From 5200d9e582ddf20a28a62b81df0dd2db1c3a3e13 Mon Sep 17 00:00:00 2001
From: "ino.murko@outlook.com" <ino.murko@outlook.com>
Date: Mon, 16 Nov 2020 17:06:05 +0100
Subject: [PATCH 01/48] vault support, refactor snapshotting, checksum
 addresses from plasma contracts

---
 .circleci/config.yml                          | 127 +++++++++++--
 .gitignore                                    |  24 ++-
 contracts/data/command                        |  30 +++
 contracts/docker-compose.vault.yml            |   7 +
 contracts/docker-compose.yml                  |  69 ++++---
 contracts/immutability/config/entrypoint.sh   | 174 ++++++++++++++++++
 contracts/immutability/config/vault.hcl       |  19 ++
 contracts_reorg/docker-compose.vault.yml      |   6 +
 contracts_reorg/docker-compose.yml            |  37 +++-
 .../immutability/config/entrypoint.sh         | 174 ++++++++++++++++++
 contracts_reorg/immutability/config/vault.hcl |  19 ++
 tester/CONTRACT_SHA                           |   5 +-
 tester/Dockerfile.plasma_deployer             |   8 +-
 13 files changed, 646 insertions(+), 53 deletions(-)
 create mode 100755 contracts/data/command
 create mode 100644 contracts/docker-compose.vault.yml
 create mode 100755 contracts/immutability/config/entrypoint.sh
 create mode 100644 contracts/immutability/config/vault.hcl
 create mode 100644 contracts_reorg/docker-compose.vault.yml
 create mode 100755 contracts_reorg/immutability/config/entrypoint.sh
 create mode 100644 contracts_reorg/immutability/config/vault.hcl

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 59a135e..48e6569 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -13,6 +13,13 @@ commands:
       min_exit_period:
         type: integer
         description: "The value used for plasma contracts deployment"
+      docker_compose_command:
+        type: string
+        description: "Which docker compose files should we use?"
+      vault:
+        type: string
+        default: "false"
+        description: "True/false"
     steps:
       - run:
           name: Get Plasma Deployer image and standup geth and deploy contracts
@@ -28,7 +35,11 @@ commands:
             fi
             echo 'export TAG='${TAG} >> $BASH_ENV
             # this docker compose up needs to be above the gcloud login because the credentials are different!
+<<<<<<< HEAD
             MIN_EXIT_PERIOD=<< parameters.min_exit_period >> IMAGE=${TAG} docker-compose up -d
+=======
+            MIN_EXIT_PERIOD=<< parameters.min_exit_period >> IMAGE=${TAG} << parameters.docker_compose_command >>
+>>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
             echo $GCLOUD_SERVICE_KEY | gcloud auth activate-service-account --key-file=-
             gcloud --quiet config set project ${GOOGLE_PROJECT_ID}
             gcloud --quiet config set compute/zone ${GOOGLE_COMPUTE_ZONE}
@@ -37,7 +48,11 @@ commands:
           working_directory: ~/project/contracts
           background: true
           command: | 
+<<<<<<< HEAD
             docker-compose logs -f       
+=======
+            docker-compose logs -f        
+>>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
       - run: 
           name: Wait for contracts  
           command: |
@@ -48,20 +63,33 @@ commands:
                 break
               fi;
               sleep 1
+<<<<<<< HEAD
             done
+=======
+            done  
+>>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
       - run:
           name: Stop nodes
           working_directory: ~/project/contracts
           command: |
             echo "stop geth in docker so that we can snapshot"
             docker exec -it $(docker ps -aqf "name=geth") /bin/sh -c "pkill -INT geth"
+<<<<<<< HEAD
             sudo rm -f data/geth.ipc 
+=======
+            docker stop $(docker ps -aqf "name=vault_server")
+            sudo rm -f data/geth.ipc
+>>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
       - run:
           name: Snapshot
           working_directory: ~/project/contracts
           command: |
             CONTRACT_SHA=$(cat ../tester/CONTRACT_SHA)
+<<<<<<< HEAD
             TAR_NAME=$(echo data-${TAG}-MIN_EXIT_PERIOD-<< parameters.min_exit_period >>-PLASMA_CONTRACTS_SHA-${CONTRACT_SHA}.tar.gz | sed 's/:/-/')
+=======
+            TAR_NAME=$(echo data-${TAG}-MIN_EXIT_PERIOD-<< parameters.min_exit_period >>-PLASMA_CONTRACTS_SHA-${CONTRACT_SHA}-VAULT-<< parameters.vault >>.tar.gz | sed 's/:/-/')
+>>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
             echo ${TAR_NAME}
             # for every key in object db.json create a file
             # where the key is the name of the file and the content of the file is it's value
@@ -71,12 +99,16 @@ commands:
               echo $(cat plasma-contracts/build/db.json | jq -r '.contracts' | jq -r '.'${KEYS[i]} | tr -d '"') > plasma-contracts/build/"${KEYS[i]}"
             done
             # at this point we snapshot folders we're interested in
+<<<<<<< HEAD
             sudo tar czf ${TAR_NAME} data/geth plasma-contracts/contracts/ plasma-contracts/build/* ../tester/CONTRACT_SHA
+=======
+            sudo tar czf ${TAR_NAME} data/geth plasma-contracts/contracts/ plasma-contracts/build/* ../tester/CONTRACT_SHA immutability/config/
+>>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
             export BOTO_CONFIG=/dev/null
             gsutil cp ${TAR_NAME} gs://circleci-docker-artifacts
             echo "https://storage.googleapis.com/circleci-docker-artifacts/${TAR_NAME}"
             PLASMA_CONTRACTS=$(curl localhost:8000/contracts)
-            DATA=$(echo "Contracts snapshotted with MIN_EXIT_PERIOD for SHA ( ${CONTRACT_SHA} ): << parameters.min_exit_period >>.\r\n Snapshot located at: \r\n   https://storage.googleapis.com/circleci-docker-artifacts/${TAR_NAME}  \r\n  Contract addresses: \r\n ${PLASMA_CONTRACTS} " | jq -Rs '.')
+            DATA=$(echo "Contracts snapshotted with MIN_EXIT_PERIOD for SHA ( ${CONTRACT_SHA} ): << parameters.min_exit_period >>. Vault: << parameters.vault >> \r\n Snapshot located at: \r\n   https://storage.googleapis.com/circleci-docker-artifacts/${TAR_NAME}  \r\n  Contract addresses: \r\n ${PLASMA_CONTRACTS} " | jq -Rs '.')
             if [ "$CIRCLE_BRANCH" = "master" ]; then
               # append the data you would usually post as a comment to a file and create a release out of this file
               echo ${DATA} >> /tmp/release
@@ -86,7 +118,13 @@ commands:
             fi
             ls data/geth
             docker-compose down 
+<<<<<<< HEAD
             sudo rm -rf data/geth/chaindata data/geth/LOCK data/geth/lightchaindata data/geth/nodekey data/geth/nodes data/geth/transactions.rlp
+=======
+            sudo rm -rf data/geth/chaindata data/geth/LOCK data/geth/lightchaindata data/geth/nodekey data/geth/nodes data/geth/transactions.rlp 
+            sudo rm -rf immutability/config/data
+            sudo rm -rf immutability/config/ca.crt immutability/config/ca.key immutability/config/ca.srl immutability/config/my-service.crt  immutability/config/my-service.csr immutability/config/my-service.key immutability/config/openssl.cnf immutability/config/unseal.json
+>>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
 
   snapshot_reorg:
     description: Deploy contracts to Geth via docker-compose with parametrized MIN_EXIT_PERIOD and expose addresses and snapshot URL
@@ -97,7 +135,7 @@ commands:
     steps:
       - run:
           name: Get Plasma Deployer image and standup geth and deploy contracts
-          no_output_timeout: 40m
+          working_directory: ~/project/contracts_reorg
           command: |
             IMAGE_NAME=elixir-omg-tester-plasma-deployer
             if [ "$CIRCLE_BRANCH" = "master" ]; then
@@ -107,34 +145,44 @@ commands:
               IMAGE_GIT=$(git rev-parse --short HEAD)
               TAG="$IMAGE_NAME:dev-$IMAGE_GIT"
             fi
-            cd contracts_reorg/
-            CONTRACT_SHA=$(cat ../tester/CONTRACT_SHA)
+            echo 'export TAG='${TAG} >> $BASH_ENV
+            # this docker compose up needs to be above the gcloud login because the credentials are different!
             MIN_EXIT_PERIOD=<< parameters.min_exit_period >> IMAGE=${TAG} docker-compose up -d
-            timeout 25m docker-compose logs --follow || true
-
-            ### in the mean time, install gcloud requirements
-            wget https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-272.0.0-linux-x86_64.tar.gz -O gcloud-sdk.tar.gz
-            tar zxf gcloud-sdk.tar.gz google-cloud-sdk
-            mv google-cloud-sdk ~/.google-cloud-sdk
-            ~/.google-cloud-sdk/install.sh --quiet
             echo $GCLOUD_SERVICE_KEY | gcloud auth activate-service-account --key-file=-
             gcloud --quiet config set project ${GOOGLE_PROJECT_ID}
             gcloud --quiet config set compute/zone ${GOOGLE_COMPUTE_ZONE}
-            ### done installing gcloud requirements
-            ### cleanup
-            rm -rf ~/.google-cloud-sdk
+      - run: timeout 25m docker-compose logs --follow || true
+      - run: 
+          name: Docker logs
+          working_directory: ~/project/contracts_reorg
+          background: true
+          command: | 
+            docker-compose logs -f        
+      - run: 
+          name: Wait for contracts  
+          no_output_timeout: 50m
+          command: |
+            sleep 30m
             # wait until we're UP
             for i in {1..60}; do
               if [ "$(curl localhost:8000/contracts)" ]; then
                 break
               fi;
-              sleep 1
-            done
-            # stop geth in docker so that we can snapshot
+              sleep 10
+            done  
+      - run:
+          name: Stop nodes
+          working_directory: ~/project/contracts_reorg
+          command: |
+            echo "stop geth in docker so that we can snapshot"
             docker exec -it $(docker ps -aqf "name=node-1") /bin/sh -c "pkill -INT geth"
-            # ipc is not for cp
             sudo rm -f data/geth.ipc
             sudo rm -f data/geth/nodekey
+      - run:
+          name: Get Plasma Deployer image and standup geth and deploy contracts
+          no_output_timeout: 40m
+          working_directory: ~/project/contracts_reorg
+          command: |          
             TAR_NAME=$(echo data-${TAG}-MIN_EXIT_PERIOD-<< parameters.min_exit_period >>-PLASMA_CONTRACTS_SHA-${CONTRACT_SHA}-reorg.tar.gz | sed 's/:/-/')
             echo ${TAR_NAME}
             # for every key in object db.json create a file
@@ -160,7 +208,13 @@ commands:
             ls data/geth
             docker-compose down 
             sudo rm -rf data/geth/chaindata data/geth/LOCK data/geth/lightchaindata data/geth/nodekey data/geth/nodes data/geth/transactions.rlp 
+<<<<<<< HEAD
           
