nologies/cycles-quartz
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat(transfers): add MOCK_SGX support in listen.sh (#109)

Browse source 
feat(transfers): add MOCK_SGX support in listen.sh

- Updated listen.sh to handle MOCK_SGX, improving compatibility.
- Formatted listen and relay scripts for better human readability.

Closes #108.
This commit is contained in:
Dave 2024-07-22 21:55:08 -04:00 committed by GitHub
parent 1d85bc1c07
commit a23ae1e560
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 69 additions and 83 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

110
apps/transfers/scripts/listen.sh
View file

@ -1,8 +1,8 @@
ROOT=${ROOT:-$HOME} #!/bin/bash
ROOT=${ROOT:-$HOME}
DEFAULT_NODE="127.0.0.1:26657" DEFAULT_NODE="127.0.0.1:26657"
NODE_URL=${NODE_URL:-$DEFAULT_NODE} NODE_URL=${NODE_URL:-$DEFAULT_NODE}
# Use the QUARTZ_PORT environment variable if set, otherwise default to 11090 # Use the QUARTZ_PORT environment variable if set, otherwise default to 11090
QUARTZ_PORT="${QUARTZ_PORT:-11090}" QUARTZ_PORT="${QUARTZ_PORT:-11090}"
@ -12,14 +12,11 @@ if [ "$#" -eq 0 ]; then
fi fi
CONTRACT=$1 CONTRACT=$1
CMD="wasmd --node http://$NODE_URL" CMD="wasmd --node http://$NODE_URL"
WSURL="ws://$NODE_URL/websocket" WSURL="ws://$NODE_URL/websocket"
SUBSCRIBE_TRANSFER="{\"jsonrpc\":\"2.0\",\"method\":\"subscribe\",\"params\":[\"execute._contract_address = '$CONTRACT' AND wasm-transfer.action = 'user'\"],\"id\":1}" SUBSCRIBE_TRANSFER="{\"jsonrpc\":\"2.0\",\"method\":\"subscribe\",\"params\":[\"execute._contract_address = '$CONTRACT' AND wasm-transfer.action = 'user'\"],\"id\":1}"
SUBSCRIBE_QUERY="{\"jsonrpc\":\"2.0\",\"method\":\"subscribe\",\"params\":[\"execute._contract_address = '$CONTRACT' AND wasm-query_balance.query = 'user'\"],\"id\":2}" SUBSCRIBE_QUERY="{\"jsonrpc\":\"2.0\",\"method\":\"subscribe\",\"params\":[\"execute._contract_address = '$CONTRACT' AND wasm-query_balance.query = 'user'\"],\"id\":2}"
# Attestation constants # Attestation constants
IAS_API_KEY="669244b3e6364b5888289a11d2a1726d" IAS_API_KEY="669244b3e6364b5888289a11d2a1726d"
RA_CLIENT_SPID="51CAF5A48B450D624AEFE3286D314894" RA_CLIENT_SPID="51CAF5A48B450D624AEFE3286D314894"
@ -29,50 +26,54 @@ REPORT_SIG_FILE="/tmp/${USER}_datareportsig"
# cat keeps the stdin open so websocat doesnt close # cat keeps the stdin open so websocat doesnt close
(echo "$SUBSCRIBE_TRANSFER"; echo "$SUBSCRIBE_QUERY"; cat) | websocat $WSURL | while read msg; do (echo "$SUBSCRIBE_TRANSFER"; echo "$SUBSCRIBE_QUERY"; cat) | websocat $WSURL | while read msg; do
if [[ "$msg" == '{"jsonrpc":"2.0","id":1,"result":{}}' ]] || [[ "$msg" == '{"jsonrpc":"2.0","id":2,"result":{}}' ]]; then if [[ "$msg" == '{"jsonrpc":"2.0","id":1,"result":{}}' ]] || \
[[ "$msg" == '{"jsonrpc":"2.0","id":2,"result":{}}' ]]; then
echo "---------------------------------------------------------" echo "---------------------------------------------------------"
echo "... subscribed to $msg" echo "... subscribed to $msg"
echo "... waiting for event" echo "... waiting for event"
continue continue
fi fi
# TODO - Some reason this is saying ERROR when its fine, needs to be fixed or removed
#if echo "$msg" | sed 's/"log":"\[.*\]"/"log":"<invalid_json>"/' | jq 'has("error")' > /dev/null; then
# echo "... error msg $msg"
# echo "---------------------------------------------------------"
# echo "... waiting for event"
# continue
#fi
CLEAN_MSG=$(echo "$msg" | sed 's/"log":"\[.*\]"/"log":"<invalid_json>"/' | jq '.result.events') CLEAN_MSG=$(echo "$msg" | sed 's/"log":"\[.*\]"/"log":"<invalid_json>"/' | jq '.result.events')
if echo "$CLEAN_MSG" | grep -q 'wasm-transfer'; then if echo "$CLEAN_MSG" | grep -q 'wasm-transfer'; then
echo "---------------------------------------------------------" echo "---------------------------------------------------------"
echo "... received wasm-transfer event!" echo "... received wasm-transfer event!"
echo "... fetching requests" echo "... fetching requests"
