log enclave extrinsics to parentchains (#1620)

* log enclave extrinsics to parentchains

* fix tests

* listen to ExtrinsicFailed events and filter some that may be relevant

* taplo

Cargo.lock

@@ -2557,7 +2557,7 @@ dependencies = [
 
 [[package]]
 name = "integritee-cli"
-version = "0.14.3"
+version = "0.14.4"
 dependencies = [
  "array-bytes 6.1.0",
  "base58",
@@ -2607,11 +2607,12 @@ dependencies = [
 
 [[package]]
 name = "integritee-service"
-version = "0.14.3"
+version = "0.14.4"
 dependencies = [
  "anyhow",
  "async-trait",
  "base58",
+ "chrono 0.4.26",
  "clap 2.34.0",
  "dirs",
  "enclave-bridge-primitives",
@@ -2632,6 +2633,7 @@ dependencies = [
  "itp-enclave-metrics",
  "itp-node-api",
  "itp-settings",
+ "itp-sgx-temp-dir",
  "itp-stf-interface",
  "itp-storage",
  "itp-time-utils",
@@ -3648,6 +3650,7 @@ name = "itp-types"
 version = "0.9.0"
 dependencies = [
  "enclave-bridge-primitives",
+ "frame-support",
  "frame-system",
  "itp-sgx-runtime-primitives",
  "itp-stf-primitives",

app-libs/parentchain-interface/src/event_subscriber.rs

@@ -14,9 +14,9 @@
 	limitations under the License.
 
 */
-
 use itp_api_client_types::ParentchainApi;
-use itp_types::parentchain::{AddedSgxEnclave, BalanceTransfer, ParentchainId};
+use itp_types::parentchain::{AddedSgxEnclave, BalanceTransfer, ExtrinsicFailed, ParentchainId};
+use sp_runtime::DispatchError;
 use substrate_api_client::SubscribeEvents;
 
 pub fn subscribe_to_parentchain_events(api: &ParentchainApi, parentchain_id: ParentchainId) {
@@ -28,7 +28,29 @@ pub fn subscribe_to_parentchain_events(api: &ParentchainApi, parentchain_id: Par
 		for event in events.iter() {
 			let event = event.unwrap();
 			match event.pallet_name() {
-				"System" => continue,
+				"System" => match event.variant_name() {
+					"ExtrinsicFailed" =>
+						if let Ok(Some(ev)) = event.as_event::<ExtrinsicFailed>() {
+							// filter only modules of potential interest.
+							// TODO: filter only extrinsics from enclave and use metadata to enrich message
+							match ev.dispatch_error {
+								DispatchError::Module(me) => match me.index {
+									7 => (),  // Proxy
+									9 => (),  // Utility
+									10 => (), // Balances
+									50 => (), // Teerex
+									52 => (), // Teeracle
+									53 => (), // Sidechain
+									54 => (), // EnclaveBridge
+									_ => continue,
+								},
+								DispatchError::BadOrigin => (),
+								_ => continue,
+							}
+							println!("[L1Event:{}] {:?}", parentchain_id, ev);
+						},
+					_ => continue,
+				},
 				"ParaInclusion" => continue,
 				"MessageQueue" => continue,
 				"TransactionPayment" => continue,

cli/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "integritee-cli"
-version = "0.14.3"
+version = "0.14.4"
 authors = ["Integritee AG <hello@integritee.network>"]
 edition = "2021"
 

core-primitives/types/Cargo.toml

@@ -20,6 +20,7 @@ itp-utils = { path = "../../core-primitives/utils", default-features = false }
 substrate-api-client = { default-features = false, features = ["sync-api"], git = "https://github.com/encointer/substrate-api-client.git", branch = "v0.9.42-tag-v0.14.0-retracted-check-metadata-hash" }
 
 # substrate-deps
+frame-support = { default-features = false, git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.42" }
 frame-system = { default-features = false, git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.42" }
 pallet-balances = { default-features = false, git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.42" }
 sp-core = { default-features = false, features = ["full_crypto"], git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.42" }

core-primitives/types/src/parentchain.rs

@@ -19,14 +19,20 @@ use crate::{OpaqueCall, PalletString, ShardIdentifier};
 use alloc::{format, vec::Vec};
 use codec::{Decode, Encode};
 use core::fmt::Debug;
+use frame_support::pallet_prelude::Pays;
 use itp_stf_primitives::traits::{IndirectExecutor, TrustedCallVerification};
 use itp_utils::stringify::account_id_to_string;
 #[cfg(feature = "std")]
 use serde::{Deserialize, Serialize};
 pub use sidechain_primitives::SidechainBlockConfirmation;
 use sp_core::bounded::alloc;
-use sp_runtime::{generic::Header as HeaderG, traits::BlakeTwo256, MultiAddress, MultiSignature};
-use substrate_api_client::ac_node_api::StaticEvent;
+use sp_runtime::{
+	generic::Header as HeaderG, traits::BlakeTwo256, DispatchError, MultiAddress, MultiSignature,
+};
+use substrate_api_client::{
+	ac_node_api::StaticEvent,
+	ac_primitives::{DispatchClass, Weight},
+};
 use teeracle_primitives::ExchangeRate;
 use teerex_primitives::{SgxAttestationMethod, SgxStatus};
 pub type StorageProof = Vec<Vec<u8>>;
@@ -102,8 +108,20 @@ impl StaticEvent for ExtrinsicSuccess {
 	const EVENT: &'static str = "ExtrinsicSuccess";
 }
 
