Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Deprecate ScheduledEnclave and introduce AuthorizedEnclave #2856

Merged
merged 8 commits into from
Jul 4, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 0 additions & 2 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -646,7 +646,6 @@ jobs:
- test_name: lit-dr-vc-test
- test_name: lit-parentchain-nonce
- test_name: lit-test-failed-parentchain-extrinsic
- test_name: lit-scheduled-enclave-test
- test_name: lit-twitter-identity-test
- test_name: lit-discord-identity-test
steps:
@@ -732,7 +731,6 @@ jobs:
- test_name: lit-di-vc-multiworker-test
- test_name: lit-dr-vc-multiworker-test
- test_name: lit-resume-worker
- test_name: lit-scheduled-enclave-multiworker-test
steps:
- uses: actions/checkout@v4

18 changes: 0 additions & 18 deletions bitacross-worker/Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 0 additions & 3 deletions bitacross-worker/app-libs/parentchain-interface/Cargo.toml
Original file line number Diff line number Diff line change
@@ -35,7 +35,6 @@ sp-runtime = { default-features = false, git = "https://github.com/paritytech/su
bc-enclave-registry = { path = "../../bitacross/core/bc-enclave-registry", default-features = false }
bc-relayer-registry = { path = "../../bitacross/core/bc-relayer-registry", default-features = false }
bc-signer-registry = { path = "../../bitacross/core/bc-signer-registry", default-features = false }
lc-scheduled-enclave = { path = "../../litentry/core/scheduled-enclave", default-features = false, optional = true }
litentry-hex-utils = { path = "../../../primitives/hex", default-features = false }
litentry-primitives = { path = "../../litentry/primitives", default-features = false }
sp-std = { default-features = false, git = "https://github.com/paritytech/substrate.git", branch = "polkadot-v0.9.42" }
@@ -73,7 +72,6 @@ std = [
"sp-runtime/std",
"substrate-api-client",
"litentry-primitives/std",
"lc-scheduled-enclave/std",
"sp-std/std",
"bc-enclave-registry/std",
"bc-relayer-registry/std",
@@ -88,7 +86,6 @@ sgx = [
"itp-stf-executor/sgx",
"itp-top-pool-author/sgx",
"litentry-primitives/sgx",
"lc-scheduled-enclave/sgx",
"bc-enclave-registry/sgx",
"bc-relayer-registry/sgx",
"bc-signer-registry/sgx",
Original file line number Diff line number Diff line change
@@ -23,8 +23,8 @@ use itp_node_api::api_client::StaticEvent;
use itp_types::{
parentchain::{
events::{
BalanceTransfer, BtcWalletGenerated, EnclaveAdded, EnclaveRemoved, RelayerAdded,
RelayerRemoved, ScheduledEnclaveRemoved, ScheduledEnclaveSet,
BalanceTransfer, BtcWalletGenerated, EnclaveAdded, EnclaveRemoved, EnclaveUnauthorized,
RelayerAdded, RelayerRemoved,
},
FilterEvents,
},
@@ -72,13 +72,7 @@ impl FilterEvents for FilterableEvents {
self.filter()
}

fn get_scheduled_enclave_removed_events(
&self,
) -> Result<Vec<ScheduledEnclaveRemoved>, Self::Error> {
self.filter()
}

fn get_scheduled_enclave_set_events(&self) -> Result<Vec<ScheduledEnclaveSet>, Self::Error> {
fn get_enclave_unauthorized_events(&self) -> Result<Vec<EnclaveUnauthorized>, Self::Error> {
self.filter()
}

