One-time command to upload the current idgraph to parachain (#3131)

* relocate aes key * add skeleton * small update * init * add cli * fix param parsing * update lockfile * fix bug * use subcommand * remove rpc * fix clippy * fix clippy * fix test
litentry · Oct 18, 2024 · 7ead80a · 7ead80a
1 parent 2fd6307
commit 7ead80a
Show file tree

Hide file tree

Showing 30 changed files with 634 additions and 208 deletions.
diff --git a/common/primitives/core/src/omni_account.rs b/common/primitives/core/src/omni_account.rs
@@ -17,8 +17,7 @@
 use crate::{AccountId, Hash, Identity, Vec};
 use parity_scale_codec::{Decode, Encode};
 use scale_info::TypeInfo;
-use sp_io::hashing::blake2_256;
-use sp_runtime::{BoundedVec, RuntimeDebug};
+use sp_runtime::RuntimeDebug;
 
 #[derive(Encode, Decode, TypeInfo, Clone, PartialEq, Eq, RuntimeDebug)]
 pub enum MemberAccount {

diff --git a/parachain/pallets/omni-account/src/lib.rs b/parachain/pallets/omni-account/src/lib.rs
@@ -55,7 +55,6 @@ pub enum RawOrigin<AccountId> {
 pub mod pallet {
 	use super::*;
 
-	/// The current storage version.
 	const STORAGE_VERSION: StorageVersion = StorageVersion::new(0);
 
 	#[pallet::pallet]
@@ -127,6 +126,8 @@ pub mod pallet {
 		AccountRemoved { who: T::AccountId, member_account_hashes: Vec<H256> },
 		/// Some member account is made public
 		AccountMadePublic { who: T::AccountId, member_account_hash: H256 },
+		/// An account store is updated
+		AccountStoreUpdated { who: T::AccountId },
 		/// Some call is dispatched as omni-account origin
 		DispatchedAsOmniAccount { who: T::AccountId, result: DispatchResult },
 		/// Some call is dispatched as signed origin
@@ -154,7 +155,7 @@ pub mod pallet {
 			origin: OriginFor<T>,
 			member_account_hash: H256,
 			call: Box<<T as Config>::RuntimeCall>,
-		) -> DispatchResult {
+		) -> DispatchResultWithPostInfo {
 			let _ = T::TEECallOrigin::ensure_origin(origin)?;
 			let omni_account = MemberAccountHash::<T>::get(member_account_hash)
 				.ok_or(Error::<T>::AccountNotFound)?;
@@ -163,7 +164,7 @@ pub mod pallet {
 				who: omni_account,
 				result: result.map(|_| ()).map_err(|e| e.error),
 			});
-			Ok(())
+			Ok(Pays::No.into())
 		}
 
 		// dispatch the `call` as the standard (frame_system) signed origin
@@ -174,7 +175,7 @@ pub mod pallet {
 			origin: OriginFor<T>,
 			member_account_hash: H256,
 			call: Box<<T as Config>::RuntimeCall>,
-		) -> DispatchResult {
+		) -> DispatchResultWithPostInfo {
 			let _ = T::TEECallOrigin::ensure_origin(origin)?;
 			let omni_account = MemberAccountHash::<T>::get(member_account_hash)
 				.ok_or(Error::<T>::AccountNotFound)?;
@@ -186,30 +187,19 @@ pub mod pallet {
 				who: omni_account,
 				result: result.map(|_| ()).map_err(|e| e.error),
 			});
-			Ok(())
+			Ok(Pays::No.into())
 		}
 
 		#[pallet::call_index(2)]
 		#[pallet::weight((195_000_000, DispatchClass::Normal))]
-		pub fn create_account_store(origin: OriginFor<T>, identity: Identity) -> DispatchResult {
+		pub fn create_account_store(
+			origin: OriginFor<T>,
+			identity: Identity,
+		) -> DispatchResultWithPostInfo {
 			// initial creation request has to come from `TEECallOrigin`
 			let _ = T::TEECallOrigin::ensure_origin(origin)?;
-			let hash = identity.hash();
-			let omni_account = T::OmniAccountConverter::convert(&identity);
-
-			ensure!(!MemberAccountHash::<T>::contains_key(hash), Error::<T>::AccountAlreadyAdded);
-
-			let mut member_accounts: MemberAccounts<T> = BoundedVec::new();
-			member_accounts
-				.try_push(identity.into())
-				.map_err(|_| Error::<T>::AccountStoreLenLimitReached)?;
-
-			MemberAccountHash::<T>::insert(hash, omni_account.clone());
-			AccountStore::<T>::insert(omni_account.clone(), member_accounts);
-
-			Self::deposit_event(Event::AccountStoreCreated { who: omni_account });
-
-			Ok(())
+			let _ = Self::do_create_account_store(identity)?;
+			Ok(Pays::No.into())
 		}
 