+=======
+            sudo rm -rf immutability/config/data
+            sudo rm -rf immutability/config/ca.crt immutability/config/ca.key immutability/config/ca.srl immutability/config/my-service.crt  immutability/config/my-service.csr immutability/config/my-service.key immutability/config/openssl.cnf immutability/config/unseal.json
+
+>>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
   docker_import:
     description: "Load Docker acrhive from the given directory"
     parameters:
@@ -490,12 +544,38 @@ jobs:
     steps:
       - checkout
       - attach_workspace: *attach_workspace
+      - run:
+          name: Login so that we can pull Vault
+          command: |
+            echo $GCLOUD_SERVICE_KEY_VAULT | gcloud auth activate-service-account --key-file=-
+            gcloud auth configure-docker --quiet
+      - run: docker login -u $DOCKER_USER -p $DOCKER_PASS
+      - run:
+          name: Setup data dir
+          working_directory: ~/project/contracts
+          command: |
+            sudo chmod -R 777 immutability/config/
       - snapshot:
           min_exit_period: 20
+          docker_compose_command: "docker-compose up -d"
       - snapshot:
           min_exit_period: 120
+          docker_compose_command: "docker-compose up -d"
       - snapshot:
           min_exit_period: 240
+          docker_compose_command: "docker-compose up -d"
+      - snapshot:
+          min_exit_period: 20
+          docker_compose_command: "docker-compose -f docker-compose.yml -f docker-compose.vault.yml up -d"
+          vault: "true"
+      - snapshot:
+          min_exit_period: 120
+          docker_compose_command: "docker-compose -f docker-compose.yml -f docker-compose.vault.yml up -d"
+          vault: "true"
+      - snapshot:
+          min_exit_period: 240
+          docker_compose_command: "docker-compose -f docker-compose.yml -f docker-compose.vault.yml up -d"
+          vault: "true"
       - run:
           name: Gather all the snapshots and publish a release
           command: |
@@ -515,6 +595,17 @@ jobs:
     steps:
       - checkout
       - attach_workspace: *attach_workspace
+      - run:
+          name: Login so that we can pull Vault
+          command: |
+            echo $GCLOUD_SERVICE_KEY_VAULT | gcloud auth activate-service-account --key-file=-
+            gcloud auth configure-docker --quiet
+      - run: docker login -u $DOCKER_USER -p $DOCKER_PASS
+      - run:
+          name: Setup data dir
+          working_directory: ~/project/contracts_reorg
+          command: |
+            sudo chmod -R 777 immutability/config/
       - snapshot_reorg:
           min_exit_period: 120
       - run:
diff --git a/.gitignore b/.gitignore
index 3431bf6..a22724c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,23 @@
-contracts/data/geth
\ No newline at end of file
+contracts/data/geth
+contracts/immutability/config/ca.crt
+contracts/immutability/config/ca.key
+contracts/immutability/config/ca.srl
+contracts/immutability/config/my-service.crt
+contracts/immutability/config/my-service.csr
+contracts/immutability/config/my-service.key
+contracts/immutability/config/openssl.cnf
+contracts/immutability/config/unseal.json
+contracts/plasma-contracts/contracts/
+
+contracts_reorg/data/geth
+contracts_reorg/immutability/config/ca.crt
+contracts_reorg/immutability/config/ca.key
+contracts_reorg/immutability/config/ca.srl
+contracts_reorg/immutability/config/my-service.crt
+contracts_reorg/immutability/config/my-service.csr
+contracts_reorg/immutability/config/my-service.key
+contracts_reorg/immutability/config/openssl.cnf
+contracts_reorg/immutability/config/unseal.json
+contracts_reorg/plasma-contracts/contracts/
+contracts_reorg/ethash/
+
diff --git a/contracts/data/command b/contracts/data/command
new file mode 100755
index 0000000..9e28a45
--- /dev/null
+++ b/contracts/data/command
@@ -0,0 +1,30 @@
+# don't run --allow-insecure-unlock in production!
+apk add --update curl
+# Configures geth with the deployer and authority accounts. This includes:
+#   1. Configuring the deployer's keystore
+#   2. Configuring the authority's keystore
+#   3. Configuring the keystores' password
+#   4. Unlocking the accounts by their indexes
+geth --datadir data/ init data/geth/genesis.json
+echo "" > /tmp/geth-blank-password
+# Starts geth
+geth \
+--miner.gastarget 7500000 \
+--miner.gasprice "10" \
+--datadir data/ \
+--syncmode 'full' \
+--networkid 1337 \
+--gasprice '1' \
+--keystore=./data/geth/keystore/ \
+--password /tmp/geth-blank-password \
+--unlock "0,1" \
+--rpc \
+--rpcapi personal,web3,eth,net \
+--rpcaddr 0.0.0.0 \
+--rpcvhosts=* \
+--rpcport=8545 \
+--ws \
+--wsaddr 0.0.0.0 \
+--wsorigins='*' \
+--mine \
+--allow-insecure-unlock
diff --git a/contracts/docker-compose.vault.yml b/contracts/docker-compose.vault.yml
new file mode 100644
index 0000000..f8ce594
--- /dev/null
+++ b/contracts/docker-compose.vault.yml
@@ -0,0 +1,7 @@
+version: "2.3"
+services:
+  plasma-contracts:
+    environment:
+      - VAULT=true
+
+    
diff --git a/contracts/docker-compose.yml b/contracts/docker-compose.yml
index aa2f137..60628f0 100644
--- a/contracts/docker-compose.yml
+++ b/contracts/docker-compose.yml
@@ -6,10 +6,15 @@ services:
       - /bin/sh
       - -c
       - |
+          # deploy the multisig
+          cd /home/node/plasma-contracts/MultiSigWallet
+          npx truffle migrate --accounts 0x6De4b3B9C28E9C3e84c2b2d3a875C947a84de68D --confirmations 1 --network remote
           apk add --update curl
           cd /home/node/plasma-contracts/plasma_framework
           # Fix block gas limit issue by retrying truffle migration up to 5 times
           npx truffle version
+          export VAULT_TOKEN=$$(cat /tmp/unseal.json | jq -r .root_token)
+          echo $$VAULT_TOKEN
           for i in 1 2 3 4 5; do \
             echo 'Running truffle migration attempt #$${i}'
             npx truffle migrate --network remote command && break; \
@@ -24,6 +29,7 @@ services:
     volumes:
       - ${PWD}/plasma-contracts/contracts/:/home/node/plasma-contracts/plasma_framework/build/contracts/
       - ${PWD}/plasma-contracts/build/db.json:/home/node/plasma-contracts/plasma_framework/build/db.json
+      - "./immutability/config:/tmp:rw"
     environment:
       # DEPLOYER_PRIVATEKEY is the geth dev account initially funded address
       - DEPLOYER_PRIVATEKEY=d885a307e35738f773d8c9c63c7a3f3977819274638d04aaf934a1e1158513ce # 0x6De4b3B9C28E9C3e84c2b2d3a875C947a84de68D
@@ -32,10 +38,18 @@ services:
       - REMOTE_URL=http://geth:8545
       - DEPLOY_TEST_CONTRACTS=true
       - MIN_EXIT_PERIOD=${MIN_EXIT_PERIOD}
+      # HEY THIS IS IMPORTANT
+      - VAULT=false
+      - VAULT_ADDR=https://vault_server:8200
+      - NODE_TLS_REJECT_UNAUTHORIZED=0
+      - VAULT_RPC_REMOTE_URL=http://geth:8545
+      - CHAIN_ID=1337
     env_file: ../tester/CONTRACT_EXPERIMENTAL_FEATURES
     depends_on:
       geth:
         condition: service_healthy
+      vault_server:
+        condition: service_healthy
     restart: always
     healthcheck:
       test: curl plasma-contracts:8000/contracts
@@ -45,36 +59,8 @@ services:
       start_period: 5m
 
   geth:
-    image: ethereum/client-go:v1.9.15
-    entrypoint:
-      - /bin/sh
-      - -c
-      - |
-          # don't run --allow-insecure-unlock in production!
-          apk add --update curl
-          # Configures geth with the deployer and authority accounts. This includes:
-          #   1. Configuring the deployer's keystore
-          #   2. Configuring the authority's keystore
-          #   3. Configuring the keystores' password
-          #   4. Unlocking the accounts by their indexes
-          geth --datadir data/ init data/geth/genesis.json
-          echo "" > /tmp/geth-blank-password
-          # Starts geth
-
-          geth --miner.gastarget 7500000 \
-            --miner.gasprice "10" \
-            --datadir data/ \
-            --syncmode 'full' \
-            --networkid 1337 \
-            --gasprice '1' \
-            --keystore=./data/geth/keystore/ \
-            --password /tmp/geth-blank-password \
-            --unlock "0,1" \
-            --rpc --rpcapi personal,web3,eth,net --rpcaddr 0.0.0.0 --rpcvhosts=* --rpcport=8545 \
-            --ws --wsaddr 0.0.0.0 --wsorigins='*' \
-            --mine \
-            --allow-insecure-unlock
-
+    image: ethereum/client-go:v1.9.12
+    entrypoint: /bin/sh -c ". data/command"
     ports:
       - "8545:8545"
       - "8546:8546"
@@ -88,3 +74,26 @@ services:
       interval: 5s
       timeout: 3s
       retries: 5
+
+  vault_server:
+    image: gcr.io/omisego-development/omgnetwork/vault:0.0.6
+    entrypoint: >
+      /bin/sh -c "
+        sleep 2
+
+        /home/vault/config/entrypoint.sh
+      "
+    ports:
+      - "8200:8200"
+    links:
+      - "geth"
+    volumes:
+      - "./immutability/ca:/home/vault/ca:rw"
+      - "./immutability/ca/certs/:/etc/ssl/certs/"
+      - "./immutability/config:/home/vault/config:rw"
+    healthcheck:
+      test: vault status --tls-skip-verify
+      interval: 5s
+      timeout: 3s
+      retries: 5
+
diff --git a/contracts/immutability/config/entrypoint.sh b/contracts/immutability/config/entrypoint.sh
new file mode 100755
index 0000000..62cadb4
--- /dev/null
+++ b/contracts/immutability/config/entrypoint.sh
@@ -0,0 +1,174 @@
+#!/bin/bash
+
+# Vault running in the container must listen on a different port.
+
+VAULT_CREDENTIALS="/home/vault/config/unseal.json"
+
+CONFIG_DIR="/home/vault/config"
+
+CA_CERT="$CONFIG_DIR/ca.crt"
+CA_KEY="$CONFIG_DIR/ca.key"
+TLS_KEY="$CONFIG_DIR/my-service.key"
+TLS_CERT="$CONFIG_DIR/my-service.crt"
+CONFIG="$CONFIG_DIR/openssl.cnf"
+CSR="$CONFIG_DIR/my-service.csr"
+
+export VAULT_ADDR="https://127.0.0.1:8200"
+export VAULT_CACERT="$CA_CERT"
+
+function create_config {
+
+	cat > "$CONFIG" << EOF
+
+[req]
+default_bits = 2048
+encrypt_key  = no
+default_md   = sha256
+prompt       = no
+utf8         = yes
+
+# Speify the DN here so we aren't prompted (along with prompt = no above).
+distinguished_name = req_distinguished_name
+
+# Extensions for SAN IP and SAN DNS
+req_extensions = v3_req
+
+# Be sure to update the subject to match your organization.
+[req_distinguished_name]
+C  = TH
+ST = Bangkok
+L  = Vault
+O  = omiseGO
+CN = localhost
+
+# Allow client and server auth. You may want to only allow server auth.
+# Link to SAN names.
+[v3_req]
+basicConstraints     = CA:FALSE
+subjectKeyIdentifier = hash
+keyUsage             = digitalSignature, keyEncipherment
+extendedKeyUsage     = clientAuth, serverAuth
+subjectAltName       = @alt_names
+
+# Alternative names are specified as IP.# and DNS.# for IPs and
+# DNS accordingly.
+[alt_names]
+IP.1  = 127.0.0.1
+IP.2  = 192.168.64.1
+IP.3  = 192.168.122.1
+DNS.1 = localhost
+EOF
+}
+
+function gencerts {
+
+    create_config
+	openssl req \
+	-new \
+	-sha256 \
+	-newkey rsa:2048 \
+	-days 120 \
+	-nodes \
+	-x509 \
+	-subj "/C=US/ST=Maryland/L=Vault/O=My Company CA" \
+	-keyout "$CA_KEY" \
+	-out "$CA_CERT"
+
+	# Generate the private key for the service. Again, you may want to increase
+	# the bits to 2048.
+	openssl genrsa -out "$TLS_KEY" 2048
+
+	# Generate a CSR using the configuration and the key just generated. We will
+	# give this CSR to our CA to sign.
+	openssl req \
+	-new -key "$TLS_KEY" \
+	-out "$CSR" \
+	-config "$CONFIG"
+
+	# Sign the CSR with our CA. This will generate a new certificate that is signed
+	# by our CA.
+	openssl x509 \
+	-req \
+	-days 120 \
+	-in "$CSR" \
+	-CA "$CA_CERT" \
+	-CAkey "$CA_KEY" \
+	-CAcreateserial \
+	-sha256 \
+	-extensions v3_req \
+	-extfile "$CONFIG" \
+	-out "$TLS_CERT"
+
+	openssl x509 -in "$TLS_CERT" -noout -text
+
+	# rm openssl.cnf
+
+#  chown -R nobody:nobody $CONFIG_DIR && chmod -R 777 $CONFIG_DIR
+}
+
+gencerts
+
+nohup vault server -log-level=debug -config /home/vault/config/vault.hcl &
+VAULT_PID=$!
+
+function unseal() {
+    VAULT_INIT=$(cat $VAULT_CREDENTIALS)
+    UNSEAL_KEY=$(echo $VAULT_INIT | jq -r '.unseal_keys_hex[0]')
+    ROOT_TOKEN=$(echo $VAULT_INIT | jq -r .root_token)
+    vault operator unseal $UNSEAL_KEY
+    export VAULT_TOKEN=$ROOT_TOKEN
+}
+
+function configure_plugin {
+	plugin_file="immutability-eth-plugin"
+
+	echo "ADDING TO CATALOG: sys/plugins/catalog/secret/${plugin_file}"
+
+	# just testing for now
+	plugin_file="${plugin_file}"
+	ls -latr /home/vault/plugins
+	sha256sum=`cat /home/vault/plugins/SHA256SUMS | awk '{print $1}'`
+	vault write sys/plugins/catalog/secret/${plugin_file} \
+		  sha_256="$sha256sum" \
+		  command="$plugin_file --ca-cert=$CA_CERT --client-cert=$TLS_CERT --client-key=$TLS_KEY"
+
+	if [[ $? -eq 2 ]] ; then
+	  echo "Vault Catalog update failed!"
+	  exit 2
+	fi
+
+	echo "MOUNTING: ${plugin_file}"
+	vault secrets enable -path=${plugin_file} -plugin-name=${plugin_file} plugin
+	if [[ $? -eq 2 ]] ; then
+	  echo "Failed to mount ${plugin_file} plugin for test!"
+	  exit 2
+	fi
+}
+
+function test_banner {
+    echo "************************************************************************************************************************************"
+}
+
+
+if [ -f "$VAULT_CREDENTIALS" ]; then
+    echo "unseal.json exists"
+    sleep 10
+    unseal
+    vault status
+    vault secrets list
+else
+    echo "sleeping for 10s and generating unseal.json"
+		sleep 10
+    VAULT_INIT=$(vault operator init -key-shares=1 -key-threshold=1 -format=json | jq .)
+    echo $VAULT_INIT > $VAULT_CREDENTIALS
+    unseal
+    configure_plugin
+    vault audit enable file file_path=stdout
+    vault status
+    vault secrets list
+    test_banner
+fi
+
+# Don't exit until vault dies
+
+wait $VAULT_PID
diff --git a/contracts/immutability/config/vault.hcl b/contracts/immutability/config/vault.hcl
new file mode 100644
index 0000000..92f1b33
--- /dev/null
+++ b/contracts/immutability/config/vault.hcl
@@ -0,0 +1,19 @@
+default_lease_ttl = "168h"
+disable_mlock = "true"
+max_lease_ttl = "720h"
+
+backend "file" {
+    path = "/home/vault/config/data"
+}
+
+ui = "false"
+
+api_addr = "https://localhost:8200"
+plugin_directory = "/home/vault/plugins"
+listener "tcp" {
+    address = "0.0.0.0:8200"
+    tls_cert_file = "/home/vault/config/my-service.crt"
+    tls_client_ca_file = "/home/vault/config/ca.crt"
+    tls_key_file = "/home/vault/config/my-service.key"
+    tls_require_and_verify_client_cert = "false"
+}
diff --git a/contracts_reorg/docker-compose.vault.yml b/contracts_reorg/docker-compose.vault.yml
new file mode 100644
index 0000000..eb721c4
--- /dev/null
+++ b/contracts_reorg/docker-compose.vault.yml
@@ -0,0 +1,6 @@
+version: "3"
+services:
+  plasma-contracts:
+    environment:
+      - VAULT=true
+     
\ No newline at end of file
diff --git a/contracts_reorg/docker-compose.yml b/contracts_reorg/docker-compose.yml
index 872210d..1c1a1b2 100644
--- a/contracts_reorg/docker-compose.yml
+++ b/contracts_reorg/docker-compose.yml
@@ -24,12 +24,18 @@ services:
       - /bin/sh
       - -c
       - |
+          # deploy the multisig
+          cd /home/node/plasma-contracts/MultiSigWallet
+          npx truffle migrate --accounts 0x6De4b3B9C28E9C3e84c2b2d3a875C947a84de68D --confirmations 1 --network remote
+          apk add --update curl
           cd /home/node/plasma-contracts/plasma_framework
           # Fix block gas limit issue by retrying truffle migration up to 5 times
           npx truffle version
+          export VAULT_TOKEN=$$(cat /tmp/unseal.json | jq -r .root_token)
+          echo $$VAULT_TOKEN
           for i in 1 2 3 4 5; do \
-            echo 'Running truffle migration attempt'
-            npx truffle migrate --network remote && break; \
+            echo 'Running truffle migration attempt #$${i}'
+            npx truffle migrate --network remote command && break; \
           done
           cd build
           echo '{"contracts":' > db.json && cat outputs.json >> db.json && echo '}' >> db.json
@@ -41,6 +47,7 @@ services:
     volumes:
       - ${PWD}/plasma-contracts/contracts/:/home/node/plasma-contracts/plasma_framework/build/contracts/
       - ${PWD}/plasma-contracts/build/db.json:/home/node/plasma-contracts/plasma_framework/build/db.json
+      - "./immutability/config:/tmp:rw"
     environment:
       # DEPLOYER_PRIVATEKEY is the geth dev account initially funded address
       - DEPLOYER_PRIVATEKEY=d885a307e35738f773d8c9c63c7a3f3977819274638d04aaf934a1e1158513ce # 0x6De4b3B9C28E9C3e84c2b2d3a875C947a84de68D
@@ -49,6 +56,10 @@ services:
       - REMOTE_URL=http://172.25.0.102:8545
       - DEPLOY_TEST_CONTRACTS=true
       - MIN_EXIT_PERIOD=120
+      - VAULT=false
+      - VAULT_ADDR=https://172.25.0.155:8200
+      - NODE_TLS_REJECT_UNAUTHORIZED=0
+      - VAULT_RPC_REMOTE_URL=http://172.25.0.102:8545
     env_file: ../tester/CONTRACT_EXPERIMENTAL_FEATURES
     depends_on:
       - node-1
@@ -57,6 +68,28 @@ services:
       chain:
         ipv4_address: 172.25.0.105
 
