feat: add an option to create zetaclient dry node for tesntet/mainnet

[kingpinXD]

Description

• Adds a make command to setup dry node

make zetaclient-dry ZETACORE_HOST=<hostname>

The host needs the following ports open

    1317: "Cosmos REST API",
    9090: "Cosmos gRPC",
    26657: "CometBFT RPC",
}

• Adds commands to spin up local testnet or mainnet node

make mainnet-node
make testnet-node

When using these the dry zetaclient can be attached to any of these nodes via

make zetaclient-dry ZETACORE_HOST=testnet-node

NOTE : adding new scripts in Python instad of shell as we move towards reafactoring to use python as the main scripting language https://github.com/zeta-chain/node/issues/4372 Closes https://github.com/zeta-chain/node/issues/4450

How Has This Been Tested?

• [ ] Tested CCTX in localnet
• [ ] Tested in development environment
• [ ] Go unit tests
• [ ] Go integration tests
• [ ] Tested via GitHub Actions

---

[!NOTE] Add dry-mode zetaclient and live testnet/mainnet node workflows with snapshot caching, new Python entrypoints/scripts, and supporting Makefile/Docker/Docker Compose updates.

• Localnet/Docker Compose:
  • Switch zetaclient-dry to Python entrypoint start-zetaclient-dry.py; add ZETACORE_HOST env and mount scripts.
  • Add testnet-node and mainnet-node services with ports, healthchecks, volumes, and snapshot caching mounts; define new volumes testnet_data and mainnet_data.
• Makefile:
  • Default NODE_VERSION to env override; update download-snapshot to use contrib/localnet/scripts_python/download_snapshot.py with --chain-id.
  • Add targets: mainnet-node, mainnet-node-force, mainnet-node-stop, testnet-node, testnet-node-force, testnet-node-stop, and zetaclient-dry.
• Dockerfile-localnet:
  • Install extra tools (wget, lz4, python3-requests); copy new Python snapshot script; chmod Python files.
• New Python Utilities:
  • scripts_python/download_snapshot.py: unified snapshot downloader (testnet/mainnet) with checksum, extract, cache.
  • scripts_python/start-zetacored-livenode.py: bootstraps a live ZetaCore node from cached snapshot and network configs.
  • scripts_python/start-zetaclient-dry.py: initializes/configures zetaclientd in dry mode against a provided ZETACORE_HOST.
• Orchestrator:
  • Fund dry hotkey address for zetaclient-dry.
• Changelog:
  • Document feature for creating dry zetaclients connecting to live networks.
• Removed:
  • contrib/devnet/download_snapshot.py (replaced by new localnet script).

^{Written by Cursor Bugbot for commit a41185bf061789486565374951dda60ab27878ac. Configure here.}

Summary by CodeRabbit

Release Notes

• New Features
  • Added dry-run mode for Zetaclient to safely connect to live testnet and mainnet networks
  • Introduced local mainnet and testnet node support for development environments
  • Added automated snapshot download utility for chain synchronization
  • New development targets added for local node debugging and management

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[gitguardian[bot]]

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secret in your pull request

GitGuardian id	GitGuardian status	Secret	Commit	Filename
22859303	Triggered	Generic High Entropy Secret	23c4b44d9a9414ac851e9bdc289d1accad568310	contrib/localnet/zetaclientd/dry-zetaclient/zetaclient_config.json	View secret

🛠 Guidelines to remediate hardcoded secrets

1. Understand the implications of revoking this secret by investigating where it is used in your code.
2. Replace and store your secret safely. Learn here the best practices.
3. Revoke and rotate this secret.
4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

• following these best practices for managing and storing secrets including API keys and other credentials
• install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.

---

^{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.}

[coderabbitai[bot]]

[!IMPORTANT]

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

[!NOTE]

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

📝 Walkthrough

Walkthrough

This PR introduces infrastructure to support dry-run ZetaClient testing against live testnet and mainnet networks. It adds three new Python orchestration scripts for snapshot management, zetaclient dry-mode startup, and live node initialization, updates Docker configuration to include testnet and mainnet node services, modifies the Makefile with new build targets and conditional variables, and removes the legacy devnet snapshot script.

Changes

Cohort / File(s)	Summary
Docker infrastructure Dockerfile-localnet, contrib/localnet/docker-compose.yml	Extends base runtime with wget, lz4, and python3-requests packages; adds executable permissions for Python scripts; adds testnet-node and mainnet-node services to docker-compose; updates zetaclient-dry service entrypoint from shell script to Python script with new ZETACORE_HOST environment variable; defines persistent volumes for testnet and mainnet data.
Build system updates Makefile	Changes NODE_VERSION from strict to conditional assignment; introduces DEVNET_UPGRADE_VERSION variable; adds seven new targets for mainnet/testnet node operations (mainnet-node, mainnet-node-force, mainnet-node-stop, testnet-node, testnet-node-force, testnet-node-stop) and zetaclient-dry debugging target; updates download-snapshot target to reference new script path.
Python orchestration scripts (new) contrib/localnet/scripts_python/download_snapshot.py, contrib/localnet/scripts_python/start-zetaclient-dry.py, contrib/localnet/scripts_python/start-zetacored-livenode.py	Adds download_snapshot.py for fetching, verifying, and caching network snapshots with support for chain-id selection and forced re-downloads; adds start-zetaclient-dry.py for configuring and launching zetaclient in read-only mode with port reachability checks, operator address fetching, hotkey setup, and TSS readiness detection; adds start-zetacored-livenode.py for orchestrating live node startup with genesis initialization, snapshot setup, and config file management.
Snapshot utility removal contrib/devnet/download_snapshot.py	Removes legacy Python snapshot download utility previously located in devnet directory.
Configuration and documentation changelog.md, contrib/localnet/orchestrator/start-zetae2e.sh	Adds changelog entry describing dry zetaclient option for live networks; adds funding call for zetaclient dry hotkey address in e2e initialization script.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Areas requiring additional attention:

• contrib/localnet/scripts_python/start-zetaclient-dry.py — Verify hotkey initialization from mnemonic, port reachability logic, Zetacore API interactions, and error handling paths; ensure proper cleanup on failures
• contrib/localnet/scripts_python/start-zetacored-livenode.py — Validate snapshot extraction and placement logic, config file download and sed-based updates, Genesis initialization, and environment variable defaults
• contrib/localnet/scripts_python/download_snapshot.py — Review MD5 verification implementation, archive extraction robustness, cache directory handling, and user interaction flows
• docker-compose.yml service additions — Confirm testnet-node and mainnet-node port mappings avoid conflicts; verify volume mounts and health checks align with orchestration script expectations
• Makefile targets — Ensure new targets properly parameterize node operations and validate DEVNET_UPGRADE_VERSION placement and scope

Pre-merge checks and finishing touches

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 25.93% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.
Description check	❓ Inconclusive	The PR description provides a clear summary of changes with examples of new make commands, but does not indicate which testing checkboxes were validated prior to submission.	Mark at least one testing checkbox to confirm verification was performed, or clarify which testing methods were used to validate the implementation of the three new Makefile targets and supporting Python scripts.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title refers to a key feature introduced in the PR (dry zetaclient for testnet/mainnet), but contains a typo ('tesntet' instead of 'testnet') and is slightly vague about the full scope of changes.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}