tony/MESH2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f2d62fa03d6a71ea162ae6c9615a5d5a9040c8ca
MESH2/docs/specs/MESH-Dev-Environment-Specification.md
anthonyrawlins f2d62fa03d Initial workspace: scaffold + constitution + spec documents 
Rust workspace with 5 crates (mesh-types, mesh-crypto, mesh-network,
mesh-validator, mesh-wallet), PROJECT_CONSTITUTION.md for CHORUS
automated ingestion, and the full MESH protocol specification suite.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-23 20:49:44 +11:00

1161 lines
34 KiB
Markdown
Raw Blame History

**MESH PROTOCOL**
*Development Environment Specification*
Toolchains, Images, and Setup for VM-Based Development
Version 1.0 \| March 2026
**1. Overview**
This document specifies the complete development environment for the
MESH protocol reference implementation. It is designed for a single
developer working in a virtual machine environment, using official
Docker images and standard package managers wherever possible.
The environment is structured as a primary development VM running
Docker, with containerised toolchains for build, test, and formal
verification. This ensures reproducibility: any developer on any host OS
can recreate the identical environment from this document.
**1.1 Host VM Requirements**
------------------- ---------------------------------------------------
**Requirement** **Specification**
Operating System Ubuntu 24.04 LTS (Noble Numbat), server or desktop
edition. This is the reference OS. All commands in
this document assume Ubuntu 24.04. Other Linux
distributions will work but package names may
differ.
Architecture x86_64 (amd64). ARM64 (aarch64) is supported but
some Docker images may require emulation. All
specified images have amd64 variants.
CPU Minimum: 4 cores. Recommended: 8+ cores. Rust
compilation and TLA+ model checking are both
CPU-intensive.
RAM Minimum: 8 GB. Recommended: 16 GB. The TLC model
checker is a JVM application and benefits from
large heap sizes. Rust's linker (mold/lld) also
benefits from available RAM.
Disk Minimum: 50 GB free. Recommended: 100 GB. Rust's
target/ directory grows quickly. Docker images
consume 5--10 GB. The cargo registry cache uses
1--5 GB.
Network Internet access required for initial setup (pulling
images, crates). Subsequent development can be done
offline if all dependencies are vendored.
------------------- ---------------------------------------------------
**1.2 Environment Architecture**
The development environment consists of three layers:
- **Layer 1 --- Host VM:** Ubuntu 24.04 with Docker Engine, Git, and
an editor (VS Code or Neovim). This is where you write code and run
docker compose commands.
- **Layer 2 --- Build Container:** Official Rust Docker image with
additional system dependencies. This is where Rust code compiles.
Mounted as a volume so source files live on the host.
- **Layer 3 --- Auxiliary Containers:** TLA+ tools, Tamarin Prover,
and the multi-validator testnet. These run as separate Docker
containers orchestrated by docker compose.
**2. Host VM Setup**
**2.1 Base Packages**
Install the following packages on the host VM. These are all available
from Ubuntu's default APT repositories.
> sudo apt update && sudo apt upgrade -y
>
> sudo apt install -y \\
>
> build-essential pkg-config libssl-dev \\
>
> git curl wget ca-certificates \\
>
> docker.io docker-compose-v2 \\
>
> jq tmux htop \\
>
> clang lld mold
------------------- --------------- -------------------------------------
**Package** **Version** **Purpose**
docker.io ≥24.0 Container runtime. Ubuntu's official
Docker package. Alternatively install
Docker CE from docker.com --- both
work.
docker-compose-v2 ≥2.24 Multi-container orchestration for the
testnet and auxiliary tools. Uses the
docker compose (v2, no hyphen)
syntax.
git ≥2.43 Version control. Standard.
build-essential current GCC, make, libc headers. Needed for
some Rust crate build scripts that
compile C code.
pkg-config current Helps Rust crates find system
libraries (e.g., OpenSSL headers).
libssl-dev current OpenSSL development headers. Required
by the quinn QUIC library for TLS
1.3.
clang ≥17 Alternative C/C++ compiler. Some
crates prefer clang for
cross-compilation.
lld ≥17 LLVM linker. Faster than GNU ld for
large Rust binaries.
mold ≥2.4 Even faster linker than lld.
