-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #27 from datachainlab/it
Add integration tests Signed-off-by: Jun Kimura <[email protected]>
- Loading branch information
Showing
27 changed files
with
5,254 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
[submodule "tests/lcp"] | ||
path = tests/lcp | ||
url = https://github.com/datachainlab/lcp |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
/bin/ | ||
/data/ | ||
|
||
#object file | ||
*.o | ||
|
||
#library | ||
*.a | ||
|
||
#share object | ||
*.so | ||
*.so.* | ||
|
||
#generated proxy | ||
*_u.c | ||
*_u.h | ||
*_t.c | ||
*_t.h | ||
|
||
incubator-teaclave-sgx-sdk | ||
|
||
target/ | ||
Cargo.lock |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
include enclave.mk | ||
|
||
.PHONY: all | ||
all: $(Signed_RustEnclave_Name) lcp yrly | ||
|
||
.PHONY: lcp | ||
lcp: | ||
$(MAKE) -C ./lcp all | ||
|
||
.PHONY: yrly | ||
yrly: | ||
go build -o ./bin/yrly -tags customcert ./relayer/main.go | ||
|
||
.PHONY: e2e-test | ||
setup: | ||
./scripts/run_lcp.sh | ||
./scripts/run_rly.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,94 @@ | ||
# Integration tests | ||
|
||
## Overview | ||
|
||
This provides an integration test environment for yui-relayer and lcp including ethereum-elc. Currently, it is possible to test create-client and update-client. | ||
|
||
## Pre-requisites | ||
|
||
### Setup for Ethereum | ||
|
||
You must set the below environment variables: | ||
|
||
```bash | ||
export EXECUTION_ENDPOINT=http://localhost:8545 // Must modify with your endpoint | ||
export CONSENSUS_ENDPOINT=http://localhost:9596 // Must modify with your endpoint | ||
``` | ||
|
||
If you cannot access the ethereum endpoint, you can launch a local ethereum node with the following command: | ||
|
||
```bash | ||
$ git clone https://github.com/datachainlab/cosmos-ethereum-ibc-lcp | ||
$ make prepare-contracts build-images | ||
$ make -C ./tests/e2e/chains/ethereum network | ||
# if you want to stop the network, run `make -C ./tests/e2e/chains/ethereum network-down` | ||
``` | ||
|
||
Then, you can set the environment variables as the following: | ||
|
||
```bash | ||
export EXECUTION_ENDPOINT=http://localhost:8546 | ||
export CONSENSUS_ENDPOINT=http://localhost:19596 | ||
``` | ||
|
||
### Modify the public testnet | ||
|
||
If you want to run the tests with the public testnet like sepolia, you need to modify `enclave/lib.rs` as the following: | ||
|
||
```rust | ||
fn build_lc_registry() -> MapLightClientRegistry { | ||
let mut registry = MapLightClientRegistry::new(); | ||
tendermint_lc::register_implementations(&mut registry); | ||
ethereum_elc::register_implementations::<{ ethereum_elc::ibc::consensus::preset::mainnet::PRESET.SYNC_COMMITTEE_SIZE }>(&mut registry); | ||
registry.seal().unwrap(); | ||
registry | ||
} | ||
``` | ||
|
||
Also, you need to modify `./config/templates/ibc-1.json.tpl` as the following: | ||
|
||
``` | ||
"prover": { | ||
"@type": "/relayer.provers.lcp.config.ProverConfig", | ||
"origin_prover": { | ||
"@type": "/relayer.provers.ethereum_light_client.config.ProverConfig", | ||
"beacon_endpoint": $CONSENSUS_ENDPOINT, | ||
