From 55248b838b967d53d63436fe94d5f9ea88661892 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Wed, 16 Oct 2024 09:37:58 +0000 Subject: [PATCH 01/49] update AccountStoreCreated event --- parachain/pallets/omni-account/src/lib.rs | 4 ++-- parachain/pallets/omni-account/src/tests.rs | 7 ++----- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/parachain/pallets/omni-account/src/lib.rs b/parachain/pallets/omni-account/src/lib.rs index 8b16863eca..0dd172b897 100644 --- a/parachain/pallets/omni-account/src/lib.rs +++ b/parachain/pallets/omni-account/src/lib.rs @@ -126,7 +126,7 @@ pub mod pallet { #[pallet::generate_deposit(pub(super) fn deposit_event)] pub enum Event { /// An account store is created - AccountStoreCreated { who: T::AccountId, account_store_hash: H256 }, + AccountStoreCreated { who: T::AccountId, account_store: MemberAccounts }, /// Some member account is added AccountAdded { who: T::AccountId, member_account_hash: H256 }, /// Some member accounts are removed @@ -214,7 +214,7 @@ pub mod pallet { Self::deposit_event(Event::AccountStoreCreated { who: omni_account, - account_store_hash: member_accounts.hash(), + account_store: member_accounts, }); Ok(()) diff --git a/parachain/pallets/omni-account/src/tests.rs b/parachain/pallets/omni-account/src/tests.rs index 1ae090c741..285a1dfab2 100644 --- a/parachain/pallets/omni-account/src/tests.rs +++ b/parachain/pallets/omni-account/src/tests.rs @@ -60,11 +60,8 @@ fn create_account_store_works() { vec![MemberAccount::Public(who_identity.clone())].try_into().unwrap(); System::assert_last_event( - Event::AccountStoreCreated { - who: who_omni_account, - account_store_hash: member_accounts.hash(), - } - .into(), + Event::AccountStoreCreated { who: who_omni_account, account_store: member_accounts } + .into(), ); // create it the second time will fail From 413abc11bb9a573bce0a7522a67afc18ee543ea0 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Wed, 16 Oct 2024 09:43:01 +0000 Subject: [PATCH 02/49] include account_store in AccountAdded --- parachain/pallets/omni-account/src/lib.rs | 12 ++++++++++-- parachain/pallets/omni-account/src/tests.rs | 14 ++++++++------ 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/parachain/pallets/omni-account/src/lib.rs b/parachain/pallets/omni-account/src/lib.rs index 0dd172b897..d7941b3886 100644 --- a/parachain/pallets/omni-account/src/lib.rs +++ b/parachain/pallets/omni-account/src/lib.rs @@ -128,7 +128,11 @@ pub mod pallet { /// An account store is created AccountStoreCreated { who: T::AccountId, account_store: MemberAccounts }, /// Some member account is added - AccountAdded { who: T::AccountId, member_account_hash: H256 }, + AccountAdded { + who: T::AccountId, + member_account_hash: H256, + account_store: MemberAccounts, + }, /// Some member accounts are removed AccountRemoved { who: T::AccountId, member_account_hashes: Vec }, /// Some member account is made public @@ -245,7 +249,11 @@ pub mod pallet { AccountStore::::insert(who.clone(), member_accounts.clone()); AccountStoreHash::::insert(who.clone(), member_accounts.hash()); - Self::deposit_event(Event::AccountAdded { who, member_account_hash: hash }); + Self::deposit_event(Event::AccountAdded { + who, + member_account_hash: hash, + account_store: member_accounts, + }); Ok(()) } diff --git a/parachain/pallets/omni-account/src/tests.rs b/parachain/pallets/omni-account/src/tests.rs index 285a1dfab2..feac1714b8 100644 --- a/parachain/pallets/omni-account/src/tests.rs +++ b/parachain/pallets/omni-account/src/tests.rs @@ -137,6 +137,7 @@ fn add_account_works() { Event::AccountAdded { who: who_omni_account.clone(), member_account_hash: bob_member_account.hash(), + account_store: expected_member_accounts.clone(), } .into(), ); @@ -156,21 +157,22 @@ fn add_account_works() { who_identity.hash(), call )); + let expected_member_accounts: MemberAccounts = + BoundedVec::truncate_from(vec![ + MemberAccount::Public(who_identity.clone()), + bob_member_account.clone(), + charlie_member_account.clone(), + ]); System::assert_has_event( Event::AccountAdded { who: who_identity.to_omni_account(), member_account_hash: charlie_member_account.hash(), + account_store: expected_member_accounts.clone(), } .into(), ); - let expected_member_accounts: MemberAccounts = - BoundedVec::truncate_from(vec![ - MemberAccount::Public(who_identity.clone()), - bob_member_account.clone(), - charlie_member_account.clone(), - ]); let expected_account_store_hash = H256::from(blake2_256( &expected_member_accounts .iter() From 95f82b7cc43ddd02dca216fafd8f6e292d187dee Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Wed, 16 Oct 2024 09:46:12 +0000 Subject: [PATCH 03/49] add account_store to AccountRemoved --- parachain/pallets/omni-account/src/lib.rs | 14 +++++++++++--- parachain/pallets/omni-account/src/tests.rs | 14 +++++++++----- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/parachain/pallets/omni-account/src/lib.rs b/parachain/pallets/omni-account/src/lib.rs index d7941b3886..952463324d 100644 --- a/parachain/pallets/omni-account/src/lib.rs +++ b/parachain/pallets/omni-account/src/lib.rs @@ -134,7 +134,11 @@ pub mod pallet { account_store: MemberAccounts, }, /// Some member accounts are removed - AccountRemoved { who: T::AccountId, member_account_hashes: Vec }, + AccountRemoved { + who: T::AccountId, + member_account_hashes: Vec, + account_store: MemberAccounts, + }, /// Some member account is made public AccountMadePublic { who: T::AccountId, member_account_hash: H256 }, /// Some call is dispatched as omni-account origin @@ -284,10 +288,14 @@ pub mod pallet { if member_accounts.is_empty() { AccountStore::::remove(&who); } else { - AccountStore::::insert(who.clone(), member_accounts); + AccountStore::::insert(who.clone(), member_accounts.clone()); } - Self::deposit_event(Event::AccountRemoved { who, member_account_hashes }); + Self::deposit_event(Event::AccountRemoved { + who, + member_account_hashes, + account_store: member_accounts, + }); Ok(()) } diff --git a/parachain/pallets/omni-account/src/tests.rs b/parachain/pallets/omni-account/src/tests.rs index feac1714b8..290e06eff5 100644 --- a/parachain/pallets/omni-account/src/tests.rs +++ b/parachain/pallets/omni-account/src/tests.rs @@ -392,14 +392,18 @@ fn remove_account_works() { .into(), ); - System::assert_has_event( - Event::AccountRemoved { who: who_omni_account.clone(), member_account_hashes: hashes } - .into(), - ); - let expected_member_accounts: MemberAccounts = BoundedVec::truncate_from(vec![MemberAccount::Public(who_identity.clone())]); + System::assert_has_event( + Event::AccountRemoved { + who: who_omni_account.clone(), + member_account_hashes: hashes, + account_store: expected_member_accounts.clone(), + } + .into(), + ); + assert_eq!( AccountStore::::get(&who_omni_account).unwrap(), expected_member_accounts From 2837f7b6ff2aec89e461711266dabe9c01b1da04 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Wed, 16 Oct 2024 09:48:27 +0000 Subject: [PATCH 04/49] add account_store to AccountMadePublic --- parachain/pallets/omni-account/src/lib.rs | 14 +++++++++++--- parachain/pallets/omni-account/src/tests.rs | 12 +++++++----- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/parachain/pallets/omni-account/src/lib.rs b/parachain/pallets/omni-account/src/lib.rs index 952463324d..d4b61037b9 100644 --- a/parachain/pallets/omni-account/src/lib.rs +++ b/parachain/pallets/omni-account/src/lib.rs @@ -140,7 +140,11 @@ pub mod pallet { account_store: MemberAccounts, }, /// Some member account is made public - AccountMadePublic { who: T::AccountId, member_account_hash: H256 }, + AccountMadePublic { + who: T::AccountId, + member_account_hash: H256, + account_store: MemberAccounts, + }, /// Some call is dispatched as omni-account origin DispatchedAsOmniAccount { who: T::AccountId, result: DispatchResult }, /// Some call is dispatched as signed origin @@ -316,9 +320,13 @@ pub mod pallet { .ok_or(Error::::AccountNotFound)?; *m = member_account.into(); - AccountStore::::insert(who.clone(), member_accounts); + AccountStore::::insert(who.clone(), member_accounts.clone()); - Self::deposit_event(Event::AccountMadePublic { who, member_account_hash: hash }); + Self::deposit_event(Event::AccountMadePublic { + who, + member_account_hash: hash, + account_store: member_accounts, + }); Ok(()) } diff --git a/parachain/pallets/omni-account/src/tests.rs b/parachain/pallets/omni-account/src/tests.rs index 290e06eff5..fc39af3436 100644 --- a/parachain/pallets/omni-account/src/tests.rs +++ b/parachain/pallets/omni-account/src/tests.rs @@ -516,19 +516,21 @@ fn publicize_account_works() { .into(), ); + let expected_member_accounts: MemberAccounts = + BoundedVec::truncate_from(vec![ + MemberAccount::Public(who_identity.clone()), + MemberAccount::Public(Identity::from(bob())), + ]); + System::assert_has_event( Event::AccountMadePublic { who: who_omni_account.clone(), member_account_hash: public_account_hash, + account_store: expected_member_accounts.clone(), } .into(), ); - let expected_member_accounts: MemberAccounts = - BoundedVec::truncate_from(vec![ - MemberAccount::Public(who_identity.clone()), - MemberAccount::Public(Identity::from(bob())), - ]); assert_eq!( AccountStore::::get(&who_omni_account).unwrap(), expected_member_accounts From 0a783eab2e9693d4f17ee95860c537badb25371d Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Wed, 16 Oct 2024 14:26:06 +0000 Subject: [PATCH 05/49] adding parentchain events --- .../common/core-primitives/types/src/lib.rs | 2 + .../types/src/parentchain/events.rs | 99 ++++++++++++++++++- 2 files changed, 99 insertions(+), 2 deletions(-) diff --git a/tee-worker/common/core-primitives/types/src/lib.rs b/tee-worker/common/core-primitives/types/src/lib.rs index d60fa6f08a..08103feefa 100644 --- a/tee-worker/common/core-primitives/types/src/lib.rs +++ b/tee-worker/common/core-primitives/types/src/lib.rs @@ -18,6 +18,8 @@ #![cfg_attr(all(not(target_env = "sgx"), not(feature = "std")), no_std)] #![cfg_attr(target_env = "sgx", feature(rustc_private))] +extern crate alloc; + use crate::storage::StorageEntry; use codec::{Decode, Encode}; use itp_sgx_crypto::ShieldingCryptoDecrypt; diff --git a/tee-worker/common/core-primitives/types/src/parentchain/events.rs b/tee-worker/common/core-primitives/types/src/parentchain/events.rs index e013f159b1..a7794dc14d 100644 --- a/tee-worker/common/core-primitives/types/src/parentchain/events.rs +++ b/tee-worker/common/core-primitives/types/src/parentchain/events.rs @@ -1,12 +1,12 @@ -use super::alloc::{format, vec::Vec}; use crate::{ AccountId, Assertion, Balance, BlockNumber, Hash, MrEnclave, RsaRequest, ShardIdentifier, WorkerType, }; +use alloc::{format, vec::Vec}; use codec::{Decode, Encode}; use core::fmt::Debug; use itp_utils::{hex::ToHexPrefixed, stringify::account_id_to_string}; -use litentry_primitives::{Address32, Identity}; +use litentry_primitives::{Address32, Identity, MemberAccount}; use sp_core::H160; use substrate_api_client::ac_node_api::StaticEvent; @@ -139,6 +139,101 @@ impl StaticEvent for EnclaveRemoved { const EVENT: &'static str = "EnclaveRemoved"; } +// omni-account pallet events +#[derive(Encode, Decode, Debug)] +pub struct AccountStoreCreated { + pub who: AccountId, + pub account_store: Vec, +} + +impl core::fmt::Display for AccountStoreCreated { + fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result { + let message = format!( + "AccountStoreCreated :: who: {}, account_store: {:?}", + account_id_to_string::(&self.who), + self.account_store + ); + write!(f, "{}", message) + } +} + +impl StaticEvent for AccountStoreCreated { + const PALLET: &'static str = "OmniAccount"; + const EVENT: &'static str = "AccountStoreCreated"; +} + +#[derive(Encode, Decode, Debug)] +pub struct AccountAdded { + pub who: AccountId, + pub member_account_hash: Hash, + pub account_store: Vec, +} + +impl core::fmt::Display for AccountAdded { + fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result { + let message = format!( + "AccountAdded :: who: {}, member_account_hash: {}, account_store: {:?}", + account_id_to_string::(&self.who), + self.member_account_hash.to_hex(), + self.account_store + ); + write!(f, "{}", message) + } +} + +impl StaticEvent for AccountAdded { + const PALLET: &'static str = "OmniAccount"; + const EVENT: &'static str = "AccountAdded"; +} + +#[derive(Encode, Decode, Debug)] +pub struct AccountRemoved { + pub who: AccountId, + pub member_account_hashes: Vec, + pub account_store: Vec, +} + +impl core::fmt::Display for AccountRemoved { + fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result { + let message = format!( + "AccountRemoved :: who: {}, member_account_hashes: {:?}, account_store: {:?}", + account_id_to_string::(&self.who), + self.member_account_hashes, + self.account_store + ); + write!(f, "{}", message) + } +} + +impl StaticEvent for AccountRemoved { + const PALLET: &'static str = "OmniAccount"; + const EVENT: &'static str = "AccountRemoved"; +} + +#[derive(Encode, Decode, Debug)] +pub struct AccountMadePublic { + pub who: AccountId, + pub member_account_hash: Hash, + pub account_store: Vec, +} + +impl core::fmt::Display for AccountMadePublic { + fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result { + let message = format!( + "AccountMadePublic :: who: {}, member_account_hash: {}, account_store: {:?}", + account_id_to_string::(&self.who), + self.member_account_hash.to_hex(), + self.account_store + ); + write!(f, "{}", message) + } +} + +impl StaticEvent for AccountMadePublic { + const PALLET: &'static str = "OmniAccount"; + const EVENT: &'static str = "AccountMadePublic"; +} + // Identity-worker events #[derive(Encode, Decode, Debug)] From 414a7b3ff056ec11a841be54811544e9c2898e1d Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Wed, 16 Oct 2024 14:51:26 +0000 Subject: [PATCH 06/49] updating event filters --- .../src/integritee/event_filter.rs | 16 ++++++++ .../src/target_a/event_filter.rs | 16 ++++++++ .../src/target_b/event_filter.rs | 16 ++++++++ .../indirect-calls-executor/src/mock.rs | 16 ++++++++ .../types/src/parentchain/mod.rs | 8 ++++ .../src/integritee/event_filter.rs | 16 ++++++++ .../src/target_a/event_filter.rs | 40 +++++++++++-------- .../src/target_b/event_filter.rs | 40 +++++++++++-------- .../indirect-calls-executor/src/mock.rs | 16 ++++++++ 9 files changed, 150 insertions(+), 34 deletions(-) diff --git a/tee-worker/bitacross/app-libs/parentchain-interface/src/integritee/event_filter.rs b/tee-worker/bitacross/app-libs/parentchain-interface/src/integritee/event_filter.rs index 2294044191..96c933face 100644 --- a/tee-worker/bitacross/app-libs/parentchain-interface/src/integritee/event_filter.rs +++ b/tee-worker/bitacross/app-libs/parentchain-interface/src/integritee/event_filter.rs @@ -117,4 +117,20 @@ impl FilterEvents for FilterableEvents { fn get_btc_wallet_generated_events(&self) -> Result, Self::Error> { self.filter() } + + fn get_account_store_created_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_added_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_removed_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_made_public_events(&self) -> Result, Self::Error> { + self.filter() + } } diff --git a/tee-worker/bitacross/app-libs/parentchain-interface/src/target_a/event_filter.rs b/tee-worker/bitacross/app-libs/parentchain-interface/src/target_a/event_filter.rs index 56b5365130..8c6bc5aeae 100644 --- a/tee-worker/bitacross/app-libs/parentchain-interface/src/target_a/event_filter.rs +++ b/tee-worker/bitacross/app-libs/parentchain-interface/src/target_a/event_filter.rs @@ -115,4 +115,20 @@ impl FilterEvents for FilterableEvents { fn get_btc_wallet_generated_events(&self) -> Result, Self::Error> { self.filter() } + + fn get_account_store_created_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_added_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_removed_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_made_public_events(&self) -> Result, Self::Error> { + self.filter() + } } diff --git a/tee-worker/bitacross/app-libs/parentchain-interface/src/target_b/event_filter.rs b/tee-worker/bitacross/app-libs/parentchain-interface/src/target_b/event_filter.rs index 56b5365130..8c6bc5aeae 100644 --- a/tee-worker/bitacross/app-libs/parentchain-interface/src/target_b/event_filter.rs +++ b/tee-worker/bitacross/app-libs/parentchain-interface/src/target_b/event_filter.rs @@ -115,4 +115,20 @@ impl FilterEvents for FilterableEvents { fn get_btc_wallet_generated_events(&self) -> Result, Self::Error> { self.filter() } + + fn get_account_store_created_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_added_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_removed_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_made_public_events(&self) -> Result, Self::Error> { + self.filter() + } } diff --git a/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/mock.rs b/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/mock.rs index d49e12b18f..bfab9b1305 100644 --- a/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/mock.rs +++ b/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/mock.rs @@ -196,6 +196,22 @@ impl FilterEvents for MockEvents { ) -> Result, Self::Error> { Ok(Vec::new()) } + + fn get_account_store_created_events(&self) -> Result, Self::Error> { + Ok(Vec::new()) + } + + fn get_account_added_events(&self) -> Result, Self::Error> { + Ok(Vec::new()) + } + + fn get_account_removed_events(&self) -> Result, Self::Error> { + Ok(Vec::new()) + } + + fn get_account_made_public_events(&self) -> Result, Self::Error> { + Ok(Vec::new()) + } } pub struct MockParentchainEventHandler {} diff --git a/tee-worker/common/core-primitives/types/src/parentchain/mod.rs b/tee-worker/common/core-primitives/types/src/parentchain/mod.rs index 6c4d9135c7..9a0e45d2a3 100644 --- a/tee-worker/common/core-primitives/types/src/parentchain/mod.rs +++ b/tee-worker/common/core-primitives/types/src/parentchain/mod.rs @@ -123,6 +123,14 @@ pub trait FilterEvents { fn get_enclave_removed_events(&self) -> Result, Self::Error>; fn get_btc_wallet_generated_events(&self) -> Result, Self::Error>; + + fn get_account_store_created_events(&self) -> Result, Self::Error>; + + fn get_account_added_events(&self) -> Result, Self::Error>; + + fn get_account_removed_events(&self) -> Result, Self::Error>; + + fn get_account_made_public_events(&self) -> Result, Self::Error>; } #[derive(Debug)] diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_filter.rs b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_filter.rs index c27e871c70..400748e7ca 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_filter.