Recommended for development builds.
Set via .cargo/config.toml.
jq current JSON processor. Useful for parsing
benchmark output and test vectors.
tmux current Terminal multiplexer. You will want
multiple panes when running 4
validators.
------------------- --------------- -------------------------------------
**2.2 Docker Post-Install**
Add your user to the docker group so you can run Docker without sudo:
> sudo usermod -aG docker \$USER
>
> newgrp docker \# apply group change without logout
>
> docker run hello-world \# verify it works
**2.3 Rust Toolchain (Host-Native)**
While compilation happens inside Docker containers for reproducibility,
you will also want a native Rust installation on the host for IDE
integration (rust-analyzer), quick cargo check cycles, and running
individual tests without the container overhead.
> curl \--proto \'=https\' \--tlsv1.2 -sSf https://sh.rustup.rs \| sh -s
> \-- -y \\
>
> \--default-toolchain stable \\
>
> \--profile default \\
>
> \--component rust-analyzer clippy rustfmt
>
> source \"\$HOME/.cargo/env\"
>
> rustup \--version \# verify: rustup 1.28+
>
> cargo \--version \# verify: cargo 1.85+
>
> rustc \--version \# verify: rustc 1.85+
Pin the Rust version in the project root to ensure all developers and CI
use the same compiler:
> \# In the project root, create rust-toolchain.toml:
>
> \[toolchain\]
>
> channel = \"1.85.0\"
>
> components = \[\"clippy\", \"rustfmt\", \"rust-analyzer\"\]
>
> targets = \[\"x86_64-unknown-linux-gnu\"\]
**2.4 Cargo Configuration**
Create .cargo/config.toml in the project root to set the fast linker and
compilation flags:
> \# .cargo/config.toml
>
> \[target.x86_64-unknown-linux-gnu\]
>
> linker = \"clang\"
>
> rustflags = \[\"-C\", \"link-arg=-fuse-ld=mold\"\]
>
> \[build\]
>
> \# Use all available cores for compilation
>
> jobs = 0
>
> \[profile.dev\]
>
> \# Speed up dev builds at the cost of optimisation
>
> opt-level = 0
>
> debug = true
>
> \[profile.test\]
>
> opt-level = 1 \# Some crypto tests are too slow at opt-level 0
>
> \[profile.release\]
>
> opt-level = 3
>
> lto = \"thin\"
>
> codegen-units = 1
>
> strip = true
>
> **WHY mold?:** The default GNU linker (ld) can take 5--15 seconds to
> link a medium-sized Rust binary. mold reduces this to under 1 second.
> Over hundreds of compile-test cycles per day, this saves hours of
> cumulative wait time. It is the single highest-impact developer
> experience improvement.
**2.5 Editor / IDE**
Either of the following is fully supported:
- **VS Code + rust-analyzer extension:** Install via the Extensions
marketplace. rust-analyzer provides inline type hints,
go-to-definition, auto-completion, and integrated test running. Add
the Even Better TOML extension for Cargo.toml editing.
- **Neovim + rust-analyzer via nvim-lspconfig:** If you prefer
terminal-based editing. Requires Neovim 0.9+ and the nvim-lspconfig
plugin configured for rust_analyzer.
Whichever editor you choose, ensure it is configured to run rustfmt on
save. The project enforces formatting via CI --- unformatted code will
be rejected.
**3. Docker Images**
All containerised toolchains use official images from Docker Hub or
well-established community images. No custom base images. Every image is
pinned to a specific tag for reproducibility.
**3.1 Image Registry**
--------------------------------------- ------------------------- -------------------------
**Image** **Tag (pinned)** **Purpose**
docker.io/library/rust 1.85.0-bookworm Primary build image.
