From 5d3ab4458883d6e1f11e4730b132cfa5137866fc Mon Sep 17 00:00:00 2001 From: "will.li" <120463031+higherordertech@users.noreply.github.com> Date: Wed, 2 Oct 2024 16:43:50 +1000 Subject: [PATCH 01/17] fix: set a default name for job identity-multi-worker-test while it is skipped (#3112) Co-authored-by: higherordertech --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index cb4a49f926..a73f021d29 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -791,7 +791,7 @@ jobs: - test_name: lit-di-substrate-identity-multiworker-test - test_name: lit-dr-vc-multiworker-test - test_name: lit-resume-worker - name: ${{ matrix.test_name }} + name: ${{ matrix.test_name || 'identity-multi-worker-test' }} steps: - uses: actions/checkout@v4 From f1f3f62db3df8cd6a50f868aed5db2c15603c2c2 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 4 Oct 2024 09:25:51 +0200 Subject: [PATCH 02/17] Adding omni-account pallet (#3098) --- common/primitives/core/src/identity.rs | 35 +- parachain/Cargo.lock | 24 + parachain/Cargo.toml | 2 + parachain/pallets/omni-account/Cargo.toml | 52 ++ parachain/pallets/omni-account/src/lib.rs | 279 ++++++++++ parachain/pallets/omni-account/src/mock.rs | 195 +++++++ parachain/pallets/omni-account/src/tests.rs | 538 ++++++++++++++++++++ parachain/runtime/litentry/Cargo.toml | 1 + parachain/runtime/litentry/src/lib.rs | 22 +- parachain/runtime/paseo/Cargo.toml | 1 + parachain/runtime/paseo/src/lib.rs | 21 +- parachain/runtime/rococo/Cargo.toml | 1 + parachain/runtime/rococo/src/lib.rs | 21 +- 13 files changed, 1183 insertions(+), 9 deletions(-) create mode 100644 parachain/pallets/omni-account/Cargo.toml create mode 100644 parachain/pallets/omni-account/src/lib.rs create mode 100644 parachain/pallets/omni-account/src/mock.rs create mode 100644 parachain/pallets/omni-account/src/tests.rs diff --git a/common/primitives/core/src/identity.rs b/common/primitives/core/src/identity.rs index a2b3090ab4..3e5980a826 100644 --- a/common/primitives/core/src/identity.rs +++ b/common/primitives/core/src/identity.rs @@ -30,12 +30,12 @@ use parity_scale_codec::{Decode, Encode, Error, Input, MaxEncodedLen}; use scale_info::{meta_type, Type, TypeDefSequence, TypeInfo}; use sp_core::{ crypto::{AccountId32, ByteArray}, - ecdsa, ed25519, sr25519, H160, + ecdsa, ed25519, sr25519, H160, H256, }; use sp_io::hashing::blake2_256; use sp_runtime::{ traits::{BlakeTwo256, ConstU32}, - BoundedVec, + BoundedVec, RuntimeDebug, }; use strum_macros::EnumIter; @@ -468,6 +468,11 @@ impl Identity { } )) } + + pub fn hash(&self) -> Result { + let did = self.to_did()?; + Ok(H256::from(blake2_256(&did.encode()))) + } } impl From for Identity { @@ -524,6 +529,24 @@ impl From<[u8; 33]> for Identity { } } +#[derive(Encode, Decode, TypeInfo, Clone, PartialEq, Eq, RuntimeDebug)] +pub enum MemberIdentity { + Public(Identity), + Private(Vec), +} + +impl MemberIdentity { + pub fn is_public(&self) -> bool { + matches!(self, Self::Public(..)) + } +} + +impl From for MemberIdentity { + fn from(identity: Identity) -> Self { + Self::Public(identity) + } +} + #[cfg(test)] mod tests { use super::*; @@ -773,4 +796,12 @@ mod tests { assert_eq!(identity.to_did().unwrap(), did.as_str()); assert_eq!(Identity::from_did(did.as_str()).unwrap(), identity); } + + #[test] + fn test_identity_hash() { + let identity = Identity::Substrate([0; 32].into()); + let did_str = "did:litentry:substrate:0x0000000000000000000000000000000000000000000000000000000000000000"; + let hash = identity.hash().unwrap(); + assert_eq!(hash, H256::from(blake2_256(&did_str.encode()))); + } } diff --git a/parachain/Cargo.lock b/parachain/Cargo.lock index 4b7e019a05..76618ffb6a 100644 --- a/parachain/Cargo.lock +++ b/parachain/Cargo.lock @@ -5661,6 +5661,7 @@ dependencies = [ "pallet-membership", "pallet-message-queue", "pallet-multisig", + "pallet-omni-account", "pallet-parachain-staking", "pallet-preimage", "pallet-proxy", @@ -7805,6 +7806,27 @@ dependencies = [ "sp-std", ] +[[package]] +name = "pallet-omni-account" +version = "0.1.0" +dependencies = [ + "core-primitives", + "frame-support", + "frame-system", + "pallet-balances", + "pallet-teebag", + "pallet-timestamp", + "pallet-utility", + "parity-scale-codec", + "scale-info", + "sp-core", + "sp-core-hashing", + "sp-io", + "sp-keyring", + "sp-runtime", + "sp-std", +] + [[package]] name = "pallet-parachain-staking" version = "0.1.0" @@ -8531,6 +8553,7 @@ dependencies = [ "pallet-membership", "pallet-message-queue", "pallet-multisig", + "pallet-omni-account", "pallet-parachain-staking", "pallet-preimage", "pallet-proxy", @@ -10830,6 +10853,7 @@ dependencies = [ "pallet-membership", "pallet-message-queue", "pallet-multisig", + "pallet-omni-account", "pallet-parachain-staking", "pallet-preimage", "pallet-proxy", diff --git a/parachain/Cargo.toml b/parachain/Cargo.toml index d229cfd2eb..d5bf8816b5 100644 --- a/parachain/Cargo.toml +++ b/parachain/Cargo.toml @@ -18,6 +18,7 @@ members = [ 'pallets/teebag', 'pallets/vc-management', 'pallets/xcm-asset-manager', + 'pallets/omni-account', 'precompiles/*', 'runtime/litentry', 'runtime/rococo', @@ -257,6 +258,7 @@ pallet-bridge-transfer = { path = "pallets/bridge/bridge-transfer", default-feat pallet-extrinsic-filter = { path = "pallets/extrinsic-filter", default-features = false } pallet-group = { path = "pallets/group", default-features = false } pallet-identity-management = { path = "pallets/identity-management", default-features = false } +pallet-omni-account = { path = "pallets/omni-account", default-features = false } pallet-parachain-staking = { path = "pallets/parachain-staking", default-features = false } pallet-score-staking = { path = "pallets/score-staking", default-features = false } pallet-teebag = { path = "pallets/teebag", default-features = false } diff --git a/parachain/pallets/omni-account/Cargo.toml b/parachain/pallets/omni-account/Cargo.toml new file mode 100644 index 0000000000..451bb0ee7e --- /dev/null +++ b/parachain/pallets/omni-account/Cargo.toml @@ -0,0 +1,52 @@ +[package] +authors = ['Trust Computing GmbH '] +version = "0.1.0" +edition = "2021" +homepage = 'https://litentry.com' +name = 'pallet-omni-account' +repository = 'https://github.com/litentry/litentry-parachain' + +[dependencies] +parity-scale-codec = { workspace = true } +scale-info = { workspace = true } + +frame-support = { workspace = true } +frame-system = { workspace = true } +sp-core = { workspace = true } +sp-core-hashing = { workspace = true } +sp-io = { workspace = true } +sp-runtime = { workspace = true } +sp-std = { workspace = true } + +core-primitives = { workspace = true } + +[dev-dependencies] +pallet-balances = { workspace = true, default-features = true } +pallet-timestamp = { workspace = true, features = ["std"] } +pallet-teebag = { workspace = true, features = ["std", "test-util"] } +pallet-utility = { workspace = true, features = ["std"] } +sp-keyring = { workspace = true } + +[features] +default = ["std"] +runtime-benchmarks = [ + "frame-support/runtime-benchmarks", + "frame-system/runtime-benchmarks", + "pallet-timestamp/runtime-benchmarks", + "pallet-teebag/runtime-benchmarks", +] +std = [ + "parity-scale-codec/std", + "scale-info/std", + "sp-std/std", + "sp-io/std", + "sp-core/std", + "sp-runtime/std", + "sp-core/std", + "sp-io/std", + "frame-support/std", + "frame-system/std", + "pallet-teebag/std", + "core-primitives/std", +] +try-runtime = ["frame-support/try-runtime"] diff --git a/parachain/pallets/omni-account/src/lib.rs b/parachain/pallets/omni-account/src/lib.rs new file mode 100644 index 0000000000..228a5a1d53 --- /dev/null +++ b/parachain/pallets/omni-account/src/lib.rs @@ -0,0 +1,279 @@ +#![cfg_attr(not(feature = "std"), no_std)] + +#[cfg(test)] +mod mock; +#[cfg(test)] +mod tests; + +pub use core_primitives::{Identity, MemberIdentity}; +pub use frame_system::pallet_prelude::BlockNumberFor; +pub use pallet::*; + +use frame_support::pallet_prelude::*; +use frame_system::pallet_prelude::*; +use sp_core::H256; +use sp_core_hashing::blake2_256; +use sp_std::vec::Vec; + +#[derive(Encode, Decode, TypeInfo, Clone, PartialEq, Eq, RuntimeDebug)] +pub struct IDGraphMember { + pub id: MemberIdentity, + pub hash: H256, +} + +pub trait AccountIdConverter { + fn convert(identity: &Identity) -> Option; +} + +pub trait IDGraphHash { + fn graph_hash(&self) -> H256; +} + +impl IDGraphHash for BoundedVec { + fn graph_hash(&self) -> H256 { + let id_graph_members_hashes: Vec = self.iter().map(|member| member.hash).collect(); + H256::from(blake2_256(&id_graph_members_hashes.encode())) + } +} + +#[frame_support::pallet] +pub mod pallet { + use super::*; + + /// The current storage version. + const STORAGE_VERSION: StorageVersion = StorageVersion::new(0); + + #[pallet::pallet] + #[pallet::storage_version(STORAGE_VERSION)] + #[pallet::without_storage_info] + pub struct Pallet(_); + + #[pallet::config] + pub trait Config: frame_system::Config { + /// The event type of this pallet. + type RuntimeEvent: From> + IsType<::RuntimeEvent>; + /// The origin which can manage the pallet. + type TEECallOrigin: EnsureOrigin; + /// The maximum number of identities an id graph can have. + #[pallet::constant] + type MaxIDGraphLength: Get; + /// AccountId converter + type AccountIdConverter: AccountIdConverter; + } + pub type IDGraph = BoundedVec::MaxIDGraphLength>; + + #[pallet::storage] + pub type LinkedIdentityHashes = + StorageMap; + + #[pallet::storage] + #[pallet::getter(fn id_graphs)] + pub type IDGraphs = + StorageMap>; + + #[pallet::storage] + #[pallet::getter(fn id_graph_hashes)] + pub type IDGraphHashes = + StorageMap; + + #[pallet::event] + #[pallet::generate_deposit(pub(super) fn deposit_event)] + pub enum Event { + /// Identity linked + IdentityLinked { who: T::AccountId, identity: H256 }, + /// Identity remove + IdentityRemoved { who: T::AccountId, identity_hashes: Vec }, + /// Identity made public + IdentityMadePublic { who: T::AccountId, identity_hash: H256 }, + } + + #[pallet::error] + pub enum Error { + /// Identity is already linked + IdentityAlreadyLinked, + /// IDGraph len limit reached + IDGraphLenLimitReached, + /// Identity not found + IdentityNotFound, + /// Invalid identity + InvalidIdentity, + /// IDGraph not found + UnknownIDGraph, + /// Identity is private + IdentityIsPrivate, + /// Identities empty + IdentitiesEmpty, + /// IDGraph hash does not match + IDGraphHashMismatch, + /// Missing IDGraph hash + IDGraphHashMissing, + } + + #[pallet::call] + impl Pallet { + #[pallet::call_index(0)] + #[pallet::weight((195_000_000, DispatchClass::Normal))] + pub fn link_identity( + origin: OriginFor, + who: Identity, + member_account: IDGraphMember, + maybe_id_graph_hash: Option, + ) -> DispatchResult { + let _ = T::TEECallOrigin::ensure_origin(origin)?; + ensure!( + !LinkedIdentityHashes::::contains_key(member_account.hash), + Error::::IdentityAlreadyLinked + ); + let who_account_id = match T::AccountIdConverter::convert(&who) { + Some(account_id) => account_id, + None => return Err(Error::::InvalidIdentity.into()), + }; + let identity_hash = member_account.hash; + let mut id_graph = Self::get_or_create_id_graph( + who.clone(), + who_account_id.clone(), + maybe_id_graph_hash, + )?; + id_graph + .try_push(member_account) + .map_err(|_| Error::::IDGraphLenLimitReached)?; + + LinkedIdentityHashes::::insert(identity_hash, ()); + IDGraphHashes::::insert(who_account_id.clone(), id_graph.graph_hash()); + IDGraphs::::insert(who_account_id.clone(), id_graph); + + Self::deposit_event(Event::IdentityLinked { + who: who_account_id, + identity: identity_hash, + }); + + Ok(()) + } + + #[pallet::call_index(4)] + #[pallet::weight((195_000_000, DispatchClass::Normal))] + pub fn remove_identities( + origin: OriginFor, + who: Identity, + identity_hashes: Vec, + ) -> DispatchResult { + let _ = T::TEECallOrigin::ensure_origin(origin)?; + ensure!(!identity_hashes.is_empty(), Error::::IdentitiesEmpty); + + let who_account_id = match T::AccountIdConverter::convert(&who) { + Some(account_id) => account_id, + None => return Err(Error::::InvalidIdentity.into()), + }; + + let mut id_graph_members = + IDGraphs::::get(&who_account_id).ok_or(Error::::UnknownIDGraph)?; + + id_graph_members.retain(|member| { + if identity_hashes.contains(&member.hash) { + LinkedIdentityHashes::::remove(member.hash); + false + } else { + true + } + }); + + if id_graph_members.is_empty() { + IDGraphs::::remove(&who_account_id); + } else { + IDGraphs::::insert(who_account_id.clone(), id_graph_members); + } + + Self::deposit_event(Event::IdentityRemoved { who: who_account_id, identity_hashes }); + + Ok(()) + } + + #[pallet::call_index(5)] + #[pallet::weight((195_000_000, DispatchClass::Normal))] + pub fn make_identity_public( + origin: OriginFor, + who: Identity, + identity_hash: H256, + public_identity: MemberIdentity, + ) -> DispatchResult { + let _ = T::TEECallOrigin::ensure_origin(origin)?; + ensure!(public_identity.is_public(), Error::::IdentityIsPrivate); + + let who_account_id = match T::AccountIdConverter::convert(&who) { + Some(account_id) => account_id, + None => return Err(Error::::InvalidIdentity.into()), + }; + + let mut id_graph_members = + IDGraphs::::get(&who_account_id).ok_or(Error::::UnknownIDGraph)?; + let id_graph_link = id_graph_members + .iter_mut() + .find(|member| member.hash == identity_hash) + .ok_or(Error::::IdentityNotFound)?; + id_graph_link.id = public_identity; + + IDGraphs::::insert(who_account_id.clone(), id_graph_members); + + Self::deposit_event(Event::IdentityMadePublic { who: who_account_id, identity_hash }); + + Ok(()) + } + } + + impl Pallet { + pub fn get_or_create_id_graph( + who: Identity, + who_account_id: T::AccountId, + maybe_id_graph_hash: Option, + ) -> Result, Error> { + match IDGraphs::::get(&who_account_id) { + Some(id_graph_members) => { + Self::verify_id_graph_hash(&who_account_id, maybe_id_graph_hash)?; + Ok(id_graph_members) + }, + None => Self::create_id_graph(who, who_account_id), + } + } + + fn verify_id_graph_hash( + who: &T::AccountId, + maybe_id_graph_hash: Option, + ) -> Result<(), Error> { + let current_id_graph_hash = + IDGraphHashes::::get(who).ok_or(Error::::IDGraphHashMissing)?; + match maybe_id_graph_hash { + Some(id_graph_hash) => { + ensure!( + current_id_graph_hash == id_graph_hash, + Error::::IDGraphHashMismatch + ); + }, + None => return Err(Error::::IDGraphHashMissing), + } + + Ok(()) + } + + fn create_id_graph( + owner_identity: Identity, + owner_account_id: T::AccountId, + ) -> Result, Error> { + let owner_identity_hash = + owner_identity.hash().map_err(|_| Error::::InvalidIdentity)?; + if LinkedIdentityHashes::::contains_key(owner_identity_hash) { + return Err(Error::::IdentityAlreadyLinked); + } + let mut id_graph_members: IDGraph = BoundedVec::new(); + id_graph_members + .try_push(IDGraphMember { + id: MemberIdentity::from(owner_identity.clone()), + hash: owner_identity_hash, + }) + .map_err(|_| Error::::IDGraphLenLimitReached)?; + LinkedIdentityHashes::::insert(owner_identity_hash, ()); + IDGraphs::::insert(owner_account_id.clone(), id_graph_members.clone()); + + Ok(id_graph_members) + } + } +} diff --git a/parachain/pallets/omni-account/src/mock.rs b/parachain/pallets/omni-account/src/mock.rs new file mode 100644 index 0000000000..fd2cdabf32 --- /dev/null +++ b/parachain/pallets/omni-account/src/mock.rs @@ -0,0 +1,195 @@ +use crate::{self as pallet_omni_account}; +use core_primitives::Identity; +use frame_support::{ + assert_ok, + pallet_prelude::EnsureOrigin, + traits::{ConstU16, ConstU32, ConstU64, Everything}, +}; +use frame_system::EnsureRoot; +pub use pallet_teebag::test_util::get_signer; +use pallet_teebag::test_util::{TEST8_CERT, TEST8_SIGNER_PUB, TEST8_TIMESTAMP, URL}; +use sp_core::H256; +use sp_keyring::AccountKeyring; +use sp_runtime::{ + traits::{BlakeTwo256, IdentifyAccount, IdentityLookup, Verify}, + BuildStorage, +}; +use sp_std::marker::PhantomData; + +pub type Signature = sp_runtime::MultiSignature; +pub type AccountId = <::Signer as IdentifyAccount>::AccountId; +pub type Balance = u64; +pub type SystemAccountId = ::AccountId; + +pub struct EnsureEnclaveSigner(PhantomData); +impl EnsureOrigin for EnsureEnclaveSigner +where + T: frame_system::Config + pallet_teebag::Config + pallet_timestamp::Config, + ::AccountId: From<[u8; 32]>, + ::Hash: From<[u8; 32]>, +{ + type Success = T::AccountId; + fn try_origin(o: T::RuntimeOrigin) -> Result { + o.into().and_then(|o| match o { + frame_system::RawOrigin::Signed(who) + if pallet_teebag::EnclaveRegistry::::contains_key(&who) => + { + Ok(who) + }, + r => Err(T::RuntimeOrigin::from(r)), + }) + } + + #[cfg(feature = "runtime-benchmarks")] + fn try_successful_origin() -> Result { + use pallet_teebag::test_util::{get_signer, TEST8_MRENCLAVE, TEST8_SIGNER_PUB}; + let signer: ::AccountId = get_signer(TEST8_SIGNER_PUB); + if !pallet_teebag::EnclaveRegistry::::contains_key(signer.clone()) { + assert_ok!(pallet_teebag::Pallet::::add_enclave( + &signer, + &pallet_teebag::Enclave::default().with_mrenclave(TEST8_MRENCLAVE), + )); + } + Ok(frame_system::RawOrigin::Signed(signer).into()) + } +} + +pub fn alice() -> AccountId { + AccountKeyring::Alice.to_account_id() +} + +pub fn bob() -> AccountId { + AccountKeyring::Bob.to_account_id() +} + +pub fn charlie() -> AccountId { + AccountKeyring::Charlie.to_account_id() +} + +frame_support::construct_runtime!( + pub enum TestRuntime + { + System: frame_system, + Balances: pallet_balances, + Teebag: pallet_teebag, + Timestamp: pallet_timestamp, + Utility: pallet_utility, + OmniAccount: pallet_omni_account, + } +); + +impl frame_system::Config for TestRuntime { + type BaseCallFilter = Everything; + type BlockWeights = (); + type BlockLength = (); + type Block = frame_system::mocking::MockBlock; + type DbWeight = (); + type RuntimeOrigin = RuntimeOrigin; + type RuntimeCall = RuntimeCall; + type Nonce = u64; + type Hash = H256; + type Hashing = BlakeTwo256; + type AccountId = AccountId; + type Lookup = IdentityLookup; + type RuntimeEvent = RuntimeEvent; + type BlockHashCount = ConstU64<250>; + type Version = (); + type PalletInfo = PalletInfo; + type AccountData = pallet_balances::AccountData; + type OnNewAccount = (); + type OnKilledAccount = (); + type SystemWeightInfo = (); + type SS58Prefix = ConstU16<31>; + type OnSetCode = (); + type MaxConsumers = frame_support::traits::ConstU32<16>; +} + +impl pallet_balances::Config for TestRuntime { + type MaxLocks = ConstU32<50>; + type MaxReserves = (); + type ReserveIdentifier = [u8; 8]; + type Balance = Balance; + type RuntimeEvent = RuntimeEvent; + type DustRemoval = (); + type ExistentialDeposit = ConstU64<1>; + type AccountStore = System; + type WeightInfo = (); + type FreezeIdentifier = (); + type MaxHolds = (); + type MaxFreezes = (); + type RuntimeHoldReason = (); +} + +impl pallet_timestamp::Config for TestRuntime { + type Moment = u64; + type OnTimestampSet = (); + type MinimumPeriod = ConstU64<10000>; + type WeightInfo = (); +} + +impl pallet_utility::Config for TestRuntime { + type RuntimeEvent = RuntimeEvent; + type RuntimeCall = RuntimeCall; + type PalletsOrigin = OriginCaller; + type WeightInfo = (); +} + +impl pallet_teebag::Config for TestRuntime { + type RuntimeEvent = RuntimeEvent; + type MomentsPerDay = ConstU64<86_400_000>; // [ms/d] + type SetAdminOrigin = EnsureRoot; + type MaxEnclaveIdentifier = ConstU32<3>; + type MaxAuthorizedEnclave = ConstU32<3>; + type WeightInfo = (); +} + +pub struct IdentityToAccountIdConverter; + +impl pallet_omni_account::AccountIdConverter for IdentityToAccountIdConverter { + fn convert(identity: &Identity) -> Option { + identity.to_account_id() + } +} + +impl pallet_omni_account::Config for TestRuntime { + type RuntimeEvent = RuntimeEvent; + type TEECallOrigin = EnsureEnclaveSigner; + type MaxIDGraphLength = ConstU32<3>; + type AccountIdConverter = IdentityToAccountIdConverter; +} + +pub fn get_tee_signer() -> SystemAccountId { + get_signer(TEST8_SIGNER_PUB) +} + +pub fn new_test_ext() -> sp_io::TestExternalities { + let system = frame_system::GenesisConfig::::default(); + let mut ext: sp_io::TestExternalities = RuntimeGenesisConfig { system, ..Default::default() } + .build_storage() + .unwrap() + .into(); + ext.execute_with(|| { + System::set_block_number(1); + let signer = get_tee_signer(); + assert_ok!(Teebag::set_admin(RuntimeOrigin::root(), signer.clone())); + assert_ok!(Teebag::set_mode( + RuntimeOrigin::signed(signer.clone()), + pallet_teebag::OperationalMode::Development + )); + + Timestamp::set_timestamp(TEST8_TIMESTAMP); + if !pallet_teebag::EnclaveRegistry::::contains_key(signer.clone()) { + assert_ok!(Teebag::register_enclave( + RuntimeOrigin::signed(signer), + pallet_teebag::WorkerType::Identity, + pallet_teebag::WorkerMode::Sidechain, + TEST8_CERT.to_vec(), + URL.to_vec(), + None, + None, + pallet_teebag::AttestationType::Ias, + )); + } + }); + ext +} diff --git a/parachain/pallets/omni-account/src/tests.rs b/parachain/pallets/omni-account/src/tests.rs new file mode 100644 index 0000000000..4b8b0c795e --- /dev/null +++ b/parachain/pallets/omni-account/src/tests.rs @@ -0,0 +1,538 @@ +use crate::{mock::*, IDGraphs, LinkedIdentityHashes, *}; +use core_primitives::Identity; +use frame_support::{assert_noop, assert_ok}; +use sp_runtime::traits::BadOrigin; +use sp_std::vec; + +#[test] +fn link_identity_works() { + new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); + + let who = alice(); + let who_identity = Identity::from(who.clone()); + let who_identity_hash = who_identity.hash().unwrap(); + + let bob_member_account = IDGraphMember { + id: MemberIdentity::Private(bob().encode()), + hash: Identity::from(bob()).hash().unwrap(), + }; + let charlie_member_account = IDGraphMember { + id: MemberIdentity::Public(Identity::from(charlie())), + hash: Identity::from(charlie()).hash().unwrap(), + }; + + let expected_id_graph: IDGraph = BoundedVec::truncate_from(vec![ + IDGraphMember { + id: MemberIdentity::from(who_identity.clone()), + hash: who_identity_hash, + }, + bob_member_account.clone(), + ]); + let expected_id_graph_hash = H256::from(blake2_256( + &expected_id_graph + .iter() + .map(|member| member.hash) + .collect::>() + .encode(), + )); + + assert_ok!(OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.clone(), + bob_member_account.clone(), + None + )); + System::assert_last_event( + Event::IdentityLinked { who: who.clone(), identity: bob_member_account.hash }.into(), + ); + + assert!(IDGraphs::::contains_key(&who)); + assert_eq!(IDGraphs::::get(&who).unwrap(), expected_id_graph); + assert_eq!(IDGraphHashes::::get(&who).unwrap(), expected_id_graph_hash); + + assert_ok!(OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer), + who_identity.clone(), + charlie_member_account.clone(), + Some(expected_id_graph_hash), + )); + System::assert_last_event( + Event::IdentityLinked { who: who.clone(), identity: charlie_member_account.hash } + .into(), + ); + + let expected_id_graph: IDGraph = BoundedVec::truncate_from(vec![ + IDGraphMember { + id: MemberIdentity::from(who_identity.clone()), + hash: who_identity_hash, + }, + bob_member_account.clone(), + charlie_member_account.clone(), + ]); + let expecte_id_graph_hash = H256::from(blake2_256( + &expected_id_graph + .iter() + .map(|member| member.hash) + .collect::>() + .encode(), + )); + + assert_eq!(IDGraphs::::get(&who).unwrap(), expected_id_graph); + assert_eq!(IDGraphHashes::::get(&who).unwrap(), expecte_id_graph_hash); + + assert!(LinkedIdentityHashes::::contains_key(bob_member_account.hash)); + assert!(LinkedIdentityHashes::::contains_key(charlie_member_account.hash)); + }); +} + +#[test] +fn link_identity_exising_id_graph_id_graph_hash_missing_works() { + new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); + let who_identity = Identity::from(alice()); + + let bob_member_account = IDGraphMember { + id: MemberIdentity::Private(bob().encode()), + hash: Identity::from(bob()).hash().unwrap(), + }; + let charlie_member_account = IDGraphMember { + id: MemberIdentity::Public(Identity::from(charlie())), + hash: Identity::from(charlie()).hash().unwrap(), + }; + + // IDGraph gets created with the first identity + assert_ok!(OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.clone(), + bob_member_account, + None + )); + + // to mutate IDGraph with a new identity, the current id_graph_hash must be provided + assert_noop!( + OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer), + who_identity, + charlie_member_account, + None + ), + Error::::IDGraphHashMissing + ); + }); +} + +#[test] +fn link_identity_origin_check_works() { + new_test_ext().execute_with(|| { + let who = Identity::from(alice()); + let member_account = IDGraphMember { + id: MemberIdentity::Private(vec![1, 2, 3]), + hash: H256::from(blake2_256(&[1, 2, 3])), + }; + + assert_noop!( + OmniAccount::link_identity(RuntimeOrigin::signed(bob()), who, member_account, None), + BadOrigin + ); + }); +} + +#[test] +fn link_identity_already_linked_works() { + new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); + let who = alice(); + let who_identity = Identity::from(who.clone()); + + let member_account = IDGraphMember { + id: MemberIdentity::Public(Identity::from(bob())), + hash: Identity::from(bob()).hash().unwrap(), + }; + + assert_ok!(OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.clone(), + member_account.clone(), + None + )); + assert_noop!( + OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.clone(), + member_account, + None + ), + Error::::IdentityAlreadyLinked + ); + + // intent to create a new id_graph with an identity that is already linked + let who = Identity::from(bob()); + let alice_member_account = IDGraphMember { + id: MemberIdentity::Public(Identity::from(alice())), + hash: Identity::from(alice()).hash().unwrap(), + }; + assert_noop!( + OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer), + who.clone(), + alice_member_account, + None + ), + Error::::IdentityAlreadyLinked + ); + }); +} + +#[test] +fn link_identity_id_graph_len_limit_reached_works() { + new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); + + let who = alice(); + let who_identity = Identity::from(who.clone()); + let who_identity_hash = who_identity.hash().unwrap(); + + let member_account_2 = IDGraphMember { + id: MemberIdentity::Private(vec![1, 2, 3]), + hash: H256::from(blake2_256(&[1, 2, 3])), + }; + let member_account_3 = IDGraphMember { + id: MemberIdentity::Private(vec![4, 5, 6]), + hash: H256::from(blake2_256(&[4, 5, 6])), + }; + + let id_graph: IDGraph = BoundedVec::truncate_from(vec![ + IDGraphMember { + id: MemberIdentity::from(who_identity.clone()), + hash: who_identity_hash, + }, + member_account_2.clone(), + member_account_3.clone(), + ]); + let id_graph_hash = H256::from(blake2_256(&id_graph.encode())); + + IDGraphs::::insert(who.clone(), id_graph.clone()); + IDGraphHashes::::insert(who.clone(), id_graph_hash); + + assert_noop!( + OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer), + who_identity, + IDGraphMember { + id: MemberIdentity::Private(vec![7, 8, 9]), + hash: H256::from(blake2_256(&[7, 8, 9])), + }, + Some(id_graph_hash), + ), + Error::::IDGraphLenLimitReached + ); + }); +} + +#[test] +fn link_identity_id_graph_hash_mismatch_works() { + new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); + + let who = alice(); + let who_identity = Identity::from(who.clone()); + let who_identity_hash = who_identity.hash().unwrap(); + + let member_account = IDGraphMember { + id: MemberIdentity::Private(vec![1, 2, 3]), + hash: H256::from(blake2_256(&[1, 2, 3])), + }; + + let id_graph: IDGraph = BoundedVec::truncate_from(vec![ + IDGraphMember { + id: MemberIdentity::from(who_identity.clone()), + hash: who_identity_hash, + }, + member_account.clone(), + ]); + let id_graph_hash = H256::from(blake2_256( + &id_graph.iter().map(|member| member.hash).collect::>().encode(), + )); + + assert_ok!(OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.clone(), + member_account.clone(), + None + )); + + assert_eq!(IDGraphs::::get(&who).unwrap(), id_graph); + assert_eq!(IDGraphHashes::::get(&who).unwrap(), id_graph_hash); + + // link another identity to the id_graph with the correct id_graph_hash + assert_ok!(OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.clone(), + IDGraphMember { + id: MemberIdentity::Private(vec![4, 5, 6]), + hash: H256::from(blake2_256(&[4, 5, 6])), + }, + Some(id_graph_hash), + )); + + let id_graph: IDGraph = BoundedVec::truncate_from(vec![ + IDGraphMember { + id: MemberIdentity::from(who_identity.clone()), + hash: who_identity_hash, + }, + member_account.clone(), + IDGraphMember { + id: MemberIdentity::Private(vec![4, 5, 6]), + hash: H256::from(blake2_256(&[4, 5, 6])), + }, + ]); + assert_eq!(IDGraphs::::get(&who).unwrap(), id_graph); + + // attempt to link an identity with an old id_graph_hash + assert_noop!( + OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer), + who_identity, + IDGraphMember { + id: MemberIdentity::Private(vec![7, 8, 9]), + hash: H256::from(blake2_256(&[7, 8, 9])), + }, + Some(id_graph_hash), + ), + Error::::IDGraphHashMismatch + ); + }); +} + +#[test] +fn remove_identity_works() { + new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); + let who = alice(); + let who_identity = Identity::from(who.clone()); + let who_identity_hash = who_identity.hash().unwrap(); + + let member_account = IDGraphMember { + id: MemberIdentity::Private(vec![1, 2, 3]), + hash: H256::from(blake2_256(&[1, 2, 3])), + }; + let identity_hash = member_account.hash; + let identities_to_remove = vec![identity_hash]; + + assert_ok!(OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.clone(), + member_account.clone(), + None + )); + assert_ok!(OmniAccount::remove_identities( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.clone(), + identities_to_remove.clone() + )); + System::assert_last_event( + Event::IdentityRemoved { who: who.clone(), identity_hashes: identities_to_remove } + .into(), + ); + + let expected_id_graph: IDGraph = + BoundedVec::truncate_from(vec![IDGraphMember { + id: MemberIdentity::Public(who_identity.clone()), + hash: who_identity_hash, + }]); + + assert_eq!(IDGraphs::::get(&who).unwrap(), expected_id_graph); + assert!(!LinkedIdentityHashes::::contains_key(identity_hash)); + + assert_ok!(OmniAccount::remove_identities( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.clone(), + vec![who_identity_hash], + )); + System::assert_last_event( + Event::IdentityRemoved { who: who.clone(), identity_hashes: vec![who_identity_hash] } + .into(), + ); + + assert!(!IDGraphs::::contains_key(&who)); + }); +} + +#[test] +fn remove_identity_empty_identity_check_works() { + new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); + let who = Identity::from(alice()); + + assert_ok!(OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer.clone()), + who.clone(), + IDGraphMember { + id: MemberIdentity::Private(vec![1, 2, 3]), + hash: H256::from(blake2_256(&[1, 2, 3])), + }, + None + )); + assert_noop!( + OmniAccount::remove_identities(RuntimeOrigin::signed(tee_signer.clone()), who, vec![],), + Error::::IdentitiesEmpty + ); + }); +} + +#[test] +fn remove_identity_origin_check_works() { + new_test_ext().execute_with(|| { + let who = Identity::from(alice()); + let identities_to_remove = vec![H256::from(blake2_256(&[1, 2, 3]))]; + + assert_noop!( + OmniAccount::remove_identities(RuntimeOrigin::signed(bob()), who, identities_to_remove), + BadOrigin + ); + }); +} + +#[test] +fn make_identity_public_works() { + new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); + let who = alice(); + let who_identity = Identity::from(who.clone()); + + let private_identity = MemberIdentity::Private(vec![1, 2, 3]); + let public_identity = MemberIdentity::Public(Identity::from(bob())); + let identity_hash = + H256::from(blake2_256(&Identity::from(bob()).to_did().unwrap().encode())); + + assert_ok!(OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.clone(), + IDGraphMember { id: private_identity.clone(), hash: identity_hash }, + None + )); + + let expected_id_graph: IDGraph = BoundedVec::truncate_from(vec![ + IDGraphMember { + id: MemberIdentity::Public(who_identity.clone()), + hash: who_identity.hash().unwrap(), + }, + IDGraphMember { id: private_identity.clone(), hash: identity_hash }, + ]); + assert_eq!(IDGraphs::::get(&who).unwrap(), expected_id_graph); + + assert_ok!(OmniAccount::make_identity_public( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.clone(), + identity_hash, + public_identity.clone() + )); + System::assert_last_event( + Event::IdentityMadePublic { who: who.clone(), identity_hash }.into(), + ); + + let expected_id_graph: IDGraph = BoundedVec::truncate_from(vec![ + IDGraphMember { + id: MemberIdentity::Public(who_identity.clone()), + hash: who_identity.hash().unwrap(), + }, + IDGraphMember { id: public_identity.clone(), hash: identity_hash }, + ]); + assert_eq!(IDGraphs::::get(&who).unwrap(), expected_id_graph); + }); +} + +#[test] +fn make_identity_public_origin_check_works() { + new_test_ext().execute_with(|| { + let who = Identity::from(alice()); + let identity = Identity::from(bob()); + let identity_hash = identity.hash().unwrap(); + let public_identity = MemberIdentity::Public(identity.clone()); + + assert_noop!( + OmniAccount::make_identity_public( + RuntimeOrigin::signed(bob()), + who, + identity_hash, + public_identity + ), + BadOrigin + ); + }); +} + +#[test] +fn make_identity_public_identity_not_found_works() { + new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); + let who = Identity::from(alice()); + + let private_identity = MemberIdentity::Private(vec![1, 2, 3]); + let identity = Identity::from(bob()); + let public_identity = MemberIdentity::Public(identity.clone()); + let identity_hash = + H256::from(blake2_256(&Identity::from(bob()).to_did().unwrap().encode())); + + assert_noop!( + OmniAccount::make_identity_public( + RuntimeOrigin::signed(tee_signer.clone()), + who.clone(), + identity_hash, + public_identity.clone() + ), + Error::::UnknownIDGraph + ); + + assert_ok!(OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer.clone()), + who.clone(), + IDGraphMember { id: private_identity.clone(), hash: identity_hash }, + None + )); + + let charlie_identity = Identity::from(charlie()); + let other_identity = MemberIdentity::Public(charlie_identity.clone()); + let other_identity_hash = + H256::from(blake2_256(&charlie_identity.to_did().unwrap().encode())); + + assert_noop!( + OmniAccount::make_identity_public( + RuntimeOrigin::signed(tee_signer), + who, + other_identity_hash, + other_identity, + ), + Error::::IdentityNotFound + ); + }); +} + +#[test] +fn make_identity_public_identity_is_private_check_works() { + new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); + let who = Identity::from(alice()); + + let private_identity = MemberIdentity::Private(vec![1, 2, 3]); + let identity_hash = Identity::from(bob()).hash().unwrap(); + + assert_ok!(OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer.clone()), + who.clone(), + IDGraphMember { id: private_identity.clone(), hash: identity_hash }, + None + )); + + assert_noop!( + OmniAccount::make_identity_public( + RuntimeOrigin::signed(tee_signer), + who, + identity_hash, + private_identity, + ), + Error::::IdentityIsPrivate + ); + }); +} diff --git a/parachain/runtime/litentry/Cargo.toml b/parachain/runtime/litentry/Cargo.toml index 4b3d3f3b52..3b3a3bc1ba 100644 --- a/parachain/runtime/litentry/Cargo.toml +++ b/parachain/runtime/litentry/Cargo.toml @@ -87,6 +87,7 @@ pallet-evm-assertions = { workspace = true } pallet-extrinsic-filter = { workspace = true } pallet-group = { workspace = true } pallet-identity-management = { workspace = true } +pallet-omni-account = { workspace = true } pallet-parachain-staking = { workspace = true } pallet-score-staking = { workspace = true } pallet-teebag = { workspace = true } diff --git a/parachain/runtime/litentry/src/lib.rs b/parachain/runtime/litentry/src/lib.rs index 176f7164d3..1d81366913 100644 --- a/parachain/runtime/litentry/src/lib.rs +++ b/parachain/runtime/litentry/src/lib.rs @@ -18,7 +18,7 @@ #![allow(clippy::identity_op)] #![allow(clippy::items_after_test_module)] // `construct_runtime!` does a lot of recursion and requires us to increase the limit to 256. -#![recursion_limit = "256"] +#![recursion_limit = "512"] #[cfg(feature = "runtime-benchmarks")] #[macro_use] @@ -59,8 +59,8 @@ use xcm_executor::XcmExecutor; pub use constants::currency::deposit; pub use core_primitives::{ - opaque, AccountId, Amount, AssetId, Balance, BlockNumber, Hash, Header, Nonce, Signature, DAYS, - HOURS, LITENTRY_PARA_ID, MINUTES, SLOT_DURATION, + opaque, AccountId, Amount, AssetId, Balance, BlockNumber, Hash, Header, Identity, Nonce, + Signature, DAYS, HOURS, LITENTRY_PARA_ID, MINUTES, SLOT_DURATION, }; pub use runtime_common::currency::*; use runtime_common::{ @@ -951,6 +951,21 @@ impl pallet_identity_management::Config for Runtime { type MaxOIDCClientRedirectUris = ConstU32<10>; } +pub struct IdentityToAccountIdConverter; + +impl pallet_omni_account::AccountIdConverter for IdentityToAccountIdConverter { + fn convert(identity: &Identity) -> Option { + identity.to_account_id() + } +} + +impl pallet_omni_account::Config for Runtime { + type RuntimeEvent = RuntimeEvent; + type TEECallOrigin = EnsureEnclaveSigner; + type MaxIDGraphLength = ConstU32<64>; + type AccountIdConverter = IdentityToAccountIdConverter; +} + impl pallet_bitacross::Config for Runtime { type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; @@ -1209,6 +1224,7 @@ construct_runtime! { VCManagement: pallet_vc_management = 81, IMPExtrinsicWhitelist: pallet_group:: = 82, VCMPExtrinsicWhitelist: pallet_group:: = 83, + OmniAccount: pallet_omni_account = 84, // Frontier EVM: pallet_evm = 120, diff --git a/parachain/runtime/paseo/Cargo.toml b/parachain/runtime/paseo/Cargo.toml index 09c035fa95..eb194daa05 100644 --- a/parachain/runtime/paseo/Cargo.toml +++ b/parachain/runtime/paseo/Cargo.toml @@ -87,6 +87,7 @@ pallet-evm-assertions = { workspace = true } pallet-extrinsic-filter = { workspace = true } pallet-group = { workspace = true } pallet-identity-management = { workspace = true } +pallet-omni-account = { workspace = true } pallet-parachain-staking = { workspace = true } pallet-score-staking = { workspace = true } pallet-teebag = { workspace = true } diff --git a/parachain/runtime/paseo/src/lib.rs b/parachain/runtime/paseo/src/lib.rs index e18997cdff..1b77269ae2 100644 --- a/parachain/runtime/paseo/src/lib.rs +++ b/parachain/runtime/paseo/src/lib.rs @@ -69,8 +69,8 @@ use xcm_executor::XcmExecutor; pub use constants::currency::deposit; pub use core_primitives::{ - opaque, AccountId, Amount, AssetId, Balance, BlockNumber, Hash, Header, Nonce, Signature, DAYS, - HOURS, MINUTES, SLOT_DURATION, + opaque, AccountId, Amount, AssetId, Balance, BlockNumber, Hash, Header, Identity, Nonce, + Signature, DAYS, HOURS, MINUTES, SLOT_DURATION, }; pub use runtime_common::currency::*; @@ -994,6 +994,21 @@ impl pallet_identity_management::Config for Runtime { type MaxOIDCClientRedirectUris = ConstU32<10>; } +pub struct IdentityToAccountIdConverter; + +impl pallet_omni_account::AccountIdConverter for IdentityToAccountIdConverter { + fn convert(identity: &Identity) -> Option { + identity.to_account_id() + } +} + +impl pallet_omni_account::Config for Runtime { + type RuntimeEvent = RuntimeEvent; + type TEECallOrigin = EnsureEnclaveSigner; + type MaxIDGraphLength = ConstU32<64>; + type AccountIdConverter = IdentityToAccountIdConverter; +} + impl pallet_bitacross::Config for Runtime { type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; @@ -1254,6 +1269,8 @@ construct_runtime! { // New Bridge Added AssetsHandler: pallet_assets_handler = 76, + OmniAccount: pallet_omni_account = 84, + // TEE Teebag: pallet_teebag = 93, diff --git a/parachain/runtime/rococo/Cargo.toml b/parachain/runtime/rococo/Cargo.toml index 0da86e3f28..231467f5bf 100644 --- a/parachain/runtime/rococo/Cargo.toml +++ b/parachain/runtime/rococo/Cargo.toml @@ -87,6 +87,7 @@ pallet-evm-assertions = { workspace = true } pallet-extrinsic-filter = { workspace = true } pallet-group = { workspace = true } pallet-identity-management = { workspace = true } +pallet-omni-account = { workspace = true } pallet-parachain-staking = { workspace = true } pallet-score-staking = { workspace = true } pallet-teebag = { workspace = true } diff --git a/parachain/runtime/rococo/src/lib.rs b/parachain/runtime/rococo/src/lib.rs index 334234027c..faf7106e51 100644 --- a/parachain/runtime/rococo/src/lib.rs +++ b/parachain/runtime/rococo/src/lib.rs @@ -68,8 +68,8 @@ use xcm_executor::XcmExecutor; pub use constants::currency::deposit; pub use core_primitives::{ - opaque, AccountId, Amount, AssetId, Balance, BlockNumber, Hash, Header, Nonce, Signature, DAYS, - HOURS, MINUTES, ROCOCO_PARA_ID, SLOT_DURATION, + opaque, AccountId, Amount, AssetId, Balance, BlockNumber, Hash, Header, Identity, Nonce, + Signature, DAYS, HOURS, MINUTES, ROCOCO_PARA_ID, SLOT_DURATION, }; pub use runtime_common::currency::*; @@ -993,6 +993,21 @@ impl pallet_identity_management::Config for Runtime { type MaxOIDCClientRedirectUris = ConstU32<10>; } +pub struct IdentityToAccountIdConverter; + +impl pallet_omni_account::AccountIdConverter for IdentityToAccountIdConverter { + fn convert(identity: &Identity) -> Option { + identity.to_account_id() + } +} + +impl pallet_omni_account::Config for Runtime { + type RuntimeEvent = RuntimeEvent; + type TEECallOrigin = EnsureEnclaveSigner; + type MaxIDGraphLength = ConstU32<64>; + type AccountIdConverter = IdentityToAccountIdConverter; +} + impl pallet_bitacross::Config for Runtime { type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; @@ -1253,6 +1268,8 @@ construct_runtime! { // New Bridge Added AssetsHandler: pallet_assets_handler = 76, + OmniAccount: pallet_omni_account = 84, + // TEE Teebag: pallet_teebag = 93, From b7842f7fb73ee8f24f54969668718438ae37fdcd Mon Sep 17 00:00:00 2001 From: Kai <7630809+Kailai-Wang@users.noreply.github.com> Date: Mon, 7 Oct 2024 14:44:22 +0200 Subject: [PATCH 03/17] Add omni account origin (#3117) * add runtime call * adjust tests * add test * fix tests * try to use job name * revert ci * try to fix ci names * revert name changes - it seems to be a GH problem --- .github/workflows/ci.yml | 2 +- parachain/Cargo.lock | 1 + parachain/pallets/omni-account/src/lib.rs | 174 +++++++++++--- parachain/pallets/omni-account/src/mock.rs | 32 ++- parachain/pallets/omni-account/src/tests.rs | 254 ++++++++++++++------ parachain/runtime/common/Cargo.toml | 2 + parachain/runtime/common/src/lib.rs | 2 + parachain/runtime/litentry/Cargo.toml | 3 + parachain/runtime/litentry/src/lib.rs | 20 +- parachain/runtime/paseo/Cargo.toml | 3 + parachain/runtime/paseo/src/lib.rs | 8 +- parachain/runtime/rococo/Cargo.toml | 3 + parachain/runtime/rococo/src/lib.rs | 8 +- 13 files changed, 387 insertions(+), 125 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a73f021d29..cb4a49f926 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -791,7 +791,7 @@ jobs: - test_name: lit-di-substrate-identity-multiworker-test - test_name: lit-dr-vc-multiworker-test - test_name: lit-resume-worker - name: ${{ matrix.test_name || 'identity-multi-worker-test' }} + name: ${{ matrix.test_name }} steps: - uses: actions/checkout@v4 diff --git a/parachain/Cargo.lock b/parachain/Cargo.lock index 76618ffb6a..dfde196e33 100644 --- a/parachain/Cargo.lock +++ b/parachain/Cargo.lock @@ -11061,6 +11061,7 @@ dependencies = [ "pallet-membership", "pallet-message-queue", "pallet-multisig", + "pallet-omni-account", "pallet-teebag", "pallet-transaction-payment", "pallet-treasury", diff --git a/parachain/pallets/omni-account/src/lib.rs b/parachain/pallets/omni-account/src/lib.rs index 228a5a1d53..c7adbfbfff 100644 --- a/parachain/pallets/omni-account/src/lib.rs +++ b/parachain/pallets/omni-account/src/lib.rs @@ -1,3 +1,19 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + #![cfg_attr(not(feature = "std"), no_std)] #[cfg(test)] @@ -10,9 +26,15 @@ pub use frame_system::pallet_prelude::BlockNumberFor; pub use pallet::*; use frame_support::pallet_prelude::*; +use frame_support::{ + dispatch::{GetDispatchInfo, PostDispatchInfo}, + traits::{IsSubType, UnfilteredDispatchable}, +}; use frame_system::pallet_prelude::*; use sp_core::H256; use sp_core_hashing::blake2_256; +use sp_runtime::traits::Dispatchable; +use sp_std::boxed::Box; use sp_std::vec::Vec; #[derive(Encode, Decode, TypeInfo, Clone, PartialEq, Eq, RuntimeDebug)] @@ -36,6 +58,21 @@ impl IDGraphHash for BoundedVec { } } +pub type MemberCount = u32; + +// Customized origin for this pallet, to: +// 1. to decouple `TEECallOrigin` and extrinsic that should be sent from `OmniAccount` origin only +// 2. allow other pallets to specify ensure_origin using this origin +// 3. leave room for more delicate control over OmniAccount in the future (e.g. multisig-like control) +#[derive(PartialEq, Eq, Clone, RuntimeDebug, Encode, Decode, TypeInfo, MaxEncodedLen)] +#[codec(mel_bound(AccountId: MaxEncodedLen))] +pub enum RawOrigin { + // dispatched from OmniAccount T::AccountId + OmniAccount(AccountId), + // dispatched by a given number of members of the OmniAccount IDGraph from a given total + OmniAccountMembers(AccountId, MemberCount, MemberCount), +} + #[frame_support::pallet] pub mod pallet { use super::*; @@ -50,21 +87,45 @@ pub mod pallet { #[pallet::config] pub trait Config: frame_system::Config { - /// The event type of this pallet. + /// The runtime origin type + type RuntimeOrigin: From> + + From>; + + /// The overarching call type + type RuntimeCall: Parameter + + Dispatchable< + RuntimeOrigin = ::RuntimeOrigin, + PostInfo = PostDispatchInfo, + > + GetDispatchInfo + + From> + + UnfilteredDispatchable::RuntimeOrigin> + + IsSubType> + + IsType<::RuntimeCall>; + + /// The event type of this pallet type RuntimeEvent: From> + IsType<::RuntimeEvent>; - /// The origin which can manage the pallet. - type TEECallOrigin: EnsureOrigin; + /// The origin that represents the off-chain worker + type TEECallOrigin: EnsureOrigin<::RuntimeOrigin>; /// The maximum number of identities an id graph can have. #[pallet::constant] type MaxIDGraphLength: Get; /// AccountId converter type AccountIdConverter: AccountIdConverter; + /// The origin that represents the customised OmniAccount type + type OmniAccountOrigin: EnsureOrigin< + ::RuntimeOrigin, + Success = Self::AccountId, + >; } + pub type IDGraph = BoundedVec::MaxIDGraphLength>; + #[pallet::origin] + pub type Origin = RawOrigin<::AccountId>; + #[pallet::storage] pub type LinkedIdentityHashes = - StorageMap; + StorageMap; #[pallet::storage] #[pallet::getter(fn id_graphs)] @@ -85,6 +146,10 @@ pub mod pallet { IdentityRemoved { who: T::AccountId, identity_hashes: Vec }, /// Identity made public IdentityMadePublic { who: T::AccountId, identity_hash: H256 }, + /// Some call is dispatched as omni-account origin + DispatchedAsOmniAccount { who: T::AccountId, result: DispatchResult }, + /// Some call is dispatched as signed origin + DispatchedAsSigned { who: T::AccountId, result: DispatchResult }, } #[pallet::error] @@ -111,14 +176,56 @@ pub mod pallet { #[pallet::call] impl Pallet { + // dispatch the `call` as RawOrigin::OmniAccount #[pallet::call_index(0)] #[pallet::weight((195_000_000, DispatchClass::Normal))] + pub fn dispatch_as_omni_account( + origin: OriginFor, + account_hash: H256, + call: Box<::RuntimeCall>, + ) -> DispatchResult { + let _ = T::TEECallOrigin::ensure_origin(origin)?; + let omni_account = + LinkedIdentityHashes::::get(account_hash).ok_or(Error::::IdentityNotFound)?; + let result = call.dispatch(RawOrigin::OmniAccount(omni_account.clone()).into()); + Self::deposit_event(Event::DispatchedAsOmniAccount { + who: omni_account, + result: result.map(|_| ()).map_err(|e| e.error), + }); + Ok(()) + } + + // dispatch the `call` as the standard (frame_system) signed origin + // TODO: what about other customised origin like collective? + #[pallet::call_index(1)] + #[pallet::weight((195_000_000, DispatchClass::Normal))] + pub fn dispatch_as_signed( + origin: OriginFor, + account_hash: H256, + call: Box<::RuntimeCall>, + ) -> DispatchResult { + let _ = T::TEECallOrigin::ensure_origin(origin)?; + let omni_account = + LinkedIdentityHashes::::get(account_hash).ok_or(Error::::IdentityNotFound)?; + let result = + call.dispatch(frame_system::RawOrigin::Signed(omni_account.clone()).into()); + Self::deposit_event(Event::DispatchedAsSigned { + who: omni_account, + result: result.map(|_| ()).map_err(|e| e.error), + }); + Ok(()) + } + + #[pallet::call_index(2)] + #[pallet::weight((195_000_000, DispatchClass::Normal))] pub fn link_identity( origin: OriginFor, who: Identity, member_account: IDGraphMember, maybe_id_graph_hash: Option, ) -> DispatchResult { + // We can't use `T::OmniAccountOrigin` here as the ownership of member account needs to + // be firstly validated by the TEE-worker before dispatching the extrinsic let _ = T::TEECallOrigin::ensure_origin(origin)?; ensure!( !LinkedIdentityHashes::::contains_key(member_account.hash), @@ -138,7 +245,7 @@ pub mod pallet { .try_push(member_account) .map_err(|_| Error::::IDGraphLenLimitReached)?; - LinkedIdentityHashes::::insert(identity_hash, ()); + LinkedIdentityHashes::::insert(identity_hash, who_account_id.clone()); IDGraphHashes::::insert(who_account_id.clone(), id_graph.graph_hash()); IDGraphs::::insert(who_account_id.clone(), id_graph); @@ -150,23 +257,17 @@ pub mod pallet { Ok(()) } - #[pallet::call_index(4)] + #[pallet::call_index(3)] #[pallet::weight((195_000_000, DispatchClass::Normal))] pub fn remove_identities( origin: OriginFor, - who: Identity, identity_hashes: Vec, ) -> DispatchResult { - let _ = T::TEECallOrigin::ensure_origin(origin)?; + let who = T::OmniAccountOrigin::ensure_origin(origin)?; ensure!(!identity_hashes.is_empty(), Error::::IdentitiesEmpty); - let who_account_id = match T::AccountIdConverter::convert(&who) { - Some(account_id) => account_id, - None => return Err(Error::::InvalidIdentity.into()), - }; - let mut id_graph_members = - IDGraphs::::get(&who_account_id).ok_or(Error::::UnknownIDGraph)?; + IDGraphs::::get(&who).ok_or(Error::::UnknownIDGraph)?; id_graph_members.retain(|member| { if identity_hashes.contains(&member.hash) { @@ -178,43 +279,37 @@ pub mod pallet { }); if id_graph_members.is_empty() { - IDGraphs::::remove(&who_account_id); + IDGraphs::::remove(&who); } else { - IDGraphs::::insert(who_account_id.clone(), id_graph_members); + IDGraphs::::insert(who.clone(), id_graph_members); } - Self::deposit_event(Event::IdentityRemoved { who: who_account_id, identity_hashes }); + Self::deposit_event(Event::IdentityRemoved { who, identity_hashes }); Ok(()) } - #[pallet::call_index(5)] + #[pallet::call_index(4)] #[pallet::weight((195_000_000, DispatchClass::Normal))] pub fn make_identity_public( origin: OriginFor, - who: Identity, identity_hash: H256, public_identity: MemberIdentity, ) -> DispatchResult { - let _ = T::TEECallOrigin::ensure_origin(origin)?; + let who = T::OmniAccountOrigin::ensure_origin(origin)?; ensure!(public_identity.is_public(), Error::::IdentityIsPrivate); - let who_account_id = match T::AccountIdConverter::convert(&who) { - Some(account_id) => account_id, - None => return Err(Error::::InvalidIdentity.into()), - }; - let mut id_graph_members = - IDGraphs::::get(&who_account_id).ok_or(Error::::UnknownIDGraph)?; + IDGraphs::::get(&who).ok_or(Error::::UnknownIDGraph)?; let id_graph_link = id_graph_members .iter_mut() .find(|member| member.hash == identity_hash) .ok_or(Error::::IdentityNotFound)?; id_graph_link.id = public_identity; - IDGraphs::::insert(who_account_id.clone(), id_graph_members); + IDGraphs::::insert(who.clone(), id_graph_members); - Self::deposit_event(Event::IdentityMadePublic { who: who_account_id, identity_hash }); + Self::deposit_event(Event::IdentityMadePublic { who, identity_hash }); Ok(()) } @@ -270,10 +365,31 @@ pub mod pallet { hash: owner_identity_hash, }) .map_err(|_| Error::::IDGraphLenLimitReached)?; - LinkedIdentityHashes::::insert(owner_identity_hash, ()); + LinkedIdentityHashes::::insert(owner_identity_hash, owner_account_id.clone()); IDGraphs::::insert(owner_account_id.clone(), id_graph_members.clone()); Ok(id_graph_members) } } } + +pub struct EnsureOmniAccount(PhantomData); +impl, O>> + From>, AccountId: Decode> + EnsureOrigin for EnsureOmniAccount +{ + type Success = AccountId; + fn try_origin(o: O) -> Result { + o.into().and_then(|o| match o { + RawOrigin::OmniAccount(id) => Ok(id), + r => Err(O::from(r)), + }) + } + + #[cfg(feature = "runtime-benchmarks")] + fn try_successful_origin() -> Result { + let zero_account_id = + AccountId::decode(&mut sp_runtime::traits::TrailingZeroInput::zeroes()) + .expect("infinite length input; no invalid inputs for type; qed"); + Ok(O::from(RawOrigin::OmniAccount(zero_account_id))) + } +} diff --git a/parachain/pallets/omni-account/src/mock.rs b/parachain/pallets/omni-account/src/mock.rs index fd2cdabf32..8a0178af75 100644 --- a/parachain/pallets/omni-account/src/mock.rs +++ b/parachain/pallets/omni-account/src/mock.rs @@ -1,4 +1,20 @@ -use crate::{self as pallet_omni_account}; +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use crate::{self as pallet_omni_account, EnsureOmniAccount}; use core_primitives::Identity; use frame_support::{ assert_ok, @@ -152,10 +168,13 @@ impl pallet_omni_account::AccountIdConverter for IdentityToAccountI } impl pallet_omni_account::Config for TestRuntime { + type RuntimeOrigin = RuntimeOrigin; + type RuntimeCall = RuntimeCall; type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; type MaxIDGraphLength = ConstU32<3>; type AccountIdConverter = IdentityToAccountIdConverter; + type OmniAccountOrigin = EnsureOmniAccount; } pub fn get_tee_signer() -> SystemAccountId { @@ -163,11 +182,12 @@ pub fn get_tee_signer() -> SystemAccountId { } pub fn new_test_ext() -> sp_io::TestExternalities { - let system = frame_system::GenesisConfig::::default(); - let mut ext: sp_io::TestExternalities = RuntimeGenesisConfig { system, ..Default::default() } - .build_storage() - .unwrap() - .into(); + let mut t = frame_system::GenesisConfig::::default().build_storage().unwrap(); + pallet_balances::GenesisConfig:: { balances: vec![(alice(), 10)] } + .assimilate_storage(&mut t) + .unwrap(); + + let mut ext: sp_io::TestExternalities = t.into(); ext.execute_with(|| { System::set_block_number(1); let signer = get_tee_signer(); diff --git a/parachain/pallets/omni-account/src/tests.rs b/parachain/pallets/omni-account/src/tests.rs index 4b8b0c795e..effa5df4f6 100644 --- a/parachain/pallets/omni-account/src/tests.rs +++ b/parachain/pallets/omni-account/src/tests.rs @@ -1,9 +1,43 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + use crate::{mock::*, IDGraphs, LinkedIdentityHashes, *}; use core_primitives::Identity; use frame_support::{assert_noop, assert_ok}; -use sp_runtime::traits::BadOrigin; +use sp_runtime::{traits::BadOrigin, ModuleError}; use sp_std::vec; +fn remove_identity_call(hashes: Vec) -> Box { + let call = RuntimeCall::OmniAccount(crate::Call::remove_identities { identity_hashes: hashes }); + Box::new(call) +} + +fn make_identity_public_call(hash: H256, id: MemberIdentity) -> Box { + let call = RuntimeCall::OmniAccount(crate::Call::make_identity_public { + identity_hash: hash, + public_identity: id, + }); + Box::new(call) +} + +fn make_balance_transfer_call(dest: AccountId, value: Balance) -> Box { + let call = RuntimeCall::Balances(pallet_balances::Call::transfer { dest, value }); + Box::new(call) +} + #[test] fn link_identity_works() { new_test_ext().execute_with(|| { @@ -326,12 +360,38 @@ fn remove_identity_works() { member_account.clone(), None )); - assert_ok!(OmniAccount::remove_identities( + + // normal signed origin should give `BadOrigin`, no matter + // it's from TEE-worker, or omni-account itself + assert_noop!( + OmniAccount::remove_identities( + RuntimeOrigin::signed(tee_signer.clone()), + identities_to_remove.clone() + ), + sp_runtime::DispatchError::BadOrigin + ); + + assert_noop!( + OmniAccount::remove_identities( + RuntimeOrigin::signed(who.clone()), + identities_to_remove.clone() + ), + sp_runtime::DispatchError::BadOrigin + ); + + let call = remove_identity_call(identities_to_remove.clone()); + assert_ok!(OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), - who_identity.clone(), - identities_to_remove.clone() + who_identity_hash, + call )); - System::assert_last_event( + + System::assert_has_event( + Event::DispatchedAsOmniAccount { who: who.clone(), result: DispatchResult::Ok(()) } + .into(), + ); + + System::assert_has_event( Event::IdentityRemoved { who: who.clone(), identity_hashes: identities_to_remove } .into(), ); @@ -345,15 +405,12 @@ fn remove_identity_works() { assert_eq!(IDGraphs::::get(&who).unwrap(), expected_id_graph); assert!(!LinkedIdentityHashes::::contains_key(identity_hash)); - assert_ok!(OmniAccount::remove_identities( + let call = remove_identity_call(vec![who_identity_hash]); + assert_ok!(OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), - who_identity.clone(), - vec![who_identity_hash], + who_identity_hash, + call )); - System::assert_last_event( - Event::IdentityRemoved { who: who.clone(), identity_hashes: vec![who_identity_hash] } - .into(), - ); assert!(!IDGraphs::::contains_key(&who)); }); @@ -363,33 +420,37 @@ fn remove_identity_works() { fn remove_identity_empty_identity_check_works() { new_test_ext().execute_with(|| { let tee_signer = get_tee_signer(); - let who = Identity::from(alice()); + let who = alice(); + let who_identity = Identity::from(who.clone()); + let who_identity_hash = who_identity.hash().unwrap(); assert_ok!(OmniAccount::link_identity( RuntimeOrigin::signed(tee_signer.clone()), - who.clone(), + who_identity, IDGraphMember { id: MemberIdentity::Private(vec![1, 2, 3]), hash: H256::from(blake2_256(&[1, 2, 3])), }, None )); - assert_noop!( - OmniAccount::remove_identities(RuntimeOrigin::signed(tee_signer.clone()), who, vec![],), - Error::::IdentitiesEmpty - ); - }); -} -#[test] -fn remove_identity_origin_check_works() { - new_test_ext().execute_with(|| { - let who = Identity::from(alice()); - let identities_to_remove = vec![H256::from(blake2_256(&[1, 2, 3]))]; - - assert_noop!( - OmniAccount::remove_identities(RuntimeOrigin::signed(bob()), who, identities_to_remove), - BadOrigin + let call = remove_identity_call(vec![]); + // execution itself is ok, but error is shown in the dispatch result + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity_hash, + call + )); + System::assert_has_event( + Event::DispatchedAsOmniAccount { + who, + result: Err(DispatchError::Module(ModuleError { + index: 5, + error: [6, 0, 0, 0], + message: Some("IdentitiesEmpty"), + })), + } + .into(), ); }); } @@ -400,6 +461,7 @@ fn make_identity_public_works() { let tee_signer = get_tee_signer(); let who = alice(); let who_identity = Identity::from(who.clone()); + let who_identity_hash = who_identity.hash().unwrap(); let private_identity = MemberIdentity::Private(vec![1, 2, 3]); let public_identity = MemberIdentity::Public(Identity::from(bob())); @@ -422,13 +484,19 @@ fn make_identity_public_works() { ]); assert_eq!(IDGraphs::::get(&who).unwrap(), expected_id_graph); - assert_ok!(OmniAccount::make_identity_public( + let call = make_identity_public_call(identity_hash, public_identity.clone()); + assert_ok!(OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), - who_identity.clone(), - identity_hash, - public_identity.clone() + who_identity_hash, + call )); - System::assert_last_event( + + System::assert_has_event( + Event::DispatchedAsOmniAccount { who: who.clone(), result: DispatchResult::Ok(()) } + .into(), + ); + + System::assert_has_event( Event::IdentityMadePublic { who: who.clone(), identity_hash }.into(), ); @@ -443,31 +511,13 @@ fn make_identity_public_works() { }); } -#[test] -fn make_identity_public_origin_check_works() { - new_test_ext().execute_with(|| { - let who = Identity::from(alice()); - let identity = Identity::from(bob()); - let identity_hash = identity.hash().unwrap(); - let public_identity = MemberIdentity::Public(identity.clone()); - - assert_noop!( - OmniAccount::make_identity_public( - RuntimeOrigin::signed(bob()), - who, - identity_hash, - public_identity - ), - BadOrigin - ); - }); -} - #[test] fn make_identity_public_identity_not_found_works() { new_test_ext().execute_with(|| { let tee_signer = get_tee_signer(); - let who = Identity::from(alice()); + let who = alice(); + let who_identity = Identity::from(who.clone()); + let who_identity_hash = who_identity.hash().unwrap(); let private_identity = MemberIdentity::Private(vec![1, 2, 3]); let identity = Identity::from(bob()); @@ -475,19 +525,19 @@ fn make_identity_public_identity_not_found_works() { let identity_hash = H256::from(blake2_256(&Identity::from(bob()).to_did().unwrap().encode())); + let call = make_identity_public_call(identity_hash, public_identity.clone()); assert_noop!( - OmniAccount::make_identity_public( + OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), - who.clone(), - identity_hash, - public_identity.clone() + who_identity_hash, + call ), - Error::::UnknownIDGraph + Error::::IdentityNotFound ); assert_ok!(OmniAccount::link_identity( RuntimeOrigin::signed(tee_signer.clone()), - who.clone(), + who_identity, IDGraphMember { id: private_identity.clone(), hash: identity_hash }, None )); @@ -497,14 +547,22 @@ fn make_identity_public_identity_not_found_works() { let other_identity_hash = H256::from(blake2_256(&charlie_identity.to_did().unwrap().encode())); - assert_noop!( - OmniAccount::make_identity_public( - RuntimeOrigin::signed(tee_signer), + let call = make_identity_public_call(other_identity_hash, other_identity); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity_hash, + call + )); + System::assert_has_event( + Event::DispatchedAsOmniAccount { who, - other_identity_hash, - other_identity, - ), - Error::::IdentityNotFound + result: Err(DispatchError::Module(ModuleError { + index: 5, + error: [2, 0, 0, 0], + message: Some("IdentityNotFound"), + })), + } + .into(), ); }); } @@ -513,26 +571,68 @@ fn make_identity_public_identity_not_found_works() { fn make_identity_public_identity_is_private_check_works() { new_test_ext().execute_with(|| { let tee_signer = get_tee_signer(); - let who = Identity::from(alice()); + let who = alice(); + let who_identity = Identity::from(who.clone()); + let who_identity_hash = who_identity.hash().unwrap(); let private_identity = MemberIdentity::Private(vec![1, 2, 3]); let identity_hash = Identity::from(bob()).hash().unwrap(); assert_ok!(OmniAccount::link_identity( RuntimeOrigin::signed(tee_signer.clone()), - who.clone(), + who_identity, IDGraphMember { id: private_identity.clone(), hash: identity_hash }, None )); - assert_noop!( - OmniAccount::make_identity_public( - RuntimeOrigin::signed(tee_signer), + let call = make_identity_public_call(identity_hash, private_identity); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity_hash, + call + )); + System::assert_has_event( + Event::DispatchedAsOmniAccount { who, - identity_hash, - private_identity, - ), - Error::::IdentityIsPrivate + result: Err(DispatchError::Module(ModuleError { + index: 5, + error: [5, 0, 0, 0], + message: Some("IdentityIsPrivate"), + })), + } + .into(), ); }); } + +#[test] +fn dispatch_as_signed_works() { + new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); + let who = alice(); + let who_identity = Identity::from(who.clone()); + let who_identity_hash = who_identity.hash().unwrap(); + + let private_identity = MemberIdentity::Private(vec![1, 2, 3]); + let identity_hash = Identity::from(bob()).hash().unwrap(); + + assert_ok!(OmniAccount::link_identity( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity, + IDGraphMember { id: private_identity.clone(), hash: identity_hash }, + None + )); + + let call = make_balance_transfer_call(bob(), 5); + assert_ok!(OmniAccount::dispatch_as_signed( + RuntimeOrigin::signed(tee_signer), + who_identity_hash, + call + )); + System::assert_has_event( + Event::DispatchedAsSigned { who, result: DispatchResult::Ok(()) }.into(), + ); + + assert_eq!(Balances::free_balance(bob()), 5); + }); +} diff --git a/parachain/runtime/common/Cargo.toml b/parachain/runtime/common/Cargo.toml index f93b7750a2..ffd75db923 100644 --- a/parachain/runtime/common/Cargo.toml +++ b/parachain/runtime/common/Cargo.toml @@ -50,6 +50,7 @@ cumulus-test-relay-sproof-builder = { workspace = true, optional = true } pallet-asset-manager = { workspace = true } pallet-extrinsic-filter = { workspace = true } pallet-group = { workspace = true } +pallet-omni-account = { workspace = true } pallet-teebag = { workspace = true } [features] @@ -89,6 +90,7 @@ std = [ "core-primitives/std", "pallet-asset-manager/std", "pallet-extrinsic-filter/std", + "pallet-omni-account/std", "pallet-teebag/std", "orml-xtokens/std", ] diff --git a/parachain/runtime/common/src/lib.rs b/parachain/runtime/common/src/lib.rs index d04b9f7491..316fcc1ca1 100644 --- a/parachain/runtime/common/src/lib.rs +++ b/parachain/runtime/common/src/lib.rs @@ -327,3 +327,5 @@ where Ok(frame_system::RawOrigin::Signed(signer).into()) } } + +pub type EnsureOmniAccount = pallet_omni_account::EnsureOmniAccount; diff --git a/parachain/runtime/litentry/Cargo.toml b/parachain/runtime/litentry/Cargo.toml index 3b3a3bc1ba..86aab76cea 100644 --- a/parachain/runtime/litentry/Cargo.toml +++ b/parachain/runtime/litentry/Cargo.toml @@ -170,6 +170,7 @@ runtime-benchmarks = [ "cumulus-pallet-parachain-system/runtime-benchmarks", "cumulus-pallet-xcmp-queue/runtime-benchmarks", "pallet-score-staking/runtime-benchmarks", + "pallet-omni-account/runtime-benchmarks", ] std = [ "parity-scale-codec/std", @@ -255,6 +256,7 @@ std = [ "pallet-bridge-transfer/std", "pallet-extrinsic-filter/std", "pallet-bitacross/std", + "pallet-omni-account/std", "pallet-identity-management/std", "pallet-score-staking/std", "pallet-teebag/std", @@ -315,4 +317,5 @@ try-runtime = [ "pallet-xcm/try-runtime", "parachain-info/try-runtime", "pallet-score-staking/try-runtime", + "pallet-omni-account/try-runtime", ] diff --git a/parachain/runtime/litentry/src/lib.rs b/parachain/runtime/litentry/src/lib.rs index 1d81366913..2f42a4433a 100644 --- a/parachain/runtime/litentry/src/lib.rs +++ b/parachain/runtime/litentry/src/lib.rs @@ -66,13 +66,13 @@ pub use runtime_common::currency::*; use runtime_common::{ impl_runtime_transaction_payment_fees, prod_or_fast, BlockHashCount, BlockLength, CouncilInstance, CouncilMembershipInstance, DeveloperCommitteeInstance, - DeveloperCommitteeMembershipInstance, EnsureEnclaveSigner, EnsureRootOrAllCouncil, - EnsureRootOrAllTechnicalCommittee, EnsureRootOrHalfCouncil, EnsureRootOrHalfTechnicalCommittee, - EnsureRootOrTwoThirdsCouncil, EnsureRootOrTwoThirdsTechnicalCommittee, - IMPExtrinsicWhitelistInstance, NegativeImbalance, RuntimeBlockWeights, SlowAdjustingFeeUpdate, - TechnicalCommitteeInstance, TechnicalCommitteeMembershipInstance, - VCMPExtrinsicWhitelistInstance, MAXIMUM_BLOCK_WEIGHT, NORMAL_DISPATCH_RATIO, WEIGHT_PER_GAS, - WEIGHT_TO_FEE_FACTOR, + DeveloperCommitteeMembershipInstance, EnsureEnclaveSigner, EnsureOmniAccount, + EnsureRootOrAllCouncil, EnsureRootOrAllTechnicalCommittee, EnsureRootOrHalfCouncil, + EnsureRootOrHalfTechnicalCommittee, EnsureRootOrTwoThirdsCouncil, + EnsureRootOrTwoThirdsTechnicalCommittee, IMPExtrinsicWhitelistInstance, NegativeImbalance, + RuntimeBlockWeights, SlowAdjustingFeeUpdate, TechnicalCommitteeInstance, + TechnicalCommitteeMembershipInstance, VCMPExtrinsicWhitelistInstance, MAXIMUM_BLOCK_WEIGHT, + NORMAL_DISPATCH_RATIO, WEIGHT_PER_GAS, WEIGHT_TO_FEE_FACTOR, }; use xcm_config::{XcmConfig, XcmOriginToTransactDispatchOrigin}; @@ -960,10 +960,13 @@ impl pallet_omni_account::AccountIdConverter for IdentityToAccountIdCon } impl pallet_omni_account::Config for Runtime { + type RuntimeOrigin = RuntimeOrigin; + type RuntimeCall = RuntimeCall; type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; type MaxIDGraphLength = ConstU32<64>; type AccountIdConverter = IdentityToAccountIdConverter; + type OmniAccountOrigin = EnsureOmniAccount; } impl pallet_bitacross::Config for Runtime { @@ -1316,7 +1319,8 @@ impl Contains for NormalModeFilter { RuntimeCall::AssetsHandler(_) | RuntimeCall::Bitacross(_) | RuntimeCall::EvmAssertions(_) | - RuntimeCall::ScoreStaking(_) + RuntimeCall::ScoreStaking(_) | + RuntimeCall::OmniAccount(_) ) } } diff --git a/parachain/runtime/paseo/Cargo.toml b/parachain/runtime/paseo/Cargo.toml index eb194daa05..73f1ac8494 100644 --- a/parachain/runtime/paseo/Cargo.toml +++ b/parachain/runtime/paseo/Cargo.toml @@ -173,6 +173,7 @@ runtime-benchmarks = [ "pallet-vc-management/runtime-benchmarks", "pallet-account-fix/runtime-benchmarks", "pallet-score-staking/runtime-benchmarks", + "pallet-omni-account/runtime-benchmarks", ] std = [ "parity-scale-codec/std", @@ -266,6 +267,7 @@ std = [ "pallet-extrinsic-filter/std", "pallet-group/std", "pallet-identity-management/std", + "pallet-omni-account/std", "pallet-score-staking/std", "pallet-teebag/std", "pallet-vc-management/std", @@ -327,4 +329,5 @@ try-runtime = [ "pallet-vesting/try-runtime", "pallet-xcm/try-runtime", "parachain-info/try-runtime", + "pallet-omni-account/try-runtime", ] diff --git a/parachain/runtime/paseo/src/lib.rs b/parachain/runtime/paseo/src/lib.rs index 1b77269ae2..98a157165b 100644 --- a/parachain/runtime/paseo/src/lib.rs +++ b/parachain/runtime/paseo/src/lib.rs @@ -77,7 +77,7 @@ pub use runtime_common::currency::*; use runtime_common::{ impl_runtime_transaction_payment_fees, prod_or_fast, BlockHashCount, BlockLength, CouncilInstance, CouncilMembershipInstance, DeveloperCommitteeInstance, - DeveloperCommitteeMembershipInstance, EnsureRootOrAllCouncil, + DeveloperCommitteeMembershipInstance, EnsureOmniAccount, EnsureRootOrAllCouncil, EnsureRootOrAllTechnicalCommittee, EnsureRootOrHalfCouncil, EnsureRootOrHalfTechnicalCommittee, EnsureRootOrTwoThirdsCouncil, EnsureRootOrTwoThirdsTechnicalCommittee, IMPExtrinsicWhitelistInstance, NegativeImbalance, RuntimeBlockWeights, SlowAdjustingFeeUpdate, @@ -1003,10 +1003,13 @@ impl pallet_omni_account::AccountIdConverter for IdentityToAccountIdCon } impl pallet_omni_account::Config for Runtime { + type RuntimeOrigin = RuntimeOrigin; + type RuntimeCall = RuntimeCall; type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; type MaxIDGraphLength = ConstU32<64>; type AccountIdConverter = IdentityToAccountIdConverter; + type OmniAccountOrigin = EnsureOmniAccount; } impl pallet_bitacross::Config for Runtime { @@ -1377,7 +1380,8 @@ impl Contains for NormalModeFilter { RuntimeCall::AssetsHandler(_) | RuntimeCall::Bitacross(_) | RuntimeCall::EvmAssertions(_) | - RuntimeCall::ScoreStaking(_) + RuntimeCall::ScoreStaking(_) | + RuntimeCall::OmniAccount(_) ) } } diff --git a/parachain/runtime/rococo/Cargo.toml b/parachain/runtime/rococo/Cargo.toml index 231467f5bf..fdaae91906 100644 --- a/parachain/runtime/rococo/Cargo.toml +++ b/parachain/runtime/rococo/Cargo.toml @@ -173,6 +173,7 @@ runtime-benchmarks = [ "pallet-vc-management/runtime-benchmarks", "pallet-account-fix/runtime-benchmarks", "pallet-score-staking/runtime-benchmarks", + "pallet-omni-account/runtime-benchmarks", ] std = [ "parity-scale-codec/std", @@ -266,6 +267,7 @@ std = [ "pallet-extrinsic-filter/std", "pallet-group/std", "pallet-identity-management/std", + "pallet-omni-account/std", "pallet-score-staking/std", "pallet-teebag/std", "pallet-vc-management/std", @@ -327,4 +329,5 @@ try-runtime = [ "pallet-vesting/try-runtime", "pallet-xcm/try-runtime", "parachain-info/try-runtime", + "pallet-omni-account/try-runtime", ] diff --git a/parachain/runtime/rococo/src/lib.rs b/parachain/runtime/rococo/src/lib.rs index faf7106e51..5d2192564a 100644 --- a/parachain/runtime/rococo/src/lib.rs +++ b/parachain/runtime/rococo/src/lib.rs @@ -76,7 +76,7 @@ pub use runtime_common::currency::*; use runtime_common::{ impl_runtime_transaction_payment_fees, prod_or_fast, BlockHashCount, BlockLength, CouncilInstance, CouncilMembershipInstance, DeveloperCommitteeInstance, - DeveloperCommitteeMembershipInstance, EnsureRootOrAllCouncil, + DeveloperCommitteeMembershipInstance, EnsureOmniAccount, EnsureRootOrAllCouncil, EnsureRootOrAllTechnicalCommittee, EnsureRootOrHalfCouncil, EnsureRootOrHalfTechnicalCommittee, EnsureRootOrTwoThirdsCouncil, EnsureRootOrTwoThirdsTechnicalCommittee, IMPExtrinsicWhitelistInstance, NegativeImbalance, RuntimeBlockWeights, SlowAdjustingFeeUpdate, @@ -1002,10 +1002,13 @@ impl pallet_omni_account::AccountIdConverter for IdentityToAccountIdCon } impl pallet_omni_account::Config for Runtime { + type RuntimeOrigin = RuntimeOrigin; + type RuntimeCall = RuntimeCall; type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; type MaxIDGraphLength = ConstU32<64>; type AccountIdConverter = IdentityToAccountIdConverter; + type OmniAccountOrigin = EnsureOmniAccount; } impl pallet_bitacross::Config for Runtime { @@ -1376,7 +1379,8 @@ impl Contains for NormalModeFilter { RuntimeCall::AssetsHandler(_) | RuntimeCall::Bitacross(_) | RuntimeCall::EvmAssertions(_) | - RuntimeCall::ScoreStaking(_) + RuntimeCall::ScoreStaking(_) | + RuntimeCall::OmniAccount(_) ) } } From a70abb287ee13c621ff95e8333e5dd5e570c7676 Mon Sep 17 00:00:00 2001 From: Kai <7630809+Kailai-Wang@users.noreply.github.com> Date: Tue, 8 Oct 2024 13:21:51 +0200 Subject: [PATCH 04/17] Rename storages and variables in pallet-omni-account (#3118) * init renaming * more updates * fix compile * fix compile * replace id_graph vars * fix compile --- parachain/pallets/omni-account/src/lib.rs | 227 +++++++------- parachain/pallets/omni-account/src/mock.rs | 2 +- parachain/pallets/omni-account/src/tests.rs | 321 ++++++++++---------- parachain/runtime/litentry/src/lib.rs | 2 +- parachain/runtime/paseo/src/lib.rs | 2 +- parachain/runtime/rococo/src/lib.rs | 2 +- 6 files changed, 280 insertions(+), 276 deletions(-) diff --git a/parachain/pallets/omni-account/src/lib.rs b/parachain/pallets/omni-account/src/lib.rs index c7adbfbfff..bc29bef7c1 100644 --- a/parachain/pallets/omni-account/src/lib.rs +++ b/parachain/pallets/omni-account/src/lib.rs @@ -37,8 +37,10 @@ use sp_runtime::traits::Dispatchable; use sp_std::boxed::Box; use sp_std::vec::Vec; +pub type MemberCount = u32; + #[derive(Encode, Decode, TypeInfo, Clone, PartialEq, Eq, RuntimeDebug)] -pub struct IDGraphMember { +pub struct MemberAccount { pub id: MemberIdentity, pub hash: H256, } @@ -47,19 +49,17 @@ pub trait AccountIdConverter { fn convert(identity: &Identity) -> Option; } -pub trait IDGraphHash { - fn graph_hash(&self) -> H256; +pub trait GetAccountStoreHash { + fn hash(&self) -> H256; } -impl IDGraphHash for BoundedVec { - fn graph_hash(&self) -> H256 { - let id_graph_members_hashes: Vec = self.iter().map(|member| member.hash).collect(); - H256::from(blake2_256(&id_graph_members_hashes.encode())) +impl GetAccountStoreHash for BoundedVec { + fn hash(&self) -> H256 { + let hashes: Vec = self.iter().map(|member| member.hash).collect(); + H256::from(blake2_256(&hashes.encode())) } } -pub type MemberCount = u32; - // Customized origin for this pallet, to: // 1. to decouple `TEECallOrigin` and extrinsic that should be sent from `OmniAccount` origin only // 2. allow other pallets to specify ensure_origin using this origin @@ -69,7 +69,7 @@ pub type MemberCount = u32; pub enum RawOrigin { // dispatched from OmniAccount T::AccountId OmniAccount(AccountId), - // dispatched by a given number of members of the OmniAccount IDGraph from a given total + // dispatched by a given number of members of the AccountStore from a given total OmniAccountMembers(AccountId, MemberCount, MemberCount), } @@ -104,13 +104,17 @@ pub mod pallet { /// The event type of this pallet type RuntimeEvent: From> + IsType<::RuntimeEvent>; + /// The origin that represents the off-chain worker type TEECallOrigin: EnsureOrigin<::RuntimeOrigin>; - /// The maximum number of identities an id graph can have. + + /// The maximum number of accounts that an AccountGraph can have #[pallet::constant] - type MaxIDGraphLength: Get; + type MaxAccountStoreLength: Get; + /// AccountId converter type AccountIdConverter: AccountIdConverter; + /// The origin that represents the customised OmniAccount type type OmniAccountOrigin: EnsureOrigin< ::RuntimeOrigin, @@ -118,34 +122,37 @@ pub mod pallet { >; } - pub type IDGraph = BoundedVec::MaxIDGraphLength>; + pub type MemberAccounts = BoundedVec::MaxAccountStoreLength>; #[pallet::origin] pub type Origin = RawOrigin<::AccountId>; + /// A map between OmniAccount and its MemberAccounts (a bounded vector of MemberAccount) #[pallet::storage] - pub type LinkedIdentityHashes = - StorageMap; + #[pallet::getter(fn account_store)] + pub type AccountStore = + StorageMap>; + /// A map between hash of MemberAccount and its belonging OmniAccount #[pallet::storage] - #[pallet::getter(fn id_graphs)] - pub type IDGraphs = - StorageMap>; + pub type MemberAccountHash = + StorageMap; + /// A map between OmniAccount and hash of its AccountStore #[pallet::storage] - #[pallet::getter(fn id_graph_hashes)] - pub type IDGraphHashes = + #[pallet::getter(fn account_store_hash)] + pub type AccountStoreHash = StorageMap; #[pallet::event] #[pallet::generate_deposit(pub(super) fn deposit_event)] pub enum Event { - /// Identity linked - IdentityLinked { who: T::AccountId, identity: H256 }, - /// Identity remove - IdentityRemoved { who: T::AccountId, identity_hashes: Vec }, - /// Identity made public - IdentityMadePublic { who: T::AccountId, identity_hash: H256 }, + /// Some member account is added + AccountAdded { who: T::AccountId, member_account_hash: H256 }, + /// Some member accounts are removed + AccountRemoved { who: T::AccountId, member_account_hashes: Vec }, + /// Some member account is made public + AccountMadePublic { who: T::AccountId, member_account_hash: H256 }, /// Some call is dispatched as omni-account origin DispatchedAsOmniAccount { who: T::AccountId, result: DispatchResult }, /// Some call is dispatched as signed origin @@ -154,24 +161,15 @@ pub mod pallet { #[pallet::error] pub enum Error { - /// Identity is already linked - IdentityAlreadyLinked, - /// IDGraph len limit reached - IDGraphLenLimitReached, - /// Identity not found - IdentityNotFound, - /// Invalid identity - InvalidIdentity, - /// IDGraph not found - UnknownIDGraph, - /// Identity is private - IdentityIsPrivate, - /// Identities empty - IdentitiesEmpty, - /// IDGraph hash does not match - IDGraphHashMismatch, - /// Missing IDGraph hash - IDGraphHashMissing, + AccountAlreadyAdded, + AccountStoreLenLimitReached, + AccountNotFound, + InvalidAccount, + UnknownAccountStore, + AccountIsPrivate, + EmptyAccount, + AccountStoreHashMismatch, + AccountStoreHashMaissing, } #[pallet::call] @@ -186,7 +184,7 @@ pub mod pallet { ) -> DispatchResult { let _ = T::TEECallOrigin::ensure_origin(origin)?; let omni_account = - LinkedIdentityHashes::::get(account_hash).ok_or(Error::::IdentityNotFound)?; + MemberAccountHash::::get(account_hash).ok_or(Error::::AccountNotFound)?; let result = call.dispatch(RawOrigin::OmniAccount(omni_account.clone()).into()); Self::deposit_event(Event::DispatchedAsOmniAccount { who: omni_account, @@ -206,7 +204,7 @@ pub mod pallet { ) -> DispatchResult { let _ = T::TEECallOrigin::ensure_origin(origin)?; let omni_account = - LinkedIdentityHashes::::get(account_hash).ok_or(Error::::IdentityNotFound)?; + MemberAccountHash::::get(account_hash).ok_or(Error::::AccountNotFound)?; let result = call.dispatch(frame_system::RawOrigin::Signed(omni_account.clone()).into()); Self::deposit_event(Event::DispatchedAsSigned { @@ -218,40 +216,40 @@ pub mod pallet { #[pallet::call_index(2)] #[pallet::weight((195_000_000, DispatchClass::Normal))] - pub fn link_identity( + pub fn add_account( origin: OriginFor, who: Identity, - member_account: IDGraphMember, - maybe_id_graph_hash: Option, + member_account: MemberAccount, + maybe_account_store_hash: Option, ) -> DispatchResult { // We can't use `T::OmniAccountOrigin` here as the ownership of member account needs to // be firstly validated by the TEE-worker before dispatching the extrinsic let _ = T::TEECallOrigin::ensure_origin(origin)?; ensure!( - !LinkedIdentityHashes::::contains_key(member_account.hash), - Error::::IdentityAlreadyLinked + !MemberAccountHash::::contains_key(member_account.hash), + Error::::AccountAlreadyAdded ); let who_account_id = match T::AccountIdConverter::convert(&who) { Some(account_id) => account_id, - None => return Err(Error::::InvalidIdentity.into()), + None => return Err(Error::::InvalidAccount.into()), }; - let identity_hash = member_account.hash; - let mut id_graph = Self::get_or_create_id_graph( + let hash = member_account.hash; + let mut account_store = Self::get_or_create_account_store( who.clone(), who_account_id.clone(), - maybe_id_graph_hash, + maybe_account_store_hash, )?; - id_graph + account_store .try_push(member_account) - .map_err(|_| Error::::IDGraphLenLimitReached)?; + .map_err(|_| Error::::AccountStoreLenLimitReached)?; - LinkedIdentityHashes::::insert(identity_hash, who_account_id.clone()); - IDGraphHashes::::insert(who_account_id.clone(), id_graph.graph_hash()); - IDGraphs::::insert(who_account_id.clone(), id_graph); + MemberAccountHash::::insert(hash, who_account_id.clone()); + AccountStoreHash::::insert(who_account_id.clone(), account_store.hash()); + AccountStore::::insert(who_account_id.clone(), account_store); - Self::deposit_event(Event::IdentityLinked { + Self::deposit_event(Event::AccountAdded { who: who_account_id, - identity: identity_hash, + member_account_hash: hash, }); Ok(()) @@ -259,116 +257,113 @@ pub mod pallet { #[pallet::call_index(3)] #[pallet::weight((195_000_000, DispatchClass::Normal))] - pub fn remove_identities( + pub fn remove_accounts( origin: OriginFor, - identity_hashes: Vec, + member_account_hashes: Vec, ) -> DispatchResult { let who = T::OmniAccountOrigin::ensure_origin(origin)?; - ensure!(!identity_hashes.is_empty(), Error::::IdentitiesEmpty); + ensure!(!member_account_hashes.is_empty(), Error::::EmptyAccount); - let mut id_graph_members = - IDGraphs::::get(&who).ok_or(Error::::UnknownIDGraph)?; + let mut member_accounts = + AccountStore::::get(&who).ok_or(Error::::UnknownAccountStore)?; - id_graph_members.retain(|member| { - if identity_hashes.contains(&member.hash) { - LinkedIdentityHashes::::remove(member.hash); + member_accounts.retain(|member| { + if member_account_hashes.contains(&member.hash) { + MemberAccountHash::::remove(member.hash); false } else { true } }); - if id_graph_members.is_empty() { - IDGraphs::::remove(&who); + if member_accounts.is_empty() { + AccountStore::::remove(&who); } else { - IDGraphs::::insert(who.clone(), id_graph_members); + AccountStore::::insert(who.clone(), member_accounts); } - Self::deposit_event(Event::IdentityRemoved { who, identity_hashes }); + Self::deposit_event(Event::AccountRemoved { who, member_account_hashes }); Ok(()) } #[pallet::call_index(4)] #[pallet::weight((195_000_000, DispatchClass::Normal))] - pub fn make_identity_public( + pub fn publicize_account( origin: OriginFor, - identity_hash: H256, + member_account_hash: H256, public_identity: MemberIdentity, ) -> DispatchResult { let who = T::OmniAccountOrigin::ensure_origin(origin)?; - ensure!(public_identity.is_public(), Error::::IdentityIsPrivate); + ensure!(public_identity.is_public(), Error::::AccountIsPrivate); - let mut id_graph_members = - IDGraphs::::get(&who).ok_or(Error::::UnknownIDGraph)?; - let id_graph_link = id_graph_members + let mut member_accounts = + AccountStore::::get(&who).ok_or(Error::::UnknownAccountStore)?; + let member_account = member_accounts .iter_mut() - .find(|member| member.hash == identity_hash) - .ok_or(Error::::IdentityNotFound)?; - id_graph_link.id = public_identity; + .find(|member| member.hash == member_account_hash) + .ok_or(Error::::AccountNotFound)?; + member_account.id = public_identity; - IDGraphs::::insert(who.clone(), id_graph_members); + AccountStore::::insert(who.clone(), member_accounts); - Self::deposit_event(Event::IdentityMadePublic { who, identity_hash }); + Self::deposit_event(Event::AccountMadePublic { who, member_account_hash }); Ok(()) } } impl Pallet { - pub fn get_or_create_id_graph( + pub fn get_or_create_account_store( who: Identity, who_account_id: T::AccountId, - maybe_id_graph_hash: Option, - ) -> Result, Error> { - match IDGraphs::::get(&who_account_id) { - Some(id_graph_members) => { - Self::verify_id_graph_hash(&who_account_id, maybe_id_graph_hash)?; - Ok(id_graph_members) + maybe_account_store_hash: Option, + ) -> Result, Error> { + match AccountStore::::get(&who_account_id) { + Some(member_accounts) => { + Self::verify_account_store_hash(&who_account_id, maybe_account_store_hash)?; + Ok(member_accounts) }, - None => Self::create_id_graph(who, who_account_id), + None => Self::create_account_store(who, who_account_id), } } - fn verify_id_graph_hash( + fn verify_account_store_hash( who: &T::AccountId, - maybe_id_graph_hash: Option, + maybe_account_store_hash: Option, ) -> Result<(), Error> { - let current_id_graph_hash = - IDGraphHashes::::get(who).ok_or(Error::::IDGraphHashMissing)?; - match maybe_id_graph_hash { - Some(id_graph_hash) => { - ensure!( - current_id_graph_hash == id_graph_hash, - Error::::IDGraphHashMismatch - ); + let current_account_store_hash = + AccountStoreHash::::get(who).ok_or(Error::::AccountStoreHashMaissing)?; + match maybe_account_store_hash { + Some(h) => { + ensure!(current_account_store_hash == h, Error::::AccountStoreHashMismatch); }, - None => return Err(Error::::IDGraphHashMissing), + None => return Err(Error::::AccountStoreHashMaissing), } Ok(()) } - fn create_id_graph( + fn create_account_store( owner_identity: Identity, owner_account_id: T::AccountId, - ) -> Result, Error> { + ) -> Result, Error> { let owner_identity_hash = - owner_identity.hash().map_err(|_| Error::::InvalidIdentity)?; - if LinkedIdentityHashes::::contains_key(owner_identity_hash) { - return Err(Error::::IdentityAlreadyLinked); + owner_identity.hash().map_err(|_| Error::::InvalidAccount)?; + if MemberAccountHash::::contains_key(owner_identity_hash) { + return Err(Error::::AccountAlreadyAdded); } - let mut id_graph_members: IDGraph = BoundedVec::new(); - id_graph_members - .try_push(IDGraphMember { + let mut member_accounts: MemberAccounts = BoundedVec::new(); + member_accounts + .try_push(MemberAccount { id: MemberIdentity::from(owner_identity.clone()), hash: owner_identity_hash, }) - .map_err(|_| Error::::IDGraphLenLimitReached)?; - LinkedIdentityHashes::::insert(owner_identity_hash, owner_account_id.clone()); - IDGraphs::::insert(owner_account_id.clone(), id_graph_members.clone()); + .map_err(|_| Error::::AccountStoreLenLimitReached)?; + MemberAccountHash::::insert(owner_identity_hash, owner_account_id.clone()); + AccountStore::::insert(owner_account_id.clone(), member_accounts.clone()); - Ok(id_graph_members) + Ok(member_accounts) } } } diff --git a/parachain/pallets/omni-account/src/mock.rs b/parachain/pallets/omni-account/src/mock.rs index 8a0178af75..9bc1f4bc73 100644 --- a/parachain/pallets/omni-account/src/mock.rs +++ b/parachain/pallets/omni-account/src/mock.rs @@ -172,7 +172,7 @@ impl pallet_omni_account::Config for TestRuntime { type RuntimeCall = RuntimeCall; type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; - type MaxIDGraphLength = ConstU32<3>; + type MaxAccountStoreLength = ConstU32<3>; type AccountIdConverter = IdentityToAccountIdConverter; type OmniAccountOrigin = EnsureOmniAccount; } diff --git a/parachain/pallets/omni-account/src/tests.rs b/parachain/pallets/omni-account/src/tests.rs index effa5df4f6..7712940b0b 100644 --- a/parachain/pallets/omni-account/src/tests.rs +++ b/parachain/pallets/omni-account/src/tests.rs @@ -14,20 +14,21 @@ // You should have received a copy of the GNU General Public License // along with Litentry. If not, see . -use crate::{mock::*, IDGraphs, LinkedIdentityHashes, *}; +use crate::{mock::*, AccountStore, MemberAccountHash, *}; use core_primitives::Identity; use frame_support::{assert_noop, assert_ok}; use sp_runtime::{traits::BadOrigin, ModuleError}; use sp_std::vec; -fn remove_identity_call(hashes: Vec) -> Box { - let call = RuntimeCall::OmniAccount(crate::Call::remove_identities { identity_hashes: hashes }); +fn remove_accounts_call(hashes: Vec) -> Box { + let call = + RuntimeCall::OmniAccount(crate::Call::remove_accounts { member_account_hashes: hashes }); Box::new(call) } -fn make_identity_public_call(hash: H256, id: MemberIdentity) -> Box { - let call = RuntimeCall::OmniAccount(crate::Call::make_identity_public { - identity_hash: hash, +fn publicize_account_call(hash: H256, id: MemberIdentity) -> Box { + let call = RuntimeCall::OmniAccount(crate::Call::publicize_account { + member_account_hash: hash, public_identity: id, }); Box::new(call) @@ -39,7 +40,7 @@ fn make_balance_transfer_call(dest: AccountId, value: Balance) -> Box = BoundedVec::truncate_from(vec![ - IDGraphMember { - id: MemberIdentity::from(who_identity.clone()), - hash: who_identity_hash, - }, - bob_member_account.clone(), - ]); - let expected_id_graph_hash = H256::from(blake2_256( - &expected_id_graph + let expected_member_accounts: MemberAccounts = + BoundedVec::truncate_from(vec![ + MemberAccount { + id: MemberIdentity::from(who_identity.clone()), + hash: who_identity_hash, + }, + bob_member_account.clone(), + ]); + let expected_account_store_hash = H256::from(blake2_256( + &expected_member_accounts .iter() .map(|member| member.hash) .collect::>() .encode(), )); - assert_ok!(OmniAccount::link_identity( + assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), bob_member_account.clone(), None )); System::assert_last_event( - Event::IdentityLinked { who: who.clone(), identity: bob_member_account.hash }.into(), + Event::AccountAdded { who: who.clone(), member_account_hash: bob_member_account.hash } + .into(), ); - assert!(IDGraphs::::contains_key(&who)); - assert_eq!(IDGraphs::::get(&who).unwrap(), expected_id_graph); - assert_eq!(IDGraphHashes::::get(&who).unwrap(), expected_id_graph_hash); + assert!(AccountStore::::contains_key(&who)); + assert_eq!(AccountStore::::get(&who).unwrap(), expected_member_accounts); + assert_eq!( + AccountStoreHash::::get(&who).unwrap(), + expected_account_store_hash + ); - assert_ok!(OmniAccount::link_identity( + assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer), who_identity.clone(), charlie_member_account.clone(), - Some(expected_id_graph_hash), + Some(expected_account_store_hash), )); System::assert_last_event( - Event::IdentityLinked { who: who.clone(), identity: charlie_member_account.hash } - .into(), + Event::AccountAdded { + who: who.clone(), + member_account_hash: charlie_member_account.hash, + } + .into(), ); - let expected_id_graph: IDGraph = BoundedVec::truncate_from(vec![ - IDGraphMember { - id: MemberIdentity::from(who_identity.clone()), - hash: who_identity_hash, - }, - bob_member_account.clone(), - charlie_member_account.clone(), - ]); - let expecte_id_graph_hash = H256::from(blake2_256( - &expected_id_graph + let expected_member_accounts: MemberAccounts = + BoundedVec::truncate_from(vec![ + MemberAccount { + id: MemberIdentity::from(who_identity.clone()), + hash: who_identity_hash, + }, + bob_member_account.clone(), + charlie_member_account.clone(), + ]); + let expected_account_store_hash = H256::from(blake2_256( + &expected_member_accounts .iter() .map(|member| member.hash) .collect::>() .encode(), )); - assert_eq!(IDGraphs::::get(&who).unwrap(), expected_id_graph); - assert_eq!(IDGraphHashes::::get(&who).unwrap(), expecte_id_graph_hash); + assert_eq!(AccountStore::::get(&who).unwrap(), expected_member_accounts); + assert_eq!( + AccountStoreHash::::get(&who).unwrap(), + expected_account_store_hash + ); - assert!(LinkedIdentityHashes::::contains_key(bob_member_account.hash)); - assert!(LinkedIdentityHashes::::contains_key(charlie_member_account.hash)); + assert!(MemberAccountHash::::contains_key(bob_member_account.hash)); + assert!(MemberAccountHash::::contains_key(charlie_member_account.hash)); }); } #[test] -fn link_identity_exising_id_graph_id_graph_hash_missing_works() { +fn add_account_hash_checking_works() { new_test_ext().execute_with(|| { let tee_signer = get_tee_signer(); let who_identity = Identity::from(alice()); - let bob_member_account = IDGraphMember { + let bob_member_account = MemberAccount { id: MemberIdentity::Private(bob().encode()), hash: Identity::from(bob()).hash().unwrap(), }; - let charlie_member_account = IDGraphMember { + let charlie_member_account = MemberAccount { id: MemberIdentity::Public(Identity::from(charlie())), hash: Identity::from(charlie()).hash().unwrap(), }; - // IDGraph gets created with the first identity - assert_ok!(OmniAccount::link_identity( + // AccountStore gets created with the first account + assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), bob_member_account, None )); - // to mutate IDGraph with a new identity, the current id_graph_hash must be provided + // to mutate AccountStore with a new account, the current account_store_hash must be provided assert_noop!( - OmniAccount::link_identity( + OmniAccount::add_account( RuntimeOrigin::signed(tee_signer), who_identity, charlie_member_account, None ), - Error::::IDGraphHashMissing + Error::::AccountStoreHashMaissing ); }); } #[test] -fn link_identity_origin_check_works() { +fn add_account_origin_check_works() { new_test_ext().execute_with(|| { let who = Identity::from(alice()); - let member_account = IDGraphMember { + let member_account = MemberAccount { id: MemberIdentity::Private(vec![1, 2, 3]), hash: H256::from(blake2_256(&[1, 2, 3])), }; assert_noop!( - OmniAccount::link_identity(RuntimeOrigin::signed(bob()), who, member_account, None), + OmniAccount::add_account(RuntimeOrigin::signed(bob()), who, member_account, None), BadOrigin ); }); } #[test] -fn link_identity_already_linked_works() { +fn add_account_already_linked_works() { new_test_ext().execute_with(|| { let tee_signer = get_tee_signer(); let who = alice(); let who_identity = Identity::from(who.clone()); - let member_account = IDGraphMember { + let member_account = MemberAccount { id: MemberIdentity::Public(Identity::from(bob())), hash: Identity::from(bob()).hash().unwrap(), }; - assert_ok!(OmniAccount::link_identity( + assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), member_account.clone(), None )); assert_noop!( - OmniAccount::link_identity( + OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), member_account, None ), - Error::::IdentityAlreadyLinked + Error::::AccountAlreadyAdded ); - // intent to create a new id_graph with an identity that is already linked + // intent to create a new AccountStore with an account that is already added let who = Identity::from(bob()); - let alice_member_account = IDGraphMember { + let alice_member_account = MemberAccount { id: MemberIdentity::Public(Identity::from(alice())), hash: Identity::from(alice()).hash().unwrap(), }; assert_noop!( - OmniAccount::link_identity( + OmniAccount::add_account( RuntimeOrigin::signed(tee_signer), who.clone(), alice_member_account, None ), - Error::::IdentityAlreadyLinked + Error::::AccountAlreadyAdded ); }); } #[test] -fn link_identity_id_graph_len_limit_reached_works() { +fn add_account_store_len_limit_reached_works() { new_test_ext().execute_with(|| { let tee_signer = get_tee_signer(); @@ -227,45 +240,45 @@ fn link_identity_id_graph_len_limit_reached_works() { let who_identity = Identity::from(who.clone()); let who_identity_hash = who_identity.hash().unwrap(); - let member_account_2 = IDGraphMember { + let member_account_2 = MemberAccount { id: MemberIdentity::Private(vec![1, 2, 3]), hash: H256::from(blake2_256(&[1, 2, 3])), }; - let member_account_3 = IDGraphMember { + let member_account_3 = MemberAccount { id: MemberIdentity::Private(vec![4, 5, 6]), hash: H256::from(blake2_256(&[4, 5, 6])), }; - let id_graph: IDGraph = BoundedVec::truncate_from(vec![ - IDGraphMember { + let member_accounts: MemberAccounts = BoundedVec::truncate_from(vec![ + MemberAccount { id: MemberIdentity::from(who_identity.clone()), hash: who_identity_hash, }, member_account_2.clone(), member_account_3.clone(), ]); - let id_graph_hash = H256::from(blake2_256(&id_graph.encode())); + let account_store_hash = H256::from(blake2_256(&member_accounts.encode())); - IDGraphs::::insert(who.clone(), id_graph.clone()); - IDGraphHashes::::insert(who.clone(), id_graph_hash); + AccountStore::::insert(who.clone(), member_accounts.clone()); + AccountStoreHash::::insert(who.clone(), account_store_hash); assert_noop!( - OmniAccount::link_identity( + OmniAccount::add_account( RuntimeOrigin::signed(tee_signer), who_identity, - IDGraphMember { + MemberAccount { id: MemberIdentity::Private(vec![7, 8, 9]), hash: H256::from(blake2_256(&[7, 8, 9])), }, - Some(id_graph_hash), + Some(account_store_hash), ), - Error::::IDGraphLenLimitReached + Error::::AccountStoreLenLimitReached ); }); } #[test] -fn link_identity_id_graph_hash_mismatch_works() { +fn add_account_store_hash_mismatch_works() { new_test_ext().execute_with(|| { let tee_signer = get_tee_signer(); @@ -273,88 +286,88 @@ fn link_identity_id_graph_hash_mismatch_works() { let who_identity = Identity::from(who.clone()); let who_identity_hash = who_identity.hash().unwrap(); - let member_account = IDGraphMember { + let member_account = MemberAccount { id: MemberIdentity::Private(vec![1, 2, 3]), hash: H256::from(blake2_256(&[1, 2, 3])), }; - let id_graph: IDGraph = BoundedVec::truncate_from(vec![ - IDGraphMember { + let member_accounts: MemberAccounts = BoundedVec::truncate_from(vec![ + MemberAccount { id: MemberIdentity::from(who_identity.clone()), hash: who_identity_hash, }, member_account.clone(), ]); - let id_graph_hash = H256::from(blake2_256( - &id_graph.iter().map(|member| member.hash).collect::>().encode(), + let account_store_hash = H256::from(blake2_256( + &member_accounts.iter().map(|member| member.hash).collect::>().encode(), )); - assert_ok!(OmniAccount::link_identity( + assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), member_account.clone(), None )); - assert_eq!(IDGraphs::::get(&who).unwrap(), id_graph); - assert_eq!(IDGraphHashes::::get(&who).unwrap(), id_graph_hash); + assert_eq!(AccountStore::::get(&who).unwrap(), member_accounts); + assert_eq!(AccountStoreHash::::get(&who).unwrap(), account_store_hash); - // link another identity to the id_graph with the correct id_graph_hash - assert_ok!(OmniAccount::link_identity( + // add another account to the store with the correct AccountStoreHash + assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), - IDGraphMember { + MemberAccount { id: MemberIdentity::Private(vec![4, 5, 6]), hash: H256::from(blake2_256(&[4, 5, 6])), }, - Some(id_graph_hash), + Some(account_store_hash), )); - let id_graph: IDGraph = BoundedVec::truncate_from(vec![ - IDGraphMember { + let member_accounts: MemberAccounts = BoundedVec::truncate_from(vec![ + MemberAccount { id: MemberIdentity::from(who_identity.clone()), hash: who_identity_hash, }, member_account.clone(), - IDGraphMember { + MemberAccount { id: MemberIdentity::Private(vec![4, 5, 6]), hash: H256::from(blake2_256(&[4, 5, 6])), }, ]); - assert_eq!(IDGraphs::::get(&who).unwrap(), id_graph); + assert_eq!(AccountStore::::get(&who).unwrap(), member_accounts); - // attempt to link an identity with an old id_graph_hash + // attempt to add an account with an old AccountStoreHash assert_noop!( - OmniAccount::link_identity( + OmniAccount::add_account( RuntimeOrigin::signed(tee_signer), who_identity, - IDGraphMember { + MemberAccount { id: MemberIdentity::Private(vec![7, 8, 9]), hash: H256::from(blake2_256(&[7, 8, 9])), }, - Some(id_graph_hash), + Some(account_store_hash), ), - Error::::IDGraphHashMismatch + Error::::AccountStoreHashMismatch ); }); } #[test] -fn remove_identity_works() { +fn remove_account_works() { new_test_ext().execute_with(|| { let tee_signer = get_tee_signer(); let who = alice(); let who_identity = Identity::from(who.clone()); let who_identity_hash = who_identity.hash().unwrap(); - let member_account = IDGraphMember { + let member_account = MemberAccount { id: MemberIdentity::Private(vec![1, 2, 3]), hash: H256::from(blake2_256(&[1, 2, 3])), }; let identity_hash = member_account.hash; - let identities_to_remove = vec![identity_hash]; + let hashes = vec![identity_hash]; - assert_ok!(OmniAccount::link_identity( + assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), member_account.clone(), @@ -364,22 +377,16 @@ fn remove_identity_works() { // normal signed origin should give `BadOrigin`, no matter // it's from TEE-worker, or omni-account itself assert_noop!( - OmniAccount::remove_identities( - RuntimeOrigin::signed(tee_signer.clone()), - identities_to_remove.clone() - ), + OmniAccount::remove_accounts(RuntimeOrigin::signed(tee_signer.clone()), hashes.clone()), sp_runtime::DispatchError::BadOrigin ); assert_noop!( - OmniAccount::remove_identities( - RuntimeOrigin::signed(who.clone()), - identities_to_remove.clone() - ), + OmniAccount::remove_accounts(RuntimeOrigin::signed(who.clone()), hashes.clone()), sp_runtime::DispatchError::BadOrigin ); - let call = remove_identity_call(identities_to_remove.clone()); + let call = remove_accounts_call(hashes.clone()); assert_ok!(OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity_hash, @@ -392,49 +399,48 @@ fn remove_identity_works() { ); System::assert_has_event( - Event::IdentityRemoved { who: who.clone(), identity_hashes: identities_to_remove } - .into(), + Event::AccountRemoved { who: who.clone(), member_account_hashes: hashes }.into(), ); - let expected_id_graph: IDGraph = - BoundedVec::truncate_from(vec![IDGraphMember { + let expected_member_accounts: MemberAccounts = + BoundedVec::truncate_from(vec![MemberAccount { id: MemberIdentity::Public(who_identity.clone()), hash: who_identity_hash, }]); - assert_eq!(IDGraphs::::get(&who).unwrap(), expected_id_graph); - assert!(!LinkedIdentityHashes::::contains_key(identity_hash)); + assert_eq!(AccountStore::::get(&who).unwrap(), expected_member_accounts); + assert!(!MemberAccountHash::::contains_key(identity_hash)); - let call = remove_identity_call(vec![who_identity_hash]); + let call = remove_accounts_call(vec![who_identity_hash]); assert_ok!(OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity_hash, call )); - assert!(!IDGraphs::::contains_key(&who)); + assert!(!AccountStore::::contains_key(&who)); }); } #[test] -fn remove_identity_empty_identity_check_works() { +fn remove_account_empty_account_check_works() { new_test_ext().execute_with(|| { let tee_signer = get_tee_signer(); let who = alice(); let who_identity = Identity::from(who.clone()); let who_identity_hash = who_identity.hash().unwrap(); - assert_ok!(OmniAccount::link_identity( + assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity, - IDGraphMember { + MemberAccount { id: MemberIdentity::Private(vec![1, 2, 3]), hash: H256::from(blake2_256(&[1, 2, 3])), }, None )); - let call = remove_identity_call(vec![]); + let call = remove_accounts_call(vec![]); // execution itself is ok, but error is shown in the dispatch result assert_ok!(OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), @@ -447,7 +453,7 @@ fn remove_identity_empty_identity_check_works() { result: Err(DispatchError::Module(ModuleError { index: 5, error: [6, 0, 0, 0], - message: Some("IdentitiesEmpty"), + message: Some("EmptyAccount"), })), } .into(), @@ -456,7 +462,7 @@ fn remove_identity_empty_identity_check_works() { } #[test] -fn make_identity_public_works() { +fn publicize_account_works() { new_test_ext().execute_with(|| { let tee_signer = get_tee_signer(); let who = alice(); @@ -468,23 +474,24 @@ fn make_identity_public_works() { let identity_hash = H256::from(blake2_256(&Identity::from(bob()).to_did().unwrap().encode())); - assert_ok!(OmniAccount::link_identity( + assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), - IDGraphMember { id: private_identity.clone(), hash: identity_hash }, + MemberAccount { id: private_identity.clone(), hash: identity_hash }, None )); - let expected_id_graph: IDGraph = BoundedVec::truncate_from(vec![ - IDGraphMember { - id: MemberIdentity::Public(who_identity.clone()), - hash: who_identity.hash().unwrap(), - }, - IDGraphMember { id: private_identity.clone(), hash: identity_hash }, - ]); - assert_eq!(IDGraphs::::get(&who).unwrap(), expected_id_graph); + let expected_member_accounts: MemberAccounts = + BoundedVec::truncate_from(vec![ + MemberAccount { + id: MemberIdentity::Public(who_identity.clone()), + hash: who_identity.hash().unwrap(), + }, + MemberAccount { id: private_identity.clone(), hash: identity_hash }, + ]); + assert_eq!(AccountStore::::get(&who).unwrap(), expected_member_accounts); - let call = make_identity_public_call(identity_hash, public_identity.clone()); + let call = publicize_account_call(identity_hash, public_identity.clone()); assert_ok!(OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity_hash, @@ -497,22 +504,24 @@ fn make_identity_public_works() { ); System::assert_has_event( - Event::IdentityMadePublic { who: who.clone(), identity_hash }.into(), + Event::AccountMadePublic { who: who.clone(), member_account_hash: identity_hash } + .into(), ); - let expected_id_graph: IDGraph = BoundedVec::truncate_from(vec![ - IDGraphMember { - id: MemberIdentity::Public(who_identity.clone()), - hash: who_identity.hash().unwrap(), - }, - IDGraphMember { id: public_identity.clone(), hash: identity_hash }, - ]); - assert_eq!(IDGraphs::::get(&who).unwrap(), expected_id_graph); + let expected_member_accounts: MemberAccounts = + BoundedVec::truncate_from(vec![ + MemberAccount { + id: MemberIdentity::Public(who_identity.clone()), + hash: who_identity.hash().unwrap(), + }, + MemberAccount { id: public_identity.clone(), hash: identity_hash }, + ]); + assert_eq!(AccountStore::::get(&who).unwrap(), expected_member_accounts); }); } #[test] -fn make_identity_public_identity_not_found_works() { +fn publicize_account_identity_not_found_works() { new_test_ext().execute_with(|| { let tee_signer = get_tee_signer(); let who = alice(); @@ -525,20 +534,20 @@ fn make_identity_public_identity_not_found_works() { let identity_hash = H256::from(blake2_256(&Identity::from(bob()).to_did().unwrap().encode())); - let call = make_identity_public_call(identity_hash, public_identity.clone()); + let call = publicize_account_call(identity_hash, public_identity.clone()); assert_noop!( OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity_hash, call ), - Error::::IdentityNotFound + Error::::AccountNotFound ); - assert_ok!(OmniAccount::link_identity( + assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity, - IDGraphMember { id: private_identity.clone(), hash: identity_hash }, + MemberAccount { id: private_identity.clone(), hash: identity_hash }, None )); @@ -547,7 +556,7 @@ fn make_identity_public_identity_not_found_works() { let other_identity_hash = H256::from(blake2_256(&charlie_identity.to_did().unwrap().encode())); - let call = make_identity_public_call(other_identity_hash, other_identity); + let call = publicize_account_call(other_identity_hash, other_identity); assert_ok!(OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity_hash, @@ -559,7 +568,7 @@ fn make_identity_public_identity_not_found_works() { result: Err(DispatchError::Module(ModuleError { index: 5, error: [2, 0, 0, 0], - message: Some("IdentityNotFound"), + message: Some("AccountNotFound"), })), } .into(), @@ -568,7 +577,7 @@ fn make_identity_public_identity_not_found_works() { } #[test] -fn make_identity_public_identity_is_private_check_works() { +fn publicize_account_identity_is_private_check_works() { new_test_ext().execute_with(|| { let tee_signer = get_tee_signer(); let who = alice(); @@ -578,14 +587,14 @@ fn make_identity_public_identity_is_private_check_works() { let private_identity = MemberIdentity::Private(vec![1, 2, 3]); let identity_hash = Identity::from(bob()).hash().unwrap(); - assert_ok!(OmniAccount::link_identity( + assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity, - IDGraphMember { id: private_identity.clone(), hash: identity_hash }, + MemberAccount { id: private_identity.clone(), hash: identity_hash }, None )); - let call = make_identity_public_call(identity_hash, private_identity); + let call = publicize_account_call(identity_hash, private_identity); assert_ok!(OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity_hash, @@ -597,7 +606,7 @@ fn make_identity_public_identity_is_private_check_works() { result: Err(DispatchError::Module(ModuleError { index: 5, error: [5, 0, 0, 0], - message: Some("IdentityIsPrivate"), + message: Some("AccountIsPrivate"), })), } .into(), @@ -616,10 +625,10 @@ fn dispatch_as_signed_works() { let private_identity = MemberIdentity::Private(vec![1, 2, 3]); let identity_hash = Identity::from(bob()).hash().unwrap(); - assert_ok!(OmniAccount::link_identity( + assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity, - IDGraphMember { id: private_identity.clone(), hash: identity_hash }, + MemberAccount { id: private_identity.clone(), hash: identity_hash }, None )); diff --git a/parachain/runtime/litentry/src/lib.rs b/parachain/runtime/litentry/src/lib.rs index 2f42a4433a..a1cc08d949 100644 --- a/parachain/runtime/litentry/src/lib.rs +++ b/parachain/runtime/litentry/src/lib.rs @@ -964,7 +964,7 @@ impl pallet_omni_account::Config for Runtime { type RuntimeCall = RuntimeCall; type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; - type MaxIDGraphLength = ConstU32<64>; + type MaxAccountStoreLength = ConstU32<64>; type AccountIdConverter = IdentityToAccountIdConverter; type OmniAccountOrigin = EnsureOmniAccount; } diff --git a/parachain/runtime/paseo/src/lib.rs b/parachain/runtime/paseo/src/lib.rs index 98a157165b..b3967f00cf 100644 --- a/parachain/runtime/paseo/src/lib.rs +++ b/parachain/runtime/paseo/src/lib.rs @@ -1007,7 +1007,7 @@ impl pallet_omni_account::Config for Runtime { type RuntimeCall = RuntimeCall; type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; - type MaxIDGraphLength = ConstU32<64>; + type MaxAccountStoreLength = ConstU32<64>; type AccountIdConverter = IdentityToAccountIdConverter; type OmniAccountOrigin = EnsureOmniAccount; } diff --git a/parachain/runtime/rococo/src/lib.rs b/parachain/runtime/rococo/src/lib.rs index 5d2192564a..e186597e0b 100644 --- a/parachain/runtime/rococo/src/lib.rs +++ b/parachain/runtime/rococo/src/lib.rs @@ -1006,7 +1006,7 @@ impl pallet_omni_account::Config for Runtime { type RuntimeCall = RuntimeCall; type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; - type MaxIDGraphLength = ConstU32<64>; + type MaxAccountStoreLength = ConstU32<64>; type AccountIdConverter = IdentityToAccountIdConverter; type OmniAccountOrigin = EnsureOmniAccount; } From b36e50cd03653675ef02a15b6457b85cf294b197 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Tue, 8 Oct 2024 14:20:29 +0200 Subject: [PATCH 05/17] feat: integrate extrinsic factory in VC handler (#3119) Replaced ParachainExtrinsicSender with itp-extrinsics-factory in VC handler to send vc_issued extrinsics one by one. Co-authored-by: Kai <7630809+Kailai-Wang@users.noreply.github.com> --- tee-worker/Cargo.lock | 2 +- .../identity/enclave-runtime/Cargo.lock | 2 +- .../enclave-runtime/src/initialization/mod.rs | 3 +- .../litentry/core/vc-task/receiver/Cargo.toml | 4 ++- .../litentry/core/vc-task/receiver/src/lib.rs | 28 +++++++++++++++---- 5 files changed, 29 insertions(+), 10 deletions(-) diff --git a/tee-worker/Cargo.lock b/tee-worker/Cargo.lock index 3598a69365..db04271794 100644 --- a/tee-worker/Cargo.lock +++ b/tee-worker/Cargo.lock @@ -5368,6 +5368,7 @@ dependencies = [ "id-itp-stf-executor", "id-itp-top-pool-author", "itp-enclave-metrics", + "itp-extrinsics-factory", "itp-node-api", "itp-ocall-api", "itp-sgx-crypto", @@ -5378,7 +5379,6 @@ dependencies = [ "itp-types", "lc-dynamic-assertion", "lc-evm-dynamic-assertions", - "lc-parachain-extrinsic-task-sender", "lc-stf-task-receiver", "lc-stf-task-sender", "lc-vc-task-sender", diff --git a/tee-worker/identity/enclave-runtime/Cargo.lock b/tee-worker/identity/enclave-runtime/Cargo.lock index 34b8f1631d..de7a5089bf 100644 --- a/tee-worker/identity/enclave-runtime/Cargo.lock +++ b/tee-worker/identity/enclave-runtime/Cargo.lock @@ -3277,6 +3277,7 @@ dependencies = [ "id-itp-stf-executor", "id-itp-top-pool-author", "itp-enclave-metrics", + "itp-extrinsics-factory", "itp-node-api", "itp-ocall-api", "itp-sgx-crypto", @@ -3287,7 +3288,6 @@ dependencies = [ "itp-types", "lc-dynamic-assertion", "lc-evm-dynamic-assertions", - "lc-parachain-extrinsic-task-sender", "lc-stf-task-receiver", "lc-stf-task-sender", "lc-vc-task-sender", diff --git a/tee-worker/identity/enclave-runtime/src/initialization/mod.rs b/tee-worker/identity/enclave-runtime/src/initialization/mod.rs index dabe50920b..d6cde31bc2 100644 --- a/tee-worker/identity/enclave-runtime/src/initialization/mod.rs +++ b/tee-worker/identity/enclave-runtime/src/initialization/mod.rs @@ -324,9 +324,10 @@ fn run_vc_issuance() -> Result<(), Error> { data_provider_config, evm_assertion_repository, ); + let extrinsic_factory = get_extrinsic_factory_from_integritee_solo_or_parachain()?; let node_metadata_repo = get_node_metadata_repository_from_integritee_solo_or_parachain()?; - run_vc_handler_runner(Arc::new(stf_task_context), node_metadata_repo); + run_vc_handler_runner(Arc::new(stf_task_context), extrinsic_factory, node_metadata_repo); Ok(()) } diff --git a/tee-worker/identity/litentry/core/vc-task/receiver/Cargo.toml b/tee-worker/identity/litentry/core/vc-task/receiver/Cargo.toml index e581fb153c..cafe82d635 100644 --- a/tee-worker/identity/litentry/core/vc-task/receiver/Cargo.toml +++ b/tee-worker/identity/litentry/core/vc-task/receiver/Cargo.toml @@ -15,6 +15,7 @@ sp-core = { workspace = true, features = ["full_crypto"] } ita-sgx-runtime = { package = "id-ita-sgx-runtime", path = "../../../../app-libs/sgx-runtime", default-features = false } ita-stf = { package = "id-ita-stf", path = "../../../../app-libs/stf", default-features = false } itp-enclave-metrics = { workspace = true } +itp-extrinsics-factory = { workspace = true } itp-node-api = { workspace = true } itp-ocall-api = { workspace = true } itp-sgx-crypto = { workspace = true } @@ -29,7 +30,6 @@ itp-types = { workspace = true } frame-support = { workspace = true } lc-dynamic-assertion = { workspace = true } lc-evm-dynamic-assertions = { workspace = true } -lc-parachain-extrinsic-task-sender = { workspace = true } lc-stf-task-receiver = { workspace = true } lc-stf-task-sender = { workspace = true } lc-vc-task-sender = { workspace = true } @@ -53,6 +53,7 @@ sgx = [ "lc-stf-task-sender/sgx", "itp-node-api/sgx", "itp-storage/sgx", + "itp-extrinsics-factory/sgx", "lc-vc-task-sender/sgx", "lc-dynamic-assertion/sgx", "lc-evm-dynamic-assertions/sgx", @@ -66,6 +67,7 @@ std = [ "itp-stf-executor/std", "itp-stf-state-handler/std", "itp-stf-primitives/std", + "itp-extrinsics-factory/std", "sp-core/std", "litentry-primitives/std", "ita-sgx-runtime/std", diff --git a/tee-worker/identity/litentry/core/vc-task/receiver/src/lib.rs b/tee-worker/identity/litentry/core/vc-task/receiver/src/lib.rs index 727258f173..d8cce8567f 100644 --- a/tee-worker/identity/litentry/core/vc-task/receiver/src/lib.rs +++ b/tee-worker/identity/litentry/core/vc-task/receiver/src/lib.rs @@ -37,6 +37,7 @@ use ita_stf::{ Getter, TrustedCall, TrustedCallSigned, }; use itp_enclave_metrics::EnclaveMetric; +use itp_extrinsics_factory::CreateExtrinsics; use itp_node_api::metadata::{ pallet_system::SystemConstants, pallet_vcmp::VCMPCallIndexes, provider::AccessNodeMetadata, NodeMetadataTrait, @@ -50,11 +51,11 @@ use itp_stf_state_handler::handle_state::HandleState; use itp_storage::{storage_map_key, storage_value_key, StorageHasher}; use itp_top_pool_author::traits::AuthorApi; use itp_types::{ - AccountId, BlockNumber as SidechainBlockNumber, OpaqueCall, ShardIdentifier, H256, + parentchain::ParentchainId, AccountId, BlockNumber as SidechainBlockNumber, OpaqueCall, + ShardIdentifier, H256, }; use lc_dynamic_assertion::AssertionLogicRepository; use lc_evm_dynamic_assertions::AssertionRepositoryItem; -use lc_parachain_extrinsic_task_sender::{ParachainExtrinsicSender, SendParachainExtrinsic}; use lc_stf_task_receiver::{handler::assertion::create_credential_str, StfTaskContext}; use lc_vc_task_sender::init_vc_task_sender; use litentry_macros::if_development_or; @@ -78,8 +79,9 @@ use std::{ vec::Vec, }; -pub fn run_vc_handler_runner( +pub fn run_vc_handler_runner( context: Arc>, + extrinsic_factory: Arc, node_metadata_repo: Arc, ) where ShieldingKeyRepository: AccessKey + Send + Sync + 'static, @@ -90,6 +92,7 @@ pub fn run_vc_handler_runner( H: HandleState + Send + Sync + 'static, H::StateT: SgxExternalitiesTrait, O: EnclaveOnChainOCallApi + EnclaveMetricsOCallApi + EnclaveAttestationOCallApi + 'static, + Z: CreateExtrinsics + Send + Sync + 'static, N: AccessNodeMetadata + Send + Sync + 'static, N::MetadataType: NodeMetadataTrait, AR: AssertionLogicRepository + Send + Sync + 'static, @@ -185,6 +188,7 @@ pub fn run_vc_handler_runner( let shard_pool = request.shard; let context_pool = context.clone(); + let extrinsic_factory_pool = extrinsic_factory.clone(); let node_metadata_repo_pool = node_metadata_repo.clone(); let tc_sender_pool = tc_sender.clone(); let req_registry_pool = req_registry.clone(); @@ -192,6 +196,7 @@ pub fn run_vc_handler_runner( let response = process_single_request( shard_pool, context_pool.clone(), + extrinsic_factory_pool, node_metadata_repo_pool, tc_sender_pool, tcs.call.clone(), @@ -249,6 +254,7 @@ pub fn run_vc_handler_runner( let shard_pool = request.shard; let context_pool = context.clone(); + let extrinsic_factory_pool = extrinsic_factory.clone(); let node_metadata_repo_pool = node_metadata_repo.clone(); let tc_sender_pool = tc_sender.clone(); let req_registry_pool = req_registry.clone(); @@ -257,6 +263,7 @@ pub fn run_vc_handler_runner( let response = process_single_request( shard_pool, context_pool.clone(), + extrinsic_factory_pool, node_metadata_repo_pool, tc_sender_pool, new_call, @@ -405,9 +412,10 @@ fn send_vc_response( } } -fn process_single_request( +fn process_single_request( shard: H256, context: Arc>, + extrinsic_factory: Arc, node_metadata_repo: Arc, tc_sender: Sender<(ShardIdentifier, TrustedCall)>, call: TrustedCall, @@ -421,6 +429,7 @@ where H: HandleState + Send + Sync + 'static, H::StateT: SgxExternalitiesTrait, O: EnclaveOnChainOCallApi + EnclaveMetricsOCallApi + EnclaveAttestationOCallApi + 'static, + Z: CreateExtrinsics + Send + Sync + 'static, N: AccessNodeMetadata + Send + Sync + 'static, N::MetadataType: NodeMetadataTrait, AR: AssertionLogicRepository, @@ -599,8 +608,15 @@ where .send((shard, c)) .map_err(|e| RequestVcErrorDetail::TrustedCallSendingFailed(e.to_string()))?; - let extrinsic_sender = ParachainExtrinsicSender::new(); - extrinsic_sender.send(call).map_err(RequestVcErrorDetail::CallSendingFailed)?; + // this internally fetches nonce from a mutex and then updates it thereby ensuring ordering + let xt = extrinsic_factory + .create_extrinsics(&[call], None) + .map_err(|e| RequestVcErrorDetail::ExtrinsicConstructionFailed(e.to_string()))?; + + context + .ocall_api + .send_to_parentchain(xt, &ParentchainId::Litentry, false) + .map_err(|e| RequestVcErrorDetail::ExtrinsicSendingFailed(e.to_string()))?; if let Err(e) = context .ocall_api From 1fd1efc011b4d51dcb08b422b540d18b955f18a6 Mon Sep 17 00:00:00 2001 From: Kai <7630809+Kailai-Wang@users.noreply.github.com> Date: Wed, 9 Oct 2024 00:45:11 +0200 Subject: [PATCH 06/17] Use encoded Identity for hashing (#3120) * Use encoded hash directly * small update * remove test - it is a bit verbose --- common/primitives/core/src/identity.rs | 13 ++----- parachain/pallets/omni-account/src/lib.rs | 11 +++--- parachain/pallets/omni-account/src/tests.rs | 40 ++++++++++----------- 3 files changed, 27 insertions(+), 37 deletions(-) diff --git a/common/primitives/core/src/identity.rs b/common/primitives/core/src/identity.rs index 3e5980a826..ffc9940cde 100644 --- a/common/primitives/core/src/identity.rs +++ b/common/primitives/core/src/identity.rs @@ -469,9 +469,8 @@ impl Identity { )) } - pub fn hash(&self) -> Result { - let did = self.to_did()?; - Ok(H256::from(blake2_256(&did.encode()))) + pub fn hash(&self) -> H256 { + self.using_encoded(blake2_256).into() } } @@ -796,12 +795,4 @@ mod tests { assert_eq!(identity.to_did().unwrap(), did.as_str()); assert_eq!(Identity::from_did(did.as_str()).unwrap(), identity); } - - #[test] - fn test_identity_hash() { - let identity = Identity::Substrate([0; 32].into()); - let did_str = "did:litentry:substrate:0x0000000000000000000000000000000000000000000000000000000000000000"; - let hash = identity.hash().unwrap(); - assert_eq!(hash, H256::from(blake2_256(&did_str.encode()))); - } } diff --git a/parachain/pallets/omni-account/src/lib.rs b/parachain/pallets/omni-account/src/lib.rs index bc29bef7c1..f2676ec01d 100644 --- a/parachain/pallets/omni-account/src/lib.rs +++ b/parachain/pallets/omni-account/src/lib.rs @@ -56,7 +56,7 @@ pub trait GetAccountStoreHash { impl GetAccountStoreHash for BoundedVec { fn hash(&self) -> H256 { let hashes: Vec = self.iter().map(|member| member.hash).collect(); - H256::from(blake2_256(&hashes.encode())) + hashes.using_encoded(blake2_256).into() } } @@ -169,7 +169,7 @@ pub mod pallet { AccountIsPrivate, EmptyAccount, AccountStoreHashMismatch, - AccountStoreHashMaissing, + AccountStoreHashMissing, } #[pallet::call] @@ -333,12 +333,12 @@ pub mod pallet { maybe_account_store_hash: Option, ) -> Result<(), Error> { let current_account_store_hash = - AccountStoreHash::::get(who).ok_or(Error::::AccountStoreHashMaissing)?; + AccountStoreHash::::get(who).ok_or(Error::::AccountStoreHashMissing)?; match maybe_account_store_hash { Some(h) => { ensure!(current_account_store_hash == h, Error::::AccountStoreHashMismatch); }, - None => return Err(Error::::AccountStoreHashMaissing), + None => return Err(Error::::AccountStoreHashMissing), } Ok(()) @@ -348,8 +348,7 @@ pub mod pallet { owner_identity: Identity, owner_account_id: T::AccountId, ) -> Result, Error> { - let owner_identity_hash = - owner_identity.hash().map_err(|_| Error::::InvalidAccount)?; + let owner_identity_hash = owner_identity.hash(); if MemberAccountHash::::contains_key(owner_identity_hash) { return Err(Error::::AccountAlreadyAdded); } diff --git a/parachain/pallets/omni-account/src/tests.rs b/parachain/pallets/omni-account/src/tests.rs index 7712940b0b..0e3855195a 100644 --- a/parachain/pallets/omni-account/src/tests.rs +++ b/parachain/pallets/omni-account/src/tests.rs @@ -46,15 +46,15 @@ fn add_account_works() { let who = alice(); let who_identity = Identity::from(who.clone()); - let who_identity_hash = who_identity.hash().unwrap(); + let who_identity_hash = who_identity.hash(); let bob_member_account = MemberAccount { id: MemberIdentity::Private(bob().encode()), - hash: Identity::from(bob()).hash().unwrap(), + hash: Identity::from(bob()).hash(), }; let charlie_member_account = MemberAccount { id: MemberIdentity::Public(Identity::from(charlie())), - hash: Identity::from(charlie()).hash().unwrap(), + hash: Identity::from(charlie()).hash(), }; let expected_member_accounts: MemberAccounts = @@ -141,11 +141,11 @@ fn add_account_hash_checking_works() { let bob_member_account = MemberAccount { id: MemberIdentity::Private(bob().encode()), - hash: Identity::from(bob()).hash().unwrap(), + hash: Identity::from(bob()).hash(), }; let charlie_member_account = MemberAccount { id: MemberIdentity::Public(Identity::from(charlie())), - hash: Identity::from(charlie()).hash().unwrap(), + hash: Identity::from(charlie()).hash(), }; // AccountStore gets created with the first account @@ -164,7 +164,7 @@ fn add_account_hash_checking_works() { charlie_member_account, None ), - Error::::AccountStoreHashMaissing + Error::::AccountStoreHashMissing ); }); } @@ -194,7 +194,7 @@ fn add_account_already_linked_works() { let member_account = MemberAccount { id: MemberIdentity::Public(Identity::from(bob())), - hash: Identity::from(bob()).hash().unwrap(), + hash: Identity::from(bob()).hash(), }; assert_ok!(OmniAccount::add_account( @@ -217,7 +217,7 @@ fn add_account_already_linked_works() { let who = Identity::from(bob()); let alice_member_account = MemberAccount { id: MemberIdentity::Public(Identity::from(alice())), - hash: Identity::from(alice()).hash().unwrap(), + hash: Identity::from(alice()).hash(), }; assert_noop!( OmniAccount::add_account( @@ -238,7 +238,7 @@ fn add_account_store_len_limit_reached_works() { let who = alice(); let who_identity = Identity::from(who.clone()); - let who_identity_hash = who_identity.hash().unwrap(); + let who_identity_hash = who_identity.hash(); let member_account_2 = MemberAccount { id: MemberIdentity::Private(vec![1, 2, 3]), @@ -284,7 +284,7 @@ fn add_account_store_hash_mismatch_works() { let who = alice(); let who_identity = Identity::from(who.clone()); - let who_identity_hash = who_identity.hash().unwrap(); + let who_identity_hash = who_identity.hash(); let member_account = MemberAccount { id: MemberIdentity::Private(vec![1, 2, 3]), @@ -358,7 +358,7 @@ fn remove_account_works() { let tee_signer = get_tee_signer(); let who = alice(); let who_identity = Identity::from(who.clone()); - let who_identity_hash = who_identity.hash().unwrap(); + let who_identity_hash = who_identity.hash(); let member_account = MemberAccount { id: MemberIdentity::Private(vec![1, 2, 3]), @@ -428,7 +428,7 @@ fn remove_account_empty_account_check_works() { let tee_signer = get_tee_signer(); let who = alice(); let who_identity = Identity::from(who.clone()); - let who_identity_hash = who_identity.hash().unwrap(); + let who_identity_hash = who_identity.hash(); assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), @@ -467,7 +467,7 @@ fn publicize_account_works() { let tee_signer = get_tee_signer(); let who = alice(); let who_identity = Identity::from(who.clone()); - let who_identity_hash = who_identity.hash().unwrap(); + let who_identity_hash = who_identity.hash(); let private_identity = MemberIdentity::Private(vec![1, 2, 3]); let public_identity = MemberIdentity::Public(Identity::from(bob())); @@ -485,7 +485,7 @@ fn publicize_account_works() { BoundedVec::truncate_from(vec![ MemberAccount { id: MemberIdentity::Public(who_identity.clone()), - hash: who_identity.hash().unwrap(), + hash: who_identity.hash(), }, MemberAccount { id: private_identity.clone(), hash: identity_hash }, ]); @@ -512,7 +512,7 @@ fn publicize_account_works() { BoundedVec::truncate_from(vec![ MemberAccount { id: MemberIdentity::Public(who_identity.clone()), - hash: who_identity.hash().unwrap(), + hash: who_identity.hash(), }, MemberAccount { id: public_identity.clone(), hash: identity_hash }, ]); @@ -526,7 +526,7 @@ fn publicize_account_identity_not_found_works() { let tee_signer = get_tee_signer(); let who = alice(); let who_identity = Identity::from(who.clone()); - let who_identity_hash = who_identity.hash().unwrap(); + let who_identity_hash = who_identity.hash(); let private_identity = MemberIdentity::Private(vec![1, 2, 3]); let identity = Identity::from(bob()); @@ -582,10 +582,10 @@ fn publicize_account_identity_is_private_check_works() { let tee_signer = get_tee_signer(); let who = alice(); let who_identity = Identity::from(who.clone()); - let who_identity_hash = who_identity.hash().unwrap(); + let who_identity_hash = who_identity.hash(); let private_identity = MemberIdentity::Private(vec![1, 2, 3]); - let identity_hash = Identity::from(bob()).hash().unwrap(); + let identity_hash = Identity::from(bob()).hash(); assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), @@ -620,10 +620,10 @@ fn dispatch_as_signed_works() { let tee_signer = get_tee_signer(); let who = alice(); let who_identity = Identity::from(who.clone()); - let who_identity_hash = who_identity.hash().unwrap(); + let who_identity_hash = who_identity.hash(); let private_identity = MemberIdentity::Private(vec![1, 2, 3]); - let identity_hash = Identity::from(bob()).hash().unwrap(); + let identity_hash = Identity::from(bob()).hash(); assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), From 8daa6bf14e4c47c0ed97a1f564451a6cfbb5260b Mon Sep 17 00:00:00 2001 From: "will.li" <120463031+higherordertech@users.noreply.github.com> Date: Wed, 9 Oct 2024 21:51:57 +1100 Subject: [PATCH 07/17] chore: Add new cli for IDGraph clean (#3115) Co-authored-by: higherordertech --- .../stf-primitives/src/error.rs | 3 ++ .../pallets/identity-management/src/lib.rs | 45 +++++++++++++++++ .../identity/app-libs/stf/src/trusted_call.rs | 22 +++++++++ .../commands/litentry/clean_id_graphs.rs | 48 +++++++++++++++++++ .../trusted_base_cli/commands/litentry/mod.rs | 2 + .../identity/cli/src/trusted_base_cli/mod.rs | 8 ++++ .../trusted_operations/definitions.ts | 7 +++ 7 files changed, 135 insertions(+) create mode 100644 tee-worker/identity/cli/src/trusted_base_cli/commands/litentry/clean_id_graphs.rs diff --git a/tee-worker/common/core-primitives/stf-primitives/src/error.rs b/tee-worker/common/core-primitives/stf-primitives/src/error.rs index 43d5bfb2cb..64601b4d81 100644 --- a/tee-worker/common/core-primitives/stf-primitives/src/error.rs +++ b/tee-worker/common/core-primitives/stf-primitives/src/error.rs @@ -74,6 +74,9 @@ pub enum StfError { InvalidStorageDiff, #[codec(index = 27)] InvalidMetadata, + #[codec(index = 28)] + #[display(fmt = "CleaningIDGraphsFailed: {:?}", _0)] + CleanIDGraphsFailed(ErrorDetail), } impl From for StfError { diff --git a/tee-worker/common/litentry/pallets/identity-management/src/lib.rs b/tee-worker/common/litentry/pallets/identity-management/src/lib.rs index 65606fc841..1fbe541966 100644 --- a/tee-worker/common/litentry/pallets/identity-management/src/lib.rs +++ b/tee-worker/common/litentry/pallets/identity-management/src/lib.rs @@ -255,6 +255,19 @@ pub mod pallet { Ok(()) } + + // Clean all id_graph related storage + #[pallet::call_index(6)] + #[pallet::weight({15_000_000})] + pub fn clean_id_graphs(origin: OriginFor) -> DispatchResult { + T::ManageOrigin::ensure_origin(origin)?; + + Self::clear_id_graphs(); + Self::clear_id_graph_lens(); + Self::clear_linked_identities(); + + Ok(()) + } } impl Pallet { @@ -324,5 +337,37 @@ pub mod pallet { debug!("IDGraph stats: {:?}", stats); Some(stats) } + + fn clear_id_graphs() { + // Retrieve all the outer and inner keys from the storage by collecting tuples of (outer_key, inner_key) + let keys: Vec<(Identity, Identity)> = IDGraphs::::iter() + .map(|(outer_key, inner_key, _)| (outer_key, inner_key)) + .collect(); + + // Iterate through all the key pairs (outer_key, inner_key) and remove the corresponding entries from storage + for (outer_key, inner_key) in keys { + IDGraphs::::remove(outer_key, inner_key); + } + } + + fn clear_id_graph_lens() { + // Retrieve all the keys from the storage + let keys: Vec = IDGraphLens::::iter_keys().collect(); + + // Iterate through each key and remove the entry + for key in keys { + IDGraphLens::::remove(key); + } + } + + fn clear_linked_identities() { + // Retrieve all the keys from the storage + let keys: Vec = LinkedIdentities::::iter_keys().collect(); + + // Iterate through each key and remove the entry + for key in keys { + LinkedIdentities::::remove(key); + } + } } } diff --git a/tee-worker/identity/app-libs/stf/src/trusted_call.rs b/tee-worker/identity/app-libs/stf/src/trusted_call.rs index 0fc8c6f11c..567069faf9 100644 --- a/tee-worker/identity/app-libs/stf/src/trusted_call.rs +++ b/tee-worker/identity/app-libs/stf/src/trusted_call.rs @@ -136,6 +136,9 @@ pub enum TrustedCall { send_erroneous_parentchain_call(Identity), #[codec(index = 24)] maybe_create_id_graph(Identity, Identity), + #[cfg(feature = "development")] + #[codec(index = 25)] + clean_id_graphs(Identity), // original integritee trusted calls, starting from index 50 #[codec(index = 50)] @@ -224,6 +227,8 @@ impl TrustedCall { #[cfg(feature = "development")] Self::remove_identity(sender_identity, ..) => sender_identity, Self::request_batch_vc(sender_identity, ..) => sender_identity, + #[cfg(feature = "development")] + Self::clean_id_graphs(sender_identity) => sender_identity, } } @@ -871,6 +876,23 @@ where Err(e) => warn!("maybe_create_id_graph NOK: {:?}", e), }; + Ok(TrustedCallResult::Empty) + }, + #[cfg(feature = "development")] + TrustedCall::clean_id_graphs(signer) => { + debug!("clean_id_graphs"); + + let account = signer.to_account_id().ok_or(Self::Error::InvalidAccount)?; + use crate::helpers::ensure_enclave_signer_or_alice; + ensure!( + ensure_enclave_signer_or_alice(&account), + StfError::CleanIDGraphsFailed(ErrorDetail::UnauthorizedSigner) + ); + + IMTCall::clean_id_graphs {} + .dispatch_bypass_filter(ita_sgx_runtime::RuntimeOrigin::root()) + .map_err(|e| StfError::CleanIDGraphsFailed(e.into()))?; + Ok(TrustedCallResult::Empty) }, } diff --git a/tee-worker/identity/cli/src/trusted_base_cli/commands/litentry/clean_id_graphs.rs b/tee-worker/identity/cli/src/trusted_base_cli/commands/litentry/clean_id_graphs.rs new file mode 100644 index 0000000000..573da47ef5 --- /dev/null +++ b/tee-worker/identity/cli/src/trusted_base_cli/commands/litentry/clean_id_graphs.rs @@ -0,0 +1,48 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use crate::{ + get_layer_two_nonce, + trusted_cli::TrustedCli, + trusted_command_utils::{get_identifiers, get_pair_from_str}, + trusted_operation::perform_trusted_operation, + Cli, CliResult, CliResultOk, +}; +use clap::Parser; +use ita_stf::{Index, TrustedCall}; +use itp_stf_primitives::{traits::TrustedCallSigning, types::KeyPair}; +use sp_core::Pair; + +// usage exmaple: +// +// ./bin/litentry-cli trusted --mrenclave --direct clean-id-graphs + +#[derive(Parser)] +pub struct CleanIDGraphsCommand {} + +impl CleanIDGraphsCommand { + pub(crate) fn run(&self, cli: &Cli, trusted_cli: &TrustedCli) -> CliResult { + let alice = get_pair_from_str(trusted_cli, "//Alice", cli); + + let (mrenclave, shard) = get_identifiers(trusted_cli, cli); + let nonce = get_layer_two_nonce!