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_filter.rs @@ -117,4 +117,20 @@ impl FilterEvents for FilterableEvents { fn get_btc_wallet_generated_events(&self) -> Result, Self::Error> { self.filter() } + + fn get_account_store_created_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_added_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_removed_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_made_public_events(&self) -> Result, Self::Error> { + self.filter() + } } diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/target_a/event_filter.rs b/tee-worker/identity/app-libs/parentchain-interface/src/target_a/event_filter.rs index c3b102a895..ae391e5031 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/target_a/event_filter.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/target_a/event_filter.rs @@ -60,39 +60,29 @@ impl From> for FilterableEvents { impl FilterEvents for FilterableEvents { type Error = itc_parentchain_indirect_calls_executor::Error; - fn get_link_identity_events( - &self, - ) -> Result, Self::Error> { + fn get_link_identity_events(&self) -> Result, Self::Error> { self.filter() } - fn get_vc_requested_events( - &self, - ) -> Result, Self::Error> { + fn get_vc_requested_events(&self) -> Result, Self::Error> { self.filter() } fn get_deactivate_identity_events( &self, - ) -> Result, Self::Error> { + ) -> Result, Self::Error> { self.filter() } - fn get_activate_identity_events( - &self, - ) -> Result, Self::Error> { + fn get_activate_identity_events(&self) -> Result, Self::Error> { self.filter() } - fn get_enclave_unauthorized_events( - &self, - ) -> Result, Self::Error> { + fn get_enclave_unauthorized_events(&self) -> Result, Self::Error> { self.filter() } - fn get_opaque_task_posted_events( - &self, - ) -> Result, Self::Error> { + fn get_opaque_task_posted_events(&self) -> Result, Self::Error> { self.filter() } @@ -102,7 +92,7 @@ impl FilterEvents for FilterableEvents { fn get_parentchain_block_proccessed_events( &self, - ) -> Result, Self::Error> { + ) -> Result, Self::Error> { Ok(Vec::new()) } @@ -125,4 +115,20 @@ impl FilterEvents for FilterableEvents { fn get_btc_wallet_generated_events(&self) -> Result, Self::Error> { self.filter() } + + fn get_account_store_created_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_added_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_removed_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_made_public_events(&self) -> Result, Self::Error> { + self.filter() + } } diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/target_b/event_filter.rs b/tee-worker/identity/app-libs/parentchain-interface/src/target_b/event_filter.rs index c3b102a895..ae391e5031 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/target_b/event_filter.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/target_b/event_filter.rs @@ -60,39 +60,29 @@ impl From> for FilterableEvents { impl FilterEvents for FilterableEvents { type Error = itc_parentchain_indirect_calls_executor::Error; - fn get_link_identity_events( - &self, - ) -> Result, Self::Error> { + fn get_link_identity_events(&self) -> Result, Self::Error> { self.filter() } - fn get_vc_requested_events( - &self, - ) -> Result, Self::Error> { + fn get_vc_requested_events(&self) -> Result, Self::Error> { self.filter() } fn get_deactivate_identity_events( &self, - ) -> Result, Self::Error> { + ) -> Result, Self::Error> { self.filter() } - fn get_activate_identity_events( - &self, - ) -> Result, Self::Error> { + fn get_activate_identity_events(&self) -> Result, Self::Error> { self.filter() } - fn get_enclave_unauthorized_events( - &self, - ) -> Result, Self::Error> { + fn get_enclave_unauthorized_events(&self) -> Result, Self::Error> { self.filter() } - fn get_opaque_task_posted_events( - &self, - ) -> Result, Self::Error> { + fn get_opaque_task_posted_events(&self) -> Result, Self::Error> { self.filter() } @@ -102,7 +92,7 @@ impl FilterEvents for FilterableEvents { fn get_parentchain_block_proccessed_events( &self, - ) -> Result, Self::Error> { + ) -> Result, Self::Error> { Ok(Vec::new()) } @@ -125,4 +115,20 @@ impl FilterEvents for FilterableEvents { fn get_btc_wallet_generated_events(&self) -> Result, Self::Error> { self.filter() } + + fn get_account_store_created_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_added_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_removed_events(&self) -> Result, Self::Error> { + self.filter() + } + + fn get_account_made_public_events(&self) -> Result, Self::Error> { + self.filter() + } } diff --git a/tee-worker/identity/core/parentchain/indirect-calls-executor/src/mock.rs b/tee-worker/identity/core/parentchain/indirect-calls-executor/src/mock.rs index c24ebfc863..87a37953b9 100644 --- a/tee-worker/identity/core/parentchain/indirect-calls-executor/src/mock.rs +++ b/tee-worker/identity/core/parentchain/indirect-calls-executor/src/mock.rs @@ -84,6 +84,22 @@ impl FilterEvents for MockEvents { fn get_relayers_removed_events(&self) -> Result, Self::Error> { Ok(Vec::new()) } + + fn get_account_store_created_events(&self) -> Result, Self::Error> { + Ok(Vec::new()) + } + + fn get_account_added_events(&self) -> Result, Self::Error> { + Ok(Vec::new()) + } + + fn get_account_removed_events(&self) -> Result, Self::Error> { + Ok(Vec::new()) + } + + fn get_account_made_public_events(&self) -> Result, Self::Error> { + Ok(Vec::new()) + } } pub struct MockParentchainEventHandler {} From ac4776505eb958d114d2cf19dc030dd834b126f8 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Wed, 16 Oct 2024 18:35:25 +0000 Subject: [PATCH 07/49] fixing lc-omni-account dependency definition in the workspace --- tee-worker/Cargo.lock | 1 + tee-worker/Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/tee-worker/Cargo.lock b/tee-worker/Cargo.lock index ff5fab9d0f..c73f56e0f4 100644 --- a/tee-worker/Cargo.lock +++ b/tee-worker/Cargo.lock @@ -3273,6 +3273,7 @@ dependencies = [ "itp-types", "lc-dynamic-assertion", "lc-evm-dynamic-assertions", + "lc-omni-account", "litentry-primitives", "log 0.4.20", "parity-scale-codec", diff --git a/tee-worker/Cargo.toml b/tee-worker/Cargo.toml index 64d89bec74..fff10da14e 100644 --- a/tee-worker/Cargo.toml +++ b/tee-worker/Cargo.toml @@ -301,7 +301,7 @@ lc-stf-task-sender = { path = "identity/litentry/core/stf-task/sender", default- lc-stf-task-receiver = { path = "identity/litentry/core/stf-task/receiver", default-features = false } lc-vc-task-sender = { path = "identity/litentry/core/vc-task/sender", default-features = false } lc-vc-task-receiver = { path = "identity/litentry/core/vc-task/receiver", default-features = false } -lc-omni-account = { path = "identity/app-libs/omni-account", default-features = false } +lc-omni-account = { path = "identity/litentry/core/omni-account", default-features = false } lc-native-task-sender = { path = "identity/litentry/core/native-task/sender", default-features = false } lc-native-task-receiver = { path = "identity/litentry/core/native-task/receiver", default-features = false } From 25bd1f9bda94f418a9d7d207a3d4e6f09b48485f Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 06:02:24 +0000 Subject: [PATCH 08/49] adding parentchain errors --- .../core-primitives/types/src/parentchain/mod.rs | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tee-worker/common/core-primitives/types/src/parentchain/mod.rs b/tee-worker/common/core-primitives/types/src/parentchain/mod.rs index 9a0e45d2a3..950b1ce4fa 100644 --- a/tee-worker/common/core-primitives/types/src/parentchain/mod.rs +++ b/tee-worker/common/core-primitives/types/src/parentchain/mod.rs @@ -171,6 +171,10 @@ pub enum ParentchainEventProcessingError { EnclaveAddFailure, EnclaveRemoveFailure, BtcWalletGeneratedFailure, + AccountStoreCreatedFailure, + AccountAddedFailure, + AccountRemovedFailure, + AccountMadePublicFailure, } impl core::fmt::Display for ParentchainEventProcessingError { @@ -204,6 +208,14 @@ impl core::fmt::Display for ParentchainEventProcessingError { "Parentchain Event Processing Error: EnclaveRemoveFailure", ParentchainEventProcessingError::BtcWalletGeneratedFailure => "Parentchain Event Processing Error: BtcWalletGeneratedFailure", + ParentchainEventProcessingError::AccountStoreCreatedFailure => + "Parentchain Event Processing Error: AccountStoreCreatedFailure", + ParentchainEventProcessingError::AccountAddedFailure => + "Parentchain Event Processing Error: AccountAddedFailure", + ParentchainEventProcessingError::AccountRemovedFailure => + "Parentchain Event Processing Error: AccountRemovedFailure", + ParentchainEventProcessingError::AccountMadePublicFailure => + "Parentchain Event Processing Error: AccountMadePublicFailure", }; write!(f, "{}", message) } From 8e84226742da26ec611dfe8e5783b711b01f32cc Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 06:02:59 +0000 Subject: [PATCH 09/49] updating imports --- tee-worker/identity/litentry/core/omni-account/src/lib.rs | 6 +++--- .../identity/litentry/core/omni-account/src/repository.rs | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tee-worker/identity/litentry/core/omni-account/src/lib.rs b/tee-worker/identity/litentry/core/omni-account/src/lib.rs index 506ff11c41..cb5bdcbab2 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/lib.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/lib.rs @@ -16,13 +16,13 @@ #![cfg_attr(not(feature = "std"), no_std)] -pub extern crate alloc; +#[cfg(all(feature = "std", feature = "sgx"))] +compile_error!("feature \"std\" and feature \"sgx\" cannot be enabled at the same time"); #[cfg(all(not(feature = "std"), feature = "sgx"))] extern crate sgx_tstd as std; -#[cfg(all(feature = "std", feature = "sgx"))] -compile_error!("feature \"std\" and feature \"sgx\" cannot be enabled at the same time"); +extern crate alloc; mod repository; pub use repository::*; diff --git a/tee-worker/identity/litentry/core/omni-account/src/repository.rs b/tee-worker/identity/litentry/core/omni-account/src/repository.rs index c12993d1eb..189c3a039e 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/repository.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/repository.rs @@ -15,7 +15,7 @@ // along with Litentry. If not, see . use crate::{AccountId, Error, Header, MemberAccount, OmniAccounts, ParentchainId}; -use alloc::vec::Vec; +use alloc::{borrow::ToOwned, vec::Vec}; use frame_support::storage::storage_prefix; use itp_ocall_api::EnclaveOnChainOCallApi; use itp_storage::{ From c2e6b766a41fa6112bd38a47f33d521c114afae7 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 06:04:05 +0000 Subject: [PATCH 10/49] refactoring in_memory_store --- .../core/omni-account/src/in_memory_store.rs | 20 ++++--------------- 1 file changed, 4 insertions(+), 16 deletions(-) diff --git a/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs b/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs index 30da7a4234..14418f3819 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs @@ -29,20 +29,20 @@ lazy_static! { pub struct InMemoryStore; impl InMemoryStore { - pub fn get(&self, owner: AccountId) -> Result>, Error> { + pub fn get(account_id: AccountId) -> Result>, Error> { let omni_account_members = STORE .read() .map_err(|_| { log::error!("[InMemoryStore] Lock poisoning"); Error::LockPoisoning })? - .get(&owner) + .get(&account_id) .cloned(); Ok(omni_account_members) } - pub fn insert(&self, account_id: AccountId, members: Vec) -> Result<(), Error> { + pub fn insert(account_id: AccountId, members: Vec) -> Result<(), Error> { STORE .write() .map_err(|_| { @@ -54,19 +54,7 @@ impl InMemoryStore { Ok(()) } - pub fn remove(&self, account_id: AccountId) -> Result<(), Error> { - STORE - .write() - .map_err(|_| { - log::error!("[InMemoryStore] Lock poisoning"); - Error::LockPoisoning - })? - .remove(&account_id); - - Ok(()) - } - - pub fn load(&self, accounts: OmniAccounts) -> Result<(), Error> { + pub fn load(accounts: OmniAccounts) -> Result<(), Error> { *STORE.write().map_err(|_| { log::error!("[InMemoryStore] Lock poisoning"); Error::LockPoisoning From d3bd65dde14ea9d3e4c4710c42ef7cf8efcf1f83 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 06:05:43 +0000 Subject: [PATCH 11/49] updating ParentchainBlockProcessed event handler --- .../parentchain-interface/src/integritee/event_handler.rs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs index a46eba6cc0..83fdbe7a7d 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs @@ -19,7 +19,6 @@ use codec::{Decode, Encode}; pub use ita_sgx_runtime::{Balance, Index}; use ita_stf::{Getter, TrustedCall, TrustedCallSigned}; use itc_parentchain_indirect_calls_executor::error::Error; -use itp_api_client_types::StaticEvent; use itp_enclave_metrics::EnclaveMetric; use itp_ocall_api::EnclaveMetricsOCallApi; use itp_stf_primitives::{traits::IndirectExecutor, types::TrustedOperation}; @@ -346,7 +345,7 @@ where events.iter().for_each(|event| { debug!("found ParentchainBlockProcessed event: {:?}", event); // This is for monitoring purposes - handled_events.push(hash_of(ParentchainBlockProcessed::EVENT)); + handled_events.push(hash_of(&event)); }); } From dbacf18d37ba40ed438db7b83027e6ea037851d3 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 06:06:24 +0000 Subject: [PATCH 12/49] adding new indirect call error --- .../core/parentchain/indirect-calls-executor/src/error.rs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tee-worker/identity/core/parentchain/indirect-calls-executor/src/error.rs b/tee-worker/identity/core/parentchain/indirect-calls-executor/src/error.rs index e5e51eae13..a60ff3f662 100644 --- a/tee-worker/identity/core/parentchain/indirect-calls-executor/src/error.rs +++ b/tee-worker/identity/core/parentchain/indirect-calls-executor/src/error.rs @@ -53,6 +53,8 @@ pub enum Error { BatchAllHandlingError, #[error("AssertionCreated handling error: {0:?}")] AssertionCreatedHandling(String), + #[error("AccountStore error: {0}")] + AccountStoreError(String), } impl From for Error { From 9ebe51ceeb8f3270549dc848f531dabdd4609d6b Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 06:09:46 +0000 Subject: [PATCH 13/49] handling omni-account events --- .../app-libs/parentchain-interface/Cargo.toml | 3 + .../src/integritee/event_handler.rs | 64 ++++++++++++++++++- .../identity/enclave-runtime/Cargo.lock | 16 +++++ 3 files changed, 82 insertions(+), 1 deletion(-) diff --git a/tee-worker/identity/app-libs/parentchain-interface/Cargo.toml b/tee-worker/identity/app-libs/parentchain-interface/Cargo.toml index 3718f96eb0..065d23ae7c 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/Cargo.toml +++ b/tee-worker/identity/app-libs/parentchain-interface/Cargo.toml @@ -27,6 +27,7 @@ substrate-api-client = { workspace = true, optional = true } lc-dynamic-assertion = { workspace = true } lc-evm-dynamic-assertions = { workspace = true } +lc-omni-account = { workspace = true } litentry-primitives = { workspace = true } [dev-dependencies] @@ -61,6 +62,7 @@ std = [ "lc-dynamic-assertion/std", "lc-evm-dynamic-assertions/std", "sp-std/std", + "lc-omni-account/std", ] sgx = [ "sgx_tstd", @@ -73,4 +75,5 @@ sgx = [ "litentry-primitives/sgx", "lc-dynamic-assertion/sgx", "lc-evm-dynamic-assertions/sgx", + "lc-omni-account/sgx", ] diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs index 83fdbe7a7d..46b553a1be 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs @@ -31,7 +31,8 @@ use itp_types::{ }; use lc_dynamic_assertion::AssertionLogicRepository; use lc_evm_dynamic_assertions::repository::EvmAssertionRepository; -use litentry_primitives::{Assertion, Identity, ValidationData, Web3Network}; +use lc_omni_account::InMemoryStore as OmniAccountStore; +use litentry_primitives::{Assertion, Identity, MemberAccount, ValidationData, Web3Network}; use log::*; use sp_core::{blake2_256, H160}; use sp_std::vec::Vec; @@ -218,6 +219,19 @@ where Ok(()) } + + fn update_account_store( + account_id: AccountId, + members: Vec, + ) -> Result<(), Error> { + // TODO: decrypt members and change members to be Vec instead + OmniAccountStore::insert(account_id.clone(), members).map_err(|e| { + Error::AccountStoreError(format!( + "Could not update account store for account_id: {:?}, reason: {:?}", + account_id, e + )) + }) + } } impl HandleParentchainEvents @@ -349,6 +363,54 @@ where }); } + if let Ok(events) = events.get_account_store_created_events() { + debug!("Handling AccountStoreCreated events"); + events + .into_iter() + .try_for_each(|event| { + debug!("found AccountStoreCreated event: {:?}", event); + handled_events.push(hash_of(&event)); + Self::update_account_store(event.who, event.account_store) + }) + .map_err(|_| ParentchainEventProcessingError::AccountStoreCreatedFailure)?; + } + + if let Ok(events) = events.get_account_added_events() { + debug!("Handling AccountAdded events"); + events + .into_iter() + .try_for_each(|event| { + debug!("found AccountAdded event: {:?}", event); + handled_events.push(hash_of(&event)); + Self::update_account_store(event.who, event.account_store) + }) + .map_err(|_| ParentchainEventProcessingError::AccountAddedFailure)?; + } + + if let Ok(events) = events.get_account_removed_events() { + debug!("Handling AccountRemoved events"); + events + .into_iter() + .try_for_each(|event| { + debug!("found AccountRemoved event: {:?