Debian Bookworm base with
full Rust toolchain. Used
for compiling all MESH
crates. \~1.4 GB.
docker.io/library/rust 1.85.0-slim-bookworm Slim build variant. No
GCC, no man pages. Used
for CI builds where image
pull time matters. \~800
MB.
docker.io/library/debian bookworm-slim Runtime base image. For
the final validator and
wallet binaries. Minimal:
\~80 MB.
docker.io/library/eclipse-temurin 21-jre-jammy Java 21 runtime for TLA+
tools (TLC model checker,
SANY parser). Eclipse
Temurin is the official
successor to
AdoptOpenJDK. \~220 MB.
ghcr.io/tamarin-prover/tamarin-prover 1.8.0 Tamarin Prover for
cryptographic protocol
verification. Official
GitHub Container Registry
image.
docker.io/library/python 3.12-slim-bookworm Python runtime for test
vector generation
scripts, benchmarking
scripts, and the
Jupyter-based TLA+
environment. \~150 MB.
docker.io/jupyter/minimal-notebook latest Jupyter notebook
environment for
interactive TLA+
specification development
using tlaplus-jupyter
kernel. \~1.2 GB.
--------------------------------------- ------------------------- -------------------------
**3.2 Pull All Images**
Run the following to pre-fetch all images. This will consume
approximately 5 GB of disk space and takes 5--15 minutes depending on
bandwidth.
> docker pull rust:1.85.0-bookworm
>
> docker pull rust:1.85.0-slim-bookworm
>
> docker pull debian:bookworm-slim
>
> docker pull eclipse-temurin:21-jre-jammy
>
> docker pull ghcr.io/tamarin-prover/tamarin-prover:1.8.0
>
> docker pull python:3.12-slim-bookworm
>
> docker pull jupyter/minimal-notebook:latest
**3.3 Build Container (Dockerfile.build)**
This Dockerfile extends the official Rust image with the additional
system libraries and tools needed to compile MESH crates:
> \# Dockerfile.build
>
> FROM rust:1.85.0-bookworm
>
> \# System dependencies for crypto crates and QUIC
>
> RUN apt-get update && apt-get install -y \--no-install-recommends \\
>
> pkg-config libssl-dev clang lld mold \\
>
> cmake \\ \# some crates need cmake
>
> && rm -rf /var/lib/apt/lists/\*
>
> \# Install additional Rust tools
>
> RUN rustup component add clippy rustfmt rust-analyzer
>
> RUN cargo install cargo-audit cargo-deny cargo-nextest
>
> \# cargo-nextest: faster test runner with better output
>
> \# cargo-audit: checks dependencies for known vulnerabilities
>
> \# cargo-deny: checks licenses and advisories
>
> WORKDIR /workspace
>
> VOLUME /workspace
Build and tag it:
> docker build -f Dockerfile.build -t mesh-build:latest .
Usage --- compile the project inside the container with host source
mounted:
> docker run \--rm -v \$(pwd):/workspace -v
> cargo-cache:/usr/local/cargo/registry \\
>
> mesh-build:latest cargo build
>
> \# Run tests:
>
> docker run \--rm -v \$(pwd):/workspace -v
> cargo-cache:/usr/local/cargo/registry \\
>
> mesh-build:latest cargo nextest run
>
> \# Run clippy:
>
> docker run \--rm -v \$(pwd):/workspace -v
> cargo-cache:/usr/local/cargo/registry \\
>
> mesh-build:latest cargo clippy \-- -D warnings
>
> **CARGO CACHE VOLUME:** The -v cargo-cache:/usr/local/cargo/registry
> flag creates a named Docker volume that persists the cargo registry
> cache across container runs. Without this, every docker run would
> re-download all crates. The volume survives container restarts and
> typically grows to 1--3 GB.
**3.4 Runtime Container (Dockerfile.runtime)**
The runtime image is minimal. It contains only the compiled binary and
its runtime dependencies. This is what the testnet validators run.