+  vault_server:
+    image: gcr.io/omisego-development/omgnetwork/vault:0.0.6
+    entrypoint: >
+      /bin/sh -c "
+        sleep 2
+        /home/vault/config/entrypoint.sh
+      "
+    ports:
+      - "8200:8200"
+    volumes:
+      - "./immutability/ca:/home/vault/ca:rw"
+      - "./immutability/ca/certs/:/etc/ssl/certs/"
+      - "./immutability/config:/home/vault/config:rw"
+    healthcheck:
+      test: vault status --tls-skip-verify
+      interval: 5s
+      timeout: 3s
+      retries: 5
+    networks:
+      chain:
+        ipv4_address: 172.25.0.155
+
 networks:
   chain:
     driver: bridge
diff --git a/contracts_reorg/immutability/config/entrypoint.sh b/contracts_reorg/immutability/config/entrypoint.sh
new file mode 100755
index 0000000..62cadb4
--- /dev/null
+++ b/contracts_reorg/immutability/config/entrypoint.sh
@@ -0,0 +1,174 @@
+#!/bin/bash
+
+# Vault running in the container must listen on a different port.
+
+VAULT_CREDENTIALS="/home/vault/config/unseal.json"
+
+CONFIG_DIR="/home/vault/config"
+
+CA_CERT="$CONFIG_DIR/ca.crt"
+CA_KEY="$CONFIG_DIR/ca.key"
+TLS_KEY="$CONFIG_DIR/my-service.key"
+TLS_CERT="$CONFIG_DIR/my-service.crt"
+CONFIG="$CONFIG_DIR/openssl.cnf"
+CSR="$CONFIG_DIR/my-service.csr"
+
+export VAULT_ADDR="https://127.0.0.1:8200"
+export VAULT_CACERT="$CA_CERT"
+
+function create_config {
+
+	cat > "$CONFIG" << EOF
+
+[req]
+default_bits = 2048
+encrypt_key  = no
+default_md   = sha256
+prompt       = no
+utf8         = yes
+
+# Speify the DN here so we aren't prompted (along with prompt = no above).
+distinguished_name = req_distinguished_name
+
+# Extensions for SAN IP and SAN DNS
+req_extensions = v3_req
+
+# Be sure to update the subject to match your organization.
+[req_distinguished_name]
+C  = TH
+ST = Bangkok
+L  = Vault
+O  = omiseGO
+CN = localhost
+
+# Allow client and server auth. You may want to only allow server auth.
+# Link to SAN names.
+[v3_req]
+basicConstraints     = CA:FALSE
+subjectKeyIdentifier = hash
+keyUsage             = digitalSignature, keyEncipherment
+extendedKeyUsage     = clientAuth, serverAuth
+subjectAltName       = @alt_names
+
+# Alternative names are specified as IP.# and DNS.# for IPs and
+# DNS accordingly.
+[alt_names]
+IP.1  = 127.0.0.1
+IP.2  = 192.168.64.1
+IP.3  = 192.168.122.1
+DNS.1 = localhost
+EOF
+}
+
+function gencerts {
+
+    create_config
+	openssl req \
+	-new \
+	-sha256 \
+	-newkey rsa:2048 \
+	-days 120 \
+	-nodes \
+	-x509 \
+	-subj "/C=US/ST=Maryland/L=Vault/O=My Company CA" \
+	-keyout "$CA_KEY" \
+	-out "$CA_CERT"
+
+	# Generate the private key for the service. Again, you may want to increase
+	# the bits to 2048.
+	openssl genrsa -out "$TLS_KEY" 2048
+
+	# Generate a CSR using the configuration and the key just generated. We will
+	# give this CSR to our CA to sign.
+	openssl req \
+	-new -key "$TLS_KEY" \
+	-out "$CSR" \
+	-config "$CONFIG"
+
+	# Sign the CSR with our CA. This will generate a new certificate that is signed
+	# by our CA.
+	openssl x509 \
+	-req \
+	-days 120 \
+	-in "$CSR" \
+	-CA "$CA_CERT" \
+	-CAkey "$CA_KEY" \
+	-CAcreateserial \
+	-sha256 \
+	-extensions v3_req \
+	-extfile "$CONFIG" \
+	-out "$TLS_CERT"
+
+	openssl x509 -in "$TLS_CERT" -noout -text
+
+	# rm openssl.cnf
+
+#  chown -R nobody:nobody $CONFIG_DIR && chmod -R 777 $CONFIG_DIR
+}
+
+gencerts
+
+nohup vault server -log-level=debug -config /home/vault/config/vault.hcl &
+VAULT_PID=$!
+
+function unseal() {
+    VAULT_INIT=$(cat $VAULT_CREDENTIALS)
+    UNSEAL_KEY=$(echo $VAULT_INIT | jq -r '.unseal_keys_hex[0]')
+    ROOT_TOKEN=$(echo $VAULT_INIT | jq -r .root_token)
+    vault operator unseal $UNSEAL_KEY
+    export VAULT_TOKEN=$ROOT_TOKEN
+}
+
+function configure_plugin {
+	plugin_file="immutability-eth-plugin"
+
+	echo "ADDING TO CATALOG: sys/plugins/catalog/secret/${plugin_file}"
+
+	# just testing for now
+	plugin_file="${plugin_file}"
+	ls -latr /home/vault/plugins
+	sha256sum=`cat /home/vault/plugins/SHA256SUMS | awk '{print $1}'`
+	vault write sys/plugins/catalog/secret/${plugin_file} \
+		  sha_256="$sha256sum" \
+		  command="$plugin_file --ca-cert=$CA_CERT --client-cert=$TLS_CERT --client-key=$TLS_KEY"
+
+	if [[ $? -eq 2 ]] ; then
+	  echo "Vault Catalog update failed!"
+	  exit 2
+	fi
+
+	echo "MOUNTING: ${plugin_file}"
+	vault secrets enable -path=${plugin_file} -plugin-name=${plugin_file} plugin
+	if [[ $? -eq 2 ]] ; then
+	  echo "Failed to mount ${plugin_file} plugin for test!"
+	  exit 2
+	fi
+}
+
+function test_banner {
+    echo "************************************************************************************************************************************"
+}
+
+
+if [ -f "$VAULT_CREDENTIALS" ]; then
+    echo "unseal.json exists"
+    sleep 10
+    unseal
+    vault status
+    vault secrets list
+else
+    echo "sleeping for 10s and generating unseal.json"
+		sleep 10
+    VAULT_INIT=$(vault operator init -key-shares=1 -key-threshold=1 -format=json | jq .)
+    echo $VAULT_INIT > $VAULT_CREDENTIALS
+    unseal
+    configure_plugin
+    vault audit enable file file_path=stdout
+    vault status
+    vault secrets list
+    test_banner
+fi
+
+# Don't exit until vault dies
+
+wait $VAULT_PID
diff --git a/contracts_reorg/immutability/config/vault.hcl b/contracts_reorg/immutability/config/vault.hcl
new file mode 100644
index 0000000..92f1b33
--- /dev/null
+++ b/contracts_reorg/immutability/config/vault.hcl
@@ -0,0 +1,19 @@
+default_lease_ttl = "168h"
+disable_mlock = "true"
+max_lease_ttl = "720h"
+
+backend "file" {
+    path = "/home/vault/config/data"
+}
+
+ui = "false"
+
+api_addr = "https://localhost:8200"
+plugin_directory = "/home/vault/plugins"
+listener "tcp" {
+    address = "0.0.0.0:8200"
+    tls_cert_file = "/home/vault/config/my-service.crt"
+    tls_client_ca_file = "/home/vault/config/ca.crt"
+    tls_key_file = "/home/vault/config/my-service.key"
+    tls_require_and_verify_client_cert = "false"
+}
diff --git a/tester/CONTRACT_SHA b/tester/CONTRACT_SHA
index 3c024dc..edd63c5 100644
--- a/tester/CONTRACT_SHA
+++ b/tester/CONTRACT_SHA
@@ -1 +1,4 @@
-b3a5c8d5232edfab8617f6939733b08b67863c8a
+3646712275164482eea35b2b623df30d272de12c
+
+
+
diff --git a/tester/Dockerfile.plasma_deployer b/tester/Dockerfile.plasma_deployer
index fbadcd4..e05dcaf 100644
--- a/tester/Dockerfile.plasma_deployer
+++ b/tester/Dockerfile.plasma_deployer
@@ -11,7 +11,8 @@ RUN apk add --update \
     python-dev \
     py-pip \
     build-base \
-    git
+    git \
+    jq
 
 COPY CONTRACT_SHA /tmp/CONTRACT_SHA
 COPY CONTRACT_REPO_NAME /tmp/CONTRACT_REPO_NAME
@@ -23,3 +24,8 @@ RUN cd /home/node/plasma-contracts && git reset --hard $(cat /tmp/CONTRACT_SHA)
 RUN cd /home/node/plasma-contracts && npm install
 RUN cd /home/node/plasma-contracts/plasma_framework && rm -Rf ./build
 RUN cd /home/node/plasma-contracts/plasma_framework && npm install
+RUN cd /home/node/plasma-contracts/ && git submodule init
+RUN cd /home/node/plasma-contracts/ && git submodule update --remote
+RUN cd /home/node/plasma-contracts/MultiSigWalletOverride && make init_multisig
+RUN cd /home/node/plasma-contracts/MultiSigWallet && npm install
+

From 0208061e753c0924e3061443890bcd2f06bf2ed9 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino@omg.network>
Date: Wed, 9 Dec 2020 09:24:50 +0100
Subject: [PATCH 02/48] bump vault to 007

---
 contracts/docker-compose.yml                      |  8 ++++----
 contracts/immutability/config/entrypoint.sh       | 10 +++++-----
 contracts/immutability/config/vault.hcl           | 10 +++++-----
 contracts_reorg/docker-compose.yml                |  8 ++++----
 contracts_reorg/immutability/config/entrypoint.sh | 10 +++++-----
 contracts_reorg/immutability/config/vault.hcl     | 10 +++++-----
 6 files changed, 28 insertions(+), 28 deletions(-)

diff --git a/contracts/docker-compose.yml b/contracts/docker-compose.yml
index 60628f0..f050ee5 100644
--- a/contracts/docker-compose.yml
+++ b/contracts/docker-compose.yml
@@ -76,21 +76,21 @@ services:
       retries: 5
 
   vault_server:
-    image: gcr.io/omisego-development/omgnetwork/vault:0.0.6
+    image: gcr.io/omisego-development/omgnetwork/vault:0.0.7
     entrypoint: >
       /bin/sh -c "
         sleep 2
 
-        /home/vault/config/entrypoint.sh
+        /vault/config/entrypoint.sh
       "
     ports:
       - "8200:8200"
     links:
       - "geth"
     volumes:
-      - "./immutability/ca:/home/vault/ca:rw"
+      - "./immutability/ca:/vault/ca:rw"
       - "./immutability/ca/certs/:/etc/ssl/certs/"
-      - "./immutability/config:/home/vault/config:rw"
+      - "./immutability/config:/vault/config:rw"
     healthcheck:
       test: vault status --tls-skip-verify
       interval: 5s
diff --git a/contracts/immutability/config/entrypoint.sh b/contracts/immutability/config/entrypoint.sh
index 62cadb4..332dad4 100755
--- a/contracts/immutability/config/entrypoint.sh
+++ b/contracts/immutability/config/entrypoint.sh
@@ -2,9 +2,9 @@
 