}", event); + handled_events.push(hash_of(&event)); + Self::update_account_store(event.who, event.account_store) + }) + .map_err(|_| ParentchainEventProcessingError::AccountRemovedFailure)?; + } + + if let Ok(events) = events.get_account_made_public_events() { + debug!("Handling AccountMadePublic events"); + events + .into_iter() + .try_for_each(|event| { + debug!("found AccountMadePublic event: {:?}", event); + handled_events.push(hash_of(&event)); + Self::update_account_store(event.who, event.account_store) + }) + .map_err(|_| ParentchainEventProcessingError::AccountMadePublicFailure)?; + } + Ok((handled_events, successful_assertion_ids, failed_assertion_ids)) } } diff --git a/tee-worker/identity/enclave-runtime/Cargo.lock b/tee-worker/identity/enclave-runtime/Cargo.lock index 3852a51f84..5c8c3e72ec 100644 --- a/tee-worker/identity/enclave-runtime/Cargo.lock +++ b/tee-worker/identity/enclave-runtime/Cargo.lock @@ -1808,6 +1808,7 @@ dependencies = [ "itp-types", "lc-dynamic-assertion", "lc-evm-dynamic-assertions", + "lc-omni-account", "litentry-primitives", "log", "parity-scale-codec", @@ -3146,6 +3147,21 @@ dependencies = [ "sgx_tstd", ] +[[package]] +name = "lc-omni-account" +version = "0.1.0" +dependencies = [ + "frame-support", + "itp-ocall-api", + "itp-storage", + "itp-types", + "lazy_static", + "litentry-primitives", + "log", + "sgx_tstd", + "sp-core", +] + [[package]] name = "lc-parachain-extrinsic-task-receiver" version = "0.1.0" From 7cbb6496e9c33908a4fc2e68aef3f6e2f086f103 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 06:10:08 +0000 Subject: [PATCH 14/49] removing unused imports --- .../parentchain-interface/src/integritee/event_handler.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs index 46b553a1be..3cc5e99c87 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs @@ -24,8 +24,8 @@ use itp_ocall_api::EnclaveMetricsOCallApi; use itp_stf_primitives::{traits::IndirectExecutor, types::TrustedOperation}; use itp_types::{ parentchain::{ - events::ParentchainBlockProcessed, AccountId, FilterEvents, HandleParentchainEvents, - ParentchainEventProcessingError, ProcessedEventsArtifacts, + AccountId, FilterEvents, HandleParentchainEvents, ParentchainEventProcessingError, + ProcessedEventsArtifacts, }, RsaRequest, H256, }; From 8af1c23a8cabf89547455700535c9a6b22f2193e Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 12:27:44 +0000 Subject: [PATCH 15/49] extending ocall_api, adding get_header method --- .../src/ocall_bridge/worker_on_chain_ocall.rs | 10 +++++++++- .../common/core-primitives/ocall-api/src/lib.rs | 3 +++ .../test/src/mock/onchain_mock.rs | 15 ++++++++++++++- .../common/core-primitives/types/src/lib.rs | 4 ++++ .../enclave-runtime/src/ocall/on_chain_ocall.rs | 16 +++++++++++++++- .../test/mocks/propose_to_import_call_mock.rs | 7 +++++++ .../src/ocall_bridge/worker_on_chain_ocall.rs | 10 +++++++++- 7 files changed, 61 insertions(+), 4 deletions(-) diff --git a/tee-worker/bitacross/service/src/ocall_bridge/worker_on_chain_ocall.rs b/tee-worker/bitacross/service/src/ocall_bridge/worker_on_chain_ocall.rs index 3e1b181b78..48035b09af 100644 --- a/tee-worker/bitacross/service/src/ocall_bridge/worker_on_chain_ocall.rs +++ b/tee-worker/bitacross/service/src/ocall_bridge/worker_on_chain_ocall.rs @@ -26,7 +26,8 @@ use log::*; use sp_runtime::OpaqueExtrinsic; use std::{sync::Arc, thread, vec::Vec}; use substrate_api_client::{ - ac_primitives::serde_impls::StorageKey, GetStorage, SubmitAndWatch, SubmitExtrinsic, XtStatus, + ac_primitives::serde_impls::StorageKey, GetChainInfo, GetStorage, SubmitAndWatch, + SubmitExtrinsic, XtStatus, }; #[cfg(feature = "link-binary")] @@ -112,6 +113,13 @@ where }; WorkerResponse::ChainStorageKeys(keys) }, + WorkerRequest::ChainHeader(block_hash) => { + let header = match api.get_header(block_hash) { + Ok(Some(header)) => Some(header.encode()), + _ => None, + }; + WorkerResponse::ChainHeader(header) + }, }) .collect(); diff --git a/tee-worker/common/core-primitives/ocall-api/src/lib.rs b/tee-worker/common/core-primitives/ocall-api/src/lib.rs index ca5090e88c..8e25947a98 100644 --- a/tee-worker/common/core-primitives/ocall-api/src/lib.rs +++ b/tee-worker/common/core-primitives/ocall-api/src/lib.rs @@ -38,6 +38,7 @@ pub enum Error { Storage(StorageError), Codec(codec::Error), Sgx(sgx_types::sgx_status_t), + ChainCallFailed, } pub type Result = StdResult; @@ -123,6 +124,8 @@ pub trait EnclaveOnChainOCallApi: Clone + Send + Sync { key_prefix: Vec, header: Option<&H>, ) -> Result>>; + + fn get_header>(&self, parentchain_id: &ParentchainId) -> Result; } /// Trait for sending metric updates. diff --git a/tee-worker/common/core-primitives/test/src/mock/onchain_mock.rs b/tee-worker/common/core-primitives/test/src/mock/onchain_mock.rs index 021875620e..992c5e7e88 100644 --- a/tee-worker/common/core-primitives/test/src/mock/onchain_mock.rs +++ b/tee-worker/common/core-primitives/test/src/mock/onchain_mock.rs @@ -30,10 +30,16 @@ use itp_types::{ use lc_teebag_storage::{TeebagStorage, TeebagStorageKeys}; use sgx_types::*; use sp_core::H256; -use sp_runtime::{traits::Header as HeaderTrait, OpaqueExtrinsic}; +use sp_runtime::{ + traits::{BlakeTwo256, Header as HeaderTrait}, + OpaqueExtrinsic, +}; use sp_std::prelude::*; use std::{collections::HashMap, string::String}; +type BlockNumber = u32; +pub type GenericHeader = sp_runtime::generic::Header; + #[derive(Default, Clone, Debug)] pub struct OnchainMock { inner: HashMap, Vec>, @@ -230,6 +236,13 @@ impl EnclaveOnChainOCallApi for OnchainMock { ) -> Result>, itp_ocall_api::Error> { Ok(Default::default()) } + + fn get_header>( + &self, + _: &ParentchainId, + ) -> itp_ocall_api::Result { + todo!() + } } pub fn validateer_set() -> Vec { diff --git a/tee-worker/common/core-primitives/types/src/lib.rs b/tee-worker/common/core-primitives/types/src/lib.rs index 08103feefa..f68f9409e3 100644 --- a/tee-worker/common/core-primitives/types/src/lib.rs +++ b/tee-worker/common/core-primitives/types/src/lib.rs @@ -148,6 +148,8 @@ pub enum WorkerRequest { ChainStorage(Vec, Option), // (storage_key, at_block) #[codec(index = 1)] ChainStorageKeys(Vec, Option), // (storage_key_prefix, at_block) + #[codec(index = 2)] + ChainHeader(Option), // (at_block) } #[derive(Encode, Decode, Clone, Debug, PartialEq)] @@ -156,6 +158,8 @@ pub enum WorkerResponse { ChainStorage(Vec, Option, Option>>), // (storage_key, storage_value, storage_proof) #[codec(index = 1)] ChainStorageKeys(Vec>), // (storage_keys) + #[codec(index = 2)] + ChainHeader(Option), // (header) } impl From>> for StorageEntry> { diff --git a/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs b/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs index 124f7fabd9..fc59fd9f76 100644 --- a/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs +++ b/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs @@ -19,7 +19,7 @@ use crate::ocall::{ffi, OcallApi}; use codec::{Decode, Encode}; use frame_support::ensure; -use itp_ocall_api::{EnclaveOnChainOCallApi, Result}; +use itp_ocall_api::{EnclaveOnChainOCallApi, Error, Result}; use itp_storage::{verify_storage_entries, Error as StorageError}; use itp_types::{ parentchain::ParentchainId, storage::StorageEntryVerified, WorkerRequest, WorkerResponse, H256, @@ -146,4 +146,18 @@ impl EnclaveOnChainOCallApi for OcallApi { let first_response = responses.get(0).ok_or(StorageError::WrongValue)?; Ok(first_response.clone()) } + + fn get_header>(&self, parentchain_id: &ParentchainId) -> Result { + let request = vec![WorkerRequest::ChainHeader(None)]; + let responses: Vec = self + .worker_request::>(request, parentchain_id)? + .iter() + .filter_map(|r| match r { + WorkerResponse::ChainHeader(Some(h)) => Decode::decode(&mut h.as_slice()).ok()?, + _ => None, + }) + .collect(); + + responses.first().cloned().ok_or(Error::ChainCallFailed) + } } diff --git a/tee-worker/identity/enclave-runtime/src/test/mocks/propose_to_import_call_mock.rs b/tee-worker/identity/enclave-runtime/src/test/mocks/propose_to_import_call_mock.rs index 67a1b4ea64..4453cd6d6f 100644 --- a/tee-worker/identity/enclave-runtime/src/test/mocks/propose_to_import_call_mock.rs +++ b/tee-worker/identity/enclave-runtime/src/test/mocks/propose_to_import_call_mock.rs @@ -91,6 +91,13 @@ impl EnclaveOnChainOCallApi for ProposeToImportOCallApi { ) -> Result>> { todo!() } + + fn get_header>( + &self, + _parentchain_id: &ParentchainId, + ) -> Result { + todo!() + } } impl EnclaveSidechainOCallApi for ProposeToImportOCallApi { diff --git a/tee-worker/identity/service/src/ocall_bridge/worker_on_chain_ocall.rs b/tee-worker/identity/service/src/ocall_bridge/worker_on_chain_ocall.rs index 3e1b181b78..48035b09af 100644 --- a/tee-worker/identity/service/src/ocall_bridge/worker_on_chain_ocall.rs +++ b/tee-worker/identity/service/src/ocall_bridge/worker_on_chain_ocall.rs @@ -26,7 +26,8 @@ use log::*; use sp_runtime::OpaqueExtrinsic; use std::{sync::Arc, thread, vec::Vec}; use substrate_api_client::{ - ac_primitives::serde_impls::StorageKey, GetStorage, SubmitAndWatch, SubmitExtrinsic, XtStatus, + ac_primitives::serde_impls::StorageKey, GetChainInfo, GetStorage, SubmitAndWatch, + SubmitExtrinsic, XtStatus, }; #[cfg(feature = "link-binary")] @@ -112,6 +113,13 @@ where }; WorkerResponse::ChainStorageKeys(keys) }, + WorkerRequest::ChainHeader(block_hash) => { + let header = match api.get_header(block_hash) { + Ok(Some(header)) => Some(header.encode()), + _ => None, + }; + WorkerResponse::ChainHeader(header) + }, }) .collect(); From da95e2954c09861d29997d7c4dff11da560a1f73 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 12:28:32 +0000 Subject: [PATCH 16/49] cleaning up OmniAccountRepository --- .../core/omni-account/src/repository.rs | 29 +++---------------- 1 file changed, 4 insertions(+), 25 deletions(-) diff --git a/tee-worker/identity/litentry/core/omni-account/src/repository.rs b/tee-worker/identity/litentry/core/omni-account/src/repository.rs index 189c3a039e..cb325c7827 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/repository.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/repository.rs @@ -15,26 +15,22 @@ // along with Litentry. If not, see . use crate::{AccountId, Error, Header, MemberAccount, OmniAccounts, ParentchainId}; -use alloc::{borrow::ToOwned, vec::Vec}; +use alloc::{sync::Arc, vec::Vec}; use frame_support::storage::storage_prefix; use itp_ocall_api::EnclaveOnChainOCallApi; -use itp_storage::{ - decode_storage_key, extract_blake2_128concat_key, storage_map_key, StorageHasher, -}; +use itp_storage::{decode_storage_key, extract_blake2_128concat_key}; pub trait GetAccountStoresRepository { - fn get_by_account_id(&self, account_id: AccountId) - -> Result>, Error>; fn get_all(&self) -> Result; } pub struct OmniAccountRepository { - ocall_api: OCallApi, + ocall_api: Arc, header: Header, } impl OmniAccountRepository { - pub fn new(ocall_api: OCallApi, header: Header) -> Self { + pub fn new(ocall_api: Arc, header: Header) -> Self { Self { ocall_api, header } } @@ -46,22 +42,6 @@ impl OmniAccountRepository { impl GetAccountStoresRepository for OmniAccountRepository { - fn get_by_account_id(&self, owner: AccountId) -> Result>, Error> { - let storage_key = storage_map_key( - "OmniAccount", - "AccountStore", - &owner, - &StorageHasher::Blake2_128Concat, - ); - let storage_entry = self - .ocall_api - .get_storage_verified(storage_key, &self.header, &ParentchainId::Litentry) - .map_err(|_| Error::OCallApiError("Failed to get storage"))?; - let member_accounts = storage_entry.value().to_owned(); - - Ok(member_accounts) - } - fn get_all(&self) -> Result { let account_store_key_prefix = storage_prefix(b"OmniAccount", b"AccountStore"); let account_store_storage_keys_response = self @@ -82,7 +62,6 @@ impl GetAccountStoresRepository .map_err(|_| Error::OCallApiError("Failed to get multiple storages"))? .into_iter() .filter_map(|entry| { - // TODO: double check this let storage_key = decode_storage_key(entry.key)?; let account_id: AccountId = extract_blake2_128concat_key(&storage_key)?; let member_accounts: Vec = entry.value?; From ecdde2e5e49b232ee9bc6833bdbca173a26ccf5b Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 12:40:17 +0000 Subject: [PATCH 17/49] updating bitacross --- tee-worker/bitacross/enclave-runtime/Cargo.lock | 3 +-- .../enclave-runtime/src/ocall/on_chain_ocall.rs | 16 +++++++++++++++- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/tee-worker/bitacross/enclave-runtime/Cargo.lock b/tee-worker/bitacross/enclave-runtime/Cargo.lock index c6e9aa1a46..57ab2c837a 100644 --- a/tee-worker/bitacross/enclave-runtime/Cargo.lock +++ b/tee-worker/bitacross/enclave-runtime/Cargo.lock @@ -988,7 +988,6 @@ dependencies = [ "serde 1.0.204", "serde_json 1.0.120", "sp-core", - "sp-core-hashing", "sp-io", "sp-runtime", "sp-std", @@ -2557,7 +2556,7 @@ dependencies = [ "frame-support", "hash-db 0.15.2", "itp-types", - "litentry-hex-utils 0.1.0", + "litentry-hex-utils", "parity-scale-codec", "sgx_tstd", "sp-core", diff --git a/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs b/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs index 124f7fabd9..fc59fd9f76 100644 --- a/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs +++ b/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs @@ -19,7 +19,7 @@ use crate::ocall::{ffi, OcallApi}; use codec::{Decode, Encode}; use frame_support::ensure; -use itp_ocall_api::{EnclaveOnChainOCallApi, Result}; +use itp_ocall_api::{EnclaveOnChainOCallApi, Error, Result}; use itp_storage::{verify_storage_entries, Error as StorageError}; use itp_types::{ parentchain::ParentchainId, storage::StorageEntryVerified, WorkerRequest, WorkerResponse, H256, @@ -146,4 +146,18 @@ impl EnclaveOnChainOCallApi for OcallApi { let first_response = responses.get(0).ok_or(StorageError::WrongValue)?; Ok(first_response.clone()) } + + fn get_header>(&self, parentchain_id: &ParentchainId) -> Result { + let request = vec![WorkerRequest::ChainHeader(None)]; + let responses: Vec = self + .worker_request::>(request, parentchain_id)? + .iter() + .filter_map(|r| match r { + WorkerResponse::ChainHeader(Some(h)) => Decode::decode(&mut h.as_slice()).ok()?, + _ => None, + }) + .collect(); + + responses.first().cloned().ok_or(Error::ChainCallFailed) + } } From 37c6bb7f48198f37062dd5f15fac9e76e7a29575 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 12:41:19 +0000 Subject: [PATCH 18/49] setting up in_memory_state initialization --- tee-worker/identity/enclave-runtime/Cargo.lock | 1 + tee-worker/identity/enclave-runtime/Cargo.toml | 1 + .../enclave-runtime/src/initialization/mod.rs | 5 ++++- .../litentry/core/omni-account/src/lib.rs | 15 ++++++++++++++- 4 files changed, 20 insertions(+), 2 deletions(-) diff --git a/tee-worker/identity/enclave-runtime/Cargo.lock b/tee-worker/identity/enclave-runtime/Cargo.lock index 5c8c3e72ec..723103d932 100644 --- a/tee-worker/identity/enclave-runtime/Cargo.lock +++ b/tee-worker/identity/enclave-runtime/Cargo.lock @@ -953,6 +953,7 @@ dependencies = [ "lc-evm-dynamic-assertions", "lc-identity-verification", "lc-native-task-receiver", + "lc-omni-account", "lc-parachain-extrinsic-task-receiver", "lc-stf-task-receiver", "lc-vc-task-receiver", diff --git a/tee-worker/identity/enclave-runtime/Cargo.toml b/tee-worker/identity/enclave-runtime/Cargo.toml index efa9ed93bb..481a75c6f8 100644 --- a/tee-worker/identity/enclave-runtime/Cargo.toml +++ b/tee-worker/identity/enclave-runtime/Cargo.toml @@ -151,6 +151,7 @@ lc-native-task-receiver = { path = "../litentry/core/native-task/receiver", defa lc-parachain-extrinsic-task-receiver = { path = "../../common/litentry/core/parachain-extrinsic-task/receiver", default-features = false, features = ["sgx"] } lc-stf-task-receiver = { path = "../litentry/core/stf-task/receiver", default-features = false, features = ["sgx"] } lc-vc-task-receiver = { path = "../litentry/core/vc-task/receiver", default-features = false, features = ["sgx"] } +lc-omni-account = { path = "../litentry/core/omni-account", default-features = false, features = ["sgx"] } litentry-hex-utils = { path = "../../../common/utils/hex", default-features = false } litentry-macros = { path = "../../../common/primitives/core/macros", default-features = false } litentry-primitives = { path = "../../common/litentry/primitives", default-features = false, features = ["sgx"] } diff --git a/tee-worker/identity/enclave-runtime/src/initialization/mod.rs b/tee-worker/identity/enclave-runtime/src/initialization/mod.rs index 843373742f..5c768f171d 100644 --- a/tee-worker/identity/enclave-runtime/src/initialization/mod.rs +++ b/tee-worker/identity/enclave-runtime/src/initialization/mod.rs @@ -89,6 +89,7 @@ use jsonrpc_core::IoHandler; use lc_data_providers::DataProviderConfig; use lc_evm_dynamic_assertions::repository::EvmAssertionRepository; use lc_native_task_receiver::{run_native_task_receiver, NativeTaskContext}; +use lc_omni_account::init_in_memory_state; use lc_parachain_extrinsic_task_receiver::run_parachain_extrinsic_task_receiver; use lc_stf_task_receiver::{run_stf_task_receiver, StfTaskContext}; use lc_vc_task_receiver::run_vc_handler_runner; @@ -239,12 +240,14 @@ pub(crate) fn init_enclave( GLOBAL_RPC_WS_HANDLER_COMPONENT.initialize(rpc_handler); let attestation_handler = - Arc::new(IntelAttestationHandler::new(ocall_api, signing_key_repository)); + Arc::new(IntelAttestationHandler::new(ocall_api.clone(), signing_key_repository)); GLOBAL_ATTESTATION_HANDLER_COMPONENT.initialize(attestation_handler); let evm_assertion_repository = EvmAssertionRepository::new(ASSERTIONS_FILE)?; GLOBAL_ASSERTION_REPOSITORY.initialize(evm_assertion_repository.into()); + init_in_memory_state(ocall_api).map_err(|e| Error::Other(e.into()))?; + Ok(()) } diff --git a/tee-worker/identity/litentry/core/omni-account/src/lib.rs b/tee-worker/identity/litentry/core/omni-account/src/lib.rs index cb5bdcbab2..b6869b5deb 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/lib.