New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix enclave-account/root ambiguity #1617

Open

brenzi opened this issue Oct 19, 2024 · 0 comments

Assignees

Labels

F2-bug

Collaborator

brenzi commented Oct 19, 2024 •

edited

Loading

We still use legacy derivation of a superuser granted to the enclave signer.

What currently is bad:

state is initialized with enclave account =primary worker's enclave signer
- this makes no sense. every enclave with valid MRENCLAVE has superuser rights on the state. the primary worker has no special role here
- this could lead to failures: if a secondary validateer tries to call set_timestamp, for example
we instantiate the sudo pallet in the sgx_runtime, but we don't need it, actually. some tests do, but could be done otherwise

the only thing we actually need is a way to authorize the current enclave: ensure_enclave_signer_account

Solution:

sync the current set of validateers for this shard into the state with get_storage_hashes_to_update on integritee parentchain
modify ensure_enclave_signer_account to verify set membership instead

The text was updated successfully, but these errors were encountered:

brenzi self-assigned this

brenzi added the F2-bug label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment