make rococo relaychain work as shielding target (#1546)

* add rococo-runtime as target-a * cleanup * bump pallets to get multi-instance parentchain pallet * support all parentchain instances * fix lockfile with downgrades * only create shard vault on one parentchain, based on --shielding-target * implemented setting shard_vault in stf pallet_parentchain. trouble with type argument * trouble solved * ensure write once for shard vault * shard vault management with parentchain pallets completed * clippy * ensure shielding only happens from single assigned parentchain * clippy * reduce proxy funding to make it work with rococo relay settings too * make block importer and indirect executor aware of their parentchain_id and avoid sending confirmations to non-integritee parentchains * hardcode STF parentchain to TargetA -> unshielding works * SCV will use StfExecutor from vault target for STF to use * fix enclave tests * fix tests * clippy * dynamic account funding based on api fee estimates * make work if no teerex pallet present (target_a * clippy * review fixes
integritee-network · Jan 10, 2024 · c640ddc · c640ddc
1 parent b85cabb
commit c640ddc
Show file tree

Hide file tree

Showing 52 changed files with 761 additions and 331 deletions.
diff --git a/Cargo.lock b/Cargo.lock
@@ -740,7 +740,7 @@ dependencies = [
 [[package]]
 name = "common-primitives"
 version = "0.1.0"
-source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.6-polkadot-v0.9.42#94aa66fbe63d0d5bc848b9cf8f7a71fa34ef8ce8"
+source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.10-polkadot-v0.9.42#91321c805edc1e94d9ba04a5a6d74d63cf6c59e6"
 dependencies = [
  "derive_more",
  "parity-scale-codec",
@@ -1216,7 +1216,7 @@ dependencies = [
 [[package]]
 name = "enclave-bridge-primitives"
 version = "0.1.0"
-source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.6-polkadot-v0.9.42#94aa66fbe63d0d5bc848b9cf8f7a71fa34ef8ce8"
+source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.10-polkadot-v0.9.42#91321c805edc1e94d9ba04a5a6d74d63cf6c59e6"
 dependencies = [
  "common-primitives",
  "log 0.4.20",
@@ -2581,7 +2581,7 @@ dependencies = [
 
 [[package]]
 name = "integritee-cli"
-version = "0.12.8"
+version = "0.12.10"
 dependencies = [
  "array-bytes 6.1.0",
  "base58",
@@ -2631,7 +2631,7 @@ dependencies = [
 
 [[package]]
 name = "integritee-service"
-version = "0.12.8"
+version = "0.12.10"
 dependencies = [
  "anyhow",
  "async-trait",
@@ -3669,6 +3669,7 @@ dependencies = [
  "itp-utils",
  "pallet-balances",
  "parity-scale-codec",
+ "serde 1.0.193",
  "sp-core",
  "sp-runtime",
  "sp-std",
@@ -5152,8 +5153,8 @@ dependencies = [
 
 [[package]]
 name = "pallet-enclave-bridge"
-version = "0.11.0"
-source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.6-polkadot-v0.9.42#94aa66fbe63d0d5bc848b9cf8f7a71fa34ef8ce8"
+version = "0.12.0"
+source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.10-polkadot-v0.9.42#91321c805edc1e94d9ba04a5a6d74d63cf6c59e6"
 dependencies = [
  "enclave-bridge-primitives",
  "frame-support",
@@ -5211,12 +5212,13 @@ dependencies = [
 
 [[package]]
 name = "pallet-parentchain"
-version = "0.9.0"
-source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.6-polkadot-v0.9.42#94aa66fbe63d0d5bc848b9cf8f7a71fa34ef8ce8"
+version = "0.10.0"
+source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.10-polkadot-v0.9.42#91321c805edc1e94d9ba04a5a6d74d63cf6c59e6"
 dependencies = [
  "frame-support",
  "frame-system",
  "log 0.4.20",
+ "pallet-balances",
  "parity-scale-codec",
  "scale-info",
  "serde 1.0.193",
@@ -5228,8 +5230,8 @@ dependencies = [
 
