From 6145608ff7bd0a0fd5fd1a2a91c9fb6115108257 Mon Sep 17 00:00:00 2001
From: hu55a1n1 <sufialhussaini@gmail.com>
Date: Tue, 27 Feb 2024 13:28:59 -0800
Subject: [PATCH] Read MRENCLAVE from sigfile

---
 enclaves/quartz/README.md                |  2 +-
 enclaves/quartz/quartz.manifest.template |  2 +-
 enclaves/quartz/src/cli.rs               | 14 ++++----------
 enclaves/quartz/src/main.rs              | 13 +++++++++++--
 4 files changed, 17 insertions(+), 14 deletions(-)

diff --git a/enclaves/quartz/README.md b/enclaves/quartz/README.md
index 3f36371..57b7c49 100644
--- a/enclaves/quartz/README.md
+++ b/enclaves/quartz/README.md
@@ -25,7 +25,7 @@ gramine-sgx ./quartz
 
 ```bash
 cargo run -- --chain-id testing \
-    --mr-enclave "fa9149158c693b09e83480b48c2e7344c941aadca6d5829834f2af9f2690435e" \
+    --sigfile "quartz.sig" \
     --trusted-height 1 \
     --trusted-hash "A1D115BA3A5E9FCC12ED68A9D8669159E9085F6F96EC26619F5C7CEB4EE02869"
 ```
diff --git a/enclaves/quartz/quartz.manifest.template b/enclaves/quartz/quartz.manifest.template
index 15b681e..36e39ab 100644
--- a/enclaves/quartz/quartz.manifest.template
+++ b/enclaves/quartz/quartz.manifest.template
@@ -21,7 +21,7 @@ loader.env.MYAPP_DATA = { passthrough = true }
 
 loader.argv = ["quartz-enclave",
                 "--chain-id", "testing",
-                "--mr-enclave", "fa9149158c693b09e83480b48c2e7344c941aadca6d5829834f2af9f2690435e",
+                "--sigile", "quartz.sig",
                 "--trusted-height", "1",
                 "--trusted-hash", "A1D115BA3A5E9FCC12ED68A9D8669159E9085F6F96EC26619F5C7CEB4EE02869"]
 
diff --git a/enclaves/quartz/src/cli.rs b/enclaves/quartz/src/cli.rs
index 65c5484..3f9c0fb 100644
--- a/enclaves/quartz/src/cli.rs
+++ b/enclaves/quartz/src/cli.rs
@@ -1,9 +1,7 @@
-use std::net::SocketAddr;
+use std::{net::SocketAddr, path::PathBuf};
 
 use clap::Parser;
 use color_eyre::eyre::{eyre, Result};
-use cosmwasm_std::HexBinary;
-use quartz_cw::state::MrEnclave;
 use tendermint::Hash;
 use tendermint_light_client::types::{Height, TrustThreshold};
 
@@ -17,10 +15,6 @@ fn parse_trust_threshold(s: &str) -> Result<TrustThreshold> {
     }
 }
 
-fn parse_mr_enclave(s: &str) -> Result<MrEnclave> {
-    Ok(HexBinary::from_hex(s)?.to_array()?)
-}
-
 #[derive(Debug, Parser)]
 #[command(author, version, about, long_about = None)]
 pub struct Cli {
@@ -28,9 +22,9 @@ pub struct Cli {
     #[clap(long, default_value = "127.0.0.1:11090")]
     pub rpc_addr: SocketAddr,
 
-    /// MRENCLAVE of this enclave
-    #[clap(long, value_parser = parse_mr_enclave)]
-    pub mr_enclave: MrEnclave,
+    /// Gramine SIGFILE for this enclave (to read MRENCLAVE from)
+    #[clap(long)]
+    pub sigfile: PathBuf,
 
     /// Identifier of the chain
     #[clap(long)]
diff --git a/enclaves/quartz/src/main.rs b/enclaves/quartz/src/main.rs
index e04df30..6c04829 100644
--- a/enclaves/quartz/src/main.rs
+++ b/enclaves/quartz/src/main.rs
@@ -18,9 +18,10 @@ mod attestor;
 mod cli;
 mod server;
 
-use std::time::Duration;
+use std::{process::Command, time::Duration};
 
 use clap::Parser;
+use cosmwasm_std::HexBinary;
 use quartz_cw::state::{Config, LightClientOpts};
 use quartz_proto::quartz::core_server::CoreServer;
 use tonic::transport::Server;
@@ -31,6 +32,14 @@ use crate::{attestor::EpidAttestor, cli::Cli, server::CoreService};
 async fn main() -> Result<(), Box<dyn std::error::Error>> {
     let args = Cli::parse();
 
+    let gramine_sgx_sigstruct_view = Command::new("gramine-sgx-sigstruct-view")
+        .args(["--output-format", "json"])
+        .arg(args.sigfile)
+        .output()?;
+
+    let sigstruct_json: serde_json::Value =
+        serde_json::from_str(&String::from_utf8(gramine_sgx_sigstruct_view.stdout)?)?;
+    let mr_enclave = HexBinary::from_hex(&sigstruct_json["mr_enclave"].to_string())?.to_array()?;
     let light_client_opts = LightClientOpts::new(
         args.chain_id,
         args.trusted_height,
@@ -41,7 +50,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
         args.max_block_lag,
     );
     let config = Config::new(
-        args.mr_enclave,
+        mr_enclave,
         Duration::from_secs(30 * 24 * 60),
         light_client_opts,
     );