> \# Dockerfile.runtime
>
> FROM debian:bookworm-slim
>
> RUN apt-get update && apt-get install -y \--no-install-recommends \\
>
> ca-certificates libssl3 \\
>
> && rm -rf /var/lib/apt/lists/\*
>
> COPY \--from=builder /workspace/target/release/mesh-validator
> /usr/local/bin/
>
> COPY \--from=builder /workspace/target/release/mesh-wallet
> /usr/local/bin/
>
> EXPOSE 4430/udp \# QUIC port for validator
>
> EXPOSE 4431/udp \# QUIC port for client connections
>
> ENTRYPOINT \[\"mesh-validator\"\]
This uses a multi-stage build. The full Dockerfile combines
Dockerfile.build and Dockerfile.runtime:
> \# Dockerfile (multi-stage)
>
> FROM rust:1.85.0-bookworm AS builder
>
> RUN apt-get update && apt-get install -y \--no-install-recommends \\
>
> pkg-config libssl-dev clang lld mold cmake \\
>
> && rm -rf /var/lib/apt/lists/\*
>
> WORKDIR /workspace
>
> COPY . .
>
> RUN cargo build \--release
>
> FROM debian:bookworm-slim
>
> RUN apt-get update && apt-get install -y \--no-install-recommends \\
>
> ca-certificates libssl3 && rm -rf /var/lib/apt/lists/\*
>
> COPY \--from=builder /workspace/target/release/mesh-validator
> /usr/local/bin/
>
> COPY \--from=builder /workspace/target/release/mesh-wallet
> /usr/local/bin/
>
> EXPOSE 4430/udp 4431/udp
>
> ENTRYPOINT \[\"mesh-validator\"\]
**4. Formal Verification Toolchains**
**4.1 TLA+ (TLC Model Checker)**
TLA+ is used to formally verify the consensus protocol properties
(SPEC-010 §10.6). The TLC model checker is a Java application
distributed as a JAR file.
**4.1.1 Setup via Docker**
There is no single official TLA+ Docker image on Docker Hub. The
recommended approach is a lightweight custom image based on Eclipse
Temurin JRE:
> \# Dockerfile.tlaplus
>
> FROM eclipse-temurin:21-jre-jammy
>
> \# Download TLA+ tools JAR from official GitHub releases
>
> ARG TLAPLUS_VERSION=1.8.0
>
> RUN apt-get update && apt-get install -y \--no-install-recommends wget
> && \\
>
> wget -q
> https://github.com/tlaplus/tlaplus/releases/download/v\${TLAPLUS_VERSION}/tla2tools.jar
> \\
>
> -O /opt/tla2tools.jar && \\
>
> apt-get remove -y wget && apt-get autoremove -y && \\
>
> rm -rf /var/lib/apt/lists/\*
>
> WORKDIR /specs
>
> VOLUME /specs
>
> \# Convenience aliases as entrypoints
>
> \# Usage: docker run mesh-tlaplus tlc MySpec.tla
>
> ENTRYPOINT \[\"java\", \"-cp\", \"/opt/tla2tools.jar\"\]
>
> CMD \[\"tlc2.TLC\", \"-help\"\]
Build and use:
> docker build -f Dockerfile.tlaplus -t mesh-tlaplus:latest .
>
> \# Parse a spec:
>
> docker run \--rm -v \$(pwd)/specs:/specs mesh-tlaplus:latest \\
>
> tla2sany.SANY /specs/Tier1.tla
>
> \# Run the model checker:
>
> docker run \--rm -v \$(pwd)/specs:/specs mesh-tlaplus:latest \\
>
> tlc2.TLC /specs/Tier1.tla -workers auto
>
> \# Interactive REPL:
>
> docker run \--rm -it -v \$(pwd)/specs:/specs mesh-tlaplus:latest \\
>
> tlc2.REPL
**4.1.2 Jupyter + TLA+ (Interactive Development)**
For iterative specification development, the tlaplus-jupyter kernel
allows writing and checking TLA+ inside Jupyter notebooks:
> \# Dockerfile.tlaplus-jupyter
>
> FROM jupyter/minimal-notebook:latest
>
> USER root
>
> RUN apt-get update && apt-get install -y \--no-install-recommends \\
>
> default-jre-headless && rm -rf /var/lib/apt/lists/\*
>
> USER \${NB_UID}
>
> RUN pip install \--no-cache-dir tlaplus-jupyter
>
> RUN python -m tlaplus_jupyter.install
>
> WORKDIR /home/jovyan/specs
Run it:
> docker build -f Dockerfile.tlaplus-jupyter -t
> mesh-tlaplus-jupyter:latest .
