From c87667adff2248dbeb861a6513a7c892511b6036 Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Fri, 7 Jul 2023 14:53:34 +0200 Subject: [PATCH 01/24] remove skip-ias, introduce MultiEnclave, clean up. wip --- Cargo.lock | 1 + primitives/teerex/Cargo.toml | 1 + primitives/teerex/src/lib.rs | 84 +++++++- teerex/src/benchmarking.rs | 3 +- teerex/src/lib.rs | 371 ++++++++++----------------------- teerex/src/tests/test_cases.rs | 8 +- 6 files changed, 197 insertions(+), 271 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 805916b1..3e48efaf 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4061,6 +4061,7 @@ dependencies = [ "serde", "sp-core", "sp-io", + "sp-runtime", "sp-std 5.0.0", ] diff --git a/primitives/teerex/Cargo.toml b/primitives/teerex/Cargo.toml index 6ee2b313..a1d55a8d 100644 --- a/primitives/teerex/Cargo.toml +++ b/primitives/teerex/Cargo.toml @@ -16,6 +16,7 @@ serde = { version = "1.0.13", default-features = false } # substrate dependencies sp-core = { default-features = false, git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.42" } sp-io = { default-features = false, git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.42" } +sp-runtime = { default-features = false, git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.42" } sp-std = { default-features = false, git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.42" } [dev-dependencies] diff --git a/primitives/teerex/src/lib.rs b/primitives/teerex/src/lib.rs index 31e2a830..b1b7fc57 100644 --- a/primitives/teerex/src/lib.rs +++ b/primitives/teerex/src/lib.rs @@ -19,7 +19,8 @@ #![cfg_attr(not(feature = "std"), no_std)] use codec::{Decode, Encode}; use scale_info::TypeInfo; -use sp_core::H256; +use sp_core::{bounded_vec::BoundedVec, ConstU32, H256}; +use sp_runtime::MultiSigner; use sp_std::prelude::*; #[derive(Encode, Decode, Copy, Clone, PartialEq, Eq, sp_core::RuntimeDebug, TypeInfo)] @@ -92,6 +93,87 @@ pub enum SgxStatus { ConfigurationNeeded, } +pub type OpaqueSigner = BoundedVec>; +pub type EnclaveFingerprint = H256; + +#[derive(Encode, Decode, Clone, PartialEq, Eq, sp_core::RuntimeDebug, TypeInfo)] +pub enum AnySigner { + Opaque(OpaqueSigner), + Known(MultiSigner), +} + +impl From for AnySigner { + fn from(signer: MultiSigner) -> Self { + AnySigner::Known(signer) + } +} + +impl From for AnySigner { + fn from(signer_bytes: OpaqueSigner) -> Self { + AnySigner::Opaque(signer_bytes) + } +} + +#[derive(Encode, Decode, Copy, Clone, PartialEq, Eq, sp_core::RuntimeDebug, TypeInfo)] +pub enum MultiEnclave { + Sgx(SgxEnclave), +} + +impl From> for MultiEnclave { + fn from(sgx_enclave: SgxEnclave) -> Self { + MultiEnclave::Sgx(sgx_enclave) + } +} + +impl MultiEnclave { + pub fn author(self) -> AnySigner { + match self { + MultiEnclave::Sgx(enclave) => AnySigner::Opaque( + OpaqueSigner::try_from(enclave.mr_signer.to_vec()).unwrap_or_default(), + ), + } + } + + pub fn fingerprint(self) -> H256 { + match self { + MultiEnclave::Sgx(enclave) => EnclaveFingerprint::from(enclave.mr_enclave), + } + } + + pub fn instance_signer(self) -> AnySigner { + match self { + MultiEnclave::Sgx(enclave) => match enclave.maybe_pubkey() { + Some(pubkey) => + AnySigner::from(MultiSigner::from(sp_core::ed25519::Public::from_raw(pubkey))), + None => AnySigner::Opaque( + OpaqueSigner::try_from(enclave.report_data.d.to_vec()).unwrap_or_default(), + ), + }, + } + } + + pub fn instance_url(self) -> Option { + match self { + MultiEnclave::Sgx(enclave) => enclave.url, + } + } + + pub fn attestation_timestamp(self) -> u64 { + match self { + MultiEnclave::Sgx(enclave) => enclave.timestamp, + } + } + + pub fn attestaion_proxied(self) -> bool { + match self { + MultiEnclave::Sgx(enclave) => match enclave.attestation_method { + SgxAttestationMethod::Skip(true) | SgxAttestationMethod::Dcap(true) => true, + _ => false, + }, + } + } +} + #[derive(Encode, Decode, Default, Copy, Clone, PartialEq, Eq, sp_core::RuntimeDebug, TypeInfo)] pub struct SgxEnclave { pub report_data: SgxReportData, diff --git a/teerex/src/benchmarking.rs b/teerex/src/benchmarking.rs index bdeca0c1..75fd8120 100644 --- a/teerex/src/benchmarking.rs +++ b/teerex/src/benchmarking.rs @@ -126,8 +126,7 @@ benchmarks! { }: _(RawOrigin::Signed(accounts[0].clone())) verify { - assert!(!crate::EnclaveIndex::::contains_key(&accounts[0])); - assert_eq!(Teerex::::enclave_count(), enclave_count as u64 - 1); + assert!(!crate::SovereignEnclaves::::contains_key(&accounts[0])); } // Benchmark `call_worker`. There are no worst conditions. The benchmark showed that diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index bba125bb..6df4d4ee 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -41,8 +41,8 @@ pub type BalanceOf = <::Currency as Currency>>::Bal pub use pallet::*; -const MAX_RA_REPORT_LEN: usize = 4096; -const MAX_DCAP_QUOTE_LEN: usize = 5000; +const SGX_RA_PROOF_MAX_LEN: usize = 5000; + const MAX_URL_LEN: usize = 256; /// Maximum number of topics for the `publish_hash` call. const TOPICS_LIMIT: usize = 5; @@ -82,7 +82,7 @@ pub mod pallet { pub enum Event { AddedEnclave { registered_by: T::AccountId, - worker_url: Vec, + worker_url: Option>, tcb_status: Option, attestation_method: SgxAttestationMethod, }, @@ -97,11 +97,11 @@ pub mod pallet { hash: H256, data: Vec, }, - TcbInfoRegistered { + SgxTcbInfoRegistered { fmspc: Fmspc, on_chain_info: SgxTcbInfoOnChain, }, - QuotingEnclaveRegistered { + SgxQuotingEnclaveRegistered { quoting_enclave: SgxQuotingEnclave, }, } @@ -110,12 +110,8 @@ pub mod pallet { // avoid ambiguity between Null and 0. #[pallet::storage] #[pallet::getter(fn enclave)] - pub type EnclaveRegistry = - StorageMap<_, Blake2_128Concat, u64, SgxEnclave>, OptionQuery>; - - #[pallet::storage] - #[pallet::getter(fn enclave_count)] - pub type EnclaveCount = StorageValue<_, u64, ValueQuery>; + pub type SovereignEnclaves = + StorageMap<_, Blake2_128Concat, u64, MultiEnclave>, OptionQuery>; #[pallet::storage] #[pallet::getter(fn quoting_enclave)] @@ -126,11 +122,6 @@ pub mod pallet { pub type SgxTcbInfo = StorageMap<_, Blake2_128Concat, Fmspc, SgxTcbInfoOnChain, ValueQuery>; - #[pallet::storage] - #[pallet::getter(fn enclave_index)] - pub type EnclaveIndex = - StorageMap<_, Blake2_128Concat, T::AccountId, u64, ValueQuery>; - #[pallet::storage] #[pallet::getter(fn confirmed_calls)] pub type ExecutedCalls = StorageMap<_, Blake2_128Concat, H256, u64, ValueQuery>; @@ -162,59 +153,110 @@ pub mod pallet { // the integritee-service wants to register his enclave #[pallet::call_index(0)] #[pallet::weight((::WeightInfo::register_ias_enclave(), DispatchClass::Normal, Pays::Yes))] - pub fn register_ias_enclave( + pub fn register_sgx_enclave( origin: OriginFor, - ra_report: Vec, - worker_url: Vec, + proof: Vec, + worker_url: Option>, + attestation_method: SgxAttestationMethod, ) -> DispatchResultWithPostInfo { - log::info!("teerex: called into runtime call register_ias_enclave()"); + log::info!("teerex: called into runtime call register_sgx_enclave()"); let sender = ensure_signed(origin)?; - ensure!(ra_report.len() <= MAX_RA_REPORT_LEN, >::RaReportTooLong); - ensure!(worker_url.len() <= MAX_URL_LEN, >::EnclaveUrlTooLong); + ensure!(proof.len() <= SGX_RA_PROOF_MAX_LEN, >::RaProofTooLong); + ensure!( + worker_url.unwrap_or_default().len() <= MAX_URL_LEN, + >::EnclaveUrlTooLong + ); log::info!("teerex: parameter length ok"); - #[cfg(not(feature = "skip-ias-check"))] - let enclave = Self::verify_report(&sender, ra_report)?.with_url(worker_url.clone()); + let enclave = match attestation_method { + SgxAttestationMethod::Ias => { + let report = sgx_verify::verify_ias_report(&proof) + .map_err(|_| >::RemoteAttestationVerificationFailed)?; + log::info!("teerex: IAS report successfully verified"); + let enclave = SgxEnclave::new( + report.report_data, + report.mr_enclave, + report.mr_signer, + report.timestamp, + report.build_mode, + report.status, + ) + .with_attestation_method(SgxAttestationMethod::Ias); + + ensure!( + sender == T::AccountId::decode(report.report_data.lower32()), + >::SenderIsNotAttestedEnclave + ); + + // TODO: activate state checks as soon as we've fixed our setup #83 + // ensure!((report.status == SgxStatus::Ok) | (report.status == SgxStatus::ConfigurationNeeded), + // "RA status is insufficient"); + // log::info!("teerex: status is acceptable"); + + Self::ensure_timestamp_within_24_hours(report.timestamp)?; + enclave + }, + SgxAttestationMethod::Dcap(proxied) => { + let verification_time = >::get(); + + let qe = >::get(); + let (fmspc, tcb_info, report) = sgx_verify::verify_dcap_quote( + &proof, + verification_time.saturated_into(), + &qe, + ) + .map_err(|e| { + log::warn!("verify_dcap_quote failed: {:?}", e); + >::RemoteAttestationVerificationFailed + })?; + + if !proxied { + ensure!( + sender == T::AccountId::decode(report.report_data.lower32()), + >::SenderIsNotAttestedEnclave + ); + } + + log::info!("teerex: DCAP quote verified. FMSPC from quote: {:?}", fmspc); + let tcb_info_on_chain = >::get(fmspc); + ensure!(tcb_info_on_chain.verify_examinee(&tcb_info), "tcb_info is outdated"); + + let enclave = SgxEnclave::new( + report.report_data, + report.mr_enclave, + report.mr_signer, + report.timestamp, + report.build_mode, + report.status, + ) + .with_attestation_method(SgxAttestationMethod::Dcap(proxied)); + + // TODO: activate state checks as soon as we've fixed our setup #83 + // ensure!((report.status == SgxStatus::Ok) | (report.status == SgxStatus::ConfigurationNeeded), + // "RA status is insufficient"); + // log::info!("teerex: status is acceptable"); + enclave + }, + }; - #[cfg(not(feature = "skip-ias-check"))] if !>::get() && enclave.build_mode == SgxBuildMode::Debug { log::warn!("teerex: debug mode is not allowed to attest!"); return Err(>::SgxModeNotAllowed.into()) } - #[cfg(feature = "skip-ias-check")] - log::warn!("[teerex]: Skipping remote attestation check. Only dev-chains are allowed to do this!"); - - #[cfg(feature = "skip-ias-check")] - let enclave = SgxEnclave::>::new( - SgxReportData::default(), - // insert mrenclave if the ra_report represents one, otherwise insert default - ::decode(&mut ra_report.as_slice()).unwrap_or_default(), - MrSigner::default(), - >::get().saturated_into(), - SgxBuildMode::default(), - SgxStatus::Invalid, - ) - .with_pubkey(&sender.encode()) - .with_url(worker_url.clone()); - - Self::add_enclave(&sender, &enclave)?; - - #[cfg(not(feature = "skip-ias-check"))] + let enclave = match worker_url { + Some(url) => enclave.with_url(url), + None => enclave, + }; + + Self::add_enclave(&sender, &MultiEnclave::from(enclave))?; + Self::deposit_event(Event::AddedEnclave { registered_by: sender, worker_url, tcb_status: Some(enclave.status), attestation_method: enclave.attestation_method, }); - - #[cfg(feature = "skip-ias-check")] - Self::deposit_event(Event::AddedEnclave { - registered_by: sender, - worker_url, - tcb_status: None, - attestation_method: SgxAttestationMethod::Skip { proxied: false }, - }); Ok(().into()) } @@ -322,65 +364,6 @@ pub mod pallet { Ok(().into()) } - #[pallet::call_index(6)] - #[pallet::weight((::WeightInfo::register_dcap_enclave(), DispatchClass::Normal, Pays::Yes))] - pub fn register_dcap_enclave( - origin: OriginFor, - dcap_quote: Vec, - worker_url: Vec, - ) -> DispatchResultWithPostInfo { - log::info!("teerex: called into runtime call register_dcap_enclave()"); - let sender = ensure_signed(origin)?; - ensure!(dcap_quote.len() <= MAX_DCAP_QUOTE_LEN, >::RaReportTooLong); - ensure!(worker_url.len() <= MAX_URL_LEN, >::EnclaveUrlTooLong); - log::info!("teerex: parameter length ok"); - - #[cfg(not(feature = "skip-ias-check"))] - let enclave = Self::verify_dcap_quote(&sender, dcap_quote)?.with_url(worker_url.clone()); - - #[cfg(not(feature = "skip-ias-check"))] - if !>::get() && enclave.build_mode == SgxBuildMode::Debug { - log::warn!("teerex: debug mode is not allowed to attest!"); - return Err(>::SgxModeNotAllowed.into()) - } - - #[cfg(feature = "skip-ias-check")] - log::warn!("[teerex]: Skipping remote attestation check. Only dev-chains are allowed to do this!"); - - #[cfg(feature = "skip-ias-check")] - let enclave = SgxEnclave::new( - SgxReportData::default(), - // insert mrenclave if the ra_report represents one, otherwise insert default - ::decode(&mut dcap_quote.as_slice()).unwrap_or_default(), - MrSigner::default(), - >::get().saturated_into(), - SgxBuildMode::default(), - SgxStatus::Invalid, - ) - .with_pubkey(&sender.encode()) - .with_url(worker_url.clone()) - .with_attestation_method(SgxAttestationMethod::Skip { proxied: false }); - - Self::add_enclave(&sender, &enclave)?; - - #[cfg(not(feature = "skip-ias-check"))] - Self::deposit_event(Event::AddedEnclave { - registered_by: sender, - worker_url, - tcb_status: Some(enclave.status), - attestation_method: enclave.attestation_method, - }); - - #[cfg(feature = "skip-ias-check")] - Self::deposit_event(Event::AddedEnclave { - registered_by: sender, - worker_url, - tcb_status: None, - attestation_method: SgxAttestationMethod::Skip { proxied: false }, - }); - Ok(().into()) - } - #[pallet::call_index(7)] #[pallet::weight((::WeightInfo::register_quoting_enclave(), DispatchClass::Normal, Pays::Yes))] pub fn register_quoting_enclave( @@ -398,7 +381,7 @@ pub mod pallet { certificate_chain, )?; >::put("ing_enclave); - Self::deposit_event(Event::QuotingEnclaveRegistered { quoting_enclave }); + Self::deposit_event(Event::SgxQuotingEnclaveRegistered { quoting_enclave }); Ok(().into()) } @@ -416,7 +399,7 @@ pub mod pallet { let (fmspc, on_chain_info) = Self::verify_tcb_info(tcb_info, signature, certificate_chain)?; >::insert(fmspc, &on_chain_info); - Self::deposit_event(Event::TcbInfoRegistered { fmspc, on_chain_info }); + Self::deposit_event(Event::SgxTcbInfoRegistered { fmspc, on_chain_info }); Ok(().into()) } @@ -474,7 +457,7 @@ pub mod pallet { /// The worker url is too long. EnclaveUrlTooLong, /// The Remote Attestation report is too long. - RaReportTooLong, + RaProofTooLong, /// No enclave is registered. EmptyEnclaveRegistry, /// The provided collateral data is invalid @@ -489,97 +472,28 @@ pub mod pallet { impl Pallet { pub fn add_enclave( sender: &T::AccountId, - enclave: &SgxEnclave>, + multi_enclave: &MultiEnclave>, ) -> DispatchResultWithPostInfo { - let enclave_idx = if >::contains_key(sender) { - log::info!("Updating already registered enclave"); - >::get(sender) - } else { - let enclaves_count = Self::enclave_count() - .checked_add(1) - .ok_or("[Teerex]: Overflow adding new enclave to registry")?; - >::insert(sender, enclaves_count); - >::put(enclaves_count); - enclaves_count - }; - - >::insert(enclave_idx, enclave); - Ok(().into()) - } - - fn remove_enclave(sender: &T::AccountId) -> DispatchResultWithPostInfo { - ensure!(>::contains_key(sender), >::EnclaveIsNotRegistered); - let index_to_remove = >::take(sender); - - let enclaves_count = Self::enclave_count(); - let new_enclaves_count = enclaves_count - .checked_sub(1) - .ok_or("[Teerex]: Underflow removing an enclave from the registry")?; - - Self::swap_and_pop(index_to_remove, new_enclaves_count + 1)?; - >::put(new_enclaves_count); - - Ok(().into()) - } - - pub(crate) fn get_enclave(sender: &T::AccountId) -> Result>, Error> { - let sender_index = >::get(sender); - >::get(sender_index).ok_or(Error::::EmptyEnclaveRegistry) - } - - /// Our list implementation would introduce holes in out list if if we try to remove elements from the middle. - /// As the order of the enclave entries is not important, we use the swap and pop method to remove elements from - /// the registry. - fn swap_and_pop(index_to_remove: u64, new_enclaves_count: u64) -> DispatchResultWithPostInfo { - if index_to_remove != new_enclaves_count { - let last_enclave = >::get(new_enclaves_count) - .ok_or(Error::::EmptyEnclaveRegistry)?; - >::insert(index_to_remove, &last_enclave); - >::insert( - last_enclave - .maybe_pubkey::() - .ok_or(Error::::EnclaveSignerDecodeError)?, - index_to_remove, - ); + if multi_enclave.attestaion_proxied() { + log::warn!("proxied enclaves not supported yet"); + return Err(Error::::SenderIsNotAttestedEnclave) } - >::remove(new_enclaves_count); + >::insert(sender, multi_enclave); Ok(().into()) } - fn unregister_silent_workers(now: T::Moment) { - let minimum = now.saturating_sub(T::MaxSilenceTime::get()).saturated_into::(); - if minimum == 0 { - log::error!("Invalid time in unregister_silent_workers. Is the timestamp pallet properly configured?"); - return - } - let silent_workers = >::iter() - .filter(|e| e.1.timestamp < minimum) - .map(|e| e.1.maybe_pubkey()); - for maybe_index in silent_workers { - match maybe_index { - Some(index) => { - let result = Self::remove_enclave(&index); - match result { - Ok(_) => { - log::info!("Unregister enclave because silent worker : {:?}", index); - Self::deposit_event(Event::RemovedEnclave(index)); - }, - Err(e) => { - log::error!("Cannot unregister enclave : {:?}", e); - }, - }; - }, - None => log::error!("Cannot unregister enclave"), - } - } + fn remove_enclave(sender: &T::AccountId) -> DispatchResultWithPostInfo { + ensure!(>::contains_key(sender), >::EnclaveIsNotRegistered); + >::remove(sender); + Ok(().into()) } /// Check if the sender is a registered enclave pub fn ensure_registered_enclave( account: &T::AccountId, ) -> Result<(), DispatchErrorWithPostInfo> { - ensure!(>::contains_key(account), >::EnclaveIsNotRegistered); + ensure!(>::contains_key(account), >::EnclaveIsNotRegistered); Ok(()) } @@ -593,76 +507,6 @@ impl Pallet { ) } - #[cfg(not(feature = "skip-ias-check"))] - fn verify_report( - sender: &T::AccountId, - ra_report: Vec, - ) -> Result>, DispatchErrorWithPostInfo> { - let report = sgx_verify::verify_ias_report(&ra_report) - .map_err(|_| >::RemoteAttestationVerificationFailed)?; - log::info!("teerex: IAS report successfully verified"); - let enclave = SgxEnclave::new( - report.report_data, - report.mr_enclave, - report.mr_signer, - report.timestamp, - report.build_mode, - report.status, - ) - .with_attestation_method(SgxAttestationMethod::Ias); - let enclave_signer = enclave.maybe_pubkey().ok_or(>::EnclaveSignerDecodeError)?; - - ensure!(sender == &enclave_signer, >::SenderIsNotAttestedEnclave); - - // TODO: activate state checks as soon as we've fixed our setup #83 - // ensure!((report.status == SgxStatus::Ok) | (report.status == SgxStatus::ConfigurationNeeded), - // "RA status is insufficient"); - // log::info!("teerex: status is acceptable"); - - Self::ensure_timestamp_within_24_hours(report.timestamp)?; - Ok(enclave) - } - - #[cfg(not(feature = "skip-ias-check"))] - fn verify_dcap_quote( - sender: &T::AccountId, - dcap_quote: Vec, - ) -> Result>, DispatchErrorWithPostInfo> { - let verification_time = >::get(); - - let qe = >::get(); - let (fmspc, tcb_info, report) = - sgx_verify::verify_dcap_quote(&dcap_quote, verification_time.saturated_into(), &qe) - .map_err(|e| { - log::warn!("verify_dcap_quote failed: {:?}", e); - >::RemoteAttestationVerificationFailed - })?; - - log::info!("teerex: DCAP quote verified. FMSPC from quote: {:?}", fmspc); - let tcb_info_on_chain = >::get(fmspc); - ensure!(tcb_info_on_chain.verify_examinee(&tcb_info), "tcb_info is outdated"); - - let enclave = SgxEnclave::new( - report.report_data, - report.mr_enclave, - report.mr_signer, - report.timestamp, - report.build_mode, - report.status, - ) - .with_attestation_method(SgxAttestationMethod::Dcap { proxied: false }); - - let enclave_signer = enclave.maybe_pubkey().ok_or(>::EnclaveSignerDecodeError)?; - ensure!(sender == &enclave_signer, >::SenderIsNotAttestedEnclave); - - // TODO: activate state checks as soon as we've fixed our setup #83 - // ensure!((report.status == SgxStatus::Ok) | (report.status == SgxStatus::ConfigurationNeeded), - // "RA status is insufficient"); - // log::info!