From fd87e15ccdd12854a9bccc5e5704d2626ee9a8b3 Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Wed, 28 Feb 2024 15:29:26 -0800 Subject: [PATCH 01/14] mtcs-intent crate --- Cargo.lock | 149 +++++++++++++++++++++++++------ enclaves/quartz/src/server.rs | 2 + utils/mtcs-intent/.gitignore | 3 + utils/mtcs-intent/Cargo.toml | 17 ++++ utils/mtcs-intent/src/main.rs | 160 ++++++++++++++++++++++++++++++++++ 5 files changed, 304 insertions(+), 27 deletions(-) create mode 100644 utils/mtcs-intent/.gitignore create mode 100644 utils/mtcs-intent/Cargo.toml create mode 100644 utils/mtcs-intent/src/main.rs diff --git a/Cargo.lock b/Cargo.lock index ed621a9..8c6c2ba 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -157,7 +157,7 @@ checksum = "16e62a023e7c117e27523144c5d2459f4397fcc3cab0085af8e2224f643a0193" dependencies = [ "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -168,7 +168,7 @@ checksum = "c980ee35e870bd1a4d2c8294d4c04d0499e67bca1e4b5cefcc693c2fa00caea9" dependencies = [ "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -473,7 +473,7 @@ dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -853,7 +853,7 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.10.0", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -864,7 +864,7 @@ checksum = "a668eda54683121533a393014d8692171709ff57a7d61f187b6e782719f8933f" dependencies = [ "darling_core", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -948,7 +948,7 @@ checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -979,6 +979,7 @@ dependencies = [ "digest 0.10.7", "elliptic-curve 0.13.8", "rfc6979 0.4.0", + "serdect", "signature 2.2.0", "spki 0.7.3", ] @@ -994,6 +995,7 @@ dependencies = [ "hkdf", "libsecp256k1", "once_cell", + "openssl", "parking_lot", "rand_core 0.6.4", "sha2 0.10.8", @@ -1101,6 +1103,7 @@ dependencies = [ "pkcs8 0.10.2", "rand_core 0.6.4", "sec1 0.7.3", + "serdect", "subtle", "zeroize", ] @@ -1188,6 +1191,21 @@ version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" +[[package]] +name = "foreign-types" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" +dependencies = [ + "foreign-types-shared", +] + +[[package]] +name = "foreign-types-shared" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" + [[package]] name = "form_urlencoded" version = "1.2.1" @@ -1259,7 +1277,7 @@ checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac" dependencies = [ "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -1659,6 +1677,7 @@ dependencies = [ "ecdsa 0.16.9", "elliptic-curve 0.13.8", "once_cell", + "serdect", "sha2 0.10.8", "signature 2.2.0", ] @@ -1777,9 +1796,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.20" +version = "0.4.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f" +checksum = "90ed8c1e510134f979dbc4f070f87d4313098b704861a105fe34231c70a3901c" [[package]] name = "matchers" @@ -1852,6 +1871,21 @@ dependencies = [ "tracing-subscriber", ] +[[package]] +name = "mtcs-intent" +version = "0.1.0" +dependencies = [ + "clap", + "cosmwasm-std", + "ecies", + "hex", + "k256 0.13.3", + "rand", + "serde", + "serde_json", + "sha2 0.10.8", +] + [[package]] name = "multimap" version = "0.8.3" @@ -1975,12 +2009,50 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" +[[package]] +name = "openssl" +version = "0.10.64" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95a0481286a310808298130d22dd1fef0fa571e05a8f44ec801801e84b216b1f" +dependencies = [ + "bitflags 2.4.2", + "cfg-if 1.0.0", + "foreign-types", + "libc", + "once_cell", + "openssl-macros", + "openssl-sys", +] + +[[package]] +name = "openssl-macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.52", +] + [[package]] name = "openssl-probe" version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" +[[package]] +name = "openssl-sys" +version = "0.9.101" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dda2b0f344e78efc2facf7d195d098df0dd72151b26ab98da807afc26c198dff" +dependencies = [ + "cc", + "libc", + "pkg-config", + "vcpkg", +] + [[package]] name = "overload" version = "0.1.1" @@ -2100,7 +2172,7 @@ checksum = "266c042b60c9c76b8d53061e52b2e0d1116abc57cefc8c5cd671619a56ac3690" dependencies = [ "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -2146,6 +2218,12 @@ dependencies = [ "spki 0.7.3", ] +[[package]] +name = "pkg-config" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d231b230927b5e4ad203db57bbcbee2802f6bce620b1e4a9024a07d94e2907ec" + [[package]] name = "polyval" version = "0.6.1" @@ -2177,7 +2255,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a41cf62165e97c7f814d2221421dbb9afcbcdb0a88068e5ea206e19951c2cbb5" dependencies = [ "proc-macro2", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -2226,7 +2304,7 @@ dependencies = [ "prost 0.12.3", "prost-types 0.12.3", "regex", - "syn 2.0.51", + "syn 2.0.52", "tempfile", "which", ] @@ -2254,7 +2332,7 @@ dependencies = [ "itertools 0.11.0", "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -2278,7 +2356,7 @@ dependencies = [ [[package]] name = "quartz-cw" version = "0.1.0" -source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#0e877198416e3c2fb85777c177bcbabb3ca80b69" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#8f6ff80cce2160d9f0d1f7ce20c010f17c0fa88e" dependencies = [ "cosmwasm-schema", "cosmwasm-std", @@ -2349,7 +2427,7 @@ dependencies = [ [[package]] name = "quartz-tee-ra" version = "0.1.0" -source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#0e877198416e3c2fb85777c177bcbabb3ca80b69" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#8f6ff80cce2160d9f0d1f7ce20c010f17c0fa88e" dependencies = [ "cosmwasm-schema", "cosmwasm-std", @@ -2743,6 +2821,7 @@ dependencies = [ "der 0.7.8", "generic-array", "pkcs8 0.10.2", + "serdect", "subtle", "zeroize", ] @@ -2821,7 +2900,7 @@ checksum = "7eb0b34b42edc17f6b7cac84a52a1c5f0e1bb2227e997ca9011ea3dd34e8610b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -2854,7 +2933,7 @@ checksum = "0b2e6b945e9d3df726b65d6ee24060aff8e3533d431f677a9695db04eff9dfdb" dependencies = [ "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -2894,7 +2973,17 @@ dependencies = [ "darling", "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", +] + +[[package]] +name = "serdect" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a84f14a19e9a014bb9f4512488d9829a68e04ecabffb0f9904cd1ace94598177" +dependencies = [ + "base16ct 0.2.0", + "serde", ] [[package]] @@ -3078,9 +3167,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.51" +version = "2.0.52" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ab617d94515e94ae53b8406c628598680aa0c9587474ecbe58188f7b345d66c" +checksum = "b699d15b36d1f02c3e7c69f8ffef53de37aefae075d8488d4ba1a7788d574a07" dependencies = [ "proc-macro2", "quote", @@ -3414,7 +3503,7 @@ checksum = "a953cb265bef375dae3de6663da4d3804eee9682ea80d8e2542529b73c531c81" dependencies = [ "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -3553,7 +3642,7 @@ checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -3669,7 +3758,7 @@ dependencies = [ "proc-macro2", "prost-build", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -3723,7 +3812,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", ] [[package]] @@ -3863,6 +3952,12 @@ version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "830b7e5d4d90034032940e4ace0d9a9a057e7a45cd94e6c007832e39edb82f6d" +[[package]] +name = "vcpkg" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" + [[package]] name = "version_check" version = "0.9.4" @@ -3915,7 +4010,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", "wasm-bindgen-shared", ] @@ -3949,7 +4044,7 @@ checksum = "642f325be6301eb8107a83d12a8ac6c1e1c54345a7ef1a9261962dfefda09e66" dependencies = [ "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -4172,5 +4267,5 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.51", + "syn 2.0.52", ] diff --git a/enclaves/quartz/src/server.rs b/enclaves/quartz/src/server.rs index 56266d4..0dda79f 100644 --- a/enclaves/quartz/src/server.rs +++ b/enclaves/quartz/src/server.rs @@ -66,6 +66,7 @@ where &self, _request: Request, ) -> TonicResult> { + // FIXME(hu55a1n1) - disallow calling more than once let mut nonce = self.nonce.lock().unwrap(); *nonce = rand::thread_rng().gen::(); @@ -84,6 +85,7 @@ where &self, _request: Request, ) -> TonicResult> { + // FIXME(hu55a1n1) - disallow calling more than once let nonce = self.nonce.lock().unwrap(); let sk = SigningKey::random(&mut rand::thread_rng()); let pk = sk.verifying_key(); diff --git a/utils/mtcs-intent/.gitignore b/utils/mtcs-intent/.gitignore new file mode 100644 index 0000000..d8c9f3f --- /dev/null +++ b/utils/mtcs-intent/.gitignore @@ -0,0 +1,3 @@ +*.pk +*.sk + diff --git a/utils/mtcs-intent/Cargo.toml b/utils/mtcs-intent/Cargo.toml new file mode 100644 index 0000000..3f89a52 --- /dev/null +++ b/utils/mtcs-intent/Cargo.toml @@ -0,0 +1,17 @@ +[package] +name = "mtcs-intent" +version = "0.1.0" +edition = "2021" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dependencies] +clap = { version = "4.0.32", features = ["derive"] } +cosmwasm-std = "1.4.0" +ecies = "0.2.6" +hex = "0.4.3" +k256 = { version = "0.13.2", default-features = false, features = ["ecdsa", "alloc", "serde"] } +rand = "0.8.5" +serde = { version = "1.0.197", features = ["derive"] } +serde_json = "1.0.114" +sha2 = "0.10.8" diff --git a/utils/mtcs-intent/src/main.rs b/utils/mtcs-intent/src/main.rs new file mode 100644 index 0000000..f8b5d25 --- /dev/null +++ b/utils/mtcs-intent/src/main.rs @@ -0,0 +1,160 @@ +#![forbid(unsafe_code)] +#![warn( + clippy::checked_conversions, + clippy::panic, + clippy::panic_in_result_fn, + clippy::unwrap_used, + trivial_casts, + trivial_numeric_casts, + rust_2018_idioms, + unused_lifetimes, + unused_import_braces, + unused_qualifications +)] + +use std::{ + error::Error, + fs::{read_to_string, File}, + io::Write, + path::PathBuf, +}; + +use clap::{Parser, Subcommand}; +use cosmwasm_std::HexBinary; +use ecies::encrypt; +use k256::ecdsa::{SigningKey, VerifyingKey}; +use rand::Rng; +use serde::{Deserialize, Serialize}; +use sha2::{Digest, Sha256}; + +#[derive(Debug, Parser)] +#[command(author, version, about, long_about = None)] +struct Cli { + #[command(subcommand)] + pub command: Command, +} + +#[derive(Debug, Subcommand)] +#[allow(clippy::large_enum_variant)] +enum Command { + KeyGen { + #[clap(long, default_value = "user.pk")] + pk_file: PathBuf, + #[clap(long, default_value = "user.sk")] + sk_file: PathBuf, + }, + EncryptObligation { + #[clap(long, value_parser = parse_obligation_json)] + obligation: Obligation, + #[clap(long, default_value = "epoch.pk")] + pk_file: PathBuf, + }, +} + +fn parse_obligation_json(s: &str) -> Result { + let raw_obligation: RawObligation = serde_json::from_str(s).map_err(|e| e.to_string())?; + raw_obligation.try_into() +} + +#[derive(Clone, Debug, Serialize, Deserialize)] +struct RawObligation { + debtor: HexBinary, + creditor: HexBinary, + amount: u64, + #[serde(default)] + salt: HexBinary, +} + +#[derive(Clone, Debug)] +struct Obligation { + debtor: VerifyingKey, + creditor: VerifyingKey, + amount: u64, + salt: [u8; 64], +} + +impl TryFrom for Obligation { + type Error = String; + + fn try_from(raw_obligation: RawObligation) -> Result { + let mut salt = [0u8; 64]; + rand::thread_rng().fill(&mut salt[..]); + + Ok(Self { + debtor: VerifyingKey::from_sec1_bytes(raw_obligation.debtor.as_slice()) + .map_err(|e| e.to_string())?, + creditor: VerifyingKey::from_sec1_bytes(raw_obligation.debtor.as_slice()) + .map_err(|e| e.to_string())?, + amount: raw_obligation.amount, + salt, + }) + } +} + +impl From for RawObligation { + fn from(obligation: Obligation) -> Self { + Self { + debtor: obligation.debtor.to_sec1_bytes().into_vec().into(), + creditor: obligation.creditor.to_sec1_bytes().into_vec().into(), + amount: obligation.amount, + salt: obligation.salt.into(), + } + } +} + +#[derive(Clone, Debug, Serialize, Deserialize)] +struct EncryptedObligation { + ciphertext: HexBinary, + digest: HexBinary, +} + +fn main() -> Result<(), Box> { + let args = Cli::parse(); + + match args.command { + Command::KeyGen { pk_file, sk_file } => { + let sk = SigningKey::random(&mut rand::thread_rng()); + let pk = sk.verifying_key(); + + let mut sk_file = File::create(sk_file)?; + let sk = hex::encode(sk.to_bytes()); + sk_file.write_all(sk.as_bytes())?; + + let mut pk_file = File::create(pk_file)?; + let pk = hex::encode(pk.to_sec1_bytes()); + pk_file.write_all(pk.as_bytes())?; + } + Command::EncryptObligation { + obligation, + pk_file, + } => { + let epoch_pk = { + let pk_str = read_to_string(pk_file)?; + hex::decode(pk_str)? + }; + let obligation_ser = serde_json::to_string(&RawObligation::from(obligation)) + .expect("infallible serializer"); + + let ciphertext = + encrypt(&epoch_pk, obligation_ser.as_bytes()).map_err(|e| e.to_string())?; + + let digest: [u8; 32] = { + let mut hasher = Sha256::new(); + hasher.update(obligation_ser); + hasher.finalize().into() + }; + + let obligation_enc = EncryptedObligation { + ciphertext: ciphertext.into(), + digest: digest.into(), + }; + + println!