>
> docker run \--rm -p 8888:8888 -v \$(pwd)/specs:/home/jovyan/specs \\
>
> mesh-tlaplus-jupyter:latest
>
> \# Open http://localhost:8888 and create a TLA+ notebook
**4.2 Tamarin Prover**
Tamarin Prover is used to verify cryptographic protocol properties
(SPEC-010 §10.6). It has an official Docker image on GitHub Container
Registry.
> \# Pull the official image:
>
> docker pull ghcr.io/tamarin-prover/tamarin-prover:1.8.0
>
> \# Run a proof:
>
> docker run \--rm -v \$(pwd)/proofs:/proofs \\
>
> ghcr.io/tamarin-prover/tamarin-prover:1.8.0 \\
>
> tamarin-prover \--prove /proofs/PTLC_Atomicity.spthy
>
> \# Interactive mode (launches web UI on port 3001):
>
> docker run \--rm -p 3001:3001 -v \$(pwd)/proofs:/proofs \\
>
> ghcr.io/tamarin-prover/tamarin-prover:1.8.0 \\
>
> tamarin-prover interactive /proofs/ \--interface=\'\*4\'
>
> \# Open http://localhost:3001 for the Tamarin web interface
>
> **TAMARIN LEARNING CURVE:** Tamarin's specification language (spthy)
> has a steep learning curve. Start with the official tutorial at
> https://tamarin-prover.com/manual/master/book/ before attempting to
> model MESH protocols. Budget 2--4 weeks of study before writing
> production-quality proofs.
**5. Testnet Orchestration**
The full 4-validator testnet is orchestrated by docker compose. This is
the primary way to run the MVP end-to-end.
**5.1 docker-compose.yml**
> \# docker-compose.yml
>
> version: \"3.9\"
>
> services:
>
> validator-1:
>
> build: .
>
> container_name: mesh-validator-1
>
> command: \[\"mesh-validator\", \"\--config\",
> \"/config/validator-1.toml\"\]
>
> volumes:
>
> \- ./config:/config:ro
>
> \- validator-1-data:/data
>
> ports:
>
> \- \"4430:4430/udp\"
>
> \- \"4431:4431/udp\"
>
> networks:
>
> \- meshnet
>
> validator-2:
>
> build: .
>
> container_name: mesh-validator-2
>
> command: \[\"mesh-validator\", \"\--config\",
> \"/config/validator-2.toml\"\]
>
> volumes:
>
> \- ./config:/config:ro
>
> \- validator-2-data:/data
>
> ports:
>
> \- \"4432:4430/udp\"
>
> \- \"4433:4431/udp\"
>
> networks:
>
> \- meshnet
>
> validator-3:
>
> build: .
>
> container_name: mesh-validator-3
>
> command: \[\"mesh-validator\", \"\--config\",
> \"/config/validator-3.toml\"\]
>
> volumes:
>
> \- ./config:/config:ro
>
> \- validator-3-data:/data
>
> ports:
>
> \- \"4434:4430/udp\"
>
> \- \"4435:4431/udp\"
>
> networks:
>
> \- meshnet
>
> validator-4:
>
> build: .
