From 0ca3e491124b0516233a7d709f9aaae809b1d594 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 22 Oct 2024 07:22:32 +0000 Subject: [PATCH 01/18] Bump the patch-dependencies group with 2 updates (#1125) Bumps the patch-dependencies group with 2 updates: [serde](https://github.com/serde-rs/serde) and [serde_derive](https://github.com/serde-rs/serde). Updates `serde` from 1.0.210 to 1.0.211 - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](https://github.com/serde-rs/serde/compare/v1.0.210...v1.0.211) Updates `serde_derive` from 1.0.210 to 1.0.211 - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](https://github.com/serde-rs/serde/compare/v1.0.210...v1.0.211) --- updated-dependencies: - dependency-name: serde dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies - dependency-name: serde_derive dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Cargo.lock | 158 ++++++++++++++++++------------------- node/cli/Cargo.toml | 2 +- pallets/staking/Cargo.toml | 2 +- 3 files changed, 81 insertions(+), 81 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 1f78bb1a4..644d8e999 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -239,7 +239,7 @@ dependencies = [ "proc-macro-error", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -600,7 +600,7 @@ checksum = "721cae7de5c34fbb2acd27e21e6d2cf7b886dce0c27388d46c4e6c47ea4318dd" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -636,7 +636,7 @@ checksum = "3c87f3f15e7794432337fc718554eaa4dc8f04c9677a950ffe366f20a162ae42" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -819,7 +819,7 @@ dependencies = [ "regex", "rustc-hash", "shlex", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -1331,7 +1331,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -1883,7 +1883,7 @@ checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -1910,7 +1910,7 @@ dependencies = [ "proc-macro2", "quote", "scratch", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -1927,7 +1927,7 @@ checksum = "ad08a837629ad949b73d032c637653d069e909cffe4ee7870b02301939ce39cc" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -1975,7 +1975,7 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.10.0", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -1997,7 +1997,7 @@ checksum = "a668eda54683121533a393014d8692171709ff57a7d61f187b6e782719f8933f" dependencies = [ "darling_core 0.20.8", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -2111,7 +2111,7 @@ checksum = "d65d7ce8132b7c0e54497a4d9a55a1c2a0912a0d786cf894472ba818fba45762" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -2213,7 +2213,7 @@ checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -2237,7 +2237,7 @@ dependencies = [ "proc-macro2", "quote", "regex", - "syn 2.0.58", + "syn 2.0.82", "termcolor", "toml 0.8.12", "walkdir", @@ -2851,7 +2851,7 @@ checksum = "5c785274071b1b420972453b306eeca06acf4633829db4223b58a2a8c5953bc4" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -3043,7 +3043,7 @@ dependencies = [ "prettier-please", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -3308,7 +3308,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -3495,7 +3495,7 @@ dependencies = [ "proc-macro2", "quote", "sp-crypto-hashing", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -3515,7 +3515,7 @@ dependencies = [ "proc-macro2", "quote", "sp-crypto-hashing", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -3528,7 +3528,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -3541,7 +3541,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -3552,7 +3552,7 @@ checksum = "68672b9ec6fe72d259d3879dc212c5e42e977588cdac830c76f54d9f492aeb58" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -3563,7 +3563,7 @@ checksum = "ed971c6435503a099bdac99fe4c5bea08981709e5b5a0a8535a1856f48561191" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -3744,7 +3744,7 @@ checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -4969,7 +4969,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -5789,7 +5789,7 @@ dependencies = [ "macro_magic_core", "macro_magic_macros", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -5803,7 +5803,7 @@ dependencies = [ "macro_magic_core_macros", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -5814,7 +5814,7 @@ checksum = "9ea73aa640dc01d62a590d48c0c3521ed739d53b27f919b25c3551e233481654" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -5825,7 +5825,7 @@ checksum = "ef9d79ae96aaba821963320eb2b6e34d17df1e5a83d8a1985c29cc5be59577b3" dependencies = [ "macro_magic_core", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -6497,7 +6497,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -6623,7 +6623,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -7441,7 +7441,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -7864,7 +7864,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -7905,7 +7905,7 @@ checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -8023,7 +8023,7 @@ dependencies = [ "polkavm-common 0.8.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -8035,7 +8035,7 @@ dependencies = [ "polkavm-common 0.9.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -8045,7 +8045,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "15e85319a0d5129dc9f021c62607e0804f5fb777a05cdda44d750ac0732def66" dependencies = [ "polkavm-derive-impl 0.8.0", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -8055,7 +8055,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8ba81f7b5faac81e528eb6158a6f3c9e0bb1008e0ffa19653bc8dea925ecb429" dependencies = [ "polkavm-derive-impl 0.9.0", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -8168,7 +8168,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "22020dfcf177fcc7bf5deaf7440af371400c67c0de14c399938d8ed4fb4645d3" dependencies = [ "proc-macro2", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -8188,7 +8188,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8d3928fb5db768cb86f891ff014f0144589297e3c6a1aba6ed7cecfdace270c7" dependencies = [ "proc-macro2", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -8265,14 +8265,14 @@ checksum = "834da187cfe638ae8abb0203f0b33e5ccdb02a28e7199f2f47b3e2754f50edca" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] name = "proc-macro2" -version = "1.0.79" +version = "1.0.88" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e835ff2298f5721608eb1a980ecaee1aef2c132bf95ecc026a11b7bf3c01c02e" +checksum = "7c3a7fc5db1e57d5a779a352c8cdb57b29aa4c40cc69c3a68a7fedc815fbf2f9" dependencies = [ "unicode-ident", ] @@ -8317,7 +8317,7 @@ checksum = "440f724eba9f6996b75d63681b0a92b06947f1457076d503a4d2e2c8f56442b8" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -8401,7 +8401,7 @@ dependencies = [ "itertools 0.12.1", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -8710,7 +8710,7 @@ checksum = "5fddb4f8d99b0a2ebafc65a87a69a7b9875e4b1ae1f00db265d300ef7f28bccc" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -9394,7 +9394,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -10993,7 +10993,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -11230,7 +11230,7 @@ dependencies = [ "proc-macro2", "quote", "scale-info", - "syn 2.0.58", + "syn 2.0.82", "thiserror", ] @@ -11294,7 +11294,7 @@ dependencies = [ "proc-macro2", "quote", "serde_derive_internals", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -11480,9 +11480,9 @@ checksum = "cd0b0ec5f1c1ca621c432a25813d8d60c88abe6d3e08a3eb9cf37d97a0fe3d73" [[package]] name = "serde" -version = "1.0.210" +version = "1.0.211" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8e3592472072e6e22e0a54d5904d9febf8508f65fb8552499a1abc7d1078c3a" +checksum = "1ac55e59090389fb9f0dd9e0f3c09615afed1d19094284d0b200441f13550793" dependencies = [ "serde_derive", ] @@ -11498,13 +11498,13 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.210" +version = "1.0.211" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f" +checksum = "54be4f245ce16bc58d57ef2716271d0d4519e0f6defa147f6e081005bcb278ff" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -11515,7 +11515,7 @@ checksum = "330f01ce65a3a5fe59a60c82f3c9a024b573b8a6e875bd233fe5f934e71d54e3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -11593,7 +11593,7 @@ checksum = "82fe9db325bcef1fbcde82e078a5cc4efdf787e96b3b9cf45b50b529f2083d67" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -11991,7 +11991,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -12006,7 +12006,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -12484,7 +12484,7 @@ checksum = "b85d0f1f1e44bd8617eb2a48203ee854981229e3e79e6f468c7175d5fd37489b" dependencies = [ "quote", "sp-crypto-hashing", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -12505,7 +12505,7 @@ checksum = "48d09fa0a5f7299fb81ee25ae3853d26200f7a348148aed6de76be905c007dbe" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -13018,7 +13018,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -13032,7 +13032,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -13472,7 +13472,7 @@ dependencies = [ "parity-scale-codec", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -13484,7 +13484,7 @@ dependencies = [ "parity-scale-codec", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -13730,7 +13730,7 @@ dependencies = [ "proc-macro2", "quote", "rustversion", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -13912,7 +13912,7 @@ dependencies = [ "scale-info", "scale-typegen", "subxt-metadata", - "syn 2.0.58", + "syn 2.0.82", "thiserror", "tokio", ] @@ -13956,7 +13956,7 @@ dependencies = [ "quote", "scale-typegen", "subxt-codegen", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -14009,9 +14009,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.58" +version = "2.0.82" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "44cfb93f38070beee36b3fef7d4f5a16f27751d94b187b666a5cc5e9b0d30687" +checksum = "83540f837a8afc019423a8edb95b52a8effe46957ee402287f4292fae35be021" dependencies = [ "proc-macro2", "quote", @@ -14204,7 +14204,7 @@ checksum = "08904e7672f5eb876eaaf87e0ce17857500934f4981c4a0ab2b4aa98baac7fc3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -14325,7 +14325,7 @@ checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -14583,7 +14583,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -15135,7 +15135,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", "wasm-bindgen-shared", ] @@ -15191,7 +15191,7 @@ checksum = "26c6ab57572f7a24a4985830b120de1594465e5d500f24afe89e16b4e833ef68" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -15544,7 +15544,7 @@ dependencies = [ "anyhow", "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", "wasmtime-component-util", "wasmtime-wit-bindgen", "wit-parser 0.9.2", @@ -15868,7 +15868,7 @@ checksum = "ca7af9bb3ee875c4907835e607a275d10b04d15623d3aebe01afe8fbd3f85050" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -16388,7 +16388,7 @@ checksum = "78cce32dd08007af45dbaa00e225eb73d05524096f93933d7ecba852d50d8af3" dependencies = [ "anyhow", "proc-macro2", - "syn 2.0.58", + "syn 2.0.82", "wit-bindgen-core", "wit-bindgen-rust", "wit-component", @@ -16576,7 +16576,7 @@ checksum = "9ce1b18ccd8e73a9321186f97e46f9f04b778851177567b1975109d26a08d2a6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] @@ -16596,7 +16596,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.82", ] [[package]] diff --git a/node/cli/Cargo.toml b/node/cli/Cargo.toml index 1c9490e2f..f1560ab81 100644 --- a/node/cli/Cargo.toml +++ b/node/cli/Cargo.toml @@ -29,7 +29,7 @@ lazy_static ={ version="1.5.0", features=["spin_no_std"] } log ="0.4.22" pallet-im-online={ version="28.0.0" } rand ="0.8.5" -serde ={ version="1.0.210", features=["derive"] } +serde ={ version="1.0.211", features=["derive"] } serde_json ='1.0.132' # Substrate Client diff --git a/pallets/staking/Cargo.toml b/pallets/staking/Cargo.toml index 6a4967cc8..453365711 100644 --- a/pallets/staking/Cargo.toml +++ b/pallets/staking/Cargo.toml @@ -15,7 +15,7 @@ targets=['x86_64-unknown-linux-gnu'] codec ={ package="parity-scale-codec", version="3.6.3", default-features=false, features=["derive"] } scale-info ={ version="2.11", default-features=false, features=["derive"] } log ={ version="0.4.22", default-features=false } -serde ={ version="1.0.210", default-features=false } +serde ={ version="1.0.211", default-features=false } rand_chacha={ version="0.3", default-features=false } frame-benchmarking={ version="29.0.0", default-features=false, optional=true } From 65a38db65b0294f75a7d5ebd0726f8687601fb33 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 22 Oct 2024 11:12:13 +0200 Subject: [PATCH 02/18] Bump bytes from 1.7.2 to 1.8.0 (#1126) Bumps [bytes](https://github.com/tokio-rs/bytes) from 1.7.2 to 1.8.0. - [Release notes](https://github.com/tokio-rs/bytes/releases) - [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md) - [Commits](https://github.com/tokio-rs/bytes/compare/v1.7.2...v1.8.0) --- updated-dependencies: - dependency-name: bytes dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Cargo.lock | 4 ++-- crates/threshold-signature-server/Cargo.toml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 644d8e999..da6afe6a9 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1072,9 +1072,9 @@ checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" [[package]] name = "bytes" -version = "1.7.2" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "428d9aa8fbc0670b7b8d6030a7fadd0f86151cae55e4dbbece15f3780a3dfaf3" +checksum = "9ac0150caa2ae65ca5bd83f25c7de183dea78d4d366469f148435e2acfbad0da" dependencies = [ "serde", ] diff --git a/crates/threshold-signature-server/Cargo.toml b/crates/threshold-signature-server/Cargo.toml index c335bc651..974daa21a 100644 --- a/crates/threshold-signature-server/Cargo.toml +++ b/crates/threshold-signature-server/Cargo.toml @@ -63,7 +63,7 @@ tokio-tungstenite="0.24.0" bincode ="1.3.3" bip32 ={ version="0.5.2" } bip39 ={ version="2.1.0", features=["zeroize"] } -bytes ={ version="1.7", default-features=false, features=["serde"] } +bytes ={ version="1.8", default-features=false, features=["serde"] } base64 ="0.22.1" clap ={ version="4.5.20", features=["derive"] } num ="0.4.3" From efd55ec307db64ffa50d8cb4e8ab1ed0ad9bdf5a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 23 Oct 2024 08:14:16 +0000 Subject: [PATCH 03/18] Bump the patch-dependencies group with 5 updates (#1131) Bumps the patch-dependencies group with 5 updates: | Package | From | To | | --- | --- | --- | | [serde](https://github.com/serde-rs/serde) | `1.0.211` | `1.0.213` | | [thiserror](https://github.com/dtolnay/thiserror) | `1.0.64` | `1.0.65` | | [anyhow](https://github.com/dtolnay/anyhow) | `1.0.90` | `1.0.91` | | [scale-info](https://github.com/paritytech/scale-info) | `2.11.3` | `2.11.4` | | [serde_derive](https://github.com/serde-rs/serde) | `1.0.211` | `1.0.213` | Updates `serde` from 1.0.211 to 1.0.213 - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](https://github.com/serde-rs/serde/compare/v1.0.211...v1.0.213) Updates `thiserror` from 1.0.64 to 1.0.65 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](https://github.com/dtolnay/thiserror/compare/1.0.64...1.0.65) Updates `anyhow` from 1.0.90 to 1.0.91 - [Release notes](https://github.com/dtolnay/anyhow/releases) - [Commits](https://github.com/dtolnay/anyhow/compare/1.0.90...1.0.91) Updates `scale-info` from 2.11.3 to 2.11.4 - [Release notes](https://github.com/paritytech/scale-info/releases) - [Changelog](https://github.com/paritytech/scale-info/blob/master/CHANGELOG.md) - [Commits](https://github.com/paritytech/scale-info/compare/v2.11.3...v2.11.4) Updates `serde_derive` from 1.0.211 to 1.0.213 - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](https://github.com/serde-rs/serde/compare/v1.0.211...v1.0.213) --- updated-dependencies: - dependency-name: serde dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies - dependency-name: thiserror dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies - dependency-name: anyhow dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies - dependency-name: scale-info dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies - dependency-name: serde_derive dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Cargo.lock | 70 +++++++++++++------- crates/client/Cargo.toml | 4 +- crates/kvdb/Cargo.toml | 2 +- crates/protocol/Cargo.toml | 4 +- crates/shared/Cargo.toml | 2 +- crates/test-cli/Cargo.toml | 2 +- crates/threshold-signature-server/Cargo.toml | 4 +- node/cli/Cargo.toml | 2 +- pallets/staking/Cargo.toml | 2 +- 9 files changed, 56 insertions(+), 36 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index da6afe6a9..ac39c4301 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -215,9 +215,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.90" +version = "1.0.91" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37bf3594c4c988a53154954629820791dde498571819ae4ca50ca811e060cc95" +checksum = "c042108f3ed77fd83760a5fd79b53be043192bb3b9dba91d8c574c0ada7850c8" [[package]] name = "approx" @@ -2127,6 +2127,26 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "derive_more" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4a9b99b9cbbe49445b21764dc0625032a89b145a2642e67603e1c936f5458d05" +dependencies = [ + "derive_more-impl", +] + +[[package]] +name = "derive_more-impl" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb7330aeadfbe296029522e6c40f315320aba36fc43a5b3632f3795348f3bd22" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.82", +] + [[package]] name = "difflib" version = "0.4.0" @@ -9174,7 +9194,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "58c4eb8a81997cf040a091d1f7e1938aeab6749d3a0dfa73af43cdc32393483d" dependencies = [ "byteorder", - "derive_more", + "derive_more 0.99.17", "twox-hash", ] @@ -10844,7 +10864,7 @@ version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "25d2ab8f15021916a07cfbe7a08be484c5dc7d57f07bc0e2aa03260b55a5632f" dependencies = [ - "derive_more", + "derive_more 0.99.17", "futures", "libc", "log", @@ -10866,7 +10886,7 @@ version = "31.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d6a838bf3ba61e83c0f3be4a41ba7ed8c71d19c2adee6396046f78317006637b" dependencies = [ - "derive_more", + "derive_more 0.99.17", "futures", "libc", "log", @@ -11136,7 +11156,7 @@ version = "0.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "afc79ba56a1c742f5aeeed1f1801f3edf51f7e818f0a54582cac6f131364ea7b" dependencies = [ - "derive_more", + "derive_more 0.99.17", "parity-scale-codec", "primitive-types", "scale-bits", @@ -11163,7 +11183,7 @@ version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "628800925a33794fb5387781b883b5e14d130fece9af5a63613867b8de07c5c7" dependencies = [ - "derive_more", + "derive_more 0.99.17", "parity-scale-codec", "primitive-types", "scale-bits", @@ -11187,13 +11207,13 @@ dependencies = [ [[package]] name = "scale-info" -version = "2.11.3" +version = "2.11.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eca070c12893629e2cc820a9761bedf6ce1dcddc9852984d1dc734b8bd9bd024" +checksum = "22760a375f81a31817aeaf6f5081e9ccb7ffd7f2da1809a6e3fc82b6656f10d5" dependencies = [ "bitvec", "cfg-if", - "derive_more", + "derive_more 1.0.0", "parity-scale-codec", "scale-info-derive", "serde", @@ -11201,9 +11221,9 @@ dependencies = [ [[package]] name = "scale-info-derive" -version = "2.11.3" +version = "2.11.