#377 go over errors (#393)

+ Moved a lot of debug/info to trace so it doesn't clog up the stdout
+ Changed minimum log levels for the enclave
+ Changed error log text to be more human-readable

Makefile

@@ -202,10 +202,10 @@ docker_base:
 	docker build --build-arg FEATURES=${FEATURES} --build-arg SGX_MODE=${SGX_MODE} -f Dockerfile.base -t rust-go-base-image .
 
 docker_bootstrap: docker_base
-	docker build --build-arg --build-arg SGX_MODE=${SGX_MODE} --build-arg SECRET_NODE_TYPE=BOOTSTRAP -t enigmampc/secret-network-bootstrap-${ext}:${DOCKER_TAG} .
+	docker build --build-arg SGX_MODE=${SGX_MODE} --build-arg SECRET_NODE_TYPE=BOOTSTRAP -t enigmampc/secret-network-bootstrap-${ext}:${DOCKER_TAG} .
 
 docker_node: docker_base
-	docker build --build-arg --build-arg SGX_MODE=${SGX_MODE} --build-arg SECRET_NODE_TYPE=NODE -t enigmampc/secret-network-node-${ext}:${DOCKER_TAG} .
+	docker build --build-arg SGX_MODE=${SGX_MODE} --build-arg SECRET_NODE_TYPE=NODE -t enigmampc/secret-network-node-${ext}:${DOCKER_TAG} .
 
 docker_local_azure_hw: docker_base
 	docker build --build-arg SGX_MODE=HW --build-arg SECRET_NODE_TYPE=NODE -t ci-enigma-sgx-node .

cosmwasm-js/packages/sdk/src/cosmwasmclient.spec.ts

@@ -449,7 +449,7 @@ describe("CosmWasmClient", () => {
       const client = new CosmWasmClient(wasmd.endpoint);
       await client.queryContractSmart(contract.address, { broken: {} }).then(
         () => fail("must not succeed"),
-        (error) => expect(error).toMatch(/query wasm contract failed: parsing hackatom::contract::QueryMsg/i),
+        (error) => expect(error).toMatch(/query contract failed: parsing hackatom::contract::QueryMsg/i),
       );
     });
 

cosmwasm-js/packages/sdk/src/restclient.spec.ts

@@ -1365,7 +1365,7 @@ describe("RestClient", () => {
         await client.queryContractSmart(contractAddress!, { nosuchkey: {} }).then(
           () => fail("shouldn't succeed"),
           (error) =>
-            expect(error).toMatch(/query wasm contract failed: parsing hackatom::contract::QueryMsg/),
+            expect(error).toMatch(/query contract failed: parsing hackatom::contract::QueryMsg/),
         );
 
         // invalid address throws an error

cosmwasm-js/packages/sdk/src/restclient.ts

@@ -474,7 +474,7 @@ export class RestClient {
       responseData = (await this.get(path)) as WasmResponse<SmartQueryResponse>;
     } catch (err) {
       try {
-        const errorMessageRgx = /wasm contract failed: generic: (.+?) \(HTTP 500\)/g;
+        const errorMessageRgx = /contract failed: encrypted: (.+?) \(HTTP 500\)/g;
 
         const rgxMatches = errorMessageRgx.exec(err.message);
         if (rgxMatches == null || rgxMatches.length != 2) {
@@ -591,7 +591,7 @@ export class RestClient {
         }
 
         // decrypt error
-        const errorMessageRgx = /wasm contract failed: generic: (.+?): failed to execute message; message index: 0/g;
+        const errorMessageRgx = /contract failed: encrypted: (.+?): failed to execute message; message index: 0/g;
 
         const rgxMatches = errorMessageRgx.exec(txsResponse.raw_log);
         if (Array.isArray(rgxMatches) && rgxMatches.length === 2) {

cosmwasm-js/packages/sdk/src/signingcosmwasmclient.ts

@@ -264,7 +264,7 @@ export class SigningCosmWasmClient extends CosmWasmClient {
       result = await this.postTx(signedTx);
     } catch (err) {
       try {
-        const errorMessageRgx = /wasm contract failed: generic: (.+?): failed to execute message; message index: 0/g;
+        const errorMessageRgx = /contract failed: encrypted: (.+?): failed to execute message; message index: 0/g;
 
         const rgxMatches = errorMessageRgx.exec(err.message);
         if (rgxMatches == null || rgxMatches.length != 2) {