>
> container_name: mesh-validator-4
>
> command: \[\"mesh-validator\", \"\--config\",
> \"/config/validator-4.toml\"\]
>
> volumes:
>
> \- ./config:/config:ro
>
> \- validator-4-data:/data
>
> ports:
>
> \- \"4436:4430/udp\"
>
> \- \"4437:4431/udp\"
>
> networks:
>
> \- meshnet
>
> volumes:
>
> validator-1-data:
>
> validator-2-data:
>
> validator-3-data:
>
> validator-4-data:
>
> networks:
>
> meshnet:
>
> driver: bridge
**5.2 Usage**
> \# Build and start the testnet:
>
> docker compose up \--build -d
>
> \# View logs from all validators:
>
> docker compose logs -f
>
> \# View logs from one validator:
>
> docker compose logs -f validator-1
>
> \# Run the wallet CLI against the testnet:
>
> docker compose exec validator-1 mesh-wallet \--config
> /config/wallet.toml \\
>
> send \--to \<bob-pubkey\> \--amount 500 \--asset test-token
>
> \# Stop the testnet:
>
> docker compose down
>
> \# Stop and wipe all data (clean slate):
>
> docker compose down -v
>
> \# Simulate a crash: kill one validator
>
> docker compose stop validator-3
>
> \# \... run transactions, they should still succeed (3/4 = 2f+1 with
> f=1)
>
> docker compose start validator-3 \# it should sync back up
**6. CI/CD Pipeline**
The project uses GitHub Actions for continuous integration. The pipeline
runs on every push to any branch and every pull request to main.
**6.1 GitHub Actions Workflow**
> \# .github/workflows/ci.yml
>
> name: CI
>
> on: \[push, pull_request\]
>
> env:
>
> CARGO_TERM_COLOR: always
>
> RUST_BACKTRACE: 1
>
> jobs:
>
> check:
>
> runs-on: ubuntu-24.04
>
> container: rust:1.85.0-bookworm
>
> steps:
>
> \- uses: actions/checkout@v4
>
> \- uses: actions/cache@v4
>
> with:
>
> path: \|
>
> \~/.cargo/registry
>
> target/
>
> key: \${{ runner.os }}-cargo-\${{ hashFiles(\'\*\*/Cargo.lock\') }}
>
> \- run: cargo fmt \--all \-- \--check
>
> \- run: cargo clippy \--all-targets \-- -D warnings
>
> \- run: cargo build \--all-targets
>
> \- run: cargo test \--all-targets
>
> audit:
>
> runs-on: ubuntu-24.04
>
> container: rust:1.85.0-bookworm
>
> steps:
>
> \- uses: actions/checkout@v4
>
> \- run: cargo install cargo-audit cargo-deny
>
> \- run: cargo audit
>
> \- run: cargo deny check licenses
The pipeline enforces: formatting (rustfmt), lint warnings (clippy with
-D warnings), compilation, all tests pass, no known vulnerabilities
(cargo audit), and license compliance (cargo deny). Any failure blocks
merge.
**7. Rust Crate Dependencies (Pinned)**
These are the exact crate versions to be specified in Cargo.toml. All
versions are pinned and locked via Cargo.lock. Do not use version ranges
(e.g., \"\^1.0\") for cryptographic dependencies --- pin to the exact
patch version.
**7.1 mesh-crypto**
---------------------- ------------- -------------------------------------
**Crate** **Version** **Purpose and Notes**
ed25519-dalek 2.1.1 Ed25519 signatures. Enable features:
\[\"hazmat\", \"rand_core\"\]. This
is the dalek-cryptography crate
maintained by the community since the
original author's departure.
curve25519-dalek 4.1.3 Ristretto group operations for
Pedersen commitments. Enable
features: \[\"alloc\",
\"precomputed-tables\"\].
bulletproofs 4.0.0 Bulletproofs range proofs over
Ristretto. Depends on
curve25519-dalek and merlin. MIT
licensed.
merlin 3.0.0 Transcript-based Fiat-Shamir
transform. Used by bulletproofs for
non-interactive proofs.
sha3 0.10.8 SHA3-256 and SHAKE256. RustCrypto
project. Pure Rust.
chacha20poly1305 0.10.1 ChaCha20-Poly1305 AEAD. For memo
encryption and transport-layer
encryption.
rand 0.8.5 Cryptographically secure random
number generation. Uses OS entropy.
rand_core 0.6.4 Core traits for RNG. Required by
dalek crates.
zeroize 1.8.1 Securely zeroes memory on drop. MUST
be used for all secret key material.
