Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introducing add_account trusted call #3155

Merged
merged 40 commits into from
Nov 4, 2024
Merged

Introducing add_account trusted call #3155

Show file tree
Hide file tree
Changes from 31 commits
Commits
Show all changes
40 commits
Select commit Hold shift + click to select a range
6ea7c78
adding get_account_nonce method to ocall_api
silva-fj Oct 29, 2024
3dce5df
refactoring get_header ocall_api method
silva-fj Oct 29, 2024
b32145f
refactoring omni-account repository and adding get_nonce method
silva-fj Oct 29, 2024
7644433
adding aes256_key_repository to the native task context
silva-fj Oct 29, 2024
0fca187
adding helpers for identity verification
silva-fj Oct 29, 2024
5a7eae9
adding add_account trusted call
silva-fj Oct 29, 2024
531f109
declaring helpers module
silva-fj Oct 29, 2024
9ab6cde
adding new error variant
silva-fj Oct 29, 2024
9ade8e9
initial setup for add_account (web3 accounts logic)
silva-fj Oct 29, 2024
e3fe5e1
cleaning up unused parameters
silva-fj Oct 29, 2024
fe0cef6
handling data verification
silva-fj Oct 29, 2024
e77370c
refactoring email verification, make it only compatible with onmi acc…
silva-fj Oct 30, 2024
79afe3e
removing deprecated identity_requestEmailVerification rpc method
silva-fj Oct 30, 2024
39e7f13
cleaning up helpers
silva-fj Oct 30, 2024
8d122da
adding web2 validation data verification
silva-fj Oct 30, 2024
0fdb721
cleaning up native requests
silva-fj Oct 30, 2024
85276be
refactoring add_account
silva-fj Oct 30, 2024
efbcf84
Merge remote-tracking branch 'origin/dev' into p-1120-create-add_acco…
silva-fj Oct 31, 2024
47c2e3e
re-ordering functions
silva-fj Oct 31, 2024
7534b7d
adding new types to api-client-types to be able to encode substrate-a…
silva-fj Oct 31, 2024
c02a721
refactoring `send_to_parentchain` to include extrinsics reports
silva-fj Oct 31, 2024
984742a
cleaning up imports and dependencies
silva-fj Oct 31, 2024
12fb398
updating send_to_parentchain on bitacross
silva-fj Oct 31, 2024
5b87c21
small improvement
silva-fj Oct 31, 2024
9c8e02b
cleaning up dependencies
silva-fj Oct 31, 2024
a2af679
returning back extrinsic report to the clients
silva-fj Oct 31, 2024
c0acde3
defining TrustedCallResult type alias
silva-fj Oct 31, 2024
9dbac04
removing unused impl block
silva-fj Oct 31, 2024
021fa84
Merge branch 'dev' into p-1120-create-add_account-trusted-call
silva-fj Oct 31, 2024
9ab54a5
fixing fmt issue
silva-fj Oct 31, 2024
16db60a
adding comments
silva-fj Nov 4, 2024
6952452
adjusting comments
silva-fj Nov 4, 2024
eb22f24
implementing MaxEncodedLen on ExtrinsicReport to better calculate the
silva-fj Nov 4, 2024
f7c68e9
adding tests for api-client-types
silva-fj Nov 4, 2024
ee2c304
adding vec size
silva-fj Nov 4, 2024
538b8f9
updating bitacross
silva-fj Nov 4, 2024
6a80118
Merge remote-tracking branch 'origin/dev' into p-1120-create-add_acco…
silva-fj Nov 4, 2024
65927d7
adding missing import
silva-fj Nov 4, 2024
f55c39b
using scope to keep the context name
silva-fj Nov 4, 2024
ac33833
split thread workers between vc-task and native-task
silva-fj Nov 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion tee-worker/Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions tee-worker/bitacross/enclave-runtime/Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion tee-worker/bitacross/enclave-runtime/Enclave.edl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -246,7 +246,8 @@ enclave {
sgx_status_t ocall_send_to_parentchain(
[in, size = extrinsics_size] uint8_t * extrinsics, uint32_t extrinsics_size,
[in, size=parentchain_id_size] uint8_t* parentchain_id, uint32_t parentchain_id_size,
int await_each_inclusion
[in, size=watch_until_size] uint8_t* watch_until, uint32_t watch_until_size,
[out, size = resp_size] uint8_t * response, uint32_t resp_size
);
};
};
5 changes: 4 additions & 1 deletion tee-worker/bitacross/enclave-runtime/src/ocall/ffi.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,10 @@ extern "C" {
extrinsics_size: u32,
parentchain_id: *const u8,
parentchain_id_size: u32,
await_each_inclusion: c_int,
watch_until: *const u8,
watch_until_size: u32,
response: *mut u8,
response_size: u32,
) -> sgx_status_t;