Original file line number Diff line number Diff line change
@@ -27,10 +27,9 @@ use itc_parentchain_indirect_calls_executor::error::Error;
use itp_stf_primitives::traits::IndirectExecutor;
use itp_types::{
parentchain::{FilterEvents, HandleParentchainEvents, ParentchainEventProcessingError},
MrEnclave, WorkerType,
WorkerType,
};
use lc_scheduled_enclave::{ScheduledEnclaveUpdater, GLOBAL_SCHEDULED_ENCLAVE};
use litentry_primitives::{Address32, Identity, SidechainBlockNumber};
use litentry_primitives::{Address32, Identity};
use log::*;
use sp_core::{blake2_256, H256};
use sp_std::vec::Vec;
@@ -39,33 +38,6 @@ use std::string::ToString;
pub struct ParentchainEventHandler {}

impl ParentchainEventHandler {
fn set_scheduled_enclave(
worker_type: WorkerType,
sbn: SidechainBlockNumber,
mrenclave: MrEnclave,
) -> Result<(), Error> {
if worker_type != WorkerType::BitAcross {
warn!("Ignore SetScheduledEnclave due to wrong worker_type");
return Ok(())
}
GLOBAL_SCHEDULED_ENCLAVE.update(sbn, mrenclave)?;

Ok(())
}

fn remove_scheduled_enclave(
worker_type: WorkerType,
sbn: SidechainBlockNumber,
) -> Result<(), Error> {
if worker_type != WorkerType::BitAcross {
warn!("Ignore RemoveScheduledEnclave due to wrong worker_type");
return Ok(())
}
GLOBAL_SCHEDULED_ENCLAVE.remove(sbn)?;

Ok(())
}

fn add_relayer(relayer_registry: &RelayerRegistry, account: Identity) -> Result<(), Error> {
info!("Adding Relayer Account to Registry: {:?}", account);
relayer_registry.update(account).map_err(|e| {
@@ -158,41 +130,6 @@ where
fn handle_events(executor: &Executor, events: impl FilterEvents) -> Result<Vec<H256>, Error> {
let mut handled_events: Vec<H256> = Vec::new();

if let Ok(events) = events.get_scheduled_enclave_set_events() {
debug!("Handling ScheduledEnclaveSet events");
events
.iter()
.try_for_each(|event| {
debug!("found ScheduledEnclaveSet event: {:?}", event);
let result = Self::set_scheduled_enclave(
event.worker_type,
event.sidechain_block_number,
event.mrenclave,
);
handled_events.push(hash_of(&event));

result
})
.map_err(|_| ParentchainEventProcessingError::ScheduledEnclaveSetFailure)?;
}

if let Ok(events) = events.get_scheduled_enclave_removed_events() {
debug!("Handling ScheduledEnclaveRemoved events");
events
.iter()
.try_for_each(|event| {
debug!("found ScheduledEnclaveRemoved event: {:?}", event);
let result = Self::remove_scheduled_enclave(
event.worker_type,
event.sidechain_block_number,
);
handled_events.push(hash_of(&event));

result
})
.map_err(|_| ParentchainEventProcessingError::ScheduledEnclaveRemovedFailure)?;
}

if let Ok(events) = events.get_relayer_added_events() {
debug!("Handling RelayerAdded events");
let relayer_registry = executor.get_relayer_registry_updater();
Original file line number Diff line number Diff line change
@@ -22,8 +22,8 @@ use itp_node_api::api_client::StaticEvent;
use itp_types::{
parentchain::{
events::{
BalanceTransfer, BtcWalletGenerated, EnclaveAdded, EnclaveRemoved, RelayerAdded,
RelayerRemoved, ScheduledEnclaveRemoved, ScheduledEnclaveSet,
BalanceTransfer, BtcWalletGenerated, EnclaveAdded, EnclaveRemoved, EnclaveUnauthorized,
RelayerAdded, RelayerRemoved,
},
FilterEvents,
},
@@ -70,13 +70,7 @@ impl FilterEvents for FilterableEvents {
self.filter()
}

fn get_scheduled_enclave_removed_events(
&self,
) -> Result<Vec<ScheduledEnclaveRemoved>, Self::Error> {
self.filter()
}

fn get_scheduled_enclave_set_events(&self) -> Result<Vec<ScheduledEnclaveSet>, Self::Error> {
fn get_enclave_unauthorized_events(&self) -> Result<Vec<EnclaveUnauthorized>, Self::Error> {
self.filter()
}