(alice, cli, trusted_cli); + + let top = TrustedCall::clean_id_graphs(alice.public().into()) + .sign(&KeyPair::Sr25519(Box::new(alice)), nonce, &mrenclave, &shard) + .into_trusted_operation(trusted_cli.direct); + Ok(perform_trusted_operation::<()>(cli, trusted_cli, &top).map(|_| CliResultOk::None)?) + } +} diff --git a/tee-worker/identity/cli/src/trusted_base_cli/commands/litentry/mod.rs b/tee-worker/identity/cli/src/trusted_base_cli/commands/litentry/mod.rs index c43a30c81f..5694e7d6a5 100644 --- a/tee-worker/identity/cli/src/trusted_base_cli/commands/litentry/mod.rs +++ b/tee-worker/identity/cli/src/trusted_base_cli/commands/litentry/mod.rs @@ -14,6 +14,8 @@ // You should have received a copy of the GNU General Public License // along with Litentry. If not, see . +#[cfg(feature = "development")] +pub mod clean_id_graphs; pub mod get_storage; pub mod id_graph; pub mod link_identity; diff --git a/tee-worker/identity/cli/src/trusted_base_cli/mod.rs b/tee-worker/identity/cli/src/trusted_base_cli/mod.rs index dbeb797146..479b3fa8f9 100644 --- a/tee-worker/identity/cli/src/trusted_base_cli/mod.rs +++ b/tee-worker/identity/cli/src/trusted_base_cli/mod.rs @@ -15,6 +15,8 @@ */ +#[cfg(feature = "development")] +use crate::trusted_base_cli::commands::litentry::clean_id_graphs::CleanIDGraphsCommand; #[cfg(feature = "development")] use crate::trusted_base_cli::commands::litentry::remove_identity::RemoveIdentityCommand; use crate::{ @@ -86,6 +88,10 @@ pub enum TrustedBaseCommand { /// Remove Identity from the prime identity #[cfg(feature = "development")] RemoveIdentity(RemoveIdentityCommand), + + // Remove all id_graph from storage + #[cfg(feature = "development")] + CleanIDGraphs(CleanIDGraphsCommand), } impl TrustedBaseCommand { @@ -106,6 +112,8 @@ impl TrustedBaseCommand { TrustedBaseCommand::RequestVc(cmd) => cmd.run(cli, trusted_cli), #[cfg(feature = "development")] TrustedBaseCommand::RemoveIdentity(cmd) => cmd.run(cli, trusted_cli), + #[cfg(feature = "development")] + TrustedBaseCommand::CleanIDGraphs(cmd) => cmd.run(cli, trusted_cli), } } } diff --git a/tee-worker/identity/client-api/parachain-api/prepare-build/interfaces/trusted_operations/definitions.ts b/tee-worker/identity/client-api/parachain-api/prepare-build/interfaces/trusted_operations/definitions.ts index 4ea7afc092..f3cd426fe9 100644 --- a/tee-worker/identity/client-api/parachain-api/prepare-build/interfaces/trusted_operations/definitions.ts +++ b/tee-worker/identity/client-api/parachain-api/prepare-build/interfaces/trusted_operations/definitions.ts @@ -58,6 +58,13 @@ export default { // this trusted call can only be requested directly by root or enclave_signer_account link_identity_callback: "(LitentryIdentity, LitentryIdentity, LitentryIdentity, Vec, Option, H256)", + + __Unused_21: "Null", + __Unused_22: "Null", + __Unused_23: "Null", + __Unused_24: "Null", + + clean_id_graphs: "(LitentryIdentity)", }, }, TrustedOperationStatus: { From 1189d1aed62bd493b3e89fa77cbe3da42ab6a6e0 Mon Sep 17 00:00:00 2001 From: "will.li" <120463031+higherordertech@users.noreply.github.com> Date: Thu, 10 Oct 2024 21:14:14 +1100 Subject: [PATCH 08/17] chore: P-1044 merge all identity tests into one (#3113) * chore: P-1044 combine all di identity tests, update ci config to run the combined di identity tests * removed unused function and clean up --------- Co-authored-by: higherordertech --- .github/workflows/ci.yml | 12 +- tee-worker/identity/build.Dockerfile | 2 +- ...t-di-bitcoin-identity-multiworker-test.yml | 22 - .../docker/lit-di-bitcoin-identity-test.yml | 22 - ...l => lit-di-identity-multiworker-test.yml} | 6 +- ...tity-test.yml => lit-di-identity-test.yml} | 6 +- ...it-di-solana-identity-multiworker-test.yml | 22 - .../docker/lit-di-solana-identity-test.yml | 22 - ...di-substrate-identity-multiworker-test.yml | 22 - .../docker/lit-di-substrate-identity-test.yml | 22 - .../docker/lit-discord-identity-test.yml | 22 - .../docker/lit-twitter-identity-test.yml | 22 - tee-worker/identity/ts-tests/README.md | 12 +- .../integration-tests/common/common-types.ts | 2 +- .../integration-tests/common/helpers.ts | 27 +- .../common/utils/identity-helper.ts | 4 +- .../di_bitcoin_identity.test.ts | 345 -------- .../integration-tests/di_evm_identity.test.ts | 370 -------- .../integration-tests/di_identity.test.ts | 362 ++++++++ .../di_solana_identity.test.ts | 365 -------- .../di_substrate_identity.test.ts | 829 ------------------ .../discord_identity.test.ts | 289 ------ .../ts-tests/integration-tests/dr_vc.test.ts | 2 +- .../twitter_identity.test.ts | 304 ------- 24 files changed, 399 insertions(+), 2714 deletions(-) delete mode 100644 tee-worker/identity/docker/lit-di-bitcoin-identity-multiworker-test.yml delete mode 100644 tee-worker/identity/docker/lit-di-bitcoin-identity-test.yml rename tee-worker/identity/docker/{lit-di-evm-identity-multiworker-test.yml => lit-di-identity-multiworker-test.yml} (80%) rename tee-worker/identity/docker/{lit-di-evm-identity-test.yml => lit-di-identity-test.yml} (82%) delete mode 100644 tee-worker/identity/docker/lit-di-solana-identity-multiworker-test.yml delete mode 100644 tee-worker/identity/docker/lit-di-solana-identity-test.yml delete mode 100644 tee-worker/identity/docker/lit-di-substrate-identity-multiworker-test.yml delete mode 100644 tee-worker/identity/docker/lit-di-substrate-identity-test.yml delete mode 100644 tee-worker/identity/docker/lit-discord-identity-test.yml delete mode 100644 tee-worker/identity/docker/lit-twitter-identity-test.yml delete mode 100644 tee-worker/identity/ts-tests/integration-tests/di_bitcoin_identity.test.ts delete mode 100644 tee-worker/identity/ts-tests/integration-tests/di_evm_identity.test.ts create mode 100644 tee-worker/identity/ts-tests/integration-tests/di_identity.test.ts delete mode 100644 tee-worker/identity/ts-tests/integration-tests/di_solana_identity.test.ts delete mode 100644 tee-worker/identity/ts-tests/integration-tests/di_substrate_identity.test.ts delete mode 100644 tee-worker/identity/ts-tests/integration-tests/discord_identity.test.ts delete mode 100644 tee-worker/identity/ts-tests/integration-tests/twitter_identity.test.ts diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index cb4a49f926..f7087e328f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -709,15 +709,10 @@ jobs: fail-fast: false matrix: include: - - test_name: lit-di-substrate-identity-test - - test_name: lit-di-evm-identity-test - - test_name: lit-di-bitcoin-identity-test - - test_name: lit-di-solana-identity-test + - test_name: lit-di-identity-test - test_name: lit-dr-vc-test - test_name: lit-parentchain-nonce - test_name: lit-test-failed-parentchain-extrinsic - - test_name: lit-twitter-identity-test - - test_name: lit-discord-identity-test name: ${{ matrix.test_name }} steps: - uses: actions/checkout@v4 @@ -785,10 +780,7 @@ jobs: fail-fast: false matrix: include: - - test_name: lit-di-bitcoin-identity-multiworker-test - - test_name: lit-di-evm-identity-multiworker-test - - test_name: lit-di-solana-identity-multiworker-test - - test_name: lit-di-substrate-identity-multiworker-test + - test_name: lit-di-identity-multiworker-test - test_name: lit-dr-vc-multiworker-test - test_name: lit-resume-worker name: ${{ matrix.test_name }} diff --git a/tee-worker/identity/build.Dockerfile b/tee-worker/identity/build.Dockerfile index be93051620..6ea754ca3c 100644 --- a/tee-worker/identity/build.Dockerfile +++ b/tee-worker/identity/build.Dockerfile @@ -85,7 +85,7 @@ RUN cargo test --release ################################################## FROM node:18-bookworm-slim AS runner -RUN apt update && apt install -y libssl-dev iproute2 jq curl protobuf-compiler +RUN apt update && apt install -y libssl-dev iproute2 jq curl protobuf-compiler python3 python-is-python3 build-essential RUN corepack enable && corepack prepare pnpm@8.7.6 --activate && corepack enable pnpm diff --git a/tee-worker/identity/docker/lit-di-bitcoin-identity-multiworker-test.yml b/tee-worker/identity/docker/lit-di-bitcoin-identity-multiworker-test.yml deleted file mode 100644 index 3e17273ea2..0000000000 --- a/tee-worker/identity/docker/lit-di-bitcoin-identity-multiworker-test.yml +++ /dev/null @@ -1,22 +0,0 @@ -services: - lit-di-bitcoin-identity-multiworker-test: - image: litentry/identity-cli:latest - container_name: litentry-di-bitcoin-identity-test - volumes: - - ../ts-tests:/ts-tests - - ../client-api:/client-api - - ../cli:/usr/local/worker-cli - build: - context: .. - dockerfile: build.Dockerfile - target: deployed-client - depends_on: - litentry-worker-3: - condition: service_healthy - networks: - - litentry-test-network - entrypoint: "bash -c '/usr/local/worker-cli/lit_ts_integration_test.sh di_bitcoin_identity.test.ts 2>&1' " - restart: "no" -networks: - litentry-test-network: - driver: bridge diff --git a/tee-worker/identity/docker/lit-di-bitcoin-identity-test.yml b/tee-worker/identity/docker/lit-di-bitcoin-identity-test.yml deleted file mode 100644 index 92245d8412..0000000000 --- a/tee-worker/identity/docker/lit-di-bitcoin-identity-test.yml +++ /dev/null @@ -1,22 +0,0 @@ -services: - lit-di-bitcoin-identity-test: - image: litentry/identity-cli:latest - container_name: litentry-di-bitcoin-identity-test - volumes: - - ../ts-tests:/ts-tests - - ../client-api:/client-api - - ../cli:/usr/local/worker-cli - build: - context: .. - dockerfile: build.Dockerfile - target: deployed-client - depends_on: - litentry-worker-1: - condition: service_healthy - networks: - - litentry-test-network - entrypoint: "bash -c '/usr/local/worker-cli/lit_ts_integration_test.sh di_bitcoin_identity.test.ts 2>&1' " - restart: "no" -networks: - litentry-test-network: - driver: bridge diff --git a/tee-worker/identity/docker/lit-di-evm-identity-multiworker-test.yml b/tee-worker/identity/docker/lit-di-identity-multiworker-test.yml similarity index 80% rename from tee-worker/identity/docker/lit-di-evm-identity-multiworker-test.yml rename to tee-worker/identity/docker/lit-di-identity-multiworker-test.yml index b287e454bd..5eb974a6c3 100644 --- a/tee-worker/identity/docker/lit-di-evm-identity-multiworker-test.yml +++ b/tee-worker/identity/docker/lit-di-identity-multiworker-test.yml @@ -1,7 +1,7 @@ services: - lit-di-evm-identity-multiworker-test: + lit-di-identity-multiworker-test: image: litentry/identity-cli:latest - container_name: litentry-di-evm-identity-test + container_name: litentry-di-identity-test volumes: - ../ts-tests:/ts-tests - ../client-api:/client-api @@ -15,7 +15,7 @@ services: condition: service_healthy networks: - litentry-test-network - entrypoint: "bash -c '/usr/local/worker-cli/lit_ts_integration_test.sh di_evm_identity.test.ts 2>&1' " + entrypoint: "bash -c '/usr/local/worker-cli/lit_ts_integration_test.sh di_identity.test.ts 2>&1' " restart: "no" networks: litentry-test-network: diff --git a/tee-worker/identity/docker/lit-di-evm-identity-test.yml b/tee-worker/identity/docker/lit-di-identity-test.yml similarity index 82% rename from tee-worker/identity/docker/lit-di-evm-identity-test.yml rename to tee-worker/identity/docker/lit-di-identity-test.yml index dd37b38dc0..87f8c9e09b 100644 --- a/tee-worker/identity/docker/lit-di-evm-identity-test.yml +++ b/tee-worker/identity/docker/lit-di-identity-test.yml @@ -1,7 +1,7 @@ services: - lit-di-evm-identity-test: + lit-di-identity-test: image: litentry/identity-cli:latest - container_name: litentry-di-evm-identity-test + container_name: litentry-di-identity-test volumes: - ../ts-tests:/ts-tests - ../client-api:/client-api @@ -15,7 +15,7 @@ services: condition: service_healthy networks: - litentry-test-network - entrypoint: "bash -c '/usr/local/worker-cli/lit_ts_integration_test.sh di_evm_identity.test.ts 2>&1' " + entrypoint: "bash -c '/usr/local/worker-cli/lit_ts_integration_test.sh di_identity.test.ts 2>&1' " restart: "no" networks: litentry-test-network: diff --git a/tee-worker/identity/docker/lit-di-solana-identity-multiworker-test.yml b/tee-worker/identity/docker/lit-di-solana-identity-multiworker-test.yml deleted file mode 100644 index 11f39fb2ad..0000000000 --- a/tee-worker/identity/docker/lit-di-solana-identity-multiworker-test.yml +++ /dev/null @@ -1,22 +0,0 @@ -services: - lit-di-solana-identity-multiworker-test: - image: litentry/identity-cli:latest - container_name: litentry-di-solana-identity-test - volumes: - - ../ts-tests:/ts-tests - - ../client-api:/client-api - - ../cli:/usr/local/worker-cli - build: - context: .. - dockerfile: build.Dockerfile - target: deployed-client - depends_on: - litentry-worker-3: - condition: service_healthy - networks: - - litentry-test-network - entrypoint: "bash -c '/usr/local/worker-cli/lit_ts_integration_test.sh di_solana_identity.test.ts 2>&1' " - restart: "no" -networks: - litentry-test-network: - driver: bridge diff --git a/tee-worker/identity/docker/lit-di-solana-identity-test.yml b/tee-worker/identity/docker/lit-di-solana-identity-test.yml deleted file mode 100644 index 9301d72f3b..0000000000 --- a/tee-worker/identity/docker/lit-di-solana-identity-test.yml +++ /dev/null @@ -1,22 +0,0 @@ -services: - lit-di-solana-identity-test: - image: litentry/identity-cli:latest - container_name: litentry-di-solana-identity-test - volumes: - - ../ts-tests:/ts-tests - - ../client-api:/client-api - - ../cli:/usr/local/worker-cli - build: - context: .. - dockerfile: build.Dockerfile - target: deployed-client - depends_on: - litentry-worker-1: - condition: service_healthy - networks: - - litentry-test-network - entrypoint: "bash -c '/usr/local/worker-cli/lit_ts_integration_test.sh di_solana_identity.test.ts 2>&1' " - restart: "no" -networks: - litentry-test-network: - driver: bridge diff --git a/tee-worker/identity/docker/lit-di-substrate-identity-multiworker-test.yml b/tee-worker/identity/docker/lit-di-substrate-identity-multiworker-test.yml deleted file mode 100644 index 50742a37ac..0000000000 --- a/tee-worker/identity/docker/lit-di-substrate-identity-multiworker-test.yml +++ /dev/null @@ -1,22 +0,0 @@ -services: - lit-di-substrate-identity-multiworker-test: - image: litentry/identity-cli:latest - container_name: litentry-di-substrate-identity-test - volumes: - - ../ts-tests:/ts-tests - - ../client-api:/client-api - - ../cli:/usr/local/worker-cli - build: - context: .. - dockerfile: build.Dockerfile - target: deployed-client - depends_on: - litentry-worker-3: - condition: service_healthy - networks: - - litentry-test-network - entrypoint: "bash -c '/usr/local/worker-cli/lit_ts_integration_test.sh di_substrate_identity.test.ts 2>&1' " - restart: "no" -networks: - litentry-test-network: - driver: bridge diff --git a/tee-worker/identity/docker/lit-di-substrate-identity-test.yml b/tee-worker/identity/docker/lit-di-substrate-identity-test.yml deleted file mode 100644 index 2bbb7d5c1a..0000000000 --- a/tee-worker/identity/docker/lit-di-substrate-identity-test.yml +++ /dev/null @@ -1,22 +0,0 @@ -services: - lit-di-substrate-identity-test: - image: litentry/identity-cli:latest - container_name: litentry-di-substrate-identity-test - volumes: - - ../ts-tests:/ts-tests - - ../client-api:/client-api - - ../cli:/usr/local/worker-cli - build: - context: .. - dockerfile: build.Dockerfile - target: deployed-client - depends_on: - litentry-worker-1: - condition: service_healthy - networks: - - litentry-test-network - entrypoint: "bash -c '/usr/local/worker-cli/lit_ts_integration_test.sh di_substrate_identity.test.ts 2>&1' " - restart: "no" -networks: - litentry-test-network: - driver: bridge diff --git a/tee-worker/identity/docker/lit-discord-identity-test.yml b/tee-worker/identity/docker/lit-discord-identity-test.yml deleted file mode 100644 index dfc5359e3b..0000000000 --- a/tee-worker/identity/docker/lit-discord-identity-test.yml +++ /dev/null @@ -1,22 +0,0 @@ -services: - lit-discord-identity-test: - image: litentry/identity-cli:latest - container_name: litentry-discord-identity-test - volumes: - - ../ts-tests:/ts-tests - - ../client-api:/client-api - - ../cli:/usr/local/worker-cli - build: - context: .. - dockerfile: build.Dockerfile - target: deployed-client - depends_on: - litentry-worker-1: - condition: service_healthy - networks: - - litentry-test-network - entrypoint: "bash -c '/usr/local/worker-cli/lit_ts_integration_test.sh discord_identity.test.ts 2>&1' " - restart: "no" -networks: - litentry-test-network: - driver: bridge diff --git a/tee-worker/identity/docker/lit-twitter-identity-test.yml b/tee-worker/identity/docker/lit-twitter-identity-test.yml deleted file mode 100644 index e3b8874668..0000000000 --- a/tee-worker/identity/docker/lit-twitter-identity-test.yml +++ /dev/null @@ -1,22 +0,0 @@ -services: - lit-twitter-identity-test: - image: litentry/identity-cli:latest - container_name: litentry-twitter-identity-test - volumes: - - ../ts-tests:/ts-tests - - ../client-api:/client-api - - ../cli:/usr/local/worker-cli - build: - context: .. - dockerfile: build.Dockerfile - target: deployed-client - depends_on: - litentry-worker-1: - condition: service_healthy - networks: - - litentry-test-network - entrypoint: "bash -c '/usr/local/worker-cli/lit_ts_integration_test.sh twitter_identity.test.ts 2>&1' " - restart: "no" -networks: - litentry-test-network: - driver: bridge diff --git a/tee-worker/identity/ts-tests/README.md b/tee-worker/identity/ts-tests/README.md index 764c128ef4..7e9684979f 100644 --- a/tee-worker/identity/ts-tests/README.md +++ b/tee-worker/identity/ts-tests/README.md @@ -33,17 +33,11 @@ pnpm install pnpm --filter integration-tests run test your-testfile.test.ts ``` -II identity test: `pnpm --filter integration-tests run test ii_identity.test.ts` +Direct invocation identity test: `pnpm --filter integration-tests run test di_identity.test.ts` -II vc test: `pnpm --filter integration-tests run test ii_vc.test.ts` +Direct invocation vc test: `pnpm --filter integration-tests run test vc_correctness.test.ts` -II batch identity test: `pnpm --filter integration-tests run test ii_batch.test.ts` - -Direct invocation substrate identity test: `pnpm --filter integration-tests run test di_substrate_identity.test.ts` - -Direct invocation evm identity test: `pnpm --filter integration-tests run test di_evm_identity.test.ts` - -Direct invocation vc test: `pnpm --filter integration-tests run test di_vc.test.ts` +Direct requect vc test: `pnpm --filter integration-tests run test dr_vc.test.ts` ## Data-provider test diff --git a/tee-worker/identity/ts-tests/integration-tests/common/common-types.ts b/tee-worker/identity/ts-tests/integration-tests/common/common-types.ts index 5dbc1823ee..36c6d00f74 100644 --- a/tee-worker/identity/ts-tests/integration-tests/common/common-types.ts +++ b/tee-worker/identity/ts-tests/integration-tests/common/common-types.ts @@ -11,7 +11,7 @@ import { Signer } from './utils/crypto'; // If there are types already defined in the client-api, please avoid redefining these types. // Instead, make every effort to use the types that have been generated within the client-api. -interface WalletType { +export interface WalletType { [walletName: string]: Signer; } export interface Wallets { diff --git a/tee-worker/identity/ts-tests/integration-tests/common/helpers.ts b/tee-worker/identity/ts-tests/integration-tests/common/helpers.ts index 883b784239..2af40c823e 100644 --- a/tee-worker/identity/ts-tests/integration-tests/common/helpers.ts +++ b/tee-worker/identity/ts-tests/integration-tests/common/helpers.ts @@ -5,14 +5,15 @@ import type { KeyringPair } from '@polkadot/keyring/types'; import type { HexString } from '@polkadot/util/types'; import './config'; import { IntegrationTestContext, JsonRpcRequest } from './common-types'; -import { createHash, randomBytes } from 'crypto'; +import { createHash, randomBytes, type KeyObject } from 'crypto'; import { ECPairFactory, ECPairInterface } from 'ecpair'; import * as ecc from 'tiny-secp256k1'; import { ethers, Wallet } from 'ethers'; import { Keypair } from '@solana/web3.js'; -import { EthersSigner, PolkadotSigner, BitcoinSigner, SolanaSigner } from './utils/crypto'; +import { EthersSigner, PolkadotSigner, BitcoinSigner, SolanaSigner, Signer } from './utils/crypto'; import { Wallets } from './common-types'; import type { ErrorDetail, StfError } from 'parachain-api'; +import { createSignedTrustedCallCleanIDGraphs, getSidechainNonce, sendRequestFromTrustedCall } from './di-utils'; export function blake2128Concat(data: HexString | Uint8Array): Uint8Array { return u8aConcat(blake2AsU8a(data, 128), u8aToU8a(data)); @@ -68,6 +69,21 @@ export function genesisSolanaWallet(name: string): Keypair { return keyPair; } +export const createWeb3Wallet = (walletType: string, walletName: string): Signer => { + switch (walletType) { + case 'evm': + return new EthersSigner(randomEvmWallet()); + case 'substrate': + return new PolkadotSigner(genesisSubstrateWallet(walletName)); + case 'bitcoin': + return new BitcoinSigner(randomBitcoinWallet()); + case 'solana': + return new SolanaSigner(genesisSolanaWallet(walletName)); + default: + throw new Error(`Unsupported wallet type: ${walletType}`); + } +}; + export const createWeb3Wallets = (): Wallets => { const wallets: Wallets = { evm: {}, @@ -77,10 +93,9 @@ export const createWeb3Wallets = (): Wallets => { }; const walletNames = ['Alice', 'Bob', 'Charlie', 'Dave', 'Eve']; for (const name of walletNames) { - wallets.evm[name] = new EthersSigner(randomEvmWallet()); - wallets.substrate[name] = new PolkadotSigner(genesisSubstrateWallet(name)); - wallets.bitcoin[name] = new BitcoinSigner(randomBitcoinWallet()); - wallets.solana[name] = new SolanaSigner(genesisSolanaWallet(name)); + for (const walletType in wallets) { + (wallets as any)[walletType][name] = createWeb3Wallet(walletType, name); + } } return wallets; diff --git a/tee-worker/identity/ts-tests/integration-tests/common/utils/identity-helper.ts b/tee-worker/identity/ts-tests/integration-tests/common/utils/identity-helper.ts index 35871fb8c2..3a7d74ed24 100644 --- a/tee-worker/identity/ts-tests/integration-tests/common/utils/identity-helper.ts +++ b/tee-worker/identity/ts-tests/integration-tests/common/utils/identity-helper.ts @@ -146,7 +146,7 @@ export async function buildValidations( signerIdentitity: CorePrimitivesIdentity, linkIdentity: CorePrimitivesIdentity, startingSidechainNonce: number, - network: 'ethereum' | 'substrate' | 'bitcoin' | 'solana', + network: 'evm' | 'substrate' | 'bitcoin' | 'solana', signer?: Signer, options?: { prettifiedMessage?: boolean } ): Promise { @@ -154,7 +154,7 @@ export async function buildValidations( const validationNonce = startingSidechainNonce++; const msg = generateVerificationMessage(context, signerIdentitity, linkIdentity, validationNonce); - if (network === 'ethereum') { + if (network === 'evm') { const evmValidationData = { Web3Validation: { Evm: { diff --git a/tee-worker/identity/ts-tests/integration-tests/di_bitcoin_identity.test.ts b/tee-worker/identity/ts-tests/integration-tests/di_bitcoin_identity.test.ts deleted file mode 100644 index c937f08bc8..0000000000 --- a/tee-worker/identity/ts-tests/integration-tests/di_bitcoin_identity.test.ts +++ /dev/null @@ -1,345 +0,0 @@ -import { randomBytes, KeyObject } from 'crypto'; -import { step } from 'mocha-steps'; -import { assert } from 'chai'; -import { - buildValidations, - initIntegrationTestContext, - assertIdGraphMutationResult, - assertIdGraphHash, - sleep, -} from './common/utils'; -import { assertIsInSidechainBlock } from './common/utils/assertion'; -import { - createSignedTrustedCallLinkIdentity, - createSignedTrustedGetterIdGraph, - createSignedTrustedCallDeactivateIdentity, - createSignedTrustedCallActivateIdentity, - decodeIdGraph, - getSidechainNonce, - getTeeShieldingKey, - sendRsaRequestFromGetter, - sendRequestFromTrustedCall, - sendAesRequestFromGetter, -} from './common/di-utils'; // @fixme move to a better place -import type { IntegrationTestContext } from './common/common-types'; -import { aesKey } from './common/call'; -import type { LitentryValidationData, Web3Network, CorePrimitivesIdentity } from 'parachain-api'; -import { type Bytes, type Vec } from '@polkadot/types'; -import type { HexString } from '@polkadot/util/types'; -import { hexToU8a } from '@polkadot/util'; - -describe('Test Identity (bitcoin direct invocation)', function () { - let context: IntegrationTestContext = undefined as any; - let teeShieldingKey: KeyObject = undefined as any; - let aliceBitcoinIdentity: CorePrimitivesIdentity = undefined as any; - let aliceEvmIdentity: CorePrimitivesIdentity; - let bobBitcoinIdentity: CorePrimitivesIdentity; - let currentNonce = 0; - - // Alice links: - // - alice's evm identity - // - bob's bitcoin identity - const linkIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - validation: LitentryValidationData; - networks: Bytes | Vec; - }[] = []; - - const deactivateIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - }[] = []; - - const activateIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - }[] = []; - - this.timeout(6000000); - - before(async () => { - context = await initIntegrationTestContext( - process.env.PARACHAIN_ENDPOINT! // @fixme evil assertion; centralize env access - ); - teeShieldingKey = await getTeeShieldingKey(context); - aliceBitcoinIdentity = await context.web3Wallets.bitcoin.Alice.getIdentity(context); - aliceEvmIdentity = await context.web3Wallets.evm.Alice.getIdentity(context); - bobBitcoinIdentity = await context.web3Wallets.bitcoin.Bob.getIdentity(context); - currentNonce = (await getSidechainNonce(context, aliceBitcoinIdentity)).toNumber(); - }); - - step('check idGraph from sidechain storage before linking', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.bitcoin.Alice, - aliceBitcoinIdentity - ); - const res = await sendAesRequestFromGetter(context, teeShieldingKey, hexToU8a(aesKey), idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - assert.lengthOf(idGraph, 0); - }); - - step('linking identities (alice bitcoin account)', async function () { - const aliceEvmNonce = currentNonce++; - const aliceEvmValidation = await buildValidations( - context, - aliceBitcoinIdentity, - aliceEvmIdentity, - aliceEvmNonce, - 'ethereum', - context.web3Wallets.evm.Alice - ); - const aliceEvmNetworks = context.api.createType('Vec', ['Ethereum', 'Bsc']); - linkIdentityRequestParams.push({ - nonce: aliceEvmNonce, - identity: aliceEvmIdentity, - validation: aliceEvmValidation, - networks: aliceEvmNetworks, - }); - - // link another bitcoin account - const bobBitcoinNonce = currentNonce++; - const bobBitcoinValidation = await buildValidations( - context, - aliceBitcoinIdentity, - bobBitcoinIdentity, - bobBitcoinNonce, - 'bitcoin', - context.web3Wallets.bitcoin.Bob, - { prettifiedMessage: true } - ); - const bobBitcoinNetowrks = context.api.createType('Vec', ['BitcoinP2tr']); - linkIdentityRequestParams.push({ - nonce: bobBitcoinNonce, - identity: bobBitcoinIdentity, - validation: bobBitcoinValidation, - networks: bobBitcoinNetowrks, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [ - [aliceBitcoinIdentity, true], - [aliceEvmIdentity, true], - ], - [[bobBitcoinIdentity, true]], - ]; - - let counter = 0; - for (const { nonce, identity, validation, networks } of linkIdentityRequestParams) { - counter++; - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const linkIdentityCall = await createSignedTrustedCallLinkIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.bitcoin.Alice, - aliceBitcoinIdentity, - identity.toHex(), - validation.toHex(), - networks.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier, - { - withWrappedBytes: false, - withPrefix: counter % 2 === 0, // alternate per entry - } - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, linkIdentityCall); - - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceBitcoinIdentity, - res, - 'LinkIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('linkIdentityCall', res); - } - - assert.lengthOf(idGraphHashResults, 2); - }); - - step('check user sidechain storage after linking', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.bitcoin.Alice, - aliceBitcoinIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - // according to the order of linkIdentityRequestParams - const expectedWeb3Networks = [['Ethereum', 'Bsc'], ['BitcoinP2tr']]; - let currentIndex = 0; - - for (const { identity } of linkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - const web3networks = idGraphNode![1].web3networks.toHuman(); - assert.deepEqual(web3networks, expectedWeb3Networks[currentIndex]); - - assert.equal( - idGraphNodeContext.status.toString(), - 'Active', - `status should be active for identity: ${identityDump}` - ); - console.debug('active ✅'); - - currentIndex++; - } - - await assertIdGraphHash(context, teeShieldingKey, aliceBitcoinIdentity, idGraph); - }); - step('deactivating identity(alice bitcoin account)', async function () { - const aliceEvmNonce = currentNonce++; - - deactivateIdentityRequestParams.push({ - nonce: aliceEvmNonce, - identity: aliceEvmIdentity, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [[[aliceEvmIdentity, false]]]; - - for (const { nonce, identity } of deactivateIdentityRequestParams) { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const deactivateIdentityCall = await createSignedTrustedCallDeactivateIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.bitcoin.Alice, - aliceBitcoinIdentity, - identity.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, deactivateIdentityCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceBitcoinIdentity, - res, - 'DeactivateIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('deactivateIdentityCall', res); - assert.lengthOf(idGraphHashResults, 1); - } - }); - - step('check idGraph from sidechain storage after deactivating', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.bitcoin.Alice, - aliceBitcoinIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - for (const { identity } of deactivateIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - assert.equal( - idGraphNodeContext.status.toString(), - 'Inactive', - `status should be Inactive for identity: ${identityDump}` - ); - console.debug('inactive ✅'); - } - - await assertIdGraphHash(context, teeShieldingKey, aliceBitcoinIdentity, idGraph); - }); - - step('activating identity(alice bitcoin account)', async function () { - const aliceEvmNonce = currentNonce++; - - activateIdentityRequestParams.push({ - nonce: aliceEvmNonce, - identity: aliceEvmIdentity, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [[[aliceEvmIdentity, true]]]; - - for (const { nonce, identity } of activateIdentityRequestParams) { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const activateIdentityCall = await createSignedTrustedCallActivateIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.bitcoin.Alice, - - aliceBitcoinIdentity, - identity.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, activateIdentityCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceBitcoinIdentity, - res, - 'ActivateIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('activateIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 1); - }); - - step('check idGraph from sidechain storage after activating', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.bitcoin.Alice, - aliceBitcoinIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - for (const { identity } of linkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - assert.equal( - idGraphNodeContext.status.toString(), - 'Active', - `status should be active for identity: ${identityDump}` - ); - console.debug('active ✅'); - } - - await assertIdGraphHash(context, teeShieldingKey, aliceBitcoinIdentity, idGraph); - }); - step('check sidechain nonce', async function () { - await sleep(20); - const nonce = await getSidechainNonce(context, aliceBitcoinIdentity); - assert.equal(nonce.toNumber(), currentNonce); - }); -}); diff --git a/tee-worker/identity/ts-tests/integration-tests/di_evm_identity.test.ts b/tee-worker/identity/ts-tests/integration-tests/di_evm_identity.test.ts deleted file mode 100644 index c2b0608c14..0000000000 --- a/tee-worker/identity/ts-tests/integration-tests/di_evm_identity.test.ts +++ /dev/null @@ -1,370 +0,0 @@ -import { randomBytes, KeyObject } from 'crypto'; -import { step } from 'mocha-steps'; -import { assert } from 'chai'; -import { - buildValidations, - initIntegrationTestContext, - assertIdGraphMutationResult, - assertIdGraphHash, - sleep, -} from './common/utils'; -import { assertIsInSidechainBlock } from './common/utils/assertion'; -import { - createSignedTrustedCallLinkIdentity, - createSignedTrustedGetterIdGraph, - createSignedTrustedCallDeactivateIdentity, - createSignedTrustedCallActivateIdentity, - decodeIdGraph, - getSidechainNonce, - getTeeShieldingKey, - sendRequestFromTrustedCall, - sendAesRequestFromGetter, -} from './common/di-utils'; // @fixme move to a better place -import type { IntegrationTestContext } from './common/common-types'; -import { aesKey } from './common/call'; -import type { LitentryValidationData, Web3Network, CorePrimitivesIdentity } from 'parachain-api'; -import { Vec, Bytes } from '@polkadot/types'; -import type { HexString } from '@polkadot/util/types'; -import { hexToU8a } from '@polkadot/util'; - -describe('Test Identity (evm direct invocation)', function () { - let context: IntegrationTestContext = undefined as any; - let teeShieldingKey: KeyObject = undefined as any; - let aliceEvmIdentity: CorePrimitivesIdentity = undefined as any; - let bobEvmIdentity: CorePrimitivesIdentity; - let currentNonce = 0; - - // Alice links: - // - a `mock_user` twitter - // - alice's evm identity - // - eve's substrate identity (as alice can't link her own substrate again) - const linkIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - validation: LitentryValidationData; - networks: Bytes | Vec; - }[] = []; - this.timeout(6000000); - - before(async () => { - context = await initIntegrationTestContext( - process.env.PARACHAIN_ENDPOINT! // @fixme evil assertion; centralize env access - ); - teeShieldingKey = await getTeeShieldingKey(context); - - aliceEvmIdentity = await context.web3Wallets.evm.Alice.getIdentity(context); - bobEvmIdentity = await context.web3Wallets.evm.Bob.getIdentity(context); - currentNonce = (await getSidechainNonce(context, aliceEvmIdentity)).toNumber(); - }); - - step('check idGraph from sidechain storage before linking', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.evm.Alice, - aliceEvmIdentity - ); - const res = await sendAesRequestFromGetter(context, teeShieldingKey, hexToU8a(aesKey), idGraphGetter); - - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - assert.lengthOf(idGraph, 0); - }); - - step('linking identities (alice evm account)', async function () { - const bobEvmNonce = currentNonce++; - const bobEvmValidation = await buildValidations( - context, - aliceEvmIdentity, - bobEvmIdentity, - bobEvmNonce, - 'ethereum', - context.web3Wallets.evm.Bob, - { prettifiedMessage: true } - ); - const bobEvmNetworks = context.api.createType('Vec', ['Ethereum', 'Bsc']); - linkIdentityRequestParams.push({ - nonce: bobEvmNonce, - identity: bobEvmIdentity, - validation: bobEvmValidation, - networks: bobEvmNetworks, - }); - - const eveSubstrateNonce = currentNonce++; - - const eveSubstrateIdentity = await context.web3Wallets.substrate.Eve.getIdentity(context); - const eveSubstrateValidation = await buildValidations( - context, - aliceEvmIdentity, - eveSubstrateIdentity, - eveSubstrateNonce, - 'substrate', - context.web3Wallets.substrate.Eve - ); - const eveSubstrateNetworks = context.api.createType('Vec', ['Litentry', 'Khala']); - linkIdentityRequestParams.push({ - nonce: eveSubstrateNonce, - identity: eveSubstrateIdentity, - validation: eveSubstrateValidation, - networks: eveSubstrateNetworks, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [ - [aliceEvmIdentity, true], - [bobEvmIdentity, true], - ], - [[eveSubstrateIdentity, true]], - ]; - - let counter = 0; - for (const { nonce, identity, validation, networks } of linkIdentityRequestParams) { - counter++; - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const linkIdentityCall = await createSignedTrustedCallLinkIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.evm.Alice, - aliceEvmIdentity, - identity.toHex(), - validation.toHex(), - networks.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier, - { - withWrappedBytes: false, - withPrefix: counter % 2 === 0, // alternate per entry - } - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, linkIdentityCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceEvmIdentity, - res, - 'LinkIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('linkIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 2); - }); - - step('check user sidechain storage after linking', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.evm.Alice, - aliceEvmIdentity - ); - const res = await sendAesRequestFromGetter(context, teeShieldingKey, hexToU8a(aesKey), idGraphGetter); - - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - // according to the order of linkIdentityRequestParams - const expectedWeb3Networks = [ - ['Ethereum', 'Bsc'], - ['Litentry', 'Khala'], - ]; - let currentIndex = 0; - - for (const { identity } of linkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - const web3networks = idGraphNode![1].web3networks.toHuman(); - assert.deepEqual(web3networks, expectedWeb3Networks[currentIndex]); - - assert.equal( - idGraphNodeContext.status.toString(), - 'Active', - `status should be active for identity: ${identityDump}` - ); - console.debug('active ✅'); - - currentIndex++; - } - - await assertIdGraphHash(context, teeShieldingKey, aliceEvmIdentity, idGraph); - }); - step('deactivating identity(alice evm account)', async function () { - const deactivateIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - }[] = []; - - const bobEvmNonce = currentNonce++; - - deactivateIdentityRequestParams.push({ - nonce: bobEvmNonce, - identity: bobEvmIdentity, - }); - - const eveSubstrateNonce = currentNonce++; - - const eveSubstrateIdentity = await context.web3Wallets.substrate.Eve.getIdentity(context); - deactivateIdentityRequestParams.push({ - nonce: eveSubstrateNonce, - identity: eveSubstrateIdentity, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [[bobEvmIdentity, false]], - [[eveSubstrateIdentity, false]], - ]; - - for (const { nonce, identity } of deactivateIdentityRequestParams) { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const deactivateIdentityCall = await createSignedTrustedCallDeactivateIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.evm.Alice, - aliceEvmIdentity, - identity.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, deactivateIdentityCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceEvmIdentity, - res, - 'DeactivateIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('deactivateIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 2); - }); - - step('check idGraph from sidechain storage after deactivating', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.evm.Alice, - aliceEvmIdentity - ); - const res = await sendAesRequestFromGetter(context, teeShieldingKey, hexToU8a(aesKey), idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - for (const { identity } of linkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - assert.equal( - idGraphNodeContext.status.toString(), - 'Inactive', - `status should be Inactive for identity: ${identityDump}` - ); - console.debug('inactive ✅'); - } - - await assertIdGraphHash(context, teeShieldingKey, aliceEvmIdentity, idGraph); - }); - step('activating identity(alice evm account)', async function () { - const activateIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - }[] = []; - - const bobEvmNonce = currentNonce++; - - activateIdentityRequestParams.push({ - nonce: bobEvmNonce, - identity: bobEvmIdentity, - }); - - const eveSubstrateNonce = currentNonce++; - - const eveSubstrateIdentity = await context.web3Wallets.substrate.Eve.getIdentity(context); - - activateIdentityRequestParams.push({ - nonce: eveSubstrateNonce, - identity: eveSubstrateIdentity, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [[bobEvmIdentity, true]], - [[eveSubstrateIdentity, true]], - ]; - - for (const { nonce, identity } of activateIdentityRequestParams) { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const activateIdentityCall = await createSignedTrustedCallActivateIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.evm.Alice, - aliceEvmIdentity, - identity.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, activateIdentityCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceEvmIdentity, - res, - 'ActivateIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('activateIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 2); - }); - - step('check idGraph from sidechain storage after activating', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.evm.Alice, - - aliceEvmIdentity - ); - const res = await sendAesRequestFromGetter(context, teeShieldingKey, hexToU8a(aesKey), idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - for (const { identity } of linkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - assert.equal( - idGraphNodeContext.status.toString(), - 'Active', - `status should be active for identity: ${identityDump}` - ); - console.debug('active ✅'); - } - - await assertIdGraphHash(context, teeShieldingKey, aliceEvmIdentity, idGraph); - }); - step('check sidechain nonce', async function () { - await sleep(20); - const nonce = await getSidechainNonce(context, aliceEvmIdentity); - assert.equal(nonce.toNumber(), currentNonce); - }); -}); diff --git a/tee-worker/identity/ts-tests/integration-tests/di_identity.test.ts b/tee-worker/identity/ts-tests/integration-tests/di_identity.test.ts new file mode 100644 index 0000000000..334ca52e4c --- /dev/null +++ b/tee-worker/identity/ts-tests/integration-tests/di_identity.test.ts @@ -0,0 +1,362 @@ +import { randomBytes, KeyObject } from 'crypto'; +import { step } from 'mocha-steps'; +import { assert } from 'chai'; +import { + buildValidations, + initIntegrationTestContext, + assertIdGraphMutationResult, + assertIdGraphHash, + sleep, + Signer, + buildWeb2Validation, + buildIdentityHelper, +} from './common/utils'; +import { assertIsInSidechainBlock } from './common/utils/assertion'; +import { + createSignedTrustedCallLinkIdentity, + createSignedTrustedGetterIdGraph, + createSignedTrustedCallDeactivateIdentity, + createSignedTrustedCallActivateIdentity, + decodeIdGraph, + getSidechainNonce, + getTeeShieldingKey, + sendRequestFromTrustedCall, + sendAesRequestFromGetter, +} from './common/di-utils'; // @fixme move to a better place +import type { IntegrationTestContext, WalletType } from './common/common-types'; +import { aesKey } from './common/call'; +import { createWeb3Wallet } from './common/helpers'; +import type { Web3Network, CorePrimitivesIdentity } from 'parachain-api'; +import { Vec, Bytes } from '@polkadot/types'; +import type { HexString } from '@polkadot/util/types'; +import { hexToU8a } from '@polkadot/util'; + +describe('Test Identity', function () { + const identityConfigs: { + [key: string]: { + wallet: string; + networks: string[]; + }; + } = { + evm: { + wallet: 'Bob', + networks: ['Ethereum'], + }, + substrate: { + wallet: 'Alice', + networks: ['Litentry'], + }, + bitcoin: { + wallet: 'Charlie', + networks: ['BitcoinP2tr'], + }, + solana: { + wallet: 'Dave', + networks: ['Solana'], + }, + }; + const identityNames = Object.keys(identityConfigs); + + let context: IntegrationTestContext = undefined as any; + let teeShieldingKey: KeyObject = undefined as any; + this.timeout(6000000); + + before(async function () { + const parachainEndpoint = process.env.PARACHAIN_ENDPOINT; + if (!parachainEndpoint) { + throw new Error('PARACHAIN_ENDPOINT environment variable is missing.'); + } + context = await initIntegrationTestContext(parachainEndpoint); + teeShieldingKey = await getTeeShieldingKey(context); + }); + + for (const identityName of identityNames) { + describe(`(${identityName} direct invocation)`, function () { + const linkedIdentityNetworks: { + identity: CorePrimitivesIdentity; + networks: Bytes | Vec; + }[] = []; + + let mainIdentity: CorePrimitivesIdentity = undefined as any; + let mainSigner: Signer = undefined as any; + let currentNonce = 0; + const isSubstrate = identityName === 'substrate'; + const walletName = identityConfigs[identityName].wallet; + + const getNextNonce = () => currentNonce++; + + before(async function () { + const wallet = (context.web3Wallets as any)[identityName] as WalletType; + mainSigner = wallet[walletName]; + + mainIdentity = await mainSigner.getIdentity(context); + currentNonce = (await getSidechainNonce(context, mainIdentity)).toNumber(); + }); + + step('check idGraph from sidechain storage before linking', async function () { + const idGraphGetter = await createSignedTrustedGetterIdGraph(context.api, mainSigner, mainIdentity); + const res = await sendAesRequestFromGetter(context, teeShieldingKey, hexToU8a(aesKey), idGraphGetter); + + const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); + + assert.lengthOf(idGraph, 0); + }); + + step(`linking identities (${walletName} ${identityName} account)`, async function () { + const idGraphHashResults: HexString[] = []; + + const linkAndAssert = async ( + identityName: string, + identity: CorePrimitivesIdentity, + expectedIdGraph: [CorePrimitivesIdentity, boolean][], + signer?: Signer, + identityType?: string, + verificationType?: string + ) => { + const nonce = getNextNonce(); + const validationData = signer + ? await buildValidations(context, mainIdentity, identity, nonce, identityName as any, signer) + : await buildWeb2Validation({ + identityType, + context, + signerIdentitity: mainIdentity, + linkIdentity: identity, + verificationType, + validationNonce: nonce, + } as any); + + const networks = context.api.createType( + 'Vec', + identityConfigs[identityName]?.networks ?? [] + ); + const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; + const linkIdentityCall = await createSignedTrustedCallLinkIdentity( + context.api, + context.mrEnclave, + context.api.createType('Index', nonce), + mainSigner, + mainIdentity, + identity.toHex(), + validationData.toHex(), + networks.toHex(), + context.api.createType('Option', aesKey).toHex(), + requestIdentifier, + { + withWrappedBytes: false, + withPrefix: (idGraphHashResults.length + 1) % 2 === 0, // alternate per entry + } + ); + const res = await sendRequestFromTrustedCall(context, teeShieldingKey, linkIdentityCall); + idGraphHashResults.push( + await assertIdGraphMutationResult( + context, + teeShieldingKey, + mainIdentity, + res, + 'LinkIdentityResult', + expectedIdGraph + ) + ); + await assertIsInSidechainBlock('linkIdentityCall', res); + + linkedIdentityNetworks.push({ + identity, + networks, + }); + }; + + // link identity + for (let i = 0; i < identityNames.length; i++) { + const identityName = identityNames[i]; + const signer = createWeb3Wallet(identityName, randomBytes(32).toString('base64')); + const identity = await signer.getIdentity(context); + + const expectedIdGraph: [CorePrimitivesIdentity, boolean][] = + i === 0 + ? [ + [mainIdentity, true], + [identity, true], + ] + : [[identity, true]]; + + await linkAndAssert(identityName, identity, expectedIdGraph, signer); + } + + // Web2 + if (isSubstrate) { + // discord + const discordIdentity = await buildIdentityHelper('bob', 'Discord', context); + await linkAndAssert( + 'discord', + discordIdentity, + [[discordIdentity, true]], + undefined, + 'Discord', + 'OAuth2' + ); + + // twitter + const twitterIdentity = await buildIdentityHelper('mock_user', 'Twitter', context); + await linkAndAssert( + 'twitter', + twitterIdentity, + [[twitterIdentity, true]], + undefined, + 'Twitter', + 'PublicTweet' + ); + } + + assert.lengthOf(idGraphHashResults, linkedIdentityNetworks.length); + }); + + step('check user sidechain storage after linking', async function () { + const idGraphGetter = await createSignedTrustedGetterIdGraph(context.api, mainSigner, mainIdentity); + const res = await sendAesRequestFromGetter(context, teeShieldingKey, hexToU8a(aesKey), idGraphGetter); + + const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); + + for (const { identity, networks } of linkedIdentityNetworks) { + const identityDump = JSON.stringify(identity.toHuman(), null, 4); + console.debug(`checking identity: ${identityDump}`); + const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); + assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); + const [, idGraphNodeContext] = idGraphNode!; + + const web3networks = idGraphNode![1].web3networks.toHuman(); + assert.deepEqual(web3networks, networks.toHuman()); + + assert.equal( + idGraphNodeContext.status.toString(), + 'Active', + `status should be active for identity: ${identityDump}` + ); + console.debug('active ✅'); + } + + await assertIdGraphHash(context, teeShieldingKey, mainIdentity, idGraph); + }); + + step(`deactivating identity(${walletName} ${identityName} account)`, async function () { + const idGraphHashResults: HexString[] = []; + for (const { identity } of linkedIdentityNetworks) { + const nonce = getNextNonce(); + const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; + const deactivateIdentityCall = await createSignedTrustedCallDeactivateIdentity( + context.api, + context.mrEnclave, + context.api.createType('Index', nonce), + mainSigner, + mainIdentity, + identity.toHex(), + context.api.createType('Option', aesKey).toHex(), + requestIdentifier + ); + + const expectedIdGraph: [CorePrimitivesIdentity, boolean][] = [[identity, false]]; + + const res = await sendRequestFromTrustedCall(context, teeShieldingKey, deactivateIdentityCall); + idGraphHashResults.push( + await assertIdGraphMutationResult( + context, + teeShieldingKey, + mainIdentity, + res, + 'DeactivateIdentityResult', + expectedIdGraph + ) + ); + await assertIsInSidechainBlock('deactivateIdentityCall', res); + } + + assert.lengthOf(idGraphHashResults, linkedIdentityNetworks.length); + }); + + step('check idGraph from sidechain storage after deactivating', async function () { + const idGraphGetter = await createSignedTrustedGetterIdGraph(context.api, mainSigner, mainIdentity); + const res = await sendAesRequestFromGetter(context, teeShieldingKey, hexToU8a(aesKey), idGraphGetter); + const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); + + for (const { identity } of linkedIdentityNetworks) { + const identityDump = JSON.stringify(identity.toHuman(), null, 4); + console.debug(`checking identity: ${identityDump}`); + const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); + assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); + const [, idGraphNodeContext] = idGraphNode!; + + assert.equal( + idGraphNodeContext.status.toString(), + 'Inactive', + `status should be Inactive for identity: ${identityDump}` + ); + console.debug('inactive ✅'); + } + + await assertIdGraphHash(context, teeShieldingKey, mainIdentity, idGraph); + }); + + step(`activating identity(${walletName} ${identityName} account)`, async function () { + const idGraphHashResults: HexString[] = []; + for (const { identity } of linkedIdentityNetworks) { + const nonce = getNextNonce(); + const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; + const activateIdentityCall = await createSignedTrustedCallActivateIdentity( + context.api, + context.mrEnclave, + context.api.createType('Index', nonce), + mainSigner, + mainIdentity, + identity.toHex(), + context.api.createType('Option', aesKey).toHex(), + requestIdentifier + ); + + const expectedIdGraph: [CorePrimitivesIdentity, boolean][] = [[identity, true]]; + + const res = await sendRequestFromTrustedCall(context, teeShieldingKey, activateIdentityCall); + idGraphHashResults.push( + await assertIdGraphMutationResult( + context, + teeShieldingKey, + mainIdentity, + res, + 'ActivateIdentityResult', + expectedIdGraph + ) + ); + await assertIsInSidechainBlock('activateIdentityCall', res); + } + assert.lengthOf(idGraphHashResults, linkedIdentityNetworks.length); + }); + + step('check idGraph from sidechain storage after activating', async function () { + const idGraphGetter = await createSignedTrustedGetterIdGraph(context.api, mainSigner, mainIdentity); + const res = await sendAesRequestFromGetter(context, teeShieldingKey, hexToU8a(aesKey), idGraphGetter); + const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); + + for (const { identity } of linkedIdentityNetworks) { + const identityDump = JSON.stringify(identity.toHuman(), null, 4); + console.debug(`checking identity: ${identityDump}`); + const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); + assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); + const [, idGraphNodeContext] = idGraphNode!; + + assert.equal( + idGraphNodeContext.status.toString(), + 'Active', + `status should be active for identity: ${identityDump}` + ); + console.debug('active ✅'); + } + + await assertIdGraphHash(context, teeShieldingKey, mainIdentity, idGraph); + }); + + step('check sidechain nonce', async function () { + await sleep(20); + const nonce = await getSidechainNonce(context, mainIdentity); + assert.equal(nonce.toNumber(), currentNonce); + }); + }); + } +}); diff --git a/tee-worker/identity/ts-tests/integration-tests/di_solana_identity.test.ts b/tee-worker/identity/ts-tests/integration-tests/di_solana_identity.test.ts deleted file mode 100644 index dcc8b8a104..0000000000 --- a/tee-worker/identity/ts-tests/integration-tests/di_solana_identity.test.ts +++ /dev/null @@ -1,365 +0,0 @@ -import { randomBytes, KeyObject } from 'crypto'; -import { step } from 'mocha-steps'; -import { assert } from 'chai'; -import { - buildValidations, - initIntegrationTestContext, - assertIdGraphMutationResult, - assertIdGraphHash, - sleep, -} from './common/utils'; -import { assertIsInSidechainBlock } from './common/utils/assertion'; -import { - createSignedTrustedCallLinkIdentity, - createSignedTrustedGetterIdGraph, - createSignedTrustedCallDeactivateIdentity, - createSignedTrustedCallActivateIdentity, - decodeIdGraph, - getSidechainNonce, - getTeeShieldingKey, - sendRsaRequestFromGetter, - sendRequestFromTrustedCall, -} from './common/di-utils'; // @fixme move to a better place -import type { IntegrationTestContext } from './common/common-types'; -import { aesKey } from './common/call'; -import type { LitentryValidationData, Web3Network, CorePrimitivesIdentity } from 'parachain-api'; -import { Vec, Bytes } from '@polkadot/types'; -import type { HexString } from '@polkadot/util/types'; - -describe('Test Identity (solana direct invocation)', function () { - let context: IntegrationTestContext = undefined as any; - let teeShieldingKey: KeyObject = undefined as any; - let aliceSolanaIdentity: CorePrimitivesIdentity = undefined as any; - let bobSolanaIdentity: CorePrimitivesIdentity; - let currentNonce = 0; - - // Alice links: - // - alice's solana identity - // - eve's substrate identity (as alice can't link her own substrate again) - const linkIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - validation: LitentryValidationData; - networks: Bytes | Vec; - }[] = []; - this.timeout(6000000); - - before(async () => { - context = await initIntegrationTestContext( - process.env.PARACHAIN_ENDPOINT! // @fixme evil assertion; centralize env access - ); - teeShieldingKey = await getTeeShieldingKey(context); - - aliceSolanaIdentity = await context.web3Wallets.solana.Alice.getIdentity(context); - bobSolanaIdentity = await context.web3Wallets.solana.Bob.getIdentity(context); - currentNonce = (await getSidechainNonce(context, aliceSolanaIdentity)).toNumber(); - }); - - step('check idGraph from sidechain storage before linking', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.solana.Alice, - aliceSolanaIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - assert.lengthOf(idGraph, 0); - }); - - step('linking identities (alice solana account)', async function () { - const bobSolanaNonce = currentNonce++; - const bobSolanaValidation = await buildValidations( - context, - aliceSolanaIdentity, - bobSolanaIdentity, - bobSolanaNonce, - 'solana', - context.web3Wallets.solana.Bob, - { prettifiedMessage: true } - ); - const bobSolanaNetworks = context.api.createType('Vec', ['Solana']); - linkIdentityRequestParams.push({ - nonce: bobSolanaNonce, - identity: bobSolanaIdentity, - validation: bobSolanaValidation, - networks: bobSolanaNetworks, - }); - - const eveSubstrateNonce = currentNonce++; - - const eveSubstrateIdentity = await context.web3Wallets.substrate.Eve.getIdentity(context); - const eveSubstrateValidation = await buildValidations( - context, - aliceSolanaIdentity, - eveSubstrateIdentity, - eveSubstrateNonce, - 'substrate', - context.web3Wallets.substrate.Eve - ); - const eveSubstrateNetworks = context.api.createType('Vec', ['Litentry', 'Khala']); - linkIdentityRequestParams.push({ - nonce: eveSubstrateNonce, - identity: eveSubstrateIdentity, - validation: eveSubstrateValidation, - networks: eveSubstrateNetworks, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [ - [aliceSolanaIdentity, true], - [bobSolanaIdentity, true], - ], - [[eveSubstrateIdentity, true]], - ]; - - let counter = 0; - for (const { nonce, identity, validation, networks } of linkIdentityRequestParams) { - counter++; - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const linkIdentityCall = await createSignedTrustedCallLinkIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.solana.Alice, - aliceSolanaIdentity, - identity.toHex(), - validation.toHex(), - networks.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier, - { - withWrappedBytes: false, - withPrefix: counter % 2 === 0, // alternate per entry - } - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, linkIdentityCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceSolanaIdentity, - res, - 'LinkIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('linkIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 2); - }); - - step('check user sidechain storage after linking', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.solana.Alice, - aliceSolanaIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - // according to the order of linkIdentityRequestParams - const expectedWeb3Networks = [['Solana'], ['Litentry', 'Khala']]; - let currentIndex = 0; - - for (const { identity } of linkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - const web3networks = idGraphNode![1].web3networks.toHuman(); - assert.deepEqual(web3networks, expectedWeb3Networks[currentIndex]); - - assert.equal( - idGraphNodeContext.status.toString(), - 'Active', - `status should be active for identity: ${identityDump}` - ); - console.debug('active ✅'); - - currentIndex++; - } - - await assertIdGraphHash(context, teeShieldingKey, aliceSolanaIdentity, idGraph); - }); - step('deactivating identity(alice solana account)', async function () { - const deactivateIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - }[] = []; - - const bobSolanaNonce = currentNonce++; - - deactivateIdentityRequestParams.push({ - nonce: bobSolanaNonce, - identity: bobSolanaIdentity, - }); - - const eveSubstrateNonce = currentNonce++; - - const eveSubstrateIdentity = await context.web3Wallets.substrate.Eve.getIdentity(context); - deactivateIdentityRequestParams.push({ - nonce: eveSubstrateNonce, - identity: eveSubstrateIdentity, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [[bobSolanaIdentity, false]], - [[eveSubstrateIdentity, false]], - ]; - - for (const { nonce, identity } of deactivateIdentityRequestParams) { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const deactivateIdentityCall = await createSignedTrustedCallDeactivateIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.solana.Alice, - aliceSolanaIdentity, - identity.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, deactivateIdentityCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceSolanaIdentity, - res, - 'DeactivateIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('deactivateIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 2); - }); - - step('check idGraph from sidechain storage after deactivating', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.solana.Alice, - aliceSolanaIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - for (const { identity } of linkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - assert.equal( - idGraphNodeContext.status.toString(), - 'Inactive', - `status should be Inactive for identity: ${identityDump}` - ); - console.debug('inactive ✅'); - } - - await assertIdGraphHash(context, teeShieldingKey, aliceSolanaIdentity, idGraph); - }); - step('activating identity(alice solana account)', async function () { - const activateIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - }[] = []; - - const bobSolanaNonce = currentNonce++; - - activateIdentityRequestParams.push({ - nonce: bobSolanaNonce, - identity: bobSolanaIdentity, - }); - - const eveSubstrateNonce = currentNonce++; - - const eveSubstrateIdentity = await context.web3Wallets.substrate.Eve.getIdentity(context); - - activateIdentityRequestParams.push({ - nonce: eveSubstrateNonce, - identity: eveSubstrateIdentity, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [[bobSolanaIdentity, true]], - [[eveSubstrateIdentity, true]], - ]; - - for (const { nonce, identity } of activateIdentityRequestParams) { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const activateIdentityCall = await createSignedTrustedCallActivateIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.solana.Alice, - aliceSolanaIdentity, - identity.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, activateIdentityCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceSolanaIdentity, - res, - 'ActivateIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('activateIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 2); - }); - - step('check idGraph from sidechain storage after activating', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.solana.Alice, - aliceSolanaIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - for (const { identity } of linkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - assert.equal( - idGraphNodeContext.status.toString(), - 'Active', - `status should be active for identity: ${identityDump}` - ); - console.debug('active ✅'); - } - - await assertIdGraphHash(context, teeShieldingKey, aliceSolanaIdentity, idGraph); - }); - - step('check sidechain nonce', async function () { - await sleep(20); - const nonce = await getSidechainNonce(context, aliceSolanaIdentity); - assert.equal(nonce.toNumber(), currentNonce); - }); -}); diff --git a/tee-worker/identity/ts-tests/integration-tests/di_substrate_identity.test.ts b/tee-worker/identity/ts-tests/integration-tests/di_substrate_identity.test.ts deleted file mode 100644 index 1553d92f55..0000000000 --- a/tee-worker/identity/ts-tests/integration-tests/di_substrate_identity.test.ts +++ /dev/null @@ -1,829 +0,0 @@ -import { randomBytes, KeyObject } from 'crypto'; -import { step } from 'mocha-steps'; -import { assert } from 'chai'; -import { u8aToHex, u8aToString } from '@polkadot/util'; -import { - assertIdGraphMutationResult, - assertIdGraphHash, - assertWorkerError, - buildIdentityHelper, - buildValidations, - initIntegrationTestContext, - buildWeb2Validation, -} from './common/utils'; -import { assertIsInSidechainBlock } from './common/utils/assertion'; -import { - createSignedTrustedCallLinkIdentity, - createSignedTrustedGetterIdGraph, - createSignedTrustedCallDeactivateIdentity, - createSignedTrustedCallActivateIdentity, - decodeIdGraph, - getSidechainNonce, - getTeeShieldingKey, - sendRsaRequestFromGetter, - sendRequestFromTrustedCall, - createSignedTrustedCallSetIdentityNetworks, - createSignedTrustedCall, -} from './common/di-utils'; // @fixme move to a better place -import type { IntegrationTestContext } from './common/common-types'; -import { aesKey } from './common/call'; -import type { LitentryValidationData, Web3Network, CorePrimitivesIdentity } from 'parachain-api'; -import type { Vec, Bytes } from '@polkadot/types'; -import { ethers } from 'ethers'; -import type { HexString } from '@polkadot/util/types'; -import { sleep } from './common/utils'; - -describe('Test Identity (direct invocation)', function () { - let context: IntegrationTestContext = undefined as any; - let teeShieldingKey: KeyObject = undefined as any; - let aliceSubstrateIdentity: CorePrimitivesIdentity = undefined as any; - let bobSubstrateIdentity: CorePrimitivesIdentity = undefined as any; - let charlieSubstrateIdentity: CorePrimitivesIdentity = undefined as any; - let aliceCurrentNonce = 0; - let bobCurrentNonce = 0; - let charlieCurrentNonce = 0; - // Alice links: - // - a `mock_user` twitter - // - alice's evm identity - // - eve's substrate identity (as alice can't link her own substrate again) - // - alice's bitcoin identity - const linkIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - validation: LitentryValidationData; - networks: Bytes | Vec; - }[] = []; - this.timeout(6000000); - - before(async () => { - context = await initIntegrationTestContext( - process.env.PARACHAIN_ENDPOINT! // @fixme evil assertion; centralize env access - ); - teeShieldingKey = await getTeeShieldingKey(context); - aliceSubstrateIdentity = await context.web3Wallets.substrate.Alice.getIdentity(context); - bobSubstrateIdentity = await context.web3Wallets.substrate.Bob.getIdentity(context); - charlieSubstrateIdentity = await context.web3Wallets.substrate.Charlie.getIdentity(context); - aliceCurrentNonce = (await getSidechainNonce(context, aliceSubstrateIdentity)).toNumber(); - bobCurrentNonce = (await getSidechainNonce(context, bobSubstrateIdentity)).toNumber(); - charlieCurrentNonce = (await getSidechainNonce(context, charlieSubstrateIdentity)).toNumber(); - }); - - step('check idgraph from sidechain storage before linking', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - assert.lengthOf(idGraph, 0); - }); - - step('linking identities (alice)', async function () { - const twitterNonce = aliceCurrentNonce++; - - const twitterIdentity = await buildIdentityHelper('mock_user', 'Twitter', context); - - const twitterValidation = await buildWeb2Validation({ - identityType: 'Twitter', - context, - signerIdentitity: aliceSubstrateIdentity, - linkIdentity: twitterIdentity, - verificationType: 'PublicTweet', - validationNonce: twitterNonce, - }); - const twitterNetworks = context.api.createType('Vec', []); - linkIdentityRequestParams.push({ - nonce: twitterNonce, - identity: twitterIdentity, - validation: twitterValidation, - networks: twitterNetworks, - }); - - const evmNonce = aliceCurrentNonce++; - - const evmIdentity = await context.web3Wallets.evm.Alice.getIdentity(context); - const evmValidation = await buildValidations( - context, - aliceSubstrateIdentity, - evmIdentity, - evmNonce, - 'ethereum', - context.web3Wallets.evm.Alice - ); - const evmNetworks = context.api.createType('Vec', ['Ethereum', 'Bsc']); - linkIdentityRequestParams.push({ - nonce: evmNonce, - identity: evmIdentity, - validation: evmValidation, - networks: evmNetworks, - }); - - const eveSubstrateNonce = aliceCurrentNonce++; - const eveSubstrateIdentity = await buildIdentityHelper( - u8aToHex(context.web3Wallets.substrate.Eve.getAddressRaw()), - 'Substrate', - context - ); - const eveSubstrateValidation = await buildValidations( - context, - aliceSubstrateIdentity, - eveSubstrateIdentity, - eveSubstrateNonce, - 'substrate', - context.web3Wallets.substrate.Eve, - { prettifiedMessage: true } - ); - const eveSubstrateNetworks = context.api.createType('Vec', ['Polkadot', 'Litentry']); - linkIdentityRequestParams.push({ - nonce: eveSubstrateNonce, - identity: eveSubstrateIdentity, - validation: eveSubstrateValidation, - networks: eveSubstrateNetworks, - }); - - const bitcoinNonce = aliceCurrentNonce++; - const bitcoinIdentity = await buildIdentityHelper( - u8aToHex(context.web3Wallets.bitcoin.Alice.getAddressRaw()), - 'Bitcoin', - context - ); - console.log('bitcoin id: ', bitcoinIdentity.toHuman()); - const bitcoinValidation = await buildValidations( - context, - aliceSubstrateIdentity, - bitcoinIdentity, - bitcoinNonce, - 'bitcoin', - context.web3Wallets.bitcoin.Alice - ); - const bitcoinNetworks = context.api.createType('Vec', ['BitcoinP2tr']); - linkIdentityRequestParams.push({ - nonce: bitcoinNonce, - identity: bitcoinIdentity, - validation: bitcoinValidation, - networks: bitcoinNetworks, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [ - [aliceSubstrateIdentity, true], - [twitterIdentity, true], - ], - [[evmIdentity, true]], - [[eveSubstrateIdentity, true]], - [[bitcoinIdentity, true]], - ]; - - let counter = 0; - for (const { nonce, identity, validation, networks } of linkIdentityRequestParams) { - counter++; - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const linkIdentityCall = await createSignedTrustedCallLinkIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity, - identity.toHex(), - validation.toHex(), - networks.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier, - { - withWrappedBytes: false, - withPrefix: counter % 2 === 0, // alternate per entry - } - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, linkIdentityCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceSubstrateIdentity, - res, - 'LinkIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('linkIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 4); - }); - - step('check user sidechain storage after linking', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Alice, - - aliceSubstrateIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - // according to the order of linkIdentityRequestParams - const expectedWeb3Networks = [[], ['Ethereum', 'Bsc'], ['Polkadot', 'Litentry'], ['BitcoinP2tr']]; - let currentIndex = 0; - - for (const { identity } of linkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - const web3networks = idGraphNode![1].web3networks.toHuman(); - assert.deepEqual(web3networks, expectedWeb3Networks[currentIndex]); - - assert.equal( - idGraphNodeContext.status.toString(), - 'Active', - `status should be active for identity: ${identityDump}` - ); - console.debug('active ✅'); - - currentIndex++; - } - - await assertIdGraphHash(context, teeShieldingKey, aliceSubstrateIdentity, idGraph); - }); - - step('linking identity with wrong signature', async function () { - const evmIdentity = await context.web3Wallets.evm.Alice.getIdentity(context); - - const evmNetworks = context.api.createType('Vec', ['Ethereum', 'Bsc']); - - const evmNonce = aliceCurrentNonce++; - - // random wrong msg - const wrongMsg = '0x693d9131808e7a8574c7ea5eb7813bdf356223263e61fa8fe2ee8e434508bc75'; - const evmSignature = await context.web3Wallets.evm.Alice.sign(ethers.utils.arrayify(wrongMsg)); - - const evmValidationData = { - Web3Validation: { - Evm: { - message: wrongMsg as HexString, - signature: { - Ethereum: u8aToHex(evmSignature), - }, - }, - }, - }; - const encodedVerifyIdentityValidation = context.api.createType('LitentryValidationData', evmValidationData); - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - - const linkIdentityCall = await createSignedTrustedCallLinkIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', evmNonce), - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity, - evmIdentity.toHex(), - encodedVerifyIdentityValidation.toHex(), - evmNetworks.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, linkIdentityCall); - - assert.isTrue(res.do_watch.isFalse); - assert.isTrue(res.status.asTrustedOperationStatus[0].isInvalid); - assertWorkerError( - context, - (v) => { - assert.isTrue(v.isLinkIdentityFailed, `expected LinkIdentityFailed, received ${v.type} instead`); - assert.isTrue( - v.asLinkIdentityFailed.isUnexpectedMessage, - `expected UnexpectedMessage, received ${v.asLinkIdentityFailed.type} instead` - ); - }, - res - ); - }); - - step('linking already linked identity', async function () { - const twitterNonce = aliceCurrentNonce++; - - const twitterIdentity = await buildIdentityHelper('mock_user', 'Twitter', context); - const twitterValidation = await buildWeb2Validation({ - identityType: 'Twitter', - context, - signerIdentitity: aliceSubstrateIdentity, - linkIdentity: twitterIdentity, - verificationType: 'PublicTweet', - validationNonce: twitterNonce, - }); - const twitterNetworks = context.api.createType('Vec', []); - - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const linkIdentityCall = await createSignedTrustedCallLinkIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', twitterNonce), - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity, - twitterIdentity.toHex(), - twitterValidation.toHex(), - twitterNetworks.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, linkIdentityCall); - - assert.isTrue(res.do_watch.isFalse); - assert.isTrue(res.status.asTrustedOperationStatus[0].isInvalid); - assertWorkerError( - context, - (v) => { - assert.isTrue(v.isLinkIdentityFailed, `expected LinkIdentityFailed, received ${v.type} instead`); - assert.isTrue( - v.asLinkIdentityFailed.isStfError, - `expected StfError, received ${v.asLinkIdentityFailed.type} instead` - ); - assert.equal(u8aToString(v.asLinkIdentityFailed.asStfError), 'IdentityAlreadyLinked'); - }, - res - ); - }); - - step('deactivating linked identities', async function () { - const deactivateIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - }[] = []; - - const twitterNonce = aliceCurrentNonce++; - const twitterIdentity = await buildIdentityHelper('mock_user', 'Twitter', context); - - deactivateIdentityRequestParams.push({ - nonce: twitterNonce, - identity: twitterIdentity, - }); - - const evmNonce = aliceCurrentNonce++; - const evmIdentity = await context.web3Wallets.evm.Alice.getIdentity(context); - - deactivateIdentityRequestParams.push({ - nonce: evmNonce, - identity: evmIdentity, - }); - - const eveSubstrateNonce = aliceCurrentNonce++; - const eveSubstrateIdentity = await context.web3Wallets.substrate.Eve.getIdentity(context); - - deactivateIdentityRequestParams.push({ - nonce: eveSubstrateNonce, - identity: eveSubstrateIdentity, - }); - - const bitcoinNonce = aliceCurrentNonce++; - - const bitcoinIdentity = await context.web3Wallets.bitcoin.Alice.getIdentity(context); - - deactivateIdentityRequestParams.push({ - nonce: bitcoinNonce, - identity: bitcoinIdentity, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [[twitterIdentity, false]], - [[evmIdentity, false]], - [[eveSubstrateIdentity, false]], - [[bitcoinIdentity, false]], - ]; - - for (const { nonce, identity } of deactivateIdentityRequestParams) { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const deactivateIdentityCall = await createSignedTrustedCallDeactivateIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity, - identity.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, deactivateIdentityCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceSubstrateIdentity, - res, - 'DeactivateIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('deactivateIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 4); - }); - - step('check idgraph from sidechain storage after deactivating', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - for (const { identity } of linkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - assert.equal( - idGraphNodeContext.status.toString(), - 'Inactive', - `status should be Inactive for identity: ${identityDump}` - ); - console.debug('inactive ✅'); - } - - await assertIdGraphHash(context, teeShieldingKey, aliceSubstrateIdentity, idGraph); - }); - step('activating linked identities', async function () { - const activateIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - }[] = []; - - const twitterNonce = aliceCurrentNonce++; - const twitterIdentity = await buildIdentityHelper('mock_user', 'Twitter', context); - - activateIdentityRequestParams.push({ - nonce: twitterNonce, - identity: twitterIdentity, - }); - - const evmNonce = aliceCurrentNonce++; - const evmIdentity = await context.web3Wallets.evm.Alice.getIdentity(context); - - activateIdentityRequestParams.push({ - nonce: evmNonce, - identity: evmIdentity, - }); - - const eveSubstrateNonce = aliceCurrentNonce++; - const eveSubstrateIdentity = await context.web3Wallets.substrate.Eve.getIdentity(context); - - activateIdentityRequestParams.push({ - nonce: eveSubstrateNonce, - identity: eveSubstrateIdentity, - }); - - const bitcoinNonce = aliceCurrentNonce++; - const bitcoinIdentity = await context.web3Wallets.bitcoin.Alice.getIdentity(context); - activateIdentityRequestParams.push({ - nonce: bitcoinNonce, - identity: bitcoinIdentity, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [[twitterIdentity, true]], - [[evmIdentity, true]], - [[eveSubstrateIdentity, true]], - [[bitcoinIdentity, true]], - ]; - - for (const { nonce, identity } of activateIdentityRequestParams) { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const activateIdentityCall = await createSignedTrustedCallActivateIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity, - identity.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, activateIdentityCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceSubstrateIdentity, - res, - 'ActivateIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('activateIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 4); - }); - - step('check idgraph from sidechain storage after activating', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - for (const { identity } of linkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - assert.equal( - idGraphNodeContext.status.toString(), - 'Active', - `status should be active for identity: ${identityDump}` - ); - console.debug('active ✅'); - } - - await assertIdGraphHash(context, teeShieldingKey, aliceSubstrateIdentity, idGraph); - }); - - step('check idgraph from sidechain storage before setting identity network', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Alice, - - aliceSubstrateIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - // the third (last) identity in the IDGraph is eveSubstrateIdentity - const eveSubstrateIdentity = idGraph[3]; - const [, { web3networks }] = eveSubstrateIdentity; - const expectedWeb3Networks = ['Polkadot', 'Litentry']; - - assert.equal(web3networks.length, expectedWeb3Networks.length); - assert.equal(web3networks.indexOf('Polkadot') !== -1, true); - assert.equal(web3networks.indexOf('Litentry') !== -1, true); - }); - - step('setting identity network(alice)', async function () { - const eveSubstrateIdentity = await context.web3Wallets.substrate.Eve.getIdentity(context); - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const nonce = aliceCurrentNonce++; - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [[[eveSubstrateIdentity, true]]]; - - // we set the network to ['Litentry', 'Kusama'] - const setIdentityNetworksCall = await createSignedTrustedCallSetIdentityNetworks( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity, - eveSubstrateIdentity.toHex(), - context.api.createType('Vec', ['Litentry', 'Kusama']).toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, setIdentityNetworksCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceSubstrateIdentity, - res, - 'ActivateIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('setIdentityNetworksCall', res); - - assert.lengthOf(idGraphHashResults, 1); - }); - - step('check idgraph from sidechain storage after setting identity network', async function () { - const expectedWeb3Networks = ['Kusama', 'Litentry']; - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - assert.equal( - idGraph[3][1].web3networks.toHuman()?.toString(), - expectedWeb3Networks.toString(), - 'idGraph should be changed after setting network' - ); - - await assertIdGraphHash(context, teeShieldingKey, aliceSubstrateIdentity, idGraph); - }); - - step('setting incompatible identity network(alice)', async function () { - const eveSubstrateIdentity = await context.web3Wallets.substrate.Eve.getIdentity(context); - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const nonce = aliceCurrentNonce++; - - // alice address is not compatible with ethereum network - const setIdentityNetworksCall = await createSignedTrustedCallSetIdentityNetworks( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity, - eveSubstrateIdentity.toHex(), - context.api.createType('Vec', ['BSC', 'Ethereum']).toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, setIdentityNetworksCall); - assertWorkerError( - context, - (v) => { - assert.isTrue(v.isDispatch, `expected Dispatch, received ${v.type} instead`); - assert.equal( - v.asDispatch.toString(), - ' error: Module(ModuleError { index: 8, error: [4, 0, 0, 0], message: Some("WrongWeb3NetworkTypes") })' - ); - }, - res - ); - console.log('setIdentityNetworks call returned', res.toHuman()); - assert.isTrue(res.status.isTrustedOperationStatus && res.status.asTrustedOperationStatus[0].isInvalid); - }); - - step('check idgraph from sidechain storage after setting incompatible identity network', async function () { - const expectedWeb3Networks = ['Kusama', 'Litentry']; - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - - context.web3Wallets.substrate.Alice, - - aliceSubstrateIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - assert.equal( - idGraph[3][1].web3networks.toHuman()?.toString(), - expectedWeb3Networks.toString(), - 'idGraph should not be changed after setting incompatible network' - ); - }); - - step('deactivate prime identity', async function () { - // deactivating prime identity should be possible and create the IDGraph if one doesn't exist already - const deactivateIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - }[] = []; - - deactivateIdentityRequestParams.push({ - nonce: bobCurrentNonce++, - identity: bobSubstrateIdentity, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [[[bobSubstrateIdentity, false]]]; - - for (const { nonce, identity } of deactivateIdentityRequestParams) { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const deactivateIdentityCall = await createSignedTrustedCallDeactivateIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.substrate.Bob, - bobSubstrateIdentity, - identity.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, deactivateIdentityCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - bobSubstrateIdentity, - res, - 'DeactivateIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('deactivateIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 1); - }); - - step('setting identity networks for prime identity)', async function () { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [[[charlieSubstrateIdentity, true]]]; - - // we set the network to ['Litentry', 'Kusama'] - const setIdentityNetworksCall = await createSignedTrustedCallSetIdentityNetworks( - context.api, - context.mrEnclave, - context.api.createType('Index', charlieCurrentNonce++), - context.web3Wallets.substrate.Charlie, - charlieSubstrateIdentity, - charlieSubstrateIdentity.toHex(), - context.api.createType('Vec', ['Litentry', 'Kusama']).toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, setIdentityNetworksCall); - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - charlieSubstrateIdentity, - res, - 'ActivateIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - await assertIsInSidechainBlock('setIdentityNetworksCall', res); - assert.lengthOf(idGraphHashResults, 1); - }); - - step('linking invalid identity with different identities', async function () { - let currentNonce = (await getSidechainNonce(context, bobSubstrateIdentity)).toNumber(); - const getNextNonce = () => currentNonce++; - const twitterIdentity = await buildIdentityHelper('mock_user', 'Twitter', context); - const twitterNonce = getNextNonce(); - const aliceEvmNonce = getNextNonce(); - const aliceEvmIdentity = await context.web3Wallets.evm.Alice.getIdentity(context); - const aliceEvmValidation = await buildValidations( - context, - bobSubstrateIdentity, - aliceEvmIdentity, - aliceEvmNonce, - 'ethereum', - context.web3Wallets.evm.Bob - ); - - const evmNetworks = context.api.createType('Vec', ['Ethereum', 'Bsc']); - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - - const linkIdentityCall = await createSignedTrustedCall( - context.api, - [ - 'link_identity', - '(LitentryIdentity, LitentryIdentity, LitentryIdentity, LitentryValidationData, Vec, Option, H256)', - ], - context.web3Wallets.substrate.Bob, - context.mrEnclave, - - context.api.createType('Index', twitterNonce), - - [ - bobSubstrateIdentity.toHuman(), - aliceEvmIdentity.toHuman(), - twitterIdentity, - aliceEvmValidation, - evmNetworks, - aesKey, - requestIdentifier, - ] - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, linkIdentityCall); - - assert.isTrue(res.do_watch.isFalse); - assert.isTrue(res.status.asTrustedOperationStatus[0].isInvalid); - console.log('linkInvalidIdentity call returned', res.toHuman()); - - assertWorkerError( - context, - (v) => { - assert.isTrue(v.isLinkIdentityFailed, `expected LinkIdentityFailed, received ${v.type} instead`); - }, - res - ); - }); - step('check sidechain nonce', async function () { - await sleep(20); - const aliceNonce = await getSidechainNonce(context, aliceSubstrateIdentity); - assert.equal(aliceNonce.toNumber(), aliceCurrentNonce); - }); -}); diff --git a/tee-worker/identity/ts-tests/integration-tests/discord_identity.test.ts b/tee-worker/identity/ts-tests/integration-tests/discord_identity.test.ts deleted file mode 100644 index 6ec729d4f2..0000000000 --- a/tee-worker/identity/ts-tests/integration-tests/discord_identity.test.ts +++ /dev/null @@ -1,289 +0,0 @@ -import { randomBytes, KeyObject } from 'crypto'; -import { step } from 'mocha-steps'; -import { assert } from 'chai'; -import { - assertIdGraphMutationResult, - assertIdGraphHash, - buildIdentityHelper, - initIntegrationTestContext, - buildWeb2Validation, -} from './common/utils'; -import { assertIsInSidechainBlock } from './common/utils/assertion'; -import { - createSignedTrustedCallLinkIdentity, - createSignedTrustedGetterIdGraph, - decodeIdGraph, - getSidechainNonce, - getTeeShieldingKey, - sendRsaRequestFromGetter, - sendRequestFromTrustedCall, -} from './common/di-utils'; // @fixme move to a better place -import { sleep } from './common/utils'; -import { aesKey } from './common/call'; -import type { IntegrationTestContext } from './common/common-types'; -import type { LitentryValidationData, Web3Network, CorePrimitivesIdentity } from 'parachain-api'; -import type { Vec, Bytes } from '@polkadot/types'; -import type { HexString } from '@polkadot/util/types'; - -describe('Test Discord Identity (direct invocation)', function () { - let context: IntegrationTestContext; - let teeShieldingKey: KeyObject; - let aliceSubstrateIdentity: CorePrimitivesIdentity; - let bobSubstrateIdentity: CorePrimitivesIdentity; - let aliceCurrentNonce = 0; - let bobCurrentNonce = 0; - - const aliceLinkIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - validation: LitentryValidationData; - networks: Bytes | Vec; - }[] = []; - - const bobLinkIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - validation: LitentryValidationData; - networks: Bytes | Vec; - }[] = []; - - this.timeout(6000000); - - before(async () => { - context = await initIntegrationTestContext( - process.env.PARACHAIN_ENDPOINT! // @fixme evil assertion; centralize env access - ); - teeShieldingKey = await getTeeShieldingKey(context); - - aliceSubstrateIdentity = await context.web3Wallets.substrate.Alice.getIdentity(context); - bobSubstrateIdentity = await context.web3Wallets.substrate.Bob.getIdentity(context); - - aliceCurrentNonce = (await getSidechainNonce(context, aliceSubstrateIdentity)).toNumber(); - bobCurrentNonce = (await getSidechainNonce(context, bobSubstrateIdentity)).toNumber(); - }); - - step('check alice idgraph from sidechain storage before linking', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - assert.lengthOf(idGraph, 0); - }); - - step('check bob idgraph from sidechain storage before linking', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Bob, - bobSubstrateIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - assert.lengthOf(idGraph, 0); - }); - - step('linking discord identity with public message verification (alice)', async function () { - const nonce = aliceCurrentNonce++; - const discordIdentity = await buildIdentityHelper('alice', 'Discord', context); - const discordValidation = await buildWeb2Validation({ - identityType: 'Discord', - context, - signerIdentitity: aliceSubstrateIdentity, - linkIdentity: discordIdentity, - verificationType: 'PublicMessage', - validationNonce: nonce, - }); - const networks = context.api.createType('Vec', []); - - aliceLinkIdentityRequestParams.push({ - nonce, - identity: discordIdentity, - validation: discordValidation, - networks, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [ - [aliceSubstrateIdentity, true], - [discordIdentity, true], - ], - ]; - - for (const { nonce, identity, validation, networks } of aliceLinkIdentityRequestParams) { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const linkIdentityCall = await createSignedTrustedCallLinkIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity, - identity.toHex(), - validation.toHex(), - networks.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier, - { - withWrappedBytes: false, - withPrefix: false, - } - ); - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, linkIdentityCall); - - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceSubstrateIdentity, - res, - 'LinkIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - - await assertIsInSidechainBlock('linkIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 1); - }); - - step('linking discord identity with oauth2 verification (bob)', async function () { - const nonce = bobCurrentNonce++; - const discordIdentity = await buildIdentityHelper('bob', 'Discord', context); - const discordValidation = await buildWeb2Validation({ - identityType: 'Discord', - context, - signerIdentitity: bobSubstrateIdentity, - linkIdentity: discordIdentity, - validationNonce: nonce, - verificationType: 'OAuth2', - }); - const networks = context.api.createType('Vec', []); - - bobLinkIdentityRequestParams.push({ - nonce, - identity: discordIdentity, - validation: discordValidation, - networks, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [ - [bobSubstrateIdentity, true], - [discordIdentity, true], - ], - ]; - - for (const { nonce, identity, validation, networks } of bobLinkIdentityRequestParams) { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const linkIdentityCall = await createSignedTrustedCallLinkIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.substrate.Bob, - bobSubstrateIdentity, - identity.toHex(), - validation.toHex(), - networks.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier, - { - withWrappedBytes: false, - withPrefix: true, - } - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, linkIdentityCall); - - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - bobSubstrateIdentity, - res, - 'LinkIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - - await assertIsInSidechainBlock('linkIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 1); - }); - - step('check users sidechain storage after linking (alice)', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - for (const { identity } of aliceLinkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - const web3networks = idGraphNode![1].web3networks.toHuman(); - assert.deepEqual(web3networks, []); - - assert.equal( - idGraphNodeContext.status.toString(), - 'Active', - `status should be active for identity: ${identityDump}` - ); - console.debug('active ✅'); - } - - await assertIdGraphHash(context, teeShieldingKey, aliceSubstrateIdentity, idGraph); - }); - - step('check users sidechain storage after linking (bob)', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Bob, - bobSubstrateIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - for (const { identity } of bobLinkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - const web3networks = idGraphNode![1].web3networks.toHuman(); - assert.deepEqual(web3networks, []); - - assert.equal( - idGraphNodeContext.status.toString(), - 'Active', - `status should be active for identity: ${identityDump}` - ); - console.debug('active ✅'); - } - - await assertIdGraphHash(context, teeShieldingKey, bobSubstrateIdentity, idGraph); - }); - - step('check sidechain nonce', async function () { - await sleep(20); - - const aliceNonce = await getSidechainNonce(context, aliceSubstrateIdentity); - assert.equal(aliceNonce.toNumber(), aliceCurrentNonce); - - const bobNonce = await getSidechainNonce(context, bobSubstrateIdentity); - assert.equal(bobNonce.toNumber(), bobCurrentNonce); - }); -}); diff --git a/tee-worker/identity/ts-tests/integration-tests/dr_vc.test.ts b/tee-worker/identity/ts-tests/integration-tests/dr_vc.test.ts index a8d469eb69..ce94486c24 100644 --- a/tee-worker/identity/ts-tests/integration-tests/dr_vc.test.ts +++ b/tee-worker/identity/ts-tests/integration-tests/dr_vc.test.ts @@ -77,7 +77,7 @@ describe('Test Vc (direct request)', function () { aliceSubstrateIdentity, evmIdentity, evmNonce, - 'ethereum', + 'evm', context.web3Wallets.evm.Alice ); const evmNetworks = context.api.createType('Vec', ['Ethereum', 'Bsc']); diff --git a/tee-worker/identity/ts-tests/integration-tests/twitter_identity.test.ts b/tee-worker/identity/ts-tests/integration-tests/twitter_identity.test.ts deleted file mode 100644 index 649c01300d..0000000000 --- a/tee-worker/identity/ts-tests/integration-tests/twitter_identity.test.ts +++ /dev/null @@ -1,304 +0,0 @@ -import { randomBytes, KeyObject } from 'crypto'; -import { step } from 'mocha-steps'; -import { assert } from 'chai'; -import { - assertIdGraphMutationResult, - assertIdGraphHash, - buildIdentityHelper, - initIntegrationTestContext, - buildWeb2Validation, -} from './common/utils'; -import { assertIsInSidechainBlock } from './common/utils/assertion'; -import { - createSignedTrustedCallLinkIdentity, - createSignedTrustedGetterIdGraph, - decodeIdGraph, - getSidechainNonce, - getTeeShieldingKey, - sendRsaRequestFromGetter, - sendRequestFromTrustedCall, - sendAesRequestFromGetter, -} from './common/di-utils'; // @fixme move to a better place -import { sleep } from './common/utils'; -import { aesKey, sendRequest, decodeRpcBytesAsString } from './common/call'; -import { createJsonRpcRequest, nextRequestId } from './common/helpers'; -import type { IntegrationTestContext } from './common/common-types'; -import type { LitentryValidationData, Web3Network, CorePrimitivesIdentity } from 'parachain-api'; -import type { Vec, Bytes } from '@polkadot/types'; -import type { HexString } from '@polkadot/util/types'; -import { hexToU8a } from '@polkadot/util'; - -describe('Test Twitter Identity (direct invocation)', function () { - let context: IntegrationTestContext; - let teeShieldingKey: KeyObject; - let aliceSubstrateIdentity: CorePrimitivesIdentity; - let bobSubstrateIdentity: CorePrimitivesIdentity; - let aliceCurrentNonce = 0; - let bobCurrentNonce = 0; - - const aliceLinkIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - validation: LitentryValidationData; - networks: Bytes | Vec; - }[] = []; - - const bobLinkIdentityRequestParams: { - nonce: number; - identity: CorePrimitivesIdentity; - validation: LitentryValidationData; - networks: Bytes | Vec; - }[] = []; - - this.timeout(6000000); - - before(async () => { - context = await initIntegrationTestContext( - process.env.PARACHAIN_ENDPOINT! // @fixme evil assertion; centralize env access - ); - teeShieldingKey = await getTeeShieldingKey(context); - - aliceSubstrateIdentity = await context.web3Wallets.substrate.Alice.getIdentity(context); - bobSubstrateIdentity = await context.web3Wallets.substrate.Bob.getIdentity(context); - - aliceCurrentNonce = (await getSidechainNonce(context, aliceSubstrateIdentity)).toNumber(); - bobCurrentNonce = (await getSidechainNonce(context, bobSubstrateIdentity)).toNumber(); - }); - - step('check alice idgraph from sidechain storage before linking', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity - ); - const res = await sendAesRequestFromGetter(context, teeShieldingKey, hexToU8a(aesKey), idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - assert.lengthOf(idGraph, 0); - }); - - step('check bob idgraph from sidechain storage before linking', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Bob, - bobSubstrateIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - assert.lengthOf(idGraph, 0); - }); - - step('linking twitter identity with public tweet verification (alice)', async function () { - const nonce = aliceCurrentNonce++; - const twitterIdentity = await buildIdentityHelper('mock_user', 'Twitter', context); - const twitterValidation = await buildWeb2Validation({ - identityType: 'Twitter', - context, - signerIdentitity: aliceSubstrateIdentity, - linkIdentity: twitterIdentity, - verificationType: 'PublicTweet', - validationNonce: nonce, - }); - const twitterNetworks = context.api.createType('Vec', []); - - aliceLinkIdentityRequestParams.push({ - nonce, - identity: twitterIdentity, - validation: twitterValidation, - networks: twitterNetworks, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [ - [aliceSubstrateIdentity, true], - [twitterIdentity, true], - ], - ]; - - for (const { nonce, identity, validation, networks } of aliceLinkIdentityRequestParams) { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const linkIdentityCall = await createSignedTrustedCallLinkIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity, - identity.toHex(), - validation.toHex(), - networks.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier, - { - withWrappedBytes: false, - withPrefix: false, - } - ); - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, linkIdentityCall); - - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - aliceSubstrateIdentity, - res, - 'LinkIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - - await assertIsInSidechainBlock('linkIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 1); - }); - - step('linking twitter identity with oauth2 verification (bob)', async function () { - // Generate oauth code verifier on the enclave for the user - const did = 'did:litentry:substrate:0x8eaf04151687736326c9fea17e25fc5287613693c912909cb226aa4794f26a48'; - const request = createJsonRpcRequest( - 'identity_getTwitterAuthorizeUrl', - [did, 'http://127.0.0.1:3000/callback'], - nextRequestId(context) - ); - const response = await sendRequest(context.tee, request, context.api); - const authorizeUrl = decodeRpcBytesAsString(response.value); - const state = authorizeUrl.split('state=')[1].split('&')[0]; - - const nonce = bobCurrentNonce++; - const twitterIdentity = await buildIdentityHelper('mock_user_me', 'Twitter', context); - const twitterValidation = await buildWeb2Validation({ - identityType: 'Twitter', - context, - signerIdentitity: bobSubstrateIdentity, - linkIdentity: twitterIdentity, - validationNonce: nonce, - verificationType: 'OAuth2', - oauthState: state, - }); - const twitterNetworks = context.api.createType('Vec', []); - - bobLinkIdentityRequestParams.push({ - nonce, - identity: twitterIdentity, - validation: twitterValidation, - networks: twitterNetworks, - }); - - const idGraphHashResults: HexString[] = []; - let expectedIdGraphs: [CorePrimitivesIdentity, boolean][][] = [ - [ - [bobSubstrateIdentity, true], - [twitterIdentity, true], - ], - ]; - - for (const { nonce, identity, validation, networks } of bobLinkIdentityRequestParams) { - const requestIdentifier = `0x${randomBytes(32).toString('hex')}`; - const linkIdentityCall = await createSignedTrustedCallLinkIdentity( - context.api, - context.mrEnclave, - context.api.createType('Index', nonce), - context.web3Wallets.substrate.Bob, - bobSubstrateIdentity, - identity.toHex(), - validation.toHex(), - networks.toHex(), - context.api.createType('Option', aesKey).toHex(), - requestIdentifier, - { - withWrappedBytes: false, - withPrefix: true, - } - ); - - const res = await sendRequestFromTrustedCall(context, teeShieldingKey, linkIdentityCall); - - idGraphHashResults.push( - await assertIdGraphMutationResult( - context, - teeShieldingKey, - bobSubstrateIdentity, - res, - 'LinkIdentityResult', - expectedIdGraphs[0] - ) - ); - expectedIdGraphs = expectedIdGraphs.slice(1, expectedIdGraphs.length); - - await assertIsInSidechainBlock('linkIdentityCall', res); - } - assert.lengthOf(idGraphHashResults, 1); - }); - - step('check users sidechain storage after linking (alice)', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Alice, - aliceSubstrateIdentity - ); - const res = await sendRsaRequestFromGetter(context, teeShieldingKey, idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - for (const { identity } of aliceLinkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - const web3networks = idGraphNode![1].web3networks.toHuman(); - assert.deepEqual(web3networks, []); - - assert.equal( - idGraphNodeContext.status.toString(), - 'Active', - `status should be active for identity: ${identityDump}` - ); - console.debug('active ✅'); - } - - await assertIdGraphHash(context, teeShieldingKey, aliceSubstrateIdentity, idGraph); - }); - - step('check users sidechain storage after linking (bob)', async function () { - const idGraphGetter = await createSignedTrustedGetterIdGraph( - context.api, - context.web3Wallets.substrate.Bob, - bobSubstrateIdentity - ); - const res = await sendAesRequestFromGetter(context, teeShieldingKey, hexToU8a(aesKey), idGraphGetter); - const idGraph = decodeIdGraph(context.sidechainRegistry, res.value); - - for (const { identity } of bobLinkIdentityRequestParams) { - const identityDump = JSON.stringify(identity.toHuman(), null, 4); - console.debug(`checking identity: ${identityDump}`); - const idGraphNode = idGraph.find(([idGraphNodeIdentity]) => idGraphNodeIdentity.eq(identity)); - assert.isDefined(idGraphNode, `identity not found in idGraph: ${identityDump}`); - const [, idGraphNodeContext] = idGraphNode!; - - const web3networks = idGraphNode![1].web3networks.toHuman(); - assert.deepEqual(web3networks, []); - - assert.equal( - idGraphNodeContext.status.toString(), - 'Active', - `status should be active for identity: ${identityDump}` - ); - console.debug('active ✅'); - } - - await assertIdGraphHash(context, teeShieldingKey, bobSubstrateIdentity, idGraph); - }); - - step('check sidechain nonce', async function () { - await sleep(20); - - const aliceNonce = await getSidechainNonce(context, aliceSubstrateIdentity); - assert.equal(aliceNonce.toNumber(), aliceCurrentNonce); - - const bobNonce = await getSidechainNonce(context, bobSubstrateIdentity); - assert.equal(bobNonce.toNumber(), bobCurrentNonce); - }); -}); From b65637629fc0a5d834860b1aefbe54e17d97e419 Mon Sep 17 00:00:00 2001 From: Kai <7630809+Kailai-Wang@users.noreply.github.com> Date: Fri, 11 Oct 2024 09:33:01 +0200 Subject: [PATCH 09/17] Use cargo patch and decouple more deps (#3124) * use patch * fix compile * fix lockfile * tabs * add dcap related primitives * fix ci --- common/primitives/core/Cargo.toml | 20 + common/primitives/core/src/lib.rs | 9 +- common/primitives/core/src/teebag/mod.rs | 27 + .../core/src/teebag/quoting_enclave.rs | 78 ++ .../AttestationReportSigningCACert.pem | 0 .../core/src/teebag/sgx_verify/collateral.rs | 282 ++++++ .../src/teebag/sgx_verify/ephemeral_key.rs | 34 + .../src/teebag}/sgx_verify/fuzz/Cargo.lock | 0 .../src/teebag}/sgx_verify/fuzz/Cargo.toml | 0 .../fuzz/fuzz_targets/decode_quote.rs | 0 .../fuzz/fuzz_targets/deserialize_json.rs | 0 .../fuzz/fuzz_targets/extract_tcb_info.rs | 0 .../fuzz/fuzz_targets/signature_check.rs | 0 .../fuzz/fuzz_targets/verify_ias_report.rs | 0 .../core/src/teebag/sgx_verify/mod.rs | 907 ++++++++++++++++++ .../src/teebag/sgx_verify/netscape_comment.rs | 51 + .../sgx_verify/test/dcap/dcap_quote_cert.der | 0 .../teebag}/sgx_verify/test/dcap/pck_crl.der | 0 .../test/dcap/pck_crl_issuer_chain.pem | 0 .../sgx_verify/test/dcap/qe_identity.json | 0 .../sgx_verify/test/dcap/qe_identity_cert.pem | 0 .../test/dcap/qe_identity_issuer_chain.pem | 0 .../sgx_verify/test/dcap/root_ca_crl.der | 0 .../sgx_verify/test/dcap/tcb_info.json | 0 .../test/dcap/tcb_info_issuer_chain.pem | 0 .../test/enclave-signing-pubkey-TEST4.bin | 0 .../test/enclave-signing-pubkey-TEST5.bin | 0 .../test/enclave-signing-pubkey-TEST6.bin | 0 .../test/enclave-signing-pubkey-TEST7.bin | 0 ...nclave-signing-pubkey-TEST8-PRODUCTION.bin | Bin .../sgx_verify/test/ra_dump_cert_TEST4.der | Bin .../sgx_verify/test/ra_dump_cert_TEST5.der | Bin .../sgx_verify/test/ra_dump_cert_TEST6.der | Bin .../sgx_verify/test/ra_dump_cert_TEST7.der | Bin .../test/ra_dump_cert_TEST8_PRODUCTION.der | Bin .../test_ra_cert_MRSIGNER1_MRENCLAVE1.der | Bin .../test_ra_cert_MRSIGNER2_MRENCLAVE2.der | Bin .../test_ra_cert_MRSIGNER3_MRENCLAVE2.der | Bin ...st_ra_signer_attn_MRSIGNER1_MRENCLAVE1.bin | Bin ...st_ra_signer_attn_MRSIGNER2_MRENCLAVE2.bin | 0 ...st_ra_signer_attn_MRSIGNER3_MRENCLAVE2.bin | 0 ..._ra_signer_pubkey_MRSIGNER1_MRENCLAVE1.bin | 0 ..._ra_signer_pubkey_MRSIGNER2_MRENCLAVE2.bin | 0 ..._ra_signer_pubkey_MRSIGNER3_MRENCLAVE2.bin | 0 .../core/src/teebag}/sgx_verify/tests.rs | 296 +++--- .../core/src/teebag/sgx_verify/utils.rs | 38 + common/primitives/core/src/teebag/tcb.rs | 115 +++ .../primitives/core/src/teebag}/types.rs | 199 ++-- parachain/Cargo.lock | 12 + .../pallets/identity-management/Cargo.toml | 2 +- .../pallets/identity-management/src/lib.rs | 5 +- .../pallets/identity-management/src/mock.rs | 10 +- .../pallets/identity-management/src/tests.rs | 4 +- parachain/pallets/omni-account/src/mock.rs | 10 +- parachain/pallets/teebag/Cargo.toml | 2 + parachain/pallets/teebag/src/benchmarking.rs | 7 +- parachain/pallets/teebag/src/lib.rs | 16 +- .../pallets/teebag/src/quoting_enclave.rs | 78 -- .../teebag/src/sgx_verify/collateral.rs | 281 ------ .../teebag/src/sgx_verify/ephemeral_key.rs | 31 - .../pallets/teebag/src/sgx_verify/mod.rs | 840 ---------------- .../teebag/src/sgx_verify/netscape_comment.rs | 46 - .../pallets/teebag/src/sgx_verify/utils.rs | 38 - parachain/pallets/teebag/src/tcb.rs | 103 -- parachain/pallets/teebag/src/tests.rs | 4 +- parachain/pallets/vc-management/Cargo.toml | 2 +- parachain/pallets/vc-management/src/lib.rs | 4 +- parachain/pallets/vc-management/src/mock.rs | 10 +- parachain/pallets/vc-management/src/tests.rs | 4 +- parachain/runtime/common/src/lib.rs | 2 +- parachain/runtime/litentry/src/lib.rs | 6 +- parachain/runtime/paseo/src/lib.rs | 5 +- parachain/runtime/rococo/src/lib.rs | 6 +- tee-worker/Cargo.lock | 819 ++++++---------- tee-worker/Cargo.toml | 16 +- .../core-primitives/enclave-api/Cargo.toml | 2 - .../enclave-api/src/enclave_base.rs | 6 +- .../enclave-api/src/remote_attestation.rs | 6 +- .../bitacross/enclave-runtime/Cargo.lock | 122 +-- .../bitacross/enclave-runtime/Cargo.toml | 10 + .../common/core-primitives/types/src/lib.rs | 5 +- .../common/litentry/primitives/Cargo.toml | 2 - .../common/litentry/primitives/src/lib.rs | 8 +- .../identity/app-libs/sgx-runtime/Cargo.toml | 2 +- tee-worker/identity/cli/Cargo.toml | 3 +- .../commands/litentry/get_storage.rs | 16 +- .../core-primitives/enclave-api/Cargo.toml | 2 - .../enclave-api/src/enclave_base.rs | 6 +- .../enclave-api/src/remote_attestation.rs | 6 +- .../identity/enclave-runtime/Cargo.lock | 345 ++----- .../identity/enclave-runtime/Cargo.toml | 10 + .../litentry/core/assertion-build/Cargo.toml | 1 - .../core/assertion-build/src/lit_staking.rs | 48 +- 93 files changed, 2351 insertions(+), 2668 deletions(-) create mode 100644 common/primitives/core/src/teebag/mod.rs create mode 100644 common/primitives/core/src/teebag/quoting_enclave.rs rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/AttestationReportSigningCACert.pem (100%) create mode 100644 common/primitives/core/src/teebag/sgx_verify/collateral.rs create mode 100644 common/primitives/core/src/teebag/sgx_verify/ephemeral_key.rs rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/fuzz/Cargo.lock (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/fuzz/Cargo.toml (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/fuzz/fuzz_targets/decode_quote.rs (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/fuzz/fuzz_targets/deserialize_json.rs (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/fuzz/fuzz_targets/extract_tcb_info.rs (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/fuzz/fuzz_targets/signature_check.rs (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/fuzz/fuzz_targets/verify_ias_report.rs (100%) create mode 100644 common/primitives/core/src/teebag/sgx_verify/mod.rs create mode 100644 common/primitives/core/src/teebag/sgx_verify/netscape_comment.rs rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/dcap/dcap_quote_cert.der (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/dcap/pck_crl.der (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/dcap/pck_crl_issuer_chain.pem (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/dcap/qe_identity.json (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/dcap/qe_identity_cert.pem (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/dcap/qe_identity_issuer_chain.pem (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/dcap/root_ca_crl.der (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/dcap/tcb_info.json (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/dcap/tcb_info_issuer_chain.pem (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/enclave-signing-pubkey-TEST4.bin (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/enclave-signing-pubkey-TEST5.bin (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/enclave-signing-pubkey-TEST6.bin (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/enclave-signing-pubkey-TEST7.bin (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/enclave-signing-pubkey-TEST8-PRODUCTION.bin (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/ra_dump_cert_TEST4.der (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/ra_dump_cert_TEST5.der (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/ra_dump_cert_TEST6.der (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/ra_dump_cert_TEST7.der (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/ra_dump_cert_TEST8_PRODUCTION.der (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/test_ra_cert_MRSIGNER1_MRENCLAVE1.der (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/test_ra_cert_MRSIGNER2_MRENCLAVE2.der (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/test_ra_cert_MRSIGNER3_MRENCLAVE2.der (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/test_ra_signer_attn_MRSIGNER1_MRENCLAVE1.bin (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/test_ra_signer_attn_MRSIGNER2_MRENCLAVE2.bin (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/test_ra_signer_attn_MRSIGNER3_MRENCLAVE2.bin (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER1_MRENCLAVE1.bin (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER2_MRENCLAVE2.bin (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER3_MRENCLAVE2.bin (100%) rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/sgx_verify/tests.rs (59%) create mode 100644 common/primitives/core/src/teebag/sgx_verify/utils.rs create mode 100644 common/primitives/core/src/teebag/tcb.rs rename {parachain/pallets/teebag/src => common/primitives/core/src/teebag}/types.rs (51%) delete mode 100644 parachain/pallets/teebag/src/quoting_enclave.rs delete mode 100644 parachain/pallets/teebag/src/sgx_verify/collateral.rs delete mode 100644 parachain/pallets/teebag/src/sgx_verify/ephemeral_key.rs delete mode 100644 parachain/pallets/teebag/src/sgx_verify/mod.rs delete mode 100644 parachain/pallets/teebag/src/sgx_verify/netscape_comment.rs delete mode 100644 parachain/pallets/teebag/src/sgx_verify/utils.rs delete mode 100644 parachain/pallets/teebag/src/tcb.rs diff --git a/common/primitives/core/Cargo.toml b/common/primitives/core/Cargo.toml index 385072795f..0734ba84c8 100644 --- a/common/primitives/core/Cargo.toml +++ b/common/primitives/core/Cargo.toml @@ -6,9 +6,19 @@ version = '0.1.0' [dependencies] base58 = { version = "0.2", default-features = false } +base64 = { version = "0.13", default-features = false, features = ["alloc"] } parity-scale-codec = { version = "3.6", default-features = false, features = ["derive", "max-encoded-len"] } strum = { version = "0.26", default-features = false } strum_macros = { version = "0.26", default-features = false } +serde = { version = "1.0", default-features = false, features = ["derive", "alloc"] } +serde_json = { version = "=1.0.120", default-features = false } +der = { version = "0.6.0", default-features = false } +hex = { version = "0.4", default-features = false } +hex-literal = { version = "0.4.1", default-features = false } +chrono = { version = "0.4", default-features = false, features = ["serde"] } +ring = { version = "0.16.20", default-features = false, features = ["alloc"] } +x509-cert = { version = "0.1.0", default-features = false, features = ["alloc"] } +webpki = { version = "=0.102.0-alpha.3", git = "https://github.com/rustls/webpki", rev = "da923ed", package = "rustls-webpki", default-features = false, features = ["alloc", "ring"] } frame-support = { git = "https://github.com/paritytech/polkadot-sdk", branch = "release-polkadot-v1.1.0", default-features = false } pallet-evm = { git = "https://github.com/paritytech/frontier", branch = "polkadot-v1.1.0", default-features = false } @@ -16,6 +26,7 @@ scale-info = { version = "2.11", default-features = false, features = ["derive"] sp-core = { git = "https://github.com/paritytech/polkadot-sdk", branch = "release-polkadot-v1.1.0", default-features = false } sp-io = { git = "https://github.com/paritytech/polkadot-sdk", branch = "release-polkadot-v1.1.0", default-features = false } sp-runtime = { git = "https://github.com/paritytech/polkadot-sdk", branch = "release-polkadot-v1.1.0", default-features = false } +sp-std = { git = "https://github.com/paritytech/polkadot-sdk", branch = "release-polkadot-v1.1.0", default-features = false } litentry-hex-utils = { path = "../../utils/hex", default-features = false } litentry-macros = { path = "macros" } @@ -24,6 +35,14 @@ litentry-proc-macros = { path = "proc-macros" } [features] default = ["std"] std = [ + "chrono/std", + "der/std", + "hex/std", + "ring/std", + "webpki/std", + "x509-cert/std", + "serde/std", + "serde_json/std", "strum/std", "parity-scale-codec/std", "scale-info/std", @@ -31,6 +50,7 @@ std = [ "sp-core/std", "sp-runtime/std", "sp-io/std", + "sp-std/std", "pallet-evm/std", "litentry-hex-utils/std", ] diff --git a/common/primitives/core/src/lib.rs b/common/primitives/core/src/lib.rs index acea7e721f..1ef747b5f0 100644 --- a/common/primitives/core/src/lib.rs +++ b/common/primitives/core/src/lib.rs @@ -23,16 +23,19 @@ pub use error::*; mod vc; pub use vc::*; +pub mod teebag; +pub use teebag::*; + pub mod assertion; pub use assertion::Assertion; pub mod identity; pub use identity::*; -extern crate alloc; extern crate core; use alloc::{format, str, str::FromStr, string::String, vec, vec::Vec}; use core::hash::Hash as CoreHash; +use sp_core::H256; use sp_runtime::{traits::ConstU32, BoundedVec}; pub use constants::*; @@ -44,10 +47,12 @@ pub type ParameterString = BoundedVec>; /// Common types of parachains. mod types { + use super::H256; use sp_runtime::{ traits::{IdentifyAccount, Verify}, MultiSignature, }; + /// Alias to 512-bit hash when used in the context of a transaction signature on the chain. pub type Signature = MultiSignature; @@ -68,7 +73,7 @@ mod types { pub type Nonce = u32; /// A hash of some data used by the chain. - pub type Hash = sp_core::H256; + pub type Hash = H256; /// An index to a block. pub type BlockNumber = u32; diff --git a/common/primitives/core/src/teebag/mod.rs b/common/primitives/core/src/teebag/mod.rs new file mode 100644 index 0000000000..a728adb6e4 --- /dev/null +++ b/common/primitives/core/src/teebag/mod.rs @@ -0,0 +1,27 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +mod types; +pub use types::*; + +mod tcb; +pub use tcb::*; + +mod sgx_verify; +pub use sgx_verify::*; + +mod quoting_enclave; +pub use quoting_enclave::*; diff --git a/common/primitives/core/src/teebag/quoting_enclave.rs b/common/primitives/core/src/teebag/quoting_enclave.rs new file mode 100644 index 0000000000..049ecef164 --- /dev/null +++ b/common/primitives/core/src/teebag/quoting_enclave.rs @@ -0,0 +1,78 @@ +/* +Copyright 2021 Integritee AG and Supercomputing Systems AG + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +*/ + +// `QuotingEnclave` primitive part, copied from Integritee + +use crate::{MrSigner, QeTcb, Vec}; +use parity_scale_codec::{Decode, Encode}; +use scale_info::TypeInfo; +use sp_core::RuntimeDebug; + +/// This represents all the collateral data that we need to store on chain in order to verify +/// the quoting enclave validity of another enclave that wants to register itself on chain +#[derive(Encode, Decode, Default, Clone, PartialEq, Eq, RuntimeDebug, TypeInfo)] +pub struct QuotingEnclave { + // Todo: make timestamp: Moment + pub issue_date: u64, // unix epoch in milliseconds + // Todo: make timestamp: Moment + pub next_update: u64, // unix epoch in milliseconds + pub miscselect: [u8; 4], + pub miscselect_mask: [u8; 4], + pub attributes: [u8; 16], + pub attributes_mask: [u8; 16], + pub mrsigner: MrSigner, + pub isvprodid: u16, + /// Contains only the TCB versions that are considered UpToDate + pub tcb: Vec, +} + +impl QuotingEnclave { + #[allow(clippy::too_many_arguments)] + pub fn new( + issue_date: u64, + next_update: u64, + miscselect: [u8; 4], + miscselect_mask: [u8; 4], + attributes: [u8; 16], + attributes_mask: [u8; 16], + mrsigner: MrSigner, + isvprodid: u16, + tcb: Vec, + ) -> Self { + Self { + issue_date, + next_update, + miscselect, + miscselect_mask, + attributes, + attributes_mask, + mrsigner, + isvprodid, + tcb, + } + } + + pub fn attributes_flags_mask_as_u64(&self) -> u64 { + let slice_as_array: [u8; 8] = self.attributes_mask[0..8].try_into().unwrap(); + u64::from_le_bytes(slice_as_array) + } + + pub fn attributes_flags_as_u64(&self) -> u64 { + let slice_as_array: [u8; 8] = self.attributes[0..8].try_into().unwrap(); + u64::from_le_bytes(slice_as_array) + } +} diff --git a/parachain/pallets/teebag/src/sgx_verify/AttestationReportSigningCACert.pem b/common/primitives/core/src/teebag/sgx_verify/AttestationReportSigningCACert.pem similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/AttestationReportSigningCACert.pem rename to common/primitives/core/src/teebag/sgx_verify/AttestationReportSigningCACert.pem diff --git a/common/primitives/core/src/teebag/sgx_verify/collateral.rs b/common/primitives/core/src/teebag/sgx_verify/collateral.rs new file mode 100644 index 0000000000..1cb349ffe0 --- /dev/null +++ b/common/primitives/core/src/teebag/sgx_verify/collateral.rs @@ -0,0 +1,282 @@ +/* + Copyright 2022 Integritee AG and Supercomputing Systems AG + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +*/ + +pub extern crate alloc; + +use crate::{Fmspc, MrSigner, Pcesvn, QeTcb, QuotingEnclave, TcbInfoOnChain, TcbVersionStatus}; +use alloc::string::String; +use chrono::prelude::{DateTime, Utc}; +use serde::{de::Error, Deserialize, Deserializer, Serialize, Serializer}; +use sp_std::prelude::*; + +/// The data structures in here are designed such that they can be used to serialize/deserialize +/// the "TCB info" and "enclave identity" collateral data in JSON format provided by intel +/// See https://api.portal.trustedservices.intel.com/documentation for further information and examples + +#[derive(Serialize, Deserialize)] +pub struct Tcb { + isvsvn: u16, +} + +impl Tcb { + pub fn is_valid(&self) -> bool { + // At the time of writing this code everything older than 6 is outdated + // Intel does the same check in their DCAP implementation + self.isvsvn >= 6 + } +} + +#[derive(Serialize, Deserialize)] +#[serde(rename_all = "camelCase")] +pub struct TcbLevel { + tcb: Tcb, + /// Intel does not verify the tcb_date in their code and their API documentation also does + /// not mention it needs verification. + tcb_date: DateTime, + tcb_status: String, + #[serde(rename = "advisoryIDs")] + #[serde(skip_serializing_if = "Option::is_none")] + advisory_ids: Option>, +} + +impl TcbLevel { + pub fn is_valid(&self) -> bool { + // UpToDate is the only valid status (the other being OutOfDate and Revoked) + // A possible extension would be to also verify that the advisory_ids list is empty, + // but I think this could also lead to all TcbLevels being invalid + self.tcb.is_valid() && self.tcb_status == "UpToDate" + } +} + +#[derive(Serialize, Deserialize)] +struct TcbComponent { + svn: u8, + #[serde(skip_serializing_if = "Option::is_none")] + category: Option, + #[serde(rename = "type")] //type is a keyword so we rename the field + #[serde(skip_serializing_if = "Option::is_none")] + tcb_type: Option, +} + +#[derive(Serialize, Deserialize)] +pub struct TcbFull { + sgxtcbcomponents: [TcbComponent; 16], + pcesvn: Pcesvn, +} + +#[derive(Serialize, Deserialize)] +#[serde(rename_all = "camelCase")] +pub struct TcbLevelFull { + tcb: TcbFull, + /// Intel does not verify the tcb_date in their code and their API documentation also does + /// not mention it needs verification. + tcb_date: DateTime, + tcb_status: String, + #[serde(rename = "advisoryIDs")] + #[serde(skip_serializing_if = "Option::is_none")] + advisory_ids: Option>, +} + +impl TcbLevelFull { + pub fn is_valid(&self) -> bool { + // A possible extension would be to also verify that the advisory_ids list is empty, + // but I think this could also lead to all TcbLevels being invalid + // + // Litentry: be more lenient with it + self.tcb_status == "UpToDate" + || self.tcb_status == "SWHardeningNeeded" + || self.tcb_status == "ConfigurationNeeded" + || self.tcb_status == "ConfigurationAndSWHardeningNeeded" + } +} + +#[derive(Serialize, Deserialize)] +#[serde(rename_all = "camelCase")] +pub struct EnclaveIdentity { + id: String, + version: u16, + issue_date: DateTime, + next_update: DateTime, + tcb_evaluation_data_number: u16, + #[serde(deserialize_with = "deserialize_from_hex::<_, 4>")] + #[serde(serialize_with = "serialize_to_hex::<_, 4>")] + miscselect: [u8; 4], + #[serde(deserialize_with = "deserialize_from_hex::<_, 4>")] + #[serde(serialize_with = "serialize_to_hex::<_, 4>")] + miscselect_mask: [u8; 4], + #[serde(deserialize_with = "deserialize_from_hex::<_, 16>")] + #[serde(serialize_with = "serialize_to_hex::<_, 16>")] + attributes: [u8; 16], + #[serde(deserialize_with = "deserialize_from_hex::<_, 16>")] + #[serde(serialize_with = "serialize_to_hex::<_, 16>")] + attributes_mask: [u8; 16], + #[serde(deserialize_with = "deserialize_from_hex::<_, 32>")] + #[serde(serialize_with = "serialize_to_hex::<_, 32>")] + mrsigner: MrSigner, + pub isvprodid: u16, + pub tcb_levels: Vec, +} + +fn serialize_to_hex(x: &[u8; N], s: S) -> Result +where + S: Serializer, +{ + s.serialize_str(&hex::encode(x).to_uppercase()) +} + +fn deserialize_from_hex<'de, D, const N: usize>(deserializer: D) -> Result<[u8; N], D::Error> +where + D: Deserializer<'de>, +{ + let s: &str = Deserialize::deserialize(deserializer)?; + let hex = hex::decode(s).map_err(|_| D::Error::custom("Failed to deserialize hex string"))?; + hex.try_into() + .map_err(|_| D::Error::custom("Invalid hex length")) +} + +impl EnclaveIdentity { + /// This extracts the necessary information into the struct that we actually store in the chain + pub fn to_quoting_enclave(&self) -> QuotingEnclave { + let mut valid_tcbs: Vec = Vec::new(); + for tcb in &self.tcb_levels { + if tcb.is_valid() { + valid_tcbs.push(QeTcb::new(tcb.tcb.isvsvn)); + } + } + QuotingEnclave::new( + self.issue_date + .timestamp_millis() + .try_into() + .expect("no support for negative unix timestamps"), + self.next_update + .timestamp_millis() + .try_into() + .expect("no support for negative unix timestamps"), + self.miscselect, + self.miscselect_mask, + self.attributes, + self.attributes_mask, + self.mrsigner, + self.isvprodid, + valid_tcbs, + ) + } + + pub fn is_valid(&self, timestamp_millis: i64) -> bool { + self.id == "QE" + && self.version == 2 + && self.issue_date.timestamp_millis() < timestamp_millis + && timestamp_millis < self.next_update.timestamp_millis() + } +} + +#[derive(Serialize, Deserialize)] +#[serde(rename_all = "camelCase")] +pub struct TcbInfo { + id: String, + version: u8, + issue_date: DateTime, + next_update: DateTime, + #[serde(deserialize_with = "deserialize_from_hex::<_, 6>")] + #[serde(serialize_with = "serialize_to_hex::<_, 6>")] + pub fmspc: Fmspc, + pce_id: String, + tcb_type: u16, + tcb_evaluation_data_number: u16, + tcb_levels: Vec, +} + +impl TcbInfo { + /// This extracts the necessary information into a tuple (`(Key, Value)`) that we actually store + /// in the chain + pub fn to_chain_tcb_info(&self) -> (Fmspc, TcbInfoOnChain) { + let valid_tcbs: Vec = self + .tcb_levels + .iter() + // Only store TCB levels on chain that are currently valid + .filter(|tcb| tcb.is_valid()) + .map(|tcb| { + let mut components = [0u8; 16]; + for (i, t) in tcb.tcb.sgxtcbcomponents.iter().enumerate() { + components[i] = t.svn; + } + TcbVersionStatus::new(components, tcb.tcb.pcesvn) + }) + .collect(); + ( + self.fmspc, + TcbInfoOnChain::new( + self.issue_date + .timestamp_millis() + .try_into() + .expect("no support for negative unix timestamps"), + self.next_update + .timestamp_millis() + .try_into() + .expect("no support for negative unix timestamps"), + valid_tcbs, + ), + ) + } + + pub fn is_valid(&self, timestamp_millis: i64) -> bool { + self.id == "SGX" + && self.version == 3 + && self.issue_date.timestamp_millis() < timestamp_millis + && timestamp_millis < self.next_update.timestamp_millis() + } +} + +#[derive(Serialize, Deserialize)] +#[serde(rename_all = "camelCase")] +pub struct TcbInfoSigned { + pub tcb_info: TcbInfo, + pub signature: String, +} + +#[derive(Serialize, Deserialize)] +#[serde(rename_all = "camelCase")] +pub struct EnclaveIdentitySigned { + pub enclave_identity: EnclaveIdentity, + pub signature: String, +} + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn tcb_level_is_valid() { + let t: TcbLevel = serde_json::from_str( + r#"{"tcb":{"isvsvn":6}, "tcbDate":"2021-11-10T00:00:00Z", "tcbStatus":"UpToDate" }"#, + ) + .unwrap(); + assert!(t.is_valid()); + + let t: TcbLevel = serde_json::from_str( + r#"{"tcb":{"isvsvn":6}, "tcbDate":"2021-11-10T00:00:00Z", "tcbStatus":"OutOfDate" }"#, + ) + .unwrap(); + assert!(!t.is_valid()); + + let t: TcbLevel = serde_json::from_str( + r#"{"tcb":{"isvsvn":5}, "tcbDate":"2021-11-10T00:00:00Z", "tcbStatus":"UpToDate" }"#, + ) + .unwrap(); + assert!(!t.is_valid()); + } +} diff --git a/common/primitives/core/src/teebag/sgx_verify/ephemeral_key.rs b/common/primitives/core/src/teebag/sgx_verify/ephemeral_key.rs new file mode 100644 index 0000000000..5fb62967b2 --- /dev/null +++ b/common/primitives/core/src/teebag/sgx_verify/ephemeral_key.rs @@ -0,0 +1,34 @@ +use super::{utils::length_from_raw_data, CertDer}; +use sp_std::convert::TryFrom; + +#[allow(dead_code)] +pub struct EphemeralKey<'a>(&'a [u8]); + +pub const PRIME256V1_OID: &[u8; 10] = &[0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07]; +impl<'a> TryFrom> for EphemeralKey<'a> { + type Error = &'static str; + + fn try_from(value: CertDer<'a>) -> Result { + let cert_der = value.0; + + let mut offset = cert_der + .windows(PRIME256V1_OID.len()) + .position(|window| window == PRIME256V1_OID) + .ok_or("Certificate does not contain 'PRIME256V1_OID'")?; + + offset += PRIME256V1_OID.len() + 1; // OID length + TAG (0x03) + + // Obtain Public Key length + let len = length_from_raw_data(cert_der, &mut offset)?; + + // Obtain Public Key + offset += 1; + let pub_k = cert_der + .get(offset + 2..offset + len) + .ok_or("Index out of bounds")?; // skip "00 04" + + #[cfg(test)] + println!("verifyRA ephemeral public key: {:x?