REQUESTS=$($CMD query wasm contract-state raw $CONTRACT $(printf '%s' "requests" | hexdump -ve '/1 "%02X"') -o json | jq -r .data | base64 -d) REQUESTS=$($CMD query wasm contract-state raw $CONTRACT $(printf '%s' "requests" | \
STATE=$($CMD query wasm contract-state raw $CONTRACT $(printf '%s' "state" | hexdump -ve '/1 "%02X"') -o json | jq -r .data | base64 -d) hexdump -ve '/1 "%02X"') -o json | jq -r .data | base64 -d)
STATE=$($CMD query wasm contract-state raw $CONTRACT $(printf '%s' "state" | \
hexdump -ve '/1 "%02X"') -o json | jq -r .data | base64 -d)
export ENCLAVE_REQUEST=$(jq -nc --argjson requests "$REQUESTS" --argjson state $STATE '$ARGS.named') export ENCLAVE_REQUEST=$(jq -nc --argjson requests "$REQUESTS" --argjson state $STATE '$ARGS.named')
export REQUEST_MSG=$(jq -nc --arg message "$ENCLAVE_REQUEST" '$ARGS.named') export REQUEST_MSG=$(jq -nc --arg message "$ENCLAVE_REQUEST" '$ARGS.named')
cd $ROOT/cycles-quartz/apps/transfers/enclave cd $ROOT/cycles-quartz/apps/transfers/enclave
echo "... executing transfer" echo "... executing transfer"
export ATTESTED_MSG=$(grpcurl -plaintext -import-path ./proto/ -proto transfers.proto -d "$REQUEST_MSG" "127.0.0.1:$QUARTZ_PORT" transfers.Settlement/Run | jq .message | jq -R 'fromjson | fromjson' | jq -c ) export ATTESTED_MSG=$(grpcurl -plaintext -import-path ./proto/ -proto transfers.proto \
-d "$REQUEST_MSG" "127.0.0.1:$QUARTZ_PORT" transfers.Settlement/Run | \
jq .message | jq -R 'fromjson | fromjson' | jq -c)
QUOTE=$(echo "$ATTESTED_MSG" | jq -c '.attestation') QUOTE=$(echo "$ATTESTED_MSG" | jq -c '.attestation')
MSG=$(echo "$ATTESTED_MSG" | jq -c '.msg') MSG=$(echo "$ATTESTED_MSG" | jq -c '.msg')
if [ -n "$MOCK_SGX" ]; then
echo "... running in MOCK_SGX mode"
EXECUTE=$(jq -nc --argjson update "$(jq -nc --argjson msg "$MSG" \
--argjson attestation "$QUOTE" '$ARGS.named')" '$ARGS.named')
else
echo "... getting report" echo "... getting report"
echo -n "$QUOTE" | xxd -r -p - > "$QUOTE_FILE" echo -n "$QUOTE" | xxd -r -p - > "$QUOTE_FILE"
gramine-sgx-ias-request report -g "$RA_CLIENT_SPID" -k "$IAS_API_KEY" -q "$QUOTE_FILE" -r "$REPORT_FILE" -s "$REPORT_SIG_FILE" > /dev/null 2>&1 gramine-sgx-ias-request report -g "$RA_CLIENT_SPID" -k "$IAS_API_KEY" -q "$QUOTE_FILE" \
-r "$REPORT_FILE" -s "$REPORT_SIG_FILE" > /dev/null 2>&1
REPORT=$(cat "$REPORT_FILE") REPORT=$(cat "$REPORT_FILE")
REPORTSIG=$(cat "$REPORT_SIG_FILE" | tr -d '\r') REPORTSIG=$(cat "$REPORT_SIG_FILE" | tr -d '\r')
EXECUTE=$(jq -nc --argjson update "$(jq -nc --argjson msg "$MSG" --argjson attestation \
"$(jq -nc --argjson report "$(jq -nc --argjson report "$REPORT" \
--arg reportsig "$REPORTSIG" '$ARGS.named')" '$ARGS.named')" '$ARGS.named')" '$ARGS.named')
fi
echo "... submitting update" echo "... submitting update"
export EXECUTE=$(jq -nc --argjson update "$(jq -nc --argjson msg "$MSG" --argjson attestation \
"$(jq -nc --argjson report "$(jq -nc --argjson report "$REPORT" --arg reportsig "$REPORTSIG" '$ARGS.named')" '$ARGS.named')" \
'$ARGS.named')" '$ARGS.named')
echo $EXECUTE | jq '.' echo $EXECUTE | jq '.'
$CMD tx wasm execute "$CONTRACT" "$EXECUTE" --from admin --chain-id testing -y --gas 2000000 $CMD tx wasm execute "$CONTRACT" "$EXECUTE" --from admin --chain-id testing -y --gas 2000000
@ -83,61 +84,48 @@ REPORT_SIG_FILE="/tmp/${USER}_datareportsig"
echo "... received wasm-query_balance event!" echo "... received wasm-query_balance event!"
echo "... fetching state" echo "... fetching state"
STATE=$($CMD query wasm contract-state raw $CONTRACT $(printf '%s' "state" | hexdump -ve '/1 "%02X"') -o json | jq -r .data | base64 -d) STATE=$($CMD query wasm contract-state raw $CONTRACT $(printf '%s' "state" | \
hexdump -ve '/1 "%02X"') -o json | jq -r .data | base64 -d)
# Extract the address from the event ADDRESS=$(echo "$msg" | sed 's/"log":"\[.*\]"/"log":"<invalid_json>"/' | \
ADDRESS=$(echo "$msg" | sed 's/"log":"\[.*\]"/"log":"<invalid_json>"/' | jq -r '.result.events["message.sender"]'[0]) jq -r '.result.events["message.sender"]'[0])