 [[package]]
 name = "pallet-sidechain"
-version = "0.10.0"
-source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.6-polkadot-v0.9.42#94aa66fbe63d0d5bc848b9cf8f7a71fa34ef8ce8"
+version = "0.11.0"
+source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.10-polkadot-v0.9.42#91321c805edc1e94d9ba04a5a6d74d63cf6c59e6"
 dependencies = [
  "enclave-bridge-primitives",
  "frame-support",
@@ -5266,7 +5268,7 @@ dependencies = [
 [[package]]
 name = "pallet-teeracle"
 version = "0.1.0"
-source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.6-polkadot-v0.9.42#94aa66fbe63d0d5bc848b9cf8f7a71fa34ef8ce8"
+source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.10-polkadot-v0.9.42#91321c805edc1e94d9ba04a5a6d74d63cf6c59e6"
 dependencies = [
  "frame-support",
  "frame-system",
@@ -5286,7 +5288,7 @@ dependencies = [
 [[package]]
 name = "pallet-teerex"
 version = "0.10.0"
-source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.6-polkadot-v0.9.42#94aa66fbe63d0d5bc848b9cf8f7a71fa34ef8ce8"
+source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.10-polkadot-v0.9.42#91321c805edc1e94d9ba04a5a6d74d63cf6c59e6"
 dependencies = [
  "frame-support",
  "frame-system",
@@ -6811,7 +6813,7 @@ dependencies = [
 [[package]]
 name = "sgx-verify"
 version = "0.1.4"
-source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.6-polkadot-v0.9.42#94aa66fbe63d0d5bc848b9cf8f7a71fa34ef8ce8"
+source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.10-polkadot-v0.9.42#91321c805edc1e94d9ba04a5a6d74d63cf6c59e6"
 dependencies = [
  "base64 0.13.1",
  "chrono 0.4.26",
@@ -7086,7 +7088,7 @@ checksum = "43b2853a4d09f215c24cc5489c992ce46052d359b5109343cbafbf26bc62f8a3"
 [[package]]
 name = "sidechain-primitives"
 version = "0.1.0"
-source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.6-polkadot-v0.9.42#94aa66fbe63d0d5bc848b9cf8f7a71fa34ef8ce8"
+source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.10-polkadot-v0.9.42#91321c805edc1e94d9ba04a5a6d74d63cf6c59e6"
 dependencies = [
  "parity-scale-codec",
  "scale-info",
@@ -7971,7 +7973,7 @@ checksum = "1d2faeef5759ab89935255b1a4cd98e0baf99d1085e37d36599c625dac49ae8e"
 [[package]]
 name = "teeracle-primitives"
 version = "0.1.0"
-source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.6-polkadot-v0.9.42#94aa66fbe63d0d5bc848b9cf8f7a71fa34ef8ce8"
+source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.10-polkadot-v0.9.42#91321c805edc1e94d9ba04a5a6d74d63cf6c59e6"
 dependencies = [
  "common-primitives",
  "sp-std",
@@ -7981,7 +7983,7 @@ dependencies = [
 [[package]]
 name = "teerex-primitives"
 version = "0.1.0"
-source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.6-polkadot-v0.9.42#94aa66fbe63d0d5bc848b9cf8f7a71fa34ef8ce8"
+source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.10-polkadot-v0.9.42#91321c805edc1e94d9ba04a5a6d74d63cf6c59e6"
 dependencies = [
  "common-primitives",
  "derive_more",

diff --git a/Cargo.toml b/Cargo.toml
@@ -94,15 +94,16 @@ ring = { git = "https://github.com/betrusted-io/ring-xous", branch = "0.16.20-cl
 #substrate-client-keystore = { path = "../../scs/substrate-api-client/client-keystore" }
 