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2d35494501194174bda522a32605929eefc9ecf7e0a326c26db1fdd85881eb62" +checksum = "abc61ebe25a5c410c0e245028fc9934bf8fa4817199ef5a24a68092edfd34614" dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", @@ -11242,7 +11262,7 @@ checksum = "c07ccfee963104335c971aaf8b7b0e749be8569116322df23f1f75c4ca9e4a28" dependencies = [ "base58", "blake2 0.10.6", - "derive_more", + "derive_more 0.99.17", "either", "frame-metadata 15.1.0", "parity-scale-codec", @@ -11480,9 +11500,9 @@ checksum = "cd0b0ec5f1c1ca621c432a25813d8d60c88abe6d3e08a3eb9cf37d97a0fe3d73" [[package]] name = "serde" -version = "1.0.211" +version = "1.0.213" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1ac55e59090389fb9f0dd9e0f3c09615afed1d19094284d0b200441f13550793" +checksum = "3ea7893ff5e2466df8d720bb615088341b295f849602c6956047f8f80f0e9bc1" dependencies = [ "serde_derive", ] @@ -11498,9 +11518,9 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.211" +version = "1.0.213" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "54be4f245ce16bc58d57ef2716271d0d4519e0f6defa147f6e081005bcb278ff" +checksum = "7e85ad2009c50b58e87caa8cd6dac16bdf511bbfb7af6c33df902396aa480fa5" dependencies = [ "proc-macro2", "quote", @@ -11798,7 +11818,7 @@ dependencies = [ "bs58 0.5.1", "chacha20 0.9.1", "crossbeam-queue", - "derive_more", + "derive_more 0.99.17", "ed25519-zebra 4.0.3", "either", "event-listener 4.0.3", @@ -11848,7 +11868,7 @@ dependencies = [ "async-lock 3.3.0", "base64 0.21.7", "blake2-rfc", - "derive_more", + "derive_more 0.99.17", "either", "event-listener 4.0.3", "fnv", @@ -13965,7 +13985,7 @@ version = "0.35.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cc10c54028d079a9f1be65188707cd29e5ffd8d0031a2b1346a0941d57b7ab7e" dependencies = [ - "derive_more", + "derive_more 0.99.17", "frame-metadata 16.0.0", "hashbrown 0.14.3", "parity-scale-codec", @@ -13981,7 +14001,7 @@ checksum = "6ccb59a38fe357fab55247756174435e8626b93929864e8a498635a15e779df8" dependencies = [ "bip39", "cfg-if", - "derive_more", + "derive_more 0.99.17", "hex", "hmac 0.12.1", "parity-scale-codec", @@ -14189,18 +14209,18 @@ checksum = "3369f5ac52d5eb6ab48c6b4ffdc8efbcad6b89c765749064ba298f2c68a16a76" [[package]] name = "thiserror" -version = "1.0.64" +version = "1.0.65" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d50af8abc119fb8bb6dbabcfa89656f46f84aa0ac7688088608076ad2b459a84" +checksum = "5d11abd9594d9b38965ef50805c5e469ca9cc6f197f883f717e0269a3057b3d5" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.64" +version = "1.0.65" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08904e7672f5eb876eaaf87e0ce17857500934f4981c4a0ab2b4aa98baac7fc3" +checksum = "ae71770322cbd277e69d762a16c444af02aa0575ac0d174f0b9562d3b37f8602" dependencies = [ "proc-macro2", "quote", diff --git a/crates/client/Cargo.toml b/crates/client/Cargo.toml index 9a5b4fb89..def3befd7 100644 --- a/crates/client/Cargo.toml +++ b/crates/client/Cargo.toml @@ -14,7 +14,7 @@ serde ={ version="1.0", default-features=false, features=["derive"] } entropy-shared={ version="0.3.0-rc.1", path="../shared", default-features=false } subxt ={ version="0.35.3", default-features=false, features=["jsonrpsee"] } num ="0.4.3" -thiserror ="1.0.64" +thiserror ="1.0.65" futures ="0.3" sp-core ={ version="31.0.0", default-features=false, features=["full_crypto", "serde"] } tracing ="0.1.37" @@ -30,7 +30,7 @@ reqwest ={ version="0.12.8", features=["json", "stream"], optional=true base64 ={ version="0.22.0", optional=true } synedrion ={ version="0.2.0-beta.0", optional=true } hex ={ version="0.4.3", optional=true } -anyhow ="1.0.90" +anyhow ="1.0.91" # Only for the browser js-sys={ version="0.3.72", optional=true } diff --git a/crates/kvdb/Cargo.toml b/crates/kvdb/Cargo.toml index 7d48bf962..f421d20d8 100644 --- a/crates/kvdb/Cargo.toml +++ b/crates/kvdb/Cargo.toml @@ -12,7 +12,7 @@ edition ='2021' # Common rand ={ version="0.8", default-features=false } serde ={ version="1.0", features=["derive"] } -thiserror="1.0.64" +thiserror="1.0.65" hex ="0.4.3" # Substrate diff --git a/crates/protocol/Cargo.toml b/crates/protocol/Cargo.toml index 6629ac7cf..5bc98bc29 100644 --- a/crates/protocol/Cargo.toml +++ b/crates/protocol/Cargo.toml @@ -20,7 +20,7 @@ x25519-dalek ={ version="2.0.1", features=["static_secrets"] } futures ="0.3" hex ="0.4.3" blake2 ="0.10.4" -thiserror ="1.0.64" +thiserror ="1.0.65" snow ="0.9.6" getrandom ={ version="0.2", features=["js"] } rand_core ={ version="0.6.4", features=["getrandom"] } @@ -49,7 +49,7 @@ schnorrkel ={ version="0.11.4", default-features=false, features=["std" [dev-dependencies] serial_test="3.1.1" sp-keyring ="34.0.0" -anyhow ="1.0.90" +anyhow ="1.0.91" num_cpus ="1.16.0" [features] diff --git a/crates/shared/Cargo.toml b/crates/shared/Cargo.toml index 7a7cdc923..450d5b049 100644 --- a/crates/shared/Cargo.toml +++ b/crates/shared/Cargo.toml @@ -10,7 +10,7 @@ edition ='2021' [dependencies] codec ={ package="parity-scale-codec", version="3.0.0", default-features=false } -scale-info ={ version='2.11.3', default-features=false, features=['derive'] } +scale-info ={ version='2.11.4', default-features=false, features=['derive'] } serde ={ version="1.0", default-features=false, features=["derive"] } serde_derive="1.0.147" strum ="0.26.3" diff --git a/crates/test-cli/Cargo.toml b/crates/test-cli/Cargo.toml index 012e120c9..84b4da05e 100644 --- a/crates/test-cli/Cargo.toml +++ b/crates/test-cli/Cargo.toml @@ -14,7 +14,7 @@ clap ={ version="4.5.20", features=["derive"] } colored ="2.0.4" subxt ="0.35.3" sp-core ="31.0.0" -anyhow ="1.0.90" +anyhow ="1.0.91" tokio ={ version="1.40", features=["macros", "rt-multi-thread", "io-util", "process"] } hex ="0.4.3" bincode ="1.3.3" diff --git a/crates/threshold-signature-server/Cargo.toml b/crates/threshold-signature-server/Cargo.toml index 974daa21a..42568b0d8 100644 --- a/crates/threshold-signature-server/Cargo.toml +++ b/crates/threshold-signature-server/Cargo.toml @@ -12,8 +12,8 @@ edition ='2021' # Common serde ={ version="1.0", default-features=false, features=["derive"] } serde_json ="1.0" -anyhow ="1.0.90" -thiserror ="1.0.64" +anyhow ="1.0.91" +thiserror ="1.0.65" blake2 ="0.10.4" x25519-dalek ={ version="2.0.1", features=["static_secrets"] } rand_core ="0.6.4" diff --git a/node/cli/Cargo.toml b/node/cli/Cargo.toml index f1560ab81..a23ed0153 100644 --- a/node/cli/Cargo.toml +++ b/node/cli/Cargo.toml @@ -29,7 +29,7 @@ lazy_static ={ version="1.5.0", features=["spin_no_std"] } log ="0.4.22" pallet-im-online={ version="28.0.0" } rand ="0.8.5" -serde ={ version="1.0.211", features=["derive"] } +serde ={ version="1.0.213", features=["derive"] } serde_json ='1.0.132' # Substrate Client diff --git a/pallets/staking/Cargo.toml b/pallets/staking/Cargo.toml index 453365711..5729b1850 100644 --- a/pallets/staking/Cargo.toml +++ b/pallets/staking/Cargo.toml @@ -15,7 +15,7 @@ targets=['x86_64-unknown-linux-gnu'] codec ={ package="parity-scale-codec", version="3.6.3", default-features=false, features=["derive"] } scale-info ={ version="2.11", default-features=false, features=["derive"] } log ={ version="0.4.22", default-features=false } -serde ={ version="1.0.211", default-features=false } +serde ={ version="1.0.213", default-features=false } rand_chacha={ version="0.3", default-features=false } frame-benchmarking={ version="29.0.0", default-features=false, optional=true } From 49db7449c7b0f9c687553fb8388dc444d5a009c0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 23 Oct 2024 12:18:43 +0200 Subject: [PATCH 04/18] Bump tokio from 1.40.0 to 1.41.0 (#1132) Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.40.0 to 1.41.0. - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.40.0...tokio-1.41.0) --- updated-dependencies: - dependency-name: tokio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: peg --- Cargo.lock | 4 ++-- crates/client/Cargo.toml | 2 +- crates/kvdb/Cargo.toml | 2 +- crates/protocol/Cargo.toml | 2 +- crates/test-cli/Cargo.toml | 2 +- crates/testing-utils/Cargo.toml | 2 +- crates/threshold-signature-server/Cargo.toml | 2 +- scripts/create-test-keyshares/Cargo.toml | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index ac39c4301..ff9f7a205 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -14321,9 +14321,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.40.0" +version = "1.41.