-#[derive(Encode, Decode)]
-pub struct ExtrinsicFailed;
+#[derive(Encode, Decode, Debug)]
+pub struct DispatchEventInfo {
+	/// Weight of this transaction.
+	pub weight: Weight,
+	/// Class of this transaction.
+	pub class: DispatchClass,
+	/// Does this transaction pay fees.
+	pub pays_fee: Pays,
+}
+#[derive(Encode, Decode, Debug)]
+pub struct ExtrinsicFailed {
+	pub dispatch_error: DispatchError,
+	pub dispatch_info: DispatchEventInfo,
+}
 
 impl StaticEvent for ExtrinsicFailed {
 	const PALLET: &'static str = "System";

enclave-runtime/Cargo.lock

@@ -771,7 +771,7 @@ dependencies = [
 
 [[package]]
 name = "enclave-runtime"
-version = "0.14.3"
+version = "0.14.4"
 dependencies = [
  "array-bytes 6.2.2",
  "cid",
@@ -2367,6 +2367,7 @@ name = "itp-types"
 version = "0.9.0"
 dependencies = [
  "enclave-bridge-primitives",
+ "frame-support",
  "frame-system",
  "itp-sgx-runtime-primitives",
  "itp-stf-primitives",

enclave-runtime/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "enclave-runtime"
-version = "0.14.3"
+version = "0.14.4"
 authors = ["Integritee AG <hello@integritee.network>"]
 edition = "2021"
 

service/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "integritee-service"
-version = "0.14.3"
+version = "0.14.4"
 authors = ["Integritee AG <hello@integritee.network>"]
 build = "build.rs"
 edition = "2021"
@@ -69,6 +69,7 @@ substrate-api-client = { default-features = false, features = ["std", "sync-api"
 teerex-primitives = { git = "https://github.com/integritee-network/pallets.git", branch = "sdk-v0.13.0-polkadot-v0.9.42" }
 
 # Substrate dependencies
+chrono = "0.4.26"
 frame-support = { git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.42" }
 pallet-balances = { git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.42" }
 sp-consensus-aura = { git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.42" }
@@ -106,3 +107,4 @@ mockall = "0.11"
 itc-parentchain-test = { path = "../core/parentchain/test" }
 its-peer-fetch = { path = "../sidechain/peer-fetch", features = ["mocks"] }
 its-test = { path = "../sidechain/test" }
+itp-sgx-temp-dir = { version = "0.1", path = "../core-primitives/sgx/temp-dir" }

service/src/main_impl.rs

@@ -170,6 +170,7 @@ pub(crate) fn main() {
 		peer_sidechain_block_fetcher,
 		tokio_handle.clone(),
 		enclave_metrics_receiver,
+		config.data_dir().into(),
 	)));
 
 	let quoting_enclave_target_info = match enclave.qe_get_target_info() {

service/src/ocall_bridge/component_factory.rs

@@ -15,7 +15,6 @@
 	limitations under the License.
 
 */
-
 use crate::{
 	globals::tokio_handle::GetTokioHandle,
 	ocall_bridge::{
@@ -38,7 +37,7 @@ use itp_node_api::node_api_factory::CreateNodeApi;
 use its_peer_fetch::FetchBlocksFromPeer;
 use its_primitives::types::block::SignedBlock as SignedSidechainBlock;
 use its_storage::BlockStorage;
-use std::sync::Arc;
+use std::{path::Path, sync::Arc};
 
 /// Concrete implementation, should be moved out of the OCall Bridge, into the worker
 /// since the OCall bridge itself should not know any concrete types to ensure
@@ -63,6 +62,7 @@ pub struct OCallBridgeComponentFactory<
 	peer_block_fetcher: Arc<PeerBlockFetcher>,
 	tokio_handle: Arc<TokioHandle>,
 	metrics_receiver: Arc<MetricsReceiver>,
+	log_dir: Arc<Path>,
 }
 
