cycles-quartz/crates/utils/tcbinfo-updater/src/main.rs

use cw_client::{GrpcClient, CwClient};
use quartz_tcbinfo_msgs::{QueryMsg, ExecuteMsg};
use quoted_string::strip_dquotes;
use anyhow::{anyhow, Result};
 use quoted_string::test_utils::TestSpec;
use quoted_string::to_content;
use reqwest::Url;
use serde_json::{json, Value};
use std::env;
use  tendermint::chain::id::Id;

type Fmspc = String;
type Update = String;

const TCB_SIGNER: &str = include_str!("../tcb_signer.pem");

async fn get_tcbinfo(fmspc: Fmspc, update: Update) -> String {
    let url = format!("https://api.trustedservices.intel.com/sgx/certification/v4/tcb?fmspc={fmspc}&update={update}");
    let body: String = reqwest::get(url)
        .await
        .expect("url retrieval failed")
        .text()
        .await
        .expect("could not read https response");
    body
}

async fn get_fmspc_list() -> Vec<Fmspc> {
    let body: String =
        reqwest::get("https://api.trustedservices.intel.com/sgx/certification/v4/fmspcs")
            .await
            .expect("url retrieval failed")
            .text()
            .await
            .expect("could not read https response");
    let fmspc_data: Vec<Value> = serde_json::from_str(&body).expect("could not convert to JSON");
    let mut fmspc_list: Vec<Fmspc> = Vec::new();
    for item in fmspc_data.iter() {
        let fmspc: String = format!("{}", item["fmspc"]);
        fmspc_list.push(strip_dquotes(&fmspc).unwrap().to_string());
    }
    fmspc_list
}

async fn upsert_tcbinfo(url: &str, contract_addr: &str, chain_id : Id, sender: &str, gas: u64, fees: &str) -> Result<(), &'static str> {

    let network = Url::parse(url).expect("couldn't parse network URL");
    let skey = hex::decode(sk).expect("couldn't read signing key")
        .as_slice()
        .try_into()
        .map_err(|e| anyhow!("failed to read/parse sk: {}", e)).expect("couldn't extract result value");
    let client = CliClient::new(network);
    let fmspc_list = get_fmspc_list().await;

    for fmspc in fmspc_list {
        
        let tcbinfo_from_api = get_tcbinfo(fmspc.clone(), "standard".to_string()).await;
        
        // assert!(verify_signature(tcbinfo.clone(), key));
         let contract_address = contract_addr
            .parse()
            .expect("failed to parse contract address");
        let query_msg = QueryMsg::GetTcbInfo { fmspc: fmspc.clone() };
       
        let tcbinfo_on_chain =  { if let Ok(res) = client.query_smart::<Value>(&contract_address, json!(query_msg)).await {
            to_content::<TestSpec>(&res["data"]["tcb_info"].to_string()).unwrap().to_string()
        }          else {
                                      "".to_string()
                                  }
        
                                  
        };
           
        if tcbinfo_on_chain != tcbinfo_from_api {
            println!("updating on-chain TCBInfo for FMSPC: {fmspc}");

           
            let execute_msg = ExecuteMsg {
                tcb_info: tcbinfo_from_api.to_string(),
                certificate: TCB_SIGNER.to_string(),
                time: None,
            };
            let res = client
                .tx_execute(
                    &contract_address,
                    &chain_id,
                   gas,
                    sender,
                    json!(execute_msg),
                   fees
                )
                .await;
            println!("{res:?}");
            std::thread::sleep(std::time::Duration::from_secs(5));
        } else {
            println!("TCBInfo for FMSPC: {fmspc} up to date")
        }
    }
    Ok(())
}

#[tokio::main]
pub async fn main() {
    let args: Vec<String> = env::args().collect();
    let url = &args[1];
    let chain_id = &args[2];
    let contract_address : &str = &args[3];
    let sender: &str = &args[4];
    let gas: &u64 = &args[5].parse().expect("gas must be a u64 value");
    let fees: &str = &args[6];
    let sk: &str = &args[7];
    upsert_tcbinfo(url, contract_address, Id::try_from(chain_id.clone()).expect("invalid chain id"), sender, *gas, fees).await.expect("TCBInfo update failed");
}