 		#[pallet::call_index(3)]
@@ -305,6 +295,57 @@ pub mod pallet {
 			Self::deposit_event(Event::IntentionRequested { who, intention });
 			Ok(())
 		}
+
+		/// temporary extrinsic to upload the existing IDGraph from the worker onto chain
+		#[pallet::call_index(7)]
+		#[pallet::weight((195_000_000, DispatchClass::Normal))]
+		pub fn update_account_store_by_one(
+			origin: OriginFor<T>,
+			who: Identity,
+			member_account: MemberAccount,
+		) -> DispatchResultWithPostInfo {
+			let _ = T::TEECallOrigin::ensure_origin(origin.clone())?;
+
+			let who_account = T::OmniAccountConverter::convert(&who);
+
+			let mut member_accounts = match AccountStore::<T>::get(&who_account) {
+				Some(s) => s,
+				None => Self::do_create_account_store(who)?,
+			};
+
+			if !member_accounts.contains(&member_account) {
+				member_accounts
+					.try_push(member_account.clone())
+					.map_err(|_| Error::<T>::AccountStoreLenLimitReached)?;
+			}
+
+			MemberAccountHash::<T>::insert(member_account.hash(), who_account.clone());
+			AccountStore::<T>::insert(who_account.clone(), member_accounts);
+			Self::deposit_event(Event::AccountStoreUpdated { who: who_account });
+
+			Ok(Pays::No.into())
+		}
+	}
+
+	impl<T: Config> Pallet<T> {
+		fn do_create_account_store(identity: Identity) -> Result<MemberAccounts<T>, Error<T>> {
+			let hash = identity.hash();
+			let omni_account = T::OmniAccountConverter::convert(&identity);
+
+			ensure!(!MemberAccountHash::<T>::contains_key(hash), Error::<T>::AccountAlreadyAdded);
+
+			let mut member_accounts: MemberAccounts<T> = BoundedVec::new();
+			member_accounts
+				.try_push(identity.into())
+				.map_err(|_| Error::<T>::AccountStoreLenLimitReached)?;
+
+			MemberAccountHash::<T>::insert(hash, omni_account.clone());
+			AccountStore::<T>::insert(omni_account.clone(), member_accounts.clone());
+
+			Self::deposit_event(Event::AccountStoreCreated { who: omni_account });
+
+			Ok(member_accounts)
+		}
 	}
 }
 

diff --git a/tee-worker/Cargo.lock b/tee-worker/Cargo.lock
diff --git a/tee-worker/bitacross/app-libs/stf/src/trusted_call.rs b/tee-worker/bitacross/app-libs/stf/src/trusted_call.rs
@@ -38,7 +38,7 @@ use itp_types::{
 use itp_utils::stringify::account_id_to_string;
 pub use litentry_primitives::{
 	aes_encrypt_default, AesOutput, Identity, LitentryMultiSignature, ParentchainBlockNumber,
-	RequestAesKey, RequestAesKeyNonce, ValidationData,
+	RequestAesKey, ValidationData,
 };
 use log::*;
 use sp_core::{