( + "{}", + serde_json::to_string(&obligation_enc).expect("infallible serializer") + ); + } + } + + Ok(()) +} From ac35a80ac4cb88106549cd91fbf2d94e2f59a2d0 Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Thu, 29 Feb 2024 03:30:25 -0800 Subject: [PATCH 02/14] MTCS proto init --- Cargo.lock | 1 + enclaves/quartz/Cargo.toml | 3 + enclaves/quartz/build.rs | 6 + enclaves/quartz/proto/mtcs.proto | 15 ++ enclaves/quartz/src/main.rs | 1 + enclaves/quartz/src/prost/mtcs.rs | 302 ++++++++++++++++++++++++++++++ enclaves/quartz/src/proto.rs | 3 + 7 files changed, 331 insertions(+) create mode 100644 enclaves/quartz/build.rs create mode 100644 enclaves/quartz/proto/mtcs.proto create mode 100644 enclaves/quartz/src/prost/mtcs.rs create mode 100644 enclaves/quartz/src/proto.rs diff --git a/Cargo.lock b/Cargo.lock index 8c6c2ba..30a0e6b 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2389,6 +2389,7 @@ dependencies = [ "tendermint-light-client", "tokio", "tonic 0.11.0", + "tonic-build", ] [[package]] diff --git a/enclaves/quartz/Cargo.toml b/enclaves/quartz/Cargo.toml index 8fafd73..7ad6a09 100644 --- a/enclaves/quartz/Cargo.toml +++ b/enclaves/quartz/Cargo.toml @@ -21,3 +21,6 @@ quartz-cw = { git = "ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git", quartz-proto = { path = "../../utils/quartz-proto" } quartz-relayer = { path = "../../utils/quartz-relayer" } quartz-tee-ra = { git = "ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git", branch = "hu55a1n1/11-use-quartz" } + +[build-dependencies] +tonic-build = "0.11" diff --git a/enclaves/quartz/build.rs b/enclaves/quartz/build.rs new file mode 100644 index 0000000..4f9ea1b --- /dev/null +++ b/enclaves/quartz/build.rs @@ -0,0 +1,6 @@ +fn main() -> Result<(), Box> { + tonic_build::configure() + .out_dir("src/prost") + .compile(&["proto/mtcs.proto"], &["proto"])?; + Ok(()) +} diff --git a/enclaves/quartz/proto/mtcs.proto b/enclaves/quartz/proto/mtcs.proto new file mode 100644 index 0000000..99345a6 --- /dev/null +++ b/enclaves/quartz/proto/mtcs.proto @@ -0,0 +1,15 @@ +syntax = "proto3"; + +package mtcs; + +service Clearing { + rpc Run (RunClearingRequest) returns (RunClearingResponse) {} +} + +message RunClearingRequest { + string message = 1; +} + +message RunClearingResponse { + string message = 1; +} diff --git a/enclaves/quartz/src/main.rs b/enclaves/quartz/src/main.rs index 90a15c8..b8aa4c2 100644 --- a/enclaves/quartz/src/main.rs +++ b/enclaves/quartz/src/main.rs @@ -15,6 +15,7 @@ mod attestor; mod cli; +mod proto; mod server; use std::time::Duration; diff --git a/enclaves/quartz/src/prost/mtcs.rs b/enclaves/quartz/src/prost/mtcs.rs new file mode 100644 index 0000000..17d679f --- /dev/null +++ b/enclaves/quartz/src/prost/mtcs.rs @@ -0,0 +1,302 @@ +#[allow(clippy::derive_partial_eq_without_eq)] +#[derive(Clone, PartialEq, ::prost::Message)] +pub struct RunClearingRequest { + #[prost(string, tag = "1")] + pub message: ::prost::alloc::string::String, +} +#[allow(clippy::derive_partial_eq_without_eq)] +#[derive(Clone, PartialEq, ::prost::Message)] +pub struct RunClearingResponse { + #[prost(string, tag = "1")] + pub message: ::prost::alloc::string::String, +} +/// Generated client implementations. +pub mod clearing_client { + #![allow(unused_variables, dead_code, missing_docs, clippy::let_unit_value)] + use tonic::codegen::*; + use tonic::codegen::http::Uri; + #[derive(Debug, Clone)] + pub struct ClearingClient { + inner: tonic::client::Grpc, + } + impl ClearingClient { + /// Attempt to create a new client by connecting to a given endpoint. + pub async fn connect(dst: D) -> Result + where + D: TryInto, + D::Error: Into, + { + let conn = tonic::transport::Endpoint::new(dst)?.connect().await?; + Ok(Self::new(conn)) + } + } + impl ClearingClient + where + T: tonic::client::GrpcService, + T::Error: Into, + T::ResponseBody: Body + Send + 'static, + ::Error: Into + Send, + { + pub fn new(inner: T) -> Self { + let inner = tonic::client::Grpc::new(inner); + Self { inner } + } + pub fn with_origin(inner: T, origin: Uri) -> Self { + let inner = tonic::client::Grpc::with_origin(inner, origin); + Self { inner } + } + pub fn with_interceptor( + inner: T, + interceptor: F, + ) -> ClearingClient> + where + F: tonic::service::Interceptor, + T::ResponseBody: Default, + T: tonic::codegen::Service< + http::Request, + Response = http::Response< + >::ResponseBody, + >, + >, + , + >>::Error: Into + Send + Sync, + { + ClearingClient::new(InterceptedService::new(inner, interceptor)) + } + /// Compress requests with the given encoding. + /// + /// This requires the server to support it otherwise it might respond with an + /// error. + #[must_use] + pub fn send_compressed(mut self, encoding: CompressionEncoding) -> Self { + self.inner = self.inner.send_compressed(encoding); + self + } + /// Enable decompressing responses. + #[must_use] + pub fn accept_compressed(mut self, encoding: CompressionEncoding) -> Self { + self.inner = self.inner.accept_compressed(encoding); + self + } + /// Limits the maximum size of a decoded message. + /// + /// Default: `4MB` + #[must_use] + pub fn max_decoding_message_size(mut self, limit: usize) -> Self { + self.inner = self.inner.max_decoding_message_size(limit); + self + } + /// Limits the maximum size of an encoded message. + /// + /// Default: `usize::MAX` + #[must_use] + pub fn max_encoding_message_size(mut self, limit: usize) -> Self { + self.inner = self.inner.max_encoding_message_size(limit); + self + } + pub async fn run( + &mut self, + request: impl tonic::IntoRequest, + ) -> std::result::Result< + tonic::Response, + tonic::Status, + > { + self.inner + .ready() + .await + .map_err(|e| { + tonic::Status::new( + tonic::Code::Unknown, + format!("Service was not ready: {}", e.into()), + ) + })?; + let codec = tonic::codec::ProstCodec::default(); + let path = http::uri::PathAndQuery::from_static("/mtcs.Clearing/Run"); + let mut req = request.into_request(); + req.extensions_mut().insert(GrpcMethod::new("mtcs.Clearing", "Run")); + self.inner.unary(req, path, codec).await + } + } +} +/// Generated server implementations. +pub mod clearing_server { + #![allow(unused_variables, dead_code, missing_docs, clippy::let_unit_value)] + use tonic::codegen::*; + /// Generated trait containing gRPC methods that should be implemented for use with ClearingServer. + #[async_trait] + pub trait Clearing: Send + Sync + 'static { + async fn run( + &self, + request: tonic::Request, + ) -> std::result::Result< + tonic::Response, + tonic::Status, + >; + } + #[derive(Debug)] + pub struct ClearingServer { + inner: _Inner, + accept_compression_encodings: EnabledCompressionEncodings, + send_compression_encodings: EnabledCompressionEncodings, + max_decoding_message_size: Option, + max_encoding_message_size: Option, + } + struct _Inner(Arc); + impl ClearingServer { + pub fn new(inner: T) -> Self { + Self::from_arc(Arc::new(inner)) + } + pub fn from_arc(inner: Arc) -> Self { + let inner = _Inner(inner); + Self { + inner, + accept_compression_encodings: Default::default(), + send_compression_encodings: Default::default(), + max_decoding_message_size: None, + max_encoding_message_size: None, + } + } + pub fn with_interceptor( + inner: T, + interceptor: F, + ) -> InterceptedService + where + F: tonic::service::Interceptor, + { + InterceptedService::new(Self::new(inner), interceptor) + } + /// Enable decompressing requests with the given encoding. + #[must_use] + pub fn accept_compressed(mut self, encoding: CompressionEncoding) -> Self { + self.accept_compression_encodings.enable(encoding); + self + } + /// Compress responses with the given encoding, if the client supports it. + #[must_use] + pub fn send_compressed(mut self, encoding: CompressionEncoding) -> Self { + self.send_compression_encodings.enable(encoding); + self + } + /// Limits the maximum size of a decoded message. + /// + /// Default: `4MB` + #[must_use] + pub fn max_decoding_message_size(mut self, limit: usize) -> Self { + self.max_decoding_message_size = Some(limit); + self + } + /// Limits the maximum size of an encoded message. + /// + /// Default: `usize::MAX` + #[must_use] + pub fn max_encoding_message_size(mut self, limit: usize) -> Self { + self.max_encoding_message_size = Some(limit); + self + } + } + impl tonic::codegen::Service> for ClearingServer + where + T: Clearing, + B: Body + Send + 'static, + B::Error: Into + Send + 'static, + { + type Response = http::Response; + type Error = std::convert::Infallible; + type Future = BoxFuture; + fn poll_ready( + &mut self, + _cx: &mut Context<'_>, + ) -> Poll> { + Poll::Ready(Ok(())) + } + fn call(&mut self, req: http::Request) -> Self::Future { + let inner = self.inner.clone(); + match req.uri().path() { + "/mtcs.Clearing/Run" => { + #[allow(non_camel_case_types)] + struct RunSvc(pub Arc); + impl< + T: Clearing, + > tonic::server::UnaryService + for RunSvc { + type Response = super::RunClearingResponse; + type Future = BoxFuture< + tonic::Response, + tonic::Status, + >; + fn call( + &mut self, + request: tonic::Request, + ) -> Self::Future { + let inner = Arc::clone(&self.0); + let fut = async move { + ::run(&inner, request).await + }; + Box::pin(fut) + } + } + let accept_compression_encodings = self.accept_compression_encodings; + let send_compression_encodings = self.send_compression_encodings; + let max_decoding_message_size = self.max_decoding_message_size; + let max_encoding_message_size = self.max_encoding_message_size; + let inner = self.inner.clone(); + let fut = async move { + let inner = inner.0; + let method = RunSvc(inner); + let codec = tonic::codec::ProstCodec::default(); + let mut grpc = tonic::server::Grpc::new(codec) + .apply_compression_config( + accept_compression_encodings, + send_compression_encodings, + ) + .apply_max_message_size_config( + max_decoding_message_size, + max_encoding_message_size, + ); + let res = grpc.unary(method, req).await; + Ok(res) + }; + Box::pin(fut) + } + _ => { + Box::pin(async move { + Ok( + http::Response::builder() + .status(200) + .header("grpc-status", "12") + .header("content-type", "application/grpc") + .body(empty_body()) + .unwrap(), + ) + }) + } + } + } + } + impl Clone for ClearingServer { + fn clone(&self) -> Self { + let inner = self.inner.clone(); + Self { + inner, + accept_compression_encodings: self.accept_compression_encodings, + send_compression_encodings: self.send_compression_encodings, + max_decoding_message_size: self.max_decoding_message_size, + max_encoding_message_size: self.max_encoding_message_size, + } + } + } + impl Clone for _Inner { + fn clone(&self) -> Self { + Self(Arc::clone(&self.0)) + } + } + impl std::fmt::Debug for _Inner { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + write!(f, "{:?}", self.0) + } + } + impl tonic::server::NamedService for ClearingServer { + const NAME: &'static str = "mtcs.Clearing"; + } +} diff --git a/enclaves/quartz/src/proto.rs b/enclaves/quartz/src/proto.rs new file mode 100644 index 0000000..99cb67e --- /dev/null +++ b/enclaves/quartz/src/proto.rs @@ -0,0 +1,3 @@ +#![allow(clippy::unwrap_used, unused_qualifications)] + +include!(concat!