 # Vault running in the container must listen on a different port.
 
-VAULT_CREDENTIALS="/home/vault/config/unseal.json"
+VAULT_CREDENTIALS="/vault/config/unseal.json"
 
-CONFIG_DIR="/home/vault/config"
+CONFIG_DIR="/vault/config"
 
 CA_CERT="$CONFIG_DIR/ca.crt"
 CA_KEY="$CONFIG_DIR/ca.key"
@@ -108,7 +108,7 @@ function gencerts {
 
 gencerts
 
-nohup vault server -log-level=debug -config /home/vault/config/vault.hcl &
+nohup vault server -log-level=debug -config /vault/config/vault.hcl &
 VAULT_PID=$!
 
 function unseal() {
@@ -126,8 +126,8 @@ function configure_plugin {
 
 	# just testing for now
 	plugin_file="${plugin_file}"
-	ls -latr /home/vault/plugins
-	sha256sum=`cat /home/vault/plugins/SHA256SUMS | awk '{print $1}'`
+	ls -latr /vault/plugins
+	sha256sum=`cat /vault/plugins/SHA256SUMS | awk '{print $1}'`
 	vault write sys/plugins/catalog/secret/${plugin_file} \
 		  sha_256="$sha256sum" \
 		  command="$plugin_file --ca-cert=$CA_CERT --client-cert=$TLS_CERT --client-key=$TLS_KEY"
diff --git a/contracts/immutability/config/vault.hcl b/contracts/immutability/config/vault.hcl
index 92f1b33..219492f 100644
--- a/contracts/immutability/config/vault.hcl
+++ b/contracts/immutability/config/vault.hcl
@@ -3,17 +3,17 @@ disable_mlock = "true"
 max_lease_ttl = "720h"
 
 backend "file" {
-    path = "/home/vault/config/data"
+    path = "/vault/config/data"
 }
 
 ui = "false"
 
 api_addr = "https://localhost:8200"
-plugin_directory = "/home/vault/plugins"
+plugin_directory = "/vault/plugins"
 listener "tcp" {
     address = "0.0.0.0:8200"
-    tls_cert_file = "/home/vault/config/my-service.crt"
-    tls_client_ca_file = "/home/vault/config/ca.crt"
-    tls_key_file = "/home/vault/config/my-service.key"
+    tls_cert_file = "/vault/config/my-service.crt"
+    tls_client_ca_file = "/vault/config/ca.crt"
+    tls_key_file = "/vault/config/my-service.key"
     tls_require_and_verify_client_cert = "false"
 }
diff --git a/contracts_reorg/docker-compose.yml b/contracts_reorg/docker-compose.yml
index 1c1a1b2..b649bb3 100644
--- a/contracts_reorg/docker-compose.yml
+++ b/contracts_reorg/docker-compose.yml
@@ -69,18 +69,18 @@ services:
         ipv4_address: 172.25.0.105
 
   vault_server:
-    image: gcr.io/omisego-development/omgnetwork/vault:0.0.6
+    image: gcr.io/omisego-development/omgnetwork/vault:0.0.7
     entrypoint: >
       /bin/sh -c "
         sleep 2
-        /home/vault/config/entrypoint.sh
+        /vault/config/entrypoint.sh
       "
     ports:
       - "8200:8200"
     volumes:
-      - "./immutability/ca:/home/vault/ca:rw"
+      - "./immutability/ca:/vault/ca:rw"
       - "./immutability/ca/certs/:/etc/ssl/certs/"
-      - "./immutability/config:/home/vault/config:rw"
+      - "./immutability/config:/vault/config:rw"
     healthcheck:
       test: vault status --tls-skip-verify
       interval: 5s
diff --git a/contracts_reorg/immutability/config/entrypoint.sh b/contracts_reorg/immutability/config/entrypoint.sh
index 62cadb4..332dad4 100755
--- a/contracts_reorg/immutability/config/entrypoint.sh
+++ b/contracts_reorg/immutability/config/entrypoint.sh
@@ -2,9 +2,9 @@
 
 # Vault running in the container must listen on a different port.
 
-VAULT_CREDENTIALS="/home/vault/config/unseal.json"
+VAULT_CREDENTIALS="/vault/config/unseal.json"
 
-CONFIG_DIR="/home/vault/config"
+CONFIG_DIR="/vault/config"
 
 CA_CERT="$CONFIG_DIR/ca.crt"
 CA_KEY="$CONFIG_DIR/ca.key"
@@ -108,7 +108,7 @@ function gencerts {
 
 gencerts
 
-nohup vault server -log-level=debug -config /home/vault/config/vault.hcl &
+nohup vault server -log-level=debug -config /vault/config/vault.hcl &
 VAULT_PID=$!
 
 function unseal() {
@@ -126,8 +126,8 @@ function configure_plugin {
 
 	# just testing for now
 	plugin_file="${plugin_file}"
-	ls -latr /home/vault/plugins
-	sha256sum=`cat /home/vault/plugins/SHA256SUMS | awk '{print $1}'`
+	ls -latr /vault/plugins
+	sha256sum=`cat /vault/plugins/SHA256SUMS | awk '{print $1}'`
 	vault write sys/plugins/catalog/secret/${plugin_file} \
 		  sha_256="$sha256sum" \
 		  command="$plugin_file --ca-cert=$CA_CERT --client-cert=$TLS_CERT --client-key=$TLS_KEY"
diff --git a/contracts_reorg/immutability/config/vault.hcl b/contracts_reorg/immutability/config/vault.hcl
index 92f1b33..219492f 100644
--- a/contracts_reorg/immutability/config/vault.hcl
+++ b/contracts_reorg/immutability/config/vault.hcl
@@ -3,17 +3,17 @@ disable_mlock = "true"
 max_lease_ttl = "720h"
 
 backend "file" {
-    path = "/home/vault/config/data"
+    path = "/vault/config/data"
 }
 
 ui = "false"
 
 api_addr = "https://localhost:8200"
-plugin_directory = "/home/vault/plugins"
+plugin_directory = "/vault/plugins"
 listener "tcp" {
     address = "0.0.0.0:8200"
-    tls_cert_file = "/home/vault/config/my-service.crt"
-    tls_client_ca_file = "/home/vault/config/ca.crt"
-    tls_key_file = "/home/vault/config/my-service.key"
+    tls_cert_file = "/vault/config/my-service.crt"
+    tls_client_ca_file = "/vault/config/ca.crt"
+    tls_key_file = "/vault/config/my-service.key"
     tls_require_and_verify_client_cert = "false"
 }

From 6b9e25f353183c78a235c48deb1dd4e174478c16 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino@omg.network>
Date: Wed, 9 Dec 2020 10:44:21 +0100
Subject: [PATCH 03/48] cleanup

---
 .circleci/config.yml | 62 +++++++++++---------------------------------
 1 file changed, 15 insertions(+), 47 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 48e6569..4134f21 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -35,26 +35,18 @@ commands:
             fi
             echo 'export TAG='${TAG} >> $BASH_ENV
             # this docker compose up needs to be above the gcloud login because the credentials are different!
-<<<<<<< HEAD
-            MIN_EXIT_PERIOD=<< parameters.min_exit_period >> IMAGE=${TAG} docker-compose up -d
-=======
             MIN_EXIT_PERIOD=<< parameters.min_exit_period >> IMAGE=${TAG} << parameters.docker_compose_command >>
->>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
             echo $GCLOUD_SERVICE_KEY | gcloud auth activate-service-account --key-file=-
             gcloud --quiet config set project ${GOOGLE_PROJECT_ID}
             gcloud --quiet config set compute/zone ${GOOGLE_COMPUTE_ZONE}
-      - run: 
+      - run:
           name: Docker logs
           working_directory: ~/project/contracts
           background: true
-          command: | 
-<<<<<<< HEAD
-            docker-compose logs -f       
-=======
-            docker-compose logs -f        
->>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
-      - run: 
-          name: Wait for contracts  
+          command: |
+            docker-compose logs -f
+      - run:
+          name: Wait for contracts
           command: |
             sleep 5m
             # wait until we're UP
@@ -63,33 +55,21 @@ commands:
                 break
               fi;
               sleep 1
-<<<<<<< HEAD
             done
-=======
-            done  
->>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
       - run:
           name: Stop nodes
           working_directory: ~/project/contracts
           command: |
             echo "stop geth in docker so that we can snapshot"
             docker exec -it $(docker ps -aqf "name=geth") /bin/sh -c "pkill -INT geth"
-<<<<<<< HEAD
-            sudo rm -f data/geth.ipc 
-=======
             docker stop $(docker ps -aqf "name=vault_server")
             sudo rm -f data/geth.ipc
->>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
       - run:
           name: Snapshot
           working_directory: ~/project/contracts
           command: |
             CONTRACT_SHA=$(cat ../tester/CONTRACT_SHA)
-<<<<<<< HEAD
-            TAR_NAME=$(echo data-${TAG}-MIN_EXIT_PERIOD-<< parameters.min_exit_period >>-PLASMA_CONTRACTS_SHA-${CONTRACT_SHA}.tar.gz | sed 's/:/-/')
-=======
             TAR_NAME=$(echo data-${TAG}-MIN_EXIT_PERIOD-<< parameters.min_exit_period >>-PLASMA_CONTRACTS_SHA-${CONTRACT_SHA}-VAULT-<< parameters.vault >>.tar.gz | sed 's/:/-/')
->>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
             echo ${TAR_NAME}
             # for every key in object db.json create a file
             # where the key is the name of the file and the content of the file is it's value
@@ -99,11 +79,7 @@ commands:
               echo $(cat plasma-contracts/build/db.json | jq -r '.contracts' | jq -r '.'${KEYS[i]} | tr -d '"') > plasma-contracts/build/"${KEYS[i]}"
             done
             # at this point we snapshot folders we're interested in
-<<<<<<< HEAD
-            sudo tar czf ${TAR_NAME} data/geth plasma-contracts/contracts/ plasma-contracts/build/* ../tester/CONTRACT_SHA
-=======
             sudo tar czf ${TAR_NAME} data/geth plasma-contracts/contracts/ plasma-contracts/build/* ../tester/CONTRACT_SHA immutability/config/
->>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
             export BOTO_CONFIG=/dev/null
             gsutil cp ${TAR_NAME} gs://circleci-docker-artifacts
             echo "https://storage.googleapis.com/circleci-docker-artifacts/${TAR_NAME}"
@@ -117,14 +93,10 @@ commands:
               curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST -d "{\"body\": ${DATA} }" "https://api.github.com/repos/${CIRCLE_PROJECT_USERNAME}/${CIRCLE_PROJECT_REPONAME}/issues/${CIRCLE_PULL_REQUEST##*/}/comments"
             fi
             ls data/geth
-            docker-compose down 
-<<<<<<< HEAD
+            docker-compose down
             sudo rm -rf data/geth/chaindata data/geth/LOCK data/geth/lightchaindata data/geth/nodekey data/geth/nodes data/geth/transactions.rlp
-=======
-            sudo rm -rf data/geth/chaindata data/geth/LOCK data/geth/lightchaindata data/geth/nodekey data/geth/nodes data/geth/transactions.rlp 
             sudo rm -rf immutability/config/data
             sudo rm -rf immutability/config/ca.crt immutability/config/ca.key immutability/config/ca.srl immutability/config/my-service.crt  immutability/config/my-service.csr immutability/config/my-service.key immutability/config/openssl.cnf immutability/config/unseal.json
->>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
 
   snapshot_reorg:
     description: Deploy contracts to Geth via docker-compose with parametrized MIN_EXIT_PERIOD and expose addresses and snapshot URL
@@ -152,14 +124,14 @@ commands:
             gcloud --quiet config set project ${GOOGLE_PROJECT_ID}
             gcloud --quiet config set compute/zone ${GOOGLE_COMPUTE_ZONE}
       - run: timeout 25m docker-compose logs --follow || true
-      - run: 
+      - run:
           name: Docker logs
           working_directory: ~/project/contracts_reorg
           background: true
-          command: | 
-            docker-compose logs -f        
-      - run: 
-          name: Wait for contracts  
+          command: |
+            docker-compose logs -f
+      - run:
+          name: Wait for contracts
           no_output_timeout: 50m
           command: |
             sleep 30m
@@ -169,7 +141,7 @@ commands:
                 break
               fi;
               sleep 10
-            done  
+            done
       - run:
           name: Stop nodes
           working_directory: ~/project/contracts_reorg
@@ -182,7 +154,7 @@ commands:
           name: Get Plasma Deployer image and standup geth and deploy contracts
           no_output_timeout: 40m
           working_directory: ~/project/contracts_reorg
-          command: |          
+          command: |
             TAR_NAME=$(echo data-${TAG}-MIN_EXIT_PERIOD-<< parameters.min_exit_period >>-PLASMA_CONTRACTS_SHA-${CONTRACT_SHA}-reorg.tar.gz | sed 's/:/-/')
             echo ${TAR_NAME}
             # for every key in object db.json create a file
@@ -206,15 +178,11 @@ commands:
               curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST -d "{\"body\": ${DATA} }" "https://api.github.com/repos/${CIRCLE_PROJECT_USERNAME}/${CIRCLE_PROJECT_REPONAME}/issues/${CIRCLE_PULL_REQUEST##*/}/comments"
             fi
             ls data/geth
-            docker-compose down 
-            sudo rm -rf data/geth/chaindata data/geth/LOCK data/geth/lightchaindata data/geth/nodekey data/geth/nodes data/geth/transactions.rlp 
-<<<<<<< HEAD
-          
-=======
+            docker-compose down
+            sudo rm -rf data/geth/chaindata data/geth/LOCK data/geth/lightchaindata data/geth/nodekey data/geth/nodes data/geth/transactions.rlp
             sudo rm -rf immutability/config/data
             sudo rm -rf immutability/config/ca.crt immutability/config/ca.key immutability/config/ca.srl immutability/config/my-service.crt  immutability/config/my-service.csr immutability/config/my-service.key immutability/config/openssl.cnf immutability/config/unseal.json
 
->>>>>>> vault support, refactor snapshotting, checksum addresses from plasma contracts
   docker_import:
     description: "Load Docker acrhive from the given directory"
     parameters:

From c6666924e21fc0211e276c409726f27dac2bd714 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino@omg.network>
Date: Wed, 20 Jan 2021 16:29:47 +0100
Subject: [PATCH 04/48] standard exit contracts fix

---
 tester/CONTRACT_SHA | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/tester/CONTRACT_SHA b/tester/CONTRACT_SHA
index edd63c5..166ed89 100644
--- a/tester/CONTRACT_SHA
+++ b/tester/CONTRACT_SHA
@@ -1,4 +1 @@
-3646712275164482eea35b2b623df30d272de12c
-
-
-
+68107ed1488d5b6d42d7af7d5fbdbc0ee2fa6a6b

From 95a65316cf6f3a4d8330cf4f6af8b2f232a8c07e Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Thu, 21 Jan 2021 16:03:08 +0100
Subject: [PATCH 05/48] take master v2.0.0.