 #[patch."https://github.com/integritee-network/pallets.git"]
-#pallet-claims = { git = "https://github.com/integritee-network//pallets", branch = "ab/shard-config-upgradability-2" }
-#pallet-enclave-bridge = { git = "https://github.com/integritee-network//pallets", branch = "ab/shard-config-upgradability-2" }
-#pallet-teerex = { git = "https://github.com/integritee-network//pallets", branch = "ab/shard-config-upgradability-2" }
-#pallet-sidechain = { git = "https://github.com/integritee-network//pallets", branch = "ab/shard-config-upgradability-2" }
-#sgx-verify = { git = "https://github.com/integritee-network//pallets", branch = "ab/shard-config-upgradability-2" }
-#pallet-teeracle = { git = "https://github.com/integritee-network//pallets", branch = "ab/shard-config-upgradability-2" }
-#test-utils = { git = "https://github.com/integritee-network//pallets", branch = "ab/shard-config-upgradability-2" }
-#claims-primitives = { git = "https://github.com/integritee-network//pallets", branch = "ab/shard-config-upgradability-2" }
-#enclave-bridge-primitives = { git = "https://github.com/integritee-network//pallets", branch = "ab/shard-config-upgradability-2" }
-#teerex-primitives = { git = "https://github.com/integritee-network//pallets", branch = "ab/shard-config-upgradability-2" }
-#teeracle-primitives = { git = "https://github.com/integritee-network//pallets", branch = "ab/shard-config-upgradability-2" }
-#common-primitives = { git = "https://github.com/integritee-network//pallets", branch = "ab/shard-config-upgradability-2" }
+#pallet-claims = { git = "https://github.com/integritee-network//pallets", branch = "ab/make_parentchain_pallet_instantiable" }
+#pallet-enclave-bridge = { git = "https://github.com/integritee-network//pallets", branch = "ab/make_parentchain_pallet_instantiable" }
+#pallet-teerex = { git = "https://github.com/integritee-network//pallets", branch = "ab/make_parentchain_pallet_instantiable" }
+#pallet-sidechain = { git = "https://github.com/integritee-network//pallets", branch = "ab/make_parentchain_pallet_instantiable" }
+#pallet-parentchain = { git = "https://github.com/integritee-network//pallets", branch = "ab/make_parentchain_pallet_instantiable" }
+#sgx-verify = { git = "https://github.com/integritee-network//pallets", branch = "ab/make_parentchain_pallet_instantiable" }
+#pallet-teeracle = { git = "https://github.com/integritee-network//pallets", branch = "ab/make_parentchain_pallet_instantiable" }
+#test-utils = { git = "https://github.com/integritee-network//pallets", branch = "ab/make_parentchain_pallet_instantiable" }
+#claims-primitives = { git = "https://github.com/integritee-network//pallets", branch = "ab/make_parentchain_pallet_instantiable" }
+#enclave-bridge-primitives = { git = "https://github.com/integritee-network//pallets", branch = "ab/make_parentchain_pallet_instantiable" }
+#teerex-primitives = { git = "https://github.com/integritee-network//pallets", branch = "ab/make_parentchain_pallet_instantiable" }
+#teeracle-primitives = { git = "https://github.com/integritee-network//pallets", branch = "ab/make_parentchain_pallet_instantiable" }
+#common-primitives = { git = "https://github.com/integritee-network//pallets", branch = "ab/make_parentchain_pallet_instantiable" }
diff --git a/app-libs/parentchain-interface/src/indirect_calls/shield_funds.rs b/app-libs/parentchain-interface/src/indirect_calls/shield_funds.rs
@@ -25,9 +25,10 @@ use itp_stf_primitives::{
 	traits::IndirectExecutor,
 	types::{AccountId, TrustedOperation},
 };
-use itp_types::{Balance, ShardIdentifier};
+use itp_types::{parentchain::ParentchainId, Balance, ShardIdentifier};
 use log::{debug, info};
 use std::vec::Vec;
+
 /// Arguments of the Integritee-Parachain's shield fund dispatchable.
 #[derive(Debug, Clone, Encode, Decode, Eq, PartialEq)]
 pub struct ShieldFundsArgs {
@@ -48,7 +49,12 @@ impl<Executor: IndirectExecutor<TrustedCallSigned, Error>>
 		let account = AccountId::decode(&mut account_vec.as_slice())?;
 
