github-zktls/.github/workflows/benchmark.yml at master · therealwiki/github-zktls · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
# Benchmark: ZK Proof Generation
#
# Times the full proof pipeline and reports peak RAM usage.
# Creates its own attestation, then runs the Docker prover.
#
# Run manually from Actions tab. Results posted as workflow summary.

name: Benchmark

on:
  workflow_dispatch:

permissions:
  id-token: write
  contents: read
  attestations: write
  packages: read

jobs:
  benchmark:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Read prover config
        id: versions
        run: |
          echo "prover_digest=$(python3 -c "import json; print(json.load(open('VERSIONS.json'))['reference']['prover_digest']['value'])")" >> "$GITHUB_OUTPUT"

      - name: Generate test certificate
        run: |
          mkdir -p proof
          cat > proof/certificate.json << EOF
          {
            "type": "github-identity",
            "github_actor": "${{ github.actor }}",
            "github_repository": "${{ github.repository }}",
            "recipient_address": "0x0000000000000000000000000000000000000000",
            "faucet_address": "0x0000000000000000000000000000000000000000",
            "chain_id": 84532,
            "timestamp": "$(date -u +%Y-%m-%dT%H:%M:%SZ)",
            "workflow_run": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
          }
          EOF
          echo "Certificate:" && cat proof/certificate.json

      - name: Attest
        id: attest
        uses: actions/attest-build-provenance@v2
        with:
          subject-path: proof/certificate.json

      - name: Copy attestation bundle
        run: cp ${{ steps.attest.outputs.bundle-path }} proof/bundle.json

      - name: Run proof generation with timing
        run: |
          REGISTRY="${{ vars.PROVER_REGISTRY || 'ghcr.io/amiller/zkproof' }}"
          PROVER_DIGEST="${{ steps.versions.outputs.prover_digest }}"
          IMAGE="${REGISTRY}@${PROVER_DIGEST}"

          echo "Pulling prover image..."
          PULL_START=$(date +%s%N)
          docker pull "$IMAGE"
          PULL_END=$(date +%s%N)
          echo "pull_ms=$(( (PULL_END - PULL_START) / 1000000 ))" >> "$GITHUB_ENV"

          # RAM watermark monitor: polls docker stats, tracks peak MB
          CONTAINER_NAME="zkproof-bench-$$"
          PEAK_FILE=$(mktemp)
          echo "0" > "$PEAK_FILE"
          (
            while true; do
              RAW=$(docker stats --no-stream --format '{{.MemUsage}}' "$CONTAINER_NAME" 2>/dev/null || true)
              if [ -n "$RAW" ]; then
                MB=$(python3 -c "
          import re, sys
          m = re.search(r'([\d.]+)\s*(GiB|MiB|KiB)', '''$RAW''')
          if not m: sys.exit()
          v, u = float(m[1]), m[2]
          print(int(v * 1024) if u == 'GiB' else int(v) if u == 'MiB' else max(1, int(v / 1024)))" 2>/dev/null || true)
                if [ -n "$MB" ]; then
                  PREV=$(cat "$PEAK_FILE")
                  [ "$MB" -gt "$PREV" ] 2>/dev/null && echo "$MB" > "$PEAK_FILE"
                fi
              fi
              sleep 0.5
            done
          ) &
          MONITOR_PID=$!

          echo "Starting proof generation..."
          PROVE_START=$(date +%s%N)
          docker run --rm --name "$CONTAINER_NAME" \
            -v ${{ github.workspace }}/proof:/work \
            "$IMAGE" generate /work/bundle.json /work
          PROVE_END=$(date +%s%N)
          echo "prove_ms=$(( (PROVE_END - PROVE_START) / 1000000 ))" >> "$GITHUB_ENV"

          # Give monitor one last read after container exits
          sleep 1
          kill $MONITOR_PID 2>/dev/null || true
          echo "peak_ram_mb=$(cat "$PEAK_FILE")" >> "$GITHUB_ENV"
          rm -f "$PEAK_FILE"

          ls -la proof/proof.bin proof/inputs.bin proof/claim.json
          echo "proof_size=$(stat -c%s proof/proof.bin)" >> "$GITHUB_ENV"

      - name: Post results
        run: |
          PROVE_SEC=$(python3 -c "print(f'{${{ env.prove_ms }} / 1000:.1f}')")
          PULL_SEC=$(python3 -c "print(f'{${{ env.pull_ms }} / 1000:.1f}')")
          {
            echo "## Benchmark Results"
            echo ""
            echo "| Metric | Value |"
            echo "|--------|-------|"
            echo "| **Proof generation** | ${PROVE_SEC}s |"
            echo "| **Docker pull** | ${PULL_SEC}s |"
            echo "| **Peak RAM** | ${{ env.peak_ram_mb }} MB |"
            echo "| **Proof size** | ${{ env.proof_size }} bytes |"
            echo "| **Runner** | \`ubuntu-latest\` |"
            echo "| **Prover digest** | \`${PROVER_DIGEST:0:16}...\` |"
            echo "| **Commit** | \`${{ github.sha }}\` |"
          } >> "$GITHUB_STEP_SUMMARY"

          echo "=== BENCHMARK RESULTS ==="
          echo "Proof generation: ${PROVE_SEC}s"
          echo "Docker pull: ${PULL_SEC}s"
          echo "Peak RAM: ${{ env.peak_ram_mb }} MB"
          echo "Proof size: ${{ env.proof_size }} bytes"

      - name: Upload proof artifact
        uses: actions/upload-artifact@v4
        with:
          name: benchmark-proof
          path: proof/