---
 tester/CONTRACT_SHA | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tester/CONTRACT_SHA b/tester/CONTRACT_SHA
index 166ed89..88cac41 100644
--- a/tester/CONTRACT_SHA
+++ b/tester/CONTRACT_SHA
@@ -1 +1 @@
-68107ed1488d5b6d42d7af7d5fbdbc0ee2fa6a6b
+67e6aae8d22fa3991c7d8bc43df9d4b6cf058350

From 8f2ac5c738b115275100ce4644a4657b45178fb5 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Wed, 27 Jan 2021 22:55:46 +0100
Subject: [PATCH 06/48] Update Contract sha with enrich ife

enrich ife event with inputs txs
---
 tester/CONTRACT_SHA | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tester/CONTRACT_SHA b/tester/CONTRACT_SHA
index 88cac41..419bcf1 100644
--- a/tester/CONTRACT_SHA
+++ b/tester/CONTRACT_SHA
@@ -1 +1 @@
-67e6aae8d22fa3991c7d8bc43df9d4b6cf058350
+4a75f1ad12ebfc8e082377981f51f8d711301686

From 02ffee0544547f06b0795712af438e38f8a76fbc Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Thu, 28 Jan 2021 10:27:28 +0100
Subject: [PATCH 07/48] Update contract sha from master

---
 tester/CONTRACT_SHA | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tester/CONTRACT_SHA b/tester/CONTRACT_SHA
index 419bcf1..22e7a5b 100644
--- a/tester/CONTRACT_SHA
+++ b/tester/CONTRACT_SHA
@@ -1 +1 @@
-4a75f1ad12ebfc8e082377981f51f8d711301686
+4642ce5d0add74b8987b5ee78447adc14f46769f

From 11374a0c2394c83d2e38ffacabf774febf7ebca7 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Mon, 15 Feb 2021 23:31:53 +0100
Subject: [PATCH 08/48] output from eth call

---
 .circleci/config.yml         | 8 ++++++++
 contracts/docker-compose.yml | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 4134f21..1f6aa5e 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -97,6 +97,14 @@ commands:
             sudo rm -rf data/geth/chaindata data/geth/LOCK data/geth/lightchaindata data/geth/nodekey data/geth/nodes data/geth/transactions.rlp
             sudo rm -rf immutability/config/data
             sudo rm -rf immutability/config/ca.crt immutability/config/ca.key immutability/config/ca.srl immutability/config/my-service.crt  immutability/config/my-service.csr immutability/config/my-service.key immutability/config/openssl.cnf immutability/config/unseal.json
+      - run:
+          name: Has the deployment succeeded?
+          command: |
+            # "startStandardExitBondSize()" |> ABI.encode([]) |> ExPlasma.Encoding.to_hex()
+            export PEG=$(cat plasma-contracts/build/payment_exit_game)
+            response=$(curl -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method": "eth_call", "params": [{"from": "0xd6858A28aA07A1cd8cA285443e80E2b0A031d50d", "to": "'"$PEG"'", "data": "0xfe32a124"}, "latest"], "id": 8}' http://127.0.0.1:8545)
+            echo $response | jq -r '.'
+            echo $response | ( ! grep "error" )
 
   snapshot_reorg:
     description: Deploy contracts to Geth via docker-compose with parametrized MIN_EXIT_PERIOD and expose addresses and snapshot URL
diff --git a/contracts/docker-compose.yml b/contracts/docker-compose.yml
index f050ee5..94d509e 100644
--- a/contracts/docker-compose.yml
+++ b/contracts/docker-compose.yml
@@ -59,7 +59,7 @@ services:
       start_period: 5m
 
   geth:
-    image: ethereum/client-go:v1.9.12
+    image: ethereum/client-go:v1.9.15
     entrypoint: /bin/sh -c ". data/command"
     ports:
       - "8545:8545"

From cd467746d0f2930f0b827c19892dff31cd6a8ac7 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Tue, 16 Feb 2021 12:50:27 +0100
Subject: [PATCH 09/48] set working_directory

---
 .circleci/config.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 1f6aa5e..6026080 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -99,6 +99,7 @@ commands:
             sudo rm -rf immutability/config/ca.crt immutability/config/ca.key immutability/config/ca.srl immutability/config/my-service.crt  immutability/config/my-service.csr immutability/config/my-service.key immutability/config/openssl.cnf immutability/config/unseal.json
       - run:
           name: Has the deployment succeeded?
+          working_directory: ~/project/contracts
           command: |
             # "startStandardExitBondSize()" |> ABI.encode([]) |> ExPlasma.Encoding.to_hex()
             export PEG=$(cat plasma-contracts/build/payment_exit_game)

From 01b7fd7723588f64a1f1d69c72d90d5b5240a28b Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Tue, 16 Feb 2021 13:22:55 +0100
Subject: [PATCH 10/48] extract data

---
 .circleci/config.yml | 40 +++++++++++++++++++++++-----------------
 1 file changed, 23 insertions(+), 17 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 6026080..c4ed905 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -56,6 +56,29 @@ commands:
               fi;
               sleep 1
             done
+      - run:
+          name: Extract partial data from the deployment
+          working_directory: ~/project/contracts
+          command: |
+            CONTRACT_SHA=$(cat ../tester/CONTRACT_SHA)
+            TAR_NAME=$(echo data-${TAG}-MIN_EXIT_PERIOD-<< parameters.min_exit_period >>-PLASMA_CONTRACTS_SHA-${CONTRACT_SHA}-VAULT-<< parameters.vault >>.tar.gz | sed 's/:/-/')
+            echo ${TAR_NAME}
+            # for every key in object db.json create a file
+            # where the key is the name of the file and the content of the file is it's value
+            # for example plasma-contracts/build/authority_address file has content 0xc0f780dfc35075979b0def588d999225b7ecc56f
+            KEYS=($(cat plasma-contracts/build/db.json | jq -r '.contracts' | jq 'keys[]' | tr -d '"'))
+            for i in "${!KEYS[@]}"; do
+              echo $(cat plasma-contracts/build/db.json | jq -r '.contracts' | jq -r '.'${KEYS[i]} | tr -d '"') > plasma-contracts/build/"${KEYS[i]}"
+            done
+      - run:
+          name: Has the deployment succeeded?
+          working_directory: ~/project/contracts
+          command: |
+            # "startStandardExitBondSize()" |> ABI.encode([]) |> ExPlasma.Encoding.to_hex()
+            export PEG=$(cat plasma-contracts/build/payment_exit_game)
+            response=$(curl -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method": "eth_call", "params": [{"from": "0xd6858A28aA07A1cd8cA285443e80E2b0A031d50d", "to": "'"$PEG"'", "data": "0xfe32a124"}, "latest"], "id": 8}' http://127.0.0.1:8545)
+            echo $response | jq -r '.'
+            echo $response | ( ! grep "error" )
       - run:
           name: Stop nodes
           working_directory: ~/project/contracts
@@ -70,14 +93,6 @@ commands:
           command: |
             CONTRACT_SHA=$(cat ../tester/CONTRACT_SHA)
             TAR_NAME=$(echo data-${TAG}-MIN_EXIT_PERIOD-<< parameters.min_exit_period >>-PLASMA_CONTRACTS_SHA-${CONTRACT_SHA}-VAULT-<< parameters.vault >>.tar.gz | sed 's/:/-/')
-            echo ${TAR_NAME}
-            # for every key in object db.json create a file
-            # where the key is the name of the file and the content of the file is it's value
-            # for example plasma-contracts/build/authority_address file has content 0xc0f780dfc35075979b0def588d999225b7ecc56f
-            KEYS=($(cat plasma-contracts/build/db.json | jq -r '.contracts' | jq 'keys[]' | tr -d '"'))
-            for i in "${!KEYS[@]}"; do
-              echo $(cat plasma-contracts/build/db.json | jq -r '.contracts' | jq -r '.'${KEYS[i]} | tr -d '"') > plasma-contracts/build/"${KEYS[i]}"
-            done
             # at this point we snapshot folders we're interested in
             sudo tar czf ${TAR_NAME} data/geth plasma-contracts/contracts/ plasma-contracts/build/* ../tester/CONTRACT_SHA immutability/config/
             export BOTO_CONFIG=/dev/null
@@ -97,15 +112,6 @@ commands:
             sudo rm -rf data/geth/chaindata data/geth/LOCK data/geth/lightchaindata data/geth/nodekey data/geth/nodes data/geth/transactions.rlp
             sudo rm -rf immutability/config/data
             sudo rm -rf immutability/config/ca.crt immutability/config/ca.key immutability/config/ca.srl immutability/config/my-service.crt  immutability/config/my-service.csr immutability/config/my-service.key immutability/config/openssl.cnf immutability/config/unseal.json
-      - run:
-          name: Has the deployment succeeded?
-          working_directory: ~/project/contracts
-          command: |
-            # "startStandardExitBondSize()" |> ABI.encode([]) |> ExPlasma.Encoding.to_hex()
-            export PEG=$(cat plasma-contracts/build/payment_exit_game)
-            response=$(curl -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method": "eth_call", "params": [{"from": "0xd6858A28aA07A1cd8cA285443e80E2b0A031d50d", "to": "'"$PEG"'", "data": "0xfe32a124"}, "latest"], "id": 8}' http://127.0.0.1:8545)
-            echo $response | jq -r '.'
-            echo $response | ( ! grep "error" )
 
   snapshot_reorg:
     description: Deploy contracts to Geth via docker-compose with parametrized MIN_EXIT_PERIOD and expose addresses and snapshot URL

From 8968539358e289eb2fb1593921a60bc4bf16b262 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Tue, 16 Feb 2021 14:41:27 +0100
Subject: [PATCH 11/48] check zero response

---
 .circleci/config.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index c4ed905..fdb3c5c 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -79,6 +79,7 @@ commands:
             response=$(curl -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method": "eth_call", "params": [{"from": "0xd6858A28aA07A1cd8cA285443e80E2b0A031d50d", "to": "'"$PEG"'", "data": "0xfe32a124"}, "latest"], "id": 8}' http://127.0.0.1:8545)
             echo $response | jq -r '.'
             echo $response | ( ! grep "error" )
+            echo $response | ( ! grep "0x0000000000000000000000000000000000000000000000000000000000000000" )
       - run:
           name: Stop nodes
           working_directory: ~/project/contracts

From c208ca5054b49c7ea50291a9c2ff41f8f2fdcf9f Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Tue, 16 Feb 2021 15:47:11 +0100
Subject: [PATCH 12/48] check if branch SHA works with gnosis increasing gas

---
 tester/CONTRACT_SHA | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tester/CONTRACT_SHA b/tester/CONTRACT_SHA
index 22e7a5b..d22990e 100644
--- a/tester/CONTRACT_SHA
+++ b/tester/CONTRACT_SHA
@@ -1 +1 @@
-4642ce5d0add74b8987b5ee78447adc14f46769f
+b67fab09abc2a62a9cd28c536e3a06f944e65f64

From 8fb47366c0d373f864d57f69d68c861bb2c21c98 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Tue, 16 Feb 2021 15:56:05 +0100
Subject: [PATCH 13/48] reverse order of snapshots, vaults first

---
 .circleci/config.yml | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index fdb3c5c..1b82184 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -539,15 +539,6 @@ jobs:
           working_directory: ~/project/contracts
           command: |
             sudo chmod -R 777 immutability/config/
-      - snapshot:
-          min_exit_period: 20
-          docker_compose_command: "docker-compose up -d"
-      - snapshot:
-          min_exit_period: 120
-          docker_compose_command: "docker-compose up -d"
-      - snapshot:
-          min_exit_period: 240
-          docker_compose_command: "docker-compose up -d"
       - snapshot:
           min_exit_period: 20
           docker_compose_command: "docker-compose -f docker-compose.yml -f docker-compose.vault.yml up -d"
@@ -560,6 +551,15 @@ jobs:
           min_exit_period: 240
           docker_compose_command: "docker-compose -f docker-compose.yml -f docker-compose.vault.yml up -d"
           vault: "true"
+      - snapshot:
+          min_exit_period: 20
+          docker_compose_command: "docker-compose up -d"
+      - snapshot:
+          min_exit_period: 120
+          docker_compose_command: "docker-compose up -d"
+      - snapshot:
+          min_exit_period: 240
+          docker_compose_command: "docker-compose up -d"
       - run:
           name: Gather all the snapshots and publish a release
           command: |

From 351de00c62d84091c333efc41d1cf3872781040e Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Tue, 16 Feb 2021 16:41:24 +0100
Subject: [PATCH 14/48] bump geth, see what happens