/*let url =;
    let chain_id = tendermint::chain::id::Id::try_from("pion-1").expect("invalid chain id");
contract_address = ;
let sender = ;
gas =  1000000,
fees = ,
 */
try grpc 2025-02-11 16:43:48 +00:00			`use cw_client::{GrpcClient, CwClient};`
WIP 2024-12-05 13:36:19 +00:00			`use quartz_tcbinfo_msgs::{QueryMsg, ExecuteMsg};`
WIP 2024-12-04 20:35:35 +00:00			`use quoted_string::strip_dquotes;`
try grpc 2025-02-11 16:43:48 +00:00			`use anyhow::{anyhow, Result};`
WIP 2024-12-05 14:22:57 +00:00			`use quoted_string::test_utils::TestSpec;`
			`use quoted_string::to_content;`
WIP 2024-12-04 20:35:35 +00:00			`use reqwest::Url;`
WIP 2024-12-03 10:02:58 +00:00			`use serde_json::{json, Value};`
remove hardcoded config 2024-12-05 16:15:56 +00:00			`use std::env;`
			`use tendermint::chain::id::Id;`
remove local db 2024-12-05 13:29:35 +00:00
tcbinfo-updater initial commit 2024-11-29 19:07:22 +00:00			`type Fmspc = String;`
			`type Update = String;`

update local store + execute contract 2024-11-29 19:07:22 +00:00			`const TCB_SIGNER: &str = include_str!("../tcb_signer.pem");`

changed type of tcbinfo 2024-12-04 19:48:38 +00:00			`async fn get_tcbinfo(fmspc: Fmspc, update: Update) -> String {`
tcbinfo-updater initial commit 2024-11-29 19:07:22 +00:00			`let url = format!("https://api.trustedservices.intel.com/sgx/certification/v4/tcb?fmspc={fmspc}&update={update}");`
WIP async 2024-12-03 09:13:37 +00:00			`let body: String = reqwest::get(url)`
			`.await`
tcbinfo-updater initial commit 2024-11-29 19:07:22 +00:00			`.expect("url retrieval failed")`
			`.text()`
WIP async 2 2024-12-03 09:38:50 +00:00			`.await`
tcbinfo-updater initial commit 2024-11-29 19:07:22 +00:00			`.expect("could not read https response");`
WIP 2024-12-04 20:35:35 +00:00			`body`
tcbinfo-updater initial commit 2024-11-29 19:07:22 +00:00			`}`

WIP async 2024-12-03 09:13:37 +00:00			`async fn get_fmspc_list() -> Vec<Fmspc> {`
tcbinfo-updater initial commit 2024-11-29 19:07:22 +00:00			`let body: String =`
WIP 2024-12-04 20:35:35 +00:00			`reqwest::get("https://api.trustedservices.intel.com/sgx/certification/v4/fmspcs")`
			`.await`
			`.expect("url retrieval failed")`
			`.text()`
			`.await`
			`.expect("could not read https response");`
tcbinfo-updater initial commit 2024-11-29 19:07:22 +00:00			`let fmspc_data: Vec<Value> = serde_json::from_str(&body).expect("could not convert to JSON");`
			`let mut fmspc_list: Vec<Fmspc> = Vec::new();`
			`for item in fmspc_data.iter() {`
			`let fmspc: String = format!("{}", item["fmspc"]);`
			`fmspc_list.push(strip_dquotes(&fmspc).unwrap().to_string());`
			`}`
			`fmspc_list`
			`}`

revert grpc 2025-02-13 12:27:30 +00:00			`async fn upsert_tcbinfo(url: &str, contract_addr: &str, chain_id : Id, sender: &str, gas: u64, fees: &str) -> Result<(), &'static str> {`
WIP 2024-12-05 12:03:39 +00:00
try grpc 2025-02-11 16:43:48 +00:00			`let network = Url::parse(url).expect("couldn't parse network URL");`
			`let skey = hex::decode(sk).expect("couldn't read signing key")`
			`.as_slice()`
			`.try_into()`
			`.map_err(\|e\| anyhow!("failed to read/parse sk: {}", e)).expect("couldn't extract result value");`
revert grpc 2025-02-13 12:27:30 +00:00			`let client = CliClient::new(network);`
WIP 2024-12-05 12:03:39 +00:00			`let fmspc_list = get_fmspc_list().await;`

