How to interact with enclave from a node within enclave?

[OlegJakushkin]

Background & motivation

So what I want is simple - if a service detects some condition it needs to post a message to stop current enclave. How can such thing be achieved from a service running inside enclave?

Desired behaviour

API to call from withing an enclave (REST endpoint or something like that) that could stop enclave on request.

How important is this to you?

Painful; the lack of this feature makes using Kurtosis frictionful.

[OlegJakushkin]

(API like API Ctlr) from the docs image

So I see that it shall be always in enclave, yet wonder where one can see examples of using it.

[h4ck3rk3y]

hey! The Starlark APIs are purely to manipulate inside of an enclave, they can't do meta things like create/shut-down same enclave / more enclaves

I remember from my chat with Piotr/Kamil the other day that your team wants to shut down enclave after X epochs or something.

There are a few paths here that we can take depending on what you care about -

Keep using Stalark

Starlark has a few things that you can use to achieve what you are doing - you can use plan.wait in combination with plan.stop_service; where wait would wait for a specific condition to occur. Here's an example where we wait for a certain epoch before spinning up MEV components.

So your workflow could be like

$ kurtosis run github.com/kurtosis-tech/etheruem-package --args-file args.json --enclave my-named-enclave
$ kurtosis run my-stop-script.star --enclave my-named-enclave

Pseudo code for my-stops-script.star

def run(plan, args): 
     plan.wait(...)
     plan.stop_service(SERVICE_A)
     plan.stop_service(SERVICE_B)
     plan.stop_service(SERVICE_C)

Note this will stop the service but the enclave will still exist

Use the Kurtosis SDK - the recommended way!

The CLI is essentially using the Kurtosis SDK to create, stop, delete enclaves. The code for this is available

We have SDKs in Go, TS & Rust - https://github.com/kurtosis-tech/kurtosis/tree/main/api

Here's an example in Golang - https://github.com/kurtosis-tech/protocolberg

I am updating the package to work with the latest SDK - kurtosis-tech/protocolberg#14

In this example, we spin up an etheruem package; wait for certain epochs/ finalizations to happen & then check if MEV reached desired state

[OlegJakushkin]

That would work! Thank you!
@h4ck3rk3y: At the mean time can one calling from inside enclave node call ExecCommand with some Kurtosis command like enclave rm -f explorer achieve the same results?

[h4ck3rk3y]

adding to my comment - this block https://github.com/kurtosis-tech/protocolberg/blob/main/finalization_test.go#L92-L98

Destroys the enclave if the test ends succesfully!

@OlegJakushkin That wouldn't work! Inside the container you can't call kurtosis enclave rm as kurtosis isn't available inside the enclave. You can surely delete services!

[OlegJakushkin]

Ok, thank you for help.