---
 contracts/docker-compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contracts/docker-compose.yml b/contracts/docker-compose.yml
index 94d509e..51af12f 100644
--- a/contracts/docker-compose.yml
+++ b/contracts/docker-compose.yml
@@ -59,7 +59,7 @@ services:
       start_period: 5m
 
   geth:
-    image: ethereum/client-go:v1.9.15
+    image: ethereum/client-go:v1.9.18
     entrypoint: /bin/sh -c ". data/command"
     ports:
       - "8545:8545"

From b88fb57bafa1c47e3073726ce24701f60f68f216 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Tue, 16 Feb 2021 17:03:17 +0100
Subject: [PATCH 15/48] bump to latest geth

---
 contracts/data/command       | 1 +
 contracts/docker-compose.yml | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/contracts/data/command b/contracts/data/command
index 9e28a45..9bed0ea 100755
--- a/contracts/data/command
+++ b/contracts/data/command
@@ -9,6 +9,7 @@ geth --datadir data/ init data/geth/genesis.json
 echo "" > /tmp/geth-blank-password
 # Starts geth
 geth \
+--nousb \
 --miner.gastarget 7500000 \
 --miner.gasprice "10" \
 --datadir data/ \
diff --git a/contracts/docker-compose.yml b/contracts/docker-compose.yml
index 51af12f..7f7daa6 100644
--- a/contracts/docker-compose.yml
+++ b/contracts/docker-compose.yml
@@ -59,7 +59,7 @@ services:
       start_period: 5m
 
   geth:
-    image: ethereum/client-go:v1.9.18
+    image: ethereum/client-go:v1.9.25
     entrypoint: /bin/sh -c ". data/command"
     ports:
       - "8545:8545"

From e0d22a922999ccf11c6cf547aabc27d76b6e1b93 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Tue, 16 Feb 2021 17:51:20 +0100
Subject: [PATCH 16/48] get more logs from payment exit game init

---
 tester/CONTRACT_SHA | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tester/CONTRACT_SHA b/tester/CONTRACT_SHA
index d22990e..8b36ec2 100644
--- a/tester/CONTRACT_SHA
+++ b/tester/CONTRACT_SHA
@@ -1 +1 @@
-b67fab09abc2a62a9cd28c536e3a06f944e65f64
+337c473b01fdbda893a4ac943f1b5e32f2da6fe1

From d6489441e01e867ebfa207b12bddb58b8e5eef14 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Tue, 16 Feb 2021 21:35:39 +0100
Subject: [PATCH 17/48] disabled gas estimation

---
 tester/CONTRACT_SHA | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tester/CONTRACT_SHA b/tester/CONTRACT_SHA
index 8b36ec2..3429616 100644
--- a/tester/CONTRACT_SHA
+++ b/tester/CONTRACT_SHA
@@ -1 +1 @@
-337c473b01fdbda893a4ac943f1b5e32f2da6fe1
+bf358a9fe2e0bffdafafc80f7025efeec68dd8a5

From 8521ba047f315149221e1aa219a9c71da8c35830 Mon Sep 17 00:00:00 2001
From: Ayrat Badykov <ayratin555@gmail.com>
Date: Thu, 25 Feb 2021 15:37:17 +0300
Subject: [PATCH 18/48] increase sleep

---
 .circleci/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 1b82184..6e04a5a 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -48,7 +48,7 @@ commands:
       - run:
           name: Wait for contracts
           command: |
-            sleep 5m
+            sleep 20m
             # wait until we're UP
             for i in {1..60}; do
               if [ "$(curl localhost:8000/contracts)" ]; then

From 7c9c889160fe497e039abf390e3298b3b493cc39 Mon Sep 17 00:00:00 2001
From: Ayrat Badykov <ayratin555@gmail.com>
Date: Thu, 25 Feb 2021 16:14:06 +0300
Subject: [PATCH 19/48] allow connections only from localhost

---
 contracts_reorg/data/geth/command | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/contracts_reorg/data/geth/command b/contracts_reorg/data/geth/command
index 35687ee..f9edf12 100755
--- a/contracts_reorg/data/geth/command
+++ b/contracts_reorg/data/geth/command
@@ -26,4 +26,5 @@ geth --datadir data/ \
 --rpcvhosts=* \
 --miner.gastarget 7500000 \
 --miner.gasprice "10" \
---ws --wsaddr 0.0.0.0 --wsorigins='*'
\ No newline at end of file
+--ws --wsaddr 0.0.0.0 --wsorigins='*' \
+--netrestrict="127.0.0.1/8"
\ No newline at end of file

From 4e95326503012ad8c17439f8da16e627b2fb3828 Mon Sep 17 00:00:00 2001
From: Ayrat Badykov <ayratin555@gmail.com>
Date: Thu, 25 Feb 2021 16:43:05 +0300
Subject: [PATCH 20/48] return sleep 5m

---
 .circleci/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 6e04a5a..1b82184 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -48,7 +48,7 @@ commands:
       - run:
           name: Wait for contracts
           command: |
-            sleep 20m
+            sleep 5m
             # wait until we're UP
             for i in {1..60}; do
               if [ "$(curl localhost:8000/contracts)" ]; then

From 94b47839a4ff57b61c9d232f2fcec7b119a27d24 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Wed, 10 Mar 2021 13:19:37 +0100
Subject: [PATCH 21/48] latest presumably working plasma contracts

---
 tester/CONTRACT_SHA | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tester/CONTRACT_SHA b/tester/CONTRACT_SHA
index 3429616..2e38f7a 100644
--- a/tester/CONTRACT_SHA
+++ b/tester/CONTRACT_SHA
@@ -1 +1 @@
-bf358a9fe2e0bffdafafc80f7025efeec68dd8a5
+02b19936bbf21a55c152bfe72c426ee5b29b0743

From c6b58debfb7ce97e12591ecd86947ae92664c0b5 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Wed, 10 Mar 2021 13:19:43 +0100
Subject: [PATCH 22/48] latest presumably working plasma contracts

---
 tester/CONTRACT_SHA | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tester/CONTRACT_SHA b/tester/CONTRACT_SHA
index 2e38f7a..c0b9592 100644
--- a/tester/CONTRACT_SHA
+++ b/tester/CONTRACT_SHA
@@ -1 +1 @@
-02b19936bbf21a55c152bfe72c426ee5b29b0743
+1056862243bf11652c6170077cd3ea748730c51a

From d33782bf52fcc0468fdd533bb5da1544e14c7b93 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Wed, 10 Mar 2021 16:48:33 +0100
Subject: [PATCH 23/48] bump geth

---
 .circleci/config.yml               | 4 ++--
 contracts/docker-compose.yml       | 2 +-
 contracts_reorg/docker-compose.yml | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 1b82184..51f87d6 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -50,7 +50,7 @@ commands:
           command: |
             sleep 5m
             # wait until we're UP
-            for i in {1..60}; do
+            for i in {1..160}; do
               if [ "$(curl localhost:8000/contracts)" ]; then
                 break
               fi;
@@ -152,7 +152,7 @@ commands:
           command: |
             sleep 30m
             # wait until we're UP
-            for i in {1..60}; do
+            for i in {1..160}; do
               if [ "$(curl localhost:8000/contracts)" ]; then
                 break
               fi;
diff --git a/contracts/docker-compose.yml b/contracts/docker-compose.yml
index 7f7daa6..ef31e0e 100644
--- a/contracts/docker-compose.yml
+++ b/contracts/docker-compose.yml
@@ -59,7 +59,7 @@ services:
       start_period: 5m
 
   geth:
-    image: ethereum/client-go:v1.9.25
+    image: ethereum/client-go:v1.10.1
     entrypoint: /bin/sh -c ". data/command"
     ports:
       - "8545:8545"
diff --git a/contracts_reorg/docker-compose.yml b/contracts_reorg/docker-compose.yml
index b649bb3..ee1731b 100644
--- a/contracts_reorg/docker-compose.yml
+++ b/contracts_reorg/docker-compose.yml
@@ -1,7 +1,7 @@
 version: "3"
 services:
   node-1:
-    image: ethereum/client-go:v1.9.15
+    image: ethereum/client-go:v1.10.1
     hostname: node-1
     environment:
       - ACCOUNT=0x8404AFE09D770271c935019F9f774CBA2bea291d

From 50d63114b7be4a7a5fe00e0f87a0539be9f54898 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Wed, 10 Mar 2021 17:47:58 +0100
Subject: [PATCH 24/48] new geth flags

---
 contracts/data/command | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/contracts/data/command b/contracts/data/command
index 9bed0ea..8a0b448 100755
--- a/contracts/data/command
+++ b/contracts/data/command
@@ -15,7 +15,6 @@ geth \
 --datadir data/ \
 --syncmode 'full' \
 --networkid 1337 \
---gasprice '1' \
 --keystore=./data/geth/keystore/ \
 --password /tmp/geth-blank-password \
 --unlock "0,1" \
@@ -25,7 +24,5 @@ geth \
 --rpcvhosts=* \
 --rpcport=8545 \
 --ws \
---wsaddr 0.0.0.0 \
---wsorigins='*' \
 --mine \
 --allow-insecure-unlock

From 69034ea36b36bc3609357b775302f2d70df38770 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Wed, 10 Mar 2021 18:15:25 +0100
Subject: [PATCH 25/48] new geth flags Geth v1.10.0 supports reverting EIP155

---
 contracts/data/command            |  6 ++++++
 contracts_reorg/data/geth/command | 10 +++++++---
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/contracts/data/command b/contracts/data/command
index 8a0b448..436e078 100755
--- a/contracts/data/command
+++ b/contracts/data/command
@@ -24,5 +24,11 @@ geth \
 --rpcvhosts=* \
 --rpcport=8545 \
 --ws \
+--rpc.allow-unprotected-txs \
 --mine \
 --allow-insecure-unlock
+
+
+# Since we realize people/tooling issuing unprotected transactions can’t change overnight,
+# Geth v1.10.0 supports reverting to the old behavior and accepting non-EIP155 transactions via --rpc.allow-unprotected-txs.
+# Be advised that this is a temporary mechanism that will be removed long term.
diff --git a/contracts_reorg/data/geth/command b/contracts_reorg/data/geth/command
index f9edf12..4425b05 100755
--- a/contracts_reorg/data/geth/command
+++ b/contracts_reorg/data/geth/command
@@ -11,7 +11,6 @@ geth --datadir data/ \
 --bootnodes ${BOOTNODES} \
 --keystore=data/geth/keystore/ \
 --networkid "1337" \
---gasprice "1" \
 --unlock "0,1" \
 --password /tmp/geth-password \
 --mine --minerthreads=1 \
@@ -24,7 +23,12 @@ geth --datadir data/ \
 --rpcapi "personal,eth,web3,net,admin,debug,db" \
 --rpccorsdomain "*" \
 --rpcvhosts=* \
+--rpc.allow-unprotected-txs \
 --miner.gastarget 7500000 \
 --miner.gasprice "10" \
---ws --wsaddr 0.0.0.0 --wsorigins='*' \
---netrestrict="127.0.0.1/8"
\ No newline at end of file
+--netrestrict="127.0.0.1/8"
+
+# Since we realize people/tooling issuing unprotected transactions can’t change overnight,
+# Geth v1.10.0 supports reverting to the old behavior and accepting non-EIP155 transactions via --rpc.allow-unprotected-txs.
+# Be advised that this is a temporary mechanism that will be removed long term.
+

From 5f669db731c6f474941b2d165a84a23ea877d240 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Wed, 10 Mar 2021 18:54:18 +0100
Subject: [PATCH 26/48] enable berlin

---
 contracts/data/command            | 13 ++++++++-----
 contracts/data/geth/genesis.json  |  1 +
 contracts_reorg/data/geth/command | 14 +++++++++-----
 3 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/contracts/data/command b/contracts/data/command
index 436e078..7fd0628 100755
--- a/contracts/data/command
+++ b/contracts/data/command
@@ -18,12 +18,15 @@ geth \
 --keystore=./data/geth/keystore/ \
 --password /tmp/geth-blank-password \
 --unlock "0,1" \
---rpc \
---rpcapi personal,web3,eth,net \
---rpcaddr 0.0.0.0 \
---rpcvhosts=* \
---rpcport=8545 \
+--http \
+--http.api personal,web3,eth,net \
+--http.addr 0.0.0.0 \
+--http.vhosts=* \
+--http.port 8545 \
 --ws \
+--ws.addr 0.0.0.0 \
+--ws.origins '*' \
+--ws.api personal,web3,eth,net \
 --rpc.allow-unprotected-txs \
 --mine \
 --allow-insecure-unlock
diff --git a/contracts/data/geth/genesis.json b/contracts/data/geth/genesis.json
index 7d18627..bc6ef39 100644
--- a/contracts/data/geth/genesis.json
+++ b/contracts/data/geth/genesis.json
@@ -11,6 +11,7 @@
     "petersburgBlock": 6,
     "istanbulBlock": 7,
     "muirGlacierBlock": 8,
+    "berlinBlock": 9,
     "clique": {
       "period": 1,
       "epoch": 30000
diff --git a/contracts_reorg/data/geth/command b/contracts_reorg/data/geth/command
index 4425b05..99637be 100755
--- a/contracts_reorg/data/geth/command
+++ b/contracts_reorg/data/geth/command
@@ -18,11 +18,15 @@ geth --datadir data/ \
 --nat extip:`hostname -i` \
 --syncmode="full" \
 --allow-insecure-unlock \
---rpc \
---rpcaddr "0.0.0.0" \
---rpcapi "personal,eth,web3,net,admin,debug,db" \
---rpccorsdomain "*" \
---rpcvhosts=* \
+--http \
+--http.api personal,web3,eth,net \
+--http.addr 0.0.0.0 \
+--http.vhosts=* \
+--http.port 8545 \
+--ws \
+--ws.addr 0.0.0.0 \
+--ws.origins '*' \
+--ws.api personal,web3,eth,net \
 --rpc.allow-unprotected-txs \
 --miner.gastarget 7500000 \
 --miner.gasprice "10" \