("teerex: status is acceptable"); - - Ok(enclave) - } - fn verify_quoting_enclave( enclave_identity: Vec, signature: Vec, @@ -703,7 +547,6 @@ impl Pallet { } } - #[cfg(not(feature = "skip-ias-check"))] fn ensure_timestamp_within_24_hours(report_timestamp: u64) -> DispatchResultWithPostInfo { use sp_runtime::traits::CheckedSub; diff --git a/teerex/src/tests/test_cases.rs b/teerex/src/tests/test_cases.rs index 24a7f0b1..c0425bd5 100644 --- a/teerex/src/tests/test_cases.rs +++ b/teerex/src/tests/test_cases.rs @@ -18,7 +18,7 @@ use crate::{ mock::*, test_helpers::{register_test_quoting_enclave, register_test_tcb_info}, - EnclaveRegistry, Error, Event as TeerexEvent, ExecutedCalls, Request, SgxEnclave, + SovereignEnclaves, Error, Event as TeerexEvent, ExecutedCalls, Request, SgxEnclave, ShardIdentifier, DATA_LENGTH_LIMIT, }; use frame_support::{assert_err, assert_ok}; @@ -33,7 +33,7 @@ use test_utils::test_data::{ }; fn list_enclaves() -> Vec<(u64, SgxEnclave>)> { - >::iter().collect::>)>>() + >::iter().collect::>)>>() } // give get_signer a concrete type @@ -77,7 +77,7 @@ fn register_quoting_enclave_works() { assert_eq!(qe.isvprodid, 1); let expected_event = - RuntimeEvent::Teerex(TeerexEvent::QuotingEnclaveRegistered { quoting_enclave: qe }); + RuntimeEvent::Teerex(TeerexEvent::SgxQuotingEnclaveRegistered { quoting_enclave: qe }); assert!(System::events().iter().any(|a| a.event == expected_event)) }) } @@ -94,7 +94,7 @@ fn register_tcb_info_works() { assert_eq!(tcb_info.next_update, 1681649132000); let expected_event = - RuntimeEvent::Teerex(TeerexEvent::TcbInfoRegistered { fmspc, on_chain_info: tcb_info }); + RuntimeEvent::Teerex(TeerexEvent::SgxTcbInfoRegistered { fmspc, on_chain_info: tcb_info }); assert!(System::events().iter().any(|a| a.event == expected_event)) }) } From eeb029b389d97c56b953391b6540f12b80d548e9 Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Fri, 7 Jul 2023 17:16:06 +0200 Subject: [PATCH 02/24] fix plenty errors after refactoring --- Cargo.lock | 80 +++---- primitives/teerex/src/lib.rs | 13 +- teerex/src/benchmarking.rs | 21 +- teerex/src/lib.rs | 55 +++-- teerex/src/mock.rs | 2 +- teerex/src/tests/test_cases.rs | 376 +++++++++++---------------------- 6 files changed, 222 insertions(+), 325 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 3e48efaf..5b70c2b5 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -969,7 +969,7 @@ dependencies = [ [[package]] name = "frame-benchmarking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "frame-support-procedural", @@ -1006,7 +1006,7 @@ dependencies = [ [[package]] name = "frame-support" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bitflags", "environmental", @@ -1039,7 +1039,7 @@ dependencies = [ [[package]] name = "frame-support-procedural" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "cfg-expr", @@ -1055,7 +1055,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support-procedural-tools-derive", "proc-macro-crate", @@ -1067,7 +1067,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools-derive" version = "3.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -1077,7 +1077,7 @@ dependencies = [ [[package]] name = "frame-system" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "log", @@ -2090,7 +2090,7 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "pallet-balances" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2226,7 +2226,7 @@ dependencies = [ [[package]] name = "pallet-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2244,7 +2244,7 @@ dependencies = [ [[package]] name = "pallet-vesting" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -3333,7 +3333,7 @@ dependencies = [ [[package]] name = "sp-api" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3353,7 +3353,7 @@ dependencies = [ [[package]] name = "sp-api-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "blake2", @@ -3367,7 +3367,7 @@ dependencies = [ [[package]] name = "sp-application-crypto" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3380,7 +3380,7 @@ dependencies = [ [[package]] name = "sp-arithmetic" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "integer-sqrt", "num-traits", @@ -3394,7 +3394,7 @@ dependencies = [ [[package]] name = "sp-authority-discovery" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3407,7 +3407,7 @@ dependencies = [ [[package]] name = "sp-consensus-slots" version = "0.10.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3419,7 +3419,7 @@ dependencies = [ [[package]] name = "sp-core" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "array-bytes", "bitflags", @@ -3463,7 +3463,7 @@ dependencies = [ [[package]] name = "sp-core-hashing" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "blake2b_simd", "byteorder", @@ -3492,7 +3492,7 @@ dependencies = [ [[package]] name = "sp-core-hashing-proc-macro" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3503,7 +3503,7 @@ dependencies = [ [[package]] name = "sp-debug-derive" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3513,7 +3513,7 @@ dependencies = [ [[package]] name = "sp-externalities" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "environmental", "parity-scale-codec", @@ -3524,7 +3524,7 @@ dependencies = [ [[package]] name = "sp-inherents" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "impl-trait-for-tuples", @@ -3539,7 +3539,7 @@ dependencies = [ [[package]] name = "sp-io" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "ed25519", @@ -3565,7 +3565,7 @@ dependencies = [ [[package]] name = "sp-keyring" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "lazy_static", "sp-core", @@ -3576,7 +3576,7 @@ dependencies = [ [[package]] name = "sp-keystore" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "futures", "parity-scale-codec", @@ -3590,7 +3590,7 @@ dependencies = [ [[package]] name = "sp-metadata-ir" version = "0.1.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-metadata", "parity-scale-codec", @@ -3601,7 +3601,7 @@ dependencies = [ [[package]] name = "sp-panic-handler" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "backtrace", "lazy_static", @@ -3611,7 +3611,7 @@ dependencies = [ [[package]] name = "sp-runtime" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "either", "hash256-std-hasher", @@ -3633,7 +3633,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "impl-trait-for-tuples", @@ -3651,7 +3651,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface-proc-macro" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "proc-macro-crate", @@ -3663,7 +3663,7 @@ dependencies = [ [[package]] name = "sp-staking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3676,7 +3676,7 @@ dependencies = [ [[package]] name = "sp-state-machine" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3696,7 +3696,7 @@ dependencies = [ [[package]] name = "sp-std" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" [[package]] name = "sp-std" @@ -3707,7 +3707,7 @@ checksum = "1de8eef39962b5b97478719c493bed2926cf70cb621005bbf68ebe58252ff986" [[package]] name = "sp-storage" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3720,7 +3720,7 @@ dependencies = [ [[package]] name = "sp-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "futures-timer", @@ -3735,7 +3735,7 @@ dependencies = [ [[package]] name = "sp-tracing" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "sp-std 5.0.0", @@ -3747,7 +3747,7 @@ dependencies = [ [[package]] name = "sp-trie" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "ahash 0.8.3", "hash-db", @@ -3770,7 +3770,7 @@ dependencies = [ [[package]] name = "sp-version" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3787,7 +3787,7 @@ dependencies = [ [[package]] name = "sp-version-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "proc-macro2", @@ -3798,7 +3798,7 @@ dependencies = [ [[package]] name = "sp-wasm-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "anyhow", "impl-trait-for-tuples", @@ -3812,7 +3812,7 @@ dependencies = [ [[package]] name = "sp-weights" version = "4.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", diff --git a/primitives/teerex/src/lib.rs b/primitives/teerex/src/lib.rs index b1b7fc57..76d6d66f 100644 --- a/primitives/teerex/src/lib.rs +++ b/primitives/teerex/src/lib.rs @@ -76,7 +76,7 @@ impl AsRef<[u8; 64]> for SgxReportData { } impl SgxReportData { - fn lower32(&self) -> [u8; 32] { + pub fn lower32(&self) -> [u8; 32] { let mut lower = [0u8; 32]; lower.copy_from_slice(&self.d[..32]); lower @@ -108,6 +108,12 @@ impl From for AnySigner { } } +impl From for AnySigner { + fn from(signer: sp_core::ed25519::Public) -> Self { + AnySigner::Known(MultiSigner::from(signer)) + } +} + impl From for AnySigner { fn from(signer_bytes: OpaqueSigner) -> Self { AnySigner::Opaque(signer_bytes) @@ -134,7 +140,7 @@ impl MultiEnclave { } } - pub fn fingerprint(self) -> H256 { + pub fn fingerprint(self) -> EnclaveFingerprint { match self { MultiEnclave::Sgx(enclave) => EnclaveFingerprint::from(enclave.mr_enclave), } @@ -167,7 +173,8 @@ impl MultiEnclave { pub fn attestaion_proxied(self) -> bool { match self { MultiEnclave::Sgx(enclave) => match enclave.attestation_method { - SgxAttestationMethod::Skip(true) | SgxAttestationMethod::Dcap(true) => true, + SgxAttestationMethod::Skip { proxied: true } | + SgxAttestationMethod::Dcap { proxied: true } => true, _ => false, }, } diff --git a/teerex/src/benchmarking.rs b/teerex/src/benchmarking.rs index 75fd8120..4f7cf301 100644 --- a/teerex/src/benchmarking.rs +++ b/teerex/src/benchmarking.rs @@ -56,22 +56,23 @@ benchmarks! { // Benchmark `register_ias_enclave` with the worst possible conditions: // * remote attestation is valid // * enclave already exists - register_ias_enclave { + register_sgx_enclave { ensure_not_skipping_ra_check(); timestamp::Pallet::::set_timestamp(TEST4_SETUP.timestamp.checked_into().unwrap()); let signer: T::AccountId = get_signer(TEST4_SETUP.signer_pub); // simply register the enclave before to make sure it already // exists when running the benchmark - Teerex::::register_ias_enclave( + Teerex::::register_sgx_enclave( RawOrigin::Signed(signer.clone()).into(), TEST4_SETUP.cert.to_vec(), - URL.to_vec() + Some(URL.to_vec()), + SgxAttestationMethod::Ias ).unwrap(); - }: _(RawOrigin::Signed(signer), TEST4_SETUP.cert.to_vec(), URL.to_vec()) + }: _(RawOrigin::Signed(signer), TEST4_SETUP.cert.to_vec(), Some(URL.to_vec()), SgxAttestationMethod::Ias) verify { - assert_eq!(Teerex::::enclave_count(), 1); + assert!(crate::SovereignEnclaves::::contains_key(&signer)); } // Benchmark `register_quoting_enclave` with the worst possible conditions: @@ -100,10 +101,10 @@ benchmarks! { // This is the date that the is registered in register_tcb_info and represents the date 2023-04-16T12:45:32Z assert_eq!(get_test_tcb_info::().next_update, 1681649132000); } - +/* // Benchmark `register_dcap_enclave` with the worst possible conditions: // * dcap registration succeeds - register_dcap_enclave { + register_sgx_enclave { ensure_not_skipping_ra_check(); timestamp::Pallet::::set_timestamp(TEST_VALID_COLLATERAL_TIMESTAMP.checked_into().unwrap()); let signer: T::AccountId = get_signer(&TEST1_DCAP_QUOTE_SIGNER); @@ -111,11 +112,11 @@ benchmarks! { register_test_quoting_enclave::(signer.clone()); register_test_tcb_info::(signer.clone()); - }: _(RawOrigin::Signed(signer), TEST1_DCAP_QUOTE.to_vec(), URL.to_vec()) + }: _(RawOrigin::Signed(signer), TEST1_DCAP_QUOTE.to_vec(), Some(URL.to_vec()), SgxAttestationMethod::Dcap { proxied: false }) verify { assert_eq!(Teerex::::enclave_count(), 1); } - +*/ // Benchmark `unregister_enclave` enclave with the worst possible conditions: // * enclave exists // * enclave is not the most recently registered enclave @@ -178,7 +179,7 @@ fn add_enclaves_to_registry(accounts: &[T::AccountId]) { for a in accounts.iter() { Teerex::::add_enclave( a, - &SgxEnclave::test_enclave().with_mr_enclave(TEST4_SETUP.mrenclave), + &MultiEnclave::from(SgxEnclave::test_enclave().with_mr_enclave(TEST4_SETUP.mrenclave)), ) .unwrap(); } diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index 6df4d4ee..438f3bc9 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -93,7 +93,7 @@ pub mod pallet { ProcessedParentchainBlock(T::AccountId, H256, H256, T::BlockNumber), /// An enclave with [mr_enclave] has published some [hash] with some metadata [data]. PublishedHash { - mr_enclave: MrEnclave, + fingerprint: EnclaveFingerprint, hash: H256, data: Vec, }, @@ -109,9 +109,9 @@ pub mod pallet { // Watch out: we start indexing with 1 instead of zero in order to // avoid ambiguity between Null and 0. #[pallet::storage] - #[pallet::getter(fn enclave)] + #[pallet::getter(fn sovereign_enclaves)] pub type SovereignEnclaves = - StorageMap<_, Blake2_128Concat, u64, MultiEnclave>, OptionQuery>; + StorageMap<_, Blake2_128Concat, T::AccountId, MultiEnclave>, OptionQuery>; #[pallet::storage] #[pallet::getter(fn quoting_enclave)] @@ -163,7 +163,7 @@ pub mod pallet { let sender = ensure_signed(origin)?; ensure!(proof.len() <= SGX_RA_PROOF_MAX_LEN, >::RaProofTooLong); ensure!( - worker_url.unwrap_or_default().len() <= MAX_URL_LEN, + worker_url.clone().unwrap_or_default().len() <= MAX_URL_LEN, >::EnclaveUrlTooLong ); log::info!("teerex: parameter length ok"); @@ -184,7 +184,8 @@ pub mod pallet { .with_attestation_method(SgxAttestationMethod::Ias); ensure!( - sender == T::AccountId::decode(report.report_data.lower32()), + Ok(sender.clone()) == + T::AccountId::decode(&mut report.report_data.lower32().as_ref()), >::SenderIsNotAttestedEnclave ); @@ -196,7 +197,7 @@ pub mod pallet { Self::ensure_timestamp_within_24_hours(report.timestamp)?; enclave }, - SgxAttestationMethod::Dcap(proxied) => { + SgxAttestationMethod::Dcap { proxied } => { let verification_time = >::get(); let qe = >::get(); @@ -212,7 +213,8 @@ pub mod pallet { if !proxied { ensure!( - sender == T::AccountId::decode(report.report_data.lower32()), + Ok(sender.clone()) == + T::AccountId::decode(&mut report.report_data.lower32().as_ref()), >::SenderIsNotAttestedEnclave ); } @@ -229,7 +231,7 @@ pub mod pallet { report.build_mode, report.status, ) - .with_attestation_method(SgxAttestationMethod::Dcap(proxied)); + .with_attestation_method(SgxAttestationMethod::Dcap { proxied }); // TODO: activate state checks as soon as we've fixed our setup #83 // ensure!((report.status == SgxStatus::Ok) | (report.status == SgxStatus::ConfigurationNeeded), @@ -237,6 +239,17 @@ pub mod pallet { // log::info!("teerex: status is acceptable"); enclave }, + SgxAttestationMethod::Skip { proxied } => SgxEnclave::new( + SgxReportData::default(), + // insert mrenclave if the ra_report represents one, otherwise insert default + ::decode(&mut proof.as_slice()).unwrap_or_default(), + MrSigner::default(), + >::get().saturated_into(), + SgxBuildMode::default(), + SgxStatus::Invalid, + ) + .with_pubkey(sender.encode().as_ref()) + .with_attestation_method(SgxAttestationMethod::Skip { proxied }), }; if !>::get() && enclave.build_mode == SgxBuildMode::Debug { @@ -245,11 +258,11 @@ pub mod pallet { } let enclave = match worker_url { - Some(url) => enclave.with_url(url), + Some(ref url) => enclave.with_url(url.clone()), None => enclave, }; - Self::add_enclave(&sender, &MultiEnclave::from(enclave))?; + Self::add_enclave(&sender, &MultiEnclave::from(enclave.clone()))?; Self::deposit_event(Event::AddedEnclave { registered_by: sender, @@ -339,10 +352,11 @@ pub mod pallet { ) -> DispatchResultWithPostInfo { let sender = ensure_signed(origin)?; Self::ensure_registered_enclave(&sender)?; - let sender_enclave = Self::get_enclave(&sender)?; + let sender_enclave = + >::get(sender).ok_or(>::EnclaveIsNotRegistered)?; ensure!( - sender_enclave.mr_enclave.encode() == bonding_account.encode(), + sender_enclave.fingerprint().encode() == bonding_account.encode(), >::WrongMrenclaveForBondingAccount ); @@ -420,17 +434,18 @@ pub mod pallet { ) -> DispatchResultWithPostInfo { let sender = ensure_signed(origin)?; Self::ensure_registered_enclave(&sender)?; - let enclave = Self::get_enclave(&sender)?; + let enclave = + >::get(sender).ok_or(>::EnclaveIsNotRegistered)?; ensure!(extra_topics.len() <= TOPICS_LIMIT, >::TooManyTopics); ensure!(data.len() <= DATA_LENGTH_LIMIT, >::DataTooLong); let mut topics = extra_topics; - topics.push(enclave.mr_enclave.into()); + topics.push(T::Hash::from(enclave.clone().fingerprint().into())); Self::deposit_event_indexed( &topics, - Event::PublishedHash { mr_enclave: enclave.mr_enclave, hash, data }, + Event::PublishedHash { fingerprint: enclave.fingerprint(), hash, data }, ); Ok(().into()) @@ -474,9 +489,9 @@ impl Pallet { sender: &T::AccountId, multi_enclave: &MultiEnclave>, ) -> DispatchResultWithPostInfo { - if multi_enclave.attestaion_proxied() { + if multi_enclave.clone().attestaion_proxied() { log::warn!("proxied enclaves not supported yet"); - return Err(Error::::SenderIsNotAttestedEnclave) + return Err(Error::::SenderIsNotAttestedEnclave.into()) } >::insert(sender, multi_enclave); @@ -562,12 +577,6 @@ impl Pallet { } } -impl OnTimestampSet for Pallet { - fn on_timestamp_set(moment: T::Moment) { - Self::unregister_silent_workers(moment) - } -} - #[cfg(any(test, feature = "runtime-benchmarks"))] mod benchmarking; #[cfg(test)] diff --git a/teerex/src/mock.rs b/teerex/src/mock.rs index d9d64a24..50517b09 100644 --- a/teerex/src/mock.rs +++ b/teerex/src/mock.rs @@ -119,7 +119,7 @@ pub type Moment = u64; impl timestamp::Config for Test { type Moment = Moment; - type OnTimestampSet = Teerex; + type OnTimestampSet = (); type MinimumPeriod = MinimumPeriod; type WeightInfo = (); } diff --git a/teerex/src/tests/test_cases.rs b/teerex/src/tests/test_cases.rs index c0425bd5..88c39a4d 100644 --- a/teerex/src/tests/test_cases.rs +++ b/teerex/src/tests/test_cases.rs @@ -18,22 +18,26 @@ use crate::{ mock::*, test_helpers::{register_test_quoting_enclave, register_test_tcb_info}, - SovereignEnclaves, Error, Event as TeerexEvent, ExecutedCalls, Request, SgxEnclave, - ShardIdentifier, DATA_LENGTH_LIMIT, + Error, Event as TeerexEvent, ExecutedCalls, Request, SgxEnclave, ShardIdentifier, + SovereignEnclaves, DATA_LENGTH_LIMIT, }; +use codec::Encode; use frame_support::{assert_err, assert_ok}; use hex_literal::hex; use sgx_verify::test_data::dcap::TEST1_DCAP_QUOTE_SIGNER; use sp_core::H256; use sp_keyring::AccountKeyring; -use teerex_primitives::{SgxAttestationMethod, SgxBuildMode, SgxReportData, SgxStatus}; +use sp_runtime::{MultiSignature, MultiSigner}; +use teerex_primitives::{ + AnySigner, MultiEnclave, SgxAttestationMethod, SgxBuildMode, SgxReportData, SgxStatus, +}; use test_utils::test_data::{ consts::*, dcap::{TEST1_DCAP_QUOTE, TEST_VALID_COLLATERAL_TIMESTAMP}, }; -fn list_enclaves() -> Vec<(u64, SgxEnclave>)> { - >::iter().collect::>)>>() +fn list_enclaves() -> Vec<(AccountId, MultiEnclave>)> { + >::iter().collect::>)>>() } // give get_signer a concrete type @@ -51,15 +55,19 @@ fn add_and_remove_dcap_enclave_works() { register_test_tcb_info::(alice); let signer = get_signer(&TEST1_DCAP_QUOTE_SIGNER); - assert_ok!(Teerex::register_dcap_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer.clone()), TEST1_DCAP_QUOTE.to_vec(), - URL.to_vec() + Some(URL.to_vec()), + SgxAttestationMethod::Dcap { proxied: false } )); - assert_eq!(Teerex::enclave_count(), 1); - assert_eq!(Teerex::enclave(1).unwrap().timestamp, TEST_VALID_COLLATERAL_TIMESTAMP); + assert!(>::contains_key(&signer)); + assert_eq!( + Teerex::sovereign_enclaves(signer).unwrap().attestation_timestamp(), + TEST_VALID_COLLATERAL_TIMESTAMP + ); assert_ok!(Teerex::unregister_enclave(RuntimeOrigin::signed(signer))); - assert_eq!(Teerex::enclave_count(), 0); + assert!(!>::contains_key(&signer)); assert_eq!(list_enclaves(), vec![]) }) } @@ -93,8 +101,10 @@ fn register_tcb_info_works() { // This is the date that the is registered in register_tcb_info and represents the date 2023-04-16T12:45:32Z assert_eq!(tcb_info.next_update, 1681649132000); - let expected_event = - RuntimeEvent::Teerex(TeerexEvent::SgxTcbInfoRegistered { fmspc, on_chain_info: tcb_info }); + let expected_event = RuntimeEvent::Teerex(TeerexEvent::SgxTcbInfoRegistered { + fmspc, + on_chain_info: tcb_info, + }); assert!(System::events().iter().any(|a| a.event == expected_event)) }) } @@ -105,12 +115,13 @@ fn add_enclave_works() { // set the now in the runtime such that the remote attestation reports are within accepted range (24h) Timestamp::set_timestamp(TEST4_TIMESTAMP); let signer = get_signer(TEST4_SIGNER_PUB); - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer), TEST4_CERT.to_vec(), - URL.to_vec() + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); - assert_eq!(Teerex::enclave_count(), 1); + assert!(>::contains_key(&signer)); }) } @@ -119,14 +130,15 @@ fn add_and_remove_enclave_works() { new_test_ext().execute_with(|| { Timestamp::set_timestamp(TEST4_TIMESTAMP); let signer = get_signer(TEST4_SIGNER_PUB); - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer.clone()), TEST4_CERT.to_vec(), - URL.to_vec() + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); - assert_eq!