 impl<
@@ -98,6 +98,7 @@ impl<
 		peer_block_fetcher: Arc<PeerBlockFetcher>,
 		tokio_handle: Arc<TokioHandle>,
 		metrics_receiver: Arc<MetricsReceiver>,
+		log_dir: Arc<Path>,
 	) -> Self {
 		OCallBridgeComponentFactory {
 			integritee_rpc_api_factory,
@@ -110,6 +111,7 @@ impl<
 			peer_block_fetcher,
 			tokio_handle,
 			metrics_receiver,
+			log_dir,
 		}
 	}
 }
@@ -162,6 +164,7 @@ impl<
 			self.integritee_rpc_api_factory.clone(),
 			self.target_a_parentchain_rpc_api_factory.clone(),
 			self.target_b_parentchain_rpc_api_factory.clone(),
+			self.log_dir.clone(),
 		))
 	}
 

service/src/ocall_bridge/worker_on_chain_ocall.rs

@@ -17,13 +17,21 @@
 */
 
 use crate::ocall_bridge::bridge_api::{OCallBridgeError, OCallBridgeResult, WorkerOnChainBridge};
+use chrono::Local;
 use codec::{Decode, Encode};
 use itp_api_client_types::ParentchainApi;
 use itp_node_api::node_api_factory::CreateNodeApi;
 use itp_types::{parentchain::ParentchainId, WorkerRequest, WorkerResponse};
 use log::*;
+use sp_core::blake2_256;
 use sp_runtime::OpaqueExtrinsic;
-use std::{sync::Arc, vec::Vec};
+use std::{
+	fs::{create_dir_all, File},
+	io::{self, Write},
+	path::Path,
+	sync::Arc,
+	vec::Vec,
+};
 use substrate_api_client::{
 	ac_primitives::serde_impls::StorageKey, GetStorage, SubmitAndWatch, SubmitExtrinsic, XtStatus,
 };
@@ -32,18 +40,21 @@ pub struct WorkerOnChainOCall<F> {
 	integritee_api_factory: Arc<F>,
 	target_a_parentchain_api_factory: Option<Arc<F>>,
 	target_b_parentchain_api_factory: Option<Arc<F>>,
+	log_dir: Arc<Path>,
 }
 
 impl<F> WorkerOnChainOCall<F> {
 	pub fn new(
 		integritee_api_factory: Arc<F>,
 		target_a_parentchain_api_factory: Option<Arc<F>>,
 		target_b_parentchain_api_factory: Option<Arc<F>>,
+		log_dir: Arc<Path>,
 	) -> Self {
 		WorkerOnChainOCall {
 			integritee_api_factory,
 			target_a_parentchain_api_factory,
 			target_b_parentchain_api_factory,
+			log_dir,
 		}
 	}
 }
@@ -132,6 +143,12 @@ where
 				extrinsics.len(),
 				parentchain_id, await_each_inlcusion
 			);
+			log_extrinsics_to_file(self.log_dir.clone(), parentchain_id, extrinsics.clone())
+				.map_err(|e| {
+					error!("Error logging extrinsic to disk: {}", e);
+					e
+				})
+				.unwrap_or_default();
 			let api = self.create_api(parentchain_id)?;
 			for call in extrinsics.into_iter() {
 				if await_each_inlcusion {
@@ -160,6 +177,25 @@ where
 	}
 }
 
+fn log_extrinsics_to_file(
+	log_dir: Arc<Path>,
+	parentchain_id: ParentchainId,
+	extrinsics: Vec<OpaqueExtrinsic>,
+) -> io::Result<()> {
+	let log_dir = log_dir.join(format!("log-extrinsics-to-{}", parentchain_id));
+	create_dir_all(&log_dir)?;
+	let timestamp = Local::now().format("%Y%m%d-%H%M%S-%3f").to_string();
+	let file_name = format!("extrinsics-{}.hex", timestamp);
+	let file_path = log_dir.join(file_name);
+
+	// Create the file in the specified directory
+	let mut file = File::create(file_path)?;
+	for xt in extrinsics {
+		writeln!(file, "0x{}", hex::encode(xt.encode()))?;
+	}
+	Ok(())
+}
+
 #[cfg(test)]
 mod tests {
 
@@ -168,6 +204,7 @@ mod tests {
 		api_client::ParentchainApi,
 		node_api_factory::{CreateNodeApi, Result as NodeApiResult},
 	};
+	use itp_sgx_temp_dir::TempDir;
 	use mockall::mock;
 
 	#[test]
@@ -180,8 +217,9 @@ mod tests {
 		}
 
 		let mock_node_api_factory = Arc::new(MockNodeApiFactory::new());
-
-		let on_chain_ocall = WorkerOnChainOCall::new(mock_node_api_factory, None, None);
+		let temp_dir = TempDir::new().unwrap();
+		let on_chain_ocall =
+			WorkerOnChainOCall::new(mock_node_api_factory, None, None, temp_dir.path().into());
 
 		let response = on_chain_ocall
 			.worker_request(Vec::<u8>::new().encode(), ParentchainId::Integritee.encode())