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/lib.rs @@ -25,12 +25,13 @@ extern crate sgx_tstd as std; extern crate alloc; mod repository; +use itp_ocall_api::EnclaveOnChainOCallApi; pub use repository::*; mod in_memory_store; pub use in_memory_store::InMemoryStore; -use alloc::{collections::btree_map::BTreeMap, vec::Vec}; +use alloc::{collections::btree_map::BTreeMap, sync::Arc, vec::Vec}; use itp_types::parentchain::{AccountId, Header, ParentchainId}; use litentry_primitives::MemberAccount; @@ -41,3 +42,15 @@ pub enum Error { LockPoisoning, OCallApiError(&'static str), } + +pub fn init_in_memory_state(ocall_api: Arc) -> Result<(), &'static str> +where + OCallApi: EnclaveOnChainOCallApi, +{ + let header = ocall_api + .get_header(&ParentchainId::Litentry) + .map_err(|_| "Failed to get header")?; + let repository = OmniAccountRepository::new(ocall_api, header); + let account_stores = repository.get_all().map_err(|_| "Failed to get all account stores")?; + InMemoryStore::load(account_stores).map_err(|_| "Failed to load account stores") +} From 94142721f85b0f2f0aa065556acafadf22eac63f Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 12:43:05 +0000 Subject: [PATCH 19/49] adding TODO --- tee-worker/identity/litentry/core/omni-account/src/lib.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/tee-worker/identity/litentry/core/omni-account/src/lib.rs b/tee-worker/identity/litentry/core/omni-account/src/lib.rs index b6869b5deb..4312fbdfc3 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/lib.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/lib.rs @@ -52,5 +52,6 @@ where .map_err(|_| "Failed to get header")?; let repository = OmniAccountRepository::new(ocall_api, header); let account_stores = repository.get_all().map_err(|_| "Failed to get all account stores")?; + // TOOD: decrypt state InMemoryStore::load(account_stores).map_err(|_| "Failed to load account stores") } From ccb38d2be5bf4d5cbcac04e5021f43e56a39f641 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 15:10:30 +0000 Subject: [PATCH 20/49] extending ocall_api to fetch paginated storage keys --- .../src/ocall/on_chain_ocall.rs | 25 +++++++++++++++++++ .../src/ocall_bridge/worker_on_chain_ocall.rs | 12 +++++++++ .../core-primitives/ocall-api/src/lib.rs | 8 ++++++ .../test/src/mock/onchain_mock.rs | 10 ++++++++ .../common/core-primitives/types/src/lib.rs | 2 ++ .../src/ocall/on_chain_ocall.rs | 25 +++++++++++++++++++ .../test/mocks/propose_to_import_call_mock.rs | 10 ++++++++ .../src/ocall_bridge/worker_on_chain_ocall.rs | 12 +++++++++ 8 files changed, 104 insertions(+) diff --git a/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs b/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs index fc59fd9f76..e8e02bd0ba 100644 --- a/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs +++ b/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs @@ -147,6 +147,31 @@ impl EnclaveOnChainOCallApi for OcallApi { Ok(first_response.clone()) } + fn get_storage_keys_paged>( + &self, + key_prefix: Vec, + count: u32, + start_key: Option>, + header: Option<&H>, + ) -> Result>> { + let header_hash = header.map(|h| h.hash()); + let requests = + vec![WorkerRequest::ChainStorageKeysPaged(key_prefix, count, start_key, header_hash)]; + + let responses: Vec>> = self + .worker_request::>(requests, &ParentchainId::Litentry)? + .iter() + .filter_map(|r| match r { + WorkerResponse::ChainStorageKeys(k) => Some(k.clone()), + _ => None, + }) + .collect(); + + // we should only have one response as we only sent one request + let first_response = responses.get(0).ok_or(StorageError::WrongValue)?; + Ok(first_response.clone()) + } + fn get_header>(&self, parentchain_id: &ParentchainId) -> Result { let request = vec![WorkerRequest::ChainHeader(None)]; let responses: Vec = self diff --git a/tee-worker/bitacross/service/src/ocall_bridge/worker_on_chain_ocall.rs b/tee-worker/bitacross/service/src/ocall_bridge/worker_on_chain_ocall.rs index 48035b09af..3b15ad304c 100644 --- a/tee-worker/bitacross/service/src/ocall_bridge/worker_on_chain_ocall.rs +++ b/tee-worker/bitacross/service/src/ocall_bridge/worker_on_chain_ocall.rs @@ -113,6 +113,18 @@ where }; WorkerResponse::ChainStorageKeys(keys) }, + WorkerRequest::ChainStorageKeysPaged(prefix, count, start_key, hash) => { + let keys: Vec> = match api.get_storage_keys_paged( + Some(StorageKey(prefix)), + count, + start_key.map(StorageKey), + hash, + ) { + Ok(keys) => keys.iter().map(|k| k.as_ref().encode()).collect(), + _ => Default::default(), + }; + WorkerResponse::ChainStorageKeys(keys) + }, WorkerRequest::ChainHeader(block_hash) => { let header = match api.get_header(block_hash) { Ok(Some(header)) => Some(header.encode()), diff --git a/tee-worker/common/core-primitives/ocall-api/src/lib.rs b/tee-worker/common/core-primitives/ocall-api/src/lib.rs index 8e25947a98..4c54ffc130 100644 --- a/tee-worker/common/core-primitives/ocall-api/src/lib.rs +++ b/tee-worker/common/core-primitives/ocall-api/src/lib.rs @@ -125,6 +125,14 @@ pub trait EnclaveOnChainOCallApi: Clone + Send + Sync { header: Option<&H>, ) -> Result>>; + fn get_storage_keys_paged>( + &self, + key_prefix: Vec, + count: u32, + start_key: Option>, + header: Option<&H>, + ) -> Result>>; + fn get_header>(&self, parentchain_id: &ParentchainId) -> Result; } diff --git a/tee-worker/common/core-primitives/test/src/mock/onchain_mock.rs b/tee-worker/common/core-primitives/test/src/mock/onchain_mock.rs index 992c5e7e88..0e9b212e6d 100644 --- a/tee-worker/common/core-primitives/test/src/mock/onchain_mock.rs +++ b/tee-worker/common/core-primitives/test/src/mock/onchain_mock.rs @@ -237,6 +237,16 @@ impl EnclaveOnChainOCallApi for OnchainMock { Ok(Default::default()) } + fn get_storage_keys_paged>( + &self, + _key_prefix: Vec, + _count: u32, + _start_key: Option>, + _header: Option<&H>, + ) -> itp_ocall_api::Result>> { + Ok(Default::default()) + } + fn get_header>( &self, _: &ParentchainId, diff --git a/tee-worker/common/core-primitives/types/src/lib.rs b/tee-worker/common/core-primitives/types/src/lib.rs index f68f9409e3..da2b66d6da 100644 --- a/tee-worker/common/core-primitives/types/src/lib.rs +++ b/tee-worker/common/core-primitives/types/src/lib.rs @@ -149,6 +149,8 @@ pub enum WorkerRequest { #[codec(index = 1)] ChainStorageKeys(Vec, Option), // (storage_key_prefix, at_block) #[codec(index = 2)] + ChainStorageKeysPaged(Vec, u32, Option>, Option), // (storage_key_prefix, count, start_key, at_block) + #[codec(index = 3)] ChainHeader(Option), // (at_block) } diff --git a/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs b/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs index fc59fd9f76..e8e02bd0ba 100644 --- a/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs +++ b/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs @@ -147,6 +147,31 @@ impl EnclaveOnChainOCallApi for OcallApi { Ok(first_response.clone()) } + fn get_storage_keys_paged>( + &self, + key_prefix: Vec, + count: u32, + start_key: Option>, + header: Option<&H>, + ) -> Result>> { + let header_hash = header.map(|h| h.hash()); + let requests = + vec![WorkerRequest::ChainStorageKeysPaged(key_prefix, count, start_key, header_hash)]; + + let responses: Vec>> = self + .worker_request::>(requests, &ParentchainId::Litentry)? + .iter() + .filter_map(|r| match r { + WorkerResponse::ChainStorageKeys(k) => Some(k.clone()), + _ => None, + }) + .collect(); + + // we should only have one response as we only sent one request + let first_response = responses.get(0).ok_or(StorageError::WrongValue)?; + Ok(first_response.clone()) + } + fn get_header>(&self, parentchain_id: &ParentchainId) -> Result { let request = vec![WorkerRequest::ChainHeader(None)]; let responses: Vec = self diff --git a/tee-worker/identity/enclave-runtime/src/test/mocks/propose_to_import_call_mock.rs b/tee-worker/identity/enclave-runtime/src/test/mocks/propose_to_import_call_mock.rs index 4453cd6d6f..a9f7ff9806 100644 --- a/tee-worker/identity/enclave-runtime/src/test/mocks/propose_to_import_call_mock.rs +++ b/tee-worker/identity/enclave-runtime/src/test/mocks/propose_to_import_call_mock.rs @@ -98,6 +98,16 @@ impl EnclaveOnChainOCallApi for ProposeToImportOCallApi { ) -> Result { todo!() } + + fn get_storage_keys_paged>( + &self, + _key_prefix: Vec, + _count: u32, + _start_key: Option>, + _header: Option<&H>, + ) -> Result>> { + todo!() + } } impl EnclaveSidechainOCallApi for ProposeToImportOCallApi { diff --git a/tee-worker/identity/service/src/ocall_bridge/worker_on_chain_ocall.rs b/tee-worker/identity/service/src/ocall_bridge/worker_on_chain_ocall.rs index 48035b09af..3b15ad304c 100644 --- a/tee-worker/identity/service/src/ocall_bridge/worker_on_chain_ocall.rs +++ b/tee-worker/identity/service/src/ocall_bridge/worker_on_chain_ocall.rs @@ -113,6 +113,18 @@ where }; WorkerResponse::ChainStorageKeys(keys) }, + WorkerRequest::ChainStorageKeysPaged(prefix, count, start_key, hash) => { + let keys: Vec> = match api.get_storage_keys_paged( + Some(StorageKey(prefix)), + count, + start_key.map(StorageKey), + hash, + ) { + Ok(keys) => keys.iter().map(|k| k.as_ref().encode()).collect(), + _ => Default::default(), + }; + WorkerResponse::ChainStorageKeys(keys) + }, WorkerRequest::ChainHeader(block_hash) => { let header = match api.get_header(block_hash) { Ok(Some(header)) => Some(header.encode()), From a04fa8bf128556117da2e6c9782336ce14bb1e9b Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 15:16:02 +0000 Subject: [PATCH 21/49] refactoring get_all, getting entries with pagination --- .../core/omni-account/src/repository.rs | 70 ++++++++++++------- 1 file changed, 45 insertions(+), 25 deletions(-) diff --git a/tee-worker/identity/litentry/core/omni-account/src/repository.rs b/tee-worker/identity/litentry/core/omni-account/src/repository.rs index cb325c7827..506528c16a 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/repository.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/repository.rs @@ -15,7 +15,7 @@ // along with Litentry. If not, see . use crate::{AccountId, Error, Header, MemberAccount, OmniAccounts, ParentchainId}; -use alloc::{sync::Arc, vec::Vec}; +use alloc::{collections::btree_map::BTreeMap, sync::Arc, vec::Vec}; use frame_support::storage::storage_prefix; use itp_ocall_api::EnclaveOnChainOCallApi; use itp_storage::{decode_storage_key, extract_blake2_128concat_key}; @@ -44,30 +44,50 @@ impl GetAccountStoresRepository { fn get_all(&self) -> Result { let account_store_key_prefix = storage_prefix(b"OmniAccount", b"AccountStore"); - let account_store_storage_keys_response = self - .ocall_api - .get_storage_keys(account_store_key_prefix.into(), Some(&self.header)) - .map_err(|_| Error::OCallApiError("Failed to get storage keys"))?; - let account_store_storage_keys = account_store_storage_keys_response - .into_iter() - .filter_map(decode_storage_key) - .collect::>>(); - let omni_accounts: OmniAccounts = self - .ocall_api - .get_multiple_storages_verified( - account_store_storage_keys, - &self.header, - &ParentchainId::Litentry, - ) - .map_err(|_| Error::OCallApiError("Failed to get multiple storages"))? - .into_iter() - .filter_map(|entry| { - let storage_key = decode_storage_key(entry.key)?; - let account_id: AccountId = extract_blake2_128concat_key(&storage_key)?; - let member_accounts: Vec = entry.value?; - Some((account_id, member_accounts)) - }) - .collect(); + let page_size = 300; + let mut start_key: Option> = None; + let mut omni_accounts: OmniAccounts = BTreeMap::new(); + + loop { + let storage_keys_paged = self + .ocall_api + .get_storage_keys_paged( + account_store_key_prefix.into(), + page_size, + start_key.clone(), + Some(&self.header), + ) + .map_err(|_| Error::OCallApiError("Failed to get storage keys"))?; + + if storage_keys_paged.is_empty() { + break + } + + let account_store_storage_keys = storage_keys_paged + .into_iter() + .filter_map(decode_storage_key) + .collect::>>(); + + start_key = account_store_storage_keys.last().cloned(); + + self.ocall_api + .get_multiple_storages_verified( + account_store_storage_keys, + &self.header, + &ParentchainId::Litentry, + ) + .map_err(|_| Error::OCallApiError("Failed to get multiple storages"))? + .into_iter() + .filter_map(|entry| { + let storage_key = decode_storage_key(entry.key)?; + let account_id: AccountId = extract_blake2_128concat_key(&storage_key)?; + let member_accounts: Vec = entry.value?; + Some((account_id, member_accounts)) + }) + .for_each(|(account_id, member_accounts)| { + omni_accounts.insert(account_id, member_accounts); + }); + } Ok(omni_accounts) } From 75f0dc9ff7240cd90869b1d90a654435130d5189 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 15:25:33 +0000 Subject: [PATCH 22/49] updating error --- .../core/parentchain/indirect-calls-executor/src/error.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tee-worker/identity/core/parentchain/indirect-calls-executor/src/error.rs b/tee-worker/identity/core/parentchain/indirect-calls-executor/src/error.rs index a60ff3f662..ef745e930f 100644 --- a/tee-worker/identity/core/parentchain/indirect-calls-executor/src/error.rs +++ b/tee-worker/identity/core/parentchain/indirect-calls-executor/src/error.rs @@ -53,7 +53,7 @@ pub enum Error { BatchAllHandlingError, #[error("AssertionCreated handling error: {0:?}")] AssertionCreatedHandling(String), - #[error("AccountStore error: {0}")] + #[error("AccountStore error: {0:?}")] AccountStoreError(String), } From c261ecbecdd2f213b3e4a3ad6d4c347db6a76b37 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 15:27:51 +0000 Subject: [PATCH 23/49] fixing typo --- tee-worker/identity/litentry/core/omni-account/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tee-worker/identity/litentry/core/omni-account/src/lib.rs b/tee-worker/identity/litentry/core/omni-account/src/lib.rs index 4312fbdfc3..4030b74e72 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/lib.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/lib.rs @@ -52,6 +52,6 @@ where .map_err(|_| "Failed to get header")?; let repository = OmniAccountRepository::new(ocall_api, header); let account_stores = repository.get_all().map_err(|_| "Failed to get all account stores")?; - // TOOD: decrypt state + // TODO: decrypt state InMemoryStore::load(account_stores).map_err(|_| "Failed to load account stores") } From 8c91f0671c7fe2ba24af8b7f86585620469c2a5a Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 17:03:14 +0000 Subject: [PATCH 24/49] fixing get_header --- .../bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs | 3 ++- .../identity/enclave-runtime/src/ocall/on_chain_ocall.rs | 7 +++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs b/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs index e8e02bd0ba..98ba9e9e33 100644 --- a/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs +++ b/tee-worker/bitacross/enclave-runtime/src/ocall/on_chain_ocall.rs @@ -178,7 +178,8 @@ impl EnclaveOnChainOCallApi for OcallApi { .worker_request::>(request, parentchain_id)? .iter() .filter_map(|r| match r { - WorkerResponse::ChainHeader(Some(h)) => Decode::decode(&mut h.as_slice()).ok()?, + WorkerResponse::ChainHeader(Some(h)) => + Some(Decode::decode(&mut h.as_slice()).ok()?), _ => None, }) .collect(); diff --git a/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs b/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs index e8e02bd0ba..0415b79f6e 100644 --- a/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs +++ b/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs @@ -64,7 +64,7 @@ impl EnclaveOnChainOCallApi for OcallApi { ) -> SgxResult>> { let mut rt: sgx_status_t = sgx_status_t::SGX_ERROR_UNEXPECTED; // Litentry: since #1221 we need 28139 bytes - let mut resp: Vec = vec![0; 4196 * 16]; + let mut resp: Vec = vec![0; 4196 * 16]; // TODO: should we increase this size? let request_encoded = req.encode(); let parentchain_id_encoded = parentchain_id.encode(); @@ -178,11 +178,14 @@ impl EnclaveOnChainOCallApi for OcallApi { .worker_request::>(request, parentchain_id)? .iter() .filter_map(|r| match r { - WorkerResponse::ChainHeader(Some(h)) => Decode::decode(&mut h.as_slice()).ok()?, + WorkerResponse::ChainHeader(Some(h)) => + Some(Decode::decode(&mut h.as_slice()).ok()?), _ => None, }) .collect(); + log::error!("Got headers: {:?}", responses); + responses.first().cloned().ok_or(Error::ChainCallFailed) } } From 3c6b4a619338a8b8ecfdccff7734b584f06f8b95 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 17:06:08 +0000 Subject: [PATCH 25/49] logging error --- tee-worker/identity/litentry/core/omni-account/src/lib.rs | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tee-worker/identity/litentry/core/omni-account/src/lib.rs b/tee-worker/identity/litentry/core/omni-account/src/lib.rs index 4030b74e72..66a02a065d 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/lib.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/lib.rs @@ -47,9 +47,10 @@ pub fn init_in_memory_state(ocall_api: Arc) -> Result<(), &' where OCallApi: EnclaveOnChainOCallApi, { - let header = ocall_api - .get_header(&ParentchainId::Litentry) - .map_err(|_| "Failed to get header")?; + let header = ocall_api.get_header(&ParentchainId::Litentry).map_err(|e| { + log::error!("Failed to get header: {:?