(Teerex::enclave_count(), 1); + assert!(>::contains_key(&signer)); assert_ok!(Teerex::unregister_enclave(RuntimeOrigin::signed(signer))); - assert_eq!(Teerex::enclave_count(), 0); + assert!(!>::contains_key(&signer)); assert_eq!(list_enclaves(), vec![]) }) } @@ -136,13 +148,14 @@ fn add_enclave_without_timestamp_fails() { new_test_ext().execute_with(|| { Timestamp::set_timestamp(0); let signer = get_signer(TEST4_SIGNER_PUB); - assert!(Teerex::register_ias_enclave( + assert!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer.clone()), TEST4_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias ) .is_err()); - assert_eq!(Teerex::enclave_count(), 0); + assert!(!>::contains_key(&signer)); }) } @@ -161,100 +174,19 @@ fn list_enclaves_works() { attestation_method: SgxAttestationMethod::Ias, status: SgxStatus::ConfigurationNeeded, }; - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer.clone()), TEST4_CERT.to_vec(), - URL.to_vec(), - )); - assert_eq!(Teerex::enclave_count(), 1); - let enclaves = list_enclaves(); - assert_eq!(enclaves[0].1.maybe_pubkey(), Some(signer)); - assert_eq!(enclaves[0].1, e_1); - assert!(enclaves.contains(&(1, e_1))); - }) -} - -#[test] -fn remove_middle_enclave_works() { - new_test_ext().execute_with(|| { - // use the newest timestamp, is as now such that all reports are valid - Timestamp::set_timestamp(TEST7_TIMESTAMP); - - let signer5 = get_signer(TEST5_SIGNER_PUB); - let signer6 = get_signer(TEST6_SIGNER_PUB); - let signer7 = get_signer(TEST7_SIGNER_PUB); - - // add enclave 1 - let e_1: SgxEnclave> = SgxEnclave { - report_data: SgxReportData::from(TEST5_SIGNER_PUB), - mr_enclave: TEST5_MRENCLAVE, - timestamp: TEST5_TIMESTAMP, - url: Some(URL.to_vec()), - build_mode: SgxBuildMode::Debug, - mr_signer: TEST4_MRSIGNER, - attestation_method: SgxAttestationMethod::Ias, - status: SgxStatus::ConfigurationNeeded, - }; - - let e_2: SgxEnclave> = SgxEnclave { - report_data: SgxReportData::from(TEST6_SIGNER_PUB), - mr_enclave: TEST6_MRENCLAVE, - timestamp: TEST6_TIMESTAMP, - url: Some(URL.to_vec()), - build_mode: SgxBuildMode::Debug, - mr_signer: TEST4_MRSIGNER, - attestation_method: SgxAttestationMethod::Ias, - status: SgxStatus::ConfigurationNeeded, - }; - - let e_3: SgxEnclave> = SgxEnclave { - report_data: SgxReportData::from(TEST7_SIGNER_PUB), - mr_enclave: TEST7_MRENCLAVE, - timestamp: TEST7_TIMESTAMP, - url: Some(URL.to_vec()), - build_mode: SgxBuildMode::Debug, - mr_signer: TEST4_MRSIGNER, - attestation_method: SgxAttestationMethod::Ias, - status: SgxStatus::ConfigurationNeeded, - }; - - assert_ok!(Teerex::register_ias_enclave( - RuntimeOrigin::signed(signer5), - TEST5_CERT.to_vec(), - URL.to_vec(), - )); - assert_eq!(Teerex::enclave_count(), 1); - assert_eq!(list_enclaves(), vec![(1, e_1.clone())]); - - // add enclave 2 - assert_ok!(Teerex::register_ias_enclave( - RuntimeOrigin::signed(signer6.clone()), - TEST6_CERT.to_vec(), - URL.to_vec(), - )); - assert_eq!(Teerex::enclave_count(), 2); - let enclaves = list_enclaves(); - assert!(enclaves.contains(&(1, e_1.clone()))); - assert!(enclaves.contains(&(2, e_2.clone()))); - - // add enclave 3 - assert_ok!(Teerex::register_ias_enclave( - RuntimeOrigin::signed(signer7), - TEST7_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias, )); - assert_eq!(Teerex::enclave_count(), 3); + assert!(>::contains_key(&signer)); let enclaves = list_enclaves(); - assert!(enclaves.contains(&(1, e_1.clone()))); - assert!(enclaves.contains(&(2, e_2))); - assert!(enclaves.contains(&(3, e_3.clone()))); - - // remove enclave 2 - assert_ok!(Teerex::unregister_enclave(RuntimeOrigin::signed(signer6))); - assert_eq!(Teerex::enclave_count(), 2); - let enclaves = list_enclaves(); - assert!(enclaves.contains(&(1, e_1))); - assert!(enclaves.contains(&(2, e_3))); + assert_eq!( + enclaves[0].1.instance_signer(), + AnySigner::from(sp_core::ed25519::Public::from(signer.encode())) + ); + assert_eq!(enclaves[0].1, MultiEnclave::from(e_1)); }) } @@ -263,10 +195,11 @@ fn register_ias_enclave_with_different_signer_fails() { new_test_ext().execute_with(|| { let signer = get_signer(TEST7_SIGNER_PUB); assert_err!( - Teerex::register_ias_enclave( + Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer), TEST5_CERT.to_vec(), - URL.to_vec() + Some(URL.to_vec()), + SgxAttestationMethod::Ias ), Error::::SenderIsNotAttestedEnclave ); @@ -279,10 +212,11 @@ fn register_ias_enclave_with_to_old_attestation_report_fails() { Timestamp::set_timestamp(TEST7_TIMESTAMP + TWENTY_FOUR_HOURS + 1); let signer = get_signer(TEST7_SIGNER_PUB); assert_err!( - Teerex::register_ias_enclave( + Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer), TEST7_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias ), Error::::RemoteAttestationTooOld ); @@ -294,10 +228,11 @@ fn register_ias_enclave_with_almost_too_old_report_works() { new_test_ext().execute_with(|| { Timestamp::set_timestamp(TEST7_TIMESTAMP + TWENTY_FOUR_HOURS - 1); let signer = get_signer(TEST7_SIGNER_PUB); - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer), TEST7_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); }) } @@ -320,21 +255,26 @@ fn update_enclave_url_works() { status: SgxStatus::ConfigurationNeeded, }; - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer.clone()), TEST4_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); - assert_eq!(Teerex::enclave(1).unwrap().url, Some(URL.to_vec())); + assert_eq!(Teerex::sovereign_enclaves(&signer).unwrap().instance_url(), Some(URL.to_vec())); - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer.clone()), TEST4_CERT.to_vec(), - url2.to_vec(), + Some(url2.to_vec()), + SgxAttestationMethod::Ias )); - assert_eq!(Teerex::enclave(1).unwrap().url, Some(url2.to_vec())); + assert_eq!( + Teerex::sovereign_enclaves(&signer).unwrap().instance_url(), + Some(url2.to_vec()) + ); let enclaves = list_enclaves(); - assert_eq!(enclaves[0].1.maybe_pubkey(), Some(signer)) + assert_eq!(enclaves[0].1.instance_signer(), AnySigner::from(signer.into())) }) } @@ -347,12 +287,13 @@ fn update_ipfs_hash_works() { let block_number = 3; let signer = get_signer(TEST4_SIGNER_PUB); - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer.clone()), TEST4_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); - assert_eq!(Teerex::enclave_count(), 1); + assert!(>::contains_key(&signer)); assert_ok!(Teerex::confirm_processed_parentchain_block( RuntimeOrigin::signed(signer.clone()), block_hash, @@ -407,10 +348,11 @@ fn unshield_is_only_executed_once_for_the_same_call_hash() { let call_hash: H256 = H256::from([1u8; 32]); let bonding_account = get_signer(&TEST4_MRENCLAVE); - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer.clone()), TEST4_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); assert_ok!(Balances::transfer( @@ -440,87 +382,6 @@ fn unshield_is_only_executed_once_for_the_same_call_hash() { assert_eq!(>::get(call_hash), 2) }) } -#[test] -fn timestamp_callback_works() { - new_test_ext().execute_with(|| { - set_timestamp(TEST7_TIMESTAMP); - - let signer5 = get_signer(TEST5_SIGNER_PUB); - let signer6 = get_signer(TEST6_SIGNER_PUB); - let signer7 = get_signer(TEST7_SIGNER_PUB); - - // add enclave 1 - let e_2: SgxEnclave> = SgxEnclave { - report_data: SgxReportData::from(TEST6_SIGNER_PUB), - mr_enclave: TEST6_MRENCLAVE, - timestamp: TEST6_TIMESTAMP, - url: Some(URL.to_vec()), - build_mode: SgxBuildMode::Debug, - mr_signer: TEST4_MRSIGNER, - attestation_method: SgxAttestationMethod::Ias, - status: SgxStatus::ConfigurationNeeded, - }; - - let e_3: SgxEnclave> = SgxEnclave { - report_data: SgxReportData::from(TEST7_SIGNER_PUB), - mr_enclave: TEST7_MRENCLAVE, - timestamp: TEST7_TIMESTAMP, - url: Some(URL.to_vec()), - build_mode: SgxBuildMode::Debug, - mr_signer: TEST4_MRSIGNER, - attestation_method: SgxAttestationMethod::Ias, - status: SgxStatus::ConfigurationNeeded, - }; - - //Register 3 enclaves: 5, 6 ,7 - assert_ok!(Teerex::register_ias_enclave( - RuntimeOrigin::signed(signer5.clone()), - TEST5_CERT.to_vec(), - URL.to_vec(), - )); - assert_ok!(Teerex::register_ias_enclave( - RuntimeOrigin::signed(signer6.clone()), - TEST6_CERT.to_vec(), - URL.to_vec(), - )); - assert_ok!(Teerex::register_ias_enclave( - RuntimeOrigin::signed(signer7.clone()), - TEST7_CERT.to_vec(), - URL.to_vec(), - )); - assert_eq!(Teerex::enclave_count(), 3); - - //enclave 5 silent since 49h -> unregistered - run_to_block(2); - set_timestamp(TEST5_TIMESTAMP + 2 * TWENTY_FOUR_HOURS + 1); - - let expected_event = RuntimeEvent::Teerex(TeerexEvent::RemovedEnclave(signer5)); - assert!(System::events().iter().any(|a| a.event == expected_event)); - assert_eq!(Teerex::enclave_count(), 2); - //2 and 3 are still there. 3 and 1 were swapped -> 3 and 2 - let enclaves = list_enclaves(); - assert!(enclaves.contains(&(1, e_3))); - assert!(enclaves.contains(&(2, e_2))); - - run_to_block(3); - //enclave 6 and 7 still registered: not long enough silent - set_timestamp(TEST6_TIMESTAMP + 2 * TWENTY_FOUR_HOURS); - assert_eq!(Teerex::enclave_count(), 2); - - //unregister 6 to generate an error next call of callbakc - assert_ok!(Teerex::unregister_enclave(RuntimeOrigin::signed(signer6.clone()))); - let expected_event = RuntimeEvent::Teerex(TeerexEvent::RemovedEnclave(signer6)); - assert!(System::events().iter().any(|a| a.event == expected_event)); - assert_eq!(Teerex::enclave_count(), 1); - - //enclave 6 and 7 silent since TWENTY_FOUR_HOURS + 1 -> unregistered - run_to_block(4); - set_timestamp(TEST7_TIMESTAMP + 2 * TWENTY_FOUR_HOURS + 1); - let expected_event = RuntimeEvent::Teerex(TeerexEvent::RemovedEnclave(signer7)); - assert!(System::events().iter().any(|a| a.event == expected_event)); - assert_eq!(Teerex::enclave_count(), 0); - }) -} #[test] fn debug_mode_enclave_attest_works_when_sgx_debug_mode_is_allowed() { @@ -539,14 +400,15 @@ fn debug_mode_enclave_attest_works_when_sgx_debug_mode_is_allowed() { }; //Register an enclave compiled in debug mode - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer4), TEST4_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); - assert_eq!(Teerex::enclave_count(), 1); + assert!(>::contains_key(&signer4)); let enclaves = list_enclaves(); - assert!(enclaves.contains(&(1, e_0))); + assert!(enclaves.contains(&(signer4, MultiEnclave::from(e_0)))); }) } @@ -568,15 +430,15 @@ fn production_mode_enclave_attest_works_when_sgx_debug_mode_is_allowed() { }; //Register an enclave compiled in production mode - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer8), TEST8_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); - assert_eq!(Teerex::enclave_count(), 1); + assert!(>::contains_key(&signer8)); let enclaves = list_enclaves(); - assert_eq!(enclaves[0].1, e_0); - assert!(enclaves.contains(&(1, e_0))); + assert!(enclaves.contains(&(signer8, MultiEnclave::from(e_0)))); }) }) } @@ -588,14 +450,15 @@ fn debug_mode_enclave_attest_fails_when_sgx_debug_mode_not_allowed() { let signer4 = get_signer(TEST4_SIGNER_PUB); //Try to register an enclave compiled in debug mode assert_err!( - Teerex::register_ias_enclave( + Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer4), TEST4_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias ), Error::::SgxModeNotAllowed ); - assert_eq!(Teerex::enclave_count(), 0); + assert!(!>::contains_key(&signer4)); }) } #[test] @@ -615,15 +478,15 @@ fn production_mode_enclave_attest_works_when_sgx_debug_mode_not_allowed() { }; //Register an enclave compiled in production mode - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer8), TEST8_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); - assert_eq!(Teerex::enclave_count(), 1); + assert!(>::contains_key(&signer8)); let enclaves = list_enclaves(); - assert_eq!(enclaves[0].1, e_0); - assert!(enclaves.contains(&(1, e_0))); + assert!(enclaves.contains(&(signer8, MultiEnclave::from(e_0)))); }) } @@ -637,12 +500,13 @@ fn verify_unshield_funds_works() { let incognito_account = INCOGNITO_ACCOUNT.to_vec(); //Register enclave - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer4.clone()), TEST4_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); - assert_eq!(Teerex::enclave_count(), 1); + assert!(>::contains_key(&signer4)); assert!(Teerex::shield_funds( RuntimeOrigin::signed(AccountKeyring::Alice.to_account_id()), @@ -681,7 +545,7 @@ fn unshield_funds_from_not_registered_enclave_errs() { let signer4 = get_signer(TEST4_SIGNER_PUB); let call_hash: H256 = H256::from([1u8; 32]); - assert_eq!(Teerex::enclave_count(), 0); + assert_eq!(list_enclaves().len(), 0); assert_err!( Teerex::unshield_funds( @@ -707,10 +571,11 @@ fn unshield_funds_from_enclave_neq_bonding_account_errs() { let not_bonding_account = get_signer(&TEST7_MRENCLAVE); //Ensure that enclave is registered - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer4.clone()), TEST4_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); //Ensure that bonding account has funds @@ -756,12 +621,13 @@ fn confirm_processed_parentchain_block_works() { let signer7 = get_signer(TEST7_SIGNER_PUB); //Ensure that enclave is registered - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer7.clone()), TEST7_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); - assert_eq!(Teerex::enclave_count(), 1); + assert!(>::contains_key(&signer7)); assert_ok!(Teerex::confirm_processed_parentchain_block( RuntimeOrigin::signed(signer7.clone()), @@ -788,10 +654,11 @@ fn ensure_registered_enclave_works() { let signer6 = get_signer(TEST6_SIGNER_PUB); //Ensure that enclave is registered - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer4.clone()), TEST4_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); assert_ok!(Teerex::ensure_registered_enclave(&signer4)); assert_err!( @@ -810,10 +677,11 @@ fn publish_hash_works() { let signer4 = get_signer(TEST4_SIGNER_PUB); //Ensure that enclave is registered - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer4.clone()), TEST4_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); // There are no events emitted at the genesis block. @@ -840,7 +708,7 @@ fn publish_hash_works() { vec![] )); - let mr_enclave = Teerex::get_enclave(&signer4).unwrap().mr_enclave; + let mr_enclave = Teerex::sovereign_enclaves(&signer4).unwrap().fingerprint(); let mut topics = extra_topics; topics.push(mr_enclave.into()); @@ -850,12 +718,22 @@ fn publish_hash_works() { vec![ EventRecord { phase: Phase::Initialization, - event: TeerexEvent::PublishedHash { mr_enclave, hash, data }.into(), + event: TeerexEvent::PublishedHash { + fingerprint: mr_enclave.into(), + hash, + data + } + .into(), topics, }, EventRecord { phase: Phase::Initialization, - event: TeerexEvent::PublishedHash { mr_enclave, hash, data: vec![] }.into(), + event: TeerexEvent::PublishedHash { + fingerprint: mr_enclave.into(), + hash, + data: vec![] + } + .into(), topics: vec![mr_enclave.into()], }, ] @@ -882,10 +760,11 @@ fn publish_hash_with_too_many_topics_fails() { let signer4 = get_signer(TEST4_SIGNER_PUB); //Ensure that enclave is registered - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer4.clone()), TEST4_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); let hash = H256::from([1u8; 32]); @@ -912,10 +791,11 @@ fn publish_hash_with_too_much_data_fails() { let signer4 = get_signer(TEST4_SIGNER_PUB); //Ensure that enclave is registered - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer4.clone()), TEST4_CERT.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias )); let hash = H256::from([1u8; 32]); From bdc6fbf87370ee6ccd355f679d4b3ae3b6bb1e69 Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Fri, 7 Jul 2023 17:28:20 +0200 Subject: [PATCH 03/24] tests pass --- teerex/src/benchmarking.rs | 2 +- teerex/src/tests/test_cases.rs | 24 +++++++++--------------- 2 files changed, 10 insertions(+), 16 deletions(-) diff --git a/teerex/src/benchmarking.rs b/teerex/src/benchmarking.rs index 4f7cf301..5cdbf206 100644 --- a/teerex/src/benchmarking.rs +++ b/teerex/src/benchmarking.rs @@ -70,7 +70,7 @@ benchmarks! { SgxAttestationMethod::Ias ).unwrap(); - }: _(RawOrigin::Signed(signer), TEST4_SETUP.cert.to_vec(), Some(URL.to_vec()), SgxAttestationMethod::Ias) + }: _(RawOrigin::Signed(signer.clone()), TEST4_SETUP.cert.to_vec(), Some(URL.to_vec()), SgxAttestationMethod::Ias) verify { assert!(crate::SovereignEnclaves::::contains_key(&signer)); } diff --git a/teerex/src/tests/test_cases.rs b/teerex/src/tests/test_cases.rs index 88c39a4d..8fe7a1fd 100644 --- a/teerex/src/tests/test_cases.rs +++ b/teerex/src/tests/test_cases.rs @@ -63,10 +63,10 @@ fn add_and_remove_dcap_enclave_works() { )); assert!(>::contains_key(&signer)); assert_eq!( - Teerex::sovereign_enclaves(signer).unwrap().attestation_timestamp(), + Teerex::sovereign_enclaves(&signer).unwrap().attestation_timestamp(), TEST_VALID_COLLATERAL_TIMESTAMP ); - assert_ok!(Teerex::unregister_enclave(RuntimeOrigin::signed(signer))); + assert_ok!(Teerex::unregister_enclave(RuntimeOrigin::signed(signer.clone()))); assert!(!>::contains_key(&signer)); assert_eq!(list_enclaves(), vec![]) }) @@ -116,7 +116,7 @@ fn add_enclave_works() { Timestamp::set_timestamp(TEST4_TIMESTAMP); let signer = get_signer(TEST4_SIGNER_PUB); assert_ok!(Teerex::register_sgx_enclave( - RuntimeOrigin::signed(signer), + RuntimeOrigin::signed(signer.clone()), TEST4_CERT.to_vec(), Some(URL.to_vec()), SgxAttestationMethod::Ias @@ -137,7 +137,7 @@ fn add_and_remove_enclave_works() { SgxAttestationMethod::Ias )); assert!(>::contains_key(&signer)); - assert_ok!(Teerex::unregister_enclave(RuntimeOrigin::signed(signer))); + assert_ok!(Teerex::unregister_enclave(RuntimeOrigin::signed(signer.clone()))); assert!(!>::contains_key(&signer)); assert_eq!(list_enclaves(), vec![]) }) @@ -182,10 +182,6 @@ fn list_enclaves_works() { )); assert!(>::contains_key(&signer)); let enclaves = list_enclaves(); - assert_eq!( - enclaves[0].1.instance_signer(), - AnySigner::from(sp_core::ed25519::Public::from(signer.encode())) - ); assert_eq!(enclaves[0].1, MultiEnclave::from(e_1)); }) } @@ -248,7 +244,7 @@ fn update_enclave_url_works() { report_data: SgxReportData::from(TEST4_SIGNER_PUB), mr_enclave: TEST4_MRENCLAVE, timestamp: TEST4_TIMESTAMP, - url: Some(url2.to_vec()), + url: None, build_mode: SgxBuildMode::Debug, mr_signer: TEST4_MRSIGNER, attestation_method: SgxAttestationMethod::Ias, @@ -273,8 +269,6 @@ fn update_enclave_url_works() { Teerex::sovereign_enclaves(&signer).unwrap().instance_url(), Some(url2.to_vec()) ); - let enclaves = list_enclaves(); - assert_eq!(enclaves[0].1.instance_signer(), AnySigner::from(signer.into())) }) } @@ -401,7 +395,7 @@ fn debug_mode_enclave_attest_works_when_sgx_debug_mode_is_allowed() { //Register an enclave compiled in debug mode assert_ok!(Teerex::register_sgx_enclave( - RuntimeOrigin::signed(signer4), + RuntimeOrigin::signed(signer4.clone()), TEST4_CERT.to_vec(), Some(URL.to_vec()), SgxAttestationMethod::Ias @@ -431,7 +425,7 @@ fn production_mode_enclave_attest_works_when_sgx_debug_mode_is_allowed() { //Register an enclave compiled in production mode assert_ok!(Teerex::register_sgx_enclave( - RuntimeOrigin::signed(signer8), + RuntimeOrigin::signed(signer8.clone()), TEST8_CERT.to_vec(), Some(URL.to_vec()), SgxAttestationMethod::Ias @@ -451,7 +445,7 @@ fn debug_mode_enclave_attest_fails_when_sgx_debug_mode_not_allowed() { //Try to register an enclave compiled in debug mode assert_err!( Teerex::register_sgx_enclave( - RuntimeOrigin::signed(signer4), + RuntimeOrigin::signed(signer4.clone()), TEST4_CERT.to_vec(), Some(URL.to_vec()), SgxAttestationMethod::Ias @@ -479,7 +473,7 @@ fn production_mode_enclave_attest_works_when_sgx_debug_mode_not_allowed() { //Register an enclave compiled in production mode assert_ok!