("prost/", "mtcs.rs")); From 30ce18495a70deef29ac9b98f6bf8edb1dc05103 Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Thu, 29 Feb 2024 03:59:09 -0800 Subject: [PATCH 03/14] Store sk in CoreService and instantiate it in main.rs --- enclaves/quartz/src/main.rs | 13 +++++++++++-- enclaves/quartz/src/server.rs | 10 ++++++---- 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/enclaves/quartz/src/main.rs b/enclaves/quartz/src/main.rs index b8aa4c2..649fe71 100644 --- a/enclaves/quartz/src/main.rs +++ b/enclaves/quartz/src/main.rs @@ -18,7 +18,10 @@ mod cli; mod proto; mod server; -use std::time::Duration; +use std::{ + sync::{Arc, Mutex}, + time::Duration, +}; use clap::Parser; use quartz_cw::state::{Config, LightClientOpts}; @@ -56,8 +59,14 @@ async fn main() -> Result<(), Box> { light_client_opts, ); + let sk = Arc::new(Mutex::new(None)); + Server::builder() - .add_service(CoreServer::new(CoreService::new(config, EpidAttestor))) + .add_service(CoreServer::new(CoreService::new( + config, + sk.clone(), + EpidAttestor, + ))) .serve(args.rpc_addr) .await?; diff --git a/enclaves/quartz/src/server.rs b/enclaves/quartz/src/server.rs index 0dda79f..967393b 100644 --- a/enclaves/quartz/src/server.rs +++ b/enclaves/quartz/src/server.rs @@ -17,16 +17,15 @@ use quartz_proto::quartz::{ }; use quartz_relayer::types::{InstantiateResponse, SessionCreateResponse, SessionSetPubKeyResponse}; use rand::Rng; -use tonic::{Request, Response, Status}; +use tonic::{Request, Response, Result as TonicResult, Status}; use crate::attestor::Attestor; -type TonicResult = Result; - #[derive(Clone, Debug)] pub struct CoreService { config: Config, nonce: Arc>, + sk: Arc>>, attestor: A, } @@ -34,10 +33,11 @@ impl CoreService where A: Attestor, { - pub fn new(config: Config, attestor: A) -> Self { + pub fn new(config: Config, sk: Arc>>, attestor: A) -> Self { Self { config, nonce: Arc::new(Mutex::new([0u8; 32])), + sk, attestor, } } @@ -87,7 +87,9 @@ where ) -> TonicResult> { // FIXME(hu55a1n1) - disallow calling more than once let nonce = self.nonce.lock().unwrap(); + let sk = SigningKey::random(&mut rand::thread_rng()); + *self.sk.lock().unwrap() = Some(sk.clone()); let pk = sk.verifying_key(); let session_set_pub_key_msg = SessionSetPubKey::new(*nonce, *pk); From c38bbb90065e8d38b91a0cebfb156f30e941dab1 Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Thu, 29 Feb 2024 03:59:39 -0800 Subject: [PATCH 04/14] Instantiate MtcsService --- enclaves/quartz/src/main.rs | 4 ++++ enclaves/quartz/src/mtcs_server.rs | 37 ++++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+) create mode 100644 enclaves/quartz/src/mtcs_server.rs diff --git a/enclaves/quartz/src/main.rs b/enclaves/quartz/src/main.rs index 649fe71..7b27c3d 100644 --- a/enclaves/quartz/src/main.rs +++ b/enclaves/quartz/src/main.rs @@ -15,6 +15,7 @@ mod attestor; mod cli; +mod mtcs_server; mod proto; mod server; @@ -31,6 +32,8 @@ use tonic::transport::Server; use crate::{ attestor::{Attestor, EpidAttestor}, cli::Cli, + mtcs_server::MtcsService, + proto::clearing_server::ClearingServer as MtcsServer, server::CoreService, }; @@ -67,6 +70,7 @@ async fn main() -> Result<(), Box> { sk.clone(), EpidAttestor, ))) + .add_service(MtcsServer::new(MtcsService::new(sk.clone(), EpidAttestor))) .serve(args.rpc_addr) .await?; diff --git a/enclaves/quartz/src/mtcs_server.rs b/enclaves/quartz/src/mtcs_server.rs new file mode 100644 index 0000000..7216b3e --- /dev/null +++ b/enclaves/quartz/src/mtcs_server.rs @@ -0,0 +1,37 @@ +use std::sync::{Arc, Mutex}; + +use k256::ecdsa::SigningKey; +use tonic::{Request, Response, Result as TonicResult, Status}; + +use crate::{ + attestor::Attestor, + proto::{clearing_server::Clearing, RunClearingRequest, RunClearingResponse}, +}; + +#[derive(Clone, Debug)] +pub struct MtcsService { + sk: Arc>>, + attestor: A, +} + +impl MtcsService +where + A: Attestor, +{ + pub fn new(sk: Arc>>, attestor: A) -> Self { + Self { sk, attestor } + } +} + +#[tonic::async_trait] +impl Clearing for MtcsService +where + A: Attestor + Send + Sync + 'static, +{ + async fn run( + &self, + _request: Request, + ) -> TonicResult> { + todo!() + } +} From f961c2fdbc2b003de6c85870566c15d41499d490 Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Thu, 29 Feb 2024 05:17:52 -0800 Subject: [PATCH 05/14] Implement MTCS clearing run --- Cargo.lock | 108 ++++++++++++++++++++++++++++- enclaves/quartz/Cargo.toml | 3 + enclaves/quartz/src/mtcs_server.rs | 60 ++++++++++++++-- 3 files changed, 161 insertions(+), 10 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 30a0e6b..62ea574 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -832,6 +832,38 @@ dependencies = [ "serde", ] +[[package]] +name = "cw-tee-mtcs" +version = "0.1.0" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#3382463b74411fd873a927e1d26b09c35b339753" +dependencies = [ + "cosmwasm-schema", + "cosmwasm-std", + "cw-storage-plus", + "cw2", + "hex", + "k256 0.13.3", + "quartz-cw", + "schemars", + "serde", + "thiserror", +] + +[[package]] +name = "cw2" +version = "1.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c6c120b24fbbf5c3bedebb97f2cc85fbfa1c3287e09223428e7e597b5293c1fa" +dependencies = [ + "cosmwasm-schema", + "cosmwasm-std", + "cw-storage-plus", + "schemars", + "semver", + "serde", + "thiserror", +] + [[package]] name = "darling" version = "0.20.8" @@ -1821,6 +1853,14 @@ version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "60302e4db3a61da70c0cb7991976248362f30319e88850c487b9b95bbf059e00" +[[package]] +name = "mcmf" +version = "2.0.0" +source = "git+https://github.com/hu55a1n1/flow#cad8f3adb29d3be2177a31db0fa0e5c2a858beb0" +dependencies = [ + "cc", +] + [[package]] name = "memchr" version = "2.7.1" @@ -1853,6 +1893,20 @@ dependencies = [ "windows-sys 0.48.0", ] +[[package]] +name = "mtcs" +version = "0.1.0" +source = "git+ssh://git@github.com/informalsystems/mtcs.git#b0b90c348f09c10828e321e505220a18ee891c8e" +dependencies = [ + "displaydoc", + "itertools 0.10.5", + "log", + "mcmf", + "num-traits", + "petgraph 0.6.3", + "serde", +] + [[package]] name = "mtcs-enclave" version = "0.1.0" @@ -1902,6 +1956,20 @@ dependencies = [ "winapi", ] +[[package]] +name = "num" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b05180d69e3da0e530ba2a1dae5110317e49e3b7f3d41be227dc5f92e49ee7af" +dependencies = [ + "num-bigint", + "num-complex", + "num-integer", + "num-iter", + "num-rational", + "num-traits", +] + [[package]] name = "num-bigint" version = "0.4.4" @@ -1931,6 +1999,15 @@ dependencies = [ "zeroize", ] +[[package]] +name = "num-complex" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23c6602fda94a57c990fe0df199a035d83576b496aa29f4e634a8ac6004e68a6" +dependencies = [ + "num-traits", +] + [[package]] name = "num-conv" version = "0.1.0" @@ -1968,6 +2045,18 @@ dependencies = [ "num-traits", ] +[[package]] +name = "num-rational" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0638a1c9d0a3c0914158145bc76cff373a75a627e6ecbfb71cbe6f453a5a19b0" +dependencies = [ + "autocfg", + "num-bigint", + "num-integer", + "num-traits", +] + [[package]] name = "num-traits" version = "0.2.18" @@ -2145,6 +2234,16 @@ version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" +[[package]] +name = "petgraph" +version = "0.6.3" +source = "git+https://github.com/hu55a1n1/petgraph?branch=min-cost-flow-primal-dual#3a2664a3b9d1e5b71c411a6ed497cf576c1a86ae" +dependencies = [ + "fixedbitset", + "indexmap 1.9.3", + "num", +] + [[package]] name = "petgraph" version = "0.6.4" @@ -2299,7 +2398,7 @@ dependencies = [ "log", "multimap", "once_cell", - "petgraph", + "petgraph 0.6.4", "prettyplease", "prost 0.12.3", "prost-types 0.12.3", @@ -2356,7 +2455,7 @@ dependencies = [ [[package]] name = "quartz-cw" version = "0.1.0" -source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#8f6ff80cce2160d9f0d1f7ce20c010f17c0fa88e" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#3382463b74411fd873a927e1d26b09c35b339753" dependencies = [ "cosmwasm-schema", "cosmwasm-std", @@ -2376,7 +2475,10 @@ dependencies = [ "clap", "color-eyre", "cosmwasm-std", + "cw-tee-mtcs", + "ecies", "k256 0.13.3", + "mtcs", "prost 0.12.3", "quartz-cw", "quartz-proto", @@ -2428,7 +2530,7 @@ dependencies = [ [[package]] name = "quartz-tee-ra" version = "0.1.0" -source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#8f6ff80cce2160d9f0d1f7ce20c010f17c0fa88e" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#3382463b74411fd873a927e1d26b09c35b339753" dependencies = [ "cosmwasm-schema", "cosmwasm-std", diff --git a/enclaves/quartz/Cargo.toml b/enclaves/quartz/Cargo.toml index 7ad6a09..4d88333 100644 --- a/enclaves/quartz/Cargo.toml +++ b/enclaves/quartz/Cargo.toml @@ -7,6 +7,7 @@ edition = "2021" clap = { version = "4.1.8", features = ["derive"] } color-eyre = "0.6.2" cosmwasm-std = "1.4.0" +ecies = { version = "0.2.3", default-features = false, features = ["pure"] } k256 = { version = "0.13.2", default-features = false, features = ["ecdsa", "alloc"] } prost = "0.12" rand = "0.8.5" @@ -17,6 +18,8 @@ tendermint-light-client = "0.34.0" tonic = "0.11" tokio = { version = "1.0", features = ["macros", "rt-multi-thread"] } +cw-tee-mtcs = { git = "ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git", branch = "hu55a1n1/11-use-quartz" } +mtcs = { git = "ssh://git@github.com/informalsystems/mtcs.git" } quartz-cw = { git = "ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git", branch = "hu55a1n1/11-use-quartz" } quartz-proto = { path = "../../utils/quartz-proto" } quartz-relayer = { path = "../../utils/quartz-relayer" } diff --git a/enclaves/quartz/src/mtcs_server.rs b/enclaves/quartz/src/mtcs_server.rs index 7216b3e..a520085 100644 --- a/enclaves/quartz/src/mtcs_server.rs +++ b/enclaves/quartz/src/mtcs_server.rs @@ -1,6 +1,19 @@ -use std::sync::{Arc, Mutex}; +use std::{ + collections::BTreeMap, + sync::{Arc, Mutex}, +}; -use k256::ecdsa::SigningKey; +use cosmwasm_std::HexBinary; +use cw_tee_mtcs::{ + msg::execute::SubmitSetoffsMsg, + state::{RawCipherText, RawHash}, +}; +use ecies::{decrypt, encrypt}; +use k256::ecdsa::{SigningKey, VerifyingKey}; +use mtcs::{ + algo::mcmf::primal_dual::PrimalDual, impls::complex_id::ComplexIdMtcs, + obligation::SimpleObligation, prelude::DefaultMtcs, setoff::SimpleSetoff, Mtcs, +}; use tonic::{Request, Response, Result as TonicResult, Status}; use crate::{ @@ -11,15 +24,15 @@ use crate::{ #[derive(Clone, Debug)] pub struct MtcsService { sk: Arc>>, - attestor: A, + _attestor: A, } impl MtcsService where A: Attestor, { - pub fn new(sk: Arc>>, attestor: A) -> Self { - Self { sk, attestor } + pub fn new(sk: Arc>>, _attestor: A) -> Self { + Self { sk, _attestor } } } @@ -30,8 +43,41 @@ where { async fn run( &self, - _request: Request, + request: Request, ) -> TonicResult> { - todo!() + let message = request.into_inner().message; + let obligations_enc: BTreeMap = + serde_json::from_str(&message).map_err(|e| Status::invalid_argument(e.to_string()))?; + + let sk = self.sk.lock().unwrap(); + let obligations: Vec<_> = obligations_enc + .into_values() + .map(|ciphertext| { + let o = decrypt(&sk.as_ref().unwrap().to_bytes(), &ciphertext).unwrap(); + serde_json::from_slice::>(&o).unwrap() + }) + .collect(); + + let mut mtcs = ComplexIdMtcs::wrapping(DefaultMtcs::new(PrimalDual::default())); + let setoffs: Vec> = mtcs.run(obligations).unwrap(); + + let setoffs_enc: Vec = setoffs + .into_iter() + .flat_map(|so| { + let debtor_pk = VerifyingKey::from_sec1_bytes(&so.debtor).unwrap(); + let creditor_pk = VerifyingKey::from_sec1_bytes(&so.creditor).unwrap(); + + let so_ser = serde_json::to_string(&so).expect("infallible serializer"); + let so_debtor = encrypt(&debtor_pk.to_sec1_bytes(), so_ser.as_bytes()).unwrap(); + let so_creditor = encrypt(&creditor_pk.to_sec1_bytes(), so_ser.as_bytes()).unwrap(); + + [so_debtor, so_creditor] + }) + .map(Into::into) + .collect(); + + let message = serde_json::to_string(&SubmitSetoffsMsg { setoffs_enc }).unwrap(); + + Ok(Response::new(RunClearingResponse { message })) } } From 3a713c38df0fa7f4fec60cd0b63dcbe068e29b18 Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Thu, 29 Feb 2024 05:53:00 -0800 Subject: [PATCH 06/14] Complete clearing service impl --- Cargo.lock | 18 +++++++++--------- enclaves/quartz/src/mtcs_server.rs | 26 +++++++++++++++----------- 2 files changed, 24 insertions(+), 20 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 62ea574..8bd5f7c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -835,7 +835,7 @@ dependencies = [ [[package]] name = "cw-tee-mtcs" version = "0.1.0" -source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#3382463b74411fd873a927e1d26b09c35b339753" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#48508d739427bd3f2a983c8e8d4c6eb2e677aff2" dependencies = [ "cosmwasm-schema", "cosmwasm-std", @@ -1416,7 +1416,7 @@ dependencies = [ "futures-sink", "futures-util", "http", - "indexmap 2.2.3", + "indexmap 2.2.4", "slab", "tokio", "tokio-util", @@ -1452,9 +1452,9 @@ checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8" [[package]] name = "hermit-abi" -version = "0.3.8" +version = "0.3.