Secure, advanced, and flexible access management stack for web3.
The Armory Stack is an open-source access management system tailored for uses-case that need strong authentication and fine-grained authorization. It is designed to secure the usage of private keys, wallets, and web3 applications.
It's a web3-native policy engine combined with a highly customizable next-gen auth system, able to be deployed in a variety of secure configurations.
To setup the project, run the following command:
git clone git@github.com:narval-xyz/narval.git
cd narval
make setupAt the end, you must have a working environment ready to run any application.
Alternatively, if you want to set up each application individually, you can check Armory, Policy Engine, and Vault "Getting started" sections.
We use Docker & docker-compose to run the application's dependencies.
make docker/up
make docker/stopAlternatively, you can run the entire stack in Docker containers. This is useful when using the MPC as a signing protocol in the Policy Engine.
Important
You also need a locally running TSM cluster, which is not included in this repository.
# Build the application's image.
make docker/stack/build
make docker/stack/up
make docker/stack/stopTo run tests across all existing projects, you can use the following commands:
# Run all tests
make test
make test/type
make test/unit
make test/integration
make test/e2eThese commands utilize the NX CLI's run-many feature to execute the specified targets (test or test:type) across all projects in the monorepo.
We use Prettier and ESLint to ensure code consistency. You can run the following commands to format and lint the whole code base.
# Format and lint all the code.
make format
make lint
# Check for formatting and linting errors without fixing them.
make format/check
make lint/checkThe .npmrc file is needed to access a private registry for the optional
dependency @narval-xyz/armory-mpc-module.
Important
This file is NOT in git, but it's necessary for the build if you're using MPC to sign decisions in the Policy Engine.
- Create a
.npmrcfile in the root of this project. - Get the values from someone who has them.
- Now
npm installshould work.
NX provides two types of projects: applications and libraries. Run the commands below to generate a project of your choice.
# Generate an standard JavaScript library.
npx nx g @nrwl/workspace:lib
# Generate an NestJS library.
npx nx g @nx/nest:library
# Generate an NestJS application.
npx nx g @nx/nest:application --tags type:applicationFor more information about code generation, please refer to the NX documentation.
This section describes the process to release a new version of publishable packages to NPM.
- Run
make packages/releaseand follow the prompts to bump the projects' versions. - Run
npm installto updatepackage-lock.json. - Commit and push the changes to your branch.
- After your branch is merged, manually trigger the packages pipeline to publish the new version to NPM.
You can find the publishable packages listed in the release.projects value in
the nx.json.
If using docker run --env-file .env ..., the env file cannot include quotes
around values. The quotes will be included in the value.
Inside docker, localhost points to the container not your computer (host).
Change localhost to host.docker.internal to reference to the host IP
address in the local network.
Armory is MPL 2.0 licensed.
You can find an exhaustive list of licenses of third-party software dependencies used by the Armory at LICENSES_DISCLOSURE.md.
To generate the list, run
./tools/licenses-disclosure/main.sh > LICENSES_DISCLOSURE.md.