"network": "sepolia", // EDIT: Change to sepolia | ||
"trusting_period": "168h", | ||
"max_clock_drift": "0", | ||
"refresh_threshold_rate": { | ||
"numerator": 2, | ||
"denominator": 3 | ||
} | ||
}, | ||
... | ||
} | ||
``` | ||
|
||
### Install SGX-SDK | ||
|
||
Please refer to the [cosmos-ethereum-ibc-lcp's README](https://github.com/datachainlab/cosmos-ethereum-ibc-lcp?tab=readme-ov-file#prerequisites). | ||
|
||
## Build | ||
|
||
```bash | ||
$ make | ||
``` | ||
|
||
## Run tests | ||
|
||
```bash | ||
# initialize the relayer and run lcp service | ||
$ make setup | ||
# set the test certificate for the relayer | ||
$ export LCP_RA_ROOT_CERT_HEX=$(cat ./lcp/tests/certs/root.crt | xxd -p -c 1000000) | ||
# ensure we can get the finality update from lodestar. If you got an error, please retry after a few seconds. | ||
$ curl ${CONSENSUS_ENDPOINT}/eth/v1/beacon/light_client/finality_update | ||
# run the tests | ||
$ ./bin/yrly lcp create-elc ibc01 --src=false --elc_client_id=ethereum-0 | ||
$ ./bin/yrly lcp update-elc ibc01 --src=false --elc_client_id=ethereum-0 | ||
``` | ||
|
||
## Restart the lcp service | ||
|
||
Please use `kill` or `pkill` to kill lcp service and run `Run tests` again. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,208 @@ | ||
# Licensed to the Apache Software Foundation (ASF) under one | ||
# or more contributor license agreements. See the NOTICE file | ||
# distributed with this work for additional information | ||
# regarding copyright ownership. The ASF licenses this file | ||
# to you under the Apache License, Version 2.0 (the | ||
# "License"); you may not use this file except in compliance | ||
# with the License. You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, | ||
# software distributed under the License is distributed on an | ||
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
# KIND, either express or implied. See the License for the | ||
# specific language governing permissions and limitations | ||
# under the License.. | ||
# | ||
# | ||
|
||
# ----------------------------------------------------------------------------- | ||
# Function : parent-dir | ||
# Arguments: 1: path | ||
# Returns : Parent dir or path of $1, with final separator removed. | ||
# ----------------------------------------------------------------------------- | ||
parent-dir = $(patsubst %/,%,$(dir $(1:%/=%))) | ||
|
||
# ----------------------------------------------------------------------------- | ||
# Macro : my-dir | ||
# Returns : the directory of the current Makefile | ||
# Usage : $(my-dir) | ||
# ----------------------------------------------------------------------------- | ||
my-dir = $(realpath $(call parent-dir,$(lastword $(MAKEFILE_LIST)))) | ||
|
||
|
||
ROOT_DIR := $(call my-dir) | ||
ifneq ($(words $(subst :, ,$(ROOT_DIR))), 1) | ||
$(error main directory cannot contain spaces nor colons) | ||
endif | ||
|
||
COMMON_DIR := $(ROOT_DIR)/common | ||
|
||
CP := /bin/cp -f | ||
MKDIR := mkdir -p | ||
STRIP := strip | ||
OBJCOPY := objcopy | ||
CC ?= gcc | ||
|
||