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2b070231665d27ad9ec9b8df639893f46727666c6767db40317fbe920a5d998" +checksum = "145f3413504347a2be84393cc8a7d2fb4d863b375909ea59f2158261aa258bbb" dependencies = [ "backtrace", "bytes", diff --git a/crates/client/Cargo.toml b/crates/client/Cargo.toml index def3befd7..14403aca7 100644 --- a/crates/client/Cargo.toml +++ b/crates/client/Cargo.toml @@ -34,7 +34,7 @@ anyhow ="1.0.91" # Only for the browser js-sys={ version="0.3.72", optional=true } -tokio ={ version="1.40", features=["time"] } +tokio ={ version="1.41", features=["time"] } [dev-dependencies] serial_test ="3.1.1" diff --git a/crates/kvdb/Cargo.toml b/crates/kvdb/Cargo.toml index f421d20d8..4044ceade 100644 --- a/crates/kvdb/Cargo.toml +++ b/crates/kvdb/Cargo.toml @@ -26,7 +26,7 @@ chacha20poly1305={ version="0.9", features=["alloc"], default-features=false } synedrion ={ version="0.2.0-beta.0" } # Async -tokio ={ version="1.40", features=["macros", "sync", "fs", "rt-multi-thread", "io-util"] } +tokio ={ version="1.41", features=["macros", "sync", "fs", "rt-multi-thread", "io-util"] } tracing={ version="0.1", default-features=false } # Misc diff --git a/crates/protocol/Cargo.toml b/crates/protocol/Cargo.toml index 5bc98bc29..5e88c3dcf 100644 --- a/crates/protocol/Cargo.toml +++ b/crates/protocol/Cargo.toml @@ -15,7 +15,7 @@ synedrion ={ version="0.2.0-beta.0" } serde ={ version="1.0", features=["derive"], default-features=false } subxt ={ version="0.35.3", default-features=false } sp-core ={ version="31.0.0", default-features=false, features=["full_crypto", "serde"] } -tokio ={ version="1.40", features=["sync", "rt", "macros"] } +tokio ={ version="1.41", features=["sync", "rt", "macros"] } x25519-dalek ={ version="2.0.1", features=["static_secrets"] } futures ="0.3" hex ="0.4.3" diff --git a/crates/test-cli/Cargo.toml b/crates/test-cli/Cargo.toml index 84b4da05e..192915798 100644 --- a/crates/test-cli/Cargo.toml +++ b/crates/test-cli/Cargo.toml @@ -15,7 +15,7 @@ colored ="2.0.4" subxt ="0.35.3" sp-core ="31.0.0" anyhow ="1.0.91" -tokio ={ version="1.40", features=["macros", "rt-multi-thread", "io-util", "process"] } +tokio ={ version="1.41", features=["macros", "rt-multi-thread", "io-util", "process"] } hex ="0.4.3" bincode ="1.3.3" x25519-dalek ="2.0.1" diff --git a/crates/testing-utils/Cargo.toml b/crates/testing-utils/Cargo.toml index d352893d4..68b37361d 100644 --- a/crates/testing-utils/Cargo.toml +++ b/crates/testing-utils/Cargo.toml @@ -16,7 +16,7 @@ sp-core={ version="31.0.0", default-features=false } parity-scale-codec="3.6.12" lazy_static="1.5.0" hex-literal="0.4.1" -tokio={ version="1.40", features=["macros", "fs", "rt-multi-thread", "io-util", "process"] } +tokio={ version="1.41", features=["macros", "fs", "rt-multi-thread", "io-util", "process"] } axum={ version="0.7.7" } entropy-shared={ version="0.3.0-rc.1", path="../shared" } entropy-kvdb={ version="0.3.0-rc.1", path="../kvdb", default-features=false } diff --git a/crates/threshold-signature-server/Cargo.toml b/crates/threshold-signature-server/Cargo.toml index 42568b0d8..eec257622 100644 --- a/crates/threshold-signature-server/Cargo.toml +++ b/crates/threshold-signature-server/Cargo.toml @@ -28,7 +28,7 @@ backoff ={ version="0.4.0", features=["tokio"] } # Async futures="0.3" -tokio ={ version="1.40", features=["macros", "fs", "rt-multi-thread", "io-util", "process", "sync"] } +tokio ={ version="1.41", features=["macros", "fs", "rt-multi-thread", "io-util", "process", "sync"] } # HTTP reqwest={ version="0.12.8", features=["json", "stream"] } diff --git a/scripts/create-test-keyshares/Cargo.toml b/scripts/create-test-keyshares/Cargo.toml index 3000d8c69..7b08991ea 100644 --- a/scripts/create-test-keyshares/Cargo.toml +++ b/scripts/create-test-keyshares/Cargo.toml @@ -11,7 +11,7 @@ publish =false [dependencies] entropy-testing-utils={ version="0.3.0-rc.1", path="../../crates/testing-utils" } -tokio ={ version="1.40", features=["macros", "fs", "rt-multi-thread", "io-util", "process"] } +tokio ={ version="1.41", features=["macros", "fs", "rt-multi-thread", "io-util", "process"] } entropy-shared ={ version="0.3.0-rc.1", path="../../crates/shared" } entropy-kvdb ={ version="0.3.0-rc.1", path="../../crates/kvdb", default-features=false } sp-core ="31.0.0" From 5d3911aafa314d3d7fe4bc917c1e08ca429ec012 Mon Sep 17 00:00:00 2001 From: mix irving Date: Thu, 24 Oct 2024 09:31:04 +1300 Subject: [PATCH 05/18] Improve documentation references in `README` (#1124) * make Docs easier to access - links/scripts * Update README.md Co-authored-by: Hernando Castano * Update README.md --------- Co-authored-by: Hernando Castano --- README.md | 35 ++++++++++++++++++++++++++--------- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 2e2d584dc..1d44d8fcb 100644 --- a/README.md +++ b/README.md @@ -8,8 +8,16 @@ Our blockchain node is written with [Substrate](https://substrate.io/) using [Su ## Documentation -You can build the API documentation for Entropy by invoking `cargo doc --no-deps --open`. -There is also [high level documentation for Entropy available here](https://docs.entropy.xyz). +- High level introduction to Entropy: [docs.entropy.xyz](https://docs.entropy.xyz) +- API documentation for the `entropy-tss` crate: [docs.rs/entropy-tss](https://docs.rs/entropy-tss/latest/entropy_tss/index.html) + +You can also build the API docs yourself: +1. [Install the dependencies](#building-from-source) +2. Invoke + ```bash + cargo doc --no-deps --open` + ``` + ## Getting Started @@ -45,16 +53,25 @@ This repository provides a [Docker Compose](https://docs.docker.com/compose/) co ### Building from source -To build from source, you will need some development tooling installed on your local machine. - -**Do this** to build Entropy from source. - -1. [Install Rust](https://www.rust-lang.org/tools/install) and [Substrate dependencies for your Operating System](https://docs.substrate.io/install/). -1. Building the chain node and threshold signature scheme (TSS) server binaries can be done by running: +Dependencies you will need to build locally: +1. [Install Rust](https://www.rust-lang.org/tools/install) +1. [Install Substrate dependencies](https://docs.substrate.io/install/) +1. Add Rust components + ```sh + rustup target add wasm32-unknown-unknown + rustup component add rust-src + ``` +1. Install `wasm-pack` ```sh - cargo build --release + curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf | sh ``` +Build the chain node and threshold signature scheme (TSS) server binaries by running: + +```sh +cargo build --release +``` + ### Run: Single-Node Development Chain Spinning up a local Entropy node for development and basic testing can be done with: From 75ae3d195992eeb3325bbbb3a14d7f0c77d19cef Mon Sep 17 00:00:00 2001 From: JesseAbram <33698952+JesseAbram@users.noreply.github.com> Date: Thu, 24 Oct 2024 12:13:30 -0400 Subject: [PATCH 06/18] Remove declare synced (#1134) * Remove declare synced * fix benches * metaqdata * fix * changes * change --- CHANGELOG.md | 3 +- crates/client/entropy_metadata.scale | Bin 209574 -> 209399 bytes .../src/helpers/launch.rs | 10 ------- docker-compose.yaml | 4 --- pallets/registry/src/benchmarking.rs | 19 ++++-------- pallets/staking/src/benchmarking.rs | 10 ------- pallets/staking/src/lib.rs | 25 ---------------- pallets/staking/src/mock.rs | 2 +- pallets/staking/src/tests.rs | 28 ++---------------- pallets/staking/src/weights.rs | 27 ----------------- .../src/weights/pallet_staking_extension.rs | 14 --------- 11 files changed, 11 insertions(+), 131 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6ff3d7bb4..72ef94fb8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,10 +15,11 @@ At the moment this project **does not** adhere to structure, and the `NodeInfoChanged` event were removed from the Staking Extension pallet. The `AttestationHandler` config type was added to the Staking Extension pallet. The `KeyProvider` and `AttestationQueue` config types were removed from the Attestation pallet. - +- In [#1134](https://github.com/entropyxyz/entropy-core/pull/1134/) the ```no-sync``` option was removed ### Changed - Use correct key rotation endpoint in OCW ([#1104](https://github.com/entropyxyz/entropy-core/pull/1104)) - Change attestation flow to be pull based ([#1109](https://github.com/entropyxyz/entropy-core/pull/1109/)) +- Remove declare synced ([#1134](https://github.com/entropyxyz/entropy-core/pull/1134/)) ## [0.3.0-rc.1](https://github.com/entropyxyz/entropy-core/compare/release/v0.2.0...release/v0.3.0-rc.1) - 2024-10-04 diff --git a/crates/client/entropy_metadata.scale b/crates/client/entropy_metadata.scale index a49f28a026a6438447308eb4588c445283da3991..c2927b48e488259151daccc9848e810f25aba892 100644 GIT binary patch delta 39 xcmV+?0NDSgH&VA0U)%)xu(8wx zr=}`ICj=zs<7H8(AD(generic_event: ::RuntimeEvent) { assert_eq!(event, &system_event); } -pub fn add_non_syncing_validators( +pub fn add_validators( validator_amount: u32, - syncing_validators: u32, ) -> Vec<::ValidatorId> { let validators = create_validators::(validator_amount, SEED); let account = account::("ts_account", 1, SEED); @@ -58,14 +57,8 @@ pub fn add_non_syncing_validators( endpoint: vec![20], provisioning_certification_key: BoundedVec::with_max_capacity(), }; - for (c, validator) in validators.iter().enumerate() { + for validator in &validators { >::insert(validator, server_info.clone()); - if c >= syncing_validators.try_into().unwrap() { - >::insert(validator, true); - } - } - if syncing_validators == validator_amount { - >::insert(&validators[0], true); } validators } @@ -93,7 +86,7 @@ benchmarks! { accounts.push(account::("ts_account", i as u32, SEED)); } - let validators = add_non_syncing_validators::(MAX_SIGNERS as u32, 0); + let validators = add_validators::(MAX_SIGNERS as u32); >::set(validators.clone()); for i in 0..MAX_SIGNERS { @@ -132,7 +125,7 @@ benchmarks! { // add validators for i in 0..MAX_SIGNERS { - let validators = add_non_syncing_validators::(MAX_SIGNERS as u32, 0); + let validators = add_validators::(MAX_SIGNERS as u32); >::set(validators.clone()); >::insert(&threshold_account, &validators[i as usize]); } diff --git a/pallets/staking/src/benchmarking.rs b/pallets/staking/src/benchmarking.rs index f7bddaac9..ab093c334 100644 --- a/pallets/staking/src/benchmarking.rs +++ b/pallets/staking/src/benchmarking.rs @@ -336,16 +336,6 @@ benchmarks! { ); } - declare_synced { - let caller: T::AccountId = whitelisted_caller(); - let validator_id_res = ::ValidatorId::try_from(caller.clone()).or(Err(Error::::InvalidValidatorId)).unwrap(); - ThresholdToStash::::insert(caller.clone(), validator_id_res.clone()); - - }: _(RawOrigin::Signed(caller.clone()), true) - verify { - assert_last_event::(Event::::ValidatorSyncStatus(validator_id_res, true).into()); - } - confirm_key_reshare_confirmed { let c in 0 .. MAX_SIGNERS as u32; // leave a space for two as not to rotate and only confirm rotation diff --git a/pallets/staking/src/lib.rs