}", e); + "Failed to get header" + })?; let repository = OmniAccountRepository::new(ocall_api, header); let account_stores = repository.get_all().map_err(|_| "Failed to get all account stores")?; // TODO: decrypt state From 078ad2c86020b1267946db03b2edcac1128c4b98 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 17 Oct 2024 17:06:17 +0000 Subject: [PATCH 26/49] init state on init_parentchain_components --- .../enclave-runtime/src/initialization/mod.rs | 3 --- .../src/initialization/parentchain/mod.rs | 11 ++++++++--- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/tee-worker/identity/enclave-runtime/src/initialization/mod.rs b/tee-worker/identity/enclave-runtime/src/initialization/mod.rs index 5c768f171d..3597de3f9e 100644 --- a/tee-worker/identity/enclave-runtime/src/initialization/mod.rs +++ b/tee-worker/identity/enclave-runtime/src/initialization/mod.rs @@ -89,7 +89,6 @@ use jsonrpc_core::IoHandler; use lc_data_providers::DataProviderConfig; use lc_evm_dynamic_assertions::repository::EvmAssertionRepository; use lc_native_task_receiver::{run_native_task_receiver, NativeTaskContext}; -use lc_omni_account::init_in_memory_state; use lc_parachain_extrinsic_task_receiver::run_parachain_extrinsic_task_receiver; use lc_stf_task_receiver::{run_stf_task_receiver, StfTaskContext}; use lc_vc_task_receiver::run_vc_handler_runner; @@ -246,8 +245,6 @@ pub(crate) fn init_enclave( let evm_assertion_repository = EvmAssertionRepository::new(ASSERTIONS_FILE)?; GLOBAL_ASSERTION_REPOSITORY.initialize(evm_assertion_repository.into()); - init_in_memory_state(ocall_api).map_err(|e| Error::Other(e.into()))?; - Ok(()) } diff --git a/tee-worker/identity/enclave-runtime/src/initialization/parentchain/mod.rs b/tee-worker/identity/enclave-runtime/src/initialization/parentchain/mod.rs index 8ac2ae9928..a82f3074e6 100644 --- a/tee-worker/identity/enclave-runtime/src/initialization/parentchain/mod.rs +++ b/tee-worker/identity/enclave-runtime/src/initialization/parentchain/mod.rs @@ -16,11 +16,11 @@ */ use crate::{ - error::Result, + error::{Error, Result}, initialization::{ global_components::{ GLOBAL_INTEGRITEE_PARACHAIN_HANDLER_COMPONENT, - GLOBAL_INTEGRITEE_SOLOCHAIN_HANDLER_COMPONENT, + GLOBAL_INTEGRITEE_SOLOCHAIN_HANDLER_COMPONENT, GLOBAL_OCALL_API_COMPONENT, GLOBAL_TARGET_A_PARACHAIN_HANDLER_COMPONENT, GLOBAL_TARGET_A_SOLOCHAIN_HANDLER_COMPONENT, GLOBAL_TARGET_B_PARACHAIN_HANDLER_COMPONENT, @@ -39,9 +39,10 @@ use codec::{Decode, Encode}; use integritee_parachain::IntegriteeParachainHandler; use integritee_solochain::IntegriteeSolochainHandler; use itc_parentchain::light_client::{concurrent_access::ValidatorAccess, LightClientState}; -use itp_component_container::ComponentInitializer; +use itp_component_container::{ComponentGetter, ComponentInitializer}; use itp_settings::worker_mode::ProvideWorkerMode; use itp_types::parentchain::{ParentchainId, ParentchainInitParams}; +use lc_omni_account::init_in_memory_state; use log::*; use std::{path::PathBuf, vec::Vec}; @@ -59,6 +60,10 @@ pub(crate) fn init_parentchain_components ) -> Result> { match ParentchainInitParams::decode(&mut encoded_params.as_slice())? { ParentchainInitParams::Parachain { id, shard, params } => { + let ocall_api = GLOBAL_OCALL_API_COMPONENT.get().map_err(|e| Error::Other(e.into()))?; + info!("Initializing in-memory state for shard: {:?}", shard); + init_in_memory_state(ocall_api).map_err(|e| Error::Other(e.into()))?; + info!("In Memory State initialized for shard: {:?}", shard); info!( "[{:?}] initializing parachain parentchain components for shard: {:?}", id, shard From ed97b50d0bcc3d99ff63870e83499d693039e182 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 07:38:55 +0000 Subject: [PATCH 27/49] fixing fmt --- tee-worker/identity/enclave-runtime/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tee-worker/identity/enclave-runtime/Cargo.toml b/tee-worker/identity/enclave-runtime/Cargo.toml index 481a75c6f8..e307903815 100644 --- a/tee-worker/identity/enclave-runtime/Cargo.toml +++ b/tee-worker/identity/enclave-runtime/Cargo.toml @@ -148,10 +148,10 @@ lc-data-providers = { path = "../litentry/core/data-providers", default-features lc-evm-dynamic-assertions = { path = "../litentry/core/evm-dynamic-assertions", default-features = false, features = ["sgx"] } lc-identity-verification = { path = "../litentry/core/identity-verification", default-features = false, features = ["sgx"] } lc-native-task-receiver = { path = "../litentry/core/native-task/receiver", default-features = false, features = ["sgx"] } +lc-omni-account = { path = "../litentry/core/omni-account", default-features = false, features = ["sgx"] } lc-parachain-extrinsic-task-receiver = { path = "../../common/litentry/core/parachain-extrinsic-task/receiver", default-features = false, features = ["sgx"] } lc-stf-task-receiver = { path = "../litentry/core/stf-task/receiver", default-features = false, features = ["sgx"] } lc-vc-task-receiver = { path = "../litentry/core/vc-task/receiver", default-features = false, features = ["sgx"] } -lc-omni-account = { path = "../litentry/core/omni-account", default-features = false, features = ["sgx"] } litentry-hex-utils = { path = "../../../common/utils/hex", default-features = false } litentry-macros = { path = "../../../common/primitives/core/macros", default-features = false } litentry-primitives = { path = "../../common/litentry/primitives", default-features = false, features = ["sgx"] } From ea1d526ca5411f852cbacc09af8ebbc7edccf9e5 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 08:57:41 +0000 Subject: [PATCH 28/49] including block_number in the event handlers --- .../src/integritee/event_handler.rs | 9 +++++++-- .../src/target_a/event_handler.rs | 9 +++++++-- .../src/target_b/event_handler.rs | 9 +++++++-- .../indirect-calls-executor/src/executor.rs | 6 +++++- .../parentchain/indirect-calls-executor/src/mock.rs | 9 +++++++-- .../core-primitives/types/src/parentchain/mod.rs | 13 ++++++++++--- .../src/integritee/event_handler.rs | 10 ++++++++-- .../src/target_a/event_handler.rs | 9 +++++++-- .../src/target_b/event_handler.rs | 9 +++++++-- .../indirect-calls-executor/src/executor.rs | 5 +++-- .../parentchain/indirect-calls-executor/src/mock.rs | 9 +++++++-- 11 files changed, 75 insertions(+), 22 deletions(-) diff --git a/tee-worker/bitacross/app-libs/parentchain-interface/src/integritee/event_handler.rs b/tee-worker/bitacross/app-libs/parentchain-interface/src/integritee/event_handler.rs index 94b3ba3efb..e26c697c32 100644 --- a/tee-worker/bitacross/app-libs/parentchain-interface/src/integritee/event_handler.rs +++ b/tee-worker/bitacross/app-libs/parentchain-interface/src/integritee/event_handler.rs @@ -32,6 +32,7 @@ use itp_types::{ use litentry_primitives::{Address32, Identity}; use log::*; use sp_core::{blake2_256, H256}; +use sp_runtime::traits::{Block as ParentchainBlock, Header as ParentchainHeader}; use sp_std::vec::Vec; use std::string::ToString; @@ -129,11 +130,15 @@ where { type Output = Vec; - fn handle_events( + fn handle_events( &self, executor: &Executor, events: impl FilterEvents, - ) -> Result, Error> { + _block_number: <::Header as ParentchainHeader>::Number, + ) -> Result, Error> + where + Block: ParentchainBlock, + { let mut handled_events: Vec = Vec::new(); if let Ok(events) = events.get_relayer_added_events() { diff --git a/tee-worker/bitacross/app-libs/parentchain-interface/src/target_a/event_handler.rs b/tee-worker/bitacross/app-libs/parentchain-interface/src/target_a/event_handler.rs index 1a6a9188b3..12b6eb40a7 100644 --- a/tee-worker/bitacross/app-libs/parentchain-interface/src/target_a/event_handler.rs +++ b/tee-worker/bitacross/app-libs/parentchain-interface/src/target_a/event_handler.rs @@ -28,6 +28,7 @@ use itp_types::{ H256, }; use log::*; +use sp_runtime::traits::{Block as ParentchainBlock, Header as ParentchainHeader}; use std::vec::Vec; pub struct ParentchainEventHandler {} @@ -52,11 +53,15 @@ where { type Output = Vec; - fn handle_events( + fn handle_events( &self, _executor: &Executor, _events: impl FilterEvents, - ) -> Result, Error> { + _block_number: <::Header as ParentchainHeader>::Number, + ) -> Result, Error> + where + Block: ParentchainBlock, + { debug!("not handling any events for target a"); Ok(Vec::new()) } diff --git a/tee-worker/bitacross/app-libs/parentchain-interface/src/target_b/event_handler.rs b/tee-worker/bitacross/app-libs/parentchain-interface/src/target_b/event_handler.rs index a822fc6919..f3ab23f2a1 100644 --- a/tee-worker/bitacross/app-libs/parentchain-interface/src/target_b/event_handler.rs +++ b/tee-worker/bitacross/app-libs/parentchain-interface/src/target_b/event_handler.rs @@ -28,6 +28,7 @@ use itp_types::{ H256, }; use log::*; +use sp_runtime::traits::{Block as ParentchainBlock, Header as ParentchainHeader}; use std::vec::Vec; pub struct ParentchainEventHandler {} @@ -52,11 +53,15 @@ where { type Output = Vec; - fn handle_events( + fn handle_events( &self, _executor: &Executor, _events: impl FilterEvents, - ) -> Result, Error> { + _block_number: <::Header as ParentchainHeader>::Number, + ) -> Result, Error> + where + Block: ParentchainBlock, + { debug!("not handling any events for target B"); Ok(Vec::new()) } diff --git a/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/executor.rs b/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/executor.rs index 009a996f57..216391bda8 100644 --- a/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/executor.rs +++ b/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/executor.rs @@ -195,7 +195,11 @@ impl< })? .ok_or_else(|| Error::Other("Could not create events from metadata".into()))?; - let processed_events = self.parentchain_event_handler.handle_events(self, events)?; + let processed_events = self.parentchain_event_handler.handle_events::( + self, + events, + block_number, + )?; if self.parentchain_id == ParentchainId::Litentry { // Include a processed parentchain block confirmation for each block. diff --git a/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/mock.rs b/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/mock.rs index bfab9b1305..40912cbc40 100644 --- a/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/mock.rs +++ b/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/mock.rs @@ -19,6 +19,7 @@ use itp_types::{ Address, RsaRequest, ShardIdentifier, H256, }; use log::*; +use sp_runtime::traits::{Block as ParentchainBlock, Header as ParentchainHeader}; use std::vec::Vec; pub struct ExtrinsicParser { @@ -236,11 +237,15 @@ where { type Output = Vec; - fn handle_events( + fn handle_events( &self, _: &Executor, _: impl itp_types::parentchain::FilterEvents, - ) -> core::result::Result, Error> { + _block_number: <::Header as ParentchainHeader>::Number, + ) -> core::result::Result, Error> + where + Block: ParentchainBlock, + { Ok(Vec::from([H256::default()])) } } diff --git a/tee-worker/common/core-primitives/types/src/parentchain/mod.rs b/tee-worker/common/core-primitives/types/src/parentchain/mod.rs index 950b1ce4fa..c97a1a5e0c 100644 --- a/tee-worker/common/core-primitives/types/src/parentchain/mod.rs +++ b/tee-worker/common/core-primitives/types/src/parentchain/mod.rs @@ -26,7 +26,11 @@ use itp_stf_primitives::traits::{IndirectExecutor, TrustedCallVerification}; #[cfg(feature = "std")] use serde::{Deserialize, Serialize}; use sp_core::{bounded::alloc, H160, H256}; -use sp_runtime::{generic::Header as HeaderG, traits::BlakeTwo256, MultiAddress, MultiSignature}; +use sp_runtime::{ + generic::Header as HeaderG, + traits::{BlakeTwo256, Block as ParentchainBlock, Header as ParentchainHeader}, + MultiAddress, MultiSignature, +}; use self::events::ParentchainBlockProcessed; @@ -148,11 +152,14 @@ where { type Output; - fn handle_events( + fn handle_events( &self, executor: &Executor, events: impl FilterEvents, - ) -> Result; + block_number: <::Header as ParentchainHeader>::Number, + ) -> Result + where + Block: ParentchainBlock; } #[derive(Debug)] diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs index 3cc5e99c87..0d3ed75681 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs @@ -35,6 +35,7 @@ use lc_omni_account::InMemoryStore as OmniAccountStore; use litentry_primitives::{Assertion, Identity, MemberAccount, ValidationData, Web3Network}; use log::*; use sp_core::{blake2_256, H160}; +use sp_runtime::traits::{Block as ParentchainBlock, Header as ParentchainHeader}; use sp_std::vec::Vec; use std::{format, string::String, sync::Arc, time::Instant}; @@ -241,11 +242,16 @@ where MetricsApi: EnclaveMetricsOCallApi, { type Output = ProcessedEventsArtifacts; - fn handle_events( + + fn handle_events( &self, executor: &Executor, events: impl FilterEvents, - ) -> Result { + _block_number: <::Header as ParentchainHeader>::Number, + ) -> Result + where + Block: ParentchainBlock, + { let mut handled_events: Vec = Vec::new(); let mut successful_assertion_ids: Vec = Vec::new(); let mut failed_assertion_ids: Vec = Vec::new(); diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/target_a/event_handler.rs b/tee-worker/identity/app-libs/parentchain-interface/src/target_a/event_handler.rs index 47d1db3382..e288b5a0bb 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/target_a/event_handler.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/target_a/event_handler.rs @@ -22,6 +22,7 @@ use itc_parentchain_indirect_calls_executor::error::Error; use itp_stf_primitives::traits::IndirectExecutor; use itp_types::parentchain::{FilterEvents, HandleParentchainEvents, ProcessedEventsArtifacts}; use log::*; +use sp_runtime::traits::{Block as ParentchainBlock, Header as ParentchainHeader}; use sp_std::vec::Vec; pub struct ParentchainEventHandler {} @@ -32,11 +33,15 @@ where Executor: IndirectExecutor, { type Output = ProcessedEventsArtifacts; - fn handle_events( + fn handle_events( &self, _executor: &Executor, _events: impl FilterEvents, - ) -> Result { + _block_number: <::Header as ParentchainHeader>::Number, + ) -> Result + where + Block: ParentchainBlock, + { debug!("not handling any events for target a"); Ok((Vec::new(), Vec::new(), Vec::new())) } diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/target_b/event_handler.rs b/tee-worker/identity/app-libs/parentchain-interface/src/target_b/event_handler.rs index 5e79be6a99..be64ba5b1b 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/target_b/event_handler.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/target_b/event_handler.rs @@ -22,6 +22,7 @@ use itc_parentchain_indirect_calls_executor::error::Error; use itp_stf_primitives::traits::IndirectExecutor; use itp_types::parentchain::{FilterEvents, HandleParentchainEvents, ProcessedEventsArtifacts}; use log::*; +use sp_runtime::traits::{Block as ParentchainBlock, Header as ParentchainHeader}; use sp_std::vec::Vec; pub struct ParentchainEventHandler {} @@ -32,11 +33,15 @@ where Executor: IndirectExecutor, { type Output = ProcessedEventsArtifacts; - fn handle_events( + fn handle_events( &self, _executor: &Executor, _events: impl FilterEvents, - ) -> Result { + _block_number: <::Header as ParentchainHeader>::Number, + ) -> Result + where + Block: ParentchainBlock, + { debug!("not handling any events for target B"); Ok((Vec::new(), Vec::new(), Vec::new())) } diff --git a/tee-worker/identity/core/parentchain/indirect-calls-executor/src/executor.rs b/tee-worker/identity/core/parentchain/indirect-calls-executor/src/executor.rs index d5b6c0a221..e8a24a10e4 100644 --- a/tee-worker/identity/core/parentchain/indirect-calls-executor/src/executor.rs +++ b/tee-worker/identity/core/parentchain/indirect-calls-executor/src/executor.rs @@ -171,8 +171,9 @@ impl< })? .ok_or_else(|| Error::Other("Could not create events from metadata".into()))?; - let (processed_events, successful_assertion_ids, failed_assertion_ids) = - self.parentchain_event_handler.handle_events(self, events)?; + let (processed_events, successful_assertion_ids, failed_assertion_ids) = self + .parentchain_event_handler + .handle_events::(self, events, block_number)?; let mut calls: Vec = Vec::new(); if !successful_assertion_ids.is_empty() { calls.extend(self.create_assertion_stored_call(successful_assertion_ids)?); diff --git a/tee-worker/identity/core/parentchain/indirect-calls-executor/src/mock.rs b/tee-worker/identity/core/parentchain/indirect-calls-executor/src/mock.rs index 87a37953b9..7914849f62 100644 --- a/tee-worker/identity/core/parentchain/indirect-calls-executor/src/mock.rs +++ b/tee-worker/identity/core/parentchain/indirect-calls-executor/src/mock.rs @@ -6,6 +6,7 @@ use itp_types::{ RsaRequest, H256, }; use sp_core::H160; +use sp_runtime::traits::{Block as ParentchainBlock, Header as ParentchainHeader}; use std::vec::Vec; pub struct TestEventCreator; @@ -110,11 +111,15 @@ where Executor: IndirectExecutor, { type Output = ProcessedEventsArtifacts; - fn handle_events( + fn handle_events( &self, _: &Executor, _: impl FilterEvents, - ) -> Result { + _block_number: <::Header as ParentchainHeader>::Number, + ) -> Result + where + Block: ParentchainBlock, + { Ok(( Vec::from([H256::default()]), Vec::from([H160::default()]), From 75e76aa6298723425f3a0214b7477f5202cdf97a Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 10:37:58 +0000 Subject: [PATCH 29/49] refatoring event_handlers to only update the in-memory store if the block has not been processed --- .../src/integritee/event_handler.rs | 31 +++++++++++++------ .../core/omni-account/src/in_memory_store.rs | 21 ++++++++++++- .../litentry/core/omni-account/src/lib.rs | 8 +++-- 3 files changed, 47 insertions(+), 13 deletions(-) diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs index 0d3ed75681..ad76c9e945 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs @@ -24,8 +24,8 @@ use itp_ocall_api::EnclaveMetricsOCallApi; use itp_stf_primitives::{traits::IndirectExecutor, types::TrustedOperation}; use itp_types::{ parentchain::{ - AccountId, FilterEvents, HandleParentchainEvents, ParentchainEventProcessingError, - ProcessedEventsArtifacts, + AccountId, BlockNumber, FilterEvents, HandleParentchainEvents, + ParentchainEventProcessingError, ProcessedEventsArtifacts, }, RsaRequest, H256, }; @@ -35,7 +35,7 @@ use lc_omni_account::InMemoryStore as OmniAccountStore; use litentry_primitives::{Assertion, Identity, MemberAccount, ValidationData, Web3Network}; use log::*; use sp_core::{blake2_256, H160}; -use sp_runtime::traits::{Block as ParentchainBlock, Header as ParentchainHeader}; +use sp_runtime::traits::{Block as ParentchainBlockTrait, Header as ParentchainHeader}; use sp_std::vec::Vec; use std::{format, string::String, sync::Arc, time::Instant}; @@ -224,7 +224,17 @@ where fn update_account_store( account_id: AccountId, members: Vec, + block_number: BlockNumber, ) -> Result<(), Error> { + let last_block_number = OmniAccountStore::get_block_height().map_err(|e| { + Error::AccountStoreError(format!