3f76bc9507
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
- MASTER_INDEX: Last Updated 2026-03-06; status 59/59 contracts; add NEXT_STEPS_LIST, CONTRACT_NEXT_STEPS_LIST - docs/README, NEXT_STEPS_INDEX, 06-besu/MASTER_INDEX: Last Updated 2026-03-06 - Contract check script: 59 addresses (PMM, vault/reserve, CompliantFiatTokens); canonical CCIP/router - New docs: EXECUTION_CHECKLIST, NEXT_STEPS_LIST, DOTENV_AUDIT, ADDITIONAL_PATHS, deployer gas runbook, WEMIX_ACQUISITION_TABLED, etc. - Config: deployer-gas-routes, cro-wemix-swap-routes, routing-registry, token-mapping - Scripts: check-contracts-on-chain-138, check-pmm-pool-balances-chain138, deployer-gas-auto-route, acquire-cro-and-wemix-gas - Operator rule: operator-lan-access-check.mdc Made-with: Cursor
5.2 KiB
5.2 KiB
Operator Credentials and Secrets — Checklist
Purpose: Before running Operator/LAN tasks, confirm you have the required credentials and access. Does Operator/LAN have all necessary creds? Use this checklist; if any row is No, obtain or set that credential before running the task.
Where to set: Unless noted, use smom-dbis-138/.env (gitignored). Copy from smom-dbis-138/.env.example or see REMAINING_WORK_DETAILED_STEPS for per-step blockers.
Operator scripts load dotenv automatically: run-all-operator-tasks-from-lan.sh and run-operator-tasks-from-lan.sh source scripts/lib/load-project-env.sh, which loads repo root .env and smom-dbis-138/.env. No need to source .env before running.
Required secrets for operator (full lists): For a complete list of all env variables by area (root, smom-dbis-138, services, frontend, config-ready chains, bridge quote), see DOTENV_FILES_REFERENCE.md. For deployment and bridge addresses see ENV_EXAMPLE_CONTENT.md and env.additions.example.
Required credentials (summary)
| Credential / access | Used for | Where to set / get |
|---|---|---|
| LAN (192.168.11.x) | NPMplus API, RPC, Blockscout, Proxmox | Be on same network or VPN |
| PRIVATE_KEY (64-char hex, no 0x) | Chain 138 deploy, bridge send, any forge script --broadcast |
smom-dbis-138/.env |
| RPC_URL_138 (Chain 138 Core) | Deploy, verify, on-chain check | e.g. http://192.168.11.211:8545 in .env |
| NPM_PASSWORD | NPMplus backup, proxy host updates (502 fix) | smom-dbis-138/.env or root .env; from NPMplus UI |
| SSH to Proxmox (e.g. root@192.168.11.10) | run-all-maintenance-via-proxmox-ssh, VM/CT creation, token-aggregation fix | SSH key or password to Proxmox host |
| LINK (on Chain 138 for bridge) | sendCrossChain (real); CCIP fees | Deployer wallet must hold LINK and approve bridge |
| Native gas (ETH/138) | All Chain 138 deploys and txs | Deployer 0x4A66... funded on 138 |
| Per-chain RPC + gas (Celo, Wemix, Gnosis) | CCIP bridges deploy | CELO ~0.1, WEMIX ~0.4; RPC URLs in .env |
| ADD_LIQUIDITY_ amounts + token balance* | Add liquidity to PMM pools | Deployer holds cUSDT/cUSDC/USDT/USDC; set in .env or runbook |
Per-task requirements (Operator/LAN)
| Task | LAN | PRIVATE_KEY | NPM_PASSWORD | RPC_URL_138 | SSH Proxmox | Other |
|---|---|---|---|---|---|---|
| Full deployment order (Phase 0–6) | Yes | Yes | — | Yes | Optional | Gas on 138; per-phase env (see runbook) |
| Add liquidity (PMM pools) | Yes | Yes | — | Yes | — | Token balance; ADD_LIQUIDITY_BASE_AMOUNT, ADD_LIQUIDITY_QUOTE_AMOUNT |
| run-all-operator-tasks-from-lan (backup + verify) | Yes | — | Yes (backup) | Yes (verify) | Optional | Blockscout reachable |
| run-all-operator-tasks-from-lan --deploy | Yes | Yes | Yes | Yes | Optional | Gas on 138 |
| E2E 502 fix (address-all-remaining-502s) | Yes | — | Yes (NPMplus proxy update) | — | Yes (Besu fix) | Proxmox reachable |
| Blockscout verification only | Yes | — | — | Yes | — | Host can reach explorer.d-bis.org |
| Gnosis / Celo / Wemix CCIP bridges | Yes | Yes | — | Yes + per-chain RPC | — | Per-chain gas (xDAI, CELO, WEMIX); CCIP router/LINK addresses in .env |
| LINK support on Mainnet relay | Yes | Yes (if deploy) | — | Yes | Yes (restart relay) | Mainnet RPC; LINK on mainnet if funding relay |
| sendCrossChain (real) | Yes | Yes | — | Yes | — | LINK approved for bridge; recipient address |
| NPMplus backup | Yes | — | Yes | — | — | NPMplus API reachable |
| NPMplus RPC proxy fix (405) | Yes | — | Yes | — | — | — |
| Token-aggregation DB + migrations | Yes | — | — | — | Yes | PostgreSQL on VMID 5000 or same host; DATABASE_URL |
| Explorer Wallet link (edit nav) | — | — | — | — | Yes (to explorer VM) | SSH to VMID 5000 or host serving explorer |
| E2E flow waves E1–E7 | Yes | Yes (if deploy/fund) | Yes (if NPM) | Yes | Optional | Depends on wave; see TASKS_TO_INCREASE_ALL_E2E_FLOWS |
— = not required for that task.
Quick verification (do you have them?)
# From repo root, with smom-dbis-138/.env present:
source smom-dbis-138/.env 2>/dev/null
echo "PRIVATE_KEY set: $( [ -n "$PRIVATE_KEY" ] && echo yes || echo no )"
echo "NPM_PASSWORD set: $( [ -n "$NPM_PASSWORD" ] && echo yes || echo no )"
echo "RPC_URL_138 set: $( [ -n "$RPC_URL_138" ] && echo yes || echo no )"
# LAN: ping or curl from your machine to 192.168.11.211:8545 (or your RPC host)
# SSH: ssh root@192.168.11.10 (or your Proxmox host) echo ok
References
- Operator commands: OPERATOR_READY_CHECKLIST.md
- LAN + secrets steps: STEPS_FROM_PROXMOX_OR_LAN_WITH_SECRETS.md
- Wave 0 (sendCrossChain, backup): REMAINING_WORK_DETAILED_STEPS.md § W0-2, W0-3
- Remaining summary: REMAINING_SUMMARY.md