WIP attestation pallet

pallets/attestation/Cargo.toml

@@ -0,0 +1,32 @@
+[package]
+name      ="pallet-attestation"
+version   ="0.1.0"
+authors   =['Entropy Cryptography <[email protected]>']
+homepage  ='https://entropy.xyz/'
+license   ='AGPL-3.0-or-later'
+repository='https://github.com/entropyxyz/entropy-core'
+edition   ='2021'
+publish   =false
+
+[dependencies]
+codec        ={ package="parity-scale-codec", version="3.6.3", default-features=false, features=["derive"] }
+scale-info   ={ version="2.11", default-features=false, features=["derive"] }
+log          ={ version="0.4.22", default-features=false }
+frame-support={ version="29.0.0", default-features=false }
+frame-system ={ version="29.0.0", default-features=false }
+tdx-quote    ={ git="https://github.com/entropyxyz/tdx-quote" }
+
+entropy-shared={ version="0.2.0", path="../../crates/shared", features=[
+  "wasm-no-std",
+], default-features=false }
+
+[features]
+default=['std']
+# runtime-benchmarks=['frame-benchmarking']
+std=[
+  # 'frame-benchmarking/std',
+  'frame-support/std',
+  'frame-system/std',
+  'log/std',
+]
+try-runtime=['frame-support/try-runtime']

pallets/attestation/src/lib.rs

@@ -0,0 +1,127 @@
+// Copyright (C) 2023 Entropy Cryptography Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+//! # Attestation Pallet
+
+#![cfg_attr(not(feature = "std"), no_std)]
+pub use pallet::*;
+
+// #[cfg(feature = "runtime-benchmarks")]
+// pub mod benchmarking;
+
+// pub mod weights;
+
+// #[cfg(test)]
+// mod mock;
+
+// #[cfg(test)]
+// mod tests;
+
+#[frame_support::pallet]
+pub mod pallet {
+    use frame_support::pallet_prelude::*;
+    use frame_system::pallet_prelude::*;
+    use tdx_quote::Quote;
+    // use entropy_shared::QuoteInputData;
+
+    // pub use crate::weights::WeightInfo;
+
+    #[pallet::pallet]
+    pub struct Pallet<T>(_);
+
+    #[pallet::config]
+    pub trait Config: frame_system::Config {
+        /// The overarching event type.
+        type RuntimeEvent: From<Event<Self>> + IsType<<Self as frame_system::Config>::RuntimeEvent>;
+
+        /// Describes the weights of the dispatchables exposed by this pallet.
+        type WeightInfo = ();
+        // type WeightInfo: WeightInfo;
+    }
+
+    #[pallet::genesis_config]
+    #[derive(frame_support::DefaultNoBound)]
+    pub struct GenesisConfig<T: Config> {
+        pub initial_pending_attestations: Vec<(T::AccountId, [u8; 32])>,
+    }
+
+    #[pallet::genesis_build]
+    impl<T: Config> BuildGenesisConfig for GenesisConfig<T> {
+        fn build(&self) {
+            for (account_id, nonce) in &self.initial_pending_attestations {
+                PendingAttestations::<T>::insert(account_id, nonce);
+            }
+        }
+    }
+
+    /// A map of TSS account id to quote nonce for pending attestations
+    #[pallet::storage]
+    #[pallet::getter(fn pending_attestations)]
+    pub type PendingAttestations<T: Config> =
+        StorageMap<_, Blake2_128Concat, T::AccountId, [u8; 32], OptionQuery>;
+
+    #[pallet::event]
+    #[pallet::generate_deposit(pub(super) fn deposit_event)]
+    pub enum Event<T: Config> {
+        AttestationMade,
+    }
+
+    #[pallet::error]
+    pub enum Error<T> {
+        BadQuote,
+    }
+
+    // Add hooks to define some logic that should be executed
+    // in a specific context, for example on_initialize.
+    //  #[pallet::hooks]
+    //  impl<T: Config> Hooks<BlockNumberFor<T>> for Pallet<T> { ... }
+
+    #[pallet::call]
+    impl<T: Config> Pallet<T> {
+        #[pallet::call_index(0)]
+        // #[pallet::weight({<T as Config>::WeightInfo::attest()})]
+        //
+        #[pallet::weight(())]
+        pub fn attest(origin: OriginFor<T>, quote: Vec<u8>) -> DispatchResult {
+            let who = ensure_signed(origin)?;
+            // Check that we were expecting a quote from this validator by getting the associated
+            // nonce from PendingAttestations.
+            let _nonce = PendingAttestations::<T>::get(&who);
+
+            // Parse the quote (which internally verifies the signature)
+            let quote = Quote::from_bytes(&quote).map_err(|_| Error::<T>::BadQuote)?;
+
+            // Get associated TSS account ID and x25519 public key from staking pallet
+
+            // Get current block number
+
+            // Check report input data matches the nonce, TSS details and block number
+            let _report_input_data = quote.report_input_data();
+
+            // Remove the entry from PendingAttestations
+            PendingAttestations::<T>::remove(&who);
+
+            // Check measurements match current release of entropy-tss
+            let _mrtd = quote.mrtd();
+
+            // Check that the attestation public key matches that from PCK certificate
+            let _attestation_key = quote.attestation_key;
+
+            // If anything fails, do something mean
+            Self::deposit_event(Event::AttestationMade);
+            Ok(())
+        }
+    }
+}