Figure out RPC client and TLS

[Mirko-von-Leipzig]

Our public testnet and devnet RPC endpoints now use https and therefore require clients with TLS support. In the tonic crate this means enabling one the tls related features, and the client automatically gains TLS support e.g. cargo add tonic --features tls-native-roots.

Some users are using the gRPC client from our rpc crate -- however this crate does not enable TLS because internally our infrastructure is still http only. This means users of this client need to additionally override tonic with the TLS features. This is obscure and the client errors aren't very helpful in pointing out the issue since its just a connection rejection.

RPC client

We have a few options to improve this. Firstly though we should decide what the public interface of the rpc crate should be. The primary goal of the crate is to provide the RPC component of the node -- and despite the name, this is not meant as the canonical RPC client. Its intended to be the node's RPC server component.

Our options here:

1. Remove the RPC client from the rpc crate. Users should generate their own client using rpc-proto.
2. (1) but also add the client generation to the rpc-proto crate.
3. Keep as is.

TLS features

If we go with (2) or (3) from above then we should also improve the TLS situation to make it easier to get right. Some options:

1. Only document the cargo add tonic .. trick.
2. Add proxy features and choose what the default should be to minimize surprises.

There are three tonic TLS features:

• tls: Enables the rustls based TLS options for the transport feature. Not enabled by default.
• tls-native-roots: Adds system trust roots to rustls-based gRPC clients using the rustls-native-certs crate. Not enabled by default.
• tls-webpki-roots: Add the standard trust roots from the webpki-roots crate to rustls-based gRPC clients. Not enabled

The latter two automatically configure TLS using the system or the mozilla certificate stores respectively. I'm unsure how these features combine, if at all. The former allows users to configure their own certificate (and is enabled as part of the other two as well).

[igamigo]

1. Remove the RPC client from the rpc crate. Users should generate their own client using rpc-proto.

A good alternative for replacing this may also be to use the client's RPC (enabled with the tonic feature) since it already is meant to be used against the network nodes. They can just use the RPC client and ignore other features.

[bobbinth]

1. Remove the RPC client from the rpc crate. Users should generate their own client using rpc-proto.

A good alternative for replacing this may also be to use the client's RPC (enabled with the tonic feature) since it already is meant to be used against the network nodes. They can just use the RPC client and ignore other features.

Agree that this could be a good solution especially since it already handles conversion of some of the auto-generated types into miden-base types. But we'd need to make sure we cover all of the endpoints available on the node's RPC component. For example, I don't believe we currently expose GetBlockByNumber endpoint from there.

Our options here:

1. Remove the RPC client from the rpc crate. Users should generate their own client using rpc-proto.
2. (1) but also add the client generation to the rpc-proto crate.
3. Keep as is.

I think we should definitely do (1) - unless it causes some issues, and if (2) is negligible amount of work, we could do this too.

[igamigo]

1. Remove the RPC client from the rpc crate. Users should generate their own client using rpc-proto.

A good alternative for replacing this may also be to use the client's RPC (enabled with the tonic feature) since it already is meant to be used against the network nodes. They can just use the RPC client and ignore other features.

Agree that this could be a good solution especially since it already handles conversion of some of the auto-generated types into miden-base types. But we'd need to make sure we cover all of the endpoints available on the node's RPC component. For example, I don't believe we currently expose GetBlockByNumber endpoint from there.

Should we implement this (and any missing endpoint) on the client regardless of the solution for this issue?

[bobbinth]

Should we implement this (and any missing endpoint) on the client regardless of the solution for this issue?

Yes! Let's do that!

[TomasArrachea]

The only issue with this is that the faucet is currently using the ApiClient created in proto. I can think of two solutions:

1. Inside the faucet crate, generate an ApiClient using the rpc-proto crate, just like it's done in miden-client.
2. Instead of removing the ApiClient from the proto crate, use a tonic-build setting to generate it behind a feature flag (e.g. "rpc-client"). When importing this crate for the faucet, using this feature would allow it to work as is.

I think the second option seems a bit simpler, and avoids having more protobuf bindings code.

[bobbinth]

2. Instead of removing the ApiClient from the proto crate, use a tonic-build setting to generate it behind a feature flag (e.g. "rpc-client"). When importing this crate for the faucet, using this feature would allow it to work as is.