EPHEMERAL_PUBKEY=$(echo "$msg" | sed 's/"log":"\[.*\]"/"log":"<invalid_json>"/' | jq -r '.result.events["wasm-query_balance.emphemeral_pubkey"]'[0]) EPHEMERAL_PUBKEY=$(echo "$msg" | sed 's/"log":"\[.*\]"/"log":"<invalid_json>"/' | \
jq -r '.result.events["wasm-query_balance.emphemeral_pubkey"]'[0])
# Create the enclave request with state and address export ENCLAVE_REQUEST=$(jq -nc --argjson state "$STATE" --arg address "$ADDRESS" \
export ENCLAVE_REQUEST=$(jq -nc --argjson state "$STATE" --arg address "$ADDRESS" --arg ephemeral_pubkey "$EPHEMERAL_PUBKEY" '$ARGS.named') --arg ephemeral_pubkey "$EPHEMERAL_PUBKEY" '$ARGS.named')
export REQUEST_MSG=$(jq -nc --arg message "$ENCLAVE_REQUEST" '$ARGS.named') export REQUEST_MSG=$(jq -nc --arg message "$ENCLAVE_REQUEST" '$ARGS.named')
cd $ROOT/cycles-quartz/apps/transfers/enclave cd $ROOT/cycles-quartz/apps/transfers/enclave
echo "... executing query balance" echo "... executing query balance"
ATTESTED_MSG=$(grpcurl -plaintext -import-path ./proto/ -proto transfers.proto -d "$REQUEST_MSG" "127.0.0.1:$QUARTZ_PORT" transfers.Settlement/Query | jq -r '.message | fromjson') ATTESTED_MSG=$(grpcurl -plaintext -import-path ./proto/ -proto transfers.proto \
echo "atts msg" -d "$REQUEST_MSG" "127.0.0.1:$QUARTZ_PORT" transfers.Settlement/Query | jq -r '.message | fromjson')
echo $ATTESTED_MSG
QUOTE=$(echo "$ATTESTED_MSG" | jq -c '.attestation') QUOTE=$(echo "$ATTESTED_MSG" | jq -c '.attestation')
MSG=$(echo "$ATTESTED_MSG" | jq -c '.msg') MSG=$(echo "$ATTESTED_MSG" | jq -c '.msg')
echo "quote" QUERY_RESPONSE_MSG=$(jq -n --arg address "$ADDRESS" --argjson msg "$MSG" \
echo $QUOTE
echo "msg"
echo $MSG
echo -n "$QUOTE" | xxd -r -p - > "$QUOTE_FILE"
gramine-sgx-ias-request report -g "$RA_CLIENT_SPID" -k "$IAS_API_KEY" -q "$QUOTE_FILE" -r "$REPORT_FILE" -s "$REPORT_SIG_FILE" > /dev/null 2>&1
REPORT=$(cat "$REPORT_FILE")
REPORTSIG=$(cat "$REPORT_SIG_FILE" | tr -d '\r')
echo "... submitting update"
# Create the QueryResponseMsg structure with address inside the msg
export QUERY_RESPONSE_MSG=$(jq -n \
--arg address "$ADDRESS" \
--argjson msg "$MSG" \
'{address: $address, encrypted_bal: $msg.encrypted_bal}') '{address: $address, encrypted_bal: $msg.encrypted_bal}')
if [ -n "$MOCK_SGX" ]; then
# Create the execute message for query_response echo "... running in MOCK_SGX mode"
export EXECUTE=$(jq -nc \ EXECUTE=$(jq -nc --argjson query_response "$(jq -nc --argjson msg "$QUERY_RESPONSE_MSG" \
--argjson query_response "$(jq -nc \ --argjson attestation "$QUOTE" '$ARGS.named')" '{query_response: $query_response}')
--argjson msg "$QUERY_RESPONSE_MSG" \ else
--argjson attestation "$(jq -nc \ echo -n "$QUOTE" | xxd -r -p - > "$QUOTE_FILE"
--argjson report "$(jq -nc \ gramine-sgx-ias-request report -g "$RA_CLIENT_SPID" -k "$IAS_API_KEY" -q "$QUOTE_FILE" \
--argjson report "$REPORT" \ -r "$REPORT_FILE" -s "$REPORT_SIG_FILE" > /dev/null 2>&1
--arg reportsig "$REPORTSIG" \ REPORT=$(cat "$REPORT_FILE")
'$ARGS.named')" \ REPORTSIG=$(cat "$REPORT_SIG_FILE" | tr -d '\r')
'$ARGS.named')" \ EXECUTE=$(jq -nc --argjson query_response "$(jq -nc --argjson msg "$QUERY_RESPONSE_MSG" \
'$ARGS.named')" \ --argjson attestation "$(jq -nc --argjson report "$(jq -nc --argjson report "$REPORT" \
--arg reportsig "$REPORTSIG" '$ARGS.named')" '$ARGS.named')" '$ARGS.named')" \
'{query_response: $query_response}') '{query_response: $query_response}')
fi
echo "... submitting update"
echo $EXECUTE | jq '.' echo $EXECUTE | jq '.'
$CMD tx wasm execute "$CONTRACT" "$EXECUTE" --from admin --chain-id testing -y --gas 2000000 $CMD tx wasm execute "$CONTRACT" "$EXECUTE" --from admin --chain-id testing -y --gas 2000000
echo " ... done" echo " ... done"
echo "------------------------------------" echo "------------------------------------"
echo "... waiting for event" echo "... waiting for event"