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "379dada1584ad501b383485dd706b8afb7a70fcbc7f4da7d780638a5a6124a60" +checksum = "d231dfb89cfffdbc30e7fc41579ed6066ad03abda9e567ccafae602b97ec5024" [[package]] name = "hex" @@ -1630,9 +1630,9 @@ dependencies = [ [[package]] name = "indexmap" -version = "2.2.3" +version = "2.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "233cf39063f058ea2caae4091bf4a3ef70a653afbc026f5c4a4135d114e3c177" +checksum = "967d6dd42f16dbf0eb8040cb9e477933562684d3918f7d253f2ff9087fb3e7a3" dependencies = [ "equivalent", "hashbrown 0.14.3", @@ -2251,7 +2251,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e1d3afd2628e69da2be385eb6f2fd57c8ac7977ceeff6dc166ff1657b0e386a9" dependencies = [ "fixedbitset", - "indexmap 2.2.3", + "indexmap 2.2.4", ] [[package]] @@ -2455,7 +2455,7 @@ dependencies = [ [[package]] name = "quartz-cw" version = "0.1.0" -source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#3382463b74411fd873a927e1d26b09c35b339753" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#48508d739427bd3f2a983c8e8d4c6eb2e677aff2" dependencies = [ "cosmwasm-schema", "cosmwasm-std", @@ -2530,7 +2530,7 @@ dependencies = [ [[package]] name = "quartz-tee-ra" version = "0.1.0" -source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#3382463b74411fd873a927e1d26b09c35b339753" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#48508d739427bd3f2a983c8e8d4c6eb2e677aff2" dependencies = [ "cosmwasm-schema", "cosmwasm-std", diff --git a/enclaves/quartz/src/mtcs_server.rs b/enclaves/quartz/src/mtcs_server.rs index a520085..d7a7291 100644 --- a/enclaves/quartz/src/mtcs_server.rs +++ b/enclaves/quartz/src/mtcs_server.rs @@ -50,20 +50,22 @@ where serde_json::from_str(&message).map_err(|e| Status::invalid_argument(e.to_string()))?; let sk = self.sk.lock().unwrap(); - let obligations: Vec<_> = obligations_enc - .into_values() - .map(|ciphertext| { - let o = decrypt(&sk.as_ref().unwrap().to_bytes(), &ciphertext).unwrap(); - serde_json::from_slice::>(&o).unwrap() - }) - .collect(); + let (digests, obligations): (Vec, Vec>) = + obligations_enc + .into_iter() + .map(|(digest, ciphertext)| { + let o = decrypt(&sk.as_ref().unwrap().to_bytes(), &ciphertext).unwrap(); + (digest, serde_json::from_slice(&o).unwrap()) + }) + .unzip(); let mut mtcs = ComplexIdMtcs::wrapping(DefaultMtcs::new(PrimalDual::default())); let setoffs: Vec> = mtcs.run(obligations).unwrap(); - let setoffs_enc: Vec = setoffs + let setoffs_enc: BTreeMap = setoffs .into_iter() - .flat_map(|so| { + .zip(digests) + .flat_map(|(so, digest)| { let debtor_pk = VerifyingKey::from_sec1_bytes(&so.debtor).unwrap(); let creditor_pk = VerifyingKey::from_sec1_bytes(&so.creditor).unwrap(); @@ -71,9 +73,11 @@ where let so_debtor = encrypt(&debtor_pk.to_sec1_bytes(), so_ser.as_bytes()).unwrap(); let so_creditor = encrypt(&creditor_pk.to_sec1_bytes(), so_ser.as_bytes()).unwrap(); - [so_debtor, so_creditor] + [ + (digest.clone(), so_debtor.into()), + (digest, so_creditor.into()), + ] }) - .map(Into::into) .collect(); let message = serde_json::to_string(&SubmitSetoffsMsg { setoffs_enc }).unwrap(); From bed57e5185f1d5101b14e174c4b6940d12bed3c2 Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Thu, 29 Feb 2024 05:57:26 -0800 Subject: [PATCH 07/14] Move relay.sh to quartz-relayer dir --- utils/quartz-relayer/scripts/relay.sh | 53 +++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100755 utils/quartz-relayer/scripts/relay.sh diff --git a/utils/quartz-relayer/scripts/relay.sh b/utils/quartz-relayer/scripts/relay.sh new file mode 100755 index 0000000..296db4a --- /dev/null +++ b/utils/quartz-relayer/scripts/relay.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +set -eo pipefail + +usage() { + echo "Usage: $0 " + echo " : Instantiate | SessionCreate | SessionSetPubKey" + exit 1 +} + +IAS_API_KEY="669244b3e6364b5888289a11d2a1726d" +RA_CLIENT_SPID="51CAF5A48B450D624AEFE3286D314894" +QUOTE_FILE="/tmp/test.quote" +REPORT_FILE="/tmp/datareport" +REPORT_SIG_FILE="/tmp/datareportsig" + +REQUEST="$1" + +# clear tmp files from previous runs +rm -f "$QUOTE_FILE" "$REPORT_FILE" "$REPORT_SIG_FILE" + +# query the gRPC quartz enclave service +ATTESTED_MSG=$(grpcurl -plaintext -import-path ../../utils/quartz-proto/proto/ -proto quartz.proto -d '{}' '127.0.0.1:11090' quartz.Core/"$REQUEST" | jq -c '.message | fromjson') + +# parse out the quote and the message +QUOTE=$(echo "$ATTESTED_MSG" | jq -c '.quote') +MSG=$(echo "$ATTESTED_MSG" | jq 'del(.quote)') + +# request the IAS report for EPID attestations +echo -n "$QUOTE" | xxd -r -p - > "$QUOTE_FILE" +gramine-sgx-ias-request report -g "$RA_CLIENT_SPID" -k "$IAS_API_KEY" -q "$QUOTE_FILE" -r "$REPORT_FILE" -s "$REPORT_SIG_FILE" > /dev/null 2>&1 +REPORT=$(cat "$REPORT_FILE") +REPORTSIG=$(cat "$REPORT_SIG_FILE" | tr -d '\r') + +#echo "$QUOTE" +#echo "$REPORT" +#echo "$REPORTSIG" + +case "$REQUEST" in + "Instantiate") + jq -nc --argjson msg "$MSG" --argjson "attestation" \ + "$(jq -nc --argjson report "$(jq -nc --argjson report "$REPORT" --arg reportsig "$REPORTSIG" '$ARGS.named')" '$ARGS.named')" \ + '$ARGS.named' ;; + + "SessionCreate" | "SessionSetPubKey") + REQUEST_KEY=$(echo "$REQUEST" | sed 's/\([A-Z]\)/_\L\1/g;s/^_//') + jq -nc --argjson quartz "$(jq -nc --argjson "$REQUEST_KEY" "$(jq -nc --argjson msg "$MSG" --argjson attestation \ + "$(jq -nc --argjson report "$(jq -nc --argjson report "$REPORT" --arg reportsig "$REPORTSIG" '$ARGS.named')" '$ARGS.named')" \ + '$ARGS.named')" '$ARGS.named')" '$ARGS.named' ;; + + *) + usage ;; +esac From 29bfe1c2c3712674af753f340e2f76a9552ffc54 Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Thu, 29 Feb 2024 06:54:56 -0800 Subject: [PATCH 08/14] Verify PoP(Nonce) --- Cargo.lock | 8 ++- enclaves/quartz/Cargo.toml | 2 + enclaves/quartz/src/server.rs | 82 +++++++++++++++++++++++++- utils/quartz-proto/proto/quartz.proto | 4 +- utils/quartz-proto/src/prost/quartz.rs | 5 +- 5 files changed, 94 insertions(+), 7 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 8bd5f7c..45b39a6 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -835,7 +835,7 @@ dependencies = [ [[package]] name = "cw-tee-mtcs" version = "0.1.0" -source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#48508d739427bd3f2a983c8e8d4c6eb2e677aff2" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#e2ce14cb275e9668739b63659535ea721f95b0ff" dependencies = [ "cosmwasm-schema", "cosmwasm-std", @@ -2455,7 +2455,7 @@ dependencies = [ [[package]] name = "quartz-cw" version = "0.1.0" -source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#48508d739427bd3f2a983c8e8d4c6eb2e677aff2" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#e2ce14cb275e9668739b63659535ea721f95b0ff" dependencies = [ "cosmwasm-schema", "cosmwasm-std", @@ -2475,6 +2475,7 @@ dependencies = [ "clap", "color-eyre", "cosmwasm-std", + "cw-proof", "cw-tee-mtcs", "ecies", "k256 0.13.3", @@ -2489,6 +2490,7 @@ dependencies = [ "serde_json", "tendermint 0.34.0", "tendermint-light-client", + "tm-stateless-verifier", "tokio", "tonic 0.11.0", "tonic-build", @@ -2530,7 +2532,7 @@ dependencies = [ [[package]] name = "quartz-tee-ra" version = "0.1.0" -source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#48508d739427bd3f2a983c8e8d4c6eb2e677aff2" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#e2ce14cb275e9668739b63659535ea721f95b0ff" dependencies = [ "cosmwasm-schema", "cosmwasm-std", diff --git a/enclaves/quartz/Cargo.toml b/enclaves/quartz/Cargo.toml index 4d88333..95df3d8 100644 --- a/enclaves/quartz/Cargo.toml +++ b/enclaves/quartz/Cargo.toml @@ -18,12 +18,14 @@ tendermint-light-client = "0.34.0" tonic = "0.11" tokio = { version = "1.0", features = ["macros", "rt-multi-thread"] } +cw-proof = { path = "../../utils/cw-proof" } cw-tee-mtcs = { git = "ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git", branch = "hu55a1n1/11-use-quartz" } mtcs = { git = "ssh://git@github.com/informalsystems/mtcs.git" } quartz-cw = { git = "ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git", branch = "hu55a1n1/11-use-quartz" } quartz-proto = { path = "../../utils/quartz-proto" } quartz-relayer = { path = "../../utils/quartz-relayer" } quartz-tee-ra = { git = "ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git", branch = "hu55a1n1/11-use-quartz" } +tm-stateless-verifier = { path = "../../utils/tm-stateless-verifier" } [build-dependencies] tonic-build = "0.11" diff --git a/enclaves/quartz/src/server.rs b/enclaves/quartz/src/server.rs index 967393b..ba4c5de 100644 --- a/enclaves/quartz/src/server.rs +++ b/enclaves/quartz/src/server.rs @@ -1,5 +1,15 @@ -use std::sync::{Arc, Mutex}; +use std::{ + sync::{Arc, Mutex}, + time::Duration, +}; +use cw_proof::{ + error::ProofError, + proof::{ + cw::{CwProof, RawCwProof}, + Proof, + }, +}; use k256::ecdsa::SigningKey; use quartz_cw::{ msg::{ @@ -17,6 +27,12 @@ use quartz_proto::quartz::{ }; use quartz_relayer::types::{InstantiateResponse, SessionCreateResponse, SessionSetPubKeyResponse}; use rand::Rng; +use serde::{Deserialize, Serialize}; +use tendermint_light_client::{ + light_client::Options, + types::{LightBlock, TrustThreshold}, +}; +use tm_stateless_verifier::make_provider; use tonic::{Request, Response, Result as TonicResult, Status}; use crate::attestor::Attestor; @@ -83,11 +99,67 @@ where async fn session_set_pub_key( &self, - _request: Request, + request: Request, ) -> TonicResult> { // FIXME(hu55a1n1) - disallow calling more than once + let proof: ProofOfPublication = serde_json::from_str(&request.into_inner().message) + .map_err(|e| Status::invalid_argument(e.to_string()))?; + + let config_trust_threshold = self.config.light_client_opts().trust_threshold(); + let trust_threshold = + TrustThreshold::new(config_trust_threshold.0, config_trust_threshold.1).unwrap(); + + let config_trusting_period = self.config.light_client_opts().trusting_period(); + let trusting_period = Duration::from_secs(config_trusting_period); + + let config_clock_drift = self.config.light_client_opts().max_clock_drift(); + let clock_drift = Duration::from_secs(config_clock_drift); + let options = Options { + trust_threshold, + trusting_period, + clock_drift, + }; + + let target_height = proof.light_client_proof.last().unwrap().height(); + + let primary_block = make_provider( + self.config.light_client_opts().chain_id(), + self.config + .light_client_opts() + .trusted_height() + .try_into() + .unwrap(), + self.config + .light_client_opts() + .trusted_hash() + .to_vec() + .try_into() + .unwrap(), + proof.light_client_proof, + options, + ) + .and_then(|mut primary| primary.verify_to_height(target_height)) + .map_err(|e| Status::internal(e.to_string()))?; + + let proof = CwProof::from(proof.merkle_proof); + proof + .verify( + primary_block + .signed_header + .header + .app_hash + .as_bytes() + .to_vec(), + ) + .map_err(|e: ProofError| Status::internal(e.to_string()))?; + + let nonce_onchain: Nonce = serde_json::from_slice(&proof.value).unwrap(); let nonce = self.nonce.lock().unwrap(); + if nonce_onchain != *nonce { + return Err(Status::unauthenticated("nonce mismatch")); + } + let sk = SigningKey::random(&mut rand::thread_rng()); *self.sk.lock().unwrap() = Some(sk.clone()); let pk = sk.verifying_key(); @@ -103,3 +175,9 @@ where Ok(Response::new(response.into())) } } + +#[derive(Clone, Debug, Serialize, Deserialize)] +pub struct ProofOfPublication { + light_client_proof: Vec, + merkle_proof: RawCwProof, +} diff --git a/utils/quartz-proto/proto/quartz.proto b/utils/quartz-proto/proto/quartz.proto index 7312b86..53c7d81 100644 --- a/utils/quartz-proto/proto/quartz.proto +++ b/utils/quartz-proto/proto/quartz.proto @@ -20,7 +20,9 @@ message SessionCreateResponse { string message = 1; } -message SessionSetPubKeyRequest {} +message SessionSetPubKeyRequest { + string message = 1; +} message SessionSetPubKeyResponse { string message = 1; diff --git a/utils/quartz-proto/src/prost/quartz.rs b/utils/quartz-proto/src/prost/quartz.rs index a55c500..2814449 100644 --- a/utils/quartz-proto/src/prost/quartz.rs +++ b/utils/quartz-proto/src/prost/quartz.rs @@ -18,7 +18,10 @@ pub struct SessionCreateResponse { } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] -pub struct SessionSetPubKeyRequest {} +pub struct SessionSetPubKeyRequest { + #[prost(string, tag = "1")] + pub message: ::prost::alloc::string::String, +} #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct SessionSetPubKeyResponse { From f640e4f5027991ef0f66bfb8ae96d4e34944e219 Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Thu, 29 Feb 2024 07:11:16 -0800 Subject: [PATCH 09/14] Fix PoP(Nonce) verification --- Cargo.lock | 6 +++--- enclaves/quartz/src/server.rs | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 45b39a6..fddca4c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -835,7 +835,7 @@ dependencies = [ [[package]] name = "cw-tee-mtcs" version = "0.1.0" -source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#e2ce14cb275e9668739b63659535ea721f95b0ff" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#cbf2f52a82247606d700a65d8ddca75b4a769b71" dependencies = [ "cosmwasm-schema", "cosmwasm-std", @@ -2455,7 +2455,7 @@ dependencies = [ [[package]] name = "quartz-cw" version = "0.1.0" -source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#e2ce14cb275e9668739b63659535ea721f95b0ff" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#cbf2f52a82247606d700a65d8ddca75b4a769b71" dependencies = [ "cosmwasm-schema", "cosmwasm-std", @@ -2532,7 +2532,7 @@ dependencies = [ [[package]] name = "quartz-tee-ra" version = "0.1.0" -source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#e2ce14cb275e9668739b63659535ea721f95b0ff" +source = "git+ssh://git@github.com/informalsystems/bisenzone-cw-mvp.git?branch=hu55a1n1/11-use-quartz#cbf2f52a82247606d700a65d8ddca75b4a769b71" dependencies = [ "cosmwasm-schema", "cosmwasm-std", diff --git a/enclaves/quartz/src/server.rs b/enclaves/quartz/src/server.rs index ba4c5de..45e2bf5 100644 --- a/enclaves/quartz/src/server.rs +++ b/enclaves/quartz/src/server.rs @@ -16,7 +16,7 @@ use quartz_cw::{ execute::{session_create::SessionCreate, session_set_pub_key::SessionSetPubKey}, instantiate::CoreInstantiate, }, - state::{Config, Nonce}, + state::{Config, Nonce, Session}, }; use quartz_proto::quartz::{ core_server::Core, InstantiateRequest as RawInstantiateRequest, @@ -153,10 +153,10 @@ where ) .map_err(|e: ProofError| Status::internal(e.to_string()))?; - let nonce_onchain: Nonce = serde_json::from_slice(&proof.value).unwrap(); + let session: Session = serde_json::from_slice(&proof.value).unwrap(); let nonce = self.nonce.lock().unwrap(); - if nonce_onchain != *nonce { + if session.nonce() != *nonce { return Err(Status::unauthenticated("nonce mismatch")); } From 917b139d3d84521edc959d172d9474c514951553 Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Thu, 29 Feb 2024 07:19:26 -0800 Subject: [PATCH 10/14] Update hardcoded trusted hashes --- enclaves/quartz/quartz.manifest.template | 2 +- utils/tm-prover/README.md | 6 +++--- utils/tm-prover/light-client-proof.json | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/enclaves/quartz/quartz.manifest.template b/enclaves/quartz/quartz.manifest.template index 11017a7..f93ea6f 100644 --- a/enclaves/quartz/quartz.manifest.template +++ b/enclaves/quartz/quartz.manifest.template @@ -22,7 +22,7 @@ loader.env.MYAPP_DATA = { passthrough = true } loader.argv = ["quartz-enclave", "--chain-id", "testing", "--trusted-height", "1", - "--trusted-hash", "A1D115BA3A5E9FCC12ED68A9D8669159E9085F6F96EC26619F5C7CEB4EE02869"] + "--trusted-hash", "2EF0E6F9BDDF5DEAA6FCD6492C3DB26D7C62BFFC01B538A958D04376E0B67185"] fs.mounts = [ { uri = "file:{{ gramine.runtimedir() }}", path = "/lib" }, diff --git a/utils/tm-prover/README.md b/utils/tm-prover/README.md index 22dd308..5cda941 100644 --- a/utils/tm-prover/README.md +++ b/utils/tm-prover/README.md @@ -6,12 +6,12 @@ block height and trusted height/hash. ## Usage ```bash -cargo run -- --chain-id osmosis-1 \ +cargo run -- --chain-id testing \ --primary "http://127.0.0.1:26657" \ --witnesses "http://127.0.0.1:26657" \ --trusted-height 1 \ - --trusted-hash "798E237C6FDF39EDA8BA7AB8E8F5DC71F24BC7138BE31882338022F8F88086EE" \ + --trusted-hash "2EF0E6F9BDDF5DEAA6FCD6492C3DB26D7C62BFFC01B538A958D04376E0B67185" \ --contract-address "wasm14hj2tavq8fpesdwxxcu44rty3hh90vhujrvcmstl4zr3txmfvw9s0phg4d" \ - --storage-key "requests" \ + --storage-key "quartz_session" \ --trace-file light-client-proof.json ``` diff --git a/utils/tm-prover/light-client-proof.json b/utils/tm-prover/light-client-proof.json index d8a6016..5877121 100644 --- a/utils/tm-prover/light-client-proof.json +++ b/utils/tm-prover/light-client-proof.json @@ -1 +1 @@ -{"light_client_proof":[{"signed_header":{"header":{"version":{"block":"11","app":"0"},"chain_id":"testing","height":"1","time":"2024-01-04T20:12:00.969729425Z","last_block_id":null,"last_commit_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","data_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","validators_hash":"91C6094D3AB40E7BB949661E91042361A7F3A9E5CBD5FBDB8E1227F3F30BF008","next_validators_hash":"91C6094D3AB40E7BB949661E91042361A7F3A9E5CBD5FBDB8E1227F3F30BF008","consensus_hash":"048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F","app_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","last_results_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","evidence_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","proposer_address":"3689D4962EC4D3E56CE2992A884346FBDBC2D493"},"commit":{"height":"1","round":0,"block_id":{"hash":"A1D115BA3A5E9FCC12ED68A9D8669159E9085F6F96EC26619F5C7CEB4EE02869","parts":{"total":1,"hash":"965E3E084AD7D4F4C4CAE199855DB0768F2E958CE72188FF247CDEAC672645C6"}},"signatures":[{"block_id_flag":2,"validator_address":"3689D4962EC4D3E56CE2992A884346FBDBC2D493","timestamp":"2024-01-04T20:12:12.693091788Z","signature":"aXH+6lpdTTl+Tm0Mq5A2xRPWTh1VuAEbw348XZ7AYB1VG/y8Bg/Qz2b6gHtxxxQlPM1uviM4v6iCI/Mj3/AFAw=="}]}},"validator_set":{"validators":[{"address":"3689D4962EC4D3E56CE2992A884346FBDBC2D493","pub_key":{"type":"tendermint/PubKeyEd25519","value":"vdT+svLOXaxavjjc7gvTdjXVETPqjCeEbdcPm/Rs5H4="},"power":"250","name":null}],"proposer":{"address":"3689D4962EC4D3E56CE2992A884346FBDBC2D493","pub_key":{"type":"tendermint/PubKeyEd25519","value":"vdT+svLOXaxavjjc7gvTdjXVETPqjCeEbdcPm/Rs5H4="},"power":"250","name":null},"total_voting_power":"250"},"next_validator_set":{"validators":[{"address":"3689D4962EC4D3E56CE2992A884346FBDBC2D493","pub_key":{"type":"tendermint/PubKeyEd25519","value":"vdT+svLOXaxavjjc7gvTdjXVETPqjCeEbdcPm/Rs5H4="},"power":"250","name":null}],"proposer":null,"total_voting_power":"250"},"provider":"4c343aa457bfceec35f799e1fa739379625ef492"},{"signed_header":{"header":{"version":{"block":"11","app":"0"},"chain_id":"testing","height":"109","time":"2024-01-04T20:21:22.748619784Z","last_block_id":{"hash":"BB5021A884B2106B3B66D6B31BB84EA64F2557E860364F947C9B73A5CE46A32D","parts":{"total":1,"hash":"B5247CAE51095963CE30FB2C6F6E3B7EAE1C58CA234601F6F9524F129C23091A"}},"last_commit_hash":"554E5B8B5F4A784B1A2899B5DE4B3A136E1ECE8786ADF186ACB1F188EF5C1948","data_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","validators_hash":"91C6094D3AB40E7BB949661E91042361A7F3A9E5CBD5FBDB8E1227F3F30BF008","next_validators_hash":"91C6094D3AB40E7BB949661E91042361A7F3A9E5CBD5FBDB8E1227F3F30BF008","consensus_hash":"048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F","app_hash":"03037165A0E0F4202CEAD6F1161AF950E305D7F8EC2078E6956783E5517DABF3","last_results_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","evidence_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","proposer_address":"3689D4962EC4D3E56CE2992A884346FBDBC2D493"},"commit":{"height":"109","round":0,"block_id":{"hash":"D6788F98573A01210D4DFD12142AD116F7281CA9B4D9DA8C18FBB554D5597222","parts":{"total":1,"hash":"0A050302F7331FD6718DD51EA4BBD4CC5D939F0DF480FDE59723A261B7B846F0"}},"signatures":[{"block_id_flag":2,"validator_address":"3689D4962EC4D3E56CE2992A884346FBDBC2D493","timestamp":"2024-01-04T20:21:27.860581004Z","signature":"NCCTj5nSbVCfcsPT/8n8FzJHtnNp9OoXKjzSsEA2CPv1oIzKHoZL1nEsMKGdHXL/+ITF/+oUf6vdr1PPXGt7AA=="}]}},"validator_set":{"validators":[{"address":"3689D4962EC4D3E56CE2992A884346FBDBC2D493","pub_key":{"type":"tendermint/PubKeyEd25519","value":"vdT+svLOXaxavjjc7gvTdjXVETPqjCeEbdcPm/Rs5H4="},"power":"250","name":null}],"proposer":{"address":"3689D4962EC4D3E56CE2992A884346FBDBC2D493","pub_key":{"type":"tendermint/PubKeyEd25519","value":"vdT+svLOXaxavjjc7gvTdjXVETPqjCeEbdcPm/Rs5H4="},"power":"250","name":null},"total_voting_power":"250"},"next_validator_set":{"validators":[{"address":"3689D4962EC4D3E56CE2992A884346FBDBC2D493","pub_key":{"type":"tendermint/PubKeyEd25519","value":"vdT+svLOXaxavjjc7gvTdjXVETPqjCeEbdcPm/Rs5H4="},"power":"250","name":null}],"proposer":null,"total_voting_power":"250"},"provider":"4c343aa457bfceec35f799e1fa739379625ef492"}],"merkle_proof":{"key":"03ade4a5f5803a439835c636395a8d648dee57b2fc90d98dc17fa887159b69638b7265717565737473","value":"5b5b2263623537343335346462376536343436623366373765643939363462363235316230386632343533633066663235306137643533623535653731643164613465222c7b226a6f696e5f636f6d707574655f6e6f6465223a5b22303335464642464133333841433235323933433630463736453546453441444537453930313532343735323130363430393732424130443242434532324541444236222c227761736d31736b356c7870727a763873687339333871753466393968387a346333666d3664796733773666225d7d5d5d","proof":{"ops":[{"field_type":"ics23:iavl","key":"A63kpfWAOkOYNcY2OVqNZI3uV7L8kNmNwX+ohxWbaWOLcmVxdWVzdHM=","data":"CsEDCikDreSl9YA6Q5g1xjY5Wo1kje5XsvyQ2Y3Bf6iHFZtpY4tyZXF1ZXN0cxLRAVtbImNiNTc0MzU0ZGI3ZTY0NDZiM2Y3N2VkOTk2NGI2MjUxYjA4ZjI0NTNjMGZmMjUwYTdkNTNiNTVlNzFkMWRhNGUiLHsiam9pbl9jb21wdXRlX25vZGUiOlsiMDM1RkZCRkEzMzhBQzI1MjkzQzYwRjc2RTVGRTRBREU3RTkwMTUyNDc1MjEwNjQwOTcyQkEwRDJCQ0UyMkVBREI2Iiwid2FzbTFzazVseHByenY4c2hzOTM4cXU0Zjk5aDh6NGMzZm02ZHlnM3c2ZiJdfV1dGgwIARgBIAEqBAACjgEiKggBEiYCBI4BIA15MoRHK0Ipl3YXyraCDg+fEjKrQo6O4qRd8gSxVlx1ICIsCAESBQQIjgEgGiEgpj0Fa6JS5jG4H2xLt/fvSKQBlDNnpcjK4qnHnv21TioiKggBEiYGDI4BIPhgrXwyQm7pvrOQBfogXOKv44s59qEl1Mq3g1sDIrQOICIsCAESBQgajgEgGiEgHoypgri+lR7WJBruJmPZq6YmUCRUvqm7WMZs7RqOrL4="},{"field_type":"ics23:simple","key":"d2FzbQ==","data":"CqgBCgR3YXNtEiBNkXPFxYrnn7ZQmzBcD0q3mbcaewLssQ6ScAYGTsimUxoJCAEYASABKgEAIiUIARIhAWLU8PgnJ/EMp4BYvtTN9MX/rS70dNQ3ZAzrJLssrLjRIiUIARIhAf52he1nX272FJLl0MIdWM4uPvD5Z5JL9dVf/iLrZPJjIiUIARIhAX3qVBJHhrNPbC78vRbH12XRfd9FI6WIJIMxU2obT/CZ"}]}}} \ No newline at end of file +{"light_client_proof":[{"signed_header":{"header":{"version":{"block":"11","app":"0"},"chain_id":"testing","height":"1","time":"2024-02-29T10:31:41.978364008Z","last_block_id":null,"last_commit_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","data_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","next_validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","consensus_hash":"048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F","app_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","last_results_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","evidence_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","proposer_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C"},"commit":{"height":"1","round":0,"block_id":{"hash":"2EF0E6F9BDDF5DEAA6FCD6492C3DB26D7C62BFFC01B538A958D04376E0B67185","parts":{"total":1,"hash":"F4F0C31D6EFD2B8F85FD208A66AC22B1B4DC77732E5F342BA8E56C021E41FBE5"}},"signatures":[{"block_id_flag":2,"validator_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","timestamp":"2024-02-29T10:32:04.83875824Z","signature":"ZCWcsrLqZT4vcGythMYHFWhFJJiQQpcNZtw6MyL/SoiyqfQJipyL01IbCj0vR6MnDJMTEpHesue5B8M7V22MDw=="}]}},"validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null},"total_voting_power":"250"},"next_validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":null,"total_voting_power":"250"},"provider":"fcd91a360d566b908ba6f1f904f689d10d9547b0"},{"signed_header":{"header":{"version":{"block":"11","app":"0"},"chain_id":"testing","height":"3338","time":"2024-02-29T15:17:31.574282692Z","last_block_id":{"hash":"2EC37F79F608EDB3F1610BFC30E1E48DA34109F1CCF0060A32C834DD264BADE8","parts":{"total":1,"hash":"D543B5F3D6E29608987658440751B944C3B7AFCD46D78106469FD88488429E6D"}},"last_commit_hash":"022B44B245AF53E285DC4DF8A523AB4ACE01835720E2A777C96E14BD4EEE3E0F","data_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","next_validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","consensus_hash":"048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F","app_hash":"4F09856F2779D2472D7CBE2C70A054E1E4CCBFDA4919E40DB491F81862B9682E","last_results_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","evidence_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","proposer_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C"},"commit":{"height":"3338","round":0,"block_id":{"hash":"B3A2D0CE379021DD84A04B07D7CF75A337168D37DF04FA2B2A8B75336B527B0B","parts":{"total":1,"hash":"B80A38FB2F5858D5B4D7D7B73F73AA393C8DA9C08517E860214B7770F7094BDE"}},"signatures":[{"block_id_flag":2,"validator_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","timestamp":"2024-02-29T15:17:36.731607762Z","signature":"vz2GJekp0eqBkRNb7I70FJ8o2yJetNKy4bKGc+jOTeglN0LgBmimpwLkcJIvSf+jQIyyj4qV4VcPklLa1pAlDg=="}]}},"validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null},"total_voting_power":"250"},"next_validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":null,"total_voting_power":"250"},"provider":"fcd91a360d566b908ba6f1f904f689d10d9547b0"}],"merkle_proof":{"key":"03ade4a5f5803a439835c636395a8d648dee57b2fc90d98dc17fa887159b69638b71756172747a5f73657373696f6e","value":"7b226e6f6e6365223a2265653039386231353037646439333237356335626363653932633839323664356262656566633935383330306365323733323064323765363331343737643432222c227075625f6b6579223a22303265346438626338306430333261643631306534363433633364613432333530373662346432343333356363346337373539323536326264636436326365316430227d","proof":{"ops":[{"field_type":"ics23:iavl","key":"A63kpfWAOkOYNcY2OVqNZI3uV7L8kNmNwX+ohxWbaWOLcXVhcnR6X3Nlc3Npb24=","data":"Cr0DCi8DreSl9YA6Q5g1xjY5Wo1kje5XsvyQ2Y3Bf6iHFZtpY4txdWFydHpfc2Vzc2lvbhKbAXsibm9uY2UiOiJlZTA5OGIxNTA3ZGQ5MzI3NWM1YmNjZTkyYzg5MjZkNWJiZWVmYzk1ODMwMGNlMjczMjBkMjdlNjMxNDc3ZDQyIiwicHViX2tleSI6IjAyZTRkOGJjODBkMDMyYWQ2MTBlNDY0M2MzZGE0MjM1MDc2YjRkMjQzMzVjYzRjNzc1OTI1NjJiZGNkNjJjZTFkMCJ9GgwIARgBIAEqBAACtgIiLAgBEgUCBLYCIBohIFRc3mAwkkPTBSnSVATpRvNE0nXheg3ligMfhGk7CG6KIioIARImBAi2AiAtMsTISHk6dekX2JgHA6pZudY2JEsUWgzZn6aReaZr8iAiKggBEiYGDLYxIGr9/U89cka/lN4p3HHtRiofp4OeQJu7ueB0pXvQ1zqDICIsCAESBQog1jEgGiEgBvAH/P8J/80iMXOfCHA2Nle/cHs/eUL9BH+Eq1MWEyEiKggBEiYMNNYxILZe3lriC/vPPlhr9lv/v7nyQi44gI+GbHDz+X6S4zwzIA=="},{"field_type":"ics23:simple","key":"d2FzbQ==","data":"CqgBCgR3YXNtEiDZe2Bj5ro6kTScMnYd4acib0wb83L68jtrir1q1MCeZhoJCAEYASABKgEAIiUIARIhAWLU8PgnJ/EMp4BYvtTN9MX/rS70dNQ3ZAzrJLssrLjRIiUIARIhAb/OnrvikOxyE3LNwujVZMqXoxwfJxuhUa5tPtjtMK43IiUIARIhATPfIFAzcR1zTH7He3/nF3G+8VHnLN2nTPy89knaR9UJ"}]}}} \ No newline at end of file From c5056ac4775a1747851d1dfcab10c5875617d851 Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Thu, 29 Feb 2024 07:40:58 -0800 Subject: [PATCH 11/14] Update relay.sh to be able to specify REQUEST_MSG --- utils/quartz-relayer/scripts/relay.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/utils/quartz-relayer/scripts/relay.sh b/utils/quartz-relayer/scripts/relay.sh index 296db4a..e91e610 100755 --- a/utils/quartz-relayer/scripts/relay.sh +++ b/utils/quartz-relayer/scripts/relay.sh @@ -3,7 +3,7 @@ set -eo pipefail usage() { - echo "Usage: $0 " + echo "Usage: $0 " echo " : Instantiate | SessionCreate | SessionSetPubKey" exit 1 } @@ -15,12 +15,13 @@ REPORT_FILE="/tmp/datareport" REPORT_SIG_FILE="/tmp/datareportsig" REQUEST="$1" +REQUEST_MSG=${2:-"{}"} # clear tmp files from previous runs rm -f "$QUOTE_FILE" "$REPORT_FILE" "$REPORT_SIG_FILE" # query the gRPC quartz enclave service -ATTESTED_MSG=$(grpcurl -plaintext -import-path ../../utils/quartz-proto/proto/ -proto quartz.proto -d '{}' '127.0.0.1:11090' quartz.Core/"$REQUEST" | jq -c '.message | fromjson') +ATTESTED_MSG=$(grpcurl -plaintext -import-path ../../utils/quartz-proto/proto/ -proto quartz.proto -d "$REQUEST_MSG" '127.0.0.1:11090' quartz.Core/"$REQUEST" | jq -c '.message | fromjson') # parse out the quote and the message QUOTE=$(echo "$ATTESTED_MSG" | jq -c '.quote') From ecb45ce3ce47d964807cbf29f0fd9694adfd2c1c Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Thu, 29 Feb 2024 08:35:52 -0800 Subject: [PATCH 12/14] Fix mtcs-intent obligation bug --- utils/mtcs-intent/src/main.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/mtcs-intent/src/main.rs b/utils/mtcs-intent/src/main.rs index f8b5d25..b9987f9 100644 --- a/utils/mtcs-intent/src/main.rs +++ b/utils/mtcs-intent/src/main.rs @@ -83,7 +83,7 @@ impl TryFrom for Obligation { Ok(Self { debtor: VerifyingKey::from_sec1_bytes(raw_obligation.debtor.as_slice()) .map_err(|e| e.to_string())?, - creditor: VerifyingKey::from_sec1_bytes(raw_obligation.debtor.as_slice()) + creditor: VerifyingKey::from_sec1_bytes(raw_obligation.creditor.as_slice()) .map_err(|e| e.to_string())?, amount: raw_obligation.amount, salt, From e4e43e2987cee4be034a941c8182e75b3af0d9ff Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Thu, 29 Feb 2024 10:31:03 -0800 Subject: [PATCH 13/14] Update README.md with demo instructions --- README.md | 139 ++++++++++++++++++++++++ utils/tm-prover/light-client-proof.json | 2 +- 2 files changed, 140 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 5ac0946..003449f 100644 --- a/README.md +++ b/README.md @@ -8,3 +8,142 @@ Gramine applications and accompanying Dockerfiles for ease-of-usage. * [enclaves/mtcs](enclaves/mtcs) - Runs MTCS on a given set of obligations specified as an input file. * [enclaves/tm](enclaves/tm) - Runs (stateless) Tendermint light client verification on a given block. + +## Usage + +### Start blockchain + +``` +./scripts/keygen.sh +./scripts/init-node.sh +./scripts/run-node.sh +``` + +### Build contract + +``` +./scripts/build-contract.sh +``` + +### Listen to events (for debugging) + +``` +websocat ws://127.0.0.1:26657/websocket +# { "jsonrpc": "2.0", "method": "subscribe", "params": ["tm.event='Tx'"], "id": 1 } +``` + +### Init enclave + +``` +gramine-sgx-gen-private-key + +CARGO_TARGET_DIR=./target cargo build --release + +# set trusted height and hash +gramine-manifest \ +-Dlog_level="error" \ +-Dhome=${HOME} \ +-Darch_libdir="/lib/$(gcc -dumpmachine)" \ +-Dra_type="epid" \ +-Dra_client_spid="51CAF5A48B450D624AEFE3286D314894" \ +-Dra_client_linkable=1 \ +-Dquartz_dir="$(pwd)" \ +quartz.manifest.template quartz.manifest + +gramine-sgx-sign --manifest quartz.manifest --output quartz.manifest.sgx +gramine-sgx ./quartz +``` + +### Send initiate request + +``` +./scripts/relay.sh Instantiate +``` + +### Deploy contract + +``` +export INSTANTIATE_MSG='{"msg":{"config":{"mr_enclave":"bf161255b339a8ca6d5b169afe7f30b822714a7d6c6eba6d61c1cc9def76f85f","epoch_duration":{"secs":43200,"nanos":0},"light_client_opts":{"chain_id":"testing","trusted_height":1,"trusted_hash":"2ef0e6f9bddf5deaa6fcd6492c3db26d7c62bffc01b538a958d04376e0b67185","trust_threshold":[2,3],"trusting_period":1209600,"max_clock_drift":5,"max_block_lag":5}}},"attestation":{"report":{"report":{"id":"142707374378750501130725576120664455076","timestamp":"2024-02-29T15:46:05.263386","version":4,"epidPseudonym":"+CUyIi74LPqS6M0NF7YrSxLqPdX3MKs6D6LIPqRG/ZEB4WmxZVvxAJwdwg/0m9cYnUUQguLnJotthX645lAogfJgO8Xg5/91lSegwyUKvHmKgtjOHX/YTbVe/wmgWiBdaL+KmarY0Je459Px/FqGLWLsAF7egPAJRd1Xn88Znrs=","advisoryURL":"https://security-center.intel.com","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00334","INTEL-SA-00615"],"isvEnclaveQuoteStatus":"CONFIGURATION_AND_SW_HARDENING_NEEDED","platformInfoBlob":"150200650000080000141402040180070000000000000000000D00000C000000020000000000000CB07CE30BB4A946AA0669B60D6D7CF7813846108AB5DD858A80765E46C8BB605BF2FF51CCDBA245C71FE13A3FBA311DA42848622A74666C0AFBE0097EFA44B821A6","isvEnclaveQuoteBody":"AgABALAMAAAPAA8AAAAAAFHK9aSLRQ1iSu/jKG0xSJQAAAAAAAAAAAAAAAAAAAAAFBQCBwGAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQAAAAAAAAAHAAAAAAAAAL8WElWzOajKbVsWmv5/MLgicUp9bG66bWHBzJ3vdvhfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHVXC/KNpA3B+CezmwQ/s4vGzMsdvTa6nx4gDzJVHyvwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACjkLJZtCNPj2FyKOH1Ti91v7L/UJcwp2zdCEasfjkN7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"},"reportsig":"ToLIdljjuO8Y0RLon27hCTaPxEmzAaCaSX6FEv5lVDVuG+XzeU+89pllA8sq6UHYcnyJ2FflokL8mJ/YCD0VYcCfYEOuJDGoshc7u55CDTTYWsTyv2kTjNp/y8KZ345hwrYUFQYka2E/wimWytMxk6ZDBLL8jopSofI0qqj5X4LnabrW0gSc75P0A+WuvSlrJpsfCakVcNKf63UP6bHSFJPhqlFJzXdrDisB1dl6/tJjM+3c/3BsXe2itA2r1zPmPcQFB1TnMGfsmXpSicrFoJUMe4nHBzn/6ZQipNqpg1a1XbSu5r+lBhxgxNhC1GWNiDd1/tFcX/X1G9AGPkdzzA=="}}}' + +./scripts/deploy-contract.sh artifacts/cw_tee_mtcs.wasm + +export CONTRACT="" +``` + +### Create session + +``` +./scripts/relay.sh SessionCreate + +export EXECUTE='{"quartz":{"session_create":{"msg":{"nonce":"ff2f7459bb98c4e7c4e5053cfa121f23c17585a2d1f42ae2abfe20b8303ad17c"},"attestation":{"report":{"report":{"id":"70757578285051774053325998077400915962","timestamp":"2024-02-29T15:47:50.695771","version":4,"epidPseudonym":"+CUyIi74LPqS6M0NF7YrSxLqPdX3MKs6D6LIPqRG/ZEB4WmxZVvxAJwdwg/0m9cYnUUQguLnJotthX645lAogfJgO8Xg5/91lSegwyUKvHmKgtjOHX/YTbVe/wmgWiBdaL+KmarY0Je459Px/FqGLWLsAF7egPAJRd1Xn88Znrs=","advisoryURL":"https://security-center.intel.com","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00334","INTEL-SA-00615"],"isvEnclaveQuoteStatus":"CONFIGURATION_AND_SW_HARDENING_NEEDED","platformInfoBlob":"150200650000080000141402040180070000000000000000000D00000C000000020000000000000CB018F2D0E3C2D4A18B7D561902131BA8E16F613F9B427369B820423B337EEDF4F11BDEFA694F8708B8D5972474F74D21A6FF397BA4E9B1DA17FCBF8BC3952EFC65","isvEnclaveQuoteBody":"AgABALAMAAAPAA8AAAAAAFHK9aSLRQ1iSu/jKG0xSJQAAAAAAAAAAAAAAAAAAAAAFBQCBwGAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQAAAAAAAAAHAAAAAAAAAL8WElWzOajKbVsWmv5/MLgicUp9bG66bWHBzJ3vdvhfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHVXC/KNpA3B+CezmwQ/s4vGzMsdvTa6nx4gDzJVHyvwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/L3RZu5jE58TlBTz6Eh8jwXWFotH0KuKr/iC4MDrRfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"},"reportsig":"BlKi4PkSAciSNkLBLFI4nWG+ifF/+4Qp4t6pg0L44jrra59GVXsPY/ktdMugA99EWGSPrE15znaVKBPMx0/gHzrcPTB7CPiQKxLbFIz3knj+4FO0NtvKTQGsl+/fcuyJKrupoE+iUGNDKHNTSwbLbvp3ZryaLfupdbAncfdn6Qdp8uYvx6i+hZZpAHT3o5HM+47n45kEaG/xZk6sQ7gY71CsEDX3YDI/fvcBHc8HV7JsFhnwfLhlYg4L6KKPkLLDOsMfhwqiFyrMKggeBC+PcOduQL2/+H2w6ojZVoXCbTosABMSs/Xn9MXORZtzEOk0hGmsVyoxuCDVa0o7ML6SMA=="}}}}}' + +wasmd tx wasm execute "$CONTRACT" "$EXECUTE" --from alice --chain-id testing -y +``` + +### Set session pk + +``` +cargo run -- --chain-id testing \ +--primary "http://127.0.0.1:26657" \ +--witnesses "http://127.0.0.1:26657" \ +--trusted-height 1 \ +--trusted-hash "2EF0E6F9BDDF5DEAA6FCD6492C3DB26D7C62BFFC01B538A958D04376E0B67185" \ +--contract-address "wasm1ghd753shjuwexxywmgs4xz7x2q732vcnkm6h2pyv9s6ah3hylvrq8epk7w" \ +--storage-key "quartz_session" \ +--trace-file light-client-proof.json + +export