Original file line number Diff line number Diff line change
@@ -22,8 +22,8 @@ use itp_node_api::api_client::StaticEvent;
use itp_types::{
parentchain::{
events::{
BalanceTransfer, BtcWalletGenerated, EnclaveAdded, EnclaveRemoved, RelayerAdded,
RelayerRemoved, ScheduledEnclaveRemoved, ScheduledEnclaveSet,
BalanceTransfer, BtcWalletGenerated, EnclaveAdded, EnclaveRemoved, EnclaveUnauthorized,
RelayerAdded, RelayerRemoved,
},
FilterEvents,
},
@@ -70,13 +70,7 @@ impl FilterEvents for FilterableEvents {
self.filter()
}

fn get_scheduled_enclave_removed_events(
&self,
) -> Result<Vec<ScheduledEnclaveRemoved>, Self::Error> {
self.filter()
}

fn get_scheduled_enclave_set_events(&self) -> Result<Vec<ScheduledEnclaveSet>, Self::Error> {
fn get_enclave_unauthorized_events(&self) -> Result<Vec<EnclaveUnauthorized>, Self::Error> {
self.filter()
}

2 changes: 1 addition & 1 deletion bitacross-worker/app-libs/sgx-runtime/src/lib.rs
Original file line number Diff line number Diff line change
@@ -121,7 +121,7 @@ pub const VERSION: RuntimeVersion = RuntimeVersion {
spec_name: create_runtime_str!("node-template"),
impl_name: create_runtime_str!("node-template"),
authoring_version: 1,
spec_version: 104,
spec_version: 105,
impl_version: 1,
apis: RUNTIME_API_VERSIONS,
transaction_version: 1,
Original file line number Diff line number Diff line change
@@ -37,8 +37,8 @@ impl TryFrom<NodeMetadataMock> for Metadata {
pub struct NodeMetadataMock {
// teebag
teebag_module: u8,
set_scheduled_enclave: u8,
remove_scheduled_enclave: u8,
force_add_authorized_enclave: u8,
force_remove_authorized_enclave: u8,
register_enclave: u8,
unregister_enclave: u8,
register_quoting_enclave: u8,
@@ -78,8 +78,8 @@ impl NodeMetadataMock {
pub fn new() -> Self {
NodeMetadataMock {
teebag_module: 50u8,
set_scheduled_enclave: 0u8,
remove_scheduled_enclave: 1u8,
force_add_authorized_enclave: 0u8,
force_remove_authorized_enclave: 1u8,
register_enclave: 2u8,
unregister_enclave: 3u8,
register_quoting_enclave: 4u8,
@@ -118,11 +118,11 @@ impl NodeMetadataMock {
}

impl TeebagCallIndexes for NodeMetadataMock {
fn set_scheduled_enclave_call_indexes(&self) -> Result<[u8; 2]> {
Ok([self.teebag_module, self.set_scheduled_enclave])
fn force_add_authorized_enclave_call_indexes(&self) -> Result<[u8; 2]> {
Ok([self.teebag_module, self.force_add_authorized_enclave])
}
fn remove_scheduled_enclave_call_indexes(&self) -> Result<[u8; 2]> {
Ok([self.teebag_module, self.remove_scheduled_enclave])
fn force_remove_authorized_enclave_call_indexes(&self) -> Result<[u8; 2]> {
Ok([self.teebag_module, self.force_remove_authorized_enclave])
}
fn register_enclave_call_indexes(&self) -> Result<[u8; 2]> {
Ok([self.teebag_module, self.register_enclave])
Original file line number Diff line number Diff line change
@@ -21,9 +21,9 @@ pub const TEEBAG: &str = "Teebag";

// we only list the extrinsics that we care
pub trait TeebagCallIndexes {
fn set_scheduled_enclave_call_indexes(&self) -> Result<[u8; 2]>;
fn force_add_authorized_enclave_call_indexes(&self) -> Result<[u8; 2]>;

fn remove_scheduled_enclave_call_indexes(&self) -> Result<[u8; 2]>;
fn force_remove_authorized_enclave_call_indexes(&self) -> Result<[u8; 2]>;

fn register_enclave_call_indexes(&self) -> Result<[u8; 2]>;