From 93bbd4c2c749eaf63e5579db9eaca2a995ddbc14 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Wed, 10 Mar 2021 19:08:09 +0100
Subject: [PATCH 27/48] bump geth in container

---
 tester/Dockerfile.geth | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tester/Dockerfile.geth b/tester/Dockerfile.geth
index 2f23250..df42804 100644
--- a/tester/Dockerfile.geth
+++ b/tester/Dockerfile.geth
@@ -1,12 +1,12 @@
 FROM alpine:3.12
 
-ARG GO_VERSION="1.13.8"
+ARG GO_VERSION="1.15"
 #https://golang.org/dl/
-ARG GO_DOWNLOAD_SHA256="0567734d558aef19112f2b2873caa0c600f1b4a5827930eb5a7f35235219e9d8"
+ARG GO_DOWNLOAD_SHA256="2d75848ac606061efe52a8068d0e647b35ce487a15bb52272c427df485193602"
 
-ARG GETH_VERSION="1.9.11"
+ARG GETH_VERSION="1.10.1"
 #this SHA was computed locally!
-ARG GETH_DOWNLOAD_SHA256="226cf65cda4eab3e66e8042c3d8bcee8ed07c619ae0ec2421ed4b0abe97bb055"
+ARG GETH_DOWNLOAD_SHA256="485ff7b9e5a34457ab424d7e2cb8d377dc571e8daf666e065a0a327b9e413cab"
 
 # Geth requires Golang, Golang requires Glibc
 RUN set -xe \

From d0d66eb27ed3f76efb991bde6fcfb813b62156c2 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Thu, 18 Mar 2021 21:53:14 +0100
Subject: [PATCH 28/48] take master

---
 tester/CONTRACT_SHA | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tester/CONTRACT_SHA b/tester/CONTRACT_SHA
index c0b9592..d62fd43 100644
--- a/tester/CONTRACT_SHA
+++ b/tester/CONTRACT_SHA
@@ -1 +1 @@
-1056862243bf11652c6170077cd3ea748730c51a
+ebf51bf5f542e4eb5f4b79653eafce66c353eebd

From efdbcf81a4c80d68a1f0b0cdb224a45f227ba8fa Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Thu, 18 Mar 2021 21:57:36 +0100
Subject: [PATCH 29/48] we dont need min exit period 240

---
 .circleci/config.yml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 51f87d6..0f50cff 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -547,19 +547,19 @@ jobs:
           min_exit_period: 120
           docker_compose_command: "docker-compose -f docker-compose.yml -f docker-compose.vault.yml up -d"
           vault: "true"
-      - snapshot:
-          min_exit_period: 240
-          docker_compose_command: "docker-compose -f docker-compose.yml -f docker-compose.vault.yml up -d"
-          vault: "true"
+      # - snapshot:
+      #     min_exit_period: 240
+      #     docker_compose_command: "docker-compose -f docker-compose.yml -f docker-compose.vault.yml up -d"
+      #     vault: "true"
       - snapshot:
           min_exit_period: 20
           docker_compose_command: "docker-compose up -d"
       - snapshot:
           min_exit_period: 120
           docker_compose_command: "docker-compose up -d"
-      - snapshot:
-          min_exit_period: 240
-          docker_compose_command: "docker-compose up -d"
+      # - snapshot:
+      #     min_exit_period: 240
+      #     docker_compose_command: "docker-compose up -d"
       - run:
           name: Gather all the snapshots and publish a release
           command: |

From d800794ade80d051e57228e5d548b767bf263c49 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Thu, 18 Mar 2021 22:27:11 +0100
Subject: [PATCH 30/48] bump glibc

---
 tester/Dockerfile.geth | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tester/Dockerfile.geth b/tester/Dockerfile.geth
index df42804..8071f2e 100644
--- a/tester/Dockerfile.geth
+++ b/tester/Dockerfile.geth
@@ -20,7 +20,7 @@ RUN set -xe \
  && GO_DOWNLOAD_URL="https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" \
  && GETH_DOWNLOAD_URL="https://github.com/ethereum/go-ethereum/archive/v${GETH_VERSION}.tar.gz" \
  && ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" \
- && ALPINE_GLIBC_PACKAGE_VERSION="2.29-r0" \
+ && ALPINE_GLIBC_PACKAGE_VERSION="2.33-r0" \
  && ALPINE_GLIBC_BASE_PACKAGE_FILENAME="glibc-$ALPINE_GLIBC_PACKAGE_VERSION.apk" \
  && ALPINE_GLIBC_BIN_PACKAGE_FILENAME="glibc-bin-$ALPINE_GLIBC_PACKAGE_VERSION.apk" \
  && ALPINE_GLIBC_I18N_PACKAGE_FILENAME="glibc-i18n-$ALPINE_GLIBC_PACKAGE_VERSION.apk" \

From 621d609b1815eb09a30c69a56976b65fe7227ad1 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Thu, 18 Mar 2021 23:30:13 +0100
Subject: [PATCH 31/48] bump alpine

---
 builder/Dockerfile        | 2 +-
 builder/Dockerfile.erlang | 2 +-
 deploy/Dockerfile         | 2 +-
 tester/Dockerfile         | 2 +-
 tester/Dockerfile.geth    | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/builder/Dockerfile b/builder/Dockerfile
index 055c1ad..74ffdeb 100644
--- a/builder/Dockerfile
+++ b/builder/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.12
+FROM alpine:3.12.4
 
 LABEL maintainer="OmiseGO Team <omg@omise.co>"
 LABEL description="Builder image for OmiseGO elixir-omg"
diff --git a/builder/Dockerfile.erlang b/builder/Dockerfile.erlang
index 4020488..a515e8e 100644
--- a/builder/Dockerfile.erlang
+++ b/builder/Dockerfile.erlang
@@ -1,4 +1,4 @@
-FROM alpine:3.12
+FROM alpine:3.12.4
 
 ARG OTP_VERSION="23.1.4"
 ARG OTP_DOWNLOAD_SHA256="8f6718b82bbca72d7dfe0b0de10b6e043cefe9e5ac08d3f84e18f8522d794967"
diff --git a/deploy/Dockerfile b/deploy/Dockerfile
index 9bd2996..23b1ca5 100644
--- a/deploy/Dockerfile
+++ b/deploy/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.12
+FROM alpine:3.12.4
 
 LABEL maintainer="OmiseGO Team <omg@omise.co>"
 LABEL description="Deploy image for OmiseGO elixir-omg"
diff --git a/tester/Dockerfile b/tester/Dockerfile
index 328a463..c8a575c 100644
--- a/tester/Dockerfile
+++ b/tester/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.12
+FROM alpine:3.12.4
 
 LABEL maintainer="OmiseGO Team <omg@omise.co>"
 LABEL description="Builder image for OmiseGO elixir-omg"
diff --git a/tester/Dockerfile.geth b/tester/Dockerfile.geth
index 8071f2e..b94bbab 100644
--- a/tester/Dockerfile.geth
+++ b/tester/Dockerfile.geth
@@ -1,4 +1,4 @@
-FROM alpine:3.12
+FROM alpine:3.12.4
 
 ARG GO_VERSION="1.15"
 #https://golang.org/dl/

From 7cceff256c98593aeb6024088571bb587c1f7f68 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Thu, 18 Mar 2021 23:38:44 +0100
Subject: [PATCH 32/48] bump alpine

---
 builder/Dockerfile            | 2 +-
 builder/Dockerfile.erlang     | 2 +-
 builder_childchain/Dockerfile | 2 +-
 deploy/Dockerfile             | 2 +-
 tester/Dockerfile             | 2 +-
 tester/Dockerfile.geth        | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/builder/Dockerfile b/builder/Dockerfile
index 74ffdeb..0ec5724 100644
--- a/builder/Dockerfile
+++ b/builder/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.12.4
+FROM alpine:3.13
 
 LABEL maintainer="OmiseGO Team <omg@omise.co>"
 LABEL description="Builder image for OmiseGO elixir-omg"
diff --git a/builder/Dockerfile.erlang b/builder/Dockerfile.erlang
index a515e8e..53274c7 100644
--- a/builder/Dockerfile.erlang
+++ b/builder/Dockerfile.erlang
@@ -1,4 +1,4 @@
-FROM alpine:3.12.4
+FROM alpine:3.13
 
 ARG OTP_VERSION="23.1.4"
 ARG OTP_DOWNLOAD_SHA256="8f6718b82bbca72d7dfe0b0de10b6e043cefe9e5ac08d3f84e18f8522d794967"
diff --git a/builder_childchain/Dockerfile b/builder_childchain/Dockerfile
index 6b1ad62..2e0fb35 100644
--- a/builder_childchain/Dockerfile
+++ b/builder_childchain/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.12
+FROM alpine:3.13
 
 LABEL maintainer="OmiseGO Team <omg@omise.co>"
 LABEL description="Thin Builder image for OmiseGO Childchain"
diff --git a/deploy/Dockerfile b/deploy/Dockerfile
index 23b1ca5..6aab44e 100644
--- a/deploy/Dockerfile
+++ b/deploy/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.12.4
+FROM alpine:3.13
 
 LABEL maintainer="OmiseGO Team <omg@omise.co>"
 LABEL description="Deploy image for OmiseGO elixir-omg"
diff --git a/tester/Dockerfile b/tester/Dockerfile
index c8a575c..d1294d7 100644
--- a/tester/Dockerfile
+++ b/tester/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.12.4
+FROM alpine:3.13
 
 LABEL maintainer="OmiseGO Team <omg@omise.co>"
 LABEL description="Builder image for OmiseGO elixir-omg"
diff --git a/tester/Dockerfile.geth b/tester/Dockerfile.geth
index b94bbab..1cced31 100644
--- a/tester/Dockerfile.geth
+++ b/tester/Dockerfile.geth
@@ -1,4 +1,4 @@
-FROM alpine:3.12.4
+FROM alpine:3.13
 
 ARG GO_VERSION="1.15"
 #https://golang.org/dl/

From ab8453206932b0c46ce9247bd3ddfb52908832a9 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 09:19:57 +0100
Subject: [PATCH 33/48] update docker

---
 .circleci/config.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 0f50cff..11a4899 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -139,7 +139,10 @@ commands:
             echo $GCLOUD_SERVICE_KEY | gcloud auth activate-service-account --key-file=-
             gcloud --quiet config set project ${GOOGLE_PROJECT_ID}
             gcloud --quiet config set compute/zone ${GOOGLE_COMPUTE_ZONE}
-      - run: timeout 25m docker-compose logs --follow || true
+      - run:
+          working_directory: ~/project/contracts_reorg
+          command: |
+            timeout 25m docker-compose logs --follow || true
       - run:
           name: Docker logs
           working_directory: ~/project/contracts_reorg
@@ -248,6 +251,7 @@ commands:
         description: "Args to pass into docker file"
         default: ""
     steps:
+      - run: pip3 install docker-compose --upgrade
       - when:
           condition: <<parameters.import>>
           steps:

From f1dcddf9ca6f34a3e77d6022004db6e6afc2bf14 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 09:33:53 +0100
Subject: [PATCH 34/48] bump linux trusty to xenial

---
 .circleci/config.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 11a4899..5cbc2db 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -3,7 +3,7 @@ version: 2.1
 executors:
   buildpack:
     docker:
-      - image: circleci/buildpack-deps:trusty
+      - image: circleci/buildpack-deps:xenial
     working_directory: ~/src
 
 commands:
@@ -251,7 +251,6 @@ commands:
         description: "Args to pass into docker file"
         default: ""
     steps:
-      - run: pip3 install docker-compose --upgrade
       - when:
           condition: <<parameters.import>>
           steps:

From 0914e6b7d91923ad445e99431abed0deb2c4e7c0 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 09:44:41 +0100
Subject: [PATCH 35/48] bump linux trusty to xenial

---
 .circleci/config.yml | 42 ++++++++++++++++++++++++++++--------------
 1 file changed, 28 insertions(+), 14 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 5cbc2db..c166257 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -341,7 +341,8 @@ jobs:
   build_builder_erlang:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-builder-erlang"
@@ -355,7 +356,8 @@ jobs:
   build_builder_elixir:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-builder-elixir"
@@ -369,7 +371,8 @@ jobs:
   build_builder_rocksdb:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-builder-rocksdb"
@@ -383,7 +386,8 @@ jobs:
   build_builder:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-builder"
@@ -397,7 +401,8 @@ jobs:
   build_childchain_builder:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisego/childchain-builder"
@@ -411,7 +416,8 @@ jobs:
   build_tester_geth:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-tester-geth"
@@ -425,7 +431,8 @@ jobs:
   build_tester_plasma_deployer:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-tester-plasma-deployer"
@@ -440,7 +447,8 @@ jobs:
   build_tester:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-tester"
@@ -454,7 +462,8 @@ jobs:
   publish_builder:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"
@@ -464,7 +473,8 @@ jobs:
   publish_childchain_builder:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"
@@ -474,7 +484,8 @@ jobs:
   publish_tester:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"
@@ -484,7 +495,8 @@ jobs:
   publish_plasma_deployer:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"
@@ -494,7 +506,8 @@ jobs:
   build_deploy:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-deploy"
@@ -508,7 +521,8 @@ jobs:
   publish_deploy:
     executor: buildpack
     steps:
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 18.09.3
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"

From 4b1668b47256585d75eb6d2184dd99ef30daf2f8 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 10:37:07 +0100
Subject: [PATCH 36/48] background true for logs

---
 .circleci/config.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index c166257..f14e734 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -143,6 +143,7 @@ commands:
           working_directory: ~/project/contracts_reorg
           command: |
             timeout 25m docker-compose logs --follow || true
+          background: true
       - run:
           name: Docker logs
           working_directory: ~/project/contracts_reorg

From ac74dbd5bf28136cab353f7c206ba427019e7cca Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 10:41:06 +0100
Subject: [PATCH 37/48] minerthreads to miner.threads