tcbinfo-updater initial commit 2024-11-29 19:07:22 +00:00			`for fmspc in fmspc_list {`
WIP 2024-12-05 12:03:39 +00:00
			`let tcbinfo_from_api = get_tcbinfo(fmspc.clone(), "standard".to_string()).await;`
WIP 2024-12-05 14:28:01 +00:00
WIP 2024-12-05 12:03:39 +00:00			`// assert!(verify_signature(tcbinfo.clone(), key));`
remove hardcoded config 2024-12-05 16:15:56 +00:00			`let contract_address = contract_addr`
			`.parse()`
WIP 2024-12-05 12:03:39 +00:00			`.expect("failed to parse contract address");`
WIP 2024-12-05 13:40:57 +00:00			`let query_msg = QueryMsg::GetTcbInfo { fmspc: fmspc.clone() };`
WIP 2024-12-05 14:47:54 +00:00
			`let tcbinfo_on_chain = { if let Ok(res) = client.query_smart::<Value>(&contract_address, json!(query_msg)).await {`
			`to_content::<TestSpec>(&res["data"]["tcb_info"].to_string()).unwrap().to_string()`
			`} else {`
			`"".to_string()`
			`}`


			`};`

WIP 2024-12-05 14:05:29 +00:00			`if tcbinfo_on_chain != tcbinfo_from_api {`
update local store + execute contract 2024-11-29 19:07:22 +00:00			`println!("updating on-chain TCBInfo for FMSPC: {fmspc}");`
remove hardcoded config 2024-12-05 16:15:56 +00:00
WIP 2024-12-05 12:03:39 +00:00
WIP 2024-12-03 09:58:52 +00:00			`let execute_msg = ExecuteMsg {`
remove local db 2024-12-05 13:29:35 +00:00			`tcb_info: tcbinfo_from_api.to_string(),`
			`certificate: TCB_SIGNER.to_string(),`
update local store + execute contract 2024-11-29 19:07:22 +00:00			`time: None,`
WIP 2024-12-03 10:01:17 +00:00			`};`
remove hardcoded config 2024-12-05 16:15:56 +00:00			`let res = client`
WIP 2024-12-04 20:35:35 +00:00			`.tx_execute(`
			`&contract_address,`
			`&chain_id,`
remove hardcoded config 2024-12-05 16:15:56 +00:00			`gas,`
WIP 2024-12-05 11:26:03 +00:00			`sender,`
WIP 2024-12-04 20:35:35 +00:00			`json!(execute_msg),`
remove hardcoded config 2024-12-05 16:15:56 +00:00			`fees`
WIP 2024-12-04 20:35:35 +00:00			`)`
			`.await;`
remove hardcoded config 2024-12-05 16:15:56 +00:00			`println!("{res:?}");`
WIP 2024-12-03 10:42:57 +00:00			`std::thread::sleep(std::time::Duration::from_secs(5));`
WIP 2024-12-04 20:35:35 +00:00			`} else {`
update local store + execute contract 2024-11-29 19:07:22 +00:00			`println!("TCBInfo for FMSPC: {fmspc} up to date")`
tcbinfo-updater initial commit 2024-11-29 19:07:22 +00:00			`}`
			`}`
update local store + execute contract 2024-11-29 19:07:22 +00:00			`Ok(())`
tcbinfo-updater initial commit 2024-11-29 19:07:22 +00:00			`}`
update local store + execute contract 2024-11-29 19:07:22 +00:00
WIP async 2024-12-03 09:13:37 +00:00			`#[tokio::main]`
			`pub async fn main() {`
remove hardcoded config 2024-12-05 16:15:56 +00:00			`let args: Vec<String> = env::args().collect();`
			`let url = &args[1];`
			`let chain_id = &args[2];`
			`let contract_address : &str = &args[3];`
			`let sender: &str = &args[4];`
			`let gas: &u64 = &args[5].parse().expect("gas must be a u64 value");`
			`let fees: &str = &args[6];`
try grpc 2025-02-11 16:43:48 +00:00			`let sk: &str = &args[7];`
revert grpc 2025-02-13 12:27:30 +00:00			`upsert_tcbinfo(url, contract_address, Id::try_from(chain_id.clone()).expect("invalid chain id"), sender, *gas, fees).await.expect("TCBInfo update failed");`
update local store + execute contract 2024-11-29 19:07:22 +00:00			`}`
remove hardcoded config 2024-12-05 16:15:56 +00:00
			`/*let url =;`
			`let chain_id = tendermint::chain::id::Id::try_from("pion-1").expect("invalid chain id");`
			`contract_address = ;`
			`let sender = ;`
			`gas = 1000000,`
			`fees = ,`
			`*/`