POP='{"light_client_proof":[{"signed_header":{"header":{"version":{"block":"11","app":"0"},"chain_id":"testing","height":"1","time":"2024-02-29T10:31:41.978364008Z","last_block_id":null,"last_commit_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","data_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","next_validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","consensus_hash":"048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F","app_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","last_results_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","evidence_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","proposer_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C"},"commit":{"height":"1","round":0,"block_id":{"hash":"2EF0E6F9BDDF5DEAA6FCD6492C3DB26D7C62BFFC01B538A958D04376E0B67185","parts":{"total":1,"hash":"F4F0C31D6EFD2B8F85FD208A66AC22B1B4DC77732E5F342BA8E56C021E41FBE5"}},"signatures":[{"block_id_flag":2,"validator_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","timestamp":"2024-02-29T10:32:04.83875824Z","signature":"ZCWcsrLqZT4vcGythMYHFWhFJJiQQpcNZtw6MyL/SoiyqfQJipyL01IbCj0vR6MnDJMTEpHesue5B8M7V22MDw=="}]}},"validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null},"total_voting_power":"250"},"next_validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":null,"total_voting_power":"250"},"provider":"fcd91a360d566b908ba6f1f904f689d10d9547b0"},{"signed_header":{"header":{"version":{"block":"11","app":"0"},"chain_id":"testing","height":"3713","time":"2024-02-29T15:49:27.384886052Z","last_block_id":{"hash":"0C87694E172935DE5BE64F9FD5B1DBC1BB31D7FAFC7A809EE4366116F83B4C33","parts":{"total":1,"hash":"93A00009D51AB3EB2DD01DB298779D7D7BDC4B657C1D624A2F32C3648F8C1489"}},"last_commit_hash":"DA4326FA203343C97B143F73460F9B9C19B290D673A0EF00D185497490E96B81","data_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","next_validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","consensus_hash":"048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F","app_hash":"3314F876642C185D25B97FE2694E08610901F83A310172F7138C967A34087ABB","last_results_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","evidence_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","proposer_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C"},"commit":{"height":"3713","round":0,"block_id":{"hash":"050314F47773A197793915067F76519073D6638E09CB9582183CE4840FB330E4","parts":{"total":1,"hash":"2A09C54244DAB756A28E6F48416010624FE4F2266BB132B1341B8A0DA5DD7A39"}},"signatures":[{"block_id_flag":2,"validator_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","timestamp":"2024-02-29T15:49:32.450052946Z","signature":"ATNZkvCLs7Xd76rjOZ+yoKDgKrBQ16sb8YPFAR/aTc16SecnJ6P5+l6xUCIFN+oETBvfAVa4YI2xI3S8YLjPDQ=="}]}},"validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null},"total_voting_power":"250"},"next_validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":null,"total_voting_power":"250"},"provider":"fcd91a360d566b908ba6f1f904f689d10d9547b0"}],"merkle_proof":{"key":"03f04a313a7349b120c55c99788f12f712176bb3e5926d012d0ea72fa2bbb8505171756172747a5f73657373696f6e","value":"7b226e6f6e6365223a2266663266373435396262393863346537633465353035336366613132316632336331373538356132643166343261653261626665323062383330336164313763222c227075625f6b6579223a6e756c6c7d","proof":{"ops":[{"field_type":"ics23:iavl","key":"A/BKMTpzSbEgxVyZeI8S9xIXa7Plkm0BLQ6nL6K7uFBRcXVhcnR6X3Nlc3Npb24=","data":"CqgDCi8D8EoxOnNJsSDFXJl4jxL3Ehdrs+WSbQEtDqcvoru4UFFxdWFydHpfc2Vzc2lvbhJbeyJub25jZSI6ImZmMmY3NDU5YmI5OGM0ZTdjNGU1MDUzY2ZhMTIxZjIzYzE3NTg1YTJkMWY0MmFlMmFiZmUyMGI4MzAzYWQxN2MiLCJwdWJfa2V5IjpudWxsfRoMCAEYASABKgQAAuQ5IiwIARIFAgTkOSAaISCa6ZlnZD6KFCdS3G0LSqKeQmZzUDOqv+/6obcRCtm1MSIqCAESJgQI5Dkg7j389mvurYpapaBwp4VvU/7O0gF1y9tagD7336BqtKQgIioIARImBhDkOSALv1AwWaxTdZCR/gSLM2SFxpAhG5a2jY7CAXANsuLf/iAiKggBEiYIGOQ5IBQjmmQkjj+0hVfpkibyXuf55xQ8MJy1tkwbocasdU0rICIqCAESJgow5Dkg89sa9DXqDi15yEjAyWGoE4eiPCV9DLy3n0XhSO+IvEsgIiwIARIFDErkOSAaISCaZH/S8tYTLwQ1yn8+ad8iHQ1kfVWLIotWNYC+Olp7uQ=="},{"field_type":"ics23:simple","key":"d2FzbQ==","data":"CqgBCgR3YXNtEiDeXMkl0ecXFKw8UjADjriHIePLr/rC1vCIfI9iyE72sBoJCAEYASABKgEAIiUIARIhAWLU8PgnJ/EMp4BYvtTN9MX/rS70dNQ3ZAzrJLssrLjRIiUIARIhAd3cbonoIZaLIds9Htw+kXa5zoLYQ5vlIHWmlOTgrUraIiUIARIhASJ3XuooVI+LIEPrmir7K/XRBaXJRKOZJkfODoLZz1Ve"}]}}}' +export POP_MSG=$(jq -nc --arg message "$POP" '$ARGS.named') + +./scripts/relay.sh SessionSetPubKey "$POP_MSG" + +export EXECUTE='{"quartz":{"session_set_pub_key":{"msg":{"nonce":"ff2f7459bb98c4e7c4e5053cfa121f23c17585a2d1f42ae2abfe20b8303ad17c","pub_key":"03c43cb8a0d9571737992f91506e029dd78e1fb013f7958945b30d42795cc151a6"},"attestation":{"report":{"report":{"id":"198880017151960330796191614468800194929","timestamp":"2024-02-29T15:51:00.523316","version":4,"epidPseudonym":"+CUyIi74LPqS6M0NF7YrSxLqPdX3MKs6D6LIPqRG/ZEB4WmxZVvxAJwdwg/0m9cYnUUQguLnJotthX645lAogfJgO8Xg5/91lSegwyUKvHmKgtjOHX/YTbVe/wmgWiBdaL+KmarY0Je459Px/FqGLWLsAF7egPAJRd1Xn88Znrs=","advisoryURL":"https://security-center.intel.com","advisoryIDs":["INTEL-SA-00161","INTEL-SA-00219","INTEL-SA-00289","INTEL-SA-00334","INTEL-SA-00615"],"isvEnclaveQuoteStatus":"CONFIGURATION_AND_SW_HARDENING_NEEDED","platformInfoBlob":"150200650000080000141402040180070000000000000000000D00000C000000020000000000000CB01A644DC52273E62A859D438810E4B6237D94319FE8C96097253B09FC50DF84FF102617BE649E2C455304196E99209F0FF1219A3A5EB283240DB87586A7B7E32D","isvEnclaveQuoteBody":"AgABALAMAAAPAA8AAAAAAFHK9aSLRQ1iSu/jKG0xSJQAAAAAAAAAAAAAAAAAAAAAFBQCBwGAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQAAAAAAAAAHAAAAAAAAAL8WElWzOajKbVsWmv5/MLgicUp9bG66bWHBzJ3vdvhfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHVXC/KNpA3B+CezmwQ/s4vGzMsdvTa6nx4gDzJVHyvwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/DrzAs8I/ytHHgzwChlZGNbGS8ZXW+t6plngDeV7jJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"},"reportsig":"n2l59baMENECxUJuisajEM/6sF49KIDHzNvfwY9/zHnk4qcmr96Zf9HfLsv/qyxCKuMQqJBlJ7RMTt0tOM9SWnQhGJjqZlVIGhl2PyYvNW5ThuvFlghaQFOkq26byxbwCEnBbWPG1vkcasUzTYdU2MktTO6pi0z9TtwzT3OEThDa43aRyU2hXoD1kCv71ynwndmv/jM/9QM1Ol6FNLIUfd0sarMoUyqIhTqqVO2KI2AP5EyGeCQqENVVl6G1HsZLDX0l8tez+qcJfIn8QmA5hooA8XQ9wou8n+2CIH3vGiHCGpkhZkbx94yALvZogvjimfgvK7vK2BeQ5pa5fknNkw=="}}}}}' + +wasmd tx wasm execute "$CONTRACT" "$EXECUTE" --from alice --chain-id testing -y +``` + +### Check for session sucesss + +``` +wasmd query wasm contract-state raw "$CONTRACT" $(printf '%s' "quartz_session" | hexdump -ve '/1 "%02X"') -o json | jq -r .data | base64 -d +# {"nonce":"d3283ed5d646298c27f5ef1726c42bf4853ed7f3d30c905fd3607ecc56903db4","pub_key":"02e4d8bc80d032ad610e4643c3da4235076b4d24335cc4c77592562bdcd62ce1d0"} +``` + +### Create obligations + +``` +echo -n "031a683f42659d46b0e5bec59ecd0ea8e56cb4ffa67c5fadaef163aecf3b475f85" > epoch.pk + +cargo run key-gen --pk-file alice.pk --sk-file alice.sk +cargo run key-gen --pk-file bob.pk --sk-file bob.sk +cargo run key-gen --pk-file charlie.pk --sk-file charlie.sk + +cargo run encrypt-obligation --obligation $(jq -nc --arg debtor $(cat alice.pk) --arg creditor $(cat bob.pk) --argjson amount 100 '$ARGS.named') +cargo run encrypt-obligation --obligation $(jq -nc --arg debtor $(cat bob.pk) --arg creditor $(cat charlie.pk) --argjson amount 80 '$ARGS.named') +cargo run encrypt-obligation --obligation $(jq -nc --arg debtor $(cat charlie.pk) --arg creditor $(cat alice.pk) --argjson amount 70 '$ARGS.named') +``` + +### Upload obligations + +``` +export OBLIGATION='{"ciphertext":"04bdc1ed858f495e5609d36cb94b695c4c65b2876c6557e2595015e1c42a84e24bd7912736f5224331bf8a5b39390c7ede156d15e54d2fd543af19f5c9dbd59a9fa13fbaecdd862f871bb8aaaa8895360dabf60e6e77e8305c431c6dca7e62bb8f5544b916fb11f0129d87297df120847a648a304892d96fe1116d0fbf04e5db32cb6767e35bc0bdd6933c96754c61d15487068f67b7d0031ec7c9fb158dc6414e2a9d626f2219d3e8cf4dcd465609c8af5fa927a4857c2ad4cbe45c676bc5c121ec25983c8b52150ac8c1d34e6c0c5f3c7df4aea25cdad558cd9d4329b634ef716af250965ab38899fde8e3d795d7d6e3e6aad5b65d925103cbb49cf36663d84a0220a0bff1d1e8be35eaf2b5bb3c93c564defa0684ff838b565ec92b7c2fd0a5cace23ade29e547923699682b2965f8b6f0cdb36ab8a5cc9a4df03df2b13cffc5271a116c7210512c98f9bc37fd67c7a859960b80cc16eacfce4e022cf6bfadf63712d419a7665d258afea73ea5790ceea95b5d7c1e0b865de9afd621899aa71844ce7d03ac0ec1c5271bf704c374e41b6fa132ee9","digest":"e8cac8651a74b78f8540b9dab34c80d2affc74e8fd4835dc4c81e5d825a4376a"}' +export EXECUTE=$(jq -nc --argjson submit_obligation "$OBLIGATION" '$ARGS.named') +wasmd tx wasm execute "$CONTRACT" "$EXECUTE" --from alice --chain-id testing -y + +wasmd query wasm contract-state raw "$CONTRACT" $(printf '%s' "1/obligations" | hexdump -ve '/1 "%02X"') -o json | jq -r .data | base64 -d + +export OBLIGATIONS='{"4019ac8e19c5a897bf385803acdce5ddfa53847259fc91c442e5b3596d327994":"04f64d59807d33199945f4444bdbab02596030388eecc53cc6e52687f690c635a22b741479fbd5ef383eaa698363c8d59865d29000f3817a6816f7fe5d275101e4aa5f4ad7f7178738b21c7a9d9561bdf8c2bb2639ba9d1e0725bd94213fdd4bea7bf51f077fa7702c197a97433a2ec54db9fd896c512953297b7cc61b31f13bfb0d1161c36e3249971ebb5d3ab50263617351191dca7df2a5d62fa7f10c72d04107a3a25741120cb3c3d217b5c2a375b6eea0f7905fac9d5377f32c34ac75e1a9f176aec46e5a59928de844fac2c10e6f4f91f28db664c7d758f2e1e9ed0a3f842c1289fb0a4677485f096fa6562ce612f2ed1842083b4f6c664473acef23d61bc1628072dc309c9238fcbf3b9aadef399c0e26f3bf03e60b0563ad9367eebce78abf5ca2523743569129999b827cc9ecd50843107646e76b497be26422467b35c6ae8e7ca09650ef9992b52b0d57f2b97ea572cae68e4e3dbb1743eff815a9c9bd13bf1fbf5d62f06ff66dd450d40aca35ae4ae953c277f4b010015ed429a402229d666e78ac85fc21ecc4265c857cf02a8cde3754","95fb2e138574e2764ae83aa66353ec60fd4429a2224044d5913b5ed35ca4ccc7":"0442e2dfabb4dcbe1ee569679235cbba27be57ce28a68e175180ed99e9bd64d549404a365f251402860e4e366c143d85a585efdf3e90e30d0d5c2c763c847bb30a055cd408d7cd8ca678baefc762f1a4d873efe4075f06cbe287bae432de8777d14cbcf4e4889538e5e59a67123aa0e862446e07be72fb516986bac71b9ea43ea52350bef617ff7d6b8bb47a58681a7ec03a11c833da473b7957f9c0ea8dfcc911decf0128c275cf7e9ca3eb9c861511e989342346678aa19f993716d02a79fd8cf24104737f480691c6ece1e789d0db3a55a1d600392b2054ac889ea5cce022f0bff3697a13ed62c90bd8be27994e4bf108651554cf32c4cfb4874938245de145ba367676da28d08ed8e9e89a2e5ca674ac0f24252b18bd3c4030379df506c24e8555a6a44de8ad550905975d2ac2a33935a7519c29e538d457d958d5171e66991b03d9523df2da85ee0239d537829c149f855e091b4e60e2e9df29852690463a03f48de40f5cfec6b20f4973e792e901d49ef23a84102ee17dfa6ad10ca01c16f12d7cfede5304dc3937bc891ce71e6cb7ab0af4a74a","e8cac8651a74b78f8540b9dab34c80d2affc74e8fd4835dc4c81e5d825a4376a":"04bdc1ed858f495e5609d36cb94b695c4c65b2876c6557e2595015e1c42a84e24bd7912736f5224331bf8a5b39390c7ede156d15e54d2fd543af19f5c9dbd59a9fa13fbaecdd862f871bb8aaaa8895360dabf60e6e77e8305c431c6dca7e62bb8f5544b916fb11f0129d87297df120847a648a304892d96fe1116d0fbf04e5db32cb6767e35bc0bdd6933c96754c61d15487068f67b7d0031ec7c9fb158dc6414e2a9d626f2219d3e8cf4dcd465609c8af5fa927a4857c2ad4cbe45c676bc5c121ec25983c8b52150ac8c1d34e6c0c5f3c7df4aea25cdad558cd9d4329b634ef716af250965ab38899fde8e3d795d7d6e3e6aad5b65d925103cbb49cf36663d84a0220a0bff1d1e8be35eaf2b5bb3c93c564defa0684ff838b565ec92b7c2fd0a5cace23ade29e547923699682b2965f8b6f0cdb36ab8a5cc9a4df03df2b13cffc5271a116c7210512c98f9bc37fd67c7a859960b80cc16eacfce4e022cf6bfadf63712d419a7665d258afea73ea5790ceea95b5d7c1e0b865de9afd621899aa71844ce7d03ac0ec1c5271bf704c374e41b6fa132ee9"}' +export REQUEST_MSG=$(jq -nc --arg message "$OBLIGATIONS" '$ARGS.named') + +grpcurl -plaintext -import-path ../../enclaves/quartz/proto/ -proto mtcs.proto -d "$REQUEST_MSG" '127.0.0.1:11090' mtcs.Clearing/Run | jq -c '.message | fromjson' +``` + +### Submit setoffs + +``` +export SETOFFS='{"setoffs_enc":{"1afd7dace621f25d0664f60bdb1b20d190557f597098d7bfbf6b51cf6a27170f":"049cb44f86905b802b20878160a4e94411e271973558960876feff80671726b4f50354c1cf54d973e97bcd05e6a031219a83b418a004c779d1af230be750cc3e619c821807e67388e2161b72ee1420281179a7f68baa2bfb7ed52c0f05412ed974a1a358af1241900b9213aeeefd1bceef8b92f0da5524c0bb88049476d8de3da268a182e762c7483e274092ecb1855f14432245c4517115337377a7343be23527e402cf1dec8ae35cb01b23ad45958cee92f111d6f17019b1eaa22f2ee50fcee409912d900e98d8e493698ac2541df202e640b2faec592db0d6d0efb3d53260f98e75876924610c3626275c998028ebefe776686d23930e85980f504f36d8558f55ee584450096339d25c7211f055ec825ed0487e25b2b3919258e90fc3559881623dc9d02439","2c9d9dfdd6a5ad51c6e85c1ed789513a585eff90341de37d6c5a9ef8b7fc1b0a":"042593179b8dd505f6a874f3a4e80fd6ce5c82a14139bf8a69d1f81e786a3841267a1eeda76e61e20d714049b6fb25e7ffb5b2d8e800c2d79783d9297ccb1000a545e7ece8ca197dfbb14add0a1e3519ac592ae1809612dd681dbe81d3c02f788f2cce4f0977d590988f446350e907e1a4c2c86ba8a0efa2221671c71fa4c877d476ed3a680bf69ed6e346c86592e75a9fb9c7d11a3e65531e78fe6f03fcf86b19e1ef40fd3586943f4eb6f3cb37f22eaf2ef2dbad2002497b1fd4794c875729ae9e0df6c3d6dbf8f0123edfbbefa40bcf736e37103fd772b40c5ef4b005f388872eb38f00d331fbbca6e4c385b66688c17cf9895c1d819de408bbc2eafb981f9fbdb8334e99d730b6db5e5c9fe6c8ce8c0f78c5d7cb3953318d588968367a8de8a7ffd0081c4058","37223948bc4dcbad9881f22c97139c22bcdcc3788a31d6f59a13a6e738016780":"04536291584f434ad6549ecd7cfa2ec074da383fd04071de2e3c5a2188c20c78261f550518ea2a7edfb7516bbc85a58f229c76549d7ea2da654c350849fd0df4b297de49847b2757d541f310d118cc7b86f3d9ff6785ce47945d0cb75a9eb79d4e1d6a1460a8dd61b1c65920a62fa599125dc0c5efe7f59e19ff417ba01982ef774d67c8e3cade760bd6bedc9b9a719ca1d397d3be5f8bc9dda0d366c4c9fed89db42a3262a4aa33053ee5b49078dea6513c2465fa0d4875988735efe01193749ddf2549ac73c1901178fee995e5a5227a32476153d4accc2bcd2ce064d84dd7b9fdff2c6c3461731d34ab278a0e3a9c604b77eafede161b64061f9f984b627afd48138a1ec26c2d7d8e6e753218b608215b43f540490297b033777135a9e88c278be7009666712a14"}}' +export