diff --git a/tee-worker/bitacross/enclave-runtime/Cargo.lock b/tee-worker/bitacross/enclave-runtime/Cargo.lock
diff --git a/tee-worker/common/core-primitives/node-api/metadata/src/lib.rs b/tee-worker/common/core-primitives/node-api/metadata/src/lib.rs
@@ -22,9 +22,10 @@
 use crate::{
 	error::Result, pallet_balances::BalancesCallIndexes, pallet_bitacross::BitAcrossCallIndexes,
 	pallet_evm_assertion::EvmAssertionsCallIndexes, pallet_imp::IMPCallIndexes,
-	pallet_proxy::ProxyCallIndexes, pallet_system::SystemConstants,
-	pallet_teebag::TeebagCallIndexes, pallet_timestamp::TimestampCallIndexes,
-	pallet_utility::UtilityCallIndexes, pallet_vcmp::VCMPCallIndexes,
+	pallet_omni_account::OmniAccountCallIndexes, pallet_proxy::ProxyCallIndexes,
+	pallet_system::SystemConstants, pallet_teebag::TeebagCallIndexes,
+	pallet_timestamp::TimestampCallIndexes, pallet_utility::UtilityCallIndexes,
+	pallet_vcmp::VCMPCallIndexes,
 };
 use codec::{Decode, Encode};
 use sp_core::storage::StorageKey;
@@ -37,6 +38,7 @@ pub mod pallet_balances;
 pub mod pallet_bitacross;
 pub mod pallet_evm_assertion;
 pub mod pallet_imp;
+pub mod pallet_omni_account;
 pub mod pallet_proxy;
 pub mod pallet_system;
 pub mod pallet_teebag;
@@ -60,6 +62,7 @@ pub trait NodeMetadataTrait:
 	+ TimestampCallIndexes
 	+ EvmAssertionsCallIndexes
 	+ BitAcrossCallIndexes
+	+ OmniAccountCallIndexes
 {
 }
 
@@ -73,7 +76,8 @@ impl<
 			+ BalancesCallIndexes
 			+ TimestampCallIndexes
 			+ EvmAssertionsCallIndexes
-			+ BitAcrossCallIndexes,
+			+ BitAcrossCallIndexes
+			+ OmniAccountCallIndexes,
 	> NodeMetadataTrait for T
 {
 }

diff --git a/tee-worker/common/core-primitives/node-api/metadata/src/metadata_mocks.rs b/tee-worker/common/core-primitives/node-api/metadata/src/metadata_mocks.rs
@@ -18,9 +18,10 @@
 use crate::{
 	error::Result, pallet_balances::BalancesCallIndexes, pallet_bitacross::BitAcrossCallIndexes,
 	pallet_evm_assertion::EvmAssertionsCallIndexes, pallet_imp::IMPCallIndexes,
-	pallet_proxy::ProxyCallIndexes, pallet_system::SystemConstants,
-	pallet_teebag::TeebagCallIndexes, pallet_timestamp::TimestampCallIndexes,
-	pallet_utility::UtilityCallIndexes, pallet_vcmp::VCMPCallIndexes, runtime_call::RuntimeCall,
+	pallet_omni_account::OmniAccountCallIndexes, pallet_proxy::ProxyCallIndexes,
+	pallet_system::SystemConstants, pallet_teebag::TeebagCallIndexes,
+	pallet_timestamp::TimestampCallIndexes, pallet_utility::UtilityCallIndexes,
+	pallet_vcmp::VCMPCallIndexes, runtime_call::RuntimeCall,
 };
 use codec::{Decode, Encode};
 
@@ -95,6 +96,12 @@ pub struct NodeMetadataMock {
 	btc_wallet_generated: u8,
 	eth_wallet_generated: u8,
 	ton_wallet_generated: u8,
+
+	omni_account_module: u8,
+	dispatch_as_omni_account: u8,
+	dispatch_as_signed: u8,
+	create_account_store: u8,
+	update_account_store_by_one: u8,
 }
 