cosmwasm/packages/enclave-ffi-types/src/types.rs

@@ -56,39 +56,55 @@ pub enum EnclaveError {
     ///    caught memory-handling issues, or a failed ecall during an ocall. `vm_error` will be null.
     /// 3. We failed to call the ocall due to an SGX fault. `vm_error` will be null.
     // TODO should we split these three cases for better diagnostics?
-    #[display(fmt = "FailedOcall")]
-    FailedOcall {
-        vm_error: UntrustedVmError,
-    },
+    #[display(fmt = "failed to execute ocall")]
+    FailedOcall { vm_error: UntrustedVmError },
     /// The WASM code was invalid and could not be loaded.
+    #[display(fmt = "tried to load invalid wasm code")]
     InvalidWasm,
+    #[display(fmt = "failed to initialize wasm memory")]
     CannotInitializeWasmMemory,
     /// The WASM module contained a start section, which is not allowed.
     WasmModuleWithStart,
     /// The WASM module contained floating point operations, which is not allowed.
+    #[display(fmt = "found floating point operation in module code")]
     WasmModuleWithFP,
     /// Calling a function in the contract failed.
+    #[display(fmt = "failed function call")]
     FailedFunctionCall,
     /// Fail to inject gas metering
+    #[display(fmt = "failed to inject gas metering")]
     FailedGasMeteringInjection,
     /// Ran out of gas
+    #[display(fmt = "execution ran out of gas")]
     OutOfGas,
     // Errors in contract ABI:
     /// Failed to seal data
+    #[display(fmt = "failed to seal data")]
     FailedSeal,
+    #[display(fmt = "failed to unseal data")]
     FailedUnseal,
-    /// contract key was invalid
+    #[display(fmt = "failed to authenticate secret contract")]
     FailedContractAuthentication,
+    #[display(fmt = "failed to deserialize data")]
     FailedToDeserialize,
+    #[display(fmt = "failed to serialize data")]
     FailedToSerialize,
+    #[display(fmt = "failed to encrypt data")]
     EncryptionError,
+    #[display(fmt = "failed to decrypt data")]
     DecryptionError,
+    #[display(fmt = "failed to allocate memory")]
     MemoryAllocationError,
+    #[display(fmt = "failed to read memory")]
     MemoryReadError,
+    #[display(fmt = "failed to write memory")]
     MemoryWriteError,
+    #[display(fmt = "failed to seal data")]
     NotImplemented,
+    #[display(fmt = "panic'd due to unexpected behavior")]
     Panic,
     /// Unexpected Error happened, no more details available
+    #[display(fmt = "unknown error")]
     Unknown,
 }
 

cosmwasm/packages/sgx-vm/src/attestation.rs

@@ -30,7 +30,7 @@ pub extern "C" fn ocall_sgx_init_quote(
     ret_ti: *mut sgx_target_info_t,
     ret_gid: *mut sgx_epid_group_id_t,
 ) -> sgx_status_t {
-    info!("Entering ocall_sgx_init_quote");
+    trace!("Entering ocall_sgx_init_quote");
     unsafe { sgx_init_quote(ret_ti, ret_gid) }
 }
 
@@ -74,18 +74,18 @@ pub extern "C" fn ocall_get_quote(
     _maxlen: u32,
     p_quote_len: *mut u32,
 ) -> sgx_status_t {
-    println!("Entering ocall_get_quote");
+    trace!("Entering ocall_get_quote");
 
     let mut real_quote_len: u32 = 0;
 
     let ret = unsafe { sgx_calc_quote_size(p_sigrl, sigrl_len, &mut real_quote_len as *mut u32) };
 
     if ret != sgx_status_t::SGX_SUCCESS {
-        println!("sgx_calc_quote_size returned {}", ret);
+        trace!("sgx_calc_quote_size returned {}", ret);
         return ret;
     }
 
-    println!("quote size = {}", real_quote_len);
+    trace!("quote size = {}", real_quote_len);
     unsafe {
         *p_quote_len = real_quote_len;
     }
@@ -105,11 +105,11 @@ pub extern "C" fn ocall_get_quote(
     };
 
     if ret != sgx_status_t::SGX_SUCCESS {
-        println!("sgx_calc_quote_size returned {}", ret);
+        trace!("sgx_calc_quote_size returned {}", ret);
         return ret;
     }
 
-    println!("sgx_calc_quote_size returned {}", ret);
+    trace!("sgx_calc_quote_size returned {}", ret);
     ret
 }
 
@@ -123,11 +123,8 @@ pub extern "C" fn ocall_get_update_info(
 }
 
 pub fn create_attestation_report_u() -> SgxResult<sgx_status_t> {
-    info!("Hello from just before initializing - create_attestation_report_u");
     let enclave = get_enclave()?;
-    info!("Hello from just after initializing - create_attestation_report_u");
 
-    info!("Entered produce report");
     let eid = enclave.geteid();
     let mut retval = sgx_status_t::SGX_SUCCESS;
     let status = unsafe { ecall_get_attestation_report(eid, &mut retval) };
@@ -144,11 +141,7 @@ pub fn create_attestation_report_u() -> SgxResult<sgx_status_t> {
 }
 
 pub fn untrusted_get_encrypted_seed(cert: &[u8]) -> SgxResult<[u8; ENCRYPTED_SEED_SIZE]> {
-    info!("Hello from just before initializing - untrusted_get_encrypted_seed");
     let enclave = get_enclave()?;
-    info!("Hello from just after initializing - untrusted_get_encrypted_seed");
-
-    info!("Entered produce report");
     let eid = enclave.geteid();
     let mut retval = sgx_status_t::SGX_SUCCESS;
     let mut seed = [0u8; ENCRYPTED_SEED_SIZE];

cosmwasm/packages/sgx-vm/src/errors.rs

@@ -90,6 +90,7 @@ pub enum VmError {
     #[snafu(display("Must not call a writing storage function in this context."))]
     WriteAccessDenied { backtrace: snafu::Backtrace },
 