EXECUTE=$(jq -nc --argjson submit_setoffs "$SETOFFS" '$ARGS.named') +wasmd tx wasm execute "$CONTRACT" "$EXECUTE" --from alice --chain-id testing -y + +wasmd query wasm contract-state raw "$CONTRACT" $(printf '%s' "1/setoffs" | hexdump -ve '/1 "%02X"') -o json | jq -r .data | base64 -d +``` diff --git a/utils/tm-prover/light-client-proof.json b/utils/tm-prover/light-client-proof.json index 5877121..2d60632 100644 --- a/utils/tm-prover/light-client-proof.json +++ b/utils/tm-prover/light-client-proof.json @@ -1 +1 @@ -{"light_client_proof":[{"signed_header":{"header":{"version":{"block":"11","app":"0"},"chain_id":"testing","height":"1","time":"2024-02-29T10:31:41.978364008Z","last_block_id":null,"last_commit_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","data_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","next_validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","consensus_hash":"048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F","app_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","last_results_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","evidence_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","proposer_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C"},"commit":{"height":"1","round":0,"block_id":{"hash":"2EF0E6F9BDDF5DEAA6FCD6492C3DB26D7C62BFFC01B538A958D04376E0B67185","parts":{"total":1,"hash":"F4F0C31D6EFD2B8F85FD208A66AC22B1B4DC77732E5F342BA8E56C021E41FBE5"}},"signatures":[{"block_id_flag":2,"validator_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","timestamp":"2024-02-29T10:32:04.83875824Z","signature":"ZCWcsrLqZT4vcGythMYHFWhFJJiQQpcNZtw6MyL/SoiyqfQJipyL01IbCj0vR6MnDJMTEpHesue5B8M7V22MDw=="}]}},"validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null},"total_voting_power":"250"},"next_validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":null,"total_voting_power":"250"},"provider":"fcd91a360d566b908ba6f1f904f689d10d9547b0"},{"signed_header":{"header":{"version":{"block":"11","app":"0"},"chain_id":"testing","height":"3338","time":"2024-02-29T15:17:31.574282692Z","last_block_id":{"hash":"2EC37F79F608EDB3F1610BFC30E1E48DA34109F1CCF0060A32C834DD264BADE8","parts":{"total":1,"hash":"D543B5F3D6E29608987658440751B944C3B7AFCD46D78106469FD88488429E6D"}},"last_commit_hash":"022B44B245AF53E285DC4DF8A523AB4ACE01835720E2A777C96E14BD4EEE3E0F","data_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","next_validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","consensus_hash":"048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F","app_hash":"4F09856F2779D2472D7CBE2C70A054E1E4CCBFDA4919E40DB491F81862B9682E","last_results_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","evidence_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","proposer_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C"},"commit":{"height":"3338","round":0,"block_id":{"hash":"B3A2D0CE379021DD84A04B07D7CF75A337168D37DF04FA2B2A8B75336B527B0B","parts":{"total":1,"hash":"B80A38FB2F5858D5B4D7D7B73F73AA393C8DA9C08517E860214B7770F7094BDE"}},"signatures":[{"block_id_flag":2,"validator_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","timestamp":"2024-02-29T15:17:36.731607762Z","signature":"vz2GJekp0eqBkRNb7I70FJ8o2yJetNKy4bKGc+jOTeglN0LgBmimpwLkcJIvSf+jQIyyj4qV4VcPklLa1pAlDg=="}]}},"validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null},"total_voting_power":"250"},"next_validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":null,"total_voting_power":"250"},"provider":"fcd91a360d566b908ba6f1f904f689d10d9547b0"}],"merkle_proof":{"key":"03ade4a5f5803a439835c636395a8d648dee57b2fc90d98dc17fa887159b69638b71756172747a5f73657373696f6e","value":"7b226e6f6e6365223a2265653039386231353037646439333237356335626363653932633839323664356262656566633935383330306365323733323064323765363331343737643432222c227075625f6b6579223a22303265346438626338306430333261643631306534363433633364613432333530373662346432343333356363346337373539323536326264636436326365316430227d","proof":{"ops":[{"field_type":"ics23:iavl","key":"A63kpfWAOkOYNcY2OVqNZI3uV7L8kNmNwX+ohxWbaWOLcXVhcnR6X3Nlc3Npb24=","data":"Cr0DCi8DreSl9YA6Q5g1xjY5Wo1kje5XsvyQ2Y3Bf6iHFZtpY4txdWFydHpfc2Vzc2lvbhKbAXsibm9uY2UiOiJlZTA5OGIxNTA3ZGQ5MzI3NWM1YmNjZTkyYzg5MjZkNWJiZWVmYzk1ODMwMGNlMjczMjBkMjdlNjMxNDc3ZDQyIiwicHViX2tleSI6IjAyZTRkOGJjODBkMDMyYWQ2MTBlNDY0M2MzZGE0MjM1MDc2YjRkMjQzMzVjYzRjNzc1OTI1NjJiZGNkNjJjZTFkMCJ9GgwIARgBIAEqBAACtgIiLAgBEgUCBLYCIBohIFRc3mAwkkPTBSnSVATpRvNE0nXheg3ligMfhGk7CG6KIioIARImBAi2AiAtMsTISHk6dekX2JgHA6pZudY2JEsUWgzZn6aReaZr8iAiKggBEiYGDLYxIGr9/U89cka/lN4p3HHtRiofp4OeQJu7ueB0pXvQ1zqDICIsCAESBQog1jEgGiEgBvAH/P8J/80iMXOfCHA2Nle/cHs/eUL9BH+Eq1MWEyEiKggBEiYMNNYxILZe3lriC/vPPlhr9lv/v7nyQi44gI+GbHDz+X6S4zwzIA=="},{"field_type":"ics23:simple","key":"d2FzbQ==","data":"CqgBCgR3YXNtEiDZe2Bj5ro6kTScMnYd4acib0wb83L68jtrir1q1MCeZhoJCAEYASABKgEAIiUIARIhAWLU8PgnJ/EMp4BYvtTN9MX/rS70dNQ3ZAzrJLssrLjRIiUIARIhAb/OnrvikOxyE3LNwujVZMqXoxwfJxuhUa5tPtjtMK43IiUIARIhATPfIFAzcR1zTH7He3/nF3G+8VHnLN2nTPy89knaR9UJ"}]}}} \ No newline at end of file +{"light_client_proof":[{"signed_header":{"header":{"version":{"block":"11","app":"0"},"chain_id":"testing","height":"1","time":"2024-02-29T10:31:41.978364008Z","last_block_id":null,"last_commit_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","data_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","next_validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","consensus_hash":"048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F","app_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","last_results_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","evidence_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","proposer_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C"},"commit":{"height":"1","round":0,"block_id":{"hash":"2EF0E6F9BDDF5DEAA6FCD6492C3DB26D7C62BFFC01B538A958D04376E0B67185","parts":{"total":1,"hash":"F4F0C31D6EFD2B8F85FD208A66AC22B1B4DC77732E5F342BA8E56C021E41FBE5"}},"signatures":[{"block_id_flag":2,"validator_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","timestamp":"2024-02-29T10:32:04.83875824Z","signature":"ZCWcsrLqZT4vcGythMYHFWhFJJiQQpcNZtw6MyL/SoiyqfQJipyL01IbCj0vR6MnDJMTEpHesue5B8M7V22MDw=="}]}},"validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null},"total_voting_power":"250"},"next_validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":null,"total_voting_power":"250"},"provider":"fcd91a360d566b908ba6f1f904f689d10d9547b0"},{"signed_header":{"header":{"version":{"block":"11","app":"0"},"chain_id":"testing","height":"4906","time":"2024-02-29T17:31:16.4993207Z","last_block_id":{"hash":"D5CBA83AD346BB1E1D1EDBB975C904CA493B27B647416040311A25D86D1887EF","parts":{"total":1,"hash":"336EFBCB32C71A0760C4E3588B9D6953F486CA266FDF750CD436813621CF87DA"}},"last_commit_hash":"12E651BB8B88BB87926BC3AA1FEF54D1D499898F543CF16F3CFBC05B400C1910","data_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","next_validators_hash":"93543064D77D740239A8454F2586E92064CF9EBB3701E037B656A29CC3F82819","consensus_hash":"048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F","app_hash":"FC24242400B2615EA09B579DAF71397881235DF9675971B206A8FA2353341549","last_results_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","evidence_hash":"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855","proposer_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C"},"commit":{"height":"4906","round":0,"block_id":{"hash":"4C9774D531A2EBE592A1E4A2A13AA2BEE178490465E12A40722338BD73E014BD","parts":{"total":1,"hash":"F8E5F1661333A6C5C0B6FE9E58AB6AF3D7FE4E3F407AFE8347D616947259572D"}},"signatures":[{"block_id_flag":2,"validator_address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","timestamp":"2024-02-29T17:31:21.624527037Z","signature":"7GrmP+g++BA0TCfCJSGd7vUvB9u8jApHcVqGzVxECJglL1k2eeukg0lx1bQ9jYOx9JfktLdb78eXF+41Eo2eBg=="}]}},"validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null},"total_voting_power":"250"},"next_validator_set":{"validators":[{"address":"09A2F2EE18D2D1A8E90B5DCB94072F5F4A2C4D5C","pub_key":{"type":"tendermint/PubKeyEd25519","value":"LHmUOWNnOYDfKI5fEQojrwVE9oMbuwgUgmtnIvV0MmI="},"power":"250","name":null}],"proposer":null,"total_voting_power":"250"},"provider":"fcd91a360d566b908ba6f1f904f689d10d9547b0"}],"merkle_proof":{"key":"0345dbea4617971d93188eda21530bc6503d153313b6f575048c2c35dbc6e4fb0671756172747a5f73657373696f6e","value":"7b226e6f6e6365223a2238333665633263656432336336346238316138346436386462306634336631303730343939353638373466316562616537653665333235623232396330613632222c227075625f6b6579223a6e756c6c7d","proof":{"ops":[{"field_type":"ics23:iavl","key":"A0Xb6kYXlx2TGI7aIVMLxlA9FTMTtvV1BIwsNdvG5PsGcXVhcnR6X3Nlc3Npb24=","data":"CtgDCi8DRdvqRheXHZMYjtohUwvGUD0VMxO29XUEjCw128bk+wZxdWFydHpfc2Vzc2lvbhJbeyJub25jZSI6IjgzNmVjMmNlZDIzYzY0YjgxYTg0ZDY4ZGIwZjQzZjEwNzA0OTk1Njg3NGYxZWJhZTdlNmUzMjViMjI5YzBhNjIiLCJwdWJfa2V5IjpudWxsfRoMCAEYASABKgQAArZMIioIARImAgS2TCAYXQHbsS8wEbCEc/L0EtL1WvGUlZv1SMDdq5hetWwlGCAiKggBEiYEBrZMIOqwrTIyaJy6bWmSPduUQmLTHe0CoBG2+u4PHKt2FDUHICIsCAESBQYKtkwgGiEgkEk8SyVJd/i79HCAnPoDYwhRdUEkxdljcvlC/JCfHQYiLAgBEgUIFLZMIBohIKPyviB9p4e+IeJjJvizce4ETMkwA/P8mhEDpnAWirq/IioIARImCii2TCCb35luv/9FAVQVTzQNUStRwjfx3vZ6Qkk9AMElKtWpiCAiLAgBEgUMQLZMIBohIEFCwTEL9LpqYf+YhpQQCT5eImBRDzn+T0Q1o+ktRM1RIiwIARIFDmC2TCAaISBhA95IWEvmWpLKXKgeWFjVHccfi6n0EocBzVeYeRZg4Q=="},{"field_type":"ics23:simple","key":"d2FzbQ==","data":"CqgBCgR3YXNtEiA696LyVGI6ZdTDX4xbq465Kr5/3oRLM6HVBbrPbwq1cxoJCAEYASABKgEAIiUIARIhAWLU8PgnJ/EMp4BYvtTN9MX/rS70dNQ3ZAzrJLssrLjRIiUIARIhARgpEKVXdhJlFtfJxfMswUUDn0KoMHu1vZ5ACNng633SIiUIARIhAVoejJ3Hb5cHxRylM7rCRD83y8fmOMXb39OFwXCCKH15"}]}}} \ No newline at end of file From 23636de28b981f5db176afff46a774c5e87d7a5e Mon Sep 17 00:00:00 2001 From: hu55a1n1 Date: Thu, 29 Feb 2024 10:32:10 -0800 Subject: [PATCH 14/14] Impl decrypt setoff --- utils/mtcs-intent/src/main.rs | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/utils/mtcs-intent/src/main.rs b/utils/mtcs-intent/src/main.rs index b9987f9..74144ec 100644 --- a/utils/mtcs-intent/src/main.rs +++ b/utils/mtcs-intent/src/main.rs @@ -21,8 +21,11 @@ use std::{ use clap::{Parser, Subcommand}; use cosmwasm_std::HexBinary; -use ecies::encrypt; -use k256::ecdsa::{SigningKey, VerifyingKey}; +use ecies::{decrypt, encrypt}; +use k256::{ + ecdsa::{SigningKey, VerifyingKey}, + elliptic_curve::generic_array::GenericArray, +}; use rand::Rng; use serde::{Deserialize, Serialize}; use sha2::{Digest, Sha256}; @@ -49,6 +52,12 @@ enum Command { #[clap(long, default_value = "epoch.pk")] pk_file: PathBuf, }, + DecryptSetoff { + #[clap(long, value_parser = parse_hex)] + setoff: Vec, + #[clap(long)] + sk_file: PathBuf, + }, } fn parse_obligation_json(s: &str) -> Result { @@ -56,6 +65,10 @@ fn parse_obligation_json(s: &str) -> Result { raw_obligation.try_into() } +fn parse_hex(s: &str) -> Result, String> { + Ok(hex::decode(s).unwrap()) +} + #[derive(Clone, Debug, Serialize, Deserialize)] struct RawObligation { debtor: HexBinary, @@ -154,6 +167,16 @@ fn main() -> Result<(), Box> { serde_json::to_string(&obligation_enc).expect("infallible serializer") ); } + Command::DecryptSetoff { setoff, sk_file } => { + let sk = { + let sk_str = read_to_string(sk_file)?; + let sk = hex::decode(sk_str).expect(""); + SigningKey::from_bytes(GenericArray::from_slice(&sk))? + }; + + let key_share = decrypt(&sk.to_bytes(), &setoff).unwrap(); + serde_json::from_slice(&key_share)?; + } } Ok(())