 impl NodeMetadataMock {
@@ -157,6 +164,12 @@ impl NodeMetadataMock {
 			btc_wallet_generated: 2u8,
 			eth_wallet_generated: 3u8,
 			ton_wallet_generated: 4u8,
+
+			omni_account_module: 70u8,
+			dispatch_as_omni_account: 0u8,
+			dispatch_as_signed: 1u8,
+			create_account_store: 2u8,
+			update_account_store_by_one: 3u8,
 		}
 	}
 }
@@ -346,3 +359,21 @@ impl EvmAssertionsCallIndexes for NodeMetadataMock {
 		Ok([self.evm_assertions_module, self.evm_assertions_void_assertion])
 	}
 }
+
+impl OmniAccountCallIndexes for NodeMetadataMock {
+	fn dispatch_as_omni_account_call_indexes(&self) -> Result<[u8; 2]> {
+		Ok([self.omni_account_module, self.dispatch_as_omni_account])
+	}
+
+	fn dispatch_as_signed_call_indexes(&self) -> Result<[u8; 2]> {
+		Ok([self.omni_account_module, self.dispatch_as_signed])
+	}
+
+	fn create_account_store_call_indexes(&self) -> Result<[u8; 2]> {
+		Ok([self.omni_account_module, self.create_account_store])
+	}
+
+	fn update_account_store_by_one_call_indexes(&self) -> Result<[u8; 2]> {
+		Ok([self.omni_account_module, self.update_account_store_by_one])
+	}
+}
diff --git a/tee-worker/common/core-primitives/node-api/metadata/src/pallet_omni_account.rs b/tee-worker/common/core-primitives/node-api/metadata/src/pallet_omni_account.rs
@@ -0,0 +1,45 @@
+// Copyright 2020-2024 Trust Computing GmbH.
+// This file is part of Litentry.
+//
+// Litentry is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Litentry is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Litentry.  If not, see <https://www.gnu.org/licenses/>.
+
+// TODO: maybe use macros to simplify this
+use crate::{error::Result, NodeMetadata};
+
+const OMNIACCOUNT: &str = "OmniAccount";
+
+pub trait OmniAccountCallIndexes {
+	fn dispatch_as_omni_account_call_indexes(&self) -> Result<[u8; 2]>;
+	fn dispatch_as_signed_call_indexes(&self) -> Result<[u8; 2]>;
+	fn create_account_store_call_indexes(&self) -> Result<[u8; 2]>;
+	fn update_account_store_by_one_call_indexes(&self) -> Result<[u8; 2]>;
+}
+
+impl OmniAccountCallIndexes for NodeMetadata {
+	fn dispatch_as_omni_account_call_indexes(&self) -> Result<[u8; 2]> {
+		self.call_indexes(OMNIACCOUNT, "dispatch_as_omni_account")
+	}
+
+	fn dispatch_as_signed_call_indexes(&self) -> Result<[u8; 2]> {
+		self.call_indexes(OMNIACCOUNT, "dispatch_as_signed")
+	}
+
+	fn create_account_store_call_indexes(&self) -> Result<[u8; 2]> {
+		self.call_indexes(OMNIACCOUNT, "create_account_store")
+	}
+
+	fn update_account_store_by_one_call_indexes(&self) -> Result<[u8; 2]> {
+		self.call_indexes(OMNIACCOUNT, "update_account_store_by_one")
+	}
+}
diff --git a/tee-worker/common/core-primitives/sgx/crypto/Cargo.toml b/tee-worker/common/core-primitives/sgx/crypto/Cargo.toml
@@ -11,16 +11,20 @@ hex = { workspace = true }
 k256 = { workspace = true, features = ["ecdsa-core", "schnorr", "alloc"] }
 log = { workspace = true }
 ofb = { workspace = true }
+rand = { workspace = true, optional = true }
+rand-sgx = { workspace = true, optional = true }
+ring = { workspace = true }
 secp256k1 = { workspace = true, features = ["alloc", "recovery"] }
 serde_json = { workspace = true, optional = true }
-
 serde_json_sgx = { workspace = true, optional = true }
+
 sgx_crypto_helper = { workspace = true }
 sgx_rand = { workspace = true, optional = true }
 sgx_tstd = { workspace = true, optional = true }
 sgx_types = { workspace = true }
 
 sp-core = { workspace = true }
+sp-std = { workspace = true }
 
 itp-sgx-io = { workspace = true }
 itp-sgx-temp-dir = { workspace = true, optional = true }
@@ -30,15 +34,19 @@ default = ["std"]
 std = [
     "codec/std",
     "log/std",
+    "rand",
+    "ring/std",
     "itp-sgx-io/std",
     "sp-core/std",
+    "sp-std/std",
     "serde_json/std",
     "sgx_crypto_helper/default",
 ]
 sgx = [
     "sgx_crypto_helper/mesalock_sgx",
     "sgx_tstd",
     "sgx_rand",
+    "rand-sgx",
     "itp-sgx-io/sgx",
     "serde_json_sgx",
 ]