+    #[snafu(display("Enclave {}", source))]
     EnclaveErr {
         #[snafu(backtrace)]
         source: EnclaveError,
@@ -314,12 +315,12 @@ mod enclave {
     #[derive(Debug, Snafu)]
     #[non_exhaustive]
     pub enum EnclaveError {
-        #[snafu(display("Got an error from the enclave: {:?}", error))]
+        #[snafu(display("{}", error))]
         EnclaveErr {
             error: enclave_ffi_types::EnclaveError,
             backtrace: Backtrace,
         },
-        #[snafu(display("failed to call enclave function: {:?}", status))]
+        #[snafu(display("SGX error: {:?}", status))]
         SdkErr {
             status: sgx_types::sgx_status_t,
             backtrace: Backtrace,

cosmwasm/packages/sgx-vm/src/seed.rs

@@ -1,6 +1,6 @@
 use sgx_types::*;
 
-use log::info;
+use log::{debug, info};
 
 use crate::enclave::get_enclave;
 
@@ -28,9 +28,9 @@ extern "C" {
 }
 
 pub fn untrusted_init_node(master_cert: &[u8], encrypted_seed: &[u8]) -> SgxResult<sgx_status_t> {
-    info!("Hello from just before initializing - init_node");
+    debug!("Initializing enclave..");
     let enclave = get_enclave()?;
-    info!("Hello from just after initializing - init_node");
+    debug!("Initialized enclave successfully!");
 
     let eid = enclave.geteid();
     let mut ret = sgx_status_t::SGX_SUCCESS;
@@ -58,9 +58,9 @@ pub fn untrusted_init_node(master_cert: &[u8], encrypted_seed: &[u8]) -> SgxResu
 }
 
 pub fn untrusted_key_gen() -> SgxResult<[u8; 32]> {
-    info!("Hello from just before initializing - untrusted_key_gen");
+    debug!("Initializing enclave..");
     let enclave = get_enclave()?;
-    info!("Hello from just after initializing - untrusted_key_gen");
+    debug!("Initialized enclave successfully!");
 
     let eid = enclave.geteid();
     let mut retval = sgx_status_t::SGX_SUCCESS;

cosmwasm/packages/wasmi-runtime/src/crypto/key_manager.rs

@@ -67,22 +67,6 @@ impl Keychain {
         Ok(())
     }
 
-    // pub fn is_registration_key_set(&self) -> bool {
-    //     return self.registration_key.is_some();
-    // }
-    //
-    // pub fn is_consensus_state_ikm_set(&self) -> bool {
-    //     return self.consensus_state_ikm.is_some();
-    // }
-
-    // pub fn is_consensus_seed_exchange_keypair_set(&self) -> bool {
-    //     return self.consensus_seed_exchange_keypair.is_some();
-    // }
-
-    // pub fn is_consensus_io_exchange_keypair_set(&self) -> bool {
-    //     return self.consensus_io_exchange_keypair.is_some();
-    // }
-
     pub fn is_consensus_seed_set(&self) -> bool {
         self.consensus_seed.is_some()
     }
@@ -167,7 +151,7 @@ impl Keychain {
 
     pub fn generate_consensus_master_keys(&mut self) -> Result<(), EnclaveError> {
         if !self.is_consensus_seed_set() {
-            debug!("Seed not initialized! Cannot derive enclave keys");
+            trace!("Seed not initialized, skipping derivation of enclave keys");
             return Ok(());
         }
 

cosmwasm/packages/wasmi-runtime/src/lib.rs

@@ -36,6 +36,23 @@ mod utils;
 
 static LOGGER: SimpleLogger = SimpleLogger;
 
+#[cfg(all(not(feature = "production"), feature = "SGX_MODE_HW"))]
+#[ctor]
+fn init_logger() {
+    log::set_logger(&LOGGER)
+        .map(|()| log::set_max_level(LevelFilter::Info))
+        .unwrap();
+}
+
+#[cfg(all(feature = "production", feature = "SGX_MODE_HW"))]
+#[ctor]
+fn init_logger() {
+    log::set_logger(&LOGGER)
+        .map(|()| log::set_max_level(LevelFilter::Warn))
+        .unwrap();
+}
+
+#[cfg(not(feature = "SGX_MODE_HW"))]
 #[ctor]
 fn init_logger() {
     log::set_logger(&LOGGER)