 		let enclave_account_id = executor.get_enclave_account()?;
-		let trusted_call = TrustedCall::balance_shield(enclave_account_id, account, self.amount);
+		let trusted_call = TrustedCall::balance_shield(
+			enclave_account_id,
+			account,
+			self.amount,
+			ParentchainId::Integritee,
+		);
 		let signed_trusted_call = executor.sign_call_with_self(&trusted_call, &self.shard)?;
 		let trusted_operation =
 			TrustedOperation::<TrustedCallSigned, Getter>::indirect_call(signed_trusted_call);

diff --git a/app-libs/parentchain-interface/src/indirect_calls/transfer_to_alice_shields_funds.rs b/app-libs/parentchain-interface/src/indirect_calls/transfer_to_alice_shields_funds.rs
@@ -26,9 +26,10 @@ use itp_stf_primitives::{
 	traits::IndirectExecutor,
 	types::{AccountId, TrustedOperation},
 };
-use itp_types::Balance;
+use itp_types::{parentchain::ParentchainId, Balance};
 use log::info;
 use sp_runtime::MultiAddress;
+
 /// Arguments of a parentchains `transfer` or `transfer_allow_death` dispatchable.
 ///
 /// This is a simple demo indirect call where a transfer to alice on chain will transfer
@@ -69,6 +70,7 @@ impl<Executor: IndirectExecutor<TrustedCallSigned, Error>>
 				executor.get_enclave_account()?,
 				ALICE_ACCOUNT_ID,
 				self.value,
+				ParentchainId::Integritee,
 			);
 			let signed_trusted_call = executor.sign_call_with_self(&trusted_call, &shard)?;
 			let trusted_operation =

diff --git a/app-libs/parentchain-interface/src/integritee/event_handler.rs b/app-libs/parentchain-interface/src/integritee/event_handler.rs
@@ -21,7 +21,9 @@ pub use ita_sgx_runtime::{Balance, Index};
 use ita_stf::{Getter, TrustedCall, TrustedCallSigned};
 use itc_parentchain_indirect_calls_executor::error::Error;
 use itp_stf_primitives::{traits::IndirectExecutor, types::TrustedOperation};
-use itp_types::parentchain::{AccountId, FilterEvents, HandleParentchainEvents, ParentchainError};
+use itp_types::parentchain::{
+	AccountId, FilterEvents, HandleParentchainEvents, ParentchainError, ParentchainId,
+};
 use itp_utils::hex::hex_encode;
 use log::*;
 
@@ -35,8 +37,13 @@ impl ParentchainEventHandler {
 	) -> Result<(), Error> {
 		log::info!("shielding for {:?} amount {}", account, amount,);
 		let shard = executor.get_default_shard();
-		let trusted_call =
-			TrustedCall::balance_shield(executor.get_enclave_account()?, account.clone(), amount);
+		// todo: ensure this parentchain is assigned for the shard vault!
+		let trusted_call = TrustedCall::balance_shield(
+			executor.get_enclave_account()?,
+			account.clone(),
+			amount,
+			ParentchainId::Integritee,
+		);
 		let signed_trusted_call = executor.sign_call_with_self(&trusted_call, &shard)?;
 		let trusted_operation =
 			TrustedOperation::<TrustedCallSigned, Getter>::indirect_call(signed_trusted_call);

