#!/usr/bin/env bash # Production Configuration Setup # Sets up production environment configuration set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../../../../.." && pwd)" CONFIG_DIR="$PROJECT_ROOT/config/production" mkdir -p "$CONFIG_DIR" echo "Production Configuration Setup" echo "==============================" echo "" # Create production .env template ENV_TEMPLATE="$CONFIG_DIR/.env.production.template" cat > "$ENV_TEMPLATE" <<'EOF' # Production Environment Configuration # Copy this file to .env.production and fill in values # Network Configuration CHAIN138_RPC=https://rpc.chain138.example.com ETHEREUM_MAINNET_RPC=https://eth-mainnet.g.alchemy.com/v2/YOUR_KEY RPC_URL=${ETHEREUM_MAINNET_RPC} # Contract Addresses (ChainID 138) LOCKBOX138_ADDRESS=0x0000000000000000000000000000000000000000 # Contract Addresses (Ethereum Mainnet) INBOX_ETH_ADDRESS=0x0000000000000000000000000000000000000000 BOND_MANAGER_ADDRESS=0x0000000000000000000000000000000000000000 CHALLENGE_MANAGER_ADDRESS=0x0000000000000000000000000000000000000000 LIQUIDITY_POOL_ADDRESS=0x0000000000000000000000000000000000000000 SWAP_ROUTER_ADDRESS=0x0000000000000000000000000000000000000000 BRIDGE_SWAP_COORDINATOR_ADDRESS=0x0000000000000000000000000000000000000000 # Multisig MULTISIG_ADDRESS=0x0000000000000000000000000000000000000000 # Monitoring PROMETHEUS_ENABLED=true PROMETHEUS_PORT=9090 GRAFANA_ENABLED=true GRAFANA_PORT=3000 # Alerting ALERT_EMAIL=alerts@example.com SLACK_WEBHOOK=https://hooks.slack.com/services/YOUR/WEBHOOK/URL PAGERDUTY_ENABLED=false PAGERDUTY_KEY=your_pagerduty_key # Rate Limiting MIN_DEPOSIT_AMOUNT=1000000000000000 COOLDOWN_PERIOD=60 MAX_CLAIMS_PER_HOUR=100 # Relayer Fees RELAYER_FEE_BPS=0 # Security PRIVATE_KEY=your_private_key_here MULTISIG_THRESHOLD=2 MULTISIG_SIGNERS=signer1,signer2,signer3 EOF echo "Production .env template created: $ENV_TEMPLATE" echo "" # Create production config validation script VALIDATION_SCRIPT="$CONFIG_DIR/validate-production-config.sh" cat > "$VALIDATION_SCRIPT" <<'EOF' #!/usr/bin/env bash # Validate Production Configuration set -euo pipefail source .env.production 2>/dev/null || { echo "Error: .env.production not found" exit 1 } echo "Validating Production Configuration..." echo "" ERRORS=0 # Check required variables REQUIRED_VARS=( "CHAIN138_RPC" "ETHEREUM_MAINNET_RPC" "LOCKBOX138_ADDRESS" "INBOX_ETH_ADDRESS" "BOND_MANAGER_ADDRESS" "CHALLENGE_MANAGER_ADDRESS" "LIQUIDITY_POOL_ADDRESS" "MULTISIG_ADDRESS" ) for var in "${REQUIRED_VARS[@]}"; do if [ -z "${!var:-}" ]; then echo "❌ Missing: $var" ERRORS=$((ERRORS + 1)) else echo "✅ $var is set" fi done # Validate addresses (not zero) if [ "$LOCKBOX138_ADDRESS" = "0x0000000000000000000000000000000000000000" ]; then echo "❌ LOCKBOX138_ADDRESS is not set" ERRORS=$((ERRORS + 1)) fi if [ "$MULTISIG_ADDRESS" = "0x0000000000000000000000000000000000000000" ]; then echo "❌ MULTISIG_ADDRESS is not set" ERRORS=$((ERRORS + 1)) fi # Validate RPC connectivity echo "" echo "Testing RPC connectivity..." if cast block-number --rpc-url "$CHAIN138_RPC" >/dev/null 2>&1; then echo "✅ ChainID 138 RPC is accessible" else echo "❌ ChainID 138 RPC is not accessible" ERRORS=$((ERRORS + 1)) fi if cast block-number --rpc-url "$ETHEREUM_MAINNET_RPC" >/dev/null 2>&1; then echo "✅ Ethereum Mainnet RPC is accessible" else echo "❌ Ethereum Mainnet RPC is not accessible" ERRORS=$((ERRORS + 1)) fi echo "" if [ $ERRORS -eq 0 ]; then echo "✅ Production configuration is valid" exit 0 else echo "❌ Production configuration has $ERRORS error(s)" exit 1 fi EOF chmod +x "$VALIDATION_SCRIPT" echo "Validation script created: $VALIDATION_SCRIPT" echo "" # Create production deployment checklist CHECKLIST="$CONFIG_DIR/production-deployment-checklist.md" cat > "$CHECKLIST" <<'EOF' # Production Deployment Checklist ## Pre-Deployment ### Configuration - [ ] Production .env file created and validated - [ ] All contract addresses documented - [ ] Multisig address configured - [ ] RPC endpoints tested and verified - [ ] Monitoring endpoints configured ### Security - [ ] External security audit completed - [ ] Audit findings remediated - [ ] Multisig deployed and tested - [ ] Access control verified - [ ] Private keys secured (hardware wallets) ### Infrastructure - [ ] Monitoring services deployed - [ ] Alerting configured and tested - [ ] Dashboards accessible - [ ] Backup procedures in place - [ ] Disaster recovery plan tested ### Testing - [ ] All tests passing (215+ tests) - [ ] Load testing completed - [ ] Integration testing completed - [ ] Disaster recovery testing completed ## Deployment ### Contracts - [ ] All contracts deployed - [ ] Contracts verified on explorer - [ ] Contract addresses documented - [ ] Multisig ownership transferred - [ ] Initial configuration completed ### Services - [ ] Monitoring services running - [ ] Alerting active - [ ] Metrics collection working - [ ] Logs being collected ### Operations - [ ] Operational runbooks reviewed - [ ] Team trained on procedures - [ ] Emergency contacts documented - [ ] Support channels established ## Post-Deployment ### Validation - [ ] All systems operational - [ ] Monitoring shows healthy status - [ ] Test transactions successful - [ ] No critical alerts ### Documentation - [ ] Production addresses documented - [ ] Configuration documented - [ ] Procedures documented - [ ] User guides published ### Communication - [ ] Users notified - [ ] Partners notified - [ ] Public announcement (if applicable) - [ ] Status page updated EOF echo "Production deployment checklist created: $CHECKLIST" echo "" echo "Configuration files created in: $CONFIG_DIR" echo "" echo "Next Steps:" echo "1. Copy .env.production.template to .env.production" echo "2. Fill in all production values" echo "3. Run validation: $VALIDATION_SCRIPT" echo "4. Review deployment checklist: $CHECKLIST"