pub fn ocall_read_ipfs(
Expand Down
51 changes: 43 additions & 8 deletions tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,26 +19,38 @@
use crate::ocall::{ffi, OcallApi};
use codec::{Decode, Encode};
use frame_support::ensure;
use itp_node_api::api_client::{ExtrinsicReport, XtStatus};
use itp_ocall_api::{EnclaveOnChainOCallApi, Error, Result};
use itp_storage::{verify_storage_entries, Error as StorageError};
use itp_types::{
parentchain::ParentchainId, storage::StorageEntryVerified, WorkerRequest, WorkerResponse, H256,
parentchain::{AccountId, Index as ParentchainIndex, ParentchainId},
storage::StorageEntryVerified,
WorkerRequest, WorkerResponse, H256,
};
use log::*;
use sgx_types::*;
use sp_runtime::{traits::Header, OpaqueExtrinsic};
use std::vec::Vec;
use std::{mem::size_of, vec::Vec};

impl EnclaveOnChainOCallApi for OcallApi {
fn send_to_parentchain(
&self,
extrinsics: Vec<OpaqueExtrinsic>,
parentchain_id: &ParentchainId,
await_each_inclusion: bool,
) -> SgxResult<()> {
watch_until: Option<XtStatus>,
) -> SgxResult<Vec<ExtrinsicReport<H256>>> {
let mut rt: sgx_status_t = sgx_status_t::SGX_ERROR_UNEXPECTED;
let extrinsics_encoded = extrinsics.encode();
let parentchain_id_encoded = parentchain_id.encode();
let watch_until_encoded = watch_until.encode();
let response_size = match watch_until {
Some(_) => extrinsics
.len()
.checked_mul(size_of::<ExtrinsicReport<H256>>())
.ok_or(sgx_status_t::SGX_ERROR_UNEXPECTED)?,
None => size_of::<Vec<u8>>(),
};
let mut response: Vec<u8> = vec![0; response_size];

let res = unsafe {
ffi::ocall_send_to_parentchain(
Expand All @@ -47,14 +59,23 @@ impl EnclaveOnChainOCallApi for OcallApi {
extrinsics_encoded.len() as u32,
parentchain_id_encoded.as_ptr(),
parentchain_id_encoded.len() as u32,
await_each_inclusion.into(),
watch_until_encoded.as_ptr(),
watch_until_encoded.len() as u32,
response.as_mut_ptr(),
response_size as u32,
)
};

ensure!(rt == sgx_status_t::SGX_SUCCESS, rt);
ensure!(res == sgx_status_t::SGX_SUCCESS, res);

Ok(())
let decoded_response: Vec<ExtrinsicReport<H256>> = Decode::decode(&mut response.as_slice())
.map_err(|e| {
error!("Failed to decode ExtrinsicReport: {}", e);
sgx_status_t::SGX_ERROR_UNEXPECTED
})?;

Ok(decoded_response)
}

fn worker_request<V: Encode + Decode>(
Expand Down Expand Up @@ -172,10 +193,10 @@ impl EnclaveOnChainOCallApi for OcallApi {
Ok(first_response.clone())
}

fn get_header<H: Header<Hash = H256>>(&self, parentchain_id: &ParentchainId) -> Result<H> {
fn get_header<H: Header<Hash = H256>>(&self) -> Result<H> {
let request = vec![WorkerRequest::ChainHeader(None)];
let responses: Vec<H> = self
.worker_request::<Vec<u8>>(request, parentchain_id)?
.worker_request::<Vec<u8>>(request, &ParentchainId::Litentry)?
.iter()
.filter_map(|r| match r {
WorkerResponse::ChainHeader(Some(h)) =>
Expand All @@ -186,4 +207,18 @@ impl EnclaveOnChainOCallApi for OcallApi {