---------------------- ------------- -------------------------------------
**7.2 mesh-network**
---------------------- ------------- -------------------------------------
**Crate** **Version** **Purpose and Notes**
quinn 0.11.6 QUIC protocol implementation. Built
on tokio and rustls. This is the
primary networking dependency.
rustls 0.23.22 TLS 1.3 implementation in Rust. No
OpenSSL dependency at runtime. Used
by quinn.
rustls-pemfile 2.2.0 PEM file parsing for TLS
certificates.
rcgen 0.13.2 X.509 certificate generation. Used to
create self-signed TLS certs for
testnet validators.
tokio 1.43.0 Async runtime. Enable features:
\[\"full\"\]. All async I/O runs on
tokio.
bytes 1.9.0 Efficient byte buffer manipulation.
Used for message framing.
---------------------- ------------- -------------------------------------
**7.3 mesh-validator**
---------------------- ------------- -------------------------------------
**Crate** **Version** **Purpose and Notes**
sled 0.34.7 Embedded key-value database. Used for
account state, certificates, and
equivocation records. Note: sled is
in maintenance mode; if it becomes
unmaintained, migrate to redb
(0.22.0) as a drop-in replacement.
toml 0.8.20 TOML configuration file parsing. For
validator config files.
tracing 0.1.41 Structured logging framework. All log
output uses tracing macros.
tracing-subscriber 0.3.19 Log output formatting. Enable
features: \[\"env-filter\",
\"json\"\]. JSON output for
machine-parseable logs.
---------------------- ------------- -------------------------------------
**7.4 mesh-wallet**
---------------------- ------------- -------------------------------------
**Crate** **Version** **Purpose and Notes**
clap 4.5.26 Command-line argument parser. Enable
features: \[\"derive\"\]. All CLI
commands defined via derive macros.
dialoguer 0.11.0 Interactive terminal prompts. Used
for key generation confirmation and
passphrase entry.
hex 0.4.3 Hex encoding/decoding. For displaying
public keys and transaction hashes to
the user.
---------------------- ------------- -------------------------------------
**7.5 Development and Testing**
---------------------- ------------- -------------------------------------
**Crate** **Version** **Purpose and Notes**
proptest 1.6.0 Property-based testing framework.
Used for serialisation round-trip
tests and fuzzing protocol
invariants.
criterion 0.5.1 Benchmarking framework. Used for
crypto operation benchmarks (range
proof generation/verification,
signing, etc.).
tokio-test 0.4.4 Utilities for testing async code.
Pairs with tokio.
tempfile 3.14.0 Temporary file/directory creation for
test isolation.
---------------------- ------------- -------------------------------------
> **DEPENDENCY HYGIENE:** Run cargo deny check licenses before adding
> any new dependency. MESH is Apache 2.0 licensed. All dependencies MUST
> be compatible (Apache 2.0, MIT, BSD-2, BSD-3, ISC, or Zlib). GPL
> dependencies are PROHIBITED because they would require the entire
> project to be GPL. LGPL dependencies are acceptable only if
> dynamically linked.
**8. Repository Structure**
The repository follows Rust workspace conventions with additional
top-level directories for specifications, formal proofs, and
configuration.