}", pub_k); + Ok(EphemeralKey(pub_k)) + } +} diff --git a/parachain/pallets/teebag/src/sgx_verify/fuzz/Cargo.lock b/common/primitives/core/src/teebag/sgx_verify/fuzz/Cargo.lock similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/fuzz/Cargo.lock rename to common/primitives/core/src/teebag/sgx_verify/fuzz/Cargo.lock diff --git a/parachain/pallets/teebag/src/sgx_verify/fuzz/Cargo.toml b/common/primitives/core/src/teebag/sgx_verify/fuzz/Cargo.toml similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/fuzz/Cargo.toml rename to common/primitives/core/src/teebag/sgx_verify/fuzz/Cargo.toml diff --git a/parachain/pallets/teebag/src/sgx_verify/fuzz/fuzz_targets/decode_quote.rs b/common/primitives/core/src/teebag/sgx_verify/fuzz/fuzz_targets/decode_quote.rs similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/fuzz/fuzz_targets/decode_quote.rs rename to common/primitives/core/src/teebag/sgx_verify/fuzz/fuzz_targets/decode_quote.rs diff --git a/parachain/pallets/teebag/src/sgx_verify/fuzz/fuzz_targets/deserialize_json.rs b/common/primitives/core/src/teebag/sgx_verify/fuzz/fuzz_targets/deserialize_json.rs similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/fuzz/fuzz_targets/deserialize_json.rs rename to common/primitives/core/src/teebag/sgx_verify/fuzz/fuzz_targets/deserialize_json.rs diff --git a/parachain/pallets/teebag/src/sgx_verify/fuzz/fuzz_targets/extract_tcb_info.rs b/common/primitives/core/src/teebag/sgx_verify/fuzz/fuzz_targets/extract_tcb_info.rs similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/fuzz/fuzz_targets/extract_tcb_info.rs rename to common/primitives/core/src/teebag/sgx_verify/fuzz/fuzz_targets/extract_tcb_info.rs diff --git a/parachain/pallets/teebag/src/sgx_verify/fuzz/fuzz_targets/signature_check.rs b/common/primitives/core/src/teebag/sgx_verify/fuzz/fuzz_targets/signature_check.rs similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/fuzz/fuzz_targets/signature_check.rs rename to common/primitives/core/src/teebag/sgx_verify/fuzz/fuzz_targets/signature_check.rs diff --git a/parachain/pallets/teebag/src/sgx_verify/fuzz/fuzz_targets/verify_ias_report.rs b/common/primitives/core/src/teebag/sgx_verify/fuzz/fuzz_targets/verify_ias_report.rs similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/fuzz/fuzz_targets/verify_ias_report.rs rename to common/primitives/core/src/teebag/sgx_verify/fuzz/fuzz_targets/verify_ias_report.rs diff --git a/common/primitives/core/src/teebag/sgx_verify/mod.rs b/common/primitives/core/src/teebag/sgx_verify/mod.rs new file mode 100644 index 0000000000..d07583dc14 --- /dev/null +++ b/common/primitives/core/src/teebag/sgx_verify/mod.rs @@ -0,0 +1,907 @@ +/* + Copyright 2021 Integritee AG and Supercomputing Systems AG + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +*/ + +//! Contains all the logic for understanding and verifying SGX remote attestation reports. +//! +//! Intel's documentation is scattered across different documents: +//! +//! "Intel® Software Guard Extensions: PCK Certificate and Certificate Revocation List Profile +//! Specification", further denoted as `PCK_Certificate_CRL_Spec-1.1`. +//! +//! * https://download.01.org/intel-sgx/dcap-1.2/linux/docs/Intel_SGX_PCK_Certificate_CRL_Spec-1.1.pdf +//! +//! Intel® SGX Developer Guide, further denoted as `SGX_Developer_Guide`: +//! +//! * https://download.01.org/intel-sgx/linux-1.5/docs/Intel_SGX_Developer_Guide.pdf + +pub extern crate alloc; + +use self::{ + collateral::{EnclaveIdentity, TcbInfo}, + netscape_comment::NetscapeComment, + utils::length_from_raw_data, +}; +use crate::{ + Cpusvn, Fmspc, MrEnclave, MrSigner, Pcesvn, QuotingEnclave, SgxBuildMode, TcbVersionStatus, +}; +use alloc::string::String; +use chrono::DateTime; +use core::time::Duration; +use der::asn1::ObjectIdentifier; +use frame_support::{ensure, traits::Len}; +use parity_scale_codec::{Decode, Encode, Input}; +use ring::signature::{self}; +use scale_info::TypeInfo; +use serde_json::Value; +use sp_std::{ + convert::{TryFrom, TryInto}, + prelude::*, + vec, +}; +use x509_cert::Certificate; + +pub mod collateral; +mod ephemeral_key; +mod netscape_comment; +#[cfg(test)] +mod tests; +mod utils; + +const SGX_REPORT_DATA_SIZE: usize = 64; +#[derive(Debug, Encode, Decode, PartialEq, Eq, Copy, Clone, TypeInfo)] +#[repr(C)] +pub struct SgxReportData { + d: [u8; SGX_REPORT_DATA_SIZE], +} + +#[derive(Debug, Encode, Decode, PartialEq, Eq, Copy, Clone, TypeInfo)] +#[repr(C)] +pub struct SGXAttributes { + flags: u64, + xfrm: u64, +} + +/// This is produced by an SGX platform, when it wants to be attested. +#[derive(Debug, Decode, Clone, TypeInfo)] +#[repr(C)] +pub struct DcapQuote { + header: DcapQuoteHeader, + body: SgxReportBody, + signature_data_len: u32, + quote_signature_data: EcdsaQuoteSignature, +} + +/// All the documentation about this can be found in the `PCK_Certificate_CRL_Spec-1.1` page 62. +#[derive(Debug, Encode, Decode, Copy, Clone, TypeInfo)] +#[repr(C)] +pub struct DcapQuoteHeader { + /// Version of the Quote data structure. + /// + /// This is version 3 for the DCAP ECDSA attestation. + version: u16, + /// Type of the Attestation Key used by the Quoting Enclave. + /// • Supported values: + /// - 2 (ECDSA-256-with-P-256 curve) + /// - 3 (ECDSA-384-with-P-384 curve) (Note: currently not supported) + attestation_key_type: u16, + /// Reserved field, value 0. + reserved: u32, + /// Security Version of the Quoting Enclave currently loaded on the platform. + qe_svn: u16, + /// Security Version of the Provisioning Certification Enclave currently loaded on the + /// platform. + pce_svn: u16, + /// Unique identifier of the QE Vendor. + /// + /// This will usually be Intel's Quoting enclave with the ID: 939A7233F79C4CA9940A0DB3957F0607. + qe_vendor_id: [u8; 16], + /// Custom user-defined data. + user_data: [u8; 20], +} + +const ATTESTATION_KEY_SIZE: usize = 64; +const REPORT_SIGNATURE_SIZE: usize = 64; + +#[derive(Debug, Decode, Clone, TypeInfo)] +#[repr(C)] +pub struct EcdsaQuoteSignature { + isv_enclave_report_signature: [u8; REPORT_SIGNATURE_SIZE], + ecdsa_attestation_key: [u8; ATTESTATION_KEY_SIZE], + qe_report: SgxReportBody, + qe_report_signature: [u8; REPORT_SIGNATURE_SIZE], + qe_authentication_data: QeAuthenticationData, + qe_certification_data: QeCertificationData, +} + +#[derive(Debug, Clone, TypeInfo)] +#[repr(C)] +pub struct QeAuthenticationData { + size: u16, + certification_data: Vec, +} + +impl Decode for QeAuthenticationData { + fn decode(input: &mut I) -> Result { + let mut size_buf: [u8; 2] = [0; 2]; + input.read(&mut size_buf)?; + let size = u16::from_le_bytes(size_buf); + + let mut certification_data = vec![0; size.into()]; + input.read(&mut certification_data)?; + + Ok(Self { + size, + certification_data, + }) + } +} + +#[derive(Debug, Clone, TypeInfo)] +#[repr(C)] +pub struct QeCertificationData { + certification_data_type: u16, + size: u32, + certification_data: Vec, +} + +impl Decode for QeCertificationData { + fn decode(input: &mut I) -> Result { + let mut certification_data_type_buf: [u8; 2] = [0; 2]; + input.read(&mut certification_data_type_buf)?; + let certification_data_type = u16::from_le_bytes(certification_data_type_buf); + + let mut size_buf: [u8; 4] = [0; 4]; + input.read(&mut size_buf)?; + let size = u32::from_le_bytes(size_buf); + // This is an arbitrary limit to prevent out of memory issues. Intel does not specify a max + // value + if size > 65_000 { + return Result::Err(parity_scale_codec::Error::from( + "Certification data too long. Max 65000 bytes are allowed", + )); + } + + // Safety: The try_into() can only fail due to overflow on a 16-bit system, but we anyway + // ensure the value is small enough above. + let mut certification_data = vec![0; size.try_into().unwrap()]; + input.read(&mut certification_data)?; + + Ok(Self { + certification_data_type, + size, + certification_data, + }) + } +} + +// see Intel SGX SDK https://github.com/intel/linux-sgx/blob/master/common/inc/sgx_report.h +const SGX_REPORT_BODY_RESERVED1_BYTES: usize = 12; +const SGX_REPORT_BODY_RESERVED2_BYTES: usize = 32; +const SGX_REPORT_BODY_RESERVED3_BYTES: usize = 32; +const SGX_REPORT_BODY_RESERVED4_BYTES: usize = 42; +const SGX_FLAGS_DEBUG: u64 = 0x0000000000000002; + +/// SGX report about an enclave. +/// +/// We don't verify all of the fields, as some contain business logic specific data that is +/// not related to the overall validity of an enclave. We only check security related fields. The +/// only exception to this is the quoting enclave, where we validate specific fields against known +/// values. +#[derive(Debug, Encode, Decode, Copy, Clone, TypeInfo)] +#[repr(C)] +pub struct SgxReportBody { + /// Security version of the CPU. + /// + /// Reflects the processors microcode update version. + cpu_svn: [u8; 16], /* ( 0) Security Version of the CPU */ + /// State Save Area (SSA) extended feature set. Flags used for specific exception handling + /// settings. Unless, you know what you are doing these should all be 0. + /// + /// See: https://cdrdv2-public.intel.com/671544/exception-handling-in-intel-sgx.pdf. + misc_select: [u8; 4], /* ( 16) Which fields defined in SSA.MISC */ + /// Unused reserved bytes. + reserved1: [u8; SGX_REPORT_BODY_RESERVED1_BYTES], /* ( 20) */ + /// Extended Product ID of an enclave. + isv_ext_prod_id: [u8; 16], /* ( 32) ISV assigned Extended Product ID */ + /// Attributes, defines features that should be enabled for an enclave. + /// + /// Here, we only check if the Debug mode is enabled. + /// + /// More details in `SGX_Developer_Guide` under `Debug (Opt-in) Enclave Consideration` on page + /// 24. + attributes: SGXAttributes, /* ( 48) Any special Capabilities the Enclave possess */ + /// Enclave measurement. + /// + /// A single 256-bit hash that identifies the code and initial data to + /// be placed inside the enclave, the expected order and position in which they are to be + /// placed, and the security properties of those pages. More details in `SGX_Developer_Guide` + /// page 6. + mr_enclave: MrEnclave, /* ( 64) The value of the enclave's ENCLAVE measurement */ + /// Unused reserved bytes. + reserved2: [u8; SGX_REPORT_BODY_RESERVED2_BYTES], /* ( 96) */ + /// The enclave author’s public key. + /// + /// More details in `SGX_Developer_Guide` page 6. + mr_signer: MrSigner, /* (128) The value of the enclave's SIGNER measurement */ + /// Unused reserved bytes. + reserved3: [u8; SGX_REPORT_BODY_RESERVED3_BYTES], /* (160) */ + /// Config ID of an enclave. + /// + /// Todo: #142 - Investigate the relevancy of this value. + config_id: [u8; 64], /* (192) CONFIGID */ + /// The Product ID of the enclave. + /// + /// The Independent Software Vendor (ISV) should configure a unique ISVProdID for each product + /// that may want to share sealed data between enclaves signed with a specific `MRSIGNER`. + isv_prod_id: u16, /* (256) Product ID of the Enclave */ + /// ISV security version of the enclave. + /// + /// This is the enclave author's responsibility to increase it whenever a security related + /// update happened. Here, we will only check it for the `Quoting Enclave` to ensure that the + /// quoting enclave is recent enough. + /// + /// More details in `SGX_Developer_Guide` page 6. + isv_svn: u16, /* (258) Security Version of the Enclave */ + /// Config Security version of the enclave. + config_svn: u16, /* (260) CONFIGSVN */ + /// Unused reserved bytes. + reserved4: [u8; SGX_REPORT_BODY_RESERVED4_BYTES], /* (262) */ + /// Family ID assigned by the ISV. + /// + /// Todo: #142 - Investigate the relevancy of this value. + isv_family_id: [u8; 16], /* (304) ISV assigned Family ID */ + /// Custom data to be defined by the enclave author. + /// + /// We use this to provide the public key of the enclave that is to be registered on the chain. + /// Doing this, will prove that the public key is from a legitimate SGX enclave when it is + /// verified together with the remote attestation. + report_data: SgxReportData, /* (320) Data provided by the user */ +} + +impl SgxReportBody { + pub fn sgx_build_mode(&self) -> SgxBuildMode { + if self.attributes.flags & SGX_FLAGS_DEBUG == SGX_FLAGS_DEBUG { + SgxBuildMode::Debug + } else { + SgxBuildMode::Production + } + } + + fn verify_misc_select_field(&self, o: &QuotingEnclave) -> bool { + for i in 0..self.misc_select.len() { + if (self.misc_select[i] & o.miscselect_mask[i]) + != (o.miscselect[i] & o.miscselect_mask[i]) + { + return false; + } + } + true + } + + fn verify_attributes_field(&self, o: &QuotingEnclave) -> bool { + let attributes_flags = self.attributes.flags; + + let quoting_enclave_attributes_mask = o.attributes_flags_mask_as_u64(); + let quoting_enclave_attributes_flags = o.attributes_flags_as_u64(); + + (attributes_flags & quoting_enclave_attributes_mask) == quoting_enclave_attributes_flags + } + + pub fn verify(&self, o: &QuotingEnclave) -> bool { + if self.isv_prod_id != o.isvprodid || self.mr_signer != o.mrsigner { + return false; + } + if !self.verify_misc_select_field(o) { + return false; + } + if !self.verify_attributes_field(o) { + return false; + } + for tcb in &o.tcb { + // If the enclave isvsvn is bigger than one of the + if self.isv_svn >= tcb.isvsvn { + return true; + } + } + false + } +} +// see Intel SGX SDK https://github.com/intel/linux-sgx/blob/master/common/inc/sgx_quote.h +#[derive(Encode, Decode, Copy, Clone, TypeInfo)] +#[repr(C)] +pub struct SgxQuote { + version: u16, /* 0 */ + sign_type: u16, /* 2 */ + epid_group_id: u32, /* 4 */ + qe_svn: u16, /* 8 */ + pce_svn: u16, /* 10 */ + xeid: u32, /* 12 */ + basename: [u8; 32], /* 16 */ + report_body: SgxReportBody, /* 48 */ +} + +#[derive(Encode, Decode, Copy, Clone, PartialEq, Eq, sp_core::RuntimeDebug, TypeInfo, Default)] +pub enum SgxStatus { + #[default] + #[codec(index = 0)] + Invalid, + #[codec(index = 1)] + Ok, + #[codec(index = 2)] + GroupOutOfDate, + #[codec(index = 3)] + GroupRevoked, + #[codec(index = 4)] + ConfigurationNeeded, +} + +#[derive(Encode, Decode, Default, Clone, PartialEq, Eq, sp_core::RuntimeDebug, TypeInfo)] +pub struct SgxReport { + pub mr_enclave: MrEnclave, + pub pubkey: [u8; 32], + pub status: SgxStatus, + pub timestamp: u64, // unix timestamp in milliseconds + pub build_mode: SgxBuildMode, +} + +type SignatureAlgorithms = &'static [&'static dyn webpki::types::SignatureVerificationAlgorithm]; +static SUPPORTED_SIG_ALGS: SignatureAlgorithms = &[ + webpki::ring::RSA_PKCS1_2048_8192_SHA256, + webpki::ring::RSA_PKCS1_2048_8192_SHA384, + webpki::ring::RSA_PKCS1_2048_8192_SHA512, + webpki::ring::RSA_PKCS1_3072_8192_SHA384, +]; + +//pub const IAS_REPORT_CA: &[u8] = include_bytes!("../AttestationReportSigningCACert.pem"); + +pub static IAS_SERVER_ROOTS: &[webpki::types::TrustAnchor<'static>; 1] = &[ + /* + * -----BEGIN CERTIFICATE----- + * MIIFSzCCA7OgAwIBAgIJANEHdl0yo7CUMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNV + * BAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwLU2FudGEgQ2xhcmExGjAYBgNV + * BAoMEUludGVsIENvcnBvcmF0aW9uMTAwLgYDVQQDDCdJbnRlbCBTR1ggQXR0ZXN0 + * YXRpb24gUmVwb3J0IFNpZ25pbmcgQ0EwIBcNMTYxMTE0MTUzNzMxWhgPMjA0OTEy + * MzEyMzU5NTlaMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwL + * U2FudGEgQ2xhcmExGjAYBgNVBAoMEUludGVsIENvcnBvcmF0aW9uMTAwLgYDVQQD + * DCdJbnRlbCBTR1ggQXR0ZXN0YXRpb24gUmVwb3J0IFNpZ25pbmcgQ0EwggGiMA0G + * CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCfPGR+tXc8u1EtJzLA10Feu1Wg+p7e + * LmSRmeaCHbkQ1TF3Nwl3RmpqXkeGzNLd69QUnWovYyVSndEMyYc3sHecGgfinEeh + * rgBJSEdsSJ9FpaFdesjsxqzGRa20PYdnnfWcCTvFoulpbFR4VBuXnnVLVzkUvlXT + * L/TAnd8nIZk0zZkFJ7P5LtePvykkar7LcSQO85wtcQe0R1Raf/sQ6wYKaKmFgCGe + * NpEJUmg4ktal4qgIAxk+QHUxQE42sxViN5mqglB0QJdUot/o9a/V/mMeH8KvOAiQ + * byinkNndn+Bgk5sSV5DFgF0DffVqmVMblt5p3jPtImzBIH0QQrXJq39AT8cRwP5H + * afuVeLHcDsRp6hol4P+ZFIhu8mmbI1u0hH3W/0C2BuYXB5PC+5izFFh/nP0lc2Lf + * 6rELO9LZdnOhpL1ExFOq9H/B8tPQ84T3Sgb4nAifDabNt/zu6MmCGo5U8lwEFtGM + * RoOaX4AS+909x00lYnmtwsDVWv9vBiJCXRsCAwEAAaOByTCBxjBgBgNVHR8EWTBX + * MFWgU6BRhk9odHRwOi8vdHJ1c3RlZHNlcnZpY2VzLmludGVsLmNvbS9jb250ZW50 + * L0NSTC9TR1gvQXR0ZXN0YXRpb25SZXBvcnRTaWduaW5nQ0EuY3JsMB0GA1UdDgQW + * BBR4Q3t2pn680K9+QjfrNXw7hwFRPDAfBgNVHSMEGDAWgBR4Q3t2pn680K9+Qjfr + * NXw7hwFRPDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkq + * hkiG9w0BAQsFAAOCAYEAeF8tYMXICvQqeXYQITkV2oLJsp6J4JAqJabHWxYJHGir + * IEqucRiJSSx+HjIJEUVaj8E0QjEud6Y5lNmXlcjqRXaCPOqK0eGRz6hi+ripMtPZ + * sFNaBwLQVV905SDjAzDzNIDnrcnXyB4gcDFCvwDFKKgLRjOB/WAqgscDUoGq5ZVi + * zLUzTqiQPmULAQaB9c6Oti6snEFJiCQ67JLyW/E83/frzCmO5Ru6WjU4tmsmy8Ra + * Ud4APK0wZTGtfPXU7w+IBdG5Ez0kE1qzxGQaL4gINJ1zMyleDnbuS8UicjJijvqA + * 152Sq049ESDz+1rRGc2NVEqh1KaGXmtXvqxXcTB+Ljy5Bw2ke0v8iGngFBPqCTVB + * 3op5KBG3RjbF6RRSzwzuWfL7QErNC8WEy5yDVARzTA5+xmBc388v9Dm21HGfcC8O + * DD+gT9sSpssq0ascmvH49MOgjt1yoysLtdCtJW/9FZpoOypaHx0R+mJTLwPXVMrv + * DaVzWh5aiEx+idkSGMnX + * -----END CERTIFICATE----- + */ + webpki::types::TrustAnchor { + subject: webpki::types::Der::from_slice(b"1\x0b0\t\x06\x03U\x04\x06\x13\x02US1\x0b0\t\x06\x03U\x04\x08\x0c\x02CA1\x140\x12\x06\x03U\x04\x07\x0c\x0bSanta Clara1\x1a0\x18\x06\x03U\x04\n\x0c\x11Intel Corporation100.\x06\x03U\x04\x03\x0c\'Intel SGX Attestation Report Signing CA"), + subject_public_key_info: webpki::types::Der::from_slice(b"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x8f\x000\x82\x01\x8a\x02\x82\x01\x81\x00\x9f@u1@N6\xb3\x15b7\x99\xaa\x82Pt@\x97T\xa2\xdf\xe8\xf5\xaf\xd5\xfec\x1e\x1f\xc2\xaf8\x08\x90o(\xa7\x90\xd9\xdd\x9f\xe0`\x93\x9b\x12W\x90\xc5\x80]\x03}\xf5j\x99S\x1b\x96\xdei\xde3\xed\"l\xc1 }\x10B\xb5\xc9\xab\x7f@O\xc7\x11\xc0\xfeGi\xfb\x95x\xb1\xdc\x0e\xc4i\xea\x1a%\xe0\xff\x99\x14\x88n\xf2i\x9b#[\xb4\x84}\xd6\xff@\xb6\x06\xe6\x17\x07\x93\xc2\xfb\x98\xb3\x14X\x7f\x9c\xfd%sb\xdf\xea\xb1\x0b;\xd2\xd9vs\xa1\xa4\xbdD\xc4S\xaa\xf4\x7f\xc1\xf2\xd3\xd0\xf3\x84\xf7J\x06\xf8\x9c\x08\x9f\r\xa6\xcd\xb7\xfc\xee\xe8\xc9\x82\x1a\x8eT\xf2\\\x04\x16\xd1\x8cF\x83\x9a_\x80\x12\xfb\xdd=\xc7M%by\xad\xc2\xc0\xd5Z\xffo\x06\"B]\x1b\x02\x03\x01\x00\x01"), + name_constraints: None + }, +]; + +/// The needed code for a trust anchor can be extracted using `webpki` with something like this: +/// println!("{:?}", webpki::TrustAnchor::try_from_cert_der(&root_cert)); +#[allow(clippy::zero_prefixed_literal)] +pub static DCAP_SERVER_ROOTS: &[webpki::types::TrustAnchor<'static>; 1] = + &[webpki::types::TrustAnchor { + subject: webpki::types::Der::from_slice(&[ + 49, 26, 48, 24, 06, 03, 85, 04, 03, 12, 17, 73, 110, 116, 101, 108, 32, 83, 71, 88, 32, + 82, 111, 111, 116, 32, 67, 65, 49, 26, 48, 24, 06, 03, 85, 04, 10, 12, 17, 73, 110, + 116, 101, 108, 32, 67, 111, 114, 112, 111, 114, 97, 116, 105, 111, 110, 49, 20, 48, 18, + 06, 03, 85, 04, 07, 12, 11, 83, 97, 110, 116, 97, 32, 67, 108, 97, 114, 97, 49, 11, 48, + 09, 06, 03, 85, 04, 08, 12, 02, 67, 65, 49, 11, 48, 09, 06, 03, 85, 04, 06, 19, 02, 85, + 83, + ]), + subject_public_key_info: webpki::types::Der::from_slice(&[ + 48, 19, 06, 07, 42, 134, 72, 206, 61, 02, 01, 06, 08, 42, 134, 72, 206, 61, 03, 01, 07, + 03, 66, 00, 04, 11, 169, 196, 192, 192, 200, 97, 147, 163, 254, 35, 214, 176, 44, 218, + 16, 168, 187, 212, 232, 142, 72, 180, 69, 133, 97, 163, 110, 112, 85, 37, 245, 103, + 145, 142, 46, 220, 136, 228, 13, 134, 11, 208, 204, 78, 226, 106, 172, 201, 136, 229, + 05, 169, 83, 85, 140, 69, 63, 107, 09, 04, 174, 115, 148, + ]), + name_constraints: None, + }]; + +/// Contains an unvalidated ias remote attestation certificate. +/// +/// Wrapper to implemented parsing and verification traits on it. +pub struct CertDer<'a>(&'a [u8]); + +/// Encode two 32-byte values in DER format +/// This is meant for 256 bit ECC signatures or public keys +pub fn encode_as_der(data: &[u8]) -> Result, &'static str> { + if data.len() != 64 { + return Result::Err("Key must be 64 bytes long"); + } + let mut sequence = der::asn1::SequenceOf::::new(); + sequence + .add(der::asn1::UIntRef::new(&data[0..32]).map_err(|_| "Invalid public key")?) + .map_err(|_| "Invalid public key")?; + sequence + .add(der::asn1::UIntRef::new(&data[32..]).map_err(|_| "Invalid public key")?) + .map_err(|_| "Invalid public key")?; + // 72 should be enough in all cases. 2 + 2 x (32 + 3) + let mut asn1 = vec![0u8; 72]; + let mut writer = der::SliceWriter::new(&mut asn1); + writer + .encode(&sequence) + .map_err(|_| "Could not encode public key to DER")?; + Ok(writer + .finish() + .map_err(|_| "Could not convert public key to DER")? + .to_vec()) +} + +/// Extracts the specified data into a `EnclaveIdentity` instance. +/// Also verifies that the data matches the given signature, was produced by the given certificate +/// and matches the data +pub fn deserialize_enclave_identity( + data: &[u8], + signature: &[u8], + certificate: &webpki::EndEntityCert, +) -> Result { + let signature = encode_as_der(signature)?; + verify_signature( + certificate, + data, + &signature, + webpki::ring::ECDSA_P256_SHA256, + )?; + serde_json::from_slice(data).map_err(|_| "Deserialization failed") +} + +/// Extracts the specified data into a `TcbInfo` instance. +/// Also verifies that the data matches the given signature, was produced by the given certificate +/// and matches the data +pub fn deserialize_tcb_info( + data: &[u8], + signature: &[u8], + certificate: &webpki::EndEntityCert, +) -> Result { + let signature = encode_as_der(signature)?; + verify_signature( + certificate, + data, + &signature, + webpki::ring::ECDSA_P256_SHA256, + )?; + serde_json::from_slice(data).map_err(|_| "Deserialization failed") +} + +/// Extract a list of certificates from a byte vec. The certificates must be separated by +/// `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----` markers +pub fn extract_certs(cert_chain: &[u8]) -> Vec> { + // The certificates should be valid UTF-8 but if not we continue. The certificate verification + // will fail at a later point. + let certs_concat = String::from_utf8_lossy(cert_chain); + let certs_concat = certs_concat.replace('\n', ""); + let certs_concat = certs_concat.replace("-----BEGIN CERTIFICATE-----", ""); + // Use the end marker to split the string into certificates + let parts = certs_concat.split("-----END CERTIFICATE-----"); + parts + .filter(|p| !p.is_empty()) + .filter_map(|p| base64::decode(p).ok()) + .collect() +} + +/// Verifies that the `leaf_cert` in combination with the `intermediate_certs` establishes +/// a valid certificate chain that is rooted in one of the trust anchors that was compiled into to +/// the pallet +pub fn verify_certificate_chain<'a>( + leaf_cert: &webpki::EndEntityCert<'a>, + intermediate_certs: &[webpki::types::CertificateDer<'a>], + verification_time: u64, +) -> Result<(), &'static str> { + let time = + webpki::types::UnixTime::since_unix_epoch(Duration::from_secs(verification_time / 1000)); + let sig_algs = &[webpki::ring::ECDSA_P256_SHA256]; + leaf_cert + .verify_for_usage( + sig_algs, + DCAP_SERVER_ROOTS, + intermediate_certs, + time, + webpki::KeyUsage::client_auth(), + None, + ) + .map_err(|_| "Invalid certificate chain")?; + Ok(()) +} +#[allow(unused)] +pub fn extract_tcb_info_from_raw_dcap_quote( + dcap_quote_raw: &[u8], +) -> Result<(Fmspc, TcbVersionStatus), &'static str> { + let mut dcap_quote_clone = dcap_quote_raw; + let quote: DcapQuote = + Decode::decode(&mut dcap_quote_clone).map_err(|_| "Failed to decode attestation report")?; + + ensure!(quote.header.version == 3, "Only support for version 3"); + ensure!( + quote.header.attestation_key_type == 2, + "Only support for ECDSA-256" + ); + ensure!( + quote + .quote_signature_data + .qe_certification_data + .certification_data_type + == 5, + "Only support for PEM formatted PCK Cert Chain" + ); + + let certs = extract_certs( + "e + .quote_signature_data + .qe_certification_data + .certification_data, + ); + + let (fmspc, tcb_info) = extract_tcb_info(&certs[0])?; + + Ok((fmspc, tcb_info)) +} + +pub fn verify_dcap_quote( + dcap_quote_raw: &[u8], + verification_time: u64, + qe: &QuotingEnclave, +) -> Result<(Fmspc, TcbVersionStatus, SgxReport), &'static str> { + let mut dcap_quote_clone = dcap_quote_raw; + let quote: DcapQuote = + Decode::decode(&mut dcap_quote_clone).map_err(|_| "Failed to decode attestation report")?; + + ensure!(quote.header.version == 3, "Only support for version 3"); + ensure!( + quote.header.attestation_key_type == 2, + "Only support for ECDSA-256" + ); + ensure!( + quote + .quote_signature_data + .qe_certification_data + .certification_data_type + == 5, + "Only support for PEM formatted PCK Cert Chain" + ); + ensure!( + quote.quote_signature_data.qe_report.verify(qe), + "Enclave rejected by quoting enclave" + ); + let mut xt_signer_array = [0u8; 32]; + xt_signer_array.copy_from_slice("e.body.report_data.d[..32]); + + let certs = extract_certs( + "e + .quote_signature_data + .qe_certification_data + .certification_data, + ); + ensure!( + certs.len() >= 2, + "Certificate chain must have at least two certificates" + ); + let intermediate_certificate_slices: Vec = + certs[1..].iter().map(|c| c.as_slice().into()).collect(); + let leaf_cert_der = webpki::types::CertificateDer::from(certs[0].as_slice()); + let leaf_cert = webpki::EndEntityCert::try_from(&leaf_cert_der) + .map_err(|_| "Failed to parse leaf certificate")?; + verify_certificate_chain( + &leaf_cert, + &intermediate_certificate_slices, + verification_time, + )?; + + let (fmspc, tcb_info) = extract_tcb_info(&certs[0])?; + + // For this part some understanding of the document (Especially chapter A.4: Quote Format) + // Intel® Software Guard Extensions (Intel® SGX) Data Center Attestation Primitives: ECDSA Quote + // Library API https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_SGX_ECDSA_QuoteLibReference_DCAP_API.pdf + + const AUTHENTICATION_DATA_SIZE: usize = 32; // This is actually variable but assume 32 for now. This is also hard-coded to 32 in the Intel + // DCAP repo + const DCAP_QUOTE_HEADER_SIZE: usize = core::mem::size_of::(); + const REPORT_SIZE: usize = core::mem::size_of::(); + const QUOTE_SIGNATURE_DATA_LEN_SIZE: usize = core::mem::size_of::(); + + let attestation_key_offset = DCAP_QUOTE_HEADER_SIZE + + REPORT_SIZE + + QUOTE_SIGNATURE_DATA_LEN_SIZE + + REPORT_SIGNATURE_SIZE; + let authentication_data_offset = attestation_key_offset + + ATTESTATION_KEY_SIZE + + REPORT_SIZE + + REPORT_SIGNATURE_SIZE + + core::mem::size_of::(); //Size of the QE authentication data. We ignore this for now and assume 32. See + // AUTHENTICATION_DATA_SIZE + let mut hash_data = [0u8; ATTESTATION_KEY_SIZE + AUTHENTICATION_DATA_SIZE]; + hash_data[0..ATTESTATION_KEY_SIZE].copy_from_slice( + &dcap_quote_raw[attestation_key_offset..(attestation_key_offset + ATTESTATION_KEY_SIZE)], + ); + hash_data[ATTESTATION_KEY_SIZE..].copy_from_slice( + &dcap_quote_raw + [authentication_data_offset..(authentication_data_offset + AUTHENTICATION_DATA_SIZE)], + ); + // Ensure that the hash matches the intel signed hash in the QE report. This establishes trust + // into the attestation key. + let hash = ring::digest::digest(&ring::digest::SHA256, &hash_data); + ensure!( + hash.as_ref() == "e.quote_signature_data.qe_report.report_data.d[0..32], + "Hashes must match" + ); + + let qe_report_offset = attestation_key_offset + ATTESTATION_KEY_SIZE; + let qe_report_slice = &dcap_quote_raw[qe_report_offset..(qe_report_offset + REPORT_SIZE)]; + let mut pub_key = [0x04u8; 65]; //Prepend 0x04 to specify uncompressed format + pub_key[1..].copy_from_slice("e.quote_signature_data.ecdsa_attestation_key); + + let peer_public_key = + signature::UnparsedPublicKey::new(&signature::ECDSA_P256_SHA256_FIXED, pub_key); + let isv_report_slice = &dcap_quote_raw[0..(DCAP_QUOTE_HEADER_SIZE + REPORT_SIZE)]; + // Verify that the enclave data matches the signature generated by the trusted attestation key. + // This establishes trust into the data of the enclave we actually want to verify + peer_public_key + .verify( + isv_report_slice, + "e.quote_signature_data.isv_enclave_report_signature, + ) + .map_err(|_| "Failed to verify report signature")?; + + // Verify that the QE report was signed by Intel. This establishes trust into the QE report. + let asn1_signature = encode_as_der("e.quote_signature_data.qe_report_signature)?; + verify_signature( + &leaf_cert, + qe_report_slice, + &asn1_signature, + webpki::ring::ECDSA_P256_SHA256, + )?; + + ensure!( + dcap_quote_clone.is_empty(), + "There should be no bytes left over after decoding" + ); + let report = SgxReport { + mr_enclave: quote.body.mr_enclave, + status: SgxStatus::Ok, + pubkey: xt_signer_array, + timestamp: verification_time, + build_mode: quote.body.sgx_build_mode(), + }; + Ok((fmspc, tcb_info, report)) +} + +// make sure this function doesn't panic! +pub fn verify_ias_report(cert_der: &[u8]) -> Result { + // Before we reach here, the runtime already verified the extrinsic is properly signed by the + // extrinsic sender Hence, we skip: EphemeralKey::try_from(cert)?; + let cert = CertDer(cert_der); + let netscape = NetscapeComment::try_from(cert)?; + let sig_cert_der = webpki::types::CertificateDer::from(netscape.sig_cert.as_slice()); + let sig_cert = webpki::EndEntityCert::try_from(&sig_cert_der).map_err(|_| "Bad der")?; + + verify_signature( + &sig_cert, + netscape.attestation_raw, + &netscape.sig, + webpki::ring::RSA_PKCS1_2048_8192_SHA256, + )?; + + // FIXME: now hardcoded. but certificate renewal would have to be done manually anyway... + // chain wasm update or by some sudo call + let valid_until = webpki::types::UnixTime::since_unix_epoch(Duration::from_secs(1573419050)); + verify_server_cert(&sig_cert, valid_until)?; + + parse_report(&netscape) +} + +fn parse_report(netscape: &NetscapeComment) -> Result { + let report_raw: &[u8] = netscape.attestation_raw; + // parse attestation report + let attn_report: Value = match serde_json::from_slice(report_raw) { + Ok(report) => report, + Err(_) => return Err("RA report parsing error"), + }; + + let _ra_timestamp = match &attn_report["timestamp"] { + Value::String(time) => { + let time_fixed = time.clone() + "+0000"; + match DateTime::parse_from_str(&time_fixed, "%Y-%m-%dT%H:%M:%S%.f%z") { + Ok(d) => d.timestamp(), + Err(_) => return Err("RA report timestamp parsing error"), + } + } + _ => return Err("Failed to fetch timestamp from attestation report"), + }; + + // in milliseconds + let ra_timestamp: u64 = (_ra_timestamp * 1000) + .try_into() + .map_err(|_| "Error converting report.timestamp to u64")?; + + // get quote status (mandatory field) + let ra_status = match &attn_report["isvEnclaveQuoteStatus"] { + Value::String(quote_status) => match quote_status.as_ref() { + "OK" => SgxStatus::Ok, + "GROUP_OUT_OF_DATE" => SgxStatus::GroupOutOfDate, + "GROUP_REVOKED" => SgxStatus::GroupRevoked, + "CONFIGURATION_NEEDED" => SgxStatus::ConfigurationNeeded, + _ => SgxStatus::Invalid, + }, + _ => return Err("Failed to fetch isvEnclaveQuoteStatus from attestation report"), + }; + + // parse quote body + if let Value::String(quote_raw) = &attn_report["isvEnclaveQuoteBody"] { + let quote = match base64::decode(quote_raw) { + Ok(q) => q, + Err(_) => return Err("Quote Decoding Error"), + }; + // TODO: lack security check here + let sgx_quote: SgxQuote = match Decode::decode(&mut "e[..]) { + Ok(q) => q, + Err(_) => return Err("could not decode quote"), + }; + + let mut xt_signer_array = [0u8; 32]; + xt_signer_array.copy_from_slice(&sgx_quote.report_body.report_data.d[..32]); + Ok(SgxReport { + mr_enclave: sgx_quote.report_body.mr_enclave, + status: ra_status, + pubkey: xt_signer_array, + timestamp: ra_timestamp, + build_mode: sgx_quote.report_body.sgx_build_mode(), + }) + } else { + Err("Failed to parse isvEnclaveQuoteBody from attestation report") + } +} + +/// * `signature` - Must be encoded in DER format. +pub fn verify_signature( + entity_cert: &webpki::EndEntityCert, + data: &[u8], + signature: &[u8], + signature_algorithm: &dyn webpki::types::SignatureVerificationAlgorithm, +) -> Result<(), &'static str> { + match entity_cert.verify_signature(signature_algorithm, data, signature) { + Ok(()) => Ok(()), + Err(_e) => Err("bad signature"), + } +} + +pub fn verify_server_cert( + sig_cert: &webpki::EndEntityCert, + timestamp_valid_until: webpki::types::UnixTime, +) -> Result<(), &'static str> { + let chain: Vec = Vec::new(); + match sig_cert.verify_for_usage( + SUPPORTED_SIG_ALGS, + IAS_SERVER_ROOTS, + &chain, + timestamp_valid_until, + webpki::KeyUsage::server_auth(), + None, + ) { + Ok(()) => Ok(()), + Err(_e) => Err("CA verification failed"), + } +} + +/// See document "Intel® Software Guard Extensions: PCK Certificate and Certificate Revocation List +/// Profile Specification" https://download.01.org/intel-sgx/dcap-1.2/linux/docs/Intel_SGX_PCK_Certificate_CRL_Spec-1.1.pdf +const INTEL_SGX_EXTENSION_OID: ObjectIdentifier = + ObjectIdentifier::new_unwrap("1.2.840.113741.1.13.1"); +const OID_FMSPC: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.2.840.113741.1.13.1.4"); +const OID_PCESVN: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.2.840.113741.1.13.1.2.17"); +const OID_CPUSVN: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.2.840.113741.1.13.1.2.18"); + +pub fn extract_tcb_info(cert: &[u8]) -> Result<(Fmspc, TcbVersionStatus), &'static str> { + let extension_section = get_intel_extension(cert)?; + + let fmspc = get_fmspc(&extension_section)?; + let cpusvn = get_cpusvn(&extension_section)?; + let pcesvn = get_pcesvn(&extension_section)?; + + Ok((fmspc, TcbVersionStatus::new(cpusvn, pcesvn))) +} + +fn get_intel_extension(der_encoded: &[u8]) -> Result, &'static str> { + let cert: Certificate = + der::Decode::from_der(der_encoded).map_err(|_| "Error parsing certificate")?; + let mut extension_iter = cert + .tbs_certificate + .extensions + .as_deref() + .unwrap_or(&[]) + .iter() + .filter(|e| e.extn_id == INTEL_SGX_EXTENSION_OID) + .map(|e| e.extn_value); + + let extension = extension_iter.next(); + ensure!( + extension.is_some() && extension_iter.next().is_none(), + "There should only be one section containing Intel extensions" + ); + // SAFETY: Ensured above that extension.is_some() == true + Ok(extension.unwrap().to_vec()) +} + +fn get_fmspc(der: &[u8]) -> Result { + let bytes_oid = OID_FMSPC.as_bytes(); + let mut offset = der + .windows(bytes_oid.len()) + .position(|window| window == bytes_oid) + .ok_or("Certificate does not contain 'FMSPC_OID'")?; + offset += 12; // length oid (10) + asn1 tag (1) + asn1 length10 (1) + + let fmspc_size = core::mem::size_of::() / core::mem::size_of::(); + let data = der + .get(offset..offset + fmspc_size) + .ok_or("Index out of bounds")?; + data.try_into().map_err(|_| "FMSPC must be 6 bytes long") +} + +fn get_cpusvn(der: &[u8]) -> Result { + let bytes_oid = OID_CPUSVN.as_bytes(); + let mut offset = der + .windows(bytes_oid.len()) + .position(|window| window == bytes_oid) + .ok_or("Certificate does not contain 'CPUSVN_OID'")?; + offset += 13; // length oid (11) + asn1 tag (1) + asn1 length10 (1) + + // CPUSVN is specified to have length 16 + let len = 16; + let data = der.get(offset..offset + len).ok_or("Index out of bounds")?; + data.try_into().map_err(|_| "CPUSVN must be 16 bytes long") +} + +fn get_pcesvn(der: &[u8]) -> Result { + let bytes_oid = OID_PCESVN.as_bytes(); + let mut offset = der + .windows(bytes_oid.len()) + .position(|window| window == bytes_oid) + .ok_or("Certificate does not contain 'PCESVN_OID'")?; + // length oid + asn1 tag (1 byte) + offset += bytes_oid.len() + 1; + // PCESVN can be 1 or 2 bytes + let len = length_from_raw_data(der, &mut offset)?; + offset += 1; // length_from_raw_data does not move the offset when the length is encoded in a single byte + ensure!(len == 1 || len == 2, "PCESVN must be 1 or 2 bytes"); + let data = der.get(offset..offset + len).ok_or("Index out of bounds")?; + if data.len() == 1 { + Ok(u16::from(data[0])) + } else { + // Unwrap is fine here as we check the length above + // DER integers are encoded in big endian + Ok(u16::from_be_bytes(data.try_into().unwrap())) + } +} diff --git a/common/primitives/core/src/teebag/sgx_verify/netscape_comment.rs b/common/primitives/core/src/teebag/sgx_verify/netscape_comment.rs new file mode 100644 index 0000000000..731a21eb0d --- /dev/null +++ b/common/primitives/core/src/teebag/sgx_verify/netscape_comment.rs @@ -0,0 +1,51 @@ +use super::{utils::length_from_raw_data, CertDer}; +use frame_support::ensure; +use sp_std::{convert::TryFrom, prelude::Vec}; + +pub struct NetscapeComment<'a> { + pub attestation_raw: &'a [u8], + pub sig: Vec, + pub sig_cert: Vec, +} + +pub const NS_CMT_OID: &[u8; 11] = &[ + 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x42, 0x01, 0x0D, +]; + +impl<'a> TryFrom> for NetscapeComment<'a> { + type Error = &'static str; + + fn try_from(value: CertDer<'a>) -> Result { + // Search for Netscape Comment OID + let cert_der = value.0; + + let mut offset = cert_der + .windows(NS_CMT_OID.len()) + .position(|window| window == NS_CMT_OID) + .ok_or("Certificate does not contain 'ns_cmt_oid'")?; + + offset += 12; // 11 + TAG (0x04) + + // Obtain Netscape Comment length + let len = length_from_raw_data(cert_der, &mut offset)?; + // Obtain Netscape Comment + offset += 1; + let netscape_raw = cert_der + .get(offset..offset + len) + .ok_or("Index out of bounds")? + .split(|x| *x == 0x7C) // 0x7C is the character '|' + .collect::>(); + ensure!(netscape_raw.len() == 3, "Invalid netscape payload"); + + let sig = base64::decode(netscape_raw[1]).map_err(|_| "Signature Decoding Error")?; + + let sig_cert = base64::decode_config(netscape_raw[2], base64::STANDARD) + .map_err(|_| "Cert Decoding Error")?; + + Ok(NetscapeComment { + attestation_raw: netscape_raw[0], + sig, + sig_cert, + }) + } +} diff --git a/parachain/pallets/teebag/src/sgx_verify/test/dcap/dcap_quote_cert.der b/common/primitives/core/src/teebag/sgx_verify/test/dcap/dcap_quote_cert.der similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/dcap/dcap_quote_cert.der rename to common/primitives/core/src/teebag/sgx_verify/test/dcap/dcap_quote_cert.der diff --git a/parachain/pallets/teebag/src/sgx_verify/test/dcap/pck_crl.der b/common/primitives/core/src/teebag/sgx_verify/test/dcap/pck_crl.der similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/dcap/pck_crl.der rename to common/primitives/core/src/teebag/sgx_verify/test/dcap/pck_crl.der diff --git a/parachain/pallets/teebag/src/sgx_verify/test/dcap/pck_crl_issuer_chain.pem b/common/primitives/core/src/teebag/sgx_verify/test/dcap/pck_crl_issuer_chain.pem similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/dcap/pck_crl_issuer_chain.pem rename to common/primitives/core/src/teebag/sgx_verify/test/dcap/pck_crl_issuer_chain.pem diff --git a/parachain/pallets/teebag/src/sgx_verify/test/dcap/qe_identity.json b/common/primitives/core/src/teebag/sgx_verify/test/dcap/qe_identity.json similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/dcap/qe_identity.json rename to common/primitives/core/src/teebag/sgx_verify/test/dcap/qe_identity.json diff --git a/parachain/pallets/teebag/src/sgx_verify/test/dcap/qe_identity_cert.pem b/common/primitives/core/src/teebag/sgx_verify/test/dcap/qe_identity_cert.pem similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/dcap/qe_identity_cert.pem rename to common/primitives/core/src/teebag/sgx_verify/test/dcap/qe_identity_cert.pem diff --git a/parachain/pallets/teebag/src/sgx_verify/test/dcap/qe_identity_issuer_chain.pem b/common/primitives/core/src/teebag/sgx_verify/test/dcap/qe_identity_issuer_chain.pem similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/dcap/qe_identity_issuer_chain.pem rename to common/primitives/core/src/teebag/sgx_verify/test/dcap/qe_identity_issuer_chain.pem diff --git a/parachain/pallets/teebag/src/sgx_verify/test/dcap/root_ca_crl.der b/common/primitives/core/src/teebag/sgx_verify/test/dcap/root_ca_crl.der similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/dcap/root_ca_crl.der rename to common/primitives/core/src/teebag/sgx_verify/test/dcap/root_ca_crl.der diff --git a/parachain/pallets/teebag/src/sgx_verify/test/dcap/tcb_info.json b/common/primitives/core/src/teebag/sgx_verify/test/dcap/tcb_info.json similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/dcap/tcb_info.json rename to common/primitives/core/src/teebag/sgx_verify/test/dcap/tcb_info.json diff --git a/parachain/pallets/teebag/src/sgx_verify/test/dcap/tcb_info_issuer_chain.pem b/common/primitives/core/src/teebag/sgx_verify/test/dcap/tcb_info_issuer_chain.pem similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/dcap/tcb_info_issuer_chain.pem rename to common/primitives/core/src/teebag/sgx_verify/test/dcap/tcb_info_issuer_chain.pem diff --git a/parachain/pallets/teebag/src/sgx_verify/test/enclave-signing-pubkey-TEST4.bin b/common/primitives/core/src/teebag/sgx_verify/test/enclave-signing-pubkey-TEST4.bin similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/enclave-signing-pubkey-TEST4.bin rename to common/primitives/core/src/teebag/sgx_verify/test/enclave-signing-pubkey-TEST4.bin diff --git a/parachain/pallets/teebag/src/sgx_verify/test/enclave-signing-pubkey-TEST5.bin b/common/primitives/core/src/teebag/sgx_verify/test/enclave-signing-pubkey-TEST5.bin similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/enclave-signing-pubkey-TEST5.bin rename to common/primitives/core/src/teebag/sgx_verify/test/enclave-signing-pubkey-TEST5.bin diff --git a/parachain/pallets/teebag/src/sgx_verify/test/enclave-signing-pubkey-TEST6.bin b/common/primitives/core/src/teebag/sgx_verify/test/enclave-signing-pubkey-TEST6.bin similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/enclave-signing-pubkey-TEST6.bin rename to common/primitives/core/src/teebag/sgx_verify/test/enclave-signing-pubkey-TEST6.bin diff --git a/parachain/pallets/teebag/src/sgx_verify/test/enclave-signing-pubkey-TEST7.bin b/common/primitives/core/src/teebag/sgx_verify/test/enclave-signing-pubkey-TEST7.bin similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/enclave-signing-pubkey-TEST7.bin rename to common/primitives/core/src/teebag/sgx_verify/test/enclave-signing-pubkey-TEST7.bin diff --git a/parachain/pallets/teebag/src/sgx_verify/test/enclave-signing-pubkey-TEST8-PRODUCTION.bin b/common/primitives/core/src/teebag/sgx_verify/test/enclave-signing-pubkey-TEST8-PRODUCTION.bin similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/enclave-signing-pubkey-TEST8-PRODUCTION.bin rename to common/primitives/core/src/teebag/sgx_verify/test/enclave-signing-pubkey-TEST8-PRODUCTION.bin diff --git a/parachain/pallets/teebag/src/sgx_verify/test/ra_dump_cert_TEST4.der b/common/primitives/core/src/teebag/sgx_verify/test/ra_dump_cert_TEST4.der similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/ra_dump_cert_TEST4.der rename to common/primitives/core/src/teebag/sgx_verify/test/ra_dump_cert_TEST4.der diff --git a/parachain/pallets/teebag/src/sgx_verify/test/ra_dump_cert_TEST5.der b/common/primitives/core/src/teebag/sgx_verify/test/ra_dump_cert_TEST5.der similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/ra_dump_cert_TEST5.der rename to common/primitives/core/src/teebag/sgx_verify/test/ra_dump_cert_TEST5.der diff --git a/parachain/pallets/teebag/src/sgx_verify/test/ra_dump_cert_TEST6.der b/common/primitives/core/src/teebag/sgx_verify/test/ra_dump_cert_TEST6.der similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/ra_dump_cert_TEST6.der rename to common/primitives/core/src/teebag/sgx_verify/test/ra_dump_cert_TEST6.der diff --git a/parachain/pallets/teebag/src/sgx_verify/test/ra_dump_cert_TEST7.der b/common/primitives/core/src/teebag/sgx_verify/test/ra_dump_cert_TEST7.der similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/ra_dump_cert_TEST7.der rename to common/primitives/core/src/teebag/sgx_verify/test/ra_dump_cert_TEST7.der diff --git a/parachain/pallets/teebag/src/sgx_verify/test/ra_dump_cert_TEST8_PRODUCTION.der b/common/primitives/core/src/teebag/sgx_verify/test/ra_dump_cert_TEST8_PRODUCTION.der similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/ra_dump_cert_TEST8_PRODUCTION.der rename to common/primitives/core/src/teebag/sgx_verify/test/ra_dump_cert_TEST8_PRODUCTION.der diff --git a/parachain/pallets/teebag/src/sgx_verify/test/test_ra_cert_MRSIGNER1_MRENCLAVE1.der b/common/primitives/core/src/teebag/sgx_verify/test/test_ra_cert_MRSIGNER1_MRENCLAVE1.der similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/test_ra_cert_MRSIGNER1_MRENCLAVE1.der rename to common/primitives/core/src/teebag/sgx_verify/test/test_ra_cert_MRSIGNER1_MRENCLAVE1.der diff --git a/parachain/pallets/teebag/src/sgx_verify/test/test_ra_cert_MRSIGNER2_MRENCLAVE2.der b/common/primitives/core/src/teebag/sgx_verify/test/test_ra_cert_MRSIGNER2_MRENCLAVE2.der similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/test_ra_cert_MRSIGNER2_MRENCLAVE2.der rename to common/primitives/core/src/teebag/sgx_verify/test/test_ra_cert_MRSIGNER2_MRENCLAVE2.der diff --git a/parachain/pallets/teebag/src/sgx_verify/test/test_ra_cert_MRSIGNER3_MRENCLAVE2.der b/common/primitives/core/src/teebag/sgx_verify/test/test_ra_cert_MRSIGNER3_MRENCLAVE2.der similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/test_ra_cert_MRSIGNER3_MRENCLAVE2.der rename to common/primitives/core/src/teebag/sgx_verify/test/test_ra_cert_MRSIGNER3_MRENCLAVE2.der diff --git a/parachain/pallets/teebag/src/sgx_verify/test/test_ra_signer_attn_MRSIGNER1_MRENCLAVE1.bin b/common/primitives/core/src/teebag/sgx_verify/test/test_ra_signer_attn_MRSIGNER1_MRENCLAVE1.bin similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/test_ra_signer_attn_MRSIGNER1_MRENCLAVE1.bin rename to common/primitives/core/src/teebag/sgx_verify/test/test_ra_signer_attn_MRSIGNER1_MRENCLAVE1.bin diff --git a/parachain/pallets/teebag/src/sgx_verify/test/test_ra_signer_attn_MRSIGNER2_MRENCLAVE2.bin b/common/primitives/core/src/teebag/sgx_verify/test/test_ra_signer_attn_MRSIGNER2_MRENCLAVE2.bin similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/test_ra_signer_attn_MRSIGNER2_MRENCLAVE2.bin rename to common/primitives/core/src/teebag/sgx_verify/test/test_ra_signer_attn_MRSIGNER2_MRENCLAVE2.bin diff --git a/parachain/pallets/teebag/src/sgx_verify/test/test_ra_signer_attn_MRSIGNER3_MRENCLAVE2.bin b/common/primitives/core/src/teebag/sgx_verify/test/test_ra_signer_attn_MRSIGNER3_MRENCLAVE2.bin similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/test_ra_signer_attn_MRSIGNER3_MRENCLAVE2.bin rename to common/primitives/core/src/teebag/sgx_verify/test/test_ra_signer_attn_MRSIGNER3_MRENCLAVE2.bin diff --git a/parachain/pallets/teebag/src/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER1_MRENCLAVE1.bin b/common/primitives/core/src/teebag/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER1_MRENCLAVE1.bin similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER1_MRENCLAVE1.bin rename to common/primitives/core/src/teebag/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER1_MRENCLAVE1.bin diff --git a/parachain/pallets/teebag/src/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER2_MRENCLAVE2.bin b/common/primitives/core/src/teebag/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER2_MRENCLAVE2.bin similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER2_MRENCLAVE2.bin rename to common/primitives/core/src/teebag/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER2_MRENCLAVE2.bin diff --git a/parachain/pallets/teebag/src/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER3_MRENCLAVE2.bin b/common/primitives/core/src/teebag/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER3_MRENCLAVE2.bin similarity index 100% rename from parachain/pallets/teebag/src/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER3_MRENCLAVE2.bin rename to common/primitives/core/src/teebag/sgx_verify/test/test_ra_signer_pubkey_MRSIGNER3_MRENCLAVE2.bin diff --git a/parachain/pallets/teebag/src/sgx_verify/tests.rs b/common/primitives/core/src/teebag/sgx_verify/tests.rs similarity index 59% rename from parachain/pallets/teebag/src/sgx_verify/tests.rs rename to common/primitives/core/src/teebag/sgx_verify/tests.rs index 58916016c7..f2459838a9 100644 --- a/parachain/pallets/teebag/src/sgx_verify/tests.rs +++ b/common/primitives/core/src/teebag/sgx_verify/tests.rs @@ -1,8 +1,8 @@ #![allow(dead_code, unused_imports, const_item_mutation)] use super::{ - collateral::{EnclaveIdentitySigned, TcbInfoSigned}, - *, + collateral::{EnclaveIdentitySigned, TcbInfoSigned}, + *, }; use frame_support::assert_err; use hex_literal::hex; @@ -19,19 +19,19 @@ const TEST7_CERT: &[u8] = include_bytes!("./test/ra_dump_cert_TEST7.der"); const TEST8_CERT: &[u8] = include_bytes!("./test/ra_dump_cert_TEST8_PRODUCTION.der"); const TEST1_SIGNER_ATTN: &[u8] = - include_bytes!("./test/test_ra_signer_attn_MRSIGNER1_MRENCLAVE1.bin"); + include_bytes!("./test/test_ra_signer_attn_MRSIGNER1_MRENCLAVE1.bin"); const TEST2_SIGNER_ATTN: &[u8] = - include_bytes!("./test/test_ra_signer_attn_MRSIGNER2_MRENCLAVE2.bin"); + include_bytes!("./test/test_ra_signer_attn_MRSIGNER2_MRENCLAVE2.bin"); const TEST3_SIGNER_ATTN: &[u8] = - include_bytes!("./test/test_ra_signer_attn_MRSIGNER3_MRENCLAVE2.bin"); + include_bytes!("./test/test_ra_signer_attn_MRSIGNER3_MRENCLAVE2.bin"); // reproduce with "litentry-worker signing-key" const TEST1_SIGNER_PUB: &[u8] = - include_bytes!("./test/test_ra_signer_pubkey_MRSIGNER1_MRENCLAVE1.bin"); + include_bytes!("./test/test_ra_signer_pubkey_MRSIGNER1_MRENCLAVE1.bin"); const TEST2_SIGNER_PUB: &[u8] = - include_bytes!("./test/test_ra_signer_pubkey_MRSIGNER2_MRENCLAVE2.bin"); + include_bytes!("./test/test_ra_signer_pubkey_MRSIGNER2_MRENCLAVE2.bin"); const TEST3_SIGNER_PUB: &[u8] = - include_bytes!("./test/test_ra_signer_pubkey_MRSIGNER3_MRENCLAVE2.bin"); + include_bytes!("./test/test_ra_signer_pubkey_MRSIGNER3_MRENCLAVE2.bin"); const TEST4_SIGNER_PUB: &[u8] = include_bytes!("./test/enclave-signing-pubkey-TEST4.bin"); // equal to TEST4! const TEST5_SIGNER_PUB: &[u8] = include_bytes!("./test/enclave-signing-pubkey-TEST5.bin"); @@ -43,34 +43,34 @@ const PCK_CRL: &[u8] = include_bytes!("./test/dcap/pck_crl.der"); // reproduce with "make mrenclave" in worker repo root const TEST1_MRENCLAVE: &[u8] = &[ - 62, 252, 187, 232, 60, 135, 108, 204, 87, 78, 35, 169, 241, 237, 106, 217, 251, 241, 99, 189, - 138, 157, 86, 136, 77, 91, 93, 23, 192, 104, 140, 167, + 62, 252, 187, 232, 60, 135, 108, 204, 87, 78, 35, 169, 241, 237, 106, 217, 251, 241, 99, 189, + 138, 157, 86, 136, 77, 91, 93, 23, 192, 104, 140, 167, ]; const TEST2_MRENCLAVE: &[u8] = &[ - 4, 190, 230, 132, 211, 129, 59, 237, 101, 78, 55, 174, 144, 177, 91, 134, 1, 240, 27, 174, 81, - 139, 8, 22, 32, 241, 228, 103, 189, 43, 44, 102, + 4, 190, 230, 132, 211, 129, 59, 237, 101, 78, 55, 174, 144, 177, 91, 134, 1, 240, 27, 174, 81, + 139, 8, 22, 32, 241, 228, 103, 189, 43, 44, 102, ]; const TEST3_MRENCLAVE: &[u8] = &[ - 4, 190, 230, 132, 211, 129, 59, 237, 101, 78, 55, 174, 144, 177, 91, 134, 1, 240, 27, 174, 81, - 139, 8, 22, 32, 241, 228, 103, 189, 43, 44, 102, + 4, 190, 230, 132, 211, 129, 59, 237, 101, 78, 55, 174, 144, 177, 91, 134, 1, 240, 27, 174, 81, + 139, 8, 22, 32, 241, 228, 103, 189, 43, 44, 102, ]; // MRSIGNER is 83d719e77deaca1470f6baf62a4d774303c899db69020f9c70ee1dfc08c7ce9e const TEST4_MRENCLAVE: MrEnclave = - hex!("7a3454ec8f42e265cb5be7dfd111e1d95ac6076ed82a0948b2e2a45cf17b62a0"); + hex!("7a3454ec8f42e265cb5be7dfd111e1d95ac6076ed82a0948b2e2a45cf17b62a0"); const TEST5_MRENCLAVE: MrEnclave = - hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d1"); + hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d1"); // equal to TEST5! const TEST6_MRENCLAVE: MrEnclave = - hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d1"); + hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d1"); // equal to TEST6! const TEST7_MRENCLAVE: MrEnclave = - hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d1"); + hex!("f4dedfc9e5fcc48443332bc9b23161c34a3c3f5a692eaffdb228db27b704d9d1"); // production mode // MRSIGNER is 117f95f65f06afb5764b572156b8b525c6230db7d6b1c94e8ebdb7fba068f4e8 const TEST8_MRENCLAVE: MrEnclave = - hex!("bcf66abfc6b3ef259e9ecfe4cf8df667a7f5a546525dee16822741b38f6e6050"); + hex!("bcf66abfc6b3ef259e9ecfe4cf8df667a7f5a546525dee16822741b38f6e6050"); // unix epoch. must be later than this const TEST1_TIMESTAMP: i64 = 1580587262i64; @@ -115,150 +115,174 @@ const CERT_TOO_SHORT2: &[u8] = b"0\x82\x0c\x8c0"; #[test] fn verify_ias_report_should_work() { - let _signer_attn: [u32; 16] = Decode::decode(&mut TEST1_SIGNER_ATTN).unwrap(); - let report = verify_ias_report(TEST4_CERT); - let report = report.unwrap(); - assert_eq!(report.mr_enclave, TEST4_MRENCLAVE); - assert!(report.timestamp >= TEST1_TIMESTAMP.try_into().unwrap()); - assert_eq!(report.pubkey, TEST4_SIGNER_PUB); - //assert_eq!(report.status, SgxStatus::GroupOutOfDate); - assert_eq!(report.status, SgxStatus::ConfigurationNeeded); - assert_eq!(report.build_mode, SgxBuildMode::Debug); + let _signer_attn: [u32; 16] = Decode::decode(&mut TEST1_SIGNER_ATTN).unwrap(); + let report = verify_ias_report(TEST4_CERT); + let report = report.unwrap(); + assert_eq!(report.mr_enclave, TEST4_MRENCLAVE); + assert!(report.timestamp >= TEST1_TIMESTAMP.try_into().unwrap()); + assert_eq!(report.pubkey, TEST4_SIGNER_PUB); + //assert_eq!(report.status, SgxStatus::GroupOutOfDate); + assert_eq!(report.status, SgxStatus::ConfigurationNeeded); + assert_eq!(report.build_mode, SgxBuildMode::Debug); } #[test] fn verify_zero_length_cert_returns_err() { - // CERT empty, argument 2 and 3 are wrong too! - let _signer_attn: [u32; 16] = Decode::decode(&mut TEST1_SIGNER_ATTN).unwrap(); - assert!(verify_ias_report(&Vec::new()[..]).is_err()) + // CERT empty, argument 2 and 3 are wrong too! + let _signer_attn: [u32; 16] = Decode::decode(&mut TEST1_SIGNER_ATTN).unwrap(); + assert!(verify_ias_report(&Vec::new()[..]).is_err()) } #[test] fn verify_wrong_cert_is_err() { - // CERT wrong, argument 2 and 3 are wrong too! - let _signer_attn: [u32; 16] = Decode::decode(&mut TEST1_SIGNER_ATTN).unwrap(); - assert!(verify_ias_report(CERT_WRONG_PLATFORM_BLOB).is_err()) + // CERT wrong, argument 2 and 3 are wrong too! + let _signer_attn: [u32; 16] = Decode::decode(&mut TEST1_SIGNER_ATTN).unwrap(); + assert!(verify_ias_report(CERT_WRONG_PLATFORM_BLOB).is_err()) } #[test] fn verify_wrong_fake_enclave_quote_is_err() { - // quote wrong, argument 2 and 3 are wrong too! - let _signer_attn: [u32; 16] = Decode::decode(&mut TEST1_SIGNER_ATTN).unwrap(); - assert!(verify_ias_report(CERT_FAKE_QUOTE_STATUS).is_err()) + // quote wrong, argument 2 and 3 are wrong too! + let _signer_attn: [u32; 16] = Decode::decode(&mut TEST1_SIGNER_ATTN).unwrap(); + assert!(verify_ias_report(CERT_FAKE_QUOTE_STATUS).is_err()) } #[test] fn verify_wrong_sig_is_err() { - // sig wrong, argument 2 and 3 are wrong too! - let _signer_attn: [u32; 16] = Decode::decode(&mut TEST1_SIGNER_ATTN).unwrap(); - assert!(verify_ias_report(CERT_WRONG_SIG).is_err()) + // sig wrong, argument 2 and 3 are wrong too! + let _signer_attn: [u32; 16] = Decode::decode(&mut TEST1_SIGNER_ATTN).unwrap(); + assert!(verify_ias_report(CERT_WRONG_SIG).is_err()) } #[test] fn verify_short_cert_is_err() { - let _signer_attn: [u32; 16] = Decode::decode(&mut TEST1_SIGNER_ATTN).unwrap(); - assert!(verify_ias_report(CERT_TOO_SHORT1).is_err()); - assert!(verify_ias_report(CERT_TOO_SHORT2).is_err()); + let _signer_attn: [u32; 16] = Decode::decode(&mut TEST1_SIGNER_ATTN).unwrap(); + assert!(verify_ias_report(CERT_TOO_SHORT1).is_err()); + assert!(verify_ias_report(CERT_TOO_SHORT2).is_err()); } #[test] fn fix_incorrect_handling_of_iterator() { - // In `verify_ias_report` we called `iter.next()` with unwrap three times, which could fail - // for certain invalid reports as the one in this test. This test verifies that the issue - // has been fixed. - // - // For context, see: https://github.com/integritee-network/pallet-teerex/issues/35 - - let report: [u8; 56] = [ - 224, 224, 224, 224, 224, 224, 224, 224, 235, 2, 0, 1, 5, 40, 0, 8, 255, 6, 8, 42, 134, 72, - 206, 61, 3, 1, 7, 0, 2, 183, 64, 48, 48, 0, 1, 10, 23, 3, 6, 9, 96, 134, 72, 1, 134, 248, - 66, 1, 13, 0, 0, 0, 13, 1, 14, 177, - ]; - - assert_err!(verify_ias_report(&report), "Invalid netscape payload"); + // In `verify_ias_report` we called `iter.next()` with unwrap three times, which could fail + // for certain invalid reports as the one in this test. This test verifies that the issue + // has been fixed. + // + // For context, see: https://github.com/integritee-network/pallet-teerex/issues/35 + + let report: [u8; 56] = [ + 224, 224, 224, 224, 224, 224, 224, 224, 235, 2, 0, 1, 5, 40, 0, 8, 255, 6, 8, 42, 134, 72, + 206, 61, 3, 1, 7, 0, 2, 183, 64, 48, 48, 0, 1, 10, 23, 3, 6, 9, 96, 134, 72, 1, 134, 248, + 66, 1, 13, 0, 0, 0, 13, 1, 14, 177, + ]; + + assert_err!(verify_ias_report(&report), "Invalid netscape payload"); } #[test] fn verify_sgx_build_mode_works() { - //verify report from enclave in debug mode - let report = verify_ias_report(TEST4_CERT); - let report = report.unwrap(); - assert_eq!(report.build_mode, SgxBuildMode::Debug); - //verify report from enclave in production mode - let report = verify_ias_report(TEST8_CERT); - let report = report.unwrap(); - assert_eq!(report.build_mode, SgxBuildMode::Production); + //verify report from enclave in debug mode + let report = verify_ias_report(TEST4_CERT); + let report = report.unwrap(); + assert_eq!(report.build_mode, SgxBuildMode::Debug); + //verify report from enclave in production mode + let report = verify_ias_report(TEST8_CERT); + let report = report.unwrap(); + assert_eq!(report.build_mode, SgxBuildMode::Production); } #[test] fn decode_qe_authentication_data() { - assert!(QeAuthenticationData::decode(&mut &[0u8][..]).is_err()); - assert!(QeAuthenticationData::decode(&mut &[1u8][..]).is_err()); - assert_eq!(0, QeAuthenticationData::decode(&mut &[0u8, 0][..]).unwrap().size); - let d = QeAuthenticationData::decode(&mut &[1u8, 0, 5][..]).unwrap(); - assert_eq!(1, d.size); - assert_eq!(5, d.certification_data[0]); + assert!(QeAuthenticationData::decode(&mut &[0u8][..]).is_err()); + assert!(QeAuthenticationData::decode(&mut &[1u8][..]).is_err()); + assert_eq!( + 0, + QeAuthenticationData::decode(&mut &[0u8, 0][..]) + .unwrap() + .size + ); + let d = QeAuthenticationData::decode(&mut &[1u8, 0, 5][..]).unwrap(); + assert_eq!(1, d.size); + assert_eq!(5, d.certification_data[0]); } #[test] fn decode_qe_certification_data() { - assert!(QeCertificationData::decode(&mut &[0u8][..]).is_err()); - assert!(QeCertificationData::decode(&mut &[1u8, 0, 0, 0, 0][..]).is_err()); - assert_eq!(0, QeCertificationData::decode(&mut &[0u8, 0, 0, 0, 0, 0][..]).unwrap().size); - let d = QeCertificationData::decode(&mut &[0u8, 0, 1, 0, 0, 0, 5][..]).unwrap(); - assert_eq!(1, d.size); - assert_eq!(5, d.certification_data[0]); - assert!(QeCertificationData::decode(&mut &[0u8, 0, 2, 0, 0, 0, 5][..]).is_err()); + assert!(QeCertificationData::decode(&mut &[0u8][..]).is_err()); + assert!(QeCertificationData::decode(&mut &[1u8, 0, 0, 0, 0][..]).is_err()); + assert_eq!( + 0, + QeCertificationData::decode(&mut &[0u8, 0, 0, 0, 0, 0][..]) + .unwrap() + .size + ); + let d = QeCertificationData::decode(&mut &[0u8, 0, 1, 0, 0, 0, 5][..]).unwrap(); + assert_eq!(1, d.size); + assert_eq!(5, d.certification_data[0]); + assert!(QeCertificationData::decode(&mut &[0u8, 0, 2, 0, 0, 0, 5][..]).is_err()); } #[test] fn deserialize_qe_identity_works() { - let certs = extract_certs(include_bytes!("./test/dcap/qe_identity_issuer_chain.pem")); - let intermediate_slices: Vec = - certs[1..].iter().map(|c| c.as_slice().into()).collect(); - let leaf_cert_der = webpki::types::CertificateDer::from(certs[0].as_slice()); - let leaf_cert = webpki::EndEntityCert::try_from(&leaf_cert_der).unwrap(); - verify_certificate_chain(&leaf_cert, &intermediate_slices, COLLATERAL_VERIFICATION_TIMESTAMP) - .unwrap(); - let json: EnclaveIdentitySigned = - serde_json::from_slice(include_bytes!("./test/dcap/qe_identity.json")).unwrap(); - let json_data = serde_json::to_vec(&json.enclave_identity).unwrap(); - let signature = hex::decode(json.signature).unwrap(); - - let e = deserialize_enclave_identity(&json_data, &signature, &leaf_cert).unwrap(); - assert_eq!(1, e.isvprodid); - assert_eq!(5, e.tcb_levels.len()); + let certs = extract_certs(include_bytes!("./test/dcap/qe_identity_issuer_chain.pem")); + let intermediate_slices: Vec = + certs[1..].iter().map(|c| c.as_slice().into()).collect(); + let leaf_cert_der = webpki::types::CertificateDer::from(certs[0].as_slice()); + let leaf_cert = webpki::EndEntityCert::try_from(&leaf_cert_der).unwrap(); + verify_certificate_chain( + &leaf_cert, + &intermediate_slices, + COLLATERAL_VERIFICATION_TIMESTAMP, + ) + .unwrap(); + let json: EnclaveIdentitySigned = + serde_json::from_slice(include_bytes!("./test/dcap/qe_identity.json")).unwrap(); + let json_data = serde_json::to_vec(&json.enclave_identity).unwrap(); + let signature = hex::decode(json.signature).unwrap(); + + let e = deserialize_enclave_identity(&json_data, &signature, &leaf_cert).unwrap(); + assert_eq!(1, e.isvprodid); + assert_eq!(5, e.tcb_levels.len()); } #[test] fn deserialize_tcb_info_works() { - let certs = extract_certs(include_bytes!("./test/dcap/tcb_info_issuer_chain.pem")); - let intermediate_slices: Vec = - certs[1..].iter().map(|c| c.as_slice().into()).collect(); - let leaf_cert_der = webpki::types::CertificateDer::from(certs[0].as_slice()); - let leaf_cert = webpki::EndEntityCert::try_from(&leaf_cert_der).unwrap(); - verify_certificate_chain(&leaf_cert, &intermediate_slices, COLLATERAL_VERIFICATION_TIMESTAMP) - .unwrap(); - let json: TcbInfoSigned = - serde_json::from_slice(include_bytes!("./test/dcap/tcb_info.json")).unwrap(); - - let json_data = serde_json::to_vec(&json.tcb_info).unwrap(); - let signature = hex::decode(json.signature).unwrap(); - - let _e = deserialize_tcb_info(&json_data, &signature, &leaf_cert).unwrap(); - assert_eq!(hex!("00906EA10000"), json.tcb_info.fmspc); + let certs = extract_certs(include_bytes!("./test/dcap/tcb_info_issuer_chain.pem")); + let intermediate_slices: Vec = + certs[1..].iter().map(|c| c.as_slice().into()).collect(); + let leaf_cert_der = webpki::types::CertificateDer::from(certs[0].as_slice()); + let leaf_cert = webpki::EndEntityCert::try_from(&leaf_cert_der).unwrap(); + verify_certificate_chain( + &leaf_cert, + &intermediate_slices, + COLLATERAL_VERIFICATION_TIMESTAMP, + ) + .unwrap(); + let json: TcbInfoSigned = + serde_json::from_slice(include_bytes!("./test/dcap/tcb_info.json")).unwrap(); + + let json_data = serde_json::to_vec(&json.tcb_info).unwrap(); + let signature = hex::decode(json.signature).unwrap(); + + let _e = deserialize_tcb_info(&json_data, &signature, &leaf_cert).unwrap(); + assert_eq!(hex!("00906EA10000"), json.tcb_info.fmspc); } #[test] fn verify_tcb_info_signature() { - let cert = QE_IDENTITY_CERT.replace('\n', ""); - let leaf_cert = base64::decode(cert).unwrap(); - let leaf_cert_der = webpki::types::CertificateDer::from(leaf_cert.as_slice()); - let leaf_cert = webpki::EndEntityCert::try_from(&leaf_cert_der).unwrap(); - let data = br#"{"version":2,"issueDate":"2022-10-18T21:45:02Z","nextUpdate":"2022-11-17T21:45:02Z","fmspc":"00906EA10000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":12,"tcbLevels":[{"tcb":{"sgxtcbcomp01svn":17,"sgxtcbcomp02svn":17,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":7,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":11},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"SWHardeningNeeded"},{"tcb":{"sgxtcbcomp01svn":17,"sgxtcbcomp02svn":17,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":7,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":17,"sgxtcbcomp02svn":17,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":11},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"ConfigurationAndSWHardeningNeeded"},{"tcb":{"sgxtcbcomp01svn":17,"sgxtcbcomp02svn":17,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":15,"sgxtcbcomp02svn":15,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":7,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2020-06-10T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":15,"sgxtcbcomp02svn":15,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2020-06-10T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":14,"sgxtcbcomp02svn":14,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":7,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2019-12-11T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":14,"sgxtcbcomp02svn":14,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2019-12-11T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":13,"sgxtcbcomp02svn":13,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":3,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":9},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":13,"sgxtcbcomp02svn":13,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":9},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":6,"sgxtcbcomp02svn":6,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":1,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":7},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":6,"sgxtcbcomp02svn":6,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":7},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":5,"sgxtcbcomp02svn":5,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":1,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":7},"tcbDate":"2019-01-09T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":5,"sgxtcbcomp02svn":5,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":1,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":6},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":5,"sgxtcbcomp02svn":5,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":7},"tcbDate":"2019-01-09T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":5,"sgxtcbcomp02svn":5,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":6},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":4,"sgxtcbcomp02svn":4,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":5},"tcbDate":"2018-01-04T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":2,"sgxtcbcomp02svn":2,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":4},"tcbDate":"2017-07-26T00:00:00Z","tcbStatus":"OutOfDate"}]}"#; - let signature = hex!("e0cc3102e9ffdb21cf156ba30f13d027210ab11f3bff349e670e4c49b2f0cb6889c7eeb436149c7efe53e15c97e6ec3fc9f34c3440e732a4c760f8eb91834a36"); - let signature = encode_as_der(&signature).unwrap(); - verify_signature(&leaf_cert, data, &signature, webpki::ring::ECDSA_P256_SHA256).unwrap(); + let cert = QE_IDENTITY_CERT.replace('\n', ""); + let leaf_cert = base64::decode(cert).unwrap(); + let leaf_cert_der = webpki::types::CertificateDer::from(leaf_cert.as_slice()); + let leaf_cert = webpki::EndEntityCert::try_from(&leaf_cert_der).unwrap(); + let data = br#"{"version":2,"issueDate":"2022-10-18T21:45:02Z","nextUpdate":"2022-11-17T21:45:02Z","fmspc":"00906EA10000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":12,"tcbLevels":[{"tcb":{"sgxtcbcomp01svn":17,"sgxtcbcomp02svn":17,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":7,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":11},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"SWHardeningNeeded"},{"tcb":{"sgxtcbcomp01svn":17,"sgxtcbcomp02svn":17,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":7,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":17,"sgxtcbcomp02svn":17,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":11},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"ConfigurationAndSWHardeningNeeded"},{"tcb":{"sgxtcbcomp01svn":17,"sgxtcbcomp02svn":17,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":15,"sgxtcbcomp02svn":15,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":7,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2020-06-10T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":15,"sgxtcbcomp02svn":15,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2020-06-10T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":14,"sgxtcbcomp02svn":14,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":7,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2019-12-11T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":14,"sgxtcbcomp02svn":14,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2019-12-11T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":13,"sgxtcbcomp02svn":13,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":3,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":9},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":13,"sgxtcbcomp02svn":13,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":9},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":6,"sgxtcbcomp02svn":6,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":1,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":7},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":6,"sgxtcbcomp02svn":6,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":7},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":5,"sgxtcbcomp02svn":5,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":1,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":7},"tcbDate":"2019-01-09T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":5,"sgxtcbcomp02svn":5,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":1,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":6},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":5,"sgxtcbcomp02svn":5,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":7},"tcbDate":"2019-01-09T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":5,"sgxtcbcomp02svn":5,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":6},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":4,"sgxtcbcomp02svn":4,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":5},"tcbDate":"2018-01-04T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":2,"sgxtcbcomp02svn":2,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":4},"tcbDate":"2017-07-26T00:00:00Z","tcbStatus":"OutOfDate"}]}"#; + let signature = hex!("e0cc3102e9ffdb21cf156ba30f13d027210ab11f3bff349e670e4c49b2f0cb6889c7eeb436149c7efe53e15c97e6ec3fc9f34c3440e732a4c760f8eb91834a36"); + let signature = encode_as_der(&signature).unwrap(); + verify_signature( + &leaf_cert, + data, + &signature, + webpki::ring::ECDSA_P256_SHA256, + ) + .unwrap(); } /// This is demo code of how a CRL certificate can be parsed and how the revoked serials can be @@ -266,33 +290,33 @@ fn verify_tcb_info_signature() { /// TODO: Implement CRL handling #[test] fn parse_pck_crl() { - let crl_decoded = hex::decode(PCK_CRL).unwrap(); - let crl: x509_cert::crl::CertificateList = der::Decode::from_der(&crl_decoded).unwrap(); - - let mut serials = vec![]; - if let Some(certs) = crl.tbs_cert_list.revoked_certificates { - for c in certs { - let serial = c.serial_number.as_bytes().to_vec(); - serials.push(serial); - } - } - assert_eq!(3, serials.len()); + let crl_decoded = hex::decode(PCK_CRL).unwrap(); + let crl: x509_cert::crl::CertificateList = der::Decode::from_der(&crl_decoded).unwrap(); + + let mut serials = vec![]; + if let Some(certs) = crl.tbs_cert_list.revoked_certificates { + for c in certs { + let serial = c.serial_number.as_bytes().to_vec(); + serials.push(serial); + } + } + assert_eq!(3, serials.len()); } #[test] fn parse_pck_certificate() { - let der = DCAP_QUOTE_CERT.replace('\n', ""); - let der = base64::decode(der).unwrap(); + let der = DCAP_QUOTE_CERT.replace('\n', ""); + let der = base64::decode(der).unwrap(); - let ext = get_intel_extension(&der).unwrap(); - assert_eq!(453, ext.len()); + let ext = get_intel_extension(&der).unwrap(); + assert_eq!(453, ext.len()); - let fmspc = get_fmspc(&ext).unwrap(); - assert_eq!(hex!("00906EA10000"), fmspc); + let fmspc = get_fmspc(&ext).unwrap(); + assert_eq!(hex!("00906EA10000"), fmspc); - let cpusvn = get_cpusvn(&ext).unwrap(); - assert_eq!(hex!("11110204018007000000000000000000"), cpusvn); + let cpusvn = get_cpusvn(&ext).unwrap(); + assert_eq!(hex!("11110204018007000000000000000000"), cpusvn); - let pcesvn = get_pcesvn(&ext).unwrap(); - assert_eq!(u16::from_be_bytes(hex!("000B")), pcesvn); + let pcesvn = get_pcesvn(&ext).unwrap(); + assert_eq!(u16::from_be_bytes(hex!("000B")), pcesvn); } diff --git a/common/primitives/core/src/teebag/sgx_verify/utils.rs b/common/primitives/core/src/teebag/sgx_verify/utils.rs new file mode 100644 index 0000000000..71389c9ce5 --- /dev/null +++ b/common/primitives/core/src/teebag/sgx_verify/utils.rs @@ -0,0 +1,38 @@ +fn safe_indexing_one(data: &[u8], idx: usize) -> Result { + let elt = data.get(idx).ok_or("Index out of bounds")?; + Ok(*elt as usize) +} + +pub fn length_from_raw_data(data: &[u8], offset: &mut usize) -> Result { + let mut len = safe_indexing_one(data, *offset)?; + if len > 0x80 { + len = (safe_indexing_one(data, *offset + 1)?) * 0x100 + + (safe_indexing_one(data, *offset + 2)?); + *offset += 2; + } + Ok(len) +} + +#[cfg(test)] +mod test { + use super::*; + use frame_support::assert_err; + + #[test] + fn index_equal_length_returns_err() { + // It was discovered a panic occurs if `index == data.len()` due to out of bound + // indexing. Here the fix is tested. + // + // For context see: https://github.com/integritee-network/pallet-teerex/issues/34 + let data: [u8; 7] = [0, 1, 2, 3, 4, 5, 6]; + assert_err!(safe_indexing_one(&data, data.len()), "Index out of bounds"); + } + + #[test] + fn safe_indexing_works() { + let data: [u8; 7] = [0, 1, 2, 3, 4, 5, 6]; + assert_eq!(safe_indexing_one(&data, 0), Ok(0)); + assert_eq!(safe_indexing_one(&data, 3), Ok(3)); + assert!(safe_indexing_one(&data, 10).is_err()); + } +} diff --git a/common/primitives/core/src/teebag/tcb.rs b/common/primitives/core/src/teebag/tcb.rs new file mode 100644 index 0000000000..10cb39c44c --- /dev/null +++ b/common/primitives/core/src/teebag/tcb.rs @@ -0,0 +1,115 @@ +/* +Copyright 2021 Integritee AG and Supercomputing Systems AG + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +*/ + +// `Tcb...` primitive part, copied from Integritee + +use crate::{Cpusvn, Pcesvn, Vec}; +use parity_scale_codec::{Decode, Encode}; +use scale_info::TypeInfo; +use sp_core::RuntimeDebug; + +/// The list of valid TCBs for an enclave. +#[derive(Encode, Decode, Clone, PartialEq, Eq, RuntimeDebug, TypeInfo)] +pub struct QeTcb { + pub isvsvn: u16, +} + +impl QeTcb { + pub fn new(isvsvn: u16) -> Self { + Self { isvsvn } + } +} + +#[derive(Encode, Decode, Default, Clone, PartialEq, Eq, RuntimeDebug, TypeInfo)] +pub struct TcbVersionStatus { + pub cpusvn: Cpusvn, + pub pcesvn: Pcesvn, +} + +impl TcbVersionStatus { + pub fn new(cpusvn: Cpusvn, pcesvn: Pcesvn) -> Self { + Self { cpusvn, pcesvn } + } + + pub fn verify_examinee(&self, examinee: &TcbVersionStatus) -> bool { + for (v, r) in self.cpusvn.iter().zip(examinee.cpusvn.iter()) { + if *v > *r { + return false; + } + } + self.pcesvn <= examinee.pcesvn + } +} + +/// This represents all the collateral data that we need to store on chain in order to verify +/// the quoting enclave validity of another enclave that wants to register itself on chain +#[derive(Encode, Decode, Default, Clone, PartialEq, Eq, RuntimeDebug, TypeInfo)] +pub struct TcbInfoOnChain { + // Todo: make timestamp: Moment + pub issue_date: u64, // unix epoch in milliseconds + // Todo: make timestamp: Moment + pub next_update: u64, // unix epoch in milliseconds + tcb_levels: Vec, +} + +impl TcbInfoOnChain { + pub fn new(issue_date: u64, next_update: u64, tcb_levels: Vec) -> Self { + Self { + issue_date, + next_update, + tcb_levels, + } + } + + pub fn verify_examinee(&self, examinee: &TcbVersionStatus) -> bool { + for tb in &self.tcb_levels { + if tb.verify_examinee(examinee) { + return true; + } + } + false + } +} + +#[cfg(test)] +mod tests { + use super::*; + use hex_literal::hex; + + #[test] + fn tcb_full_is_valid() { + // The strings are the hex encodings of the 16-byte CPUSVN numbers + let reference = TcbVersionStatus::new(hex!("11110204018007000000000000000000"), 7); + assert!(reference.verify_examinee(&reference)); + assert!(reference.verify_examinee(&TcbVersionStatus::new( + hex!("11110204018007000000000000000000"), + 7 + ))); + assert!(reference.verify_examinee(&TcbVersionStatus::new( + hex!("21110204018007000000000000000001"), + 7 + ))); + assert!(!reference.verify_examinee(&TcbVersionStatus::new( + hex!("10110204018007000000000000000000"), + 6 + ))); + assert!(!reference.verify_examinee(&TcbVersionStatus::new( + hex!("11110204018007000000000000000000"), + 6 + ))); + } +} diff --git a/parachain/pallets/teebag/src/types.rs b/common/primitives/core/src/teebag/types.rs similarity index 51% rename from parachain/pallets/teebag/src/types.rs rename to common/primitives/core/src/teebag/types.rs index fdecc582af..5920d539ee 100644 --- a/parachain/pallets/teebag/src/types.rs +++ b/common/primitives/core/src/teebag/types.rs @@ -14,21 +14,21 @@ // You should have received a copy of the GNU General Public License // along with Litentry. If not, see . -use crate::Ed25519Public; +use crate::H256; use parity_scale_codec::{Decode, Encode}; use scale_info::TypeInfo; use serde::{Deserialize, Serialize}; -use sp_core::{RuntimeDebug, H256}; +use sp_core::{ed25519::Public as Ed25519Public, RuntimeDebug}; use sp_std::prelude::*; pub type MrSigner = [u8; 32]; pub type MrEnclave = [u8; 32]; -pub type Fmspc = [u8; 6]; pub type Cpusvn = [u8; 16]; pub type Pcesvn = u16; +pub type Fmspc = [u8; 6]; pub type ShardIdentifier = H256; -pub type EnclaveFingerprint = H256; pub type SidechainBlockNumber = u64; +pub type EnclaveFingerprint = H256; /// Different modes that control enclave registration and running: /// - `Production`: default value. It perfroms all checks for enclave registration and runtime @@ -39,140 +39,143 @@ pub type SidechainBlockNumber = u64; /// `Attestation::Ignore` is only possible under `OperationalMode::Development`, but not vice versa. /// So if you define `Attestation::Ias`, the attestation will be verified even in `Development` mode #[derive( - PartialEq, Eq, Clone, Copy, Default, Encode, Decode, Debug, TypeInfo, Serialize, Deserialize, + PartialEq, Eq, Clone, Copy, Default, Encode, Decode, Debug, TypeInfo, Serialize, Deserialize, )] pub enum OperationalMode { - #[default] - #[codec(index = 0)] - Production, - #[codec(index = 1)] - Development, - #[codec(index = 2)] - Maintenance, + #[default] + #[codec(index = 0)] + Production, + #[codec(index = 1)] + Development, + #[codec(index = 2)] + Maintenance, } #[derive(Encode, Decode, Default, Clone, Copy, PartialEq, Eq, RuntimeDebug, TypeInfo)] pub enum DcapProvider { - #[default] - Intel, - MAA, - Local, - Integritee, + #[default] + Intel, + MAA, + Local, + Integritee, } #[derive(Encode, Decode, Clone, Copy, Default, PartialEq, Eq, RuntimeDebug, TypeInfo)] pub enum AttestationType { - #[default] - Ignore, - Ias, - Dcap(DcapProvider), + #[default] + Ignore, + Ias, + Dcap(DcapProvider), } #[derive(Encode, Decode, Clone, Copy, Default, PartialEq, Eq, RuntimeDebug, TypeInfo)] pub enum WorkerType { - #[default] - Identity, - BitAcross, + #[default] + Identity, + BitAcross, } #[derive(Encode, Decode, Clone, Copy, Default, PartialEq, Eq, RuntimeDebug, TypeInfo)] pub enum WorkerMode { - #[default] - OffChainWorker, - Sidechain, + #[default] + OffChainWorker, + Sidechain, } #[derive(Encode, Decode, Copy, Clone, Default, PartialEq, Eq, RuntimeDebug, TypeInfo)] pub enum SgxBuildMode { - #[default] - #[codec(index = 0)] - Production, - #[codec(index = 1)] - Debug, + #[default] + #[codec(index = 0)] + Production, + #[codec(index = 1)] + Debug, } #[derive(PartialEq, Eq, Clone, Encode, Decode, Debug, Copy, Default, TypeInfo)] #[cfg_attr(feature = "std", derive(Serialize, Deserialize))] pub struct SidechainBlockConfirmation { - pub block_number: SidechainBlockNumber, - pub block_header_hash: H256, + pub block_number: SidechainBlockNumber, + pub block_header_hash: H256, } #[derive(Encode, Decode, Clone, Default, PartialEq, Eq, RuntimeDebug, TypeInfo)] pub struct Enclave { - pub worker_type: WorkerType, - pub worker_mode: WorkerMode, - pub mrenclave: MrEnclave, - pub last_seen_timestamp: u64, // unix epoch in milliseconds when it's last seen - pub url: Vec, // utf8 encoded url - pub shielding_pubkey: Option>, // JSON serialised enclave shielding pub key - pub vc_pubkey: Option, - pub sgx_build_mode: SgxBuildMode, - pub attestation_type: AttestationType, + pub worker_type: WorkerType, + pub worker_mode: WorkerMode, + pub mrenclave: MrEnclave, + pub last_seen_timestamp: u64, // unix epoch in milliseconds when it's last seen + pub url: Vec, // utf8 encoded url + pub shielding_pubkey: Option>, // JSON serialised enclave shielding pub key + pub vc_pubkey: Option, + pub sgx_build_mode: SgxBuildMode, + pub attestation_type: AttestationType, } impl Enclave { - pub fn new(worker_type: WorkerType) -> Self { - Enclave { worker_type, ..Default::default() } - } - - pub fn with_worker_mode(mut self, worker_mode: WorkerMode) -> Self { - self.worker_mode = worker_mode; - self - } - - pub fn with_mrenclave(mut self, mrenclave: MrEnclave) -> Self { - self.mrenclave = mrenclave; - self - } - - pub fn with_url(mut self, url: Vec) -> Self { - self.url = url; - self - } - - pub fn with_shielding_pubkey(mut self, shielding_pubkey: Option>) -> Self { - self.shielding_pubkey = shielding_pubkey; - self - } - - pub fn with_vc_pubkey(mut self, vc_pubkey: Option) -> Self { - self.vc_pubkey = vc_pubkey; - self - } - - pub fn with_last_seen_timestamp(mut self, t: u64) -> Self { - self.last_seen_timestamp = t; - self - } - - pub fn with_attestation_type(mut self, attestation_type: AttestationType) -> Self { - self.attestation_type = attestation_type; - self - } - - pub fn with_sgx_build_mode(mut self, sgx_build_mode: SgxBuildMode) -> Self { - self.sgx_build_mode = sgx_build_mode; - self - } + pub fn new(worker_type: WorkerType) -> Self { + Enclave { + worker_type, + ..Default::default() + } + } + + pub fn with_worker_mode(mut self, worker_mode: WorkerMode) -> Self { + self.worker_mode = worker_mode; + self + } + + pub fn with_mrenclave(mut self, mrenclave: MrEnclave) -> Self { + self.mrenclave = mrenclave; + self + } + + pub fn with_url(mut self, url: Vec) -> Self { + self.url = url; + self + } + + pub fn with_shielding_pubkey(mut self, shielding_pubkey: Option>) -> Self { + self.shielding_pubkey = shielding_pubkey; + self + } + + pub fn with_vc_pubkey(mut self, vc_pubkey: Option) -> Self { + self.vc_pubkey = vc_pubkey; + self + } + + pub fn with_last_seen_timestamp(mut self, t: u64) -> Self { + self.last_seen_timestamp = t; + self + } + + pub fn with_attestation_type(mut self, attestation_type: AttestationType) -> Self { + self.attestation_type = attestation_type; + self + } + + pub fn with_sgx_build_mode(mut self, sgx_build_mode: SgxBuildMode) -> Self { + self.sgx_build_mode = sgx_build_mode; + self + } } // use the name `RsaRequest` to differentiate from `AesRequest` (see aes_request.rs in // tee-worker) `Rsa` implies that the payload is RSA-encrypted (using enclave's shielding key) #[macro_export] macro_rules! decl_rsa_request { - ($($t:meta),*) => { - #[derive(Encode, Decode, Default, Clone, PartialEq, Eq, $($t),*)] - pub struct RsaRequest { - pub shard: ShardIdentifier, - pub payload: Vec, - } - impl RsaRequest { - pub fn new(shard: ShardIdentifier, payload: Vec) -> Self { - Self { shard, payload } - } - } - }; + ($($t:meta),*) => { + #[derive(Encode, Decode, Default, Clone, PartialEq, Eq, $($t),*)] + pub struct RsaRequest { + pub shard: ShardIdentifier, + pub payload: Vec, + } + impl RsaRequest { + pub fn new(shard: ShardIdentifier, payload: Vec) -> Self { + Self { shard, payload } + } + } + }; } decl_rsa_request!(TypeInfo, RuntimeDebug); diff --git a/parachain/Cargo.lock b/parachain/Cargo.lock index dfde196e33..a83af27e12 100644 --- a/parachain/Cargo.lock +++ b/parachain/Cargo.lock @@ -1440,18 +1440,29 @@ name = "core-primitives" version = "0.1.0" dependencies = [ "base58", + "base64 0.13.1", + "chrono", + "der 0.6.1", "frame-support", + "hex", + "hex-literal", "litentry-hex-utils", "litentry-macros", "litentry-proc-macros", "pallet-evm", "parity-scale-codec", + "ring 0.16.20", + "rustls-webpki 0.102.0-alpha.3", "scale-info", + "serde", + "serde_json", "sp-core", "sp-io", "sp-runtime", + "sp-std", "strum 0.26.3", "strum_macros 0.26.4", + "x509-cert", ] [[package]] @@ -8121,6 +8132,7 @@ version = "0.1.0" dependencies = [ "base64 0.13.1", "chrono", + "core-primitives", "der 0.6.1", "env_logger 0.10.2", "frame-benchmarking", diff --git a/parachain/pallets/identity-management/Cargo.toml b/parachain/pallets/identity-management/Cargo.toml index 8973e277aa..82917f6882 100644 --- a/parachain/pallets/identity-management/Cargo.toml +++ b/parachain/pallets/identity-management/Cargo.toml @@ -18,7 +18,7 @@ sp-runtime = { workspace = true } sp-std = { workspace = true } core-primitives = { workspace = true } -pallet-teebag = { workspace = true } +pallet-teebag = { workspace = true, optional = true } [dev-dependencies] pallet-balances = { workspace = true, features = ["std"] } diff --git a/parachain/pallets/identity-management/src/lib.rs b/parachain/pallets/identity-management/src/lib.rs index 8e85376841..da36011793 100644 --- a/parachain/pallets/identity-management/src/lib.rs +++ b/parachain/pallets/identity-management/src/lib.rs @@ -43,7 +43,6 @@ pub mod weights; pub use crate::weights::WeightInfo; pub use pallet::*; -use pallet_teebag::ShardIdentifier; use sp_core::H256; use sp_std::vec::Vec; @@ -51,8 +50,8 @@ const MAX_REDIRECT_URL_LEN: u32 = 256; #[frame_support::pallet] pub mod pallet { - use super::{ShardIdentifier, Vec, WeightInfo, H256, MAX_REDIRECT_URL_LEN}; - use core_primitives::{ErrorDetail, IMPError, Identity}; + use super::{Vec, WeightInfo, H256, MAX_REDIRECT_URL_LEN}; + use core_primitives::{ErrorDetail, IMPError, Identity, ShardIdentifier}; use frame_support::pallet_prelude::*; use frame_system::pallet_prelude::*; diff --git a/parachain/pallets/identity-management/src/mock.rs b/parachain/pallets/identity-management/src/mock.rs index 900dd41dfc..31291d7b4f 100644 --- a/parachain/pallets/identity-management/src/mock.rs +++ b/parachain/pallets/identity-management/src/mock.rs @@ -64,7 +64,7 @@ where if !pallet_teebag::EnclaveRegistry::::contains_key(signer.clone()) { assert_ok!(pallet_teebag::Pallet::::add_enclave( &signer, - &pallet_teebag::Enclave::default().with_mrenclave(TEST8_MRENCLAVE), + &core_primitives::Enclave::default().with_mrenclave(TEST8_MRENCLAVE), )); } Ok(frame_system::RawOrigin::Signed(signer).into()) @@ -188,20 +188,20 @@ pub fn new_test_ext() -> sp_io::TestExternalities { assert_ok!(Teebag::set_admin(RuntimeOrigin::root(), signer.clone())); assert_ok!(Teebag::set_mode( RuntimeOrigin::signed(signer.clone()), - pallet_teebag::OperationalMode::Development + core_primitives::OperationalMode::Development )); Timestamp::set_timestamp(TEST8_TIMESTAMP); if !pallet_teebag::EnclaveRegistry::::contains_key(signer.clone()) { assert_ok!(Teebag::register_enclave( RuntimeOrigin::signed(signer), - pallet_teebag::WorkerType::Identity, - pallet_teebag::WorkerMode::Sidechain, + core_primitives::WorkerType::Identity, + core_primitives::WorkerMode::Sidechain, TEST8_CERT.to_vec(), URL.to_vec(), None, None, - pallet_teebag::AttestationType::Ias, + core_primitives::AttestationType::Ias, )); } }); diff --git a/parachain/pallets/identity-management/src/tests.rs b/parachain/pallets/identity-management/src/tests.rs index 4063e5a5f3..28bb4c8494 100644 --- a/parachain/pallets/identity-management/src/tests.rs +++ b/parachain/pallets/identity-management/src/tests.rs @@ -14,8 +14,8 @@ // You should have received a copy of the GNU General Public License // along with Litentry. If not, see . #[allow(unused)] -use crate::{mock::*, Error, OIDCClients, ShardIdentifier}; -use core_primitives::{ErrorDetail, IMPError}; +use crate::{mock::*, Error, OIDCClients}; +use core_primitives::{ErrorDetail, IMPError, ShardIdentifier}; use frame_support::{assert_noop, assert_ok}; use sp_core::H256; diff --git a/parachain/pallets/omni-account/src/mock.rs b/parachain/pallets/omni-account/src/mock.rs index 9bc1f4bc73..056d754096 100644 --- a/parachain/pallets/omni-account/src/mock.rs +++ b/parachain/pallets/omni-account/src/mock.rs @@ -63,7 +63,7 @@ where if !pallet_teebag::EnclaveRegistry::::contains_key(signer.clone()) { assert_ok!(pallet_teebag::Pallet::::add_enclave( &signer, - &pallet_teebag::Enclave::default().with_mrenclave(TEST8_MRENCLAVE), + &core_primitives::Enclave::default().with_mrenclave(TEST8_MRENCLAVE), )); } Ok(frame_system::RawOrigin::Signed(signer).into()) @@ -194,20 +194,20 @@ pub fn new_test_ext() -> sp_io::TestExternalities { assert_ok!(Teebag::set_admin(RuntimeOrigin::root(), signer.clone())); assert_ok!(Teebag::set_mode( RuntimeOrigin::signed(signer.clone()), - pallet_teebag::OperationalMode::Development + core_primitives::OperationalMode::Development )); Timestamp::set_timestamp(TEST8_TIMESTAMP); if !pallet_teebag::EnclaveRegistry::::contains_key(signer.clone()) { assert_ok!(Teebag::register_enclave( RuntimeOrigin::signed(signer), - pallet_teebag::WorkerType::Identity, - pallet_teebag::WorkerMode::Sidechain, + core_primitives::WorkerType::Identity, + core_primitives::WorkerMode::Sidechain, TEST8_CERT.to_vec(), URL.to_vec(), None, None, - pallet_teebag::AttestationType::Ias, + core_primitives::AttestationType::Ias, )); } }); diff --git a/parachain/pallets/teebag/Cargo.toml b/parachain/pallets/teebag/Cargo.toml index 6ab25e821c..3fc4cf3815 100644 --- a/parachain/pallets/teebag/Cargo.toml +++ b/parachain/pallets/teebag/Cargo.toml @@ -34,6 +34,8 @@ sp-io = { workspace = true } sp-runtime = { workspace = true } sp-std = { workspace = true } +core-primitives = { workspace = true } + [dev-dependencies] env_logger = { workspace = true } frame-benchmarking = { workspace = true, features = ["std"] } diff --git a/parachain/pallets/teebag/src/benchmarking.rs b/parachain/pallets/teebag/src/benchmarking.rs index 4c6b635c30..653d623caf 100644 --- a/parachain/pallets/teebag/src/benchmarking.rs +++ b/parachain/pallets/teebag/src/benchmarking.rs @@ -42,11 +42,12 @@ const PUBKEY: [u8; 32] = [ const QUOTING_ENCLAVE: &[u8; 1038] = br#"{"id":"QE","version":2,"issueDate":"2022-12-04T22:45:33Z","nextUpdate":"2023-01-03T22:45:33Z","tcbEvaluationDataNumber":13,"miscselect":"00000000","miscselectMask":"FFFFFFFF","attributes":"11000000000000000000000000000000","attributesMask":"FBFFFFFFFFFFFFFF0000000000000000","mrsigner":"8C4F5775D796503E96137F77C68A829A0056AC8DED70140B081B094490C57BFF","isvprodid":1,"tcbLevels":[{"tcb":{"isvsvn":6},"tcbDate":"2022-11-09T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"isvsvn":5},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00477"]},{"tcb":{"isvsvn":4},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00334","INTEL-SA-00477"]},{"tcb":{"isvsvn":2},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00219","INTEL-SA-00293","INTEL-SA-00334","INTEL-SA-00477"]},{"tcb":{"isvsvn":1},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00202","INTEL-SA-00219","INTEL-SA-00293","INTEL-SA-00334","INTEL-SA-00477"]}]}"#; const QUOTING_ENCLAVE_SIGNATURE: [u8; 64] = hex!("47accba321e57c20722a0d3d1db11c9b52661239857dc578ca1bde13976ee288cf39f72111ffe445c7389ef56447c79e30e6b83a8863ed9880de5bde4a8d5c91"); const QUOTING_ENCLAVE_CERTIFICATE_CHAIN: &[u8; 1891] = - include_bytes!("./sgx_verify/test/dcap/qe_identity_issuer_chain.pem"); + include_bytes!("../../../../common/primitives/core/src/teebag/sgx_verify/test/dcap/qe_identity_issuer_chain.pem"); const TCB_INFO: &[u8; 8359] = br#"{"id":"SGX","version":3,"issueDate":"2022-11-17T12:45:32Z","nextUpdate":"2023-04-16T12:45:32Z","fmspc":"00906EA10000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":12,"tcbLevels":[{"tcb":{"sgxtcbcomponents":[{"svn":17},{"svn":17},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":7},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":11},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"SWHardeningNeeded","advisoryIDs":["INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":17},{"svn":17},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":7},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":17},{"svn":17},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":11},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"ConfigurationAndSWHardeningNeeded","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":17},{"svn":17},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00477","INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":15},{"svn":15},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":7},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2020-06-10T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":15},{"svn":15},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2020-06-10T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":14},{"svn":14},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":7},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2019-12-11T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":14},{"svn":14},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2019-12-11T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":13},{"svn":13},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":3},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":9},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":13},{"svn":13},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":9},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":6},{"svn":6},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":1},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":7},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":6},{"svn":6},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":7},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":5},{"svn":5},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":1},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":7},"tcbDate":"2019-01-09T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00233","INTEL-SA-00161","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":5},{"svn":5},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":1},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":6},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00233","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":5},{"svn":5},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":7},"tcbDate":"2019-01-09T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00233","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":5},{"svn":5},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":6},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00203","INTEL-SA-00161","INTEL-SA-00233","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":4},{"svn":4},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":5},"tcbDate":"2018-01-04T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00106","INTEL-SA-00115","INTEL-SA-00135","INTEL-SA-00203","INTEL-SA-00161","INTEL-SA-00233","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":2},{"svn":2},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":4},"tcbDate":"2017-07-26T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00088","INTEL-SA-00106","INTEL-SA-00115","INTEL-SA-00135","INTEL-SA-00203","INTEL-SA-00161","INTEL-SA-00233","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]}]}"#; const TCB_SIGNATURE: [u8; 64] = hex!("71746f2148ecba04e35cf1ac77a7e6267ce99f6781c1031f724bb5bd94b8c1b6e4c07c01dc151692aa75be80dfba7350bb80c58314a6975189597e28e9bbc75c"); -const TCB_CERTIFICATE_CHAIN: &[u8; 1891] = - include_bytes!("./sgx_verify/test/dcap/tcb_info_issuer_chain.pem"); +const TCB_CERTIFICATE_CHAIN: &[u8; 1891] = include_bytes!( + "../../../../common/primitives/core/src/teebag/sgx_verify/test/dcap/tcb_info_issuer_chain.pem" +); fn register_quoting_enclave_for_testing() where diff --git a/parachain/pallets/teebag/src/lib.rs b/parachain/pallets/teebag/src/lib.rs index 8ae095b3e3..1d23f24bdf 100644 --- a/parachain/pallets/teebag/src/lib.rs +++ b/parachain/pallets/teebag/src/lib.rs @@ -31,27 +31,13 @@ use sp_core::{ed25519::Public as Ed25519Public, H256}; use sp_runtime::traits::{CheckedSub, SaturatedConversion}; use sp_std::{prelude::*, str}; -mod sgx_verify; -pub use sgx_verify::{ - deserialize_enclave_identity, deserialize_tcb_info, extract_certs, - extract_tcb_info_from_raw_dcap_quote, verify_certificate_chain, verify_dcap_quote, - verify_ias_report, SgxReport, -}; +use core_primitives::*; pub use pallet::*; pub mod weights; pub use crate::weights::WeightInfo; -mod types; -pub use types::*; - -mod quoting_enclave; -pub use quoting_enclave::*; - -mod tcb; -pub use tcb::*; - const MAX_RA_REPORT_LEN: usize = 5244; const MAX_DCAP_QUOTE_LEN: usize = 5000; const MAX_URL_LEN: usize = 256; diff --git a/parachain/pallets/teebag/src/quoting_enclave.rs b/parachain/pallets/teebag/src/quoting_enclave.rs deleted file mode 100644 index 8804f928a6..0000000000 --- a/parachain/pallets/teebag/src/quoting_enclave.rs +++ /dev/null @@ -1,78 +0,0 @@ -/* -Copyright 2021 Integritee AG and Supercomputing Systems AG - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -*/ - -// `QuotingEnclave` primitive part, copied from Integritee - -use crate::{MrSigner, QeTcb, Vec}; -use parity_scale_codec::{Decode, Encode}; -use scale_info::TypeInfo; -use sp_core::RuntimeDebug; - -/// This represents all the collateral data that we need to store on chain in order to verify -/// the quoting enclave validity of another enclave that wants to register itself on chain -#[derive(Encode, Decode, Default, Clone, PartialEq, Eq, RuntimeDebug, TypeInfo)] -pub struct QuotingEnclave { - // Todo: make timestamp: Moment - pub issue_date: u64, // unix epoch in milliseconds - // Todo: make timestamp: Moment - pub next_update: u64, // unix epoch in milliseconds - pub miscselect: [u8; 4], - pub miscselect_mask: [u8; 4], - pub attributes: [u8; 16], - pub attributes_mask: [u8; 16], - pub mrsigner: MrSigner, - pub isvprodid: u16, - /// Contains only the TCB versions that are considered UpToDate - pub tcb: Vec, -} - -impl QuotingEnclave { - #[allow(clippy::too_many_arguments)] - pub fn new( - issue_date: u64, - next_update: u64, - miscselect: [u8; 4], - miscselect_mask: [u8; 4], - attributes: [u8; 16], - attributes_mask: [u8; 16], - mrsigner: MrSigner, - isvprodid: u16, - tcb: Vec, - ) -> Self { - Self { - issue_date, - next_update, - miscselect, - miscselect_mask, - attributes, - attributes_mask, - mrsigner, - isvprodid, - tcb, - } - } - - pub fn attributes_flags_mask_as_u64(&self) -> u64 { - let slice_as_array: [u8; 8] = self.attributes_mask[0..8].try_into().unwrap(); - u64::from_le_bytes(slice_as_array) - } - - pub fn attributes_flags_as_u64(&self) -> u64 { - let slice_as_array: [u8; 8] = self.attributes[0..8].try_into().unwrap(); - u64::from_le_bytes(slice_as_array) - } -} diff --git a/parachain/pallets/teebag/src/sgx_verify/collateral.rs b/parachain/pallets/teebag/src/sgx_verify/collateral.rs deleted file mode 100644 index 9b15e40bfc..0000000000 --- a/parachain/pallets/teebag/src/sgx_verify/collateral.rs +++ /dev/null @@ -1,281 +0,0 @@ -/* - Copyright 2022 Integritee AG and Supercomputing Systems AG - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - -*/ - -pub extern crate alloc; - -use crate::{Fmspc, MrSigner, Pcesvn, QeTcb, QuotingEnclave, TcbInfoOnChain, TcbVersionStatus}; -use alloc::string::String; -use chrono::prelude::{DateTime, Utc}; -use serde::{de::Error, Deserialize, Deserializer, Serialize, Serializer}; -use sp_std::prelude::*; - -/// The data structures in here are designed such that they can be used to serialize/deserialize -/// the "TCB info" and "enclave identity" collateral data in JSON format provided by intel -/// See https://api.portal.trustedservices.intel.com/documentation for further information and examples - -#[derive(Serialize, Deserialize)] -pub struct Tcb { - isvsvn: u16, -} - -impl Tcb { - pub fn is_valid(&self) -> bool { - // At the time of writing this code everything older than 6 is outdated - // Intel does the same check in their DCAP implementation - self.isvsvn >= 6 - } -} - -#[derive(Serialize, Deserialize)] -#[serde(rename_all = "camelCase")] -pub struct TcbLevel { - tcb: Tcb, - /// Intel does not verify the tcb_date in their code and their API documentation also does - /// not mention it needs verification. - tcb_date: DateTime, - tcb_status: String, - #[serde(rename = "advisoryIDs")] - #[serde(skip_serializing_if = "Option::is_none")] - advisory_ids: Option>, -} - -impl TcbLevel { - pub fn is_valid(&self) -> bool { - // UpToDate is the only valid status (the other being OutOfDate and Revoked) - // A possible extension would be to also verify that the advisory_ids list is empty, - // but I think this could also lead to all TcbLevels being invalid - self.tcb.is_valid() && self.tcb_status == "UpToDate" - } -} - -#[derive(Serialize, Deserialize)] -struct TcbComponent { - svn: u8, - #[serde(skip_serializing_if = "Option::is_none")] - category: Option, - #[serde(rename = "type")] //type is a keyword so we rename the field - #[serde(skip_serializing_if = "Option::is_none")] - tcb_type: Option, -} - -#[derive(Serialize, Deserialize)] -pub struct TcbFull { - sgxtcbcomponents: [TcbComponent; 16], - pcesvn: Pcesvn, -} - -#[derive(Serialize, Deserialize)] -#[serde(rename_all = "camelCase")] -pub struct TcbLevelFull { - tcb: TcbFull, - /// Intel does not verify the tcb_date in their code and their API documentation also does - /// not mention it needs verification. - tcb_date: DateTime, - tcb_status: String, - #[serde(rename = "advisoryIDs")] - #[serde(skip_serializing_if = "Option::is_none")] - advisory_ids: Option>, -} - -impl TcbLevelFull { - pub fn is_valid(&self) -> bool { - // A possible extension would be to also verify that the advisory_ids list is empty, - // but I think this could also lead to all TcbLevels being invalid - // - // Litentry: be more lenient with it - self.tcb_status == "UpToDate" - || self.tcb_status == "SWHardeningNeeded" - || self.tcb_status == "ConfigurationNeeded" - || self.tcb_status == "ConfigurationAndSWHardeningNeeded" - } -} - -#[derive(Serialize, Deserialize)] -#[serde(rename_all = "camelCase")] -pub struct EnclaveIdentity { - id: String, - version: u16, - issue_date: DateTime, - next_update: DateTime, - tcb_evaluation_data_number: u16, - #[serde(deserialize_with = "deserialize_from_hex::<_, 4>")] - #[serde(serialize_with = "serialize_to_hex::<_, 4>")] - miscselect: [u8; 4], - #[serde(deserialize_with = "deserialize_from_hex::<_, 4>")] - #[serde(serialize_with = "serialize_to_hex::<_, 4>")] - miscselect_mask: [u8; 4], - #[serde(deserialize_with = "deserialize_from_hex::<_, 16>")] - #[serde(serialize_with = "serialize_to_hex::<_, 16>")] - attributes: [u8; 16], - #[serde(deserialize_with = "deserialize_from_hex::<_, 16>")] - #[serde(serialize_with = "serialize_to_hex::<_, 16>")] - attributes_mask: [u8; 16], - #[serde(deserialize_with = "deserialize_from_hex::<_, 32>")] - #[serde(serialize_with = "serialize_to_hex::<_, 32>")] - mrsigner: MrSigner, - pub isvprodid: u16, - pub tcb_levels: Vec, -} - -fn serialize_to_hex(x: &[u8; N], s: S) -> Result -where - S: Serializer, -{ - s.serialize_str(&hex::encode(x).to_uppercase()) -} - -fn deserialize_from_hex<'de, D, const N: usize>(deserializer: D) -> Result<[u8; N], D::Error> -where - D: Deserializer<'de>, -{ - let s: &str = Deserialize::deserialize(deserializer)?; - let hex = hex::decode(s).map_err(|_| D::Error::custom("Failed to deserialize hex string"))?; - hex.try_into().map_err(|_| D::Error::custom("Invalid hex length")) -} - -impl EnclaveIdentity { - /// This extracts the necessary information into the struct that we actually store in the chain - pub fn to_quoting_enclave(&self) -> QuotingEnclave { - let mut valid_tcbs: Vec = Vec::new(); - for tcb in &self.tcb_levels { - if tcb.is_valid() { - valid_tcbs.push(QeTcb::new(tcb.tcb.isvsvn)); - } - } - QuotingEnclave::new( - self.issue_date - .timestamp_millis() - .try_into() - .expect("no support for negative unix timestamps"), - self.next_update - .timestamp_millis() - .try_into() - .expect("no support for negative unix timestamps"), - self.miscselect, - self.miscselect_mask, - self.attributes, - self.attributes_mask, - self.mrsigner, - self.isvprodid, - valid_tcbs, - ) - } - - pub fn is_valid(&self, timestamp_millis: i64) -> bool { - self.id == "QE" - && self.version == 2 - && self.issue_date.timestamp_millis() < timestamp_millis - && timestamp_millis < self.next_update.timestamp_millis() - } -} - -#[derive(Serialize, Deserialize)] -#[serde(rename_all = "camelCase")] -pub struct TcbInfo { - id: String, - version: u8, - issue_date: DateTime, - next_update: DateTime, - #[serde(deserialize_with = "deserialize_from_hex::<_, 6>")] - #[serde(serialize_with = "serialize_to_hex::<_, 6>")] - pub fmspc: Fmspc, - pce_id: String, - tcb_type: u16, - tcb_evaluation_data_number: u16, - tcb_levels: Vec, -} - -impl TcbInfo { - /// This extracts the necessary information into a tuple (`(Key, Value)`) that we actually store - /// in the chain - pub fn to_chain_tcb_info(&self) -> (Fmspc, TcbInfoOnChain) { - let valid_tcbs: Vec = self - .tcb_levels - .iter() - // Only store TCB levels on chain that are currently valid - .filter(|tcb| tcb.is_valid()) - .map(|tcb| { - let mut components = [0u8; 16]; - for (i, t) in tcb.tcb.sgxtcbcomponents.iter().enumerate() { - components[i] = t.svn; - } - TcbVersionStatus::new(components, tcb.tcb.pcesvn) - }) - .collect(); - ( - self.fmspc, - TcbInfoOnChain::new( - self.issue_date - .timestamp_millis() - .try_into() - .expect("no support for negative unix timestamps"), - self.next_update - .timestamp_millis() - .try_into() - .expect("no support for negative unix timestamps"), - valid_tcbs, - ), - ) - } - - pub fn is_valid(&self, timestamp_millis: i64) -> bool { - self.id == "SGX" - && self.version == 3 - && self.issue_date.timestamp_millis() < timestamp_millis - && timestamp_millis < self.next_update.timestamp_millis() - } -} - -#[derive(Serialize, Deserialize)] -#[serde(rename_all = "camelCase")] -pub struct TcbInfoSigned { - pub tcb_info: TcbInfo, - pub signature: String, -} - -#[derive(Serialize, Deserialize)] -#[serde(rename_all = "camelCase")] -pub struct EnclaveIdentitySigned { - pub enclave_identity: EnclaveIdentity, - pub signature: String, -} - -#[cfg(test)] -mod tests { - use super::*; - - #[test] - fn tcb_level_is_valid() { - let t: TcbLevel = serde_json::from_str( - r#"{"tcb":{"isvsvn":6}, "tcbDate":"2021-11-10T00:00:00Z", "tcbStatus":"UpToDate" }"#, - ) - .unwrap(); - assert!(t.is_valid()); - - let t: TcbLevel = serde_json::from_str( - r#"{"tcb":{"isvsvn":6}, "tcbDate":"2021-11-10T00:00:00Z", "tcbStatus":"OutOfDate" }"#, - ) - .unwrap(); - assert!(!t.is_valid()); - - let t: TcbLevel = serde_json::from_str( - r#"{"tcb":{"isvsvn":5}, "tcbDate":"2021-11-10T00:00:00Z", "tcbStatus":"UpToDate" }"#, - ) - .unwrap(); - assert!(!t.is_valid()); - } -} diff --git a/parachain/pallets/teebag/src/sgx_verify/ephemeral_key.rs b/parachain/pallets/teebag/src/sgx_verify/ephemeral_key.rs deleted file mode 100644 index 29bc989704..0000000000 --- a/parachain/pallets/teebag/src/sgx_verify/ephemeral_key.rs +++ /dev/null @@ -1,31 +0,0 @@ -use super::{utils::length_from_raw_data, CertDer}; -use sp_std::convert::TryFrom; - -pub struct EphemeralKey<'a>(&'a [u8]); - -pub const PRIME256V1_OID: &[u8; 10] = &[0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07]; -impl<'a> TryFrom> for EphemeralKey<'a> { - type Error = &'static str; - - fn try_from(value: CertDer<'a>) -> Result { - let cert_der = value.0; - - let mut offset = cert_der - .windows(PRIME256V1_OID.len()) - .position(|window| window == PRIME256V1_OID) - .ok_or("Certificate does not contain 'PRIME256V1_OID'")?; - - offset += PRIME256V1_OID.len() + 1; // OID length + TAG (0x03) - - // Obtain Public Key length - let len = length_from_raw_data(cert_der, &mut offset)?; - - // Obtain Public Key - offset += 1; - let pub_k = cert_der.get(offset + 2..offset + len).ok_or("Index out of bounds")?; // skip "00 04" - - #[cfg(test)] - println!("verifyRA ephemeral public key: {:x?}", pub_k); - Ok(EphemeralKey(pub_k)) - } -} diff --git a/parachain/pallets/teebag/src/sgx_verify/mod.rs b/parachain/pallets/teebag/src/sgx_verify/mod.rs deleted file mode 100644 index aba0aefd96..0000000000 --- a/parachain/pallets/teebag/src/sgx_verify/mod.rs +++ /dev/null @@ -1,840 +0,0 @@ -/* - Copyright 2021 Integritee AG and Supercomputing Systems AG - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - -*/ - -//! Contains all the logic for understanding and verifying SGX remote attestation reports. -//! -//! Intel's documentation is scattered across different documents: -//! -//! "Intel® Software Guard Extensions: PCK Certificate and Certificate Revocation List Profile -//! Specification", further denoted as `PCK_Certificate_CRL_Spec-1.1`. -//! -//! * https://download.01.org/intel-sgx/dcap-1.2/linux/docs/Intel_SGX_PCK_Certificate_CRL_Spec-1.1.pdf -//! -//! Intel® SGX Developer Guide, further denoted as `SGX_Developer_Guide`: -//! -//! * https://download.01.org/intel-sgx/linux-1.5/docs/Intel_SGX_Developer_Guide.pdf - -pub extern crate alloc; - -use self::{ - collateral::{EnclaveIdentity, TcbInfo}, - netscape_comment::NetscapeComment, - utils::length_from_raw_data, -}; -use crate::{ - Cpusvn, Fmspc, MrEnclave, MrSigner, Pcesvn, QuotingEnclave, SgxBuildMode, TcbVersionStatus, -}; -use alloc::string::String; -use chrono::DateTime; -use core::time::Duration; -use der::asn1::ObjectIdentifier; -use frame_support::{ensure, traits::Len}; -use parity_scale_codec::{Decode, Encode, Input}; -use ring::signature::{self}; -use scale_info::TypeInfo; -use serde_json::Value; -use sp_std::{ - convert::{TryFrom, TryInto}, - prelude::*, - vec, -}; -use x509_cert::Certificate; - -pub mod collateral; -mod ephemeral_key; -mod netscape_comment; -#[cfg(test)] -mod tests; -mod utils; - -const SGX_REPORT_DATA_SIZE: usize = 64; -#[derive(Debug, Encode, Decode, PartialEq, Eq, Copy, Clone, TypeInfo)] -#[repr(C)] -pub struct SgxReportData { - d: [u8; SGX_REPORT_DATA_SIZE], -} - -#[derive(Debug, Encode, Decode, PartialEq, Eq, Copy, Clone, TypeInfo)] -#[repr(C)] -pub struct SGXAttributes { - flags: u64, - xfrm: u64, -} - -/// This is produced by an SGX platform, when it wants to be attested. -#[derive(Debug, Decode, Clone, TypeInfo)] -#[repr(C)] -pub struct DcapQuote { - header: DcapQuoteHeader, - body: SgxReportBody, - signature_data_len: u32, - quote_signature_data: EcdsaQuoteSignature, -} - -/// All the documentation about this can be found in the `PCK_Certificate_CRL_Spec-1.1` page 62. -#[derive(Debug, Encode, Decode, Copy, Clone, TypeInfo)] -#[repr(C)] -pub struct DcapQuoteHeader { - /// Version of the Quote data structure. - /// - /// This is version 3 for the DCAP ECDSA attestation. - version: u16, - /// Type of the Attestation Key used by the Quoting Enclave. - /// • Supported values: - /// - 2 (ECDSA-256-with-P-256 curve) - /// - 3 (ECDSA-384-with-P-384 curve) (Note: currently not supported) - attestation_key_type: u16, - /// Reserved field, value 0. - reserved: u32, - /// Security Version of the Quoting Enclave currently loaded on the platform. - qe_svn: u16, - /// Security Version of the Provisioning Certification Enclave currently loaded on the - /// platform. - pce_svn: u16, - /// Unique identifier of the QE Vendor. - /// - /// This will usually be Intel's Quoting enclave with the ID: 939A7233F79C4CA9940A0DB3957F0607. - qe_vendor_id: [u8; 16], - /// Custom user-defined data. - user_data: [u8; 20], -} - -const ATTESTATION_KEY_SIZE: usize = 64; -const REPORT_SIGNATURE_SIZE: usize = 64; - -#[derive(Debug, Decode, Clone, TypeInfo)] -#[repr(C)] -pub struct EcdsaQuoteSignature { - isv_enclave_report_signature: [u8; REPORT_SIGNATURE_SIZE], - ecdsa_attestation_key: [u8; ATTESTATION_KEY_SIZE], - qe_report: SgxReportBody, - qe_report_signature: [u8; REPORT_SIGNATURE_SIZE], - qe_authentication_data: QeAuthenticationData, - qe_certification_data: QeCertificationData, -} - -#[derive(Debug, Clone, TypeInfo)] -#[repr(C)] -pub struct QeAuthenticationData { - size: u16, - certification_data: Vec, -} - -impl Decode for QeAuthenticationData { - fn decode(input: &mut I) -> Result { - let mut size_buf: [u8; 2] = [0; 2]; - input.read(&mut size_buf)?; - let size = u16::from_le_bytes(size_buf); - - let mut certification_data = vec![0; size.into()]; - input.read(&mut certification_data)?; - - Ok(Self { size, certification_data }) - } -} - -#[derive(Debug, Clone, TypeInfo)] -#[repr(C)] -pub struct QeCertificationData { - certification_data_type: u16, - size: u32, - certification_data: Vec, -} - -impl Decode for QeCertificationData { - fn decode(input: &mut I) -> Result { - let mut certification_data_type_buf: [u8; 2] = [0; 2]; - input.read(&mut certification_data_type_buf)?; - let certification_data_type = u16::from_le_bytes(certification_data_type_buf); - - let mut size_buf: [u8; 4] = [0; 4]; - input.read(&mut size_buf)?; - let size = u32::from_le_bytes(size_buf); - // This is an arbitrary limit to prevent out of memory issues. Intel does not specify a max - // value - if size > 65_000 { - return Result::Err(parity_scale_codec::Error::from( - "Certification data too long. Max 65000 bytes are allowed", - )); - } - - // Safety: The try_into() can only fail due to overflow on a 16-bit system, but we anyway - // ensure the value is small enough above. - let mut certification_data = vec![0; size.try_into().unwrap()]; - input.read(&mut certification_data)?; - - Ok(Self { certification_data_type, size, certification_data }) - } -} - -// see Intel SGX SDK https://github.com/intel/linux-sgx/blob/master/common/inc/sgx_report.h -const SGX_REPORT_BODY_RESERVED1_BYTES: usize = 12; -const SGX_REPORT_BODY_RESERVED2_BYTES: usize = 32; -const SGX_REPORT_BODY_RESERVED3_BYTES: usize = 32; -const SGX_REPORT_BODY_RESERVED4_BYTES: usize = 42; -const SGX_FLAGS_DEBUG: u64 = 0x0000000000000002; - -/// SGX report about an enclave. -/// -/// We don't verify all of the fields, as some contain business logic specific data that is -/// not related to the overall validity of an enclave. We only check security related fields. The -/// only exception to this is the quoting enclave, where we validate specific fields against known -/// values. -#[derive(Debug, Encode, Decode, Copy, Clone, TypeInfo)] -#[repr(C)] -pub struct SgxReportBody { - /// Security version of the CPU. - /// - /// Reflects the processors microcode update version. - cpu_svn: [u8; 16], /* ( 0) Security Version of the CPU */ - /// State Save Area (SSA) extended feature set. Flags used for specific exception handling - /// settings. Unless, you know what you are doing these should all be 0. - /// - /// See: https://cdrdv2-public.intel.com/671544/exception-handling-in-intel-sgx.pdf. - misc_select: [u8; 4], /* ( 16) Which fields defined in SSA.MISC */ - /// Unused reserved bytes. - reserved1: [u8; SGX_REPORT_BODY_RESERVED1_BYTES], /* ( 20) */ - /// Extended Product ID of an enclave. - isv_ext_prod_id: [u8; 16], /* ( 32) ISV assigned Extended Product ID */ - /// Attributes, defines features that should be enabled for an enclave. - /// - /// Here, we only check if the Debug mode is enabled. - /// - /// More details in `SGX_Developer_Guide` under `Debug (Opt-in) Enclave Consideration` on page - /// 24. - attributes: SGXAttributes, /* ( 48) Any special Capabilities the Enclave possess */ - /// Enclave measurement. - /// - /// A single 256-bit hash that identifies the code and initial data to - /// be placed inside the enclave, the expected order and position in which they are to be - /// placed, and the security properties of those pages. More details in `SGX_Developer_Guide` - /// page 6. - mr_enclave: MrEnclave, /* ( 64) The value of the enclave's ENCLAVE measurement */ - /// Unused reserved bytes. - reserved2: [u8; SGX_REPORT_BODY_RESERVED2_BYTES], /* ( 96) */ - /// The enclave author’s public key. - /// - /// More details in `SGX_Developer_Guide` page 6. - mr_signer: MrSigner, /* (128) The value of the enclave's SIGNER measurement */ - /// Unused reserved bytes. - reserved3: [u8; SGX_REPORT_BODY_RESERVED3_BYTES], /* (160) */ - /// Config ID of an enclave. - /// - /// Todo: #142 - Investigate the relevancy of this value. - config_id: [u8; 64], /* (192) CONFIGID */ - /// The Product ID of the enclave. - /// - /// The Independent Software Vendor (ISV) should configure a unique ISVProdID for each product - /// that may want to share sealed data between enclaves signed with a specific `MRSIGNER`. - isv_prod_id: u16, /* (256) Product ID of the Enclave */ - /// ISV security version of the enclave. - /// - /// This is the enclave author's responsibility to increase it whenever a security related - /// update happened. Here, we will only check it for the `Quoting Enclave` to ensure that the - /// quoting enclave is recent enough. - /// - /// More details in `SGX_Developer_Guide` page 6. - isv_svn: u16, /* (258) Security Version of the Enclave */ - /// Config Security version of the enclave. - config_svn: u16, /* (260) CONFIGSVN */ - /// Unused reserved bytes. - reserved4: [u8; SGX_REPORT_BODY_RESERVED4_BYTES], /* (262) */ - /// Family ID assigned by the ISV. - /// - /// Todo: #142 - Investigate the relevancy of this value. - isv_family_id: [u8; 16], /* (304) ISV assigned Family ID */ - /// Custom data to be defined by the enclave author. - /// - /// We use this to provide the public key of the enclave that is to be registered on the chain. - /// Doing this, will prove that the public key is from a legitimate SGX enclave when it is - /// verified together with the remote attestation. - report_data: SgxReportData, /* (320) Data provided by the user */ -} - -impl SgxReportBody { - pub fn sgx_build_mode(&self) -> SgxBuildMode { - if self.attributes.flags & SGX_FLAGS_DEBUG == SGX_FLAGS_DEBUG { - SgxBuildMode::Debug - } else { - SgxBuildMode::Production - } - } - - fn verify_misc_select_field(&self, o: &QuotingEnclave) -> bool { - for i in 0..self.misc_select.len() { - if (self.misc_select[i] & o.miscselect_mask[i]) - != (o.miscselect[i] & o.miscselect_mask[i]) - { - return false; - } - } - true - } - - fn verify_attributes_field(&self, o: &QuotingEnclave) -> bool { - let attributes_flags = self.attributes.flags; - - let quoting_enclave_attributes_mask = o.attributes_flags_mask_as_u64(); - let quoting_enclave_attributes_flags = o.attributes_flags_as_u64(); - - (attributes_flags & quoting_enclave_attributes_mask) == quoting_enclave_attributes_flags - } - - pub fn verify(&self, o: &QuotingEnclave) -> bool { - if self.isv_prod_id != o.isvprodid || self.mr_signer != o.mrsigner { - return false; - } - if !self.verify_misc_select_field(o) { - return false; - } - if !self.verify_attributes_field(o) { - return false; - } - for tcb in &o.tcb { - // If the enclave isvsvn is bigger than one of the - if self.isv_svn >= tcb.isvsvn { - return true; - } - } - false - } -} -// see Intel SGX SDK https://github.com/intel/linux-sgx/blob/master/common/inc/sgx_quote.h -#[derive(Encode, Decode, Copy, Clone, TypeInfo)] -#[repr(C)] -pub struct SgxQuote { - version: u16, /* 0 */ - sign_type: u16, /* 2 */ - epid_group_id: u32, /* 4 */ - qe_svn: u16, /* 8 */ - pce_svn: u16, /* 10 */ - xeid: u32, /* 12 */ - basename: [u8; 32], /* 16 */ - report_body: SgxReportBody, /* 48 */ -} - -#[derive(Encode, Decode, Copy, Clone, PartialEq, Eq, sp_core::RuntimeDebug, TypeInfo, Default)] -pub enum SgxStatus { - #[default] - #[codec(index = 0)] - Invalid, - #[codec(index = 1)] - Ok, - #[codec(index = 2)] - GroupOutOfDate, - #[codec(index = 3)] - GroupRevoked, - #[codec(index = 4)] - ConfigurationNeeded, -} - -#[derive(Encode, Decode, Default, Clone, PartialEq, Eq, sp_core::RuntimeDebug, TypeInfo)] -pub struct SgxReport { - pub mr_enclave: MrEnclave, - pub pubkey: [u8; 32], - pub status: SgxStatus, - pub timestamp: u64, // unix timestamp in milliseconds - pub build_mode: SgxBuildMode, -} - -type SignatureAlgorithms = &'static [&'static dyn webpki::types::SignatureVerificationAlgorithm]; -static SUPPORTED_SIG_ALGS: SignatureAlgorithms = &[ - webpki::ring::RSA_PKCS1_2048_8192_SHA256, - webpki::ring::RSA_PKCS1_2048_8192_SHA384, - webpki::ring::RSA_PKCS1_2048_8192_SHA512, - webpki::ring::RSA_PKCS1_3072_8192_SHA384, -]; - -//pub const IAS_REPORT_CA: &[u8] = include_bytes!("../AttestationReportSigningCACert.pem"); - -pub static IAS_SERVER_ROOTS: &[webpki::types::TrustAnchor<'static>; 1] = &[ - /* - * -----BEGIN CERTIFICATE----- - * MIIFSzCCA7OgAwIBAgIJANEHdl0yo7CUMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNV - * BAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwLU2FudGEgQ2xhcmExGjAYBgNV - * BAoMEUludGVsIENvcnBvcmF0aW9uMTAwLgYDVQQDDCdJbnRlbCBTR1ggQXR0ZXN0 - * YXRpb24gUmVwb3J0IFNpZ25pbmcgQ0EwIBcNMTYxMTE0MTUzNzMxWhgPMjA0OTEy - * MzEyMzU5NTlaMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwL - * U2FudGEgQ2xhcmExGjAYBgNVBAoMEUludGVsIENvcnBvcmF0aW9uMTAwLgYDVQQD - * DCdJbnRlbCBTR1ggQXR0ZXN0YXRpb24gUmVwb3J0IFNpZ25pbmcgQ0EwggGiMA0G - * CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCfPGR+tXc8u1EtJzLA10Feu1Wg+p7e - * LmSRmeaCHbkQ1TF3Nwl3RmpqXkeGzNLd69QUnWovYyVSndEMyYc3sHecGgfinEeh - * rgBJSEdsSJ9FpaFdesjsxqzGRa20PYdnnfWcCTvFoulpbFR4VBuXnnVLVzkUvlXT - * L/TAnd8nIZk0zZkFJ7P5LtePvykkar7LcSQO85wtcQe0R1Raf/sQ6wYKaKmFgCGe - * NpEJUmg4ktal4qgIAxk+QHUxQE42sxViN5mqglB0QJdUot/o9a/V/mMeH8KvOAiQ - * byinkNndn+Bgk5sSV5DFgF0DffVqmVMblt5p3jPtImzBIH0QQrXJq39AT8cRwP5H - * afuVeLHcDsRp6hol4P+ZFIhu8mmbI1u0hH3W/0C2BuYXB5PC+5izFFh/nP0lc2Lf - * 6rELO9LZdnOhpL1ExFOq9H/B8tPQ84T3Sgb4nAifDabNt/zu6MmCGo5U8lwEFtGM - * RoOaX4AS+909x00lYnmtwsDVWv9vBiJCXRsCAwEAAaOByTCBxjBgBgNVHR8EWTBX - * MFWgU6BRhk9odHRwOi8vdHJ1c3RlZHNlcnZpY2VzLmludGVsLmNvbS9jb250ZW50 - * L0NSTC9TR1gvQXR0ZXN0YXRpb25SZXBvcnRTaWduaW5nQ0EuY3JsMB0GA1UdDgQW - * BBR4Q3t2pn680K9+QjfrNXw7hwFRPDAfBgNVHSMEGDAWgBR4Q3t2pn680K9+Qjfr - * NXw7hwFRPDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkq - * hkiG9w0BAQsFAAOCAYEAeF8tYMXICvQqeXYQITkV2oLJsp6J4JAqJabHWxYJHGir - * IEqucRiJSSx+HjIJEUVaj8E0QjEud6Y5lNmXlcjqRXaCPOqK0eGRz6hi+ripMtPZ - * sFNaBwLQVV905SDjAzDzNIDnrcnXyB4gcDFCvwDFKKgLRjOB/WAqgscDUoGq5ZVi - * zLUzTqiQPmULAQaB9c6Oti6snEFJiCQ67JLyW/E83/frzCmO5Ru6WjU4tmsmy8Ra - * Ud4APK0wZTGtfPXU7w+IBdG5Ez0kE1qzxGQaL4gINJ1zMyleDnbuS8UicjJijvqA - * 152Sq049ESDz+1rRGc2NVEqh1KaGXmtXvqxXcTB+Ljy5Bw2ke0v8iGngFBPqCTVB - * 3op5KBG3RjbF6RRSzwzuWfL7QErNC8WEy5yDVARzTA5+xmBc388v9Dm21HGfcC8O - * DD+gT9sSpssq0ascmvH49MOgjt1yoysLtdCtJW/9FZpoOypaHx0R+mJTLwPXVMrv - * DaVzWh5aiEx+idkSGMnX - * -----END CERTIFICATE----- - */ - webpki::types::TrustAnchor { - subject: webpki::types::Der::from_slice(b"1\x0b0\t\x06\x03U\x04\x06\x13\x02US1\x0b0\t\x06\x03U\x04\x08\x0c\x02CA1\x140\x12\x06\x03U\x04\x07\x0c\x0bSanta Clara1\x1a0\x18\x06\x03U\x04\n\x0c\x11Intel Corporation100.\x06\x03U\x04\x03\x0c\'Intel SGX Attestation Report Signing CA"), - subject_public_key_info: webpki::types::Der::from_slice(b"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x8f\x000\x82\x01\x8a\x02\x82\x01\x81\x00\x9f@u1@N6\xb3\x15b7\x99\xaa\x82Pt@\x97T\xa2\xdf\xe8\xf5\xaf\xd5\xfec\x1e\x1f\xc2\xaf8\x08\x90o(\xa7\x90\xd9\xdd\x9f\xe0`\x93\x9b\x12W\x90\xc5\x80]\x03}\xf5j\x99S\x1b\x96\xdei\xde3\xed\"l\xc1 }\x10B\xb5\xc9\xab\x7f@O\xc7\x11\xc0\xfeGi\xfb\x95x\xb1\xdc\x0e\xc4i\xea\x1a%\xe0\xff\x99\x14\x88n\xf2i\x9b#[\xb4\x84}\xd6\xff@\xb6\x06\xe6\x17\x07\x93\xc2\xfb\x98\xb3\x14X\x7f\x9c\xfd%sb\xdf\xea\xb1\x0b;\xd2\xd9vs\xa1\xa4\xbdD\xc4S\xaa\xf4\x7f\xc1\xf2\xd3\xd0\xf3\x84\xf7J\x06\xf8\x9c\x08\x9f\r\xa6\xcd\xb7\xfc\xee\xe8\xc9\x82\x1a\x8eT\xf2\\\x04\x16\xd1\x8cF\x83\x9a_\x80\x12\xfb\xdd=\xc7M%by\xad\xc2\xc0\xd5Z\xffo\x06\"B]\x1b\x02\x03\x01\x00\x01"), - name_constraints: None - }, -]; - -/// The needed code for a trust anchor can be extracted using `webpki` with something like this: -/// println!("{:?}", webpki::TrustAnchor::try_from_cert_der(&root_cert)); -#[allow(clippy::zero_prefixed_literal)] -pub static DCAP_SERVER_ROOTS: &[webpki::types::TrustAnchor<'static>; 1] = - &[webpki::types::TrustAnchor { - subject: webpki::types::Der::from_slice(&[ - 49, 26, 48, 24, 06, 03, 85, 04, 03, 12, 17, 73, 110, 116, 101, 108, 32, 83, 71, 88, 32, - 82, 111, 111, 116, 32, 67, 65, 49, 26, 48, 24, 06, 03, 85, 04, 10, 12, 17, 73, 110, - 116, 101, 108, 32, 67, 111, 114, 112, 111, 114, 97, 116, 105, 111, 110, 49, 20, 48, 18, - 06, 03, 85, 04, 07, 12, 11, 83, 97, 110, 116, 97, 32, 67, 108, 97, 114, 97, 49, 11, 48, - 09, 06, 03, 85, 04, 08, 12, 02, 67, 65, 49, 11, 48, 09, 06, 03, 85, 04, 06, 19, 02, 85, - 83, - ]), - subject_public_key_info: webpki::types::Der::from_slice(&[ - 48, 19, 06, 07, 42, 134, 72, 206, 61, 02, 01, 06, 08, 42, 134, 72, 206, 61, 03, 01, 07, - 03, 66, 00, 04, 11, 169, 196, 192, 192, 200, 97, 147, 163, 254, 35, 214, 176, 44, 218, - 16, 168, 187, 212, 232, 142, 72, 180, 69, 133, 97, 163, 110, 112, 85, 37, 245, 103, - 145, 142, 46, 220, 136, 228, 13, 134, 11, 208, 204, 78, 226, 106, 172, 201, 136, 229, - 05, 169, 83, 85, 140, 69, 63, 107, 09, 04, 174, 115, 148, - ]), - name_constraints: None, - }]; - -/// Contains an unvalidated ias remote attestation certificate. -/// -/// Wrapper to implemented parsing and verification traits on it. -pub struct CertDer<'a>(&'a [u8]); - -/// Encode two 32-byte values in DER format -/// This is meant for 256 bit ECC signatures or public keys -pub fn encode_as_der(data: &[u8]) -> Result, &'static str> { - if data.len() != 64 { - return Result::Err("Key must be 64 bytes long"); - } - let mut sequence = der::asn1::SequenceOf::::new(); - sequence - .add(der::asn1::UIntRef::new(&data[0..32]).map_err(|_| "Invalid public key")?) - .map_err(|_| "Invalid public key")?; - sequence - .add(der::asn1::UIntRef::new(&data[32..]).map_err(|_| "Invalid public key")?) - .map_err(|_| "Invalid public key")?; - // 72 should be enough in all cases. 2 + 2 x (32 + 3) - let mut asn1 = vec![0u8; 72]; - let mut writer = der::SliceWriter::new(&mut asn1); - writer.encode(&sequence).map_err(|_| "Could not encode public key to DER")?; - Ok(writer.finish().map_err(|_| "Could not convert public key to DER")?.to_vec()) -} - -/// Extracts the specified data into a `EnclaveIdentity` instance. -/// Also verifies that the data matches the given signature, was produced by the given certificate -/// and matches the data -pub fn deserialize_enclave_identity( - data: &[u8], - signature: &[u8], - certificate: &webpki::EndEntityCert, -) -> Result { - let signature = encode_as_der(signature)?; - verify_signature(certificate, data, &signature, webpki::ring::ECDSA_P256_SHA256)?; - serde_json::from_slice(data).map_err(|_| "Deserialization failed") -} - -/// Extracts the specified data into a `TcbInfo` instance. -/// Also verifies that the data matches the given signature, was produced by the given certificate -/// and matches the data -pub fn deserialize_tcb_info( - data: &[u8], - signature: &[u8], - certificate: &webpki::EndEntityCert, -) -> Result { - let signature = encode_as_der(signature)?; - verify_signature(certificate, data, &signature, webpki::ring::ECDSA_P256_SHA256)?; - serde_json::from_slice(data).map_err(|_| "Deserialization failed") -} - -/// Extract a list of certificates from a byte vec. The certificates must be separated by -/// `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----` markers -pub fn extract_certs(cert_chain: &[u8]) -> Vec> { - // The certificates should be valid UTF-8 but if not we continue. The certificate verification - // will fail at a later point. - let certs_concat = String::from_utf8_lossy(cert_chain); - let certs_concat = certs_concat.replace('\n', ""); - let certs_concat = certs_concat.replace("-----BEGIN CERTIFICATE-----", ""); - // Use the end marker to split the string into certificates - let parts = certs_concat.split("-----END CERTIFICATE-----"); - parts.filter(|p| !p.is_empty()).filter_map(|p| base64::decode(p).ok()).collect() -} - -/// Verifies that the `leaf_cert` in combination with the `intermediate_certs` establishes -/// a valid certificate chain that is rooted in one of the trust anchors that was compiled into to -/// the pallet -pub fn verify_certificate_chain<'a>( - leaf_cert: &webpki::EndEntityCert<'a>, - intermediate_certs: &[webpki::types::CertificateDer<'a>], - verification_time: u64, -) -> Result<(), &'static str> { - let time = - webpki::types::UnixTime::since_unix_epoch(Duration::from_secs(verification_time / 1000)); - let sig_algs = &[webpki::ring::ECDSA_P256_SHA256]; - leaf_cert - .verify_for_usage( - sig_algs, - DCAP_SERVER_ROOTS, - intermediate_certs, - time, - webpki::KeyUsage::client_auth(), - None, - ) - .map_err(|_| "Invalid certificate chain")?; - Ok(()) -} -#[allow(unused)] -pub fn extract_tcb_info_from_raw_dcap_quote( - dcap_quote_raw: &[u8], -) -> Result<(Fmspc, TcbVersionStatus), &'static str> { - let mut dcap_quote_clone = dcap_quote_raw; - let quote: DcapQuote = - Decode::decode(&mut dcap_quote_clone).map_err(|_| "Failed to decode attestation report")?; - - ensure!(quote.header.version == 3, "Only support for version 3"); - ensure!(quote.header.attestation_key_type == 2, "Only support for ECDSA-256"); - ensure!( - quote.quote_signature_data.qe_certification_data.certification_data_type == 5, - "Only support for PEM formatted PCK Cert Chain" - ); - - let certs = extract_certs("e.quote_signature_data.qe_certification_data.certification_data); - - let (fmspc, tcb_info) = extract_tcb_info(&certs[0])?; - - Ok((fmspc, tcb_info)) -} - -pub fn verify_dcap_quote( - dcap_quote_raw: &[u8], - verification_time: u64, - qe: &QuotingEnclave, -) -> Result<(Fmspc, TcbVersionStatus, SgxReport), &'static str> { - let mut dcap_quote_clone = dcap_quote_raw; - let quote: DcapQuote = - Decode::decode(&mut dcap_quote_clone).map_err(|_| "Failed to decode attestation report")?; - - ensure!(quote.header.version == 3, "Only support for version 3"); - ensure!(quote.header.attestation_key_type == 2, "Only support for ECDSA-256"); - ensure!( - quote.quote_signature_data.qe_certification_data.certification_data_type == 5, - "Only support for PEM formatted PCK Cert Chain" - ); - ensure!(quote.quote_signature_data.qe_report.verify(qe), "Enclave rejected by quoting enclave"); - let mut xt_signer_array = [0u8; 32]; - xt_signer_array.copy_from_slice("e.body.report_data.d[..32]); - - let certs = extract_certs("e.quote_signature_data.qe_certification_data.certification_data); - ensure!(certs.len() >= 2, "Certificate chain must have at least two certificates"); - let intermediate_certificate_slices: Vec = - certs[1..].iter().map(|c| c.as_slice().into()).collect(); - let leaf_cert_der = webpki::types::CertificateDer::from(certs[0].as_slice()); - let leaf_cert = webpki::EndEntityCert::try_from(&leaf_cert_der) - .map_err(|_| "Failed to parse leaf certificate")?; - verify_certificate_chain(&leaf_cert, &intermediate_certificate_slices, verification_time)?; - - let (fmspc, tcb_info) = extract_tcb_info(&certs[0])?; - - // For this part some understanding of the document (Especially chapter A.4: Quote Format) - // Intel® Software Guard Extensions (Intel® SGX) Data Center Attestation Primitives: ECDSA Quote - // Library API https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_SGX_ECDSA_QuoteLibReference_DCAP_API.pdf - - const AUTHENTICATION_DATA_SIZE: usize = 32; // This is actually variable but assume 32 for now. This is also hard-coded to 32 in the Intel - // DCAP repo - const DCAP_QUOTE_HEADER_SIZE: usize = core::mem::size_of::(); - const REPORT_SIZE: usize = core::mem::size_of::(); - const QUOTE_SIGNATURE_DATA_LEN_SIZE: usize = core::mem::size_of::(); - - let attestation_key_offset = DCAP_QUOTE_HEADER_SIZE - + REPORT_SIZE - + QUOTE_SIGNATURE_DATA_LEN_SIZE - + REPORT_SIGNATURE_SIZE; - let authentication_data_offset = attestation_key_offset - + ATTESTATION_KEY_SIZE - + REPORT_SIZE - + REPORT_SIGNATURE_SIZE - + core::mem::size_of::(); //Size of the QE authentication data. We ignore this for now and assume 32. See - // AUTHENTICATION_DATA_SIZE - let mut hash_data = [0u8; ATTESTATION_KEY_SIZE + AUTHENTICATION_DATA_SIZE]; - hash_data[0..ATTESTATION_KEY_SIZE].copy_from_slice( - &dcap_quote_raw[attestation_key_offset..(attestation_key_offset + ATTESTATION_KEY_SIZE)], - ); - hash_data[ATTESTATION_KEY_SIZE..].copy_from_slice( - &dcap_quote_raw - [authentication_data_offset..(authentication_data_offset + AUTHENTICATION_DATA_SIZE)], - ); - // Ensure that the hash matches the intel signed hash in the QE report. This establishes trust - // into the attestation key. - let hash = ring::digest::digest(&ring::digest::SHA256, &hash_data); - ensure!( - hash.as_ref() == "e.quote_signature_data.qe_report.report_data.d[0..32], - "Hashes must match" - ); - - let qe_report_offset = attestation_key_offset + ATTESTATION_KEY_SIZE; - let qe_report_slice = &dcap_quote_raw[qe_report_offset..(qe_report_offset + REPORT_SIZE)]; - let mut pub_key = [0x04u8; 65]; //Prepend 0x04 to specify uncompressed format - pub_key[1..].copy_from_slice("e.quote_signature_data.ecdsa_attestation_key); - - let peer_public_key = - signature::UnparsedPublicKey::new(&signature::ECDSA_P256_SHA256_FIXED, pub_key); - let isv_report_slice = &dcap_quote_raw[0..(DCAP_QUOTE_HEADER_SIZE + REPORT_SIZE)]; - // Verify that the enclave data matches the signature generated by the trusted attestation key. - // This establishes trust into the data of the enclave we actually want to verify - peer_public_key - .verify(isv_report_slice, "e.quote_signature_data.isv_enclave_report_signature) - .map_err(|_| "Failed to verify report signature")?; - - // Verify that the QE report was signed by Intel. This establishes trust into the QE report. - let asn1_signature = encode_as_der("e.quote_signature_data.qe_report_signature)?; - verify_signature( - &leaf_cert, - qe_report_slice, - &asn1_signature, - webpki::ring::ECDSA_P256_SHA256, - )?; - - ensure!(dcap_quote_clone.is_empty(), "There should be no bytes left over after decoding"); - let report = SgxReport { - mr_enclave: quote.body.mr_enclave, - status: SgxStatus::Ok, - pubkey: xt_signer_array, - timestamp: verification_time, - build_mode: quote.body.sgx_build_mode(), - }; - Ok((fmspc, tcb_info, report)) -} - -// make sure this function doesn't panic! -pub fn verify_ias_report(cert_der: &[u8]) -> Result { - // Before we reach here, the runtime already verified the extrinsic is properly signed by the - // extrinsic sender Hence, we skip: EphemeralKey::try_from(cert)?; - let cert = CertDer(cert_der); - let netscape = NetscapeComment::try_from(cert)?; - let sig_cert_der = webpki::types::CertificateDer::from(netscape.sig_cert.as_slice()); - let sig_cert = webpki::EndEntityCert::try_from(&sig_cert_der).map_err(|_| "Bad der")?; - - verify_signature( - &sig_cert, - netscape.attestation_raw, - &netscape.sig, - webpki::ring::RSA_PKCS1_2048_8192_SHA256, - )?; - - // FIXME: now hardcoded. but certificate renewal would have to be done manually anyway... - // chain wasm update or by some sudo call - let valid_until = webpki::types::UnixTime::since_unix_epoch(Duration::from_secs(1573419050)); - verify_server_cert(&sig_cert, valid_until)?; - - parse_report(&netscape) -} - -fn parse_report(netscape: &NetscapeComment) -> Result { - let report_raw: &[u8] = netscape.attestation_raw; - // parse attestation report - let attn_report: Value = match serde_json::from_slice(report_raw) { - Ok(report) => report, - Err(_) => return Err("RA report parsing error"), - }; - - let _ra_timestamp = match &attn_report["timestamp"] { - Value::String(time) => { - let time_fixed = time.clone() + "+0000"; - match DateTime::parse_from_str(&time_fixed, "%Y-%m-%dT%H:%M:%S%.f%z") { - Ok(d) => d.timestamp(), - Err(_) => return Err("RA report timestamp parsing error"), - } - }, - _ => return Err("Failed to fetch timestamp from attestation report"), - }; - - // in milliseconds - let ra_timestamp: u64 = (_ra_timestamp * 1000) - .try_into() - .map_err(|_| "Error converting report.timestamp to u64")?; - - // get quote status (mandatory field) - let ra_status = match &attn_report["isvEnclaveQuoteStatus"] { - Value::String(quote_status) => match quote_status.as_ref() { - "OK" => SgxStatus::Ok, - "GROUP_OUT_OF_DATE" => SgxStatus::GroupOutOfDate, - "GROUP_REVOKED" => SgxStatus::GroupRevoked, - "CONFIGURATION_NEEDED" => SgxStatus::ConfigurationNeeded, - _ => SgxStatus::Invalid, - }, - _ => return Err("Failed to fetch isvEnclaveQuoteStatus from attestation report"), - }; - - // parse quote body - if let Value::String(quote_raw) = &attn_report["isvEnclaveQuoteBody"] { - let quote = match base64::decode(quote_raw) { - Ok(q) => q, - Err(_) => return Err("Quote Decoding Error"), - }; - // TODO: lack security check here - let sgx_quote: SgxQuote = match Decode::decode(&mut "e[..]) { - Ok(q) => q, - Err(_) => return Err("could not decode quote"), - }; - - let mut xt_signer_array = [0u8; 32]; - xt_signer_array.copy_from_slice(&sgx_quote.report_body.report_data.d[..32]); - Ok(SgxReport { - mr_enclave: sgx_quote.report_body.mr_enclave, - status: ra_status, - pubkey: xt_signer_array, - timestamp: ra_timestamp, - build_mode: sgx_quote.report_body.sgx_build_mode(), - }) - } else { - Err("Failed to parse isvEnclaveQuoteBody from attestation report") - } -} - -/// * `signature` - Must be encoded in DER format. -pub fn verify_signature( - entity_cert: &webpki::EndEntityCert, - data: &[u8], - signature: &[u8], - signature_algorithm: &dyn webpki::types::SignatureVerificationAlgorithm, -) -> Result<(), &'static str> { - match entity_cert.verify_signature(signature_algorithm, data, signature) { - Ok(()) => Ok(()), - Err(_e) => Err("bad signature"), - } -} - -pub fn verify_server_cert( - sig_cert: &webpki::EndEntityCert, - timestamp_valid_until: webpki::types::UnixTime, -) -> Result<(), &'static str> { - let chain: Vec = Vec::new(); - match sig_cert.verify_for_usage( - SUPPORTED_SIG_ALGS, - IAS_SERVER_ROOTS, - &chain, - timestamp_valid_until, - webpki::KeyUsage::server_auth(), - None, - ) { - Ok(()) => Ok(()), - Err(_e) => Err("CA verification failed"), - } -} - -/// See document "Intel® Software Guard Extensions: PCK Certificate and Certificate Revocation List -/// Profile Specification" https://download.01.org/intel-sgx/dcap-1.2/linux/docs/Intel_SGX_PCK_Certificate_CRL_Spec-1.1.pdf -const INTEL_SGX_EXTENSION_OID: ObjectIdentifier = - ObjectIdentifier::new_unwrap("1.2.840.113741.1.13.1"); -const OID_FMSPC: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.2.840.113741.1.13.1.4"); -const OID_PCESVN: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.2.840.113741.1.13.1.2.17"); -const OID_CPUSVN: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.2.840.113741.1.13.1.2.18"); - -pub fn extract_tcb_info(cert: &[u8]) -> Result<(Fmspc, TcbVersionStatus), &'static str> { - let extension_section = get_intel_extension(cert)?; - - let fmspc = get_fmspc(&extension_section)?; - let cpusvn = get_cpusvn(&extension_section)?; - let pcesvn = get_pcesvn(&extension_section)?; - - Ok((fmspc, TcbVersionStatus::new(cpusvn, pcesvn))) -} - -fn get_intel_extension(der_encoded: &[u8]) -> Result, &'static str> { - let cert: Certificate = - der::Decode::from_der(der_encoded).map_err(|_| "Error parsing certificate")?; - let mut extension_iter = cert - .tbs_certificate - .extensions - .as_deref() - .unwrap_or(&[]) - .iter() - .filter(|e| e.extn_id == INTEL_SGX_EXTENSION_OID) - .map(|e| e.extn_value); - - let extension = extension_iter.next(); - ensure!