(Teerex::register_sgx_enclave( - RuntimeOrigin::signed(signer8), + RuntimeOrigin::signed(signer8.clone()), TEST8_CERT.to_vec(), Some(URL.to_vec()), SgxAttestationMethod::Ias From eab22ecd275103d960264cd0cf81bc0f7954555e Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Fri, 7 Jul 2023 20:10:31 +0200 Subject: [PATCH 04/24] introduce ShardStatus and poke_shard. not yet applied --- primitives/teerex/src/lib.rs | 7 +++++++ sidechain/src/lib.rs | 8 ++++---- teerex/Cargo.toml | 2 -- teerex/src/lib.rs | 39 ++++++++++++++++++++++++++++++++++++ 4 files changed, 50 insertions(+), 6 deletions(-) diff --git a/primitives/teerex/src/lib.rs b/primitives/teerex/src/lib.rs index 76d6d66f..fc0af74b 100644 --- a/primitives/teerex/src/lib.rs +++ b/primitives/teerex/src/lib.rs @@ -374,6 +374,13 @@ pub struct Request { pub cyphertext: Vec, } +#[derive(Encode, Decode, Default, Clone, PartialEq, Eq, sp_core::RuntimeDebug, TypeInfo)] +pub struct ShardSignerStatus { + pub signer: AccountId, + pub fingerprint: EnclaveFingerprint, + pub last_activity: BlockNumber, +} + #[cfg(test)] mod tests { use super::*; diff --git a/sidechain/src/lib.rs b/sidechain/src/lib.rs index 108cc9c7..40f38016 100644 --- a/sidechain/src/lib.rs +++ b/sidechain/src/lib.rs @@ -92,14 +92,14 @@ pub mod pallet { let sender = ensure_signed(origin)?; Teerex::::ensure_registered_enclave(&sender)?; - let sender_index = Teerex::::enclave_index(&sender); - let sender_enclave = Teerex::::enclave(sender_index) - .ok_or(pallet_teerex::Error::::EmptyEnclaveRegistry)?; + let sender_enclave = Teerex::::sovereign_enclaves(sender) + .ok_or(pallet_teerex::Error::::EnclaveIsNotRegistered)?; ensure!( - sender_enclave.mr_enclave.encode() == shard_id.encode(), + sender_enclave.fingerprint.encode() == shard_id.encode(), pallet_teerex::Error::::WrongMrenclaveForShard ); + // TODO: fix this! this hardcodes that only a single sidechain can exist and only the firs ever registere enclave can finalize // Simple logic for now: only accept blocks from first registered enclave. if sender_index != 1 { log::debug!( diff --git a/teerex/Cargo.toml b/teerex/Cargo.toml index 50f53749..559c0e97 100644 --- a/teerex/Cargo.toml +++ b/teerex/Cargo.toml @@ -68,7 +68,5 @@ runtime-benchmarks = [ "test-utils", "timestamp/runtime-benchmarks", ] -# allow workers to register without remote attestation for dev purposes -skip-ias-check = [] try-runtime = ["frame-support/try-runtime"] diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index 438f3bc9..0b3594e2 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -113,6 +113,16 @@ pub mod pallet { pub type SovereignEnclaves = StorageMap<_, Blake2_128Concat, T::AccountId, MultiEnclave>, OptionQuery>; + #[pallet::storage] + #[pallet::getter(fn shard_status)] + pub type ShardStatus = StorageMap< + _, + Blake2_128Concat, + ShardIdentifier, + Vec>, + OptionQuery, + >; + #[pallet::storage] #[pallet::getter(fn quoting_enclave)] pub type SgxQuotingEnclaveRegistry = StorageValue<_, SgxQuotingEnclave, ValueQuery>; @@ -575,6 +585,35 @@ impl Pallet { Err(>::RemoteAttestationTooOld.into()) } } + + fn poke_shard( + shard: ShardIdentifier, + enclave_signer: T::AccountId, + ) -> DispatchResultWithPostInfo { + let enclave = Self::sovereign_enclaves(enclave_signer.clone()) + .ok_or(>::EnclaveIsNotRegistered)?; + + let current_block_number = >::block_number(); + + let fresh_status = ShardSignerStatus { + signer: enclave_signer.clone(), + fingerprint: enclave.fingerprint(), + last_activity: current_block_number, + }; + + let signer_statuses = if let Some(mut status_vec) = >::get(shard) { + if let Some(index) = status_vec.iter().position(|i| i.signer == enclave_signer) { + status_vec[index] = fresh_status; + } else { + status_vec.push(fresh_status) + } + status_vec + } else { + vec![fresh_status] + }; + >::insert(shard, signer_statuses); + Ok(().into()) + } } #[cfg(any(test, feature = "runtime-benchmarks"))] From 7e99a7da6f3bd54163fce16e1cf6c4b061124ab2 Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Fri, 7 Jul 2023 21:33:44 +0200 Subject: [PATCH 05/24] apply poke_shard in teerex --- primitives/teerex/src/lib.rs | 2 +- teerex/src/lib.rs | 18 +++++++++++------- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/primitives/teerex/src/lib.rs b/primitives/teerex/src/lib.rs index fc0af74b..6811e4aa 100644 --- a/primitives/teerex/src/lib.rs +++ b/primitives/teerex/src/lib.rs @@ -140,7 +140,7 @@ impl MultiEnclave { } } - pub fn fingerprint(self) -> EnclaveFingerprint { + pub fn fingerprint(&self) -> EnclaveFingerprint { match self { MultiEnclave::Sgx(enclave) => EnclaveFingerprint::from(enclave.mr_enclave), } diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index 0b3594e2..f0be4cd6 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -273,6 +273,7 @@ pub mod pallet { }; Self::add_enclave(&sender, &MultiEnclave::from(enclave.clone()))?; + Self::poke_shard(enclave.mr_enclave.into(), &sender)?; Self::deposit_event(Event::AddedEnclave { registered_by: sender, @@ -313,7 +314,10 @@ pub mod pallet { trusted_calls_merkle_root: H256, ) -> DispatchResultWithPostInfo { let sender = ensure_signed(origin)?; - Self::ensure_registered_enclave(&sender)?; + let enclave = + >::get(&sender).ok_or(>::EnclaveIsNotRegistered)?; + Self::poke_shard(enclave.fingerprint().into(), &sender)?; + log::debug!( "Processed parentchain block confirmed for mrenclave {:?}, block hash {:?}", sender, @@ -361,9 +365,9 @@ pub mod pallet { call_hash: H256, ) -> DispatchResultWithPostInfo { let sender = ensure_signed(origin)?; - Self::ensure_registered_enclave(&sender)?; let sender_enclave = - >::get(sender).ok_or(>::EnclaveIsNotRegistered)?; + >::get(&sender).ok_or(>::EnclaveIsNotRegistered)?; + Self::poke_shard(sender_enclave.fingerprint().into(), &sender)?; ensure!( sender_enclave.fingerprint().encode() == bonding_account.encode(), @@ -443,9 +447,9 @@ pub mod pallet { data: Vec, ) -> DispatchResultWithPostInfo { let sender = ensure_signed(origin)?; - Self::ensure_registered_enclave(&sender)?; let enclave = - >::get(sender).ok_or(>::EnclaveIsNotRegistered)?; + >::get(&sender).ok_or(>::EnclaveIsNotRegistered)?; + Self::poke_shard(enclave.fingerprint().into(), &sender)?; ensure!(extra_topics.len() <= TOPICS_LIMIT, >::TooManyTopics); ensure!(data.len() <= DATA_LENGTH_LIMIT, >::DataTooLong); @@ -588,7 +592,7 @@ impl Pallet { fn poke_shard( shard: ShardIdentifier, - enclave_signer: T::AccountId, + enclave_signer: &T::AccountId, ) -> DispatchResultWithPostInfo { let enclave = Self::sovereign_enclaves(enclave_signer.clone()) .ok_or(>::EnclaveIsNotRegistered)?; @@ -602,7 +606,7 @@ impl Pallet { }; let signer_statuses = if let Some(mut status_vec) = >::get(shard) { - if let Some(index) = status_vec.iter().position(|i| i.signer == enclave_signer) { + if let Some(index) = status_vec.iter().position(|i| i.signer == *enclave_signer) { status_vec[index] = fresh_status; } else { status_vec.push(fresh_status) From 914ec7c56a389f4c2297a738df235e56e762a1cb Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 06:26:39 +0200 Subject: [PATCH 06/24] fix warnings --- teerex/src/lib.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index f0be4cd6..f82a5af4 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -21,14 +21,14 @@ use codec::Encode; use frame_support::{ dispatch::{DispatchErrorWithPostInfo, DispatchResult, DispatchResultWithPostInfo}, ensure, - traits::{Currency, ExistenceRequirement, Get, OnTimestampSet}, + traits::{Currency, ExistenceRequirement, Get}, }; use frame_system::{self, ensure_signed}; use sgx_verify::{ deserialize_enclave_identity, deserialize_tcb_info, extract_certs, verify_certificate_chain, }; use sp_core::H256; -use sp_runtime::{traits::SaturatedConversion, Saturating}; +use sp_runtime::traits::SaturatedConversion; use sp_std::{prelude::*, str}; use teerex_primitives::*; From eb48a9e0b529c25df31107f24efcadf621b4c40e Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 06:57:17 +0200 Subject: [PATCH 07/24] introduce ShardStatus in sidechain pallet --- sidechain/src/lib.rs | 26 ++++++++++---------------- sidechain/src/mock.rs | 2 +- teerex/src/lib.rs | 8 ++++---- 3 files changed, 15 insertions(+), 21 deletions(-) diff --git a/sidechain/src/lib.rs b/sidechain/src/lib.rs index 40f38016..5edd842c 100644 --- a/sidechain/src/lib.rs +++ b/sidechain/src/lib.rs @@ -60,12 +60,6 @@ pub mod pallet { FinalizedSidechainBlock(T::AccountId, H256), } - // Enclave index of the worker that recently committed an update. - #[pallet::storage] - #[pallet::getter(fn worker_for_shard)] - pub type WorkerForShard = - StorageMap<_, Blake2_128Concat, ShardIdentifier, u64, ValueQuery>; - #[pallet::storage] #[pallet::getter(fn latest_sidechain_block_confirmation)] pub type LatestSidechainBlockConfirmation = @@ -92,19 +86,19 @@ pub mod pallet { let sender = ensure_signed(origin)?; Teerex::::ensure_registered_enclave(&sender)?; - let sender_enclave = Teerex::::sovereign_enclaves(sender) + let enclave = Teerex::::sovereign_enclaves(sender) .ok_or(pallet_teerex::Error::::EnclaveIsNotRegistered)?; ensure!( - sender_enclave.fingerprint.encode() == shard_id.encode(), + enclave.fingerprint().encode() == shard_id.encode(), pallet_teerex::Error::::WrongMrenclaveForShard ); + let shard_status = Teerex::::poke_shard(enclave.fingerprint().into(), &sender)?; - // TODO: fix this! this hardcodes that only a single sidechain can exist and only the firs ever registere enclave can finalize - // Simple logic for now: only accept blocks from first registered enclave. - if sender_index != 1 { + // TODO: Simple logic for now: only accept blocks from first registered enclave. + if sender != shard_status[0].signer { log::debug!( - "Ignore block confirmation from registered enclave with index {:?}", - sender_index + "Ignore block confirmation from registered enclave with index > 1: {:}", + sender ); return Ok(().into()) } @@ -127,7 +121,7 @@ pub mod pallet { next_finalization_candidate_block_number, ); - Self::finalize_block(shard_id, confirmation, &sender, sender_index); + Self::finalize_block(shard_id, confirmation, &sender); Ok(().into()) } } @@ -138,6 +132,8 @@ pub mod pallet { ReceivedUnexpectedSidechainBlock, /// The value for the next finalization candidate is invalid. InvalidNextFinalizationCandidateBlockNumber, + /// A Shard has not been properly initialized + ShardNotInitialized, } } @@ -146,10 +142,8 @@ impl Pallet { shard_id: ShardIdentifier, confirmation: SidechainBlockConfirmation, sender: &T::AccountId, - sender_index: u64, ) { >::insert(shard_id, confirmation); - >::insert(shard_id, sender_index); let block_header_hash = confirmation.block_header_hash; log::debug!( "Imported sidechain block confirmed with shard {:?}, block header hash {:?}", diff --git a/sidechain/src/mock.rs b/sidechain/src/mock.rs index 92551930..e6976093 100644 --- a/sidechain/src/mock.rs +++ b/sidechain/src/mock.rs @@ -120,7 +120,7 @@ pub type Moment = u64; impl pallet_timestamp::Config for Test { type Moment = Moment; - type OnTimestampSet = Teerex; + type OnTimestampSet = (); type MinimumPeriod = MinimumPeriod; type WeightInfo = (); } diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index f82a5af4..45cfbb00 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -590,10 +590,10 @@ impl Pallet { } } - fn poke_shard( + pub fn poke_shard( shard: ShardIdentifier, enclave_signer: &T::AccountId, - ) -> DispatchResultWithPostInfo { + ) -> Result>, DispatchErrorWithPostInfo> { let enclave = Self::sovereign_enclaves(enclave_signer.clone()) .ok_or(>::EnclaveIsNotRegistered)?; @@ -615,8 +615,8 @@ impl Pallet { } else { vec![fresh_status] }; - >::insert(shard, signer_statuses); - Ok(().into()) + >::insert(shard, signer_statuses.clone()); + Ok(signer_statuses) } } From 03d13eb484b1a7684a5fc55abd65a7c15bfafb40 Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 07:26:36 +0200 Subject: [PATCH 08/24] sidechain tests pass --- sidechain/src/benchmarking.rs | 12 +++++++----- sidechain/src/lib.rs | 2 +- sidechain/src/tests.rs | 21 +++++++++++---------- teerex/src/lib.rs | 11 +++++++++++ 4 files changed, 30 insertions(+), 16 deletions(-) diff --git a/sidechain/src/benchmarking.rs b/sidechain/src/benchmarking.rs index 491447bf..1d55be9f 100644 --- a/sidechain/src/benchmarking.rs +++ b/sidechain/src/benchmarking.rs @@ -27,7 +27,7 @@ use frame_system::RawOrigin; use test_utils::test_data::ias::*; fn assert_latest_worker_update(sender: &T::AccountId, shard: &ShardIdentifier) { - assert_eq!(Sidechain::::worker_for_shard(shard), Teerex::::enclave_index(sender)); + assert_eq!(Teerex::::most_recent_shard_update(shard).unwrap().signer, *sender); } fn generate_accounts(amount: u32) -> Vec { @@ -38,9 +38,11 @@ fn add_enclaves_to_registry(accounts: &[T::AccountId]) { for a in accounts.iter() { Teerex::::add_enclave( a, - &SgxEnclave::test_enclave() - .with_pubkey(&a.encode()) - .with_mr_enclave(TEST4_SETUP.mrenclave), + &MultiEnclave::from( + SgxEnclave::test_enclave() + .with_pubkey(&a.encode()) + .with_mr_enclave(TEST4_SETUP.mrenclave), + ), ) .unwrap(); } @@ -68,7 +70,7 @@ use crate::{Config, Pallet as PalletModule}; #[cfg(test)] use frame_benchmarking::impl_benchmark_test_suite; -use teerex_primitives::SgxEnclave; +use teerex_primitives::{MultiEnclave, SgxEnclave}; use test_utils::TestEnclave; #[cfg(test)] diff --git a/sidechain/src/lib.rs b/sidechain/src/lib.rs index 5edd842c..f48026e5 100644 --- a/sidechain/src/lib.rs +++ b/sidechain/src/lib.rs @@ -86,7 +86,7 @@ pub mod pallet { let sender = ensure_signed(origin)?; Teerex::::ensure_registered_enclave(&sender)?; - let enclave = Teerex::::sovereign_enclaves(sender) + let enclave = Teerex::::sovereign_enclaves(&sender) .ok_or(pallet_teerex::Error::::EnclaveIsNotRegistered)?; ensure!( enclave.fingerprint().encode() == shard_id.encode(), diff --git a/sidechain/src/tests.rs b/sidechain/src/tests.rs index bf16a71c..21ce7765 100644 --- a/sidechain/src/tests.rs +++ b/sidechain/src/tests.rs @@ -18,7 +18,7 @@ limitations under the License. use crate::{mock::*, Error, Event as SidechainEvent, Teerex}; use frame_support::{assert_err, assert_ok, dispatch::DispatchResultWithPostInfo}; use sp_core::H256; -use teerex_primitives::MrSigner; +use teerex_primitives::{MrSigner, SgxAttestationMethod}; use test_utils::test_data::consts::*; // give get_signer a concrete type @@ -187,8 +187,8 @@ fn dont_process_confirmation_of_second_registered_enclave() { Timestamp::set_timestamp(TEST7_TIMESTAMP); let shard7 = H256::from_slice(&TEST7_MRENCLAVE); - register_ias_enclave(TEST7_SIGNER_PUB, TEST7_CERT, 1); - register_ias_enclave(TEST6_SIGNER_PUB, TEST6_CERT, 2); + register_ias_enclave(TEST7_SIGNER_PUB, TEST7_CERT); + register_ias_enclave(TEST6_SIGNER_PUB, TEST6_CERT); assert_ok!(confirm_block(shard7, TEST6_SIGNER_PUB, 1, 2, H256::default(), false)); assert_eq!(Sidechain::latest_sidechain_block_confirmation(shard7).block_number, 0); @@ -196,19 +196,20 @@ fn dont_process_confirmation_of_second_registered_enclave() { } fn register_ias_enclave7() { - register_ias_enclave(TEST7_SIGNER_PUB, TEST7_CERT, 1); + register_ias_enclave(TEST7_SIGNER_PUB, TEST7_CERT); } -fn register_ias_enclave(signer_pub_key: &MrSigner, cert: &[u8], expected_enclave_count: u64) { - let signer7 = get_signer(signer_pub_key); +fn register_ias_enclave(signer_pub_key: &MrSigner, cert: &[u8]) { + let signer = get_signer(signer_pub_key); //Ensure that enclave is registered - assert_ok!(Teerex::::register_ias_enclave( - RuntimeOrigin::signed(signer7), + assert_ok!(Teerex::::register_sgx_enclave( + RuntimeOrigin::signed(signer.clone()), cert.to_vec(), - URL.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Ias, )); - assert_eq!(Teerex::::enclave_count(), expected_enclave_count); + assert!(Teerex::::sovereign_enclaves(signer).is_some()); } fn confirm_block7( diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index 45cfbb00..b077a9e6 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -618,6 +618,17 @@ impl Pallet { >::insert(shard, signer_statuses.clone()); Ok(signer_statuses) } + + pub fn most_recent_shard_update( + shard: &ShardIdentifier, + ) -> Option> { + if let Some(mut statuses) = >::get(shard) { + statuses.sort_by_key(|a| a.last_activity); + statuses.last().cloned() + } else { + None + } + } } #[cfg(any(test, feature = "runtime-benchmarks"))] From 8a70ad2b6fd66eeb01401b4c95115e03e0040602 Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 08:00:13 +0200 Subject: [PATCH 09/24] teeracle tests pass --- Cargo.lock | 1 + teeracle/Cargo.toml | 1 + teeracle/src/benchmarking.rs | 29 +++++----- teeracle/src/lib.rs | 51 +++++++++-------- teeracle/src/mock.rs | 2 +- teeracle/src/tests.rs | 104 ++++++++++++++++++++++------------- 6 files changed, 111 insertions(+), 77 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 5b70c2b5..2c777e92 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2194,6 +2194,7 @@ dependencies = [ "sp-std 5.0.0", "substrate-fixed", "teeracle-primitives", + "teerex-primitives", "test-utils", ] diff --git a/teeracle/Cargo.toml b/teeracle/Cargo.toml index 31073765..18347adb 100644 --- a/teeracle/Cargo.toml +++ b/teeracle/Cargo.toml @@ -16,6 +16,7 @@ scale-info = { version = "2.0.1", default-features = false, features = ["derive" # local pallet-teerex = { path = "../teerex", default-features = false } teeracle-primitives = { path = "../primitives/teeracle", default-features = false } +teerex-primitives = { path = "../primitives/teerex", default-features = false } # encointer substrate-fixed = { tag = "v0.5.9", default-features = false, git = "https://github.com/encointer/substrate-fixed.git" } diff --git a/teeracle/src/benchmarking.rs b/teeracle/src/benchmarking.rs index fba3dff1..a34ff640 100644 --- a/teeracle/src/benchmarking.rs +++ b/teeracle/src/benchmarking.rs @@ -28,6 +28,7 @@ use pallet_teerex::Pallet as Teerex; use sp_runtime::traits::CheckedConversion; use sp_std::prelude::*; use teeracle_primitives::{DataSource, OracleDataName, TradingPairString}; +use teerex_primitives::SgxAttestationMethod; use test_utils::{ get_signer, @@ -51,13 +52,14 @@ benchmarks! { let data_source: DataSource = "https://api.coingecko.com".into(); // simply register the enclave before to make sure it already // exists when running the benchmark - Teerex::::register_ias_enclave( + Teerex::::register_sgx_enclave( RawOrigin::Signed(signer.clone()).into(), TEST4_SETUP.cert.to_vec(), - URL.to_vec() + Some(URL.to_vec()), + SgxAttestationMethod::Ias, ).unwrap(); - let mrenclave = Teerex::::enclave(1).unwrap().mr_enclave; - Teeracle::::add_to_whitelist(RawOrigin::Root.into(), data_source.clone(), mrenclave).unwrap(); + let fingerprint = Teerex::::sovereign_enclaves(&signer).unwrap().fingerprint(); + Teeracle::::add_to_whitelist(RawOrigin::Root.into(), data_source.clone(), fingerprint).unwrap(); }: _(RawOrigin::Signed(signer), data_source.clone(), trading_pair.clone(), Some(rate)) verify { @@ -74,34 +76,35 @@ benchmarks! { vec![1].try_into().expect("Can Convert to OracleDataBlob; QED"); // simply register the enclave before to make sure it already // exists when running the benchmark - Teerex::::register_ias_enclave( + Teerex::::register_sgx_enclave( RawOrigin::Signed(signer.clone()).into(), TEST4_SETUP.cert.to_vec(), - URL.to_vec() + Some(URL.to_vec()), + SgxAttestationMethod::Ias, ).unwrap(); - let mrenclave = Teerex::::enclave(1).unwrap().mr_enclave; - Teeracle::::add_to_whitelist(RawOrigin::Root.into(), data_source.clone(), mrenclave).unwrap(); + let fingerprint = Teerex::::sovereign_enclaves(&signer).unwrap().fingerprint(); + Teeracle::::add_to_whitelist(RawOrigin::Root.into(), data_source.clone(), fingerprint).unwrap(); }: _(RawOrigin::Signed(signer), oracle_name.clone(), data_source.clone(), oracle_blob.clone()) verify { assert_eq!(Teeracle::::oracle_data(oracle_name, data_source), oracle_blob); } add_to_whitelist { - let mrenclave = TEST4_MRENCLAVE; + let fingerprint = EnclaveFingerprint::from(TEST4_MRENCLAVE); let data_source: DataSource = "https://api.coingecko.com".into(); - }: _(RawOrigin::Root, data_source.clone(), mrenclave) + }: _(RawOrigin::Root, data_source.clone(), fingerprint) verify { assert_eq!(Teeracle::::whitelist(data_source).len(), 1, "mrenclave not added to whitelist") } remove_from_whitelist { - let mrenclave = TEST4_MRENCLAVE; + let fingerprint = EnclaveFingerprint::from(TEST4_MRENCLAVE); let data_source: DataSource = "https://api.coingecko.com".into(); - Teeracle::::add_to_whitelist(RawOrigin::Root.into(), data_source.clone(), mrenclave).unwrap(); + Teeracle::::add_to_whitelist(RawOrigin::Root.into(), data_source.clone(), fingerprint).unwrap(); - }: _(RawOrigin::Root, data_source.clone(), mrenclave) + }: _(RawOrigin::Root, data_source.clone(), fingerprint) verify { assert_eq!