diff --git a/app-libs/parentchain-interface/src/target_a/event_handler.rs b/app-libs/parentchain-interface/src/target_a/event_handler.rs
@@ -21,7 +21,9 @@ pub use ita_sgx_runtime::{Balance, Index};
 use ita_stf::{Getter, TrustedCall, TrustedCallSigned};
 use itc_parentchain_indirect_calls_executor::error::Error;
 use itp_stf_primitives::{traits::IndirectExecutor, types::TrustedOperation};
-use itp_types::parentchain::{AccountId, FilterEvents, HandleParentchainEvents, ParentchainError};
+use itp_types::parentchain::{
+	AccountId, FilterEvents, HandleParentchainEvents, ParentchainError, ParentchainId,
+};
 use itp_utils::hex::hex_encode;
 use log::*;
 
@@ -35,8 +37,13 @@ impl ParentchainEventHandler {
 	) -> Result<(), Error> {
 		trace!("[TargetA] shielding for {:?} amount {}", account, amount,);
 		let shard = executor.get_default_shard();
-		let trusted_call =
-			TrustedCall::balance_shield(executor.get_enclave_account()?, account.clone(), amount);
+		// todo: ensure this parentchain is assigned for the shard vault!
+		let trusted_call = TrustedCall::balance_shield(
+			executor.get_enclave_account()?,
+			account.clone(),
+			amount,
+			ParentchainId::TargetA,
+		);
 		let signed_trusted_call = executor.sign_call_with_self(&trusted_call, &shard)?;
 		let trusted_operation =
 			TrustedOperation::<TrustedCallSigned, Getter>::indirect_call(signed_trusted_call);
@@ -68,7 +75,7 @@ where
 				.iter()
 				.filter(|&event| event.to == *vault_account)
 				.try_for_each(|event| {
-					std::println!("⣿TargetA⣿ 🛡 found transfer event to shard vault account: {} will shield to {}", event.amount, hex_encode(event.from.encode().as_ref()));
+					info!("[TargetA] found transfer event to shard vault account: {} will shield to {}", event.amount, hex_encode(event.from.encode().as_ref()));
 					Self::shield_funds(executor, &event.from, event.amount)
 				})
 				.map_err(|_| ParentchainError::ShieldFundsFailure)?;

diff --git a/app-libs/parentchain-interface/src/target_a/mod.rs b/app-libs/parentchain-interface/src/target_a/mod.rs
@@ -18,12 +18,7 @@ mod event_filter;
 mod event_handler;
 mod extrinsic_parser;
 
-use crate::{
-	decode_and_log_error,
-	indirect_calls::{
-		transfer_to_alice_shields_funds::TransferToAliceShieldsFundsArgs, ALICE_ACCOUNT_ID,
-	},
-};
+use crate::indirect_calls::transfer_to_alice_shields_funds::TransferToAliceShieldsFundsArgs;
 use codec::{Decode, Encode};
 use core::marker::PhantomData;
 pub use event_filter::FilterableEvents;
@@ -38,7 +33,7 @@ use itc_parentchain_indirect_calls_executor::{
 };
 use itp_node_api::metadata::pallet_balances::BalancesCallIndexes;
 use itp_stf_primitives::traits::IndirectExecutor;
-use log::{debug, trace};
+use log::*;
 
 /// The default indirect call (extrinsic-triggered) of the Target-A-Parachain.
 #[derive(Debug, Clone, Encode, Decode, Eq, PartialEq)]
@@ -62,55 +57,23 @@ impl<Executor: IndirectExecutor<TrustedCallSigned, Error>>
 	}
 }
 