( - extension.is_some() && extension_iter.next().is_none(), - "There should only be one section containing Intel extensions" - ); - // SAFETY: Ensured above that extension.is_some() == true - Ok(extension.unwrap().to_vec()) -} - -fn get_fmspc(der: &[u8]) -> Result { - let bytes_oid = OID_FMSPC.as_bytes(); - let mut offset = der - .windows(bytes_oid.len()) - .position(|window| window == bytes_oid) - .ok_or("Certificate does not contain 'FMSPC_OID'")?; - offset += 12; // length oid (10) + asn1 tag (1) + asn1 length10 (1) - - let fmspc_size = core::mem::size_of::() / core::mem::size_of::(); - let data = der.get(offset..offset + fmspc_size).ok_or("Index out of bounds")?; - data.try_into().map_err(|_| "FMSPC must be 6 bytes long") -} - -fn get_cpusvn(der: &[u8]) -> Result { - let bytes_oid = OID_CPUSVN.as_bytes(); - let mut offset = der - .windows(bytes_oid.len()) - .position(|window| window == bytes_oid) - .ok_or("Certificate does not contain 'CPUSVN_OID'")?; - offset += 13; // length oid (11) + asn1 tag (1) + asn1 length10 (1) - - // CPUSVN is specified to have length 16 - let len = 16; - let data = der.get(offset..offset + len).ok_or("Index out of bounds")?; - data.try_into().map_err(|_| "CPUSVN must be 16 bytes long") -} - -fn get_pcesvn(der: &[u8]) -> Result { - let bytes_oid = OID_PCESVN.as_bytes(); - let mut offset = der - .windows(bytes_oid.len()) - .position(|window| window == bytes_oid) - .ok_or("Certificate does not contain 'PCESVN_OID'")?; - // length oid + asn1 tag (1 byte) - offset += bytes_oid.len() + 1; - // PCESVN can be 1 or 2 bytes - let len = length_from_raw_data(der, &mut offset)?; - offset += 1; // length_from_raw_data does not move the offset when the length is encoded in a single byte - ensure!(len == 1 || len == 2, "PCESVN must be 1 or 2 bytes"); - let data = der.get(offset..offset + len).ok_or("Index out of bounds")?; - if data.len() == 1 { - Ok(u16::from(data[0])) - } else { - // Unwrap is fine here as we check the length above - // DER integers are encoded in big endian - Ok(u16::from_be_bytes(data.try_into().unwrap())) - } -} diff --git a/parachain/pallets/teebag/src/sgx_verify/netscape_comment.rs b/parachain/pallets/teebag/src/sgx_verify/netscape_comment.rs deleted file mode 100644 index e5791e2e56..0000000000 --- a/parachain/pallets/teebag/src/sgx_verify/netscape_comment.rs +++ /dev/null @@ -1,46 +0,0 @@ -use super::{utils::length_from_raw_data, CertDer}; -use frame_support::ensure; -use sp_std::{convert::TryFrom, prelude::Vec}; - -pub struct NetscapeComment<'a> { - pub attestation_raw: &'a [u8], - pub sig: Vec, - pub sig_cert: Vec, -} - -pub const NS_CMT_OID: &[u8; 11] = - &[0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x42, 0x01, 0x0D]; - -impl<'a> TryFrom> for NetscapeComment<'a> { - type Error = &'static str; - - fn try_from(value: CertDer<'a>) -> Result { - // Search for Netscape Comment OID - let cert_der = value.0; - - let mut offset = cert_der - .windows(NS_CMT_OID.len()) - .position(|window| window == NS_CMT_OID) - .ok_or("Certificate does not contain 'ns_cmt_oid'")?; - - offset += 12; // 11 + TAG (0x04) - - // Obtain Netscape Comment length - let len = length_from_raw_data(cert_der, &mut offset)?; - // Obtain Netscape Comment - offset += 1; - let netscape_raw = cert_der - .get(offset..offset + len) - .ok_or("Index out of bounds")? - .split(|x| *x == 0x7C) // 0x7C is the character '|' - .collect::>(); - ensure!(netscape_raw.len() == 3, "Invalid netscape payload"); - - let sig = base64::decode(netscape_raw[1]).map_err(|_| "Signature Decoding Error")?; - - let sig_cert = base64::decode_config(netscape_raw[2], base64::STANDARD) - .map_err(|_| "Cert Decoding Error")?; - - Ok(NetscapeComment { attestation_raw: netscape_raw[0], sig, sig_cert }) - } -} diff --git a/parachain/pallets/teebag/src/sgx_verify/utils.rs b/parachain/pallets/teebag/src/sgx_verify/utils.rs deleted file mode 100644 index 6a0d66b0b4..0000000000 --- a/parachain/pallets/teebag/src/sgx_verify/utils.rs +++ /dev/null @@ -1,38 +0,0 @@ -fn safe_indexing_one(data: &[u8], idx: usize) -> Result { - let elt = data.get(idx).ok_or("Index out of bounds")?; - Ok(*elt as usize) -} - -pub fn length_from_raw_data(data: &[u8], offset: &mut usize) -> Result { - let mut len = safe_indexing_one(data, *offset)?; - if len > 0x80 { - len = (safe_indexing_one(data, *offset + 1)?) * 0x100 - + (safe_indexing_one(data, *offset + 2)?); - *offset += 2; - } - Ok(len) -} - -#[cfg(test)] -mod test { - use super::*; - use frame_support::assert_err; - - #[test] - fn index_equal_length_returns_err() { - // It was discovered a panic occurs if `index == data.len()` due to out of bound - // indexing. Here the fix is tested. - // - // For context see: https://github.com/integritee-network/pallet-teerex/issues/34 - let data: [u8; 7] = [0, 1, 2, 3, 4, 5, 6]; - assert_err!(safe_indexing_one(&data, data.len()), "Index out of bounds"); - } - - #[test] - fn safe_indexing_works() { - let data: [u8; 7] = [0, 1, 2, 3, 4, 5, 6]; - assert_eq!(safe_indexing_one(&data, 0), Ok(0)); - assert_eq!(safe_indexing_one(&data, 3), Ok(3)); - assert!(safe_indexing_one(&data, 10).is_err()); - } -} diff --git a/parachain/pallets/teebag/src/tcb.rs b/parachain/pallets/teebag/src/tcb.rs deleted file mode 100644 index 59fcefe6b3..0000000000 --- a/parachain/pallets/teebag/src/tcb.rs +++ /dev/null @@ -1,103 +0,0 @@ -/* -Copyright 2021 Integritee AG and Supercomputing Systems AG - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -*/ - -// `Tcb...` primitive part, copied from Integritee - -use crate::{Cpusvn, Pcesvn, Vec}; -use parity_scale_codec::{Decode, Encode}; -use scale_info::TypeInfo; -use sp_core::RuntimeDebug; - -/// The list of valid TCBs for an enclave. -#[derive(Encode, Decode, Clone, PartialEq, Eq, RuntimeDebug, TypeInfo)] -pub struct QeTcb { - pub isvsvn: u16, -} - -impl QeTcb { - pub fn new(isvsvn: u16) -> Self { - Self { isvsvn } - } -} - -#[derive(Encode, Decode, Default, Clone, PartialEq, Eq, RuntimeDebug, TypeInfo)] -pub struct TcbVersionStatus { - pub cpusvn: Cpusvn, - pub pcesvn: Pcesvn, -} - -impl TcbVersionStatus { - pub fn new(cpusvn: Cpusvn, pcesvn: Pcesvn) -> Self { - Self { cpusvn, pcesvn } - } - - pub fn verify_examinee(&self, examinee: &TcbVersionStatus) -> bool { - for (v, r) in self.cpusvn.iter().zip(examinee.cpusvn.iter()) { - if *v > *r { - return false; - } - } - self.pcesvn <= examinee.pcesvn - } -} - -/// This represents all the collateral data that we need to store on chain in order to verify -/// the quoting enclave validity of another enclave that wants to register itself on chain -#[derive(Encode, Decode, Default, Clone, PartialEq, Eq, RuntimeDebug, TypeInfo)] -pub struct TcbInfoOnChain { - // Todo: make timestamp: Moment - pub issue_date: u64, // unix epoch in milliseconds - // Todo: make timestamp: Moment - pub next_update: u64, // unix epoch in milliseconds - tcb_levels: Vec, -} - -impl TcbInfoOnChain { - pub fn new(issue_date: u64, next_update: u64, tcb_levels: Vec) -> Self { - Self { issue_date, next_update, tcb_levels } - } - - pub fn verify_examinee(&self, examinee: &TcbVersionStatus) -> bool { - for tb in &self.tcb_levels { - if tb.verify_examinee(examinee) { - return true; - } - } - false - } -} - -#[cfg(test)] -mod tests { - use super::*; - use hex_literal::hex; - - #[test] - fn tcb_full_is_valid() { - // The strings are the hex encodings of the 16-byte CPUSVN numbers - let reference = TcbVersionStatus::new(hex!("11110204018007000000000000000000"), 7); - assert!(reference.verify_examinee(&reference)); - assert!(reference - .verify_examinee(&TcbVersionStatus::new(hex!("11110204018007000000000000000000"), 7))); - assert!(reference - .verify_examinee(&TcbVersionStatus::new(hex!("21110204018007000000000000000001"), 7))); - assert!(!reference - .verify_examinee(&TcbVersionStatus::new(hex!("10110204018007000000000000000000"), 6))); - assert!(!reference - .verify_examinee(&TcbVersionStatus::new(hex!("11110204018007000000000000000000"), 6))); - } -} diff --git a/parachain/pallets/teebag/src/tests.rs b/parachain/pallets/teebag/src/tests.rs index 9c1359f7de..0c0d02f0da 100644 --- a/parachain/pallets/teebag/src/tests.rs +++ b/parachain/pallets/teebag/src/tests.rs @@ -42,7 +42,7 @@ fn default_enclave() -> Enclave { fn register_quoting_enclave() { let quoting_enclave = br#"{"id":"QE","version":2,"issueDate":"2022-12-04T22:45:33Z","nextUpdate":"2023-01-03T22:45:33Z","tcbEvaluationDataNumber":13,"miscselect":"00000000","miscselectMask":"FFFFFFFF","attributes":"11000000000000000000000000000000","attributesMask":"FBFFFFFFFFFFFFFF0000000000000000","mrsigner":"8C4F5775D796503E96137F77C68A829A0056AC8DED70140B081B094490C57BFF","isvprodid":1,"tcbLevels":[{"tcb":{"isvsvn":6},"tcbDate":"2022-11-09T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"isvsvn":5},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00477"]},{"tcb":{"isvsvn":4},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00334","INTEL-SA-00477"]},{"tcb":{"isvsvn":2},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00219","INTEL-SA-00293","INTEL-SA-00334","INTEL-SA-00477"]},{"tcb":{"isvsvn":1},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00202","INTEL-SA-00219","INTEL-SA-00293","INTEL-SA-00334","INTEL-SA-00477"]}]}"#; let signature = hex!("47accba321e57c20722a0d3d1db11c9b52661239857dc578ca1bde13976ee288cf39f72111ffe445c7389ef56447c79e30e6b83a8863ed9880de5bde4a8d5c91"); - let certificate_chain = include_bytes!("./sgx_verify/test/dcap/qe_identity_issuer_chain.pem"); + let certificate_chain = include_bytes!("../../../../common/primitives/core/src/teebag/sgx_verify/test/dcap/qe_identity_issuer_chain.pem"); let pubkey: [u8; 32] = [ 65, 89, 193, 118, 86, 172, 17, 149, 206, 160, 174, 75, 219, 151, 51, 235, 110, 135, 20, 55, @@ -60,7 +60,7 @@ fn register_quoting_enclave() { fn register_tcb_info() { let tcb_info = br#"{"id":"SGX","version":3,"issueDate":"2022-11-17T12:45:32Z","nextUpdate":"2023-04-16T12:45:32Z","fmspc":"00906EA10000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":12,"tcbLevels":[{"tcb":{"sgxtcbcomponents":[{"svn":17},{"svn":17},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":7},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":11},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"SWHardeningNeeded","advisoryIDs":["INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":17},{"svn":17},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":7},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":17},{"svn":17},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":11},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"ConfigurationAndSWHardeningNeeded","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":17},{"svn":17},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00477","INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":15},{"svn":15},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":7},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2020-06-10T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":15},{"svn":15},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2020-06-10T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":14},{"svn":14},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":7},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2019-12-11T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":14},{"svn":14},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2019-12-11T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":13},{"svn":13},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":3},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":9},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":13},{"svn":13},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":9},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":6},{"svn":6},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":1},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":7},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":6},{"svn":6},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":7},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":5},{"svn":5},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":1},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":7},"tcbDate":"2019-01-09T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00233","INTEL-SA-00161","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":5},{"svn":5},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":1},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":6},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00233","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":5},{"svn":5},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":7},"tcbDate":"2019-01-09T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00233","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":5},{"svn":5},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":6},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded","advisoryIDs":["INTEL-SA-00203","INTEL-SA-00161","INTEL-SA-00233","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":4},{"svn":4},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":5},"tcbDate":"2018-01-04T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00106","INTEL-SA-00115","INTEL-SA-00135","INTEL-SA-00203","INTEL-SA-00161","INTEL-SA-00233","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]},{"tcb":{"sgxtcbcomponents":[{"svn":2},{"svn":2},{"svn":2},{"svn":4},{"svn":1},{"svn":128},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":4},"tcbDate":"2017-07-26T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00088","INTEL-SA-00106","INTEL-SA-00115","INTEL-SA-00135","INTEL-SA-00203","INTEL-SA-00161","INTEL-SA-00233","INTEL-SA-00220","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00334"]}]}"#; let signature = hex!("71746f2148ecba04e35cf1ac77a7e6267ce99f6781c1031f724bb5bd94b8c1b6e4c07c01dc151692aa75be80dfba7350bb80c58314a6975189597e28e9bbc75c"); - let certificate_chain = include_bytes!("./sgx_verify/test/dcap/tcb_info_issuer_chain.pem"); + let certificate_chain = include_bytes!("../../../../common/primitives/core/src/teebag/sgx_verify/test/dcap/tcb_info_issuer_chain.pem"); let pubkey: [u8; 32] = [ 65, 89, 193, 118, 86, 172, 17, 149, 206, 160, 174, 75, 219, 151, 51, 235, 110, 135, 20, 55, diff --git a/parachain/pallets/vc-management/Cargo.toml b/parachain/pallets/vc-management/Cargo.toml index 60cff00356..423d323f61 100644 --- a/parachain/pallets/vc-management/Cargo.toml +++ b/parachain/pallets/vc-management/Cargo.toml @@ -18,7 +18,7 @@ sp-runtime = { workspace = true } sp-std = { workspace = true } core-primitives = { workspace = true } -pallet-teebag = { workspace = true } +pallet-teebag = { workspace = true, optional = true } [dev-dependencies] frame-benchmarking = { workspace = true, features = ["std"] } diff --git a/parachain/pallets/vc-management/src/lib.rs b/parachain/pallets/vc-management/src/lib.rs index d9d5b21bbf..098d1b48e7 100644 --- a/parachain/pallets/vc-management/src/lib.rs +++ b/parachain/pallets/vc-management/src/lib.rs @@ -36,7 +36,6 @@ pub mod weights; pub use crate::weights::WeightInfo; pub use pallet::*; -use pallet_teebag::ShardIdentifier; use sp_core::H256; use sp_std::vec::Vec; @@ -49,7 +48,8 @@ pub type VCIndex = H256; pub mod pallet { use super::*; use core_primitives::{ - Assertion, ErrorDetail, Identity, SchemaIndex, VCMPError, SCHEMA_CONTENT_LEN, SCHEMA_ID_LEN, + Assertion, ErrorDetail, Identity, SchemaIndex, ShardIdentifier, VCMPError, + SCHEMA_CONTENT_LEN, SCHEMA_ID_LEN, }; use frame_support::pallet_prelude::*; use frame_system::pallet_prelude::*; diff --git a/parachain/pallets/vc-management/src/mock.rs b/parachain/pallets/vc-management/src/mock.rs index 3e9f9b10fa..5b569c2ace 100644 --- a/parachain/pallets/vc-management/src/mock.rs +++ b/parachain/pallets/vc-management/src/mock.rs @@ -63,7 +63,7 @@ where if !pallet_teebag::EnclaveRegistry::::contains_key(signer.clone()) { assert_ok!(pallet_teebag::Pallet::::add_enclave( &signer, - &pallet_teebag::Enclave::default().with_mrenclave(TEST8_MRENCLAVE), + &core_primitives::Enclave::default().with_mrenclave(TEST8_MRENCLAVE), )); } Ok(frame_system::RawOrigin::Signed(signer).into()) @@ -187,20 +187,20 @@ pub fn new_test_ext() -> sp_io::TestExternalities { assert_ok!(Teebag::set_admin(RuntimeOrigin::root(), alice.clone())); assert_ok!(Teebag::set_mode( RuntimeOrigin::signed(alice.clone()), - pallet_teebag::OperationalMode::Development + core_primitives::OperationalMode::Development )); Timestamp::set_timestamp(TEST8_TIMESTAMP); let signer: SystemAccountId = get_signer(TEST8_SIGNER_PUB); if !pallet_teebag::EnclaveRegistry::::contains_key(signer.clone()) { assert_ok!(Teebag::register_enclave( RuntimeOrigin::signed(signer), - pallet_teebag::WorkerType::Identity, - pallet_teebag::WorkerMode::Sidechain, + core_primitives::WorkerType::Identity, + core_primitives::WorkerMode::Sidechain, TEST8_CERT.to_vec(), URL.to_vec(), None, None, - pallet_teebag::AttestationType::Ias, + core_primitives::AttestationType::Ias, )); } }); diff --git a/parachain/pallets/vc-management/src/tests.rs b/parachain/pallets/vc-management/src/tests.rs index a8b3952b6e..647a875fa2 100644 --- a/parachain/pallets/vc-management/src/tests.rs +++ b/parachain/pallets/vc-management/src/tests.rs @@ -14,8 +14,8 @@ // You should have received a copy of the GNU General Public License // along with Litentry. If not, see . -use crate::{mock::*, Error, ShardIdentifier, Status}; -use core_primitives::{Assertion, Identity}; +use crate::{mock::*, Error, Status}; +use core_primitives::{Assertion, Identity, ShardIdentifier}; use frame_support::{assert_noop, assert_ok}; use sp_core::H256; use sp_std::{vec, vec::Vec}; diff --git a/parachain/runtime/common/src/lib.rs b/parachain/runtime/common/src/lib.rs index 316fcc1ca1..2260900e05 100644 --- a/parachain/runtime/common/src/lib.rs +++ b/parachain/runtime/common/src/lib.rs @@ -320,7 +320,7 @@ where fn try_successful_origin() -> Result { use pallet_teebag::test_util::{get_signer, TEST8_MRENCLAVE, TEST8_SIGNER_PUB}; let signer: ::AccountId = get_signer(TEST8_SIGNER_PUB); - let enclave = pallet_teebag::Enclave::default().with_mrenclave(TEST8_MRENCLAVE); + let enclave = core_primitives::Enclave::default().with_mrenclave(TEST8_MRENCLAVE); if !pallet_teebag::EnclaveRegistry::::contains_key(signer.clone()) { assert_ok!(pallet_teebag::Pallet::::add_enclave(&signer, &enclave)); } diff --git a/parachain/runtime/litentry/src/lib.rs b/parachain/runtime/litentry/src/lib.rs index a1cc08d949..63ff46a5c6 100644 --- a/parachain/runtime/litentry/src/lib.rs +++ b/parachain/runtime/litentry/src/lib.rs @@ -59,8 +59,9 @@ use xcm_executor::XcmExecutor; pub use constants::currency::deposit; pub use core_primitives::{ - opaque, AccountId, Amount, AssetId, Balance, BlockNumber, Hash, Header, Identity, Nonce, - Signature, DAYS, HOURS, LITENTRY_PARA_ID, MINUTES, SLOT_DURATION, + opaque, teebag::OperationalMode as TeebagOperationalMode, AccountId, Amount, AssetId, Balance, + BlockNumber, Hash, Header, Identity, Nonce, Signature, DAYS, HOURS, LITENTRY_PARA_ID, MINUTES, + SLOT_DURATION, }; pub use runtime_common::currency::*; use runtime_common::{ @@ -84,7 +85,6 @@ use pallet_evm::{ // for TEE pub use pallet_balances::Call as BalancesCall; -pub use pallet_teebag::{self, OperationalMode as TeebagOperationalMode}; // Make the WASM binary available. #[cfg(feature = "std")] diff --git a/parachain/runtime/paseo/src/lib.rs b/parachain/runtime/paseo/src/lib.rs index b3967f00cf..887408ebd7 100644 --- a/parachain/runtime/paseo/src/lib.rs +++ b/parachain/runtime/paseo/src/lib.rs @@ -43,7 +43,6 @@ use parity_scale_codec::{Decode, Encode, MaxEncodedLen}; use runtime_common::EnsureEnclaveSigner; // for TEE pub use pallet_balances::Call as BalancesCall; -pub use pallet_teebag::{self, OperationalMode as TeebagOperationalMode}; use sp_api::impl_runtime_apis; pub use sp_consensus_aura::sr25519::AuthorityId as AuraId; @@ -69,8 +68,8 @@ use xcm_executor::XcmExecutor; pub use constants::currency::deposit; pub use core_primitives::{ - opaque, AccountId, Amount, AssetId, Balance, BlockNumber, Hash, Header, Identity, Nonce, - Signature, DAYS, HOURS, MINUTES, SLOT_DURATION, + opaque, teebag::OperationalMode as TeebagOperationalMode, AccountId, Amount, AssetId, Balance, + BlockNumber, Hash, Header, Identity, Nonce, Signature, DAYS, HOURS, MINUTES, SLOT_DURATION, }; pub use runtime_common::currency::*; diff --git a/parachain/runtime/rococo/src/lib.rs b/parachain/runtime/rococo/src/lib.rs index e186597e0b..1325f53191 100644 --- a/parachain/runtime/rococo/src/lib.rs +++ b/parachain/runtime/rococo/src/lib.rs @@ -42,7 +42,6 @@ use parity_scale_codec::{Decode, Encode, MaxEncodedLen}; use runtime_common::EnsureEnclaveSigner; // for TEE pub use pallet_balances::Call as BalancesCall; -pub use pallet_teebag::{self, OperationalMode as TeebagOperationalMode}; use sp_api::impl_runtime_apis; pub use sp_consensus_aura::sr25519::AuthorityId as AuraId; @@ -68,8 +67,9 @@ use xcm_executor::XcmExecutor; pub use constants::currency::deposit; pub use core_primitives::{ - opaque, AccountId, Amount, AssetId, Balance, BlockNumber, Hash, Header, Identity, Nonce, - Signature, DAYS, HOURS, MINUTES, ROCOCO_PARA_ID, SLOT_DURATION, + opaque, teebag::OperationalMode as TeebagOperationalMode, AccountId, Amount, AssetId, Balance, + BlockNumber, Hash, Header, Identity, Nonce, Signature, DAYS, HOURS, MINUTES, ROCOCO_PARA_ID, + SLOT_DURATION, }; pub use runtime_common::currency::*; diff --git a/tee-worker/Cargo.lock b/tee-worker/Cargo.lock index db04271794..26fbc1ea62 100644 --- a/tee-worker/Cargo.lock +++ b/tee-worker/Cargo.lock @@ -39,8 +39,8 @@ dependencies = [ "scale-decode 0.8.0", "scale-encode", "scale-info", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "sp-application-crypto", "sp-core", "sp-runtime", @@ -59,11 +59,11 @@ dependencies = [ "parity-scale-codec", "primitive-types", "scale-info", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "sp-application-crypto", "sp-core", - "sp-core-hashing 5.0.0", + "sp-core-hashing", "sp-runtime", "sp-runtime-interface", "sp-staking", @@ -250,7 +250,7 @@ checksum = "cc6dde6e4ed435a4c1ee4e73592f5ba9da2151af10076cc04858746af9352d09" dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -377,7 +377,7 @@ dependencies = [ "log 0.4.20", "parity-scale-codec", "sgx_tstd", - "sp-std 5.0.0", + "sp-std", "thiserror 1.0.44", "thiserror 1.0.9", ] @@ -408,7 +408,7 @@ dependencies = [ "sgx_tstd", "sp-core", "sp-runtime", - "sp-std 5.0.0", + "sp-std", "substrate-api-client", ] @@ -430,7 +430,7 @@ dependencies = [ "sp-api", "sp-core", "sp-runtime", - "sp-std 5.0.0", + "sp-std", "sp-version", ] @@ -451,7 +451,7 @@ dependencies = [ "itp-storage", "itp-types", "itp-utils", - "litentry-macros 0.1.0", + "litentry-macros", "litentry-primitives", "log 0.4.20", "pallet-balances", @@ -463,7 +463,7 @@ dependencies = [ "sp-io 7.0.0", "sp-keyring", "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -476,7 +476,7 @@ dependencies = [ "log 0.4.20", "rustls 0.19.0 (git+https://github.com/mesalock-linux/rustls?tag=sgx_1.1.3)", "rustls 0.19.1", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", "tungstenite 0.14.0", "tungstenite 0.15.0", @@ -497,7 +497,7 @@ dependencies = [ "jsonrpc-core 18.0.0 (git+https://github.com/scs/jsonrpc?branch=no_std_v18)", "log 0.4.20", "parity-scale-codec", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", "sp-runtime", "thiserror 1.0.44", @@ -620,9 +620,8 @@ dependencies = [ "itp-storage", "itp-types", "log 0.4.20", - "pallet-teebag", "parity-scale-codec", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_crypto_helper", "sgx_types", "sgx_urts", @@ -686,7 +685,7 @@ dependencies = [ "log 0.4.20", "parity-scale-codec", "parity-util-mem", - "serde 1.0.193", + "serde 1.0.210", "sgx_tstd", "sp-application-crypto", "sp-core", @@ -774,7 +773,7 @@ dependencies = [ "log 0.4.20", "parity-scale-codec", "sgx_tstd", - "sp-std 5.0.0", + "sp-std", "thiserror 1.0.44", "thiserror 1.0.9", ] @@ -790,7 +789,7 @@ dependencies = [ "log 0.4.20", "parity-scale-codec", "sgx_tstd", - "sp-std 5.0.0", + "sp-std", "thiserror 1.0.44", "thiserror 1.0.9", ] @@ -853,7 +852,7 @@ version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3a8241f3ebb85c056b509d4327ad0358fbbba6ffb340bf388f26350aeda225b1" dependencies = [ - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -871,7 +870,7 @@ version = "1.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b1f45e9417d87227c7a56d22e471c6206462cba514c7590c09aff4cf6d1ddcad" dependencies = [ - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -928,8 +927,8 @@ dependencies = [ "rayon", "regex 1.9.5", "reqwest", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "sgx_crypto_helper", "sp-application-crypto", "sp-core", @@ -986,9 +985,9 @@ dependencies = [ "rayon", "regex 1.9.5", "scale-info", - "serde 1.0.193", - "serde_derive 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_derive 1.0.210", + "serde_json 1.0.120", "sgx_crypto_helper", "sgx_types", "sp-consensus-grandpa", @@ -1136,7 +1135,7 @@ dependencies = [ "log 0.4.20", "parity-scale-codec", "scale-info", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -1152,7 +1151,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "542f33a8835a0884b006a0c3df3dadd99c0c3f296ed26c2fdc8028e01ad6230c" dependencies = [ "memchr 2.6.3", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -1234,7 +1233,7 @@ version = "0.19.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3dc9f7a067415ab5058020f04c60ec7b557084dbec0e021217bbabc7a8d38d14" dependencies = [ - "serde 1.0.193", + "serde 1.0.210", "toml 0.8.2", ] @@ -1299,7 +1298,7 @@ dependencies = [ "iana-time-zone", "js-sys", "num-traits 0.2.16", - "serde 1.0.193", + "serde 1.0.210", "time", "wasm-bindgen", "winapi 0.3.9", @@ -1406,8 +1405,8 @@ dependencies = [ "pathdiff", "ron", "rust-ini", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "toml 0.5.11", "yaml-rust 0.4.5", ] @@ -1455,22 +1454,31 @@ checksum = "e496a50fda8aacccc86d7529e2c1e0892dbd0f898a6b5645b5561b89c3210efa" [[package]] name = "core-primitives" version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#cdbe9b02c1c58ca3d0063bf2eaf26a1f9da314e9" dependencies = [ "base58", + "base64 0.13.1", + "chrono 0.4.26", + "der 0.6.1", "frame-support", - "litentry-hex-utils 0.1.0 (git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19)", - "litentry-macros 0.1.0 (git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19)", + "hex", + "hex-literal", + "litentry-hex-utils", + "litentry-macros", "litentry-proc-macros", - "pallet-evm 6.0.0-dev (git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42)", + "pallet-evm", "parity-scale-codec", + "ring 0.16.20", + "rustls-webpki", "scale-info", + "serde 1.0.210", + "serde_json 1.0.120", "sp-core", "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", "sp-runtime", - "sp-std 5.0.0", + "sp-std", "strum 0.26.1", "strum_macros 0.26.1", + "x509-cert", ] [[package]] @@ -1506,7 +1514,7 @@ version = "0.93.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f42ea692c7b450ad18b8c9889661505d51c09ec4380cf1c2d278dbb2da22cae1" dependencies = [ - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -2031,7 +2039,7 @@ dependencies = [ "parity-scale-codec", "rlp", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "sha3", "triehash", ] @@ -2078,35 +2086,15 @@ dependencies = [ "auto_impl", "environmental 1.1.4", "ethereum 0.14.0", - "evm-core 0.39.0 (registry+https://github.com/rust-lang/crates.io-index)", - "evm-gasometer 0.39.0 (registry+https://github.com/rust-lang/crates.io-index)", - "evm-runtime 0.39.0 (registry+https://github.com/rust-lang/crates.io-index)", + "evm-core 0.39.0", + "evm-gasometer 0.39.0", + "evm-runtime 0.39.0", "log 0.4.20", "parity-scale-codec", "primitive-types", "rlp", "scale-info", - "serde 1.0.193", - "sha3", -] - -[[package]] -name = "evm" -version = "0.39.1" -source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" -dependencies = [ - "auto_impl", - "environmental 1.1.4", - "ethereum 0.14.0", - "evm-core 0.39.0 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", - "evm-gasometer 0.39.0 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", - "evm-runtime 0.39.0 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", - "log 0.4.20", - "parity-scale-codec", - "primitive-types", - "rlp", - "scale-info", - "serde 1.0.193", + "serde 1.0.210", "sha3", ] @@ -2138,18 +2126,7 @@ dependencies = [ "parity-scale-codec", "primitive-types", "scale-info", - "serde 1.0.193", -] - -[[package]] -name = "evm-core" -version = "0.39.0" -source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" -dependencies = [ - "parity-scale-codec", - "primitive-types", - "scale-info", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -2170,19 +2147,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8d43eadc395bd1a52990787ca1495c26b0248165444912be075c28909a853b8c" dependencies = [ "environmental 1.1.4", - "evm-core 0.39.0 (registry+https://github.com/rust-lang/crates.io-index)", - "evm-runtime 0.39.0 (registry+https://github.com/rust-lang/crates.io-index)", - "primitive-types", -] - -[[package]] -name = "evm-gasometer" -version = "0.39.0" -source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" -dependencies = [ - "environmental 1.1.4", - "evm-core 0.39.0 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", - "evm-runtime 0.39.0 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", + "evm-core 0.39.0", + "evm-runtime 0.39.0", "primitive-types", ] @@ -2205,19 +2171,7 @@ checksum = "2aa5b32f59ec582a5651978004e5c784920291263b7dcb6de418047438e37f4f" dependencies = [ "auto_impl", "environmental 1.1.4", - "evm-core 0.39.0 (registry+https://github.com/rust-lang/crates.io-index)", - "primitive-types", - "sha3", -] - -[[package]] -name = "evm-runtime" -version = "0.39.0" -source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" -dependencies = [ - "auto_impl", - "environmental 1.1.4", - "evm-core 0.39.0 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", + "evm-core 0.39.0", "primitive-types", "sha3", ] @@ -2327,9 +2281,9 @@ dependencies = [ [[package]] name = "flagset" -version = "0.4.3" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cda653ca797810c02f7ca4b804b40b8b95ae046eb989d356bce17919a8c25499" +checksum = "b3ea1ec5f8307826a5b71094dd91fc04d4ae75d5709b20ad351c7fb4815c86ec" [[package]] name = "flate2" @@ -2407,7 +2361,7 @@ dependencies = [ [[package]] name = "fp-account" version = "1.0.0-dev" -source = "git+https://github.com/integritee-network/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" +source = "git+https://github.com/polkadot-evm/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" dependencies = [ "hex", "impl-serde", @@ -2415,60 +2369,26 @@ dependencies = [ "log 0.4.20", "parity-scale-codec", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "sp-core", "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", "sp-runtime", - "sp-std 5.0.0", -] - -[[package]] -name = "fp-account" -version = "1.0.0-dev" -source = "git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42#2499d18c936edbcb7fcb711827db7abb9b4f4da4" -dependencies = [ - "hex", - "impl-serde", - "libsecp256k1", - "log 0.4.20", - "parity-scale-codec", - "scale-info", - "serde 1.0.193", - "sp-core", - "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", - "sp-runtime", - "sp-runtime-interface", - "sp-std 5.0.0", -] - -[[package]] -name = "fp-evm" -version = "3.0.0-dev" -source = "git+https://github.com/integritee-network/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" -dependencies = [ - "evm 0.39.1 (registry+https://github.com/rust-lang/crates.io-index)", - "frame-support", - "parity-scale-codec", - "scale-info", - "serde 1.0.193", - "sp-core", - "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] name = "fp-evm" version = "3.0.0-dev" -source = "git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42#2499d18c936edbcb7fcb711827db7abb9b4f4da4" +source = "git+https://github.com/polkadot-evm/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" dependencies = [ - "evm 0.39.1 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", + "evm 0.39.1", "frame-support", "parity-scale-codec", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "sp-core", "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -2490,14 +2410,14 @@ dependencies = [ "parity-scale-codec", "paste", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "sp-api", "sp-application-crypto", "sp-core", "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", "sp-runtime", "sp-runtime-interface", - "sp-std 5.0.0", + "sp-std", "sp-storage", "static_assertions", ] @@ -2514,7 +2434,7 @@ dependencies = [ "sp-core", "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", "sp-runtime", - "sp-std 5.0.0", + "sp-std", "sp-tracing", ] @@ -2527,7 +2447,7 @@ dependencies = [ "cfg-if 1.0.0", "parity-scale-codec", "scale-info", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -2546,7 +2466,7 @@ dependencies = [ "parity-scale-codec", "paste", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "smallvec 1.11.0", "sp-api", "sp-arithmetic", @@ -2557,7 +2477,7 @@ dependencies = [ "sp-runtime", "sp-staking", "sp-state-machine", - "sp-std 5.0.0", + "sp-std", "sp-tracing", "sp-weights", "tt-call", @@ -2576,7 +2496,7 @@ dependencies = [ "proc-macro-warning", "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -2588,7 +2508,7 @@ dependencies = [ "proc-macro-crate", "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -2598,7 +2518,7 @@ source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -2610,11 +2530,11 @@ dependencies = [ "log 0.4.20", "parity-scale-codec", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "sp-core", "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", "sp-runtime", - "sp-std 5.0.0", + "sp-std", "sp-version", "sp-weights", ] @@ -2768,7 +2688,7 @@ checksum = "89ca545a94061b6365f2c7355b4b32bd20df3ff95f02da9329b34ccc3bd6ee72" dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -3020,6 +2940,12 @@ dependencies = [ "allocator-api2", ] +[[package]] +name = "hashbrown" +version = "0.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e087f84d4f86bf4b218b927129862374b72199ae7d8657835f1e89000eea4fb" + [[package]] name = "hashbrown_tstd" version = "0.12.0" @@ -3353,7 +3279,7 @@ dependencies = [ "sgx_tstd", "sp-core", "sp-runtime", - "sp-std 5.0.0", + "sp-std", "substrate-api-client", ] @@ -3366,7 +3292,7 @@ dependencies = [ "frame-system", "itp-sgx-runtime-primitives", "pallet-balances", - "pallet-evm 6.0.0-dev (git+https://github.com/integritee-network/frontier?branch=bar/polkadot-v0.9.42)", + "pallet-evm", "pallet-identity-management-tee", "pallet-parentchain", "pallet-sudo", @@ -3377,7 +3303,7 @@ dependencies = [ "sp-api", "sp-core", "sp-runtime", - "sp-std 5.0.0", + "sp-std", "sp-version", ] @@ -3401,8 +3327,8 @@ dependencies = [ "itp-types", "itp-utils", "lc-stf-task-sender", - "litentry-hex-utils 0.1.0", - "litentry-macros 0.1.0", + "litentry-hex-utils", + "litentry-macros", "litentry-primitives", "log 0.4.20", "pallet-balances", @@ -3416,7 +3342,7 @@ dependencies = [ "sp-io 7.0.0", "sp-keyring", "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -3429,7 +3355,7 @@ dependencies = [ "log 0.4.20", "rustls 0.19.0 (git+https://github.com/mesalock-linux/rustls?tag=sgx_1.1.3)", "rustls 0.19.1", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", "tungstenite 0.14.0", "tungstenite 0.15.0", @@ -3450,7 +3376,7 @@ dependencies = [ "jsonrpc-core 18.0.0 (git+https://github.com/scs/jsonrpc?branch=no_std_v18)", "log 0.4.20", "parity-scale-codec", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", "sp-runtime", "thiserror 1.0.44", @@ -3573,9 +3499,8 @@ dependencies = [ "itp-storage", "itp-types", "log 0.4.20", - "pallet-teebag", "parity-scale-codec", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_crypto_helper", "sgx_types", "sgx_urts", @@ -3640,7 +3565,7 @@ dependencies = [ "log 0.4.20", "parity-scale-codec", "parity-util-mem", - "serde 1.0.193", + "serde 1.0.210", "sgx_tstd", "sp-application-crypto", "sp-core", @@ -3735,7 +3660,7 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ebc88fc67028ae3db0c853baa36269d398d5f45b6982f95549ff5def78c935cd" dependencies = [ - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -3767,17 +3692,17 @@ checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" dependencies = [ "autocfg 1.1.0", "hashbrown 0.12.3", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] name = "indexmap" -version = "2.0.0" +version = "2.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d5477fe2230a79769d8dc68e0eabf5437907c0457a5614a9e8dddb67f65eb65d" +checksum = "707907fe3c25f5424cce2cb7e1cbcafee6bdbe735ca90ef77c29e84591e5b9da" dependencies = [ "equivalent", - "hashbrown 0.14.0", + "hashbrown 0.15.0", ] [[package]] @@ -3841,8 +3766,8 @@ dependencies = [ "hyper-multipart-rfc7578", "hyper-tls", "parity-multiaddr", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "serde_urlencoded", "tokio", "tokio-util 0.6.10", @@ -3923,8 +3848,8 @@ dependencies = [ "http_req 0.8.1 (git+https://github.com/integritee-network/http_req?branch=master)", "http_req 0.8.1 (git+https://github.com/integritee-network/http_req)", "log 0.4.20", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "sgx_tstd", "thiserror 1.0.44", "thiserror 1.0.9", @@ -3951,7 +3876,7 @@ dependencies = [ "parity-scale-codec", "parking_lot 0.12.1", "rustls 0.19.1", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_crypto_helper", "sp-core", "thiserror 1.0.44", @@ -4076,7 +4001,7 @@ dependencies = [ "parity-scale-codec", "rustls 0.19.0 (git+https://github.com/mesalock-linux/rustls?tag=sgx_1.1.3)", "rustls 0.19.1", - "serde_json 1.0.103", + "serde_json 1.0.120", "serde_json 1.0.60 (git+https://github.com/mesalock-linux/serde-json-sgx?tag=sgx_1.1.3)", "sgx_rand", "sgx_tcrypto", @@ -4098,7 +4023,7 @@ version = "0.8.0" dependencies = [ "binary-merkle-tree", "parity-scale-codec", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -4224,7 +4149,7 @@ dependencies = [ "sgx_types", "sp-core", "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -4243,8 +4168,8 @@ version = "0.1.0" dependencies = [ "itp-types", "parity-scale-codec", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "sgx_tstd", ] @@ -4269,7 +4194,7 @@ dependencies = [ "ofb", "parity-scale-codec", "secp256k1 0.28.0", - "serde_json 1.0.103", + "serde_json 1.0.120", "serde_json 1.0.60 (git+https://github.com/mesalock-linux/serde-json-sgx?tag=sgx_1.1.3)", "sgx_crypto_helper", "sgx_rand", @@ -4289,7 +4214,7 @@ dependencies = [ "log 0.4.20", "parity-scale-codec", "postcard", - "serde 1.0.193", + "serde 1.0.210", "sgx_tstd", "sp-core", ] @@ -4341,7 +4266,7 @@ dependencies = [ "parity-scale-codec", "sp-core", "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -4394,7 +4319,7 @@ dependencies = [ "sp-core", "sp-runtime", "sp-state-machine", - "sp-std 5.0.0", + "sp-std", "sp-trie", "thiserror 1.0.44", "thiserror 1.0.9", @@ -4426,7 +4351,7 @@ dependencies = [ "sp-core", "sp-io 7.0.0", "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -4450,11 +4375,11 @@ dependencies = [ "litentry-primitives", "pallet-balances", "parity-scale-codec", - "serde 1.0.193", + "serde 1.0.210", "sp-consensus-grandpa", "sp-core", "sp-runtime", - "sp-std 5.0.0", + "sp-std", "substrate-api-client", ] @@ -4463,7 +4388,7 @@ name = "itp-utils" version = "0.1.0" dependencies = [ "hex", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "parity-scale-codec", ] @@ -4543,7 +4468,7 @@ dependencies = [ "its-state", "its-test", "its-validateer-fetch", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "log 0.4.20", "parity-scale-codec", "sgx_tstd", @@ -4575,7 +4500,7 @@ dependencies = [ "its-primitives", "its-state", "its-test", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "log 0.4.20", "parity-scale-codec", "sgx_tstd", @@ -4627,8 +4552,8 @@ dependencies = [ "its-test", "jsonrpsee", "log 0.4.20", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "thiserror 1.0.44", "tokio", ] @@ -4640,10 +4565,10 @@ dependencies = [ "itp-types", "parity-scale-codec", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "sp-core", "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -4717,7 +4642,7 @@ dependencies = [ "parity-scale-codec", "parking_lot 0.12.1", "rocksdb", - "serde 1.0.193", + "serde 1.0.210", "sp-core", "temp-dir", "thiserror 1.0.44", @@ -4746,7 +4671,7 @@ dependencies = [ "parity-scale-codec", "sp-core", "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -4775,7 +4700,7 @@ checksum = "96b0db21af676c1ce64250b5f40f3ce2cf27e4e47cb91ed91eb6fe9350b430c1" dependencies = [ "pest", "pest_derive", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -4788,9 +4713,9 @@ dependencies = [ "futures-executor 0.3.28", "futures-util 0.3.28", "log 0.4.20", - "serde 1.0.193", - "serde_derive 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_derive 1.0.210", + "serde_json 1.0.120", ] [[package]] @@ -4833,8 +4758,8 @@ dependencies = [ "jsonrpsee-types", "jsonrpsee-utils", "log 0.4.20", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "thiserror 1.0.44", "url 2.5.0 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -4853,8 +4778,8 @@ dependencies = [ "jsonrpsee-utils", "lazy_static", "log 0.4.20", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "socket2", "thiserror 1.0.44", "tokio", @@ -4886,8 +4811,8 @@ dependencies = [ "futures-util 0.3.28", "hyper", "log 0.4.20", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "soketto", "thiserror 1.0.44", ] @@ -4906,8 +4831,8 @@ dependencies = [ "parking_lot 0.11.2", "rand 0.8.5", "rustc-hash", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "thiserror 1.0.44", ] @@ -4925,8 +4850,8 @@ dependencies = [ "pin-project", "rustls 0.19.1", "rustls-native-certs", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "soketto", "thiserror 1.0.44", "tokio", @@ -4947,8 +4872,8 @@ dependencies = [ "jsonrpsee-utils", "log 0.4.20", "rustc-hash", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "soketto", "thiserror 1.0.44", "tokio", @@ -5030,16 +4955,15 @@ dependencies = [ "lc-dynamic-assertion", "lc-evm-dynamic-assertions", "lc-mock-server", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "litentry-primitives", "log 0.4.20", - "pallet-parachain-staking", "parity-scale-codec", "primitive-types", "rust-base58 0.0.4 (registry+https://github.com/rust-lang/crates.io-index)", "rust-base58 0.0.4 (git+https://github.com/mesalock-linux/rust-base58-sgx)", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "sgx_tstd", "sp-core", "ss58-registry", @@ -5062,7 +4986,7 @@ dependencies = [ "lc-credentials-v2", "lc-mock-server", "lc-service", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "litentry-primitives", "log 0.4.20", "parity-scale-codec", @@ -5098,8 +5022,8 @@ dependencies = [ "rust-base58 0.0.4 (registry+https://github.com/rust-lang/crates.io-index)", "rust-base58 0.0.4 (git+https://github.com/mesalock-linux/rust-base58-sgx)", "scale-info", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "serde_json 1.0.60 (git+https://github.com/mesalock-linux/serde-json-sgx?tag=sgx_1.1.3)", "sgx_tstd", "sp-core", @@ -5137,8 +5061,8 @@ dependencies = [ "litentry-primitives", "log 0.4.20", "parity-scale-codec", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "sgx_tstd", "thiserror 1.0.44", "thiserror 1.0.9", @@ -5196,12 +5120,12 @@ dependencies = [ "itp-sgx-temp-dir", "lc-dynamic-assertion", "lc-mock-server", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "litentry-primitives", "log 0.4.20", "parity-scale-codec", "rust_decimal", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", "ss58-registry", "thiserror 1.0.44", @@ -5230,8 +5154,8 @@ dependencies = [ "lru", "parity-scale-codec", "rand 0.8.5", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "sgx_rand", "sgx_tstd", "sp-core", @@ -5249,7 +5173,7 @@ dependencies = [ "lc-data-providers", "litentry-primitives", "log 0.4.20", - "serde_json 1.0.103", + "serde_json 1.0.120", "sp-core", "tokio", "warp", @@ -5342,7 +5266,7 @@ dependencies = [ "parity-scale-codec", "sgx_tstd", "sp-runtime", - "sp-std 5.0.0", + "sp-std", "thiserror 1.0.44", "thiserror 1.0.9", ] @@ -5353,7 +5277,7 @@ version = "0.1.0" dependencies = [ "itp-storage", "itp-types", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -5382,7 +5306,7 @@ dependencies = [ "lc-stf-task-receiver", "lc-stf-task-sender", "lc-vc-task-sender", - "litentry-macros 0.1.0", + "litentry-macros", "litentry-primitives", "log 0.4.20", "pallet-identity-management-tee", @@ -5451,7 +5375,7 @@ dependencies = [ "libsecp256k1-gen-ecmult", "libsecp256k1-gen-genmult", "rand 0.8.5", - "serde 1.0.193", + "serde 1.0.210", "sha2 0.9.9", "typenum", ] @@ -5559,22 +5483,21 @@ dependencies = [ "itp-stf-primitives", "itp-types", "itp-utils", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "litentry-primitives", "log 0.4.20", - "pallet-evm 6.0.0-dev (git+https://github.com/integritee-network/frontier?branch=bar/polkadot-v0.9.42)", + "pallet-evm", "parity-scale-codec", "rand 0.8.5", "rayon", "regex 1.9.5", "reqwest", "scale-value", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "sgx_crypto_helper", "sp-application-crypto", "sp-core", - "sp-core-hashing 6.0.0", "sp-keyring", "sp-keystore", "sp-runtime", @@ -5591,23 +5514,10 @@ dependencies = [ "hex", ] -[[package]] -name = "litentry-hex-utils" -version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#cdbe9b02c1c58ca3d0063bf2eaf26a1f9da314e9" -dependencies = [ - "hex", -] - [[package]] name = "litentry-macros" version = "0.1.0" -[[package]] -name = "litentry-macros" -version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#cdbe9b02c1c58ca3d0063bf2eaf26a1f9da314e9" - [[package]] name = "litentry-primitives" version = "0.1.0" @@ -5619,30 +5529,28 @@ dependencies = [ "itp-sgx-crypto", "itp-sgx-runtime-primitives", "log 0.4.20", - "pallet-teebag", "parity-scale-codec", "rand 0.7.3 (registry+https://github.com/rust-lang/crates.io-index)", "rand 0.7.3 (git+https://github.com/mesalock-linux/rand-sgx?tag=sgx_1.1.3)", "ring 0.16.20", "scale-info", "secp256k1 0.28.0", - "serde 1.0.193", + "serde 1.0.210", "sgx_tstd", "sp-core", "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] name = "litentry-proc-macros" version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#cdbe9b02c1c58ca3d0063bf2eaf26a1f9da314e9" dependencies = [ "cargo_toml", "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -5686,7 +5594,7 @@ dependencies = [ "lazy_static", "lc-data-providers", "lc-mock-server", - "litentry-macros 0.1.0", + "litentry-macros", "litentry-primitives", "log 0.4.20", "mockall", @@ -5698,9 +5606,9 @@ dependencies = [ "rayon", "regex 1.9.5", "scale-info", - "serde 1.0.193", - "serde_derive 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_derive 1.0.210", + "serde_json 1.0.120", "sgx_crypto_helper", "sgx_types", "sp-consensus-grandpa", @@ -6507,7 +6415,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -6556,21 +6464,7 @@ dependencies = [ "scale-info", "sp-core", "sp-runtime", - "sp-std 5.0.0", -] - -[[package]] -name = "pallet-authorship" -version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff24c60ac7d9f87727ecdd0ded9a80c56e4f4b65" -dependencies = [ - "frame-support", - "frame-system", - "impl-trait-for-tuples", - "parity-scale-codec", - "scale-info", - "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -6585,47 +6479,22 @@ dependencies = [ "parity-scale-codec", "scale-info", "sp-runtime", - "sp-std 5.0.0", -] - -[[package]] -name = "pallet-evm" -version = "6.0.0-dev" -source = "git+https://github.com/integritee-network/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" -dependencies = [ - "environmental 1.1.4", - "evm 0.39.1 (registry+https://github.com/rust-lang/crates.io-index)", - "fp-account 1.0.0-dev (git+https://github.com/integritee-network/frontier?branch=bar/polkadot-v0.9.42)", - "fp-evm 3.0.0-dev (git+https://github.com/integritee-network/frontier?branch=bar/polkadot-v0.9.42)", - "frame-benchmarking", - "frame-support", - "frame-system", - "hex", - "impl-trait-for-tuples", - "log 0.4.20", - "parity-scale-codec", - "rlp", - "scale-info", - "sp-core", - "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", - "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] name = "pallet-evm" version = "6.0.0-dev" -source = "git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42#2499d18c936edbcb7fcb711827db7abb9b4f4da4" +source = "git+https://github.com/polkadot-evm/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" dependencies = [ "environmental 1.1.4", - "evm 0.39.1 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", - "fp-account 1.0.0-dev (git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42)", - "fp-evm 3.0.0-dev (git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42)", + "evm 0.39.1", + "fp-account", + "fp-evm", "frame-benchmarking", "frame-support", "frame-system", "hex", - "hex-literal", "impl-trait-for-tuples", "log 0.4.20", "parity-scale-codec", @@ -6634,7 +6503,7 @@ dependencies = [ "sp-core", "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -6652,27 +6521,7 @@ dependencies = [ "sp-core", "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", "sp-runtime", - "sp-std 5.0.0", -] - -[[package]] -name = "pallet-parachain-staking" -version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#cdbe9b02c1c58ca3d0063bf2eaf26a1f9da314e9" -dependencies = [ - "core-primitives", - "frame-support", - "frame-system", - "log 0.4.20", - "pallet-authorship", - "pallet-balances", - "pallet-session", - "parity-scale-codec", - "scale-info", - "sp-runtime", - "sp-staking", - "sp-std 5.0.0", - "substrate-fixed", + "sp-std", ] [[package]] @@ -6691,26 +6540,6 @@ dependencies = [ "sp-runtime", ] -[[package]] -name = "pallet-session" -version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff24c60ac7d9f87727ecdd0ded9a80c56e4f4b65" -dependencies = [ - "frame-support", - "frame-system", - "impl-trait-for-tuples", - "log 0.4.20", - "pallet-timestamp", - "parity-scale-codec", - "scale-info", - "sp-core", - "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", - "sp-runtime", - "sp-session", - "sp-staking", - "sp-std 5.0.0", -] - [[package]] name = "pallet-sudo" version = "4.0.0-dev" @@ -6722,35 +6551,7 @@ dependencies = [ "scale-info", "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", "sp-runtime", - "sp-std 5.0.0", -] - -[[package]] -name = "pallet-teebag" -version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#cdbe9b02c1c58ca3d0063bf2eaf26a1f9da314e9" -dependencies = [ - "base64 0.13.1", - "chrono 0.4.26", - "der 0.6.1", - "frame-support", - "frame-system", - "hex", - "hex-literal", - "log 0.4.20", - "pallet-balances", - "pallet-timestamp", - "parity-scale-codec", - "ring 0.16.20", - "rustls-webpki", - "scale-info", - "serde 1.0.193", - "serde_json 1.0.103", - "sp-core", - "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", - "sp-runtime", - "sp-std 5.0.0", - "x509-cert", + "sp-std", ] [[package]] @@ -6767,7 +6568,7 @@ dependencies = [ "sp-inherents", "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", "sp-runtime", - "sp-std 5.0.0", + "sp-std", "sp-timestamp", ] @@ -6780,11 +6581,11 @@ dependencies = [ "frame-system", "parity-scale-codec", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "sp-core", "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -6799,7 +6600,7 @@ dependencies = [ "data-encoding", "multihash", "percent-encoding 2.3.1 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.193", + "serde 1.0.210", "static_assertions", "unsigned-varint 0.7.1", "url 2.5.0 (registry+https://github.com/rust-lang/crates.io-index)", @@ -6817,7 +6618,7 @@ dependencies = [ "bytes 1.4.0", "impl-trait-for-tuples", "parity-scale-codec-derive", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -7023,7 +6824,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -7054,7 +6855,7 @@ checksum = "ec2e072ecce94ec471b13398d5402c188e76ac03cf74dd1a975161b23a3f6d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -7092,7 +6893,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a25c0b0ae06fcffe600ad392aabfa535696c8973f2253d9ac83171924c58a858" dependencies = [ "postcard-cobs", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -7210,14 +7011,14 @@ checksum = "0e99670bafb56b9a106419397343bdbc8b8742c3cc449fec6345f86173f47cd4" dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] name = "proc-macro2" -version = "1.0.66" +version = "1.0.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9" +checksum = "b3e4daa0dcf6feba26f985457cdf104d4b4256fc5a09547140f3631bb076b19a" dependencies = [ "unicode-ident", ] @@ -7262,9 +7063,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.33" +version = "1.0.37" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" +checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af" dependencies = [ "proc-macro2", ] @@ -7488,7 +7289,7 @@ checksum = "2dfaf0c85b766276c797f3791f5bc6d5bd116b41d53049af2789666b0c0bc9fa" dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -7576,8 +7377,8 @@ dependencies = [ "once_cell 1.19.0", "percent-encoding 2.3.1 (registry+https://github.com/rust-lang/crates.io-index)", "pin-project-lite", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "serde_urlencoded", "tokio", "tokio-native-tls", @@ -7665,7 +7466,7 @@ checksum = "88073939a61e5b7680558e6be56b419e208420c2adb92be54921fa6b72283f1a" dependencies = [ "base64 0.13.1", "bitflags 1.3.2", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -7903,7 +7704,7 @@ dependencies = [ "array-bytes 4.2.0", "async-trait", "parking_lot 0.12.1", - "serde_json 1.0.103", + "serde_json 1.0.120", "sp-application-crypto", "sp-core", "sp-keystore", @@ -7918,7 +7719,7 @@ checksum = "8dd7aca73785181cc41f0bbe017263e682b585ca660540ba569133901d013ecf" dependencies = [ "parity-scale-codec", "scale-info", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -7929,7 +7730,7 @@ checksum = "036575c29af9b6e4866ffb7fa055dbf623fe7a9cc159b33786de6013a6969d89" dependencies = [ "parity-scale-codec", "scale-info", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -8009,7 +7810,7 @@ dependencies = [ "derive_more", "parity-scale-codec", "scale-info-derive", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -8036,7 +7837,7 @@ dependencies = [ "scale-bits 0.3.0", "scale-decode 0.4.0", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "thiserror 1.0.44", "yap", ] @@ -8237,11 +8038,11 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.193" +version = "1.0.210" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25dd9975e68d0cb5aa1120c288333fc98731bd1dd12f561e468ea4728c042b89" +checksum = "c8e3592472072e6e22e0a54d5904d9febf8508f65fb8552499a1abc7d1078c3a" dependencies = [ - "serde_derive 1.0.193", + "serde_derive 1.0.210", ] [[package]] @@ -8250,8 +8051,8 @@ version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b926cfbabfe8011609dda0350cb24d884955d294909ac71c0db7027366c77e3e" dependencies = [ - "serde 1.0.193", - "serde_derive 1.0.193", + "serde 1.0.210", + "serde_derive 1.0.210", ] [[package]] @@ -8275,13 +8076,13 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.193" +version = "1.0.210" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "43576ca501357b9b071ac53cdc7da8ef0cbd9493d8df094cd821777ea6e894d3" +checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f" dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -8309,14 +8110,14 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.103" +version = "1.0.120" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d03b412469450d4404fe8499a268edd7f8b79fecb074b0d812ad64ca21f4031b" +checksum = "4e0d21c9a8cae1235ad58a00c11cb40d4b1e5c784f1ef2c537876ed6ffd8b7c5" dependencies = [ - "indexmap 2.0.0", + "indexmap 2.6.0", "itoa 1.0.9", "ryu", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -8325,7 +8126,7 @@ version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "96426c9936fd7a0124915f9185ea1d20aa9445cc9821142f0a73bc9207a2e186" dependencies = [ - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -8337,7 +8138,7 @@ dependencies = [ "form_urlencoded 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)", "itoa 1.0.9", "ryu", - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -8368,11 +8169,11 @@ dependencies = [ "itertools 0.11.0", "libc", "serde 1.0.118", - "serde 1.0.193", + "serde 1.0.210", "serde-big-array 0.1.5", "serde-big-array 0.3.0", "serde_derive 1.0.118", - "serde_derive 1.0.193", + "serde_derive 1.0.210", "sgx_tcrypto", "sgx_tstd", "sgx_types", @@ -8706,7 +8507,7 @@ dependencies = [ "sp-metadata-ir", "sp-runtime", "sp-state-machine", - "sp-std 5.0.0", + "sp-std", "sp-trie", "sp-version", "thiserror 1.0.44", @@ -8723,7 +8524,7 @@ dependencies = [ "proc-macro-crate", "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -8733,10 +8534,10 @@ source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff dependencies = [ "parity-scale-codec", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "sp-core", "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -8748,8 +8549,8 @@ dependencies = [ "num-traits 0.2.16", "parity-scale-codec", "scale-info", - "serde 1.0.193", - "sp-std 5.0.0", + "serde 1.0.210", + "sp-std", "static_assertions", ] @@ -8762,13 +8563,13 @@ dependencies = [ "log 0.4.20", "parity-scale-codec", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "sp-api", "sp-application-crypto", "sp-core", "sp-keystore", "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -8778,8 +8579,8 @@ source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff dependencies = [ "parity-scale-codec", "scale-info", - "serde 1.0.193", - "sp-std 5.0.0", + "serde 1.0.210", + "sp-std", "sp-timestamp", ] @@ -8813,12 +8614,12 @@ dependencies = [ "schnorrkel", "secp256k1 0.24.3", "secrecy", - "serde 1.0.193", - "sp-core-hashing 5.0.0", + "serde 1.0.210", + "sp-core-hashing", "sp-debug-derive", "sp-externalities", "sp-runtime-interface", - "sp-std 5.0.0", + "sp-std", "sp-storage", "ss58-registry", "substrate-bip39", @@ -8837,22 +8638,7 @@ dependencies = [ "digest 0.10.7", "sha2 0.10.8", "sha3", - "sp-std 5.0.0", - "twox-hash", -] - -[[package]] -name = "sp-core-hashing" -version = "6.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cbc2d1947252b7a4e403b0a260f596920443742791765ec111daa2bbf98eff25" -dependencies = [ - "blake2", - "byteorder 1.4.3", - "digest 0.10.7", - "sha2 0.10.8", - "sha3", - "sp-std 6.0.0", + "sp-std", "twox-hash", ] @@ -8863,8 +8649,8 @@ source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff dependencies = [ "proc-macro2", "quote", - "sp-core-hashing 5.0.0", - "syn 2.0.32", + "sp-core-hashing", + "syn 2.0.79", ] [[package]] @@ -8874,7 +8660,7 @@ source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -8884,7 +8670,7 @@ source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff dependencies = [ "environmental 1.1.4", "parity-scale-codec", - "sp-std 5.0.0", + "sp-std", "sp-storage", ] @@ -8899,7 +8685,7 @@ dependencies = [ "scale-info", "sp-core", "sp-runtime", - "sp-std 5.0.0", + "sp-std", "thiserror 1.0.44", ] @@ -8934,7 +8720,7 @@ dependencies = [ "sp-keystore", "sp-runtime-interface", "sp-state-machine", - "sp-std 5.0.0", + "sp-std", "sp-tracing", "sp-trie", "tracing", @@ -8960,7 +8746,7 @@ dependencies = [ "futures 0.3.28", "parity-scale-codec", "parking_lot 0.12.1", - "serde 1.0.193", + "serde 1.0.210", "sp-core", "sp-externalities", "thiserror 1.0.44", @@ -8974,7 +8760,7 @@ dependencies = [ "frame-metadata", "parity-scale-codec", "scale-info", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -9000,12 +8786,12 @@ dependencies = [ "paste", "rand 0.8.5", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "sp-application-crypto", "sp-arithmetic", "sp-core", "sp-io 7.0.0 (git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42)", - "sp-std 5.0.0", + "sp-std", "sp-weights", ] @@ -9020,7 +8806,7 @@ dependencies = [ "primitive-types", "sp-externalities", "sp-runtime-interface-proc-macro", - "sp-std 5.0.0", + "sp-std", "sp-storage", "sp-tracing", "sp-wasm-interface", @@ -9036,20 +8822,7 @@ dependencies = [ "proc-macro-crate", "proc-macro2", "quote", - "syn 2.0.32", -] - -[[package]] -name = "sp-session" -version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff24c60ac7d9f87727ecdd0ded9a80c56e4f4b65" -dependencies = [ - "parity-scale-codec", - "scale-info", - "sp-api", - "sp-core", - "sp-staking", - "sp-std 5.0.0", + "syn 2.0.79", ] [[package]] @@ -9059,10 +8832,10 @@ source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff dependencies = [ "parity-scale-codec", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "sp-core", "sp-runtime", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -9079,7 +8852,7 @@ dependencies = [ "sp-core", "sp-externalities", "sp-panic-handler", - "sp-std 5.0.0", + "sp-std", "sp-trie", "thiserror 1.0.44", "tracing", @@ -9090,12 +8863,6 @@ name = "sp-std" version = "5.0.0" source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff24c60ac7d9f87727ecdd0ded9a80c56e4f4b65" -[[package]] -name = "sp-std" -version = "6.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af0ee286f98455272f64ac5bb1384ff21ac029fbb669afbaf48477faff12760e" - [[package]] name = "sp-storage" version = "7.0.0" @@ -9104,9 +8871,9 @@ dependencies = [ "impl-serde", "parity-scale-codec", "ref-cast", - "serde 1.0.193", + "serde 1.0.210", "sp-debug-derive", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -9120,7 +8887,7 @@ dependencies = [ "parity-scale-codec", "sp-inherents", "sp-runtime", - "sp-std 5.0.0", + "sp-std", "thiserror 1.0.44", ] @@ -9130,7 +8897,7 @@ version = "6.0.0" source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff24c60ac7d9f87727ecdd0ded9a80c56e4f4b65" dependencies = [ "parity-scale-codec", - "sp-std 5.0.0", + "sp-std", "tracing", "tracing-core", "tracing-subscriber", @@ -9152,7 +8919,7 @@ dependencies = [ "scale-info", "schnellru", "sp-core", - "sp-std 5.0.0", + "sp-std", "thiserror 1.0.44", "tracing", "trie-db", @@ -9168,10 +8935,10 @@ dependencies = [ "parity-scale-codec", "parity-wasm", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "sp-core-hashing-proc-macro", "sp-runtime", - "sp-std 5.0.0", + "sp-std", "sp-version-proc-macro", "thiserror 1.0.44", ] @@ -9184,7 +8951,7 @@ dependencies = [ "parity-scale-codec", "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -9196,7 +8963,7 @@ dependencies = [ "impl-trait-for-tuples", "log 0.4.20", "parity-scale-codec", - "sp-std 5.0.0", + "sp-std", "wasmi", "wasmtime", ] @@ -9208,12 +8975,12 @@ source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff dependencies = [ "parity-scale-codec", "scale-info", - "serde 1.0.193", + "serde 1.0.210", "smallvec 1.11.0", "sp-arithmetic", "sp-core", "sp-debug-derive", - "sp-std 5.0.0", + "sp-std", ] [[package]] @@ -9258,8 +9025,8 @@ dependencies = [ "num-format", "proc-macro2", "quote", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "unicode-xid", ] @@ -9325,7 +9092,7 @@ dependencies = [ "proc-macro2", "quote", "rustversion", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -9344,8 +9111,8 @@ dependencies = [ "log 0.4.20", "maybe-async", "parity-scale-codec", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "sp-core", "sp-runtime", "sp-runtime-interface", @@ -9375,33 +9142,13 @@ dependencies = [ "async-trait", "parking_lot 0.12.1", "sc-keystore", - "serde_json 1.0.103", + "serde_json 1.0.120", "sp-application-crypto", "sp-core", "sp-keyring", "sp-keystore", ] -[[package]] -name = "substrate-fixed" -version = "0.5.9" -source = "git+https://github.com/encointer/substrate-fixed#879c58bcc6fd676a74315dcd38b598f28708b0b5" -dependencies = [ - "parity-scale-codec", - "scale-info", - "substrate-typenum", -] - -[[package]] -name = "substrate-typenum" -version = "1.16.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0f0091e93c2c75b233ae39424c52cb8a662c0811fb68add149e20e5d7e8a788" -dependencies = [ - "parity-scale-codec", - "scale-info", -] - [[package]] name = "subtle" version = "2.5.0" @@ -9429,9 +9176,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.32" +version = "2.0.79" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "239814284fd6f1a4ffe4ca893952cdd93c224b6a1571c9a9eadd670295c0c9e2" +checksum = "89132cd0bf050864e1d38dc3bbc07a0eb8e7530af26344d3d2bbbef83499f590" dependencies = [ "proc-macro2", "quote", @@ -9541,7 +9288,7 @@ checksum = "090198534930841fab3a5d1bb637cde49e339654e606195f8d9c76eeb081dc96" dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -9653,7 +9400,7 @@ checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -9735,7 +9482,7 @@ version = "0.5.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f4f7f0dd8d50a853a531c426359045b1998f04219d88799810762cd4ad314234" dependencies = [ - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -9744,7 +9491,7 @@ version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "185d8ab0dfbb35cf1399a6344d8484209c088f75f8f68230da55d48d95d43e3d" dependencies = [ - "serde 1.0.193", + "serde 1.0.210", "serde_spanned", "toml_datetime", "toml_edit 0.20.2", @@ -9756,7 +9503,7 @@ version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7cda73e2f1397b1262d6dfdcef8aafae14d1de7748d66822d3bfeeb6d03e5e4b" dependencies = [ - "serde 1.0.193", + "serde 1.0.210", ] [[package]] @@ -9765,7 +9512,7 @@ version = "0.19.15" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1b5bb770da30e5cbfde35a2d7b9b8a2c4b8ef89548a7a6aeab5c9a576e3e7421" dependencies = [ - "indexmap 2.0.0", + "indexmap 2.6.0", "toml_datetime", "winnow", ] @@ -9776,8 +9523,8 @@ version = "0.20.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "396e4d48bbb2b7554c944bde63101b5ae446cff6ec4a24227428f15eb72ef338" dependencies = [ - "indexmap 2.0.0", - "serde 1.0.193", + "indexmap 2.6.0", + "serde 1.0.210", "serde_spanned", "toml_datetime", "winnow", @@ -9810,7 +9557,7 @@ checksum = "5f4f31f56159e98206da9efd823404b79b6ef3143b4a7ab76e67b1751b25a4ab" dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] [[package]] @@ -9840,7 +9587,7 @@ version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bc6b213177105856957181934e4920de57730fc69bf42c37ee5bb664d406d9e1" dependencies = [ - "serde 1.0.193", + "serde 1.0.210", "tracing-core", ] @@ -9855,8 +9602,8 @@ dependencies = [ "lazy_static", "matchers", "regex 1.9.5", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "sharded-slab", "smallvec 1.11.0", "thread_local", @@ -10229,8 +9976,8 @@ dependencies = [ "pin-project", "rustls-pemfile", "scoped-tls", - "serde 1.0.193", - "serde_json 1.0.103", + "serde 1.0.210", + "serde_json 1.0.120", "serde_urlencoded", "tokio", "tokio-stream", @@ -10279,7 +10026,7 @@ dependencies = [ "once_cell 1.19.0", "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", "wasm-bindgen-shared", ] @@ -10313,7 +10060,7 @@ checksum = "54681b18a46765f095758388f2d0cf16eb8d4169b639ab575a8f5693af210c7b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -10383,7 +10130,7 @@ dependencies = [ "once_cell 1.19.0", "paste", "psm", - "serde 1.0.193", + "serde 1.0.210", "target-lexicon", "wasmparser", "wasmtime-environ", @@ -10413,7 +10160,7 @@ dependencies = [ "indexmap 1.9.3", "log 0.4.20", "object 0.29.0", - "serde 1.0.193", + "serde 1.0.210", "target-lexicon", "thiserror 1.0.44", "wasmparser", @@ -10435,7 +10182,7 @@ dependencies = [ "log 0.4.20", "object 0.29.0", "rustc-demangle", - "serde 1.0.193", + "serde 1.0.210", "target-lexicon", "wasmtime-environ", "wasmtime-jit-icache-coherence", @@ -10494,7 +10241,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "83e5572c5727c1ee7e8f28717aaa8400e4d22dcbd714ea5457d85b5005206568" dependencies = [ "cranelift-entity", - "serde 1.0.193", + "serde 1.0.210", "thiserror 1.0.44", "wasmparser", ] @@ -10894,5 +10641,5 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.32", + "syn 2.0.79", ] diff --git a/tee-worker/Cargo.toml b/tee-worker/Cargo.toml index 07f58471b0..a7db27633d 100644 --- a/tee-worker/Cargo.toml +++ b/tee-worker/Cargo.toml @@ -178,6 +178,7 @@ pallet-balances = { git = "https://github.com/paritytech/substrate", branch = "p pallet-sudo = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42", default-features = false } pallet-timestamp = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42", default-features = false } pallet-transaction-payment = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42", default-features = false } +pallet-evm = { git = "https://github.com/polkadot-evm/frontier", branch = "bar/polkadot-v0.9.42", default-features = false } # SGX SDK sgx_alloc = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk", branch = "master" } @@ -279,10 +280,7 @@ lc-parachain-extrinsic-task-sender = { path = "common/litentry/core/parachain-ex lc-parachain-extrinsic-task-receiver = { path = "common/litentry/core/parachain-extrinsic-task/receiver", default-features = false } litentry-hex-utils = { path = "../common/utils/hex", default-features = false } litentry-macros = { path = "../common/primitives/core/macros" } - -pallet-teebag = { git = "https://github.com/litentry/litentry-parachain", branch = "release-v0.9.19", default-features = false } -pallet-parachain-staking = { git = "https://github.com/litentry/litentry-parachain", branch = "release-v0.9.19", default-features = false } -parentchain-primitives = { package = "core-primitives", git = "https://github.com/litentry/litentry-parachain", branch = "release-v0.9.19", default-features = false } +parentchain-primitives = { package = "core-primitives", path = "../common/primitives/core", default-features = false } # identity lc-assertion-build = { path = "identity/litentry/core/assertion-build", default-features = false } @@ -319,6 +317,16 @@ its-storage = { path = "identity/sidechain/storage" } its-test = { path = "identity/sidechain/test", default-features = false } its-validateer-fetch = { path = "identity/sidechain/validateer-fetch", default-features = false } +[patch."https://github.com/paritytech/polkadot-sdk"] +frame-support = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42" } +sp-core = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42" } +sp-io = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42" } +sp-runtime = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42" } +sp-std = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42" } + +[patch."https://github.com/paritytech/frontier"] +pallet-evm = { git = "https://github.com/polkadot-evm/frontier", branch = "bar/polkadot-v0.9.42" } + [patch."https://github.com/apache/teaclave-sgx-sdk.git"] sgx_alloc = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk", branch = "master" } sgx_crypto_helper = { git = "https://github.com/apache/incubator-teaclave-sgx-sdk", branch = "master" } diff --git a/tee-worker/bitacross/core-primitives/enclave-api/Cargo.toml b/tee-worker/bitacross/core-primitives/enclave-api/Cargo.toml index f4277bee46..ca364fa05d 100644 --- a/tee-worker/bitacross/core-primitives/enclave-api/Cargo.toml +++ b/tee-worker/bitacross/core-primitives/enclave-api/Cargo.toml @@ -26,8 +26,6 @@ itp-stf-interface = { workspace = true } itp-storage = { workspace = true } itp-types = { workspace = true } -pallet-teebag = { workspace = true } - [features] default = [] implement-ffi = [ diff --git a/tee-worker/bitacross/core-primitives/enclave-api/src/enclave_base.rs b/tee-worker/bitacross/core-primitives/enclave-api/src/enclave_base.rs index d615895eff..61ce8f2ba9 100644 --- a/tee-worker/bitacross/core-primitives/enclave-api/src/enclave_base.rs +++ b/tee-worker/bitacross/core-primitives/enclave-api/src/enclave_base.rs @@ -23,9 +23,8 @@ use itp_sgx_crypto::{ecdsa, schnorr}; use itp_stf_interface::ShardCreationInfo; use itp_types::{ parentchain::{Header, ParentchainId, ParentchainInitParams}, - ShardIdentifier, + EnclaveFingerprint, ShardIdentifier, }; -use pallet_teebag::EnclaveFingerprint; use sgx_crypto_helper::rsa3072::Rsa3072PubKey; use sp_core::ed25519; @@ -113,10 +112,9 @@ mod impl_ffi { use itp_stf_interface::ShardCreationInfo; use itp_types::{ parentchain::{Header, ParentchainId, ParentchainInitParams}, - ShardIdentifier, + EnclaveFingerprint, ShardIdentifier, }; use log::*; - use pallet_teebag::EnclaveFingerprint; use sgx_crypto_helper::rsa3072::Rsa3072PubKey; use sgx_types::*; use sp_core::{ed25519, Pair}; diff --git a/tee-worker/bitacross/core-primitives/enclave-api/src/remote_attestation.rs b/tee-worker/bitacross/core-primitives/enclave-api/src/remote_attestation.rs index 618928a311..15691f7172 100644 --- a/tee-worker/bitacross/core-primitives/enclave-api/src/remote_attestation.rs +++ b/tee-worker/bitacross/core-primitives/enclave-api/src/remote_attestation.rs @@ -17,8 +17,7 @@ */ use crate::EnclaveResult; -use itp_types::ShardIdentifier; -use pallet_teebag::Fmspc; +use itp_types::{Fmspc, ShardIdentifier}; use sgx_types::*; /// Struct that unites all relevant data reported by the QVE @@ -126,9 +125,8 @@ mod impl_ffi { use frame_support::ensure; use itp_enclave_api_ffi as ffi; use itp_settings::worker::EXTRINSIC_MAX_SIZE; - use itp_types::ShardIdentifier; + use itp_types::{Fmspc, ShardIdentifier}; use log::*; - use pallet_teebag::Fmspc; use sgx_types::*; const OS_SYSTEM_PATH: &str = "/usr/lib/x86_64-linux-gnu/"; diff --git a/tee-worker/bitacross/enclave-runtime/Cargo.lock b/tee-worker/bitacross/enclave-runtime/Cargo.lock index 0062a3972d..7c196c4cd8 100644 --- a/tee-worker/bitacross/enclave-runtime/Cargo.lock +++ b/tee-worker/bitacross/enclave-runtime/Cargo.lock @@ -40,7 +40,7 @@ dependencies = [ "scale-encode", "scale-info", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "sp-application-crypto", "sp-core", "sp-runtime", @@ -57,7 +57,7 @@ dependencies = [ "primitive-types", "scale-info", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "sp-application-crypto", "sp-core", "sp-core-hashing", @@ -330,7 +330,7 @@ dependencies = [ "itp-storage", "itp-types", "itp-utils", - "litentry-macros 0.1.0", + "litentry-macros", "litentry-primitives", "log 0.4.21", "pallet-balances", @@ -353,7 +353,7 @@ dependencies = [ "itp-utils", "log 0.4.21", "rustls 0.19.0 (git+https://github.com/mesalock-linux/rustls?tag=sgx_1.1.3)", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", "tungstenite", "url 2.5.0", @@ -371,7 +371,7 @@ dependencies = [ "jsonrpc-core", "log 0.4.21", "parity-scale-codec", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", "sp-runtime", "thiserror", @@ -969,22 +969,31 @@ checksum = "6245d59a3e82a7fc217c5828a6692dbc6dfb63a0c8c90495621f7b9d79704a0e" [[package]] name = "core-primitives" version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#ea133d42f915d6e3cbbc51304f534d0b9f42e5d3" dependencies = [ "base58", + "base64 0.13.1", + "chrono 0.4.31", + "der 0.6.1", "frame-support", - "litentry-hex-utils 0.1.0 (git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19)", - "litentry-macros 0.1.0 (git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19)", - "litentry-proc-macros 0.1.0 (git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19)", + "hex", + "hex-literal", + "litentry-hex-utils", + "litentry-macros", + "litentry-proc-macros", "pallet-evm", "parity-scale-codec", + "ring 0.16.20", + "rustls-webpki", "scale-info", + "serde 1.0.204", + "serde_json 1.0.120", "sp-core", "sp-io", "sp-runtime", "sp-std", "strum", "strum_macros", + "x509-cert", ] [[package]] @@ -1300,10 +1309,10 @@ dependencies = [ "jsonrpc-core", "lazy_static", "lc-direct-call", - "litentry-hex-utils 0.1.0", - "litentry-macros 0.1.0", + "litentry-hex-utils", + "litentry-macros", "litentry-primitives", - "litentry-proc-macros 0.1.0", + "litentry-proc-macros", "log 0.4.17", "multibase", "once_cell 1.4.0 (git+https://github.com/mesalock-linux/once_cell-sgx)", @@ -1409,7 +1418,8 @@ dependencies = [ [[package]] name = "evm" version = "0.39.1" -source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a49a4e11987c51220aa89dbe1a5cc877f5079fa6864c0a5b4533331db44e9365" dependencies = [ "auto_impl", "ethereum", @@ -1427,7 +1437,8 @@ dependencies = [ [[package]] name = "evm-core" version = "0.39.0" -source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4f1f13264b044cb66f0602180f0bc781c29accb41ff560669a3ec15858d5b606" dependencies = [ "parity-scale-codec", "primitive-types", @@ -1437,7 +1448,8 @@ dependencies = [ [[package]] name = "evm-gasometer" version = "0.39.0" -source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d43eadc395bd1a52990787ca1495c26b0248165444912be075c28909a853b8c" dependencies = [ "evm-core", "evm-runtime", @@ -1447,7 +1459,8 @@ dependencies = [ [[package]] name = "evm-runtime" version = "0.39.0" -source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2aa5b32f59ec582a5651978004e5c784920291263b7dcb6de418047438e37f4f" dependencies = [ "auto_impl", "evm-core", @@ -1510,9 +1523,9 @@ dependencies = [ [[package]] name = "flagset" -version = "0.4.4" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d52a7e408202050813e6f1d9addadcaafef3dca7530c7ddfb005d4081cce6779" +checksum = "b3ea1ec5f8307826a5b71094dd91fc04d4ae75d5709b20ad351c7fb4815c86ec" [[package]] name = "fnv" @@ -1547,7 +1560,7 @@ dependencies = [ [[package]] name = "fp-account" version = "1.0.0-dev" -source = "git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42#2499d18c936edbcb7fcb711827db7abb9b4f4da4" +source = "git+https://github.com/polkadot-evm/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" dependencies = [ "hex", "libsecp256k1", @@ -1557,14 +1570,13 @@ dependencies = [ "sp-core", "sp-io", "sp-runtime", - "sp-runtime-interface", "sp-std", ] [[package]] name = "fp-evm" version = "3.0.0-dev" -source = "git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42#2499d18c936edbcb7fcb711827db7abb9b4f4da4" +source = "git+https://github.com/polkadot-evm/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" dependencies = [ "evm", "frame-support", @@ -2405,7 +2417,7 @@ dependencies = [ "itp-types", "parity-scale-codec", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", ] @@ -2615,7 +2627,7 @@ name = "itp-utils" version = "0.1.0" dependencies = [ "hex", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "parity-scale-codec", ] @@ -2761,23 +2773,10 @@ dependencies = [ "hex", ] -[[package]] -name = "litentry-hex-utils" -version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#ea133d42f915d6e3cbbc51304f534d0b9f42e5d3" -dependencies = [ - "hex", -] - [[package]] name = "litentry-macros" version = "0.1.0" -[[package]] -name = "litentry-macros" -version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#ea133d42f915d6e3cbbc51304f534d0b9f42e5d3" - [[package]] name = "litentry-primitives" version = "0.1.0" @@ -2788,7 +2787,6 @@ dependencies = [ "itp-sgx-crypto", "itp-sgx-runtime-primitives", "log 0.4.21", - "pallet-teebag", "parity-scale-codec", "rand 0.7.3", "ring 0.16.20", @@ -2812,17 +2810,6 @@ dependencies = [ "syn 2.0.72", ] -[[package]] -name = "litentry-proc-macros" -version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#ea133d42f915d6e3cbbc51304f534d0b9f42e5d3" -dependencies = [ - "cargo_toml", - "proc-macro2", - "quote 1.0.36", - "syn 2.0.72", -] - [[package]] name = "log" version = "0.4.17" @@ -3139,16 +3126,14 @@ dependencies = [ [[package]] name = "pallet-evm" version = "6.0.0-dev" -source = "git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42#2499d18c936edbcb7fcb711827db7abb9b4f4da4" +source = "git+https://github.com/polkadot-evm/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" dependencies = [ - "environmental 1.1.4", "evm", "fp-account", "fp-evm", "frame-support", "frame-system", "hex", - "hex-literal", "impl-trait-for-tuples", "log 0.4.21", "parity-scale-codec", @@ -3187,33 +3172,6 @@ dependencies = [ "sp-std", ] -[[package]] -name = "pallet-teebag" -version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#ea133d42f915d6e3cbbc51304f534d0b9f42e5d3" -dependencies = [ - "base64 0.13.1", - "chrono 0.4.31", - "der 0.6.1", - "frame-support", - "frame-system", - "hex", - "hex-literal", - "log 0.4.21", - "pallet-timestamp", - "parity-scale-codec", - "ring 0.16.20", - "rustls-webpki", - "scale-info", - "serde 1.0.204", - "serde_json 1.0.103", - "sp-core", - "sp-io", - "sp-runtime", - "sp-std", - "x509-cert", -] - [[package]] name = "pallet-timestamp" version = "4.0.0-dev" @@ -4044,9 +4002,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.103" +version = "1.0.120" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d03b412469450d4404fe8499a268edd7f8b79fecb074b0d812ad64ca21f4031b" +checksum = "4e0d21c9a8cae1235ad58a00c11cb40d4b1e5c784f1ef2c537876ed6ffd8b7c5" dependencies = [ "itoa 1.0.9", "ryu", @@ -4736,7 +4694,7 @@ dependencies = [ "proc-macro2", "quote 1.0.36", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "unicode-xid 0.2.4", ] @@ -4787,7 +4745,7 @@ dependencies = [ "maybe-async", "parity-scale-codec", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "sp-core", "sp-runtime", "sp-runtime-interface", diff --git a/tee-worker/bitacross/enclave-runtime/Cargo.toml b/tee-worker/bitacross/enclave-runtime/Cargo.toml index 064b3b8181..b7bf21eaaf 100644 --- a/tee-worker/bitacross/enclave-runtime/Cargo.toml +++ b/tee-worker/bitacross/enclave-runtime/Cargo.toml @@ -153,6 +153,16 @@ ring = { git = "https://github.com/betrusted-io/ring-xous", branch = "0.16.20-cl [patch."https://github.com/mesalock-linux/log-sgx"] log = { git = "https://github.com/integritee-network/log-sgx" } +[patch."https://github.com/paritytech/polkadot-sdk"] +frame-support = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42" } +sp-core = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42" } +sp-io = { path = "../../common/core-primitives/substrate-sgx/sp-io" } +sp-runtime = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42" } +sp-std = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42" } + +[patch."https://github.com/paritytech/frontier"] +pallet-evm = { git = "https://github.com/polkadot-evm/frontier", branch = "bar/polkadot-v0.9.42" } + [patch."https://github.com/paritytech/substrate"] sp-io = { path = "../../common/core-primitives/substrate-sgx/sp-io" } diff --git a/tee-worker/common/core-primitives/types/src/lib.rs b/tee-worker/common/core-primitives/types/src/lib.rs index b224381f63..d60fa6f08a 100644 --- a/tee-worker/common/core-primitives/types/src/lib.rs +++ b/tee-worker/common/core-primitives/types/src/lib.rs @@ -21,7 +21,6 @@ use crate::storage::StorageEntry; use codec::{Decode, Encode}; use itp_sgx_crypto::ShieldingCryptoDecrypt; -use litentry_primitives::decl_rsa_request; use sp_std::{boxed::Box, fmt::Debug, vec::Vec}; pub mod parentchain; @@ -31,8 +30,8 @@ pub use sidechain::SidechainBlockHash; pub use itp_sgx_runtime_primitives::types::*; pub use litentry_primitives::{ - Assertion, AttestationType, DcapProvider, DecryptableRequest, Enclave, EnclaveFingerprint, - MrEnclave, SidechainBlockNumber, WorkerType, + decl_rsa_request, Assertion, AttestationType, DcapProvider, DecryptableRequest, Enclave, + EnclaveFingerprint, Fmspc, MrEnclave, SidechainBlockNumber, WorkerType, }; pub use sp_core::{crypto::AccountId32 as AccountId, H256}; diff --git a/tee-worker/common/litentry/primitives/Cargo.toml b/tee-worker/common/litentry/primitives/Cargo.toml index 9a1c2bd38b..c47357c7bf 100644 --- a/tee-worker/common/litentry/primitives/Cargo.toml +++ b/tee-worker/common/litentry/primitives/Cargo.toml @@ -25,7 +25,6 @@ sgx_tstd = { workspace = true, features = ["net", "thread"], optional = true } itp-sgx-crypto = { workspace = true } itp-sgx-runtime-primitives = { workspace = true } -pallet-teebag = { workspace = true } parentchain-primitives = { workspace = true } [dev-dependencies] @@ -54,7 +53,6 @@ std = [ "sp-runtime/std", "ring/std", "parentchain-primitives/std", - "pallet-teebag/std", "rand", "log/std", "bitcoin/std", diff --git a/tee-worker/common/litentry/primitives/src/lib.rs b/tee-worker/common/litentry/primitives/src/lib.rs index 2a14a12b82..298d8090ed 100644 --- a/tee-worker/common/litentry/primitives/src/lib.rs +++ b/tee-worker/common/litentry/primitives/src/lib.rs @@ -45,10 +45,6 @@ use bitcoin::sign_message::{signed_msg_hash, MessageSignature}; use codec::{Decode, Encode, MaxEncodedLen}; use itp_sgx_crypto::ShieldingCryptoDecrypt; use log::error; -pub use pallet_teebag::{ - decl_rsa_request, extract_tcb_info_from_raw_dcap_quote, AttestationType, DcapProvider, Enclave, - EnclaveFingerprint, MrEnclave, ShardIdentifier, SidechainBlockNumber, WorkerMode, WorkerType, -}; pub use parentchain_primitives::{ assertion::{ achainable::{ @@ -74,10 +70,12 @@ pub use parentchain_primitives::{ web3_token::Web3TokenType, Assertion, }, + decl_rsa_request, identity::*, + teebag::*, AccountId as ParentchainAccountId, Balance as ParentchainBalance, BlockNumber as ParentchainBlockNumber, ErrorDetail, ErrorString, Hash as ParentchainHash, - Header as ParentchainHeader, IMPError, Index as ParentchainIndex, IntoErrorDetail, + Header as ParentchainHeader, IMPError, IntoErrorDetail, Nonce as ParentchainIndex, ParameterString, SchemaContentString, SchemaIdString, Signature as ParentchainSignature, VCMPError, MINUTES, }; diff --git a/tee-worker/identity/app-libs/sgx-runtime/Cargo.toml b/tee-worker/identity/app-libs/sgx-runtime/Cargo.toml index fef1a94e42..4844bbcf22 100644 --- a/tee-worker/identity/app-libs/sgx-runtime/Cargo.toml +++ b/tee-worker/identity/app-libs/sgx-runtime/Cargo.toml @@ -26,7 +26,7 @@ sp-runtime = { workspace = true } sp-std = { workspace = true } sp-version = { workspace = true } -pallet-evm = { git = "https://github.com/integritee-network/frontier", branch = "bar/polkadot-v0.9.42", default-features = false, optional = true } +pallet-evm = { workspace = true, optional = true } pallet-identity-management-tee = { workspace = true } pallet-parentchain = { workspace = true } diff --git a/tee-worker/identity/cli/Cargo.toml b/tee-worker/identity/cli/Cargo.toml index b0f273b20d..c2046700ac 100644 --- a/tee-worker/identity/cli/Cargo.toml +++ b/tee-worker/identity/cli/Cargo.toml @@ -23,7 +23,7 @@ serde_json = { workspace = true, features = ["std"] } thiserror = { workspace = true } urlencoding = "2.1.3" -pallet-evm = { git = "https://github.com/integritee-network/frontier", branch = "bar/polkadot-v0.9.42", optional = true } +pallet-evm = { workspace = true, features = ["std"], optional = true } sgx_crypto_helper = { workspace = true } substrate-api-client = { workspace = true } @@ -50,7 +50,6 @@ frame-metadata = "15.0.0" litentry-hex-utils = { workspace = true } litentry-primitives = { workspace = true, features = ["std"] } scale-value = "0.6.0" -sp-core-hashing = "6.0.0" [features] default = [] diff --git a/tee-worker/identity/cli/src/trusted_base_cli/commands/litentry/get_storage.rs b/tee-worker/identity/cli/src/trusted_base_cli/commands/litentry/get_storage.rs index 66ce2e6a57..4b30b0320d 100644 --- a/tee-worker/identity/cli/src/trusted_base_cli/commands/litentry/get_storage.rs +++ b/tee-worker/identity/cli/src/trusted_base_cli/commands/litentry/get_storage.rs @@ -202,24 +202,24 @@ fn send_get_storage_request( } fn write_storage_address_root_bytes(pallet_name: &str, storage_name: &str, out: &mut Vec) { - out.extend(sp_core_hashing::twox_128(pallet_name.as_bytes())); - out.extend(sp_core_hashing::twox_128(storage_name.as_bytes())); + out.extend(sp_core::hashing::twox_128(pallet_name.as_bytes())); + out.extend(sp_core::hashing::twox_128(storage_name.as_bytes())); } /// Take some SCALE encoded bytes and a [`StorageHasher`] and hash the bytes accordingly. fn hash_bytes(input: &[u8], hasher: &StorageHasher, bytes: &mut Vec) { match hasher { StorageHasher::Identity => bytes.extend(input), - StorageHasher::Blake2_128 => bytes.extend(sp_core_hashing::blake2_128(input)), + StorageHasher::Blake2_128 => bytes.extend(sp_core::hashing::blake2_128(input)), StorageHasher::Blake2_128Concat => { - bytes.extend(sp_core_hashing::blake2_128(input)); + bytes.extend(sp_core::hashing::blake2_128(input)); bytes.extend(input); }, - StorageHasher::Blake2_256 => bytes.extend(sp_core_hashing::blake2_256(input)), - StorageHasher::Twox128 => bytes.extend(sp_core_hashing::twox_128(input)), - StorageHasher::Twox256 => bytes.extend(sp_core_hashing::twox_256(input)), + StorageHasher::Blake2_256 => bytes.extend(sp_core::hashing::blake2_256(input)), + StorageHasher::Twox128 => bytes.extend(sp_core::hashing::twox_128(input)), + StorageHasher::Twox256 => bytes.extend(sp_core::hashing::twox_256(input)), StorageHasher::Twox64Concat => { - bytes.extend(sp_core_hashing::twox_64(input)); + bytes.extend(sp_core::hashing::twox_64(input)); bytes.extend(input); }, } diff --git a/tee-worker/identity/core-primitives/enclave-api/Cargo.toml b/tee-worker/identity/core-primitives/enclave-api/Cargo.toml index 9eab618dd0..f260adbc6a 100644 --- a/tee-worker/identity/core-primitives/enclave-api/Cargo.toml +++ b/tee-worker/identity/core-primitives/enclave-api/Cargo.toml @@ -26,8 +26,6 @@ itp-stf-interface = { workspace = true } itp-storage = { workspace = true } itp-types = { workspace = true } -pallet-teebag = { workspace = true } - [features] default = [] implement-ffi = [ diff --git a/tee-worker/identity/core-primitives/enclave-api/src/enclave_base.rs b/tee-worker/identity/core-primitives/enclave-api/src/enclave_base.rs index 3287c7b967..47f0bfa08f 100644 --- a/tee-worker/identity/core-primitives/enclave-api/src/enclave_base.rs +++ b/tee-worker/identity/core-primitives/enclave-api/src/enclave_base.rs @@ -22,9 +22,8 @@ use core::fmt::Debug; use itp_stf_interface::ShardCreationInfo; use itp_types::{ parentchain::{Header, ParentchainId, ParentchainInitParams}, - ShardIdentifier, + EnclaveFingerprint, ShardIdentifier, }; -use pallet_teebag::EnclaveFingerprint; use sgx_crypto_helper::rsa3072::Rsa3072PubKey; use sp_core::ed25519; @@ -100,10 +99,9 @@ mod impl_ffi { use itp_stf_interface::ShardCreationInfo; use itp_types::{ parentchain::{Header, ParentchainId, ParentchainInitParams}, - ShardIdentifier, + EnclaveFingerprint, ShardIdentifier, }; use log::*; - use pallet_teebag::EnclaveFingerprint; use sgx_crypto_helper::rsa3072::Rsa3072PubKey; use sgx_types::*; use sp_core::ed25519; diff --git a/tee-worker/identity/core-primitives/enclave-api/src/remote_attestation.rs b/tee-worker/identity/core-primitives/enclave-api/src/remote_attestation.rs index 11da5530bd..e37d410bd0 100644 --- a/tee-worker/identity/core-primitives/enclave-api/src/remote_attestation.rs +++ b/tee-worker/identity/core-primitives/enclave-api/src/remote_attestation.rs @@ -17,8 +17,7 @@ */ use crate::EnclaveResult; -use itp_types::ShardIdentifier; -use pallet_teebag::Fmspc; +use itp_types::{Fmspc, ShardIdentifier}; use sgx_types::*; /// Struct that unites all relevant data reported by the QVE @@ -126,9 +125,8 @@ mod impl_ffi { use frame_support::ensure; use itp_enclave_api_ffi as ffi; use itp_settings::worker::EXTRINSIC_MAX_SIZE; - use itp_types::ShardIdentifier; + use itp_types::{Fmspc, ShardIdentifier}; use log::*; - use pallet_teebag::Fmspc; use sgx_types::*; const OS_SYSTEM_PATH: &str = "/usr/lib/x86_64-linux-gnu/"; diff --git a/tee-worker/identity/enclave-runtime/Cargo.lock b/tee-worker/identity/enclave-runtime/Cargo.lock index de7a5089bf..07c5998291 100644 --- a/tee-worker/identity/enclave-runtime/Cargo.lock +++ b/tee-worker/identity/enclave-runtime/Cargo.lock @@ -40,7 +40,7 @@ dependencies = [ "scale-encode", "scale-info", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "sp-application-crypto", "sp-core", "sp-runtime", @@ -57,7 +57,7 @@ dependencies = [ "primitive-types", "scale-info", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "sp-application-crypto", "sp-core", "sp-core-hashing", @@ -612,22 +612,31 @@ checksum = "6245d59a3e82a7fc217c5828a6692dbc6dfb63a0c8c90495621f7b9d79704a0e" [[package]] name = "core-primitives" version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#cdbe9b02c1c58ca3d0063bf2eaf26a1f9da314e9" dependencies = [ "base58", + "base64 0.13.1", + "chrono 0.4.31", + "der 0.6.1", "frame-support", - "litentry-hex-utils 0.1.0 (git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19)", - "litentry-macros 0.1.0 (git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19)", - "litentry-proc-macros 0.1.0 (git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19)", - "pallet-evm 6.0.0-dev (git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42)", + "hex", + "hex-literal", + "litentry-hex-utils", + "litentry-macros", + "litentry-proc-macros", + "pallet-evm", "parity-scale-codec", + "ring 0.16.20", + "rustls-webpki", "scale-info", + "serde 1.0.204", + "serde_json 1.0.120", "sp-core", "sp-io", "sp-runtime", "sp-std", "strum", "strum_macros", + "x509-cert", ] [[package]] @@ -946,10 +955,10 @@ dependencies = [ "lc-parachain-extrinsic-task-receiver", "lc-stf-task-receiver", "lc-vc-task-receiver", - "litentry-hex-utils 0.1.0", - "litentry-macros 0.1.0", + "litentry-hex-utils", + "litentry-macros", "litentry-primitives", - "litentry-proc-macros 0.1.0", + "litentry-proc-macros", "log", "multibase", "once_cell 1.4.0", @@ -1088,27 +1097,9 @@ checksum = "a49a4e11987c51220aa89dbe1a5cc877f5079fa6864c0a5b4533331db44e9365" dependencies = [ "auto_impl", "ethereum 0.14.0", - "evm-core 0.39.0 (registry+https://github.com/rust-lang/crates.io-index)", - "evm-gasometer 0.39.0 (registry+https://github.com/rust-lang/crates.io-index)", - "evm-runtime 0.39.0 (registry+https://github.com/rust-lang/crates.io-index)", - "log", - "parity-scale-codec", - "primitive-types", - "rlp", - "scale-info", - "sha3 0.10.8", -] - -[[package]] -name = "evm" -version = "0.39.1" -source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" -dependencies = [ - "auto_impl", - "ethereum 0.14.0", - "evm-core 0.39.0 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", - "evm-gasometer 0.39.0 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", - "evm-runtime 0.39.0 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", + "evm-core 0.39.0", + "evm-gasometer 0.39.0", + "evm-runtime 0.39.0", "log", "parity-scale-codec", "primitive-types", @@ -1147,16 +1138,6 @@ dependencies = [ "scale-info", ] -[[package]] -name = "evm-core" -version = "0.39.0" -source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" -dependencies = [ - "parity-scale-codec", - "primitive-types", - "scale-info", -] - [[package]] name = "evm-core" version = "0.41.0" @@ -1174,18 +1155,8 @@ version = "0.39.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8d43eadc395bd1a52990787ca1495c26b0248165444912be075c28909a853b8c" dependencies = [ - "evm-core 0.39.0 (registry+https://github.com/rust-lang/crates.io-index)", - "evm-runtime 0.39.0 (registry+https://github.com/rust-lang/crates.io-index)", - "primitive-types", -] - -[[package]] -name = "evm-gasometer" -version = "0.39.0" -source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" -dependencies = [ - "evm-core 0.39.0 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", - "evm-runtime 0.39.0 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", + "evm-core 0.39.0", + "evm-runtime 0.39.0", "primitive-types", ] @@ -1207,18 +1178,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2aa5b32f59ec582a5651978004e5c784920291263b7dcb6de418047438e37f4f" dependencies = [ "auto_impl", - "evm-core 0.39.0 (registry+https://github.com/rust-lang/crates.io-index)", - "primitive-types", - "sha3 0.10.8", -] - -[[package]] -name = "evm-runtime" -version = "0.39.0" -source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" -dependencies = [ - "auto_impl", - "evm-core 0.39.0 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", + "evm-core 0.39.0", "primitive-types", "sha3 0.10.8", ] @@ -1290,9 +1250,9 @@ dependencies = [ [[package]] name = "flagset" -version = "0.4.4" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d52a7e408202050813e6f1d9addadcaafef3dca7530c7ddfb005d4081cce6779" +checksum = "b3ea1ec5f8307826a5b71094dd91fc04d4ae75d5709b20ad351c7fb4815c86ec" [[package]] name = "fnv" @@ -1319,23 +1279,7 @@ dependencies = [ [[package]] name = "fp-account" version = "1.0.0-dev" -source = "git+https://github.com/integritee-network/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" -dependencies = [ - "hex", - "libsecp256k1", - "log", - "parity-scale-codec", - "scale-info", - "sp-core", - "sp-io", - "sp-runtime", - "sp-std", -] - -[[package]] -name = "fp-account" -version = "1.0.0-dev" -source = "git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42#2499d18c936edbcb7fcb711827db7abb9b4f4da4" +source = "git+https://github.com/polkadot-evm/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" dependencies = [ "hex", "libsecp256k1", @@ -1345,30 +1289,15 @@ dependencies = [ "sp-core", "sp-io", "sp-runtime", - "sp-runtime-interface", "sp-std", ] [[package]] name = "fp-evm" version = "3.0.0-dev" -source = "git+https://github.com/integritee-network/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" +source = "git+https://github.com/polkadot-evm/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" dependencies = [ - "evm 0.39.1 (registry+https://github.com/rust-lang/crates.io-index)", - "frame-support", - "parity-scale-codec", - "scale-info", - "sp-core", - "sp-runtime", - "sp-std", -] - -[[package]] -name = "fp-evm" -version = "3.0.0-dev" -source = "git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42#2499d18c936edbcb7fcb711827db7abb9b4f4da4" -dependencies = [ - "evm 0.39.1 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", + "evm 0.39.1", "frame-support", "parity-scale-codec", "scale-info", @@ -1896,7 +1825,7 @@ dependencies = [ "frame-system", "itp-sgx-runtime-primitives", "pallet-balances", - "pallet-evm 6.0.0-dev (git+https://github.com/integritee-network/frontier?branch=bar/polkadot-v0.9.42)", + "pallet-evm", "pallet-identity-management-tee", "pallet-parentchain", "pallet-sudo", @@ -1931,8 +1860,8 @@ dependencies = [ "itp-types", "itp-utils", "lc-stf-task-sender", - "litentry-hex-utils 0.1.0", - "litentry-macros 0.1.0", + "litentry-hex-utils", + "litentry-macros", "litentry-primitives", "log", "pallet-balances", @@ -1957,7 +1886,7 @@ dependencies = [ "itp-utils", "log", "rustls 0.19.0 (git+https://github.com/mesalock-linux/rustls?tag=sgx_1.1.3)", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", "tungstenite", "url 2.5.0", @@ -1975,7 +1904,7 @@ dependencies = [ "jsonrpc-core", "log", "parity-scale-codec", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", "sp-runtime", "thiserror", @@ -2311,7 +2240,7 @@ dependencies = [ "http_req", "log", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", "thiserror", "url 2.5.0", @@ -2528,7 +2457,7 @@ dependencies = [ "itp-types", "parity-scale-codec", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", ] @@ -2738,7 +2667,7 @@ name = "itp-utils" version = "0.1.0" dependencies = [ "hex", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "parity-scale-codec", ] @@ -2808,7 +2737,7 @@ dependencies = [ "its-primitives", "its-state", "its-validateer-fetch", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "log", "parity-scale-codec", "sgx_tstd", @@ -2834,7 +2763,7 @@ dependencies = [ "its-block-verification", "its-primitives", "its-state", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "log", "parity-scale-codec", "sgx_tstd", @@ -3012,12 +2941,11 @@ dependencies = [ "lc-evm-dynamic-assertions", "litentry-primitives", "log", - "pallet-parachain-staking", "parity-scale-codec", "primitive-types", "rust-base58 0.0.4 (git+https://github.com/mesalock-linux/rust-base58-sgx)", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", "sp-core", "ss58-registry", @@ -3038,7 +2966,7 @@ dependencies = [ "lc-common", "lc-credentials-v2", "lc-service", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "litentry-primitives", "log", "parity-scale-codec", @@ -3072,7 +3000,7 @@ dependencies = [ "rust-base58 0.0.4 (git+https://github.com/mesalock-linux/rust-base58-sgx)", "scale-info", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "serde_json 1.0.60 (git+https://github.com/mesalock-linux/serde-json-sgx?tag=sgx_1.1.3)", "sgx_tstd", "sp-core", @@ -3104,7 +3032,7 @@ dependencies = [ "log", "parity-scale-codec", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", "thiserror", "url 2.5.0", @@ -3140,7 +3068,7 @@ dependencies = [ "log", "parity-scale-codec", "rust_decimal", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_tstd", "ss58-registry", "thiserror", @@ -3166,7 +3094,7 @@ dependencies = [ "lru", "parity-scale-codec", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "sgx_rand", "sgx_tstd", "sp-core", @@ -3291,7 +3219,7 @@ dependencies = [ "lc-stf-task-receiver", "lc-stf-task-sender", "lc-vc-task-sender", - "litentry-macros 0.1.0", + "litentry-macros", "litentry-primitives", "log", "pallet-identity-management-tee", @@ -3376,22 +3304,9 @@ dependencies = [ "hex", ] -[[package]] -name = "litentry-hex-utils" -version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#cdbe9b02c1c58ca3d0063bf2eaf26a1f9da314e9" -dependencies = [ - "hex", -] - -[[package]] -name = "litentry-macros" -version = "0.1.0" - [[package]] name = "litentry-macros" version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#cdbe9b02c1c58ca3d0063bf2eaf26a1f9da314e9" [[package]] name = "litentry-primitives" @@ -3403,7 +3318,6 @@ dependencies = [ "itp-sgx-crypto", "itp-sgx-runtime-primitives", "log", - "pallet-teebag", "parity-scale-codec", "rand 0.7.3", "ring 0.16.20", @@ -3427,17 +3341,6 @@ dependencies = [ "syn 2.0.72", ] -[[package]] -name = "litentry-proc-macros" -version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#cdbe9b02c1c58ca3d0063bf2eaf26a1f9da314e9" -dependencies = [ - "cargo_toml", - "proc-macro2", - "quote 1.0.36", - "syn 2.0.72", -] - [[package]] name = "log" version = "0.4.17" @@ -3729,20 +3632,6 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" -[[package]] -name = "pallet-authorship" -version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff24c60ac7d9f87727ecdd0ded9a80c56e4f4b65" -dependencies = [ - "frame-support", - "frame-system", - "impl-trait-for-tuples", - "parity-scale-codec", - "scale-info", - "sp-runtime", - "sp-std", -] - [[package]] name = "pallet-balances" version = "4.0.0-dev" @@ -3760,11 +3649,11 @@ dependencies = [ [[package]] name = "pallet-evm" version = "6.0.0-dev" -source = "git+https://github.com/integritee-network/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" +source = "git+https://github.com/polkadot-evm/frontier?branch=bar/polkadot-v0.9.42#a5a5e1e6ec08cd542a6084c310863150fb8841b1" dependencies = [ - "evm 0.39.1 (registry+https://github.com/rust-lang/crates.io-index)", - "fp-account 1.0.0-dev (git+https://github.com/integritee-network/frontier?branch=bar/polkadot-v0.9.42)", - "fp-evm 3.0.0-dev (git+https://github.com/integritee-network/frontier?branch=bar/polkadot-v0.9.42)", + "evm 0.39.1", + "fp-account", + "fp-evm", "frame-support", "frame-system", "hex", @@ -3779,30 +3668,6 @@ dependencies = [ "sp-std", ] -[[package]] -name = "pallet-evm" -version = "6.0.0-dev" -source = "git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42#2499d18c936edbcb7fcb711827db7abb9b4f4da4" -dependencies = [ - "environmental 1.1.4", - "evm 0.39.1 (git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65)", - "fp-account 1.0.0-dev (git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42)", - "fp-evm 3.0.0-dev (git+https://github.com/paritytech/frontier?branch=polkadot-v0.9.42)", - "frame-support", - "frame-system", - "hex", - "hex-literal", - "impl-trait-for-tuples", - "log", - "parity-scale-codec", - "rlp", - "scale-info", - "sp-core", - "sp-io", - "sp-runtime", - "sp-std", -] - [[package]] name = "pallet-identity-management-tee" version = "0.1.0" @@ -3820,26 +3685,6 @@ dependencies = [ "sp-std", ] -[[package]] -name = "pallet-parachain-staking" -version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#cdbe9b02c1c58ca3d0063bf2eaf26a1f9da314e9" -dependencies = [ - "core-primitives", - "frame-support", - "frame-system", - "log", - "pallet-authorship", - "pallet-balances", - "pallet-session", - "parity-scale-codec", - "scale-info", - "sp-runtime", - "sp-staking", - "sp-std", - "substrate-fixed", -] - [[package]] name = "pallet-parentchain" version = "0.1.0" @@ -3853,26 +3698,6 @@ dependencies = [ "sp-runtime", ] -[[package]] -name = "pallet-session" -version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff24c60ac7d9f87727ecdd0ded9a80c56e4f4b65" -dependencies = [ - "frame-support", - "frame-system", - "impl-trait-for-tuples", - "log", - "pallet-timestamp", - "parity-scale-codec", - "scale-info", - "sp-core", - "sp-io", - "sp-runtime", - "sp-session", - "sp-staking", - "sp-std", -] - [[package]] name = "pallet-sudo" version = "4.0.0-dev" @@ -3887,33 +3712,6 @@ dependencies = [ "sp-std", ] -[[package]] -name = "pallet-teebag" -version = "0.1.0" -source = "git+https://github.com/litentry/litentry-parachain?branch=release-v0.9.19#cdbe9b02c1c58ca3d0063bf2eaf26a1f9da314e9" -dependencies = [ - "base64 0.13.1", - "chrono 0.4.31", - "der 0.6.1", - "frame-support", - "frame-system", - "hex", - "hex-literal", - "log", - "pallet-timestamp", - "parity-scale-codec", - "ring 0.16.20", - "rustls-webpki", - "scale-info", - "serde 1.0.204", - "serde_json 1.0.103", - "sp-core", - "sp-io", - "sp-runtime", - "sp-std", - "x509-cert", -] - [[package]] name = "pallet-timestamp" version = "4.0.0-dev" @@ -4758,9 +4556,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.103" +version = "1.0.120" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d03b412469450d4404fe8499a268edd7f8b79fecb074b0d812ad64ca21f4031b" +checksum = "4e0d21c9a8cae1235ad58a00c11cb40d4b1e5c784f1ef2c537876ed6ffd8b7c5" dependencies = [ "itoa 1.0.9", "ryu", @@ -5319,19 +5117,6 @@ dependencies = [ "syn 2.0.72", ] -[[package]] -name = "sp-session" -version = "4.0.0-dev" -source = "git+https://github.com/paritytech/substrate?branch=polkadot-v0.9.42#ff24c60ac7d9f87727ecdd0ded9a80c56e4f4b65" -dependencies = [ - "parity-scale-codec", - "scale-info", - "sp-api", - "sp-core", - "sp-staking", - "sp-std", -] - [[package]] name = "sp-staking" version = "4.0.0-dev" @@ -5480,7 +5265,7 @@ dependencies = [ "proc-macro2", "quote 1.0.36", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "unicode-xid 0.2.4", ] @@ -5531,32 +5316,12 @@ dependencies = [ "maybe-async", "parity-scale-codec", "serde 1.0.204", - "serde_json 1.0.103", + "serde_json 1.0.120", "sp-core", "sp-runtime", "sp-runtime-interface", ] -[[package]] -name = "substrate-fixed" -version = "0.5.9" -source = "git+https://github.com/encointer/substrate-fixed#a75f3ba3f7c7893fb420500639cc055f964b1b88" -dependencies = [ - "parity-scale-codec", - "scale-info", - "substrate-typenum", -] - -[[package]] -name = "substrate-typenum" -version = "1.16.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0f0091e93c2c75b233ae39424c52cb8a662c0811fb68add149e20e5d7e8a788" -dependencies = [ - "parity-scale-codec", - "scale-info", -] - [[package]] name = "subtle" version = "2.4.1" diff --git a/tee-worker/identity/enclave-runtime/Cargo.toml b/tee-worker/identity/enclave-runtime/Cargo.toml index 283d1fcedf..35b9c47107 100644 --- a/tee-worker/identity/enclave-runtime/Cargo.toml +++ b/tee-worker/identity/enclave-runtime/Cargo.toml @@ -172,6 +172,16 @@ ring = { git = "https://github.com/betrusted-io/ring-xous", branch = "0.16.20-cl [patch."https://github.com/mesalock-linux/log-sgx"] log = { git = "https://github.com/integritee-network/log-sgx" } +[patch."https://github.com/paritytech/polkadot-sdk"] +frame-support = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42" } +sp-core = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42" } +sp-io = { path = "../../common/core-primitives/substrate-sgx/sp-io" } +sp-runtime = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42" } +sp-std = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42" } + +[patch."https://github.com/paritytech/frontier"] +pallet-evm = { git = "https://github.com/polkadot-evm/frontier", branch = "bar/polkadot-v0.9.42" } + [patch."https://github.com/paritytech/substrate"] sp-io = { path = "../../common/core-primitives/substrate-sgx/sp-io" } diff --git a/tee-worker/identity/litentry/core/assertion-build/Cargo.toml b/tee-worker/identity/litentry/core/assertion-build/Cargo.toml index 09fc7d1fda..00457e5713 100644 --- a/tee-worker/identity/litentry/core/assertion-build/Cargo.toml +++ b/tee-worker/identity/litentry/core/assertion-build/Cargo.toml @@ -39,7 +39,6 @@ lc-data-providers = { workspace = true } lc-dynamic-assertion = { workspace = true } lc-evm-dynamic-assertions = { workspace = true } litentry-primitives = { workspace = true } -pallet-parachain-staking = { workspace = true } [dev-dependencies] chrono = { workspace = true, features = ["std", "alloc"] } diff --git a/tee-worker/identity/litentry/core/assertion-build/src/lit_staking.rs b/tee-worker/identity/litentry/core/assertion-build/src/lit_staking.rs index 463b27f9e6..6d695668aa 100644 --- a/tee-worker/identity/litentry/core/assertion-build/src/lit_staking.rs +++ b/tee-worker/identity/litentry/core/assertion-build/src/lit_staking.rs @@ -32,7 +32,6 @@ use lc_credentials::{ }; use lc_data_providers::build_client_with_cert; use litentry_primitives::ParentchainBalance; -use pallet_parachain_staking::types::Delegator; use serde::{Deserialize, Serialize}; use std::string::ToString; @@ -117,6 +116,47 @@ impl QueryParachainStaking for LitentryStakingClient { } } +// primitive types copied from pallet-parachain-staking +// +// it's to break the cargo deps to the whole pallet, especially when we +// expect a `polkadot-v0.9.42` version of pallet within the worker +mod parachain_staking_primitives { + use super::*; + use codec::{Decode, Encode}; + + #[derive(Clone, Encode, Decode)] + pub struct OrderedSet(pub Vec); + + #[derive(Clone, Encode, Decode)] + pub struct Bond { + pub owner: AccountId, + pub amount: ParentchainBalance, + } + + #[derive(Clone, PartialEq, Eq, Encode, Decode)] + pub enum DelegatorStatus { + /// Active with no scheduled exit + #[codec(index = 0)] + Active, + } + + #[derive(Clone, Encode, Decode)] + /// Delegator state + pub struct Delegator { + /// Delegator account + pub id: AccountId, + /// All current delegations + pub delegations: OrderedSet, + /// Total balance locked for this delegator + pub total: ParentchainBalance, + /// Sum of pending revocation amounts + bond less amounts + pub less_total: ParentchainBalance, + /// Status for this delegator + pub status: DelegatorStatus, + } +} +use parachain_staking_primitives::*; + pub struct DelegatorState; impl DelegatorState { pub fn query_lit_staking( @@ -159,13 +199,11 @@ impl DelegatorState { Ok(params.to_string() + &hex::encode(&cocat)) } - fn decode_delegator(storage_in_hex: &str) -> Result> { + fn decode_delegator(storage_in_hex: &str) -> Result { // Remove 0x if let Some(storage_in_hex_without_prefix) = storage_in_hex.strip_prefix("0x") { if let Ok(decoded) = hex::decode(storage_in_hex_without_prefix) { - if let Ok(delegator) = - Delegator::::decode(&mut decoded.as_bytes_ref()) - { + if let Ok(delegator) = Delegator::decode(&mut decoded.as_bytes_ref()) { return Ok(delegator) } } From 2dbaa33b8b2479c4a54679835cfba07ab7f76c8b Mon Sep 17 00:00:00 2001 From: Kai <7630809+Kailai-Wang@users.noreply.github.com> Date: Fri, 11 Oct 2024 18:14:24 +0200 Subject: [PATCH 10/17] OmniAccount derivation (#3126) * add omni_account to primitives * fix ci --- .../primitives/core/src/assertion/network.rs | 2 +- common/primitives/core/src/identity.rs | 42 +- common/primitives/core/src/lib.rs | 8 +- common/primitives/core/src/omni_account.rs | 78 ++++ common/primitives/core/src/teebag/types.rs | 3 +- parachain/pallets/omni-account/src/lib.rs | 156 +++---- parachain/pallets/omni-account/src/mock.rs | 12 +- parachain/pallets/omni-account/src/tests.rs | 402 +++++------------- parachain/pallets/score-staking/src/lib.rs | 4 +- parachain/runtime/litentry/src/lib.rs | 14 +- parachain/runtime/paseo/src/lib.rs | 13 +- parachain/runtime/rococo/src/lib.rs | 14 +- .../bitacross/app-libs/stf/src/getter.rs | 6 +- .../app-libs/stf/src/trusted_call.rs | 15 +- .../stf-primitives/src/types.rs | 4 +- .../types/src/parentchain/events.rs | 4 +- .../identity/app-libs/stf/src/getter.rs | 8 +- .../identity/app-libs/stf/src/trusted_call.rs | 29 +- .../app-libs/stf/src/trusted_call_litentry.rs | 8 +- .../commands/litentry/link_identity.rs | 2 +- .../enclave-runtime/src/rpc/common_api.rs | 6 +- .../core/assertion-build/src/lit_staking.rs | 2 +- .../identity-verification/src/web2/mod.rs | 4 +- .../core/stf-task/receiver/src/lib.rs | 2 +- .../litentry/core/vc-task/receiver/src/lib.rs | 2 +- 25 files changed, 326 insertions(+), 514 deletions(-) create mode 100644 common/primitives/core/src/omni_account.rs diff --git a/common/primitives/core/src/assertion/network.rs b/common/primitives/core/src/assertion/network.rs index 8c3d98d9b3..9737e1792f 100644 --- a/common/primitives/core/src/assertion/network.rs +++ b/common/primitives/core/src/assertion/network.rs @@ -14,7 +14,7 @@ // You should have received a copy of the GNU General Public License // along with Litentry. If not, see . -use crate::{CoreHash as Hash, String, Vec}; +use crate::{String, Vec}; use parity_scale_codec::{Decode, Encode, MaxEncodedLen}; use scale_info::TypeInfo; use sp_runtime::{traits::ConstU32, BoundedVec}; diff --git a/common/primitives/core/src/identity.rs b/common/primitives/core/src/identity.rs index ffc9940cde..81384cc3aa 100644 --- a/common/primitives/core/src/identity.rs +++ b/common/primitives/core/src/identity.rs @@ -35,7 +35,7 @@ use sp_core::{ use sp_io::hashing::blake2_256; use sp_runtime::{ traits::{BlakeTwo256, ConstU32}, - BoundedVec, RuntimeDebug, + BoundedVec, }; use strum_macros::EnumIter; @@ -359,14 +359,20 @@ impl Identity { } } - /// Currently we only support mapping from Address32/Address20 to AccountId, not opposite. - pub fn to_account_id(&self) -> Option { + /// map an `Identity` to a native parachain account that: + /// - has a private key for substrate and evm accounts, or any connect that can connect to parachain directly + /// - appears as origin when submitting extrinsics + /// + /// this account is also used within the worker as e.g. sidechain accounts + pub fn to_native_account(&self) -> Option { match self { - Identity::Substrate(address) | Identity::Solana(address) => Some(address.into()), + Identity::Substrate(address) => Some(address.into()), Identity::Evm(address) => Some(HashedAddressMapping::into_account_id( H160::from_slice(address.as_ref()), )), - Identity::Bitcoin(address) => Some(blake2_256(address.as_ref()).into()), + // we use `to_omni_account` impl for non substrate/evm web3 accounts, as they + // can't connect to the parachain directly + Identity::Bitcoin(_) | Identity::Solana(_) => Some(self.to_omni_account()), Identity::Twitter(_) | Identity::Discord(_) | Identity::Github(_) @@ -374,6 +380,14 @@ impl Identity { } } + /// derive an `OmniAccount` from `Identity` by hashing the encoded identity, + /// it should always be successful + /// + /// an `OmniAccount` has no private key and can only be controlled by its MemberAccount + pub fn to_omni_account(&self) -> AccountId { + self.hash().to_fixed_bytes().into() + } + pub fn from_did(s: &str) -> Result { let did_prefix = String::from("did:litentry:"); if s.starts_with(&did_prefix) { @@ -528,24 +542,6 @@ impl From<[u8; 33]> for Identity { } } -#[derive(Encode, Decode, TypeInfo, Clone, PartialEq, Eq, RuntimeDebug)] -pub enum MemberIdentity { - Public(Identity), - Private(Vec), -} - -impl MemberIdentity { - pub fn is_public(&self) -> bool { - matches!(self, Self::Public(..)) - } -} - -impl From for MemberIdentity { - fn from(identity: Identity) -> Self { - Self::Public(identity) - } -} - #[cfg(test)] mod tests { use super::*; diff --git a/common/primitives/core/src/lib.rs b/common/primitives/core/src/lib.rs index 1ef747b5f0..647280f5c2 100644 --- a/common/primitives/core/src/lib.rs +++ b/common/primitives/core/src/lib.rs @@ -32,10 +32,10 @@ pub use assertion::Assertion; pub mod identity; pub use identity::*; -extern crate core; +mod omni_account; +pub use omni_account::*; + use alloc::{format, str, str::FromStr, string::String, vec, vec::Vec}; -use core::hash::Hash as CoreHash; -use sp_core::H256; use sp_runtime::{traits::ConstU32, BoundedVec}; pub use constants::*; @@ -47,7 +47,7 @@ pub type ParameterString = BoundedVec>; /// Common types of parachains. mod types { - use super::H256; + use sp_core::H256; use sp_runtime::{ traits::{IdentifyAccount, Verify}, MultiSignature, diff --git a/common/primitives/core/src/omni_account.rs b/common/primitives/core/src/omni_account.rs new file mode 100644 index 0000000000..62385f802f --- /dev/null +++ b/common/primitives/core/src/omni_account.rs @@ -0,0 +1,78 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use crate::{AccountId, Hash, Identity, Vec}; +use parity_scale_codec::{Decode, Encode}; +use scale_info::TypeInfo; +use sp_io::hashing::blake2_256; +use sp_runtime::{BoundedVec, RuntimeDebug}; + +#[derive(Encode, Decode, TypeInfo, Clone, PartialEq, Eq, RuntimeDebug)] +pub enum MemberAccount { + Public(Identity), + Private(Vec, Hash), +} + +impl MemberAccount { + pub fn is_public(&self) -> bool { + matches!(self, Self::Public(..)) + } + + pub fn hash(&self) -> Hash { + match self { + Self::Public(id) => id.hash(), + Self::Private(_, h) => *h, + } + } +} + +impl From for MemberAccount { + fn from(identity: Identity) -> Self { + Self::Public(identity) + } +} + +pub trait GetAccountStoreHash { + fn hash(&self) -> Hash; +} + +pub trait OmniAccountConverter { + type OmniAccount; + fn convert(identity: &Identity) -> Self::OmniAccount; +} + +pub struct DefaultOmniAccountConverter; + +impl OmniAccountConverter for DefaultOmniAccountConverter { + type OmniAccount = AccountId; + fn convert(identity: &Identity) -> AccountId { + identity.to_omni_account() + } +} + +impl GetAccountStoreHash for BoundedVec { + fn hash(&self) -> Hash { + let hashes: Vec = self.iter().map(|member| member.hash()).collect(); + hashes.using_encoded(blake2_256).into() + } +} + +impl GetAccountStoreHash for Vec { + fn hash(&self) -> Hash { + let hashes: Vec = self.iter().map(|member| member.hash()).collect(); + hashes.using_encoded(blake2_256).into() + } +} diff --git a/common/primitives/core/src/teebag/types.rs b/common/primitives/core/src/teebag/types.rs index 5920d539ee..bf8b02edf5 100644 --- a/common/primitives/core/src/teebag/types.rs +++ b/common/primitives/core/src/teebag/types.rs @@ -14,11 +14,10 @@ // You should have received a copy of the GNU General Public License // along with Litentry. If not, see . -use crate::H256; use parity_scale_codec::{Decode, Encode}; use scale_info::TypeInfo; use serde::{Deserialize, Serialize}; -use sp_core::{ed25519::Public as Ed25519Public, RuntimeDebug}; +use sp_core::{ed25519::Public as Ed25519Public, RuntimeDebug, H256}; use sp_std::prelude::*; pub type MrSigner = [u8; 32]; diff --git a/parachain/pallets/omni-account/src/lib.rs b/parachain/pallets/omni-account/src/lib.rs index f2676ec01d..aa61609ee0 100644 --- a/parachain/pallets/omni-account/src/lib.rs +++ b/parachain/pallets/omni-account/src/lib.rs @@ -21,7 +21,7 @@ mod mock; #[cfg(test)] mod tests; -pub use core_primitives::{Identity, MemberIdentity}; +pub use core_primitives::{GetAccountStoreHash, Identity, MemberAccount, OmniAccountConverter}; pub use frame_system::pallet_prelude::BlockNumberFor; pub use pallet::*; @@ -32,34 +32,12 @@ use frame_support::{ }; use frame_system::pallet_prelude::*; use sp_core::H256; -use sp_core_hashing::blake2_256; use sp_runtime::traits::Dispatchable; use sp_std::boxed::Box; use sp_std::vec::Vec; pub type MemberCount = u32; -#[derive(Encode, Decode, TypeInfo, Clone, PartialEq, Eq, RuntimeDebug)] -pub struct MemberAccount { - pub id: MemberIdentity, - pub hash: H256, -} - -pub trait AccountIdConverter { - fn convert(identity: &Identity) -> Option; -} - -pub trait GetAccountStoreHash { - fn hash(&self) -> H256; -} - -impl GetAccountStoreHash for BoundedVec { - fn hash(&self) -> H256 { - let hashes: Vec = self.iter().map(|member| member.hash).collect(); - hashes.using_encoded(blake2_256).into() - } -} - // Customized origin for this pallet, to: // 1. to decouple `TEECallOrigin` and extrinsic that should be sent from `OmniAccount` origin only // 2. allow other pallets to specify ensure_origin using this origin @@ -112,14 +90,14 @@ pub mod pallet { #[pallet::constant] type MaxAccountStoreLength: Get; - /// AccountId converter - type AccountIdConverter: AccountIdConverter; - /// The origin that represents the customised OmniAccount type type OmniAccountOrigin: EnsureOrigin< ::RuntimeOrigin, Success = Self::AccountId, >; + + /// Convert an `Identity` to OmniAccount type + type OmniAccountConverter: OmniAccountConverter; } pub type MemberAccounts = BoundedVec::MaxAccountStoreLength>; @@ -166,10 +144,7 @@ pub mod pallet { AccountNotFound, InvalidAccount, UnknownAccountStore, - AccountIsPrivate, EmptyAccount, - AccountStoreHashMismatch, - AccountStoreHashMissing, } #[pallet::call] @@ -179,12 +154,12 @@ pub mod pallet { #[pallet::weight((195_000_000, DispatchClass::Normal))] pub fn dispatch_as_omni_account( origin: OriginFor, - account_hash: H256, + member_account_hash: H256, call: Box<::RuntimeCall>, ) -> DispatchResult { let _ = T::TEECallOrigin::ensure_origin(origin)?; - let omni_account = - MemberAccountHash::::get(account_hash).ok_or(Error::::AccountNotFound)?; + let omni_account = MemberAccountHash::::get(member_account_hash) + .ok_or(Error::::AccountNotFound)?; let result = call.dispatch(RawOrigin::OmniAccount(omni_account.clone()).into()); Self::deposit_event(Event::DispatchedAsOmniAccount { who: omni_account, @@ -199,14 +174,16 @@ pub mod pallet { #[pallet::weight((195_000_000, DispatchClass::Normal))] pub fn dispatch_as_signed( origin: OriginFor, - account_hash: H256, + member_account_hash: H256, call: Box<::RuntimeCall>, ) -> DispatchResult { let _ = T::TEECallOrigin::ensure_origin(origin)?; - let omni_account = - MemberAccountHash::::get(account_hash).ok_or(Error::::AccountNotFound)?; - let result = - call.dispatch(frame_system::RawOrigin::Signed(omni_account.clone()).into()); + let omni_account = MemberAccountHash::::get(member_account_hash) + .ok_or(Error::::AccountNotFound)?; + let result: Result< + PostDispatchInfo, + sp_runtime::DispatchErrorWithPostInfo, + > = call.dispatch(frame_system::RawOrigin::Signed(omni_account.clone()).into()); Self::deposit_event(Event::DispatchedAsSigned { who: omni_account, result: result.map(|_| ()).map_err(|e| e.error), @@ -218,37 +195,29 @@ pub mod pallet { #[pallet::weight((195_000_000, DispatchClass::Normal))] pub fn add_account( origin: OriginFor, - who: Identity, - member_account: MemberAccount, - maybe_account_store_hash: Option, + who: Identity, // `Identity` used to derive OmniAccount + member_account: MemberAccount, // account to be added ) -> DispatchResult { // We can't use `T::OmniAccountOrigin` here as the ownership of member account needs to // be firstly validated by the TEE-worker before dispatching the extrinsic let _ = T::TEECallOrigin::ensure_origin(origin)?; ensure!( - !MemberAccountHash::::contains_key(member_account.hash), + !MemberAccountHash::::contains_key(member_account.hash()), Error::::AccountAlreadyAdded ); - let who_account_id = match T::AccountIdConverter::convert(&who) { - Some(account_id) => account_id, - None => return Err(Error::::InvalidAccount.into()), - }; - let hash = member_account.hash; - let mut account_store = Self::get_or_create_account_store( - who.clone(), - who_account_id.clone(), - maybe_account_store_hash, - )?; - account_store + let hash = member_account.hash(); + let mut store = Self::get_or_create_account_store(who.clone())?; + store .try_push(member_account) .map_err(|_| Error::::AccountStoreLenLimitReached)?; - MemberAccountHash::::insert(hash, who_account_id.clone()); - AccountStoreHash::::insert(who_account_id.clone(), account_store.hash()); - AccountStore::::insert(who_account_id.clone(), account_store); + let who_account = T::OmniAccountConverter::convert(&who); + MemberAccountHash::::insert(hash, who_account.clone()); + AccountStoreHash::::insert(who_account.clone(), store.hash()); + AccountStore::::insert(who_account.clone(), store); Self::deposit_event(Event::AccountAdded { - who: who_account_id, + who: who_account, member_account_hash: hash, }); @@ -264,12 +233,14 @@ pub mod pallet { let who = T::OmniAccountOrigin::ensure_origin(origin)?; ensure!(!member_account_hashes.is_empty(), Error::::EmptyAccount); + // TODO: shall we verify if MemberAccountHash's value is actually `who`? + let mut member_accounts = AccountStore::::get(&who).ok_or(Error::::UnknownAccountStore)?; member_accounts.retain(|member| { - if member_account_hashes.contains(&member.hash) { - MemberAccountHash::::remove(member.hash); + if member_account_hashes.contains(&member.hash()) { + MemberAccountHash::::remove(member.hash()); false } else { true @@ -287,80 +258,51 @@ pub mod pallet { Ok(()) } + /// make a member account public in the AccountStore + /// we force `Identity` type to avoid misuse and additional check #[pallet::call_index(4)] #[pallet::weight((195_000_000, DispatchClass::Normal))] - pub fn publicize_account( - origin: OriginFor, - member_account_hash: H256, - public_identity: MemberIdentity, - ) -> DispatchResult { + pub fn publicize_account(origin: OriginFor, member_account: Identity) -> DispatchResult { let who = T::OmniAccountOrigin::ensure_origin(origin)?; - ensure!(public_identity.is_public(), Error::::AccountIsPrivate); + let hash = member_account.hash(); let mut member_accounts = AccountStore::::get(&who).ok_or(Error::::UnknownAccountStore)?; - let member_account = member_accounts + let m = member_accounts .iter_mut() - .find(|member| member.hash == member_account_hash) + .find(|member| member.hash() == hash) .ok_or(Error::::AccountNotFound)?; - member_account.id = public_identity; + *m = member_account.into(); AccountStore::::insert(who.clone(), member_accounts); - Self::deposit_event(Event::AccountMadePublic { who, member_account_hash }); + Self::deposit_event(Event::AccountMadePublic { who, member_account_hash: hash }); Ok(()) } } impl Pallet { - pub fn get_or_create_account_store( - who: Identity, - who_account_id: T::AccountId, - maybe_account_store_hash: Option, - ) -> Result, Error> { - match AccountStore::::get(&who_account_id) { - Some(member_accounts) => { - Self::verify_account_store_hash(&who_account_id, maybe_account_store_hash)?; - Ok(member_accounts) - }, - None => Self::create_account_store(who, who_account_id), + pub fn get_or_create_account_store(who: Identity) -> Result, Error> { + match AccountStore::::get(T::OmniAccountConverter::convert(&who)) { + Some(member_accounts) => Ok(member_accounts), + None => Self::create_account_store(who), } } - fn verify_account_store_hash( - who: &T::AccountId, - maybe_account_store_hash: Option, - ) -> Result<(), Error> { - let current_account_store_hash = - AccountStoreHash::::get(who).ok_or(Error::::AccountStoreHashMissing)?; - match maybe_account_store_hash { - Some(h) => { - ensure!(current_account_store_hash == h, Error::::AccountStoreHashMismatch); - }, - None => return Err(Error::::AccountStoreHashMissing), - } + fn create_account_store(who: Identity) -> Result, Error> { + let hash = who.hash(); + let who_account = T::OmniAccountConverter::convert(&who); - Ok(()) - } + ensure!(!MemberAccountHash::::contains_key(hash), Error::::AccountAlreadyAdded); - fn create_account_store( - owner_identity: Identity, - owner_account_id: T::AccountId, - ) -> Result, Error> { - let owner_identity_hash = owner_identity.hash(); - if MemberAccountHash::::contains_key(owner_identity_hash) { - return Err(Error::::AccountAlreadyAdded); - } let mut member_accounts: MemberAccounts = BoundedVec::new(); member_accounts - .try_push(MemberAccount { - id: MemberIdentity::from(owner_identity.clone()), - hash: owner_identity_hash, - }) + .try_push(who.into()) .map_err(|_| Error::::AccountStoreLenLimitReached)?; - MemberAccountHash::::insert(owner_identity_hash, owner_account_id.clone()); - AccountStore::::insert(owner_account_id.clone(), member_accounts.clone()); + + MemberAccountHash::::insert(hash, who_account.clone()); + AccountStore::::insert(who_account, member_accounts.clone()); Ok(member_accounts) } diff --git a/parachain/pallets/omni-account/src/mock.rs b/parachain/pallets/omni-account/src/mock.rs index 056d754096..932f77d60e 100644 --- a/parachain/pallets/omni-account/src/mock.rs +++ b/parachain/pallets/omni-account/src/mock.rs @@ -15,7 +15,7 @@ // along with Litentry. If not, see . use crate::{self as pallet_omni_account, EnsureOmniAccount}; -use core_primitives::Identity; +use core_primitives::DefaultOmniAccountConverter; use frame_support::{ assert_ok, pallet_prelude::EnsureOrigin, @@ -159,22 +159,14 @@ impl pallet_teebag::Config for TestRuntime { type WeightInfo = (); } -pub struct IdentityToAccountIdConverter; - -impl pallet_omni_account::AccountIdConverter for IdentityToAccountIdConverter { - fn convert(identity: &Identity) -> Option { - identity.to_account_id() - } -} - impl pallet_omni_account::Config for TestRuntime { type RuntimeOrigin = RuntimeOrigin; type RuntimeCall = RuntimeCall; type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; type MaxAccountStoreLength = ConstU32<3>; - type AccountIdConverter = IdentityToAccountIdConverter; type OmniAccountOrigin = EnsureOmniAccount; + type OmniAccountConverter = DefaultOmniAccountConverter; } pub fn get_tee_signer() -> SystemAccountId { diff --git a/parachain/pallets/omni-account/src/tests.rs b/parachain/pallets/omni-account/src/tests.rs index 0e3855195a..f2213e0218 100644 --- a/parachain/pallets/omni-account/src/tests.rs +++ b/parachain/pallets/omni-account/src/tests.rs @@ -17,6 +17,7 @@ use crate::{mock::*, AccountStore, MemberAccountHash, *}; use core_primitives::Identity; use frame_support::{assert_noop, assert_ok}; +use sp_core::hashing::blake2_256; use sp_runtime::{traits::BadOrigin, ModuleError}; use sp_std::vec; @@ -26,11 +27,8 @@ fn remove_accounts_call(hashes: Vec) -> Box { Box::new(call) } -fn publicize_account_call(hash: H256, id: MemberIdentity) -> Box { - let call = RuntimeCall::OmniAccount(crate::Call::publicize_account { - member_account_hash: hash, - public_identity: id, - }); +fn publicize_account_call(id: Identity) -> Box { + let call = RuntimeCall::OmniAccount(crate::Call::publicize_account { member_account: id }); Box::new(call) } @@ -46,29 +44,21 @@ fn add_account_works() { let who = alice(); let who_identity = Identity::from(who.clone()); - let who_identity_hash = who_identity.hash(); + let who_omni_account = who_identity.to_omni_account(); - let bob_member_account = MemberAccount { - id: MemberIdentity::Private(bob().encode()), - hash: Identity::from(bob()).hash(), - }; - let charlie_member_account = MemberAccount { - id: MemberIdentity::Public(Identity::from(charlie())), - hash: Identity::from(charlie()).hash(), - }; + let bob_member_account = + MemberAccount::Private(bob().encode(), Identity::from(bob()).hash()); + let charlie_member_account = MemberAccount::Public(Identity::from(charlie())); let expected_member_accounts: MemberAccounts = BoundedVec::truncate_from(vec![ - MemberAccount { - id: MemberIdentity::from(who_identity.clone()), - hash: who_identity_hash, - }, + MemberAccount::Public(who_identity.clone()), bob_member_account.clone(), ]); let expected_account_store_hash = H256::from(blake2_256( &expected_member_accounts .iter() - .map(|member| member.hash) + .map(|member| member.hash()) .collect::>() .encode(), )); @@ -77,17 +67,21 @@ fn add_account_works() { RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), bob_member_account.clone(), - None )); System::assert_last_event( - Event::AccountAdded { who: who.clone(), member_account_hash: bob_member_account.hash } - .into(), + Event::AccountAdded { + who: who_omni_account.clone(), + member_account_hash: bob_member_account.hash(), + } + .into(), ); - assert!(AccountStore::::contains_key(&who)); - assert_eq!(AccountStore::::get(&who).unwrap(), expected_member_accounts); assert_eq!( - AccountStoreHash::::get(&who).unwrap(), + AccountStore::::get(&who_omni_account).unwrap(), + expected_member_accounts + ); + assert_eq!( + AccountStoreHash::::get(&who_omni_account).unwrap(), expected_account_store_hash ); @@ -95,77 +89,40 @@ fn add_account_works() { RuntimeOrigin::signed(tee_signer), who_identity.clone(), charlie_member_account.clone(), - Some(expected_account_store_hash), )); System::assert_last_event( Event::AccountAdded { - who: who.clone(), - member_account_hash: charlie_member_account.hash, + who: who_identity.to_omni_account(), + member_account_hash: charlie_member_account.hash(), } .into(), ); let expected_member_accounts: MemberAccounts = BoundedVec::truncate_from(vec![ - MemberAccount { - id: MemberIdentity::from(who_identity.clone()), - hash: who_identity_hash, - }, + MemberAccount::Public(who_identity.clone()), bob_member_account.clone(), charlie_member_account.clone(), ]); let expected_account_store_hash = H256::from(blake2_256( &expected_member_accounts .iter() - .map(|member| member.hash) + .map(|member| member.hash()) .collect::>() .encode(), )); - assert_eq!(AccountStore::::get(&who).unwrap(), expected_member_accounts); assert_eq!( - AccountStoreHash::::get(&who).unwrap(), + AccountStore::::get(&who_omni_account).unwrap(), + expected_member_accounts + ); + assert_eq!( + AccountStoreHash::::get(&who_omni_account).unwrap(), expected_account_store_hash ); - assert!(MemberAccountHash::::contains_key(bob_member_account.hash)); - assert!