(Teeracle::::whitelist(data_source).len(), 0, "mrenclave not removed from whitelist") } diff --git a/teeracle/src/lib.rs b/teeracle/src/lib.rs index dcb9c960..f1f3f9a9 100644 --- a/teeracle/src/lib.rs +++ b/teeracle/src/lib.rs @@ -32,8 +32,10 @@ #![cfg_attr(not(feature = "std"), no_std)] pub use crate::weights::WeightInfo; pub use pallet::*; +use pallet_teerex::Pallet as Teerex; pub use substrate_fixed::types::U32F32; use teeracle_primitives::{DataSource, MAX_ORACLE_DATA_NAME_LEN}; +use teerex_primitives::EnclaveFingerprint; const MAX_TRADING_PAIR_LEN: usize = 11; const MAX_SOURCE_LEN: usize = 40; @@ -97,7 +99,7 @@ pub mod pallet { _, Blake2_128Concat, DataSource, - WeakBoundedVec<[u8; 32], T::MaxWhitelistedReleases>, + WeakBoundedVec, ValueQuery, >; @@ -111,8 +113,8 @@ pub mod pallet { ExchangeRateUpdated(DataSource, TradingPairString, Option), ExchangeRateDeleted(DataSource, TradingPairString), OracleUpdated(OracleDataName, DataSource), - AddedToWhitelist(DataSource, [u8; 32]), - RemovedFromWhitelist(DataSource, [u8; 32]), + AddedToWhitelist(DataSource, EnclaveFingerprint), + RemovedFromWhitelist(DataSource, EnclaveFingerprint), } #[pallet::error] @@ -138,19 +140,19 @@ pub mod pallet { pub fn add_to_whitelist( origin: OriginFor, data_source: DataSource, - mrenclave: [u8; 32], + fingerprint: EnclaveFingerprint, ) -> DispatchResult { ensure_root(origin)?; ensure!(data_source.len() <= MAX_SOURCE_LEN, Error::::DataSourceStringTooLong); ensure!( - !Self::is_whitelisted(&data_source, mrenclave), + !Self::is_whitelisted(&data_source, fingerprint), >::ReleaseAlreadyWhitelisted ); - >::try_mutate(data_source.clone(), |mrenclave_vec| { - mrenclave_vec.try_push(mrenclave) + >::try_mutate(data_source.clone(), |fingerprints| { + fingerprints.try_push(fingerprint) }) .map_err(|_| Error::::ReleaseWhitelistOverflow)?; - Self::deposit_event(Event::AddedToWhitelist(data_source, mrenclave)); + Self::deposit_event(Event::AddedToWhitelist(data_source, fingerprint)); Ok(()) } #[pallet::call_index(1)] @@ -158,17 +160,17 @@ pub mod pallet { pub fn remove_from_whitelist( origin: OriginFor, data_source: DataSource, - mrenclave: [u8; 32], + fingerprint: EnclaveFingerprint, ) -> DispatchResult { ensure_root(origin)?; ensure!( - Self::is_whitelisted(&data_source, mrenclave), + Self::is_whitelisted(&data_source, fingerprint), >::ReleaseNotWhitelisted ); - >::mutate(&data_source, |mrenclave_vec| { - mrenclave_vec.retain(|m| *m != mrenclave) + >::mutate(&data_source, |fingerprints| { + fingerprints.retain(|m| *m != fingerprint) }); - Self::deposit_event(Event::RemovedFromWhitelist(data_source, mrenclave)); + Self::deposit_event(Event::RemovedFromWhitelist(data_source, fingerprint)); Ok(()) } @@ -180,14 +182,12 @@ pub mod pallet { data_source: DataSource, new_blob: OracleDataBlob, ) -> DispatchResultWithPostInfo { - let signer = ensure_signed(origin)?; - >::ensure_registered_enclave(&signer)?; - let signer_index = >::enclave_index(signer); - let signer_enclave = >::enclave(signer_index) - .ok_or(pallet_teerex::Error::::EmptyEnclaveRegistry)?; + let sender = ensure_signed(origin)?; + let enclave = Teerex::::sovereign_enclaves(&sender) + .ok_or(pallet_teerex::Error::::EnclaveIsNotRegistered)?; ensure!( - Self::is_whitelisted(&data_source, signer_enclave.mr_enclave), + Self::is_whitelisted(&data_source, enclave.fingerprint()), >::ReleaseNotWhitelisted ); ensure!( @@ -214,17 +214,16 @@ pub mod pallet { new_value: Option, ) -> DispatchResultWithPostInfo { let sender = ensure_signed(origin)?; - >::ensure_registered_enclave(&sender)?; - let sender_index = >::enclave_index(sender); - let sender_enclave = >::enclave(sender_index) - .ok_or(pallet_teerex::Error::::EmptyEnclaveRegistry)?; + let enclave = Teerex::::sovereign_enclaves(&sender) + .ok_or(pallet_teerex::Error::::EnclaveIsNotRegistered)?; + // Todo: Never checks data source len ensure!( trading_pair.len() <= MAX_TRADING_PAIR_LEN, Error::::TradingPairStringTooLong ); ensure!( - Self::is_whitelisted(&data_source, sender_enclave.mr_enclave), + Self::is_whitelisted(&data_source, enclave.fingerprint()), >::ReleaseNotWhitelisted ); if new_value.is_none() || new_value == Some(U32F32::from_num(0)) { @@ -247,8 +246,8 @@ pub mod pallet { } } impl Pallet { - fn is_whitelisted(data_source: &DataSource, mrenclave: [u8; 32]) -> bool { - Self::whitelist(data_source).contains(&mrenclave) + fn is_whitelisted(data_source: &DataSource, fingerprint: EnclaveFingerprint) -> bool { + Self::whitelist(data_source).contains(&fingerprint) } } diff --git a/teeracle/src/mock.rs b/teeracle/src/mock.rs index ae837e3c..54d9d389 100644 --- a/teeracle/src/mock.rs +++ b/teeracle/src/mock.rs @@ -118,7 +118,7 @@ pub type Moment = u64; impl timestamp::Config for Test { type Moment = Moment; - type OnTimestampSet = Teerex; + type OnTimestampSet = (); type MinimumPeriod = MinimumPeriod; type WeightInfo = (); } diff --git a/teeracle/src/tests.rs b/teeracle/src/tests.rs index 8a7755d1..c09adca0 100644 --- a/teeracle/src/tests.rs +++ b/teeracle/src/tests.rs @@ -21,6 +21,7 @@ use pallet_teerex::Error; use sp_runtime::DispatchError::BadOrigin; use substrate_fixed::types::U32F32; use teeracle_primitives::*; +use teerex_primitives::{EnclaveFingerprint, SgxAttestationMethod}; use test_utils::test_data::consts::{ TEST4_CERT, TEST4_MRENCLAVE, TEST4_SIGNER_PUB, TEST4_TIMESTAMP, TEST5_MRENCLAVE, TEST5_SIGNER_PUB, TEST8_MRENCLAVE, URL, @@ -39,13 +40,14 @@ fn get_signer(pubkey: &[u8; 32]) -> AccountId { fn register_ias_enclave_and_add_oracle_to_whitelist_ok(src: &str) { Timestamp::set_timestamp(TEST4_TIMESTAMP); let signer = get_signer(TEST4_SIGNER_PUB); - assert_ok!(Teerex::register_ias_enclave( - RuntimeOrigin::signed(signer), + assert_ok!(Teerex::register_sgx_enclave( + RuntimeOrigin::signed(signer.clone()), TEST4_CERT.to_vec(), - URL.to_vec() + Some(URL.to_vec()), + SgxAttestationMethod::Ias, )); - let mrenclave = Teerex::enclave(1).unwrap().mr_enclave; - assert_ok!(Teeracle::add_to_whitelist(RuntimeOrigin::root(), src.to_owned(), mrenclave)); + let fingerprint = Teerex::sovereign_enclaves(&signer).unwrap().fingerprint(); + assert_ok!(Teeracle::add_to_whitelist(RuntimeOrigin::root(), src.to_owned(), fingerprint)); } fn update_exchange_rate_dot_dollars_ok(src: &str, rate: Option) { @@ -222,10 +224,11 @@ fn update_exchange_rate_from_not_whitelisted_oracle_fails() { new_test_ext().execute_with(|| { Timestamp::set_timestamp(TEST4_TIMESTAMP); let signer = get_signer(TEST4_SIGNER_PUB); - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer.clone()), TEST4_CERT.to_vec(), - URL.to_vec() + Some(URL.to_vec()), + SgxAttestationMethod::Ias, )); let rate = U32F32::from_num(43.65); @@ -246,10 +249,11 @@ fn update_oracle_from_not_whitelisted_oracle_fails() { new_test_ext().execute_with(|| { Timestamp::set_timestamp(TEST4_TIMESTAMP); let signer = get_signer(TEST4_SIGNER_PUB); - assert_ok!(Teerex::register_ias_enclave( + assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer.clone()), TEST4_CERT.to_vec(), - URL.to_vec() + Some(URL.to_vec()), + SgxAttestationMethod::Ias, )); assert_noop!( @@ -287,14 +291,15 @@ fn update_exchange_rate_with_too_long_trading_pair_fails() { #[test] fn add_to_whitelist_works() { new_test_ext().execute_with(|| { + let fingerprint = EnclaveFingerprint::from(TEST4_MRENCLAVE); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - TEST4_MRENCLAVE + fingerprint )); let expected_event = RuntimeEvent::Teeracle(crate::Event::AddedToWhitelist( COINGECKO_SRC.to_owned(), - TEST4_MRENCLAVE, + fingerprint, )); assert!(System::events().iter().any(|a| a.event == expected_event)); assert_eq!(Teeracle::whitelist(COINGECKO_SRC.to_owned()).len(), 1); @@ -304,19 +309,20 @@ fn add_to_whitelist_works() { #[test] fn add_mulitple_src_to_whitelists_works() { new_test_ext().execute_with(|| { + let fingerprint = EnclaveFingerprint::from(TEST4_MRENCLAVE); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - TEST4_MRENCLAVE + fingerprint )); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINMARKETCAP_SRC.to_owned(), - TEST4_MRENCLAVE + fingerprint )); let expected_event = RuntimeEvent::Teeracle(crate::Event::AddedToWhitelist( COINMARKETCAP_SRC.to_owned(), - TEST4_MRENCLAVE, + fingerprint, )); assert!(System::events().iter().any(|a| a.event == expected_event)); @@ -328,16 +334,17 @@ fn add_mulitple_src_to_whitelists_works() { #[test] fn add_two_times_to_whitelist_fails() { new_test_ext().execute_with(|| { + let fingerprint = EnclaveFingerprint::from(TEST4_MRENCLAVE); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - TEST4_MRENCLAVE + fingerprint )); assert_err!( Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - TEST4_MRENCLAVE + fingerprint ), crate::Error::::ReleaseAlreadyWhitelisted ); @@ -351,58 +358,74 @@ fn add_too_many_oracles_to_whitelist_fails() { assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - TEST4_MRENCLAVE + EnclaveFingerprint::from(TEST4_MRENCLAVE) )); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - TEST5_MRENCLAVE + EnclaveFingerprint::from(TEST5_MRENCLAVE) )); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d2") + EnclaveFingerprint::from(hex!( + "f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d2" + )) )); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d3") + EnclaveFingerprint::from(hex!( + "f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d3" + )) )); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d4") + EnclaveFingerprint::from(hex!( + "f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d4" + )) )); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d5") + EnclaveFingerprint::from(hex!( + "f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d5" + )) )); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d6") + EnclaveFingerprint::from(hex!( + "f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d6" + )) )); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d7") + EnclaveFingerprint::from(hex!( + "f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d7" + )) )); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d8") + EnclaveFingerprint::from(hex!( + "f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d8" + )) )); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d9") + EnclaveFingerprint::from(hex!( + "f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d9" + )) )); assert_err!( Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - TEST8_MRENCLAVE + EnclaveFingerprint::from(TEST8_MRENCLAVE) ), crate::Error::::ReleaseWhitelistOverflow ); @@ -414,7 +437,11 @@ fn add_to_whitelist_too_long_source_fails() { new_test_ext().execute_with(|| { let too_long_source = "123456789_223456789_323456789_423456789_1".to_owned(); assert_err!( - Teeracle::add_to_whitelist(RuntimeOrigin::root(), too_long_source, TEST4_MRENCLAVE), + Teeracle::add_to_whitelist( + RuntimeOrigin::root(), + too_long_source, + EnclaveFingerprint::from(TEST4_MRENCLAVE) + ), crate::Error::::DataSourceStringTooLong ); }) @@ -424,11 +451,12 @@ fn add_to_whitelist_too_long_source_fails() { fn non_root_add_to_whitelist_fails() { new_test_ext().execute_with(|| { let signer = get_signer(TEST5_SIGNER_PUB); + let fingerprint = EnclaveFingerprint::from(TEST4_MRENCLAVE); assert_err!( Teeracle::add_to_whitelist( RuntimeOrigin::signed(signer), COINGECKO_SRC.to_owned(), - TEST4_MRENCLAVE + fingerprint ), BadOrigin ); @@ -439,19 +467,20 @@ fn non_root_add_to_whitelist_fails() { #[test] fn remove_from_whitelist_works() { new_test_ext().execute_with(|| { + let fingerprint = EnclaveFingerprint::from(TEST4_MRENCLAVE); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - TEST4_MRENCLAVE + fingerprint )); assert_ok!(Teeracle::remove_from_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - TEST4_MRENCLAVE + fingerprint )); let expected_event = RuntimeEvent::Teeracle(crate::Event::RemovedFromWhitelist( COINGECKO_SRC.to_owned(), - TEST4_MRENCLAVE, + fingerprint, )); assert!(System::events().iter().any(|a| a.event == expected_event)); assert_eq!(Teeracle::whitelist(COINGECKO_SRC.to_owned()).len(), 0); @@ -464,13 +493,13 @@ fn remove_from_whitelist_not_whitelisted_fails() { assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - TEST4_MRENCLAVE + EnclaveFingerprint::from(TEST4_MRENCLAVE) )); assert_err!( Teeracle::remove_from_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - TEST5_MRENCLAVE + EnclaveFingerprint::from(TEST5_MRENCLAVE) ), crate::Error::::ReleaseNotWhitelisted ); @@ -486,7 +515,7 @@ fn remove_from_empty_whitelist_doesnt_crash() { Teeracle::remove_from_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - TEST5_MRENCLAVE + EnclaveFingerprint::from(TEST5_MRENCLAVE) ), crate::Error::::ReleaseNotWhitelisted ); @@ -498,16 +527,17 @@ fn remove_from_empty_whitelist_doesnt_crash() { fn non_root_remove_from_whitelist_fails() { new_test_ext().execute_with(|| { let signer = get_signer(TEST5_SIGNER_PUB); + let fingerprint = EnclaveFingerprint::from(TEST4_MRENCLAVE); assert_ok!(Teeracle::add_to_whitelist( RuntimeOrigin::root(), COINGECKO_SRC.to_owned(), - TEST4_MRENCLAVE + fingerprint )); assert_err!( Teeracle::remove_from_whitelist( RuntimeOrigin::signed(signer), COINGECKO_SRC.to_owned(), - TEST4_MRENCLAVE + fingerprint ), BadOrigin ); From 2def417303621a923337511fe5fea343541198ed Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 08:10:31 +0200 Subject: [PATCH 10/24] clippy --- Cargo.lock | 80 ++++++++++++++++++------------------ primitives/teerex/src/lib.rs | 8 ++-- 2 files changed, 44 insertions(+), 44 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 2c777e92..9b358650 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -969,7 +969,7 @@ dependencies = [ [[package]] name = "frame-benchmarking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "frame-support-procedural", @@ -1006,7 +1006,7 @@ dependencies = [ [[package]] name = "frame-support" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bitflags", "environmental", @@ -1039,7 +1039,7 @@ dependencies = [ [[package]] name = "frame-support-procedural" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "cfg-expr", @@ -1055,7 +1055,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support-procedural-tools-derive", "proc-macro-crate", @@ -1067,7 +1067,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools-derive" version = "3.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -1077,7 +1077,7 @@ dependencies = [ [[package]] name = "frame-system" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "log", @@ -2090,7 +2090,7 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "pallet-balances" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2227,7 +2227,7 @@ dependencies = [ [[package]] name = "pallet-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2245,7 +2245,7 @@ dependencies = [ [[package]] name = "pallet-vesting" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -3334,7 +3334,7 @@ dependencies = [ [[package]] name = "sp-api" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3354,7 +3354,7 @@ dependencies = [ [[package]] name = "sp-api-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "blake2", @@ -3368,7 +3368,7 @@ dependencies = [ [[package]] name = "sp-application-crypto" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3381,7 +3381,7 @@ dependencies = [ [[package]] name = "sp-arithmetic" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "integer-sqrt", "num-traits", @@ -3395,7 +3395,7 @@ dependencies = [ [[package]] name = "sp-authority-discovery" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3408,7 +3408,7 @@ dependencies = [ [[package]] name = "sp-consensus-slots" version = "0.10.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3420,7 +3420,7 @@ dependencies = [ [[package]] name = "sp-core" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "array-bytes", "bitflags", @@ -3464,7 +3464,7 @@ dependencies = [ [[package]] name = "sp-core-hashing" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "blake2b_simd", "byteorder", @@ -3493,7 +3493,7 @@ dependencies = [ [[package]] name = "sp-core-hashing-proc-macro" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3504,7 +3504,7 @@ dependencies = [ [[package]] name = "sp-debug-derive" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3514,7 +3514,7 @@ dependencies = [ [[package]] name = "sp-externalities" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "environmental", "parity-scale-codec", @@ -3525,7 +3525,7 @@ dependencies = [ [[package]] name = "sp-inherents" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "impl-trait-for-tuples", @@ -3540,7 +3540,7 @@ dependencies = [ [[package]] name = "sp-io" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "ed25519", @@ -3566,7 +3566,7 @@ dependencies = [ [[package]] name = "sp-keyring" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "lazy_static", "sp-core", @@ -3577,7 +3577,7 @@ dependencies = [ [[package]] name = "sp-keystore" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "futures", "parity-scale-codec", @@ -3591,7 +3591,7 @@ dependencies = [ [[package]] name = "sp-metadata-ir" version = "0.1.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-metadata", "parity-scale-codec", @@ -3602,7 +3602,7 @@ dependencies = [ [[package]] name = "sp-panic-handler" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "backtrace", "lazy_static", @@ -3612,7 +3612,7 @@ dependencies = [ [[package]] name = "sp-runtime" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "either", "hash256-std-hasher", @@ -3634,7 +3634,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "impl-trait-for-tuples", @@ -3652,7 +3652,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface-proc-macro" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "proc-macro-crate", @@ -3664,7 +3664,7 @@ dependencies = [ [[package]] name = "sp-staking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3677,7 +3677,7 @@ dependencies = [ [[package]] name = "sp-state-machine" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3697,7 +3697,7 @@ dependencies = [ [[package]] name = "sp-std" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" [[package]] name = "sp-std" @@ -3708,7 +3708,7 @@ checksum = "1de8eef39962b5b97478719c493bed2926cf70cb621005bbf68ebe58252ff986" [[package]] name = "sp-storage" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3721,7 +3721,7 @@ dependencies = [ [[package]] name = "sp-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "futures-timer", @@ -3736,7 +3736,7 @@ dependencies = [ [[package]] name = "sp-tracing" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "sp-std 5.0.0", @@ -3748,7 +3748,7 @@ dependencies = [ [[package]] name = "sp-trie" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "ahash 0.8.3", "hash-db", @@ -3771,7 +3771,7 @@ dependencies = [ [[package]] name = "sp-version" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3788,7 +3788,7 @@ dependencies = [ [[package]] name = "sp-version-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "proc-macro2", @@ -3799,7 +3799,7 @@ dependencies = [ [[package]] name = "sp-wasm-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "anyhow", "impl-trait-for-tuples", @@ -3813,7 +3813,7 @@ dependencies = [ [[package]] name = "sp-weights" version = "4.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", diff --git a/primitives/teerex/src/lib.rs b/primitives/teerex/src/lib.rs index 6811e4aa..be14942e 100644 --- a/primitives/teerex/src/lib.rs +++ b/primitives/teerex/src/lib.rs @@ -172,11 +172,11 @@ impl MultiEnclave { pub fn attestaion_proxied(self) -> bool { match self { - MultiEnclave::Sgx(enclave) => match enclave.attestation_method { + MultiEnclave::Sgx(enclave) => matches!( + enclave.attestation_method, SgxAttestationMethod::Skip { proxied: true } | - SgxAttestationMethod::Dcap { proxied: true } => true, - _ => false, - }, + SgxAttestationMethod::Dcap { proxied: true } + ), } } } From 1c2263c077dcdea071630840fbb4a221caf32c00 Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 09:31:40 +0200 Subject: [PATCH 11/24] clippy wip --- Cargo.lock | 80 +++++++++++++++++++++++------------------------ teerex/src/lib.rs | 27 ++++++++-------- 2 files changed, 54 insertions(+), 53 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 9b358650..2c777e92 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -969,7 +969,7 @@ dependencies = [ [[package]] name = "frame-benchmarking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "frame-support-procedural", @@ -1006,7 +1006,7 @@ dependencies = [ [[package]] name = "frame-support" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bitflags", "environmental", @@ -1039,7 +1039,7 @@ dependencies = [ [[package]] name = "frame-support-procedural" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "cfg-expr", @@ -1055,7 +1055,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support-procedural-tools-derive", "proc-macro-crate", @@ -1067,7 +1067,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools-derive" version = "3.