responses.first().cloned().ok_or(Error::ChainCallFailed)
}

fn get_account_nonce(&self, account_id: AccountId) -> Result<ParentchainIndex> {
let request = vec![WorkerRequest::ChainAccountNonce(account_id.encode())];
let responses: Vec<ParentchainIndex> = self
.worker_request::<Vec<ParentchainIndex>>(request, &ParentchainId::Litentry)?
.iter()
.filter_map(|r| match r {
WorkerResponse::ChainAccountNonce(Some(index)) => Some(*index),
_ => None,
})
.collect();

responses.first().cloned().ok_or(Error::ChainCallFailed)
}
}
4 changes: 2 additions & 2 deletions tee-worker/bitacross/service/src/ocall_bridge/bridge_api.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -202,8 +202,8 @@ pub trait WorkerOnChainBridge {
&self,
extrinsics_encoded: Vec<u8>,
parentchain_id: Vec<u8>,
await_each_inclusion: bool,
) -> OCallBridgeResult<()>;
watch_until: Vec<u8>,
) -> OCallBridgeResult<Vec<u8>>;
}

/// Trait for updating metrics from inside the enclave.
Expand Down
31 changes: 25 additions & 6 deletions tee-worker/bitacross/service/src/ocall_bridge/ffi/send_to_parentchain.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
*/

use crate::ocall_bridge::bridge_api::{Bridge, WorkerOnChainBridge};
use itp_utils::write_slice_and_whitespace_pad;
use log::*;
use sgx_types::{c_int, sgx_status_t};
use std::{slice, sync::Arc, vec::Vec};
Expand All @@ -30,35 +31,53 @@ pub unsafe extern "C" fn ocall_send_to_parentchain(
extrinsics_encoded_size: u32,
parentchain_id: *const u8,
parentchain_id_size: u32,
await_each_inclusion: c_int,
watch_until: *const u8,
watch_until_size: u32,
response: *mut u8,
resp_size: u32,
) -> sgx_status_t {
send_to_parentchain(
extrinsics_encoded,
extrinsics_encoded_size,
parentchain_id,
parentchain_id_size,
await_each_inclusion == 1,
watch_until,
watch_until_size,
response,
resp_size,
Bridge::get_oc_api(),
)
}

#[allow(clippy::too_many_arguments)]
fn send_to_parentchain(
extrinsics_encoded: *const u8,
extrinsics_encoded_size: u32,
parentchain_id: *const u8,
parentchain_id_size: u32,
await_each_inclusion: bool,
watch_until: *const u8,
watch_until_size: u32,
response: *mut u8,
resp_size: u32,
oc_api: Arc<dyn WorkerOnChainBridge>,
) -> sgx_status_t {
let extrinsics_encoded_vec: Vec<u8> = unsafe {
Vec::from(slice::from_raw_parts(extrinsics_encoded, extrinsics_encoded_size as usize))
};

let parentchain_id: Vec<u8> =
unsafe { Vec::from(slice::from_raw_parts(parentchain_id, parentchain_id_size as usize)) };
let watch_until: Vec<u8> =
unsafe { Vec::from(slice::from_raw_parts(watch_until, watch_until_size as usize)) };

match oc_api.send_to_parentchain(extrinsics_encoded_vec, parentchain_id, await_each_inclusion) {
Ok(_) => sgx_status_t::SGX_SUCCESS,
match oc_api.send_to_parentchain(extrinsics_encoded_vec, parentchain_id, watch_until) {
Ok(r) => {
let resp_slice = unsafe { slice::from_raw_parts_mut(response, resp_size as usize) };
if let Err(e) = write_slice_and_whitespace_pad(resp_slice, r) {
error!("Failed to transfer send_to_parentchain response to o-call buffer: {:?}", e);
return sgx_status_t::SGX_ERROR_UNEXPECTED
}
sgx_status_t::SGX_SUCCESS
},
Err(e) => {
error!("send extrinsics_encoded failed: {:?}", e);
sgx_status_t::SGX_ERROR_UNEXPECTED
Expand Down
Loading
Loading