# clean the content of 'INCLUDE' - this variable will be set by vcvars32.bat | ||
# thus it will cause build error when this variable is used by our Makefile, | ||
# when compiling the code under Cygwin tainted by MSVC environment settings. | ||
INCLUDE := | ||
|
||
# this will return the path to the file that included the buildenv.mk file | ||
CUR_DIR := $(realpath $(call parent-dir,$(lastword $(wordlist 2,$(words $(MAKEFILE_LIST)),x $(MAKEFILE_LIST))))) | ||
|
||
CC_VERSION := $(shell $(CC) -dumpversion) | ||
CC_VERSION_MAJOR := $(shell echo $(CC_VERSION) | cut -f1 -d.) | ||
CC_VERSION_MINOR := $(shell echo $(CC_VERSION) | cut -f2 -d.) | ||
CC_BELOW_4_9 := $(shell [ $(CC_VERSION_MAJOR) -lt 4 -o \( $(CC_VERSION_MAJOR) -eq 4 -a $(CC_VERSION_MINOR) -le 9 \) ] && echo 1) | ||
CC_BELOW_5_2 := $(shell [ $(CC_VERSION_MAJOR) -lt 5 -o \( $(CC_VERSION_MAJOR) -eq 5 -a $(CC_VERSION_MINOR) -le 2 \) ] && echo 1) | ||
|
||
# turn on stack protector for SDK | ||
ifeq ($(CC_BELOW_4_9), 1) | ||
COMMON_FLAGS += -fstack-protector | ||
else | ||
COMMON_FLAGS += -fstack-protector-strong | ||
endif | ||
|
||
ifdef DEBUG | ||
COMMON_FLAGS += -O0 -g -DDEBUG -UNDEBUG | ||
else | ||
COMMON_FLAGS += -O2 -D_FORTIFY_SOURCE=2 -UDEBUG -DNDEBUG | ||
endif | ||
|
||
COMMON_FLAGS += -ffunction-sections -fdata-sections | ||
|
||
# turn on compiler warnings as much as possible | ||
COMMON_FLAGS += -Wall -Wextra -Winit-self -Wpointer-arith -Wreturn-type \ | ||
-Waddress -Wsequence-point -Wformat-security \ | ||
-Wmissing-include-dirs -Wfloat-equal -Wundef -Wshadow \ | ||
-Wcast-align -Wconversion -Wredundant-decls | ||
|
||
# additional warnings flags for C | ||
CFLAGS += -Wjump-misses-init -Wstrict-prototypes -Wunsuffixed-float-constants | ||
|
||
# additional warnings flags for C++ | ||
CXXFLAGS += -Wnon-virtual-dtor | ||
|
||
# for static_assert() | ||
CXXFLAGS += -std=c++14 | ||
|
||
.DEFAULT_GOAL := all | ||
# this turns off the RCS / SCCS implicit rules of GNU Make | ||
% : RCS/%,v | ||
% : RCS/% | ||
% : %,v | ||
% : s.% | ||
% : SCCS/s.% | ||
|
||
# If a rule fails, delete $@. | ||
.DELETE_ON_ERROR: | ||
|
||
HOST_FILE_PROGRAM := file | ||
|
||
UNAME := $(shell uname -m) | ||
ifneq (,$(findstring 86,$(UNAME))) | ||
HOST_ARCH := x86 | ||
ifneq (,$(shell $(HOST_FILE_PROGRAM) -L $(SHELL) | grep 'x86[_-]64')) | ||
HOST_ARCH := x86_64 | ||
endif | ||
else | ||
$(info Unknown host CPU arhitecture $(UNAME)) | ||
$(error Aborting) | ||
endif | ||
|
||
|
||
ifeq "$(findstring __INTEL_COMPILER, $(shell $(CC) -E -dM -xc /dev/null))" "__INTEL_COMPILER" | ||
ifeq ($(shell test -f /usr/bin/dpkg; echo $$?), 0) | ||
ADDED_INC := -I /usr/include/$(shell dpkg-architecture -qDEB_BUILD_MULTIARCH) | ||
endif | ||
endif | ||
|
||
ARCH := $(HOST_ARCH) | ||
ifeq "$(findstring -m32, $(CXXFLAGS))" "-m32" | ||
ARCH := x86 | ||
endif | ||
|
||
ifeq ($(ARCH), x86) | ||
COMMON_FLAGS += -DITT_ARCH_IA32 | ||
else | ||
COMMON_FLAGS += -DITT_ARCH_IA64 | ||
endif | ||
|
||
CFLAGS += $(COMMON_FLAGS) | ||
CXXFLAGS += $(COMMON_FLAGS) | ||
|
||
# Enable the security flags | ||
COMMON_LDFLAGS := -Wl,-z,relro,-z,now,-z,noexecstack | ||
|
||
# mitigation options | ||
MITIGATION_INDIRECT ?= 0 | ||
MITIGATION_RET ?= 0 | ||