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -1077,7 +1077,7 @@ dependencies = [ [[package]] name = "frame-system" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "log", @@ -2090,7 +2090,7 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "pallet-balances" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2227,7 +2227,7 @@ dependencies = [ [[package]] name = "pallet-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2245,7 +2245,7 @@ dependencies = [ [[package]] name = "pallet-vesting" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -3334,7 +3334,7 @@ dependencies = [ [[package]] name = "sp-api" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3354,7 +3354,7 @@ dependencies = [ [[package]] name = "sp-api-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "blake2", @@ -3368,7 +3368,7 @@ dependencies = [ [[package]] name = "sp-application-crypto" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3381,7 +3381,7 @@ dependencies = [ [[package]] name = "sp-arithmetic" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "integer-sqrt", "num-traits", @@ -3395,7 +3395,7 @@ dependencies = [ [[package]] name = "sp-authority-discovery" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3408,7 +3408,7 @@ dependencies = [ [[package]] name = "sp-consensus-slots" version = "0.10.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3420,7 +3420,7 @@ dependencies = [ [[package]] name = "sp-core" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "array-bytes", "bitflags", @@ -3464,7 +3464,7 @@ dependencies = [ [[package]] name = "sp-core-hashing" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "blake2b_simd", "byteorder", @@ -3493,7 +3493,7 @@ dependencies = [ [[package]] name = "sp-core-hashing-proc-macro" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3504,7 +3504,7 @@ dependencies = [ [[package]] name = "sp-debug-derive" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3514,7 +3514,7 @@ dependencies = [ [[package]] name = "sp-externalities" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "environmental", "parity-scale-codec", @@ -3525,7 +3525,7 @@ dependencies = [ [[package]] name = "sp-inherents" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "impl-trait-for-tuples", @@ -3540,7 +3540,7 @@ dependencies = [ [[package]] name = "sp-io" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "ed25519", @@ -3566,7 +3566,7 @@ dependencies = [ [[package]] name = "sp-keyring" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "lazy_static", "sp-core", @@ -3577,7 +3577,7 @@ dependencies = [ [[package]] name = "sp-keystore" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "futures", "parity-scale-codec", @@ -3591,7 +3591,7 @@ dependencies = [ [[package]] name = "sp-metadata-ir" version = "0.1.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-metadata", "parity-scale-codec", @@ -3602,7 +3602,7 @@ dependencies = [ [[package]] name = "sp-panic-handler" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "backtrace", "lazy_static", @@ -3612,7 +3612,7 @@ dependencies = [ [[package]] name = "sp-runtime" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "either", "hash256-std-hasher", @@ -3634,7 +3634,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "impl-trait-for-tuples", @@ -3652,7 +3652,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface-proc-macro" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "proc-macro-crate", @@ -3664,7 +3664,7 @@ dependencies = [ [[package]] name = "sp-staking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3677,7 +3677,7 @@ dependencies = [ [[package]] name = "sp-state-machine" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3697,7 +3697,7 @@ dependencies = [ [[package]] name = "sp-std" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" [[package]] name = "sp-std" @@ -3708,7 +3708,7 @@ checksum = "1de8eef39962b5b97478719c493bed2926cf70cb621005bbf68ebe58252ff986" [[package]] name = "sp-storage" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3721,7 +3721,7 @@ dependencies = [ [[package]] name = "sp-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "futures-timer", @@ -3736,7 +3736,7 @@ dependencies = [ [[package]] name = "sp-tracing" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "sp-std 5.0.0", @@ -3748,7 +3748,7 @@ dependencies = [ [[package]] name = "sp-trie" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "ahash 0.8.3", "hash-db", @@ -3771,7 +3771,7 @@ dependencies = [ [[package]] name = "sp-version" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3788,7 +3788,7 @@ dependencies = [ [[package]] name = "sp-version-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "proc-macro2", @@ -3799,7 +3799,7 @@ dependencies = [ [[package]] name = "sp-wasm-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "anyhow", "impl-trait-for-tuples", @@ -3813,7 +3813,7 @@ dependencies = [ [[package]] name = "sp-weights" version = "4.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index b077a9e6..e73ae7b5 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -77,6 +77,8 @@ pub mod pallet { type MaxSilenceTime: Get; } + pub type ShardSignerStatuses = Vec>; + #[pallet::event] #[pallet::generate_deposit(pub(super) fn deposit_event)] pub enum Event { @@ -233,7 +235,12 @@ pub mod pallet { let tcb_info_on_chain = >::get(fmspc); ensure!(tcb_info_on_chain.verify_examinee(&tcb_info), "tcb_info is outdated"); - let enclave = SgxEnclave::new( + // TODO: activate state checks as soon as we've fixed our setup #83 + // ensure!((report.status == SgxStatus::Ok) | (report.status == SgxStatus::ConfigurationNeeded), + // "RA status is insufficient"); + // log::info!("teerex: status is acceptable"); + + SgxEnclave::new( report.report_data, report.mr_enclave, report.mr_signer, @@ -241,13 +248,7 @@ pub mod pallet { report.build_mode, report.status, ) - .with_attestation_method(SgxAttestationMethod::Dcap { proxied }); - - // TODO: activate state checks as soon as we've fixed our setup #83 - // ensure!((report.status == SgxStatus::Ok) | (report.status == SgxStatus::ConfigurationNeeded), - // "RA status is insufficient"); - // log::info!("teerex: status is acceptable"); - enclave + .with_attestation_method(SgxAttestationMethod::Dcap { proxied }) }, SgxAttestationMethod::Skip { proxied } => SgxEnclave::new( SgxReportData::default(), @@ -316,7 +317,7 @@ pub mod pallet { let sender = ensure_signed(origin)?; let enclave = >::get(&sender).ok_or(>::EnclaveIsNotRegistered)?; - Self::poke_shard(enclave.fingerprint().into(), &sender)?; + Self::poke_shard(enclave.fingerprint(), &sender)?; log::debug!( "Processed parentchain block confirmed for mrenclave {:?}, block hash {:?}", @@ -367,7 +368,7 @@ pub mod pallet { let sender = ensure_signed(origin)?; let sender_enclave = >::get(&sender).ok_or(>::EnclaveIsNotRegistered)?; - Self::poke_shard(sender_enclave.fingerprint().into(), &sender)?; + Self::poke_shard(sender_enclave.fingerprint(), &sender)?; ensure!( sender_enclave.fingerprint().encode() == bonding_account.encode(), @@ -449,13 +450,13 @@ pub mod pallet { let sender = ensure_signed(origin)?; let enclave = >::get(&sender).ok_or(>::EnclaveIsNotRegistered)?; - Self::poke_shard(enclave.fingerprint().into(), &sender)?; + Self::poke_shard(enclave.fingerprint(), &sender)?; ensure!(extra_topics.len() <= TOPICS_LIMIT, >::TooManyTopics); ensure!(data.len() <= DATA_LENGTH_LIMIT, >::DataTooLong); let mut topics = extra_topics; - topics.push(T::Hash::from(enclave.clone().fingerprint().into())); + topics.push(T::Hash::from(enclave.fingerprint().into())); Self::deposit_event_indexed( &topics, @@ -593,7 +594,7 @@ impl Pallet { pub fn poke_shard( shard: ShardIdentifier, enclave_signer: &T::AccountId, - ) -> Result>, DispatchErrorWithPostInfo> { + ) -> Result { let enclave = Self::sovereign_enclaves(enclave_signer.clone()) .ok_or(>::EnclaveIsNotRegistered)?; From 1f1c8977d167566c561c2156edac79035cea6123 Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 09:36:41 +0200 Subject: [PATCH 12/24] clippy fixed --- Cargo.lock | 80 ++++++++++++++++++++++---------------------- sidechain/src/lib.rs | 2 +- teerex/src/lib.rs | 5 ++- 3 files changed, 43 insertions(+), 44 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 2c777e92..9b358650 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -969,7 +969,7 @@ dependencies = [ [[package]] name = "frame-benchmarking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "frame-support-procedural", @@ -1006,7 +1006,7 @@ dependencies = [ [[package]] name = "frame-support" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bitflags", "environmental", @@ -1039,7 +1039,7 @@ dependencies = [ [[package]] name = "frame-support-procedural" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "cfg-expr", @@ -1055,7 +1055,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support-procedural-tools-derive", "proc-macro-crate", @@ -1067,7 +1067,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools-derive" version = "3.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -1077,7 +1077,7 @@ dependencies = [ [[package]] name = "frame-system" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "log", @@ -2090,7 +2090,7 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "pallet-balances" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2227,7 +2227,7 @@ dependencies = [ [[package]] name = "pallet-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2245,7 +2245,7 @@ dependencies = [ [[package]] name = "pallet-vesting" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -3334,7 +3334,7 @@ dependencies = [ [[package]] name = "sp-api" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3354,7 +3354,7 @@ dependencies = [ [[package]] name = "sp-api-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "blake2", @@ -3368,7 +3368,7 @@ dependencies = [ [[package]] name = "sp-application-crypto" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3381,7 +3381,7 @@ dependencies = [ [[package]] name = "sp-arithmetic" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "integer-sqrt", "num-traits", @@ -3395,7 +3395,7 @@ dependencies = [ [[package]] name = "sp-authority-discovery" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3408,7 +3408,7 @@ dependencies = [ [[package]] name = "sp-consensus-slots" version = "0.10.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3420,7 +3420,7 @@ dependencies = [ [[package]] name = "sp-core" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "array-bytes", "bitflags", @@ -3464,7 +3464,7 @@ dependencies = [ [[package]] name = "sp-core-hashing" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "blake2b_simd", "byteorder", @@ -3493,7 +3493,7 @@ dependencies = [ [[package]] name = "sp-core-hashing-proc-macro" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3504,7 +3504,7 @@ dependencies = [ [[package]] name = "sp-debug-derive" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3514,7 +3514,7 @@ dependencies = [ [[package]] name = "sp-externalities" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "environmental", "parity-scale-codec", @@ -3525,7 +3525,7 @@ dependencies = [ [[package]] name = "sp-inherents" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "impl-trait-for-tuples", @@ -3540,7 +3540,7 @@ dependencies = [ [[package]] name = "sp-io" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "ed25519", @@ -3566,7 +3566,7 @@ dependencies = [ [[package]] name = "sp-keyring" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "lazy_static", "sp-core", @@ -3577,7 +3577,7 @@ dependencies = [ [[package]] name = "sp-keystore" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "futures", "parity-scale-codec", @@ -3591,7 +3591,7 @@ dependencies = [ [[package]] name = "sp-metadata-ir" version = "0.1.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-metadata", "parity-scale-codec", @@ -3602,7 +3602,7 @@ dependencies = [ [[package]] name = "sp-panic-handler" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "backtrace", "lazy_static", @@ -3612,7 +3612,7 @@ dependencies = [ [[package]] name = "sp-runtime" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "either", "hash256-std-hasher", @@ -3634,7 +3634,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "impl-trait-for-tuples", @@ -3652,7 +3652,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface-proc-macro" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "proc-macro-crate", @@ -3664,7 +3664,7 @@ dependencies = [ [[package]] name = "sp-staking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3677,7 +3677,7 @@ dependencies = [ [[package]] name = "sp-state-machine" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3697,7 +3697,7 @@ dependencies = [ [[package]] name = "sp-std" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" [[package]] name = "sp-std" @@ -3708,7 +3708,7 @@ checksum = "1de8eef39962b5b97478719c493bed2926cf70cb621005bbf68ebe58252ff986" [[package]] name = "sp-storage" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3721,7 +3721,7 @@ dependencies = [ [[package]] name = "sp-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "futures-timer", @@ -3736,7 +3736,7 @@ dependencies = [ [[package]] name = "sp-tracing" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "sp-std 5.0.0", @@ -3748,7 +3748,7 @@ dependencies = [ [[package]] name = "sp-trie" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "ahash 0.8.3", "hash-db", @@ -3771,7 +3771,7 @@ dependencies = [ [[package]] name = "sp-version" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3788,7 +3788,7 @@ dependencies = [ [[package]] name = "sp-version-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "proc-macro2", @@ -3799,7 +3799,7 @@ dependencies = [ [[package]] name = "sp-wasm-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "anyhow", "impl-trait-for-tuples", @@ -3813,7 +3813,7 @@ dependencies = [ [[package]] name = "sp-weights" version = "4.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", diff --git a/sidechain/src/lib.rs b/sidechain/src/lib.rs index f48026e5..86e95c62 100644 --- a/sidechain/src/lib.rs +++ b/sidechain/src/lib.rs @@ -92,7 +92,7 @@ pub mod pallet { enclave.fingerprint().encode() == shard_id.encode(), pallet_teerex::Error::::WrongMrenclaveForShard ); - let shard_status = Teerex::::poke_shard(enclave.fingerprint().into(), &sender)?; + let shard_status = Teerex::::poke_shard(enclave.fingerprint(), &sender)?; // TODO: Simple logic for now: only accept blocks from first registered enclave. if sender != shard_status[0].signer { diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index e73ae7b5..63e29074 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -38,6 +38,7 @@ use teerex_primitives::{SgxBuildMode, SgxStatus}; // Disambiguate associated types pub type AccountId = ::AccountId; pub type BalanceOf = <::Currency as Currency>>::Balance; +pub type ShardSignerStatuses = Vec::AccountId, ::BlockNumber>>; pub use pallet::*; @@ -77,8 +78,6 @@ pub mod pallet { type MaxSilenceTime: Get; } - pub type ShardSignerStatuses = Vec>; - #[pallet::event] #[pallet::generate_deposit(pub(super) fn deposit_event)] pub enum Event { @@ -594,7 +593,7 @@ impl Pallet { pub fn poke_shard( shard: ShardIdentifier, enclave_signer: &T::AccountId, - ) -> Result { + ) -> Result, DispatchErrorWithPostInfo> { let enclave = Self::sovereign_enclaves(enclave_signer.clone()) .ok_or(>::EnclaveIsNotRegistered)?; From bf4ba209e80923023b93b111c60b170dded796e2 Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 09:37:41 +0200 Subject: [PATCH 13/24] fmt --- teerex/src/lib.rs | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index 63e29074..71d21960 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -38,7 +38,12 @@ use teerex_primitives::{SgxBuildMode, SgxStatus}; // Disambiguate associated types pub type AccountId = ::AccountId; pub type BalanceOf = <::Currency as Currency>>::Balance; -pub type ShardSignerStatuses = Vec::AccountId, ::BlockNumber>>; +pub type ShardSignerStatuses = Vec< + ShardSignerStatus< + ::AccountId, + ::BlockNumber, + >, +>; pub use pallet::*; @@ -593,7 +598,7 @@ impl Pallet { pub fn poke_shard( shard: ShardIdentifier, enclave_signer: &T::AccountId, - ) -> Result, DispatchErrorWithPostInfo> { + ) -> Result, DispatchErrorWithPostInfo> { let enclave = Self::sovereign_enclaves(enclave_signer.clone()) .ok_or(>::EnclaveIsNotRegistered)?; From bffdf1be29592b72f96b5a80c3a975af66c27017 Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 10:16:23 +0200 Subject: [PATCH 14/24] introduce lazy garbage collection with unregister_sovereign_enclave --- Cargo.lock | 80 +++++++++++++++++----------------- teerex/src/benchmarking.rs | 6 ++- teerex/src/lib.rs | 29 ++++++------ teerex/src/tests/test_cases.rs | 15 +++++-- 4 files changed, 72 insertions(+), 58 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 9b358650..2c777e92 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -969,7 +969,7 @@ dependencies = [ [[package]] name = "frame-benchmarking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "frame-support-procedural", @@ -1006,7 +1006,7 @@ dependencies = [ [[package]] name = "frame-support" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bitflags", "environmental", @@ -1039,7 +1039,7 @@ dependencies = [ [[package]] name = "frame-support-procedural" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "cfg-expr", @@ -1055,7 +1055,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support-procedural-tools-derive", "proc-macro-crate", @@ -1067,7 +1067,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools-derive" version = "3.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -1077,7 +1077,7 @@ dependencies = [ [[package]] name = "frame-system" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "log", @@ -2090,7 +2090,7 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "pallet-balances" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2227,7 +2227,7 @@ dependencies = [ [[package]] name = "pallet-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2245,7 +2245,7 @@ dependencies = [ [[package]] name = "pallet-vesting" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -3334,7 +3334,7 @@ dependencies = [ [[package]] name = "sp-api" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3354,7 +3354,7 @@ dependencies = [ [[package]] name = "sp-api-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "blake2", @@ -3368,7 +3368,7 @@ dependencies = [ [[package]] name = "sp-application-crypto" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3381,7 +3381,7 @@ dependencies = [ [[package]] name = "sp-arithmetic" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "integer-sqrt", "num-traits", @@ -3395,7 +3395,7 @@ dependencies = [ [[package]] name = "sp-authority-discovery" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3408,7 +3408,7 @@ dependencies = [ [[package]] name = "sp-consensus-slots" version = "0.10.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3420,7 +3420,7 @@ dependencies = [ [[package]] name = "sp-core" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "array-bytes", "bitflags", @@ -3464,7 +3464,7 @@ dependencies = [ [[package]] name = "sp-core-hashing" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "blake2b_simd", "byteorder", @@ -3493,7 +3493,7 @@ dependencies = [ [[package]] name = "sp-core-hashing-proc-macro" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3504,7 +3504,7 @@ dependencies = [ [[package]] name = "sp-debug-derive" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3514,7 +3514,7 @@ dependencies = [ [[package]] name = "sp-externalities" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "environmental", "parity-scale-codec", @@ -3525,7 +3525,7 @@ dependencies = [ [[package]] name = "sp-inherents" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "impl-trait-for-tuples", @@ -3540,7 +3540,7 @@ dependencies = [ [[package]] name = "sp-io" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "ed25519", @@ -3566,7 +3566,7 @@ dependencies = [ [[package]] name = "sp-keyring" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "lazy_static", "sp-core", @@ -3577,7 +3577,7 @@ dependencies = [ [[package]] name = "sp-keystore" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "futures", "parity-scale-codec", @@ -3591,7 +3591,7 @@ dependencies = [ [[package]] name = "sp-metadata-ir" version = "0.1.