---
 contracts_reorg/data/geth/command | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/contracts_reorg/data/geth/command b/contracts_reorg/data/geth/command
index 99637be..4f5b2d1 100755
--- a/contracts_reorg/data/geth/command
+++ b/contracts_reorg/data/geth/command
@@ -13,7 +13,10 @@ geth --datadir data/ \
 --networkid "1337" \
 --unlock "0,1" \
 --password /tmp/geth-password \
---mine --minerthreads=1 \
+--mine \
+--miner.rthreads=1 \
+--miner.gastarget 7500000 \
+--miner.gasprice "10" \
 --etherbase ${ACCOUNT} \
 --nat extip:`hostname -i` \
 --syncmode="full" \
@@ -28,8 +31,6 @@ geth --datadir data/ \
 --ws.origins '*' \
 --ws.api personal,web3,eth,net \
 --rpc.allow-unprotected-txs \
---miner.gastarget 7500000 \
---miner.gasprice "10" \
 --netrestrict="127.0.0.1/8"
 
 # Since we realize people/tooling issuing unprotected transactions can’t change overnight,

From 44ce66897347c02fadbc8a85135835158da8c906 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 12:07:42 +0100
Subject: [PATCH 38/48] minerthreads to miner.threads

---
 .circleci/config.yml              | 28 ++++++++++++++--------------
 contracts_reorg/data/geth/command | 10 +++++-----
 2 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index f14e734..cf687b4 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -343,7 +343,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-builder-erlang"
@@ -358,7 +358,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-builder-elixir"
@@ -373,7 +373,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-builder-rocksdb"
@@ -388,7 +388,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-builder"
@@ -403,7 +403,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisego/childchain-builder"
@@ -418,7 +418,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-tester-geth"
@@ -433,7 +433,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-tester-plasma-deployer"
@@ -449,7 +449,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-tester"
@@ -464,7 +464,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"
@@ -475,7 +475,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"
@@ -486,7 +486,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"
@@ -497,7 +497,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"
@@ -508,7 +508,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-deploy"
@@ -523,7 +523,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 18.09.3
+          version: 19.03.15
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"
diff --git a/contracts_reorg/data/geth/command b/contracts_reorg/data/geth/command
index 4f5b2d1..995558a 100755
--- a/contracts_reorg/data/geth/command
+++ b/contracts_reorg/data/geth/command
@@ -9,29 +9,29 @@ fi
 
 geth --datadir data/ \
 --bootnodes ${BOOTNODES} \
---keystore=data/geth/keystore/ \
+--keystore data/geth/keystore/ \
 --networkid "1337" \
 --unlock "0,1" \
 --password /tmp/geth-password \
 --mine \
---miner.rthreads=1 \
+--miner.rthreads 1 \
 --miner.gastarget 7500000 \
 --miner.gasprice "10" \
 --etherbase ${ACCOUNT} \
 --nat extip:`hostname -i` \
---syncmode="full" \
+--syncmode "full" \
 --allow-insecure-unlock \
 --http \
 --http.api personal,web3,eth,net \
 --http.addr 0.0.0.0 \
---http.vhosts=* \
+--http.vhosts * \
 --http.port 8545 \
 --ws \
 --ws.addr 0.0.0.0 \
 --ws.origins '*' \
 --ws.api personal,web3,eth,net \
 --rpc.allow-unprotected-txs \
---netrestrict="127.0.0.1/8"
+--netrestrict "127.0.0.1/8"
 
 # Since we realize people/tooling issuing unprotected transactions can’t change overnight,
 # Geth v1.10.0 supports reverting to the old behavior and accepting non-EIP155 transactions via --rpc.allow-unprotected-txs.

From 9fdf8896d94255d0fffb2f174f94e93ef7bf8cf7 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 12:12:25 +0100
Subject: [PATCH 39/48] downgrade docker version

---
 .circleci/config.yml | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index cf687b4..feef7e0 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -343,7 +343,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-builder-erlang"
@@ -358,7 +358,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-builder-elixir"
@@ -373,7 +373,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-builder-rocksdb"
@@ -388,7 +388,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-builder"
@@ -403,7 +403,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisego/childchain-builder"
@@ -418,7 +418,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-tester-geth"
@@ -433,7 +433,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-tester-plasma-deployer"
@@ -449,7 +449,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-tester"
@@ -464,7 +464,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"
@@ -475,7 +475,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"
@@ -486,7 +486,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"
@@ -497,7 +497,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"
@@ -508,7 +508,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_build:
           image: "omisegoimages/elixir-omg-deploy"
@@ -523,7 +523,7 @@ jobs:
     executor: buildpack
     steps:
       - setup_remote_docker:
-          version: 19.03.15
+          version: 19.03.13
       - attach_workspace: *attach_workspace
       - docker_import:
           path: "~/docker"

From 6c23f985e794328073fb3d3df2f0c2dae9d56bf8 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 12:35:36 +0100
Subject: [PATCH 40/48] miner.threads

---
 contracts_reorg/data/geth/command | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contracts_reorg/data/geth/command b/contracts_reorg/data/geth/command
index 995558a..3cf5310 100755
--- a/contracts_reorg/data/geth/command
+++ b/contracts_reorg/data/geth/command
@@ -14,7 +14,7 @@ geth --datadir data/ \
 --unlock "0,1" \
 --password /tmp/geth-password \
 --mine \
---miner.rthreads 1 \
+--miner.threads 1 \
 --miner.gastarget 7500000 \
 --miner.gasprice "10" \
 --etherbase ${ACCOUNT} \

From 9594b27c0da054125d1aa4d5ea6644e2f11760e6 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 13:10:22 +0100
Subject: [PATCH 41/48] miner.etherbase

---
 contracts_reorg/data/geth/command | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contracts_reorg/data/geth/command b/contracts_reorg/data/geth/command
index 3cf5310..312796d 100755
--- a/contracts_reorg/data/geth/command
+++ b/contracts_reorg/data/geth/command
@@ -17,7 +17,7 @@ geth --datadir data/ \
 --miner.threads 1 \
 --miner.gastarget 7500000 \
 --miner.gasprice "10" \
---etherbase ${ACCOUNT} \
+--miner.etherbase ${ACCOUNT} \
 --nat extip:`hostname -i` \
 --syncmode "full" \
 --allow-insecure-unlock \

From f577e479e108ed40d098fdb16baf6914e8ebb390 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 15:07:38 +0100
Subject: [PATCH 42/48] init data from genesis

---
 contracts_reorg/data/geth/command | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contracts_reorg/data/geth/command b/contracts_reorg/data/geth/command
index 312796d..a9a6783 100755
--- a/contracts_reorg/data/geth/command
+++ b/contracts_reorg/data/geth/command
@@ -4,7 +4,7 @@ echo ${ACCOUNT}
 
 if ${INIT}
 then
-  geth --datadir data init ./data/geth/genesis.json
+  geth --datadir init ./data/geth/genesis.json
 fi
 
 geth --datadir data/ \

From 0d356c89c050c59f4afff834462abbc2767d0da3 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 15:08:14 +0100
Subject: [PATCH 43/48] init data from genesis

---
 contracts_reorg/data/geth/genesis.json | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/contracts_reorg/data/geth/genesis.json b/contracts_reorg/data/geth/genesis.json
index 3ba5818..ad21b4d 100644
--- a/contracts_reorg/data/geth/genesis.json
+++ b/contracts_reorg/data/geth/genesis.json
@@ -10,6 +10,8 @@
     "constantinopleBlock": 0,
     "petersburgBlock": 0,
     "istanbulBlock": 0,
+    "muirGlacierBlock": 0,
+    "berlinBlock": 0,
     "ethash": {}
   },
   "nonce": "0x0",

From 3e486e69ad249841d0eb163106097a56603ab9a7 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 15:56:38 +0100
Subject: [PATCH 44/48] init data from genesis

---
 contracts_reorg/data/geth/command | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contracts_reorg/data/geth/command b/contracts_reorg/data/geth/command
index a9a6783..76247ac 100755
--- a/contracts_reorg/data/geth/command
+++ b/contracts_reorg/data/geth/command
@@ -4,7 +4,7 @@ echo ${ACCOUNT}
 
 if ${INIT}
 then
-  geth --datadir init ./data/geth/genesis.json
+  geth --datadir data/ init ./data/geth/genesis.json
 fi
 
 geth --datadir data/ \

From f3ba8096f029f6413709eff0eab0e00635f738b9 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 17:24:00 +0100
Subject: [PATCH 45/48] wrap astro

---
 contracts_reorg/data/geth/command | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contracts_reorg/data/geth/command b/contracts_reorg/data/geth/command
index 76247ac..25670d4 100755
--- a/contracts_reorg/data/geth/command
+++ b/contracts_reorg/data/geth/command
@@ -24,7 +24,7 @@ geth --datadir data/ \
 --http \
 --http.api personal,web3,eth,net \
 --http.addr 0.0.0.0 \
---http.vhosts * \
+--http.vhosts '*' \
 --http.port 8545 \
 --ws \
 --ws.addr 0.0.0.0 \

From a21824a09d1c7425bbccd135998e2fc4a6f196a7 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Fri, 19 Mar 2021 18:26:25 +0100
Subject: [PATCH 46/48] to latest master Kevin/allow zero value outputs

---
 tester/CONTRACT_SHA | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tester/CONTRACT_SHA b/tester/CONTRACT_SHA
index d62fd43..d51538c 100644
--- a/tester/CONTRACT_SHA
+++ b/tester/CONTRACT_SHA
@@ -1 +1 @@
-ebf51bf5f542e4eb5f4b79653eafce66c353eebd
+5d29c432e9b55ae2c7ec7a06a5e66761eca7ab28

From 85e441173b930a19fe450dedd9f0b75be8860f19 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Wed, 7 Apr 2021 21:11:50 +0200
Subject: [PATCH 47/48] Update command

remove netrestrict
---
 contracts_reorg/data/geth/command | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/contracts_reorg/data/geth/command b/contracts_reorg/data/geth/command
index 25670d4..86ccff1 100755
--- a/contracts_reorg/data/geth/command
+++ b/contracts_reorg/data/geth/command
@@ -30,8 +30,7 @@ geth --datadir data/ \
 --ws.addr 0.0.0.0 \
 --ws.origins '*' \
 --ws.api personal,web3,eth,net \
---rpc.allow-unprotected-txs \
---netrestrict "127.0.0.1/8"
+--rpc.allow-unprotected-txs
 
 # Since we realize people/tooling issuing unprotected transactions can’t change overnight,
 # Geth v1.10.0 supports reverting to the old behavior and accepting non-EIP155 transactions via --rpc.allow-unprotected-txs.

From aaee387ae13cedec16bf2ed4aaa82468c4279390 Mon Sep 17 00:00:00 2001
From: Ino Murko <ino.murko.github@protonmail.com>
Date: Thu, 27 May 2021 13:51:31 +0200
Subject: [PATCH 48/48] security fix - clone and copy into container (#64)

---
 .circleci/config.yml              | 13 +++----------
 tester/Dockerfile.plasma_deployer |  7 +++----
 2 files changed, 6 insertions(+), 14 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index feef7e0..88cc60b 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -247,10 +247,6 @@ commands:
         type: string
         description: "Path to persist Docker archive"
         default: "~/docker"
-      build-arg:
-        type: string
-        description: "Args to pass into docker file"
-        default: ""
     steps:
       - when:
           condition: <<parameters.import>>
@@ -268,11 +264,7 @@ commands:
             DIRNAME="$(dirname "$DOCKERFILE")"
 
             cd "$DIRNAME" || exit 1
-            if [ -z "<<parameters.build-arg>>" ]; then
-              docker build . --cache-from "<<parameters.image>>" -t "<<parameters.image>>" -f "$BASENAME"
-            else
-              docker build . --cache-from "<<parameters.image>>" -t "<<parameters.image>>" -f "$BASENAME" --build-arg <<parameters.build-arg>>
-            fi
+            docker build . --cache-from "<<parameters.image>>" -t "<<parameters.image>>" -f "$BASENAME"
       - when:
           condition: <<parameters.export>>
           steps:
@@ -435,11 +427,12 @@ jobs:
       - setup_remote_docker:
           version: 19.03.13
       - attach_workspace: *attach_workspace
+      - run: |
+          echo ${GITHUB_TOKEN} | git clone https://omisego-bot@github.com/omgnetwork/$(cat tester/CONTRACT_REPO_NAME).git tester/plasma-contracts
       - docker_build:
           image: "omisegoimages/elixir-omg-tester-plasma-deployer"
           dockerfile: "tester/Dockerfile.plasma_deployer"
           export: "~/docker/omisegoimages_elixir-omg_tester_plasma_deployer.tar"
-          build-arg: "GITHUB_TOKEN=${GITHUB_TOKEN}"
       - persist_to_workspace:
           <<: *persist_workspace
           paths:
diff --git a/tester/Dockerfile.plasma_deployer b/tester/Dockerfile.plasma_deployer
index e05dcaf..2ab6adb 100644
--- a/tester/Dockerfile.plasma_deployer
+++ b/tester/Dockerfile.plasma_deployer
@@ -16,10 +16,9 @@ RUN apk add --update \
 
 COPY CONTRACT_SHA /tmp/CONTRACT_SHA
 COPY CONTRACT_REPO_NAME /tmp/CONTRACT_REPO_NAME
-
-# pass in token for prompt instead of git clone https://${GITHUB_TOKEN}@github.com... to avoid
-# leaving the token data in .git/config
-RUN echo ${GITHUB_TOKEN} | git clone https://omisego-bot@github.com/omgnetwork/$(cat /tmp/CONTRACT_REPO_NAME).git plasma-contracts
+COPY CONTRACT_SHA /tmp/CONTRACT_SHA
+COPY CONTRACT_REPO_NAME /tmp/CONTRACT_REPO_NAME
+COPY plasma-contracts /home/node/plasma-contracts
 RUN cd /home/node/plasma-contracts && git reset --hard $(cat /tmp/CONTRACT_SHA)
 RUN cd /home/node/plasma-contracts && npm install
 RUN cd /home/node/plasma-contracts/plasma_framework && rm -Rf ./build