MITIGATION_C ?= 0 | ||
MITIGATION_ASM ?= 0 | ||
MITIGATION_AFTERLOAD ?= 0 | ||
MITIGATION_LIB_PATH := | ||
|
||
ifeq ($(MITIGATION-CVE-2020-0551), LOAD) | ||
MITIGATION_C := 1 | ||
MITIGATION_ASM := 1 | ||
MITIGATION_INDIRECT := 1 | ||
MITIGATION_RET := 1 | ||
MITIGATION_AFTERLOAD := 1 | ||
MITIGATION_LIB_PATH := cve_2020_0551_load | ||
else ifeq ($(MITIGATION-CVE-2020-0551), CF) | ||
MITIGATION_C := 1 | ||
MITIGATION_ASM := 1 | ||
MITIGATION_INDIRECT := 1 | ||
MITIGATION_RET := 1 | ||
MITIGATION_AFTERLOAD := 0 | ||
MITIGATION_LIB_PATH := cve_2020_0551_cf | ||
endif | ||
|
||
ifeq ($(MITIGATION_C), 1) | ||
ifeq ($(MITIGATION_INDIRECT), 1) | ||
MITIGATION_CFLAGS += -mindirect-branch-register | ||
endif | ||
ifeq ($(MITIGATION_RET), 1) | ||
CC_NO_LESS_THAN_8 := $(shell expr $(CC_VERSION) \>\= "8") | ||
ifeq ($(CC_NO_LESS_THAN_8), 1) | ||
MITIGATION_CFLAGS += -fcf-protection=none | ||
endif | ||
MITIGATION_CFLAGS += -mfunction-return=thunk-extern | ||
endif | ||
endif | ||
|
||
ifeq ($(MITIGATION_ASM), 1) | ||
MITIGATION_ASFLAGS += -fno-plt | ||
ifeq ($(MITIGATION_AFTERLOAD), 1) | ||
MITIGATION_ASFLAGS += -Wa,-mlfence-after-load=yes -Wa,-mlfence-before-indirect-branch=memory | ||
else | ||
MITIGATION_ASFLAGS += -Wa,-mlfence-before-indirect-branch=all | ||
endif | ||
ifeq ($(MITIGATION_RET), 1) | ||
MITIGATION_ASFLAGS += -Wa,-mlfence-before-ret=shl | ||
endif | ||
endif | ||
|
||
MITIGATION_CFLAGS += $(MITIGATION_ASFLAGS) | ||
|
||
# Compiler and linker options for an Enclave | ||
# | ||
# We are using '--export-dynamic' so that `g_global_data_sim' etc. | ||
# will be exported to dynamic symbol table. | ||
# | ||
# When `pie' is enabled, the linker (both BFD and Gold) under Ubuntu 14.04 | ||
# will hide all symbols from dynamic symbol table even if they are marked | ||
# as `global' in the LD version script. | ||
ENCLAVE_CFLAGS = -ffreestanding -nostdinc -fvisibility=hidden -fpie -fno-strict-overflow -fno-delete-null-pointer-checks | ||
ENCLAVE_CXXFLAGS = $(ENCLAVE_CFLAGS) -nostdinc++ | ||
ENCLAVE_LDFLAGS = $(COMMON_LDFLAGS) -Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined \ | ||
-Wl,-pie,-eenclave_entry -Wl,--export-dynamic \ | ||
-Wl,--gc-sections \ | ||
-Wl,--defsym,__ImageBase=0 | ||
|
||
ENCLAVE_CFLAGS += $(MITIGATION_CFLAGS) | ||
ENCLAVE_ASFLAGS = $(MITIGATION_ASFLAGS) | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
demo/*.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
# Demo configs | ||
|
||
**WARNING** These configurations are intended only for testing and development. | ||
You must modify them for your environment and security level in production. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
{ | ||
"src": { | ||
"chain-id": "ibc0", | ||
"client-id": "", | ||
"connection-id": "", | ||
"channel-id": "", | ||
"port-id": "mockapp", | ||
"order": "unordered", | ||
"version": "mockapp-1" | ||
}, | ||
"dst": { | ||
"chain-id": "ibc1", | ||
"client-id": "", | ||
"connection-id": "", | ||
"channel-id": "", | ||
"port-id": "mockapp", | ||
"order": "unordered", | ||
"version": "mockapp-1" | ||
}, | ||
"strategy": { | ||
"type": "naive" | ||
} | ||
} |
Oops, something went wrong.