-/// Simple demo filter for testing.
-///
-/// A transfer to Alice will issue the corresponding balance to Alice in the enclave.
-/// It does not do anything else.
-pub struct TransferToAliceShieldsFundsFilter<ExtrinsicParser> {
+pub struct TargetAExtrinsicFilter<ExtrinsicParser> {
 	_phantom: PhantomData<ExtrinsicParser>,
 }
 
 impl<ExtrinsicParser, NodeMetadata: BalancesCallIndexes> FilterIntoDataFrom<NodeMetadata>
-	for TransferToAliceShieldsFundsFilter<ExtrinsicParser>
+	for TargetAExtrinsicFilter<ExtrinsicParser>
 where
 	ExtrinsicParser: ParseExtrinsic,
 {
 	type Output = IndirectCall;
 	type ParseParentchainMetadata = ExtrinsicParser;
 
 	fn filter_into_from_metadata(
-		encoded_data: &[u8],
-		metadata: &NodeMetadata,
+		_encoded_data: &[u8],
+		_metadata: &NodeMetadata,
 	) -> Option<Self::Output> {
-		let call_mut = &mut &encoded_data[..];
-
-		// Todo: the filter should not need to parse, only filter. This should directly be configured
-		// in the indirect executor.
-		let xt = match Self::ParseParentchainMetadata::parse(call_mut) {
-			Ok(xt) => xt,
-			Err(e) => {
-				log::error!("[TransferToAliceShieldsFundsFilter] Could not parse parentchain extrinsic: {:?}", e);
-				return None
-			},
-		};
-		let index = xt.call_index;
-		let call_args = &mut &xt.call_args[..];
-		trace!("[TransferToAliceShieldsFundsFilter] attempting to execute indirect call with index {:?}", index);
-		if index == metadata.transfer_call_indexes().ok()?
-			|| index == metadata.transfer_keep_alive_call_indexes().ok()?
-			|| index == metadata.transfer_allow_death_call_indexes().ok()?
-		{
-			debug!("found `transfer` or `transfer_allow_death` or `transfer_keep_alive` call.");
-			let args = decode_and_log_error::<TransferToAliceShieldsFundsArgs>(call_args)?;
-			if args.destination == ALICE_ACCOUNT_ID.into() {
-				Some(IndirectCall::TransferToAliceShieldsFunds(args))
-			} else {
-				debug!("Parentchain transfer extrinsic was not for Alice; ignoring...");
-				// No need to put it into the top pool if it isn't executed in the first place.
-				None
-			}
-		} else {
-			None
-		}
+		warn!("no indirect calls filter has been implemented for target_a");
+		None
 	}
 }
diff --git a/app-libs/parentchain-interface/src/target_b/mod.rs b/app-libs/parentchain-interface/src/target_b/mod.rs
@@ -33,7 +33,7 @@ use itc_parentchain_indirect_calls_executor::{
 };
 use itp_node_api::metadata::pallet_balances::BalancesCallIndexes;
 use itp_stf_primitives::traits::IndirectExecutor;
-use log::error;
+use log::*;
 
 /// The default indirect call (extrinsic-triggered) of the Target-A-Parachain.
 #[derive(Debug, Clone, Encode, Decode, Eq, PartialEq)]
@@ -63,7 +63,7 @@ where
 		_encoded_data: &[u8],
 		_metadata: &NodeMetadata,
 	) -> Option<Self::Output> {
-		error!("no indirect calls filter has been implemented for target_b");
+		warn!("no indirect calls filter has been implemented for target_b");
 		None
 	}
 }
diff --git a/app-libs/sgx-runtime/Cargo.toml b/app-libs/sgx-runtime/Cargo.toml
@@ -42,7 +42,7 @@ sp-version = { default-features = false, git = "https://github.com/paritytech/su
 
 # Integritee dependencies
 pallet-evm = { default-features = false, optional = true, git = "https://github.com/integritee-network/frontier.git", branch = "bar/polkadot-v0.9.42" }
-pallet-parentchain = { default-features = false, git = "https://github.com/integritee-network/pallets.git", branch = "sdk-v0.12.6-polkadot-v0.9.42" }
+pallet-parentchain = { default-features = false, git = "https://github.com/integritee-network/pallets.git", branch = "sdk-v0.12.10-polkadot-v0.9.42" }
 
 [features]
 default = ["std"]