(MemberAccountHash::::contains_key(charlie_member_account.hash)); - }); -} - -#[test] -fn add_account_hash_checking_works() { - new_test_ext().execute_with(|| { - let tee_signer = get_tee_signer(); - let who_identity = Identity::from(alice()); - - let bob_member_account = MemberAccount { - id: MemberIdentity::Private(bob().encode()), - hash: Identity::from(bob()).hash(), - }; - let charlie_member_account = MemberAccount { - id: MemberIdentity::Public(Identity::from(charlie())), - hash: Identity::from(charlie()).hash(), - }; - - // AccountStore gets created with the first account - assert_ok!(OmniAccount::add_account( - RuntimeOrigin::signed(tee_signer.clone()), - who_identity.clone(), - bob_member_account, - None - )); - - // to mutate AccountStore with a new account, the current account_store_hash must be provided - assert_noop!( - OmniAccount::add_account( - RuntimeOrigin::signed(tee_signer), - who_identity, - charlie_member_account, - None - ), - Error::::AccountStoreHashMissing - ); + assert!(MemberAccountHash::::contains_key(bob_member_account.hash())); + assert!(MemberAccountHash::::contains_key(charlie_member_account.hash())); }); } @@ -173,13 +130,11 @@ fn add_account_hash_checking_works() { fn add_account_origin_check_works() { new_test_ext().execute_with(|| { let who = Identity::from(alice()); - let member_account = MemberAccount { - id: MemberIdentity::Private(vec![1, 2, 3]), - hash: H256::from(blake2_256(&[1, 2, 3])), - }; + let member_account = + MemberAccount::Private(vec![1, 2, 3], H256::from(blake2_256(&[1, 2, 3]))); assert_noop!( - OmniAccount::add_account(RuntimeOrigin::signed(bob()), who, member_account, None), + OmniAccount::add_account(RuntimeOrigin::signed(bob()), who, member_account), BadOrigin ); }); @@ -192,39 +147,30 @@ fn add_account_already_linked_works() { let who = alice(); let who_identity = Identity::from(who.clone()); - let member_account = MemberAccount { - id: MemberIdentity::Public(Identity::from(bob())), - hash: Identity::from(bob()).hash(), - }; + let member_account = MemberAccount::Public(Identity::from(bob())); assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), member_account.clone(), - None )); assert_noop!( OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), member_account, - None ), Error::::AccountAlreadyAdded ); // intent to create a new AccountStore with an account that is already added let who = Identity::from(bob()); - let alice_member_account = MemberAccount { - id: MemberIdentity::Public(Identity::from(alice())), - hash: Identity::from(alice()).hash(), - }; + let alice_member_account = MemberAccount::Public(Identity::from(alice())); assert_noop!( OmniAccount::add_account( RuntimeOrigin::signed(tee_signer), who.clone(), alice_member_account, - None ), Error::::AccountAlreadyAdded ); @@ -238,120 +184,32 @@ fn add_account_store_len_limit_reached_works() { let who = alice(); let who_identity = Identity::from(who.clone()); - let who_identity_hash = who_identity.hash(); + let who_omni_account = who_identity.to_omni_account(); - let member_account_2 = MemberAccount { - id: MemberIdentity::Private(vec![1, 2, 3]), - hash: H256::from(blake2_256(&[1, 2, 3])), - }; - let member_account_3 = MemberAccount { - id: MemberIdentity::Private(vec![4, 5, 6]), - hash: H256::from(blake2_256(&[4, 5, 6])), - }; + let member_account_2 = + MemberAccount::Private(vec![1, 2, 3], H256::from(blake2_256(&[1, 2, 3]))); + let member_account_3 = + MemberAccount::Private(vec![4, 5, 6], H256::from(blake2_256(&[4, 5, 6]))); let member_accounts: MemberAccounts = BoundedVec::truncate_from(vec![ - MemberAccount { - id: MemberIdentity::from(who_identity.clone()), - hash: who_identity_hash, - }, + MemberAccount::Public(who_identity.clone()), member_account_2.clone(), member_account_3.clone(), ]); - let account_store_hash = H256::from(blake2_256(&member_accounts.encode())); - AccountStore::::insert(who.clone(), member_accounts.clone()); - AccountStoreHash::::insert(who.clone(), account_store_hash); + AccountStore::::insert(who_omni_account, member_accounts); assert_noop!( OmniAccount::add_account( RuntimeOrigin::signed(tee_signer), who_identity, - MemberAccount { - id: MemberIdentity::Private(vec![7, 8, 9]), - hash: H256::from(blake2_256(&[7, 8, 9])), - }, - Some(account_store_hash), + MemberAccount::Private(vec![7, 8, 9], H256::from(blake2_256(&[7, 8, 9]))), ), Error::::AccountStoreLenLimitReached ); }); } -#[test] -fn add_account_store_hash_mismatch_works() { - new_test_ext().execute_with(|| { - let tee_signer = get_tee_signer(); - - let who = alice(); - let who_identity = Identity::from(who.clone()); - let who_identity_hash = who_identity.hash(); - - let member_account = MemberAccount { - id: MemberIdentity::Private(vec![1, 2, 3]), - hash: H256::from(blake2_256(&[1, 2, 3])), - }; - - let member_accounts: MemberAccounts = BoundedVec::truncate_from(vec![ - MemberAccount { - id: MemberIdentity::from(who_identity.clone()), - hash: who_identity_hash, - }, - member_account.clone(), - ]); - let account_store_hash = H256::from(blake2_256( - &member_accounts.iter().map(|member| member.hash).collect::>().encode(), - )); - - assert_ok!(OmniAccount::add_account( - RuntimeOrigin::signed(tee_signer.clone()), - who_identity.clone(), - member_account.clone(), - None - )); - - assert_eq!(AccountStore::::get(&who).unwrap(), member_accounts); - assert_eq!(AccountStoreHash::::get(&who).unwrap(), account_store_hash); - - // add another account to the store with the correct AccountStoreHash - assert_ok!(OmniAccount::add_account( - RuntimeOrigin::signed(tee_signer.clone()), - who_identity.clone(), - MemberAccount { - id: MemberIdentity::Private(vec![4, 5, 6]), - hash: H256::from(blake2_256(&[4, 5, 6])), - }, - Some(account_store_hash), - )); - - let member_accounts: MemberAccounts = BoundedVec::truncate_from(vec![ - MemberAccount { - id: MemberIdentity::from(who_identity.clone()), - hash: who_identity_hash, - }, - member_account.clone(), - MemberAccount { - id: MemberIdentity::Private(vec![4, 5, 6]), - hash: H256::from(blake2_256(&[4, 5, 6])), - }, - ]); - assert_eq!(AccountStore::::get(&who).unwrap(), member_accounts); - - // attempt to add an account with an old AccountStoreHash - assert_noop!( - OmniAccount::add_account( - RuntimeOrigin::signed(tee_signer), - who_identity, - MemberAccount { - id: MemberIdentity::Private(vec![7, 8, 9]), - hash: H256::from(blake2_256(&[7, 8, 9])), - }, - Some(account_store_hash), - ), - Error::::AccountStoreHashMismatch - ); - }); -} - #[test] fn remove_account_works() { new_test_ext().execute_with(|| { @@ -359,19 +217,17 @@ fn remove_account_works() { let who = alice(); let who_identity = Identity::from(who.clone()); let who_identity_hash = who_identity.hash(); + let who_omni_account = who_identity.to_omni_account(); - let member_account = MemberAccount { - id: MemberIdentity::Private(vec![1, 2, 3]), - hash: H256::from(blake2_256(&[1, 2, 3])), - }; - let identity_hash = member_account.hash; + let member_account = + MemberAccount::Private(vec![1, 2, 3], H256::from(blake2_256(&[1, 2, 3]))); + let identity_hash = member_account.hash(); let hashes = vec![identity_hash]; assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), member_account.clone(), - None )); // normal signed origin should give `BadOrigin`, no matter @@ -382,7 +238,10 @@ fn remove_account_works() { ); assert_noop!( - OmniAccount::remove_accounts(RuntimeOrigin::signed(who.clone()), hashes.clone()), + OmniAccount::remove_accounts( + RuntimeOrigin::signed(who_omni_account.clone()), + hashes.clone() + ), sp_runtime::DispatchError::BadOrigin ); @@ -394,21 +253,25 @@ fn remove_account_works() { )); System::assert_has_event( - Event::DispatchedAsOmniAccount { who: who.clone(), result: DispatchResult::Ok(()) } - .into(), + Event::DispatchedAsOmniAccount { + who: who_omni_account.clone(), + result: DispatchResult::Ok(()), + } + .into(), ); System::assert_has_event( - Event::AccountRemoved { who: who.clone(), member_account_hashes: hashes }.into(), + Event::AccountRemoved { who: who_omni_account.clone(), member_account_hashes: hashes } + .into(), ); let expected_member_accounts: MemberAccounts = - BoundedVec::truncate_from(vec![MemberAccount { - id: MemberIdentity::Public(who_identity.clone()), - hash: who_identity_hash, - }]); + BoundedVec::truncate_from(vec![MemberAccount::Public(who_identity.clone())]); - assert_eq!(AccountStore::::get(&who).unwrap(), expected_member_accounts); + assert_eq!( + AccountStore::::get(&who_omni_account).unwrap(), + expected_member_accounts + ); assert!(!MemberAccountHash::::contains_key(identity_hash)); let call = remove_accounts_call(vec![who_identity_hash]); @@ -418,7 +281,7 @@ fn remove_account_works() { call )); - assert!(!AccountStore::::contains_key(&who)); + assert!(!AccountStore::::contains_key(&who_omni_account)); }); } @@ -429,15 +292,12 @@ fn remove_account_empty_account_check_works() { let who = alice(); let who_identity = Identity::from(who.clone()); let who_identity_hash = who_identity.hash(); + let who_omni_account = who_identity.to_omni_account(); assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity, - MemberAccount { - id: MemberIdentity::Private(vec![1, 2, 3]), - hash: H256::from(blake2_256(&[1, 2, 3])), - }, - None + MemberAccount::Private(vec![1, 2, 3], H256::from(blake2_256(&[1, 2, 3]))), )); let call = remove_accounts_call(vec![]); @@ -449,10 +309,10 @@ fn remove_account_empty_account_check_works() { )); System::assert_has_event( Event::DispatchedAsOmniAccount { - who, + who: who_omni_account, result: Err(DispatchError::Module(ModuleError { index: 5, - error: [6, 0, 0, 0], + error: [5, 0, 0, 0], message: Some("EmptyAccount"), })), } @@ -468,30 +328,29 @@ fn publicize_account_works() { let who = alice(); let who_identity = Identity::from(who.clone()); let who_identity_hash = who_identity.hash(); + let who_omni_account = who_identity.to_omni_account(); - let private_identity = MemberIdentity::Private(vec![1, 2, 3]); - let public_identity = MemberIdentity::Public(Identity::from(bob())); - let identity_hash = - H256::from(blake2_256(&Identity::from(bob()).to_did().unwrap().encode())); + let private_account = MemberAccount::Private(vec![1, 2, 3], Identity::from(bob()).hash()); + let public_account = MemberAccount::Public(Identity::from(bob())); + let public_account_hash = public_account.hash(); assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), - MemberAccount { id: private_identity.clone(), hash: identity_hash }, - None + private_account.clone() )); let expected_member_accounts: MemberAccounts = BoundedVec::truncate_from(vec![ - MemberAccount { - id: MemberIdentity::Public(who_identity.clone()), - hash: who_identity.hash(), - }, - MemberAccount { id: private_identity.clone(), hash: identity_hash }, + MemberAccount::Public(who_identity.clone()), + private_account.clone(), ]); - assert_eq!(AccountStore::::get(&who).unwrap(), expected_member_accounts); + assert_eq!( + AccountStore::::get(&who_omni_account).unwrap(), + expected_member_accounts + ); - let call = publicize_account_call(identity_hash, public_identity.clone()); + let call = publicize_account_call(Identity::from(bob())); assert_ok!(OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity_hash, @@ -499,24 +358,30 @@ fn publicize_account_works() { )); System::assert_has_event( - Event::DispatchedAsOmniAccount { who: who.clone(), result: DispatchResult::Ok(()) } - .into(), + Event::DispatchedAsOmniAccount { + who: who_omni_account.clone(), + result: DispatchResult::Ok(()), + } + .into(), ); System::assert_has_event( - Event::AccountMadePublic { who: who.clone(), member_account_hash: identity_hash } - .into(), + Event::AccountMadePublic { + who: who_omni_account.clone(), + member_account_hash: public_account_hash, + } + .into(), ); let expected_member_accounts: MemberAccounts = BoundedVec::truncate_from(vec![ - MemberAccount { - id: MemberIdentity::Public(who_identity.clone()), - hash: who_identity.hash(), - }, - MemberAccount { id: public_identity.clone(), hash: identity_hash }, + MemberAccount::Public(who_identity.clone()), + MemberAccount::Public(Identity::from(bob())), ]); - assert_eq!(AccountStore::::get(&who).unwrap(), expected_member_accounts); + assert_eq!( + AccountStore::::get(&who_omni_account).unwrap(), + expected_member_accounts + ); }); } @@ -527,14 +392,12 @@ fn publicize_account_identity_not_found_works() { let who = alice(); let who_identity = Identity::from(who.clone()); let who_identity_hash = who_identity.hash(); + let who_omni_account = who_identity.to_omni_account(); - let private_identity = MemberIdentity::Private(vec![1, 2, 3]); - let identity = Identity::from(bob()); - let public_identity = MemberIdentity::Public(identity.clone()); - let identity_hash = - H256::from(blake2_256(&Identity::from(bob()).to_did().unwrap().encode())); + let private_account = + MemberAccount::Private(vec![1, 2, 3], H256::from(blake2_256(&[1, 2, 3]))); - let call = publicize_account_call(identity_hash, public_identity.clone()); + let call = publicize_account_call(Identity::from(bob())); assert_noop!( OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), @@ -547,16 +410,12 @@ fn publicize_account_identity_not_found_works() { assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity, - MemberAccount { id: private_identity.clone(), hash: identity_hash }, - None + private_account.clone(), )); let charlie_identity = Identity::from(charlie()); - let other_identity = MemberIdentity::Public(charlie_identity.clone()); - let other_identity_hash = - H256::from(blake2_256(&charlie_identity.to_did().unwrap().encode())); - let call = publicize_account_call(other_identity_hash, other_identity); + let call = publicize_account_call(charlie_identity.clone()); assert_ok!(OmniAccount::dispatch_as_omni_account( RuntimeOrigin::signed(tee_signer.clone()), who_identity_hash, @@ -564,7 +423,7 @@ fn publicize_account_identity_not_found_works() { )); System::assert_has_event( Event::DispatchedAsOmniAccount { - who, + who: who_omni_account, result: Err(DispatchError::Module(ModuleError { index: 5, error: [2, 0, 0, 0], @@ -576,44 +435,6 @@ fn publicize_account_identity_not_found_works() { }); } -#[test] -fn publicize_account_identity_is_private_check_works() { - new_test_ext().execute_with(|| { - let tee_signer = get_tee_signer(); - let who = alice(); - let who_identity = Identity::from(who.clone()); - let who_identity_hash = who_identity.hash(); - - let private_identity = MemberIdentity::Private(vec![1, 2, 3]); - let identity_hash = Identity::from(bob()).hash(); - - assert_ok!(OmniAccount::add_account( - RuntimeOrigin::signed(tee_signer.clone()), - who_identity, - MemberAccount { id: private_identity.clone(), hash: identity_hash }, - None - )); - - let call = publicize_account_call(identity_hash, private_identity); - assert_ok!(OmniAccount::dispatch_as_omni_account( - RuntimeOrigin::signed(tee_signer.clone()), - who_identity_hash, - call - )); - System::assert_has_event( - Event::DispatchedAsOmniAccount { - who, - result: Err(DispatchError::Module(ModuleError { - index: 5, - error: [5, 0, 0, 0], - message: Some("AccountIsPrivate"), - })), - } - .into(), - ); - }); -} - #[test] fn dispatch_as_signed_works() { new_test_ext().execute_with(|| { @@ -621,15 +442,16 @@ fn dispatch_as_signed_works() { let who = alice(); let who_identity = Identity::from(who.clone()); let who_identity_hash = who_identity.hash(); + let who_omni_account = who_identity.to_omni_account(); - let private_identity = MemberIdentity::Private(vec![1, 2, 3]); - let identity_hash = Identity::from(bob()).hash(); + assert_ok!(Balances::transfer(RuntimeOrigin::signed(who.clone()), who_omni_account, 6)); + + let private_account = MemberAccount::Private(vec![1, 2, 3], Identity::from(bob()).hash()); assert_ok!(OmniAccount::add_account( RuntimeOrigin::signed(tee_signer.clone()), - who_identity, - MemberAccount { id: private_identity.clone(), hash: identity_hash }, - None + who_identity.clone(), + private_account, )); let call = make_balance_transfer_call(bob(), 5); @@ -639,7 +461,11 @@ fn dispatch_as_signed_works() { call )); System::assert_has_event( - Event::DispatchedAsSigned { who, result: DispatchResult::Ok(()) }.into(), + Event::DispatchedAsSigned { + who: who_identity.to_omni_account(), + result: DispatchResult::Ok(()), + } + .into(), ); assert_eq!(Balances::free_balance(bob()), 5); diff --git a/parachain/pallets/score-staking/src/lib.rs b/parachain/pallets/score-staking/src/lib.rs index 9d8b09aa7b..ce5f0f813a 100644 --- a/parachain/pallets/score-staking/src/lib.rs +++ b/parachain/pallets/score-staking/src/lib.rs @@ -361,7 +361,7 @@ pub mod pallet { Error::::UnauthorizedOrigin ); let account = T::AccountIdConvert::convert( - user.to_account_id().ok_or(Error::::ConvertIdentityFailed)?, + user.to_native_account().ok_or(Error::::ConvertIdentityFailed)?, ); Scores::::try_mutate(&account, |payment| { let state = ParaStaking::Pallet::::delegator_state(&account) @@ -395,7 +395,7 @@ pub mod pallet { Error::::UnauthorizedOrigin ); let account = T::AccountIdConvert::convert( - user.to_account_id().ok_or(Error::::ConvertIdentityFailed)?, + user.to_native_account().ok_or(Error::::ConvertIdentityFailed)?, ); let user_score = Scores::::get(&account).ok_or(Error::::UserNotExist)?.score; Self::update_total_score(user_score, 0)?; diff --git a/parachain/runtime/litentry/src/lib.rs b/parachain/runtime/litentry/src/lib.rs index 63ff46a5c6..3417e4080a 100644 --- a/parachain/runtime/litentry/src/lib.rs +++ b/parachain/runtime/litentry/src/lib.rs @@ -60,8 +60,8 @@ use xcm_executor::XcmExecutor; pub use constants::currency::deposit; pub use core_primitives::{ opaque, teebag::OperationalMode as TeebagOperationalMode, AccountId, Amount, AssetId, Balance, - BlockNumber, Hash, Header, Identity, Nonce, Signature, DAYS, HOURS, LITENTRY_PARA_ID, MINUTES, - SLOT_DURATION, + BlockNumber, DefaultOmniAccountConverter, Hash, Header, Identity, Nonce, Signature, DAYS, + HOURS, LITENTRY_PARA_ID, MINUTES, SLOT_DURATION, }; pub use runtime_common::currency::*; use runtime_common::{ @@ -951,22 +951,14 @@ impl pallet_identity_management::Config for Runtime { type MaxOIDCClientRedirectUris = ConstU32<10>; } -pub struct IdentityToAccountIdConverter; - -impl pallet_omni_account::AccountIdConverter for IdentityToAccountIdConverter { - fn convert(identity: &Identity) -> Option { - identity.to_account_id() - } -} - impl pallet_omni_account::Config for Runtime { type RuntimeOrigin = RuntimeOrigin; type RuntimeCall = RuntimeCall; type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; type MaxAccountStoreLength = ConstU32<64>; - type AccountIdConverter = IdentityToAccountIdConverter; type OmniAccountOrigin = EnsureOmniAccount; + type OmniAccountConverter = DefaultOmniAccountConverter; } impl pallet_bitacross::Config for Runtime { diff --git a/parachain/runtime/paseo/src/lib.rs b/parachain/runtime/paseo/src/lib.rs index 887408ebd7..410247ec29 100644 --- a/parachain/runtime/paseo/src/lib.rs +++ b/parachain/runtime/paseo/src/lib.rs @@ -69,7 +69,8 @@ use xcm_executor::XcmExecutor; pub use constants::currency::deposit; pub use core_primitives::{ opaque, teebag::OperationalMode as TeebagOperationalMode, AccountId, Amount, AssetId, Balance, - BlockNumber, Hash, Header, Identity, Nonce, Signature, DAYS, HOURS, MINUTES, SLOT_DURATION, + BlockNumber, DefaultOmniAccountConverter, Hash, Header, Identity, Nonce, Signature, DAYS, + HOURS, MINUTES, SLOT_DURATION, }; pub use runtime_common::currency::*; @@ -993,22 +994,14 @@ impl pallet_identity_management::Config for Runtime { type MaxOIDCClientRedirectUris = ConstU32<10>; } -pub struct IdentityToAccountIdConverter; - -impl pallet_omni_account::AccountIdConverter for IdentityToAccountIdConverter { - fn convert(identity: &Identity) -> Option { - identity.to_account_id() - } -} - impl pallet_omni_account::Config for Runtime { type RuntimeOrigin = RuntimeOrigin; type RuntimeCall = RuntimeCall; type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; type MaxAccountStoreLength = ConstU32<64>; - type AccountIdConverter = IdentityToAccountIdConverter; type OmniAccountOrigin = EnsureOmniAccount; + type OmniAccountConverter = DefaultOmniAccountConverter; } impl pallet_bitacross::Config for Runtime { diff --git a/parachain/runtime/rococo/src/lib.rs b/parachain/runtime/rococo/src/lib.rs index 1325f53191..bcf5efea33 100644 --- a/parachain/runtime/rococo/src/lib.rs +++ b/parachain/runtime/rococo/src/lib.rs @@ -68,8 +68,8 @@ use xcm_executor::XcmExecutor; pub use constants::currency::deposit; pub use core_primitives::{ opaque, teebag::OperationalMode as TeebagOperationalMode, AccountId, Amount, AssetId, Balance, - BlockNumber, Hash, Header, Identity, Nonce, Signature, DAYS, HOURS, MINUTES, ROCOCO_PARA_ID, - SLOT_DURATION, + BlockNumber, DefaultOmniAccountConverter, Hash, Header, Identity, Nonce, Signature, DAYS, + HOURS, MINUTES, ROCOCO_PARA_ID, SLOT_DURATION, }; pub use runtime_common::currency::*; @@ -993,22 +993,14 @@ impl pallet_identity_management::Config for Runtime { type MaxOIDCClientRedirectUris = ConstU32<10>; } -pub struct IdentityToAccountIdConverter; - -impl pallet_omni_account::AccountIdConverter for IdentityToAccountIdConverter { - fn convert(identity: &Identity) -> Option { - identity.to_account_id() - } -} - impl pallet_omni_account::Config for Runtime { type RuntimeOrigin = RuntimeOrigin; type RuntimeCall = RuntimeCall; type RuntimeEvent = RuntimeEvent; type TEECallOrigin = EnsureEnclaveSigner; type MaxAccountStoreLength = ConstU32<64>; - type AccountIdConverter = IdentityToAccountIdConverter; type OmniAccountOrigin = EnsureOmniAccount; + type OmniAccountConverter = DefaultOmniAccountConverter; } impl pallet_bitacross::Config for Runtime { diff --git a/tee-worker/bitacross/app-libs/stf/src/getter.rs b/tee-worker/bitacross/app-libs/stf/src/getter.rs index d6ce2661da..662fa355e5 100644 --- a/tee-worker/bitacross/app-libs/stf/src/getter.rs +++ b/tee-worker/bitacross/app-libs/stf/src/getter.rs @@ -166,7 +166,7 @@ impl ExecuteGetter for TrustedGetterSigned { fn execute(self) -> Option> { match self.getter { TrustedGetter::free_balance(who) => - if let Some(account_id) = who.to_account_id() { + if let Some(account_id) = who.to_native_account() { let info = System::account(&account_id); debug!("TrustedGetter free_balance"); debug!("AccountInfo for {} is {:?}", account_id_to_string(&who), info); @@ -176,7 +176,7 @@ impl ExecuteGetter for TrustedGetterSigned { None }, TrustedGetter::reserved_balance(who) => - if let Some(account_id) = who.to_account_id() { + if let Some(account_id) = who.to_native_account() { let info = System::account(&account_id); debug!("TrustedGetter reserved_balance"); debug!("AccountInfo for {} is {:?}", account_id_to_string(&who), info); @@ -198,7 +198,7 @@ impl ExecuteGetter for PublicGetter { match self { PublicGetter::some_value => Some(42u32.encode()), PublicGetter::nonce(identity) => - if let Some(account_id) = identity.to_account_id() { + if let Some(account_id) = identity.to_native_account() { let nonce = System::account_nonce(&account_id); debug!("PublicGetter nonce"); debug!("Account nonce is {}", nonce); diff --git a/tee-worker/bitacross/app-libs/stf/src/trusted_call.rs b/tee-worker/bitacross/app-libs/stf/src/trusted_call.rs index 8d8167d46b..ac2a93ffef 100644 --- a/tee-worker/bitacross/app-libs/stf/src/trusted_call.rs +++ b/tee-worker/bitacross/app-libs/stf/src/trusted_call.rs @@ -205,7 +205,8 @@ where _node_metadata_repo: Arc, ) -> Result { let sender = self.call.sender_identity().clone(); - let account_id: AccountId = sender.to_account_id().ok_or(Self::Error::InvalidAccount)?; + let account_id: AccountId = + sender.to_native_account().ok_or(Self::Error::InvalidAccount)?; let system_nonce = System::account_nonce(&account_id); ensure!(self.nonce == system_nonce, Self::Error::InvalidNonce(self.nonce, system_nonce)); @@ -221,7 +222,7 @@ where }, TrustedCall::balance_set_balance(root, who, free_balance, reserved_balance) => { let root_account_id: AccountId = - root.to_account_id().ok_or(Self::Error::InvalidAccount)?; + root.to_native_account().ok_or(Self::Error::InvalidAccount)?; ensure!( is_root::(&root_account_id), Self::Error::MissingPrivileges(root_account_id) @@ -251,7 +252,7 @@ where }, TrustedCall::balance_transfer(from, to, value) => { let origin = ita_sgx_runtime::RuntimeOrigin::signed( - from.to_account_id().ok_or(Self::Error::InvalidAccount)?, + from.to_native_account().ok_or(Self::Error::InvalidAccount)?, ); std::println!("⣿STF⣿ 🔄 balance_transfer from ⣿⣿⣿ to ⣿⣿⣿ amount ⣿⣿⣿"); // endow fee to enclave (self) @@ -304,7 +305,7 @@ where ); let origin = ita_sgx_runtime::RuntimeOrigin::signed( - account_incognito.to_account_id().ok_or(StfError::InvalidAccount)?, + account_incognito.to_native_account().ok_or(StfError::InvalidAccount)?, ); ita_sgx_runtime::BalancesCall::::transfer { dest: MultiAddress::Id(fee_recipient), @@ -315,14 +316,14 @@ where Self::Error::Dispatch(format!("Balance Unshielding error: {:?}", e.error)) })?; burn_funds( - account_incognito.to_account_id().ok_or(StfError::InvalidAccount)?, + account_incognito.to_native_account().ok_or(StfError::InvalidAccount)?, value, )?; Ok(TrustedCallResult::Empty) }, TrustedCall::balance_shield(enclave_account, who, value, parentchain_id) => { let account_id: AccountId32 = - enclave_account.to_account_id().ok_or(Self::Error::InvalidAccount)?; + enclave_account.to_native_account().ok_or(Self::Error::InvalidAccount)?; ensure_enclave_signer_account(&account_id)?; debug!( "balance_shield({}, {}, {:?})", @@ -337,7 +338,7 @@ where }, TrustedCall::timestamp_set(enclave_account, now, parentchain_id) => { let account_id: AccountId32 = - enclave_account.to_account_id().ok_or(Self::Error::InvalidAccount)?; + enclave_account.to_native_account().ok_or(Self::Error::InvalidAccount)?; ensure_enclave_signer_account(&account_id)?; // Litentry: we don't actually set the timestamp, see `BlockMetadata` warn!("unused timestamp_set({}, {:?})", now, parentchain_id); diff --git a/tee-worker/common/core-primitives/stf-primitives/src/types.rs b/tee-worker/common/core-primitives/stf-primitives/src/types.rs index a96da4087c..db1f8c1d62 100644 --- a/tee-worker/common/core-primitives/stf-primitives/src/types.rs +++ b/tee-worker/common/core-primitives/stf-primitives/src/types.rs @@ -109,8 +109,8 @@ where pub fn signed_caller_account(&self) -> Option { match self { - TrustedOperation::direct_call(c) => c.sender_identity().to_account_id(), - TrustedOperation::indirect_call(c) => c.sender_identity().to_account_id(), + TrustedOperation::direct_call(c) => c.sender_identity().to_native_account(), + TrustedOperation::indirect_call(c) => c.sender_identity().to_native_account(), _ => None, } } diff --git a/tee-worker/common/core-primitives/types/src/parentchain/events.rs b/tee-worker/common/core-primitives/types/src/parentchain/events.rs index 0442e2094d..e013f159b1 100644 --- a/tee-worker/common/core-primitives/types/src/parentchain/events.rs +++ b/tee-worker/common/core-primitives/types/src/parentchain/events.rs @@ -293,7 +293,7 @@ pub struct RelayerAdded { impl core::fmt::Display for RelayerAdded { fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result { - if let Some(account_id) = self.who.to_account_id() { + if let Some(account_id) = self.who.to_native_account() { let message = format!("RelayerAdded :: account_id: {:?}", account_id); write!(f, "{}", message) } else { @@ -314,7 +314,7 @@ pub struct RelayerRemoved { impl core::fmt::Display for RelayerRemoved { fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result { - if let Some(account_id) = self.who.to_account_id() { + if let Some(account_id) = self.who.to_native_account() { let message = format!("RelayerRemoved :: account_id: {:?}", account_id); write!(f, "{}", message) } else { diff --git a/tee-worker/identity/app-libs/stf/src/getter.rs b/tee-worker/identity/app-libs/stf/src/getter.rs index 7ece797689..d8a4640393 100644 --- a/tee-worker/identity/app-libs/stf/src/getter.rs +++ b/tee-worker/identity/app-libs/stf/src/getter.rs @@ -213,7 +213,7 @@ impl ExecuteGetter for TrustedGetterSigned { fn execute(self) -> Option> { match self.getter { TrustedGetter::free_balance(who) => - if let Some(account_id) = who.to_account_id() { + if let Some(account_id) = who.to_native_account() { let info = System::account(&account_id); debug!("TrustedGetter free_balance"); debug!("AccountInfo for {} is {:?}", account_id_to_string(&who), info); @@ -223,7 +223,7 @@ impl ExecuteGetter for TrustedGetterSigned { None }, TrustedGetter::reserved_balance(who) => - if let Some(account_id) = who.to_account_id() { + if let Some(account_id) = who.to_native_account() { let info = System::account(&account_id); debug!("TrustedGetter reserved_balance"); debug!("AccountInfo for {} is {:?}", account_id_to_string(&who), info); @@ -234,7 +234,7 @@ impl ExecuteGetter for TrustedGetterSigned { }, #[cfg(feature = "evm")] TrustedGetter::evm_nonce(who) => - if let Some(account_id) = who.to_account_id() { + if let Some(account_id) = who.to_native_account() { let evm_account = get_evm_account(&account_id); let evm_account = HashedAddressMapping::into_account_id(evm_account); let nonce = System::account_nonce(&evm_account); @@ -279,7 +279,7 @@ impl ExecuteGetter for PublicGetter { match self { PublicGetter::some_value => Some(42u32.encode()), PublicGetter::nonce(identity) => - if let Some(account_id) = identity.to_account_id() { + if let Some(account_id) = identity.to_native_account() { let nonce = System::account_nonce(&account_id); debug!("PublicGetter nonce"); debug!("Account nonce is {}", nonce); diff --git a/tee-worker/identity/app-libs/stf/src/trusted_call.rs b/tee-worker/identity/app-libs/stf/src/trusted_call.rs index 567069faf9..92be79ded3 100644 --- a/tee-worker/identity/app-libs/stf/src/trusted_call.rs +++ b/tee-worker/identity/app-libs/stf/src/trusted_call.rs @@ -393,7 +393,8 @@ where node_metadata_repo: Arc, ) -> Result { let sender = self.call.sender_identity().clone(); - let account_id: AccountId = sender.to_account_id().ok_or(Self::Error::InvalidAccount)?; + let account_id: AccountId = + sender.to_native_account().ok_or(Self::Error::InvalidAccount)?; let system_nonce = System::account_nonce(&account_id); ensure!(self.nonce == system_nonce, Self::Error::InvalidNonce(self.nonce, system_nonce)); @@ -409,7 +410,7 @@ where }, TrustedCall::balance_set_balance(root, who, free_balance, reserved_balance) => { let root_account_id: AccountId = - root.to_account_id().ok_or(Self::Error::InvalidAccount)?; + root.to_native_account().ok_or(Self::Error::InvalidAccount)?; ensure!( is_root::(&root_account_id), Self::Error::MissingPrivileges(root_account_id) @@ -439,7 +440,7 @@ where }, TrustedCall::balance_transfer(from, to, value) => { let origin = ita_sgx_runtime::RuntimeOrigin::signed( - from.to_account_id().ok_or(Self::Error::InvalidAccount)?, + from.to_native_account().ok_or(Self::Error::InvalidAccount)?, ); std::println!("⣿STF⣿ 🔄 balance_transfer from ⣿⣿⣿ to ⣿⣿⣿ amount ⣿⣿⣿"); // endow fee to enclave (self) @@ -473,7 +474,7 @@ where }, TrustedCall::timestamp_set(enclave_account, now, parentchain_id) => { let account_id: AccountId32 = - enclave_account.to_account_id().ok_or(Self::Error::InvalidAccount)?; + enclave_account.to_native_account().ok_or(Self::Error::InvalidAccount)?; ensure_enclave_signer_account(&account_id)?; // Litentry: we don't actually set the timestamp, see `BlockMetadata` warn!("unused timestamp_set({}, {:?})", now, parentchain_id); @@ -485,7 +486,7 @@ where debug!("evm_withdraw({}, {}, {})", account_id_to_string(&from), address, value); ita_sgx_runtime::EvmCall::::withdraw { address, value } .dispatch_bypass_filter(ita_sgx_runtime::RuntimeOrigin::signed( - from.to_account_id().ok_or(Self::Error::InvalidAccount)?, + from.to_native_account().ok_or(Self::Error::InvalidAccount)?, )) .map_err(|e| { Self::Error::Dispatch(format!("Evm Withdraw error: {:?}", e.error)) @@ -523,7 +524,7 @@ where access_list, } .dispatch_bypass_filter(ita_sgx_runtime::RuntimeOrigin::signed( - from.to_account_id().ok_or(Self::Error::InvalidAccount)?, + from.to_native_account().ok_or(Self::Error::InvalidAccount)?, )) .map_err(|e| Self::Error::Dispatch(format!("Evm Call error: {:?}", e.error)))?; Ok(TrustedCallResult::Empty) @@ -559,7 +560,7 @@ where access_list, } .dispatch_bypass_filter(ita_sgx_runtime::RuntimeOrigin::signed( - from.to_account_id().ok_or(Self::Error::InvalidAccount)?, + from.to_native_account().ok_or(Self::Error::InvalidAccount)?, )) .map_err(|e| Self::Error::Dispatch(format!("Evm Create error: {:?}", e.error)))?; let contract_address = evm_create_address(source, nonce_evm_account); @@ -598,7 +599,7 @@ where access_list, } .dispatch_bypass_filter(ita_sgx_runtime::RuntimeOrigin::signed( - from.to_account_id().ok_or(Self::Error::InvalidAccount)?, + from.to_native_account().ok_or(Self::Error::InvalidAccount)?, )) .map_err(|e| Self::Error::Dispatch(format!("Evm Create2 error: {:?}", e.error)))?; let contract_address = evm_create2_address(source, salt, code_hash); @@ -620,7 +621,7 @@ where debug!("link_identity, who: {}", account_id_to_string(&who)); let verification_done = Self::link_identity_internal( shard, - signer.to_account_id().ok_or(Self::Error::InvalidAccount)?, + signer.to_native_account().ok_or(Self::Error::InvalidAccount)?, who.clone(), identity.clone(), validation_data, @@ -659,7 +660,7 @@ where TrustedCall::remove_identity(signer, who, identities) => { debug!("remove_identity, who: {}", account_id_to_string(&who)); - let account = signer.to_account_id().ok_or(Self::Error::InvalidAccount)?; + let account = signer.to_native_account().ok_or(Self::Error::InvalidAccount)?; use crate::helpers::ensure_enclave_signer_or_alice; ensure!( ensure_enclave_signer_or_alice(&account), @@ -679,7 +680,7 @@ where let old_id_graph = IMT::id_graph(&who); Self::deactivate_identity_internal( - signer.to_account_id().ok_or(Self::Error::InvalidAccount)?, + signer.to_native_account().ok_or(Self::Error::InvalidAccount)?, who.clone(), identity, ) @@ -724,7 +725,7 @@ where let old_id_graph = IMT::id_graph(&who); Self::activate_identity_internal( - signer.to_account_id().ok_or(Self::Error::InvalidAccount)?, + signer.to_native_account().ok_or(Self::Error::InvalidAccount)?, who.clone(), identity, ) @@ -867,7 +868,7 @@ where TrustedCall::maybe_create_id_graph(signer, who) => { debug!("maybe_create_id_graph, who: {:?}", who); let signer_account: AccountId32 = - signer.to_account_id().ok_or(Self::Error::InvalidAccount)?; + signer.to_native_account().ok_or(Self::Error::InvalidAccount)?; ensure_enclave_signer_account(&signer_account)?; // we only log the error @@ -882,7 +883,7 @@ where TrustedCall::clean_id_graphs(signer) => { debug!("clean_id_graphs"); - let account = signer.to_account_id().ok_or(Self::Error::InvalidAccount)?; + let account = signer.to_native_account().ok_or(Self::Error::InvalidAccount)?; use crate::helpers::ensure_enclave_signer_or_alice; ensure!( ensure_enclave_signer_or_alice(&account), diff --git a/tee-worker/identity/app-libs/stf/src/trusted_call_litentry.rs b/tee-worker/identity/app-libs/stf/src/trusted_call_litentry.rs index ea4bf0ed1b..a41de7576d 100644 --- a/tee-worker/identity/app-libs/stf/src/trusted_call_litentry.rs +++ b/tee-worker/identity/app-libs/stf/src/trusted_call_litentry.rs @@ -57,7 +57,7 @@ impl TrustedCallSigned { req_ext_hash: H256, ) -> StfResult { ensure!( - ensure_enclave_signer_or_self(&signer, who.to_account_id()), + ensure_enclave_signer_or_self(&signer, who.to_native_account()), StfError::LinkIdentityFailed(ErrorDetail::UnauthorizedSigner) ); @@ -111,7 +111,7 @@ impl TrustedCallSigned { identity: Identity, ) -> StfResult<()> { ensure!( - ensure_enclave_signer_or_self(&signer, who.to_account_id()), + ensure_enclave_signer_or_self(&signer, who.to_native_account()), StfError::DeactivateIdentityFailed(ErrorDetail::UnauthorizedSigner) ); @@ -128,7 +128,7 @@ impl TrustedCallSigned { identity: Identity, ) -> StfResult<()> { ensure!( - ensure_enclave_signer_or_self(&signer, who.to_account_id()), + ensure_enclave_signer_or_self(&signer, who.to_native_account()), StfError::ActivateIdentityFailed(ErrorDetail::UnauthorizedSigner) ); @@ -190,7 +190,7 @@ impl TrustedCallSigned { let old_id_graph = IMT::id_graph(&who); Self::link_identity_callback_internal( - signer.to_account_id().ok_or(StfError::InvalidAccount)?, + signer.to_native_account().ok_or(StfError::InvalidAccount)?, who.clone(), identity, web3networks, diff --git a/tee-worker/identity/cli/src/base_cli/commands/litentry/link_identity.rs b/tee-worker/identity/cli/src/base_cli/commands/litentry/link_identity.rs index bb13dd9b73..ec554f0b95 100644 --- a/tee-worker/identity/cli/src/base_cli/commands/litentry/link_identity.rs +++ b/tee-worker/identity/cli/src/base_cli/commands/litentry/link_identity.rs @@ -115,7 +115,7 @@ impl LinkIdentityCommand { let tee_shielding_key = get_shielding_key(cli).unwrap(); let encrypted_web3network = tee_shielding_key.encrypt(&web3network.encode()).unwrap(); - let identity_account_id = identity.to_account_id().unwrap(); + let identity_account_id = identity.to_native_account().unwrap(); let identity_public_key = format!("{}", identity_account_id); let identity_pair: sr25519_core::Pair = get_pair_from_str(&identity_public_key).into(); diff --git a/tee-worker/identity/enclave-runtime/src/rpc/common_api.rs b/tee-worker/identity/enclave-runtime/src/rpc/common_api.rs index a0178c754f..48c85a11dc 100644 --- a/tee-worker/identity/enclave-runtime/src/rpc/common_api.rs +++ b/tee-worker/identity/enclave-runtime/src/rpc/common_api.rs @@ -138,7 +138,7 @@ pub fn add_common_api - if let Some(account_id) = identity.to_account_id() { + if let Some(account_id) = identity.to_native_account() { account_id } else { return Ok(json!(compute_hex_encoded_return_error( @@ -427,7 +427,7 @@ pub fn add_common_api { let account_id = match Identity::from_did(encoded_did.as_str()) { Ok(identity) => - if let Some(account_id) = identity.to_account_id() { + if let Some(account_id) = identity.to_native_account() { account_id } else { return Ok(json!(compute_hex_encoded_return_error("Invalid identity"))) @@ -465,7 +465,7 @@ pub fn add_common_api { let account_id = match Identity::from_did(encoded_did.as_str()) { Ok(identity) => - if let Some(account_id) = identity.to_account_id() { + if let Some(account_id) = identity.to_native_account() { account_id } else { return Ok(json!(compute_hex_encoded_return_error("Invalid identity"))) diff --git a/tee-worker/identity/litentry/core/assertion-build/src/lit_staking.rs b/tee-worker/identity/litentry/core/assertion-build/src/lit_staking.rs index 6d695668aa..36826426f0 100644 --- a/tee-worker/identity/litentry/core/assertion-build/src/lit_staking.rs +++ b/tee-worker/identity/litentry/core/assertion-build/src/lit_staking.rs @@ -192,7 +192,7 @@ impl DelegatorState { // 0xa686a3043d0adcf2fa655e57bc595a78131da8bc800de21b19b3ba9ed33cfacc let params = "0xa686a3043d0adcf2fa655e57bc595a78131da8bc800de21b19b3ba9ed33cfacc"; let acc = identity - .to_account_id() + .to_native_account() .ok_or(Error::RequestVCFailed(Assertion::LITStaking, ErrorDetail::ParseError))?; let cocat = Twox64Concat::hash(acc.as_ref()); diff --git a/tee-worker/identity/litentry/core/identity-verification/src/web2/mod.rs b/tee-worker/identity/litentry/core/identity-verification/src/web2/mod.rs index bac2c85022..1bac3a62b5 100644 --- a/tee-worker/identity/litentry/core/identity-verification/src/web2/mod.rs +++ b/tee-worker/identity/litentry/core/identity-verification/src/web2/mod.rs @@ -92,7 +92,7 @@ pub fn verify( .map_err(|e| Error::LinkIdentityFailed(e.into_error_detail()))?; let state = vec_to_string(state.to_vec()) .map_err(|e| Error::LinkIdentityFailed(e.into_error_detail()))?; - let Some(account_id) = who.to_account_id() else { + let Some(account_id) = who.to_native_account() else { return Err(Error::LinkIdentityFailed(ErrorDetail::ParseError)); }; let (code_verifier, state_verifier) = @@ -207,7 +207,7 @@ pub fn verify( .map_err(|e| Error::LinkIdentityFailed(e.into_error_detail()))?; let verification_code = vec_to_string(data.verification_code.to_vec()) .map_err(|e| Error::LinkIdentityFailed(e.into_error_detail()))?; - let Some(account_id) = who.to_account_id() else { + let Some(account_id) = who.to_native_account() else { return Err(Error::LinkIdentityFailed(ErrorDetail::ParseError)); }; let stored_verification_code = diff --git a/tee-worker/identity/litentry/core/stf-task/receiver/src/lib.rs b/tee-worker/identity/litentry/core/stf-task/receiver/src/lib.rs index 87301516f0..2402623ca5 100644 --- a/tee-worker/identity/litentry/core/stf-task/receiver/src/lib.rs +++ b/tee-worker/identity/litentry/core/stf-task/receiver/src/lib.rs @@ -162,7 +162,7 @@ where .author_api .get_pending_trusted_calls_for( *shard, - &trusted_call.sender_identity().to_account_id().ok_or_else(|| { + &trusted_call.sender_identity().to_native_account().ok_or_else(|| { Error::OtherError(format!( "Not a valid account: {:?}", trusted_call.sender_identity() diff --git a/tee-worker/identity/litentry/core/vc-task/receiver/src/lib.rs b/tee-worker/identity/litentry/core/vc-task/receiver/src/lib.rs index d8cce8567f..31d13726e6 100644 --- a/tee-worker/identity/litentry/core/vc-task/receiver/src/lib.rs +++ b/tee-worker/identity/litentry/core/vc-task/receiver/src/lib.rs @@ -542,7 +542,7 @@ where ensure!(!identities.is_empty(), RequestVcErrorDetail::NoEligibleIdentity); let signer_account = - signer.to_account_id().ok_or(RequestVcErrorDetail::InvalidSignerAccount)?; + signer.to_native_account().ok_or(RequestVcErrorDetail::InvalidSignerAccount)?; match assertion { // the signer will be checked inside A13, as we don't seem to have access to ocall_api here From 419f861ff69aa7253cd084165dbc5eedbc652693 Mon Sep 17 00:00:00 2001 From: BillyWooo Date: Mon, 14 Oct 2024 22:49:40 +0200 Subject: [PATCH 11/17] Script improvment (#3111) * dockerfile remove warnings * optimization * update * cancel parachain image build --pull flag * rm test message * keep the old logic: if no tag is given, use 'latest'. --------- Co-authored-by: mi1ktea <871158362@qq.com> --- parachain/docker/Dockerfile | 12 ++--- parachain/scripts/build-docker.sh | 59 ++++++++++++++------- tee-worker/bitacross/build.Dockerfile | 32 +++++------ tee-worker/bitacross/docker/fork.Dockerfile | 2 +- tee-worker/identity/build.Dockerfile | 32 +++++------ tee-worker/identity/docker/fork.Dockerfile | 2 +- 6 files changed, 79 insertions(+), 60 deletions(-) diff --git a/parachain/docker/Dockerfile b/parachain/docker/Dockerfile index a6fc72bc82..15635da8b8 100644 --- a/parachain/docker/Dockerfile +++ b/parachain/docker/Dockerfile @@ -26,7 +26,7 @@ LABEL maintainer="Trust Computing GmbH " ARG PROFILE -COPY --from=builder /litentry/parachain/target/$PROFILE/litentry-collator /usr/local/bin/ +COPY --from=local-builder:latest /litentry/parachain/target/$PROFILE/litentry-collator /usr/local/bin/ # install netcat for healthcheck RUN apt-get update && \ @@ -58,8 +58,8 @@ FROM ubuntu:22.04 AS chain-aio LABEL maintainer="Trust Computing GmbH " ARG PROFILE -ENV NVM_DIR /opt/nvm -ENV ZOMBIENET_VERSION v1.3.109 +ENV NVM_DIR=/opt/nvm +ENV ZOMBIENET_VERSION=v1.3.109 # install netcat for healthcheck RUN apt-get update && \ @@ -84,7 +84,7 @@ RUN apt-get update && \ nvm install 18 && \ nvm use 18 && \ apt-get clean && \ - rm -rf /var/cache/apt/lists + rm -rf /var/cache/apt/lists RUN echo "downloading zombienet-linux-x64 ..." && \ curl -L -s -O "https://github.com/paritytech/zombienet/releases/download/$ZOMBIENET_VERSION/zombienet-linux-x64" && \ @@ -95,8 +95,8 @@ RUN echo "downloading zombienet-linux-x64 ..." && \ RUN useradd -m -u 1000 -U -s /bin/sh -d /litentry litentry && \ mkdir -p /opt/litentry/parachain /code && \ chown -R litentry:litentry /opt/litentry - -COPY --from=builder /litentry/parachain/target/$PROFILE/litentry-collator /usr/local/bin/ + +COPY --from=local-builder:latest /litentry/parachain/target/$PROFILE/litentry-collator /usr/local/bin/ RUN chmod +x /usr/local/bin/litentry-collator && \ # check if executable works in this container /usr/local/bin/litentry-collator --version diff --git a/parachain/scripts/build-docker.sh b/parachain/scripts/build-docker.sh index 9f7e41f455..bae10a63a8 100755 --- a/parachain/scripts/build-docker.sh +++ b/parachain/scripts/build-docker.sh @@ -47,9 +47,9 @@ GITUSER=litentry GITREPO=litentry-parachain PROXY="${HTTP_PROXY//localhost/host.docker.internal}" -# Build the image +# Build the local-builder image echo "------------------------------------------------------------" -echo "Building ${GITUSER}/${GITREPO}:${TAG} docker image ..." +echo "Building local-builder:latest docker image ..." docker build ${NOCACHE_FLAG} --pull -f ./parachain/docker/Dockerfile \ --build-arg PROFILE="$PROFILE" \ --build-arg BUILD_ARGS="$ARGS" \ @@ -59,26 +59,15 @@ docker build ${NOCACHE_FLAG} --pull -f ./parachain/docker/Dockerfile \ --build-arg https_proxy="$PROXY" \ --add-host=host.docker.internal:host-gateway \ --network host \ - --target parachain \ - -t ${GITUSER}/${GITREPO}:${TAG} . - -# Tag it with latest if no tag parameter was provided -[ -z "$2" ] && docker tag ${GITUSER}/${GITREPO}:${TAG} ${GITUSER}/${GITREPO}:latest - -# Show the list of available images for this repo -echo "Image is ready" -echo "------------------------------------------------------------" -docker images | grep ${GITREPO} + --target builder \ + --tag local-builder:latest . -# =================================================================================== -GITUSER=litentry -GITREPO=litentry-chain-aio -PROXY="${HTTP_PROXY//localhost/host.docker.internal}" +docker images # Build the image echo "------------------------------------------------------------" echo "Building ${GITUSER}/${GITREPO}:${TAG} docker image ..." -docker build ${NOCACHE_FLAG} --pull -f ./parachain/docker/Dockerfile \ +docker build ${NOCACHE_FLAG} -f ./parachain/docker/Dockerfile \ --build-arg PROFILE="$PROFILE" \ --build-arg BUILD_ARGS="$ARGS" \ --build-arg HTTP_PROXY="$PROXY" \ @@ -87,8 +76,8 @@ docker build ${NOCACHE_FLAG} --pull -f ./parachain/docker/Dockerfile \ --build-arg https_proxy="$PROXY" \ --add-host=host.docker.internal:host-gateway \ --network host \ - --target chain-aio \ - -t ${GITUSER}/${GITREPO}:${TAG} . + --target parachain \ + --tag ${GITUSER}/${GITREPO}:${TAG} . # Tag it with latest if no tag parameter was provided [ -z "$2" ] && docker tag ${GITUSER}/${GITREPO}:${TAG} ${GITUSER}/${GITREPO}:latest @@ -96,4 +85,34 @@ docker build ${NOCACHE_FLAG} --pull -f ./parachain/docker/Dockerfile \ # Show the list of available images for this repo echo "Image is ready" echo "------------------------------------------------------------" -docker images | grep ${GITREPO} \ No newline at end of file +docker images | grep ${GITREPO} + +# =================================================================================== +if [ -z "$2" ] || [ "$TAG" = "latest" ]; then + GITUSER=litentry + GITREPO=litentry-chain-aio + PROXY="${HTTP_PROXY//localhost/host.docker.internal}" + + # Build the image + echo "------------------------------------------------------------" + echo "Building ${GITUSER}/${GITREPO}:${TAG} docker image ..." + docker build ${NOCACHE_FLAG} -f ./parachain/docker/Dockerfile \ + --build-arg PROFILE="$PROFILE" \ + --build-arg BUILD_ARGS="$ARGS" \ + --build-arg HTTP_PROXY="$PROXY" \ + --build-arg HTTPS_PROXY="$PROXY" \ + --build-arg http_proxy="$PROXY" \ + --build-arg https_proxy="$PROXY" \ + --add-host=host.docker.internal:host-gateway \ + --network host \ + --target chain-aio \ + --tag ${GITUSER}/${GITREPO}:${TAG} . + + # Tag it with latest if no tag parameter was provided + [ -z "$2" ] && docker tag ${GITUSER}/${GITREPO}:${TAG} ${GITUSER}/${GITREPO}:latest + + # Show the list of available images for this repo + echo "Image is ready" + echo "------------------------------------------------------------" + docker images | grep ${GITREPO} +fi diff --git a/tee-worker/bitacross/build.Dockerfile b/tee-worker/bitacross/build.Dockerfile index a9c342461e..d3f5fda9d3 100644 --- a/tee-worker/bitacross/build.Dockerfile +++ b/tee-worker/bitacross/build.Dockerfile @@ -23,11 +23,11 @@ FROM litentry/litentry-tee-dev:latest AS builder LABEL maintainer="Trust Computing GmbH " # set environment variables -ENV SGX_SDK /opt/sgxsdk -ENV PATH "$PATH:${SGX_SDK}/bin:${SGX_SDK}/bin/x64:/opt/rust/bin" -ENV PKG_CONFIG_PATH "${PKG_CONFIG_PATH}:${SGX_SDK}/pkgconfig" -ENV LD_LIBRARY_PATH "${LD_LIBRARY_PATH}:${SGX_SDK}/sdk_libs" -ENV CARGO_NET_GIT_FETCH_WITH_CLI true +ENV SGX_SDK=/opt/sgxsdk +ENV PATH="$PATH:${SGX_SDK}/bin:${SGX_SDK}/bin/x64:/opt/rust/bin" +ENV PKG_CONFIG_PATH="${PKG_CONFIG_PATH}:${SGX_SDK}/pkgconfig" +ENV LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${SGX_SDK}/sdk_libs" +ENV CARGO_NET_GIT_FETCH_WITH_CLI=true ENV SCCACHE_CACHE_SIZE="20G" ENV SCCACHE_DIR="/opt/rust/sccache" @@ -81,8 +81,8 @@ LABEL maintainer="Trust Computing GmbH " ARG SCRIPT_DIR=/usr/local/worker-cli ARG LOG_DIR=/usr/local/log -ENV SCRIPT_DIR ${SCRIPT_DIR} -ENV LOG_DIR ${LOG_DIR} +ENV SCRIPT_DIR=${SCRIPT_DIR} +ENV LOG_DIR=${LOG_DIR} COPY --from=local-builder:latest /home/ubuntu/tee-worker/bitacross/bin/bitacross-cli /usr/local/bin COPY --from=local-builder:latest /home/ubuntu/tee-worker/bitacross/cli/*.sh /usr/local/worker-cli/ @@ -114,8 +114,8 @@ RUN chmod +x /usr/local/bin/bitacross-worker RUN ls -al /usr/local/bin # checks -ENV SGX_SDK /opt/sgxsdk -ENV SGX_ENCLAVE_SIGNER $SGX_SDK/bin/x64/sgx_sign +ENV SGX_SDK=/opt/sgxsdk +ENV SGX_ENCLAVE_SIGNER=$SGX_SDK/bin/x64/sgx_sign ENV LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/intel/sgx-aesm-service/aesm:$SGX_SDK/sdk_libs ENV AESM_PATH=/opt/intel/sgx-aesm-service/aesm @@ -148,12 +148,12 @@ COPY --from=local-builder:latest /lib/x86_64-linux-gnu/libsgx* /lib/x86_64-linux COPY --from=local-builder:latest /lib/x86_64-linux-gnu/libdcap* /lib/x86_64-linux-gnu/ COPY --from=local-builder:latest /lib/x86_64-linux-gnu/libprotobuf* /lib/x86_64-linux-gnu/ -ENV DEBIAN_FRONTEND noninteractive -ENV TERM xterm -ENV SGX_SDK /opt/sgxsdk -ENV PATH "$PATH:${SGX_SDK}/bin:${SGX_SDK}/bin/x64:/opt/rust/bin" -ENV PKG_CONFIG_PATH "${PKG_CONFIG_PATH}:${SGX_SDK}/pkgconfig" -ENV LD_LIBRARY_PATH "${LD_LIBRARY_PATH}:${SGX_SDK}/sdk_libs" +ENV DEBIAN_FRONTEND=noninteractive +ENV TERM=xterm +ENV SGX_SDK=/opt/sgxsdk +ENV PATH="$PATH:${SGX_SDK}/bin:${SGX_SDK}/bin/x64:/opt/rust/bin" +ENV PKG_CONFIG_PATH="${PKG_CONFIG_PATH}:${SGX_SDK}/pkgconfig" +ENV LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${SGX_SDK}/sdk_libs" RUN mkdir -p /origin /data @@ -171,7 +171,7 @@ RUN touch spid.txt key.txt && \ RUN ldd /usr/local/bin/bitacross-worker && /usr/local/bin/bitacross-worker --version -ENV DATA_DIR /data +ENV DATA_DIR=/data USER litentry WORKDIR /data diff --git a/tee-worker/bitacross/docker/fork.Dockerfile b/tee-worker/bitacross/docker/fork.Dockerfile index 3a2df5bb85..e92c8d129a 100644 --- a/tee-worker/bitacross/docker/fork.Dockerfile +++ b/tee-worker/bitacross/docker/fork.Dockerfile @@ -21,6 +21,6 @@ COPY --from=gaiaadm/pumba /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-c COPY --from=gaiaadm/pumba /pumba /usr/local/bin/pumba COPY --from=powerman/dockerize /usr/local/bin/dockerize /usr/local/bin/dockerize -ENV PATH "$PATH:/usr/local/bin" +ENV PATH="$PATH:/usr/local/bin" ENTRYPOINT ["/usr/local/bin/dockerize"] \ No newline at end of file diff --git a/tee-worker/identity/build.Dockerfile b/tee-worker/identity/build.Dockerfile index 6ea754ca3c..e6b19b2983 100644 --- a/tee-worker/identity/build.Dockerfile +++ b/tee-worker/identity/build.Dockerfile @@ -22,11 +22,11 @@ FROM litentry/litentry-tee-dev:latest AS builder LABEL maintainer="Trust Computing GmbH " # set environment variables -ENV SGX_SDK /opt/sgxsdk -ENV PATH "$PATH:${SGX_SDK}/bin:${SGX_SDK}/bin/x64:/opt/rust/bin" -ENV PKG_CONFIG_PATH "${PKG_CONFIG_PATH}:${SGX_SDK}/pkgconfig" -ENV LD_LIBRARY_PATH "${LD_LIBRARY_PATH}:${SGX_SDK}/sdk_libs" -ENV CARGO_NET_GIT_FETCH_WITH_CLI true +ENV SGX_SDK=/opt/sgxsdk +ENV PATH="$PATH:${SGX_SDK}/bin:${SGX_SDK}/bin/x64:/opt/rust/bin" +ENV PKG_CONFIG_PATH="${PKG_CONFIG_PATH}:${SGX_SDK}/pkgconfig" +ENV LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${SGX_SDK}/sdk_libs" +ENV CARGO_NET_GIT_FETCH_WITH_CLI=true ENV SCCACHE_CACHE_SIZE="20G" ENV SCCACHE_DIR="/opt/rust/sccache" @@ -97,8 +97,8 @@ LABEL maintainer="Trust Computing GmbH " ARG SCRIPT_DIR=/usr/local/worker-cli ARG LOG_DIR=/usr/local/log -ENV SCRIPT_DIR ${SCRIPT_DIR} -ENV LOG_DIR ${LOG_DIR} +ENV SCRIPT_DIR=${SCRIPT_DIR} +ENV LOG_DIR=${LOG_DIR} COPY --from=local-builder:latest /home/ubuntu/tee-worker/identity/bin/litentry-cli /usr/local/bin COPY --from=local-builder:latest /home/ubuntu/tee-worker/identity/cli/*.sh /usr/local/worker-cli/ @@ -130,8 +130,8 @@ RUN chmod +x /usr/local/bin/litentry-worker RUN ls -al /usr/local/bin # checks -ENV SGX_SDK /opt/sgxsdk -ENV SGX_ENCLAVE_SIGNER $SGX_SDK/bin/x64/sgx_sign +ENV SGX_SDK=/opt/sgxsdk +ENV SGX_ENCLAVE_SIGNER=$SGX_SDK/bin/x64/sgx_sign ENV LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/intel/sgx-aesm-service/aesm:$SGX_SDK/sdk_libs ENV AESM_PATH=/opt/intel/sgx-aesm-service/aesm @@ -164,12 +164,12 @@ COPY --from=local-builder:latest /lib/x86_64-linux-gnu/libsgx* /lib/x86_64-linux COPY --from=local-builder:latest /lib/x86_64-linux-gnu/libdcap* /lib/x86_64-linux-gnu/ COPY --from=local-builder:latest /lib/x86_64-linux-gnu/libprotobuf* /lib/x86_64-linux-gnu/ -ENV DEBIAN_FRONTEND noninteractive -ENV TERM xterm -ENV SGX_SDK /opt/sgxsdk -ENV PATH "$PATH:${SGX_SDK}/bin:${SGX_SDK}/bin/x64:/opt/rust/bin" -ENV PKG_CONFIG_PATH "${PKG_CONFIG_PATH}:${SGX_SDK}/pkgconfig" -ENV LD_LIBRARY_PATH "${LD_LIBRARY_PATH}:${SGX_SDK}/sdk_libs" +ENV DEBIAN_FRONTEND=noninteractive +ENV TERM=xterm +ENV SGX_SDK=/opt/sgxsdk +ENV PATH="$PATH:${SGX_SDK}/bin:${SGX_SDK}/bin/x64:/opt/rust/bin" +ENV PKG_CONFIG_PATH="${PKG_CONFIG_PATH}:${SGX_SDK}/pkgconfig" +ENV LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${SGX_SDK}/sdk_libs" RUN mkdir -p /origin /data @@ -187,7 +187,7 @@ RUN touch spid.txt key.txt && \ RUN ldd /usr/local/bin/litentry-worker && /usr/local/bin/litentry-worker --version -ENV DATA_DIR /data +ENV DATA_DIR=/data USER litentry WORKDIR /data diff --git a/tee-worker/identity/docker/fork.Dockerfile b/tee-worker/identity/docker/fork.Dockerfile index 3a2df5bb85..e92c8d129a 100644 --- a/tee-worker/identity/docker/fork.Dockerfile +++ b/tee-worker/identity/docker/fork.Dockerfile @@ -21,6 +21,6 @@ COPY --from=gaiaadm/pumba /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-c COPY --from=gaiaadm/pumba /pumba /usr/local/bin/pumba COPY --from=powerman/dockerize /usr/local/bin/dockerize /usr/local/bin/dockerize -ENV PATH "$PATH:/usr/local/bin" +ENV PATH="$PATH:/usr/local/bin" ENTRYPOINT ["/usr/local/bin/dockerize"] \ No newline at end of file From 1ab58ff1ca0b3dcfc4ea5303b55ce77e7d6b38cc Mon Sep 17 00:00:00 2001 From: Kai <7630809+Kailai-Wang@users.noreply.github.com> Date: Tue, 15 Oct 2024 09:31:39 +0200 Subject: [PATCH 12/17] add tests (#3127) --- parachain/pallets/omni-account/src/lib.rs | 84 +++---- parachain/pallets/omni-account/src/tests.rs | 254 ++++++++++++++++---- 2 files changed, 249 insertions(+), 89 deletions(-) diff --git a/parachain/pallets/omni-account/src/lib.rs b/parachain/pallets/omni-account/src/lib.rs index aa61609ee0..8b16863eca 100644 --- a/parachain/pallets/omni-account/src/lib.rs +++ b/parachain/pallets/omni-account/src/lib.rs @@ -125,6 +125,8 @@ pub mod pallet { #[pallet::event] #[pallet::generate_deposit(pub(super) fn deposit_event)] pub enum Event { + /// An account store is created + AccountStoreCreated { who: T::AccountId, account_store_hash: H256 }, /// Some member account is added AccountAdded { who: T::AccountId, member_account_hash: H256 }, /// Some member accounts are removed @@ -193,38 +195,62 @@ pub mod pallet { #[pallet::call_index(2)] #[pallet::weight((195_000_000, DispatchClass::Normal))] + pub fn create_account_store(origin: OriginFor, identity: Identity) -> DispatchResult { + // initial creation request has to come from `TEECallOrigin` + let _ = T::TEECallOrigin::ensure_origin(origin)?; + let hash = identity.hash(); + let omni_account = T::OmniAccountConverter::convert(&identity); + + ensure!(!MemberAccountHash::::contains_key(hash), Error::::AccountAlreadyAdded); + + let mut member_accounts: MemberAccounts = BoundedVec::new(); + member_accounts + .try_push(identity.into()) + .map_err(|_| Error::::AccountStoreLenLimitReached)?; + + MemberAccountHash::::insert(hash, omni_account.clone()); + AccountStore::::insert(omni_account.clone(), member_accounts.clone()); + AccountStoreHash::::insert(omni_account.clone(), member_accounts.hash()); + + Self::deposit_event(Event::AccountStoreCreated { + who: omni_account, + account_store_hash: member_accounts.hash(), + }); + + Ok(()) + } + + #[pallet::call_index(3)] + #[pallet::weight((195_000_000, DispatchClass::Normal))] pub fn add_account( origin: OriginFor, - who: Identity, // `Identity` used to derive OmniAccount member_account: MemberAccount, // account to be added ) -> DispatchResult { - // We can't use `T::OmniAccountOrigin` here as the ownership of member account needs to - // be firstly validated by the TEE-worker before dispatching the extrinsic - let _ = T::TEECallOrigin::ensure_origin(origin)?; + // mutation of AccountStore requires `OmniAccountOrigin`, same as "remove" and "publicize" + let who = T::OmniAccountOrigin::ensure_origin(origin)?; ensure!( !MemberAccountHash::::contains_key(member_account.hash()), Error::::AccountAlreadyAdded ); + + let mut member_accounts = + AccountStore::::get(&who).ok_or(Error::::UnknownAccountStore)?; + let hash = member_account.hash(); - let mut store = Self::get_or_create_account_store(who.clone())?; - store + member_accounts .try_push(member_account) .map_err(|_| Error::::AccountStoreLenLimitReached)?; - let who_account = T::OmniAccountConverter::convert(&who); - MemberAccountHash::::insert(hash, who_account.clone()); - AccountStoreHash::::insert(who_account.clone(), store.hash()); - AccountStore::::insert(who_account.clone(), store); + MemberAccountHash::::insert(hash, who.clone()); + AccountStore::::insert(who.clone(), member_accounts.clone()); + AccountStoreHash::::insert(who.clone(), member_accounts.hash()); - Self::deposit_event(Event::AccountAdded { - who: who_account, - member_account_hash: hash, - }); + Self::deposit_event(Event::AccountAdded { who, member_account_hash: hash }); Ok(()) } - #[pallet::call_index(3)] + #[pallet::call_index(4)] #[pallet::weight((195_000_000, DispatchClass::Normal))] pub fn remove_accounts( origin: OriginFor, @@ -260,7 +286,7 @@ pub mod pallet { /// make a member account public in the AccountStore /// we force `Identity` type to avoid misuse and additional check - #[pallet::call_index(4)] + #[pallet::call_index(5)] #[pallet::weight((195_000_000, DispatchClass::Normal))] pub fn publicize_account(origin: OriginFor, member_account: Identity) -> DispatchResult { let who = T::OmniAccountOrigin::ensure_origin(origin)?; @@ -281,32 +307,6 @@ pub mod pallet { Ok(()) } } - - impl Pallet { - pub fn get_or_create_account_store(who: Identity) -> Result, Error> { - match AccountStore::::get(T::OmniAccountConverter::convert(&who)) { - Some(member_accounts) => Ok(member_accounts), - None => Self::create_account_store(who), - } - } - - fn create_account_store(who: Identity) -> Result, Error> { - let hash = who.hash(); - let who_account = T::OmniAccountConverter::convert(&who); - - ensure!(!MemberAccountHash::::contains_key(hash), Error::::AccountAlreadyAdded); - - let mut member_accounts: MemberAccounts = BoundedVec::new(); - member_accounts - .try_push(who.into()) - .map_err(|_| Error::::AccountStoreLenLimitReached)?; - - MemberAccountHash::::insert(hash, who_account.clone()); - AccountStore::::insert(who_account, member_accounts.clone()); - - Ok(member_accounts) - } - } } pub struct EnsureOmniAccount(PhantomData); diff --git a/parachain/pallets/omni-account/src/tests.rs b/parachain/pallets/omni-account/src/tests.rs index f2213e0218..1ae090c741 100644 --- a/parachain/pallets/omni-account/src/tests.rs +++ b/parachain/pallets/omni-account/src/tests.rs @@ -21,6 +21,11 @@ use sp_core::hashing::blake2_256; use sp_runtime::{traits::BadOrigin, ModuleError}; use sp_std::vec; +fn add_account_call(account: MemberAccount) -> Box { + let call = RuntimeCall::OmniAccount(crate::Call::add_account { member_account: account }); + Box::new(call) +} + fn remove_accounts_call(hashes: Vec) -> Box { let call = RuntimeCall::OmniAccount(crate::Call::remove_accounts { member_account_hashes: hashes }); @@ -37,6 +42,62 @@ fn make_balance_transfer_call(dest: AccountId, value: Balance) -> Box = + vec![MemberAccount::Public(who_identity.clone())].try_into().unwrap(); + + System::assert_last_event( + Event::AccountStoreCreated { + who: who_omni_account, + account_store_hash: member_accounts.hash(), + } + .into(), + ); + + // create it the second time will fail + assert_noop!( + OmniAccount::create_account_store(RuntimeOrigin::signed(tee_signer), who_identity,), + Error::::AccountAlreadyAdded + ); + }); +} + +#[test] +fn add_account_without_creating_store_fails() { + new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); + + let who = alice(); + let who_identity = Identity::from(who.clone()); + + let bob_member_account = + MemberAccount::Private(bob().encode(), Identity::from(bob()).hash()); + + let call = add_account_call(bob_member_account.clone()); + assert_noop!( + OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.hash(), + call + ), + Error::::AccountNotFound + ); + }); +} + #[test] fn add_account_works() { new_test_ext().execute_with(|| { @@ -63,12 +124,19 @@ fn add_account_works() { .encode(), )); - assert_ok!(OmniAccount::add_account( + assert_ok!(OmniAccount::create_account_store( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), - bob_member_account.clone(), )); - System::assert_last_event( + + let call = add_account_call(bob_member_account.clone()); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.hash(), + call + )); + + System::assert_has_event( Event::AccountAdded { who: who_omni_account.clone(), member_account_hash: bob_member_account.hash(), @@ -85,12 +153,14 @@ fn add_account_works() { expected_account_store_hash ); - assert_ok!(OmniAccount::add_account( - RuntimeOrigin::signed(tee_signer), - who_identity.clone(), - charlie_member_account.clone(), + let call = add_account_call(charlie_member_account.clone()); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.hash(), + call )); - System::assert_last_event( + + System::assert_has_event( Event::AccountAdded { who: who_identity.to_omni_account(), member_account_hash: charlie_member_account.hash(), @@ -129,50 +199,89 @@ fn add_account_works() { #[test] fn add_account_origin_check_works() { new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); let who = Identity::from(alice()); let member_account = MemberAccount::Private(vec![1, 2, 3], H256::from(blake2_256(&[1, 2, 3]))); assert_noop!( - OmniAccount::add_account(RuntimeOrigin::signed(bob()), who, member_account), + OmniAccount::add_account(RuntimeOrigin::signed(tee_signer), member_account.clone()), + BadOrigin + ); + + assert_noop!( + OmniAccount::add_account(RuntimeOrigin::signed(who.to_omni_account()), member_account), BadOrigin ); }); } #[test] -fn add_account_already_linked_works() { +fn add_account_with_already_linked_account_fails() { new_test_ext().execute_with(|| { let tee_signer = get_tee_signer(); let who = alice(); let who_identity = Identity::from(who.clone()); + let who_omni_account = who_identity.to_omni_account(); let member_account = MemberAccount::Public(Identity::from(bob())); - assert_ok!(OmniAccount::add_account( + assert_ok!(OmniAccount::create_account_store( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), - member_account.clone(), )); - assert_noop!( - OmniAccount::add_account( - RuntimeOrigin::signed(tee_signer.clone()), - who_identity.clone(), - member_account, - ), - Error::::AccountAlreadyAdded + + let call = add_account_call(member_account.clone()); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.hash(), + call.clone() + )); + + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.hash(), + call + )); + + System::assert_has_event( + Event::DispatchedAsOmniAccount { + who: who_omni_account, + result: Err(DispatchError::Module(ModuleError { + index: 5, + error: [0, 0, 0, 0], + message: Some("AccountAlreadyAdded"), + })), + } + .into(), ); // intent to create a new AccountStore with an account that is already added - let who = Identity::from(bob()); + let who = Identity::from(charlie()); let alice_member_account = MemberAccount::Public(Identity::from(alice())); - assert_noop!( - OmniAccount::add_account( - RuntimeOrigin::signed(tee_signer), - who.clone(), - alice_member_account, - ), - Error::::AccountAlreadyAdded + + assert_ok!(OmniAccount::create_account_store( + RuntimeOrigin::signed(tee_signer.clone()), + who.clone(), + )); + + let call = add_account_call(alice_member_account.clone()); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who.hash(), + call + )); + + System::assert_has_event( + Event::DispatchedAsOmniAccount { + who: who.to_omni_account(), + result: Err(DispatchError::Module(ModuleError { + index: 5, + error: [0, 0, 0, 0], + message: Some("AccountAlreadyAdded"), + })), + } + .into(), ); }); } @@ -186,6 +295,11 @@ fn add_account_store_len_limit_reached_works() { let who_identity = Identity::from(who.clone()); let who_omni_account = who_identity.to_omni_account(); + assert_ok!(OmniAccount::create_account_store( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.clone(), + )); + let member_account_2 = MemberAccount::Private(vec![1, 2, 3], H256::from(blake2_256(&[1, 2, 3]))); let member_account_3 = @@ -197,15 +311,28 @@ fn add_account_store_len_limit_reached_works() { member_account_3.clone(), ]); - AccountStore::::insert(who_omni_account, member_accounts); + AccountStore::::insert(who_omni_account.clone(), member_accounts); - assert_noop!( - OmniAccount::add_account( - RuntimeOrigin::signed(tee_signer), - who_identity, - MemberAccount::Private(vec![7, 8, 9], H256::from(blake2_256(&[7, 8, 9]))), - ), - Error::::AccountStoreLenLimitReached + let call = add_account_call(MemberAccount::Private( + vec![7, 8, 9], + H256::from(blake2_256(&[7, 8, 9])), + )); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.hash(), + call + )); + + System::assert_has_event( + Event::DispatchedAsOmniAccount { + who: who_omni_account, + result: Err(DispatchError::Module(ModuleError { + index: 5, + error: [1, 0, 0, 0], + message: Some("AccountStoreLenLimitReached"), + })), + } + .into(), ); }); } @@ -224,10 +351,16 @@ fn remove_account_works() { let identity_hash = member_account.hash(); let hashes = vec![identity_hash]; - assert_ok!(OmniAccount::add_account( + assert_ok!(OmniAccount::create_account_store( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), - member_account.clone(), + )); + + let call = add_account_call(member_account.clone()); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.hash(), + call )); // normal signed origin should give `BadOrigin`, no matter @@ -294,10 +427,19 @@ fn remove_account_empty_account_check_works() { let who_identity_hash = who_identity.hash(); let who_omni_account = who_identity.to_omni_account(); - assert_ok!(OmniAccount::add_account( + assert_ok!(OmniAccount::create_account_store( RuntimeOrigin::signed(tee_signer.clone()), - who_identity, - MemberAccount::Private(vec![1, 2, 3], H256::from(blake2_256(&[1, 2, 3]))), + who_identity.clone(), + )); + + let call = add_account_call(MemberAccount::Private( + vec![1, 2, 3], + H256::from(blake2_256(&[1, 2, 3])), + )); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.hash(), + call )); let call = remove_accounts_call(vec![]); @@ -334,10 +476,16 @@ fn publicize_account_works() { let public_account = MemberAccount::Public(Identity::from(bob())); let public_account_hash = public_account.hash(); - assert_ok!(OmniAccount::add_account( + assert_ok!(OmniAccount::create_account_store( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), - private_account.clone() + )); + + let call = add_account_call(private_account.clone()); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.hash(), + call )); let expected_member_accounts: MemberAccounts = @@ -407,10 +555,16 @@ fn publicize_account_identity_not_found_works() { Error::::AccountNotFound ); - assert_ok!(OmniAccount::add_account( + assert_ok!(OmniAccount::create_account_store( RuntimeOrigin::signed(tee_signer.clone()), - who_identity, - private_account.clone(), + who_identity.clone(), + )); + + let call = add_account_call(private_account.clone()); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.hash(), + call )); let charlie_identity = Identity::from(charlie()); @@ -448,10 +602,16 @@ fn dispatch_as_signed_works() { let private_account = MemberAccount::Private(vec![1, 2, 3], Identity::from(bob()).hash()); - assert_ok!(OmniAccount::add_account( + assert_ok!(OmniAccount::create_account_store( RuntimeOrigin::signed(tee_signer.clone()), who_identity.clone(), - private_account, + )); + + let call = add_account_call(private_account); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.hash(), + call )); let call = make_balance_transfer_call(bob(), 5); From 5a1cb48fe8db92d88d69a7c72c708d02d73acb6c Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Tue, 15 Oct 2024 21:11:48 +0200 Subject: [PATCH 13/17] Setting up native tasks for identity worker (#3129) * initial setup direct call requests * adding direct call request handler init * fixing typo * adding io handler * fixing dependencies * fixing build * cleaning up unused code * fixing fmt issue * extracting types * fixing typo * renaming DirectCallTask to NativeRequest * refactoring names and improving error responses * refactor: replace unwrap with expect in thread spawns * fixing taplo issue * Revert "refactor: replace unwrap with expect in thread spawns" This reverts commit 3485f0497e5862c6ada6fcd694f2f41433eee5ec. --- tee-worker/Cargo.lock | 42 +++ tee-worker/Cargo.toml | 4 + .../identity/enclave-runtime/Cargo.lock | 42 +++ .../identity/enclave-runtime/Cargo.toml | 1 + .../enclave-runtime/src/initialization/mod.rs | 38 +++ .../core/native-task/receiver/Cargo.toml | 67 +++++ .../core/native-task/receiver/src/lib.rs | 250 ++++++++++++++++++ .../core/native-task/receiver/src/types.rs | 115 ++++++++ .../core/native-task/sender/Cargo.toml | 21 ++ .../core/native-task/sender/src/lib.rs | 88 ++++++ .../identity/sidechain/rpc-handler/Cargo.toml | 3 + .../rpc-handler/src/direct_top_pool_api.rs | 33 +++ 12 files changed, 704 insertions(+) create mode 100644 tee-worker/identity/litentry/core/native-task/receiver/Cargo.toml create mode 100644 tee-worker/identity/litentry/core/native-task/receiver/src/lib.rs create mode 100644 tee-worker/identity/litentry/core/native-task/receiver/src/types.rs create mode 100644 tee-worker/identity/litentry/core/native-task/sender/Cargo.toml create mode 100644 tee-worker/identity/litentry/core/native-task/sender/src/lib.rs diff --git a/tee-worker/Cargo.lock b/tee-worker/Cargo.lock index 26fbc1ea62..b4482f579f 100644 --- a/tee-worker/Cargo.lock +++ b/tee-worker/Cargo.lock @@ -4586,6 +4586,7 @@ dependencies = [ "its-primitives", "jsonrpc-core 18.0.0 (registry+https://github.com/rust-lang/crates.io-index)", "jsonrpc-core 18.0.0 (git+https://github.com/scs/jsonrpc?branch=no_std_v18)", + "lc-native-task-sender", "lc-vc-task-sender", "litentry-primitives", "log 0.4.20", @@ -5179,6 +5180,47 @@ dependencies = [ "warp", ] +[[package]] +name = "lc-native-task-receiver" +version = "0.1.0" +dependencies = [ + "frame-support", + "futures 0.3.28", + "futures 0.3.8", + "id-ita-sgx-runtime", + "id-ita-stf", + "id-itp-stf-executor", + "id-itp-top-pool-author", + "itp-enclave-metrics", + "itp-extrinsics-factory", + "itp-node-api", + "itp-ocall-api", + "itp-sgx-crypto", + "itp-sgx-externalities", + "itp-stf-primitives", + "itp-stf-state-handler", + "itp-types", + "lc-data-providers", + "lc-dynamic-assertion", + "lc-native-task-sender", + "litentry-macros", + "litentry-primitives", + "log 0.4.20", + "parity-scale-codec", + "sgx_tstd", + "sp-core", +] + +[[package]] +name = "lc-native-task-sender" +version = "0.1.0" +dependencies = [ + "lazy_static", + "litentry-primitives", + "log 0.4.20", + "sgx_tstd", +] + [[package]] name = "lc-parachain-extrinsic-task-receiver" version = "0.1.0" diff --git a/tee-worker/Cargo.toml b/tee-worker/Cargo.toml index a7db27633d..324f8dc8f5 100644 --- a/tee-worker/Cargo.toml +++ b/tee-worker/Cargo.toml @@ -53,6 +53,8 @@ members = [ "identity/litentry/core/data-providers", "identity/litentry/core/vc-task/sender", "identity/litentry/core/vc-task/receiver", + "identity/litentry/core/native-task/sender", + "identity/litentry/core/native-task/receiver", "identity/litentry/core/identity-verification", "identity/litentry/core/stf-task/sender", "identity/litentry/core/stf-task/receiver", @@ -298,6 +300,8 @@ lc-stf-task-sender = { path = "identity/litentry/core/stf-task/sender", default- lc-stf-task-receiver = { path = "identity/litentry/core/stf-task/receiver", default-features = false } lc-vc-task-sender = { path = "identity/litentry/core/vc-task/sender", default-features = false } lc-vc-task-receiver = { path = "identity/litentry/core/vc-task/receiver", default-features = false } +lc-native-task-sender = { path = "identity/litentry/core/native-task/sender", default-features = false } +lc-native-task-receiver = { path = "identity/litentry/core/native-task/receiver", default-features = false } itc-peer-top-broadcaster = { path = "identity/core/peer-top-broadcaster", default-features = false } itc-rpc-server = { path = "identity/core/rpc-server", default-features = false } diff --git a/tee-worker/identity/enclave-runtime/Cargo.lock b/tee-worker/identity/enclave-runtime/Cargo.lock index 07c5998291..57c5ec6c5a 100644 --- a/tee-worker/identity/enclave-runtime/Cargo.lock +++ b/tee-worker/identity/enclave-runtime/Cargo.lock @@ -952,6 +952,7 @@ dependencies = [ "lc-data-providers", "lc-evm-dynamic-assertions", "lc-identity-verification", + "lc-native-task-receiver", "lc-parachain-extrinsic-task-receiver", "lc-stf-task-receiver", "lc-vc-task-receiver", @@ -2817,6 +2818,7 @@ dependencies = [ "itp-utils", "its-primitives", "jsonrpc-core", + "lc-native-task-sender", "lc-vc-task-sender", "litentry-primitives", "log", @@ -3102,6 +3104,46 @@ dependencies = [ "url 2.5.0", ] +[[package]] +name = "lc-native-task-receiver" +version = "0.1.0" +dependencies = [ + "frame-support", + "futures 0.3.8", + "id-ita-sgx-runtime", + "id-ita-stf", + "id-itp-stf-executor", + "id-itp-top-pool-author", + "itp-enclave-metrics", + "itp-extrinsics-factory", + "itp-node-api", + "itp-ocall-api", + "itp-sgx-crypto", + "itp-sgx-externalities", + "itp-stf-primitives", + "itp-stf-state-handler", + "itp-types", + "lc-data-providers", + "lc-dynamic-assertion", + "lc-native-task-sender", + "litentry-macros", + "litentry-primitives", + "log", + "parity-scale-codec", + "sgx_tstd", + "sp-core", +] + +[[package]] +name = "lc-native-task-sender" +version = "0.1.0" +dependencies = [ + "lazy_static", + "litentry-primitives", + "log", + "sgx_tstd", +] + [[package]] name = "lc-parachain-extrinsic-task-receiver" version = "0.1.0" diff --git a/tee-worker/identity/enclave-runtime/Cargo.toml b/tee-worker/identity/enclave-runtime/Cargo.toml index 35b9c47107..efa9ed93bb 100644 --- a/tee-worker/identity/enclave-runtime/Cargo.toml +++ b/tee-worker/identity/enclave-runtime/Cargo.toml @@ -147,6 +147,7 @@ its-sidechain = { path = "../sidechain/sidechain-crate", default-features = fals lc-data-providers = { path = "../litentry/core/data-providers", default-features = false, features = ["sgx"] } lc-evm-dynamic-assertions = { path = "../litentry/core/evm-dynamic-assertions", default-features = false, features = ["sgx"] } lc-identity-verification = { path = "../litentry/core/identity-verification", default-features = false, features = ["sgx"] } +lc-native-task-receiver = { path = "../litentry/core/native-task/receiver", default-features = false, features = ["sgx"] } lc-parachain-extrinsic-task-receiver = { path = "../../common/litentry/core/parachain-extrinsic-task/receiver", default-features = false, features = ["sgx"] } lc-stf-task-receiver = { path = "../litentry/core/stf-task/receiver", default-features = false, features = ["sgx"] } lc-vc-task-receiver = { path = "../litentry/core/vc-task/receiver", default-features = false, features = ["sgx"] } diff --git a/tee-worker/identity/enclave-runtime/src/initialization/mod.rs b/tee-worker/identity/enclave-runtime/src/initialization/mod.rs index d6cde31bc2..843373742f 100644 --- a/tee-worker/identity/enclave-runtime/src/initialization/mod.rs +++ b/tee-worker/identity/enclave-runtime/src/initialization/mod.rs @@ -88,6 +88,7 @@ use its_sidechain::{ use jsonrpc_core::IoHandler; use lc_data_providers::DataProviderConfig; use lc_evm_dynamic_assertions::repository::EvmAssertionRepository; +use lc_native_task_receiver::{run_native_task_receiver, NativeTaskContext}; use lc_parachain_extrinsic_task_receiver::run_parachain_extrinsic_task_receiver; use lc_stf_task_receiver::{run_stf_task_receiver, StfTaskContext}; use lc_vc_task_receiver::run_vc_handler_runner; @@ -332,6 +333,37 @@ fn run_vc_issuance() -> Result<(), Error> { Ok(()) } +fn run_native_task_handler() -> Result<(), Error> { + let author_api = GLOBAL_TOP_POOL_AUTHOR_COMPONENT.get()?; + let data_provider_config = GLOBAL_DATA_PROVIDER_CONFIG.get()?; + let shielding_key_repository = GLOBAL_SHIELDING_KEY_REPOSITORY_COMPONENT.get()?; + let ocall_api = GLOBAL_OCALL_API_COMPONENT.get()?; + let stf_enclave_signer = Arc::new(EnclaveStfEnclaveSigner::new( + GLOBAL_STATE_OBSERVER_COMPONENT.get()?, + ocall_api.clone(), + shielding_key_repository.clone(), + author_api.clone(), + )); + let enclave_account = Arc::new(GLOBAL_SIGNING_KEY_REPOSITORY_COMPONENT.get()?.retrieve_key()?); + let extrinsic_factory = get_extrinsic_factory_from_integritee_solo_or_parachain()?; + let node_metadata_repo = get_node_metadata_repository_from_integritee_solo_or_parachain()?; + + let context = NativeTaskContext::new( + shielding_key_repository, + author_api, + stf_enclave_signer, + enclave_account, + ocall_api, + data_provider_config, + extrinsic_factory, + node_metadata_repo, + ); + + run_native_task_receiver(Arc::new(context)); + + Ok(()) +} + fn run_parachain_extrinsic_sender() -> Result<(), Error> { let ocall_api = GLOBAL_OCALL_API_COMPONENT.get()?; let extrinsics_factory = get_extrinsic_factory_from_integritee_solo_or_parachain()?; @@ -413,6 +445,12 @@ pub(crate) fn init_enclave_sidechain_components( run_vc_issuance().unwrap(); }); + std::thread::spawn(move || { + println!("running native task handler"); + #[allow(clippy::unwrap_used)] + run_native_task_handler().unwrap(); + }); + std::thread::spawn(move || { println!("running parentchain extrinsic sender"); #[allow(clippy::unwrap_used)] diff --git a/tee-worker/identity/litentry/core/native-task/receiver/Cargo.toml b/tee-worker/identity/litentry/core/native-task/receiver/Cargo.toml new file mode 100644 index 0000000000..79d6a14414 --- /dev/null +++ b/tee-worker/identity/litentry/core/native-task/receiver/Cargo.toml @@ -0,0 +1,67 @@ +[package] +name = "lc-native-task-receiver" +version = "0.1.0" +edition = "2021" + +[dependencies] +futures = { workspace = true, optional = true } +futures_sgx = { workspace = true, features = ["thread-pool"], optional = true } +sgx_tstd = { workspace = true, features = ["net", "thread"], optional = true } + + +codec = { package = "parity-scale-codec", workspace = true } +log = { workspace = true } +sp-core = { workspace = true, features = ["full_crypto"] } + +ita-sgx-runtime = { package = "id-ita-sgx-runtime", path = "../../../../app-libs/sgx-runtime", default-features = false } +ita-stf = { package = "id-ita-stf", path = "../../../../app-libs/stf", default-features = false } +itp-enclave-metrics = { workspace = true } +itp-extrinsics-factory = { workspace = true } +itp-node-api = { workspace = true } +itp-ocall-api = { workspace = true } +itp-sgx-crypto = { workspace = true } +itp-sgx-externalities = { workspace = true } +itp-stf-executor = { package = "id-itp-stf-executor", path = "../../../../core-primitives/stf-executor", default-features = false } +itp-stf-primitives = { workspace = true } +itp-stf-state-handler = { workspace = true } +itp-top-pool-author = { package = "id-itp-top-pool-author", path = "../../../../core-primitives/top-pool-author", default-features = false } +itp-types = { workspace = true } + +frame-support = { workspace = true } +lc-data-providers = { workspace = true } +lc-dynamic-assertion = { workspace = true } +lc-native-task-sender = { workspace = true } +litentry-macros = { workspace = true } +litentry-primitives = { workspace = true } + +[features] +default = ["std"] +sgx = [ + "futures_sgx", + "sgx_tstd", + "ita-stf/sgx", + "itp-top-pool-author/sgx", + "sp-core/full_crypto", + "litentry-primitives/sgx", + "itp-node-api/sgx", + "itp-extrinsics-factory/sgx", + "lc-native-task-sender/sgx", +] +std = [ + "futures", + "log/std", + "ita-stf/std", + "itp-types/std", + "itp-top-pool-author/std", + "itp-stf-primitives/std", + "itp-extrinsics-factory/std", + "sp-core/std", + "litentry-primitives/std", + "ita-sgx-runtime/std", + "frame-support/std", + "itp-node-api/std", + "lc-native-task-sender/std", +] +development = [ + "litentry-macros/development", +] diff --git a/tee-worker/identity/litentry/core/native-task/receiver/src/lib.rs b/tee-worker/identity/litentry/core/native-task/receiver/src/lib.rs new file mode 100644 index 0000000000..b444a52187 --- /dev/null +++ b/tee-worker/identity/litentry/core/native-task/receiver/src/lib.rs @@ -0,0 +1,250 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +#![cfg_attr(not(feature = "std"), no_std)] + +#[cfg(all(feature = "std", feature = "sgx"))] +compile_error!("feature \"std\" and feature \"sgx\" cannot be enabled at the same time"); + +#[cfg(all(not(feature = "std"), feature = "sgx"))] +extern crate sgx_tstd as std; + +// re-export module to properly feature gate sgx and regular std environment +#[cfg(all(not(feature = "std"), feature = "sgx"))] +pub mod sgx_reexport_prelude { + pub use futures_sgx as futures; +} + +#[cfg(all(not(feature = "std"), feature = "sgx"))] +pub use crate::sgx_reexport_prelude::*; + +mod types; +pub use types::NativeTaskContext; +use types::*; + +use codec::{Decode, Encode}; +use futures::executor::ThreadPoolBuilder; +use ita_sgx_runtime::Hash; +use ita_stf::{Getter, TrustedCall, TrustedCallSigned}; +use itp_extrinsics_factory::CreateExtrinsics; +use itp_node_api::metadata::{provider::AccessNodeMetadata, NodeMetadataTrait}; +use itp_ocall_api::{EnclaveAttestationOCallApi, EnclaveMetricsOCallApi, EnclaveOnChainOCallApi}; +use itp_sgx_crypto::{key_repository::AccessKey, ShieldingCryptoDecrypt, ShieldingCryptoEncrypt}; +use itp_stf_executor::traits::StfEnclaveSigning as StfEnclaveSigningTrait; +use itp_stf_primitives::{traits::TrustedCallVerification, types::TrustedOperation}; +use itp_top_pool_author::traits::AuthorApi as AuthorApiTrait; +use lc_native_task_sender::init_native_task_sender; +use litentry_primitives::{AesRequest, DecryptableRequest}; +use sp_core::{blake2_256, H256}; +use std::{ + boxed::Box, + format, + sync::{ + mpsc::{channel, Sender}, + Arc, + }, + thread, +}; + +// TODO: move to config +const THREAD_POOL_SIZE: usize = 10; + +pub fn run_native_task_receiver< + ShieldingKeyRepository, + AuthorApi, + StfEnclaveSigning, + OCallApi, + ExtrinsicFactory, + NodeMetadataRepo, +>( + context: Arc< + NativeTaskContext< + ShieldingKeyRepository, + AuthorApi, + StfEnclaveSigning, + OCallApi, + ExtrinsicFactory, + NodeMetadataRepo, + >, + >, +) where + ShieldingKeyRepository: AccessKey + Send + Sync + 'static, + ::KeyType: ShieldingCryptoEncrypt + ShieldingCryptoDecrypt, + AuthorApi: AuthorApiTrait + Send + Sync + 'static, + StfEnclaveSigning: StfEnclaveSigningTrait + Send + Sync + 'static, + OCallApi: + EnclaveOnChainOCallApi + EnclaveMetricsOCallApi + EnclaveAttestationOCallApi + 'static, + ExtrinsicFactory: CreateExtrinsics + Send + Sync + 'static, + NodeMetadataRepo: AccessNodeMetadata + Send + Sync + 'static, + NodeMetadataRepo::MetadataType: NodeMetadataTrait, +{ + let request_receiver = init_native_task_sender(); + let thread_pool = ThreadPoolBuilder::new() + .pool_size(THREAD_POOL_SIZE) + .create() + .expect("Failed to create thread pool"); + + let (native_req_sender, native_req_receiver) = channel::(); + let t_pool = thread_pool.clone(); + + thread::spawn(move || { + if let Ok(native_request) = native_req_receiver.recv() { + t_pool.spawn_ok(async move { + match native_request { + // TODO: handle native_request: e.g: Identity verification + } + }); + } + }); + + while let Ok(mut req) = request_receiver.recv() { + let context_pool = context.clone(); + let task_sender_pool = native_req_sender.clone(); + + thread_pool.spawn_ok(async move { + let request = &mut req.request; + let connection_hash = request.using_encoded(|x| H256::from(blake2_256(x))); + match get_trusted_call_from_request(request, context_pool.clone()) { + Ok(call) => process_trusted_call( + context_pool.clone(), + call, + connection_hash, + task_sender_pool, + ), + Err(e) => { + log::error!("Failed to get trusted call from request: {:?}", e); + }, + }; + }); + } + log::warn!("Native task receiver stopped"); +} + +fn process_trusted_call< + ShieldingKeyRepository, + AuthorApi, + StfEnclaveSigning, + OCallApi, + ExtrinsicFactory, + NodeMetadataRepo, +>( + context: Arc< + NativeTaskContext< + ShieldingKeyRepository, + AuthorApi, + StfEnclaveSigning, + OCallApi, + ExtrinsicFactory, + NodeMetadataRepo, + >, + >, + call: TrustedCall, + connection_hash: H256, + _tc_sender: Sender, +) where + ShieldingKeyRepository: AccessKey + Send + Sync + 'static, + ::KeyType: ShieldingCryptoEncrypt + ShieldingCryptoDecrypt, + AuthorApi: AuthorApiTrait + Send + Sync + 'static, + StfEnclaveSigning: StfEnclaveSigningTrait + Send + Sync + 'static, + OCallApi: + EnclaveOnChainOCallApi + EnclaveMetricsOCallApi + EnclaveAttestationOCallApi + 'static, + ExtrinsicFactory: CreateExtrinsics + Send + Sync + 'static, + NodeMetadataRepo: AccessNodeMetadata + Send + Sync + 'static, + NodeMetadataRepo::MetadataType: NodeMetadataTrait, +{ + match call { + // TODO: handle AccountStore related calls + TrustedCall::noop(_) => log::info!("Received noop call"), + _ => { + log::warn!("Received unsupported call: {:?}", call); + let res: Result<(), NativeTaskError> = + Err(NativeTaskError::UnexpectedCall(format!("Unexpected call: {:?}", call))); + context.author_api.send_rpc_response(connection_hash, res.encode(), false); + }, + } +} + +fn get_trusted_call_from_request< + ShieldingKeyRepository, + AuthorApi, + StfEnclaveSigning, + OCallApi, + ExtrinsicFactory, + NodeMetadataRepo, +>( + request: &mut AesRequest, + context: Arc< + NativeTaskContext< + ShieldingKeyRepository, + AuthorApi, + StfEnclaveSigning, + OCallApi, + ExtrinsicFactory, + NodeMetadataRepo, + >, + >, +) -> Result +where + ShieldingKeyRepository: AccessKey + Send + Sync + 'static, + ::KeyType: ShieldingCryptoEncrypt + ShieldingCryptoDecrypt, + AuthorApi: AuthorApiTrait + Send + Sync + 'static, + StfEnclaveSigning: StfEnclaveSigningTrait + Send + Sync + 'static, + OCallApi: + EnclaveOnChainOCallApi + EnclaveMetricsOCallApi + EnclaveAttestationOCallApi + 'static, + ExtrinsicFactory: CreateExtrinsics + Send + Sync + 'static, + NodeMetadataRepo: AccessNodeMetadata + Send + Sync + 'static, + NodeMetadataRepo::MetadataType: NodeMetadataTrait, +{ + let connection_hash = request.using_encoded(|x| H256::from(blake2_256(x))); + let enclave_shielding_key = match context.shielding_key.retrieve_key() { + Ok(value) => value, + Err(e) => { + let res: Result<(), NativeTaskError> = + Err(NativeTaskError::ShieldingKeyRetrievalFailed(format!("{}", e))); + context.author_api.send_rpc_response(connection_hash, res.encode(), false); + return Err("Shielding key retrieval failed") + }, + }; + let tcs: TrustedCallSigned = match request + .decrypt(Box::new(enclave_shielding_key)) + .ok() + .and_then(|v| TrustedOperation::::decode(&mut v.as_slice()).ok()) + .and_then(|top| top.to_call().cloned()) + { + Some(tcs) => tcs, + None => { + let res: Result<(), NativeTaskError> = + Err(NativeTaskError::RequestPayloadDecodingFailed); + context.author_api.send_rpc_response(connection_hash, res.encode(), false); + return Err("Request payload decoding failed") + }, + }; + let mrenclave = match context.ocall_api.get_mrenclave_of_self() { + Ok(m) => m.m, + Err(_) => { + let res: Result<(), NativeTaskError> = Err(NativeTaskError::MrEnclaveRetrievalFailed); + context.author_api.send_rpc_response(connection_hash, res.encode(), false); + return Err("MrEnclave retrieval failed") + }, + }; + if !tcs.verify_signature(&mrenclave, &request.shard) { + let res: Result<(), NativeTaskError> = Err(NativeTaskError::SignatureVerificationFailed); + context.author_api.send_rpc_response(connection_hash, res.encode(), false); + return Err("Signature verification failed") + } + + Ok(tcs.call) +} diff --git a/tee-worker/identity/litentry/core/native-task/receiver/src/types.rs b/tee-worker/identity/litentry/core/native-task/receiver/src/types.rs new file mode 100644 index 0000000000..a4377a6700 --- /dev/null +++ b/tee-worker/identity/litentry/core/native-task/receiver/src/types.rs @@ -0,0 +1,115 @@ +use codec::{Decode, Encode}; +use ita_sgx_runtime::Hash; +use ita_stf::{Getter, TrustedCallSigned}; +use itp_extrinsics_factory::CreateExtrinsics; +use itp_node_api::metadata::{provider::AccessNodeMetadata, NodeMetadataTrait}; +use itp_ocall_api::{EnclaveAttestationOCallApi, EnclaveMetricsOCallApi, EnclaveOnChainOCallApi}; +use itp_sgx_crypto::{key_repository::AccessKey, ShieldingCryptoDecrypt, ShieldingCryptoEncrypt}; +use itp_stf_executor::traits::StfEnclaveSigning as StfEnclaveSigningTrait; +use itp_top_pool_author::traits::AuthorApi as AuthorApiTrait; +use lc_data_providers::DataProviderConfig; +use sp_core::ed25519::Pair as Ed25519Pair; +use std::{string::String, sync::Arc}; + +pub struct NativeTaskContext< + ShieldingKeyRepository, + AuthorApi, + StfEnclaveSigning, + OCallApi, + ExtrinsicFactory, + NodeMetadataRepo, +> where + ShieldingKeyRepository: AccessKey + Send + Sync + 'static, + ::KeyType: ShieldingCryptoEncrypt + ShieldingCryptoDecrypt, + AuthorApi: AuthorApiTrait + Send + Sync + 'static, + StfEnclaveSigning: StfEnclaveSigningTrait + Send + Sync + 'static, + OCallApi: + EnclaveOnChainOCallApi + EnclaveMetricsOCallApi + EnclaveAttestationOCallApi + 'static, + ExtrinsicFactory: CreateExtrinsics + Send + Sync + 'static, + NodeMetadataRepo: AccessNodeMetadata + Send + Sync + 'static, + NodeMetadataRepo::MetadataType: NodeMetadataTrait, +{ + pub shielding_key: Arc, + pub author_api: Arc, + pub enclave_signer: Arc, + pub enclave_account: Arc, + pub ocall_api: Arc, + pub data_provider_config: Arc, + pub extrinsic_factory: Arc, + pub node_metadata_repo: Arc, +} + +impl< + ShieldingKeyRepository, + AuthorApi, + StfEnclaveSigning, + OCallApi, + ExtrinsicFactory, + NodeMetadataRepo, + > + NativeTaskContext< + ShieldingKeyRepository, + AuthorApi, + StfEnclaveSigning, + OCallApi, + ExtrinsicFactory, + NodeMetadataRepo, + > where + ShieldingKeyRepository: AccessKey + Send + Sync + 'static, + ::KeyType: ShieldingCryptoEncrypt + ShieldingCryptoDecrypt, + AuthorApi: AuthorApiTrait + Send + Sync + 'static, + StfEnclaveSigning: StfEnclaveSigningTrait + Send + Sync + 'static, + OCallApi: + EnclaveOnChainOCallApi + EnclaveMetricsOCallApi + EnclaveAttestationOCallApi + 'static, + ExtrinsicFactory: CreateExtrinsics + Send + Sync + 'static, + NodeMetadataRepo: AccessNodeMetadata + Send + Sync + 'static, + NodeMetadataRepo::MetadataType: NodeMetadataTrait, +{ + #[allow(clippy::too_many_arguments)] + pub fn new( + shielding_key: Arc, + author_api: Arc, + enclave_signer: Arc, + enclave_account: Arc, + ocall_api: Arc, + data_provider_config: Arc, + extrinsic_factory: Arc, + node_metadata_repo: Arc, + ) -> Self { + Self { + shielding_key, + author_api, + enclave_signer, + enclave_account, + ocall_api, + data_provider_config, + extrinsic_factory, + node_metadata_repo, + } + } +} + +#[derive(Encode, Decode, Clone, Debug, PartialEq, Eq)] +pub enum NativeTaskError { + UnexpectedCall(String), + ShieldingKeyRetrievalFailed(String), // Stringified itp_sgx_crypto::Error + RequestPayloadDecodingFailed, + ParentchainDataRetrievalFailed(String), // Stringified itp_stf_state_handler::Error + InvalidSignerAccount, + UnauthorizedSigner, + MissingAesKey, + MrEnclaveRetrievalFailed, + EnclaveSignerRetrievalFailed, + SignatureVerificationFailed, + ConnectionHashNotFound(String), + MetadataRetrievalFailed(String), // Stringified itp_node_api_metadata_provider::Error + InvalidMetadata(String), // Stringified itp_node_api_metadata::Error + TrustedCallSendingFailed(String), // Stringified mpsc::SendError<(H256, TrustedCall)> + CallSendingFailed(String), + ExtrinsicConstructionFailed(String), // Stringified itp_extrinsics_factory::Error + ExtrinsicSendingFailed(String), // Stringified sgx_status_t +} + +pub enum NativeRequest { + // TODO: Define the tasks +} diff --git a/tee-worker/identity/litentry/core/native-task/sender/Cargo.toml b/tee-worker/identity/litentry/core/native-task/sender/Cargo.toml new file mode 100644 index 0000000000..0d79bb5be5 --- /dev/null +++ b/tee-worker/identity/litentry/core/native-task/sender/Cargo.toml @@ -0,0 +1,21 @@ +[package] +name = "lc-native-task-sender" +version = "0.1.0" +edition = "2021" + +[dependencies] +sgx_tstd = { workspace = true, features = ["net", "thread"], optional = true } + +lazy_static = { workspace = true } +log = { workspace = true } + +litentry-primitives = { workspace = true } + +[features] +default = ["std"] +sgx = [ + "sgx_tstd", +] +std = [ + "log/std", +] diff --git a/tee-worker/identity/litentry/core/native-task/sender/src/lib.rs b/tee-worker/identity/litentry/core/native-task/sender/src/lib.rs new file mode 100644 index 0000000000..5b35fc08f3 --- /dev/null +++ b/tee-worker/identity/litentry/core/native-task/sender/src/lib.rs @@ -0,0 +1,88 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +#![cfg_attr(not(feature = "std"), no_std)] + +#[cfg(all(feature = "std", feature = "sgx"))] +compile_error!("feature \"std\" and feature \"sgx\" cannot be enabled at the same time"); + +#[cfg(all(not(feature = "std"), feature = "sgx"))] +extern crate sgx_tstd as std; + +use lazy_static::lazy_static; +use litentry_primitives::AesRequest; + +#[cfg(feature = "std")] +use std::sync::Mutex; +#[cfg(feature = "sgx")] +use std::sync::SgxMutex as Mutex; + +use std::{ + format, + string::String, + sync::{ + mpsc::{channel, Receiver, Sender}, + Arc, + }, +}; + +#[derive(Debug)] +pub struct NativeTask { + pub request: AesRequest, +} + +// Global storage of the sender. Should not be accessed directly. +lazy_static! { + static ref GLOBAL_NATIVE_TASK_SENDER: Arc>>> = + Arc::new(Mutex::new(Default::default())); +} + +pub struct NativeTaskSender {} + +impl NativeTaskSender { + pub fn new() -> Self { + Self {} + } +} + +impl Default for NativeTaskSender { + fn default() -> Self { + Self::new() + } +} + +impl NativeTaskSender { + pub fn send(&self, task: NativeTask) -> Result<(), String> { + log::debug!("send native task: {:?}", task); + let mutex_guard = GLOBAL_NATIVE_TASK_SENDER.lock().map_err(|_| "Mutex lock failed")?; + let task_sender: Sender = + mutex_guard.clone().ok_or("native task sender was not initialized")?; + // Release mutex lock, so we don't block the lock longer than necessary. + drop(mutex_guard); + + task_sender.send(task).map_err(|e| format!("Unable to send task: {:?}", e))?; + + Ok(()) + } +} + +pub fn init_native_task_sender() -> Receiver { + let (sender, receiver) = channel(); + let mut task_sender = GLOBAL_NATIVE_TASK_SENDER.lock().expect("Mutex lock failed"); + *task_sender = Some(sender); + + receiver +} diff --git a/tee-worker/identity/sidechain/rpc-handler/Cargo.toml b/tee-worker/identity/sidechain/rpc-handler/Cargo.toml index 02446faea3..686ce483d1 100644 --- a/tee-worker/identity/sidechain/rpc-handler/Cargo.toml +++ b/tee-worker/identity/sidechain/rpc-handler/Cargo.toml @@ -15,6 +15,7 @@ itp-types = { workspace = true } itp-utils = { workspace = true } its-primitives = { workspace = true } +lc-native-task-sender = { workspace = true } lc-vc-task-sender = { workspace = true } litentry-primitives = { workspace = true } @@ -45,6 +46,7 @@ std = [ "log/std", "rust-base58", "lc-vc-task-sender/std", + "lc-native-task-sender/std", ] sgx = [ "futures_sgx", @@ -55,4 +57,5 @@ sgx = [ "jsonrpc-core_sgx", "rust-base58_sgx", "lc-vc-task-sender/sgx", + "lc-native-task-sender/sgx", ] diff --git a/tee-worker/identity/sidechain/rpc-handler/src/direct_top_pool_api.rs b/tee-worker/identity/sidechain/rpc-handler/src/direct_top_pool_api.rs index 700e6da412..ec67fcb5b7 100644 --- a/tee-worker/identity/sidechain/rpc-handler/src/direct_top_pool_api.rs +++ b/tee-worker/identity/sidechain/rpc-handler/src/direct_top_pool_api.rs @@ -14,6 +14,7 @@ use itp_top_pool_author::traits::AuthorApi; use itp_types::{DirectRequestStatus, RsaRequest, ShardIdentifier, TrustedOperationStatus}; use itp_utils::{FromHexPrefixed, ToHexPrefixed}; use jsonrpc_core::{futures::executor, serde_json::json, Error as RpcError, IoHandler, Params}; +use lc_native_task_sender::{NativeTask, NativeTaskSender}; use lc_vc_task_sender::{VCRequest, VcRequestSender}; use litentry_primitives::AesRequest; use log::{debug, error, warn}; @@ -120,6 +121,24 @@ pub fn add_top_pool_direct_rpc_methods( Ok(json!(json_value)) }); + io_handler.add_sync_method("author_submitNativeRequest", move |params: Params| { + debug!("worker_api_direct rpc was called: author_submitNativeRequest"); + let json_value = match author_submit_native_request_inner(params) { + Ok(hash_value) => RpcReturnValue { + do_watch: true, + value: vec![], + status: DirectRequestStatus::TrustedOperationStatus( + TrustedOperationStatus::Submitted, + hash_value, + ), + } + .to_hex(), + Err(e) => compute_hex_encoded_return_error(e.as_str()), + }; + + Ok(json!(json_value)) + }); + // Litentry: a morphling of `author_submitAndWatchRsaRequest` // a different name is used to highlight the request type let watch_author = top_pool_author.clone(); @@ -330,3 +349,17 @@ fn author_submit_request_vc_inner(params: Params) -> Result { Ok(request.using_encoded(|x| H256::from(blake2_256(x)))) } } + +fn author_submit_native_request_inner(params: Params) -> Result { + let payload = get_request_payload(params)?; + let request = AesRequest::from_hex(&payload).map_err(|e| format!("{:?}", e))?; + let task_sender = NativeTaskSender::new(); + + if let Err(err) = task_sender.send(NativeTask { request: request.clone() }) { + let error_msg = format!("failed to send native task: {:?}", err); + error!("{}", error_msg); + Err(error_msg) + } else { + Ok(request.using_encoded(|x| H256::from(blake2_256(x)))) + } +} From 414b4e8a6590cf5d29f2fa3e3be36609f069252a Mon Sep 17 00:00:00 2001 From: Jonathan Alvarez Date: Tue, 15 Oct 2024 21:39:55 +0200 Subject: [PATCH 14/17] client-sdk: merge enclave and vc-sdk packages into one (#3128) Signed-off-by: Jonathan Alvarez --- tee-worker/identity/client-sdk/README.md | 6 +- tee-worker/identity/client-sdk/package.json | 2 +- .../{enclave => client-sdk}/.eslintrc.json | 0 .../packages/client-sdk/CHANGELOG.md | 12 + .../packages/{enclave => client-sdk}/LICENSE | 0 .../{enclave => client-sdk}/README.md | 68 +- .../{enclave => client-sdk}/docs/.nojekyll | 0 .../{enclave => client-sdk}/docs/README.md | 234 +++++- .../docs/classes/Enclave.md | 34 +- .../docs/modules/request.md | 62 +- .../{enclave => client-sdk}/jest.config.ts | 4 +- .../{enclave => client-sdk}/package.json | 6 +- .../{enclave => client-sdk}/project.json | 24 +- .../{enclave => client-sdk}/src/index.ts | 10 + .../src/lib/__test__/id-graph-decoder.test.ts | 0 .../src/lib/__test__/payload-signing.test.ts | 0 .../{enclave => client-sdk}/src/lib/config.ts | 0 .../src/lib/enclave.ts | 14 +- .../src/lib/requests/get-enclave-nonce.ts | 0 .../src/lib/requests/get-id-graph-hash.ts | 0 .../src/lib/requests/get-id-graph.request.ts | 0 .../requests/get-last-registered-enclave.ts | 0 .../src/lib/requests/index.ts | 0 .../link-identity-callback.request.ts | 0 .../src/lib/requests/link-identity.request.ts | 0 .../lib/requests/request-batch-vc.request.ts | 0 .../requests/set-identity-networks.request.ts | 0 .../src/lib/type-creators/id-graph.ts | 0 .../src/lib/type-creators/key-aes-output.ts | 0 .../type-creators/litentry-identity.test.ts | 0 .../lib/type-creators/litentry-identity.ts | 0 .../litentry-multi-signature.test.ts | 0 .../type-creators/litentry-multi-signature.ts | 0 .../src/lib/type-creators/nonce.test.ts | 0 .../src/lib/type-creators/nonce.ts | 0 .../src/lib/type-creators/request.ts | 0 .../lib/type-creators/trusted-call.test.ts | 0 .../src/lib/type-creators/trusted-call.ts | 0 .../lib/type-creators/validation-data.test.ts | 0 .../src/lib/type-creators/validation-data.ts | 8 +- .../lib/util/calculate-id-graph-hash.test.ts | 0 .../src/lib/util/calculate-id-graph-hash.ts | 0 .../lib/util/create-payload-to-sign.test.ts | 0 .../src/lib/util/create-payload-to-sign.ts | 2 +- .../src/lib/util/decode-signature.ts | 0 .../src/lib/util/get-signature-crypto-type.ts | 0 .../src/lib/util/safely-decode-option.test.ts | 0 .../src/lib/util/safely-decode-option.ts | 0 .../src/lib/util/shielding-key.ts | 0 .../src/lib/util/types.ts | 5 +- .../src/lib/util/u8aToBase64Url.ts | 0 .../src/lib/util/verify-signature.ts | 0 .../validate-enclave-registry.test.ts | 0 .../vc-validator}/runtime-enclave-registry.ts | 0 .../src/lib/vc-validator}/validator.spec.ts | 0 .../src/lib/vc-validator}/validator.ts | 0 .../src/lib/vc-validator}/validator.types.ts | 5 - .../{enclave => client-sdk}/tsconfig.json | 0 .../{enclave => client-sdk}/tsconfig.lib.json | 0 .../tsconfig.spec.json | 0 .../{enclave => client-sdk}/typedoc.json | 0 .../client-sdk/packages/enclave/CHANGELOG.md | 248 ------- .../client-sdk/packages/vc-sdk/.eslintrc.json | 25 - .../client-sdk/packages/vc-sdk/CHANGELOG.md | 224 ------ .../client-sdk/packages/vc-sdk/LICENSE | 674 ------------------ .../client-sdk/packages/vc-sdk/README.md | 55 -- .../client-sdk/packages/vc-sdk/docs/.nojekyll | 1 - .../client-sdk/packages/vc-sdk/docs/README.md | 225 ------ .../client-sdk/packages/vc-sdk/jest.config.ts | 15 - .../client-sdk/packages/vc-sdk/package.json | 21 - .../client-sdk/packages/vc-sdk/project.json | 65 -- .../client-sdk/packages/vc-sdk/src/index.ts | 6 - .../vc-sdk/src/lib/validator.constants.ts | 9 - .../client-sdk/packages/vc-sdk/tsconfig.json | 24 - .../packages/vc-sdk/tsconfig.lib.json | 10 - .../packages/vc-sdk/tsconfig.spec.json | 14 - .../client-sdk/packages/vc-sdk/typedoc.json | 9 - tee-worker/identity/client-sdk/project.json | 2 +- .../identity/client-sdk/tsconfig.base.json | 2 +- tee-worker/identity/ts-tests/pnpm-lock.yaml | 89 ++- .../ts-tests/post-checks/package.json | 8 +- .../post-checks/tests/post-check.test.ts | 3 +- 82 files changed, 434 insertions(+), 1791 deletions(-) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/.eslintrc.json (100%) create mode 100644 tee-worker/identity/client-sdk/packages/client-sdk/CHANGELOG.md rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/LICENSE (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/README.md (52%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/docs/.nojekyll (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/docs/README.md (57%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/docs/classes/Enclave.md (71%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/docs/modules/request.md (65%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/jest.config.ts (79%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/package.json (87%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/project.json (63%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/index.ts (78%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/__test__/id-graph-decoder.test.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/__test__/payload-signing.test.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/config.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/enclave.ts (95%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/requests/get-enclave-nonce.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/requests/get-id-graph-hash.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/requests/get-id-graph.request.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/requests/get-last-registered-enclave.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/requests/index.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/requests/link-identity-callback.request.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/requests/link-identity.request.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/requests/request-batch-vc.request.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/requests/set-identity-networks.request.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/type-creators/id-graph.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/type-creators/key-aes-output.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/type-creators/litentry-identity.test.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/type-creators/litentry-identity.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/type-creators/litentry-multi-signature.test.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/type-creators/litentry-multi-signature.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/type-creators/nonce.test.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/type-creators/nonce.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/type-creators/request.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/type-creators/trusted-call.test.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/type-creators/trusted-call.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/type-creators/validation-data.test.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/type-creators/validation-data.ts (97%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/util/calculate-id-graph-hash.test.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/util/calculate-id-graph-hash.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/util/create-payload-to-sign.test.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/util/create-payload-to-sign.ts (96%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/util/decode-signature.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/util/get-signature-crypto-type.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/util/safely-decode-option.test.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/util/safely-decode-option.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/util/shielding-key.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/util/types.ts (62%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/util/u8aToBase64Url.ts (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/src/lib/util/verify-signature.ts (100%) rename tee-worker/identity/client-sdk/packages/{vc-sdk/src/lib => client-sdk/src/lib/vc-validator}/__tests__/validate-enclave-registry.test.ts (100%) rename tee-worker/identity/client-sdk/packages/{vc-sdk/src/lib => client-sdk/src/lib/vc-validator}/runtime-enclave-registry.ts (100%) rename tee-worker/identity/client-sdk/packages/{vc-sdk/src/lib => client-sdk/src/lib/vc-validator}/validator.spec.ts (100%) rename tee-worker/identity/client-sdk/packages/{vc-sdk/src/lib => client-sdk/src/lib/vc-validator}/validator.ts (100%) rename tee-worker/identity/client-sdk/packages/{vc-sdk/src/lib => client-sdk/src/lib/vc-validator}/validator.types.ts (90%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/tsconfig.json (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/tsconfig.lib.json (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/tsconfig.spec.json (100%) rename tee-worker/identity/client-sdk/packages/{enclave => client-sdk}/typedoc.json (100%) delete mode 100644 tee-worker/identity/client-sdk/packages/enclave/CHANGELOG.md delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/.eslintrc.json delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/CHANGELOG.md delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/LICENSE delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/README.md delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/docs/.nojekyll delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/docs/README.md delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/jest.config.ts delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/package.json delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/project.json delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/src/index.ts delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/validator.constants.ts delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/tsconfig.json delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/tsconfig.lib.json delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/tsconfig.spec.json delete mode 100644 tee-worker/identity/client-sdk/packages/vc-sdk/typedoc.json diff --git a/tee-worker/identity/client-sdk/README.md b/tee-worker/identity/client-sdk/README.md index 4cde2afe6d..bd900311d7 100644 --- a/tee-worker/identity/client-sdk/README.md +++ b/tee-worker/identity/client-sdk/README.md @@ -1,6 +1,6 @@ ![Logo](https://avatars.githubusercontent.com/u/51339301?s=200&v=4) -# Litentry Client SDK +# Litentry Client Packages This repository contains packages that are published on NPM for dApps to interact with the Litentry Protocol. @@ -8,5 +8,5 @@ Learn more about it on [Litentry's official documentation](https://docs.litentry ## Packages -- `@litentry/enclave` ([go-to](packages/enclave/README.md)): provides helpers for dApps to interact with the Litentry Protocol's Enclave -- `@litentry/vc-sdk` ([go-to](packages/vc-sdk/README.md)): provides the common functionality to help dApps parse and validate Litentry issued Verifiable Credentials. +- `@litentry/client-sdk` ([go-to](packages/enclave/README.md)): provides helpers for dApps to interact with the Litentry Protocol +- `@litentry/chaindata` ([go-to](packages/chaindata/README.md)): provides chain information of Litentry networks. diff --git a/tee-worker/identity/client-sdk/package.json b/tee-worker/identity/client-sdk/package.json index cf45d8b956..b44240d43e 100644 --- a/tee-worker/identity/client-sdk/package.json +++ b/tee-worker/identity/client-sdk/package.json @@ -1,5 +1,5 @@ { - "name": "client-sdk", + "name": "@litentry-client-sdk/source", "version": "0.0.0", "license": "MIT", "scripts": { diff --git a/tee-worker/identity/client-sdk/packages/enclave/.eslintrc.json b/tee-worker/identity/client-sdk/packages/client-sdk/.eslintrc.json similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/.eslintrc.json rename to tee-worker/identity/client-sdk/packages/client-sdk/.eslintrc.json diff --git a/tee-worker/identity/client-sdk/packages/client-sdk/CHANGELOG.md b/tee-worker/identity/client-sdk/packages/client-sdk/CHANGELOG.md new file mode 100644 index 0000000000..9409c9e713 --- /dev/null +++ b/tee-worker/identity/client-sdk/packages/client-sdk/CHANGELOG.md @@ -0,0 +1,12 @@ +# Changelog + +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +## [Unreleased] + +## 2024-10-14 + +Initial version. Merge [@litentry/enclave](https://www.npmjs.com/package/@litentry/enclave) and [@litentry/vc-sdk](https://www.npmjs.com/package/@litentry/vc-sdk) into this one. diff --git a/tee-worker/identity/client-sdk/packages/enclave/LICENSE b/tee-worker/identity/client-sdk/packages/client-sdk/LICENSE similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/LICENSE rename to tee-worker/identity/client-sdk/packages/client-sdk/LICENSE diff --git a/tee-worker/identity/client-sdk/packages/enclave/README.md b/tee-worker/identity/client-sdk/packages/client-sdk/README.md similarity index 52% rename from tee-worker/identity/client-sdk/packages/enclave/README.md rename to tee-worker/identity/client-sdk/packages/client-sdk/README.md index 6b4976d00b..d678e629fe 100644 --- a/tee-worker/identity/client-sdk/packages/enclave/README.md +++ b/tee-worker/identity/client-sdk/packages/client-sdk/README.md @@ -1,6 +1,6 @@ -# @litentry/enclave +# @litentry/client-sdk -This package provides helpers for dApps to interact with the Litentry Protocol's Enclave. +This package provides helpers for dApps to interact with the Litentry Protocol. The Enclave is the Litentry's Trusted Execution Environment (TEE), that provides the hightest security and privacy for users to store their identity. @@ -10,22 +10,22 @@ This is a browser package, it may not work as-is on Node.js due to Crypto Subtle 1. Install from NPM - ``` - npm install @litentry/parachain-api @litentry/sidechain-api @litentry/enclave - ``` + ``` + npm install @litentry/parachain-api @litentry/sidechain-api @litentry/client-sdk + ``` 2. Set the right environment - Litentry's Protocol is currently available in three main stages: local (development), `tee-dev` (staging), and `tee-prod` (production). + Litentry's Protocol is currently available in three main stages: local (development), `tee-dev` (staging), and `tee-prod` (production). - You can set what stage to use by setting the `LITENTRY_NETWORK` environment variable. Valid values are: + You can set what stage to use by setting the `LITENTRY_NETWORK` environment variable. Valid values are: - - `litentry-local`: will point to a local enclave `ws://localhost:2000` - - `litentry-dev` (default): will point to `tee-dev`'s Enclave. - - `litentry-staging`: will point to `tee-staging`'s Enclave. - - `litentry-prod`: will point to `tee-prod`'s Enclave. + - `litentry-local`: will point to a local enclave `ws://localhost:2000` + - `litentry-dev` (default): will point to `tee-dev`'s Enclave. + - `litentry-staging`: will point to `tee-staging`'s Enclave. + - `litentry-prod`: will point to `tee-prod`'s Enclave. - `NX_*` prefixed env variables (NX projects) will work too. + `NX_*` prefixed env variables (NX projects) will work too. ### Versions @@ -41,31 +41,33 @@ Please refer to the `examples` folder in this repository to learn more about all ### Quick start +These are the steps for publishing the package locally for development purposes. + 1. Install dependencies - ``` - pnpm install - ``` + ``` + pnpm install + ``` 2. Spin up an local NPM registry - ``` - pnpm nx local-registry - ``` + ``` + pnpm nx local-registry + ``` 3. Publish locally - Follow the steps of [Publish new versions](#publish-new-versions). The step 1 can be skipped. + Follow the steps of [Publish new versions](#publish-new-versions). The step 1 can be skipped. - As long as the local registry is up, any publishing will happen locally. + As long as the local registry is up, any publishing will happen locally. 4. Run test and lint checks - ``` - pnpm nx run enclave:lint + ``` + pnpm nx run client-sdk:lint - pnpm nx run enclave:test - ``` + pnpm nx run client-sdk:test + ``` ### Publish new versions @@ -73,18 +75,18 @@ Please refer to the `examples` folder in this repository to learn more about all 2. Update the latest documentation - ``` - pnpm nx run enclave:generate-doc - ``` + ``` + pnpm nx run client-sdk:generate-doc + ``` 3. Build the project - ``` - pnpm nx run enclave:build - ``` + ``` + pnpm nx run client-sdk:build + ``` 4. Publish the distribution files - ``` - pnpm nx run enclave:publish --ver 1.0.0 --tag latest - ``` + ``` + pnpm nx run client-sdk:publish --ver 1.0.0 --tag latest + ``` diff --git a/tee-worker/identity/client-sdk/packages/enclave/docs/.nojekyll b/tee-worker/identity/client-sdk/packages/client-sdk/docs/.nojekyll similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/docs/.nojekyll rename to tee-worker/identity/client-sdk/packages/client-sdk/docs/.nojekyll diff --git a/tee-worker/identity/client-sdk/packages/enclave/docs/README.md b/tee-worker/identity/client-sdk/packages/client-sdk/docs/README.md similarity index 57% rename from tee-worker/identity/client-sdk/packages/enclave/docs/README.md rename to tee-worker/identity/client-sdk/packages/client-sdk/docs/README.md index 6e1ae15f7f..72fdac326f 100644 --- a/tee-worker/identity/client-sdk/packages/enclave/docs/README.md +++ b/tee-worker/identity/client-sdk/packages/client-sdk/docs/README.md @@ -1,6 +1,6 @@ -@litentry/enclave +@litentry/client-sdk -# @litentry/enclave +# @litentry/client-sdk ## Table of contents @@ -20,12 +20,18 @@ - [DiscordOAuth2Proof](README.md#discordoauth2proof) - [DiscordProof](README.md#discordproof) +- [EmailProof](README.md#emailproof) +- [IdGraph](README.md#idgraph) - [TwitterOAuth2Proof](README.md#twitteroauth2proof) - [TwitterProof](README.md#twitterproof) +- [ValidationResult](README.md#validationresult) +- [ValidationResultDetail](README.md#validationresultdetail) +- [VerifiableCredentialLike](README.md#verifiablecredentiallike) - [Web3Proof](README.md#web3proof) ### Variables +- [ID\_GRAPH\_STRUCT](README.md#id_graph_struct) - [enclave](README.md#enclave) ### Functions @@ -37,6 +43,7 @@ - [createRequestType](README.md#createrequesttype) - [createTrustedCallType](README.md#createtrustedcalltype) - [toPublicKey](README.md#topublickey) +- [validateVc](README.md#validatevc) ## References @@ -93,6 +100,41 @@ createLitentryValidationDataType ___ +### EmailProof + +Ƭ **EmailProof**: `Object` + +Ownership proof for Email + +**`See`** + +createLitentryValidationDataType + +#### Type declaration + +| Name | Type | +| :------ | :------ | +| `email` | `string` | +| `verificationCode` | `string` | + +#### Defined in + +[lib/type-creators/validation-data.ts:68](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/validation-data.ts#L68) + +___ + +### IdGraph + +Ƭ **IdGraph**: `Vec`\<`ITuple`\<[`LitentryIdentity`, `IdentityContext`]\>\> + +The Identity Graph type + +#### Defined in + +[lib/type-creators/id-graph.ts:13](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/id-graph.ts#L13) + +___ + ### TwitterOAuth2Proof Ƭ **TwitterOAuth2Proof**: `Object` @@ -139,6 +181,54 @@ createLitentryValidationDataType ___ +### ValidationResult + +Ƭ **ValidationResult**: `Object` + +Represents the overall validation result for a Verifiable Credential (VC). + +#### Type declaration + +| Name | Type | Description | +| :------ | :------ | :------ | +| `detail` | [`ValidationResultDetail`](README.md#validationresultdetail) | Represents the whole validation result detail. | +| `isValid` | `boolean` | Represents the whole validation result status. If is true, means all fields of the detail are true, otherwise any one of it is not true. The caller should use this field to determine whether the VC is valid. | + +#### Defined in + +[lib/vc-validator/validator.types.ts:28](https://github.com/litentry/client-sdk/blob/develop/lib/vc-validator/validator.types.ts#L28) + +___ + +### ValidationResultDetail + +Ƭ **ValidationResultDetail**: `Object` + +Defines the details of the validation result for each component of the Verifiable Credential (VC). + +#### Type declaration + +| Name | Type | Description | +| :------ | :------ | :------ | +| `enclaveRegistry?` | ``true`` \| `string` | Represents the validation result (vcPubkey and mrEnclave) for the Enclave registry. If validation succeeds, it's true; if validation fails, it's an error message. The vcPubkey from Enclave registry must be same as issuer.id in VC JSON. The mrEnclave from Enclave registry must be same as issuer.mrenclave in VC JSON. | +| `vcSignature?` | ``true`` \| `string` | Represents the validation result for the VC signature. If validation succeeds, it's true; if validation fails, it's an error message. Use issuer.id in VC JSON as vcPubkey, proof.proofValue in VC JSON as signature to verify VC JSON. | + +#### Defined in + +[lib/vc-validator/validator.types.ts:4](https://github.com/litentry/client-sdk/blob/develop/lib/vc-validator/validator.types.ts#L4) + +___ + +### VerifiableCredentialLike + +Ƭ **VerifiableCredentialLike**: `Record`\<`string`, `unknown`\> & \{ `@context`: `string` ; `credentialSubject`: `Record`\<`string`, `unknown`\> ; `id`: `string` ; `issuer`: \{ `id`: `string` ; `mrenclave`: `string` ; `name`: `string` } ; `parachainBlockNumber?`: `number` ; `proof`: \{ `proofValue`: `string` ; `verificationMethod`: `string` } ; `sidechainBlockNumber?`: `number` ; `type`: `string`[] } + +#### Defined in + +[lib/vc-validator/validator.ts:11](https://github.com/litentry/client-sdk/blob/develop/lib/vc-validator/validator.ts#L11) + +___ + ### Web3Proof Ƭ **Web3Proof**: `Object` @@ -164,6 +254,18 @@ createLitentryIdentityType ## Variables +### ID\_GRAPH\_STRUCT + +• `Const` **ID\_GRAPH\_STRUCT**: ``"Vec<(LitentryIdentity, IdentityContext)>"`` + +The Type Struct that represents an Identity Graph + +#### Defined in + +[lib/type-creators/id-graph.ts:18](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/id-graph.ts#L18) + +___ + ### enclave • `Const` **enclave**: [`Enclave`](classes/Enclave.md) @@ -193,7 +295,7 @@ const response = await enclave.send({ #### Defined in -[lib/enclave.ts:298](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L298) +[lib/enclave.ts:294](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L294) ## Functions @@ -207,7 +309,7 @@ Returns the hash of the given id graph. It matches the hash used in the Litentry | Name | Type | | :------ | :------ | -| `idGraph` | `IdGraph` | +| `idGraph` | [`IdGraph`](README.md#idgraph) | #### Returns @@ -279,9 +381,7 @@ For Substrate, the address is expected to be a SS58-encoded or hex-encoded addre | Name | Type | | :------ | :------ | | `registry` | `Registry` | -| `data` | `Object` | -| `data.addressOrHandle` | `string` | -| `data.type` | ``"Solana"`` \| ``"Twitter"`` \| ``"Discord"`` \| ``"Github"`` \| ``"Substrate"`` \| ``"Evm"`` \| ``"Bitcoin"`` | +| `data` | \`0x$\{string}\` \| `Uint8Array` \| \{ `addressOrHandle`: `string` ; `type`: ``"Solana"`` \| ``"Twitter"`` \| ``"Discord"`` \| ``"Github"`` \| ``"Substrate"`` \| ``"Evm"`` \| ``"Bitcoin"`` \| ``"Email"`` } | #### Returns @@ -322,7 +422,7 @@ The proof to pass depends on the identity network (IIdentityType): | Name | Type | | :------ | :------ | -| `IIdentityType` | extends ``"Solana"`` \| ``"Twitter"`` \| ``"Discord"`` \| ``"Github"`` \| ``"Substrate"`` \| ``"Evm"`` \| ``"Bitcoin"`` | +| `IIdentityType` | extends ``"Solana"`` \| ``"Twitter"`` \| ``"Discord"`` \| ``"Github"`` \| ``"Substrate"`` \| ``"Evm"`` \| ``"Bitcoin"`` \| ``"Email"`` | #### Parameters @@ -332,7 +432,7 @@ The proof to pass depends on the identity network (IIdentityType): | `identityDescriptor` | `Object` | - | | `identityDescriptor.addressOrHandle` | `string` | The address or handle of the identity | | `identityDescriptor.type` | `IIdentityType` | The identity type | -| `proof` | `IIdentityType` extends ``"Discord"`` ? [`DiscordProof`](README.md#discordproof) \| [`DiscordOAuth2Proof`](README.md#discordoauth2proof) : `IIdentityType` extends ``"Twitter"`` ? [`TwitterProof`](README.md#twitterproof) \| [`TwitterOAuth2Proof`](README.md#twitteroauth2proof) : [`Web3Proof`](README.md#web3proof) | The ownership proof | +| `proof` | `IIdentityType` extends ``"Discord"`` ? [`DiscordProof`](README.md#discordproof) \| [`DiscordOAuth2Proof`](README.md#discordoauth2proof) : `IIdentityType` extends ``"Twitter"`` ? [`TwitterProof`](README.md#twitterproof) \| [`TwitterOAuth2Proof`](README.md#twitteroauth2proof) : `IIdentityType` extends ``"Email"`` ? [`EmailProof`](README.md#emailproof) : [`Web3Proof`](README.md#web3proof) | The ownership proof | #### Returns @@ -342,8 +442,8 @@ The proof to pass depends on the identity network (IIdentityType): Web3 ```ts -import { createLitentryValidationDataType } from '@litentry/enclave'; -import type { Web3Proof } from '@litentry/enclave'; +import { createLitentryValidationDataType } from '@litentry/client-sdk'; +import type { Web3Proof } from '@litentry/client-sdk'; const userAddress = '0x123'; @@ -366,8 +466,8 @@ const validationData = createLitentryValidationDataType( Twitter ```ts -import { createLitentryValidationDataType } from '@litentry/enclave'; -import type { TwitterProof } from '@litentry/enclave'; +import { createLitentryValidationDataType } from '@litentry/client-sdk'; +import type { TwitterProof } from '@litentry/client-sdk'; const userHandle = '@litentry'; @@ -388,7 +488,7 @@ const validationData = createLitentryValidationDataType( #### Defined in -[lib/type-creators/validation-data.ts:116](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/validation-data.ts#L116) +[lib/type-creators/validation-data.ts:126](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/validation-data.ts#L126) ___ @@ -413,7 +513,7 @@ The shielding key is encrypted using the Enclave's shielding key and attached in | `data.nonce` | `Index` | | `data.shard` | `Uint8Array` | | `data.signature` | `string` | -| `data.who` | `LitentryIdentity` | +| `data.signer` | `LitentryIdentity` | #### Returns @@ -456,7 +556,7 @@ Similarly, our types definitions must match also. #### Defined in -[lib/type-creators/trusted-call.ts:69](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/trusted-call.ts#L69) +[lib/type-creators/trusted-call.ts:79](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/trusted-call.ts#L79) ▸ **createTrustedCallType**(`registry`, `data`): `Promise`\<\{ `call`: `TrustedCall` ; `key`: `CryptoKey` }\> @@ -475,7 +575,7 @@ Similarly, our types definitions must match also. #### Defined in -[lib/type-creators/trusted-call.ts:76](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/trusted-call.ts#L76) +[lib/type-creators/trusted-call.ts:86](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/trusted-call.ts#L86) ▸ **createTrustedCallType**(`registry`, `data`): `Promise`\<\{ `call`: `TrustedCall` ; `key`: `CryptoKey` }\> @@ -494,7 +594,7 @@ Similarly, our types definitions must match also. #### Defined in -[lib/type-creators/trusted-call.ts:83](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/trusted-call.ts#L83) +[lib/type-creators/trusted-call.ts:93](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/trusted-call.ts#L93) ▸ **createTrustedCallType**(`registry`, `data`): `Promise`\<\{ `call`: `TrustedCall` ; `key`: `CryptoKey` }\> @@ -513,7 +613,26 @@ Similarly, our types definitions must match also. #### Defined in -[lib/type-creators/trusted-call.ts:90](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/trusted-call.ts#L90) +[lib/type-creators/trusted-call.ts:100](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/trusted-call.ts#L100) + +▸ **createTrustedCallType**(`registry`, `data`): `Promise`\<\{ `call`: `TrustedCall` ; `key`: `CryptoKey` }\> + +#### Parameters + +| Name | Type | +| :------ | :------ | +| `registry` | `Registry` | +| `data` | `Object` | +| `data.method` | ``"link_identity_callback"`` | +| `data.params` | `LinkIdentityCallbackParams` | + +#### Returns + +`Promise`\<\{ `call`: `TrustedCall` ; `key`: `CryptoKey` }\> + +#### Defined in + +[lib/type-creators/trusted-call.ts:107](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/trusted-call.ts#L107) ___ @@ -539,4 +658,79 @@ if the address is not a valid substrate address #### Defined in -[lib/type-creators/litentry-identity.ts:78](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/litentry-identity.ts#L78) +[lib/type-creators/litentry-identity.ts:85](https://github.com/litentry/client-sdk/blob/develop/lib/type-creators/litentry-identity.ts#L85) + +___ + +### validateVc + +▸ **validateVc**(`api`, `vc`): `Promise`\<[`ValidationResult`](README.md#validationresult)\> + +Validate Verifiable Credential (VC) + +### How to find the wallet account address in VC + +The id of VC's credentialSubject is the encoded wallet account address, using code below to encode: + +```typescript +import { decodeAddress } from '@polkadot/util-crypto'; +import { u8aToHex } from '@polkadot/util'; + +const address = u8aToHex(decodeAddress(walletAccountAddress)); +const credentialSubjectId = address.substring(2); +``` + +With the code above: +- If your Polkadot account address is `5CwPfqmormPx9wJ4ASq7ikwdJeRonoUZX9SxwUtm1px9L72W`, the credentialSubjectId will be `26a84b380d8c3226d69f9ae6e482aa6669ed34c6371c52c4dfb48596913d6f28`. +- If your Metamask account address is `0xC620b3e5BEBedA952A8AD18b83Dc4Cf3Dc9CAF4b`, the credentialSubjectId will be `c620b3e5bebeda952a8ad18b83dc4cf3dc9caf4b`. + +### What the validation function do + +- The validation function can only verify that the VC was issued by Litentry. +- The VC's credentialSubject can be Substrate or EVM account that is support by Litentry. + +### What the validation function can't do + +- The validation function cannot validate that the VC's credentialSubject is the current wallet account. It's SDK's consumer's responsibility to validate the id of VC's credentialSubject is equal to the wallet address. + +### How to use + +```typescript +import { WsProvider, ApiPromise } from '@polkadot/api'; +import { validateVc, NETWORKS } from '@litentry/vc-sdk'; + +const api: ApiPromise = await ApiPromise.create({ + provider: new WsProvider(NETWORKS['litentry-staging']) +}); +const vcJson = '{"@context": "https://www.w3.org/2018/credentials/v1", "type": "VerifiableCredential", "issuer": "https://example.com/issuer", "subject": "did:example:123", "credentialStatus": "https://example.com/status"}'; +const result = await validateVc(api, vcJson); + +// isValid is false if any field value of the result.detail is not true +if (!result.isValid) { + // true or error message + console.log('vcJson: ', result.detail.vcJson); + // true or error message + console.log('vcRegistry: ', result.detail.vcRegistry); + // true or error message + console.log('vcSignature: ', result.detail.vcSignature); + // true or error message + console.log('enclaveRegistry: ', result.detail.enclaveRegistry); +} +``` + +#### Parameters + +| Name | Type | Description | +| :------ | :------ | :------ | +| `api` | `ApiPromise` | The instance of ApiPromise. | +| `vc` | `string` | The VC JSON string that needs to be validated. | + +#### Returns + +`Promise`\<[`ValidationResult`](README.md#validationresult)\> + +The validation result. + +#### Defined in + +[lib/vc-validator/validator.ts:86](https://github.com/litentry/client-sdk/blob/develop/lib/vc-validator/validator.ts#L86) diff --git a/tee-worker/identity/client-sdk/packages/enclave/docs/classes/Enclave.md b/tee-worker/identity/client-sdk/packages/client-sdk/docs/classes/Enclave.md similarity index 71% rename from tee-worker/identity/client-sdk/packages/enclave/docs/classes/Enclave.md rename to tee-worker/identity/client-sdk/packages/client-sdk/docs/classes/Enclave.md index 0a7b60d8be..cc7dca4e74 100644 --- a/tee-worker/identity/client-sdk/packages/enclave/docs/classes/Enclave.md +++ b/tee-worker/identity/client-sdk/packages/client-sdk/docs/classes/Enclave.md @@ -1,4 +1,4 @@ -[@litentry/enclave](../README.md) / Enclave +[@litentry/client-sdk](../README.md) / Enclave # Class: Enclave @@ -8,20 +8,16 @@ With this class you can: - Retrieve the Enclave's Shielding Key. (1) - Retrieve the Enclave's MREnclave value which is used as the Shard value. (1) - Encrypt data using the Enclave's Shielding Key. -- Send request to the Enclave. This is also known as Direct Invocation. (2) +- Send request to the Enclave. -(1) This is done by querying the Parachain. Its shielding key can be retrieved directly but -since the MREnclave cannot we opted to leave both from the Parachain in the meantime. - -(2) This is done by using a reverse proxy API. By default, it expects the proxy API to be -running on `/api/enclave`. See `createEnclaveHttpProxyHandler` for more details. +(1) Querying from the Parachain, instead of directly from the Enclave Worker itself helps +ensuring clients are connected to a trusted worker. **`Example`** ```ts -import { Enclave } from '@litentry/enclave'; +import { enclave } from '@litentry/client-sdk'; -const enclave = new Enclave(); // same as the `enclave` variable exported from this module const shard = await enclave.getShard(api); const key = await enclave.getKey(api); @@ -30,7 +26,7 @@ console.log({ shard, key }); // Encrypt data using the Enclave's Shielding Key const encrypted = await enclave.encrypt(api, { cleartext: new Uint8Array([1, 2, 3]) }); -// Send request to the Enclave directly. This is also known as Direct Invocation. +// Send request to the Enclave. const response = await enclave.send({ jsonrpc: '2.0', method: 'author_submitAndWatch', @@ -70,7 +66,7 @@ const response = await enclave.send({ #### Defined in -[lib/enclave.ts:66](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L66) +[lib/enclave.ts:62](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L62) ## Properties @@ -80,7 +76,7 @@ const response = await enclave.send({ #### Defined in -[lib/enclave.ts:63](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L63) +[lib/enclave.ts:59](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L59) ___ @@ -90,7 +86,7 @@ ___ #### Defined in -[lib/enclave.ts:64](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L64) +[lib/enclave.ts:60](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L60) ___ @@ -100,7 +96,7 @@ ___ #### Defined in -[lib/enclave.ts:62](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L62) +[lib/enclave.ts:58](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L58) ## Methods @@ -122,7 +118,7 @@ ___ #### Defined in -[lib/enclave.ts:88](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L88) +[lib/enclave.ts:84](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L84) ___ @@ -146,7 +142,7 @@ The value will be held in memory for the duration of the session. #### Defined in -[lib/enclave.ts:112](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L112) +[lib/enclave.ts:108](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L108) ___ @@ -170,7 +166,7 @@ The value will be held in memory for the duration of the session. #### Defined in -[lib/enclave.ts:123](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L123) +[lib/enclave.ts:119](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L119) ___ @@ -190,7 +186,7 @@ ___ #### Defined in -[lib/enclave.ts:74](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L74) +[lib/enclave.ts:70](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L70) ___ @@ -221,4 +217,4 @@ For single messages, it will throw an error if the response contains an error. #### Defined in -[lib/enclave.ts:140](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L140) +[lib/enclave.ts:136](https://github.com/litentry/client-sdk/blob/develop/lib/enclave.ts#L136) diff --git a/tee-worker/identity/client-sdk/packages/enclave/docs/modules/request.md b/tee-worker/identity/client-sdk/packages/client-sdk/docs/modules/request.md similarity index 65% rename from tee-worker/identity/client-sdk/packages/enclave/docs/modules/request.md rename to tee-worker/identity/client-sdk/packages/client-sdk/docs/modules/request.md index a9cb4a55d6..85c5cec485 100644 --- a/tee-worker/identity/client-sdk/packages/enclave/docs/modules/request.md +++ b/tee-worker/identity/client-sdk/packages/client-sdk/docs/modules/request.md @@ -1,4 +1,4 @@ -[@litentry/enclave](../README.md) / request +[@litentry/client-sdk](../README.md) / request # Namespace: request @@ -13,6 +13,7 @@ requests - [getIdGraphHash](request.md#getidgraphhash) - [getLastRegisteredEnclave](request.md#getlastregisteredenclave) - [linkIdentity](request.md#linkidentity) +- [linkIdentityCallback](request.md#linkidentitycallback) - [requestBatchVC](request.md#requestbatchvc) - [setIdentityNetworks](request.md#setidentitynetworks) @@ -20,7 +21,7 @@ requests ### createChallengeCode -▸ **createChallengeCode**(`api`, `args`): `Promise`\<`string`\> +▸ **createChallengeCode**(`api`, `args`, `options?