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-metadata", "parity-scale-codec", @@ -3602,7 +3602,7 @@ dependencies = [ [[package]] name = "sp-panic-handler" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "backtrace", "lazy_static", @@ -3612,7 +3612,7 @@ dependencies = [ [[package]] name = "sp-runtime" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "either", "hash256-std-hasher", @@ -3634,7 +3634,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "impl-trait-for-tuples", @@ -3652,7 +3652,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface-proc-macro" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "proc-macro-crate", @@ -3664,7 +3664,7 @@ dependencies = [ [[package]] name = "sp-staking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3677,7 +3677,7 @@ dependencies = [ [[package]] name = "sp-state-machine" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3697,7 +3697,7 @@ dependencies = [ [[package]] name = "sp-std" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" [[package]] name = "sp-std" @@ -3708,7 +3708,7 @@ checksum = "1de8eef39962b5b97478719c493bed2926cf70cb621005bbf68ebe58252ff986" [[package]] name = "sp-storage" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3721,7 +3721,7 @@ dependencies = [ [[package]] name = "sp-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "futures-timer", @@ -3736,7 +3736,7 @@ dependencies = [ [[package]] name = "sp-tracing" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "sp-std 5.0.0", @@ -3748,7 +3748,7 @@ dependencies = [ [[package]] name = "sp-trie" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "ahash 0.8.3", "hash-db", @@ -3771,7 +3771,7 @@ dependencies = [ [[package]] name = "sp-version" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3788,7 +3788,7 @@ dependencies = [ [[package]] name = "sp-version-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "proc-macro2", @@ -3799,7 +3799,7 @@ dependencies = [ [[package]] name = "sp-wasm-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "anyhow", "impl-trait-for-tuples", @@ -3813,7 +3813,7 @@ dependencies = [ [[package]] name = "sp-weights" version = "4.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", diff --git a/teerex/src/benchmarking.rs b/teerex/src/benchmarking.rs index 5cdbf206..23937c39 100644 --- a/teerex/src/benchmarking.rs +++ b/teerex/src/benchmarking.rs @@ -22,6 +22,7 @@ use super::*; use crate::{ + mock::{MaxSilenceTime, Timestamp}, test_helpers::{get_test_tcb_info, register_test_quoting_enclave, register_test_tcb_info}, Pallet as Teerex, }; @@ -120,12 +121,13 @@ benchmarks! { // Benchmark `unregister_enclave` enclave with the worst possible conditions: // * enclave exists // * enclave is not the most recently registered enclave - unregister_enclave { + unregister_sovereign_enclave { let enclave_count = 3; let accounts: Vec = generate_accounts::(enclave_count); add_enclaves_to_registry::(&accounts); + Timestamp::set_timestamp(TEST4_TIMESTAMP + ::get() + 1); - }: _(RawOrigin::Signed(accounts[0].clone())) + }: _(RawOrigin::Signed(accounts[0].clone()), accounts[0].clone()) verify { assert!(!crate::SovereignEnclaves::::contains_key(&accounts[0])); } diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index 71d21960..369d4470 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -28,7 +28,7 @@ use sgx_verify::{ deserialize_enclave_identity, deserialize_tcb_info, extract_certs, verify_certificate_chain, }; use sp_core::H256; -use sp_runtime::traits::SaturatedConversion; +use sp_runtime::{traits::SaturatedConversion, Saturating}; use sp_std::{prelude::*, str}; use teerex_primitives::*; @@ -78,7 +78,7 @@ pub mod pallet { type WeightInfo: WeightInfo; - /// If a worker does not re-register within `MaxSilenceTime`, it will be unregistered. + /// If a worker does not re-register within `MaxSilenceTime`, it can be unregistered by anyone. #[pallet::constant] type MaxSilenceTime: Get; } @@ -291,12 +291,21 @@ pub mod pallet { #[pallet::call_index(1)] #[pallet::weight((::WeightInfo::unregister_enclave(), DispatchClass::Normal, Pays::Yes))] - pub fn unregister_enclave(origin: OriginFor) -> DispatchResultWithPostInfo { - log::info!("teerex: called into runtime call unregister_enclave()"); + pub fn unregister_sovereign_enclave( + origin: OriginFor, + enclave_signer: T::AccountId, + ) -> DispatchResultWithPostInfo { + log::info!("teerex: called into runtime call unregister_sovereign_enclave()"); let sender = ensure_signed(origin)?; - - Self::remove_enclave(&sender)?; - Self::deposit_event(Event::RemovedEnclave(sender)); + let enclave = Self::sovereign_enclaves(&enclave_signer) + .ok_or(>::EnclaveIsNotRegistered)?; + let now = >::get(); + let oldest_acceptable_attestation_time = + now.saturating_sub(T::MaxSilenceTime::get()).saturated_into::(); + if enclave.attestation_timestamp() < oldest_acceptable_attestation_time { + >::remove(&enclave_signer); + } + Self::deposit_event(Event::RemovedEnclave(enclave_signer)); Ok(().into()) } @@ -517,12 +526,6 @@ impl Pallet { Ok(().into()) } - fn remove_enclave(sender: &T::AccountId) -> DispatchResultWithPostInfo { - ensure!(>::contains_key(sender), >::EnclaveIsNotRegistered); - >::remove(sender); - Ok(().into()) - } - /// Check if the sender is a registered enclave pub fn ensure_registered_enclave( account: &T::AccountId, diff --git a/teerex/src/tests/test_cases.rs b/teerex/src/tests/test_cases.rs index 8fe7a1fd..c48ff7c1 100644 --- a/teerex/src/tests/test_cases.rs +++ b/teerex/src/tests/test_cases.rs @@ -52,7 +52,7 @@ fn add_and_remove_dcap_enclave_works() { let alice = AccountKeyring::Alice.to_account_id(); register_test_quoting_enclave::(alice.clone()); - register_test_tcb_info::(alice); + register_test_tcb_info::(alice.clone()); let signer = get_signer(&TEST1_DCAP_QUOTE_SIGNER); assert_ok!(Teerex::register_sgx_enclave( @@ -66,7 +66,11 @@ fn add_and_remove_dcap_enclave_works() { Teerex::sovereign_enclaves(&signer).unwrap().attestation_timestamp(), TEST_VALID_COLLATERAL_TIMESTAMP ); - assert_ok!(Teerex::unregister_enclave(RuntimeOrigin::signed(signer.clone()))); + Timestamp::set_timestamp(TEST_VALID_COLLATERAL_TIMESTAMP + ::get() + 1); + assert_ok!(Teerex::unregister_sovereign_enclave( + RuntimeOrigin::signed(alice.clone()), + signer.clone() + )); assert!(!>::contains_key(&signer)); assert_eq!(list_enclaves(), vec![]) }) @@ -129,6 +133,7 @@ fn add_enclave_works() { fn add_and_remove_enclave_works() { new_test_ext().execute_with(|| { Timestamp::set_timestamp(TEST4_TIMESTAMP); + let alice = AccountKeyring::Alice.to_account_id(); let signer = get_signer(TEST4_SIGNER_PUB); assert_ok!(Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer.clone()), @@ -137,7 +142,11 @@ fn add_and_remove_enclave_works() { SgxAttestationMethod::Ias )); assert!(>::contains_key(&signer)); - assert_ok!(Teerex::unregister_enclave(RuntimeOrigin::signed(signer.clone()))); + Timestamp::set_timestamp(TEST4_TIMESTAMP + ::get() + 1); + assert_ok!(Teerex::unregister_sovereign_enclave( + RuntimeOrigin::signed(alice.clone()), + signer.clone() + )); assert!(!>::contains_key(&signer)); assert_eq!(list_enclaves(), vec![]) }) From dc352119d2e370ca94106b733f796e1912c583a0 Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 14:04:55 +0200 Subject: [PATCH 15/24] add test for lazy unregister fail --- Cargo.lock | 80 +++++++++++++++++----------------- teerex/src/lib.rs | 4 ++ teerex/src/tests/test_cases.rs | 30 +++++++++++++ 3 files changed, 74 insertions(+), 40 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 2c777e92..9b358650 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -969,7 +969,7 @@ dependencies = [ [[package]] name = "frame-benchmarking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "frame-support-procedural", @@ -1006,7 +1006,7 @@ dependencies = [ [[package]] name = "frame-support" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bitflags", "environmental", @@ -1039,7 +1039,7 @@ dependencies = [ [[package]] name = "frame-support-procedural" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "cfg-expr", @@ -1055,7 +1055,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support-procedural-tools-derive", "proc-macro-crate", @@ -1067,7 +1067,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools-derive" version = "3.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -1077,7 +1077,7 @@ dependencies = [ [[package]] name = "frame-system" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "log", @@ -2090,7 +2090,7 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "pallet-balances" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2227,7 +2227,7 @@ dependencies = [ [[package]] name = "pallet-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2245,7 +2245,7 @@ dependencies = [ [[package]] name = "pallet-vesting" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -3334,7 +3334,7 @@ dependencies = [ [[package]] name = "sp-api" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3354,7 +3354,7 @@ dependencies = [ [[package]] name = "sp-api-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "blake2", @@ -3368,7 +3368,7 @@ dependencies = [ [[package]] name = "sp-application-crypto" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3381,7 +3381,7 @@ dependencies = [ [[package]] name = "sp-arithmetic" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "integer-sqrt", "num-traits", @@ -3395,7 +3395,7 @@ dependencies = [ [[package]] name = "sp-authority-discovery" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3408,7 +3408,7 @@ dependencies = [ [[package]] name = "sp-consensus-slots" version = "0.10.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3420,7 +3420,7 @@ dependencies = [ [[package]] name = "sp-core" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "array-bytes", "bitflags", @@ -3464,7 +3464,7 @@ dependencies = [ [[package]] name = "sp-core-hashing" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "blake2b_simd", "byteorder", @@ -3493,7 +3493,7 @@ dependencies = [ [[package]] name = "sp-core-hashing-proc-macro" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3504,7 +3504,7 @@ dependencies = [ [[package]] name = "sp-debug-derive" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3514,7 +3514,7 @@ dependencies = [ [[package]] name = "sp-externalities" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "environmental", "parity-scale-codec", @@ -3525,7 +3525,7 @@ dependencies = [ [[package]] name = "sp-inherents" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "impl-trait-for-tuples", @@ -3540,7 +3540,7 @@ dependencies = [ [[package]] name = "sp-io" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "ed25519", @@ -3566,7 +3566,7 @@ dependencies = [ [[package]] name = "sp-keyring" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "lazy_static", "sp-core", @@ -3577,7 +3577,7 @@ dependencies = [ [[package]] name = "sp-keystore" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "futures", "parity-scale-codec", @@ -3591,7 +3591,7 @@ dependencies = [ [[package]] name = "sp-metadata-ir" version = "0.1.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-metadata", "parity-scale-codec", @@ -3602,7 +3602,7 @@ dependencies = [ [[package]] name = "sp-panic-handler" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "backtrace", "lazy_static", @@ -3612,7 +3612,7 @@ dependencies = [ [[package]] name = "sp-runtime" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "either", "hash256-std-hasher", @@ -3634,7 +3634,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "impl-trait-for-tuples", @@ -3652,7 +3652,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface-proc-macro" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "proc-macro-crate", @@ -3664,7 +3664,7 @@ dependencies = [ [[package]] name = "sp-staking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3677,7 +3677,7 @@ dependencies = [ [[package]] name = "sp-state-machine" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3697,7 +3697,7 @@ dependencies = [ [[package]] name = "sp-std" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" [[package]] name = "sp-std" @@ -3708,7 +3708,7 @@ checksum = "1de8eef39962b5b97478719c493bed2926cf70cb621005bbf68ebe58252ff986" [[package]] name = "sp-storage" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3721,7 +3721,7 @@ dependencies = [ [[package]] name = "sp-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "futures-timer", @@ -3736,7 +3736,7 @@ dependencies = [ [[package]] name = "sp-tracing" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "sp-std 5.0.0", @@ -3748,7 +3748,7 @@ dependencies = [ [[package]] name = "sp-trie" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "ahash 0.8.3", "hash-db", @@ -3771,7 +3771,7 @@ dependencies = [ [[package]] name = "sp-version" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3788,7 +3788,7 @@ dependencies = [ [[package]] name = "sp-version-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "proc-macro2", @@ -3799,7 +3799,7 @@ dependencies = [ [[package]] name = "sp-wasm-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "anyhow", "impl-trait-for-tuples", @@ -3813,7 +3813,7 @@ dependencies = [ [[package]] name = "sp-weights" version = "4.0.0" -source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index 369d4470..0d148f85 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -304,6 +304,8 @@ pub mod pallet { now.saturating_sub(T::MaxSilenceTime::get()).saturated_into::(); if enclave.attestation_timestamp() < oldest_acceptable_attestation_time { >::remove(&enclave_signer); + } else { + return Err(>::UnregisteringActiveEnclaveNotAllowed.into()) } Self::deposit_event(Event::RemovedEnclave(enclave_signer)); Ok(().into()) @@ -509,6 +511,8 @@ pub mod pallet { TooManyTopics, /// The length of the `data` passed to `publish_hash` exceeds the limit. DataTooLong, + /// It is not allowed to unregister enclaves with recent activity + UnregisteringActiveEnclaveNotAllowed, } } diff --git a/teerex/src/tests/test_cases.rs b/teerex/src/tests/test_cases.rs index c48ff7c1..f378f562 100644 --- a/teerex/src/tests/test_cases.rs +++ b/teerex/src/tests/test_cases.rs @@ -76,6 +76,36 @@ fn add_and_remove_dcap_enclave_works() { }) } +#[test] +fn unregister_active_enclave_fails() { + new_test_ext().execute_with(|| { + Timestamp::set_timestamp(TEST_VALID_COLLATERAL_TIMESTAMP); + let alice = AccountKeyring::Alice.to_account_id(); + register_test_quoting_enclave::(alice.clone()); + register_test_tcb_info::(alice.clone()); + + let signer = get_signer(&TEST1_DCAP_QUOTE_SIGNER); + assert_ok!(Teerex::register_sgx_enclave( + RuntimeOrigin::signed(signer.clone()), + TEST1_DCAP_QUOTE.to_vec(), + Some(URL.to_vec()), + SgxAttestationMethod::Dcap { proxied: false } + )); + assert!(>::contains_key(&signer)); + + Timestamp::set_timestamp(TEST_VALID_COLLATERAL_TIMESTAMP + ::get() / 2 + 1); + + assert_err!( + Teerex::unregister_sovereign_enclave( + RuntimeOrigin::signed(alice.clone()), + signer.clone() + ), + Error::::UnregisteringActiveEnclaveNotAllowed + ); + assert!(>::contains_key(&signer)); + }) +} + #[test] fn register_quoting_enclave_works() { new_test_ext().execute_with(|| { From 940cf3b7b6bf5b28367d774b32a65f955e11ec94 Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 14:20:59 +0200 Subject: [PATCH 16/24] review changes and renamings --- primitives/teerex/Cargo.toml | 1 + sidechain/src/lib.rs | 4 ++-- sidechain/src/tests.rs | 2 +- teerex/src/lib.rs | 26 ++++++++++++++------------ teerex/src/tests/test_cases.rs | 1 + 5 files changed, 19 insertions(+), 15 deletions(-) diff --git a/primitives/teerex/Cargo.toml b/primitives/teerex/Cargo.toml index a1d55a8d..b3105c82 100644 --- a/primitives/teerex/Cargo.toml +++ b/primitives/teerex/Cargo.toml @@ -32,5 +32,6 @@ std = [ # substrate "sp-core/std", "sp-io/std", + "sp-runtime/std", "sp-std/std", ] diff --git a/sidechain/src/lib.rs b/sidechain/src/lib.rs index 86e95c62..63ba884b 100644 --- a/sidechain/src/lib.rs +++ b/sidechain/src/lib.rs @@ -90,9 +90,9 @@ pub mod pallet { .ok_or(pallet_teerex::Error::::EnclaveIsNotRegistered)?; ensure!( enclave.fingerprint().encode() == shard_id.encode(), - pallet_teerex::Error::::WrongMrenclaveForShard + pallet_teerex::Error::::WrongFingerprintForShard ); - let shard_status = Teerex::::poke_shard(enclave.fingerprint(), &sender)?; + let shard_status = Teerex::::touch_shard(enclave.fingerprint(), &sender)?; // TODO: Simple logic for now: only accept blocks from first registered enclave. if sender != shard_status[0].signer { diff --git a/sidechain/src/tests.rs b/sidechain/src/tests.rs index 21ce7765..879d615c 100644 --- a/sidechain/src/tests.rs +++ b/sidechain/src/tests.rs @@ -98,7 +98,7 @@ fn confirm_imported_sidechain_block_from_shard_neq_mrenclave_errs() { block_number, hash ), - pallet_teerex::Error::::WrongMrenclaveForShard + pallet_teerex::Error::::WrongFingerprintForShard ); }) } diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index 0d148f85..e4dbb0c1 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -189,6 +189,9 @@ pub mod pallet { let report = sgx_verify::verify_ias_report(&proof) .map_err(|_| >::RemoteAttestationVerificationFailed)?; log::info!("teerex: IAS report successfully verified"); + + Self::ensure_timestamp_within_24_hours(report.timestamp)?; + let enclave = SgxEnclave::new( report.report_data, report.mr_enclave, @@ -210,7 +213,6 @@ pub mod pallet { // "RA status is insufficient"); // log::info!("teerex: status is acceptable"); - Self::ensure_timestamp_within_24_hours(report.timestamp)?; enclave }, SgxAttestationMethod::Dcap { proxied } => { @@ -278,7 +280,7 @@ pub mod pallet { }; Self::add_enclave(&sender, &MultiEnclave::from(enclave.clone()))?; - Self::poke_shard(enclave.mr_enclave.into(), &sender)?; + Self::touch_shard(enclave.mr_enclave.into(), &sender)?; Self::deposit_event(Event::AddedEnclave { registered_by: sender, @@ -332,7 +334,7 @@ pub mod pallet { let sender = ensure_signed(origin)?; let enclave = >::get(&sender).ok_or(>::EnclaveIsNotRegistered)?; - Self::poke_shard(enclave.fingerprint(), &sender)?; + Self::touch_shard(enclave.fingerprint(), &sender)?; log::debug!( "Processed parentchain block confirmed for mrenclave {:?}, block hash {:?}", @@ -383,7 +385,7 @@ pub mod pallet { let sender = ensure_signed(origin)?; let sender_enclave = >::get(&sender).ok_or(>::EnclaveIsNotRegistered)?; - Self::poke_shard(sender_enclave.fingerprint(), &sender)?; + Self::touch_shard(sender_enclave.fingerprint(), &sender)?; ensure!( sender_enclave.fingerprint().encode() == bonding_account.encode(), @@ -465,7 +467,7 @@ pub mod pallet { let sender = ensure_signed(origin)?; let enclave = >::get(&sender).ok_or(>::EnclaveIsNotRegistered)?; - Self::poke_shard(enclave.fingerprint(), &sender)?; + Self::touch_shard(enclave.fingerprint(), &sender)?; ensure!(extra_topics.len() <= TOPICS_LIMIT, >::TooManyTopics); ensure!(data.len() <= DATA_LENGTH_LIMIT, >::DataTooLong); @@ -498,10 +500,10 @@ pub mod pallet { /// The bonding account doesn't match the enclave. WrongMrenclaveForBondingAccount, /// The shard doesn't match the enclave. - WrongMrenclaveForShard, + WrongFingerprintForShard, /// The worker url is too long. EnclaveUrlTooLong, - /// The Remote Attestation report is too long. + /// The Remote Attestation proof is too long. RaProofTooLong, /// No enclave is registered. EmptyEnclaveRegistry, @@ -602,7 +604,7 @@ impl Pallet { } } - pub fn poke_shard( + pub fn touch_shard( shard: ShardIdentifier, enclave_signer: &T::AccountId, ) -> Result, DispatchErrorWithPostInfo> { @@ -611,7 +613,7 @@ impl Pallet { let current_block_number = >::block_number(); - let fresh_status = ShardSignerStatus { + let new_status = ShardSignerStatus { signer: enclave_signer.clone(), fingerprint: enclave.fingerprint(), last_activity: current_block_number, @@ -619,13 +621,13 @@ impl Pallet { let signer_statuses = if let Some(mut status_vec) = >::get(shard) { if let Some(index) = status_vec.iter().position(|i| i.signer == *enclave_signer) { - status_vec[index] = fresh_status; + status_vec[index] = new_status; } else { - status_vec.push(fresh_status) + status_vec.push(new_status) } status_vec } else { - vec![fresh_status] + vec![new_status] }; >::insert(shard, signer_statuses.clone()); Ok(signer_statuses) diff --git a/teerex/src/tests/test_cases.rs b/teerex/src/tests/test_cases.rs index f378f562..5020d48e 100644 --- a/teerex/src/tests/test_cases.rs +++ b/teerex/src/tests/test_cases.rs @@ -229,6 +229,7 @@ fn list_enclaves_works() { fn register_ias_enclave_with_different_signer_fails() { new_test_ext().execute_with(|| { let signer = get_signer(TEST7_SIGNER_PUB); + Timestamp::set_timestamp(TEST7_TIMESTAMP); assert_err!