( + "Could not get last block number from account store, reason: {:?}", + e + )) + })?; + if block_number <= last_block_number { + return Ok(()) + } // TODO: decrypt members and change members to be Vec instead OmniAccountStore::insert(account_id.clone(), members).map_err(|e| { Error::AccountStoreError(format!( @@ -247,11 +257,14 @@ where &self, executor: &Executor, events: impl FilterEvents, - _block_number: <::Header as ParentchainHeader>::Number, + block_number: <::Header as ParentchainHeader>::Number, ) -> Result where - Block: ParentchainBlock, + Block: ParentchainBlockTrait, { + let block_number: BlockNumber = block_number + .try_into() + .map_err(|_| ParentchainEventProcessingError::ParentchainBlockProcessedFailure)?; let mut handled_events: Vec = Vec::new(); let mut successful_assertion_ids: Vec = Vec::new(); let mut failed_assertion_ids: Vec = Vec::new(); @@ -376,7 +389,7 @@ where .try_for_each(|event| { debug!("found AccountStoreCreated event: {:?}", event); handled_events.push(hash_of(&event)); - Self::update_account_store(event.who, event.account_store) + Self::update_account_store(event.who, event.account_store, block_number) }) .map_err(|_| ParentchainEventProcessingError::AccountStoreCreatedFailure)?; } @@ -388,7 +401,7 @@ where .try_for_each(|event| { debug!("found AccountAdded event: {:?}", event); handled_events.push(hash_of(&event)); - Self::update_account_store(event.who, event.account_store) + Self::update_account_store(event.who, event.account_store, block_number) }) .map_err(|_| ParentchainEventProcessingError::AccountAddedFailure)?; } @@ -400,7 +413,7 @@ where .try_for_each(|event| { debug!("found AccountRemoved event: {:?}", event); handled_events.push(hash_of(&event)); - Self::update_account_store(event.who, event.account_store) + Self::update_account_store(event.who, event.account_store, block_number) }) .map_err(|_| ParentchainEventProcessingError::AccountRemovedFailure)?; } @@ -412,7 +425,7 @@ where .try_for_each(|event| { debug!("found AccountMadePublic event: {:?}", event); handled_events.push(hash_of(&event)); - Self::update_account_store(event.who, event.account_store) + Self::update_account_store(event.who, event.account_store, block_number) }) .map_err(|_| ParentchainEventProcessingError::AccountMadePublicFailure)?; } diff --git a/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs b/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs index 14418f3819..0ab52fb692 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs @@ -14,7 +14,7 @@ // You should have received a copy of the GNU General Public License // along with Litentry. If not, see . -use crate::{AccountId, BTreeMap, Error, MemberAccount, OmniAccounts, Vec}; +use crate::{AccountId, BTreeMap, BlockNumber, Error, MemberAccount, OmniAccounts, Vec}; use lazy_static::lazy_static; #[cfg(feature = "std")] @@ -24,11 +24,30 @@ use std::sync::SgxRwLock as RwLock; lazy_static! { static ref STORE: RwLock = RwLock::new(BTreeMap::new()); + static ref STORE_BLOCK_HEIGHT: RwLock = RwLock::new(0); } pub struct InMemoryStore; impl InMemoryStore { + pub fn set_block_height(block_number: BlockNumber) -> Result<(), Error> { + *STORE_BLOCK_HEIGHT.write().map_err(|_| { + log::error!("[InMemoryStore] Lock poisoning"); + Error::LockPoisoning + })? = block_number; + + Ok(()) + } + + pub fn get_block_height() -> Result { + let block_number = *STORE_BLOCK_HEIGHT.read().map_err(|_| { + log::error!("[InMemoryStore] Lock poisoning"); + Error::LockPoisoning + })?; + + Ok(block_number) + } + pub fn get(account_id: AccountId) -> Result>, Error> { let omni_account_members = STORE .read() diff --git a/tee-worker/identity/litentry/core/omni-account/src/lib.rs b/tee-worker/identity/litentry/core/omni-account/src/lib.rs index 66a02a065d..9868f5633e 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/lib.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/lib.rs @@ -32,7 +32,7 @@ mod in_memory_store; pub use in_memory_store::InMemoryStore; use alloc::{collections::btree_map::BTreeMap, sync::Arc, vec::Vec}; -use itp_types::parentchain::{AccountId, Header, ParentchainId}; +use itp_types::parentchain::{AccountId, BlockNumber, Header, ParentchainId}; use litentry_primitives::MemberAccount; pub type OmniAccounts = BTreeMap>; @@ -47,12 +47,14 @@ pub fn init_in_memory_state(ocall_api: Arc) -> Result<(), &' where OCallApi: EnclaveOnChainOCallApi, { - let header = ocall_api.get_header(&ParentchainId::Litentry).map_err(|e| { + let header: Header = ocall_api.get_header(&ParentchainId::Litentry).map_err(|e| { log::error!("Failed to get header: {:?}", e); "Failed to get header" })?; + let block_number: BlockNumber = header.number; let repository = OmniAccountRepository::new(ocall_api, header); let account_stores = repository.get_all().map_err(|_| "Failed to get all account stores")?; // TODO: decrypt state - InMemoryStore::load(account_stores).map_err(|_| "Failed to load account stores") + InMemoryStore::load(account_stores).map_err(|_| "Failed to load account stores")?; + InMemoryStore::set_block_height(block_number).map_err(|_| "Failed to set block number") } From 1e0ee11d51171b225a7c4a74b3a3d5848f8df35e Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 13:19:24 +0000 Subject: [PATCH 30/49] removing debug log --- tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs | 2 -- 1 file changed, 2 deletions(-) diff --git a/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs b/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs index 0415b79f6e..0a9f515935 100644 --- a/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs +++ b/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs @@ -184,8 +184,6 @@ impl EnclaveOnChainOCallApi for OcallApi { }) .collect(); - log::error!("Got headers: {:?}", responses); - responses.first().cloned().ok_or(Error::ChainCallFailed) } } From 90489772cdd1ab60202ea349d84429436c547b07 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 13:21:42 +0000 Subject: [PATCH 31/49] removing initialization from parentchain init --- .../enclave-runtime/src/initialization/parentchain/mod.rs | 5 ----- 1 file changed, 5 deletions(-) diff --git a/tee-worker/identity/enclave-runtime/src/initialization/parentchain/mod.rs b/tee-worker/identity/enclave-runtime/src/initialization/parentchain/mod.rs index a82f3074e6..618ae60eaf 100644 --- a/tee-worker/identity/enclave-runtime/src/initialization/parentchain/mod.rs +++ b/tee-worker/identity/enclave-runtime/src/initialization/parentchain/mod.rs @@ -42,7 +42,6 @@ use itc_parentchain::light_client::{concurrent_access::ValidatorAccess, LightCli use itp_component_container::{ComponentGetter, ComponentInitializer}; use itp_settings::worker_mode::ProvideWorkerMode; use itp_types::parentchain::{ParentchainId, ParentchainInitParams}; -use lc_omni_account::init_in_memory_state; use log::*; use std::{path::PathBuf, vec::Vec}; @@ -60,10 +59,6 @@ pub(crate) fn init_parentchain_components ) -> Result> { match ParentchainInitParams::decode(&mut encoded_params.as_slice())? { ParentchainInitParams::Parachain { id, shard, params } => { - let ocall_api = GLOBAL_OCALL_API_COMPONENT.get().map_err(|e| Error::Other(e.into()))?; - info!("Initializing in-memory state for shard: {:?}", shard); - init_in_memory_state(ocall_api).map_err(|e| Error::Other(e.into()))?; - info!("In Memory State initialized for shard: {:?}", shard); info!( "[{:?}] initializing parachain parentchain components for shard: {:?}", id, shard From 0217e400c40d277761a8e6e739a397dd88b3748c Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 13:23:07 +0000 Subject: [PATCH 32/49] adding enclave ecall to trigger in_memory_store initialization --- .../core-primitives/enclave-api/ffi/src/lib.rs | 2 ++ .../core-primitives/enclave-api/src/enclave_base.rs | 13 +++++++++++++ tee-worker/identity/enclave-runtime/Enclave.edl | 2 ++ .../enclave-runtime/src/initialization/mod.rs | 7 +++++++ tee-worker/identity/enclave-runtime/src/lib.rs | 9 +++++++++ 5 files changed, 33 insertions(+) diff --git a/tee-worker/identity/core-primitives/enclave-api/ffi/src/lib.rs b/tee-worker/identity/core-primitives/enclave-api/ffi/src/lib.rs index 65b1b11aa1..20eabd88d2 100644 --- a/tee-worker/identity/core-primitives/enclave-api/ffi/src/lib.rs +++ b/tee-worker/identity/core-primitives/enclave-api/ffi/src/lib.rs @@ -238,6 +238,8 @@ extern "C" { shard_size: u32, ) -> sgx_status_t; + pub fn init_in_memory_state(eid: sgx_enclave_id_t, retval: *mut sgx_status_t) -> sgx_status_t; + pub fn ignore_parentchain_block_import_validation_until( eid: sgx_enclave_id_t, retval: *mut sgx_status_t, diff --git a/tee-worker/identity/core-primitives/enclave-api/src/enclave_base.rs b/tee-worker/identity/core-primitives/enclave-api/src/enclave_base.rs index 47f0bfa08f..370c2338b9 100644 --- a/tee-worker/identity/core-primitives/enclave-api/src/enclave_base.rs +++ b/tee-worker/identity/core-primitives/enclave-api/src/enclave_base.rs @@ -82,6 +82,8 @@ pub trait EnclaveBase: Send + Sync + 'static { // litentry fn migrate_shard(&self, new_shard: Vec) -> EnclaveResult<()>; + + fn init_in_memory_state(&self) -> EnclaveResult<()>; } /// EnclaveApi implementation for Enclave struct @@ -388,6 +390,17 @@ mod impl_ffi { Ok(()) } + + fn init_in_memory_state(&self) -> EnclaveResult<()> { + let mut retval = sgx_status_t::SGX_SUCCESS; + + let result = unsafe { ffi::init_in_memory_state(self.eid, &mut retval) }; + + ensure!(result == sgx_status_t::SGX_SUCCESS, Error::Sgx(result)); + ensure!(retval == sgx_status_t::SGX_SUCCESS, Error::Sgx(retval)); + + Ok(()) + } } fn init_parentchain_components_ffi( diff --git a/tee-worker/identity/enclave-runtime/Enclave.edl b/tee-worker/identity/enclave-runtime/Enclave.edl index 3e4a13e34f..53bd2d8dd9 100644 --- a/tee-worker/identity/enclave-runtime/Enclave.edl +++ b/tee-worker/identity/enclave-runtime/Enclave.edl @@ -61,6 +61,8 @@ enclave { [in, size=shard_size] uint8_t* shard, uint32_t shard_size ); + public sgx_status_t init_in_memory_state(); + public sgx_status_t init_shard_creation_parentchain_header( [in, size=shard_size] uint8_t* shard, uint32_t shard_size, [in, size=parentchain_id_size] uint8_t* parentchain_id, uint32_t parentchain_id_size, diff --git a/tee-worker/identity/enclave-runtime/src/initialization/mod.rs b/tee-worker/identity/enclave-runtime/src/initialization/mod.rs index 3597de3f9e..8da123ba86 100644 --- a/tee-worker/identity/enclave-runtime/src/initialization/mod.rs +++ b/tee-worker/identity/enclave-runtime/src/initialization/mod.rs @@ -89,6 +89,7 @@ use jsonrpc_core::IoHandler; use lc_data_providers::DataProviderConfig; use lc_evm_dynamic_assertions::repository::EvmAssertionRepository; use lc_native_task_receiver::{run_native_task_receiver, NativeTaskContext}; +use lc_omni_account::init_in_memory_omni_account_store; use lc_parachain_extrinsic_task_receiver::run_parachain_extrinsic_task_receiver; use lc_stf_task_receiver::{run_stf_task_receiver, StfTaskContext}; use lc_vc_task_receiver::run_vc_handler_runner; @@ -504,6 +505,12 @@ pub(crate) fn init_shard(shard: ShardIdentifier) -> EnclaveResult<()> { Ok(()) } +pub(crate) fn init_in_memory_state() -> EnclaveResult<()> { + let ocall_api = GLOBAL_OCALL_API_COMPONENT.get()?; + init_in_memory_omni_account_store(ocall_api).map_err(|e| Error::Other(e.into()))?; + Ok(()) +} + pub(crate) fn migrate_shard(new_shard: ShardIdentifier) -> EnclaveResult<()> { let state_handler = GLOBAL_STATE_HANDLER_COMPONENT.get()?; let _ = state_handler.migrate_shard(new_shard)?; diff --git a/tee-worker/identity/enclave-runtime/src/lib.rs b/tee-worker/identity/enclave-runtime/src/lib.rs index 9531f372da..70d1ff1e3d 100644 --- a/tee-worker/identity/enclave-runtime/src/lib.rs +++ b/tee-worker/identity/enclave-runtime/src/lib.rs @@ -440,6 +440,15 @@ pub unsafe extern "C" fn migrate_shard(new_shard: *const u8, shard_size: u32) -> sgx_status_t::SGX_SUCCESS } +#[no_mangle] +pub unsafe extern "C" fn init_in_memory_state() -> sgx_status_t { + if let Err(e) = initialization::init_in_memory_state() { + error!("Failed to initialize in-memory state: {:?}", e); + return sgx_status_t::SGX_ERROR_UNEXPECTED + } + sgx_status_t::SGX_SUCCESS +} + #[no_mangle] pub unsafe extern "C" fn sync_parentchain( blocks_to_sync: *const u8, From daa94b7759e236a48f4cb33062cb3f81ab285e80 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 13:23:48 +0000 Subject: [PATCH 33/49] adding initialization --- tee-worker/identity/service/src/main_impl.rs | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tee-worker/identity/service/src/main_impl.rs b/tee-worker/identity/service/src/main_impl.rs index 137e0e90f8..53387f6404 100644 --- a/tee-worker/identity/service/src/main_impl.rs +++ b/tee-worker/identity/service/src/main_impl.rs @@ -162,6 +162,9 @@ pub(crate) fn main() { enclave_metrics_receiver, ))); + // init in-memory store, it should be done after the o-call bridge is initialized + enclave.init_in_memory_state().expect("Failed to init in-memory store"); + #[cfg(feature = "dcap")] let quoting_enclave_target_info = match enclave.qe_get_target_info() { Ok(target_info) => Some(target_info), From d7ac1683a98391c74622286ef0a3edececc584de Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 13:24:30 +0000 Subject: [PATCH 34/49] adding logs --- .../identity/litentry/core/omni-account/src/lib.rs | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/tee-worker/identity/litentry/core/omni-account/src/lib.rs b/tee-worker/identity/litentry/core/omni-account/src/lib.rs index 9868f5633e..c6f7a0e349 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/lib.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/lib.rs @@ -43,7 +43,9 @@ pub enum Error { OCallApiError(&'static str), } -pub fn init_in_memory_state(ocall_api: Arc) -> Result<(), &'static str> +pub fn init_in_memory_omni_account_store( + ocall_api: Arc, +) -> Result<(), &'static str> where OCallApi: EnclaveOnChainOCallApi, { @@ -56,5 +58,8 @@ where let account_stores = repository.get_all().map_err(|_| "Failed to get all account stores")?; // TODO: decrypt state InMemoryStore::load(account_stores).map_err(|_| "Failed to load account stores")?; - InMemoryStore::set_block_height(block_number).map_err(|_| "Failed to set block number") + InMemoryStore::set_block_height(block_number).map_err(|_| "Failed to set block number")?; + log::info!("In-memory store initialized successfully"); + + Ok(()) } From 2e47528eac6e10f5f323d0d7cc9146f98a2c9de5 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 13:53:09 +0000 Subject: [PATCH 35/49] removing unused imports --- common/primitives/core/src/omni_account.rs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/common/primitives/core/src/omni_account.rs b/common/primitives/core/src/omni_account.rs index c30a6cf715..fb2adc411f 100644 --- a/common/primitives/core/src/omni_account.rs +++ b/common/primitives/core/src/omni_account.rs @@ -17,8 +17,7 @@ use crate::{AccountId, Hash, Identity, Vec}; use parity_scale_codec::{Decode, Encode}; use scale_info::TypeInfo; -use sp_io::hashing::blake2_256; -use sp_runtime::{BoundedVec, RuntimeDebug}; +use sp_runtime::RuntimeDebug; #[derive(Encode, Decode, TypeInfo, Clone, PartialEq, Eq, RuntimeDebug)] pub enum MemberAccount { From 6f154d3e00c26f52bcf565a31388afc9da2cb8ff Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 13:56:41 +0000 Subject: [PATCH 36/49] small improvement --- parachain/pallets/omni-account/src/tests.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/parachain/pallets/omni-account/src/tests.rs b/parachain/pallets/omni-account/src/tests.rs index 36d830d32f..1540162910 100644 --- a/parachain/pallets/omni-account/src/tests.rs +++ b/parachain/pallets/omni-account/src/tests.rs @@ -58,7 +58,7 @@ fn create_account_store_works() { )); let member_accounts: MemberAccounts = - vec![MemberAccount::Public(alice().identity.clone())].try_into().unwrap(); + vec![public_member_account(alice())].try_into().unwrap(); System::assert_last_event( Event::AccountStoreCreated { @@ -138,7 +138,7 @@ fn add_account_works() { )); let expected_member_accounts: MemberAccounts = BoundedVec::truncate_from(vec![ - MemberAccount::Public(alice().identity.clone()), + public_member_account(alice()), bob.clone(), charlie.clone(), ]); @@ -344,7 +344,7 @@ fn remove_account_works() { ); let expected_member_accounts: MemberAccounts = - BoundedVec::truncate_from(vec![MemberAccount::Public(alice().identity.clone())]); + BoundedVec::truncate_from(vec![public_member_account(alice())]); System::assert_has_event( Event::AccountRemoved { From 573b7e596b869bdd11252ac2058b59066e5ebac3 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 14:33:23 +0000 Subject: [PATCH 37/49] fixing enclave_api_mock --- .../identity/service/src/tests/mocks/enclave_api_mock.rs | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tee-worker/identity/service/src/tests/mocks/enclave_api_mock.rs b/tee-worker/identity/service/src/tests/mocks/enclave_api_mock.rs index fc194e4f63..57a08acec5 100644 --- a/tee-worker/identity/service/src/tests/mocks/enclave_api_mock.rs +++ b/tee-worker/identity/service/src/tests/mocks/enclave_api_mock.rs @@ -103,6 +103,10 @@ impl EnclaveBase for EnclaveMock { fn migrate_shard(&self, new_shard: Vec) -> EnclaveResult<()> { unimplemented!() } + + fn init_in_memory_state(&self) -> EnclaveResult<()> { + unimplemented!() + } } impl Sidechain for EnclaveMock { From d102ad7915c9b96fe685aa088a8d0b6603897069 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 14:35:25 +0000 Subject: [PATCH 38/49] removing unused imports --- .../enclave-runtime/src/initialization/parentchain/mod.