`): `Promise`\<`string`\> Generates the challenge code to link an identity. @@ -30,7 +31,11 @@ The challenge code is calculated from: blake2_256( + + ) ``` -The output is a hex string. For Bitcoin `identity`, the hex's prefix `0x` is removed. +When `options.prettify` is set to true, the challenge code will be prefixed +with `Token: ` for utf-8 signatures support. +Otherwise, it will be returned as a hex string. + +`options.prettify` feature is web3-specific. Ignored for web2. #### Parameters @@ -40,6 +45,8 @@ The output is a hex string. For Bitcoin `identity`, the hex's prefix `0x` is rem | `args` | `Object` | - | | `args.identity` | `LitentryIdentity` | Identity to be linked. Use `createCorePrimitivesIdentityType` helper to create this struct | | `args.who` | `LitentryIdentity` | The user's account. Use `createCorePrimitivesIdentityType` helper to create this struct | +| `options` | `Object` | - | +| `options.prettify?` | `boolean` | - | #### Returns @@ -47,13 +54,13 @@ The output is a hex string. For Bitcoin `identity`, the hex's prefix `0x` is rem #### Defined in -[lib/requests/link-identity.request.ts:34](https://github.com/litentry/client-sdk/blob/develop/lib/requests/link-identity.request.ts#L34) +[lib/requests/link-identity.request.ts:39](https://github.com/litentry/client-sdk/blob/develop/lib/requests/link-identity.request.ts#L39) ___ ### getIdGraph -▸ **getIdGraph**(`api`, `data`): `Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraph`: `IdGraph` ; `response`: `WorkerRpcReturnValue` }\> }\> +▸ **getIdGraph**(`api`, `data`): `Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraph`: [`IdGraph`](../README.md#idgraph) ; `response`: `WorkerRpcReturnValue` }\> }\> #### Parameters @@ -65,7 +72,7 @@ ___ #### Returns -`Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraph`: `IdGraph` ; `response`: `WorkerRpcReturnValue` }\> }\> +`Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraph`: [`IdGraph`](../README.md#idgraph) ; `response`: `WorkerRpcReturnValue` }\> }\> #### Defined in @@ -122,7 +129,7 @@ ___ ### linkIdentity -▸ **linkIdentity**(`api`, `data`): `Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraphHash`: \`0x$\{string}\` ; `mutatedIdentities`: `IdGraph` ; `response`: `WorkerRpcReturnValue` ; `txHash`: `string` }\> ; `txHash`: `string` }\> +▸ **linkIdentity**(`api`, `data`): `Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraphHash`: \`0x$\{string}\` ; `mutatedIdentities`: [`IdGraph`](../README.md#idgraph) ; `response`: `WorkerRpcReturnValue` ; `txHash`: `string` }\> ; `txHash`: `string` }\> Link an identity to the user's account. @@ -133,17 +140,47 @@ Link an identity to the user's account. | `api` | `ApiPromise` | Litentry Parachain API instance from Polkadot.js | | `data` | `Object` | - | | `data.identity` | `LitentryIdentity` | Identity to be linked. Use `createCorePrimitivesIdentityType` helper to create this struct | -| `data.networks` | (``"Polkadot"`` \| ``"Kusama"`` \| ``"Litentry"`` \| ``"LitentryRococo"`` \| ``"Khala"`` \| ``"SubstrateTestnet"`` \| ``"Ethereum"`` \| ``"Bsc"`` \| ``"BitcoinP2tr"`` \| ``"BitcoinP2pkh"`` \| ``"BitcoinP2sh"`` \| ``"BitcoinP2wpkh"`` \| ``"BitcoinP2wsh"`` \| ``"Polygon"`` \| ``"Arbitrum"`` \| ``"Solana"`` \| ``"Combo"``)[] | The networks to link the identity to, for web3 accounts | +| `data.networks` | (``"Polkadot"`` \| ``"Kusama"`` \| ``"Litentry"`` \| ``"Litmus"`` \| ``"LitentryRococo"`` \| ``"Khala"`` \| ``"SubstrateTestnet"`` \| ``"Ethereum"`` \| ``"Bsc"`` \| ``"BitcoinP2tr"`` \| ``"BitcoinP2pkh"`` \| ``"BitcoinP2sh"`` \| ``"BitcoinP2wpkh"`` \| ``"BitcoinP2wsh"`` \| ``"Polygon"`` \| ``"Arbitrum"`` \| ``"Solana"`` \| ``"Combo"``)[] | The networks to link the identity to, for web3 accounts | | `data.validation` | `LitentryValidationData` | The ownership proof. Use `createLitentryValidationDataType` helper to create this struct | | `data.who` | `LitentryIdentity` | The prime identity. Use `createCorePrimitivesIdentityType` helper to create this struct | #### Returns -`Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraphHash`: \`0x$\{string}\` ; `mutatedIdentities`: `IdGraph` ; `response`: `WorkerRpcReturnValue` ; `txHash`: `string` }\> ; `txHash`: `string` }\> +`Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraphHash`: \`0x$\{string}\` ; `mutatedIdentities`: [`IdGraph`](../README.md#idgraph) ; `response`: `WorkerRpcReturnValue` ; `txHash`: `string` }\> ; `txHash`: `string` }\> + +#### Defined in + +[lib/requests/link-identity.request.ts:75](https://github.com/litentry/client-sdk/blob/develop/lib/requests/link-identity.request.ts#L75) + +___ + +### linkIdentityCallback + +▸ **linkIdentityCallback**(`api`, `data`): `Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraphHash`: \`0x$\{string}\` ; `mutatedIdentities`: [`IdGraph`](../README.md#idgraph) ; `response`: `WorkerRpcReturnValue` ; `txHash`: `string` }\> ; `txHash`: `string` }\> + +(internal) Link an identity to the user's account. + +This function is only meant to be used in development networks where root or enclave_signer_account +are used as the signer. + +#### Parameters + +| Name | Type | Description | +| :------ | :------ | :------ | +| `api` | `ApiPromise` | Litentry Parachain API instance from Polkadot.js | +| `data` | `Object` | - | +| `data.identity` | `LitentryIdentity` | Identity to be linked. Use `createCorePrimitivesIdentityType` helper to create this struct | +| `data.networks?` | (``"Polkadot"`` \| ``"Kusama"`` \| ``"Litentry"`` \| ``"Litmus"`` \| ``"LitentryRococo"`` \| ``"Khala"`` \| ``"SubstrateTestnet"`` \| ``"Ethereum"`` \| ``"Bsc"`` \| ``"BitcoinP2tr"`` \| ``"BitcoinP2pkh"`` \| ``"BitcoinP2sh"`` \| ``"BitcoinP2wpkh"`` \| ``"BitcoinP2wsh"`` \| ``"Polygon"`` \| ``"Arbitrum"`` \| ``"Solana"`` \| ``"Combo"``)[] | The networks to link the identity to, for web3 accounts | +| `data.signer` | `LitentryIdentity` | The signer. Use `createCorePrimitivesIdentityType` helper to create this struct | +| `data.who` | `LitentryIdentity` | The prime identity. Use `createCorePrimitivesIdentityType` helper to create this struct | + +#### Returns + +`Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraphHash`: \`0x$\{string}\` ; `mutatedIdentities`: [`IdGraph`](../README.md#idgraph) ; `response`: `WorkerRpcReturnValue` ; `txHash`: `string` }\> ; `txHash`: `string` }\> #### Defined in -[lib/requests/link-identity.request.ts:57](https://github.com/litentry/client-sdk/blob/develop/lib/requests/link-identity.request.ts#L57) +[lib/requests/link-identity-callback.request.ts:28](https://github.com/litentry/client-sdk/blob/develop/lib/requests/link-identity-callback.request.ts#L28) ___ @@ -169,6 +206,7 @@ The information about available assertions and their payload can be found in the | `api` | `ApiPromise` | Litentry Parachain API instance from Polkadot.js | | `data` | `Object` | - | | `data.assertions` | `Assertion`[] | the assertions to be claimed. See `Assertion` type | +| `data.signer?` | `LitentryIdentity` | The signer's account. Use `createLitentryIdentityType` helper to create this struct | | `data.who` | `LitentryIdentity` | The user's account. Use `createLitentryIdentityType` helper to create this struct | #### Returns @@ -183,7 +221,7 @@ ___ ### setIdentityNetworks -▸ **setIdentityNetworks**(`api`, `data`): `Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraphHash`: \`0x$\{string}\` ; `mutatedIdentities`: `IdGraph` ; `response`: `WorkerRpcReturnValue` ; `txHash`: `string` }\> ; `txHash`: `string` }\> +▸ **setIdentityNetworks**(`api`, `data`): `Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraphHash`: \`0x$\{string}\` ; `mutatedIdentities`: [`IdGraph`](../README.md#idgraph) ; `response`: `WorkerRpcReturnValue` ; `txHash`: `string` }\> ; `txHash`: `string` }\> Set the networks for a Web3 Identity. @@ -201,7 +239,7 @@ It allows to change the list of `networks` for an already linked web3 identity. #### Returns -`Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraphHash`: \`0x$\{string}\` ; `mutatedIdentities`: `IdGraph` ; `response`: `WorkerRpcReturnValue` ; `txHash`: `string` }\> ; `txHash`: `string` }\> +`Promise`\<\{ `payloadToSign`: `string` ; `send`: (`args`: \{ `signedPayload`: `string` }) => `Promise`\<\{ `idGraphHash`: \`0x$\{string}\` ; `mutatedIdentities`: [`IdGraph`](../README.md#idgraph) ; `response`: `WorkerRpcReturnValue` ; `txHash`: `string` }\> ; `txHash`: `string` }\> #### Defined in diff --git a/tee-worker/identity/client-sdk/packages/enclave/jest.config.ts b/tee-worker/identity/client-sdk/packages/client-sdk/jest.config.ts similarity index 79% rename from tee-worker/identity/client-sdk/packages/enclave/jest.config.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/jest.config.ts index 8e11a5be43..4e8d711fcd 100644 --- a/tee-worker/identity/client-sdk/packages/enclave/jest.config.ts +++ b/tee-worker/identity/client-sdk/packages/client-sdk/jest.config.ts @@ -1,13 +1,13 @@ /* eslint-disable */ export default { - displayName: 'enclave', + displayName: 'client-sdk', preset: '../../jest.preset.js', testEnvironment: 'node', transform: { '^.+\\.[tj]s$': ['ts-jest', { tsconfig: '/tsconfig.spec.json' }], }, moduleFileExtensions: ['ts', 'js', 'html'], - coverageDirectory: '../../coverage/packages/enclave', + coverageDirectory: '../../coverage/packages/client-sdk', transformIgnorePatterns: ['node_modules/(?!(@litentry/|.pnpm/@litentry)).*'], moduleNameMapper: {}, }; diff --git a/tee-worker/identity/client-sdk/packages/enclave/package.json b/tee-worker/identity/client-sdk/packages/client-sdk/package.json similarity index 87% rename from tee-worker/identity/client-sdk/packages/enclave/package.json rename to tee-worker/identity/client-sdk/packages/client-sdk/package.json index a1994c40ed..f643c864b0 100644 --- a/tee-worker/identity/client-sdk/packages/enclave/package.json +++ b/tee-worker/identity/client-sdk/packages/client-sdk/package.json @@ -1,7 +1,7 @@ { - "name": "@litentry/enclave", - "description": "This package provides helpers for dApps to interact with the Litentry Protocol Enclave.", - "version": "4.3.0", + "name": "@litentry/client-sdk", + "description": "This package provides helpers for dApps to interact with the Litentry Protocol.", + "version": "1.0.0", "license": "GPL-3.0-or-later", "dependencies": {}, "devDependencies": { diff --git a/tee-worker/identity/client-sdk/packages/enclave/project.json b/tee-worker/identity/client-sdk/packages/client-sdk/project.json similarity index 63% rename from tee-worker/identity/client-sdk/packages/enclave/project.json rename to tee-worker/identity/client-sdk/packages/client-sdk/project.json index 850ff988d1..e30bb6b95e 100644 --- a/tee-worker/identity/client-sdk/packages/enclave/project.json +++ b/tee-worker/identity/client-sdk/packages/client-sdk/project.json @@ -1,11 +1,11 @@ { - "name": "enclave", + "name": "client-sdk", "$schema": "../../node_modules/nx/schemas/project-schema.json", - "sourceRoot": "packages/enclave/src", + "sourceRoot": "packages/client-sdk/src", "projectType": "library", "targets": { "publish": { - "command": "node tools/scripts/publish.mjs enclave {args.ver} {args.tag}", + "command": "node tools/scripts/publish.mjs client-sdk {args.ver} {args.tag}", "dependsOn": [ "build" ] @@ -16,19 +16,19 @@ "{options.outputPath}" ], "options": { - "outputPath": "dist/packages/enclave", - "main": "packages/enclave/src/index.ts", - "tsConfig": "packages/enclave/tsconfig.lib.json", + "outputPath": "dist/packages/client-sdk", + "main": "packages/client-sdk/src/index.ts", + "tsConfig": "packages/client-sdk/tsconfig.lib.json", "assets": [ - "packages/enclave/*.md", - "packages/enclave/LICENSE" + "packages/client-sdk/*.md", + "packages/client-sdk/LICENSE" ] } }, "generate-doc": { "executor": "nx:run-commands", "options": { - "cwd": "./packages/enclave", + "cwd": "./packages/client-sdk", "command": "typedoc --options ./typedoc.json" } }, @@ -39,8 +39,8 @@ ], "options": { "lintFilePatterns": [ - "packages/enclave/src/**/*.ts", - "packages/enclave/package.json" + "packages/client-sdk/src/**/*.ts", + "packages/client-sdk/package.json" ] } }, @@ -50,7 +50,7 @@ "{workspaceRoot}/coverage/{projectRoot}" ], "options": { - "jestConfig": "packages/enclave/jest.config.ts", + "jestConfig": "packages/client-sdk/jest.config.ts", "passWithNoTests": true }, "configurations": { diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/index.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/index.ts similarity index 78% rename from tee-worker/identity/client-sdk/packages/enclave/src/index.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/index.ts index 912bdf6ab3..714c913dc8 100644 --- a/tee-worker/identity/client-sdk/packages/enclave/src/index.ts +++ b/tee-worker/identity/client-sdk/packages/client-sdk/src/index.ts @@ -16,6 +16,16 @@ export * from './lib/type-creators/validation-data'; export type { IdGraph } from './lib/type-creators/id-graph'; export { ID_GRAPH_STRUCT } from './lib/type-creators/id-graph'; +// vc +export { + validateVc, + VerifiableCredentialLike, +} from './lib/vc-validator/validator'; +export { + ValidationResultDetail, + ValidationResult, +} from './lib/vc-validator/validator.types'; + // exposed utils export { calculateIdGraphHash } from './lib/util/calculate-id-graph-hash'; export { getIdGraphHash } from './lib/requests'; diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/__test__/id-graph-decoder.test.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/__test__/id-graph-decoder.test.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/__test__/id-graph-decoder.test.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/__test__/id-graph-decoder.test.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/__test__/payload-signing.test.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/__test__/payload-signing.test.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/__test__/payload-signing.test.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/__test__/payload-signing.test.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/config.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/config.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/config.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/config.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/enclave.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/enclave.ts similarity index 95% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/enclave.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/enclave.ts index 8a5294d6ee..25db2b90f6 100644 --- a/tee-worker/identity/client-sdk/packages/enclave/src/lib/enclave.ts +++ b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/enclave.ts @@ -29,19 +29,15 @@ const log = * - Retrieve the Enclave's Shielding Key. (1) * - Retrieve the Enclave's MREnclave value which is used as the Shard value. (1) * - Encrypt data using the Enclave's Shielding Key. - * - Send request to the Enclave. This is also known as Direct Invocation. (2) + * - Send request to the Enclave. * - * (1) This is done by querying the Parachain. Its shielding key can be retrieved directly but - * since the MREnclave cannot we opted to leave both from the Parachain in the meantime. - * - * (2) This is done by using a reverse proxy API. By default, it expects the proxy API to be - * running on `/api/enclave`. See `createEnclaveHttpProxyHandler` for more details. + * (1) Querying from the Parachain, instead of directly from the Enclave Worker itself helps + * ensuring clients are connected to a trusted worker. * * @example * ```ts - * import { Enclave } from '@litentry/enclave'; + * import { enclave } from '@litentry/client-sdk'; * - * const enclave = new Enclave(); // same as the `enclave` variable exported from this module * const shard = await enclave.getShard(api); * const key = await enclave.getKey(api); * @@ -50,7 +46,7 @@ const log = * // Encrypt data using the Enclave's Shielding Key * const encrypted = await enclave.encrypt(api, { cleartext: new Uint8Array([1, 2, 3]) }); * - * // Send request to the Enclave directly. This is also known as Direct Invocation. + * // Send request to the Enclave. * const response = await enclave.send({ * jsonrpc: '2.0', * method: 'author_submitAndWatch', diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/get-enclave-nonce.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/get-enclave-nonce.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/get-enclave-nonce.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/get-enclave-nonce.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/get-id-graph-hash.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/get-id-graph-hash.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/get-id-graph-hash.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/get-id-graph-hash.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/get-id-graph.request.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/get-id-graph.request.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/get-id-graph.request.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/get-id-graph.request.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/get-last-registered-enclave.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/get-last-registered-enclave.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/get-last-registered-enclave.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/get-last-registered-enclave.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/index.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/index.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/index.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/index.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/link-identity-callback.request.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/link-identity-callback.request.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/link-identity-callback.request.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/link-identity-callback.request.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/link-identity.request.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/link-identity.request.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/link-identity.request.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/link-identity.request.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/request-batch-vc.request.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/request-batch-vc.request.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/request-batch-vc.request.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/request-batch-vc.request.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/set-identity-networks.request.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/set-identity-networks.request.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/requests/set-identity-networks.request.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/requests/set-identity-networks.request.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/id-graph.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/id-graph.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/id-graph.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/id-graph.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/key-aes-output.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/key-aes-output.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/key-aes-output.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/key-aes-output.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/litentry-identity.test.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/litentry-identity.test.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/litentry-identity.test.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/litentry-identity.test.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/litentry-identity.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/litentry-identity.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/litentry-identity.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/litentry-identity.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/litentry-multi-signature.test.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/litentry-multi-signature.test.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/litentry-multi-signature.test.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/litentry-multi-signature.test.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/litentry-multi-signature.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/litentry-multi-signature.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/litentry-multi-signature.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/litentry-multi-signature.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/nonce.test.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/nonce.test.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/nonce.test.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/nonce.test.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/nonce.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/nonce.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/nonce.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/nonce.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/request.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/request.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/request.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/request.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/trusted-call.test.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/trusted-call.test.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/trusted-call.test.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/trusted-call.test.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/trusted-call.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/trusted-call.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/trusted-call.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/trusted-call.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/validation-data.test.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/validation-data.test.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/validation-data.test.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/validation-data.test.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/validation-data.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/validation-data.ts similarity index 97% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/validation-data.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/validation-data.ts index 8c00c0698e..cdd2f58558 100644 --- a/tee-worker/identity/client-sdk/packages/enclave/src/lib/type-creators/validation-data.ts +++ b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/type-creators/validation-data.ts @@ -80,8 +80,8 @@ export type EmailProof = { * * @example Web3 * ```ts - * import { createLitentryValidationDataType } from '@litentry/enclave'; - * import type { Web3Proof } from '@litentry/enclave'; + * import { createLitentryValidationDataType } from '@litentry/client-sdk'; + * import type { Web3Proof } from '@litentry/client-sdk'; * * const userAddress = '0x123'; * @@ -102,8 +102,8 @@ export type EmailProof = { * * @example Twitter * ```ts - * import { createLitentryValidationDataType } from '@litentry/enclave'; - * import type { TwitterProof } from '@litentry/enclave'; + * import { createLitentryValidationDataType } from '@litentry/client-sdk'; + * import type { TwitterProof } from '@litentry/client-sdk'; * * const userHandle = '@litentry'; * diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/calculate-id-graph-hash.test.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/calculate-id-graph-hash.test.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/util/calculate-id-graph-hash.test.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/calculate-id-graph-hash.test.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/calculate-id-graph-hash.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/calculate-id-graph-hash.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/util/calculate-id-graph-hash.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/calculate-id-graph-hash.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/create-payload-to-sign.test.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/create-payload-to-sign.test.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/util/create-payload-to-sign.test.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/create-payload-to-sign.test.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/create-payload-to-sign.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/create-payload-to-sign.ts similarity index 96% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/util/create-payload-to-sign.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/create-payload-to-sign.ts index 0d7c27dde2..ec83234f8a 100644 --- a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/create-payload-to-sign.ts +++ b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/create-payload-to-sign.ts @@ -6,7 +6,7 @@ import type { U8aLike } from '@polkadot/util/types'; import type { Index } from '@polkadot/types/interfaces'; /** - * Construct the message users have to sign to authorize enclave's requests + * Construct the message users have to sign to authorize Enclave's requests */ export function createPayloadToSign(args: { who: LitentryIdentity; diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/decode-signature.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/decode-signature.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/util/decode-signature.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/decode-signature.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/get-signature-crypto-type.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/get-signature-crypto-type.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/util/get-signature-crypto-type.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/get-signature-crypto-type.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/safely-decode-option.test.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/safely-decode-option.test.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/util/safely-decode-option.test.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/safely-decode-option.test.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/safely-decode-option.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/safely-decode-option.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/util/safely-decode-option.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/safely-decode-option.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/shielding-key.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/shielding-key.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/util/shielding-key.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/shielding-key.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/types.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/types.ts similarity index 62% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/util/types.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/types.ts index 07460be278..f6214407f8 100644 --- a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/types.ts +++ b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/types.ts @@ -5,9 +5,8 @@ export type JsonRpcRequest = { method: string; params: Array; /** - * Heads-up: it should work with string and any number but we found out - * that responses are not coming back if the number is too big or a string :sad-panda: - * @see Enclave Reverse Proxy `/apps/identity-hub/pages/api/enclave.ts` + * Use sequential numbers starting from 1 for consecutive requests. + * For one-time request that closes connections right away, using `1` is ok. */ id?: number; }; diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/u8aToBase64Url.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/u8aToBase64Url.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/util/u8aToBase64Url.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/u8aToBase64Url.ts diff --git a/tee-worker/identity/client-sdk/packages/enclave/src/lib/util/verify-signature.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/verify-signature.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/src/lib/util/verify-signature.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/util/verify-signature.ts diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/__tests__/validate-enclave-registry.test.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/vc-validator/__tests__/validate-enclave-registry.test.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/__tests__/validate-enclave-registry.test.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/vc-validator/__tests__/validate-enclave-registry.test.ts diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/runtime-enclave-registry.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/vc-validator/runtime-enclave-registry.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/runtime-enclave-registry.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/vc-validator/runtime-enclave-registry.ts diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/validator.spec.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/vc-validator/validator.spec.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/validator.spec.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/vc-validator/validator.spec.ts diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/validator.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/vc-validator/validator.ts similarity index 100% rename from tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/validator.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/vc-validator/validator.ts diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/validator.types.ts b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/vc-validator/validator.types.ts similarity index 90% rename from tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/validator.types.ts rename to tee-worker/identity/client-sdk/packages/client-sdk/src/lib/vc-validator/validator.types.ts index 878a48152c..1d7f2accf4 100644 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/validator.types.ts +++ b/tee-worker/identity/client-sdk/packages/client-sdk/src/lib/vc-validator/validator.types.ts @@ -1,8 +1,3 @@ -import { NETWORKS } from './validator.constants'; -export { NETWORKS } from './validator.constants'; - -export type Network = keyof typeof NETWORKS; - /** * Defines the details of the validation result for each component of the Verifiable Credential (VC). */ diff --git a/tee-worker/identity/client-sdk/packages/enclave/tsconfig.json b/tee-worker/identity/client-sdk/packages/client-sdk/tsconfig.json similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/tsconfig.json rename to tee-worker/identity/client-sdk/packages/client-sdk/tsconfig.json diff --git a/tee-worker/identity/client-sdk/packages/enclave/tsconfig.lib.json b/tee-worker/identity/client-sdk/packages/client-sdk/tsconfig.lib.json similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/tsconfig.lib.json rename to tee-worker/identity/client-sdk/packages/client-sdk/tsconfig.lib.json diff --git a/tee-worker/identity/client-sdk/packages/enclave/tsconfig.spec.json b/tee-worker/identity/client-sdk/packages/client-sdk/tsconfig.spec.json similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/tsconfig.spec.json rename to tee-worker/identity/client-sdk/packages/client-sdk/tsconfig.spec.json diff --git a/tee-worker/identity/client-sdk/packages/enclave/typedoc.json b/tee-worker/identity/client-sdk/packages/client-sdk/typedoc.json similarity index 100% rename from tee-worker/identity/client-sdk/packages/enclave/typedoc.json rename to tee-worker/identity/client-sdk/packages/client-sdk/typedoc.json diff --git a/tee-worker/identity/client-sdk/packages/enclave/CHANGELOG.md b/tee-worker/identity/client-sdk/packages/enclave/CHANGELOG.md deleted file mode 100644 index 3fec80971c..0000000000 --- a/tee-worker/identity/client-sdk/packages/enclave/CHANGELOG.md +++ /dev/null @@ -1,248 +0,0 @@ -# Changelog - -All notable changes to this project will be documented in this file. - -The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), -and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - -## [Unreleased] - -## [4.3.0] - 2024-09-30 - -### Changed - -- Use `@litentry/parachain-api@0.9.20-4.1` and `@litentry/sidechain-api@0.9.20-4` - -### Added - -- Support for `Email` Identity - -## [4.2.0] - 2024-08-26 - -### Changed - -- Use `@litentry/parachain-api@0.9.19-7` - -## [4.1.0] - 2024-08-06 - -### Added - -- Trusted call requests: add the `request.linkIdentityCallback` method. - -### Changed - -- Use `@litentry/parachain-api@0.9.18-11.2` -- `createLitentryIdentityType`: type can now be created by passing a raw value in hex or `Uint8Array` -- `request.requestBatchVc` now support and optional `signer`. - -## [4.0.1] - 2024-07-19 - -- Use `@litentry/parachain-api@0.9.18-11` and `@litentry/sidechain-api@0.9.18-11` stable versions. - -## [4.0.0] - 2024-07-15 - -- Migrate to `@litentry/parachain-api` and `@litentry/sidechain-api`. -- Distribute as ES Module -- Targets [parachain-release v0.9.18-10](https://github.com/litentry/litentry-parachain/releases/tag/v0.9.18-10) - -## Added - -- Export the type `IdGraph` and its type's struct name under `ID_GRAPH_STRUCT`. -- Challenge code now produces a prettified string for utf-8 signing for web3 identities when `options.prettify` is set to `true`. - -## Changed - -- Migrate to `@litentry/parachain-api` and `@litentry/sidechain-api` por chain types. Deprecates `@litentry/chain-types`. -- Support the new `RequestVcResultOrError` type definition. -- `KeyAesOutput` was renamed to `AesOutput`. -- renamed `global` to `globalThis` -- This library is now distributed as an ESModule - -## Removed - -- Drop `@litentry/chain-types` from dependencies. - -### Fixed - -- `request.getIdGraphHash` no longer throws when the user's id_graph is empty. - -## [3.2.1] - 2024-06-10 - -### Added - -- Adds a new dependency: `@litentry/chaindata`. - -## [3.1.2] - 2024-06-08 - -### Fixed - -- Skip `StfError` validation for verifiable credentials requests. Rely on `RequestVcResultOrError` codec. - -## [3.1.1] - 2024-06-07 - -### Fixed - -- Fix error decoding for single assertions request in `request.requestBatchVc`. - -## [3.1.0] - 2024-06-03 - -### Changed - -- Upgrade `@polkadot/api*`, `@polkadot/rpc*`, `@polkadot/types*` to 10.9.1, and `@polkadot/util*` to `12.5.1` - -### Removed - -- Drop unused `@polkadot/keyring` dependency. - -## [3.0.0] - 2024-06-03 - -- Introduce oAuth2 proofs support for Web2 identity validation - -### Added - -- Config: support `litentry-staging` for the env var `[NX_]PARACHAIN_NETWORK`. -- Config: support the new env var `[NX_]LITENTRY_NETWORK` for setting the network same as `[NX_]PARACHAIN_NETWORK` but higher precedence. -- Config: accept custom WS endpoints on `[NX_]LITENTRY_NETWORK` / `[NX_]PARACHAIN_NETWORK`. - -### Changed - -- Use `@litentry/chain-types@2.0.0` -- The type creator `createLitentryValidationDataType` now accepts building oAuth2 proofs for Discord and Twitter. - - ```ts - // twitter - const twitterOAuth2Proof = createLitentryValidationDataType( - registry, - { - addressOrHandle: 'my_twitter_handle', - type: 'Twitter', - }, - { - code: 'my_twitter_code', - state: 'my_twitter_state', - redirectUri: 'http://test-redirect-uri', - } - ); - - // Discord - const validationData = createLitentryValidationDataType( - registry, - { - addressOrHandle: 'my_discord_handle', - type: 'Discord', - }, - { - code: 'my_discord_code', - redirectUri: 'http://test-redirect-uri', - } - ); - ``` - - The legacy public message proofs are still supported. - -## [2.0.1] - 2024-05-21 - -### Changed - -- When no `PARACHAIN_NETWORK` or `NX_PARACHAIN_NETWORK` is specified, the library will default to the production (`tee-prod`) endpoint rather than to development (`tee-dev`). - -## [2.0.0] - 2024-05-17 - -### Removed - -- `createLitentryIdentityType` dropped the support deriving the identity type from the provided address. Now both `addressOrHandle` and `type` are required. - - ```ts - import { createLitentryIdentityType } from '@litentry/enclave'; - - // from - createLitentryIdentityType(registry, { - address: '5DNx1Kgis2u2SQq7EJrBdnV49PoZCxV3NqER4vV5VqjqZcat', - }); - - // To - createLitentryIdentityType(registry, { - addressOrHandle: '5DNx1Kgis2u2SQq7EJrBdnV49PoZCxV3NqER4vV5VqjqZcat', - type: 'Substrate', - }); - ``` - - consequently, the following methods require a `LitentryIdentity` for the `who` parameter instead of a plain address string: `request.getIdGraph`, `request.linkIdentity`, `request.requestBatchVc`, `request.setIdentityNetworks`, and `request.createChallengeCode`. - -## [1.0.4] - 2024-05-16 - -Routinely update - -## [1.0.3] - 2024-05-16 - -### Changed - -- `@litentry/enclave` add support for Solana hex-encoded signatures. It hex string is not provided, it will default to base58 decoding. - -## [1.0.2] - 2024-05-14 - -### Changed - -- `@litentry/chain-types` is now marked as a peerDependency - -## [1.0.1] - 2024-05-08 - -Routinely update - -## [1.0.0] - 2024-04-24 - -- Initial public version - -### Added - -- Request methods that mutate the idGraph information will have a common response. The entire idGraph will no longer be returned but the information about the updated identity only. -- `request.getIdGraphHash` Request getter to get idGraph hash with no signature. -- `calculateIdGraphHash`: Helper method to calculate the hash of a given local idGraph. -- `request.requestBatchVC`: Request trusted call to request a batch of VCs. -- `Enclave.send` now supports a third argument to subscribe to the WS streamed responses. -- Payload signature is now beautify by default to look more human. -- Use a different key for encrypting the transmitted package to the Enclave. - -### Removed - -- `request.requestVc`. Superseded by `request.requestBatchVc`. -- `createEnclaveHttpProxyHandler`. The connection to the Enclave is now done directly via WebSockets. - -### Changed - -- Migrate from `teerex` to `teebag`. -- Enclave's nonce is now retrieved through the `author_getNextNonce` getter call. -- The connection to the Enclave is now done directly via WebSockets. Setting up an HTTP proxy is no longer necessary nor suggested. -- The payload size of all operations was reduced and fixed to a 32-bytes length. - -## 2023-12-05 - -Update to `Litentry-parachain p0.9.17-9170-w0.0.1-100`. - -### Added - -- `request.getIdGraph`: fetch the user's idGraph from the Enclave Sidechain. It requires user signature. - -### Changed - -- **Shielding key**: Users no longer need to set a shielding key on-chain. The data for network transportation is now protected by ephemeral shielding keys generated on the fly. Ephemeral shielding keys increase security and enhance the user experience. -- **Direct responses**: Operation responses are no longer gathered from the Parachain but from the Enclave itself. -- `request.linkIdentity`: The method now has a two level encryption: the information is encrypted with a different key that the one used for transportation. -- `request.linkIdentity`: The call argument `data.encryptionNonce` was removed. -- `request.linkIdentity`: The returned `send` callback now returns both the idGraph and the parsed sidechain response in a `WorkerRpcReturnValue` type. -- `request.createChallengeCode`: The call argument `args.shield` was removed. The Challenge code no longer needs encrypted information. -- `request.setIdentityNetworks`: The returned `send` callback now returns the transaction hash `txHash` and the parsed sidechain response in a `WorkerRpcReturnValue` type. -- `request.requestVc`: The returned `send` callback now returns the `vcIndex`, `vcHash` and the VC's contents on `vcPayload`. As well as the parsed sidechain response in a `WorkerRpcReturnValue` type. -- `enclave.getNonce` was moved as a requestor: `request.getEnclaveNonce`. -- `KeyAesOutput` type is no longer part of the Parachain-runtime metadata and thus it can't be found on `@polkadot/types/lookup`. Use `KeyAesOutput` instead from `@litentry/chain-types` -- `enclave.send`: Error thrown during Enclave operations include more information now. -- `createEnclaveHttpProxyHandler`: HTTP errors responses are now only returned if reaching the Enclave or processing the request fails. However, `enclave.send` could still throw an execution error if the intrinsic operation contains errors. For instance, linking an already linked identity will result on a 200 HTTP response from the Enclave's proxy but `enclave.send` will throw an error about `IdentityAlreadyLinked`. - -### Removed - -- `request.setUserShieldingKey`: It is no longer needed to set the user's shielding key on-chain. See the Shielding Key point on the Changed section for more information. -- `ky-universal` dependency was dropped. - -## 2023-11-01 - -Initial version diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/.eslintrc.json b/tee-worker/identity/client-sdk/packages/vc-sdk/.eslintrc.json deleted file mode 100644 index 77e7c5bc94..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/.eslintrc.json +++ /dev/null @@ -1,25 +0,0 @@ -{ - "extends": ["../../.eslintrc.json"], - "ignorePatterns": ["!**/*"], - "overrides": [ - { - "files": ["*.ts", "*.tsx", "*.js", "*.jsx"], - "rules": {} - }, - { - "files": ["*.ts", "*.tsx"], - "rules": {} - }, - { - "files": ["*.js", "*.jsx"], - "rules": {} - }, - { - "files": ["*.json"], - "parser": "jsonc-eslint-parser", - "rules": { - "@nx/dependency-checks": ["error", {}] - } - } - ] -} diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/CHANGELOG.md b/tee-worker/identity/client-sdk/packages/vc-sdk/CHANGELOG.md deleted file mode 100644 index 968e953571..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/CHANGELOG.md +++ /dev/null @@ -1,224 +0,0 @@ -# Changelog - -All notable changes to this project will be documented in this file. - -The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), -and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - -## [Unreleased] - -## [3.4.0] - 2024-09-30 - -### Changed - -- Use `@litentry/parachain-api@0.9.20-4.1` and `@litentry/sidechain-api@0.9.20-4` - -## [3.3.0] - 2024-08-26 - -### Changed - -- Use `@litentry/parachain-api@0.9.19-7` - -## [3.2.0] - 2024-08-06 - -- Use `@litentry/parachain-api@0.9.18-11.2` - -## [3.1.0] - 2024-07-22 - -### Changed - -- `validator`: Use RPC call to retrieve blockHashes. - -## [3.0.0] - 2024-07-22 - -### Removed - -- Drop `parseVc`. Parsing a VC is now up to clients. - -## [2.0.2] - 2024-07-19 - -- Use `@litentry/parachain-api@0.9.18-11` and `@litentry/sidechain-api@0.9.18-11` stable versions. - -## [2.0.1] - 2024-07-17 - -### Added - -- Extend `PlatformUserSubject` to support `DarenMarket` and variations of `MagicKraft` and `KaratDao` for better backward compatibility. - -## [2.0.0] - 2024-07-15 - -- Migrate to `@litentry/parachain-api` and `@litentry/sidechain-api`. -- Distribute as ES Module -- Targets [parachain-release v0.9.18-10](https://github.com/litentry/litentry-parachain/releases/tag/v0.9.18-10) - -## Changed - -- Migrate to `@litentry/parachain-api` and `@litentry/sidechain-api` por chain types. Deprecates `@litentry/chain-types`. -- This library is now distributed as an ESModule - -## Fixed - -- `Active Discord ID-Hubber`: Update its `type` name. -- `EVM/Substrate Transaction Count`: add `SubstrateTestnet` to the list of supported networks. - -## Removed - -- Drop `@litentry/chain-types` from dependencies. - -## [1.5.0] - 2024-06-27 - -### Changed - -- `validateVc`: rely on `vc.proof.verificationMethod` to get the VC's pubKey. -- `validateVc`: for new VCs where `vc.issuer.id` is an enclave account, query the specific enclave used at the time of issuing the VC for validation. - -## [1.4.1] - 2024-06-27 - -### Changed - -- `TokenHoldingAmount` credential subject: optional `$network` and `$address`. - -## [1.4.0] - 2024-06-03 - -### Changed - -- Upgrade `@polkadot/api*`, `@polkadot/rpc*`, `@polkadot/types*` to 10.9.1, and `@polkadot/util*` to `12.5.1` - -### Removed - -- Drop unused `@polkadot/keyring` dependency. - -## [1.3.3] - 2024-06-03 - -### Fixed - -- Add `MagicCraft` to the Credential Subject `PlatformUserSubject` type. - -## [1.3.2] - 2024-05-29 - -### Added - -- Add `BEAN` to `BaseTokenHolderIITokenEnum` supported tokens. - -## [1.3.1] - 2024-05-28 - -### Fixed - -- Deps: split `devDependencies` and move `@litentry/enclave` as `peerDependency`. - -## [1.3.0] - 2024-05-27 - -### Added - -- Broad `BaseTokenHolderIITokenEnum` token support with: `ETH`, `USDC`, `ADA`, `DOGE`, `SHIB`, `UNI`, `BCH`, `ETC`, `ATOM`, `DAI`, `LEO`, `FIL`, `IMX`, `CRO`, `INJ`. - -## [1.2.0] - 2024-05-08 - -### Fixed - -- `BaseTokenAmountHolding` now support all the token names from the `TokenHoldingAmount` assertion. - -### Changed - -- The encoding of `address` clauses' is no longer validated. - -## [1.1.1] - 2024-04-22 - -### Added - -- Add further tests coverage for the feature released on 1.1.0 - -## [1.1.0] - 2024-04-22 - -### Added - -- Allow verifying Litentry VCs that were generated by Enclave running on `tee-dev` on this date. MREnclave: `0x585e6d8623b0f63706174025625adb163503863fe6f7cc9459df65cbc2097943`. - -## [1.0.1] - 2024-04-18 - -## Fixed - -- Restore a fix that mistakenly removed. The fix was a bug that was preventing legacy VC with `issuer.id` in base58 format to fail at validating. - -## [1.0.0] - 2024-04-02 - -### Changed - -- The Litentry's VC Registry was dropped. VCs' hash is no longer stored on-chain. VC Verification continues unaltered. -- Enclave's queries were migrated from `teerex` to `teebag` to match latest Litentry's runtime versions. - -### Added - -- Credential parser: support the new `assertionText`, `parachainBlockNumber`, and `sidechainBlockNumber` schema fields. -- New Credential Subjects: `WeirdoGhostGangHolder`, `TokenAmountHolder`, `Brc20TokenHolder`, `LitStakingAmountSubject`, `NFTHolderSubject`, `CryptoSummarySubject`, `VIP3CardHolderSubject`, `KaratDaoPlatformUserSubject`, `BaseNftHoldingSubject` - -### Removed - -- `result.vcRegistry` property was removed from the return value of `validateVc`. - -## [0.2.5] - 2023-11-27 - -### Added - -- New Credential's assertions support: `GenericDiscordRole`, `BnbDomainHolding`, `BnbDigitDomainClub`. -- New Credential Subjects: `GenericDiscordRole`, `SpaceID10KClubMember`, `SpaceID999ClubMember`, `SpaceIDDomainHoldingAmount`. - -### Fixed - -- Fix parsing issue `EVMVersionEarlyBird` assertions when value is false -- Fix validation logic for VC with `SoraQuiz` assertions - -### Changed - -- `validateVc` early return if signature verifying fails. - -## [0.2.4] - -Deprecated. Please upgrade to @latest. - -## [0.2.3] - 2023-11-14 - -### Fixed - -- OneBlock+ VC type update - -## [0.2.2] - 2023-11-09 - -### Added - -- Readme: Link to client-sdk-examples repository - -### Removed - -- Docs: Exclude `examples` folder from the build output - -## [0.2.1] - 2023-11-09 - -### Fixed - -- Fix the README's example of `validateVc`. -- Other documentation fixes and improvements - -### Added - -- Support SORA Quiz credential definitions' subject -- Include examples and docs folder in the build output - -## [0.1.1] - 2023-10-25 - -### Added - -- This changelog -- Validate VCs against previously registered Litentry Enclave versions and not only the current one. - -### Fixed - -- Fix bundle type definitions in the published package -- Fix type error in one of the README's examples - -## [0.1.0] - 2023-10-10 - -### Added - -- parseVc method -- validateVc method diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/LICENSE b/tee-worker/identity/client-sdk/packages/vc-sdk/LICENSE deleted file mode 100644 index f288702d2f..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/LICENSE +++ /dev/null @@ -1,674 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 3, 29 June 2007 - - Copyright (C) 2007 Free Software Foundation, Inc. - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The GNU General Public License is a free, copyleft license for -software and other kinds of works. - - The licenses for most software and other practical works are designed -to take away your freedom to share and change the works. By contrast, -the GNU General Public License is intended to guarantee your freedom to -share and change all versions of a program--to make sure it remains free -software for all its users. We, the Free Software Foundation, use the -GNU General Public License for most of our software; it applies also to -any other work released this way by its authors. You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -them if you wish), that you receive source code or can get it if you -want it, that you can change the software or use pieces of it in new -free programs, and that you know you can do these things. - - To protect your rights, we need to prevent others from denying you -these rights or asking you to surrender the rights. Therefore, you have -certain responsibilities if you distribute copies of the software, or if -you modify it: responsibilities to respect the freedom of others. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must pass on to the recipients the same -freedoms that you received. You must make sure that they, too, receive -or can get the source code. And you must show them these terms so they -know their rights. - - Developers that use the GNU GPL protect your rights with two steps: -(1) assert copyright on the software, and (2) offer you this License -giving you legal permission to copy, distribute and/or modify it. - - For the developers' and authors' protection, the GPL clearly explains -that there is no warranty for this free software. For both users' and -authors' sake, the GPL requires that modified versions be marked as -changed, so that their problems will not be attributed erroneously to -authors of previous versions. - - Some devices are designed to deny users access to install or run -modified versions of the software inside them, although the manufacturer -can do so. This is fundamentally incompatible with the aim of -protecting users' freedom to change the software. The systematic -pattern of such abuse occurs in the area of products for individuals to -use, which is precisely where it is most unacceptable. Therefore, we -have designed this version of the GPL to prohibit the practice for those -products. If such problems arise substantially in other domains, we -stand ready to extend this provision to those domains in future versions -of the GPL, as needed to protect the freedom of users. - - Finally, every program is threatened constantly by software patents. -States should not allow patents to restrict development and use of -software on general-purpose computers, but in those that do, we wish to -avoid the special danger that patents applied to a free program could -make it effectively proprietary. To prevent this, the GPL assures that -patents cannot be used to render the program non-free. - - The precise terms and conditions for copying, distribution and -modification follow. - - TERMS AND CONDITIONS - - 0. Definitions. - - "This License" refers to version 3 of the GNU General Public License. - - "Copyright" also means copyright-like laws that apply to other kinds of -works, such as semiconductor masks. - - "The Program" refers to any copyrightable work licensed under this -License. Each licensee is addressed as "you". "Licensees" and -"recipients" may be individuals or organizations. - - To "modify" a work means to copy from or adapt all or part of the work -in a fashion requiring copyright permission, other than the making of an -exact copy. The resulting work is called a "modified version" of the -earlier work or a work "based on" the earlier work. - - A "covered work" means either the unmodified Program or a work based -on the Program. - - To "propagate" a work means to do anything with it that, without -permission, would make you directly or secondarily liable for -infringement under applicable copyright law, except executing it on a -computer or modifying a private copy. Propagation includes copying, -distribution (with or without modification), making available to the -public, and in some countries other activities as well. - - To "convey" a work means any kind of propagation that enables other -parties to make or receive copies. Mere interaction with a user through -a computer network, with no transfer of a copy, is not conveying. - - An interactive user interface displays "Appropriate Legal Notices" -to the extent that it includes a convenient and prominently visible -feature that (1) displays an appropriate copyright notice, and (2) -tells the user that there is no warranty for the work (except to the -extent that warranties are provided), that licensees may convey the -work under this License, and how to view a copy of this License. If -the interface presents a list of user commands or options, such as a -menu, a prominent item in the list meets this criterion. - - 1. Source Code. - - The "source code" for a work means the preferred form of the work -for making modifications to it. "Object code" means any non-source -form of a work. - - A "Standard Interface" means an interface that either is an official -standard defined by a recognized standards body, or, in the case of -interfaces specified for a particular programming language, one that -is widely used among developers working in that language. - - The "System Libraries" of an executable work include anything, other -than the work as a whole, that (a) is included in the normal form of -packaging a Major Component, but which is not part of that Major -Component, and (b) serves only to enable use of the work with that -Major Component, or to implement a Standard Interface for which an -implementation is available to the public in source code form. A -"Major Component", in this context, means a major essential component -(kernel, window system, and so on) of the specific operating system -(if any) on which the executable work runs, or a compiler used to -produce the work, or an object code interpreter used to run it. - - The "Corresponding Source" for a work in object code form means all -the source code needed to generate, install, and (for an executable -work) run the object code and to modify the work, including scripts to -control those activities. However, it does not include the work's -System Libraries, or general-purpose tools or generally available free -programs which are used unmodified in performing those activities but -which are not part of the work. For example, Corresponding Source -includes interface definition files associated with source files for -the work, and the source code for shared libraries and dynamically -linked subprograms that the work is specifically designed to require, -such as by intimate data communication or control flow between those -subprograms and other parts of the work. - - The Corresponding Source need not include anything that users -can regenerate automatically from other parts of the Corresponding -Source. - - The Corresponding Source for a work in source code form is that -same work. - - 2. Basic Permissions. - - All rights granted under this License are granted for the term of -copyright on the Program, and are irrevocable provided the stated -conditions are met. This License explicitly affirms your unlimited -permission to run the unmodified Program. The output from running a -covered work is covered by this License only if the output, given its -content, constitutes a covered work. This License acknowledges your -rights of fair use or other equivalent, as provided by copyright law. - - You may make, run and propagate covered works that you do not -convey, without conditions so long as your license otherwise remains -in force. You may convey covered works to others for the sole purpose -of having them make modifications exclusively for you, or provide you -with facilities for running those works, provided that you comply with -the terms of this License in conveying all material for which you do -not control copyright. Those thus making or running the covered works -for you must do so exclusively on your behalf, under your direction -and control, on terms that prohibit them from making any copies of -your copyrighted material outside their relationship with you. - - Conveying under any other circumstances is permitted solely under -the conditions stated below. Sublicensing is not allowed; section 10 -makes it unnecessary. - - 3. Protecting Users' Legal Rights From Anti-Circumvention Law. - - No covered work shall be deemed part of an effective technological -measure under any applicable law fulfilling obligations under article -11 of the WIPO copyright treaty adopted on 20 December 1996, or -similar laws prohibiting or restricting circumvention of such -measures. - - When you convey a covered work, you waive any legal power to forbid -circumvention of technological measures to the extent such circumvention -is effected by exercising rights under this License with respect to -the covered work, and you disclaim any intention to limit operation or -modification of the work as a means of enforcing, against the work's -users, your or third parties' legal rights to forbid circumvention of -technological measures. - - 4. Conveying Verbatim Copies. - - You may convey verbatim copies of the Program's source code as you -receive it, in any medium, provided that you conspicuously and -appropriately publish on each copy an appropriate copyright notice; -keep intact all notices stating that this License and any -non-permissive terms added in accord with section 7 apply to the code; -keep intact all notices of the absence of any warranty; and give all -recipients a copy of this License along with the Program. - - You may charge any price or no price for each copy that you convey, -and you may offer support or warranty protection for a fee. - - 5. Conveying Modified Source Versions. - - You may convey a work based on the Program, or the modifications to -produce it from the Program, in the form of source code under the -terms of section 4, provided that you also meet all of these conditions: - - a) The work must carry prominent notices stating that you modified - it, and giving a relevant date. - - b) The work must carry prominent notices stating that it is - released under this License and any conditions added under section - 7. This requirement modifies the requirement in section 4 to - "keep intact all notices". - - c) You must license the entire work, as a whole, under this - License to anyone who comes into possession of a copy. This - License will therefore apply, along with any applicable section 7 - additional terms, to the whole of the work, and all its parts, - regardless of how they are packaged. This License gives no - permission to license the work in any other way, but it does not - invalidate such permission if you have separately received it. - - d) If the work has interactive user interfaces, each must display - Appropriate Legal Notices; however, if the Program has interactive - interfaces that do not display Appropriate Legal Notices, your - work need not make them do so. - - A compilation of a covered work with other separate and independent -works, which are not by their nature extensions of the covered work, -and which are not combined with it such as to form a larger program, -in or on a volume of a storage or distribution medium, is called an -"aggregate" if the compilation and its resulting copyright are not -used to limit the access or legal rights of the compilation's users -beyond what the individual works permit. Inclusion of a covered work -in an aggregate does not cause this License to apply to the other -parts of the aggregate. - - 6. Conveying Non-Source Forms. - - You may convey a covered work in object code form under the terms -of sections 4 and 5, provided that you also convey the -machine-readable Corresponding Source under the terms of this License, -in one of these ways: - - a) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by the - Corresponding Source fixed on a durable physical medium - customarily used for software interchange. - - b) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by a - written offer, valid for at least three years and valid for as - long as you offer spare parts or customer support for that product - model, to give anyone who possesses the object code either (1) a - copy of the Corresponding Source for all the software in the - product that is covered by this License, on a durable physical - medium customarily used for software interchange, for a price no - more than your reasonable cost of physically performing this - conveying of source, or (2) access to copy the - Corresponding Source from a network server at no charge. - - c) Convey individual copies of the object code with a copy of the - written offer to provide the Corresponding Source. This - alternative is allowed only occasionally and noncommercially, and - only if you received the object code with such an offer, in accord - with subsection 6b. - - d) Convey the object code by offering access from a designated - place (gratis or for a charge), and offer equivalent access to the - Corresponding Source in the same way through the same place at no - further charge. You need not require recipients to copy the - Corresponding Source along with the object code. If the place to - copy the object code is a network server, the Corresponding Source - may be on a different server (operated by you or a third party) - that supports equivalent copying facilities, provided you maintain - clear directions next to the object code saying where to find the - Corresponding Source. Regardless of what server hosts the - Corresponding Source, you remain obligated to ensure that it is - available for as long as needed to satisfy these requirements. - - e) Convey the object code using peer-to-peer transmission, provided - you inform other peers where the object code and Corresponding - Source of the work are being offered to the general public at no - charge under subsection 6d. - - A separable portion of the object code, whose source code is excluded -from the Corresponding Source as a System Library, need not be -included in conveying the object code work. - - A "User Product" is either (1) a "consumer product", which means any -tangible personal property which is normally used for personal, family, -or household purposes, or (2) anything designed or sold for incorporation -into a dwelling. In determining whether a product is a consumer product, -doubtful cases shall be resolved in favor of coverage. For a particular -product received by a particular user, "normally used" refers to a -typical or common use of that class of product, regardless of the status -of the particular user or of the way in which the particular user -actually uses, or expects or is expected to use, the product. A product -is a consumer product regardless of whether the product has substantial -commercial, industrial or non-consumer uses, unless such uses represent -the only significant mode of use of the product. - - "Installation Information" for a User Product means any methods, -procedures, authorization keys, or other information required to install -and execute modified versions of a covered work in that User Product from -a modified version of its Corresponding Source. The information must -suffice to ensure that the continued functioning of the modified object -code is in no case prevented or interfered with solely because -modification has been made. - - If you convey an object code work under this section in, or with, or -specifically for use in, a User Product, and the conveying occurs as -part of a transaction in which the right of possession and use of the -User Product is transferred to the recipient in perpetuity or for a -fixed term (regardless of how the transaction is characterized), the -Corresponding Source conveyed under this section must be accompanied -by the Installation Information. But this requirement does not apply -if neither you nor any third party retains the ability to install -modified object code on the User Product (for example, the work has -been installed in ROM). - - The requirement to provide Installation Information does not include a -requirement to continue to provide support service, warranty, or updates -for a work that has been modified or installed by the recipient, or for -the User Product in which it has been modified or installed. Access to a -network may be denied when the modification itself materially and -adversely affects the operation of the network or violates the rules and -protocols for communication across the network. - - Corresponding Source conveyed, and Installation Information provided, -in accord with this section must be in a format that is publicly -documented (and with an implementation available to the public in -source code form), and must require no special password or key for -unpacking, reading or copying. - - 7. Additional Terms. - - "Additional permissions" are terms that supplement the terms of this -License by making exceptions from one or more of its conditions. -Additional permissions that are applicable to the entire Program shall -be treated as though they were included in this License, to the extent -that they are valid under applicable law. If additional permissions -apply only to part of the Program, that part may be used separately -under those permissions, but the entire Program remains governed by -this License without regard to the additional permissions. - - When you convey a copy of a covered work, you may at your option -remove any additional permissions from that copy, or from any part of -it. (Additional permissions may be written to require their own -removal in certain cases when you modify the work.) You may place -additional permissions on material, added by you to a covered work, -for which you have or can give appropriate copyright permission. - - Notwithstanding any other provision of this License, for material you -add to a covered work, you may (if authorized by the copyright holders of -that material) supplement the terms of this License with terms: - - a) Disclaiming warranty or limiting liability differently from the - terms of sections 15 and 16 of this License; or - - b) Requiring preservation of specified reasonable legal notices or - author attributions in that material or in the Appropriate Legal - Notices displayed by works containing it; or - - c) Prohibiting misrepresentation of the origin of that material, or - requiring that modified versions of such material be marked in - reasonable ways as different from the original version; or - - d) Limiting the use for publicity purposes of names of licensors or - authors of the material; or - - e) Declining to grant rights under trademark law for use of some - trade names, trademarks, or service marks; or - - f) Requiring indemnification of licensors and authors of that - material by anyone who conveys the material (or modified versions of - it) with contractual assumptions of liability to the recipient, for - any liability that these contractual assumptions directly impose on - those licensors and authors. - - All other non-permissive additional terms are considered "further -restrictions" within the meaning of section 10. If the Program as you -received it, or any part of it, contains a notice stating that it is -governed by this License along with a term that is a further -restriction, you may remove that term. If a license document contains -a further restriction but permits relicensing or conveying under this -License, you may add to a covered work material governed by the terms -of that license document, provided that the further restriction does -not survive such relicensing or conveying. - - If you add terms to a covered work in accord with this section, you -must place, in the relevant source files, a statement of the -additional terms that apply to those files, or a notice indicating -where to find the applicable terms. - - Additional terms, permissive or non-permissive, may be stated in the -form of a separately written license, or stated as exceptions; -the above requirements apply either way. - - 8. Termination. - - You may not propagate or modify a covered work except as expressly -provided under this License. Any attempt otherwise to propagate or -modify it is void, and will automatically terminate your rights under -this License (including any patent licenses granted under the third -paragraph of section 11). - - However, if you cease all violation of this License, then your -license from a particular copyright holder is reinstated (a) -provisionally, unless and until the copyright holder explicitly and -finally terminates your license, and (b) permanently, if the copyright -holder fails to notify you of the violation by some reasonable means -prior to 60 days after the cessation. - - Moreover, your license from a particular copyright holder is -reinstated permanently if the copyright holder notifies you of the -violation by some reasonable means, this is the first time you have -received notice of violation of this License (for any work) from that -copyright holder, and you cure the violation prior to 30 days after -your receipt of the notice. - - Termination of your rights under this section does not terminate the -licenses of parties who have received copies or rights from you under -this License. If your rights have been terminated and not permanently -reinstated, you do not qualify to receive new licenses for the same -material under section 10. - - 9. Acceptance Not Required for Having Copies. - - You are not required to accept this License in order to receive or -run a copy of the Program. Ancillary propagation of a covered work -occurring solely as a consequence of using peer-to-peer transmission -to receive a copy likewise does not require acceptance. However, -nothing other than this License grants you permission to propagate or -modify any covered work. These actions infringe copyright if you do -not accept this License. Therefore, by modifying or propagating a -covered work, you indicate your acceptance of this License to do so. - - 10. Automatic Licensing of Downstream Recipients. - - Each time you convey a covered work, the recipient automatically -receives a license from the original licensors, to run, modify and -propagate that work, subject to this License. You are not responsible -for enforcing compliance by third parties with this License. - - An "entity transaction" is a transaction transferring control of an -organization, or substantially all assets of one, or subdividing an -organization, or merging organizations. If propagation of a covered -work results from an entity transaction, each party to that -transaction who receives a copy of the work also receives whatever -licenses to the work the party's predecessor in interest had or could -give under the previous paragraph, plus a right to possession of the -Corresponding Source of the work from the predecessor in interest, if -the predecessor has it or can get it with reasonable efforts. - - You may not impose any further restrictions on the exercise of the -rights granted or affirmed under this License. For example, you may -not impose a license fee, royalty, or other charge for exercise of -rights granted under this License, and you may not initiate litigation -(including a cross-claim or counterclaim in a lawsuit) alleging that -any patent claim is infringed by making, using, selling, offering for -sale, or importing the Program or any portion of it. - - 11. Patents. - - A "contributor" is a copyright holder who authorizes use under this -License of the Program or a work on which the Program is based. The -work thus licensed is called the contributor's "contributor version". - - A contributor's "essential patent claims" are all patent claims -owned or controlled by the contributor, whether already acquired or -hereafter acquired, that would be infringed by some manner, permitted -by this License, of making, using, or selling its contributor version, -but do not include claims that would be infringed only as a -consequence of further modification of the contributor version. For -purposes of this definition, "control" includes the right to grant -patent sublicenses in a manner consistent with the requirements of -this License. - - Each contributor grants you a non-exclusive, worldwide, royalty-free -patent license under the contributor's essential patent claims, to -make, use, sell, offer for sale, import and otherwise run, modify and -propagate the contents of its contributor version. - - In the following three paragraphs, a "patent license" is any express -agreement or commitment, however denominated, not to enforce a patent -(such as an express permission to practice a patent or covenant not to -sue for patent infringement). To "grant" such a patent license to a -party means to make such an agreement or commitment not to enforce a -patent against the party. - - If you convey a covered work, knowingly relying on a patent license, -and the Corresponding Source of the work is not available for anyone -to copy, free of charge and under the terms of this License, through a -publicly available network server or other readily accessible means, -then you must either (1) cause the Corresponding Source to be so -available, or (2) arrange to deprive yourself of the benefit of the -patent license for this particular work, or (3) arrange, in a manner -consistent with the requirements of this License, to extend the patent -license to downstream recipients. "Knowingly relying" means you have -actual knowledge that, but for the patent license, your conveying the -covered work in a country, or your recipient's use of the covered work -in a country, would infringe one or more identifiable patents in that -country that you have reason to believe are valid. - - If, pursuant to or in connection with a single transaction or -arrangement, you convey, or propagate by procuring conveyance of, a -covered work, and grant a patent license to some of the parties -receiving the covered work authorizing them to use, propagate, modify -or convey a specific copy of the covered work, then the patent license -you grant is automatically extended to all recipients of the covered -work and works based on it. - - A patent license is "discriminatory" if it does not include within -the scope of its coverage, prohibits the exercise of, or is -conditioned on the non-exercise of one or more of the rights that are -specifically granted under this License. You may not convey a covered -work if you are a party to an arrangement with a third party that is -in the business of distributing software, under which you make payment -to the third party based on the extent of your activity of conveying -the work, and under which the third party grants, to any of the -parties who would receive the covered work from you, a discriminatory -patent license (a) in connection with copies of the covered work -conveyed by you (or copies made from those copies), or (b) primarily -for and in connection with specific products or compilations that -contain the covered work, unless you entered into that arrangement, -or that patent license was granted, prior to 28 March 2007. - - Nothing in this License shall be construed as excluding or limiting -any implied license or other defenses to infringement that may -otherwise be available to you under applicable patent law. - - 12. No Surrender of Others' Freedom. - - If conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot convey a -covered work so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you may -not convey it at all. For example, if you agree to terms that obligate you -to collect a royalty for further conveying from those to whom you convey -the Program, the only way you could satisfy both those terms and this -License would be to refrain entirely from conveying the Program. - - 13. Use with the GNU Affero General Public License. - - Notwithstanding any other provision of this License, you have -permission to link or combine any covered work with a work licensed -under version 3 of the GNU Affero General Public License into a single -combined work, and to convey the resulting work. The terms of this -License will continue to apply to the part which is the covered work, -but the special requirements of the GNU Affero General Public License, -section 13, concerning interaction through a network will apply to the -combination as such. - - 14. Revised Versions of this License. - - The Free Software Foundation may publish revised and/or new versions of -the GNU General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - - Each version is given a distinguishing version number. If the -Program specifies that a certain numbered version of the GNU General -Public License "or any later version" applies to it, you have the -option of following the terms and conditions either of that numbered -version or of any later version published by the Free Software -Foundation. If the Program does not specify a version number of the -GNU General Public License, you may choose any version ever published -by the Free Software Foundation. - - If the Program specifies that a proxy can decide which future -versions of the GNU General Public License can be used, that proxy's -public statement of acceptance of a version permanently authorizes you -to choose that version for the Program. - - Later license versions may give you additional or different -permissions. However, no additional obligations are imposed on any -author or copyright holder as a result of your choosing to follow a -later version. - - 15. Disclaimer of Warranty. - - THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY -APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT -HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY -OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, -THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM -IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF -ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - - 16. Limitation of Liability. - - IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS -THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY -GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE -USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF -DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD -PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), -EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF -SUCH DAMAGES. - - 17. Interpretation of Sections 15 and 16. - - If the disclaimer of warranty and limitation of liability provided -above cannot be given local legal effect according to their terms, -reviewing courts shall apply local law that most closely approximates -an absolute waiver of all civil liability in connection with the -Program, unless a warranty or assumption of liability accompanies a -copy of the Program in return for a fee. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -state the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . - -Also add information on how to contact you by electronic and paper mail. - - If the program does terminal interaction, make it output a short -notice like this when it starts in an interactive mode: - - Copyright (C) - This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, your program's commands -might be different; for a GUI interface, you would use an "about box". - - You should also get your employer (if you work as a programmer) or school, -if any, to sign a "copyright disclaimer" for the program, if necessary. -For more information on this, and how to apply and follow the GNU GPL, see -. - - The GNU General Public License does not permit incorporating your program -into proprietary programs. If your program is a subroutine library, you -may consider it more useful to permit linking proprietary applications with -the library. If this is what you want to do, use the GNU Lesser General -Public License instead of this License. But first, please read -. diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/README.md b/tee-worker/identity/client-sdk/packages/vc-sdk/README.md deleted file mode 100644 index df97b47054..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/README.md +++ /dev/null @@ -1,55 +0,0 @@ -# @litentry/vc-sdk - -This SDK provides the common functionality to help dApps parse and validate Litentry issued Verifiable Credentials. - -A live example of this SDK's consumer application is identity-hub (https://idhub.litentry.io) where users request and generate their VCs and reveal their obtained VCs and share the relevant VCs should they consent to 3rd party applications. - -## Install - -```bash -npm install @litentry/parachain-api @litentry/sidechain-api @litentry/vc-sdk -``` - -## Examples - -You can find more elaborated examples about the usage of this package on https://github.com/litentry/client-sdk-examples. - -Below you will find some code snippets to guide you through the main functionalities. - -### Validate Verifiable Credential (VC) - -Interaction with the Litentry parachain and TEE to validate whether the VC is an active VC issued by the Litentry. - -#### What the validateVc function do - -- The validateVc function can only verify that the VC was issued by Litentry. -- The VC's credentialSubject can be Substrate or EVM account that is support by Litentry. - -#### What the validateVc function can't do - -- The validateVc function cannot validate that the VC's credentialSubject is the current wallet account. It's SDK's consumer's responsibility to validate the id of VC's credentialSubject is equal to the wallet address. - -#### Example - -```typescript -import { WsProvider, ApiPromise } from '@polkadot/api'; -import { validateVc } from '@litentry/vc-sdk'; - -const api: ApiPromise = await ApiPromise.create({ - provider: new WsProvider('wss://tee-prod.litentry.io'), -}); -// vc json string -const vcJson = - '{"@context": "https://www.w3.org/2018/credentials/v1", "type": "VerifiableCredential", "issuer": "https://example.com/issuer", "subject": "did:example:123", "credentialStatus": "https://example.com/status"}'; -const result = await validateVc(api, vcJson); - -// isValid is false if any field value of the result.detail is not true -if (!result.isValid) { - // true or error message - console.log('vcSignature: ', result.detail.vcSignature); - // true or error message - console.log('enclaveRegistry: ', result.detail.enclaveRegistry); -} -``` - -Note for simplicity, in above example it's assumed that SDK consumer application has to provide the api instance of ApiPromise and manage its lifecycle as well. diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/docs/.nojekyll b/tee-worker/identity/client-sdk/packages/vc-sdk/docs/.nojekyll deleted file mode 100644 index e2ac6616ad..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/docs/.nojekyll +++ /dev/null @@ -1 +0,0 @@ -TypeDoc added this file to prevent GitHub Pages from using Jekyll. You can turn off this behavior by setting the `githubPages` option to false. \ No newline at end of file diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/docs/README.md b/tee-worker/identity/client-sdk/packages/vc-sdk/docs/README.md deleted file mode 100644 index 4c0cca3506..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/docs/README.md +++ /dev/null @@ -1,225 +0,0 @@ -@litentry/vc-sdk - -# @litentry/vc-sdk - -## Table of contents - -### Type Aliases - -- [Network](README.md#network) -- [ValidationResult](README.md#validationresult) -- [ValidationResultDetail](README.md#validationresultdetail) -- [VerifiableCredentialLike](README.md#verifiablecredentiallike) - -### Variables - -- [NETWORKS](README.md#networks) - -### Functions - -- [validateEnclaveRegistry](README.md#validateenclaveregistry) -- [validateVc](README.md#validatevc) -- [validateVcWithTrustedTeeDevEnclave](README.md#validatevcwithtrustedteedevenclave) - -## Type Aliases - -### Network - -Ƭ **Network**: keyof typeof [`NETWORKS`](README.md#networks) - -#### Defined in - -[lib/validator.types.ts:4](https://github.com/litentry/client-sdk/blob/main/lib/validator.types.ts#L4) - -___ - -### ValidationResult - -Ƭ **ValidationResult**: `Object` - -Represents the overall validation result for a Verifiable Credential (VC). - -#### Type declaration - -| Name | Type | Description | -| :------ | :------ | :------ | -| `detail` | [`ValidationResultDetail`](README.md#validationresultdetail) | Represents the whole validation result detail. | -| `isValid` | `boolean` | Represents the whole validation result status. If is true, means all fields of the detail are true, otherwise any one of it is not true. The caller should use this field to determine whether the VC is valid. | - -#### Defined in - -[lib/validator.types.ts:33](https://github.com/litentry/client-sdk/blob/main/lib/validator.types.ts#L33) - -___ - -### ValidationResultDetail - -Ƭ **ValidationResultDetail**: `Object` - -Defines the details of the validation result for each component of the Verifiable Credential (VC). - -#### Type declaration - -| Name | Type | Description | -| :------ | :------ | :------ | -| `enclaveRegistry?` | ``true`` \| `string` | Represents the validation result (vcPubkey and mrEnclave) for the Enclave registry. If validation succeeds, it's true; if validation fails, it's an error message. The vcPubkey from Enclave registry must be same as issuer.id in VC JSON. The mrEnclave from Enclave registry must be same as issuer.mrenclave in VC JSON. | -| `vcSignature?` | ``true`` \| `string` | Represents the validation result for the VC signature. If validation succeeds, it's true; if validation fails, it's an error message. Use issuer.id in VC JSON as vcPubkey, proof.proofValue in VC JSON as signature to verify VC JSON. | - -#### Defined in - -[lib/validator.types.ts:9](https://github.com/litentry/client-sdk/blob/main/lib/validator.types.ts#L9) - -___ - -### VerifiableCredentialLike - -Ƭ **VerifiableCredentialLike**: `Record`\<`string`, `unknown`\> & \{ `@context`: `string` ; `credentialSubject`: `Record`\<`string`, `unknown`\> ; `id`: `string` ; `issuer`: \{ `id`: `string` ; `mrenclave`: `string` ; `name`: `string` } ; `parachainBlockNumber?`: `number` ; `proof`: \{ `proofValue`: `string` ; `verificationMethod`: `string` } ; `sidechainBlockNumber?`: `number` ; `type`: `string`[] } - -#### Defined in - -[lib/validator.ts:11](https://github.com/litentry/client-sdk/blob/main/lib/validator.ts#L11) - -## Variables - -### NETWORKS - -• `Const` **NETWORKS**: `Object` - -Use to create WsProvider according to network. - -#### Type declaration - -| Name | Type | -| :------ | :------ | -| `litentry` | ``"wss://rpc.litentry-parachain.litentry.io"`` | -| `litentry-internal` | ``"wss://tee-internal.litentry.io"`` | -| `litentry-rococo` | ``"wss://rpc.rococo-parachain-sg.litentry.io"`` | -| `litentry-staging` | ``"wss://tee-staging.litentry.io"`` | - -#### Defined in - -[lib/validator.constants.ts:4](https://github.com/litentry/client-sdk/blob/main/lib/validator.constants.ts#L4) - -## Functions - -### validateEnclaveRegistry - -▸ **validateEnclaveRegistry**(`api`, `vc`): `Promise`\<``true`` \| `string`\> - -Validates that the VC was valid at the time it was issued. - -#### Parameters - -| Name | Type | -| :------ | :------ | -| `api` | `ApiPromise` | -| `vc` | [`VerifiableCredentialLike`](README.md#verifiablecredentiallike) | - -#### Returns - -`Promise`\<``true`` \| `string`\> - -#### Defined in - -[lib/validator.ts:231](https://github.com/litentry/client-sdk/blob/main/lib/validator.ts#L231) - -___ - -### validateVc - -▸ **validateVc**(`api`, `vc`): `Promise`\<[`ValidationResult`](README.md#validationresult)\> - -Validate Verifiable Credential (VC) - -### How to find the wallet account address in VC - -The id of VC's credentialSubject is the encoded wallet account address, using code below to encode: - -```typescript -import { decodeAddress } from '@polkadot/util-crypto'; -import { u8aToHex } from '@polkadot/util'; - -const address = u8aToHex(decodeAddress(walletAccountAddress)); -const credentialSubjectId = address.substring(2); -``` - -With the code above: -- If your Polkadot account address is `5CwPfqmormPx9wJ4ASq7ikwdJeRonoUZX9SxwUtm1px9L72W`, the credentialSubjectId will be `26a84b380d8c3226d69f9ae6e482aa6669ed34c6371c52c4dfb48596913d6f28`. -- If your Metamask account address is `0xC620b3e5BEBedA952A8AD18b83Dc4Cf3Dc9CAF4b`, the credentialSubjectId will be `c620b3e5bebeda952a8ad18b83dc4cf3dc9caf4b`. - -### What the validation function do - -- The validation function can only verify that the VC was issued by Litentry. -- The VC's credentialSubject can be Substrate or EVM account that is support by Litentry. - -### What the validation function can't do - -- The validation function cannot validate that the VC's credentialSubject is the current wallet account. It's SDK's consumer's responsibility to validate the id of VC's credentialSubject is equal to the wallet address. - -### How to use - -```typescript -import { WsProvider, ApiPromise } from '@polkadot/api'; -import { validateVc, NETWORKS } from '@litentry/vc-sdk'; - -const api: ApiPromise = await ApiPromise.create({ - provider: new WsProvider(NETWORKS['litentry-staging']) -}); -const vcJson = '{"@context": "https://www.w3.org/2018/credentials/v1", "type": "VerifiableCredential", "issuer": "https://example.com/issuer", "subject": "did:example:123", "credentialStatus": "https://example.com/status"}'; -const result = await validateVc(api, vcJson); - -// isValid is false if any field value of the result.detail is not true -if (!result.isValid) { - // true or error message - console.log('vcJson: ', result.detail.vcJson); - // true or error message - console.log('vcRegistry: ', result.detail.vcRegistry); - // true or error message - console.log('vcSignature: ', result.detail.vcSignature); - // true or error message - console.log('enclaveRegistry: ', result.detail.enclaveRegistry); -} -``` - -#### Parameters - -| Name | Type | Description | -| :------ | :------ | :------ | -| `api` | `ApiPromise` | The instance of ApiPromise. | -| `vc` | `string` | The VC JSON string that needs to be validated. | - -#### Returns - -`Promise`\<[`ValidationResult`](README.md#validationresult)\> - -The validation result. - -#### Defined in - -[lib/validator.ts:86](https://github.com/litentry/client-sdk/blob/main/lib/validator.ts#L86) - -___ - -### validateVcWithTrustedTeeDevEnclave - -▸ **validateVcWithTrustedTeeDevEnclave**(`api`, `vc`): ``true`` \| `string` - -Validates the VC information against the past enclave registry. -These Enclave may no longer be online but these are Enclave that issued the VC and we trust. - -exported for testing purposes. - -#### Parameters - -| Name | Type | -| :------ | :------ | -| `api` | `ApiPromise` | -| `vc` | [`VerifiableCredentialLike`](README.md#verifiablecredentiallike) | - -#### Returns - -``true`` \| `string` - -#### Defined in - -[lib/validator.ts:297](https://github.com/litentry/client-sdk/blob/main/lib/validator.ts#L297) diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/jest.config.ts b/tee-worker/identity/client-sdk/packages/vc-sdk/jest.config.ts deleted file mode 100644 index 1b43e61cb4..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/jest.config.ts +++ /dev/null @@ -1,15 +0,0 @@ -/* eslint-disable */ -export default { - displayName: 'vc-sdk', - preset: '../../jest.preset.js', - testEnvironment: 'node', - transform: { - '^.+\\.[tj]s$': ['ts-jest', { tsconfig: '/tsconfig.spec.json' }], - }, - moduleFileExtensions: ['ts', 'js', 'html'], - coverageDirectory: '../../coverage/package/vc-sdk', - transformIgnorePatterns: ['node_modules/(?!(@litentry/|.pnpm/@litentry)).*'], - moduleNameMapper: { - // '@litentry/enclave': '/../enclave/src', - }, -}; diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/package.json b/tee-worker/identity/client-sdk/packages/vc-sdk/package.json deleted file mode 100644 index a72b1140ff..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/package.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "name": "@litentry/vc-sdk", - "version": "3.4.0", - "description": "This library the common functionality to help dApps parse and validate Litentry issued Verifiable Credentials", - "license": "GPL-3.0-or-later", - "dependencies": {}, - "devDependencies": { - "fast-glob": "^3.3.2" - }, - "peerDependencies": { - "@litentry/parachain-api": "0.9.20-4.1", - "@litentry/sidechain-api": "0.9.20-4", - "@polkadot/api": "^10.9.1", - "@polkadot/util": "^12.5.1", - "@polkadot/util-crypto": "^12.5.1", - "tslib": "^2.3.0" - }, - "type": "module", - "main": "./src/index.js", - "typings": "./src/index.d.ts" -} diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/project.json b/tee-worker/identity/client-sdk/packages/vc-sdk/project.json deleted file mode 100644 index 204a7f4203..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/project.json +++ /dev/null @@ -1,65 +0,0 @@ -{ - "name": "vc-sdk", - "$schema": "../../node_modules/nx/schemas/project-schema.json", - "sourceRoot": "packages/vc-sdk/src", - "projectType": "library", - "targets": { - "build": { - "executor": "@nx/js:tsc", - "outputs": [ - "{options.outputPath}" - ], - "options": { - "outputPath": "dist/packages/vc-sdk", - "main": "packages/vc-sdk/src/index.ts", - "tsConfig": "packages/vc-sdk/tsconfig.lib.json", - "assets": [ - "packages/vc-sdk/*.md", - "packages/vc-sdk/docs/*.md" - ] - } - }, - "generate-doc": { - "executor": "nx:run-commands", - "options": { - "cwd": "./packages/vc-sdk", - "command": "typedoc --options ./typedoc.json" - } - }, - "publish": { - "command": "node tools/scripts/publish.mjs vc-sdk {args.ver} {args.tag}", - "dependsOn": [ - "build" - ] - }, - "lint": { - "executor": "@nx/linter:eslint", - "outputs": [ - "{options.outputFile}" - ], - "options": { - "lintFilePatterns": [ - "packages/vc-sdk/src/**/*.ts", - "packages/vc-sdk/package.json" - ] - } - }, - "test": { - "executor": "@nx/jest:jest", - "outputs": [ - "{workspaceRoot}/coverage/{projectRoot}" - ], - "options": { - "jestConfig": "packages/vc-sdk/jest.config.ts", - "passWithNoTests": true - }, - "configurations": { - "ci": { - "ci": true, - "codeCoverage": true - } - } - } - }, - "tags": [] -} diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/src/index.ts b/tee-worker/identity/client-sdk/packages/vc-sdk/src/index.ts deleted file mode 100644 index 757f9b6a5e..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/src/index.ts +++ /dev/null @@ -1,6 +0,0 @@ -// ambience imports -import '@litentry/sidechain-api'; -import '@litentry/parachain-api'; - -export * from './lib/validator'; -export * from './lib/validator.types'; diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/validator.constants.ts b/tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/validator.constants.ts deleted file mode 100644 index f2abc91dea..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/src/lib/validator.constants.ts +++ /dev/null @@ -1,9 +0,0 @@ -/** - * Use to create WsProvider according to network. - */ -export const NETWORKS = { - 'litentry-internal': 'wss://tee-internal.litentry.io', - 'litentry-staging': 'wss://tee-staging.litentry.io', - 'litentry-rococo': 'wss://rpc.rococo-parachain-sg.litentry.io', - litentry: 'wss://rpc.litentry-parachain.litentry.io', -} as const; diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/tsconfig.json b/tee-worker/identity/client-sdk/packages/vc-sdk/tsconfig.json deleted file mode 100644 index 3c85fb0c8c..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/tsconfig.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "extends": "../../tsconfig.base.json", - "compilerOptions": { - "forceConsistentCasingInFileNames": true, - "strict": true, - "allowJs": true, - "noImplicitOverride": true, - "noPropertyAccessFromIndexSignature": false, - "noImplicitReturns": true, - "noFallthroughCasesInSwitch": true, - "resolveJsonModule": true, - "esModuleInterop": true - }, - "files": [], - "include": [], - "references": [ - { - "path": "./tsconfig.lib.json" - }, - { - "path": "./tsconfig.spec.json" - } - ] -} diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/tsconfig.lib.json b/tee-worker/identity/client-sdk/packages/vc-sdk/tsconfig.lib.json deleted file mode 100644 index 33eca2c2cd..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/tsconfig.lib.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "extends": "./tsconfig.json", - "compilerOptions": { - "outDir": "../../dist/out-tsc", - "declaration": true, - "types": ["node"] - }, - "include": ["src/**/*.ts"], - "exclude": ["jest.config.ts", "src/**/*.spec.ts", "src/**/*.test.ts"] -} diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/tsconfig.spec.json b/tee-worker/identity/client-sdk/packages/vc-sdk/tsconfig.spec.json deleted file mode 100644 index 9b2a121d11..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/tsconfig.spec.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "extends": "./tsconfig.json", - "compilerOptions": { - "outDir": "../../dist/out-tsc", - "module": "commonjs", - "types": ["jest", "node"] - }, - "include": [ - "jest.config.ts", - "src/**/*.test.ts", - "src/**/*.spec.ts", - "src/**/*.d.ts" - ] -} diff --git a/tee-worker/identity/client-sdk/packages/vc-sdk/typedoc.json b/tee-worker/identity/client-sdk/packages/vc-sdk/typedoc.json deleted file mode 100644 index 2e99bcc38c..0000000000 --- a/tee-worker/identity/client-sdk/packages/vc-sdk/typedoc.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "$schema": "https://typedoc.org/schema.json", - "plugin": ["typedoc-plugin-markdown"], - "entryPoints": ["./src/index.ts"], - "disableGit": true, - "sourceLinkTemplate": "https://github.com/litentry/client-sdk/blob/main/{path}#L{line}", - "readme": "none", - "out": "docs" -} diff --git a/tee-worker/identity/client-sdk/project.json b/tee-worker/identity/client-sdk/project.json index ed095f0b5d..68538e2798 100644 --- a/tee-worker/identity/client-sdk/project.json +++ b/tee-worker/identity/client-sdk/project.json @@ -1,5 +1,5 @@ { - "name": "client-sdk", + "name": "@litentry-client-sdk/source", "$schema": "node_modules/nx/schemas/project-schema.json", "targets": { "local-registry": { diff --git a/tee-worker/identity/client-sdk/tsconfig.base.json b/tee-worker/identity/client-sdk/tsconfig.base.json index 658de831d9..e1cee4d502 100644 --- a/tee-worker/identity/client-sdk/tsconfig.base.json +++ b/tee-worker/identity/client-sdk/tsconfig.base.json @@ -16,7 +16,7 @@ "baseUrl": ".", "paths": { "@litentry/chaindata": ["packages/chaindata/src/index.ts"], - "@litentry/enclave": ["packages/enclave/src/index.ts"], + "packages/client-sdk": ["packages/client-sdk/src/index.ts"], "@litentry/vc-sdk": ["packages/vc-sdk/src/index.ts"] } }, diff --git a/tee-worker/identity/ts-tests/pnpm-lock.yaml b/tee-worker/identity/ts-tests/pnpm-lock.yaml index 4f1484b81c..39834bd030 100644 --- a/tee-worker/identity/ts-tests/pnpm-lock.yaml +++ b/tee-worker/identity/ts-tests/pnpm-lock.yaml @@ -114,7 +114,7 @@ importers: version: 2.0.1 ws: specifier: ^8.17.1 - version: 8.17.1(bufferutil@4.0.8)(utf-8-validate@5.0.10) + version: 8.17.1 zx: specifier: ^7.2.3 version: 7.2.3 @@ -167,15 +167,15 @@ importers: '@litentry/chaindata': specifier: ^0.2.0 version: 0.2.0 - '@litentry/enclave': - specifier: ^4.1.0 - version: 4.1.0(@litentry/chaindata@0.2.0)(@litentry/parachain-api@0.9.18-11.2)(@litentry/sidechain-api@0.9.18-11)(@polkadot/api@10.9.1)(@polkadot/types-codec@10.9.1)(@polkadot/types@10.9.1)(@polkadot/util-crypto@12.5.1)(@polkadot/util@12.5.1)(tslib@2.6.2) + '@litentry/client-sdk': + specifier: ^1.0.0 + version: 1.0.0(@litentry/chaindata@0.2.0)(@litentry/parachain-api@0.9.20-4.1)(@litentry/sidechain-api@0.9.20-4)(@polkadot/api@10.9.1)(@polkadot/types-codec@10.9.1)(@polkadot/types@10.9.1)(@polkadot/util-crypto@12.5.1)(@polkadot/util@12.5.1)(tslib@2.6.2) '@litentry/parachain-api': - specifier: 0.9.18-11.2 - version: 0.9.18-11.2 + specifier: 0.9.20-4.1 + version: 0.9.20-4.1 '@litentry/sidechain-api': - specifier: 0.9.18-11 - version: 0.9.18-11 + specifier: 0.9.20-4 + version: 0.9.20-4 '@polkadot/api': specifier: ^10.9.1 version: 10.9.1 @@ -217,7 +217,7 @@ importers: version: 5.0.4 ws: specifier: ^8.17.1 - version: 8.17.1(bufferutil@4.0.8)(utf-8-validate@5.0.10) + version: 8.17.1 stress: dependencies: @@ -259,7 +259,7 @@ importers: version: 2.0.1 ws: specifier: ^8.17.1 - version: 8.17.1(bufferutil@4.0.8)(utf-8-validate@5.0.10) + version: 8.17.1 zod: specifier: ^3.22.3 version: 3.22.3 @@ -401,7 +401,7 @@ importers: version: 2.0.1 ws: specifier: ^8.17.1 - version: 8.17.1(bufferutil@4.0.8)(utf-8-validate@5.0.10) + version: 8.17.1 devDependencies: '@ethersproject/providers': specifier: ^5.7.2 @@ -489,7 +489,7 @@ packages: engines: {node: ^12.22.0 || ^14.17.0 || >=16.0.0} dependencies: ajv: 6.12.6 - debug: 4.3.4(supports-color@8.1.1) + debug: 4.3.4 espree: 9.6.1 globals: 13.22.0 ignore: 5.2.4 @@ -826,7 +826,7 @@ packages: engines: {node: '>=10.10.0'} dependencies: '@humanwhocodes/object-schema': 1.2.1 - debug: 4.3.4(supports-color@8.1.1) + debug: 4.3.4 minimatch: 3.1.2 transitivePeerDependencies: - supports-color @@ -860,12 +860,12 @@ packages: tslib: 2.6.2 dev: false - /@litentry/enclave@4.1.0(@litentry/chaindata@0.2.0)(@litentry/parachain-api@0.9.18-11.2)(@litentry/sidechain-api@0.9.18-11)(@polkadot/api@10.9.1)(@polkadot/types-codec@10.9.1)(@polkadot/types@10.9.1)(@polkadot/util-crypto@12.5.1)(@polkadot/util@12.5.1)(tslib@2.6.2): - resolution: {integrity: sha512-YHo6CIqrAO1MofQZVCyZpsMuKB/WaM+lBu7pkxr+l3Phsu1cGwGu+7aFfI58+8qGjoxrVUvA/opGcW0rXSiLmg==} + /@litentry/client-sdk@1.0.0(@litentry/chaindata@0.2.0)(@litentry/parachain-api@0.9.20-4.1)(@litentry/sidechain-api@0.9.20-4)(@polkadot/api@10.9.1)(@polkadot/types-codec@10.9.1)(@polkadot/types@10.9.1)(@polkadot/util-crypto@12.5.1)(@polkadot/util@12.5.1)(tslib@2.6.2): + resolution: {integrity: sha512-htcII+AN0v99G4u7Dbe7g/KU+IPukPit5hm8bR/kA0b8FaPQySKLsvO0bdKdNvExGOeLj9uhmMo5LdwB9tXj+A==} peerDependencies: '@litentry/chaindata': '*' - '@litentry/parachain-api': 0.9.18-11.2 - '@litentry/sidechain-api': 0.9.18-11 + '@litentry/parachain-api': 0.9.20-4.1 + '@litentry/sidechain-api': 0.9.20-4 '@polkadot/api': ^10.9.1 '@polkadot/types': ^10.9.1 '@polkadot/types-codec': ^10.9.1 @@ -874,8 +874,8 @@ packages: tslib: ^2.3.0 dependencies: '@litentry/chaindata': 0.2.0 - '@litentry/parachain-api': 0.9.18-11.2 - '@litentry/sidechain-api': 0.9.18-11 + '@litentry/parachain-api': 0.9.20-4.1 + '@litentry/sidechain-api': 0.9.20-4 '@polkadot/api': 10.9.1 '@polkadot/types': 10.9.1 '@polkadot/types-codec': 10.9.1 @@ -884,8 +884,8 @@ packages: tslib: 2.6.2 dev: false - /@litentry/parachain-api@0.9.18-11.2: - resolution: {integrity: sha512-nnmX2o8j9Cbi6truI0CtIZ34dyAAKNGWmTIbfS5oXU3LVq20mdHErE8o9y/0j79yN+yFJwUvLpQMqanm6nwJYQ==} + /@litentry/parachain-api@0.9.20-4.1: + resolution: {integrity: sha512-IL3E86EXlc3YdzHghxHwy0+a+1cWAjyQ8Ynyku4BtD6lL5b/bLgS3tFRmAYhkmmIFfJnx9vLRw2gZ3LVEudcJg==} dependencies: '@polkadot/api': 10.9.1 '@polkadot/api-augment': 10.9.1 @@ -907,8 +907,8 @@ packages: - utf-8-validate dev: false - /@litentry/sidechain-api@0.9.18-11: - resolution: {integrity: sha512-iAcCyM8YkVdNjPs+CbhGpeUN2EnvTvvs8+HsiL660OTPRWHwLn7f3MuzrCcjBaHjKErtY2gJ9F/P6pskg5MOrg==} + /@litentry/sidechain-api@0.9.20-4: + resolution: {integrity: sha512-wYIS8FStKL7Nw/ViRlRMijSpZgVxJr2OKQlSRO1j9rBdNiCiOw0M5Y5Uo3eeSO7y4R04gPaSm7q0FvjByvGEMw==} dependencies: '@polkadot/api': 10.9.1 '@polkadot/api-augment': 10.9.1 @@ -1392,7 +1392,7 @@ packages: dependencies: '@polkadot/x-global': 12.5.1 tslib: 2.6.2 - ws: 8.17.1(bufferutil@4.0.8)(utf-8-validate@5.0.10) + ws: 8.17.1 transitivePeerDependencies: - bufferutil - utf-8-validate @@ -1441,6 +1441,7 @@ packages: /@substrate/connect@0.7.26: resolution: {integrity: sha512-uuGSiroGuKWj1+38n1kY5HReer5iL9bRwPCzuoLtqAOmI1fGI0hsSI2LlNQMAbfRgr7VRHXOk5MTuQf5ulsFRw==} + deprecated: versions below 1.x are no longer maintained requiresBuild: true dependencies: '@substrate/connect-extension-protocol': 1.0.1 @@ -1565,7 +1566,7 @@ packages: '@typescript-eslint/scope-manager': 5.62.0 '@typescript-eslint/type-utils': 5.62.0(eslint@8.50.0)(typescript@5.0.4) '@typescript-eslint/utils': 5.62.0(eslint@8.50.0)(typescript@5.0.4) - debug: 4.3.4(supports-color@8.1.1) + debug: 4.3.4 eslint: 8.50.0 graphemer: 1.4.0 ignore: 5.2.4 @@ -1590,7 +1591,7 @@ packages: '@typescript-eslint/scope-manager': 5.62.0 '@typescript-eslint/types': 5.62.0 '@typescript-eslint/typescript-estree': 5.62.0(typescript@5.0.4) - debug: 4.3.4(supports-color@8.1.1) + debug: 4.3.4 eslint: 8.50.0 typescript: 5.0.4 transitivePeerDependencies: @@ -1617,7 +1618,7 @@ packages: dependencies: '@typescript-eslint/typescript-estree': 5.62.0(typescript@5.0.4) '@typescript-eslint/utils': 5.62.0(eslint@8.50.0)(typescript@5.0.4) - debug: 4.3.4(supports-color@8.1.1) + debug: 4.3.4 eslint: 8.50.0 tsutils: 3.21.0(typescript@5.0.4) typescript: 5.0.4 @@ -1641,7 +1642,7 @@ packages: dependencies: '@typescript-eslint/types': 5.62.0 '@typescript-eslint/visitor-keys': 5.62.0 - debug: 4.3.4(supports-color@8.1.1) + debug: 4.3.4 globby: 11.1.0 is-glob: 4.0.3 semver: 7.5.4 @@ -2173,6 +2174,17 @@ packages: engines: {node: '>= 12'} dev: false + /debug@4.3.4: + resolution: {integrity: sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==} + engines: {node: '>=6.0'} + peerDependencies: + supports-color: '*' + peerDependenciesMeta: + supports-color: + optional: true + dependencies: + ms: 2.1.2 + /debug@4.3.4(supports-color@8.1.1): resolution: {integrity: sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==} engines: {node: '>=6.0'} @@ -2408,7 +2420,7 @@ packages: ajv: 6.12.6 chalk: 4.1.2 cross-spawn: 7.0.3 - debug: 4.3.4(supports-color@8.1.1) + debug: 4.3.4 doctrine: 3.0.0 escape-string-regexp: 4.0.0 eslint-scope: 7.2.2 @@ -3312,7 +3324,7 @@ packages: resolution: {integrity: sha512-z+KUlILy9SK/RjpeXDiDUEAq4T94ADPHE3qaRkf66mpEhzc/ytOMm3Bwdrbq6k1tMWkbdujiKim3G2tfQARuJw==} engines: {node: '>= 10.13'} dependencies: - debug: 4.3.4(supports-color@8.1.1) + debug: 4.3.4 json-stringify-safe: 5.0.1 lodash: 4.17.21 propagate: 2.0.1 @@ -3704,7 +3716,7 @@ packages: requiresBuild: true dependencies: pako: 2.1.0 - ws: 8.17.1(bufferutil@4.0.8)(utf-8-validate@5.0.10) + ws: 8.17.1 transitivePeerDependencies: - bufferutil - utf-8-validate @@ -4103,6 +4115,19 @@ packages: utf-8-validate: optional: true + /ws@8.17.1: + resolution: {integrity: sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==} + engines: {node: '>=10.0.0'} + peerDependencies: + bufferutil: ^4.0.1 + utf-8-validate: '>=5.0.2' + peerDependenciesMeta: + bufferutil: + optional: true + utf-8-validate: + optional: true + dev: false + /ws@8.17.1(bufferutil@4.0.8)(utf-8-validate@5.0.10): resolution: {integrity: sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==} engines: {node: '>=10.0.0'} @@ -4212,6 +4237,7 @@ packages: file:../client-api/parachain-api: resolution: {directory: ../client-api/parachain-api, type: directory} name: '@litentry/parachain-api' + version: 0.9.20-04.1 dependencies: '@polkadot/api': 10.9.1 '@polkadot/api-augment': 10.9.1 @@ -4236,6 +4262,7 @@ packages: file:../client-api/sidechain-api: resolution: {directory: ../client-api/sidechain-api, type: directory} name: '@litentry/sidechain-api' + version: 0.9.20-04 dependencies: '@polkadot/api': 10.9.1 '@polkadot/api-augment': 10.9.1 diff --git a/tee-worker/identity/ts-tests/post-checks/package.json b/tee-worker/identity/ts-tests/post-checks/package.json index 9539aca9e3..10177e8239 100644 --- a/tee-worker/identity/ts-tests/post-checks/package.json +++ b/tee-worker/identity/ts-tests/post-checks/package.json @@ -5,13 +5,13 @@ "type": "module", "main": "index.js", "scripts": { - "start": "mocha --timeout 20000 --exit --sort -r ts-node/register --loader=ts-node/esm ./tests/**/*.test.ts" + "start": "LITENTRY_NETWORK='litentry-dev' mocha --timeout 20000 --exit --sort -r ts-node/register --loader=ts-node/esm ./tests/**/*.test.ts" }, "dependencies": { "@litentry/chaindata": "^0.2.0", - "@litentry/enclave": "^4.1.0", - "@litentry/parachain-api": "0.9.18-11.2", - "@litentry/sidechain-api": "0.9.18-11", + "@litentry/client-sdk": "^1.0.0", + "@litentry/parachain-api": "0.9.20-4.1", + "@litentry/sidechain-api": "0.9.20-4", "@polkadot/api": "^10.9.1", "@polkadot/util": "^12.5.1", "@polkadot/util-crypto": "^12.5.1", diff --git a/tee-worker/identity/ts-tests/post-checks/tests/post-check.test.ts b/tee-worker/identity/ts-tests/post-checks/tests/post-check.test.ts index 6b63ece352..9b7fafecac 100644 --- a/tee-worker/identity/ts-tests/post-checks/tests/post-check.test.ts +++ b/tee-worker/identity/ts-tests/post-checks/tests/post-check.test.ts @@ -2,10 +2,9 @@ import WebSocket from 'ws'; import { assert } from 'chai'; import { webcrypto } from 'crypto'; import { ApiPromise, Keyring, WsProvider } from '@polkadot/api'; -import { cryptoWaitReady } from '@polkadot/util-crypto'; import { identity, trusted_operations, sidechain, vc } from '@litentry/parachain-api'; -import { request, createLitentryIdentityType, createLitentryValidationDataType } from '@litentry/enclave'; +import { request, createLitentryIdentityType } from '@litentry/client-sdk'; import { nodeEndpoint, enclaveEndpoint } from '../config'; import { u8aToHex, u8aToString } from '@polkadot/util'; From 302f8656f2256994bf4c33d333f85743f4b0f6fd Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Wed, 16 Oct 2024 12:44:08 +0200 Subject: [PATCH 15/17] Adding abstractions for the omni-account in the worker (#3116) --- common/primitives/core/Cargo.toml | 14 +-- common/primitives/core/src/lib.rs | 4 +- .../core/src/teebag/sgx_verify/mod.rs | 2 - parachain/Cargo.lock | 1 - parachain/pallets/omni-account/Cargo.toml | 2 +- tee-worker/Cargo.lock | 17 ++++ tee-worker/Cargo.toml | 2 + .../bitacross/enclave-runtime/Cargo.lock | 2 + .../src/ocall/on_chain_ocall.rs | 10 +- .../core-primitives/ocall-api/src/lib.rs | 6 +- .../common/core-primitives/storage/Cargo.toml | 2 + .../core-primitives/storage/src/keys.rs | 16 +++- .../common/core-primitives/storage/src/lib.rs | 2 + .../test/src/mock/onchain_mock.rs | 6 +- .../common/litentry/primitives/src/lib.rs | 1 + .../core-primitives/stf-executor/Cargo.toml | 1 + .../identity/enclave-runtime/Cargo.lock | 2 + .../src/ocall/on_chain_ocall.rs | 10 +- .../test/mocks/propose_to_import_call_mock.rs | 6 +- .../litentry/core/assertion-build/src/a13.rs | 3 +- .../litentry/core/omni-account/Cargo.toml | 32 +++++++ .../core/omni-account/src/in_memory_store.rs | 77 +++++++++++++++ .../litentry/core/omni-account/src/lib.rs | 43 +++++++++ .../core/omni-account/src/repository.rs | 95 +++++++++++++++++++ 24 files changed, 332 insertions(+), 24 deletions(-) create mode 100644 tee-worker/identity/litentry/core/omni-account/Cargo.toml create mode 100644 tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs create mode 100644 tee-worker/identity/litentry/core/omni-account/src/lib.rs create mode 100644 tee-worker/identity/litentry/core/omni-account/src/repository.rs diff --git a/common/primitives/core/Cargo.toml b/common/primitives/core/Cargo.toml index 0734ba84c8..c07ca703d3 100644 --- a/common/primitives/core/Cargo.toml +++ b/common/primitives/core/Cargo.toml @@ -7,18 +7,18 @@ version = '0.1.0' [dependencies] base58 = { version = "0.2", default-features = false } base64 = { version = "0.13", default-features = false, features = ["alloc"] } -parity-scale-codec = { version = "3.6", default-features = false, features = ["derive", "max-encoded-len"] } -strum = { version = "0.26", default-features = false } -strum_macros = { version = "0.26", default-features = false } -serde = { version = "1.0", default-features = false, features = ["derive", "alloc"] } -serde_json = { version = "=1.0.120", default-features = false } +chrono = { version = "0.4", default-features = false, features = ["serde"] } der = { version = "0.6.0", default-features = false } hex = { version = "0.4", default-features = false } hex-literal = { version = "0.4.1", default-features = false } -chrono = { version = "0.4", default-features = false, features = ["serde"] } +parity-scale-codec = { version = "3.6", default-features = false, features = ["derive", "max-encoded-len"] } ring = { version = "0.16.20", default-features = false, features = ["alloc"] } -x509-cert = { version = "0.1.0", default-features = false, features = ["alloc"] } +serde = { version = "1.0", default-features = false, features = ["derive", "alloc"] } +serde_json = { version = "=1.0.120", default-features = false } +strum = { version = "0.26", default-features = false } +strum_macros = { version = "0.26", default-features = false } webpki = { version = "=0.102.0-alpha.3", git = "https://github.com/rustls/webpki", rev = "da923ed", package = "rustls-webpki", default-features = false, features = ["alloc", "ring"] } +x509-cert = { version = "0.1.0", default-features = false, features = ["alloc"] } frame-support = { git = "https://github.com/paritytech/polkadot-sdk", branch = "release-polkadot-v1.1.0", default-features = false } pallet-evm = { git = "https://github.com/paritytech/frontier", branch = "polkadot-v1.1.0", default-features = false } diff --git a/common/primitives/core/src/lib.rs b/common/primitives/core/src/lib.rs index 647280f5c2..a04fdf9844 100644 --- a/common/primitives/core/src/lib.rs +++ b/common/primitives/core/src/lib.rs @@ -32,9 +32,11 @@ pub use assertion::Assertion; pub mod identity; pub use identity::*; -mod omni_account; +pub mod omni_account; pub use omni_account::*; +extern crate alloc; +extern crate core; use alloc::{format, str, str::FromStr, string::String, vec, vec::Vec}; use sp_runtime::{traits::ConstU32, BoundedVec}; diff --git a/common/primitives/core/src/teebag/sgx_verify/mod.rs b/common/primitives/core/src/teebag/sgx_verify/mod.rs index d07583dc14..2a8ee2d251 100644 --- a/common/primitives/core/src/teebag/sgx_verify/mod.rs +++ b/common/primitives/core/src/teebag/sgx_verify/mod.rs @@ -28,8 +28,6 @@ //! //! * https://download.01.org/intel-sgx/linux-1.5/docs/Intel_SGX_Developer_Guide.pdf -pub extern crate alloc; - use self::{ collateral::{EnclaveIdentity, TcbInfo}, netscape_comment::NetscapeComment, diff --git a/parachain/Cargo.lock b/parachain/Cargo.lock index a83af27e12..6a4230119a 100644 --- a/parachain/Cargo.lock +++ b/parachain/Cargo.lock @@ -7831,7 +7831,6 @@ dependencies = [ "parity-scale-codec", "scale-info", "sp-core", - "sp-core-hashing", "sp-io", "sp-keyring", "sp-runtime", diff --git a/parachain/pallets/omni-account/Cargo.toml b/parachain/pallets/omni-account/Cargo.toml index 451bb0ee7e..fb5c35df7e 100644 --- a/parachain/pallets/omni-account/Cargo.toml +++ b/parachain/pallets/omni-account/Cargo.toml @@ -13,7 +13,7 @@ scale-info = { workspace = true } frame-support = { workspace = true } frame-system = { workspace = true } sp-core = { workspace = true } -sp-core-hashing = { workspace = true } + sp-io = { workspace = true } sp-runtime = { workspace = true } sp-std = { workspace = true } diff --git a/tee-worker/Cargo.lock b/tee-worker/Cargo.lock index b4482f579f..ff5fab9d0f 100644 --- a/tee-worker/Cargo.lock +++ b/tee-worker/Cargo.lock @@ -3529,6 +3529,7 @@ dependencies = [ "itp-ocall-api", "itp-sgx-crypto", "itp-sgx-externalities", + "itp-sgx-io", "itp-stf-interface", "itp-stf-primitives", "itp-stf-state-handler", @@ -4314,6 +4315,7 @@ dependencies = [ "frame-support", "hash-db 0.15.2", "itp-types", + "litentry-hex-utils", "parity-scale-codec", "sgx_tstd", "sp-core", @@ -5221,6 +5223,21 @@ dependencies = [ "sgx_tstd", ] +[[package]] +name = "lc-omni-account" +version = "0.1.0" +dependencies = [ + "frame-support", + "itp-ocall-api", + "itp-storage", + "itp-types", + "lazy_static", + "litentry-primitives", + "log 0.4.20", + "sgx_tstd", + "sp-core", +] + [[package]] name = "lc-parachain-extrinsic-task-receiver" version = "0.1.0" diff --git a/tee-worker/Cargo.toml b/tee-worker/Cargo.toml index 324f8dc8f5..64d89bec74 100644 --- a/tee-worker/Cargo.toml +++ b/tee-worker/Cargo.toml @@ -56,6 +56,7 @@ members = [ "identity/litentry/core/native-task/sender", "identity/litentry/core/native-task/receiver", "identity/litentry/core/identity-verification", + "identity/litentry/core/omni-account", "identity/litentry/core/stf-task/sender", "identity/litentry/core/stf-task/receiver", "identity/litentry/core/service", @@ -300,6 +301,7 @@ lc-stf-task-sender = { path = "identity/litentry/core/stf-task/sender", default- lc-stf-task-receiver = { path = "identity/litentry/core/stf-task/receiver", default-features = false } lc-vc-task-sender = { path = "identity/litentry/core/vc-task/sender", default-features = false } lc-vc-task-receiver = { path = "identity/litentry/core/vc-task/receiver", default-features = false } +lc-omni-account = { path = "identity/app-libs/omni-account", default-features = false } lc-native-task-sender = { path = "identity/litentry/core/native-task/sender", default-features = false } lc-native-task-receiver = { path = "identity/litentry/core/native-task/receiver", default-features = false } diff --git a/tee-worker/bitacross/enclave-runtime/Cargo.lock b/tee-worker/bitacross/enclave-runtime/Cargo.lock index 7c196c4cd8..c6e9aa1a46 100644 --- a/tee-worker/bitacross/enclave-runtime/Cargo.lock +++ b/tee-worker/bitacross/enclave-runtime/Cargo.lock @@ -988,6 +988,7 @@ dependencies = [ "serde 1.0.204", "serde_json 1.0.120", "sp-core", + "sp-core-hashing", "sp-io", "sp-runtime", "sp-std", @@ -2556,6 +2557,7 @@ dependencies = [ "frame-support", "hash-db 0.15.2", "itp-types", + "litentry-hex-utils 0.1.0", "parity-scale-codec", "sgx_tstd", "sp-core", diff --git a/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs b/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs index e80c1fb112..124f7fabd9 100644 --- a/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs +++ b/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs @@ -125,9 +125,13 @@ impl EnclaveOnChainOCallApi for OcallApi { Ok(storage_entries) } - fn get_storage_keys(&self, key_prefix: Vec) -> Result>> { - // always using the latest state - we need to support optional header - let requests = vec![WorkerRequest::ChainStorageKeys(key_prefix, None)]; + fn get_storage_keys>( + &self, + key_prefix: Vec, + header: Option<&H>, + ) -> Result>> { + let header_hash = header.map(|h| h.hash()); + let requests = vec![WorkerRequest::ChainStorageKeys(key_prefix, header_hash)]; let responses: Vec>> = self .worker_request::>(requests, &ParentchainId::Litentry)? diff --git a/tee-worker/common/core-primitives/ocall-api/src/lib.rs b/tee-worker/common/core-primitives/ocall-api/src/lib.rs index d4a0a9b944..ca5090e88c 100644 --- a/tee-worker/common/core-primitives/ocall-api/src/lib.rs +++ b/tee-worker/common/core-primitives/ocall-api/src/lib.rs @@ -118,7 +118,11 @@ pub trait EnclaveOnChainOCallApi: Clone + Send + Sync { // Litentry // given a key prefix, get all storage keys - fn get_storage_keys(&self, key_prefix: Vec) -> Result>>; + fn get_storage_keys>( + &self, + key_prefix: Vec, + header: Option<&H>, + ) -> Result>>; } /// Trait for sending metric updates. diff --git a/tee-worker/common/core-primitives/storage/Cargo.toml b/tee-worker/common/core-primitives/storage/Cargo.toml index d3c48d6e05..72659e1b52 100644 --- a/tee-worker/common/core-primitives/storage/Cargo.toml +++ b/tee-worker/common/core-primitives/storage/Cargo.toml @@ -23,6 +23,8 @@ sp-trie = { workspace = true } itp-types = { workspace = true } +litentry-hex-utils = { workspace = true } + [dev-dependencies] sp-state-machine = { workspace = true, features = ["std"] } diff --git a/tee-worker/common/core-primitives/storage/src/keys.rs b/tee-worker/common/core-primitives/storage/src/keys.rs index 43de4f667e..5771bd8c03 100644 --- a/tee-worker/common/core-primitives/storage/src/keys.rs +++ b/tee-worker/common/core-primitives/storage/src/keys.rs @@ -15,9 +15,11 @@ */ -use codec::Encode; +use alloc::{string::String, vec::Vec}; +use codec::{Decode, Encode}; use frame_metadata::v14::StorageHasher; -use sp_std::vec::Vec; +use frame_support::{Blake2_128Concat, ReversibleStorageHasher}; +use litentry_hex_utils::decode_hex; pub fn storage_value_key(module_prefix: &str, storage_prefix: &str) -> Vec { let mut bytes = sp_core::twox_128(module_prefix.as_bytes()).to_vec(); @@ -37,6 +39,16 @@ pub fn storage_map_key( bytes } +pub fn extract_blake2_128concat_key(raw_storage_key: &[u8]) -> Option { + let mut raw_key = Blake2_128Concat::reverse(raw_storage_key); + K::decode(&mut raw_key).ok() +} + +pub fn decode_storage_key(raw_key: Vec) -> Option> { + let hex_key = String::decode(&mut raw_key.as_slice()).unwrap_or_default(); + decode_hex(hex_key).ok() +} + pub fn storage_double_map_key( module_prefix: &str, storage_prefix: &str, diff --git a/tee-worker/common/core-primitives/storage/src/lib.rs b/tee-worker/common/core-primitives/storage/src/lib.rs index 3a3b6f2a6d..77a087e23e 100644 --- a/tee-worker/common/core-primitives/storage/src/lib.rs +++ b/tee-worker/common/core-primitives/storage/src/lib.rs @@ -23,6 +23,8 @@ compile_error!("feature \"std\" and feature \"sgx\" cannot be enabled at the sam #[cfg(all(not(feature = "std"), feature = "sgx"))] extern crate sgx_tstd as std; +extern crate alloc; + pub use error::Error; pub use frame_metadata::v14::StorageHasher; pub use keys::*; diff --git a/tee-worker/common/core-primitives/test/src/mock/onchain_mock.rs b/tee-worker/common/core-primitives/test/src/mock/onchain_mock.rs index a0163f8df0..021875620e 100644 --- a/tee-worker/common/core-primitives/test/src/mock/onchain_mock.rs +++ b/tee-worker/common/core-primitives/test/src/mock/onchain_mock.rs @@ -223,7 +223,11 @@ impl EnclaveOnChainOCallApi for OnchainMock { Ok(entries) } - fn get_storage_keys(&self, _key_prefix: Vec) -> Result>, itp_ocall_api::Error> { + fn get_storage_keys>( + &self, + _key_prefix: Vec, + _header: Option<&H>, + ) -> Result>, itp_ocall_api::Error> { Ok(Default::default()) } } diff --git a/tee-worker/common/litentry/primitives/src/lib.rs b/tee-worker/common/litentry/primitives/src/lib.rs index 298d8090ed..0615b49327 100644 --- a/tee-worker/common/litentry/primitives/src/lib.rs +++ b/tee-worker/common/litentry/primitives/src/lib.rs @@ -72,6 +72,7 @@ pub use parentchain_primitives::{ }, decl_rsa_request, identity::*, + omni_account::*, teebag::*, AccountId as ParentchainAccountId, Balance as ParentchainBalance, BlockNumber as ParentchainBlockNumber, ErrorDetail, ErrorString, Hash as ParentchainHash, diff --git a/tee-worker/identity/core-primitives/stf-executor/Cargo.toml b/tee-worker/identity/core-primitives/stf-executor/Cargo.toml index e77096f69e..260edbdd5d 100644 --- a/tee-worker/identity/core-primitives/stf-executor/Cargo.toml +++ b/tee-worker/identity/core-primitives/stf-executor/Cargo.toml @@ -15,6 +15,7 @@ itp-node-api = { workspace = true } itp-ocall-api = { workspace = true } itp-sgx-crypto = { workspace = true } itp-sgx-externalities = { workspace = true } +itp-sgx-io = { workspace = true } itp-stf-interface = { workspace = true } itp-stf-primitives = { workspace = true } itp-stf-state-handler = { workspace = true } diff --git a/tee-worker/identity/enclave-runtime/Cargo.lock b/tee-worker/identity/enclave-runtime/Cargo.lock index 57c5ec6c5a..3852a51f84 100644 --- a/tee-worker/identity/enclave-runtime/Cargo.lock +++ b/tee-worker/identity/enclave-runtime/Cargo.lock @@ -2016,6 +2016,7 @@ dependencies = [ "itp-ocall-api", "itp-sgx-crypto", "itp-sgx-externalities", + "itp-sgx-io", "itp-stf-interface", "itp-stf-primitives", "itp-stf-state-handler", @@ -2597,6 +2598,7 @@ dependencies = [ "frame-support", "hash-db 0.15.2", "itp-types", + "litentry-hex-utils", "parity-scale-codec", "sgx_tstd", "sp-core", diff --git a/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs b/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs index e80c1fb112..124f7fabd9 100644 --- a/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs +++ b/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs @@ -125,9 +125,13 @@ impl EnclaveOnChainOCallApi for OcallApi { Ok(storage_entries) } - fn get_storage_keys(&self, key_prefix: Vec) -> Result>> { - // always using the latest state - we need to support optional header - let requests = vec![WorkerRequest::ChainStorageKeys(key_prefix, None)]; + fn get_storage_keys>( + &self, + key_prefix: Vec, + header: Option<&H>, + ) -> Result>> { + let header_hash = header.map(|h| h.hash()); + let requests = vec![WorkerRequest::ChainStorageKeys(key_prefix, header_hash)]; let responses: Vec>> = self .worker_request::>(requests, &ParentchainId::Litentry)? diff --git a/tee-worker/identity/enclave-runtime/src/test/mocks/propose_to_import_call_mock.rs b/tee-worker/identity/enclave-runtime/src/test/mocks/propose_to_import_call_mock.rs index 7f68b55a69..67a1b4ea64 100644 --- a/tee-worker/identity/enclave-runtime/src/test/mocks/propose_to_import_call_mock.rs +++ b/tee-worker/identity/enclave-runtime/src/test/mocks/propose_to_import_call_mock.rs @@ -84,7 +84,11 @@ impl EnclaveOnChainOCallApi for ProposeToImportOCallApi { todo!() } - fn get_storage_keys(&self, _key_prefix: Vec) -> Result>> { + fn get_storage_keys>( + &self, + _key_prefix: Vec, + _header: Option<&H>, + ) -> Result>> { todo!() } } diff --git a/tee-worker/identity/litentry/core/assertion-build/src/a13.rs b/tee-worker/identity/litentry/core/assertion-build/src/a13.rs index 0f46664799..8c1cd1904a 100644 --- a/tee-worker/identity/litentry/core/assertion-build/src/a13.rs +++ b/tee-worker/identity/litentry/core/assertion-build/src/a13.rs @@ -24,6 +24,7 @@ use crate::*; use codec::Decode; use frame_support::storage::storage_prefix; use itp_ocall_api::EnclaveOnChainOCallApi; +use itp_types::parentchain::Header; use lc_credentials::IssuerRuntimeVersion; use litentry_primitives::Address32; @@ -39,7 +40,7 @@ pub fn build( debug!("Assertion A13 build, who: {:?}", account_id_to_string(&who)); let key_prefix = storage_prefix(b"VCManagement", b"Delegatee"); - let response = ocall_api.get_storage_keys(key_prefix.into()).map_err(|_| { + let response = ocall_api.get_storage_keys::