@@ -41,11 +41,11 @@ pub trait TeebagCallIndexes {
}

impl TeebagCallIndexes for NodeMetadata {
fn set_scheduled_enclave_call_indexes(&self) -> Result<[u8; 2]> {
self.call_indexes(TEEBAG, "set_scheduled_enclave")
fn force_add_authorized_enclave_call_indexes(&self) -> Result<[u8; 2]> {
self.call_indexes(TEEBAG, "force_add_authorized_enclave")
}
fn remove_scheduled_enclave_call_indexes(&self) -> Result<[u8; 2]> {
self.call_indexes(TEEBAG, "remove_scheduled_enclave")
fn force_remove_authorized_enclave_call_indexes(&self) -> Result<[u8; 2]> {
self.call_indexes(TEEBAG, "force_remove_authorized_enclave")
}
fn register_enclave_call_indexes(&self) -> Result<[u8; 2]> {
self.call_indexes(TEEBAG, "register_enclave")
3 changes: 0 additions & 3 deletions bitacross-worker/core-primitives/settings/src/lib.rs
Original file line number Diff line number Diff line change
@@ -36,9 +36,6 @@ pub mod files {
/// Path to the light-client db for the Target B parentchain.
pub const TARGET_B_PARENTCHAIN_LIGHT_CLIENT_DB_PATH: &str = "target_b_lcdb";

// litentry
pub const SCHEDULED_ENCLAVE_FILE: &str = "scheduled_enclave_sealed.bin";

// bitacross
pub const RELAYER_REGISTRY_FILE: &str = "relayer_registry_sealed.bin";

Original file line number Diff line number Diff line change
@@ -32,7 +32,7 @@ use itp_stf_primitives::{
};
use itp_stf_state_observer::traits::ObserveState;
use itp_top_pool_author::traits::AuthorApi;
use itp_types::{Index, ShardIdentifier};
use itp_types::{Index, MrEnclave, ShardIdentifier};
use log::*;
use sp_core::{ed25519::Pair as Ed25519Pair, Pair};
use std::{boxed::Box, sync::Arc, vec::Vec};
@@ -117,12 +117,16 @@ where
Ok(enclave_call_signing_key.public().into())
}

fn get_mrenclave(&self) -> Result<MrEnclave> {
Ok(self.ocall_api.get_mrenclave_of_self().map(|m| m.m)?)
}

fn sign_call_with_self<TC: Encode + Debug + TrustedCallSigning<TCS>>(
&self,
trusted_call: &TC,
shard: &ShardIdentifier,
) -> Result<TCS> {
let mr_enclave = self.ocall_api.get_mrenclave_of_self()?;
let mrenclave = self.get_mrenclave()?;
let enclave_account = self.get_enclave_account()?;
let enclave_call_signing_key = self.get_enclave_call_signing_key()?;

@@ -138,7 +142,7 @@ where
Ok(trusted_call.sign(
&KeyPair::Ed25519(Box::new(enclave_call_signing_key)),
adjusted_nonce,
&mr_enclave.m,
&mrenclave,
shard,
))
}
6 changes: 5 additions & 1 deletion bitacross-worker/core-primitives/stf-executor/src/mocks.rs
Original file line number Diff line number Diff line change
@@ -28,7 +28,7 @@ use itp_stf_primitives::{
traits::TrustedCallSigning,
types::{AccountId, KeyPair, ShardIdentifier, TrustedOperationOrHash},
};
use itp_types::H256;
use itp_types::{MrEnclave, H256};
use sp_core::Pair;
use sp_runtime::traits::Header as HeaderTrait;
#[cfg(feature = "std")]
@@ -134,6 +134,10 @@ impl<TCS: PartialEq + Encode + Debug> StfEnclaveSigning<TCS> for StfEnclaveSigne
Ok(self.signer.public().into())
}

fn get_mrenclave(&self) -> Result<MrEnclave> {
Ok(self.mr_enclave)
}

fn sign_call_with_self<TC: Encode + Debug + TrustedCallSigning<TCS>>(
&self,
trusted_call: &TC,
Loading