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tee-worker/identity/enclave-runtime/src/initialization/parentchain/mod.rs b/tee-worker/identity/enclave-runtime/src/initialization/parentchain/mod.rs index 618ae60eaf..8ac2ae9928 100644 --- a/tee-worker/identity/enclave-runtime/src/initialization/parentchain/mod.rs +++ b/tee-worker/identity/enclave-runtime/src/initialization/parentchain/mod.rs @@ -16,11 +16,11 @@ */ use crate::{ - error::{Error, Result}, + error::Result, initialization::{ global_components::{ GLOBAL_INTEGRITEE_PARACHAIN_HANDLER_COMPONENT, - GLOBAL_INTEGRITEE_SOLOCHAIN_HANDLER_COMPONENT, GLOBAL_OCALL_API_COMPONENT, + GLOBAL_INTEGRITEE_SOLOCHAIN_HANDLER_COMPONENT, GLOBAL_TARGET_A_PARACHAIN_HANDLER_COMPONENT, GLOBAL_TARGET_A_SOLOCHAIN_HANDLER_COMPONENT, GLOBAL_TARGET_B_PARACHAIN_HANDLER_COMPONENT, @@ -39,7 +39,7 @@ use codec::{Decode, Encode}; use integritee_parachain::IntegriteeParachainHandler; use integritee_solochain::IntegriteeSolochainHandler; use itc_parentchain::light_client::{concurrent_access::ValidatorAccess, LightClientState}; -use itp_component_container::{ComponentGetter, ComponentInitializer}; +use itp_component_container::ComponentInitializer; use itp_settings::worker_mode::ProvideWorkerMode; use itp_types::parentchain::{ParentchainId, ParentchainInitParams}; use log::*; From 18ed2b11bef6e365bac835f7f1fa9536d2f0e030 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 15:04:27 +0000 Subject: [PATCH 39/49] removing comment --- tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs b/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs index 0a9f515935..98ba9e9e33 100644 --- a/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs +++ b/tee-worker/identity/enclave-runtime/src/ocall/on_chain_ocall.rs @@ -64,7 +64,7 @@ impl EnclaveOnChainOCallApi for OcallApi { ) -> SgxResult>> { let mut rt: sgx_status_t = sgx_status_t::SGX_ERROR_UNEXPECTED; // Litentry: since #1221 we need 28139 bytes - let mut resp: Vec = vec![0; 4196 * 16]; // TODO: should we increase this size? + let mut resp: Vec = vec![0; 4196 * 16]; let request_encoded = req.encode(); let parentchain_id_encoded = parentchain_id.encode(); From 2a704385bb87c9ac7cb00acc4e49d378e064703f Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 16:03:21 +0000 Subject: [PATCH 40/49] removing clone --- tee-worker/identity/enclave-runtime/src/initialization/mod.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tee-worker/identity/enclave-runtime/src/initialization/mod.rs b/tee-worker/identity/enclave-runtime/src/initialization/mod.rs index cf525b6b3c..b14d42c6c9 100644 --- a/tee-worker/identity/enclave-runtime/src/initialization/mod.rs +++ b/tee-worker/identity/enclave-runtime/src/initialization/mod.rs @@ -253,7 +253,7 @@ pub(crate) fn init_enclave( GLOBAL_RPC_WS_HANDLER_COMPONENT.initialize(rpc_handler); let attestation_handler = - Arc::new(IntelAttestationHandler::new(ocall_api.clone(), signing_key_repository)); + Arc::new(IntelAttestationHandler::new(ocall_api, signing_key_repository)); GLOBAL_ATTESTATION_HANDLER_COMPONENT.initialize(attestation_handler); let evm_assertion_repository = EvmAssertionRepository::new(ASSERTIONS_FILE)?; From 95b6ecee876f24d7e744969c590b8b39647a3614 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 16:05:00 +0000 Subject: [PATCH 41/49] removing TODO's --- .../parentchain-interface/src/integritee/event_handler.rs | 1 - tee-worker/identity/litentry/core/omni-account/src/lib.rs | 1 - 2 files changed, 2 deletions(-) diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs index ad76c9e945..05bd1594ee 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs @@ -235,7 +235,6 @@ where if block_number <= last_block_number { return Ok(()) } - // TODO: decrypt members and change members to be Vec instead OmniAccountStore::insert(account_id.clone(), members).map_err(|e| { Error::AccountStoreError(format!( "Could not update account store for account_id: {:?}, reason: {:?}", diff --git a/tee-worker/identity/litentry/core/omni-account/src/lib.rs b/tee-worker/identity/litentry/core/omni-account/src/lib.rs index c6f7a0e349..767d3898c4 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/lib.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/lib.rs @@ -56,7 +56,6 @@ where let block_number: BlockNumber = header.number; let repository = OmniAccountRepository::new(ocall_api, header); let account_stores = repository.get_all().map_err(|_| "Failed to get all account stores")?; - // TODO: decrypt state InMemoryStore::load(account_stores).map_err(|_| "Failed to load account stores")?; InMemoryStore::set_block_height(block_number).map_err(|_| "Failed to set block number")?; log::info!("In-memory store initialized successfully"); From 2dc59b1289f2f5734e948f2821aafd45fe95499d Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 18 Oct 2024 17:58:56 +0000 Subject: [PATCH 42/49] logging error instead of panic if `init_in_memory_state` fails --- tee-worker/identity/service/src/main_impl.rs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tee-worker/identity/service/src/main_impl.rs b/tee-worker/identity/service/src/main_impl.rs index f51fe4b5e4..ed91d151ee 100644 --- a/tee-worker/identity/service/src/main_impl.rs +++ b/tee-worker/identity/service/src/main_impl.rs @@ -163,7 +163,9 @@ pub(crate) fn main() { ))); // init in-memory store, it should be done after the o-call bridge is initialized - enclave.init_in_memory_state().expect("Failed to init in-memory store"); + if let Err(e) = enclave.init_in_memory_state() { + error!("Failed to initialize in-memory state: {:?}", e); + } #[cfg(feature = "dcap")] let quoting_enclave_target_info = match enclave.qe_get_target_info() { From 9ff6e0ee0c85860e91e6ee59d384b1c671515356 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 24 Oct 2024 12:42:11 +0000 Subject: [PATCH 43/49] refactoring events to use AccountStoreUpdated to update in-memory store in the worker --- parachain/pallets/omni-account/src/lib.rs | 47 ++++++++------------- parachain/pallets/omni-account/src/tests.rs | 37 ++++++++++------ 2 files changed, 43 insertions(+), 41 deletions(-) diff --git a/parachain/pallets/omni-account/src/lib.rs b/parachain/pallets/omni-account/src/lib.rs index 1cb5d53fed..84c7c455b7 100644 --- a/parachain/pallets/omni-account/src/lib.rs +++ b/parachain/pallets/omni-account/src/lib.rs @@ -132,27 +132,15 @@ pub mod pallet { #[pallet::generate_deposit(pub(super) fn deposit_event)] pub enum Event { /// An account store is created - AccountStoreCreated { who: T::AccountId, account_store: MemberAccounts }, + AccountStoreCreated { who: T::AccountId }, /// Some member account is added - AccountAdded { - who: T::AccountId, - member_account_hash: H256, - account_store: MemberAccounts, - }, + AccountAdded { who: T::AccountId, member_account_hash: H256 }, /// Some member accounts are removed - AccountRemoved { - who: T::AccountId, - member_account_hashes: Vec, - account_store: MemberAccounts, - }, + AccountRemoved { who: T::AccountId, member_account_hashes: Vec }, /// Some member account is made public - AccountMadePublic { - who: T::AccountId, - member_account_hash: H256, - account_store: MemberAccounts, - }, + AccountMadePublic { who: T::AccountId, member_account_hash: H256 }, /// An account store is updated - AccountStoreUpdated { who: T::AccountId }, + AccountStoreUpdated { who: T::AccountId, account_store: MemberAccounts }, /// Some call is dispatched as omni-account origin DispatchedAsOmniAccount { who: T::AccountId, result: DispatchResult }, /// Some call is dispatched as signed origin @@ -257,10 +245,10 @@ pub mod pallet { AccountStore::::insert(who.clone(), member_accounts.clone()); Self::deposit_event(Event::AccountAdded { - who, + who: who.clone(), member_account_hash: hash, - account_store: member_accounts, }); + Self::deposit_event(Event::AccountStoreUpdated { who, account_store: member_accounts }); Ok(()) } @@ -294,11 +282,8 @@ pub mod pallet { AccountStore::::insert(who.clone(), member_accounts.clone()); } - Self::deposit_event(Event::AccountRemoved { - who, - member_account_hashes, - account_store: member_accounts, - }); + Self::deposit_event(Event::AccountRemoved { who: who.clone(), member_account_hashes }); + Self::deposit_event(Event::AccountStoreUpdated { who, account_store: member_accounts }); Ok(()) } @@ -322,10 +307,10 @@ pub mod pallet { AccountStore::::insert(who.clone(), member_accounts.clone()); Self::deposit_event(Event::AccountMadePublic { - who, + who: who.clone(), member_account_hash: hash, - account_store: member_accounts, }); + Self::deposit_event(Event::AccountStoreUpdated { who, account_store: member_accounts }); Ok(()) } @@ -362,8 +347,11 @@ pub mod pallet { } MemberAccountHash::::insert(member_account.hash(), who_account.clone()); - AccountStore::::insert(who_account.clone(), member_accounts); - Self::deposit_event(Event::AccountStoreUpdated { who: who_account }); + AccountStore::::insert(who_account.clone(), member_accounts.clone()); + Self::deposit_event(Event::AccountStoreUpdated { + who: who_account, + account_store: member_accounts, + }); Ok(Pays::No.into()) } @@ -409,7 +397,8 @@ pub mod pallet { MemberAccountHash::::insert(hash, omni_account.clone()); AccountStore::::insert(omni_account.clone(), member_accounts.clone()); - Self::deposit_event(Event::AccountStoreCreated { + Self::deposit_event(Event::AccountStoreCreated { who: omni_account.clone() }); + Self::deposit_event(Event::AccountStoreUpdated { who: omni_account, account_store: member_accounts.clone(), }); diff --git a/parachain/pallets/omni-account/src/tests.rs b/parachain/pallets/omni-account/src/tests.rs index 2e7bce39f8..ee1eae3830 100644 --- a/parachain/pallets/omni-account/src/tests.rs +++ b/parachain/pallets/omni-account/src/tests.rs @@ -60,8 +60,9 @@ fn create_account_store_works() { let member_accounts: MemberAccounts = vec![public_member_account(alice())].try_into().unwrap(); + System::assert_has_event(Event::AccountStoreCreated { who: alice().omni_account }.into()); System::assert_last_event( - Event::AccountStoreCreated { + Event::AccountStoreUpdated { who: alice().omni_account, account_store: member_accounts, } @@ -120,6 +121,12 @@ fn add_account_works() { Event::AccountAdded { who: alice().omni_account.clone(), member_account_hash: bob.hash(), + } + .into(), + ); + System::assert_has_event( + Event::AccountStoreUpdated { + who: alice().omni_account.clone(), account_store: expected_member_accounts.clone(), } .into(), @@ -144,18 +151,12 @@ fn add_account_works() { ]); System::assert_has_event( - Event::AccountAdded { - who: alice().omni_account, - member_account_hash: charlie.hash(), - account_store: expected_member_accounts.clone(), - } - .into(), + Event::AccountAdded { who: alice().omni_account, member_account_hash: charlie.hash() } + .into(), ); - System::assert_has_event( - Event::AccountAdded { + Event::AccountStoreUpdated { who: alice().omni_account, - member_account_hash: charlie.hash(), account_store: expected_member_accounts.clone(), } .into(), @@ -348,8 +349,14 @@ fn remove_account_works() { System::assert_has_event( Event::AccountRemoved { - who: alice().omni_account.clone(), + who: alice().omni_account, member_account_hashes: vec![bob.hash()], + } + .into(), + ); + System::assert_has_event( + Event::AccountStoreUpdated { + who: alice().omni_account, account_store: expected_member_accounts.clone(), } .into(), @@ -457,8 +464,14 @@ fn publicize_account_works() { System::assert_has_event( Event::AccountMadePublic { - who: alice().omni_account.clone(), + who: alice().omni_account, member_account_hash: bob().identity.hash(), + } + .into(), + ); + System::assert_has_event( + Event::AccountStoreUpdated { + who: alice().omni_account, account_store: expected_member_accounts.clone(), } .into(), From 5b9c3b0351c451ec0da3ed3a359c9a9bea22fb7a Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Thu, 24 Oct 2024 13:05:55 +0000 Subject: [PATCH 44/49] updating parentchain-interface events and event handlers --- .../src/integritee/event_filter.rs | 14 +--- .../src/target_a/event_filter.rs | 14 +--- .../src/target_b/event_filter.rs | 14 +--- .../indirect-calls-executor/src/mock.rs | 14 +--- .../types/src/parentchain/events.rs | 80 +------------------ .../types/src/parentchain/mod.rs | 23 +----- .../src/integritee/event_filter.rs | 14 +--- .../src/integritee/event_handler.rs | 44 +--------- .../src/target_a/event_filter.rs | 14 +--- .../src/target_b/event_filter.rs | 14 +--- .../indirect-calls-executor/src/mock.rs | 14 +--- 11 files changed, 20 insertions(+), 239 deletions(-) diff --git a/tee-worker/bitacross/app-libs/parentchain-interface/src/integritee/event_filter.rs b/tee-worker/bitacross/app-libs/parentchain-interface/src/integritee/event_filter.rs index 96c933face..b7ceeb561a 100644 --- a/tee-worker/bitacross/app-libs/parentchain-interface/src/integritee/event_filter.rs +++ b/tee-worker/bitacross/app-libs/parentchain-interface/src/integritee/event_filter.rs @@ -118,19 +118,7 @@ impl FilterEvents for FilterableEvents { self.filter() } - fn get_account_store_created_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_added_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_removed_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_made_public_events(&self) -> Result, Self::Error> { + fn get_account_store_updated_events(&self) -> Result, Self::Error> { self.filter() } } diff --git a/tee-worker/bitacross/app-libs/parentchain-interface/src/target_a/event_filter.rs b/tee-worker/bitacross/app-libs/parentchain-interface/src/target_a/event_filter.rs index 8c6bc5aeae..33c0278536 100644 --- a/tee-worker/bitacross/app-libs/parentchain-interface/src/target_a/event_filter.rs +++ b/tee-worker/bitacross/app-libs/parentchain-interface/src/target_a/event_filter.rs @@ -116,19 +116,7 @@ impl FilterEvents for FilterableEvents { self.filter() } - fn get_account_store_created_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_added_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_removed_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_made_public_events(&self) -> Result, Self::Error> { + fn get_account_store_updated_events(&self) -> Result, Self::Error> { self.filter() } } diff --git a/tee-worker/bitacross/app-libs/parentchain-interface/src/target_b/event_filter.rs b/tee-worker/bitacross/app-libs/parentchain-interface/src/target_b/event_filter.rs index 8c6bc5aeae..33c0278536 100644 --- a/tee-worker/bitacross/app-libs/parentchain-interface/src/target_b/event_filter.rs +++ b/tee-worker/bitacross/app-libs/parentchain-interface/src/target_b/event_filter.rs @@ -116,19 +116,7 @@ impl FilterEvents for FilterableEvents { self.filter() } - fn get_account_store_created_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_added_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_removed_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_made_public_events(&self) -> Result, Self::Error> { + fn get_account_store_updated_events(&self) -> Result, Self::Error> { self.filter() } } diff --git a/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/mock.rs b/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/mock.rs index 40912cbc40..7b17d920fb 100644 --- a/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/mock.rs +++ b/tee-worker/bitacross/core/parentchain/indirect-calls-executor/src/mock.rs @@ -198,19 +198,7 @@ impl FilterEvents for MockEvents { Ok(Vec::new()) } - fn get_account_store_created_events(&self) -> Result, Self::Error> { - Ok(Vec::new()) - } - - fn get_account_added_events(&self) -> Result, Self::Error> { - Ok(Vec::new()) - } - - fn get_account_removed_events(&self) -> Result, Self::Error> { - Ok(Vec::new()) - } - - fn get_account_made_public_events(&self) -> Result, Self::Error> { + fn get_account_store_updated_events(&self) -> Result, Self::Error> { Ok(Vec::new()) } } diff --git a/tee-worker/common/core-primitives/types/src/parentchain/events.rs b/tee-worker/common/core-primitives/types/src/parentchain/events.rs index a7794dc14d..57205832ed 100644 --- a/tee-worker/common/core-primitives/types/src/parentchain/events.rs +++ b/tee-worker/common/core-primitives/types/src/parentchain/events.rs @@ -141,12 +141,12 @@ impl StaticEvent for EnclaveRemoved { // omni-account pallet events #[derive(Encode, Decode, Debug)] -pub struct AccountStoreCreated { +pub struct AccountStoreUpdated { pub who: AccountId, pub account_store: Vec, } -impl core::fmt::Display for AccountStoreCreated { +impl core::fmt::Display for AccountStoreUpdated { fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result { let message = format!( "AccountStoreCreated :: who: {}, account_store: {:?}", @@ -157,81 +157,9 @@ impl core::fmt::Display for AccountStoreCreated { } } -impl StaticEvent for AccountStoreCreated { +impl StaticEvent for AccountStoreUpdated { const PALLET: &'static str = "OmniAccount"; - const EVENT: &'static str = "AccountStoreCreated"; -} - -#[derive(Encode, Decode, Debug)] -pub struct AccountAdded { - pub who: AccountId, - pub member_account_hash: Hash, - pub account_store: Vec, -} - -impl core::fmt::Display for AccountAdded { - fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result { - let message = format!( - "AccountAdded :: who: {}, member_account_hash: {}, account_store: {:?}", - account_id_to_string::(&self.who), - self.member_account_hash.to_hex(), - self.account_store - ); - write!(f, "{}", message) - } -} - -impl StaticEvent for AccountAdded { - const PALLET: &'static str = "OmniAccount"; - const EVENT: &'static str = "AccountAdded"; -} - -#[derive(Encode, Decode, Debug)] -pub struct AccountRemoved { - pub who: AccountId, - pub member_account_hashes: Vec, - pub account_store: Vec, -} - -impl core::fmt::Display for AccountRemoved { - fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result { - let message = format!( - "AccountRemoved :: who: {}, member_account_hashes: {:?}, account_store: {:?}", - account_id_to_string::(&self.who), - self.member_account_hashes, - self.account_store - ); - write!(f, "{}", message) - } -} - -impl StaticEvent for AccountRemoved { - const PALLET: &'static str = "OmniAccount"; - const EVENT: &'static str = "AccountRemoved"; -} - -#[derive(Encode, Decode, Debug)] -pub struct AccountMadePublic { - pub who: AccountId, - pub member_account_hash: Hash, - pub account_store: Vec, -} - -impl core::fmt::Display for AccountMadePublic { - fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result { - let message = format!