b/pallets/staking/src/lib.rs index fab92e76e..0ee229299 100644 --- a/pallets/staking/src/lib.rs +++ b/pallets/staking/src/lib.rs @@ -172,17 +172,6 @@ pub mod pallet { pub type ThresholdToStash = StorageMap<_, Blake2_128Concat, T::AccountId, T::ValidatorId, OptionQuery>; - /// Tracks wether the validator's kvdb is synced using a stash key as an identifier - #[pallet::storage] - #[pallet::getter(fn is_validator_synced)] - pub type IsValidatorSynced = StorageMap< - _, - Blake2_128Concat, - ::ValidatorId, - bool, - ValueQuery, - >; - #[derive( Encode, Decode, Clone, PartialEq, Eq, RuntimeDebug, TypeInfo, MaxEncodedLen, Default, )] @@ -278,7 +267,6 @@ pub mod pallet { ThresholdServers::::insert(validator_stash, server_info.clone()); ThresholdToStash::::insert(&server_info.tss_account, validator_stash); - IsValidatorSynced::::insert(validator_stash, true); } let refresh_info = RefreshInfo { @@ -485,7 +473,6 @@ pub mod pallet { let server_info = ThresholdServers::::take(&validator_id).ok_or(Error::::NoThresholdKey)?; ThresholdToStash::::remove(&server_info.tss_account); - IsValidatorSynced::::remove(&validator_id); Self::deposit_event(Event::NodeInfoRemoved(controller)); } Ok(Some(::WeightInfo::withdraw_unbonded( @@ -559,19 +546,7 @@ pub mod pallet { Ok(()) } - /// Let a validator declare if their kvdb is synced or not synced - /// `synced`: State of validator's kvdb #[pallet::call_index(6)] - #[pallet::weight(::WeightInfo::declare_synced())] - pub fn declare_synced(origin: OriginFor, synced: bool) -> DispatchResult { - let who = ensure_signed(origin.clone())?; - let stash = Self::threshold_to_stash(who).ok_or(Error::::NoThresholdKey)?; - IsValidatorSynced::::insert(&stash, synced); - Self::deposit_event(Event::ValidatorSyncStatus(stash, synced)); - Ok(()) - } - - #[pallet::call_index(7)] #[pallet::weight(({ ::WeightInfo::confirm_key_reshare_confirmed(MAX_SIGNERS as u32) .max(::WeightInfo::confirm_key_reshare_completed()) diff --git a/pallets/staking/src/mock.rs b/pallets/staking/src/mock.rs index 6c593d622..58898d137 100644 --- a/pallets/staking/src/mock.rs +++ b/pallets/staking/src/mock.rs @@ -385,7 +385,7 @@ impl pallet_parameters::Config for Test { } parameter_types! { - pub const MaxEndpointLength: u32 = 3; + pub const MaxEndpointLength: u32 = 25; } pub(crate) const VALID_QUOTE: [u8; 32] = [0; 32]; diff --git a/pallets/staking/src/tests.rs b/pallets/staking/src/tests.rs index c753ffc59..a1acf8ddc 100644 --- a/pallets/staking/src/tests.rs +++ b/pallets/staking/src/tests.rs @@ -14,8 +14,7 @@ // along with this program. If not, see . use crate::{ - mock::*, tests::RuntimeEvent, Error, IsValidatorSynced, NextSignerInfo, NextSigners, - ServerInfo, Signers, ThresholdToStash, + mock::*, tests::RuntimeEvent, Error, NextSignerInfo, NextSigners, ServerInfo, Signers, }; use codec::Encode; use frame_support::{assert_noop, assert_ok}; @@ -49,8 +48,6 @@ fn basic_setup_works() { ); assert_eq!(Staking::threshold_to_stash(7).unwrap(), 5); assert_eq!(Staking::threshold_to_stash(8).unwrap(), 6); - assert!(Staking::is_validator_synced(5)); - assert!(Staking::is_validator_synced(6)); }); } @@ -84,7 +81,7 @@ fn it_takes_in_an_endpoint() { let server_info = ServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, - endpoint: vec![20, 20, 20, 20], + endpoint: vec![20; 26], provisioning_certification_key: BoundedVec::with_max_capacity(), }; assert_noop!( @@ -325,8 +322,6 @@ fn it_deletes_when_no_bond_left() { VALID_QUOTE.to_vec(), )); - IsValidatorSynced::::insert(2, true); - let ServerInfo { tss_account, endpoint, .. } = Staking::threshold_server(2).unwrap(); assert_eq!(endpoint, vec![20]); assert_eq!(tss_account, 3); @@ -359,8 +354,6 @@ fn it_deletes_when_no_bond_left() { lock = Balances::locks(2); assert_eq!(lock[0].amount, 50); assert_eq!(lock.len(), 1); - // validator still synced - assert_eq!(Staking::is_validator_synced(2), true); let ServerInfo { tss_account, endpoint, .. } = Staking::threshold_server(2).unwrap(); assert_eq!(endpoint, vec![20]); @@ -377,8 +370,6 @@ fn it_deletes_when_no_bond_left() { assert_eq!(lock.len(), 0); assert_eq!(Staking::threshold_server(2), None); assert_eq!(Staking::threshold_to_stash(3), None); - // validator no longer synced - assert_eq!(Staking::is_validator_synced(2), false); assert_ok!(FrameStaking::bond( RuntimeOrigin::signed(7), @@ -425,21 +416,6 @@ fn it_deletes_when_no_bond_left() { }); } -#[test] -fn it_declares_synced() { - new_test_ext().execute_with(|| { - assert_noop!( - Staking::declare_synced(RuntimeOrigin::signed(5), true), - Error::::NoThresholdKey - ); - - ThresholdToStash::::insert(5, 5); - - assert_ok!(Staking::declare_synced(RuntimeOrigin::signed(5), true)); - assert!(Staking::is_validator_synced(5)); - }); -} - #[test] fn it_tests_new_session_handler() { new_test_ext().execute_with(|| { diff --git a/pallets/staking/src/weights.rs b/pallets/staking/src/weights.rs index 5faf7880e..f04bfbe25 100644 --- a/pallets/staking/src/weights.rs +++ b/pallets/staking/src/weights.rs @@ -58,7 +58,6 @@ pub trait WeightInfo { fn unbond(c: u32, n: u32) -> Weight; fn withdraw_unbonded(c: u32, n: u32) -> Weight; fn validate() -> Weight; - fn declare_synced() -> Weight; fn confirm_key_reshare_confirmed(c: u32) -> Weight; fn confirm_key_reshare_completed() -> Weight; fn new_session_base_weight(s: u32) -> Weight; @@ -254,19 +253,6 @@ impl WeightInfo for SubstrateWeight { } /// Storage: `StakingExtension::ThresholdToStash` (r:1 w:0) /// Proof: `StakingExtension::ThresholdToStash` (`max_values`: None, `max_size`: None, mode: `Measured`) - /// Storage: `StakingExtension::IsValidatorSynced` (r:0 w:1) - /// Proof: `StakingExtension::IsValidatorSynced` (`max_values`: None, `max_size`: None, mode: `Measured`) - fn declare_synced() -> Weight { - // Proof Size summary in bytes: - // Measured: `285` - // Estimated: `3750` - // Minimum execution time: 12_000_000 picoseconds. - Weight::from_parts(13_000_000, 3750) - .saturating_add(T::DbWeight::get().reads(1_u64)) - .saturating_add(T::DbWeight::get().writes(1_u64)) - } - /// Storage: `StakingExtension::ThresholdToStash` (r:1 w:0) - /// Proof: `StakingExtension::ThresholdToStash` (`max_values`: None, `max_size`: None, mode: `Measured`) /// Storage: `StakingExtension::NextSigners` (r:1 w:1) /// Proof: `StakingExtension::NextSigners` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) /// The range of component `c` is `[0, 2]`. @@ -529,19 +515,6 @@ impl WeightInfo for () { } /// Storage: `StakingExtension::ThresholdToStash` (r:1 w:0) /// Proof: `StakingExtension::ThresholdToStash` (`max_values`: None, `max_size`: None, mode: `Measured`) - /// Storage: `StakingExtension::IsValidatorSynced` (r:0 w:1) - /// Proof: `StakingExtension::IsValidatorSynced` (`max_values`: None, `max_size`: None, mode: `Measured`) - fn declare_synced() -> Weight { - // Proof Size summary in bytes: - // Measured: `285` - // Estimated: `3750` - // Minimum execution time: 12_000_000 picoseconds. - Weight::from_parts(13_000_000, 3750) - .saturating_add(RocksDbWeight::get().reads(1_u64)) - .saturating_add(RocksDbWeight::get().writes(1_u64)) - } - /// Storage: `StakingExtension::ThresholdToStash` (r:1 w:0) - /// Proof: `StakingExtension::ThresholdToStash` (`max_values`: None, `max_size`: None, mode: `Measured`) /// Storage: `StakingExtension::NextSigners` (r:1 w:1) /// Proof: `StakingExtension::NextSigners` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) /// The range of component `c` is `[0, 2]`. diff --git a/runtime/src/weights/pallet_staking_extension.rs b/runtime/src/weights/pallet_staking_extension.rs index d64f3336d..2bc199b58 100644 --- a/runtime/src/weights/pallet_staking_extension.rs +++ b/runtime/src/weights/pallet_staking_extension.rs @@ -240,20 +240,6 @@ impl pallet_staking_extension::WeightInfo for WeightInf } /// Storage: `StakingExtension::ThresholdToStash` (r:1 w:0) /// Proof: `StakingExtension::ThresholdToStash` (`max_values`: None, `max_size`: None, mode: `Measured`) - /// Storage: `StakingExtension::IsValidatorSynced` (r:0 w:1) - /// Proof: `StakingExtension::IsValidatorSynced` (`max_values`: None, `max_size`: None, mode: `Measured`) - fn declare_synced() -> Weight { - // Proof Size summary in bytes: - // Measured: `353` - // Estimated: `3818` - // Minimum execution time: 16_110_000 picoseconds. - Weight::from_parts(16_488_000, 0) - .saturating_add(Weight::from_parts(0, 3818)) - .saturating_add(T::DbWeight::get().reads(1)) - .saturating_add(T::DbWeight::get().writes(1)) - } - /// Storage: `StakingExtension::ThresholdToStash` (r:1 w:0) - /// Proof: `StakingExtension::ThresholdToStash` (`max_values`: None, `max_size`: None, mode: `Measured`) /// Storage: `StakingExtension::NextSigners` (r:1 w:1) /// Proof: `StakingExtension::NextSigners` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) /// The range of component `c` is `[0, 15]`. From 9eab023f22790b83e293979c6ce44748fcc34e92 Mon Sep 17 00:00:00 2001 From: JesseAbram <33698952+JesseAbram@users.noreply.github.com> Date: Thu, 24 Oct 2024 14:20:45 -0400 Subject: [PATCH 07/18] Check current signers still validators (#1097) * Check current signers still validators * update * tests * end of day push * working reshare * clean * remove mutable * test * update * threhsold limit * fix test * remove old signer * clean * metadata * fmt * test * update benchmarks * working benchmarks * fix benches * Update crates/shared/src/types.rs Co-authored-by: peg * correct truncation * remove hash comparison * Apply suggestions from code review Co-authored-by: Hernando Castano * fix * fix * fix benchmark * fix benchmark * fmt * fix * comment * Update crates/threshold-signature-server/src/validator/api.rs Co-authored-by: David * fix type --------- Co-authored-by: peg Co-authored-by: Hernando Castano Co-authored-by: David --- crates/client/entropy_metadata.scale | Bin 209399 -> 209375 bytes crates/protocol/src/execute_protocol.rs | 3 +- crates/protocol/tests/helpers/mod.rs | 3 +- crates/shared/src/types.rs | 8 +- .../src/signing_client/api.rs | 3 +- .../src/validator/api.rs | 53 ++++---- .../src/validator/tests.rs | 18 ++- .../tests/register_sign_reshare_sign.rs | 17 +-- node/cli/src/chain_spec/integration_tests.rs | 2 +- pallets/propagation/src/lib.rs | 2 +- pallets/propagation/src/tests.rs | 4 +- pallets/staking/src/benchmarking.rs | 47 ++++--- pallets/staking/src/lib.rs | 65 ++++++--- pallets/staking/src/tests.rs | 52 ++++++-- pallets/staking/src/weights.rs | 104 ++++++++------- .../src/weights/pallet_staking_extension.rs | 123 +++++++++--------- 16 files changed, 301 insertions(+), 203 deletions(-) diff --git a/crates/client/entropy_metadata.scale b/crates/client/entropy_metadata.scale index c2927b48e488259151daccc9848e810f25aba892..c8e04d4635263100651d3b91fb5a7e923f53f639 100644 GIT binary patch delta 124 zcmezVnCJduo()FxBxS-=+nzN{Wl)6O)tkOY=%h7-c3G&U-Aalb2c^U!0kq tms(W(l#$T@q!