import sidechain block through trusted rpc (#2913)

* import sidechain block through trusted rpc

* use DirectClient

* upstream fixes

---------

Co-authored-by: Kai <7630809+Kailai-Wang@users.noreply.github.com>

tee-worker/core-primitives/enclave-api/ffi/src/lib.rs

@@ -208,15 +208,6 @@ extern "C" {
 
 	pub fn test_main_entrance(eid: sgx_enclave_id_t, retval: *mut sgx_status_t) -> sgx_status_t;
 
-	pub fn call_rpc_methods(
-		eid: sgx_enclave_id_t,
-		retval: *mut sgx_status_t,
-		request: *const u8,
-		request_len: u32,
-		response: *mut u8,
-		response_len: u32,
-	) -> sgx_status_t;
-
 	pub fn run_state_provisioning_server(
 		eid: sgx_enclave_id_t,
 		retval: *mut sgx_status_t,

tee-worker/core-primitives/enclave-api/src/lib.rs

@@ -13,7 +13,6 @@
 
 use crate::error::Error;
 
-pub mod direct_request;
 pub mod enclave_base;
 pub mod enclave_test;
 pub mod error;

tee-worker/core/rpc-client/src/direct_client.rs

@@ -56,6 +56,8 @@ pub trait DirectApi {
 	fn get_untrusted_worker_url(&self) -> Result<String>;
 	fn get_state_metadata(&self) -> Result<Metadata>;
 	fn send(&self, request: &str) -> Result<()>;
+	fn import_sidechain_blocks(&self, blocks_encoded: String) -> Result<()>;
+
 	/// Close any open websocket connection.
 	fn close(&self) -> Result<()>;
 
@@ -221,6 +223,16 @@ impl DirectApi for DirectClient {
 		self.web_socket_control.send(request)
 	}
 
+	fn import_sidechain_blocks(&self, blocks_encoded: String) -> Result<()> {
+		let jsonrpc_call: String = RpcRequest::compose_jsonrpc_call(
+			Id::Text("1".to_string()),
+			"sidechain_importBlock".to_owned(),
+			vec![blocks_encoded],
+		)?;
+		self.get(&jsonrpc_call)?;
+		Ok(())
+	}
+
 	fn close(&self) -> Result<()> {
 		self.web_socket_control.close_connection()
 	}

tee-worker/core/rpc-client/src/mock.rs

@@ -103,6 +103,10 @@ impl DirectApi for DirectClientMock {
 		unimplemented!()
 	}
 
+	fn import_sidechain_blocks(&self, _blocks_encoded: String) -> Result<()> {
+		Ok(())
+	}
+
 	fn close(&self) -> Result<()> {
 		unimplemented!()
 	}

tee-worker/core/rpc-server/src/lib.rs

@@ -15,58 +15,21 @@
 
 */
 
-use itp_enclave_api::direct_request::DirectRequest;
-use itp_rpc::{Id, RpcRequest};
-use itp_utils::ToHexPrefixed;
 use its_peer_fetch::block_fetch_server::BlockFetchServerModuleBuilder;
 use its_primitives::types::block::SignedBlock;
-use its_rpc_handler::constants::RPC_METHOD_NAME_IMPORT_BLOCKS;
 use its_storage::interface::FetchBlocks;
-use jsonrpsee::{
-	types::error::CallError,
-	ws_server::{RpcModule, WsServerBuilder},
-};
-use log::debug;
+use jsonrpsee::{types::error::CallError, ws_server::WsServerBuilder};
 use std::{net::SocketAddr, sync::Arc};
 use tokio::net::ToSocketAddrs;
 
-#[cfg(test)]
-mod mock;
-#[cfg(test)]
-mod tests;
-
-pub async fn run_server<Enclave, FetchSidechainBlocks>(
+pub async fn run_server<FetchSidechainBlocks>(
 	addr: impl ToSocketAddrs,
-	enclave: Arc<Enclave>,
 	sidechain_block_fetcher: Arc<FetchSidechainBlocks>,
 ) -> anyhow::Result<SocketAddr>
 where
-	Enclave: DirectRequest,
 	FetchSidechainBlocks: FetchBlocks<SignedBlock> + Send + Sync + 'static,
 {
 	let mut server = WsServerBuilder::default().build(addr).await?;
-
-	// FIXME: import block should be moved to trusted side.
-	let mut import_sidechain_block_module = RpcModule::new(enclave);
-	import_sidechain_block_module.register_method(
-		RPC_METHOD_NAME_IMPORT_BLOCKS,
-		|params, enclave| {
-			debug!("{} params: {:?}", RPC_METHOD_NAME_IMPORT_BLOCKS, params);
-
-			let enclave_req = RpcRequest::compose_jsonrpc_call(
-				Id::Text("1".to_string()),
-				RPC_METHOD_NAME_IMPORT_BLOCKS.into(),
-				vec![params.one::<Vec<SignedBlock>>()?.to_hex()],
-			)
-			.unwrap();
-
-			enclave
-				.rpc(enclave_req.as_bytes().to_vec())
-				.map_err(|e| CallError::Failed(e.into()))
-		},
-	)?;
-	server.register_module(import_sidechain_block_module).unwrap();
-
 	let fetch_sidechain_blocks_module = BlockFetchServerModuleBuilder::new(sidechain_block_fetcher)
 		.build()
 		.map_err(|e| CallError::Failed(e.to_string().into()))?; // `to_string` necessary due to no all errors implementing Send + Sync.

tee-worker/enclave-runtime/Cargo.toml

@@ -138,8 +138,10 @@ itp-top-pool = { path = "../core-primitives/top-pool", default-features = false,
 itp-top-pool-author = { path = "../core-primitives/top-pool-author", default-features = false, features = ["sgx"] }
 itp-types = { path = "../core-primitives/types", default-features = false }
 itp-utils = { path = "../core-primitives/utils", default-features = false }
+
 its-block-verification = { path = "../sidechain/block-verification", default-features = false }
 its-primitives = { path = "../sidechain/primitives", default-features = false }
+its-rpc-handler = { path = "../sidechain/rpc-handler", default-features = false, features = ["sgx"] }
 its-sidechain = { path = "../sidechain/sidechain-crate", default-features = false, features = ["sgx"] }
 
 # litentry

tee-worker/enclave-runtime/Enclave.edl

@@ -163,11 +163,6 @@ enclave {
 			int skip_ra
 		);
 
-		public sgx_status_t call_rpc_methods(
-			[in, size=request_len] uint8_t* request, uint32_t request_len,
-			[out, size=response_len] uint8_t* response, uint32_t response_len
-		);
-
 		public size_t test_main_entrance();
 
 		public sgx_status_t migrate_shard(