this hits the 60 req/hr unauthenticated API limit. Pass GITHUB_TOKEN so downloads use the authenticated 5000 req/hr limit. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The default IdbStorage can throw 'The database connection is closing' when the II popup returns and the auth client tries to persist the delegation, due to an IDB connection lifecycle race condition on localhost dev servers. LocalStorage avoids IDB entirely; Ed25519 key type is required as localStorage cannot store CryptoKey objects. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…ndition The default IdbStorage has a race condition on localhost dev servers (dfinity/icp-js-auth#120): the AuthClient constructor fires #init() without await, so session hydration races with signIn() if the user clicks Login before hydration completes. Both open concurrent IDB connections; one closes while the other is mid-transaction → 'The database connection is closing'. Workaround: use LocalStorage + Ed25519 on localhost only. Production deployments keep the secure default (IdbStorage + non-extractable ECDSA CryptoKey). Ed25519 is required since localStorage cannot store CryptoKey objects. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Migrates the
basic_bls_signingvetkeys example as part of #1343:dfx.jsonwithicp.yamlfor both Rust and Motoko backends@dfinity/vetkeys@0.3.0with@icp-sdk/vetkeys@0.5.0-beta.0@dfinity/auth-client/@dfinity/principal/@dfinity/agentwith@icp-sdk/auth@7.1.0/@icp-sdk/core@5.4.0ic-vetkeysto0.7.0ic-vetkeysto0.5.0, updatescoreto2.5.0, adds[toolchain] moc = "1.9.0"dfx generatewith@icp-sdk/bindgeningen_bindings.shvite.config.tsto useicpCLI for dev server configwindow.globalpolyfill, updates actor creation to use generatedcreateActorandBackendtype from bindgen declarations (async agent viaHttpAgent.create())--yesflag tonpx @icp-sdk/bindgeningen_bindings.shto suppress install promptvetkeys-{example}.ymlworkflow naming (consistent withhello_world.yml/who_am_i.ymlconvention); jobs named{language}-{example}vetkeys-basic-bls-signing.yml) using icp-dev-env container images on Ubuntudfx.json= not deployable on icp.ninja), comments out icp.ninja badges in READMETest plan
npm installresolves without errors infrontend/icp network start -d && icp deploysucceeds fromrust/andmotoko/dirs@dfinity/vetkeysordfxreferences in the example🤖 Generated with Claude Code