_AU^27NGi#z6fGqP>&e06^cA*Jne>KV7ssb`Ab1OVc$F*yJL delta 155 zcmccrnCJUro()Fx>@$+{Q&N+ytP*o_@_|$th#i)iY*T7s$H1slQd}ILn4Fwnnpa}N zh)wBa?|F~KH1bl*&*;s_zB%jF{VDj=wKvx@Zf~w< HirEAJY(qBt diff --git a/crates/protocol/src/execute_protocol.rs b/crates/protocol/src/execute_protocol.rs index c80af4574..c7df58fe0 100644 --- a/crates/protocol/src/execute_protocol.rs +++ b/crates/protocol/src/execute_protocol.rs @@ -334,6 +334,7 @@ pub async fn execute_reshare( chans: Channels, threshold_pair: &sr25519::Pair, inputs: KeyResharingInputs, + verifiers: &BTreeSet, aux_info_option: Option>, ) -> Result< (ThresholdKeyShare, AuxInfo), @@ -350,7 +351,7 @@ pub async fn execute_reshare( &mut OsRng, SynedrionSessionId::from_seed(session_id_hash.as_slice()), pair, - &inputs.new_holders, + verifiers, inputs.clone(), ) .map_err(ProtocolExecutionErr::SessionCreation)?; diff --git a/crates/protocol/tests/helpers/mod.rs b/crates/protocol/tests/helpers/mod.rs index a1a0f60e9..cae40306a 100644 --- a/crates/protocol/tests/helpers/mod.rs +++ b/crates/protocol/tests/helpers/mod.rs @@ -144,7 +144,8 @@ pub async fn server( new_threshold: old_key.threshold(), }; - let new_keyshare = execute_reshare(session_id, channels, &pair, inputs, None).await?; + let new_keyshare = + execute_reshare(session_id, channels, &pair, inputs, &party_ids, None).await?; Ok(ProtocolOutput::Reshare(new_keyshare.0)) }, SessionId::Dkg { .. } => { diff --git a/crates/shared/src/types.rs b/crates/shared/src/types.rs index 43b7b6d9e..803c9f57c 100644 --- a/crates/shared/src/types.rs +++ b/crates/shared/src/types.rs @@ -37,8 +37,8 @@ pub type BlockNumber = u32; #[derive(Clone, Encode, Decode, Debug, Eq, PartialEq, TypeInfo)] pub struct ValidatorInfo { pub x25519_public_key: X25519PublicKey, - pub ip_address: codec::alloc::vec::Vec, - pub tss_account: codec::alloc::vec::Vec, + pub ip_address: Vec, + pub tss_account: Vec, } /// Offchain worker message for initiating the initial jumpstart DKG @@ -55,8 +55,8 @@ pub struct OcwMessageDkg { #[cfg_attr(feature = "std", derive(Serialize, Deserialize))] #[derive(Clone, Encode, Decode, Debug, Eq, PartialEq, TypeInfo)] pub struct OcwMessageReshare { - // Stash address of new signer - pub new_signer: Vec, + // Stash addresses of new signers + pub new_signers: Vec>, pub block_number: BlockNumber, } diff --git a/crates/threshold-signature-server/src/signing_client/api.rs b/crates/threshold-signature-server/src/signing_client/api.rs index 973499eec..eb55d12a3 100644 --- a/crates/threshold-signature-server/src/signing_client/api.rs +++ b/crates/threshold-signature-server/src/signing_client/api.rs @@ -205,7 +205,8 @@ pub async fn do_proactive_refresh( .await?; let result = - execute_reshare(session_id, channels, signer.signer(), inputs, Some(aux_info)).await?; + execute_reshare(session_id, channels, signer.signer(), inputs, &party_ids, Some(aux_info)) + .await?; Ok(result) } diff --git a/crates/threshold-signature-server/src/validator/api.rs b/crates/threshold-signature-server/src/validator/api.rs index b0be347fb..aff360cb5 100644 --- a/crates/threshold-signature-server/src/validator/api.rs +++ b/crates/threshold-signature-server/src/validator/api.rs @@ -106,7 +106,7 @@ pub async fn new_reshare( .map_err(|e| ValidatorErr::UserError(e.to_string()))?; let old_holder: Option> = - if data.new_signer == my_stash_address.encode() { + if data.new_signers.contains(&my_stash_address.encode()) { None } else { let kvdb_result = app_state.kv_store.kv().get(&hex::encode(NETWORK_PARENT_KEY)).await?; @@ -116,14 +116,15 @@ pub async fn new_reshare( Some(OldHolder { key_share: key_share.0 }) }; - let party_ids: BTreeSet = + // new_holders -> From chain next_signers (old_holders (currently forced to be t) + new_holders) + // also acts as verifiers as is everyone in the party + let new_holders: BTreeSet = validators_info.iter().cloned().map(|x| PartyId::new(x.tss_account)).collect(); - - let pruned_old_holders = - prune_old_holders(&api, &rpc, data.new_signer, validators_info.clone()).await?; - + // old holders -> next_signers - new_signers (will be at least t) + let old_holders = + &prune_old_holders(&api, &rpc, data.new_signers, validators_info.clone()).await?; let old_holders: BTreeSet = - pruned_old_holders.into_iter().map(|x| PartyId::new(x.tss_account)).collect(); + old_holders.iter().map(|x| PartyId::new(x.tss_account.clone())).collect(); let new_holder = NewHolder { verifying_key: decoded_verifying_key, @@ -139,7 +140,7 @@ pub async fn new_reshare( let inputs = KeyResharingInputs { old_holder, new_holder: Some(new_holder), - new_holders: party_ids.clone(), + new_holders: new_holders.clone(), new_threshold: threshold as usize, }; @@ -157,7 +158,6 @@ pub async fn new_reshare( converted_validator_info.push(validator_info.clone()); tss_accounts.push(validator_info.tss_account.clone()); } - let channels = get_channels( &app_state.listener_state, converted_validator_info, @@ -169,7 +169,8 @@ pub async fn new_reshare( .await?; let (new_key_share, aux_info) = - execute_reshare(session_id.clone(), channels, signer.signer(), inputs, None).await?; + execute_reshare(session_id.clone(), channels, signer.signer(), inputs, &new_holders, None) + .await?; let serialized_key_share = key_serialize(&(new_key_share, aux_info)) .map_err(|_| ProtocolErr::KvSerialize("Kv Serialize Error".to_string()))?; @@ -273,8 +274,8 @@ pub async fn validate_new_reshare( .await? .ok_or_else(|| ValidatorErr::ChainFetch("Not Currently in a reshare"))?; - if reshare_data.new_signer != chain_data.new_signer - || chain_data.block_number != reshare_data.block_number + if chain_data.block_number != reshare_data.block_number.saturating_sub(1) + || chain_data.new_signers != reshare_data.new_signers { return Err(ValidatorErr::InvalidData); } @@ -365,20 +366,24 @@ pub fn check_forbidden_key(key: &str) -> Result<(), ValidatorErr> { pub async fn prune_old_holders( api: &OnlineClient, rpc: &LegacyRpcMethods, - new_signer: Vec, + new_signers: Vec>, validators_info: Vec, ) -> Result, ValidatorErr> { - Ok(if !new_signer.is_empty() { - let address_slice: &[u8; 32] = &new_signer.clone().try_into().unwrap(); - let new_signer_address = AccountId32(*address_slice); - let new_signer_info = &get_validators_info(api, rpc, vec![new_signer_address]) - .await - .map_err(|e| ValidatorErr::UserError(e.to_string()))?[0]; - validators_info - .iter() - .filter(|x| x.tss_account != new_signer_info.tss_account) - .cloned() - .collect() + Ok(if !new_signers.is_empty() { + let mut filtered_validators_info = vec![]; + for new_signer in new_signers { + let address_slice: &[u8; 32] = &new_signer.clone().try_into().unwrap(); + let new_signer_address = AccountId32(*address_slice); + let new_signer_info = &get_validators_info(api, rpc, vec![new_signer_address]) + .await + .map_err(|e| ValidatorErr::UserError(e.to_string()))?[0]; + filtered_validators_info = validators_info + .iter() + .filter(|x| x.tss_account != new_signer_info.tss_account) + .cloned() + .collect::>(); + } + filtered_validators_info } else { validators_info.clone() }) diff --git a/crates/threshold-signature-server/src/validator/tests.rs b/crates/threshold-signature-server/src/validator/tests.rs index d34c4504f..4e5cd270c 100644 --- a/crates/threshold-signature-server/src/validator/tests.rs +++ b/crates/threshold-signature-server/src/validator/tests.rs @@ -76,7 +76,7 @@ async fn test_reshare() { let (_validator_ips, _validator_ids) = spawn_testing_validators(ChainSpecType::Integration).await; - let validator_ports = vec![3001, 3002, 3003, 3004]; + let validator_ports = vec![3002, 3003, 3004]; let api = get_api(&cxt.ws_url).await.unwrap(); let rpc = get_rpc(&cxt.ws_url).await.unwrap(); @@ -113,13 +113,15 @@ async fn test_reshare() { let new_signer = all_validators.iter().find(|v| !signer_stash_accounts.contains(v)).unwrap(); let block_number = TEST_RESHARE_BLOCK_NUMBER; - let onchain_reshare_request = - OcwMessageReshare { new_signer: new_signer.0.to_vec(), block_number }; + let onchain_reshare_request = OcwMessageReshare { + new_signers: vec![new_signer.0.to_vec()], + block_number: block_number - 1, + }; - run_to_block(&rpc, block_number + 1).await; + run_to_block(&rpc, block_number).await; // Send the OCW message to all TS servers who don't have a chain node let response_results = join_all( - validator_ports[1..] + validator_ports .iter() .map(|port| { client @@ -323,7 +325,8 @@ async