I like this approach as well. Basically, what this means for miden-node is:

• Remove ApiClient from the miden-node-rpc crate.
• Add ApiClient to the miden-rpc-proto crate, but put it behind the rpc-client feature.

This way, if someone wants to make calls to the RPC directly (and for some reason doesn't want to use the functionality provided in miden-client), they could add miden-rpc-proto dependency with rpc-client feature enabled.

[TomasArrachea]

I implemented this in #723, but the feature flag was actually introduced in miden-node-proto, not miden-rpc-proto.

[bobbinth]

I implemented this in #723, but the feature flag was actually introduced in miden-node-proto, not miden-rpc-proto.

I may not be thinking about this right, but does putting generated client files into miden-rpc-proto cause issues? The way I was thinking about this is that miden-node-proto provides the servicer part, and miden-rpc-proto provides the client part. If this works, we could even rename miden-rpc-proto into miden-rpc-client (or maybe miden-node-rpc-client).

[Mirko-von-Leipzig]

Some options, from least to most favorite.

1. Copy paste proto files to both. I don't like this.
2. Raw proto crate that exports the raw proto files as strings; similar to what we have now.
3. Single crate with client and server feature flags. Could still provide the raw file strings if anyone needs to generate their own. Though I might recommend they use submodules instead tbh.

[bobbinth]

2. Raw proto crate that exports the raw proto files as strings; similar to what we have now.

Don't we now have the proto directory in the root (which is not a crate), and then two crates which both copy the protobuf files from this directory locally at build time?

3. Single crate with client and server feature flags. Could still provide the raw file strings if anyone needs to generate their own. Though I might recommend they use submodules instead tbh.

So, if I understood correctly, under this scenario, we'd have a single miden-node-rpc crate (no miden-rpc-proto crate). This crate would:

• Always export protobuf files as strings (similar to what miden-rpc-proto does now).
• When server feature is enabled, would enable the current functionality of miden-node-rpc and would export the generated files needed to run the server.
• When client feature is enabled, would export the generated functionality for the client code needed to interact with the server.

Correct?

[Mirko-von-Leipzig]

Don't we now have the proto directory in the root (which is not a crate), and then two crates which both copy the protobuf files from this directory locally at build time?

Yes that's what I meant with copy-paste with option (1). The raw strings we also have which is used by the miden-client at the moment iiuc.

So, if I understood correctly, under this scenario, we'd have a single miden-node-rpc crate (no miden-rpc-proto crate). This crate would:

• Always export protobuf files as strings (similar to what miden-rpc-proto does now).
• When server feature is enabled, would enable the current functionality of miden-node-rpc and would export the generated files needed to run the server.
• When client feature is enabled, would export the generated functionality for the client code needed to interact with the server.

Correct?

I actually meant keeping both in miden-rpc-proto which would then contain the proto files, and the server and client codegen as part of its build script.

---

Though maybe we should take a step back again. For a user in an arbitrary language, they need to copy the proto files and generate their own code based on that (since we can't reasonably be expected to generate bindings for multiple languages). This also means users can configure codegen as they please.

However we already need to generate for ourselves and maybe it makes sense to add in the ability for other Rust users. We also want the RPC client for the faucet and the client SDK (though they're currently doing their own codegen).

The above issue isn't really about codegen though, since thats (reasonably) simple with build.rs, the issue is that we cannot distribute the proto files so we're forced to do codegen which also means users cannot configure the codegen.

---

I think the client SDK has the correct way of doing things with their own build.rs and "copying" the proto files across to do this. Maybe we should make this pattern easier?

What if we wrap tonic_build::Builder without the ability to specify proto files (since it will be hardcoded to use ours), but with every other configuration allowed. We can just call this miden-node-proto or miden-node-rpc-build and its intended to always be used in build.rs.

This neatly bundles the proto definitions in this build step, doesn't require features, and both client and server can be optionally generated, with all possible attributes and features as desired.

We could take this a step further and have a single crate to include the internal RPC definitions as well, as distinct builder types (but same options etc). If its an issue that we're "exposing" internal gRPC definitions then we could hide those behind a non-default feature, or create another more public crate that simply re-exports only the RPC client gRPC stuff.

The other benefit is that this removes the need for copying the proto definitions around - all of them would only live in this miden-node-grpc-build crate which embeds them for codegen.

---

One additional point to consider is how we want to expose the Domain types and conversions. Would it be beneficial for Rust users to interface with these types instead of the raw proto types? But I think this is orthogonal to this issue.