20
relayer/scripts/relay.sh
View file

@ -33,23 +33,21 @@ MSG=$(echo "$ATTESTED_MSG" | jq 'del(.quote)')
if [ -n "$MOCK_SGX" ]; then if [ -n "$MOCK_SGX" ]; then
case "$REQUEST" in case "$REQUEST" in
"Instantiate") "Instantiate")
jq -nc --argjson msg "$MSG" --argjson "attestation" \ jq -nc --argjson msg "$MSG" --argjson "attestation" "$QUOTE" '$ARGS.named'
"$QUOTE" \ ;;
'$ARGS.named' ;;
"SessionCreate" | "SessionSetPubKey") "SessionCreate" | "SessionSetPubKey")
REQUEST_KEY=$(echo "$REQUEST" | perl -pe 's/([A-Z])/_\L$1/g;s/^_//') #sed 's/\([A-Z]\)/_\L\1/g;s/^_//') REQUEST_KEY=$(echo "$REQUEST" | perl -pe 's/([A-Z])/_\L$1/g;s/^_//')
jq -nc --argjson quartz "$(jq -nc --argjson "$REQUEST_KEY" "$(jq -nc --argjson msg "$MSG" --argjson attestation \ jq -nc --argjson quartz "$(jq -nc --argjson "$REQUEST_KEY" "$(jq -nc \
"$QUOTE" '$ARGS.named')" '$ARGS.named')" '$ARGS.named' ;; --argjson msg "$MSG" --argjson attestation "$QUOTE" '$ARGS.named')" \
'$ARGS.named')" '$ARGS.named'
;;
*) *)
usage ;; usage
;;
esac esac
exit exit
fi fi
# clear tmp files from previous runs # clear tmp files from previous runs
rm -f "$QUOTE_FILE" "$REPORT_FILE" "$REPORT_SIG_FILE" rm -f "$QUOTE_FILE" "$REPORT_FILE" "$REPORT_SIG_FILE"