fn test_reshare_validation_fail() { let kv = setup_client().await; let block_number = rpc.chain_get_header(None).await.unwrap().unwrap().number + 1; - let mut ocw_message = OcwMessageReshare { new_signer: dave.public().encode(), block_number }; + let mut ocw_message = + OcwMessageReshare { new_signers: vec![dave.public().encode()], block_number }; let err_stale_data = validate_new_reshare(&api, &rpc, &ocw_message, &kv).await.map_err(|e| e.to_string()); @@ -361,7 +364,8 @@ async fn test_reshare_validation_fail_not_in_reshare() { let kv = setup_client().await; let block_number = rpc.chain_get_header(None).await.unwrap().unwrap().number + 1; - let ocw_message = OcwMessageReshare { new_signer: alice.public().encode(), block_number }; + let ocw_message = + OcwMessageReshare { new_signers: vec![alice.public().encode()], block_number }; run_to_block(&rpc, block_number + 1).await; diff --git a/crates/threshold-signature-server/tests/register_sign_reshare_sign.rs b/crates/threshold-signature-server/tests/register_sign_reshare_sign.rs index 3f6660aa6..3115d30ec 100644 --- a/crates/threshold-signature-server/tests/register_sign_reshare_sign.rs +++ b/crates/threshold-signature-server/tests/register_sign_reshare_sign.rs @@ -153,19 +153,16 @@ async fn do_reshare(api: &OnlineClient, rpc: &LegacyRpcMethods("Charlie//stash")],), + mock_signer_rotate: (true, mock_signer_rotate_data, vec![get_account_id_from_seed::("Charlie//stash")]), }, "elections": ElectionsConfig { members: endowed_accounts diff --git a/pallets/propagation/src/lib.rs b/pallets/propagation/src/lib.rs index 21ebb76a9..fcea66d47 100644 --- a/pallets/propagation/src/lib.rs +++ b/pallets/propagation/src/lib.rs @@ -174,7 +174,7 @@ pub mod pallet { BlockNumberFor::::try_into(block_number).unwrap_or_default(); let req_body = OcwMessageReshare { - new_signer: reshare_data.new_signer, + new_signers: reshare_data.new_signers, // subtract 1 from blocknumber since the request is from the last block block_number: converted_block_number.saturating_sub(1), }; diff --git a/pallets/propagation/src/tests.rs b/pallets/propagation/src/tests.rs index 52ff5b9da..05b597633 100644 --- a/pallets/propagation/src/tests.rs +++ b/pallets/propagation/src/tests.rs @@ -59,7 +59,7 @@ fn knows_how_to_mock_several_http_calls() { uri: "http://localhost:3001/validator/reshare".into(), sent: true, response: Some([].to_vec()), - body: [32, 1, 0, 0, 0, 0, 0, 0, 0, 6, 0, 0, 0].to_vec(), + body: [4, 32, 1, 0, 0, 0, 0, 0, 0, 0, 6, 0, 0, 0].to_vec(), ..Default::default() }); state.expect_request(testing::PendingRequest { @@ -94,7 +94,7 @@ fn knows_how_to_mock_several_http_calls() { Propagation::post_reshare(7).unwrap(); pallet_staking_extension::ReshareData::::put(ReshareInfo { block_number: 7, - new_signer: 1u64.encode(), + new_signers: vec![1u64.encode()], }); // now triggers Propagation::post_reshare(7).unwrap(); diff --git a/pallets/staking/src/benchmarking.rs b/pallets/staking/src/benchmarking.rs index ab093c334..126cd6fed 100644 --- a/pallets/staking/src/benchmarking.rs +++ b/pallets/staking/src/benchmarking.rs @@ -29,8 +29,8 @@ use frame_support::{ use frame_system::{EventRecord, RawOrigin}; use pallet_parameters::{SignersInfo, SignersSize}; use pallet_staking::{ - Event as FrameStakingEvent, MaxNominationsOf, Nominations, Pallet as FrameStaking, - RewardDestination, ValidatorPrefs, + Event as FrameStakingEvent, MaxNominationsOf, MaxValidatorsCount, Nominations, + Pallet as FrameStaking, RewardDestination, ValidatorPrefs, }; use sp_std::{vec, vec::Vec}; @@ -272,7 +272,7 @@ benchmarks! { let block_number = 1; let nonce = NULL_ARR; let x25519_public_key = NULL_ARR; - let endpoint = b"http://localhost:3001".to_vec(); + let endpoint = vec![]; let validate_also = false; prep_bond_and_validate::( @@ -417,13 +417,27 @@ benchmarks! { new_session { let c in 1 .. MAX_SIGNERS as u32 - 1; let l in 0 .. MAX_SIGNERS as u32; + let v in 50 .. 100 as u32; + let r in 0 .. MAX_SIGNERS as u32; + + // c -> current signer size + // l -> Add in new_signer rounds so next signer is in current signer re-run checks + // v -> number of validators, 100 is fine as a bounder, can add more + // r -> adds remove indexes in let caller: T::AccountId = whitelisted_caller(); + let mut validator_ids = create_validators::(v, 1); + let second_signer: T::AccountId = account("second_signer", 0, 10); + let second_signer_id = + ::ValidatorId::try_from(second_signer.clone()) + .or(Err(Error::::InvalidValidatorId)) + .unwrap(); + let mut signers = vec![second_signer_id.clone(); c as usize]; // For the purpose of the bench these values don't actually matter, we just care that there's a // storage entry available SignersInfo::::put(SignersSize { - total_signers: MAX_SIGNERS, + total_signers: 5, threshold: 3, last_session_change: 0, }); @@ -432,23 +446,20 @@ benchmarks! { .or(Err(Error::::InvalidValidatorId)) .unwrap(); - let second_signer: T::AccountId = account("second_signer", 0, SEED); - let second_signer_id = - ::ValidatorId::try_from(second_signer.clone()) - .or(Err(Error::::InvalidValidatorId)) - .unwrap(); - - // full signer list leaving room for one extra validator - let mut signers = vec![second_signer_id.clone(); c as usize]; - - Signers::::put(signers.clone()); - signers.push(second_signer_id.clone()); - // place new signer in the signers struct in different locations to calculate random selection // re-run - signers[l as usize % c as usize] = validator_id.clone(); + // as well validators may be dropped before chosen + signers[l as usize % c as usize] = validator_ids[l as usize % c as usize].clone(); + + // place signers into validators so they won't get dropped + for i in 0 .. r { + if i > signers.len() as u32 && i > validator_ids.len() as u32 { + validator_ids[i as usize] = signers[i as usize].clone(); + } + } + Signers::::put(signers.clone()); }: { - let _ = Staking::::new_session_handler(&signers); + let _ = Staking::::new_session_handler(&validator_ids); } verify { assert!(NextSigners::::get().is_some()); diff --git a/pallets/staking/src/lib.rs b/pallets/staking/src/lib.rs index 0ee229299..cd583982d 100644 --- a/pallets/staking/src/lib.rs +++ b/pallets/staking/src/lib.rs @@ -133,7 +133,7 @@ pub mod pallet { #[derive(Clone, Encode, Decode, Eq, PartialEq, RuntimeDebug, TypeInfo, Default)] pub struct ReshareInfo { - pub new_signer: Vec, + pub new_signers: Vec>, pub block_number: BlockNumber, } @@ -277,14 +277,17 @@ pub mod pallet { // mocks a signer rotation for tss new_reshare tests if self.mock_signer_rotate.0 { let next_signers = &mut self.mock_signer_rotate.1.clone(); - next_signers.push(self.mock_signer_rotate.2[0].clone()); + let mut new_signers = vec![]; + for new_signer in self.mock_signer_rotate.2.clone() { + next_signers.push(new_signer.clone()); + new_signers.push(new_signer.encode()) + } let next_signers = next_signers.to_vec(); NextSigners::::put(NextSignerInfo { next_signers, confirmations: vec![] }); - ReshareData::::put(ReshareInfo { // To give enough time for test_reshare setup block_number: TEST_RESHARE_BLOCK_NUMBER.into(), - new_signer: self.mock_signer_rotate.clone().2[0].encode(), + new_signers, }) } } @@ -670,15 +673,46 @@ pub mod pallet { return Ok(weight); } - let mut new_signer = vec![]; + let mut new_signers: Vec> = vec![]; let mut count = 0u32; + let mut remove_indicies_len = 0; + // removes first signer and pushes new signer to back if total signers not increased + if current_signers_length >= signers_info.total_signers as usize { + let mut remove_indicies = vec![]; + // Finds signers that are no longer validators to remove + for (i, current_signer) in current_signers.clone().into_iter().enumerate() { + if !validators.contains(¤t_signer) { + remove_indicies.push(i); + } + } + if remove_indicies.is_empty() { + current_signers.remove(0); + } else { + remove_indicies_len = remove_indicies.len(); + // reverses vec so as signers removed it does not change location + let remove_indicies_reversed: Vec<_> = remove_indicies.iter().rev().collect(); + // truncated as a current limitation see issue: https://github.com/entropyxyz/entropy-core/issues/1114 + let truncated = if remove_indicies_reversed.len() + >= (signers_info.total_signers as usize - signers_info.threshold as usize) + { + remove_indicies_reversed[..(signers_info.total_signers as usize + - signers_info.threshold as usize)] + .to_vec() + } else { + remove_indicies_reversed + }; - if current_signers_length <= signers_info.total_signers as usize { + for remove_index in truncated { + current_signers.remove(*remove_index); + } + } + } + + while current_signers.len() < signers_info.total_signers as usize { let mut randomness = Self::get_randomness(); // grab a current signer to initiate value let mut next_signer_up = ¤t_signers[0].clone(); let mut index; - // loops to find signer in validator that is not already signer while current_signers.contains(next_signer_up) { index = randomness.next_u32() % validators.len() as u32; @@ -687,14 +721,8 @@ pub mod pallet { } current_signers.push(next_signer_up.clone()); - new_signer = next_signer_up.encode(); + new_signers.push(next_signer_up.encode()); } - - // removes first signer and pushes new signer to back if total signers not increased - if current_signers_length >= signers_info.total_signers as usize { - current_signers.remove(0); - } - NextSigners::::put(NextSignerInfo { next_signers: current_signers.clone(), confirmations: vec![], @@ -704,7 +732,7 @@ pub mod pallet { let current_block_number = >::block_number(); let reshare_info = ReshareInfo { block_number: current_block_number + sp_runtime::traits::One::one(), - new_signer, + new_signers, }; ReshareData::::put(reshare_info); @@ -712,7 +740,12 @@ pub mod pallet { jump_start_details.parent_key_threshold = signers_info.threshold }); - weight = ::WeightInfo::new_session(current_signers.len() as u32, count); + weight = ::WeightInfo::new_session( + current_signers.len() as u32, + count, + validators.len() as u32, + remove_indicies_len as u32, + ); Ok(weight) } diff --git a/pallets/staking/src/tests.rs b/pallets/staking/src/tests.rs index a1acf8ddc..98faa0d24 100644 --- a/pallets/staking/src/tests.rs +++ b/pallets/staking/src/tests.rs @@ -438,19 +438,18 @@ fn it_tests_new_session_handler() { last_session_change: 0, }); - assert_ok!