> mesh/
>
> ├── Cargo.toml \# Workspace root
>
> ├── Cargo.lock \# Pinned dependency versions
>
> ├── rust-toolchain.toml \# Pinned Rust version
>
> ├── .cargo/config.toml \# Build settings (linker, flags)
>
> ├── .github/workflows/ci.yml \# CI pipeline
>
> ├── Dockerfile \# Multi-stage build
>
> ├── Dockerfile.build \# Development build container
>
> ├── Dockerfile.tlaplus \# TLA+ tools container
>
> ├── Dockerfile.tlaplus-jupyter \# Interactive TLA+ notebooks
>
> ├── docker-compose.yml \# 4-validator testnet
>
> ├── deny.toml \# cargo-deny license config
>
> ├── LICENSE \# Apache 2.0
>
> ├── README.md
>
> ├── FUTURE.md \# Ideas deferred from MVP scope
>
> │
>
> ├── crates/
>
> │ ├── mesh-types/ \# Data structures and serialisation
>
> │ │ ├── src/lib.rs
>
> │ │ └── Cargo.toml
>
> │ ├── mesh-crypto/ \# Cryptographic operations
>
> │ │ ├── src/lib.rs
>
> │ │ └── Cargo.toml
>
> │ ├── mesh-network/ \# QUIC transport layer
>
> │ │ ├── src/lib.rs
>
> │ │ └── Cargo.toml
>
> │ ├── mesh-validator/ \# Validator binary
>
> │ │ ├── src/main.rs
>
> │ │ └── Cargo.toml
>
> │ └── mesh-wallet/ \# CLI wallet binary
>
> │ ├── src/main.rs
>
> │ └── Cargo.toml
>
> │
>
> ├── specs/ \# Formal specifications (TLA+)
>
> │ ├── Tier1.tla
>
> │ ├── Tier1.cfg \# TLC model config
>
> │ └── ValueSemiring.tla
>
> │
>
> ├── proofs/ \# Tamarin protocol proofs
>
> │ ├── PTLC_Atomicity.spthy
>
> │ └── Stealth_Unlinkability.spthy
>
> │
>
> ├── config/ \# Testnet configuration files
>
> │ ├── validator-1.toml
>
> │ ├── validator-2.toml
>
> │ ├── validator-3.toml
>
> │ ├── validator-4.toml
>
> │ └── wallet.toml
>
> │
>
> ├── test-vectors/ \# Reference test vectors (JSON)
>
> │ ├── spec-002/
>
> │ ├── spec-003/
>
> │ └── spec-006/
>
> │
>
> ├── docs/ \# Specification documents (docx/pdf)
>
> │ ├── MESH-Protocol-Specification-Suite-v0.1.0.docx
>
> │ ├── MESH-Specification-Addendum-SPEC-004-005-009.docx
>
> │ ├── MESH-MVP-Roadmap-Solo-Bootstrap.docx
>
> │ └── MESH-Dev-Environment.docx
>
> │
>
> └── benches/ \# Criterion benchmarks
>
> ├── crypto_bench.rs
>
> └── serialisation_bench.rs
**9. Quick Reference Card**
Cut this page out and stick it on your monitor.
--------------------------- ---------------------------------------------
**Task** **Command**
Build (host) cargo build
Build (container) docker run \--rm -v \$(pwd):/workspace -v
cargo-cache:/usr/local/cargo/registry
mesh-build:latest cargo build
Test (fast) cargo nextest run
Test (container) docker run \--rm -v \$(pwd):/workspace -v
cargo-cache:/usr/local/cargo/registry
mesh-build:latest cargo nextest run
Lint cargo clippy \-- -D warnings
Format cargo fmt \--all
Format check cargo fmt \--all \-- \--check
Audit deps cargo audit
License check cargo deny check licenses
Start testnet docker compose up \--build -d
View testnet logs docker compose logs -f
Stop testnet docker compose down
Wipe testnet data docker compose down -v
Kill one validator docker compose stop validator-3
Run TLC model check docker run \--rm -v \$(pwd)/specs:/specs
mesh-tlaplus:latest tlc2.TLC /specs/Tier1.tla
-workers auto
Run Tamarin proof docker run \--rm -v \$(pwd)/proofs:/proofs
ghcr.io/tamarin-prover/tamarin-prover:1.8.0
tamarin-prover \--prove
/proofs/PTLC_Atomicity.spthy
Benchmark crypto cargo bench \--bench crypto_bench
Generate release binary cargo build \--release
--------------------------- ---------------------------------------------
Reference in New Issue View Git Blame Copy Permalink