( - "AccountMadePublic :: who: {}, member_account_hash: {}, account_store: {:?}", - account_id_to_string::(&self.who), - self.member_account_hash.to_hex(), - self.account_store - ); - write!(f, "{}", message) - } -} - -impl StaticEvent for AccountMadePublic { - const PALLET: &'static str = "OmniAccount"; - const EVENT: &'static str = "AccountMadePublic"; + const EVENT: &'static str = "AccountStoreUpdated"; } // Identity-worker events diff --git a/tee-worker/common/core-primitives/types/src/parentchain/mod.rs b/tee-worker/common/core-primitives/types/src/parentchain/mod.rs index c97a1a5e0c..05172aabd5 100644 --- a/tee-worker/common/core-primitives/types/src/parentchain/mod.rs +++ b/tee-worker/common/core-primitives/types/src/parentchain/mod.rs @@ -128,13 +128,7 @@ pub trait FilterEvents { fn get_btc_wallet_generated_events(&self) -> Result, Self::Error>; - fn get_account_store_created_events(&self) -> Result, Self::Error>; - - fn get_account_added_events(&self) -> Result, Self::Error>; - - fn get_account_removed_events(&self) -> Result, Self::Error>; - - fn get_account_made_public_events(&self) -> Result, Self::Error>; + fn get_account_store_updated_events(&self) -> Result, Self::Error>; } #[derive(Debug)] @@ -178,10 +172,7 @@ pub enum ParentchainEventProcessingError { EnclaveAddFailure, EnclaveRemoveFailure, BtcWalletGeneratedFailure, - AccountStoreCreatedFailure, - AccountAddedFailure, - AccountRemovedFailure, - AccountMadePublicFailure, + AccountStoreUpdatedFailure, } impl core::fmt::Display for ParentchainEventProcessingError { @@ -215,14 +206,8 @@ impl core::fmt::Display for ParentchainEventProcessingError { "Parentchain Event Processing Error: EnclaveRemoveFailure", ParentchainEventProcessingError::BtcWalletGeneratedFailure => "Parentchain Event Processing Error: BtcWalletGeneratedFailure", - ParentchainEventProcessingError::AccountStoreCreatedFailure => - "Parentchain Event Processing Error: AccountStoreCreatedFailure", - ParentchainEventProcessingError::AccountAddedFailure => - "Parentchain Event Processing Error: AccountAddedFailure", - ParentchainEventProcessingError::AccountRemovedFailure => - "Parentchain Event Processing Error: AccountRemovedFailure", - ParentchainEventProcessingError::AccountMadePublicFailure => - "Parentchain Event Processing Error: AccountMadePublicFailure", + ParentchainEventProcessingError::AccountStoreUpdatedFailure => + "Parentchain Event Processing Error: AccountStoreUpdatedFailure", }; write!(f, "{}", message) } diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_filter.rs b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_filter.rs index 400748e7ca..f0ae6078dc 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_filter.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_filter.rs @@ -118,19 +118,7 @@ impl FilterEvents for FilterableEvents { self.filter() } - fn get_account_store_created_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_added_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_removed_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_made_public_events(&self) -> Result, Self::Error> { + fn get_account_store_updated_events(&self) -> Result, Self::Error> { self.filter() } } diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs index 05bd1594ee..9bbddfefc4 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs @@ -381,52 +381,16 @@ where }); } - if let Ok(events) = events.get_account_store_created_events() { - debug!("Handling AccountStoreCreated events"); + if let Ok(events) = events.get_account_store_updated_events() { + debug!("Handling AccountStoreUpdated events"); events .into_iter() .try_for_each(|event| { - debug!("found AccountStoreCreated event: {:?}", event); + debug!("found AccountStoreUpdated event: {:?}", event); handled_events.push(hash_of(&event)); Self::update_account_store(event.who, event.account_store, block_number) }) - .map_err(|_| ParentchainEventProcessingError::AccountStoreCreatedFailure)?; - } - - if let Ok(events) = events.get_account_added_events() { - debug!("Handling AccountAdded events"); - events - .into_iter() - .try_for_each(|event| { - debug!("found AccountAdded event: {:?}", event); - handled_events.push(hash_of(&event)); - Self::update_account_store(event.who, event.account_store, block_number) - }) - .map_err(|_| ParentchainEventProcessingError::AccountAddedFailure)?; - } - - if let Ok(events) = events.get_account_removed_events() { - debug!("Handling AccountRemoved events"); - events - .into_iter() - .try_for_each(|event| { - debug!("found AccountRemoved event: {:?}", event); - handled_events.push(hash_of(&event)); - Self::update_account_store(event.who, event.account_store, block_number) - }) - .map_err(|_| ParentchainEventProcessingError::AccountRemovedFailure)?; - } - - if let Ok(events) = events.get_account_made_public_events() { - debug!("Handling AccountMadePublic events"); - events - .into_iter() - .try_for_each(|event| { - debug!("found AccountMadePublic event: {:?}", event); - handled_events.push(hash_of(&event)); - Self::update_account_store(event.who, event.account_store, block_number) - }) - .map_err(|_| ParentchainEventProcessingError::AccountMadePublicFailure)?; + .map_err(|_| ParentchainEventProcessingError::AccountStoreUpdatedFailure)?; } Ok((handled_events, successful_assertion_ids, failed_assertion_ids)) diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/target_a/event_filter.rs b/tee-worker/identity/app-libs/parentchain-interface/src/target_a/event_filter.rs index ae391e5031..4b86a285e8 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/target_a/event_filter.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/target_a/event_filter.rs @@ -116,19 +116,7 @@ impl FilterEvents for FilterableEvents { self.filter() } - fn get_account_store_created_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_added_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_removed_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_made_public_events(&self) -> Result, Self::Error> { + fn get_account_store_updated_events(&self) -> Result, Self::Error> { self.filter() } } diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/target_b/event_filter.rs b/tee-worker/identity/app-libs/parentchain-interface/src/target_b/event_filter.rs index ae391e5031..4b86a285e8 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/target_b/event_filter.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/target_b/event_filter.rs @@ -116,19 +116,7 @@ impl FilterEvents for FilterableEvents { self.filter() } - fn get_account_store_created_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_added_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_removed_events(&self) -> Result, Self::Error> { - self.filter() - } - - fn get_account_made_public_events(&self) -> Result, Self::Error> { + fn get_account_store_updated_events(&self) -> Result, Self::Error> { self.filter() } } diff --git a/tee-worker/identity/core/parentchain/indirect-calls-executor/src/mock.rs b/tee-worker/identity/core/parentchain/indirect-calls-executor/src/mock.rs index 7914849f62..25cab5b0e6 100644 --- a/tee-worker/identity/core/parentchain/indirect-calls-executor/src/mock.rs +++ b/tee-worker/identity/core/parentchain/indirect-calls-executor/src/mock.rs @@ -86,19 +86,7 @@ impl FilterEvents for MockEvents { Ok(Vec::new()) } - fn get_account_store_created_events(&self) -> Result, Self::Error> { - Ok(Vec::new()) - } - - fn get_account_added_events(&self) -> Result, Self::Error> { - Ok(Vec::new()) - } - - fn get_account_removed_events(&self) -> Result, Self::Error> { - Ok(Vec::new()) - } - - fn get_account_made_public_events(&self) -> Result, Self::Error> { + fn get_account_store_updated_events(&self) -> Result, Self::Error> { Ok(Vec::new()) } } From 0d9c30dd94ce3e2a72e1068e947a7ddd50f995dc Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 25 Oct 2024 12:36:36 +0000 Subject: [PATCH 45/49] refactoring in_memory_store method names --- .../src/integritee/event_handler.rs | 2 +- .../core/omni-account/src/in_memory_store.rs | 19 +++++-------------- .../litentry/core/omni-account/src/lib.rs | 3 ++- 3 files changed, 8 insertions(+), 16 deletions(-) diff --git a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs index 9bbddfefc4..39569551cd 100644 --- a/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs +++ b/tee-worker/identity/app-libs/parentchain-interface/src/integritee/event_handler.rs @@ -235,7 +235,7 @@ where if block_number <= last_block_number { return Ok(()) } - OmniAccountStore::insert(account_id.clone(), members).map_err(|e| { + OmniAccountStore::insert_account_store(account_id.clone(), members).map_err(|e| { Error::AccountStoreError(format!( "Could not update account store for account_id: {:?}, reason: {:?}", account_id, e diff --git a/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs b/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs index b588b43110..ed5460c64c 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/in_memory_store.rs @@ -61,7 +61,10 @@ impl InMemoryStore { Ok(account_id) } - pub fn insert(account_id: AccountId, members: Vec) -> Result<(), Error> { + pub fn insert_account_store( + account_id: AccountId, + members: Vec, + ) -> Result<(), Error> { let mut member_account_hash = MEMBER_ACCOUNT_HASH.write().map_err(|_| { log::error!("[InMemoryStore] Lock poisoning"); Error::LockPoisoning @@ -80,19 +83,7 @@ impl InMemoryStore { Ok(()) } - pub fn remove(account_id: AccountId) -> Result<(), Error> { - ACCCOUNT_STORE - .write() - .map_err(|_| { - log::error!("[InMemoryStore] Lock poisoning"); - Error::LockPoisoning - })? - .remove(&account_id); - - Ok(()) - } - - pub fn load(accounts: OmniAccounts) -> Result<(), Error> { + pub fn load_account_stores(accounts: OmniAccounts) -> Result<(), Error> { for (account_id, members) in &accounts { let mut member_account_hash = MEMBER_ACCOUNT_HASH.write().map_err(|_| { log::error!("[InMemoryStore] Lock poisoning"); diff --git a/tee-worker/identity/litentry/core/omni-account/src/lib.rs b/tee-worker/identity/litentry/core/omni-account/src/lib.rs index 767d3898c4..9c2e81c813 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/lib.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/lib.rs @@ -56,7 +56,8 @@ where let block_number: BlockNumber = header.number; let repository = OmniAccountRepository::new(ocall_api, header); let account_stores = repository.get_all().map_err(|_| "Failed to get all account stores")?; - InMemoryStore::load(account_stores).map_err(|_| "Failed to load account stores")?; + InMemoryStore::load_account_stores(account_stores) + .map_err(|_| "Failed to load account stores")?; InMemoryStore::set_block_height(block_number).map_err(|_| "Failed to set block number")?; log::info!("In-memory store initialized successfully"); From 63a6c67f7a05337cdb02d3e78d1268b02e1a6702 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 25 Oct 2024 17:15:36 +0000 Subject: [PATCH 46/49] fixing returned keys --- .../bitacross/service/src/ocall_bridge/worker_on_chain_ocall.rs | 2 +- .../identity/service/src/ocall_bridge/worker_on_chain_ocall.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tee-worker/bitacross/service/src/ocall_bridge/worker_on_chain_ocall.rs b/tee-worker/bitacross/service/src/ocall_bridge/worker_on_chain_ocall.rs index 3b15ad304c..e5c1134c27 100644 --- a/tee-worker/bitacross/service/src/ocall_bridge/worker_on_chain_ocall.rs +++ b/tee-worker/bitacross/service/src/ocall_bridge/worker_on_chain_ocall.rs @@ -120,7 +120,7 @@ where start_key.map(StorageKey), hash, ) { - Ok(keys) => keys.iter().map(|k| k.as_ref().encode()).collect(), + Ok(keys) => keys.iter().map(|k| k.0.to_vec()).collect(), _ => Default::default(), }; WorkerResponse::ChainStorageKeys(keys) diff --git a/tee-worker/identity/service/src/ocall_bridge/worker_on_chain_ocall.rs b/tee-worker/identity/service/src/ocall_bridge/worker_on_chain_ocall.rs index 5548b33d5c..93005c902e 100644 --- a/tee-worker/identity/service/src/ocall_bridge/worker_on_chain_ocall.rs +++ b/tee-worker/identity/service/src/ocall_bridge/worker_on_chain_ocall.rs @@ -120,7 +120,7 @@ where start_key.map(StorageKey), hash, ) { - Ok(keys) => keys.iter().map(|k| k.as_ref().encode()).collect(), + Ok(keys) => keys.iter().map(|k| k.0.to_vec()).collect(), _ => Default::default(), }; WorkerResponse::ChainStorageKeys(keys) From 53745c4fb668eb044f320810fdbd85648a511555 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 25 Oct 2024 17:21:04 +0000 Subject: [PATCH 47/49] cleaning up storage keys module --- tee-worker/Cargo.lock | 1 - tee-worker/common/core-primitives/storage/Cargo.toml | 2 -- tee-worker/common/core-primitives/storage/src/keys.rs | 6 ------ tee-worker/identity/enclave-runtime/Cargo.lock | 1 - 4 files changed, 10 deletions(-) diff --git a/tee-worker/Cargo.lock b/tee-worker/Cargo.lock index b361e3b088..c7d79df281 100644 --- a/tee-worker/Cargo.lock +++ b/tee-worker/Cargo.lock @@ -4320,7 +4320,6 @@ dependencies = [ "frame-support", "hash-db 0.15.2", "itp-types", - "litentry-hex-utils", "parity-scale-codec", "sgx_tstd", "sp-core", diff --git a/tee-worker/common/core-primitives/storage/Cargo.toml b/tee-worker/common/core-primitives/storage/Cargo.toml index 72659e1b52..d3c48d6e05 100644 --- a/tee-worker/common/core-primitives/storage/Cargo.toml +++ b/tee-worker/common/core-primitives/storage/Cargo.toml @@ -23,8 +23,6 @@ sp-trie = { workspace = true } itp-types = { workspace = true } -litentry-hex-utils = { workspace = true } - [dev-dependencies] sp-state-machine = { workspace = true, features = ["std"] } diff --git a/tee-worker/common/core-primitives/storage/src/keys.rs b/tee-worker/common/core-primitives/storage/src/keys.rs index 5771bd8c03..f5a61982ef 100644 --- a/tee-worker/common/core-primitives/storage/src/keys.rs +++ b/tee-worker/common/core-primitives/storage/src/keys.rs @@ -19,7 +19,6 @@ use alloc::{string::String, vec::Vec}; use codec::{Decode, Encode}; use frame_metadata::v14::StorageHasher; use frame_support::{Blake2_128Concat, ReversibleStorageHasher}; -use litentry_hex_utils::decode_hex; pub fn storage_value_key(module_prefix: &str, storage_prefix: &str) -> Vec { let mut bytes = sp_core::twox_128(module_prefix.as_bytes()).to_vec(); @@ -44,11 +43,6 @@ pub fn extract_blake2_128concat_key(raw_storage_key: &[u8]) -> Option K::decode(&mut raw_key).ok() } -pub fn decode_storage_key(raw_key: Vec) -> Option> { - let hex_key = String::decode(&mut raw_key.as_slice()).unwrap_or_default(); - decode_hex(hex_key).ok() -} - pub fn storage_double_map_key( module_prefix: &str, storage_prefix: &str, diff --git a/tee-worker/identity/enclave-runtime/Cargo.lock b/tee-worker/identity/enclave-runtime/Cargo.lock index e5b5e9b3eb..d70370871b 100644 --- a/tee-worker/identity/enclave-runtime/Cargo.lock +++ b/tee-worker/identity/enclave-runtime/Cargo.lock @@ -2605,7 +2605,6 @@ dependencies = [ "frame-support", "hash-db 0.15.2", "itp-types", - "litentry-hex-utils", "parity-scale-codec", "sgx_tstd", "sp-core", From 8c8227356a81e6aa73358e7a5a0cbbd3f5b16e1e Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 25 Oct 2024 17:35:53 +0000 Subject: [PATCH 48/49] removing unused imports --- tee-worker/common/core-primitives/storage/src/keys.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tee-worker/common/core-primitives/storage/src/keys.rs b/tee-worker/common/core-primitives/storage/src/keys.rs index f5a61982ef..84387d0c64 100644 --- a/tee-worker/common/core-primitives/storage/src/keys.rs +++ b/tee-worker/common/core-primitives/storage/src/keys.rs @@ -15,7 +15,7 @@ */ -use alloc::{string::String, vec::Vec}; +use alloc::vec::Vec; use codec::{Decode, Encode}; use frame_metadata::v14::StorageHasher; use frame_support::{Blake2_128Concat, ReversibleStorageHasher}; From 3fd8576867c924042746477d1ae8b5523cbca6a5 Mon Sep 17 00:00:00 2001 From: Francisco Silva Date: Fri, 25 Oct 2024 17:36:11 +0000 Subject: [PATCH 49/49] fixing pagination and key decoding --- .../litentry/core/omni-account/src/repository.rs | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/tee-worker/identity/litentry/core/omni-account/src/repository.rs b/tee-worker/identity/litentry/core/omni-account/src/repository.rs index 506528c16a..fd0cf76e43 100644 --- a/tee-worker/identity/litentry/core/omni-account/src/repository.rs +++ b/tee-worker/identity/litentry/core/omni-account/src/repository.rs @@ -18,7 +18,7 @@ use crate::{AccountId, Error, Header, MemberAccount, OmniAccounts, ParentchainId use alloc::{collections::btree_map::BTreeMap, sync::Arc, vec::Vec}; use frame_support::storage::storage_prefix; use itp_ocall_api::EnclaveOnChainOCallApi; -use itp_storage::{decode_storage_key, extract_blake2_128concat_key}; +use itp_storage::extract_blake2_128concat_key; pub trait GetAccountStoresRepository { fn get_all(&self) -> Result; @@ -59,28 +59,22 @@ impl GetAccountStoresRepository ) .map_err(|_| Error::OCallApiError("Failed to get storage keys"))?; - if storage_keys_paged.is_empty() { + if storage_keys_paged.is_empty() || storage_keys_paged.last().cloned() == start_key { break } - let account_store_storage_keys = storage_keys_paged - .into_iter() - .filter_map(decode_storage_key) - .collect::>>(); - - start_key = account_store_storage_keys.last().cloned(); + start_key = storage_keys_paged.last().cloned(); self.ocall_api .get_multiple_storages_verified( - account_store_storage_keys, + storage_keys_paged, &self.header, &ParentchainId::Litentry, ) .map_err(|_| Error::OCallApiError("Failed to get multiple storages"))? .into_iter() .filter_map(|entry| { - let storage_key = decode_storage_key(entry.key)?; - let account_id: AccountId = extract_blake2_128concat_key(&storage_key)?; + let account_id: AccountId = extract_blake2_128concat_key(entry.key.as_slice())?; let member_accounts: Vec = entry.value?; Some((account_id, member_accounts)) })