(key_prefix.into(), None).map_err(|_| { Error::RequestVCFailed(Assertion::A13(who.clone()), ErrorDetail::ParseError) })?; let keys: Vec = response diff --git a/tee-worker/identity/litentry/core/omni-account/Cargo.toml b/tee-worker/identity/litentry/core/omni-account/Cargo.toml new file mode 100644 index 0000000000..0b36e26d6e --- /dev/null +++ b/tee-worker/identity/litentry/core/omni-account/Cargo.toml @@ -0,0 +1,32 @@ +[package] +authors = ["Trust Computing GmbH "] +edition = "2021" +name = "lc-omni-account" +version = "0.1.0" + +[dependencies] +litentry-primitives = { workspace = true } + +itp-ocall-api = { workspace = true } +itp-storage = { workspace = true } +itp-types = { workspace = true } + +frame-support = { workspace = true } +lazy_static = { workspace = true } +log = { workspace = true } +sp-core = { workspace = true } + +sgx_tstd = { workspace = true, features = ["net", "thread"], optional = true } + +[features] +default = ["std"] +std = [ + "litentry-primitives/std", + "frame-support/std", + "itp-storage/std", + "itp-types/std", +] +sgx = [ + "litentry-primitives/sgx", + "sgx_tstd", +] diff --git a/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs b/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs new file mode 100644 index 0000000000..30da7a4234 --- /dev/null +++ b/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs @@ -0,0 +1,77 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use crate::{AccountId, BTreeMap, Error, MemberAccount, OmniAccounts, Vec}; +use lazy_static::lazy_static; + +#[cfg(feature = "std")] +use std::sync::RwLock; +#[cfg(feature = "sgx")] +use std::sync::SgxRwLock as RwLock; + +lazy_static! { + static ref STORE: RwLock = RwLock::new(BTreeMap::new()); +} + +pub struct InMemoryStore; + +impl InMemoryStore { + pub fn get(&self, owner: AccountId) -> Result>, Error> { + let omni_account_members = STORE + .read() + .map_err(|_| { + log::error!("[InMemoryStore] Lock poisoning"); + Error::LockPoisoning + })? + .get(&owner) + .cloned(); + + Ok(omni_account_members) + } + + pub fn insert(&self, account_id: AccountId, members: Vec) -> Result<(), Error> { + STORE + .write() + .map_err(|_| { + log::error!("[InMemoryStore] Lock poisoning"); + Error::LockPoisoning + })? + .insert(account_id, members); + + Ok(()) + } + + pub fn remove(&self, account_id: AccountId) -> Result<(), Error> { + STORE + .write() + .map_err(|_| { + log::error!("[InMemoryStore] Lock poisoning"); + Error::LockPoisoning + })? + .remove(&account_id); + + Ok(()) + } + + pub fn load(&self, accounts: OmniAccounts) -> Result<(), Error> { + *STORE.write().map_err(|_| { + log::error!("[InMemoryStore] Lock poisoning"); + Error::LockPoisoning + })? = accounts; + + Ok(()) + } +} diff --git a/tee-worker/identity/litentry/core/omni-account/src/lib.rs b/tee-worker/identity/litentry/core/omni-account/src/lib.rs new file mode 100644 index 0000000000..506ff11c41 --- /dev/null +++ b/tee-worker/identity/litentry/core/omni-account/src/lib.rs @@ -0,0 +1,43 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +#![cfg_attr(not(feature = "std"), no_std)] + +pub extern crate alloc; + +#[cfg(all(not(feature = "std"), feature = "sgx"))] +extern crate sgx_tstd as std; + +#[cfg(all(feature = "std", feature = "sgx"))] +compile_error!("feature \"std\" and feature \"sgx\" cannot be enabled at the same time"); + +mod repository; +pub use repository::*; + +mod in_memory_store; +pub use in_memory_store::InMemoryStore; + +use alloc::{collections::btree_map::BTreeMap, vec::Vec}; +use itp_types::parentchain::{AccountId, Header, ParentchainId}; +use litentry_primitives::MemberAccount; + +pub type OmniAccounts = BTreeMap>; + +#[derive(Debug)] +pub enum Error { + LockPoisoning, + OCallApiError(&'static str), +} diff --git a/tee-worker/identity/litentry/core/omni-account/src/repository.rs b/tee-worker/identity/litentry/core/omni-account/src/repository.rs new file mode 100644 index 0000000000..c12993d1eb --- /dev/null +++ b/tee-worker/identity/litentry/core/omni-account/src/repository.rs @@ -0,0 +1,95 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use crate::{AccountId, Error, Header, MemberAccount, OmniAccounts, ParentchainId}; +use alloc::vec::Vec; +use frame_support::storage::storage_prefix; +use itp_ocall_api::EnclaveOnChainOCallApi; +use itp_storage::{ + decode_storage_key, extract_blake2_128concat_key, storage_map_key, StorageHasher, +}; + +pub trait GetAccountStoresRepository { + fn get_by_account_id(&self, account_id: AccountId) + -> Result>, Error>; + fn get_all(&self) -> Result; +} + +pub struct OmniAccountRepository { + ocall_api: OCallApi, + header: Header, +} + +impl OmniAccountRepository { + pub fn new(ocall_api: OCallApi, header: Header) -> Self { + Self { ocall_api, header } + } + + pub fn set_header(&mut self, header: Header) { + self.header = header; + } +} + +impl GetAccountStoresRepository + for OmniAccountRepository +{ + fn get_by_account_id(&self, owner: AccountId) -> Result>, Error> { + let storage_key = storage_map_key( + "OmniAccount", + "AccountStore", + &owner, + &StorageHasher::Blake2_128Concat, + ); + let storage_entry = self + .ocall_api + .get_storage_verified(storage_key, &self.header, &ParentchainId::Litentry) + .map_err(|_| Error::OCallApiError("Failed to get storage"))?; + let member_accounts = storage_entry.value().to_owned(); + + Ok(member_accounts) + } + + fn get_all(&self) -> Result { + let account_store_key_prefix = storage_prefix(b"OmniAccount", b"AccountStore"); + let account_store_storage_keys_response = self + .ocall_api + .get_storage_keys(account_store_key_prefix.into(), Some(&self.header)) + .map_err(|_| Error::OCallApiError("Failed to get storage keys"))?; + let account_store_storage_keys = account_store_storage_keys_response + .into_iter() + .filter_map(decode_storage_key) + .collect::>>(); + let omni_accounts: OmniAccounts = self + .ocall_api + .get_multiple_storages_verified( + account_store_storage_keys, + &self.header, + &ParentchainId::Litentry, + ) + .map_err(|_| Error::OCallApiError("Failed to get multiple storages"))? + .into_iter() + .filter_map(|entry| { + // TODO: double check this + let storage_key = decode_storage_key(entry.key)?; + let account_id: AccountId = extract_blake2_128concat_key(&storage_key)?; + let member_accounts: Vec = entry.value?; + Some((account_id, member_accounts)) + }) + .collect(); + + Ok(omni_accounts) + } +} From 8a65e5a8dd78ba7e20a09b3251cdb754487c722d Mon Sep 17 00:00:00 2001 From: Kasper Ziemianek Date: Wed, 16 Oct 2024 23:11:49 +0200 Subject: [PATCH 16/17] `omni-executor` init (#3122) Init code for omni-executor offchain worker --- common/primitives/core/Cargo.lock | 4375 ++++++++++++++ common/primitives/core/src/intention.rs | 28 + common/primitives/core/src/lib.rs | 3 + parachain/pallets/omni-account/src/lib.rs | 14 +- parachain/pallets/omni-account/src/tests.rs | 57 +- tee-worker/omni-executor/.gitignore | 7 + tee-worker/omni-executor/Cargo.lock | 5356 +++++++++++++++++ tee-worker/omni-executor/Cargo.toml | 22 + tee-worker/omni-executor/Dockerfile | 8 + tee-worker/omni-executor/Makefile | 78 + tee-worker/omni-executor/README.md | 3 + tee-worker/omni-executor/docker-compose.yml | 20 + .../ethereum/intention-executor/Cargo.toml | 11 + .../ethereum/intention-executor/src/lib.rs | 86 + .../omni-executor/executor-core/Cargo.toml | 11 + .../omni-executor/executor-core/README.md | 0 .../executor-core/src/event_handler.rs | 28 + .../executor-core/src/fetcher.rs | 30 + .../executor-core/src/intention_executor.rs | 44 + .../omni-executor/executor-core/src/lib.rs | 22 + .../executor-core/src/listener.rs | 217 + .../executor-core/src/primitives.rs | 25 + .../src/sync_checkpoint_repository.rs | 107 + .../omni-executor/executor-worker/Cargo.lock | 7 + .../omni-executor/executor-worker/Cargo.toml | 17 + .../omni-executor/executor-worker/src/cli.rs | 8 + .../omni-executor/executor-worker/src/main.rs | 76 + .../omni-executor/omni-executor.manifest | 44 + .../omni-executor.manifest.template | 45 + .../artifacts/rococo-omni-account.scale | Bin 0 -> 23193 bytes .../parentchain/listener/Cargo.toml | 17 + .../parentchain/listener/src/event_handler.rs | 122 + .../parentchain/listener/src/fetcher.rs | 86 + .../parentchain/listener/src/lib.rs | 111 + .../parentchain/listener/src/listener.rs | 40 + .../parentchain/listener/src/metadata.rs | 45 + .../parentchain/listener/src/primitives.rs | 122 + .../parentchain/listener/src/rpc_client.rs | 137 + tee-worker/omni-executor/rust-toolchain.toml | 3 + 39 files changed, 11430 insertions(+), 2 deletions(-) create mode 100644 common/primitives/core/Cargo.lock create mode 100644 common/primitives/core/src/intention.rs create mode 100644 tee-worker/omni-executor/.gitignore create mode 100644 tee-worker/omni-executor/Cargo.lock create mode 100644 tee-worker/omni-executor/Cargo.toml create mode 100644 tee-worker/omni-executor/Dockerfile create mode 100644 tee-worker/omni-executor/Makefile create mode 100644 tee-worker/omni-executor/README.md create mode 100644 tee-worker/omni-executor/docker-compose.yml create mode 100644 tee-worker/omni-executor/ethereum/intention-executor/Cargo.toml create mode 100644 tee-worker/omni-executor/ethereum/intention-executor/src/lib.rs create mode 100644 tee-worker/omni-executor/executor-core/Cargo.toml create mode 100644 tee-worker/omni-executor/executor-core/README.md create mode 100644 tee-worker/omni-executor/executor-core/src/event_handler.rs create mode 100644 tee-worker/omni-executor/executor-core/src/fetcher.rs create mode 100644 tee-worker/omni-executor/executor-core/src/intention_executor.rs create mode 100644 tee-worker/omni-executor/executor-core/src/lib.rs create mode 100644 tee-worker/omni-executor/executor-core/src/listener.rs create mode 100644 tee-worker/omni-executor/executor-core/src/primitives.rs create mode 100644 tee-worker/omni-executor/executor-core/src/sync_checkpoint_repository.rs create mode 100644 tee-worker/omni-executor/executor-worker/Cargo.lock create mode 100644 tee-worker/omni-executor/executor-worker/Cargo.toml create mode 100644 tee-worker/omni-executor/executor-worker/src/cli.rs create mode 100644 tee-worker/omni-executor/executor-worker/src/main.rs create mode 100644 tee-worker/omni-executor/omni-executor.manifest create mode 100644 tee-worker/omni-executor/omni-executor.manifest.template create mode 100644 tee-worker/omni-executor/parentchain/artifacts/rococo-omni-account.scale create mode 100644 tee-worker/omni-executor/parentchain/listener/Cargo.toml create mode 100644 tee-worker/omni-executor/parentchain/listener/src/event_handler.rs create mode 100644 tee-worker/omni-executor/parentchain/listener/src/fetcher.rs create mode 100644 tee-worker/omni-executor/parentchain/listener/src/lib.rs create mode 100644 tee-worker/omni-executor/parentchain/listener/src/listener.rs create mode 100644 tee-worker/omni-executor/parentchain/listener/src/metadata.rs create mode 100644 tee-worker/omni-executor/parentchain/listener/src/primitives.rs create mode 100644 tee-worker/omni-executor/parentchain/listener/src/rpc_client.rs create mode 100644 tee-worker/omni-executor/rust-toolchain.toml diff --git a/common/primitives/core/Cargo.lock b/common/primitives/core/Cargo.lock new file mode 100644 index 0000000000..ede1cd0575 --- /dev/null +++ b/common/primitives/core/Cargo.lock @@ -0,0 +1,4375 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "Inflector" +version = "0.11.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fe438c63458706e03479442743baae6c88256498e6431708f6dfc520a26515d3" +dependencies = [ + "lazy_static", + "regex", +] + +[[package]] +name = "addr2line" +version = "0.19.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a76fd60b23679b7d19bd066031410fb7e458ccc5e958eb5c325888ce4baedc97" +dependencies = [ + "gimli 0.27.3", +] + +[[package]] +name = "addr2line" +version = "0.24.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dfbe277e56a376000877090da837660b4427aad530e3028d44e0bffe4f89a1c1" +dependencies = [ + "gimli 0.31.1", +] + +[[package]] +name = "adler2" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "512761e0bb2578dd7380c6baaa0f4ce03e84f95e960231d1dec8bf4d7d6e2627" + +[[package]] +name = "ahash" +version = "0.7.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "891477e0c6a8957309ee5c45a6368af3ae14bb510732d2684ffa19af310920f9" +dependencies = [ + "getrandom 0.2.15", + "once_cell", + "version_check", +] + +[[package]] +name = "ahash" +version = "0.8.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e89da841a80418a9b391ebaea17f5c112ffaaa96f621d2c285b5174da76b9011" +dependencies = [ + "cfg-if", + "getrandom 0.2.15", + "once_cell", + "version_check", + "zerocopy", +] + +[[package]] +name = "aho-corasick" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e60d3430d3a69478ad0993f19238d2df97c507009a52b3c10addcd7f6bcb916" +dependencies = [ + "memchr", +] + +[[package]] +name = "android-tzdata" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e999941b234f3131b00bc13c22d06e8c5ff726d1b6318ac7eb276997bbb4fef0" + +[[package]] +name = "android_system_properties" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311" +dependencies = [ + "libc", +] + +[[package]] +name = "ansi_term" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d52a9bb7ec0cf484c551830a7ce27bd20d67eac647e1befb56b0be4ee39a55d2" +dependencies = [ + "winapi", +] + +[[package]] +name = "anyhow" +version = "1.0.89" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "86fdf8605db99b54d3cd748a44c6d04df638eb5dafb219b135d0149bd0db01f6" + +[[package]] +name = "approx" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cab112f0a86d568ea0e627cc1d6be74a1e9cd55214684db5561995f6dad897c6" +dependencies = [ + "num-traits", +] + +[[package]] +name = "aquamarine" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d1da02abba9f9063d786eab1509833ebb2fac0f966862ca59439c76b9c566760" +dependencies = [ + "include_dir", + "itertools", + "proc-macro-error", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "array-bytes" +version = "6.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5d5dde061bd34119e902bbb2d9b90c5692635cf59fb91d582c2b68043f1b8293" + +[[package]] +name = "arrayref" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "76a2e8124351fda1ef8aaaa3bbd7ebbcb486bbcd4225aca0aa0d84bb2db8fecb" + +[[package]] +name = "arrayvec" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23b62fc65de8e4e7f52534fb52b0f3ed04746ae267519eef2a83941e8085068b" + +[[package]] +name = "arrayvec" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7c02d123df017efcdfbd739ef81735b36c5ba83ec3c59c80a9d7ecc718f92e50" + +[[package]] +name = "async-trait" +version = "0.1.83" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "721cae7de5c34fbb2acd27e21e6d2cf7b886dce0c27388d46c4e6c47ea4318dd" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "auto_impl" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c87f3f15e7794432337fc718554eaa4dc8f04c9677a950ffe366f20a162ae42" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "autocfg" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26" + +[[package]] +name = "backtrace" +version = "0.3.74" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d82cb332cdfaed17ae235a638438ac4d4839913cc2af585c3c6746e8f8bee1a" +dependencies = [ + "addr2line 0.24.2", + "cfg-if", + "libc", + "miniz_oxide", + "object 0.36.5", + "rustc-demangle", + "windows-targets 0.52.6", +] + +[[package]] +name = "base16ct" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c7f02d4ea65f2c1853089ffd8d2787bdbc63de2f0d29dedbcf8ccdfa0ccd4cf" + +[[package]] +name = "base58" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6107fe1be6682a68940da878d9e9f5e90ca5745b3dec9fd1bb393c8777d4f581" + +[[package]] +name = "base64" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" + +[[package]] +name = "base64ct" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" + +[[package]] +name = "bincode" +version = "1.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b1f45e9417d87227c7a56d22e471c6206462cba514c7590c09aff4cf6d1ddcad" +dependencies = [ + "serde", +] + +[[package]] +name = "bitflags" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + +[[package]] +name = "bitflags" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de" + +[[package]] +name = "bitvec" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bc2832c24239b0141d5674bb9174f9d68a8b5b3f2753311927c172ca46f7e9c" +dependencies = [ + "funty", + "radium", + "tap", + "wyz", +] + +[[package]] +name = "blake2" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe" +dependencies = [ + "digest 0.10.7", +] + +[[package]] +name = "blake2b_simd" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23285ad32269793932e830392f2fe2f83e26488fd3ec778883a93c8323735780" +dependencies = [ + "arrayref", + "arrayvec 0.7.6", + "constant_time_eq", +] + +[[package]] +name = "block-buffer" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0940dc441f31689269e10ac70eb1002a3a1d3ad1390e030043662eb7fe4688b" +dependencies = [ + "block-padding", + "byte-tools", + "byteorder", + "generic-array 0.12.4", +] + +[[package]] +name = "block-buffer" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" +dependencies = [ + "generic-array 0.14.7", +] + +[[package]] +name = "block-buffer" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" +dependencies = [ + "generic-array 0.14.7", +] + +[[package]] +name = "block-padding" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fa79dedbb091f449f1f39e53edf88d5dbe95f895dae6135a8d7b881fb5af73f5" +dependencies = [ + "byte-tools", +] + +[[package]] +name = "bounded-collections" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca548b6163b872067dc5eb82fd130c56881435e30367d2073594a3d9744120dd" +dependencies = [ + "log", + "parity-scale-codec", + "scale-info", + "serde", +] + +[[package]] +name = "bs58" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf88ba1141d185c399bee5288d850d63b8369520c1eafc32a0430b5b6c287bf4" +dependencies = [ + "tinyvec", +] + +[[package]] +name = "bumpalo" +version = "3.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79296716171880943b8470b5f8d03aa55eb2e645a4874bdbb28adb49162e012c" + +[[package]] +name = "byte-slice-cast" +version = "1.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3ac9f8b63eca6fd385229b3675f6cc0dc5c8a5c8a54a59d4f52ffd670d87b0c" + +[[package]] +name = "byte-tools" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3b5ca7a04898ad4bcd41c90c5285445ff5b791899bb1b0abdd2a2aa791211d7" + +[[package]] +name = "bytemuck" +version = "1.19.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8334215b81e418a0a7bdb8ef0849474f40bb10c8b71f1c4ed315cff49f32494d" + +[[package]] +name = "byteorder" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" + +[[package]] +name = "bytes" +version = "1.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "428d9aa8fbc0670b7b8d6030a7fadd0f86151cae55e4dbbece15f3780a3dfaf3" + +[[package]] +name = "cargo_toml" +version = "0.19.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a98356df42a2eb1bd8f1793ae4ee4de48e384dd974ce5eac8eee802edb7492be" +dependencies = [ + "serde", + "toml", +] + +[[package]] +name = "cc" +version = "1.1.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b16803a61b81d9eabb7eae2588776c4c1e584b738ede45fdbb4c972cec1e9945" +dependencies = [ + "shlex", +] + +[[package]] +name = "cfg-expr" +version = "0.15.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d067ad48b8650848b989a59a86c6c36a995d02d2bf778d45c3c5d57bc2718f02" +dependencies = [ + "smallvec", +] + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "chrono" +version = "0.4.38" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a21f936df1771bf62b77f047b726c4625ff2e8aa607c01ec06e5a05bd8463401" +dependencies = [ + "android-tzdata", + "iana-time-zone", + "num-traits", + "serde", + "windows-targets 0.52.6", +] + +[[package]] +name = "common-path" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2382f75942f4b3be3690fe4f86365e9c853c1587d6ee58212cebf6e2a9ccd101" + +[[package]] +name = "const-oid" +version = "0.9.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" + +[[package]] +name = "const-random" +version = "0.1.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87e00182fe74b066627d63b85fd550ac2998d4b0bd86bfed477a0ae4c7c71359" +dependencies = [ + "const-random-macro", +] + +[[package]] +name = "const-random-macro" +version = "0.1.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f9d839f2a20b0aee515dc581a6172f2321f96cab76c1a38a4c584a194955390e" +dependencies = [ + "getrandom 0.2.15", + "once_cell", + "tiny-keccak", +] + +[[package]] +name = "constant_time_eq" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7c74b8349d32d297c9134b8c88677813a227df8f779daa29bfc29c183fe3dca6" + +[[package]] +name = "core-foundation-sys" +version = "0.8.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b" + +[[package]] +name = "core-primitives" +version = "0.1.0" +dependencies = [ + "base58", + "base64", + "chrono", + "der 0.6.1", + "frame-support", + "hex", + "hex-literal", + "litentry-hex-utils", + "litentry-macros", + "litentry-proc-macros", + "pallet-evm", + "parity-scale-codec", + "ring", + "rustls-webpki", + "scale-info", + "serde", + "serde_json", + "sp-core", + "sp-io", + "sp-runtime", + "sp-std", + "strum", + "strum_macros", + "x509-cert", +] + +[[package]] +name = "cpp_demangle" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eeaa953eaad386a53111e47172c2fedba671e5684c8dd601a5f474f4f118710f" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "cpufeatures" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "608697df725056feaccfa42cffdaeeec3fccc4ffc38358ecd19b243e716a78e0" +dependencies = [ + "libc", +] + +[[package]] +name = "cranelift-entity" +version = "0.95.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "40099d38061b37e505e63f89bab52199037a72b931ad4868d9089ff7268660b0" +dependencies = [ + "serde", +] + +[[package]] +name = "crc32fast" +version = "1.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a97769d94ddab943e4510d138150169a2758b5ef3eb191a9ee688de3e23ef7b3" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "crunchy" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7" + +[[package]] +name = "crypto-bigint" +version = "0.5.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0dc92fb57ca44df6db8059111ab3af99a63d5d0f8375d9972e319a379c6bab76" +dependencies = [ + "generic-array 0.14.7", + "rand_core 0.6.4", + "subtle", + "zeroize", +] + +[[package]] +name = "crypto-common" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +dependencies = [ + "generic-array 0.14.7", + "typenum", +] + +[[package]] +name = "crypto-mac" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b584a330336237c1eecd3e94266efb216c56ed91225d634cb2991c5f3fd1aeab" +dependencies = [ + "generic-array 0.14.7", + "subtle", +] + +[[package]] +name = "crypto-mac" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b1d1a86f49236c215f271d40892d5fc950490551400b02ef360692c29815c714" +dependencies = [ + "generic-array 0.14.7", + "subtle", +] + +[[package]] +name = "curve25519-dalek" +version = "2.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4a9b85542f99a2dfa2a1b8e192662741c9859a846b296bef1c92ef9b58b5a216" +dependencies = [ + "byteorder", + "digest 0.8.1", + "rand_core 0.5.1", + "subtle", + "zeroize", +] + +[[package]] +name = "curve25519-dalek" +version = "3.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b9fdf9972b2bd6af2d913799d9ebc165ea4d2e65878e329d9c6b372c4491b61" +dependencies = [ + "byteorder", + "digest 0.9.0", + "rand_core 0.5.1", + "subtle", + "zeroize", +] + +[[package]] +name = "curve25519-dalek" +version = "4.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97fb8b7c4503de7d6ae7b42ab72a5a59857b4c937ec27a3d4539dba95b5ab2be" +dependencies = [ + "cfg-if", + "cpufeatures", + "curve25519-dalek-derive", + "digest 0.10.7", + "fiat-crypto", + "rustc_version", + "subtle", + "zeroize", +] + +[[package]] +name = "curve25519-dalek-derive" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "der" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1a467a65c5e759bce6e65eaf91cc29f466cdc57cb65777bd646872a8a1fd4de" +dependencies = [ + "const-oid", + "der_derive", + "flagset", +] + +[[package]] +name = "der" +version = "0.7.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f55bf8e7b65898637379c1b74eb1551107c8294ed26d855ceb9fd1a09cfc9bc0" +dependencies = [ + "const-oid", + "zeroize", +] + +[[package]] +name = "der_derive" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ef71ddb5b3a1f53dee24817c8f70dfa1cb29e804c18d88c228d4bc9c86ee3b9" +dependencies = [ + "proc-macro-error", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "derive-syn-parse" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e79116f119dd1dba1abf1f3405f03b9b0e79a27a3883864bfebded8a3dc768cd" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "derive-syn-parse" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d65d7ce8132b7c0e54497a4d9a55a1c2a0912a0d786cf894472ba818fba45762" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "derive_more" +version = "0.99.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f33878137e4dafd7fa914ad4e259e18a4e8e532b9617a2d0150262bf53abfce" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "digest" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f3d0c8c8752312f9713efd397ff63acb9f85585afbf179282e720e7704954dd5" +dependencies = [ + "generic-array 0.12.4", +] + +[[package]] +name = "digest" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" +dependencies = [ + "generic-array 0.14.7", +] + +[[package]] +name = "digest" +version = "0.10.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" +dependencies = [ + "block-buffer 0.10.4", + "const-oid", + "crypto-common", + "subtle", +] + +[[package]] +name = "docify" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43a2f138ad521dc4a2ced1a4576148a6a610b4c5923933b062a263130a6802ce" +dependencies = [ + "docify_macros", +] + +[[package]] +name = "docify_macros" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a081e51fb188742f5a7a1164ad752121abcb22874b21e2c3b0dd040c515fdad" +dependencies = [ + "common-path", + "derive-syn-parse 0.2.0", + "once_cell", + "proc-macro2", + "quote", + "regex", + "syn 2.0.79", + "termcolor", + "toml", + "walkdir", +] + +[[package]] +name = "dyn-clonable" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e9232f0e607a262ceb9bd5141a3dfb3e4db6994b31989bbfd845878cba59fd4" +dependencies = [ + "dyn-clonable-impl", + "dyn-clone", +] + +[[package]] +name = "dyn-clonable-impl" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "558e40ea573c374cf53507fd240b7ee2f5477df7cfebdb97323ec61c719399c5" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "dyn-clone" +version = "1.0.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d6ef0072f8a535281e4876be788938b528e9a1d43900b82c2569af7da799125" + +[[package]] +name = "ecdsa" +version = "0.16.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee27f32b5c5292967d2d4a9d7f1e0b0aed2c15daded5a60300e4abb9d8020bca" +dependencies = [ + "der 0.7.9", + "digest 0.10.7", + "elliptic-curve", + "rfc6979", + "signature", + "spki 0.7.3", +] + +[[package]] +name = "ed25519" +version = "2.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "115531babc129696a58c64a4fef0a8bf9e9698629fb97e9e40767d235cfbcd53" +dependencies = [ + "signature", +] + +[[package]] +name = "ed25519-dalek" +version = "2.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4a3daa8e81a3963a60642bcc1f90a670680bd4a77535faa384e9d1c79d620871" +dependencies = [ + "curve25519-dalek 4.1.3", + "ed25519", + "sha2 0.10.8", + "subtle", +] + +[[package]] +name = "ed25519-zebra" +version = "3.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7c24f403d068ad0b359e577a77f92392118be3f3c927538f2bb544a5ecd828c6" +dependencies = [ + "curve25519-dalek 3.2.0", + "hashbrown 0.12.3", + "hex", + "rand_core 0.6.4", + "sha2 0.9.9", + "zeroize", +] + +[[package]] +name = "either" +version = "1.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "60b1af1c220855b6ceac025d3f6ecdd2b7c4894bfe9cd9bda4fbb4bc7c0d4cf0" + +[[package]] +name = "elliptic-curve" +version = "0.13.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b5e6043086bf7973472e0c7dff2142ea0b680d30e18d9cc40f267efbf222bd47" +dependencies = [ + "base16ct", + "crypto-bigint", + "digest 0.10.7", + "ff", + "generic-array 0.14.7", + "group", + "pkcs8", + "rand_core 0.6.4", + "sec1", + "subtle", + "zeroize", +] + +[[package]] +name = "environmental" +version = "1.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e48c92028aaa870e83d51c64e5d4e0b6981b360c522198c23959f219a4e1b15b" + +[[package]] +name = "equivalent" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" + +[[package]] +name = "errno" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "534c5cf6194dfab3db3242765c03bbe257cf92f22b38f6bc0c58d59108a820ba" +dependencies = [ + "libc", + "windows-sys 0.52.0", +] + +[[package]] +name = "ethbloom" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c22d4b5885b6aa2fe5e8b9329fb8d232bf739e434e6b87347c63bdd00c120f60" +dependencies = [ + "crunchy", + "fixed-hash", + "impl-codec", + "impl-rlp", + "impl-serde", + "scale-info", + "tiny-keccak", +] + +[[package]] +name = "ethereum" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a89fb87a9e103f71b903b80b670200b54cc67a07578f070681f1fffb7396fb7" +dependencies = [ + "bytes", + "ethereum-types", + "hash-db 0.15.2", + "hash256-std-hasher", + "parity-scale-codec", + "rlp", + "scale-info", + "serde", + "sha3", + "triehash", +] + +[[package]] +name = "ethereum-types" +version = "0.14.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "02d215cbf040552efcbe99a38372fe80ab9d00268e20012b79fcd0f073edd8ee" +dependencies = [ + "ethbloom", + "fixed-hash", + "impl-codec", + "impl-rlp", + "impl-serde", + "primitive-types", + "scale-info", + "uint", +] + +[[package]] +name = "evm" +version = "0.39.1" +source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" +dependencies = [ + "auto_impl", + "environmental", + "ethereum", + "evm-core", + "evm-gasometer", + "evm-runtime", + "log", + "parity-scale-codec", + "primitive-types", + "rlp", + "scale-info", + "serde", + "sha3", +] + +[[package]] +name = "evm-core" +version = "0.39.0" +source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" +dependencies = [ + "parity-scale-codec", + "primitive-types", + "scale-info", + "serde", +] + +[[package]] +name = "evm-gasometer" +version = "0.39.0" +source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" +dependencies = [ + "environmental", + "evm-core", + "evm-runtime", + "primitive-types", +] + +[[package]] +name = "evm-runtime" +version = "0.39.0" +source = "git+https://github.com/rust-blockchain/evm?rev=b7b82c7e1fc57b7449d6dfa6826600de37cc1e65#b7b82c7e1fc57b7449d6dfa6826600de37cc1e65" +dependencies = [ + "auto_impl", + "environmental", + "evm-core", + "primitive-types", + "sha3", +] + +[[package]] +name = "expander" +version = "2.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2c470c71d91ecbd179935b24170459e926382eaaa86b590b78814e180d8a8e2" +dependencies = [ + "blake2", + "file-guard", + "fs-err", + "prettyplease", + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "fake-simd" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e88a8acf291dafb59c2d96e8f59828f3838bb1a70398823ade51a84de6a6deed" + +[[package]] +name = "fallible-iterator" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4443176a9f2c162692bd3d352d745ef9413eec5782a80d8fd6f8a1ac692a07f7" + +[[package]] +name = "ff" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449" +dependencies = [ + "rand_core 0.6.4", + "subtle", +] + +[[package]] +name = "fiat-crypto" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "28dea519a9695b9977216879a3ebfddf92f1c08c05d984f8996aecd6ecdc811d" + +[[package]] +name = "file-guard" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "21ef72acf95ec3d7dbf61275be556299490a245f017cf084bd23b4f68cf9407c" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "fixed-hash" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "835c052cb0c08c1acf6ffd71c022172e18723949c8282f2b9f27efbc51e64534" +dependencies = [ + "byteorder", + "rand 0.8.5", + "rustc-hex", + "static_assertions", +] + +[[package]] +name = "flagset" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b3ea1ec5f8307826a5b71094dd91fc04d4ae75d5709b20ad351c7fb4815c86ec" + +[[package]] +name = "form_urlencoded" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e13624c2627564efccf4934284bdd98cbaa14e79b0b5a141218e507b3a823456" +dependencies = [ + "percent-encoding", +] + +[[package]] +name = "fp-account" +version = "1.0.0-dev" +source = "git+https://github.com/paritytech/frontier?branch=polkadot-v1.1.0#7544791796a93e85716241b72ba68b7c7231376f" +dependencies = [ + "hex", + "impl-serde", + "libsecp256k1", + "log", + "parity-scale-codec", + "scale-info", + "serde", + "sp-core", + "sp-io", + "sp-runtime", + "sp-runtime-interface", + "sp-std", +] + +[[package]] +name = "fp-evm" +version = "3.0.0-dev" +source = "git+https://github.com/paritytech/frontier?branch=polkadot-v1.1.0#7544791796a93e85716241b72ba68b7c7231376f" +dependencies = [ + "evm", + "frame-support", + "num_enum", + "parity-scale-codec", + "scale-info", + "serde", + "sp-core", + "sp-runtime", + "sp-std", +] + +[[package]] +name = "frame-benchmarking" +version = "4.0.0-dev" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "frame-support", + "frame-support-procedural", + "frame-system", + "linregress", + "log", + "parity-scale-codec", + "paste", + "scale-info", + "serde", + "sp-api", + "sp-application-crypto", + "sp-core", + "sp-io", + "sp-runtime", + "sp-runtime-interface", + "sp-std", + "sp-storage", + "static_assertions", +] + +[[package]] +name = "frame-metadata" +version = "16.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87cf1549fba25a6fcac22785b61698317d958e96cac72a59102ea45b9ae64692" +dependencies = [ + "cfg-if", + "parity-scale-codec", + "scale-info", + "serde", +] + +[[package]] +name = "frame-support" +version = "4.0.0-dev" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "aquamarine", + "bitflags 1.3.2", + "docify", + "environmental", + "frame-metadata", + "frame-support-procedural", + "impl-trait-for-tuples", + "k256", + "log", + "macro_magic", + "parity-scale-codec", + "paste", + "scale-info", + "serde", + "serde_json", + "smallvec", + "sp-api", + "sp-arithmetic", + "sp-core", + "sp-core-hashing-proc-macro", + "sp-debug-derive", + "sp-genesis-builder", + "sp-inherents", + "sp-io", + "sp-metadata-ir", + "sp-runtime", + "sp-staking", + "sp-state-machine", + "sp-std", + "sp-tracing", + "sp-weights", + "static_assertions", + "tt-call", +] + +[[package]] +name = "frame-support-procedural" +version = "4.0.0-dev" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "Inflector", + "cfg-expr", + "derive-syn-parse 0.1.5", + "expander", + "frame-support-procedural-tools", + "itertools", + "macro_magic", + "proc-macro-warning", + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "frame-support-procedural-tools" +version = "4.0.0-dev" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "frame-support-procedural-tools-derive", + "proc-macro-crate 1.3.1", + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "frame-support-procedural-tools-derive" +version = "3.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "frame-system" +version = "4.0.0-dev" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "cfg-if", + "frame-support", + "log", + "parity-scale-codec", + "scale-info", + "serde", + "sp-core", + "sp-io", + "sp-runtime", + "sp-std", + "sp-version", + "sp-weights", +] + +[[package]] +name = "fs-err" +version = "2.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "88a41f105fe1d5b6b34b2055e3dc59bb79b46b48b2040b9e6c7b4b5de097aa41" +dependencies = [ + "autocfg", +] + +[[package]] +name = "funty" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6d5a32815ae3f33302d95fdcb2ce17862f8c65363dcfd29360480ba1001fc9c" + +[[package]] +name = "futures" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "65bc07b1a8bc7c85c5f2e110c476c7389b4554ba72af57d8445ea63a576b0876" +dependencies = [ + "futures-channel", + "futures-core", + "futures-executor", + "futures-io", + "futures-sink", + "futures-task", + "futures-util", +] + +[[package]] +name = "futures-channel" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2dff15bf788c671c1934e366d07e30c1814a8ef514e1af724a602e8a2fbe1b10" +dependencies = [ + "futures-core", + "futures-sink", +] + +[[package]] +name = "futures-core" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05f29059c0c2090612e8d742178b0580d2dc940c837851ad723096f87af6663e" + +[[package]] +name = "futures-executor" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e28d1d997f585e54aebc3f97d39e72338912123a67330d723fdbb564d646c9f" +dependencies = [ + "futures-core", + "futures-task", + "futures-util", + "num_cpus", +] + +[[package]] +name = "futures-io" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e5c1b78ca4aae1ac06c48a526a655760685149f0d465d21f37abfe57ce075c6" + +[[package]] +name = "futures-macro" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "futures-sink" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e575fab7d1e0dcb8d0c7bcf9a63ee213816ab51902e6d244a95819acacf1d4f7" + +[[package]] +name = "futures-task" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f90f7dce0722e95104fcb095585910c0977252f286e354b5e3bd38902cd99988" + +[[package]] +name = "futures-util" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9fa08315bb612088cc391249efdc3bc77536f16c91f6cf495e6fbe85b20a4a81" +dependencies = [ + "futures-channel", + "futures-core", + "futures-io", + "futures-macro", + "futures-sink", + "futures-task", + "memchr", + "pin-project-lite", + "pin-utils", + "slab", +] + +[[package]] +name = "generic-array" +version = "0.12.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffdf9f34f1447443d37393cc6c2b8313aebddcd96906caf34e54c68d8e57d7bd" +dependencies = [ + "typenum", +] + +[[package]] +name = "generic-array" +version = "0.14.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" +dependencies = [ + "typenum", + "version_check", + "zeroize", +] + +[[package]] +name = "getrandom" +version = "0.1.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce" +dependencies = [ + "cfg-if", + "libc", + "wasi 0.9.0+wasi-snapshot-preview1", +] + +[[package]] +name = "getrandom" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7" +dependencies = [ + "cfg-if", + "libc", + "wasi 0.11.0+wasi-snapshot-preview1", +] + +[[package]] +name = "getrandom_or_panic" +version = "0.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ea1015b5a70616b688dc230cfe50c8af89d972cb132d5a622814d29773b10b9" +dependencies = [ + "rand_core 0.6.4", +] + +[[package]] +name = "gimli" +version = "0.27.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6c80984affa11d98d1b88b66ac8853f143217b399d3c74116778ff8fdb4ed2e" +dependencies = [ + "fallible-iterator", + "indexmap 1.9.3", + "stable_deref_trait", +] + +[[package]] +name = "gimli" +version = "0.31.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "07e28edb80900c19c28f1072f2e8aeca7fa06b23cd4169cefe1af5aa3260783f" + +[[package]] +name = "group" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" +dependencies = [ + "ff", + "rand_core 0.6.4", + "subtle", +] + +[[package]] +name = "hash-db" +version = "0.15.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d23bd4e7b5eda0d0f3a307e8b381fdc8ba9000f26fbe912250c0a4cc3956364a" + +[[package]] +name = "hash-db" +version = "0.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e7d7786361d7425ae2fe4f9e407eb0efaa0840f5212d109cc018c40c35c6ab4" + +[[package]] +name = "hash256-std-hasher" +version = "0.15.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "92c171d55b98633f4ed3860808f004099b36c1cc29c42cfc53aa8591b21efcf2" +dependencies = [ + "crunchy", +] + +[[package]] +name = "hashbrown" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" +dependencies = [ + "ahash 0.7.8", +] + +[[package]] +name = "hashbrown" +version = "0.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43a3c133739dddd0d2990f9a4bdf8eb4b21ef50e4851ca85ab661199821d510e" +dependencies = [ + "ahash 0.8.11", +] + +[[package]] +name = "hashbrown" +version = "0.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e087f84d4f86bf4b218b927129862374b72199ae7d8657835f1e89000eea4fb" + +[[package]] +name = "heck" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" + +[[package]] +name = "hermit-abi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d231dfb89cfffdbc30e7fc41579ed6066ad03abda9e567ccafae602b97ec5024" + +[[package]] +name = "hex" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" + +[[package]] +name = "hex-literal" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6fe2267d4ed49bc07b63801559be28c718ea06c4738b7a03c94df7386d2cde46" + +[[package]] +name = "hmac" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "126888268dcc288495a26bf004b38c5fdbb31682f992c84ceb046a1f0fe38840" +dependencies = [ + "crypto-mac 0.8.0", + "digest 0.9.0", +] + +[[package]] +name = "hmac" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a2a2320eb7ec0ebe8da8f744d7812d9fc4cb4d09344ac01898dbcb6a20ae69b" +dependencies = [ + "crypto-mac 0.11.1", + "digest 0.9.0", +] + +[[package]] +name = "hmac" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" +dependencies = [ + "digest 0.10.7", +] + +[[package]] +name = "hmac-drbg" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17ea0a1394df5b6574da6e0c1ade9e78868c9fb0a4e5ef4428e32da4676b85b1" +dependencies = [ + "digest 0.9.0", + "generic-array 0.14.7", + "hmac 0.8.1", +] + +[[package]] +name = "iana-time-zone" +version = "0.1.61" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "235e081f3925a06703c2d0117ea8b91f042756fd6e7a6e5d901e8ca1a996b220" +dependencies = [ + "android_system_properties", + "core-foundation-sys", + "iana-time-zone-haiku", + "js-sys", + "wasm-bindgen", + "windows-core", +] + +[[package]] +name = "iana-time-zone-haiku" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f" +dependencies = [ + "cc", +] + +[[package]] +name = "idna" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "634d9b1461af396cad843f47fdba5597a4f9e6ddd4bfb6ff5d85028c25cb12f6" +dependencies = [ + "unicode-bidi", + "unicode-normalization", +] + +[[package]] +name = "impl-codec" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba6a270039626615617f3f36d15fc827041df3b78c439da2cadfa47455a77f2f" +dependencies = [ + "parity-scale-codec", +] + +[[package]] +name = "impl-rlp" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f28220f89297a075ddc7245cd538076ee98b01f2a9c23a53a4f1105d5a322808" +dependencies = [ + "rlp", +] + +[[package]] +name = "impl-serde" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebc88fc67028ae3db0c853baa36269d398d5f45b6982f95549ff5def78c935cd" +dependencies = [ + "serde", +] + +[[package]] +name = "impl-trait-for-tuples" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11d7a9f6330b71fea57921c9b61c47ee6e84f72d394754eff6163ae67e7395eb" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "include_dir" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "923d117408f1e49d914f1a379a309cffe4f18c05cf4e3d12e613a15fc81bd0dd" +dependencies = [ + "include_dir_macros", +] + +[[package]] +name = "include_dir_macros" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7cab85a7ed0bd5f0e76d93846e0147172bed2e2d3f859bcc33a8d9699cad1a75" +dependencies = [ + "proc-macro2", + "quote", +] + +[[package]] +name = "indexmap" +version = "1.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" +dependencies = [ + "autocfg", + "hashbrown 0.12.3", + "serde", +] + +[[package]] +name = "indexmap" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "707907fe3c25f5424cce2cb7e1cbcafee6bdbe735ca90ef77c29e84591e5b9da" +dependencies = [ + "equivalent", + "hashbrown 0.15.0", +] + +[[package]] +name = "integer-sqrt" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "276ec31bcb4a9ee45f58bec6f9ec700ae4cf4f4f8f2fa7e06cb406bd5ffdd770" +dependencies = [ + "num-traits", +] + +[[package]] +name = "io-lifetimes" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eae7b9aee968036d54dce06cebaefd919e4472e753296daccd6d344e3e2df0c2" +dependencies = [ + "hermit-abi", + "libc", + "windows-sys 0.48.0", +] + +[[package]] +name = "itertools" +version = "0.10.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0fd2260e829bddf4cb6ea802289de2f86d6a7a690192fbe91b3f46e0f2c8473" +dependencies = [ + "either", +] + +[[package]] +name = "itoa" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b" + +[[package]] +name = "js-sys" +version = "0.3.72" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a88f1bda2bd75b0452a14784937d796722fdebfe50df998aeb3f0b7603019a9" +dependencies = [ + "wasm-bindgen", +] + +[[package]] +name = "k256" +version = "0.13.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6e3919bbaa2945715f0bb6d3934a173d1e9a59ac23767fbaaef277265a7411b" +dependencies = [ + "cfg-if", + "ecdsa", + "elliptic-curve", + "once_cell", + "sha2 0.10.8", +] + +[[package]] +name = "keccak" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ecc2af9a1119c51f12a14607e783cb977bde58bc069ff0c3da1095e635d70654" +dependencies = [ + "cpufeatures", +] + +[[package]] +name = "lazy_static" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" + +[[package]] +name = "libc" +version = "0.2.159" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "561d97a539a36e26a9a5fad1ea11a3039a67714694aaa379433e580854bc3dc5" + +[[package]] +name = "libsecp256k1" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95b09eff1b35ed3b33b877ced3a691fc7a481919c7e29c53c906226fcf55e2a1" +dependencies = [ + "arrayref", + "base64", + "digest 0.9.0", + "hmac-drbg", + "libsecp256k1-core", + "libsecp256k1-gen-ecmult", + "libsecp256k1-gen-genmult", + "rand 0.8.5", + "serde", + "sha2 0.9.9", + "typenum", +] + +[[package]] +name = "libsecp256k1-core" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5be9b9bb642d8522a44d533eab56c16c738301965504753b03ad1de3425d5451" +dependencies = [ + "crunchy", + "digest 0.9.0", + "subtle", +] + +[[package]] +name = "libsecp256k1-gen-ecmult" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3038c808c55c87e8a172643a7d87187fc6c4174468159cb3090659d55bcb4809" +dependencies = [ + "libsecp256k1-core", +] + +[[package]] +name = "libsecp256k1-gen-genmult" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3db8d6ba2cec9eacc40e6e8ccc98931840301f1006e95647ceb2dd5c3aa06f7c" +dependencies = [ + "libsecp256k1-core", +] + +[[package]] +name = "linregress" +version = "0.5.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9eda9dcf4f2a99787827661f312ac3219292549c2ee992bf9a6248ffb066bf7" +dependencies = [ + "nalgebra", +] + +[[package]] +name = "linux-raw-sys" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f051f77a7c8e6957c0696eac88f26b0117e54f52d3fc682ab19397a8812846a4" + +[[package]] +name = "linux-raw-sys" +version = "0.4.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78b3ae25bc7c8c38cec158d1f2757ee79e9b3740fbc7ccf0e59e4b08d793fa89" + +[[package]] +name = "litentry-hex-utils" +version = "0.1.0" +dependencies = [ + "hex", +] + +[[package]] +name = "litentry-macros" +version = "0.1.0" + +[[package]] +name = "litentry-proc-macros" +version = "0.1.0" +dependencies = [ + "cargo_toml", + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "lock_api" +version = "0.4.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "07af8b9cdd281b7915f413fa73f29ebd5d55d0d3f0155584dade1ff18cea1b17" +dependencies = [ + "autocfg", + "scopeguard", +] + +[[package]] +name = "log" +version = "0.4.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a7a70ba024b9dc04c27ea2f0c0548feb474ec5c54bba33a7f72f873a39d07b24" + +[[package]] +name = "mach" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b823e83b2affd8f40a9ee8c29dbc56404c1e34cd2710921f2801e2cf29527afa" +dependencies = [ + "libc", +] + +[[package]] +name = "macro_magic" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aee866bfee30d2d7e83835a4574aad5b45adba4cc807f2a3bbba974e5d4383c9" +dependencies = [ + "macro_magic_core", + "macro_magic_macros", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "macro_magic_core" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7e766a20fd9c72bab3e1e64ed63f36bd08410e75803813df210d1ce297d7ad00" +dependencies = [ + "const-random", + "derive-syn-parse 0.1.5", + "macro_magic_core_macros", + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "macro_magic_core_macros" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d710e1214dffbab3b5dacb21475dde7d6ed84c69ff722b3a47a782668d44fbac" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "macro_magic_macros" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8fb85ec1620619edf2984a7693497d4ec88a9665d8b87e942856884c92dbf2a" +dependencies = [ + "macro_magic_core", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "matchers" +version = "0.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f099785f7595cc4b4553a174ce30dd7589ef93391ff414dbb67f62392b9e0ce1" +dependencies = [ + "regex-automata 0.1.10", +] + +[[package]] +name = "matrixmultiply" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9380b911e3e96d10c1f415da0876389aaf1b56759054eeb0de7df940c456ba1a" +dependencies = [ + "autocfg", + "rawpointer", +] + +[[package]] +name = "memchr" +version = "2.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3" + +[[package]] +name = "memfd" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b2cffa4ad52c6f791f4f8b15f0c05f9824b2ced1160e88cc393d64fff9a8ac64" +dependencies = [ + "rustix 0.38.37", +] + +[[package]] +name = "memoffset" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d61c719bcfbcf5d62b3a09efa6088de8c54bc0bfcd3ea7ae39fcc186108b8de1" +dependencies = [ + "autocfg", +] + +[[package]] +name = "memory-db" +version = "0.32.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "808b50db46293432a45e63bc15ea51e0ab4c0a1647b8eb114e31a3e698dd6fbe" +dependencies = [ + "hash-db 0.16.0", +] + +[[package]] +name = "merlin" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e261cf0f8b3c42ded9f7d2bb59dea03aa52bc8a1cbc7482f9fc3fd1229d3b42" +dependencies = [ + "byteorder", + "keccak", + "rand_core 0.5.1", + "zeroize", +] + +[[package]] +name = "merlin" +version = "3.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "58c38e2799fc0978b65dfff8023ec7843e2330bb462f19198840b34b6582397d" +dependencies = [ + "byteorder", + "keccak", + "rand_core 0.6.4", + "zeroize", +] + +[[package]] +name = "miniz_oxide" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2d80299ef12ff69b16a84bb182e3b9df68b5a91574d3d4fa6e41b65deec4df1" +dependencies = [ + "adler2", +] + +[[package]] +name = "nalgebra" +version = "0.33.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c4b5f057b303842cf3262c27e465f4c303572e7f6b0648f60e16248ac3397f4" +dependencies = [ + "approx", + "matrixmultiply", + "num-complex", + "num-rational", + "num-traits", + "simba", + "typenum", +] + +[[package]] +name = "nohash-hasher" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2bf50223579dc7cdcfb3bfcacf7069ff68243f8c363f62ffa99cf000a6b9c451" + +[[package]] +name = "num-bigint" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9" +dependencies = [ + "num-integer", + "num-traits", +] + +[[package]] +name = "num-complex" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "73f88a1307638156682bada9d7604135552957b7818057dcef22705b4d509495" +dependencies = [ + "num-traits", +] + +[[package]] +name = "num-format" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a652d9771a63711fd3c3deb670acfbe5c30a4072e664d7a3bf5a9e1056ac72c3" +dependencies = [ + "arrayvec 0.7.6", + "itoa", +] + +[[package]] +name = "num-integer" +version = "0.1.46" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f" +dependencies = [ + "num-traits", +] + +[[package]] +name = "num-rational" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f83d14da390562dca69fc84082e73e548e1ad308d24accdedd2720017cb37824" +dependencies = [ + "num-bigint", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-traits" +version = "0.2.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841" +dependencies = [ + "autocfg", +] + +[[package]] +name = "num_cpus" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43" +dependencies = [ + "hermit-abi", + "libc", +] + +[[package]] +name = "num_enum" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e613fc340b2220f734a8595782c551f1250e969d87d3be1ae0579e8d4065179" +dependencies = [ + "num_enum_derive", +] + +[[package]] +name = "num_enum_derive" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af1844ef2428cc3e1cb900be36181049ef3d3193c63e43026cfe202983b27a56" +dependencies = [ + "proc-macro-crate 3.2.0", + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "object" +version = "0.30.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "03b4680b86d9cfafba8fc491dc9b6df26b68cf40e9e6cd73909194759a63c385" +dependencies = [ + "crc32fast", + "hashbrown 0.13.2", + "indexmap 1.9.3", + "memchr", +] + +[[package]] +name = "object" +version = "0.36.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aedf0a2d09c573ed1d8d85b30c119153926a2b36dce0ab28322c09a117a4683e" +dependencies = [ + "memchr", +] + +[[package]] +name = "once_cell" +version = "1.20.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1261fe7e33c73b354eab43b1273a57c8f967d0391e80353e51f764ac02cf6775" + +[[package]] +name = "opaque-debug" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2839e79665f131bdb5782e51f2c6c9599c133c6098982a54c794358bf432529c" + +[[package]] +name = "opaque-debug" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381" + +[[package]] +name = "pallet-evm" +version = "6.0.0-dev" +source = "git+https://github.com/paritytech/frontier?branch=polkadot-v1.1.0#7544791796a93e85716241b72ba68b7c7231376f" +dependencies = [ + "environmental", + "evm", + "fp-account", + "fp-evm", + "frame-benchmarking", + "frame-support", + "frame-system", + "hash-db 0.16.0", + "hex", + "hex-literal", + "impl-trait-for-tuples", + "log", + "parity-scale-codec", + "rlp", + "scale-info", + "sp-core", + "sp-io", + "sp-runtime", + "sp-std", +] + +[[package]] +name = "parity-scale-codec" +version = "3.6.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "306800abfa29c7f16596b5970a588435e3d5b3149683d00c12b699cc19f895ee" +dependencies = [ + "arrayvec 0.7.6", + "bitvec", + "byte-slice-cast", + "bytes", + "impl-trait-for-tuples", + "parity-scale-codec-derive", + "serde", +] + +[[package]] +name = "parity-scale-codec-derive" +version = "3.6.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d830939c76d294956402033aee57a6da7b438f2294eb94864c37b0569053a42c" +dependencies = [ + "proc-macro-crate 3.2.0", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "parity-wasm" +version = "0.45.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e1ad0aff30c1da14b1254fcb2af73e1fa9a28670e584a626f53a369d0e157304" + +[[package]] +name = "parking_lot" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1bf18183cf54e8d6059647fc3063646a1801cf30896933ec2311622cc4b9a27" +dependencies = [ + "lock_api", + "parking_lot_core", +] + +[[package]] +name = "parking_lot_core" +version = "0.9.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e401f977ab385c9e4e3ab30627d6f26d00e2c73eef317493c4ec6d468726cf8" +dependencies = [ + "cfg-if", + "libc", + "redox_syscall", + "smallvec", + "windows-targets 0.52.6", +] + +[[package]] +name = "paste" +version = "1.0.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57c0d7b74b563b49d38dae00a0c37d4d6de9b432382b2892f0574ddcae73fd0a" + +[[package]] +name = "pbkdf2" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d95f5254224e617595d2cc3cc73ff0a5eaf2637519e25f03388154e9378b6ffa" +dependencies = [ + "crypto-mac 0.11.1", +] + +[[package]] +name = "pbkdf2" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83a0692ec44e4cf1ef28ca317f14f8f07da2d95ec3fa01f86e4467b725e60917" +dependencies = [ + "digest 0.10.7", +] + +[[package]] +name = "percent-encoding" +version = "2.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" + +[[package]] +name = "pin-project-lite" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bda66fc9667c18cb2758a2ac84d1167245054bcf85d5d1aaa6923f45801bdd02" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "pkcs8" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" +dependencies = [ + "der 0.7.9", + "spki 0.7.3", +] + +[[package]] +name = "ppv-lite86" +version = "0.2.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77957b295656769bb8ad2b6a6b09d897d94f05c41b069aede1fcdaa675eaea04" +dependencies = [ + "zerocopy", +] + +[[package]] +name = "prettyplease" +version = "0.2.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "479cf940fbbb3426c32c5d5176f62ad57549a0bb84773423ba8be9d089f5faba" +dependencies = [ + "proc-macro2", + "syn 2.0.79", +] + +[[package]] +name = "primitive-types" +version = "0.12.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b34d9fd68ae0b74a41b21c03c2f62847aa0ffea044eee893b4c140b37e244e2" +dependencies = [ + "fixed-hash", + "impl-codec", + "impl-rlp", + "impl-serde", + "scale-info", + "uint", +] + +[[package]] +name = "proc-macro-crate" +version = "1.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f4c021e1093a56626774e81216a4ce732a735e5bad4868a03f3ed65ca0c3919" +dependencies = [ + "once_cell", + "toml_edit 0.19.15", +] + +[[package]] +name = "proc-macro-crate" +version = "3.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ecf48c7ca261d60b74ab1a7b20da18bede46776b2e55535cb958eb595c5fa7b" +dependencies = [ + "toml_edit 0.22.22", +] + +[[package]] +name = "proc-macro-error" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" +dependencies = [ + "proc-macro-error-attr", + "proc-macro2", + "quote", + "syn 1.0.109", + "version_check", +] + +[[package]] +name = "proc-macro-error-attr" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" +dependencies = [ + "proc-macro2", + "quote", + "version_check", +] + +[[package]] +name = "proc-macro-warning" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3d1eaa7fa0aa1929ffdf7eeb6eac234dde6268914a14ad44d23521ab6a9b258e" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "proc-macro2" +version = "1.0.87" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b3e4daa0dcf6feba26f985457cdf104d4b4256fc5a09547140f3631bb076b19a" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "psm" +version = "0.1.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa37f80ca58604976033fae9515a8a2989fc13797d953f7c04fb8fa36a11f205" +dependencies = [ + "cc", +] + +[[package]] +name = "quote" +version = "1.0.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "radium" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc33ff2d4973d518d823d61aa239014831e521c75da58e3df4840d3f47749d09" + +[[package]] +name = "rand" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" +dependencies = [ + "getrandom 0.1.16", + "libc", + "rand_chacha 0.2.2", + "rand_core 0.5.1", + "rand_hc", +] + +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "libc", + "rand_chacha 0.3.1", + "rand_core 0.6.4", +] + +[[package]] +name = "rand_chacha" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" +dependencies = [ + "ppv-lite86", + "rand_core 0.5.1", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core 0.6.4", +] + +[[package]] +name = "rand_core" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" +dependencies = [ + "getrandom 0.1.16", +] + +[[package]] +name = "rand_core" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom 0.2.15", +] + +[[package]] +name = "rand_hc" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" +dependencies = [ + "rand_core 0.5.1", +] + +[[package]] +name = "rawpointer" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "60a357793950651c4ed0f3f52338f53b2f809f32d83a07f72909fa13e4c6c1e3" + +[[package]] +name = "redox_syscall" +version = "0.5.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b6dfecf2c74bce2466cabf93f6664d6998a69eb21e39f4207930065b27b771f" +dependencies = [ + "bitflags 2.6.0", +] + +[[package]] +name = "ref-cast" +version = "1.0.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ccf0a6f84d5f1d581da8b41b47ec8600871962f2a528115b542b362d4b744931" +dependencies = [ + "ref-cast-impl", +] + +[[package]] +name = "ref-cast-impl" +version = "1.0.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bcc303e793d3734489387d205e9b186fac9c6cfacedd98cbb2e8a5943595f3e6" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "regex" +version = "1.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38200e5ee88914975b69f657f0801b6f6dccafd44fd9326302a4aaeecfacb1d8" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata 0.4.8", + "regex-syntax 0.8.5", +] + +[[package]] +name = "regex-automata" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132" +dependencies = [ + "regex-syntax 0.6.29", +] + +[[package]] +name = "regex-automata" +version = "0.4.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "368758f23274712b504848e9d5a6f010445cc8b87a7cdb4d7cbee666c1288da3" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax 0.8.5", +] + +[[package]] +name = "regex-syntax" +version = "0.6.29" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" + +[[package]] +name = "regex-syntax" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c" + +[[package]] +name = "rfc6979" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8dd2a808d456c4a54e300a23e9f5a67e122c3024119acbfd73e3bf664491cb2" +dependencies = [ + "hmac 0.12.1", + "subtle", +] + +[[package]] +name = "ring" +version = "0.16.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc" +dependencies = [ + "cc", + "libc", + "once_cell", + "spin", + "untrusted 0.7.1", + "web-sys", + "winapi", +] + +[[package]] +name = "rlp" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bb919243f34364b6bd2fc10ef797edbfa75f33c252e7998527479c6d6b47e1ec" +dependencies = [ + "bytes", + "rlp-derive", + "rustc-hex", +] + +[[package]] +name = "rlp-derive" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e33d7b2abe0c340d8797fe2907d3f20d3b5ea5908683618bfe80df7f621f672a" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "rustc-demangle" +version = "0.1.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "719b953e2095829ee67db738b3bfa9fa368c94900df327b3f07fe6e794d2fe1f" + +[[package]] +name = "rustc-hash" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" + +[[package]] +name = "rustc-hex" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3e75f6a532d0fd9f7f13144f392b6ad56a32696bfcd9c78f797f16bbb6f072d6" + +[[package]] +name = "rustc_version" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cfcb3a22ef46e85b45de6ee7e79d063319ebb6594faafcf1c225ea92ab6e9b92" +dependencies = [ + "semver", +] + +[[package]] +name = "rustix" +version = "0.36.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "305efbd14fde4139eb501df5f136994bb520b033fa9fbdce287507dc23b8c7ed" +dependencies = [ + "bitflags 1.3.2", + "errno", + "io-lifetimes", + "libc", + "linux-raw-sys 0.1.4", + "windows-sys 0.45.0", +] + +[[package]] +name = "rustix" +version = "0.38.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8acb788b847c24f28525660c4d7758620a7210875711f79e7f663cc152726811" +dependencies = [ + "bitflags 2.6.0", + "errno", + "libc", + "linux-raw-sys 0.4.14", + "windows-sys 0.52.0", +] + +[[package]] +name = "rustls-pki-types" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0d3edd6cdcdf26eda538757038343986e666d0b8ba4b5ac1de663b78475550d" + +[[package]] +name = "rustls-webpki" +version = "0.102.0-alpha.3" +source = "git+https://github.com/rustls/webpki?rev=da923ed#da923edaab56f599971e58773617fb574cd019dc" +dependencies = [ + "ring", + "rustls-pki-types", + "untrusted 0.9.0", +] + +[[package]] +name = "rustversion" +version = "1.0.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "955d28af4278de8121b7ebeb796b6a45735dc01436d898801014aced2773a3d6" + +[[package]] +name = "ryu" +version = "1.0.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f3cb5ba0dc43242ce17de99c180e96db90b235b8a9fdc9543c96d2209116bd9f" + +[[package]] +name = "safe_arch" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3460605018fdc9612bce72735cba0d27efbcd9904780d44c7e3a9948f96148a" +dependencies = [ + "bytemuck", +] + +[[package]] +name = "same-file" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "scale-info" +version = "2.11.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eca070c12893629e2cc820a9761bedf6ce1dcddc9852984d1dc734b8bd9bd024" +dependencies = [ + "bitvec", + "cfg-if", + "derive_more", + "parity-scale-codec", + "scale-info-derive", + "serde", +] + +[[package]] +name = "scale-info-derive" +version = "2.11.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2d35494501194174bda522a32605929eefc9ecf7e0a326c26db1fdd85881eb62" +dependencies = [ + "proc-macro-crate 3.2.0", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "schnellru" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c9a8ef13a93c54d20580de1e5c413e624e53121d42fc7e2c11d10ef7f8b02367" +dependencies = [ + "ahash 0.8.11", + "cfg-if", + "hashbrown 0.13.2", +] + +[[package]] +name = "schnorrkel" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "021b403afe70d81eea68f6ea12f6b3c9588e5d536a94c3bf80f15e7faa267862" +dependencies = [ + "arrayref", + "arrayvec 0.5.2", + "curve25519-dalek 2.1.3", + "getrandom 0.1.16", + "merlin 2.0.1", + "rand 0.7.3", + "rand_core 0.5.1", + "sha2 0.8.2", + "subtle", + "zeroize", +] + +[[package]] +name = "schnorrkel" +version = "0.11.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8de18f6d8ba0aad7045f5feae07ec29899c1112584a38509a84ad7b04451eaa0" +dependencies = [ + "arrayref", + "arrayvec 0.7.6", + "curve25519-dalek 4.1.3", + "getrandom_or_panic", + "merlin 3.0.0", + "rand_core 0.6.4", + "sha2 0.10.8", + "subtle", + "zeroize", +] + +[[package]] +name = "scopeguard" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" + +[[package]] +name = "sec1" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3e97a565f76233a6003f9f5c54be1d9c5bdfa3eccfb189469f11ec4901c47dc" +dependencies = [ + "base16ct", + "der 0.7.9", + "generic-array 0.14.7", + "pkcs8", + "subtle", + "zeroize", +] + +[[package]] +name = "secp256k1" +version = "0.24.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b1629c9c557ef9b293568b338dddfc8208c98a18c59d722a9d53f859d9c9b62" +dependencies = [ + "secp256k1-sys", +] + +[[package]] +name = "secp256k1-sys" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83080e2c2fc1006e625be82e5d1eb6a43b7fd9578b617fcc55814daf286bba4b" +dependencies = [ + "cc", +] + +[[package]] +name = "secrecy" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9bd1c54ea06cfd2f6b63219704de0b9b4f72dcc2b8fdef820be6cd799780e91e" +dependencies = [ + "zeroize", +] + +[[package]] +name = "semver" +version = "1.0.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61697e0a1c7e512e84a621326239844a24d8207b4669b41bc18b32ea5cbf988b" + +[[package]] +name = "serde" +version = "1.0.210" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8e3592472072e6e22e0a54d5904d9febf8508f65fb8552499a1abc7d1078c3a" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_derive" +version = "1.0.210" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "serde_json" +version = "1.0.120" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e0d21c9a8cae1235ad58a00c11cb40d4b1e5c784f1ef2c537876ed6ffd8b7c5" +dependencies = [ + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "serde_spanned" +version = "0.6.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87607cb1398ed59d48732e575a4c28a7a8ebf2454b964fe3f224f2afc07909e1" +dependencies = [ + "serde", +] + +[[package]] +name = "sha2" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a256f46ea78a0c0d9ff00077504903ac881a1dafdc20da66545699e7776b3e69" +dependencies = [ + "block-buffer 0.7.3", + "digest 0.8.1", + "fake-simd", + "opaque-debug 0.2.3", +] + +[[package]] +name = "sha2" +version = "0.9.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" +dependencies = [ + "block-buffer 0.9.0", + "cfg-if", + "cpufeatures", + "digest 0.9.0", + "opaque-debug 0.3.1", +] + +[[package]] +name = "sha2" +version = "0.10.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest 0.10.7", +] + +[[package]] +name = "sha3" +version = "0.10.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75872d278a8f37ef87fa0ddbda7802605cb18344497949862c0d4dcb291eba60" +dependencies = [ + "digest 0.10.7", + "keccak", +] + +[[package]] +name = "sharded-slab" +version = "0.1.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f40ca3c46823713e0d4209592e8d6e826aa57e928f09752619fc696c499637f6" +dependencies = [ + "lazy_static", +] + +[[package]] +name = "shlex" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" + +[[package]] +name = "signature" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" +dependencies = [ + "digest 0.10.7", + "rand_core 0.6.4", +] + +[[package]] +name = "simba" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b3a386a501cd104797982c15ae17aafe8b9261315b5d07e3ec803f2ea26be0fa" +dependencies = [ + "approx", + "num-complex", + "num-traits", + "paste", + "wide", +] + +[[package]] +name = "slab" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f92a496fb766b417c996b9c5e57daf2f7ad3b0bebe1ccfca4856390e3d3bb67" +dependencies = [ + "autocfg", +] + +[[package]] +name = "smallvec" +version = "1.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c5e1a9a646d36c3599cd173a41282daf47c44583ad367b8e6837255952e5c67" + +[[package]] +name = "sp-api" +version = "4.0.0-dev" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "hash-db 0.16.0", + "log", + "parity-scale-codec", + "scale-info", + "sp-api-proc-macro", + "sp-core", + "sp-externalities", + "sp-metadata-ir", + "sp-runtime", + "sp-state-machine", + "sp-std", + "sp-trie", + "sp-version", + "thiserror", +] + +[[package]] +name = "sp-api-proc-macro" +version = "4.0.0-dev" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "Inflector", + "blake2", + "expander", + "proc-macro-crate 1.3.1", + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "sp-application-crypto" +version = "23.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "parity-scale-codec", + "scale-info", + "serde", + "sp-core", + "sp-io", + "sp-std", +] + +[[package]] +name = "sp-arithmetic" +version = "16.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "integer-sqrt", + "num-traits", + "parity-scale-codec", + "scale-info", + "serde", + "sp-std", + "static_assertions", +] + +[[package]] +name = "sp-core" +version = "21.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "array-bytes", + "arrayvec 0.7.6", + "bitflags 1.3.2", + "blake2", + "bounded-collections", + "bs58", + "dyn-clonable", + "ed25519-zebra", + "futures", + "hash-db 0.16.0", + "hash256-std-hasher", + "impl-serde", + "lazy_static", + "libsecp256k1", + "log", + "merlin 2.0.1", + "parity-scale-codec", + "parking_lot", + "paste", + "primitive-types", + "rand 0.8.5", + "regex", + "scale-info", + "schnorrkel 0.9.1", + "secp256k1", + "secrecy", + "serde", + "sp-core-hashing", + "sp-debug-derive", + "sp-externalities", + "sp-runtime-interface", + "sp-std", + "sp-storage", + "ss58-registry", + "substrate-bip39", + "thiserror", + "tiny-bip39", + "tracing", + "zeroize", +] + +[[package]] +name = "sp-core-hashing" +version = "9.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "blake2b_simd", + "byteorder", + "digest 0.10.7", + "sha2 0.10.8", + "sha3", + "twox-hash", +] + +[[package]] +name = "sp-core-hashing-proc-macro" +version = "9.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "quote", + "sp-core-hashing", + "syn 2.0.79", +] + +[[package]] +name = "sp-debug-derive" +version = "8.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "sp-externalities" +version = "0.19.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "environmental", + "parity-scale-codec", + "sp-std", + "sp-storage", +] + +[[package]] +name = "sp-genesis-builder" +version = "0.1.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "serde_json", + "sp-api", + "sp-runtime", + "sp-std", +] + +[[package]] +name = "sp-inherents" +version = "4.0.0-dev" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "async-trait", + "impl-trait-for-tuples", + "parity-scale-codec", + "scale-info", + "sp-runtime", + "sp-std", + "thiserror", +] + +[[package]] +name = "sp-io" +version = "23.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "bytes", + "ed25519-dalek", + "libsecp256k1", + "log", + "parity-scale-codec", + "rustversion", + "secp256k1", + "sp-core", + "sp-externalities", + "sp-keystore", + "sp-runtime-interface", + "sp-state-machine", + "sp-std", + "sp-tracing", + "sp-trie", + "tracing", + "tracing-core", +] + +[[package]] +name = "sp-keystore" +version = "0.27.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "parity-scale-codec", + "parking_lot", + "sp-core", + "sp-externalities", + "thiserror", +] + +[[package]] +name = "sp-metadata-ir" +version = "0.1.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "frame-metadata", + "parity-scale-codec", + "scale-info", + "sp-std", +] + +[[package]] +name = "sp-panic-handler" +version = "8.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "backtrace", + "lazy_static", + "regex", +] + +[[package]] +name = "sp-runtime" +version = "24.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "either", + "hash256-std-hasher", + "impl-trait-for-tuples", + "log", + "parity-scale-codec", + "paste", + "rand 0.8.5", + "scale-info", + "serde", + "sp-application-crypto", + "sp-arithmetic", + "sp-core", + "sp-io", + "sp-std", + "sp-weights", +] + +[[package]] +name = "sp-runtime-interface" +version = "17.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "bytes", + "impl-trait-for-tuples", + "parity-scale-codec", + "primitive-types", + "sp-externalities", + "sp-runtime-interface-proc-macro", + "sp-std", + "sp-storage", + "sp-tracing", + "sp-wasm-interface", + "static_assertions", +] + +[[package]] +name = "sp-runtime-interface-proc-macro" +version = "11.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "Inflector", + "proc-macro-crate 1.3.1", + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "sp-staking" +version = "4.0.0-dev" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "impl-trait-for-tuples", + "parity-scale-codec", + "scale-info", + "serde", + "sp-core", + "sp-runtime", + "sp-std", +] + +[[package]] +name = "sp-state-machine" +version = "0.28.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "hash-db 0.16.0", + "log", + "parity-scale-codec", + "parking_lot", + "rand 0.8.5", + "smallvec", + "sp-core", + "sp-externalities", + "sp-panic-handler", + "sp-std", + "sp-trie", + "thiserror", + "tracing", + "trie-db", +] + +[[package]] +name = "sp-std" +version = "8.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" + +[[package]] +name = "sp-storage" +version = "13.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "impl-serde", + "parity-scale-codec", + "ref-cast", + "serde", + "sp-debug-derive", + "sp-std", +] + +[[package]] +name = "sp-tracing" +version = "10.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "parity-scale-codec", + "sp-std", + "tracing", + "tracing-core", + "tracing-subscriber", +] + +[[package]] +name = "sp-trie" +version = "22.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "ahash 0.8.11", + "hash-db 0.16.0", + "hashbrown 0.13.2", + "lazy_static", + "memory-db", + "nohash-hasher", + "parity-scale-codec", + "parking_lot", + "scale-info", + "schnellru", + "sp-core", + "sp-std", + "thiserror", + "tracing", + "trie-db", + "trie-root", +] + +[[package]] +name = "sp-version" +version = "22.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "impl-serde", + "parity-scale-codec", + "parity-wasm", + "scale-info", + "serde", + "sp-core-hashing-proc-macro", + "sp-runtime", + "sp-std", + "sp-version-proc-macro", + "thiserror", +] + +[[package]] +name = "sp-version-proc-macro" +version = "8.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "parity-scale-codec", + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "sp-wasm-interface" +version = "14.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "anyhow", + "impl-trait-for-tuples", + "log", + "parity-scale-codec", + "sp-std", + "wasmtime", +] + +[[package]] +name = "sp-weights" +version = "20.0.0" +source = "git+https://github.com/paritytech/polkadot-sdk?branch=release-polkadot-v1.1.0#65a434a0ed474c14f692dcf9f69f8da66a99d401" +dependencies = [ + "parity-scale-codec", + "scale-info", + "serde", + "smallvec", + "sp-arithmetic", + "sp-core", + "sp-debug-derive", + "sp-std", +] + +[[package]] +name = "spin" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" + +[[package]] +name = "spki" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "67cf02bbac7a337dc36e4f5a693db6c21e7863f45070f7064577eb4367a3212b" +dependencies = [ + "base64ct", + "der 0.6.1", +] + +[[package]] +name = "spki" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" +dependencies = [ + "base64ct", + "der 0.7.9", +] + +[[package]] +name = "ss58-registry" +version = "1.51.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19409f13998e55816d1c728395af0b52ec066206341d939e22e7766df9b494b8" +dependencies = [ + "Inflector", + "num-format", + "proc-macro2", + "quote", + "serde", + "serde_json", + "unicode-xid", +] + +[[package]] +name = "stable_deref_trait" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" + +[[package]] +name = "static_assertions" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" + +[[package]] +name = "strum" +version = "0.26.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8fec0f0aef304996cf250b31b5a10dee7980c85da9d759361292b8bca5a18f06" + +[[package]] +name = "strum_macros" +version = "0.26.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c6bee85a5a24955dc440386795aa378cd9cf82acd5f764469152d2270e581be" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "rustversion", + "syn 2.0.79", +] + +[[package]] +name = "substrate-bip39" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a7590dc041b9bc2825e52ce5af8416c73dbe9d0654402bfd4b4941938b94d8f" +dependencies = [ + "hmac 0.11.0", + "pbkdf2 0.8.0", + "schnorrkel 0.11.4", + "sha2 0.9.9", + "zeroize", +] + +[[package]] +name = "subtle" +version = "2.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" + +[[package]] +name = "syn" +version = "1.0.109" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "syn" +version = "2.0.79" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "89132cd0bf050864e1d38dc3bbc07a0eb8e7530af26344d3d2bbbef83499f590" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "tap" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369" + +[[package]] +name = "target-lexicon" +version = "0.12.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61c41af27dd6d1e27b1b16b489db798443478cef1f06a660c96db617ba5de3b1" + +[[package]] +name = "termcolor" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06794f8f6c5c898b3275aebefa6b8a1cb24cd2c6c79397ab15774837a0bc5755" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "thiserror" +version = "1.0.64" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d50af8abc119fb8bb6dbabcfa89656f46f84aa0ac7688088608076ad2b459a84" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.64" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08904e7672f5eb876eaaf87e0ce17857500934f4981c4a0ab2b4aa98baac7fc3" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "thread_local" +version = "1.1.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b9ef9bad013ada3808854ceac7b46812a6465ba368859a37e2100283d2d719c" +dependencies = [ + "cfg-if", + "once_cell", +] + +[[package]] +name = "tiny-bip39" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62cc94d358b5a1e84a5cb9109f559aa3c4d634d2b1b4de3d0fa4adc7c78e2861" +dependencies = [ + "anyhow", + "hmac 0.12.1", + "once_cell", + "pbkdf2 0.11.0", + "rand 0.8.5", + "rustc-hash", + "sha2 0.10.8", + "thiserror", + "unicode-normalization", + "wasm-bindgen", + "zeroize", +] + +[[package]] +name = "tiny-keccak" +version = "2.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c9d3793400a45f954c52e73d068316d76b6f4e36977e3fcebb13a2721e80237" +dependencies = [ + "crunchy", +] + +[[package]] +name = "tinyvec" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "445e881f4f6d382d5f27c034e25eb92edd7c784ceab92a0937db7f2e9471b938" +dependencies = [ + "tinyvec_macros", +] + +[[package]] +name = "tinyvec_macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" + +[[package]] +name = "toml" +version = "0.8.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1ed1f98e3fdc28d6d910e6737ae6ab1a93bf1985935a1193e68f93eeb68d24e" +dependencies = [ + "serde", + "serde_spanned", + "toml_datetime", + "toml_edit 0.22.22", +] + +[[package]] +name = "toml_datetime" +version = "0.6.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0dd7358ecb8fc2f8d014bf86f6f638ce72ba252a2c3a2572f2a795f1d23efb41" +dependencies = [ + "serde", +] + +[[package]] +name = "toml_edit" +version = "0.19.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b5bb770da30e5cbfde35a2d7b9b8a2c4b8ef89548a7a6aeab5c9a576e3e7421" +dependencies = [ + "indexmap 2.6.0", + "toml_datetime", + "winnow 0.5.40", +] + +[[package]] +name = "toml_edit" +version = "0.22.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ae48d6208a266e853d946088ed816055e556cc6028c5e8e2b84d9fa5dd7c7f5" +dependencies = [ + "indexmap 2.6.0", + "serde", + "serde_spanned", + "toml_datetime", + "winnow 0.6.20", +] + +[[package]] +name = "tracing" +version = "0.1.40" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3523ab5a71916ccf420eebdf5521fcef02141234bbc0b8a49f2fdc4544364ef" +dependencies = [ + "pin-project-lite", + "tracing-attributes", + "tracing-core", +] + +[[package]] +name = "tracing-attributes" +version = "0.1.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "tracing-core" +version = "0.1.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c06d3da6113f116aaee68e4d601191614c9053067f9ab7f6edbcb161237daa54" +dependencies = [ + "once_cell", + "valuable", +] + +[[package]] +name = "tracing-log" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f751112709b4e791d8ce53e32c4ed2d353565a795ce84da2285393f41557bdf2" +dependencies = [ + "log", + "once_cell", + "tracing-core", +] + +[[package]] +name = "tracing-serde" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bc6b213177105856957181934e4920de57730fc69bf42c37ee5bb664d406d9e1" +dependencies = [ + "serde", + "tracing-core", +] + +[[package]] +name = "tracing-subscriber" +version = "0.2.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0e0d2eaa99c3c2e41547cfa109e910a68ea03823cccad4a0525dcbc9b01e8c71" +dependencies = [ + "ansi_term", + "chrono", + "lazy_static", + "matchers", + "regex", + "serde", + "serde_json", + "sharded-slab", + "smallvec", + "thread_local", + "tracing", + "tracing-core", + "tracing-log", + "tracing-serde", +] + +[[package]] +name = "trie-db" +version = "0.27.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "767abe6ffed88a1889671a102c2861ae742726f52e0a5a425b92c9fbfa7e9c85" +dependencies = [ + "hash-db 0.16.0", + "hashbrown 0.13.2", + "log", + "rustc-hex", + "smallvec", +] + +[[package]] +name = "trie-root" +version = "0.18.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d4ed310ef5ab98f5fa467900ed906cb9232dd5376597e00fd4cba2a449d06c0b" +dependencies = [ + "hash-db 0.16.0", +] + +[[package]] +name = "triehash" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1631b201eb031b563d2e85ca18ec8092508e262a3196ce9bd10a67ec87b9f5c" +dependencies = [ + "hash-db 0.15.2", + "rlp", +] + +[[package]] +name = "tt-call" +version = "1.0.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4f195fd851901624eee5a58c4bb2b4f06399148fcd0ed336e6f1cb60a9881df" + +[[package]] +name = "twox-hash" +version = "1.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97fee6b57c6a41524a810daee9286c02d7752c4253064d0b05472833a438f675" +dependencies = [ + "cfg-if", + "digest 0.10.7", + "rand 0.8.5", + "static_assertions", +] + +[[package]] +name = "typenum" +version = "1.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825" + +[[package]] +name = "uint" +version = "0.9.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "76f64bba2c53b04fcab63c01a7d7427eadc821e3bc48c34dc9ba29c501164b52" +dependencies = [ + "byteorder", + "crunchy", + "hex", + "static_assertions", +] + +[[package]] +name = "unicode-bidi" +version = "0.3.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5ab17db44d7388991a428b2ee655ce0c212e862eff1768a455c58f9aad6e7893" + +[[package]] +name = "unicode-ident" +version = "1.0.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e91b56cd4cadaeb79bbf1a5645f6b4f8dc5bde8834ad5894a8db35fda9efa1fe" + +[[package]] +name = "unicode-normalization" +version = "0.1.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5033c97c4262335cded6d6fc3e5c18ab755e1a3dc96376350f3d8e9f009ad956" +dependencies = [ + "tinyvec", +] + +[[package]] +name = "unicode-xid" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853" + +[[package]] +name = "untrusted" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" + +[[package]] +name = "untrusted" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" + +[[package]] +name = "url" +version = "2.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "22784dbdf76fdde8af1aeda5622b546b422b6fc585325248a2bf9f5e41e94d6c" +dependencies = [ + "form_urlencoded", + "idna", + "percent-encoding", +] + +[[package]] +name = "valuable" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "830b7e5d4d90034032940e4ace0d9a9a057e7a45cd94e6c007832e39edb82f6d" + +[[package]] +name = "version_check" +version = "0.9.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a" + +[[package]] +name = "walkdir" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "29790946404f91d9c5d06f9874efddea1dc06c5efe94541a7d6863108e3a5e4b" +dependencies = [ + "same-file", + "winapi-util", +] + +[[package]] +name = "wasi" +version = "0.9.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + +[[package]] +name = "wasm-bindgen" +version = "0.2.95" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "128d1e363af62632b8eb57219c8fd7877144af57558fb2ef0368d0087bddeb2e" +dependencies = [ + "cfg-if", + "once_cell", + "wasm-bindgen-macro", +] + +[[package]] +name = "wasm-bindgen-backend" +version = "0.2.95" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb6dd4d3ca0ddffd1dd1c9c04f94b868c37ff5fac97c30b97cff2d74fce3a358" +dependencies = [ + "bumpalo", + "log", + "once_cell", + "proc-macro2", + "quote", + "syn 2.0.79", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-macro" +version = "0.2.95" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e79384be7f8f5a9dd5d7167216f022090cf1f9ec128e6e6a482a2cb5c5422c56" +dependencies = [ + "quote", + "wasm-bindgen-macro-support", +] + +[[package]] +name = "wasm-bindgen-macro-support" +version = "0.2.95" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26c6ab57572f7a24a4985830b120de1594465e5d500f24afe89e16b4e833ef68" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", + "wasm-bindgen-backend", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-shared" +version = "0.2.95" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "65fc09f10666a9f147042251e0dda9c18f166ff7de300607007e96bdebc1068d" + +[[package]] +name = "wasmparser" +version = "0.102.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "48134de3d7598219ab9eaf6b91b15d8e50d31da76b8519fe4ecfcec2cf35104b" +dependencies = [ + "indexmap 1.9.3", + "url", +] + +[[package]] +name = "wasmtime" +version = "8.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f907fdead3153cb9bfb7a93bbd5b62629472dc06dee83605358c64c52ed3dda9" +dependencies = [ + "anyhow", + "bincode", + "cfg-if", + "indexmap 1.9.3", + "libc", + "log", + "object 0.30.4", + "once_cell", + "paste", + "psm", + "serde", + "target-lexicon", + "wasmparser", + "wasmtime-environ", + "wasmtime-jit", + "wasmtime-runtime", + "windows-sys 0.45.0", +] + +[[package]] +name = "wasmtime-asm-macros" +version = "8.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3b9daa7c14cd4fa3edbf69de994408d5f4b7b0959ac13fa69d465f6597f810d" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "wasmtime-environ" +version = "8.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a990198cee4197423045235bf89d3359e69bd2ea031005f4c2d901125955c949" +dependencies = [ + "anyhow", + "cranelift-entity", + "gimli 0.27.3", + "indexmap 1.9.3", + "log", + "object 0.30.4", + "serde", + "target-lexicon", + "thiserror", + "wasmparser", + "wasmtime-types", +] + +[[package]] +name = "wasmtime-jit" +version = "8.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0de48df552cfca1c9b750002d3e07b45772dd033b0b206d5c0968496abf31244" +dependencies = [ + "addr2line 0.19.0", + "anyhow", + "bincode", + "cfg-if", + "cpp_demangle", + "gimli 0.27.3", + "log", + "object 0.30.4", + "rustc-demangle", + "serde", + "target-lexicon", + "wasmtime-environ", + "wasmtime-jit-icache-coherence", + "wasmtime-runtime", + "windows-sys 0.45.0", +] + +[[package]] +name = "wasmtime-jit-debug" +version = "8.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e0554b84c15a27d76281d06838aed94e13a77d7bf604bbbaf548aa20eb93846" +dependencies = [ + "once_cell", +] + +[[package]] +name = "wasmtime-jit-icache-coherence" +version = "8.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aecae978b13f7f67efb23bd827373ace4578f2137ec110bbf6a4a7cde4121bbd" +dependencies = [ + "cfg-if", + "libc", + "windows-sys 0.45.0", +] + +[[package]] +name = "wasmtime-runtime" +version = "8.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "658cf6f325232b6760e202e5255d823da5e348fdea827eff0a2a22319000b441" +dependencies = [ + "anyhow", + "cc", + "cfg-if", + "indexmap 1.9.3", + "libc", + "log", + "mach", + "memfd", + "memoffset", + "paste", + "rand 0.8.5", + "rustix 0.36.17", + "wasmtime-asm-macros", + "wasmtime-environ", + "wasmtime-jit-debug", + "windows-sys 0.45.0", +] + +[[package]] +name = "wasmtime-types" +version = "8.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4f6fffd2a1011887d57f07654dd112791e872e3ff4a2e626aee8059ee17f06f" +dependencies = [ + "cranelift-entity", + "serde", + "thiserror", + "wasmparser", +] + +[[package]] +name = "web-sys" +version = "0.3.72" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6488b90108c040df0fe62fa815cbdee25124641df01814dd7282749234c6112" +dependencies = [ + "js-sys", + "wasm-bindgen", +] + +[[package]] +name = "wide" +version = "0.7.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b828f995bf1e9622031f8009f8481a85406ce1f4d4588ff746d872043e855690" +dependencies = [ + "bytemuck", + "safe_arch", +] + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-util" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb" +dependencies = [ + "windows-sys 0.59.0", +] + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "windows-core" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9" +dependencies = [ + "windows-targets 0.52.6", +] + +[[package]] +name = "windows-sys" +version = "0.45.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75283be5efb2831d37ea142365f009c02ec203cd29a3ebecbc093d52315b66d0" +dependencies = [ + "windows-targets 0.42.2", +] + +[[package]] +name = "windows-sys" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" +dependencies = [ + "windows-targets 0.48.5", +] + +[[package]] +name = "windows-sys" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" +dependencies = [ + "windows-targets 0.52.6", +] + +[[package]] +name = "windows-sys" +version = "0.59.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" +dependencies = [ + "windows-targets 0.52.6", +] + +[[package]] +name = "windows-targets" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e5180c00cd44c9b1c88adb3693291f1cd93605ded80c250a75d472756b4d071" +dependencies = [ + "windows_aarch64_gnullvm 0.42.2", + "windows_aarch64_msvc 0.42.2", + "windows_i686_gnu 0.42.2", + "windows_i686_msvc 0.42.2", + "windows_x86_64_gnu 0.42.2", + "windows_x86_64_gnullvm 0.42.2", + "windows_x86_64_msvc 0.42.2", +] + +[[package]] +name = "windows-targets" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" +dependencies = [ + "windows_aarch64_gnullvm 0.48.5", + "windows_aarch64_msvc 0.48.5", + "windows_i686_gnu 0.48.5", + "windows_i686_msvc 0.48.5", + "windows_x86_64_gnu 0.48.5", + "windows_x86_64_gnullvm 0.48.5", + "windows_x86_64_msvc 0.48.5", +] + +[[package]] +name = "windows-targets" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" +dependencies = [ + "windows_aarch64_gnullvm 0.52.6", + "windows_aarch64_msvc 0.52.6", + "windows_i686_gnu 0.52.6", + "windows_i686_gnullvm", + "windows_i686_msvc 0.52.6", + "windows_x86_64_gnu 0.52.6", + "windows_x86_64_gnullvm 0.52.6", + "windows_x86_64_msvc 0.52.6", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "597a5118570b68bc08d8d59125332c54f1ba9d9adeedeef5b99b02ba2b0698f8" + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e08e8864a60f06ef0d0ff4ba04124db8b0fb3be5776a5cd47641e942e58c4d43" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" + +[[package]] +name = "windows_i686_gnu" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c61d927d8da41da96a81f029489353e68739737d3beca43145c8afec9a31a84f" + +[[package]] +name = "windows_i686_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" + +[[package]] +name = "windows_i686_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" + +[[package]] +name = "windows_i686_msvc" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44d840b6ec649f480a41c8d80f9c65108b92d89345dd94027bfe06ac444d1060" + +[[package]] +name = "windows_i686_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" + +[[package]] +name = "windows_i686_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8de912b8b8feb55c064867cf047dda097f92d51efad5b491dfb98f6bbb70cb36" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26d41b46a36d453748aedef1486d5c7a85db22e56aff34643984ea85514e94a3" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9aec5da331524158c6d1a4ac0ab1541149c0b9505fde06423b02f5ef0106b9f0" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" + +[[package]] +name = "winnow" +version = "0.5.40" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f593a95398737aeed53e489c785df13f3618e41dbcd6718c6addbf1395aa6876" +dependencies = [ + "memchr", +] + +[[package]] +name = "winnow" +version = "0.6.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "36c1fec1a2bb5866f07c25f68c26e565c4c200aebb96d7e55710c19d3e8ac49b" +dependencies = [ + "memchr", +] + +[[package]] +name = "wyz" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05f360fc0b24296329c78fda852a1e9ae82de9cf7b27dae4b7f62f118f77b9ed" +dependencies = [ + "tap", +] + +[[package]] +name = "x509-cert" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "99d224a125dec5adda27d0346b9cae9794830279c4f9c27e4ab0b6c408d54012" +dependencies = [ + "const-oid", + "der 0.6.1", + "flagset", + "spki 0.6.0", +] + +[[package]] +name = "zerocopy" +version = "0.7.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0" +dependencies = [ + "byteorder", + "zerocopy-derive", +] + +[[package]] +name = "zerocopy-derive" +version = "0.7.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "zeroize" +version = "1.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde" +dependencies = [ + "zeroize_derive", +] + +[[package]] +name = "zeroize_derive" +version = "1.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] diff --git a/common/primitives/core/src/intention.rs b/common/primitives/core/src/intention.rs new file mode 100644 index 0000000000..2255c1eabd --- /dev/null +++ b/common/primitives/core/src/intention.rs @@ -0,0 +1,28 @@ +use parity_scale_codec::{Decode, Encode, MaxEncodedLen}; +use scale_info::TypeInfo; +use sp_core::H160; +use sp_runtime::{traits::ConstU32, BoundedVec}; + +pub const CALL_ETHEREUM_INPUT_LEN: u32 = 10 * 1024; + +#[derive(Encode, Decode, Debug, Clone, PartialEq, Eq, MaxEncodedLen, TypeInfo)] +pub enum Intention { + #[codec(index = 0)] + TransferEthereum(TransferEthereum), + #[codec(index = 1)] + CallEthereum(CallEthereum), +} + +#[derive(Encode, Decode, Debug, Clone, PartialEq, Eq, MaxEncodedLen, TypeInfo)] +pub struct TransferEthereum { + pub to: H160, + pub value: [u8; 32], +} + +pub type CallEthereumInputLen = ConstU32; + +#[derive(Encode, Decode, Debug, Clone, PartialEq, Eq, MaxEncodedLen, TypeInfo)] +pub struct CallEthereum { + pub address: H160, + pub input: BoundedVec, +} diff --git a/common/primitives/core/src/lib.rs b/common/primitives/core/src/lib.rs index a04fdf9844..daf96583e5 100644 --- a/common/primitives/core/src/lib.rs +++ b/common/primitives/core/src/lib.rs @@ -32,6 +32,9 @@ pub use assertion::Assertion; pub mod identity; pub use identity::*; +pub mod intention; +pub use intention::*; + pub mod omni_account; pub use omni_account::*; diff --git a/parachain/pallets/omni-account/src/lib.rs b/parachain/pallets/omni-account/src/lib.rs index 8b16863eca..9c46581c51 100644 --- a/parachain/pallets/omni-account/src/lib.rs +++ b/parachain/pallets/omni-account/src/lib.rs @@ -21,7 +21,9 @@ mod mock; #[cfg(test)] mod tests; -pub use core_primitives::{GetAccountStoreHash, Identity, MemberAccount, OmniAccountConverter}; +pub use core_primitives::{ + GetAccountStoreHash, Identity, Intention, MemberAccount, OmniAccountConverter, +}; pub use frame_system::pallet_prelude::BlockNumberFor; pub use pallet::*; @@ -137,6 +139,8 @@ pub mod pallet { DispatchedAsOmniAccount { who: T::AccountId, result: DispatchResult }, /// Some call is dispatched as signed origin DispatchedAsSigned { who: T::AccountId, result: DispatchResult }, + /// Intention is requested + IntentionRequested { who: T::AccountId, intention: Intention }, } #[pallet::error] @@ -306,6 +310,14 @@ pub mod pallet { Ok(()) } + + #[pallet::call_index(6)] + #[pallet::weight((195_000_000, DispatchClass::Normal))] + pub fn request_intention(origin: OriginFor, intention: Intention) -> DispatchResult { + let who = T::OmniAccountOrigin::ensure_origin(origin)?; + Self::deposit_event(Event::IntentionRequested { who, intention }); + Ok(()) + } } } diff --git a/parachain/pallets/omni-account/src/tests.rs b/parachain/pallets/omni-account/src/tests.rs index 1ae090c741..c4306d83d5 100644 --- a/parachain/pallets/omni-account/src/tests.rs +++ b/parachain/pallets/omni-account/src/tests.rs @@ -15,9 +15,10 @@ // along with Litentry. If not, see . use crate::{mock::*, AccountStore, MemberAccountHash, *}; -use core_primitives::Identity; +use core_primitives::{CallEthereum, Identity}; use frame_support::{assert_noop, assert_ok}; use sp_core::hashing::blake2_256; +use sp_core::H160; use sp_runtime::{traits::BadOrigin, ModuleError}; use sp_std::vec; @@ -37,6 +38,10 @@ fn publicize_account_call(id: Identity) -> Box { Box::new(call) } +fn request_intention_call(intention: Intention) -> Box { + RuntimeCall::OmniAccount(crate::Call::request_intention { intention }).into() +} + fn make_balance_transfer_call(dest: AccountId, value: Balance) -> Box { let call = RuntimeCall::Balances(pallet_balances::Call::transfer { dest, value }); Box::new(call) @@ -589,6 +594,56 @@ fn publicize_account_identity_not_found_works() { }); } +#[test] +fn request_intention_works() { + new_test_ext().execute_with(|| { + let tee_signer = get_tee_signer(); + let who = alice(); + let who_identity = Identity::from(who.clone()); + let who_identity_hash = who_identity.hash(); + let who_omni_account = who_identity.to_omni_account(); + + let private_account = + MemberAccount::Private(vec![1, 2, 3], H256::from(blake2_256(&[1, 2, 3]))); + + assert_ok!(OmniAccount::create_account_store( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.clone(), + )); + + let call = add_account_call(private_account); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity.hash(), + call + )); + + let intention = Intention::CallEthereum(CallEthereum { + address: H160::zero(), + input: BoundedVec::new(), + }); + + let call = request_intention_call(intention.clone()); + assert_ok!(OmniAccount::dispatch_as_omni_account( + RuntimeOrigin::signed(tee_signer.clone()), + who_identity_hash, + call + )); + + System::assert_has_event( + Event::DispatchedAsOmniAccount { + who: who_omni_account.clone(), + result: DispatchResult::Ok(()), + } + .into(), + ); + + System::assert_has_event( + Event::IntentionRequested { who: who_omni_account, intention }.into(), + ); + }); +} + #[test] fn dispatch_as_signed_works() { new_test_ext().execute_with(|| { diff --git a/tee-worker/omni-executor/.gitignore b/tee-worker/omni-executor/.gitignore new file mode 100644 index 0000000000..7ea756c65e --- /dev/null +++ b/tee-worker/omni-executor/.gitignore @@ -0,0 +1,7 @@ +debug/ +target/ +.idea/ +**/*.bin + +cache + diff --git a/tee-worker/omni-executor/Cargo.lock b/tee-worker/omni-executor/Cargo.lock new file mode 100644 index 0000000000..96aca827b5 --- /dev/null +++ b/tee-worker/omni-executor/Cargo.lock @@ -0,0 +1,5356 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "addr2line" +version = "0.24.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f5fb1d8e4442bd405fdfd1dacb42792696b0cf9cb15882e5d097b742a676d375" +dependencies = [ + "gimli", +] + +[[package]] +name = "adler2" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "512761e0bb2578dd7380c6baaa0f4ce03e84f95e960231d1dec8bf4d7d6e2627" + +[[package]] +name = "aead" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d122413f284cf2d62fb1b7db97e02edb8cda96d769b16e443a4f6195e35662b0" +dependencies = [ + "crypto-common", + "generic-array", +] + +[[package]] +name = "ahash" +version = "0.8.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e89da841a80418a9b391ebaea17f5c112ffaaa96f621d2c285b5174da76b9011" +dependencies = [ + "cfg-if", + "once_cell", + "version_check", + "zerocopy", +] + +[[package]] +name = "aho-corasick" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e60d3430d3a69478ad0993f19238d2df97c507009a52b3c10addcd7f6bcb916" +dependencies = [ + "memchr", +] + +[[package]] +name = "allocator-api2" +version = "0.2.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c6cb57a04249c6480766f7f7cef5467412af1490f8d1e243141daddada3264f" + +[[package]] +name = "alloy" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8367891bf380210abb0d6aa30c5f85a9080cb4a066c4d5c5acadad630823751b" +dependencies = [ + "alloy-consensus", + "alloy-contract", + "alloy-core", + "alloy-eips", + "alloy-genesis", + "alloy-network", + "alloy-provider", + "alloy-rpc-client", + "alloy-rpc-types", + "alloy-serde", + "alloy-signer", + "alloy-signer-local", + "alloy-transport", + "alloy-transport-http", +] + +[[package]] +name = "alloy-chains" +version = "0.1.34" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8158b4878c67837e5413721cc44298e6a2d88d39203175ea025e51892a16ba4c" +dependencies = [ + "num_enum", + "strum", +] + +[[package]] +name = "alloy-consensus" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "629b62e38d471cc15fea534eb7283d2f8a4e8bdb1811bcc5d66dda6cfce6fae1" +dependencies = [ + "alloy-eips", + "alloy-primitives", + "alloy-rlp", + "alloy-serde", + "c-kzg", + "serde", +] + +[[package]] +name = "alloy-contract" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0eefe64fd344cffa9cf9e3435ec4e93e6e9c3481bc37269af988bf497faf4a6a" +dependencies = [ + "alloy-dyn-abi", + "alloy-json-abi", + "alloy-network", + "alloy-network-primitives", + "alloy-primitives", + "alloy-provider", + "alloy-rpc-types-eth", + "alloy-sol-types", + "alloy-transport", + "futures", + "futures-util", + "thiserror", +] + +[[package]] +name = "alloy-core" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5ce854562e7cafd5049189d0268d6e5cba05fe6c9cb7c6f8126a79b94800629c" +dependencies = [ + "alloy-dyn-abi", + "alloy-json-abi", + "alloy-primitives", + "alloy-rlp", + "alloy-sol-types", +] + +[[package]] +name = "alloy-dyn-abi" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b499852e1d0e9b8c6db0f24c48998e647c0d5762a01090f955106a7700e4611" +dependencies = [ + "alloy-json-abi", + "alloy-primitives", + "alloy-sol-type-parser", + "alloy-sol-types", + "const-hex", + "itoa", + "serde", + "serde_json", + "winnow 0.6.20", +] + +[[package]] +name = "alloy-eip2930" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0069cf0642457f87a01a014f6dc29d5d893cd4fd8fddf0c3cdfad1bb3ebafc41" +dependencies = [ + "alloy-primitives", + "alloy-rlp", + "serde", +] + +[[package]] +name = "alloy-eip7702" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea59dc42102bc9a1905dc57901edc6dd48b9f38115df86c7d252acba70d71d04" +dependencies = [ + "alloy-primitives", + "alloy-rlp", + "serde", +] + +[[package]] +name = "alloy-eips" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f923dd5fca5f67a43d81ed3ebad0880bd41f6dd0ada930030353ac356c54cd0f" +dependencies = [ + "alloy-eip2930", + "alloy-eip7702", + "alloy-primitives", + "alloy-rlp", + "alloy-serde", + "c-kzg", + "derive_more 1.0.0", + "once_cell", + "serde", + "sha2 0.10.8", +] + +[[package]] +name = "alloy-genesis" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3a7a18afb0b318616b6b2b0e2e7ac5529d32a966c673b48091c9919e284e6aca" +dependencies = [ + "alloy-primitives", + "alloy-serde", + "serde", +] + +[[package]] +name = "alloy-json-abi" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a438d4486b5d525df3b3004188f9d5cd1d65cd30ecc41e5a3ccef6f6342e8af9" +dependencies = [ + "alloy-primitives", + "alloy-sol-type-parser", + "serde", + "serde_json", +] + +[[package]] +name = "alloy-json-rpc" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3c717b5298fad078cd3a418335b266eba91b511383ca9bd497f742d5975d5ab" +dependencies = [ + "alloy-primitives", + "alloy-sol-types", + "serde", + "serde_json", + "thiserror", + "tracing", +] + +[[package]] +name = "alloy-network" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fb3705ce7d8602132bcf5ac7a1dd293a42adc2f183abf5907c30ac535ceca049" +dependencies = [ + "alloy-consensus", + "alloy-eips", + "alloy-json-rpc", + "alloy-network-primitives", + "alloy-primitives", + "alloy-rpc-types-eth", + "alloy-serde", + "alloy-signer", + "alloy-sol-types", + "async-trait", + "auto_impl", + "futures-utils-wasm", + "thiserror", +] + +[[package]] +name = "alloy-network-primitives" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94ad40869867ed2d9cd3842b1e800889e5b49e6b92da346e93862b4a741bedf3" +dependencies = [ + "alloy-eips", + "alloy-primitives", + "alloy-serde", + "serde", +] + +[[package]] +name = "alloy-primitives" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "260d3ff3bff0bb84599f032a2f2c6828180b0ea0cd41fdaf44f39cef3ba41861" +dependencies = [ + "alloy-rlp", + "bytes", + "cfg-if", + "const-hex", + "derive_more 1.0.0", + "hashbrown 0.14.5", + "hex-literal", + "indexmap", + "itoa", + "k256", + "keccak-asm", + "paste", + "proptest", + "rand", + "ruint", + "rustc-hash 2.0.0", + "serde", + "sha3", + "tiny-keccak", +] + +[[package]] +name = "alloy-provider" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "927f708dd457ed63420400ee5f06945df9632d5d101851952056840426a10dc5" +dependencies = [ + "alloy-chains", + "alloy-consensus", + "alloy-eips", + "alloy-json-rpc", + "alloy-network", + "alloy-network-primitives", + "alloy-primitives", + "alloy-rpc-client", + "alloy-rpc-types-eth", + "alloy-transport", + "alloy-transport-http", + "async-stream", + "async-trait", + "auto_impl", + "dashmap", + "futures", + "futures-utils-wasm", + "lru", + "pin-project", + "reqwest", + "serde", + "serde_json", + "thiserror", + "tokio", + "tracing", + "url", +] + +[[package]] +name = "alloy-rlp" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26154390b1d205a4a7ac7352aa2eb4f81f391399d4e2f546fb81a2f8bb383f62" +dependencies = [ + "alloy-rlp-derive", + "arrayvec 0.7.6", + "bytes", +] + +[[package]] +name = "alloy-rlp-derive" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4d0f2d905ebd295e7effec65e5f6868d153936130ae718352771de3e7d03c75c" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "alloy-rpc-client" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d82952dca71173813d4e5733e2c986d8b04aea9e0f3b0a576664c232ad050a5" +dependencies = [ + "alloy-json-rpc", + "alloy-transport", + "alloy-transport-http", + "futures", + "pin-project", + "reqwest", + "serde", + "serde_json", + "tokio", + "tokio-stream", + "tower 0.5.1", + "tracing", + "url", +] + +[[package]] +name = "alloy-rpc-types" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64333d639f2a0cf73491813c629a405744e16343a4bc5640931be707c345ecc5" +dependencies = [ + "alloy-rpc-types-eth", + "alloy-serde", + "serde", +] + +[[package]] +name = "alloy-rpc-types-eth" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83aa984386deda02482660aa31cb8ca1e63d533f1c31a52d7d181ac5ec68e9b8" +dependencies = [ + "alloy-consensus", + "alloy-eips", + "alloy-network-primitives", + "alloy-primitives", + "alloy-rlp", + "alloy-serde", + "alloy-sol-types", + "cfg-if", + "derive_more 1.0.0", + "hashbrown 0.14.5", + "itertools 0.13.0", + "serde", + "serde_json", +] + +[[package]] +name = "alloy-serde" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "731f75ec5d383107fd745d781619bd9cedf145836c51ecb991623d41278e71fa" +dependencies = [ + "alloy-primitives", + "serde", + "serde_json", +] + +[[package]] +name = "alloy-signer" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "307324cca94354cd654d6713629f0383ec037e1ff9e3e3d547212471209860c0" +dependencies = [ + "alloy-primitives", + "async-trait", + "auto_impl", + "elliptic-curve", + "k256", + "thiserror", +] + +[[package]] +name = "alloy-signer-local" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9fabe917ab1778e760b4701628d1cae8e028ee9d52ac6307de4e1e9286ab6b5f" +dependencies = [ + "alloy-consensus", + "alloy-network", + "alloy-primitives", + "alloy-signer", + "async-trait", + "k256", + "rand", + "thiserror", +] + +[[package]] +name = "alloy-sol-macro" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68e7f6e8fe5b443f82b3f1e15abfa191128f71569148428e49449d01f6f49e8b" +dependencies = [ + "alloy-sol-macro-expander", + "alloy-sol-macro-input", + "proc-macro-error2", + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "alloy-sol-macro-expander" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b96ce28d2fde09abb6135f410c41fad670a3a770b6776869bd852f1df102e6f" +dependencies = [ + "alloy-json-abi", + "alloy-sol-macro-input", + "const-hex", + "heck", + "indexmap", + "proc-macro-error2", + "proc-macro2", + "quote", + "syn 2.0.79", + "syn-solidity", + "tiny-keccak", +] + +[[package]] +name = "alloy-sol-macro-input" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "906746396a8296537745711630d9185746c0b50c033d5e9d18b0a6eba3d53f90" +dependencies = [ + "alloy-json-abi", + "const-hex", + "dunce", + "heck", + "proc-macro2", + "quote", + "serde_json", + "syn 2.0.79", + "syn-solidity", +] + +[[package]] +name = "alloy-sol-type-parser" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bc85178909a49c8827ffccfc9103a7ce1767ae66a801b69bdc326913870bf8e6" +dependencies = [ + "serde", + "winnow 0.6.20", +] + +[[package]] +name = "alloy-sol-types" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d86a533ce22525969661b25dfe296c112d35eb6861f188fd284f8bd4bb3842ae" +dependencies = [ + "alloy-json-abi", + "alloy-primitives", + "alloy-sol-macro", + "const-hex", + "serde", +] + +[[package]] +name = "alloy-transport" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "33616b2edf7454302a1d48084db185e52c309f73f6c10be99b0fe39354b3f1e9" +dependencies = [ + "alloy-json-rpc", + "base64 0.22.1", + "futures-util", + "futures-utils-wasm", + "serde", + "serde_json", + "thiserror", + "tokio", + "tower 0.5.1", + "tracing", + "url", +] + +[[package]] +name = "alloy-transport-http" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a944f5310c690b62bbb3e7e5ce34527cbd36b2d18532a797af123271ce595a49" +dependencies = [ + "alloy-json-rpc", + "alloy-transport", + "reqwest", + "serde_json", + "tower 0.5.1", + "tracing", + "url", +] + +[[package]] +name = "anstream" +version = "0.6.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64e15c1ab1f89faffbf04a634d5e1962e9074f2741eef6d97f3c4e322426d526" +dependencies = [ + "anstyle", + "anstyle-parse", + "anstyle-query", + "anstyle-wincon", + "colorchoice", + "is_terminal_polyfill", + "utf8parse", +] + +[[package]] +name = "anstyle" +version = "1.0.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bec1de6f59aedf83baf9ff929c98f2ad654b97c9510f4e70cf6f661d49fd5b1" + +[[package]] +name = "anstyle-parse" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eb47de1e80c2b463c735db5b217a0ddc39d612e7ac9e2e96a5aed1f57616c1cb" +dependencies = [ + "utf8parse", +] + +[[package]] +name = "anstyle-query" +version = "1.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d36fc52c7f6c869915e99412912f22093507da8d9e942ceaf66fe4b7c14422a" +dependencies = [ + "windows-sys 0.52.0", +] + +[[package]] +name = "anstyle-wincon" +version = "3.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5bf74e1b6e971609db8ca7a9ce79fd5768ab6ae46441c572e46cf596f59e57f8" +dependencies = [ + "anstyle", + "windows-sys 0.52.0", +] + +[[package]] +name = "anyhow" +version = "1.0.89" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "86fdf8605db99b54d3cd748a44c6d04df638eb5dafb219b135d0149bd0db01f6" + +[[package]] +name = "ark-ff" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b3235cc41ee7a12aaaf2c575a2ad7b46713a8a50bda2fc3b003a04845c05dd6" +dependencies = [ + "ark-ff-asm 0.3.0", + "ark-ff-macros 0.3.0", + "ark-serialize 0.3.0", + "ark-std 0.3.0", + "derivative", + "num-bigint", + "num-traits", + "paste", + "rustc_version 0.3.3", + "zeroize", +] + +[[package]] +name = "ark-ff" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec847af850f44ad29048935519032c33da8aa03340876d351dfab5660d2966ba" +dependencies = [ + "ark-ff-asm 0.4.2", + "ark-ff-macros 0.4.2", + "ark-serialize 0.4.2", + "ark-std 0.4.0", + "derivative", + "digest 0.10.7", + "itertools 0.10.5", + "num-bigint", + "num-traits", + "paste", + "rustc_version 0.4.1", + "zeroize", +] + +[[package]] +name = "ark-ff-asm" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db02d390bf6643fb404d3d22d31aee1c4bc4459600aef9113833d17e786c6e44" +dependencies = [ + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-ff-asm" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ed4aa4fe255d0bc6d79373f7e31d2ea147bcf486cba1be5ba7ea85abdb92348" +dependencies = [ + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-ff-macros" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db2fd794a08ccb318058009eefdf15bcaaaaf6f8161eb3345f907222bac38b20" +dependencies = [ + "num-bigint", + "num-traits", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-ff-macros" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7abe79b0e4288889c4574159ab790824d0033b9fdcb2a112a3182fac2e514565" +dependencies = [ + "num-bigint", + "num-traits", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-serialize" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d6c2b318ee6e10f8c2853e73a83adc0ccb88995aa978d8a3408d492ab2ee671" +dependencies = [ + "ark-std 0.3.0", + "digest 0.9.0", +] + +[[package]] +name = "ark-serialize" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "adb7b85a02b83d2f22f89bd5cac66c9c89474240cb6207cb1efc16d098e822a5" +dependencies = [ + "ark-std 0.4.0", + "digest 0.10.7", + "num-bigint", +] + +[[package]] +name = "ark-std" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1df2c09229cbc5a028b1d70e00fdb2acee28b1055dfb5ca73eea49c5a25c4e7c" +dependencies = [ + "num-traits", + "rand", +] + +[[package]] +name = "ark-std" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94893f1e0c6eeab764ade8dc4c0db24caf4fe7cbbaafc0eba0a9030f447b5185" +dependencies = [ + "num-traits", + "rand", +] + +[[package]] +name = "arrayref" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "76a2e8124351fda1ef8aaaa3bbd7ebbcb486bbcd4225aca0aa0d84bb2db8fecb" + +[[package]] +name = "arrayvec" +version = "0.4.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cd9fd44efafa8690358b7408d253adf110036b88f55672a933f01d616ad9b1b9" +dependencies = [ + "nodrop", +] + +[[package]] +name = "arrayvec" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7c02d123df017efcdfbd739ef81735b36c5ba83ec3c59c80a9d7ecc718f92e50" + +[[package]] +name = "async-channel" +version = "2.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "89b47800b0be77592da0afd425cc03468052844aff33b84e33cc696f64e77b6a" +dependencies = [ + "concurrent-queue", + "event-listener-strategy", + "futures-core", + "pin-project-lite", +] + +[[package]] +name = "async-executor" +version = "1.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "30ca9a001c1e8ba5149f91a74362376cc6bc5b919d92d988668657bd570bdcec" +dependencies = [ + "async-task", + "concurrent-queue", + "fastrand", + "futures-lite", + "slab", +] + +[[package]] +name = "async-fs" +version = "2.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebcd09b382f40fcd159c2d695175b2ae620ffa5f3bd6f664131efff4e8b9e04a" +dependencies = [ + "async-lock", + "blocking", + "futures-lite", +] + +[[package]] +name = "async-io" +version = "2.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "444b0228950ee6501b3568d3c93bf1176a1fdbc3b758dcd9475046d30f4dc7e8" +dependencies = [ + "async-lock", + "cfg-if", + "concurrent-queue", + "futures-io", + "futures-lite", + "parking", + "polling", + "rustix", + "slab", + "tracing", + "windows-sys 0.59.0", +] + +[[package]] +name = "async-lock" +version = "3.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff6e472cdea888a4bd64f342f09b3f50e1886d32afe8df3d663c01140b811b18" +dependencies = [ + "event-listener 5.3.1", + "event-listener-strategy", + "pin-project-lite", +] + +[[package]] +name = "async-net" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b948000fad4873c1c9339d60f2623323a0cfd3816e5181033c6a5cb68b2accf7" +dependencies = [ + "async-io", + "blocking", + "futures-lite", +] + +[[package]] +name = "async-process" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "63255f1dc2381611000436537bbedfe83183faa303a5a0edaf191edef06526bb" +dependencies = [ + "async-channel", + "async-io", + "async-lock", + "async-signal", + "async-task", + "blocking", + "cfg-if", + "event-listener 5.3.1", + "futures-lite", + "rustix", + "tracing", +] + +[[package]] +name = "async-signal" +version = "0.2.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "637e00349800c0bdf8bfc21ebbc0b6524abea702b0da4168ac00d070d0c0b9f3" +dependencies = [ + "async-io", + "async-lock", + "atomic-waker", + "cfg-if", + "futures-core", + "futures-io", + "rustix", + "signal-hook-registry", + "slab", + "windows-sys 0.59.0", +] + +[[package]] +name = "async-stream" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b5a71a6f37880a80d1d7f19efd781e4b5de42c88f0722cc13bcb6cc2cfe8476" +dependencies = [ + "async-stream-impl", + "futures-core", + "pin-project-lite", +] + +[[package]] +name = "async-stream-impl" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c7c24de15d275a1ecfd47a380fb4d5ec9bfe0933f309ed5e705b775596a3574d" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "async-task" +version = "4.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b75356056920673b02621b35afd0f7dda9306d03c79a30f5c56c44cf256e3de" + +[[package]] +name = "async-trait" +version = "0.1.83" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "721cae7de5c34fbb2acd27e21e6d2cf7b886dce0c27388d46c4e6c47ea4318dd" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "atomic-take" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8ab6b55fe97976e46f91ddbed8d147d966475dc29b2032757ba47e02376fbc3" + +[[package]] +name = "atomic-waker" +version = "1.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0" + +[[package]] +name = "auto_impl" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c87f3f15e7794432337fc718554eaa4dc8f04c9677a950ffe366f20a162ae42" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "autocfg" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26" + +[[package]] +name = "backtrace" +version = "0.3.74" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d82cb332cdfaed17ae235a638438ac4d4839913cc2af585c3c6746e8f8bee1a" +dependencies = [ + "addr2line", + "cfg-if", + "libc", + "miniz_oxide", + "object", + "rustc-demangle", + "windows-targets", +] + +[[package]] +name = "base16ct" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c7f02d4ea65f2c1853089ffd8d2787bdbc63de2f0d29dedbcf8ccdfa0ccd4cf" + +[[package]] +name = "base58" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6107fe1be6682a68940da878d9e9f5e90ca5745b3dec9fd1bb393c8777d4f581" + +[[package]] +name = "base64" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" + +[[package]] +name = "base64" +version = "0.21.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" + +[[package]] +name = "base64" +version = "0.22.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" + +[[package]] +name = "base64ct" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" + +[[package]] +name = "beef" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3a8241f3ebb85c056b509d4327ad0358fbbba6ffb340bf388f26350aeda225b1" +dependencies = [ + "serde", +] + +[[package]] +name = "bip39" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93f2635620bf0b9d4576eb7bb9a38a55df78bd1205d26fa994b25911a69f212f" +dependencies = [ + "bitcoin_hashes", +] + +[[package]] +name = "bit-set" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0700ddab506f33b20a03b13996eccd309a48e5ff77d0d95926aa0210fb4e95f1" +dependencies = [ + "bit-vec", +] + +[[package]] +name = "bit-vec" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "349f9b6a179ed607305526ca489b34ad0a41aed5f7980fa90eb03160b69598fb" + +[[package]] +name = "bitcoin_hashes" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "90064b8dee6815a6470d60bad07bbbaee885c0e12d04177138fa3291a01b7bc4" + +[[package]] +name = "bitflags" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de" + +[[package]] +name = "bitvec" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bc2832c24239b0141d5674bb9174f9d68a8b5b3f2753311927c172ca46f7e9c" +dependencies = [ + "funty", + "radium", + "tap", + "wyz", +] + +[[package]] +name = "blake2" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe" +dependencies = [ + "digest 0.10.7", +] + +[[package]] +name = "blake2-rfc" +version = "0.2.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5d6d530bdd2d52966a6d03b7a964add7ae1a288d25214066fd4b600f0f796400" +dependencies = [ + "arrayvec 0.4.12", + "constant_time_eq 0.1.5", +] + +[[package]] +name = "blake2b_simd" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23285ad32269793932e830392f2fe2f83e26488fd3ec778883a93c8323735780" +dependencies = [ + "arrayref", + "arrayvec 0.7.6", + "constant_time_eq 0.3.1", +] + +[[package]] +name = "block-buffer" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" +dependencies = [ + "generic-array", +] + +[[package]] +name = "block-buffer" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" +dependencies = [ + "generic-array", +] + +[[package]] +name = "blocking" +version = "1.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "703f41c54fc768e63e091340b424302bb1c29ef4aa0c7f10fe849dfb114d29ea" +dependencies = [ + "async-channel", + "async-task", + "futures-io", + "futures-lite", + "piper", +] + +[[package]] +name = "blst" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4378725facc195f1a538864863f6de233b500a8862747e7f165078a419d5e874" +dependencies = [ + "cc", + "glob", + "threadpool", + "zeroize", +] + +[[package]] +name = "bs58" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf88ba1141d185c399bee5288d850d63b8369520c1eafc32a0430b5b6c287bf4" +dependencies = [ + "tinyvec", +] + +[[package]] +name = "bumpalo" +version = "3.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79296716171880943b8470b5f8d03aa55eb2e645a4874bdbb28adb49162e012c" + +[[package]] +name = "byte-slice-cast" +version = "1.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3ac9f8b63eca6fd385229b3675f6cc0dc5c8a5c8a54a59d4f52ffd670d87b0c" + +[[package]] +name = "byteorder" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" + +[[package]] +name = "bytes" +version = "1.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "428d9aa8fbc0670b7b8d6030a7fadd0f86151cae55e4dbbece15f3780a3dfaf3" +dependencies = [ + "serde", +] + +[[package]] +name = "c-kzg" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0307f72feab3300336fb803a57134159f6e20139af1357f36c54cb90d8e8928" +dependencies = [ + "blst", + "cc", + "glob", + "hex", + "libc", + "once_cell", + "serde", +] + +[[package]] +name = "cc" +version = "1.1.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "812acba72f0a070b003d3697490d2b55b837230ae7c6c6497f05cc2ddbb8d938" +dependencies = [ + "shlex", +] + +[[package]] +name = "cesu8" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d43a04d8753f35258c91f8ec639f792891f748a1edbd759cf1dcea3382ad83c" + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "cfg_aliases" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724" + +[[package]] +name = "chacha20" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3613f74bd2eac03dad61bd53dbe620703d4371614fe0bc3b9f04dd36fe4e818" +dependencies = [ + "cfg-if", + "cipher", + "cpufeatures", +] + +[[package]] +name = "cipher" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad" +dependencies = [ + "crypto-common", + "inout", +] + +[[package]] +name = "clap" +version = "4.5.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b97f376d85a664d5837dbae44bf546e6477a679ff6610010f17276f686d867e8" +dependencies = [ + "clap_builder", + "clap_derive", +] + +[[package]] +name = "clap_builder" +version = "4.5.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19bc80abd44e4bed93ca373a0704ccbd1b710dc5749406201bb018272808dc54" +dependencies = [ + "anstream", + "anstyle", + "clap_lex", + "strsim 0.11.1", +] + +[[package]] +name = "clap_derive" +version = "4.5.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ac6a0c7b1a9e9a5186361f67dfa1b88213572f427fb9ab038efb2bd8c582dab" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "clap_lex" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1462739cb27611015575c0c11df5df7601141071f07518d56fcc1be504cbec97" + +[[package]] +name = "colorchoice" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3fd119d74b830634cea2a0f58bbd0d54540518a14397557951e79340abc28c0" + +[[package]] +name = "combine" +version = "4.6.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba5a308b75df32fe02788e748662718f03fde005016435c444eea572398219fd" +dependencies = [ + "bytes", + "memchr", +] + +[[package]] +name = "concurrent-queue" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ca0197aee26d1ae37445ee532fefce43251d24cc7c166799f4d46817f1d3973" +dependencies = [ + "crossbeam-utils", +] + +[[package]] +name = "const-hex" +version = "1.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0121754e84117e65f9d90648ee6aa4882a6e63110307ab73967a4c5e7e69e586" +dependencies = [ + "cfg-if", + "cpufeatures", + "hex", + "proptest", + "serde", +] + +[[package]] +name = "const-oid" +version = "0.9.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" + +[[package]] +name = "constant_time_eq" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc" + +[[package]] +name = "constant_time_eq" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7c74b8349d32d297c9134b8c88677813a227df8f779daa29bfc29c183fe3dca6" + +[[package]] +name = "convert_case" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6245d59a3e82a7fc217c5828a6692dbc6dfb63a0c8c90495621f7b9d79704a0e" + +[[package]] +name = "core-foundation" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "91e195e091a93c46f7102ec7818a2aa394e1e1771c3ab4825963fa03e45afb8f" +dependencies = [ + "core-foundation-sys", + "libc", +] + +[[package]] +name = "core-foundation-sys" +version = "0.8.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b" + +[[package]] +name = "cpufeatures" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "608697df725056feaccfa42cffdaeeec3fccc4ffc38358ecd19b243e716a78e0" +dependencies = [ + "libc", +] + +[[package]] +name = "crossbeam-queue" +version = "0.3.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df0346b5d5e76ac2fe4e327c5fd1118d6be7c51dfb18f9b7922923f287471e35" +dependencies = [ + "crossbeam-utils", +] + +[[package]] +name = "crossbeam-utils" +version = "0.8.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "22ec99545bb0ed0ea7bb9b8e1e9122ea386ff8a48c0922e43f36d45ab09e0e80" + +[[package]] +name = "crunchy" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7" + +[[package]] +name = "crypto-bigint" +version = "0.5.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0dc92fb57ca44df6db8059111ab3af99a63d5d0f8375d9972e319a379c6bab76" +dependencies = [ + "generic-array", + "rand_core", + "subtle", + "zeroize", +] + +[[package]] +name = "crypto-common" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +dependencies = [ + "generic-array", + "rand_core", + "typenum", +] + +[[package]] +name = "crypto-mac" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b584a330336237c1eecd3e94266efb216c56ed91225d634cb2991c5f3fd1aeab" +dependencies = [ + "generic-array", + "subtle", +] + +[[package]] +name = "curve25519-dalek" +version = "4.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97fb8b7c4503de7d6ae7b42ab72a5a59857b4c937ec27a3d4539dba95b5ab2be" +dependencies = [ + "cfg-if", + "cpufeatures", + "curve25519-dalek-derive", + "digest 0.10.7", + "fiat-crypto", + "rustc_version 0.4.1", + "subtle", + "zeroize", +] + +[[package]] +name = "curve25519-dalek-derive" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "darling" +version = "0.14.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7b750cb3417fd1b327431a470f388520309479ab0bf5e323505daf0290cd3850" +dependencies = [ + "darling_core 0.14.4", + "darling_macro 0.14.4", +] + +[[package]] +name = "darling" +version = "0.20.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6f63b86c8a8826a49b8c21f08a2d07338eec8d900540f8630dc76284be802989" +dependencies = [ + "darling_core 0.20.10", + "darling_macro 0.20.10", +] + +[[package]] +name = "darling_core" +version = "0.14.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "109c1ca6e6b7f82cc233a97004ea8ed7ca123a9af07a8230878fcfda9b158bf0" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim 0.10.0", + "syn 1.0.109", +] + +[[package]] +name = "darling_core" +version = "0.20.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95133861a8032aaea082871032f5815eb9e98cef03fa916ab4500513994df9e5" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim 0.11.1", + "syn 2.0.79", +] + +[[package]] +name = "darling_macro" +version = "0.14.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4aab4dbc9f7611d8b55048a3a16d2d010c2c8334e46304b40ac1cc14bf3b48e" +dependencies = [ + "darling_core 0.14.4", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "darling_macro" +version = "0.20.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d336a2a514f6ccccaa3e09b02d41d35330c07ddf03a62165fcec10bb561c7806" +dependencies = [ + "darling_core 0.20.10", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "dashmap" +version = "6.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5041cc499144891f3790297212f32a74fb938e5136a14943f338ef9e0ae276cf" +dependencies = [ + "cfg-if", + "crossbeam-utils", + "hashbrown 0.14.5", + "lock_api", + "once_cell", + "parking_lot_core", +] + +[[package]] +name = "der" +version = "0.7.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f55bf8e7b65898637379c1b74eb1551107c8294ed26d855ceb9fd1a09cfc9bc0" +dependencies = [ + "const-oid", + "zeroize", +] + +[[package]] +name = "derivative" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "derive-where" +version = "1.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62d671cc41a825ebabc75757b62d3d168c577f9149b2d49ece1dad1f72119d25" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "derive_more" +version = "0.99.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f33878137e4dafd7fa914ad4e259e18a4e8e532b9617a2d0150262bf53abfce" +dependencies = [ + "convert_case", + "proc-macro2", + "quote", + "rustc_version 0.4.1", + "syn 2.0.79", +] + +[[package]] +name = "derive_more" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4a9b99b9cbbe49445b21764dc0625032a89b145a2642e67603e1c936f5458d05" +dependencies = [ + "derive_more-impl", +] + +[[package]] +name = "derive_more-impl" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb7330aeadfbe296029522e6c40f315320aba36fc43a5b3632f3795348f3bd22" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", + "unicode-xid", +] + +[[package]] +name = "digest" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" +dependencies = [ + "generic-array", +] + +[[package]] +name = "digest" +version = "0.10.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" +dependencies = [ + "block-buffer 0.10.4", + "const-oid", + "crypto-common", + "subtle", +] + +[[package]] +name = "downcast-rs" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75b325c5dbd37f80359721ad39aca5a29fb04c89279657cffdda8736d0c0b9d2" + +[[package]] +name = "dunce" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813" + +[[package]] +name = "ecdsa" +version = "0.16.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee27f32b5c5292967d2d4a9d7f1e0b0aed2c15daded5a60300e4abb9d8020bca" +dependencies = [ + "der", + "digest 0.10.7", + "elliptic-curve", + "rfc6979", + "signature", + "spki", +] + +[[package]] +name = "ed25519" +version = "2.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "115531babc129696a58c64a4fef0a8bf9e9698629fb97e9e40767d235cfbcd53" +dependencies = [ + "signature", +] + +[[package]] +name = "ed25519-zebra" +version = "4.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d9ce6874da5d4415896cd45ffbc4d1cfc0c4f9c079427bd870742c30f2f65a9" +dependencies = [ + "curve25519-dalek", + "ed25519", + "hashbrown 0.14.5", + "hex", + "rand_core", + "sha2 0.10.8", + "zeroize", +] + +[[package]] +name = "either" +version = "1.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "60b1af1c220855b6ceac025d3f6ecdd2b7c4894bfe9cd9bda4fbb4bc7c0d4cf0" + +[[package]] +name = "elliptic-curve" +version = "0.13.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b5e6043086bf7973472e0c7dff2142ea0b680d30e18d9cc40f267efbf222bd47" +dependencies = [ + "base16ct", + "crypto-bigint", + "digest 0.10.7", + "ff", + "generic-array", + "group", + "pkcs8", + "rand_core", + "sec1", + "subtle", + "zeroize", +] + +[[package]] +name = "env_filter" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4f2c92ceda6ceec50f43169f9ee8424fe2db276791afde7b2cd8bc084cb376ab" +dependencies = [ + "log", + "regex", +] + +[[package]] +name = "env_logger" +version = "0.11.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e13fa619b91fb2381732789fc5de83b45675e882f66623b7d8cb4f643017018d" +dependencies = [ + "anstream", + "anstyle", + "env_filter", + "humantime", + "log", +] + +[[package]] +name = "equivalent" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" + +[[package]] +name = "errno" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "534c5cf6194dfab3db3242765c03bbe257cf92f22b38f6bc0c58d59108a820ba" +dependencies = [ + "libc", + "windows-sys 0.52.0", +] + +[[package]] +name = "event-listener" +version = "4.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "67b215c49b2b248c855fb73579eb1f4f26c38ffdc12973e20e07b91d78d5646e" +dependencies = [ + "concurrent-queue", + "pin-project-lite", +] + +[[package]] +name = "event-listener" +version = "5.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6032be9bd27023a771701cc49f9f053c751055f71efb2e0ae5c15809093675ba" +dependencies = [ + "concurrent-queue", + "parking", + "pin-project-lite", +] + +[[package]] +name = "event-listener-strategy" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0f214dc438f977e6d4e3500aaa277f5ad94ca83fbbd9b1a15713ce2344ccc5a1" +dependencies = [ + "event-listener 5.3.1", + "pin-project-lite", +] + +[[package]] +name = "executor-core" +version = "0.1.0" +dependencies = [ + "async-trait", + "log", + "parity-scale-codec", + "tokio", +] + +[[package]] +name = "executor-worker" +version = "0.1.0" +dependencies = [ + "clap", + "env_logger", + "executor-core", + "hex", + "intention-executor", + "log", + "parentchain-listener", + "scale-encode", + "serde_json", + "tokio", +] + +[[package]] +name = "fastrand" +version = "2.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8c02a5121d4ea3eb16a80748c74f5549a5665e4c21333c6098f283870fbdea6" + +[[package]] +name = "fastrlp" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "139834ddba373bbdd213dffe02c8d110508dcf1726c2be27e8d1f7d7e1856418" +dependencies = [ + "arrayvec 0.7.6", + "auto_impl", + "bytes", +] + +[[package]] +name = "ff" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449" +dependencies = [ + "rand_core", + "subtle", +] + +[[package]] +name = "fiat-crypto" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "28dea519a9695b9977216879a3ebfddf92f1c08c05d984f8996aecd6ecdc811d" + +[[package]] +name = "finito" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2384245d85162258a14b43567a9ee3598f5ae746a1581fb5d3d2cb780f0dbf95" +dependencies = [ + "futures-timer", + "pin-project", +] + +[[package]] +name = "fixed-hash" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "835c052cb0c08c1acf6ffd71c022172e18723949c8282f2b9f27efbc51e64534" +dependencies = [ + "byteorder", + "rand", + "rustc-hex", + "static_assertions", +] + +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + +[[package]] +name = "foreign-types" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" +dependencies = [ + "foreign-types-shared", +] + +[[package]] +name = "foreign-types-shared" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" + +[[package]] +name = "form_urlencoded" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e13624c2627564efccf4934284bdd98cbaa14e79b0b5a141218e507b3a823456" +dependencies = [ + "percent-encoding", +] + +[[package]] +name = "frame-metadata" +version = "15.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "878babb0b136e731cc77ec2fd883ff02745ff21e6fb662729953d44923df009c" +dependencies = [ + "cfg-if", + "parity-scale-codec", + "scale-info", +] + +[[package]] +name = "frame-metadata" +version = "16.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87cf1549fba25a6fcac22785b61698317d958e96cac72a59102ea45b9ae64692" +dependencies = [ + "cfg-if", + "parity-scale-codec", + "scale-info", + "serde", +] + +[[package]] +name = "funty" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6d5a32815ae3f33302d95fdcb2ce17862f8c65363dcfd29360480ba1001fc9c" + +[[package]] +name = "futures" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "645c6916888f6cb6350d2550b80fb63e734897a8498abe35cfb732b6487804b0" +dependencies = [ + "futures-channel", + "futures-core", + "futures-executor", + "futures-io", + "futures-sink", + "futures-task", + "futures-util", +] + +[[package]] +name = "futures-channel" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eac8f7d7865dcb88bd4373ab671c8cf4508703796caa2b1985a9ca867b3fcb78" +dependencies = [ + "futures-core", + "futures-sink", +] + +[[package]] +name = "futures-core" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dfc6580bb841c5a68e9ef15c77ccc837b40a7504914d52e47b8b0e9bbda25a1d" + +[[package]] +name = "futures-executor" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a576fc72ae164fca6b9db127eaa9a9dda0d61316034f33a0a0d4eda41f02b01d" +dependencies = [ + "futures-core", + "futures-task", + "futures-util", +] + +[[package]] +name = "futures-io" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a44623e20b9681a318efdd71c299b6b222ed6f231972bfe2f224ebad6311f0c1" + +[[package]] +name = "futures-lite" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "52527eb5074e35e9339c6b4e8d12600c7128b68fb25dcb9fa9dec18f7c25f3a5" +dependencies = [ + "fastrand", + "futures-core", + "futures-io", + "parking", + "pin-project-lite", +] + +[[package]] +name = "futures-macro" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "futures-sink" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9fb8e00e87438d937621c1c6269e53f536c14d3fbd6a042bb24879e57d474fb5" + +[[package]] +name = "futures-task" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38d84fa142264698cdce1a9f9172cf383a0c82de1bddcf3092901442c4097004" + +[[package]] +name = "futures-timer" +version = "3.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f288b0a4f20f9a56b5d1da57e2227c661b7b16168e2f72365f57b63326e29b24" + +[[package]] +name = "futures-util" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3d6401deb83407ab3da39eba7e33987a73c3df0c82b4bb5813ee871c19c41d48" +dependencies = [ + "futures-channel", + "futures-core", + "futures-io", + "futures-macro", + "futures-sink", + "futures-task", + "memchr", + "pin-project-lite", + "pin-utils", + "slab", +] + +[[package]] +name = "futures-utils-wasm" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42012b0f064e01aa58b545fe3727f90f7dd4020f4a3ea735b50344965f5a57e9" + +[[package]] +name = "generic-array" +version = "0.14.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" +dependencies = [ + "typenum", + "version_check", + "zeroize", +] + +[[package]] +name = "getrandom" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7" +dependencies = [ + "cfg-if", + "libc", + "wasi", +] + +[[package]] +name = "getrandom_or_panic" +version = "0.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ea1015b5a70616b688dc230cfe50c8af89d972cb132d5a622814d29773b10b9" +dependencies = [ + "rand_core", +] + +[[package]] +name = "gimli" +version = "0.31.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32085ea23f3234fc7846555e85283ba4de91e21016dc0455a16286d87a292d64" + +[[package]] +name = "glob" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" + +[[package]] +name = "group" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" +dependencies = [ + "ff", + "rand_core", + "subtle", +] + +[[package]] +name = "h2" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "81fe527a889e1532da5c525686d96d4c2e74cdd345badf8dfef9f6b39dd5f5e8" +dependencies = [ + "bytes", + "fnv", + "futures-core", + "futures-sink", + "futures-util", + "http 0.2.12", + "indexmap", + "slab", + "tokio", + "tokio-util", + "tracing", +] + +[[package]] +name = "hashbrown" +version = "0.14.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1" +dependencies = [ + "ahash", + "allocator-api2", + "serde", +] + +[[package]] +name = "hashbrown" +version = "0.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e087f84d4f86bf4b218b927129862374b72199ae7d8657835f1e89000eea4fb" + +[[package]] +name = "heck" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" + +[[package]] +name = "hermit-abi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d231dfb89cfffdbc30e7fc41579ed6066ad03abda9e567ccafae602b97ec5024" + +[[package]] +name = "hermit-abi" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fbf6a919d6cf397374f7dfeeea91d974c7c0a7221d0d0f4f20d859d329e53fcc" + +[[package]] +name = "hex" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" +dependencies = [ + "serde", +] + +[[package]] +name = "hex-literal" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6fe2267d4ed49bc07b63801559be28c718ea06c4738b7a03c94df7386d2cde46" + +[[package]] +name = "hmac" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "126888268dcc288495a26bf004b38c5fdbb31682f992c84ceb046a1f0fe38840" +dependencies = [ + "crypto-mac", + "digest 0.9.0", +] + +[[package]] +name = "hmac" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" +dependencies = [ + "digest 0.10.7", +] + +[[package]] +name = "hmac-drbg" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17ea0a1394df5b6574da6e0c1ade9e78868c9fb0a4e5ef4428e32da4676b85b1" +dependencies = [ + "digest 0.9.0", + "generic-array", + "hmac 0.8.1", +] + +[[package]] +name = "http" +version = "0.2.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "601cbb57e577e2f5ef5be8e7b83f0f63994f25aa94d673e54a92d5c516d101f1" +dependencies = [ + "bytes", + "fnv", + "itoa", +] + +[[package]] +name = "http" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "21b9ddb458710bc376481b842f5da65cdf31522de232c1ca8146abce2a358258" +dependencies = [ + "bytes", + "fnv", + "itoa", +] + +[[package]] +name = "http-body" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ceab25649e9960c0311ea418d17bee82c0dcec1bd053b5f9a66e265a693bed2" +dependencies = [ + "bytes", + "http 0.2.12", + "pin-project-lite", +] + +[[package]] +name = "http-body" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1efedce1fb8e6913f23e0c92de8e62cd5b772a67e7b3946df930a62566c93184" +dependencies = [ + "bytes", + "http 1.1.0", +] + +[[package]] +name = "http-body-util" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "793429d76616a256bcb62c2a2ec2bed781c8307e797e2598c50010f2bee2544f" +dependencies = [ + "bytes", + "futures-util", + "http 1.1.0", + "http-body 1.0.1", + "pin-project-lite", +] + +[[package]] +name = "httparse" +version = "1.9.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d71d3574edd2771538b901e6549113b4006ece66150fb69c0fb6d9a2adae946" + +[[package]] +name = "httpdate" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" + +[[package]] +name = "humantime" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" + +[[package]] +name = "hyper" +version = "0.14.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a152ddd61dfaec7273fe8419ab357f33aee0d914c5f4efbf0d96fa749eea5ec9" +dependencies = [ + "bytes", + "futures-channel", + "futures-core", + "futures-util", + "h2", + "http 0.2.12", + "http-body 0.4.6", + "httparse", + "httpdate", + "itoa", + "pin-project-lite", + "socket2", + "tokio", + "tower-service", + "tracing", + "want", +] + +[[package]] +name = "hyper" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50dfd22e0e76d0f662d429a5f80fcaf3855009297eab6a0a9f8543834744ba05" +dependencies = [ + "bytes", + "futures-channel", + "futures-util", + "http 1.1.0", + "http-body 1.0.1", + "httparse", + "itoa", + "pin-project-lite", + "smallvec", + "tokio", + "want", +] + +[[package]] +name = "hyper-rustls" +version = "0.24.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec3efd23720e2049821a693cbc7e65ea87c72f1c58ff2f9522ff332b1491e590" +dependencies = [ + "futures-util", + "http 0.2.12", + "hyper 0.14.30", + "log", + "rustls 0.21.12", + "rustls-native-certs 0.6.3", + "tokio", + "tokio-rustls 0.24.1", +] + +[[package]] +name = "hyper-tls" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70206fc6890eaca9fde8a0bf71caa2ddfc9fe045ac9e5c70df101a7dbde866e0" +dependencies = [ + "bytes", + "http-body-util", + "hyper 1.4.1", + "hyper-util", + "native-tls", + "tokio", + "tokio-native-tls", + "tower-service", +] + +[[package]] +name = "hyper-util" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41296eb09f183ac68eec06e03cdbea2e759633d4067b2f6552fc2e009bcad08b" +dependencies = [ + "bytes", + "futures-channel", + "futures-util", + "http 1.1.0", + "http-body 1.0.1", + "hyper 1.4.1", + "pin-project-lite", + "socket2", + "tokio", + "tower-service", + "tracing", +] + +[[package]] +name = "ident_case" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39" + +[[package]] +name = "idna" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "634d9b1461af396cad843f47fdba5597a4f9e6ddd4bfb6ff5d85028c25cb12f6" +dependencies = [ + "unicode-bidi", + "unicode-normalization", +] + +[[package]] +name = "impl-codec" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba6a270039626615617f3f36d15fc827041df3b78c439da2cadfa47455a77f2f" +dependencies = [ + "parity-scale-codec", +] + +[[package]] +name = "impl-serde" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebc88fc67028ae3db0c853baa36269d398d5f45b6982f95549ff5def78c935cd" +dependencies = [ + "serde", +] + +[[package]] +name = "impl-trait-for-tuples" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11d7a9f6330b71fea57921c9b61c47ee6e84f72d394754eff6163ae67e7395eb" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "indexmap" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "707907fe3c25f5424cce2cb7e1cbcafee6bdbe735ca90ef77c29e84591e5b9da" +dependencies = [ + "equivalent", + "hashbrown 0.15.0", + "serde", +] + +[[package]] +name = "indexmap-nostd" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e04e2fd2b8188ea827b32ef11de88377086d690286ab35747ef7f9bf3ccb590" + +[[package]] +name = "inout" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" +dependencies = [ + "generic-array", +] + +[[package]] +name = "instant" +version = "0.1.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e0242819d153cba4b4b05a5a8f2a7e9bbf97b6055b2a002b395c96b5ff3c0222" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "intention-executor" +version = "0.1.0" +dependencies = [ + "alloy", + "async-trait", + "executor-core", + "log", +] + +[[package]] +name = "ipnet" +version = "2.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "187674a687eed5fe42285b40c6291f9a01517d415fad1c3cbc6a9f778af7fcd4" + +[[package]] +name = "is_terminal_polyfill" +version = "1.70.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf" + +[[package]] +name = "itertools" +version = "0.10.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0fd2260e829bddf4cb6ea802289de2f86d6a7a690192fbe91b3f46e0f2c8473" +dependencies = [ + "either", +] + +[[package]] +name = "itertools" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba291022dbbd398a455acf126c1e341954079855bc60dfdda641363bd6922569" +dependencies = [ + "either", +] + +[[package]] +name = "itertools" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "413ee7dfc52ee1a4949ceeb7dbc8a33f2d6c088194d9f922fb8318faf1f01186" +dependencies = [ + "either", +] + +[[package]] +name = "itoa" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b" + +[[package]] +name = "jni" +version = "0.19.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c6df18c2e3db7e453d3c6ac5b3e9d5182664d28788126d39b91f2d1e22b017ec" +dependencies = [ + "cesu8", + "combine", + "jni-sys", + "log", + "thiserror", + "walkdir", +] + +[[package]] +name = "jni-sys" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8eaf4bc02d17cbdd7ff4c7438cafcdf7fb9a4613313ad11b4f8fefe7d3fa0130" + +[[package]] +name = "js-sys" +version = "0.3.70" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1868808506b929d7b0cfa8f75951347aa71bb21144b7791bae35d9bccfcfe37a" +dependencies = [ + "wasm-bindgen", +] + +[[package]] +name = "jsonrpsee" +version = "0.22.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cfdb12a2381ea5b2e68c3469ec604a007b367778cdb14d09612c8069ebd616ad" +dependencies = [ + "jsonrpsee-client-transport 0.22.5", + "jsonrpsee-core 0.22.5", + "jsonrpsee-http-client", + "jsonrpsee-types 0.22.5", +] + +[[package]] +name = "jsonrpsee" +version = "0.23.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62b089779ad7f80768693755a031cc14a7766aba707cbe886674e3f79e9b7e47" +dependencies = [ + "jsonrpsee-core 0.23.2", + "jsonrpsee-types 0.23.2", + "jsonrpsee-ws-client", +] + +[[package]] +name = "jsonrpsee-client-transport" +version = "0.22.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4978087a58c3ab02efc5b07c5e5e2803024536106fd5506f558db172c889b3aa" +dependencies = [ + "futures-util", + "http 0.2.12", + "jsonrpsee-core 0.22.5", + "pin-project", + "rustls-native-certs 0.7.3", + "rustls-pki-types", + "soketto 0.7.1", + "thiserror", + "tokio", + "tokio-rustls 0.25.0", + "tokio-util", + "tracing", + "url", +] + +[[package]] +name = "jsonrpsee-client-transport" +version = "0.23.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08163edd8bcc466c33d79e10f695cdc98c00d1e6ddfb95cec41b6b0279dd5432" +dependencies = [ + "base64 0.22.1", + "futures-util", + "http 1.1.0", + "jsonrpsee-core 0.23.2", + "pin-project", + "rustls 0.23.13", + "rustls-pki-types", + "rustls-platform-verifier", + "soketto 0.8.0", + "thiserror", + "tokio", + "tokio-rustls 0.26.0", + "tokio-util", + "tracing", + "url", +] + +[[package]] +name = "jsonrpsee-core" +version = "0.22.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b4b257e1ec385e07b0255dde0b933f948b5c8b8c28d42afda9587c3a967b896d" +dependencies = [ + "anyhow", + "async-trait", + "beef", + "futures-timer", + "futures-util", + "hyper 0.14.30", + "jsonrpsee-types 0.22.5", + "pin-project", + "rustc-hash 1.1.0", + "serde", + "serde_json", + "thiserror", + "tokio", + "tokio-stream", + "tracing", +] + +[[package]] +name = "jsonrpsee-core" +version = "0.23.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79712302e737d23ca0daa178e752c9334846b08321d439fd89af9a384f8c830b" +dependencies = [ + "anyhow", + "async-trait", + "beef", + "futures-timer", + "futures-util", + "jsonrpsee-types 0.23.2", + "pin-project", + "rustc-hash 1.1.0", + "serde", + "serde_json", + "thiserror", + "tokio", + "tokio-stream", + "tracing", +] + +[[package]] +name = "jsonrpsee-http-client" +version = "0.22.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ccf93fc4a0bfe05d851d37d7c32b7f370fe94336b52a2f0efc5f1981895c2e5" +dependencies = [ + "async-trait", + "hyper 0.14.30", + "hyper-rustls", + "jsonrpsee-core 0.22.5", + "jsonrpsee-types 0.22.5", + "serde", + "serde_json", + "thiserror", + "tokio", + "tower 0.4.13", + "tracing", + "url", +] + +[[package]] +name = "jsonrpsee-types" +version = "0.22.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "150d6168405890a7a3231a3c74843f58b8959471f6df76078db2619ddee1d07d" +dependencies = [ + "anyhow", + "beef", + "serde", + "serde_json", + "thiserror", +] + +[[package]] +name = "jsonrpsee-types" +version = "0.23.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9c465fbe385238e861fdc4d1c85e04ada6c1fd246161d26385c1b311724d2af" +dependencies = [ + "beef", + "http 1.1.0", + "serde", + "serde_json", + "thiserror", +] + +[[package]] +name = "jsonrpsee-ws-client" +version = "0.23.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c28759775f5cb2f1ea9667672d3fe2b0e701d1f4b7b67954e60afe7fd058b5e" +dependencies = [ + "http 1.1.0", + "jsonrpsee-client-transport 0.23.2", + "jsonrpsee-core 0.23.2", + "jsonrpsee-types 0.23.2", + "url", +] + +[[package]] +name = "k256" +version = "0.13.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6e3919bbaa2945715f0bb6d3934a173d1e9a59ac23767fbaaef277265a7411b" +dependencies = [ + "cfg-if", + "ecdsa", + "elliptic-curve", + "once_cell", + "sha2 0.10.8", +] + +[[package]] +name = "keccak" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ecc2af9a1119c51f12a14607e783cb977bde58bc069ff0c3da1095e635d70654" +dependencies = [ + "cpufeatures", +] + +[[package]] +name = "keccak-asm" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "505d1856a39b200489082f90d897c3f07c455563880bc5952e38eabf731c83b6" +dependencies = [ + "digest 0.10.7", + "sha3-asm", +] + +[[package]] +name = "lazy_static" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" + +[[package]] +name = "libc" +version = "0.2.159" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "561d97a539a36e26a9a5fad1ea11a3039a67714694aaa379433e580854bc3dc5" + +[[package]] +name = "libm" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ec2a862134d2a7d32d7983ddcdd1c4923530833c9f2ea1a44fc5fa473989058" + +[[package]] +name = "libsecp256k1" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95b09eff1b35ed3b33b877ced3a691fc7a481919c7e29c53c906226fcf55e2a1" +dependencies = [ + "arrayref", + "base64 0.13.1", + "digest 0.9.0", + "hmac-drbg", + "libsecp256k1-core", + "libsecp256k1-gen-ecmult", + "libsecp256k1-gen-genmult", + "rand", + "serde", + "sha2 0.9.9", + "typenum", +] + +[[package]] +name = "libsecp256k1-core" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5be9b9bb642d8522a44d533eab56c16c738301965504753b03ad1de3425d5451" +dependencies = [ + "crunchy", + "digest 0.9.0", + "subtle", +] + +[[package]] +name = "libsecp256k1-gen-ecmult" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3038c808c55c87e8a172643a7d87187fc6c4174468159cb3090659d55bcb4809" +dependencies = [ + "libsecp256k1-core", +] + +[[package]] +name = "libsecp256k1-gen-genmult" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3db8d6ba2cec9eacc40e6e8ccc98931840301f1006e95647ceb2dd5c3aa06f7c" +dependencies = [ + "libsecp256k1-core", +] + +[[package]] +name = "linux-raw-sys" +version = "0.4.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78b3ae25bc7c8c38cec158d1f2757ee79e9b3740fbc7ccf0e59e4b08d793fa89" + +[[package]] +name = "lock_api" +version = "0.4.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "07af8b9cdd281b7915f413fa73f29ebd5d55d0d3f0155584dade1ff18cea1b17" +dependencies = [ + "autocfg", + "scopeguard", +] + +[[package]] +name = "log" +version = "0.4.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a7a70ba024b9dc04c27ea2f0c0548feb474ec5c54bba33a7f72f873a39d07b24" + +[[package]] +name = "lru" +version = "0.12.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37ee39891760e7d94734f6f63fedc29a2e4a152f836120753a72503f09fcf904" +dependencies = [ + "hashbrown 0.14.5", +] + +[[package]] +name = "memchr" +version = "2.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3" + +[[package]] +name = "merlin" +version = "3.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "58c38e2799fc0978b65dfff8023ec7843e2330bb462f19198840b34b6582397d" +dependencies = [ + "byteorder", + "keccak", + "rand_core", + "zeroize", +] + +[[package]] +name = "mime" +version = "0.3.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" + +[[package]] +name = "minimal-lexical" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" + +[[package]] +name = "miniz_oxide" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2d80299ef12ff69b16a84bb182e3b9df68b5a91574d3d4fa6e41b65deec4df1" +dependencies = [ + "adler2", +] + +[[package]] +name = "mio" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "80e04d1dcff3aae0704555fe5fee3bcfaf3d1fdf8a7e521d5b9d2b42acb52cec" +dependencies = [ + "hermit-abi 0.3.9", + "libc", + "wasi", + "windows-sys 0.52.0", +] + +[[package]] +name = "native-tls" +version = "0.2.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8614eb2c83d59d1c8cc974dd3f920198647674a0a035e1af1fa58707e317466" +dependencies = [ + "libc", + "log", + "openssl", + "openssl-probe", + "openssl-sys", + "schannel", + "security-framework", + "security-framework-sys", + "tempfile", +] + +[[package]] +name = "no-std-net" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43794a0ace135be66a25d3ae77d41b91615fb68ae937f904090203e81f755b65" + +[[package]] +name = "nodrop" +version = "0.1.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72ef4a56884ca558e5ddb05a1d1e7e1bfd9a68d9ed024c21704cc98872dae1bb" + +[[package]] +name = "nom" +version = "7.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a" +dependencies = [ + "memchr", + "minimal-lexical", +] + +[[package]] +name = "num-bigint" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9" +dependencies = [ + "num-integer", + "num-traits", +] + +[[package]] +name = "num-integer" +version = "0.1.46" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f" +dependencies = [ + "num-traits", +] + +[[package]] +name = "num-rational" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f83d14da390562dca69fc84082e73e548e1ad308d24accdedd2720017cb37824" +dependencies = [ + "num-bigint", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-traits" +version = "0.2.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841" +dependencies = [ + "autocfg", + "libm", +] + +[[package]] +name = "num_cpus" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43" +dependencies = [ + "hermit-abi 0.3.9", + "libc", +] + +[[package]] +name = "num_enum" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e613fc340b2220f734a8595782c551f1250e969d87d3be1ae0579e8d4065179" +dependencies = [ + "num_enum_derive", +] + +[[package]] +name = "num_enum_derive" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af1844ef2428cc3e1cb900be36181049ef3d3193c63e43026cfe202983b27a56" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "object" +version = "0.36.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "084f1a5821ac4c651660a94a7153d27ac9d8a53736203f58b31945ded098070a" +dependencies = [ + "memchr", +] + +[[package]] +name = "once_cell" +version = "1.20.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "82881c4be219ab5faaf2ad5e5e5ecdff8c66bd7402ca3160975c93b24961afd1" +dependencies = [ + "portable-atomic", +] + +[[package]] +name = "opaque-debug" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381" + +[[package]] +name = "openssl" +version = "0.10.66" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9529f4786b70a3e8c61e11179af17ab6188ad8d0ded78c5529441ed39d4bd9c1" +dependencies = [ + "bitflags", + "cfg-if", + "foreign-types", + "libc", + "once_cell", + "openssl-macros", + "openssl-sys", +] + +[[package]] +name = "openssl-macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "openssl-probe" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" + +[[package]] +name = "openssl-sys" +version = "0.9.103" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f9e8deee91df40a943c71b917e5874b951d32a802526c85721ce3b776c929d6" +dependencies = [ + "cc", + "libc", + "pkg-config", + "vcpkg", +] + +[[package]] +name = "parentchain-listener" +version = "0.1.0" +dependencies = [ + "async-trait", + "env_logger", + "executor-core", + "log", + "parity-scale-codec", + "scale-encode", + "subxt", + "tokio", +] + +[[package]] +name = "parity-scale-codec" +version = "3.6.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "306800abfa29c7f16596b5970a588435e3d5b3149683d00c12b699cc19f895ee" +dependencies = [ + "arrayvec 0.7.6", + "bitvec", + "byte-slice-cast", + "impl-trait-for-tuples", + "parity-scale-codec-derive", + "serde", +] + +[[package]] +name = "parity-scale-codec-derive" +version = "3.6.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d830939c76d294956402033aee57a6da7b438f2294eb94864c37b0569053a42c" +dependencies = [ + "proc-macro-crate 3.2.0", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "parking" +version = "2.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f38d5652c16fde515bb1ecef450ab0f6a219d619a7274976324d5e377f7dceba" + +[[package]] +name = "parking_lot" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1bf18183cf54e8d6059647fc3063646a1801cf30896933ec2311622cc4b9a27" +dependencies = [ + "lock_api", + "parking_lot_core", +] + +[[package]] +name = "parking_lot_core" +version = "0.9.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e401f977ab385c9e4e3ab30627d6f26d00e2c73eef317493c4ec6d468726cf8" +dependencies = [ + "cfg-if", + "libc", + "redox_syscall", + "smallvec", + "windows-targets", +] + +[[package]] +name = "paste" +version = "1.0.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57c0d7b74b563b49d38dae00a0c37d4d6de9b432382b2892f0574ddcae73fd0a" + +[[package]] +name = "pbkdf2" +version = "0.12.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8ed6a7761f76e3b9f92dfb0a60a6a6477c61024b775147ff0973a02653abaf2" +dependencies = [ + "digest 0.10.7", +] + +[[package]] +name = "percent-encoding" +version = "2.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" + +[[package]] +name = "pest" +version = "2.7.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fdbef9d1d47087a895abd220ed25eb4ad973a5e26f6a4367b038c25e28dfc2d9" +dependencies = [ + "memchr", + "thiserror", + "ucd-trie", +] + +[[package]] +name = "pin-project" +version = "1.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6bf43b791c5b9e34c3d182969b4abb522f9343702850a2e57f460d00d09b4b3" +dependencies = [ + "pin-project-internal", +] + +[[package]] +name = "pin-project-internal" +version = "1.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "pin-project-lite" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bda66fc9667c18cb2758a2ac84d1167245054bcf85d5d1aaa6923f45801bdd02" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "piper" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96c8c490f422ef9a4efd2cb5b42b76c8613d7e7dfc1caf667b8a3350a5acc066" +dependencies = [ + "atomic-waker", + "fastrand", + "futures-io", +] + +[[package]] +name = "pkcs8" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" +dependencies = [ + "der", + "spki", +] + +[[package]] +name = "pkg-config" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "953ec861398dccce10c670dfeaf3ec4911ca479e9c02154b3a215178c5f566f2" + +[[package]] +name = "polling" +version = "3.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cc2790cd301dec6cd3b7a025e4815cf825724a51c98dccfe6a3e55f05ffb6511" +dependencies = [ + "cfg-if", + "concurrent-queue", + "hermit-abi 0.4.0", + "pin-project-lite", + "rustix", + "tracing", + "windows-sys 0.59.0", +] + +[[package]] +name = "poly1305" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8159bd90725d2df49889a078b54f4f79e87f1f8a8444194cdca81d38f5393abf" +dependencies = [ + "cpufeatures", + "opaque-debug", + "universal-hash", +] + +[[package]] +name = "portable-atomic" +version = "1.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cc9c68a3f6da06753e9335d63e27f6b9754dd1920d941135b7ea8224f141adb2" + +[[package]] +name = "ppv-lite86" +version = "0.2.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77957b295656769bb8ad2b6a6b09d897d94f05c41b069aede1fcdaa675eaea04" +dependencies = [ + "zerocopy", +] + +[[package]] +name = "primitive-types" +version = "0.12.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b34d9fd68ae0b74a41b21c03c2f62847aa0ffea044eee893b4c140b37e244e2" +dependencies = [ + "fixed-hash", + "impl-codec", + "impl-serde", + "scale-info", + "uint", +] + +[[package]] +name = "proc-macro-crate" +version = "1.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f4c021e1093a56626774e81216a4ce732a735e5bad4868a03f3ed65ca0c3919" +dependencies = [ + "once_cell", + "toml_edit 0.19.15", +] + +[[package]] +name = "proc-macro-crate" +version = "3.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ecf48c7ca261d60b74ab1a7b20da18bede46776b2e55535cb958eb595c5fa7b" +dependencies = [ + "toml_edit 0.22.22", +] + +[[package]] +name = "proc-macro-error" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" +dependencies = [ + "proc-macro-error-attr", + "proc-macro2", + "quote", + "syn 1.0.109", + "version_check", +] + +[[package]] +name = "proc-macro-error-attr" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" +dependencies = [ + "proc-macro2", + "quote", + "version_check", +] + +[[package]] +name = "proc-macro-error-attr2" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96de42df36bb9bba5542fe9f1a054b8cc87e172759a1868aa05c1f3acc89dfc5" +dependencies = [ + "proc-macro2", + "quote", +] + +[[package]] +name = "proc-macro-error2" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11ec05c52be0a07b08061f7dd003e7d7092e0472bc731b4af7bb1ef876109802" +dependencies = [ + "proc-macro-error-attr2", + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "proc-macro2" +version = "1.0.86" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "proptest" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b4c2511913b88df1637da85cc8d96ec8e43a3f8bb8ccb71ee1ac240d6f3df58d" +dependencies = [ + "bit-set", + "bit-vec", + "bitflags", + "lazy_static", + "num-traits", + "rand", + "rand_chacha", + "rand_xorshift", + "regex-syntax", + "rusty-fork", + "tempfile", + "unarray", +] + +[[package]] +name = "quick-error" +version = "1.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0" + +[[package]] +name = "quote" +version = "1.0.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "radium" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc33ff2d4973d518d823d61aa239014831e521c75da58e3df4840d3f47749d09" + +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "libc", + "rand_chacha", + "rand_core", + "serde", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom", +] + +[[package]] +name = "rand_xorshift" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d25bf25ec5ae4a3f1b92f929810509a2f53d7dca2f50b794ff57e3face536c8f" +dependencies = [ + "rand_core", +] + +[[package]] +name = "reconnecting-jsonrpsee-ws-client" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06fa4f17e09edfc3131636082faaec633c7baa269396b4004040bc6c52f49f65" +dependencies = [ + "cfg_aliases", + "finito", + "futures", + "jsonrpsee 0.23.2", + "serde_json", + "thiserror", + "tokio", + "tracing", +] + +[[package]] +name = "redox_syscall" +version = "0.5.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b6dfecf2c74bce2466cabf93f6664d6998a69eb21e39f4207930065b27b771f" +dependencies = [ + "bitflags", +] + +[[package]] +name = "regex" +version = "1.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38200e5ee88914975b69f657f0801b6f6dccafd44fd9326302a4aaeecfacb1d8" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata", + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.4.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "368758f23274712b504848e9d5a6f010445cc8b87a7cdb4d7cbee666c1288da3" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c" + +[[package]] +name = "reqwest" +version = "0.12.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f713147fbe92361e52392c73b8c9e48c04c6625bce969ef54dc901e58e042a7b" +dependencies = [ + "base64 0.22.1", + "bytes", + "futures-core", + "futures-util", + "http 1.1.0", + "http-body 1.0.1", + "http-body-util", + "hyper 1.4.1", + "hyper-tls", + "hyper-util", + "ipnet", + "js-sys", + "log", + "mime", + "native-tls", + "once_cell", + "percent-encoding", + "pin-project-lite", + "rustls-pemfile 2.2.0", + "serde", + "serde_json", + "serde_urlencoded", + "sync_wrapper 1.0.1", + "tokio", + "tokio-native-tls", + "tower-service", + "url", + "wasm-bindgen", + "wasm-bindgen-futures", + "web-sys", + "windows-registry", +] + +[[package]] +name = "rfc6979" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8dd2a808d456c4a54e300a23e9f5a67e122c3024119acbfd73e3bf664491cb2" +dependencies = [ + "hmac 0.12.1", + "subtle", +] + +[[package]] +name = "ring" +version = "0.17.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c17fa4cb658e3583423e915b9f3acc01cceaee1860e33d59ebae66adc3a2dc0d" +dependencies = [ + "cc", + "cfg-if", + "getrandom", + "libc", + "spin", + "untrusted", + "windows-sys 0.52.0", +] + +[[package]] +name = "rlp" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bb919243f34364b6bd2fc10ef797edbfa75f33c252e7998527479c6d6b47e1ec" +dependencies = [ + "bytes", + "rustc-hex", +] + +[[package]] +name = "ruint" +version = "1.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c3cc4c2511671f327125da14133d0c5c5d137f006a1017a16f557bc85b16286" +dependencies = [ + "alloy-rlp", + "ark-ff 0.3.0", + "ark-ff 0.4.2", + "bytes", + "fastrlp", + "num-bigint", + "num-traits", + "parity-scale-codec", + "primitive-types", + "proptest", + "rand", + "rlp", + "ruint-macro", + "serde", + "valuable", + "zeroize", +] + +[[package]] +name = "ruint-macro" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "48fd7bd8a6377e15ad9d42a8ec25371b94ddc67abe7c8b9127bec79bebaaae18" + +[[package]] +name = "rustc-demangle" +version = "0.1.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "719b953e2095829ee67db738b3bfa9fa368c94900df327b3f07fe6e794d2fe1f" + +[[package]] +name = "rustc-hash" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" + +[[package]] +name = "rustc-hash" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "583034fd73374156e66797ed8e5b0d5690409c9226b22d87cb7f19821c05d152" + +[[package]] +name = "rustc-hex" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3e75f6a532d0fd9f7f13144f392b6ad56a32696bfcd9c78f797f16bbb6f072d6" + +[[package]] +name = "rustc_version" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0dfe2087c51c460008730de8b57e6a320782fbfb312e1f4d520e6c6fae155ee" +dependencies = [ + "semver 0.11.0", +] + +[[package]] +name = "rustc_version" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cfcb3a22ef46e85b45de6ee7e79d063319ebb6594faafcf1c225ea92ab6e9b92" +dependencies = [ + "semver 1.0.23", +] + +[[package]] +name = "rustix" +version = "0.38.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8acb788b847c24f28525660c4d7758620a7210875711f79e7f663cc152726811" +dependencies = [ + "bitflags", + "errno", + "libc", + "linux-raw-sys", + "windows-sys 0.52.0", +] + +[[package]] +name = "rustls" +version = "0.21.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f56a14d1f48b391359b22f731fd4bd7e43c97f3c50eee276f3aa09c94784d3e" +dependencies = [ + "log", + "ring", + "rustls-webpki 0.101.7", + "sct", +] + +[[package]] +name = "rustls" +version = "0.22.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf4ef73721ac7bcd79b2b315da7779d8fc09718c6b3d2d1b2d94850eb8c18432" +dependencies = [ + "log", + "ring", + "rustls-pki-types", + "rustls-webpki 0.102.8", + "subtle", + "zeroize", +] + +[[package]] +name = "rustls" +version = "0.23.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2dabaac7466917e566adb06783a81ca48944c6898a1b08b9374106dd671f4c8" +dependencies = [ + "log", + "once_cell", + "ring", + "rustls-pki-types", + "rustls-webpki 0.102.8", + "subtle", + "zeroize", +] + +[[package]] +name = "rustls-native-certs" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9aace74cb666635c918e9c12bc0d348266037aa8eb599b5cba565709a8dff00" +dependencies = [ + "openssl-probe", + "rustls-pemfile 1.0.4", + "schannel", + "security-framework", +] + +[[package]] +name = "rustls-native-certs" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e5bfb394eeed242e909609f56089eecfe5fda225042e8b171791b9c95f5931e5" +dependencies = [ + "openssl-probe", + "rustls-pemfile 2.2.0", + "rustls-pki-types", + "schannel", + "security-framework", +] + +[[package]] +name = "rustls-pemfile" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c" +dependencies = [ + "base64 0.21.7", +] + +[[package]] +name = "rustls-pemfile" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dce314e5fee3f39953d46bb63bb8a46d40c2f8fb7cc5a3b6cab2bde9721d6e50" +dependencies = [ + "rustls-pki-types", +] + +[[package]] +name = "rustls-pki-types" +version = "1.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0e696e35370c65c9c541198af4543ccd580cf17fc25d8e05c5a242b202488c55" + +[[package]] +name = "rustls-platform-verifier" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "afbb878bdfdf63a336a5e63561b1835e7a8c91524f51621db870169eac84b490" +dependencies = [ + "core-foundation", + "core-foundation-sys", + "jni", + "log", + "once_cell", + "rustls 0.23.13", + "rustls-native-certs 0.7.3", + "rustls-platform-verifier-android", + "rustls-webpki 0.102.8", + "security-framework", + "security-framework-sys", + "webpki-roots", + "winapi", +] + +[[package]] +name = "rustls-platform-verifier-android" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f87165f0995f63a9fbeea62b64d10b4d9d8e78ec6d7d51fb2125fda7bb36788f" + +[[package]] +name = "rustls-webpki" +version = "0.101.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b6275d1ee7a1cd780b64aca7726599a1dbc893b1e64144529e55c3c2f745765" +dependencies = [ + "ring", + "untrusted", +] + +[[package]] +name = "rustls-webpki" +version = "0.102.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64ca1bc8749bd4cf37b5ce386cc146580777b4e8572c7b97baf22c83f444bee9" +dependencies = [ + "ring", + "rustls-pki-types", + "untrusted", +] + +[[package]] +name = "rustversion" +version = "1.0.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "955d28af4278de8121b7ebeb796b6a45735dc01436d898801014aced2773a3d6" + +[[package]] +name = "rusty-fork" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb3dcc6e454c328bb824492db107ab7c0ae8fcffe4ad210136ef014458c1bc4f" +dependencies = [ + "fnv", + "quick-error", + "tempfile", + "wait-timeout", +] + +[[package]] +name = "ruzstd" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "58c4eb8a81997cf040a091d1f7e1938aeab6749d3a0dfa73af43cdc32393483d" +dependencies = [ + "byteorder", + "derive_more 0.99.18", + "twox-hash", +] + +[[package]] +name = "ryu" +version = "1.0.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f3cb5ba0dc43242ce17de99c180e96db90b235b8a9fdc9543c96d2209116bd9f" + +[[package]] +name = "same-file" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "scale-bits" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e57b1e7f6b65ed1f04e79a85a57d755ad56d76fdf1e9bddcc9ae14f71fcdcf54" +dependencies = [ + "parity-scale-codec", + "scale-info", + "scale-type-resolver", + "serde", +] + +[[package]] +name = "scale-decode" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e98f3262c250d90e700bb802eb704e1f841e03331c2eb815e46516c4edbf5b27" +dependencies = [ + "derive_more 0.99.18", + "parity-scale-codec", + "primitive-types", + "scale-bits", + "scale-decode-derive", + "scale-type-resolver", + "smallvec", +] + +[[package]] +name = "scale-decode-derive" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9bb22f574168103cdd3133b19281639ca65ad985e24612728f727339dcaf4021" +dependencies = [ + "darling 0.14.4", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "scale-encode" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ba0b9c48dc0eb20c60b083c29447c0c4617cb7c4a4c9fef72aa5c5bc539e15e" +dependencies = [ + "derive_more 0.99.18", + "parity-scale-codec", + "primitive-types", + "scale-bits", + "scale-encode-derive", + "scale-type-resolver", + "smallvec", +] + +[[package]] +name = "scale-encode-derive" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "82ab7e60e2d9c8d47105f44527b26f04418e5e624ffc034f6b4a86c0ba19c5bf" +dependencies = [ + "darling 0.14.4", + "proc-macro-crate 1.3.1", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "scale-info" +version = "2.11.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eca070c12893629e2cc820a9761bedf6ce1dcddc9852984d1dc734b8bd9bd024" +dependencies = [ + "bitvec", + "cfg-if", + "derive_more 0.99.18", + "parity-scale-codec", + "scale-info-derive", + "serde", +] + +[[package]] +name = "scale-info-derive" +version = "2.11.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2d35494501194174bda522a32605929eefc9ecf7e0a326c26db1fdd85881eb62" +dependencies = [ + "proc-macro-crate 3.2.0", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "scale-type-resolver" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0cded6518aa0bd6c1be2b88ac81bf7044992f0f154bfbabd5ad34f43512abcb" +dependencies = [ + "scale-info", + "smallvec", +] + +[[package]] +name = "scale-typegen" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "498d1aecf2ea61325d4511787c115791639c0fd21ef4f8e11e49dd09eff2bbac" +dependencies = [ + "proc-macro2", + "quote", + "scale-info", + "syn 2.0.79", + "thiserror", +] + +[[package]] +name = "scale-value" +version = "0.16.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8cd6ab090d823e75cfdb258aad5fe92e13f2af7d04b43a55d607d25fcc38c811" +dependencies = [ + "base58", + "blake2", + "derive_more 0.99.18", + "either", + "frame-metadata 15.1.0", + "parity-scale-codec", + "scale-bits", + "scale-decode", + "scale-encode", + "scale-info", + "scale-type-resolver", + "serde", + "yap", +] + +[[package]] +name = "schannel" +version = "0.1.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e9aaafd5a2b6e3d657ff009d82fbd630b6bd54dd4eb06f21693925cdf80f9b8b" +dependencies = [ + "windows-sys 0.59.0", +] + +[[package]] +name = "schnorrkel" +version = "0.11.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8de18f6d8ba0aad7045f5feae07ec29899c1112584a38509a84ad7b04451eaa0" +dependencies = [ + "aead", + "arrayref", + "arrayvec 0.7.6", + "curve25519-dalek", + "getrandom_or_panic", + "merlin", + "rand_core", + "serde_bytes", + "sha2 0.10.8", + "subtle", + "zeroize", +] + +[[package]] +name = "scopeguard" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" + +[[package]] +name = "sct" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da046153aa2352493d6cb7da4b6e5c0c057d8a1d0a9aa8560baffdd945acd414" +dependencies = [ + "ring", + "untrusted", +] + +[[package]] +name = "sec1" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3e97a565f76233a6003f9f5c54be1d9c5bdfa3eccfb189469f11ec4901c47dc" +dependencies = [ + "base16ct", + "der", + "generic-array", + "pkcs8", + "subtle", + "zeroize", +] + +[[package]] +name = "security-framework" +version = "2.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "897b2245f0b511c87893af39b033e5ca9cce68824c4d7e7630b5a1d339658d02" +dependencies = [ + "bitflags", + "core-foundation", + "core-foundation-sys", + "libc", + "num-bigint", + "security-framework-sys", +] + +[[package]] +name = "security-framework-sys" +version = "2.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea4a292869320c0272d7bc55a5a6aafaff59b4f63404a003887b679a2e05b4b6" +dependencies = [ + "core-foundation-sys", + "libc", +] + +[[package]] +name = "semver" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f301af10236f6df4160f7c3f04eec6dbc70ace82d23326abad5edee88801c6b6" +dependencies = [ + "semver-parser", +] + +[[package]] +name = "semver" +version = "1.0.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61697e0a1c7e512e84a621326239844a24d8207b4669b41bc18b32ea5cbf988b" + +[[package]] +name = "semver-parser" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00b0bef5b7f9e0df16536d3961cfb6e84331c065b4066afb39768d0e319411f7" +dependencies = [ + "pest", +] + +[[package]] +name = "serde" +version = "1.0.210" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8e3592472072e6e22e0a54d5904d9febf8508f65fb8552499a1abc7d1078c3a" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_bytes" +version = "0.11.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "387cc504cb06bb40a96c8e04e951fe01854cf6bc921053c954e4a606d9675c6a" +dependencies = [ + "serde", +] + +[[package]] +name = "serde_derive" +version = "1.0.210" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "serde_json" +version = "1.0.128" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ff5456707a1de34e7e37f2a6fd3d3f808c318259cbd01ab6377795054b483d8" +dependencies = [ + "itoa", + "memchr", + "ryu", + "serde", +] + +[[package]] +name = "serde_urlencoded" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd" +dependencies = [ + "form_urlencoded", + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "sha-1" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "99cd6713db3cf16b6c84e06321e049a9b9f699826e16096d23bbcc44d15d51a6" +dependencies = [ + "block-buffer 0.9.0", + "cfg-if", + "cpufeatures", + "digest 0.9.0", + "opaque-debug", +] + +[[package]] +name = "sha1" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest 0.10.7", +] + +[[package]] +name = "sha2" +version = "0.9.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" +dependencies = [ + "block-buffer 0.9.0", + "cfg-if", + "cpufeatures", + "digest 0.9.0", + "opaque-debug", +] + +[[package]] +name = "sha2" +version = "0.10.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest 0.10.7", +] + +[[package]] +name = "sha3" +version = "0.10.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75872d278a8f37ef87fa0ddbda7802605cb18344497949862c0d4dcb291eba60" +dependencies = [ + "digest 0.10.7", + "keccak", +] + +[[package]] +name = "sha3-asm" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c28efc5e327c837aa837c59eae585fc250715ef939ac32881bcc11677cd02d46" +dependencies = [ + "cc", + "cfg-if", +] + +[[package]] +name = "shlex" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" + +[[package]] +name = "signal-hook-registry" +version = "1.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9e9e0b4211b72e7b8b6e85c807d36c212bdb33ea8587f7569562a84df5465b1" +dependencies = [ + "libc", +] + +[[package]] +name = "signature" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" +dependencies = [ + "digest 0.10.7", + "rand_core", +] + +[[package]] +name = "siphasher" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56199f7ddabf13fe5074ce809e7d3f42b42ae711800501b5b16ea82ad029c39d" + +[[package]] +name = "slab" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f92a496fb766b417c996b9c5e57daf2f7ad3b0bebe1ccfca4856390e3d3bb67" +dependencies = [ + "autocfg", +] + +[[package]] +name = "smallvec" +version = "1.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c5e1a9a646d36c3599cd173a41282daf47c44583ad367b8e6837255952e5c67" + +[[package]] +name = "smol" +version = "2.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a33bd3e260892199c3ccfc487c88b2da2265080acb316cd920da72fdfd7c599f" +dependencies = [ + "async-channel", + "async-executor", + "async-fs", + "async-io", + "async-lock", + "async-net", + "async-process", + "blocking", + "futures-lite", +] + +[[package]] +name = "smoldot" +version = "0.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6d1eaa97d77be4d026a1e7ffad1bb3b78448763b357ea6f8188d3e6f736a9b9" +dependencies = [ + "arrayvec 0.7.6", + "async-lock", + "atomic-take", + "base64 0.21.7", + "bip39", + "blake2-rfc", + "bs58", + "chacha20", + "crossbeam-queue", + "derive_more 0.99.18", + "ed25519-zebra", + "either", + "event-listener 4.0.3", + "fnv", + "futures-lite", + "futures-util", + "hashbrown 0.14.5", + "hex", + "hmac 0.12.1", + "itertools 0.12.1", + "libm", + "libsecp256k1", + "merlin", + "no-std-net", + "nom", + "num-bigint", + "num-rational", + "num-traits", + "pbkdf2", + "pin-project", + "poly1305", + "rand", + "rand_chacha", + "ruzstd", + "schnorrkel", + "serde", + "serde_json", + "sha2 0.10.8", + "sha3", + "siphasher", + "slab", + "smallvec", + "soketto 0.7.1", + "twox-hash", + "wasmi", + "x25519-dalek", + "zeroize", +] + +[[package]] +name = "smoldot-light" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5496f2d116b7019a526b1039ec2247dd172b8670633b1a64a614c9ea12c9d8c7" +dependencies = [ + "async-channel", + "async-lock", + "base64 0.21.7", + "blake2-rfc", + "derive_more 0.99.18", + "either", + "event-listener 4.0.3", + "fnv", + "futures-channel", + "futures-lite", + "futures-util", + "hashbrown 0.14.5", + "hex", + "itertools 0.12.1", + "log", + "lru", + "no-std-net", + "parking_lot", + "pin-project", + "rand", + "rand_chacha", + "serde", + "serde_json", + "siphasher", + "slab", + "smol", + "smoldot", + "zeroize", +] + +[[package]] +name = "socket2" +version = "0.5.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce305eb0b4296696835b71df73eb912e0f1ffd2556a501fcede6e0c50349191c" +dependencies = [ + "libc", + "windows-sys 0.52.0", +] + +[[package]] +name = "soketto" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41d1c5305e39e09653383c2c7244f2f78b3bcae37cf50c64cb4789c9f5096ec2" +dependencies = [ + "base64 0.13.1", + "bytes", + "futures", + "httparse", + "log", + "rand", + "sha-1", +] + +[[package]] +name = "soketto" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37468c595637c10857701c990f93a40ce0e357cedb0953d1c26c8d8027f9bb53" +dependencies = [ + "base64 0.22.1", + "bytes", + "futures", + "httparse", + "log", + "rand", + "sha1", +] + +[[package]] +name = "sp-crypto-hashing" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bc9927a7f81334ed5b8a98a4a978c81324d12bd9713ec76b5c68fd410174c5eb" +dependencies = [ + "blake2b_simd", + "byteorder", + "digest 0.10.7", + "sha2 0.10.8", + "sha3", + "twox-hash", +] + +[[package]] +name = "spin" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" + +[[package]] +name = "spki" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" +dependencies = [ + "base64ct", + "der", +] + +[[package]] +name = "static_assertions" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" + +[[package]] +name = "strsim" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" + +[[package]] +name = "strsim" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" + +[[package]] +name = "strum" +version = "0.26.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8fec0f0aef304996cf250b31b5a10dee7980c85da9d759361292b8bca5a18f06" +dependencies = [ + "strum_macros", +] + +[[package]] +name = "strum_macros" +version = "0.26.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c6bee85a5a24955dc440386795aa378cd9cf82acd5f764469152d2270e581be" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "rustversion", + "syn 2.0.79", +] + +[[package]] +name = "subtle" +version = "2.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292" + +[[package]] +name = "subxt" +version = "0.37.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a160cba1edbf3ec4fbbeaea3f1a185f70448116a6bccc8276bb39adb3b3053bd" +dependencies = [ + "async-trait", + "derive-where", + "either", + "frame-metadata 16.0.0", + "futures", + "hex", + "impl-serde", + "instant", + "jsonrpsee 0.22.5", + "parity-scale-codec", + "primitive-types", + "reconnecting-jsonrpsee-ws-client", + "scale-bits", + "scale-decode", + "scale-encode", + "scale-info", + "scale-value", + "serde", + "serde_json", + "sp-crypto-hashing", + "subxt-core", + "subxt-lightclient", + "subxt-macro", + "subxt-metadata", + "thiserror", + "tokio-util", + "tracing", + "url", +] + +[[package]] +name = "subxt-codegen" +version = "0.37.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d703dca0905cc5272d7cc27a4ac5f37dcaae7671acc7fef0200057cc8c317786" +dependencies = [ + "frame-metadata 16.0.0", + "heck", + "hex", + "jsonrpsee 0.22.5", + "parity-scale-codec", + "proc-macro2", + "quote", + "scale-info", + "scale-typegen", + "subxt-metadata", + "syn 2.0.79", + "thiserror", + "tokio", +] + +[[package]] +name = "subxt-core" +version = "0.37.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "59f41eb2e2eea6ed45649508cc735f92c27f1fcfb15229e75f8270ea73177345" +dependencies = [ + "base58", + "blake2", + "derive-where", + "frame-metadata 16.0.0", + "hashbrown 0.14.5", + "hex", + "impl-serde", + "parity-scale-codec", + "primitive-types", + "scale-bits", + "scale-decode", + "scale-encode", + "scale-info", + "scale-value", + "serde", + "serde_json", + "sp-crypto-hashing", + "subxt-metadata", + "tracing", +] + +[[package]] +name = "subxt-lightclient" +version = "0.37.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9d9406fbdb9548c110803cb8afa750f8b911d51eefdf95474b11319591d225d9" +dependencies = [ + "futures", + "futures-util", + "serde", + "serde_json", + "smoldot-light", + "thiserror", + "tokio", + "tokio-stream", + "tracing", +] + +[[package]] +name = "subxt-macro" +version = "0.37.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c195f803d70687e409aba9be6c87115b5da8952cd83c4d13f2e043239818fcd" +dependencies = [ + "darling 0.20.10", + "parity-scale-codec", + "proc-macro-error", + "quote", + "scale-typegen", + "subxt-codegen", + "syn 2.0.79", +] + +[[package]] +name = "subxt-metadata" +version = "0.37.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "738be5890fdeff899bbffff4d9c0f244fe2a952fb861301b937e3aa40ebb55da" +dependencies = [ + "frame-metadata 16.0.0", + "hashbrown 0.14.5", + "parity-scale-codec", + "scale-info", + "sp-crypto-hashing", +] + +[[package]] +name = "syn" +version = "1.0.109" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "syn" +version = "2.0.79" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "89132cd0bf050864e1d38dc3bbc07a0eb8e7530af26344d3d2bbbef83499f590" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "syn-solidity" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ab661c8148c2261222a4d641ad5477fd4bea79406a99056096a0b41b35617a5" +dependencies = [ + "paste", + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "sync_wrapper" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160" + +[[package]] +name = "sync_wrapper" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a7065abeca94b6a8a577f9bd45aa0867a2238b74e8eb67cf10d492bc39351394" +dependencies = [ + "futures-core", +] + +[[package]] +name = "tap" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369" + +[[package]] +name = "tempfile" +version = "3.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0f2c9fc62d0beef6951ccffd757e241266a2c833136efbe35af6cd2567dca5b" +dependencies = [ + "cfg-if", + "fastrand", + "once_cell", + "rustix", + "windows-sys 0.59.0", +] + +[[package]] +name = "thiserror" +version = "1.0.64" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d50af8abc119fb8bb6dbabcfa89656f46f84aa0ac7688088608076ad2b459a84" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.64" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08904e7672f5eb876eaaf87e0ce17857500934f4981c4a0ab2b4aa98baac7fc3" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "threadpool" +version = "1.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d050e60b33d41c19108b32cea32164033a9013fe3b46cbd4457559bfbf77afaa" +dependencies = [ + "num_cpus", +] + +[[package]] +name = "tiny-keccak" +version = "2.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c9d3793400a45f954c52e73d068316d76b6f4e36977e3fcebb13a2721e80237" +dependencies = [ + "crunchy", +] + +[[package]] +name = "tinyvec" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "445e881f4f6d382d5f27c034e25eb92edd7c784ceab92a0937db7f2e9471b938" +dependencies = [ + "tinyvec_macros", +] + +[[package]] +name = "tinyvec_macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" + +[[package]] +name = "tokio" +version = "1.40.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2b070231665d27ad9ec9b8df639893f46727666c6767db40317fbe920a5d998" +dependencies = [ + "backtrace", + "bytes", + "libc", + "mio", + "pin-project-lite", + "socket2", + "tokio-macros", + "windows-sys 0.52.0", +] + +[[package]] +name = "tokio-macros" +version = "2.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "tokio-native-tls" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2" +dependencies = [ + "native-tls", + "tokio", +] + +[[package]] +name = "tokio-rustls" +version = "0.24.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c28327cf380ac148141087fbfb9de9d7bd4e84ab5d2c28fbc911d753de8a7081" +dependencies = [ + "rustls 0.21.12", + "tokio", +] + +[[package]] +name = "tokio-rustls" +version = "0.25.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "775e0c0f0adb3a2f22a00c4745d728b479985fc15ee7ca6a2608388c5569860f" +dependencies = [ + "rustls 0.22.4", + "rustls-pki-types", + "tokio", +] + +[[package]] +name = "tokio-rustls" +version = "0.26.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c7bc40d0e5a97695bb96e27995cd3a08538541b0a846f65bba7a359f36700d4" +dependencies = [ + "rustls 0.23.13", + "rustls-pki-types", + "tokio", +] + +[[package]] +name = "tokio-stream" +version = "0.1.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4f4e6ce100d0eb49a2734f8c0812bcd324cf357d21810932c5df6b96ef2b86f1" +dependencies = [ + "futures-core", + "pin-project-lite", + "tokio", + "tokio-util", +] + +[[package]] +name = "tokio-util" +version = "0.7.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61e7c3654c13bcd040d4a03abee2c75b1d14a37b423cf5a813ceae1cc903ec6a" +dependencies = [ + "bytes", + "futures-core", + "futures-io", + "futures-sink", + "pin-project-lite", + "tokio", +] + +[[package]] +name = "toml_datetime" +version = "0.6.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0dd7358ecb8fc2f8d014bf86f6f638ce72ba252a2c3a2572f2a795f1d23efb41" + +[[package]] +name = "toml_edit" +version = "0.19.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b5bb770da30e5cbfde35a2d7b9b8a2c4b8ef89548a7a6aeab5c9a576e3e7421" +dependencies = [ + "indexmap", + "toml_datetime", + "winnow 0.5.40", +] + +[[package]] +name = "toml_edit" +version = "0.22.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ae48d6208a266e853d946088ed816055e556cc6028c5e8e2b84d9fa5dd7c7f5" +dependencies = [ + "indexmap", + "toml_datetime", + "winnow 0.6.20", +] + +[[package]] +name = "tower" +version = "0.4.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8fa9be0de6cf49e536ce1851f987bd21a43b771b09473c3549a6c853db37c1c" +dependencies = [ + "futures-core", + "futures-util", + "pin-project", + "pin-project-lite", + "tower-layer", + "tower-service", + "tracing", +] + +[[package]] +name = "tower" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2873938d487c3cfb9aed7546dc9f2711d867c9f90c46b889989a2cb84eba6b4f" +dependencies = [ + "futures-core", + "futures-util", + "pin-project-lite", + "sync_wrapper 0.1.2", + "tower-layer", + "tower-service", +] + +[[package]] +name = "tower-layer" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "121c2a6cda46980bb0fcd1647ffaf6cd3fc79a013de288782836f6df9c48780e" + +[[package]] +name = "tower-service" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8df9b6e13f2d32c91b9bd719c00d1958837bc7dec474d94952798cc8e69eeec3" + +[[package]] +name = "tracing" +version = "0.1.40" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3523ab5a71916ccf420eebdf5521fcef02141234bbc0b8a49f2fdc4544364ef" +dependencies = [ + "log", + "pin-project-lite", + "tracing-attributes", + "tracing-core", +] + +[[package]] +name = "tracing-attributes" +version = "0.1.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "tracing-core" +version = "0.1.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c06d3da6113f116aaee68e4d601191614c9053067f9ab7f6edbcb161237daa54" +dependencies = [ + "once_cell", +] + +[[package]] +name = "try-lock" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b" + +[[package]] +name = "twox-hash" +version = "1.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97fee6b57c6a41524a810daee9286c02d7752c4253064d0b05472833a438f675" +dependencies = [ + "cfg-if", + "digest 0.10.7", + "static_assertions", +] + +[[package]] +name = "typenum" +version = "1.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825" + +[[package]] +name = "ucd-trie" +version = "0.1.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2896d95c02a80c6d6a5d6e953d479f5ddf2dfdb6a244441010e373ac0fb88971" + +[[package]] +name = "uint" +version = "0.9.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "76f64bba2c53b04fcab63c01a7d7427eadc821e3bc48c34dc9ba29c501164b52" +dependencies = [ + "byteorder", + "crunchy", + "hex", + "static_assertions", +] + +[[package]] +name = "unarray" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eaea85b334db583fe3274d12b4cd1880032beab409c0d774be044d4480ab9a94" + +[[package]] +name = "unicode-bidi" +version = "0.3.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08f95100a766bf4f8f28f90d77e0a5461bbdb219042e7679bebe79004fed8d75" + +[[package]] +name = "unicode-ident" +version = "1.0.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e91b56cd4cadaeb79bbf1a5645f6b4f8dc5bde8834ad5894a8db35fda9efa1fe" + +[[package]] +name = "unicode-normalization" +version = "0.1.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5033c97c4262335cded6d6fc3e5c18ab755e1a3dc96376350f3d8e9f009ad956" +dependencies = [ + "tinyvec", +] + +[[package]] +name = "unicode-xid" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853" + +[[package]] +name = "universal-hash" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fc1de2c688dc15305988b563c3854064043356019f97a4b46276fe734c4f07ea" +dependencies = [ + "crypto-common", + "subtle", +] + +[[package]] +name = "untrusted" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" + +[[package]] +name = "url" +version = "2.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "22784dbdf76fdde8af1aeda5622b546b422b6fc585325248a2bf9f5e41e94d6c" +dependencies = [ + "form_urlencoded", + "idna", + "percent-encoding", +] + +[[package]] +name = "utf8parse" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" + +[[package]] +name = "valuable" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "830b7e5d4d90034032940e4ace0d9a9a057e7a45cd94e6c007832e39edb82f6d" + +[[package]] +name = "vcpkg" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" + +[[package]] +name = "version_check" +version = "0.9.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a" + +[[package]] +name = "wait-timeout" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9f200f5b12eb75f8c1ed65abd4b2db8a6e1b138a20de009dacee265a2498f3f6" +dependencies = [ + "libc", +] + +[[package]] +name = "walkdir" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "29790946404f91d9c5d06f9874efddea1dc06c5efe94541a7d6863108e3a5e4b" +dependencies = [ + "same-file", + "winapi-util", +] + +[[package]] +name = "want" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfa7760aed19e106de2c7c0b581b509f2f25d3dacaf737cb82ac61bc6d760b0e" +dependencies = [ + "try-lock", +] + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + +[[package]] +name = "wasm-bindgen" +version = "0.2.93" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a82edfc16a6c469f5f44dc7b571814045d60404b55a0ee849f9bcfa2e63dd9b5" +dependencies = [ + "cfg-if", + "once_cell", + "wasm-bindgen-macro", +] + +[[package]] +name = "wasm-bindgen-backend" +version = "0.2.93" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9de396da306523044d3302746f1208fa71d7532227f15e347e2d93e4145dd77b" +dependencies = [ + "bumpalo", + "log", + "once_cell", + "proc-macro2", + "quote", + "syn 2.0.79", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-futures" +version = "0.4.43" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61e9300f63a621e96ed275155c108eb6f843b6a26d053f122ab69724559dc8ed" +dependencies = [ + "cfg-if", + "js-sys", + "wasm-bindgen", + "web-sys", +] + +[[package]] +name = "wasm-bindgen-macro" +version = "0.2.93" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "585c4c91a46b072c92e908d99cb1dcdf95c5218eeb6f3bf1efa991ee7a68cccf" +dependencies = [ + "quote", + "wasm-bindgen-macro-support", +] + +[[package]] +name = "wasm-bindgen-macro-support" +version = "0.2.93" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "afc340c74d9005395cf9dd098506f7f44e38f2b4a21c6aaacf9a105ea5e1e836" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", + "wasm-bindgen-backend", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-shared" +version = "0.2.93" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c62a0a307cb4a311d3a07867860911ca130c3494e8c2719593806c08bc5d0484" + +[[package]] +name = "wasmi" +version = "0.31.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77a8281d1d660cdf54c76a3efa9ddd0c270cada1383a995db3ccb43d166456c7" +dependencies = [ + "smallvec", + "spin", + "wasmi_arena", + "wasmi_core", + "wasmparser-nostd", +] + +[[package]] +name = "wasmi_arena" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "104a7f73be44570cac297b3035d76b169d6599637631cf37a1703326a0727073" + +[[package]] +name = "wasmi_core" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dcf1a7db34bff95b85c261002720c00c3a6168256dcb93041d3fa2054d19856a" +dependencies = [ + "downcast-rs", + "libm", + "num-traits", + "paste", +] + +[[package]] +name = "wasmparser-nostd" +version = "0.100.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5a015fe95f3504a94bb1462c717aae75253e39b9dd6c3fb1062c934535c64aa" +dependencies = [ + "indexmap-nostd", +] + +[[package]] +name = "web-sys" +version = "0.3.70" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26fdeaafd9bd129f65e7c031593c24d62186301e0c72c8978fa1678be7d532c0" +dependencies = [ + "js-sys", + "wasm-bindgen", +] + +[[package]] +name = "webpki-roots" +version = "0.26.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "841c67bff177718f1d4dfefde8d8f0e78f9b6589319ba88312f567fc5841a958" +dependencies = [ + "rustls-pki-types", +] + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-util" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb" +dependencies = [ + "windows-sys 0.59.0", +] + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "windows-registry" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e400001bb720a623c1c69032f8e3e4cf09984deec740f007dd2b03ec864804b0" +dependencies = [ + "windows-result", + "windows-strings", + "windows-targets", +] + +[[package]] +name = "windows-result" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d1043d8214f791817bab27572aaa8af63732e11bf84aa21a45a78d6c317ae0e" +dependencies = [ + "windows-targets", +] + +[[package]] +name = "windows-strings" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4cd9b125c486025df0eabcb585e62173c6c9eddcec5d117d3b6e8c30e2ee4d10" +dependencies = [ + "windows-result", + "windows-targets", +] + +[[package]] +name = "windows-sys" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" +dependencies = [ + "windows-targets", +] + +[[package]] +name = "windows-sys" +version = "0.59.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" +dependencies = [ + "windows-targets", +] + +[[package]] +name = "windows-targets" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" +dependencies = [ + "windows_aarch64_gnullvm", + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_gnullvm", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_gnullvm", + "windows_x86_64_msvc", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" + +[[package]] +name = "windows_i686_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" + +[[package]] +name = "windows_i686_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" + +[[package]] +name = "winnow" +version = "0.5.40" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f593a95398737aeed53e489c785df13f3618e41dbcd6718c6addbf1395aa6876" +dependencies = [ + "memchr", +] + +[[package]] +name = "winnow" +version = "0.6.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "36c1fec1a2bb5866f07c25f68c26e565c4c200aebb96d7e55710c19d3e8ac49b" +dependencies = [ + "memchr", +] + +[[package]] +name = "wyz" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05f360fc0b24296329c78fda852a1e9ae82de9cf7b27dae4b7f62f118f77b9ed" +dependencies = [ + "tap", +] + +[[package]] +name = "x25519-dalek" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c7e468321c81fb07fa7f4c636c3972b9100f0346e5b6a9f2bd0603a52f7ed277" +dependencies = [ + "curve25519-dalek", + "rand_core", + "serde", + "zeroize", +] + +[[package]] +name = "yap" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff4524214bc4629eba08d78ceb1d6507070cc0bcbbed23af74e19e6e924a24cf" + +[[package]] +name = "zerocopy" +version = "0.7.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0" +dependencies = [ + "byteorder", + "zerocopy-derive", +] + +[[package]] +name = "zerocopy-derive" +version = "0.7.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] + +[[package]] +name = "zeroize" +version = "1.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde" +dependencies = [ + "zeroize_derive", +] + +[[package]] +name = "zeroize_derive" +version = "1.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", +] diff --git a/tee-worker/omni-executor/Cargo.toml b/tee-worker/omni-executor/Cargo.toml new file mode 100644 index 0000000000..1672f89225 --- /dev/null +++ b/tee-worker/omni-executor/Cargo.toml @@ -0,0 +1,22 @@ +[workspace] +members = [ + "executor-core", + "executor-worker", + "parentchain/listener", + "ethereum/intention-executor", +] + +resolver = "2" + +[workspace.package] +edition = "2021" + +[workspace.dependencies] +log = "0.4.22" +tokio = "1.40.0" +async-trait = "0.1.82" +env_logger = "0.11.5" +scale-encode = "0.7.1" +parity-scale-codec = "3.6.12" +alloy = "0.3.6" +clap = "4.5.17" diff --git a/tee-worker/omni-executor/Dockerfile b/tee-worker/omni-executor/Dockerfile new file mode 100644 index 0000000000..06f4d3881b --- /dev/null +++ b/tee-worker/omni-executor/Dockerfile @@ -0,0 +1,8 @@ +FROM rust:1.79 AS builder +WORKDIR /usr/src/omni-executor +COPY . . +RUN cargo build --release + +FROM ubuntu:22.04 +COPY --from=builder /usr/src/omni-executor/target/release/executor-worker /usr/local/bin/executor-worker +CMD ["executor-worker"] \ No newline at end of file diff --git a/tee-worker/omni-executor/Makefile b/tee-worker/omni-executor/Makefile new file mode 100644 index 0000000000..375c12114e --- /dev/null +++ b/tee-worker/omni-executor/Makefile @@ -0,0 +1,78 @@ +# Copyright (C) 2023 Gramine contributors +# SPDX-License-Identifier: BSD-3-Clause + +ARCH_LIBDIR ?= /lib/$(shell $(CC) -dumpmachine) + +SELF_EXE = target/release/omni-executor + +.PHONY: all +all: $(SELF_EXE) omni-executor.manifest +ifeq ($(SGX),1) +all: omni-executor.manifest.sgx omni-executor.sig +endif + +ifeq ($(DEBUG),1) +GRAMINE_LOG_LEVEL = debug +else +GRAMINE_LOG_LEVEL = error +endif + +# Note that we're compiling in release mode regardless of the DEBUG setting passed +# to Make, as compiling in debug mode results in an order of magnitude's difference in +# performance that makes testing by running a benchmark with ab painful. The primary goal +# of the DEBUG setting is to control Gramine's loglevel. +-include $(SELF_EXE).d # See also: .cargo/config.toml +$(SELF_EXE): Cargo.toml + cargo build --release + +omni-executor.manifest: omni-executor.manifest.template + gramine-manifest \ + -Dlog_level=$(GRAMINE_LOG_LEVEL) \ + -Darch_libdir=$(ARCH_LIBDIR) \ + -Dself_exe=$(SELF_EXE) \ + $< $@ + +# Make on Ubuntu <= 20.04 doesn't support "Rules with Grouped Targets" (`&:`), +# see the helloworld example for details on this workaround. +omni-executor.manifest.sgx tee-bridge.sig: sgx_sign + @: + +.INTERMEDIATE: sgx_sign +sgx_sign: omni-executor.manifest $(SELF_EXE) + gramine-sgx-sign \ + --manifest $< \ + --output $<.sgx + +ifeq ($(SGX),) +GRAMINE = gramine-direct +else +GRAMINE = gramine-sgx +endif + +.PHONY: start-gramine-server +start-gramine-server: all + $(GRAMINE) tee-bridge + +.PHONY: clean +clean: + $(RM) -rf *.token *.sig *.manifest.sgx *.manifest result-* OUTPUT + +.PHONY: distclean +distclean: clean + $(RM) -rf target/ Cargo.lock + +.PHONY: build-docker +build-docker: + docker build . --tag omni-executor:latest + +.PHONY: start-local +start-local: + docker-compose up + +.PHONY: stop-local +stop-local: + docker-compose down + +.PHONY: get-omni-pallet-metadata +get-omni-pallet-metadata: + subxt metadata --url http://localhost:9944 --allow-insecure --pallets OmniAccount > parentchain/artifacts/rococo-omni-account.scale diff --git a/tee-worker/omni-executor/README.md b/tee-worker/omni-executor/README.md new file mode 100644 index 0000000000..314d1e163a --- /dev/null +++ b/tee-worker/omni-executor/README.md @@ -0,0 +1,3 @@ +# Omni-executor worker + +! Connect to trusted RPC endpoints ! \ No newline at end of file diff --git a/tee-worker/omni-executor/docker-compose.yml b/tee-worker/omni-executor/docker-compose.yml new file mode 100644 index 0000000000..b3798d98ed --- /dev/null +++ b/tee-worker/omni-executor/docker-compose.yml @@ -0,0 +1,20 @@ +services: + omni-executor: + image: omni-executor:latest + environment: + - RUST_LOG=debug + depends_on: + - ethereum-node + - litentry-node + command: ["executor-worker", "ws://litentry-node:9944", "http://ethereum-node:8545"] + ethereum-node: + image: ghcr.io/foundry-rs/foundry + command: + - "anvil --host 0.0.0.0 --block-time 1" + ports: + - "8545:8545" + litentry-node: + image: litentry/litentry-parachain + ports: + - "9944:9944" + command: ["--dev", "--rpc-external"] \ No newline at end of file diff --git a/tee-worker/omni-executor/ethereum/intention-executor/Cargo.toml b/tee-worker/omni-executor/ethereum/intention-executor/Cargo.toml new file mode 100644 index 0000000000..2c62fda636 --- /dev/null +++ b/tee-worker/omni-executor/ethereum/intention-executor/Cargo.toml @@ -0,0 +1,11 @@ +[package] +name = "intention-executor" +version = "0.1.0" +authors = ['Trust Computing GmbH '] +edition.workspace = true + +[dependencies] +alloy = { workspace = true, features = ["contract", "signer-local", "rpc", "rpc-types"] } +async-trait = { workspace = true } +executor-core = { path = "../../executor-core" } +log = { workspace = true } diff --git a/tee-worker/omni-executor/ethereum/intention-executor/src/lib.rs b/tee-worker/omni-executor/ethereum/intention-executor/src/lib.rs new file mode 100644 index 0000000000..9ae22727c4 --- /dev/null +++ b/tee-worker/omni-executor/ethereum/intention-executor/src/lib.rs @@ -0,0 +1,86 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use std::str::FromStr; + +use alloy::network::EthereumWallet; +use alloy::primitives::{Address, U256}; +use alloy::providers::{Provider, ProviderBuilder, WalletProvider}; +use alloy::rpc::types::{TransactionInput, TransactionRequest}; +use alloy::signers::local::PrivateKeySigner; +use async_trait::async_trait; +use executor_core::intention_executor::IntentionExecutor; +use executor_core::primitives::Intention; +use log::{error, info}; + +/// Executes intentions on Ethereum network. +pub struct EthereumIntentionExecutor { + rpc_url: String, +} + +impl EthereumIntentionExecutor { + pub fn new(rpc_url: &str) -> Result { + Ok(Self { rpc_url: rpc_url.to_string() }) + } +} + +#[async_trait] +impl IntentionExecutor for EthereumIntentionExecutor { + async fn execute(&self, intention: Intention) -> Result<(), ()> { + info!("Relaying intention: {:?}", intention); + // todo: this should be retrieved from key_store + let signer = PrivateKeySigner::from_str( + "0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d", + ) + .unwrap(); + let wallet = EthereumWallet::from(signer); + let provider = ProviderBuilder::new() + .with_recommended_fillers() + .wallet(wallet) + .on_http(self.rpc_url.parse().map_err(|e| error!("Could not parse rpc url: {:?}", e))?); + let account = + provider.get_account(provider.signer_addresses().next().unwrap()).await.unwrap(); + match intention { + Intention::TransferEthereum(to, value) => { + let tx = TransactionRequest::default() + .to(Address::from(to)) + .nonce(account.nonce) + .value(U256::from_be_bytes(value)); + let pending_tx = provider.send_transaction(tx).await.map_err(|e| { + error!("Could not send transaction: {:?}", e); + })?; + // wait for transaction to be included + pending_tx.get_receipt().await.map_err(|e| { + error!("Could not get transaction receipt: {:?}", e); + })?; + }, + Intention::CallEthereum(address, input) => { + let tx = TransactionRequest::default() + .to(Address::from(address)) + .nonce(account.nonce) + .input(TransactionInput::from(input)); + let pending_tx = provider.send_transaction(tx).await.map_err(|e| { + error!("Could not send transaction: {:?}", e); + })?; + // wait for transaction to be included + pending_tx.get_receipt().await.map_err(|e| { + error!("Could not get transaction receipt: {:?}", e); + })?; + }, + } + Ok(()) + } +} diff --git a/tee-worker/omni-executor/executor-core/Cargo.toml b/tee-worker/omni-executor/executor-core/Cargo.toml new file mode 100644 index 0000000000..2139accc31 --- /dev/null +++ b/tee-worker/omni-executor/executor-core/Cargo.toml @@ -0,0 +1,11 @@ +[package] +name = "executor-core" +version = "0.1.0" +authors = ['Trust Computing GmbH '] +edition.workspace = true + +[dependencies] +async-trait = { workspace = true } +log = { workspace = true } +parity-scale-codec = { workspace = true, features = ["derive"] } +tokio = { workspace = true } diff --git a/tee-worker/omni-executor/executor-core/README.md b/tee-worker/omni-executor/executor-core/README.md new file mode 100644 index 0000000000..e69de29bb2 diff --git a/tee-worker/omni-executor/executor-core/src/event_handler.rs b/tee-worker/omni-executor/executor-core/src/event_handler.rs new file mode 100644 index 0000000000..6671937fd9 --- /dev/null +++ b/tee-worker/omni-executor/executor-core/src/event_handler.rs @@ -0,0 +1,28 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use async_trait::async_trait; + +#[derive(Debug)] +pub enum Error { + NonRecoverableError, + RecoverableError, +} + +#[async_trait] +pub trait EventHandler { + async fn handle(&self, event: BlockEvent) -> Result<(), Error>; +} diff --git a/tee-worker/omni-executor/executor-core/src/fetcher.rs b/tee-worker/omni-executor/executor-core/src/fetcher.rs new file mode 100644 index 0000000000..3efafbe779 --- /dev/null +++ b/tee-worker/omni-executor/executor-core/src/fetcher.rs @@ -0,0 +1,30 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use crate::primitives::GetEventId; +use async_trait::async_trait; + +/// Returns the last finalized block number +#[async_trait] +pub trait LastFinalizedBlockNumFetcher { + async fn get_last_finalized_block_num(&mut self) -> Result, ()>; +} + +/// Returns all events emitted on given chain +#[async_trait] +pub trait EventsFetcher> { + async fn get_block_events(&mut self, block_num: u64) -> Result, ()>; +} diff --git a/tee-worker/omni-executor/executor-core/src/intention_executor.rs b/tee-worker/omni-executor/executor-core/src/intention_executor.rs new file mode 100644 index 0000000000..fd46337883 --- /dev/null +++ b/tee-worker/omni-executor/executor-core/src/intention_executor.rs @@ -0,0 +1,44 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use async_trait::async_trait; +use tokio::sync::mpsc; + +use crate::primitives::Intention; + +/// Used to perform intention on destination chain +#[async_trait] +pub trait IntentionExecutor: Send { + async fn execute(&self, intention: Intention) -> Result<(), ()>; +} + +pub struct MockedIntentionExecutor { + sender: mpsc::UnboundedSender<()>, +} + +impl MockedIntentionExecutor { + pub fn new() -> (Self, mpsc::UnboundedReceiver<()>) { + let (sender, receiver) = mpsc::unbounded_channel(); + (Self { sender }, receiver) + } +} + +#[async_trait] +impl IntentionExecutor for MockedIntentionExecutor { + async fn execute(&self, _intention: Intention) -> Result<(), ()> { + self.sender.send(()).map_err(|_| ()) + } +} diff --git a/tee-worker/omni-executor/executor-core/src/lib.rs b/tee-worker/omni-executor/executor-core/src/lib.rs new file mode 100644 index 0000000000..f12f2f081f --- /dev/null +++ b/tee-worker/omni-executor/executor-core/src/lib.rs @@ -0,0 +1,22 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +pub mod event_handler; +pub mod fetcher; +pub mod intention_executor; +pub mod listener; +pub mod primitives; +pub mod sync_checkpoint_repository; diff --git a/tee-worker/omni-executor/executor-core/src/listener.rs b/tee-worker/omni-executor/executor-core/src/listener.rs new file mode 100644 index 0000000000..f3293f8096 --- /dev/null +++ b/tee-worker/omni-executor/executor-core/src/listener.rs @@ -0,0 +1,217 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use log::error; +use std::fmt::Debug; +use std::{marker::PhantomData, thread::sleep, time::Duration}; +use tokio::{runtime::Handle, sync::oneshot::Receiver}; + +use crate::event_handler::{Error, EventHandler}; +use crate::fetcher::{EventsFetcher, LastFinalizedBlockNumFetcher}; +use crate::primitives::GetEventId; +use crate::sync_checkpoint_repository::{Checkpoint, CheckpointRepository}; + +/// Represents event emitted on listened chain. +#[derive(Clone, Debug, PartialEq)] +pub struct IntentionEvent { + id: Id, + //todo: fill +} + +impl IntentionEvent { + pub fn new(id: Id) -> Self { + Self { id } + } +} + +/// Component, used to listen to chain and execute requested intentions +/// Requires specific implementations of: +/// `Fetcher` - used to fetch data from chain +/// `IntentionExecutor` - used to execute intentions on target chain +/// `CheckpointRepository` - used to store listener's progress +/// `EventId` - represents chain event id +/// `BlockEvent` - represents chain event +pub struct Listener< + Fetcher, + Checkpoint, + CheckpointRepository, + BlockEventId, + BlockEvent, + IntentionEventHandler, +> { + id: String, + handle: Handle, + fetcher: Fetcher, + intention_event_handler: IntentionEventHandler, + stop_signal: Receiver<()>, + checkpoint_repository: CheckpointRepository, + _phantom: PhantomData<(Checkpoint, BlockEventId, BlockEvent)>, +} + +impl< + EventId: Into + Clone + Debug, + BlockEventT: GetEventId, + Fetcher: LastFinalizedBlockNumFetcher + EventsFetcher, + CheckpointT: PartialOrd + Checkpoint + From, + CheckpointRepositoryT: CheckpointRepository, + IntentionEventHandler: EventHandler, + > + Listener +{ + pub fn new( + id: &str, + handle: Handle, + fetcher: Fetcher, + intention_event_handler: IntentionEventHandler, + stop_signal: Receiver<()>, + last_processed_log_repository: CheckpointRepositoryT, + ) -> Result { + Ok(Self { + id: id.to_string(), + handle, + fetcher, + intention_event_handler, + stop_signal, + checkpoint_repository: last_processed_log_repository, + _phantom: PhantomData, + }) + } + + /// Start syncing. It's a long-running blocking operation - should be started in dedicated thread. + pub fn sync(&mut self, start_block: u64) { + log::info!("Starting {} network sync, start block: {}", self.id, start_block); + let mut block_number_to_sync = if let Some(ref checkpoint) = + self.checkpoint_repository.get().expect("Could not read checkpoint") + { + if checkpoint.just_block_num() { + // let's start syncing from next block as we processed previous fully + checkpoint.get_block_num() + 1 + } else { + // block processing was interrupted, so we have to process last block again + // but currently processed logs will be skipped + checkpoint.get_block_num() + } + } else { + start_block + }; + log::debug!("Starting sync from {:?}", block_number_to_sync); + + 'main: loop { + log::info!("Syncing block: {}", block_number_to_sync); + if self.stop_signal.try_recv().is_ok() { + break; + } + + let maybe_last_finalized_block = + match self.handle.block_on(self.fetcher.get_last_finalized_block_num()) { + Ok(maybe_block) => maybe_block, + Err(_) => { + log::info!("Could not get last finalized block number"); + sleep(Duration::from_secs(1)); + continue; + }, + }; + + let last_finalized_block = match maybe_last_finalized_block { + Some(v) => v, + None => { + log::info!( + "Waiting for finalized block, block to sync {}", + block_number_to_sync + ); + sleep(Duration::from_secs(1)); + continue; + }, + }; + + log::trace!( + "Last finalized block: {}, block to sync {}", + last_finalized_block, + block_number_to_sync + ); + + //we know there are more block waiting for sync so let's skip sleep + let fast = match last_finalized_block.checked_sub(block_number_to_sync) { + Some(v) => v > 1, + None => false, + }; + + if last_finalized_block >= block_number_to_sync { + if let Ok(events) = + self.handle.block_on(self.fetcher.get_block_events(block_number_to_sync)) + { + for event in events { + let event_id = event.get_event_id().clone(); + if let Some(ref checkpoint) = + self.checkpoint_repository.get().expect("Could not read checkpoint") + { + if checkpoint.lt(&event.get_event_id().clone().into()) { + log::info!("Executing intention"); + if let Err(e) = + self.handle.block_on(self.intention_event_handler.handle(event)) + { + log::error!("Could not execute intention: {:?}", e); + match e { + Error::NonRecoverableError => { + error!("Non-recoverable intention handling error, event: {:?}", event_id); + break 'main; + }, + Error::RecoverableError => { + error!( + "Recoverable intention handling error, event: {:?}", + event_id + ); + continue 'main; + }, + } + } + log::info!("Intention executed"); + } else { + log::debug!("Skipping event"); + } + } else { + log::info!("Handling event: {:?}", event_id); + if let Err(e) = + self.handle.block_on(self.intention_event_handler.handle(event)) + { + log::error!("Could not execute intention: {:?}", e); + // sleep(Duration::from_secs(1)); + // // it will try again in next loop + // continue 'main; + } + log::info!("Intention executed"); + } + self.checkpoint_repository + .save(event_id.into()) + .expect("Could not save checkpoint"); + } + // we processed block completely so store new checkpoint + self.checkpoint_repository + .save(CheckpointT::from(block_number_to_sync)) + .expect("Could not save checkpoint"); + log::info!("Finished syncing block: {}", block_number_to_sync); + block_number_to_sync += 1; + } + } + + if !fast { + sleep(Duration::from_secs(1)) + } else { + log::trace!("Fast sync skipping 1s wait"); + } + } + } +} diff --git a/tee-worker/omni-executor/executor-core/src/primitives.rs b/tee-worker/omni-executor/executor-core/src/primitives.rs new file mode 100644 index 0000000000..4dd12f93dc --- /dev/null +++ b/tee-worker/omni-executor/executor-core/src/primitives.rs @@ -0,0 +1,25 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +#[derive(Debug)] +pub enum Intention { + TransferEthereum([u8; 20], [u8; 32]), + CallEthereum([u8; 20], Vec), +} + +pub trait GetEventId { + fn get_event_id(&self) -> Id; +} diff --git a/tee-worker/omni-executor/executor-core/src/sync_checkpoint_repository.rs b/tee-worker/omni-executor/executor-core/src/sync_checkpoint_repository.rs new file mode 100644 index 0000000000..2fdf008404 --- /dev/null +++ b/tee-worker/omni-executor/executor-core/src/sync_checkpoint_repository.rs @@ -0,0 +1,107 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use parity_scale_codec::{Decode, Encode}; +use std::fmt::Debug; +use std::fs; +use std::fs::File; +use std::io::{ErrorKind, Write}; + +/// Represents the point in chain. It can be a whole block or a more precise unit, for example +/// in case of substrate chain it is BLOCK_NUM::EVENT_NUM +pub trait Checkpoint { + // determines whether checkpoint is a whole block or not + fn just_block_num(&self) -> bool; + fn get_block_num(&self) -> u64; +} + +/// Used for saving and reading `Checkpoint` +pub trait CheckpointRepository { + fn get(&self) -> Result, ()>; + fn save(&mut self, checkpoint: Checkpoint) -> Result<(), ()>; +} + +/// Simple `CheckpointRepository`. Checkpoints are not persisted across restarts. +pub struct InMemoryCheckpointRepository { + last: Option, +} + +impl InMemoryCheckpointRepository { + pub fn new(last: Option) -> Self { + Self { last } + } +} + +impl CheckpointRepository for InMemoryCheckpointRepository +where + Checkpoint: Clone, +{ + fn get(&self) -> Result, ()> { + Ok(self.last.clone()) + } + + fn save(&mut self, checkpoint: Checkpoint) -> Result<(), ()> { + self.last = Some(checkpoint); + Ok(()) + } +} + +/// File based `CheckpointRepository`. Used to persist checkpoints across restarts. +pub struct FileCheckpointRepository { + file_name: String, +} + +impl FileCheckpointRepository { + pub fn new(file_name: &str) -> Self { + // todo add regex check here + Self { file_name: file_name.to_owned() } + } +} + +impl CheckpointRepository for FileCheckpointRepository +where + Checkpoint: Encode + Decode + Debug, +{ + fn get(&self) -> Result, ()> { + match fs::read(&self.file_name) { + Ok(content) => { + let checkpoint: Checkpoint = + Checkpoint::decode(&mut content.as_slice()).map_err(|e| { + log::error!("Could not decode last processed log: {:?}", e); + })?; + Ok(Some(checkpoint)) + }, + Err(e) => match e.kind() { + ErrorKind::NotFound => Ok(None), + _ => { + log::error!("Could not open file {:?}", e); + Err(()) + }, + }, + } + } + + fn save(&mut self, checkpoint: Checkpoint) -> Result<(), ()> { + log::trace!("Saving checkpoint: {:?}", checkpoint); + let content = checkpoint.encode(); + if let Ok(mut file) = File::create(&self.file_name) { + file.write(content.as_slice()).map_err(|_| ())?; + Ok(()) + } else { + Err(()) + } + } +} diff --git a/tee-worker/omni-executor/executor-worker/Cargo.lock b/tee-worker/omni-executor/executor-worker/Cargo.lock new file mode 100644 index 0000000000..31c1e7fcd0 --- /dev/null +++ b/tee-worker/omni-executor/executor-worker/Cargo.lock @@ -0,0 +1,7 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "executor-worker" +version = "0.1.0" diff --git a/tee-worker/omni-executor/executor-worker/Cargo.toml b/tee-worker/omni-executor/executor-worker/Cargo.toml new file mode 100644 index 0000000000..f0b8afd215 --- /dev/null +++ b/tee-worker/omni-executor/executor-worker/Cargo.toml @@ -0,0 +1,17 @@ +[package] +name = "executor-worker" +version = "0.1.0" +authors = ['Trust Computing GmbH '] +edition.workspace = true + +[dependencies] +clap = { workspace = true, features = ["derive"] } +env_logger = { workspace = true } +executor-core = { path = "../executor-core" } +hex = "0.4.3" +intention-executor = { path = "../ethereum/intention-executor" } +log = { workspace = true } +parentchain-listener = { path = "../parentchain/listener" } +scale-encode = { workspace = true } +serde_json = "1.0.127" +tokio = { workspace = true, features = ["macros", "rt-multi-thread"] } diff --git a/tee-worker/omni-executor/executor-worker/src/cli.rs b/tee-worker/omni-executor/executor-worker/src/cli.rs new file mode 100644 index 0000000000..1bb4112442 --- /dev/null +++ b/tee-worker/omni-executor/executor-worker/src/cli.rs @@ -0,0 +1,8 @@ +use clap::Parser; + +#[derive(Parser)] +#[command(version, about, long_about = None)] +pub struct Cli { + pub parentchain_url: String, + pub ethereum_url: String, +} \ No newline at end of file diff --git a/tee-worker/omni-executor/executor-worker/src/main.rs b/tee-worker/omni-executor/executor-worker/src/main.rs new file mode 100644 index 0000000000..19b1b64df3 --- /dev/null +++ b/tee-worker/omni-executor/executor-worker/src/main.rs @@ -0,0 +1,76 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use intention_executor::EthereumIntentionExecutor; +use log::error; +use parentchain_listener::CustomConfig; +use std::io::Write; +use std::thread::JoinHandle; +use std::{fs, thread}; +use clap::Parser; +use tokio::runtime::Handle; +use tokio::sync::oneshot; +use crate::cli::Cli; + +mod cli; + +#[tokio::main] +async fn main() -> Result<(), ()> { + env_logger::builder() + .format(|buf, record| { + let ts = buf.timestamp_micros(); + writeln!( + buf, + "{} [{}][{}]: {}", + ts, + record.level(), + std::thread::current().name().unwrap_or("none"), + record.args(), + ) + }) + .init(); + + + let cli = Cli::parse(); + + fs::create_dir_all("data/").map_err(|e| { + error!("Could not create data dir: {:?}", e); + })?; + + listen_to_parentchain(cli.parentchain_url, cli.ethereum_url).await.unwrap().join().unwrap(); + Ok(()) +} + +async fn listen_to_parentchain(parentchain_url: String, ethereum_url: String) -> Result, ()> { + let (_sub_stop_sender, sub_stop_receiver) = oneshot::channel(); + let ethereum_intention_executor = EthereumIntentionExecutor::new(ðereum_url) + .map_err(|e| log::error!("{:?}", e))?; + + let mut parentchain_listener = + parentchain_listener::create_listener::( + "litentry_rococo", + Handle::current(), + &parentchain_url, + ethereum_intention_executor, + sub_stop_receiver, + ) + .await?; + + Ok(thread::Builder::new() + .name("litentry_rococo_sync".to_string()) + .spawn(move || parentchain_listener.sync(0)) + .unwrap()) +} diff --git a/tee-worker/omni-executor/omni-executor.manifest b/tee-worker/omni-executor/omni-executor.manifest new file mode 100644 index 0000000000..fddc897506 --- /dev/null +++ b/tee-worker/omni-executor/omni-executor.manifest @@ -0,0 +1,44 @@ +[loader] +entrypoint = "file:/usr/lib/x86_64-linux-gnu/gramine/libsysdb.so" +log_level = "error" + +[loader.env] +LD_LIBRARY_PATH = "/lib:/lib/x86_64-linux-gnu" +MALLOC_ARENA_MAX = "1" +RUST_BACKTRACE = "full" + +[libos] +entrypoint = "target/release/omni-executor" + +[fs] +mounts = [ + { path = "/lib", uri = "file:/usr/lib/x86_64-linux-gnu/gramine/runtime/glibc" }, + { path = "/lib/x86_64-linux-gnu", uri = "file:/lib/x86_64-linux-gnu" }, +] + +[sgx] +debug = true +edmm_enable = false +trusted_files = [ + { uri = "file:/usr/lib/x86_64-linux-gnu/gramine/libsysdb.so" }, + { uri = "file:target/release/omni-executor" }, + { uri = "file:/usr/lib/x86_64-linux-gnu/gramine/runtime/glibc/" }, + { uri = "file:/lib/x86_64-linux-gnu/" }, +] +max_threads = 8 +isvprodid = 0 +isvsvn = 0 +remote_attestation = "none" +enable_stats = false +enclave_size = "256M" +use_exinfo = false + +[sgx.cpu_features] +avx = "unspecified" +avx512 = "unspecified" +amx = "unspecified" +mpx = "disabled" +pkru = "disabled" + +[sys] +enable_extra_runtime_domain_names_conf = true diff --git a/tee-worker/omni-executor/omni-executor.manifest.template b/tee-worker/omni-executor/omni-executor.manifest.template new file mode 100644 index 0000000000..b846149bff --- /dev/null +++ b/tee-worker/omni-executor/omni-executor.manifest.template @@ -0,0 +1,45 @@ +# Copyright (C) 2023 Gramine contributors +# SPDX-License-Identifier: BSD-3-Clause + +# Rust manifest example + +loader.entrypoint = "file:{{ gramine.libos }}" +libos.entrypoint = "{{ self_exe }}" +loader.log_level = "{{ log_level }}" + +loader.env.LD_LIBRARY_PATH = "/lib:{{ arch_libdir }}" + +# See https://gramine.readthedocs.io/en/stable/performance.html#glibc-malloc-tuning +loader.env.MALLOC_ARENA_MAX = "1" + +# For easier debugging — not strictly required to run this workload +loader.env.RUST_BACKTRACE = "full" + +fs.mounts = [ + { path = "/lib", uri = "file:{{ gramine.runtimedir() }}" }, + { path = "{{ arch_libdir }}", uri = "file:{{ arch_libdir }}" }, + { path = "/data", uri = "file:data", type="encrypted", key_name="_sgx_mrsigner" }, +] + +sgx.debug = true +sgx.edmm_enable = {{ 'true' if env.get('EDMM', '0') == '1' else 'false' }} + + +# dns +sys.enable_extra_runtime_domain_names_conf = true + +sgx.trusted_files = [ + "file:{{ gramine.libos }}", + "file:{{ self_exe }}", + "file:{{ gramine.runtimedir() }}/", + "file:{{ arch_libdir }}/", +] + +# The maximum number of threads in a single process needs to be declared in advance. +# You need to account for: +# - one main thread +# - the tokio worker threads +# - any threads and threadpools you might be starting +# - helper threads internal to Gramine — see: +# https://gramine.readthedocs.io/en/stable/manifest-syntax.html#number-of-threads +sgx.max_threads = {{ '1' if env.get('EDMM', '0') == '1' else '64' }} diff --git a/tee-worker/omni-executor/parentchain/artifacts/rococo-omni-account.scale b/tee-worker/omni-executor/parentchain/artifacts/rococo-omni-account.scale new file mode 100644 index 0000000000000000000000000000000000000000..cc85f5c8e5e5ab0ed294454d1534063df372374a GIT binary patch literal 23193 zcmch94`5_hxz{`gARJpsieN?yzFka%!afkn`E0jk|y0`mln28Zf0(h z`*vpT?7ergnc8Zr)Ys~wMO&p>6trkj(4wG4L5mgzEm{;5v?wSjC@3f>D5$^heCM8X zCz))E4}J7)=KJpX^E>B!=R4o|&Ua4RPrTQCASVi?xLa?8kw4mq`rRa~%rqKduahh` zPaGG*5sq}<(W|}1J#qX#BE=C`2$9GC#L*+7fPasQBL2Nrj1TN1iOAc z>399OxN!XBZ3j@5g~;W_Sbif48~9(n>qTB;#|t|32n|7f<7fHr{I1_ggmfw^?M|TE z>4=KF()C&`KdFac*FA3kOs1j*jcXXPQmFnU{sj zJE4%{>ywkFbA?=L`|V9XO6#ldc=3)a(-wBu!nW^n5?4cVgV^<`#F{SVtltiI53OK* zNCkd8F3acr#uRnr9q5XOhSY;vA|HdL3ZK(;EqhIWwYS*{8vhsV$vKY>sfXIrMzL;J zm3v_>h`V0W*zub)ab|=Lsc$s$<6bM7khL`5S;Y`Xoaa?#4Gbz((KN-nUhL8s-;aW`>s-FtjctCZHt`*Vi<&-v;L)?A18;_Ru0mX>#}Te ziKEUvhM@LEX)(?N>pQ-?q2zGG^*g<`8*aJD4$`oQj$@*@V!|2ap2|DxvgXXoDVfi& zTy#VYGg}nqqsS3cLP$Xj%=oE1O>8}tCepq_vM>^|HnNiJ_z^OW&w8Csm@I|i#amv^lgn~8#Cr|l;}!x2kz%95NSFDBL_uM>L> z8UnB7h*h~Tz~OY)iSqp3j@P5{5!Z{c*)WQFUCJYVPE^iyyj?G7d7CXCO0ae|43oRU zWTw>$FC+O4LQH2nZJ^0egd;(x>F?!bzE=}+#HXH|lUJ0QU7oq8zPvJbZfU+gfA;Lk z+4}rlvnzA+bM>{wx6eZZ&p`uYOrU=kvNdG;K#onH>2;cM79)mdrPJ!Cor>WZKkWnT zGJ3q-Yh#4;@XbcPm-ym{7(ds!*a-wFh>Y=A(=lLirpzDB1!*G}T?% z)xV{{T;C0148rOD+x;j6Zn2u}hhZZr^W#gjik$VaDgc5IrMto4H8I){`9K}o_3SQ?Jq zHV%2&^;$jO$u7$mhAfnn7Q?oo(;Xj&@N7VMMu0FcnpZ(E2p8g7!lDCZ8(RoLr`t<* z3tQj#UVbB7Q+g{4hS2txx4t(tjpCFSk6k$#fppxtd9@@>vT&p^|6w(Gj^0<0a_QgU3CxSy$t z+Q%$<-5`EQmS*q=JpfxFu_|kSu@iBE8JluhsfY*AUpeuRQ!ZafX{0o&;b`6(Iut*yyPn$q2%z7xPe>C}Txqt$Er zF$TO7CsD7FqzlO8&N*lw_wqFUNTzYCAILbO+&NDh7@zwk6YoVn@CP+w=%*(}5n| zR|v|TW5W^KhqUPYRn2NS#Tn`_EL0zSRMxo3rc)ePssptisDkR%CKtq9n{p0xLi&53 zv9_TM4Dm=oo--X`Wcl#wIe zC(ARuXh8E}pE$pZ_pJGF;so^k=vvtFI^MogVDinwLWIF~ z5cjo0Jgqi??>oE?GJsI|!20>jtLFk@))hO6iqgR$CUed8c6yo{p zs_PzDbzQaUenRd3BfZ~lV`CO*t6_YZ2rUiyvQ{pOO_-qRZ?cAEO^)OjA$J18kh&ny zPa});)e$eqf#d*IIO|;|Bf(&W2pXXq9N{D8%klBSQAB+&z~xXAFCMg^&S_`EXK4Ix zn|O;mf${r{Ho!~brEI^vc%WZiRQ>XD!S%JhSjjBn**(a4*an5sC4bv%^d0d9ImbVh zxyic}bVF%=arOAA6F~oUxuAb%Q%IHK*vXTp9PwS1f_`UHz*PRia4^FvEXk2h*lGAL z%A)E9S>DD93L|+xt3{@@Nj1uVza-}}RnI7cFST4vTI_;gB9`UI>3-tJ7yrdWT zugKL*_O+BP#Fq|fKqhrsS)Q!`ks7T+jOx7&MEaHCVNb|yZh<$(5 zyrI6o>W$PtFN>RG)?ZRni?h|R7_<4N8fr(pUdjcZiOETu1Z&Y6OM@fch$Lpu@eLF4nPX*6)XFs*dRcAJ)Pwap9*Rch#C=k@VsJP99#=0vDC_7fh>i*5H#k z&prxW%BjOkndVZGz0@~QQ)R604VG~G;U!FP3EO_hkArwzWxtaNUH#1AnWs2&8-7Ae zj-=1EFQ=p`z!CFM6Z4TL@S~VC2NX=ACvRK$U?o>30K2_SqA!gLo=?Q zGc*G$7@CpYU}%Q+^M+<@uQN1*D;k>7-Dqfr_iGHz_#y4tc#`k(dGrr$oXvX&&4bAvUhGu+kNNF-_f$ujNn(_T+Lo+_t(2VbmhGu-f z#n6oJw;G!9l?~1KZZ1w%8wilG_bt%hcN zRYNnrUoFJG~;`-p&4Jz(2Vbtp&8$# zp&8#>Qu;Q=H)UwXce|k(-yMc#e80ocjBnb|jBm!!jPJCe8Q-j-8Q+|t8Q*+LznSr! zF*M`5)6k4>!O)Cv(a?w`^#}cbB0V-%3i?7~iU)8Q`CG~;`lp&8#jhGu;Crt~Ss_jW@wzIPa!@m(-9r}~)zHZ6k@`j){Ew=9D(Zd(R}+_4Ns8CV9x{AJ5v zoEI&FfwnAzk+u!v7$fai1|tnEgOPSEgOOgc3`QDR1|y9vgOMhd!AN_S!AN&4gOOe~ z485rASq3BRTLvS&-!d5K@3IU=`haCH(g!Vrk^XMWV5GmtG8pMYmcd9LHVnPI{9emo zq`%KH80kALgONUB8I1JzTLvTj70Y0xk6H#Jeatc#=^wBRM*0U0LoYN}EQ680%Q6`0 zAF>Qa`iCupkv?u2jP%`>!ASpzWiZk|Y8j053Cm!lPa1|^a{icQFw#G68I1HjmcdA$ zvJ6K0CoF@J{z=PVq)%H0BYm%BFw#F|8I1H#8-`wd-e(z%^!=8>NdJswFw#G38I1H9 z%V4A*unb1}=PZMf{&~w_q|aIgBmJOZ=w;|HSOz2gip=B`Amn?&ke$Fx&=|8dzM*5E}gOR>$ z8I1JvhN0J}e_|Po^q*P=BmIJ9Fw!qt1|$7vmcdB>xn(fYFIfg7{jy~+(tlwYjPzd` zhF+syu?$A~70Y0x|H?8L>A$uNM*3CDV5DEO3`Y8IEQ68$TgzaiU$+cK`VGU-Yt+B9 z3`Y9zErXGM(=r(8w=9E^{s+ror2o+}80ohygOPs6G8pN9vJ6K0pAAE=QQx%;M*2O= zV5I-WG8pN9wG2l3eam2^Kd=l&`rj;rk^XnfV5C2^3`Y7R!_aHg|F8^3`adm$k^a~+ z80k+egOUC(%V4DcTZqNOeIFI}eW(+ZG37Ra2dLp|pU1M4E@D9yONeE7nyx8`yALmI zoJ-@7+KMWUgKD)C=A6v$XqRV_i4*C1{WgxdH)eOdXxq=6Uaay5jpkk{$4`4WaBcW2 zTPoP*UP4q9_YL*PjBHXQ*NBSe%8xFqYKH8-qoX^Sy?EOYZNXGS;6rFTB)Nr#)&;SxzbB;w1hxh z#6TiBI$UQ23J#Y+;Bn&0eaWXR!urqzqs?HOA~sRpocbk%KO8nEG^rd}Y=zr#07p5s zn={i{1{xlqyK`+R+E*)S%x1ws+SqF3>u{93n3F1oQhDp=JBVlXaV(WR7rjQ55njOV z{MV4&K|Gc3wO&KYqk^M9oosDFG&QvO&TbHe9TLKG-6l?!o8;xWBnxv}I7L9z5S=nm z)Pvt#>UETm`^~x;gN1V`&xlDeJ?xR6P{(`naqG^NH^~u7=*e3p9LPN>ZhO{dBcY>VK9R2$kCw@$35A|2G zx<#FLz^S{DQ7h-^3rO;j~^8A<7t=FzQ3hmkgo0#Z!U9*Quark}kxaUN6w- zSMA`Tol+Pdh_x1C>8=n#xhl$BS4Xkg`%&WD^z3x<+fCK zVOe}&U-heMF-vQp9!9JPq)-;ai=I6)u51BRtF8j2%{lU@BI75qe5D0&BR=@*y_$_q zSW|~7>I_~z+nuQrCODYVW4*fnW^9utf(Qzw;#IE7rIh;wW8HFrq;Kb)-;VM?ph`K+t zq*o>cxv85bi=C}7U((i(Eb6;Tas(1M%I4OHOfN9Wkw(jluFzjDBIP72H zVgJf&K#4hPE6w68NO#kV{e68YOD#kd5B9HI@|wS_?q}#*XZya3ugUy{Mh~%Qh+@E; z;)`Syk{tOHvj{|2y-Xs2*dRI8>t6PvX1$F-6U30v%vqqhbxyIDnTt+YqTufP$!=+x zwBL|&gVMt6R6*?vQM;ST(eW?WcWH4{6{7y8|2-+M=-!X~me;SVIG)K#yI9O36{>4t z5>o6745KD)V+=q{1IueWsIPt*6BRNPT`b6rfijg+W4jrXn(XpADfu5s>5^&AO7j~u zRlg<0w`6{!8@4Wb%`j0tmFc;qA?$=}A_p zus*iJlR3GdCjjqdsUpa`+9u89q%tv!GDZaPmpI}U(+Z-=Fg!!Hh9hp(ITQ&y5ryxEF;Ev4 zHiYbSyDEmrJ?q2H#J+}1h_znOKp-|n3IWIdLb9-?Yp_Zi7qge2CKM-g1FE78>0j!# zyC@NQRH>G;9+q>!oSQ?a28B`jP5lLeT$#ls1>B*V^ZhO?+9?i%Bo(OcQo){GN?Dx* zcV`n7^Mrt-v@%jgi1x`z+`l39C0>Vhs+X*6t!!=4^{_lHX%R`o3?oP@se4;mF0f#i4K9-X`F?XjQa=LPDwoi`dPASoU+ zQr~>JIcF}tJOC~(!eESTz5xMJLkfR(Gq=vQ}@^;M3Ml*xZMsy7AGNPtY6=i>G zi>_4dnpj?9PTC~N6WZG?4V*}NU|N>5hAL1UIqV^z`@ zw+~5SOX$&Zdest!rVzIeG@^7s<&{(uX3&z{d``^Mu<1bS0$eQx=niPNOq{5`J~xU< z8Z-vOL(`Q?MG0j;^5)tbwwZ%}J4n@$|2H7~p-t$E>RuQl%;=)Q9YW#Amkz`0Dv zWqo_3@?R!9m>qfdV(zDoym9D=^a5>sqYc57qhY&E(PM)41+Ihn~(omqn;udHT}?%oIQ9Ch;J9jNEhe%~lw; z@5>=1oqoVs*bKH%A2y|ZGvBmN(a=L8dR?r1by@;#B6@}ZQ@7ns1GSYm)Kiw24S{#t z!QNn#*%0t^vao;`6U2SFJc+r&sX;=?c{w?)woRv(R#ukNtHK@z_y|q&yzp~{S~@%Q zOA2&-gv)fq6}{`KVb>MVgt|8;+5_@)>7e{vV)>yzxn556GGkoQeOyMIJoWYY6WJRM zeP}$yUEg-Hra!X(FzjslUb~L&&Fo<6$zB(i5NhjttM~)MxJ!Or zIP{}G_C(G`GwRkm?Ku zRk|1m=eqqhl7=}@f~k8G&kxXH#da218X#|i-_dC~;iB|cUZpu{Wz?)}l)QXGR-AQM zky$39`nQvvLU9^Px$}LOBIj{mgC0U~`M`)^dmOtT^JPn~lNNht%#fO<2T{d!5tFpeN5I4gl?adg?*verzBju6ezBvt8bU?zHsRo>1GZR7iBGb4tTe$ z9eT=lPS%oI5wBPHg%a#ta`T8i=W)G5q1O2rZN=x;Lh$kn-{PxI_-YsE)3VsO=&*Hg zAD#?p!YxYsLto|IhUwXHRhsHF-jg6#7+uNbT;?FK<~-{zny)TojY@TK8FeR93|kvj z=Z!cbrN>MN_(qDz#SL>F4%)r-v9r<_PECRi_JL?q=+d=%pH7~tkYGMDDd0IBeR}dB z?oSW&K>9@ud|Fx+PxNqxx|gIu^iJA~g@1haO4GayBWR6?Z+!YI)S?dr9^$0is<-h5~9<+poL@T;uNkYwfgo1(JA}s zk@F?_2z(3f3?;~ng85z*r=%H7w7~dEsVf`w7SrXOpt0l9os0m7Ah8?hr*%vb^cIiG zhP^(1Eb%z9lmm7rOsX{uPG)l8%-h*<&tT3#Q&O`Uy@-xw^kiBJ^x=$cQS6{(KD&8R z_N4E*T4aflv(;y_i+iw>Hu&aXy{(%9;11 z{D7pTMd>OaR=3b?&HQkb@<;siH9MEIG-QYLfJCGR8>+kXIY`sp!tpVAtI)Rz+J)ZU zB$1%iMeCXBJvbTJ_M4fN{qCNRcT`ptT=ZW(V{a8k`Ka%MczI>-k{nZm$VS+Q;X-xK zvp1LZUnXA_;Q%}fAhA0k#DGL%7cUhx-A$IeOlp^G5$gJu?_riVA>?q{>v_xSBa^y1 z&;4UGoAM^R@lM!lHL-qO^r1r{KniJs2U}bnoZS)Da$MlS(^ss2GG#7H7Y96eQy?*- zM>es~qsI_7Y~wdvRUBDOtYt}N)0LNgtE3OGV4&%=1)?W3QnBW;an;9#7lk@6eZ@d2 z2|PAIiUW2Y2C!{=O!bnwQ4W>vs*RMgA~NlWpTW)v@6J(v)%ZY7K_u&=ljAs`=M(U% zfge>Jw0Rv+H-^hYR^UjE=v9XZkN%J-nWZXIvx`Ido?o4VBTTvQ-xfv}{Rj`YI8&i! z)h{calUWHrv1F=q2sBaf{w~U35W@ugmJ*P-M~wg_Y^5Ab+`(X!N&sfoGO#bcg;GE zQt3qu9G@cl)Wps0 z=Dxlu>6GP<%ffryIh7*QV15B)pp&ZNm4Vvn@-ua$P8xZa)1Rt`et{}?=>)P0eXmE0 zJ5MiUY8*>5IM#&d;C(Edan_sZA?IghVbETq&u;oz2@K_|;OAkx ztS(~s=*&v3F{F!?p~uPMouJDiM)!)V_BJiT&uG?6XtSH{Q6gZjq)Ab5UcgFc)s*IA zRYfxDdabNx(x)R}UOc4aiSR%tVxD5j8^~78-p1EKBEV1_Q)$&PMZVD6OAxVy)5pT+ zq?qF`IESojZJkZJ`WdBR|4~mrGg&C&Ei>}TLtPJ?PCEBA zm4S^QH8~CbsHe3ce+`6b-dEFS^=DUSF(}jK zr2|oNK58akI(?dO3*xv%zjH`OSa?i|44TDe)rb_%mGLN`dClx6(y`X9-iWJ=T83g; zvbB?>YM;LlFFH?{`p*P=>TnCe84Z7OvW+)K$@hno%Z5Ltg-!XFu!FEQmz^KGXD~6+ zO+qS_y0VI~dxxN!h5CxCqdc3$1?Rg4i&leJ|8V$2R%LTW&Ed&O^bOvDQiRKY$V>{F zRRlxwiwRzmH~qq|6Tav=$K=&e@=l(-PgliDTX`G+#ML4#@?-3wqWA3hbeLbWdoklg z-T!pLONYL;@De*mUvlAD4IuG;EBhRR%-w)@CmZnVBz~Ez{eNHOVopqG^~n2Q0YChX z9-;x|sgz=MI!z2CO?jos@7f)fUMHw_(;OKi1jp;-$b_bb6LP4k&LpN2BqXj@(tDis_1UT{u1Fx!DgVgF9-*rCL?5*rt-RVMQVje%j6R59r~Kx zv^d!ZhF(VasF<4bH+$PQTb?|}je(s`ejqA)po9rQB$6vp9Za~O-UiLq9*^UAVp=;^ j*?~kr4@gzs-BS?+&3<2&@soY4efeHEa33Fge@^@#t?)^a literal 0 HcmV?d00001 diff --git a/tee-worker/omni-executor/parentchain/listener/Cargo.toml b/tee-worker/omni-executor/parentchain/listener/Cargo.toml new file mode 100644 index 0000000000..7c1fc8ce71 --- /dev/null +++ b/tee-worker/omni-executor/parentchain/listener/Cargo.toml @@ -0,0 +1,17 @@ +[package] +name = "parentchain-listener" +version = "0.1.0" +authors = ['Trust Computing GmbH '] +edition.workspace = true + +[dependencies] +async-trait = { workspace = true } +executor-core = { path = "../../executor-core" } +log = { workspace = true } +parity-scale-codec = { workspace = true, features = ["derive"] } +scale-encode = "0.7.1" +subxt = "0.37.0" +tokio = { workspace = true, features = ["macros", "rt-multi-thread"] } + +[dev-dependencies] +env_logger = { workspace = true } diff --git a/tee-worker/omni-executor/parentchain/listener/src/event_handler.rs b/tee-worker/omni-executor/parentchain/listener/src/event_handler.rs new file mode 100644 index 0000000000..6ac81c4e60 --- /dev/null +++ b/tee-worker/omni-executor/parentchain/listener/src/event_handler.rs @@ -0,0 +1,122 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use crate::metadata::{MetadataProvider, SubxtMetadataProvider}; +use crate::primitives::BlockEvent; +use async_trait::async_trait; +use executor_core::event_handler::{Error, EventHandler}; +use executor_core::intention_executor::IntentionExecutor; +use executor_core::primitives::Intention; +use std::marker::PhantomData; +use subxt::ext::scale_decode; +use subxt::ext::scale_decode::DecodeAsFields; +use subxt::{Config, Metadata}; + +pub struct IntentionEventHandler< + MetadataT, + MetadataProviderT: MetadataProvider, + EthereumIntentionExecutorT: IntentionExecutor, +> { + metadata_provider: MetadataProviderT, + ethereum_intention_executor: EthereumIntentionExecutorT, + phantom_data: PhantomData, +} + +impl< + MetadataT, + MetadataProviderT: MetadataProvider, + EthereumIntentionExecutorT: IntentionExecutor, + > IntentionEventHandler +{ + pub fn new( + metadata_provider: MetadataProviderT, + ethereum_intention_executor: EthereumIntentionExecutorT, + ) -> Self { + Self { metadata_provider, ethereum_intention_executor, phantom_data: Default::default() } + } +} + +#[async_trait] +impl + EventHandler + for IntentionEventHandler, EthereumIntentionExecutorT> +{ + async fn handle(&self, event: BlockEvent) -> Result<(), Error> { + log::debug!("Handling block event: {:?}", event.id); + let metadata = self.metadata_provider.get(event.id.block_num).await; + + let pallet = metadata.pallet_by_name(&event.pallet_name).ok_or_else(move || { + log::error!( + "No pallet metadata found for event {} and pallet {} ", + event.id.block_num, + event.pallet_name + ); + Error::NonRecoverableError + })?; + let variant = pallet.event_variant_by_index(event.variant_index).ok_or_else(move || { + log::error!( + "No event variant metadata found for event {} and variant {}", + event.id.block_num, + event.variant_index + ); + Error::NonRecoverableError + })?; + + let mut fields = variant + .fields + .iter() + .map(|f| scale_decode::Field::new(f.ty.id, f.name.as_deref())); + + let decoded = + crate::litentry_rococo::omni_account::events::IntentionRequested::decode_as_fields( + &mut event.field_bytes.as_slice(), + &mut fields, + metadata.types(), + ) + .map_err(|_| { + log::error!("Could not decode event {:?}", event.id); + Error::NonRecoverableError + })?; + + let intention = match decoded.intention { + crate::litentry_rococo::runtime_types::core_primitives::intention::Intention::CallEthereum(call_ethereum) => { + Intention::CallEthereum(call_ethereum.address.to_fixed_bytes(), call_ethereum.input.0) + }, + crate::litentry_rococo::runtime_types::core_primitives::intention::Intention::TransferEthereum(transfer) => { + Intention::TransferEthereum(transfer.to.to_fixed_bytes(), transfer.value) + } + }; + + //to explicitly handle all intention variants + match intention { + Intention::CallEthereum(_, _) => { + self.ethereum_intention_executor.execute(intention).await.map_err(|e| { + // assume for now we can easily recover + log::error!("Error executing intention"); + Error::RecoverableError + })?; + }, + Intention::TransferEthereum(_, _) => { + self.ethereum_intention_executor.execute(intention).await.map_err(|e| { + // assume for now we can easily recover + log::error!("Error executing intention"); + Error::RecoverableError + })?; + }, + } + Ok(()) + } +} diff --git a/tee-worker/omni-executor/parentchain/listener/src/fetcher.rs b/tee-worker/omni-executor/parentchain/listener/src/fetcher.rs new file mode 100644 index 0000000000..c8f9264d5a --- /dev/null +++ b/tee-worker/omni-executor/parentchain/listener/src/fetcher.rs @@ -0,0 +1,86 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use crate::primitives::{BlockEvent, EventId}; +use crate::rpc_client::SubstrateRpcClient; +use crate::rpc_client::SubstrateRpcClientFactory; +use async_trait::async_trait; +use executor_core::fetcher::{EventsFetcher, LastFinalizedBlockNumFetcher}; +use log::error; + +/// Used for fetching data from parentchain +pub struct Fetcher< + RpcClient: SubstrateRpcClient, + RpcClientFactory: SubstrateRpcClientFactory, +> { + client_factory: RpcClientFactory, + client: Option, +} + +impl> + Fetcher +{ + pub fn new(client_factory: RpcClientFactory) -> Self { + Self { client: None, client_factory } + } + + async fn connect_if_needed(&mut self) { + if self.client.is_none() { + match self.client_factory.new_client().await { + Ok(client) => self.client = Some(client), + Err(e) => error!("Could not create client: {:?}", e), + } + } + } +} + +#[async_trait] +impl< + RpcClient: SubstrateRpcClient + Sync + Send, + RpcClientFactory: SubstrateRpcClientFactory + Sync + Send, + > LastFinalizedBlockNumFetcher for Fetcher +{ + async fn get_last_finalized_block_num(&mut self) -> Result, ()> { + self.connect_if_needed().await; + + if let Some(ref mut client) = self.client { + let block_num = client.get_last_finalized_block_num().await?; + Ok(Some(block_num)) + } else { + Err(()) + } + } +} + +#[async_trait] +impl< + RpcClient: SubstrateRpcClient + Sync + Send, + RpcClientFactory: SubstrateRpcClientFactory + Sync + Send, + > EventsFetcher for Fetcher +{ + async fn get_block_events(&mut self, block_num: u64) -> Result, ()> { + self.connect_if_needed().await; + + if let Some(ref mut client) = self.client { + client.get_block_events(block_num).await + // client.get_block_events(block_num).await.map(|events| { + // events.into_iter().map(|event| IntentionEvent::new(event.id)).collect() + // }) + } else { + Err(()) + } + } +} diff --git a/tee-worker/omni-executor/parentchain/listener/src/lib.rs b/tee-worker/omni-executor/parentchain/listener/src/lib.rs new file mode 100644 index 0000000000..7ef8f940d2 --- /dev/null +++ b/tee-worker/omni-executor/parentchain/listener/src/lib.rs @@ -0,0 +1,111 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +mod event_handler; +mod fetcher; +mod listener; +mod metadata; +mod primitives; +mod rpc_client; + +use crate::event_handler::IntentionEventHandler; +use crate::fetcher::Fetcher; +use crate::listener::ParentchainListener; +use crate::metadata::SubxtMetadataProvider; +use crate::rpc_client::{SubxtClient, SubxtClientFactory}; +use executor_core::intention_executor::IntentionExecutor; +use executor_core::listener::Listener; +use executor_core::sync_checkpoint_repository::FileCheckpointRepository; +use scale_encode::EncodeAsType; +use subxt::config::signed_extensions; +use subxt::Config; +use tokio::runtime::Handle; +use tokio::sync::oneshot::Receiver; + +// Generate an interface that we can use from the node's metadata. +#[subxt::subxt(runtime_metadata_path = "../artifacts/rococo-omni-account.scale")] +pub mod litentry_rococo {} + +// We don't need to construct this at runtime, +// so an empty enum is appropriate: +#[derive(EncodeAsType)] +pub enum CustomConfig {} + +//todo: adjust if needed +impl Config for CustomConfig { + type Hash = subxt::utils::H256; + type AccountId = subxt::utils::AccountId32; + type Address = subxt::utils::MultiAddress; + type Signature = subxt::utils::MultiSignature; + type Hasher = subxt::config::substrate::BlakeTwo256; + type Header = subxt::config::substrate::SubstrateHeader; + type ExtrinsicParams = signed_extensions::AnyOf< + Self, + ( + // Load in the existing signed extensions we're interested in + // (if the extension isn't actually needed it'll just be ignored): + signed_extensions::CheckSpecVersion, + signed_extensions::CheckTxVersion, + signed_extensions::CheckNonce, + signed_extensions::CheckGenesis, + signed_extensions::CheckMortality, + signed_extensions::ChargeAssetTxPayment, + signed_extensions::ChargeTransactionPayment, + signed_extensions::CheckMetadataHash, + ), + >; + type AssetId = u32; +} + +/// Creates parentchain listener +pub async fn create_listener< + ChainConfig: Config, + EthereumIntentionExecutorT: IntentionExecutor + Send + Sync, +>( + id: &str, + handle: Handle, + ws_rpc_endpoint: &str, + ethereum_intention_executor: EthereumIntentionExecutorT, + stop_signal: Receiver<()>, +) -> Result< + ParentchainListener< + SubxtClient, + SubxtClientFactory, + FileCheckpointRepository, + ChainConfig, + EthereumIntentionExecutorT, + >, + (), +> { + let client_factory: SubxtClientFactory = SubxtClientFactory::new(ws_rpc_endpoint); + + let fetcher = Fetcher::new(client_factory); + let last_processed_log_repository = + FileCheckpointRepository::new("data/parentchain_last_log.bin"); + + let metadata_provider = SubxtMetadataProvider::new(SubxtClientFactory::new(ws_rpc_endpoint)); + let intention_event_handler = + IntentionEventHandler::new(metadata_provider, ethereum_intention_executor); + + Listener::new( + id, + handle, + fetcher, + intention_event_handler, + stop_signal, + last_processed_log_repository, + ) +} diff --git a/tee-worker/omni-executor/parentchain/listener/src/listener.rs b/tee-worker/omni-executor/parentchain/listener/src/listener.rs new file mode 100644 index 0000000000..b32d65a93d --- /dev/null +++ b/tee-worker/omni-executor/parentchain/listener/src/listener.rs @@ -0,0 +1,40 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use crate::event_handler::IntentionEventHandler; +use crate::fetcher::Fetcher; +use crate::metadata::SubxtMetadataProvider; +use crate::primitives::SyncCheckpoint; +use crate::primitives::{BlockEvent, EventId}; +use executor_core::listener::Listener; +use subxt::Metadata; + +pub type IntentionEventId = EventId; + +pub type ParentchainListener< + RpcClient, + RpcClientFactory, + CheckpointRepository, + ChainConfig, + EthereumIntentionExecutor, +> = Listener< + Fetcher, + SyncCheckpoint, + CheckpointRepository, + IntentionEventId, + BlockEvent, + IntentionEventHandler, EthereumIntentionExecutor>, +>; diff --git a/tee-worker/omni-executor/parentchain/listener/src/metadata.rs b/tee-worker/omni-executor/parentchain/listener/src/metadata.rs new file mode 100644 index 0000000000..fbd0c9838f --- /dev/null +++ b/tee-worker/omni-executor/parentchain/listener/src/metadata.rs @@ -0,0 +1,45 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use crate::rpc_client::{SubstrateRpcClient, SubstrateRpcClientFactory, SubxtClientFactory}; +use async_trait::async_trait; +use parity_scale_codec::Decode; +use subxt::{Config, Metadata}; + +#[async_trait] +pub trait MetadataProvider { + async fn get(&self, block_num: u64) -> M; +} + +pub struct SubxtMetadataProvider { + client_factory: SubxtClientFactory, +} + +impl SubxtMetadataProvider { + pub fn new(client_factory: SubxtClientFactory) -> Self { + Self { client_factory } + } +} + +#[async_trait] +impl MetadataProvider for SubxtMetadataProvider { + async fn get(&self, block_num: u64) -> Metadata { + let mut client = self.client_factory.new_client().await.unwrap(); + let raw_metadata = client.get_raw_metadata(block_num).await.unwrap(); + + Metadata::decode(&mut raw_metadata.as_slice()).unwrap() + } +} diff --git a/tee-worker/omni-executor/parentchain/listener/src/primitives.rs b/tee-worker/omni-executor/parentchain/listener/src/primitives.rs new file mode 100644 index 0000000000..08e161e198 --- /dev/null +++ b/tee-worker/omni-executor/parentchain/listener/src/primitives.rs @@ -0,0 +1,122 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use crate::listener::IntentionEventId; +use executor_core::primitives::GetEventId; +use executor_core::sync_checkpoint_repository::Checkpoint; +use parity_scale_codec::{Decode, Encode}; + +/// Used to uniquely identify intention event on parentchain. +#[derive(Clone, Debug)] +pub struct EventId { + pub block_num: u64, + pub event_idx: u64, +} + +impl EventId { + pub fn new(block_num: u64, event_idx: u64) -> Self { + Self { block_num, event_idx } + } +} + +/// Represents parentchain sync checkpoint. +#[derive(Clone, Debug, PartialEq, Encode, Decode)] +pub struct SyncCheckpoint { + pub block_num: u64, + pub event_idx: Option, +} + +impl SyncCheckpoint { + pub fn new(block_num: u64, event_idx: Option) -> Self { + Self { block_num, event_idx } + } + + pub fn from_event_id(event_id: &EventId) -> Self { + Self::new(event_id.block_num, Some(event_id.event_idx)) + } + + pub fn from_block_num(block_num: u64) -> Self { + Self::new(block_num, None) + } + + pub fn just_block_num(&self) -> bool { + self.event_idx.is_none() + } +} + +impl Checkpoint for SyncCheckpoint { + fn just_block_num(&self) -> bool { + self.event_idx.is_none() + } + + fn get_block_num(&self) -> u64 { + self.block_num + } +} + +impl From for SyncCheckpoint { + fn from(block_num: u64) -> Self { + Self::from_block_num(block_num) + } +} + +impl From for SyncCheckpoint { + fn from(event_id: IntentionEventId) -> Self { + Self::from_event_id(&event_id) + } +} + +impl PartialOrd for SyncCheckpoint { + fn partial_cmp(&self, other: &Self) -> Option { + if self.block_num > other.block_num { + Some(std::cmp::Ordering::Greater) + } else if self.block_num < other.block_num { + Some(std::cmp::Ordering::Less) + } else if self.event_idx > other.event_idx { + Some(std::cmp::Ordering::Greater) + } else if self.event_idx < other.event_idx { + Some(std::cmp::Ordering::Less) + } else { + Some(std::cmp::Ordering::Equal) + } + } +} + +pub struct BlockEvent { + pub id: EventId, + pub pallet_name: String, + pub variant_name: String, + pub variant_index: u8, + pub field_bytes: Vec, +} + +impl BlockEvent { + pub fn new( + id: EventId, + pallet_name: String, + variant_name: String, + variant_index: u8, + field_bytes: Vec, + ) -> Self { + Self { id, pallet_name, variant_name, variant_index, field_bytes } + } +} + +impl GetEventId for BlockEvent { + fn get_event_id(&self) -> EventId { + self.id.clone() + } +} diff --git a/tee-worker/omni-executor/parentchain/listener/src/rpc_client.rs b/tee-worker/omni-executor/parentchain/listener/src/rpc_client.rs new file mode 100644 index 0000000000..a42f6b34f3 --- /dev/null +++ b/tee-worker/omni-executor/parentchain/listener/src/rpc_client.rs @@ -0,0 +1,137 @@ +// Copyright 2020-2024 Trust Computing GmbH. +// This file is part of Litentry. +// +// Litentry is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// Litentry is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with Litentry. If not, see . + +use crate::primitives::{BlockEvent, EventId}; +use async_trait::async_trait; +use parity_scale_codec::Encode; +use std::marker::PhantomData; +use std::ops::Deref; +use subxt::backend::legacy::LegacyRpcMethods; +use subxt::backend::BlockRef; +use subxt::config::Header; +use subxt::events::EventsClient; +use subxt::{Config, OnlineClient}; + +/// For fetching data from Substrate RPC node +#[async_trait] +pub trait SubstrateRpcClient { + async fn get_last_finalized_block_num(&mut self) -> Result; + async fn get_block_events(&mut self, block_num: u64) -> Result, ()>; + async fn get_raw_metadata(&mut self, block_num: u64) -> Result, ()>; +} + +pub struct SubxtClient { + legacy: LegacyRpcMethods, + events: EventsClient>, +} + +impl SubxtClient {} + +#[async_trait] +impl SubstrateRpcClient for SubxtClient { + async fn get_last_finalized_block_num(&mut self) -> Result { + let finalized_header = self.legacy.chain_get_finalized_head().await.map_err(|_| ())?; + match self.legacy.chain_get_header(Some(finalized_header)).await.map_err(|_| ())? { + Some(header) => Ok(header.number().into()), + None => Err(()), + } + } + async fn get_block_events(&mut self, block_num: u64) -> Result, ()> { + match self.legacy.chain_get_block_hash(Some(block_num.into())).await.map_err(|_| ())? { + Some(hash) => { + let events = self.events.at(BlockRef::from_hash(hash)).await.map_err(|_| ())?; + Ok(events + .iter() + .enumerate() + .map(|(i, event)| { + let event = event.unwrap(); + BlockEvent::new( + EventId::new(block_num, i as u64), + event.pallet_name().to_string(), + event.variant_name().to_string(), + event.variant_index(), + event.field_bytes().to_vec(), + ) + }) + .collect()) + }, + None => Err(()), + } + } + + async fn get_raw_metadata(&mut self, block_num: u64) -> Result, ()> { + let maybe_hash = + self.legacy.chain_get_block_hash(Some(block_num.into())).await.map_err(|_| ())?; + Ok(self.legacy.state_get_metadata(maybe_hash).await.unwrap().deref().encode()) + } +} + +pub struct MockedRpcClient { + block_num: u64, +} + +#[async_trait] +impl SubstrateRpcClient for MockedRpcClient { + async fn get_last_finalized_block_num(&mut self) -> Result { + Ok(self.block_num) + } + + async fn get_block_events(&mut self, _block_num: u64) -> Result, ()> { + Ok(vec![]) + } + + async fn get_raw_metadata(&mut self, _block_num: u64) -> Result, ()> { + Ok(vec![]) + } +} + +#[async_trait] +pub trait SubstrateRpcClientFactory { + async fn new_client(&self) -> Result; +} + +pub struct SubxtClientFactory { + url: String, + _phantom: PhantomData, +} + +impl SubxtClientFactory { + pub fn new(url: &str) -> Self { + Self { url: url.to_string(), _phantom: PhantomData } + } +} + +#[async_trait] +impl SubstrateRpcClientFactory> + for SubxtClientFactory +{ + async fn new_client(&self) -> Result, ()> { + let rpc_client = subxt::backend::rpc::RpcClient::from_insecure_url(self.url.clone()) + .await + .map_err(|e| { + log::error!("Could not create RpcClient: {:?}", e); + })?; + let legacy = LegacyRpcMethods::new(rpc_client); + + let online_client = + OnlineClient::from_insecure_url(self.url.clone()).await.map_err(|e| { + log::error!("Could not create OnlineClient: {:?}", e); + })?; + let events = online_client.events(); + + Ok(SubxtClient { legacy, events }) + } +} diff --git a/tee-worker/omni-executor/rust-toolchain.toml b/tee-worker/omni-executor/rust-toolchain.toml new file mode 100644 index 0000000000..c72b613e98 --- /dev/null +++ b/tee-worker/omni-executor/rust-toolchain.toml @@ -0,0 +1,3 @@ +[toolchain] +channel = "1.79" +profile = "default" # include rustfmt, clippy From 2b751530b8fcf699bc4c24e990f5826e4f88fa40 Mon Sep 17 00:00:00 2001 From: Kai <7630809+Kailai-Wang@users.noreply.github.com> Date: Fri, 18 Oct 2024 09:44:07 +0200 Subject: [PATCH 17/17] Skip sidechain block import confirmation (#3134) * Skip sidechain block import confirmation * use consistent url crate in enclave * try to address crate version in lockfile --- tee-worker/Cargo.lock | 26 ++++----- tee-worker/Cargo.toml | 2 +- .../bitacross/enclave-runtime/Cargo.lock | 54 +++---------------- .../bitacross/enclave-runtime/Cargo.toml | 2 +- .../core/tls-websocket-server/Cargo.toml | 2 +- .../identity/enclave-runtime/Cargo.lock | 8 +-- .../identity/enclave-runtime/Cargo.toml | 2 +- .../consensus/common/src/peer_block_sync.rs | 12 +++-- 8 files changed, 37 insertions(+), 71 deletions(-) diff --git a/tee-worker/Cargo.lock b/tee-worker/Cargo.lock index ff5fab9d0f..030f39a120 100644 --- a/tee-worker/Cargo.lock +++ b/tee-worker/Cargo.lock @@ -480,7 +480,7 @@ dependencies = [ "sgx_tstd", "tungstenite 0.14.0", "tungstenite 0.15.0", - "url 2.5.0 (git+https://github.com/domenukk/rust-url?branch=no_std)", + "url 2.5.0 (git+https://github.com/domenukk/rust-url?rev=316c868)", "webpki 0.21.4 (registry+https://github.com/rust-lang/crates.io-index)", "webpki 0.21.4 (git+https://github.com/mesalock-linux/webpki?branch=mesalock_sgx)", ] @@ -2353,9 +2353,9 @@ dependencies = [ [[package]] name = "form_urlencoded" version = "1.2.1" -source = "git+https://github.com/domenukk/rust-url?branch=no_std#316c8683206f3cb741163779bb30963fa05b3612" +source = "git+https://github.com/domenukk/rust-url?rev=316c868#316c8683206f3cb741163779bb30963fa05b3612" dependencies = [ - "percent-encoding 2.3.1 (git+https://github.com/domenukk/rust-url?branch=no_std)", + "percent-encoding 2.3.1 (git+https://github.com/domenukk/rust-url?rev=316c868)", ] [[package]] @@ -3359,7 +3359,7 @@ dependencies = [ "sgx_tstd", "tungstenite 0.14.0", "tungstenite 0.15.0", - "url 2.5.0 (git+https://github.com/domenukk/rust-url?branch=no_std)", + "url 2.5.0 (git+https://github.com/domenukk/rust-url?rev=316c868)", "webpki 0.21.4 (registry+https://github.com/rust-lang/crates.io-index)", "webpki 0.21.4 (git+https://github.com/mesalock-linux/webpki?branch=mesalock_sgx)", ] @@ -3631,7 +3631,7 @@ dependencies = [ [[package]] name = "idna" version = "0.5.0" -source = "git+https://github.com/domenukk/rust-url?branch=no_std#316c8683206f3cb741163779bb30963fa05b3612" +source = "git+https://github.com/domenukk/rust-url?rev=316c868#316c8683206f3cb741163779bb30963fa05b3612" dependencies = [ "unicode-bidi 0.3.13", "unicode-normalization 0.1.22", @@ -3854,7 +3854,7 @@ dependencies = [ "sgx_tstd", "thiserror 1.0.44", "thiserror 1.0.9", - "url 2.5.0 (git+https://github.com/domenukk/rust-url?branch=no_std)", + "url 2.5.0 (git+https://github.com/domenukk/rust-url?rev=316c868)", ] [[package]] @@ -5069,7 +5069,7 @@ dependencies = [ "sgx_tstd", "thiserror 1.0.44", "thiserror 1.0.9", - "url 2.5.0 (git+https://github.com/domenukk/rust-url?branch=no_std)", + "url 2.5.0 (git+https://github.com/domenukk/rust-url?rev=316c868)", ] [[package]] @@ -5163,7 +5163,7 @@ dependencies = [ "sgx_tstd", "sp-core", "thiserror 1.0.9", - "url 2.5.0 (git+https://github.com/domenukk/rust-url?branch=no_std)", + "url 2.5.0 (git+https://github.com/domenukk/rust-url?rev=316c868)", ] [[package]] @@ -6851,7 +6851,7 @@ checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" [[package]] name = "percent-encoding" version = "2.3.1" -source = "git+https://github.com/domenukk/rust-url?branch=no_std#316c8683206f3cb741163779bb30963fa05b3612" +source = "git+https://github.com/domenukk/rust-url?rev=316c868#316c8683206f3cb741163779bb30963fa05b3612" [[package]] name = "pest" @@ -9944,12 +9944,12 @@ dependencies = [ [[package]] name = "url" version = "2.5.0" -source = "git+https://github.com/domenukk/rust-url?branch=no_std#316c8683206f3cb741163779bb30963fa05b3612" +source = "git+https://github.com/domenukk/rust-url?rev=316c868#316c8683206f3cb741163779bb30963fa05b3612" dependencies = [ - "form_urlencoded 1.2.1 (git+https://github.com/domenukk/rust-url?branch=no_std)", - "idna 0.5.0 (git+https://github.com/domenukk/rust-url?branch=no_std)", + "form_urlencoded 1.2.1 (git+https://github.com/domenukk/rust-url?rev=316c868)", + "idna 0.5.0 (git+https://github.com/domenukk/rust-url?rev=316c868)", "no-std-net", - "percent-encoding 2.3.1 (git+https://github.com/domenukk/rust-url?branch=no_std)", + "percent-encoding 2.3.1 (git+https://github.com/domenukk/rust-url?rev=316c868)", ] [[package]] diff --git a/tee-worker/Cargo.toml b/tee-worker/Cargo.toml index 64d89bec74..19de9160a1 100644 --- a/tee-worker/Cargo.toml +++ b/tee-worker/Cargo.toml @@ -153,7 +153,7 @@ musig2 = { git = "https://github.com/kziemianek/musig2", branch = "master", feat rlp = { version = "0.5", default-features = false } sha3 = { version = "0.10", default-features = false } -url = { git = "https://github.com/domenukk/rust-url", branch = "no_std", default-features = false, features = ["alloc", "no_std_net"] } +url = { git = "https://github.com/domenukk/rust-url", rev = "316c868", default-features = false, features = ["alloc", "no_std_net"] } substrate-api-client = { git = "https://github.com/scs/substrate-api-client", branch = "polkadot-v0.9.42-tag-v0.14.0", default-features = false, features = ["sync-api"] } substrate-client-keystore = { git = "https://github.com/scs/substrate-api-client.git", branch = "polkadot-v0.9.42-tag-v0.14.0" } diff --git a/tee-worker/bitacross/enclave-runtime/Cargo.lock b/tee-worker/bitacross/enclave-runtime/Cargo.lock index c6e9aa1a46..f51264201a 100644 --- a/tee-worker/bitacross/enclave-runtime/Cargo.lock +++ b/tee-worker/bitacross/enclave-runtime/Cargo.lock @@ -988,7 +988,6 @@ dependencies = [ "serde 1.0.204", "serde_json 1.0.120", "sp-core", - "sp-core-hashing", "sp-io", "sp-runtime", "sp-std", @@ -1110,11 +1109,6 @@ version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c2e66c9d817f1720209181c316d28635c050fa304f9c79e47a520882661b7308" -[[package]] -name = "data-url" -version = "0.2.0" -source = "git+https://github.com/integritee-network/rust-url?branch=sgx-no-std#947f64c7b03d6817dd725dfb7c436c27e316e35d" - [[package]] name = "der" version = "0.6.1" @@ -1335,7 +1329,7 @@ dependencies = [ "sgx_types", "sp-core", "sp-runtime", - "url 2.3.1", + "url 2.5.0", "webpki", ] @@ -1542,18 +1536,10 @@ version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" -[[package]] -name = "form_urlencoded" -version = "1.1.0" -source = "git+https://github.com/integritee-network/rust-url?branch=sgx-no-std#947f64c7b03d6817dd725dfb7c436c27e316e35d" -dependencies = [ - "percent-encoding 2.2.0", -] - [[package]] name = "form_urlencoded" version = "1.2.1" -source = "git+https://github.com/domenukk/rust-url?branch=no_std#316c8683206f3cb741163779bb30963fa05b3612" +source = "git+https://github.com/domenukk/rust-url?rev=316c868#316c8683206f3cb741163779bb30963fa05b3612" dependencies = [ "percent-encoding 2.3.1", ] @@ -2073,19 +2059,10 @@ dependencies = [ "unicode-normalization 0.1.12", ] -[[package]] -name = "idna" -version = "0.3.0" -source = "git+https://github.com/integritee-network/rust-url?branch=sgx-no-std#947f64c7b03d6817dd725dfb7c436c27e316e35d" -dependencies = [ - "unicode-bidi 0.3.15", - "unicode-normalization 0.1.23", -] - [[package]] name = "idna" version = "0.5.0" -source = "git+https://github.com/domenukk/rust-url?branch=no_std#316c8683206f3cb741163779bb30963fa05b3612" +source = "git+https://github.com/domenukk/rust-url?rev=316c868#316c8683206f3cb741163779bb30963fa05b3612" dependencies = [ "unicode-bidi 0.3.15", "unicode-normalization 0.1.23", @@ -2557,7 +2534,7 @@ dependencies = [ "frame-support", "hash-db 0.15.2", "itp-types", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "parity-scale-codec", "sgx_tstd", "sp-core", @@ -3254,15 +3231,10 @@ name = "percent-encoding" version = "2.1.0" source = "git+https://github.com/mesalock-linux/rust-url-sgx?tag=sgx_1.1.3#23832f3191456c2d4a0faab10952e1747be58ca8" -[[package]] -name = "percent-encoding" -version = "2.2.0" -source = "git+https://github.com/integritee-network/rust-url?branch=sgx-no-std#947f64c7b03d6817dd725dfb7c436c27e316e35d" - [[package]] name = "percent-encoding" version = "2.3.1" -source = "git+https://github.com/domenukk/rust-url?branch=no_std#316c8683206f3cb741163779bb30963fa05b3612" +source = "git+https://github.com/domenukk/rust-url?rev=316c868#316c8683206f3cb741163779bb30963fa05b3612" [[package]] name = "pin-project-lite" @@ -5112,24 +5084,12 @@ dependencies = [ "sgx_tstd", ] -[[package]] -name = "url" -version = "2.3.1" -source = "git+https://github.com/integritee-network/rust-url?branch=sgx-no-std#947f64c7b03d6817dd725dfb7c436c27e316e35d" -dependencies = [ - "data-url", - "form_urlencoded 1.1.0", - "idna 0.3.0", - "no-std-net", - "percent-encoding 2.2.0", -] - [[package]] name = "url" version = "2.5.0" -source = "git+https://github.com/domenukk/rust-url?branch=no_std#316c8683206f3cb741163779bb30963fa05b3612" +source = "git+https://github.com/domenukk/rust-url?rev=316c868#316c8683206f3cb741163779bb30963fa05b3612" dependencies = [ - "form_urlencoded 1.2.1", + "form_urlencoded", "idna 0.5.0", "no-std-net", "percent-encoding 2.3.1", diff --git a/tee-worker/bitacross/enclave-runtime/Cargo.toml b/tee-worker/bitacross/enclave-runtime/Cargo.toml index b7bf21eaaf..466adb9977 100644 --- a/tee-worker/bitacross/enclave-runtime/Cargo.toml +++ b/tee-worker/bitacross/enclave-runtime/Cargo.toml @@ -66,7 +66,7 @@ hex = { version = "0.4.3", default-features = false, features = ["alloc"] } ipfs-unixfs = { default-features = false, git = "https://github.com/whalelephant/rust-ipfs", branch = "w-nstd" } lazy_static = { version = "1.1.0", features = ["spin_no_std"] } primitive-types = { version = "0.12.1", default-features = false, features = ["codec", "serde_no_std"] } -url = { git = "https://github.com/integritee-network/rust-url", branch = "sgx-no-std", default-features = false, features = ["alloc"] } +url = { git = "https://github.com/domenukk/rust-url", rev = "316c868", default-features = false, features = ["alloc", "no_std_net"] } # scs / integritee jsonrpc-core = { default-features = false, git = "https://github.com/scs/jsonrpc", branch = "no_std_v18" } diff --git a/tee-worker/common/core/tls-websocket-server/Cargo.toml b/tee-worker/common/core/tls-websocket-server/Cargo.toml index 09f648f951..fe0120c2d8 100644 --- a/tee-worker/common/core/tls-websocket-server/Cargo.toml +++ b/tee-worker/common/core/tls-websocket-server/Cargo.toml @@ -32,7 +32,7 @@ sp-core = { workspace = true, features = ["full_crypto"] } [dev-dependencies] env_logger = { workspace = true } rustls = { workspace = true, features = ["dangerous_configuration"] } -url = { version = "2.0.0" } # no workspace dep +url = { version = "2.0.0" } [features] default = ["std"] diff --git a/tee-worker/identity/enclave-runtime/Cargo.lock b/tee-worker/identity/enclave-runtime/Cargo.lock index 3852a51f84..a797f4427c 100644 --- a/tee-worker/identity/enclave-runtime/Cargo.lock +++ b/tee-worker/identity/enclave-runtime/Cargo.lock @@ -1272,7 +1272,7 @@ checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" [[package]] name = "form_urlencoded" version = "1.2.1" -source = "git+https://github.com/domenukk/rust-url?branch=no_std#316c8683206f3cb741163779bb30963fa05b3612" +source = "git+https://github.com/domenukk/rust-url?rev=316c868#316c8683206f3cb741163779bb30963fa05b3612" dependencies = [ "percent-encoding 2.3.1", ] @@ -2096,7 +2096,7 @@ dependencies = [ [[package]] name = "idna" version = "0.5.0" -source = "git+https://github.com/domenukk/rust-url?branch=no_std#316c8683206f3cb741163779bb30963fa05b3612" +source = "git+https://github.com/domenukk/rust-url?rev=316c868#316c8683206f3cb741163779bb30963fa05b3612" dependencies = [ "unicode-bidi 0.3.15", "unicode-normalization 0.1.23", @@ -3839,7 +3839,7 @@ source = "git+https://github.com/mesalock-linux/rust-url-sgx?tag=sgx_1.1.3#23832 [[package]] name = "percent-encoding" version = "2.3.1" -source = "git+https://github.com/domenukk/rust-url?branch=no_std#316c8683206f3cb741163779bb30963fa05b3612" +source = "git+https://github.com/domenukk/rust-url?rev=316c868#316c8683206f3cb741163779bb30963fa05b3612" [[package]] name = "pin-project-lite" @@ -5721,7 +5721,7 @@ dependencies = [ [[package]] name = "url" version = "2.5.0" -source = "git+https://github.com/domenukk/rust-url?branch=no_std#316c8683206f3cb741163779bb30963fa05b3612" +source = "git+https://github.com/domenukk/rust-url?rev=316c868#316c8683206f3cb741163779bb30963fa05b3612" dependencies = [ "form_urlencoded", "idna 0.5.0", diff --git a/tee-worker/identity/enclave-runtime/Cargo.toml b/tee-worker/identity/enclave-runtime/Cargo.toml index efa9ed93bb..5924ae3dad 100644 --- a/tee-worker/identity/enclave-runtime/Cargo.toml +++ b/tee-worker/identity/enclave-runtime/Cargo.toml @@ -78,7 +78,7 @@ hex = { version = "0.4.3", default-features = false, features = ["alloc"] } ipfs-unixfs = { default-features = false, git = "https://github.com/whalelephant/rust-ipfs", branch = "w-nstd" } lazy_static = { version = "1.1.0", features = ["spin_no_std"] } primitive-types = { version = "0.12.1", default-features = false, features = ["codec", "serde_no_std"] } -url = { git = "https://github.com/domenukk/rust-url", branch = "no_std", default-features = false, features = ["alloc", "no_std_net"] } +url = { git = "https://github.com/domenukk/rust-url", rev = "316c868", default-features = false, features = ["alloc", "no_std_net"] } # scs / integritee jsonrpc-core = { default-features = false, git = "https://github.com/scs/jsonrpc", branch = "no_std_v18" } diff --git a/tee-worker/identity/sidechain/consensus/common/src/peer_block_sync.rs b/tee-worker/identity/sidechain/consensus/common/src/peer_block_sync.rs index 481714a878..866888e38c 100644 --- a/tee-worker/identity/sidechain/consensus/common/src/peer_block_sync.rs +++ b/tee-worker/identity/sidechain/consensus/common/src/peer_block_sync.rs @@ -55,6 +55,7 @@ where } /// Sidechain peer block sync implementation. +#[allow(dead_code)] pub struct PeerBlockSync< ParentchainBlock, SignedSidechainBlock, @@ -218,9 +219,14 @@ where // We confirm the successful block import. Only in this case, not when we're in // on-boarding and importing blocks that were fetched from a peer. - if let Err(e) = self.import_confirmation_handler.confirm_import(sidechain_block.block().header(), &shard_identifier) { - error!("Failed to confirm sidechain block import: {:?}", e); - } + // + // Litentry: disable it for now, see P-1091 + // the parachain storage is not updated upon shard migration, so submitting this extrinsic with new shard will fail. + // Additionally, confirmation of sidechain block import doesn't bring anything right now + // + // if let Err(e) = self.import_confirmation_handler.confirm_import(sidechain_block.block().header(), &shard_identifier) { + // error!("Failed to confirm sidechain block import: {:?}", e); + // } Ok(latest_parentchain_header) },