( Teerex::register_sgx_enclave( RuntimeOrigin::signed(signer), From a502472daf644a754857803560db1d3867878eae Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 14:29:47 +0200 Subject: [PATCH 17/24] simplify with derive-more --- Cargo.lock | 1 + primitives/teerex/Cargo.toml | 1 + primitives/teerex/src/lib.rs | 30 ++++-------------------------- 3 files changed, 6 insertions(+), 26 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 9b358650..7e848f4f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4056,6 +4056,7 @@ name = "teerex-primitives" version = "0.1.0" dependencies = [ "common-primitives", + "derive_more", "hex-literal 0.3.4", "parity-scale-codec", "scale-info", diff --git a/primitives/teerex/Cargo.toml b/primitives/teerex/Cargo.toml index b3105c82..94b941f9 100644 --- a/primitives/teerex/Cargo.toml +++ b/primitives/teerex/Cargo.toml @@ -10,6 +10,7 @@ edition = "2021" [dependencies] codec = { version = "3.0.0", default-features = false, features = ["derive"], package = "parity-scale-codec" } common-primitives = { path = "../common", default-features = false } +derive_more = "0.99.16" scale-info = { version = "2.0.1", default-features = false, features = ["derive"] } serde = { version = "1.0.13", default-features = false } diff --git a/primitives/teerex/src/lib.rs b/primitives/teerex/src/lib.rs index be14942e..f9ae32a0 100644 --- a/primitives/teerex/src/lib.rs +++ b/primitives/teerex/src/lib.rs @@ -17,7 +17,9 @@ //!Primitives for teerex #![cfg_attr(not(feature = "std"), no_std)] +extern crate derive_more; use codec::{Decode, Encode}; +use derive_more::From; use scale_info::TypeInfo; use sp_core::{bounded_vec::BoundedVec, ConstU32, H256}; use sp_runtime::MultiSigner; @@ -96,41 +98,17 @@ pub enum SgxStatus { pub type OpaqueSigner = BoundedVec>; pub type EnclaveFingerprint = H256; -#[derive(Encode, Decode, Clone, PartialEq, Eq, sp_core::RuntimeDebug, TypeInfo)] +#[derive(Encode, Decode, Clone, PartialEq, Eq, From, sp_core::RuntimeDebug, TypeInfo)] pub enum AnySigner { Opaque(OpaqueSigner), Known(MultiSigner), } -impl From for AnySigner { - fn from(signer: MultiSigner) -> Self { - AnySigner::Known(signer) - } -} - -impl From for AnySigner { - fn from(signer: sp_core::ed25519::Public) -> Self { - AnySigner::Known(MultiSigner::from(signer)) - } -} - -impl From for AnySigner { - fn from(signer_bytes: OpaqueSigner) -> Self { - AnySigner::Opaque(signer_bytes) - } -} - -#[derive(Encode, Decode, Copy, Clone, PartialEq, Eq, sp_core::RuntimeDebug, TypeInfo)] +#[derive(Encode, Decode, Copy, Clone, PartialEq, From, Eq, sp_core::RuntimeDebug, TypeInfo)] pub enum MultiEnclave { Sgx(SgxEnclave), } -impl From> for MultiEnclave { - fn from(sgx_enclave: SgxEnclave) -> Self { - MultiEnclave::Sgx(sgx_enclave) - } -} - impl MultiEnclave { pub fn author(self) -> AnySigner { match self { From fe9b003aed79021721e2155aaf5a01d1ae4dfbe7 Mon Sep 17 00:00:00 2001 From: brenzi Date: Sat, 8 Jul 2023 14:31:05 +0200 Subject: [PATCH 18/24] Update teerex/src/lib.rs Co-authored-by: clangenb <37865735+clangenb@users.noreply.github.com> --- teerex/src/lib.rs | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index e4dbb0c1..361a9820 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -636,12 +636,10 @@ impl Pallet { pub fn most_recent_shard_update( shard: &ShardIdentifier, ) -> Option> { - if let Some(mut statuses) = >::get(shard) { + >::get(shard).map(|statuses| { statuses.sort_by_key(|a| a.last_activity); statuses.last().cloned() - } else { - None - } + }) } } From 870d23113994113479eb9bdbf0ae0c0f7c4e3294 Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 14:52:26 +0200 Subject: [PATCH 19/24] some style fixes --- teerex/src/lib.rs | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index 361a9820..87b63dfd 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -619,16 +619,17 @@ impl Pallet { last_activity: current_block_number, }; - let signer_statuses = if let Some(mut status_vec) = >::get(shard) { - if let Some(index) = status_vec.iter().position(|i| i.signer == *enclave_signer) { - status_vec[index] = new_status; - } else { - status_vec.push(new_status) - } - status_vec - } else { - vec![new_status] - }; + let signer_statuses = >::get(shard) + .map(|mut status_vec| { + if let Some(index) = status_vec.iter().position(|i| &i.signer == enclave_signer) { + status_vec[index] = new_status.clone(); + } else { + status_vec.push(new_status.clone()); + } + status_vec + }) + .unwrap_or_else(|| vec![new_status]); + >::insert(shard, signer_statuses.clone()); Ok(signer_statuses) } @@ -636,10 +637,12 @@ impl Pallet { pub fn most_recent_shard_update( shard: &ShardIdentifier, ) -> Option> { - >::get(shard).map(|statuses| { - statuses.sort_by_key(|a| a.last_activity); - statuses.last().cloned() - }) + >::get(shard) + .map(|mut statuses| { + statuses.sort_by_key(|a| a.last_activity); + statuses.last().cloned() + }) + .unwrap_or_default() } } From 409cc38cb80f2043c3fb248808366ee76d0a5a4c Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 14:58:23 +0200 Subject: [PATCH 20/24] clippy --- teerex/src/lib.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index 87b63dfd..7b99d873 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -298,10 +298,10 @@ pub mod pallet { enclave_signer: T::AccountId, ) -> DispatchResultWithPostInfo { log::info!("teerex: called into runtime call unregister_sovereign_enclave()"); - let sender = ensure_signed(origin)?; + ensure_signed(origin)?; let enclave = Self::sovereign_enclaves(&enclave_signer) .ok_or(>::EnclaveIsNotRegistered)?; - let now = >::get(); + let now = >::get(); let oldest_acceptable_attestation_time = now.saturating_sub(T::MaxSilenceTime::get()).saturated_into::(); if enclave.attestation_timestamp() < oldest_acceptable_attestation_time { From 97afbd565e0dcfc38c5cf3614f4c3063835589ac Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 15:11:30 +0200 Subject: [PATCH 21/24] cleanup --- sidechain/src/benchmarking.rs | 1 - sidechain/src/lib.rs | 2 -- teerex/src/benchmarking.rs | 2 +- teerex/src/lib.rs | 8 ++++---- teerex/src/tests/test_cases.rs | 6 ++---- 5 files changed, 7 insertions(+), 12 deletions(-) diff --git a/sidechain/src/benchmarking.rs b/sidechain/src/benchmarking.rs index 1d55be9f..2677f722 100644 --- a/sidechain/src/benchmarking.rs +++ b/sidechain/src/benchmarking.rs @@ -21,7 +21,6 @@ use super::*; -use crate::Pallet as Sidechain; use frame_benchmarking::{account, benchmarks}; use frame_system::RawOrigin; use test_utils::test_data::ias::*; diff --git a/sidechain/src/lib.rs b/sidechain/src/lib.rs index 63ba884b..de3de263 100644 --- a/sidechain/src/lib.rs +++ b/sidechain/src/lib.rs @@ -132,8 +132,6 @@ pub mod pallet { ReceivedUnexpectedSidechainBlock, /// The value for the next finalization candidate is invalid. InvalidNextFinalizationCandidateBlockNumber, - /// A Shard has not been properly initialized - ShardNotInitialized, } } diff --git a/teerex/src/benchmarking.rs b/teerex/src/benchmarking.rs index 23937c39..6c3876c0 100644 --- a/teerex/src/benchmarking.rs +++ b/teerex/src/benchmarking.rs @@ -23,7 +23,7 @@ use super::*; use crate::{ mock::{MaxSilenceTime, Timestamp}, - test_helpers::{get_test_tcb_info, register_test_quoting_enclave, register_test_tcb_info}, + test_helpers::{get_test_tcb_info, register_test_quoting_enclave}, Pallet as Teerex, }; use frame_benchmarking::{account, benchmarks}; diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index 7b99d873..bbf2be2c 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -38,7 +38,7 @@ use teerex_primitives::{SgxBuildMode, SgxStatus}; // Disambiguate associated types pub type AccountId = ::AccountId; pub type BalanceOf = <::Currency as Currency>>::Balance; -pub type ShardSignerStatuses = Vec< +pub type ShardSignerStatusVec = Vec< ShardSignerStatus< ::AccountId, ::BlockNumber, @@ -307,7 +307,7 @@ pub mod pallet { if enclave.attestation_timestamp() < oldest_acceptable_attestation_time { >::remove(&enclave_signer); } else { - return Err(>::UnregisteringActiveEnclaveNotAllowed.into()) + return Err(>::UnregisterActiveEnclaveNotAllowed.into()) } Self::deposit_event(Event::RemovedEnclave(enclave_signer)); Ok(().into()) @@ -514,7 +514,7 @@ pub mod pallet { /// The length of the `data` passed to `publish_hash` exceeds the limit. DataTooLong, /// It is not allowed to unregister enclaves with recent activity - UnregisteringActiveEnclaveNotAllowed, + UnregisterActiveEnclaveNotAllowed, } } @@ -607,7 +607,7 @@ impl Pallet { pub fn touch_shard( shard: ShardIdentifier, enclave_signer: &T::AccountId, - ) -> Result, DispatchErrorWithPostInfo> { + ) -> Result, DispatchErrorWithPostInfo> { let enclave = Self::sovereign_enclaves(enclave_signer.clone()) .ok_or(>::EnclaveIsNotRegistered)?; diff --git a/teerex/src/tests/test_cases.rs b/teerex/src/tests/test_cases.rs index 5020d48e..39eb0d68 100644 --- a/teerex/src/tests/test_cases.rs +++ b/teerex/src/tests/test_cases.rs @@ -21,15 +21,13 @@ use crate::{ Error, Event as TeerexEvent, ExecutedCalls, Request, SgxEnclave, ShardIdentifier, SovereignEnclaves, DATA_LENGTH_LIMIT, }; -use codec::Encode; use frame_support::{assert_err, assert_ok}; use hex_literal::hex; use sgx_verify::test_data::dcap::TEST1_DCAP_QUOTE_SIGNER; use sp_core::H256; use sp_keyring::AccountKeyring; -use sp_runtime::{MultiSignature, MultiSigner}; use teerex_primitives::{ - AnySigner, MultiEnclave, SgxAttestationMethod, SgxBuildMode, SgxReportData, SgxStatus, + MultiEnclave, SgxAttestationMethod, SgxBuildMode, SgxReportData, SgxStatus, }; use test_utils::test_data::{ consts::*, @@ -100,7 +98,7 @@ fn unregister_active_enclave_fails() { RuntimeOrigin::signed(alice.clone()), signer.clone() ), - Error::::UnregisteringActiveEnclaveNotAllowed + Error::::UnregisterActiveEnclaveNotAllowed ); assert!(>::contains_key(&signer)); }) From 585f1fb4851c03663c4893b72cc98383cc51584a Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Sat, 8 Jul 2023 15:36:49 +0200 Subject: [PATCH 22/24] fix benchamrks tests and remove skip-ias from CI jobs --- .github/workflows/ci.yml | 2 -- teerex/src/benchmarking.rs | 5 +++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 867e5112..cb12eb46 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -33,11 +33,9 @@ jobs: matrix: os: [ ubuntu-latest ] check: [ cargo build --release, - cargo build --release --features skip-ias-check, cargo build --release --features dot, cargo build --release --features ksm, cargo test --all --features runtime-benchmarks, - cargo test --all --features skip-ias-check, cargo test --all --features dot, cargo test --all --features ksm, cargo fmt --all -- --check, diff --git a/teerex/src/benchmarking.rs b/teerex/src/benchmarking.rs index 6c3876c0..13983d24 100644 --- a/teerex/src/benchmarking.rs +++ b/teerex/src/benchmarking.rs @@ -22,7 +22,6 @@ use super::*; use crate::{ - mock::{MaxSilenceTime, Timestamp}, test_helpers::{get_test_tcb_info, register_test_quoting_enclave}, Pallet as Teerex, }; @@ -35,6 +34,8 @@ use test_utils::{ test_data::{consts::*, dcap::*, ias::*}, }; +const MAX_SILENCE_TIME: u64 = 172_800_000; // 48h + fn ensure_not_skipping_ra_check() { #[cfg(not(test))] if cfg!(feature = "skip-ias-check") { @@ -125,7 +126,7 @@ benchmarks! { let enclave_count = 3; let accounts: Vec = generate_accounts::(enclave_count); add_enclaves_to_registry::(&accounts); - Timestamp::set_timestamp(TEST4_TIMESTAMP + ::get() + 1); + timestamp::Pallet::::set_timestamp((TEST4_TIMESTAMP + MAX_SILENCE_TIME + 1).checked_into().unwrap()); }: _(RawOrigin::Signed(accounts[0].clone()), accounts[0].clone()) verify { From 9ad5c73edcf841a925c32f7ae30441f94869443a Mon Sep 17 00:00:00 2001 From: brenzi Date: Mon, 10 Jul 2023 11:20:34 +0200 Subject: [PATCH 23/24] Update teerex/src/lib.rs Co-authored-by: clangenb <37865735+clangenb@users.noreply.github.com> --- teerex/src/lib.rs | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index bbf2be2c..76dfa7c5 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -178,10 +178,9 @@ pub mod pallet { log::info!("teerex: called into runtime call register_sgx_enclave()"); let sender = ensure_signed(origin)?; ensure!(proof.len() <= SGX_RA_PROOF_MAX_LEN, >::RaProofTooLong); - ensure!( - worker_url.clone().unwrap_or_default().len() <= MAX_URL_LEN, - >::EnclaveUrlTooLong - ); +if let Some(url) = worker_url { + ensure!(url.len() <= MAX_URL_LEN, >::EnclaveUrlTooLong); +} log::info!("teerex: parameter length ok"); let enclave = match attestation_method { From a6b0cff1569758bf2b784b81160d6b68be53c96e Mon Sep 17 00:00:00 2001 From: Alain Brenzikofer Date: Mon, 10 Jul 2023 11:23:29 +0200 Subject: [PATCH 24/24] fix the fix --- Cargo.lock | 80 +++++++++++++++++++++++------------------------ teerex/src/lib.rs | 6 ++-- 2 files changed, 43 insertions(+), 43 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 7e848f4f..f67a5378 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -969,7 +969,7 @@ dependencies = [ [[package]] name = "frame-benchmarking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "frame-support-procedural", @@ -1006,7 +1006,7 @@ dependencies = [ [[package]] name = "frame-support" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bitflags", "environmental", @@ -1039,7 +1039,7 @@ dependencies = [ [[package]] name = "frame-support-procedural" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "cfg-expr", @@ -1055,7 +1055,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support-procedural-tools-derive", "proc-macro-crate", @@ -1067,7 +1067,7 @@ dependencies = [ [[package]] name = "frame-support-procedural-tools-derive" version = "3.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -1077,7 +1077,7 @@ dependencies = [ [[package]] name = "frame-system" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-support", "log", @@ -2090,7 +2090,7 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "pallet-balances" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2227,7 +2227,7 @@ dependencies = [ [[package]] name = "pallet-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -2245,7 +2245,7 @@ dependencies = [ [[package]] name = "pallet-vesting" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-benchmarking", "frame-support", @@ -3334,7 +3334,7 @@ dependencies = [ [[package]] name = "sp-api" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3354,7 +3354,7 @@ dependencies = [ [[package]] name = "sp-api-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "blake2", @@ -3368,7 +3368,7 @@ dependencies = [ [[package]] name = "sp-application-crypto" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3381,7 +3381,7 @@ dependencies = [ [[package]] name = "sp-arithmetic" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "integer-sqrt", "num-traits", @@ -3395,7 +3395,7 @@ dependencies = [ [[package]] name = "sp-authority-discovery" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3408,7 +3408,7 @@ dependencies = [ [[package]] name = "sp-consensus-slots" version = "0.10.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3420,7 +3420,7 @@ dependencies = [ [[package]] name = "sp-core" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "array-bytes", "bitflags", @@ -3464,7 +3464,7 @@ dependencies = [ [[package]] name = "sp-core-hashing" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "blake2b_simd", "byteorder", @@ -3493,7 +3493,7 @@ dependencies = [ [[package]] name = "sp-core-hashing-proc-macro" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3504,7 +3504,7 @@ dependencies = [ [[package]] name = "sp-debug-derive" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "proc-macro2", "quote", @@ -3514,7 +3514,7 @@ dependencies = [ [[package]] name = "sp-externalities" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "environmental", "parity-scale-codec", @@ -3525,7 +3525,7 @@ dependencies = [ [[package]] name = "sp-inherents" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "impl-trait-for-tuples", @@ -3540,7 +3540,7 @@ dependencies = [ [[package]] name = "sp-io" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "ed25519", @@ -3566,7 +3566,7 @@ dependencies = [ [[package]] name = "sp-keyring" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "lazy_static", "sp-core", @@ -3577,7 +3577,7 @@ dependencies = [ [[package]] name = "sp-keystore" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "futures", "parity-scale-codec", @@ -3591,7 +3591,7 @@ dependencies = [ [[package]] name = "sp-metadata-ir" version = "0.1.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "frame-metadata", "parity-scale-codec", @@ -3602,7 +3602,7 @@ dependencies = [ [[package]] name = "sp-panic-handler" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "backtrace", "lazy_static", @@ -3612,7 +3612,7 @@ dependencies = [ [[package]] name = "sp-runtime" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "either", "hash256-std-hasher", @@ -3634,7 +3634,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "bytes", "impl-trait-for-tuples", @@ -3652,7 +3652,7 @@ dependencies = [ [[package]] name = "sp-runtime-interface-proc-macro" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "Inflector", "proc-macro-crate", @@ -3664,7 +3664,7 @@ dependencies = [ [[package]] name = "sp-staking" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", @@ -3677,7 +3677,7 @@ dependencies = [ [[package]] name = "sp-state-machine" version = "0.13.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "hash-db", "log", @@ -3697,7 +3697,7 @@ dependencies = [ [[package]] name = "sp-std" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" [[package]] name = "sp-std" @@ -3708,7 +3708,7 @@ checksum = "1de8eef39962b5b97478719c493bed2926cf70cb621005bbf68ebe58252ff986" [[package]] name = "sp-storage" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3721,7 +3721,7 @@ dependencies = [ [[package]] name = "sp-timestamp" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "async-trait", "futures-timer", @@ -3736,7 +3736,7 @@ dependencies = [ [[package]] name = "sp-tracing" version = "6.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "sp-std 5.0.0", @@ -3748,7 +3748,7 @@ dependencies = [ [[package]] name = "sp-trie" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "ahash 0.8.3", "hash-db", @@ -3771,7 +3771,7 @@ dependencies = [ [[package]] name = "sp-version" version = "5.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "impl-serde", "parity-scale-codec", @@ -3788,7 +3788,7 @@ dependencies = [ [[package]] name = "sp-version-proc-macro" version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "proc-macro2", @@ -3799,7 +3799,7 @@ dependencies = [ [[package]] name = "sp-wasm-interface" version = "7.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "anyhow", "impl-trait-for-tuples", @@ -3813,7 +3813,7 @@ dependencies = [ [[package]] name = "sp-weights" version = "4.0.0" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" +source = "git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42#569aae5341ea0c1d10426fa1ec13a36c0b64393b" dependencies = [ "parity-scale-codec", "scale-info", diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs index 76dfa7c5..cc9ab4f3 100644 --- a/teerex/src/lib.rs +++ b/teerex/src/lib.rs @@ -178,9 +178,9 @@ pub mod pallet { log::info!("teerex: called into runtime call register_sgx_enclave()"); let sender = ensure_signed(origin)?; ensure!(proof.len() <= SGX_RA_PROOF_MAX_LEN, >::RaProofTooLong); -if let Some(url) = worker_url { - ensure!(url.len() <= MAX_URL_LEN, >::EnclaveUrlTooLong); -} + if let Some(ref url) = worker_url { + ensure!(url.len() <= MAX_URL_LEN, >::EnclaveUrlTooLong); + } log::info!("teerex: parameter length ok"); let enclave = match attestation_method {