(Staking::new_session_handler(&[1, 2, 3])); - // takes signers original (5,6) pops off first 5, adds (fake randomness in mock so adds 1) + assert_ok!(Staking::new_session_handler(&[1, 5, 6])); + // takes signers original (5,6) pops off one and adds in new validator assert_eq!(Staking::next_signers().unwrap().next_signers, vec![6, 1]); - assert_eq!( Staking::reshare_data().block_number, 101, "Check reshare block start at 100 + 1" ); assert_eq!( - Staking::reshare_data().new_signer, - 1u64.encode(), - "Check reshare next signer up is 1" + Staking::reshare_data().new_signers, + vec![1u64.encode()], + "Check reshare next signer up is 3" ); assert_eq!( Staking::jump_start_progress().parent_key_threshold, @@ -463,11 +462,6 @@ fn it_tests_new_session_handler() { 101, "Check reshare block start at 100 + 1" ); - assert_eq!( - Staking::reshare_data().new_signer, - 1u64.encode(), - "Check reshare next signer up is 1" - ); assert_ok!(Staking::new_session_handler(&[6, 5, 3])); // takes 3 and leaves 5 and 6 since already in signer group @@ -476,6 +470,42 @@ fn it_tests_new_session_handler() { assert_ok!(Staking::new_session_handler(&[1])); // does nothing as not enough validators assert_eq!(Staking::next_signers().unwrap().next_signers, vec![6, 3]); + + // reduce threshold to make sure next signers does not drop > then threshold of current signers + pallet_parameters::SignersInfo::::put(SignersSize { + total_signers: 2, + threshold: 1, + last_session_change: 0, + }); + + assert_ok!(Staking::new_session_handler(&[1, 2, 3])); + assert_eq!(Staking::next_signers().unwrap().next_signers, vec![5, 1]); + }); +} + +#[test] +fn it_tests_new_session_handler_truncating() { + new_test_ext().execute_with(|| { + // Start with current validators as 7 and 8 based off the Mock `GenesisConfig`. + Signers::::put(vec![7, 8]); + System::set_block_number(100); + pallet_parameters::SignersInfo::::put(SignersSize { + total_signers: 2, + threshold: 2, + last_session_change: 0, + }); + // test truncates none if t and n = 0 + assert_ok!(Staking::new_session_handler(&[1, 2, 3])); + assert_eq!(Staking::next_signers().unwrap().next_signers, vec![7, 8]); + + pallet_parameters::SignersInfo::::put(SignersSize { + total_signers: 2, + threshold: 1, + last_session_change: 0, + }); + // test truncates 1 if n - t = 1 + assert_ok!(Staking::new_session_handler(&[1, 2, 3])); + assert_eq!(Staking::next_signers().unwrap().next_signers, vec![7, 1]); }); } diff --git a/pallets/staking/src/weights.rs b/pallets/staking/src/weights.rs index f04bfbe25..012f873ce 100644 --- a/pallets/staking/src/weights.rs +++ b/pallets/staking/src/weights.rs @@ -61,7 +61,7 @@ pub trait WeightInfo { fn confirm_key_reshare_confirmed(c: u32) -> Weight; fn confirm_key_reshare_completed() -> Weight; fn new_session_base_weight(s: u32) -> Weight; - fn new_session(c: u32, l: u32) -> Weight; + fn new_session(c: u32, l: u32, v: u32, r: u32) -> Weight; } /// Weights for pallet_staking_extension using the Substrate node and recommended hardware. @@ -284,46 +284,53 @@ impl WeightInfo for SubstrateWeight { } /// Storage: `StakingExtension::Signers` (r:1 w:0) /// Proof: `StakingExtension::Signers` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) + /// Storage: `Parameters::SignersInfo` (r:1 w:0) + /// Proof: `Parameters::SignersInfo` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) + /// The range of component `s` is `[2, 15]`. fn new_session_base_weight(s: u32, ) -> Weight { // Proof Size summary in bytes: - // Measured: `254 + s * (32 ±0)` - // Estimated: `1739 + s * (32 ±0)` - // Minimum execution time: 7_000_000 picoseconds. - Weight::from_parts(7_682_879, 0) - .saturating_add(Weight::from_parts(0, 1739)) + // Measured: `266 + s * (32 ±0)` + // Estimated: `1751 + s * (32 ±0)` + // Minimum execution time: 5_000_000 picoseconds. + Weight::from_parts(5_772_373, 0) + .saturating_add(Weight::from_parts(0, 1751)) + // Standard Error: 22_735 + .saturating_add(Weight::from_parts(15_564, 0).saturating_mul(s.into())) .saturating_add(T::DbWeight::get().reads(2)) .saturating_add(Weight::from_parts(0, 32).saturating_mul(s.into())) } - /// Storage: `StakingExtension::Signers` (r:1 w:0) + /// Storage: `StakingExtension::Signers` (r:1 w:0) /// Proof: `StakingExtension::Signers` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) /// Storage: `Parameters::SignersInfo` (r:1 w:0) /// Proof: `Parameters::SignersInfo` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) - /// Storage: `Babe::NextRandomness` (r:1 w:0) - /// Proof: `Babe::NextRandomness` (`max_values`: Some(1), `max_size`: Some(32), added: 527, mode: `MaxEncodedLen`) - /// Storage: `Babe::EpochStart` (r:1 w:0) - /// Proof: `Babe::EpochStart` (`max_values`: Some(1), `max_size`: Some(8), added: 503, mode: `MaxEncodedLen`) /// Storage: `StakingExtension::JumpStartProgress` (r:1 w:1) /// Proof: `StakingExtension::JumpStartProgress` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) /// Storage: `StakingExtension::ReshareData` (r:0 w:1) /// Proof: `StakingExtension::ReshareData` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) /// Storage: `StakingExtension::NextSigners` (r:0 w:1) /// Proof: `StakingExtension::NextSigners` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) + /// Storage: `Babe::NextRandomness` (r:1 w:0) + /// Proof: `Babe::NextRandomness` (`max_values`: Some(1), `max_size`: Some(32), added: 527, mode: `MaxEncodedLen`) + /// Storage: `Babe::EpochStart` (r:1 w:0) + /// Proof: `Babe::EpochStart` (`max_values`: Some(1), `max_size`: Some(8), added: 503, mode: `MaxEncodedLen`) /// The range of component `c` is `[1, 14]`. /// The range of component `l` is `[0, 15]`. - fn new_session(c: u32, l: u32, ) -> Weight { + /// The range of component `v` is `[50, 100]`. + /// The range of component `r` is `[0, 15]`. + fn new_session(c: u32, _l: u32, v: u32, r: u32, ) -> Weight { // Proof Size summary in bytes: - // Measured: `482 + c * (32 ±0)` - // Estimated: `1966 + c * (32 ±0)` - // Minimum execution time: 13_000_000 picoseconds. - Weight::from_parts(12_791_889, 0) - .saturating_add(Weight::from_parts(0, 1966)) - // Standard Error: 22_917 - .saturating_add(Weight::from_parts(65_067, 0).saturating_mul(c.into())) - // Standard Error: 19_636 - .saturating_add(Weight::from_parts(30_071, 0).saturating_mul(l.into())) - .saturating_add(T::DbWeight::get().reads(5)) + // Measured: `509 + c * (15 ±0)` + // Estimated: `2096 + c * (15 ±0) + r * (11364552184692736 ±340_282_366_920_938_463_463_374_607_431_768_211_455) + v * (18 ±2_466_463_158_054_763_722_435_771_498_496)` + // Minimum execution time: 10_000_000 picoseconds. + Weight::from_parts(16_699_930, 0) + .saturating_add(Weight::from_parts(0, 2096)) + // Standard Error: 2_130 + .saturating_add(Weight::from_parts(7_887, 0).saturating_mul(v.into())) + .saturating_add(T::DbWeight::get().reads(6)) .saturating_add(T::DbWeight::get().writes(3)) - .saturating_add(Weight::from_parts(0, 32).saturating_mul(c.into())) + .saturating_add(Weight::from_parts(0, 15).saturating_mul(c.into())) + .saturating_add(Weight::from_parts(0, 11364552184692736).saturating_mul(r.into())) + .saturating_add(Weight::from_parts(0, 18).saturating_mul(v.into())) } } @@ -546,45 +553,52 @@ impl WeightInfo for () { } /// Storage: `StakingExtension::Signers` (r:1 w:0) /// Proof: `StakingExtension::Signers` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) + /// Storage: `Parameters::SignersInfo` (r:1 w:0) + /// Proof: `Parameters::SignersInfo` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) + /// The range of component `s` is `[2, 15]`. fn new_session_base_weight(s: u32, ) -> Weight { // Proof Size summary in bytes: - // Measured: `254 + s * (32 ±0)` - // Estimated: `1739 + s * (32 ±0)` - // Minimum execution time: 7_000_000 picoseconds. - Weight::from_parts(7_682_879, 0) - .saturating_add(Weight::from_parts(0, 1739)) + // Measured: `266 + s * (32 ±0)` + // Estimated: `1751 + s * (32 ±0)` + // Minimum execution time: 5_000_000 picoseconds. + Weight::from_parts(5_772_373, 0) + .saturating_add(Weight::from_parts(0, 1751)) + // Standard Error: 22_735 + .saturating_add(Weight::from_parts(15_564, 0).saturating_mul(s.into())) .saturating_add(RocksDbWeight::get().reads(2)) .saturating_add(Weight::from_parts(0, 32).saturating_mul(s.into())) } - /// Storage: `StakingExtension::Signers` (r:1 w:0) + /// Storage: `StakingExtension::Signers` (r:1 w:0) /// Proof: `StakingExtension::Signers` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) /// Storage: `Parameters::SignersInfo` (r:1 w:0) /// Proof: `Parameters::SignersInfo` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) - /// Storage: `Babe::NextRandomness` (r:1 w:0) - /// Proof: `Babe::NextRandomness` (`max_values`: Some(1), `max_size`: Some(32), added: 527, mode: `MaxEncodedLen`) - /// Storage: `Babe::EpochStart` (r:1 w:0) - /// Proof: `Babe::EpochStart` (`max_values`: Some(1), `max_size`: Some(8), added: 503, mode: `MaxEncodedLen`) /// Storage: `StakingExtension::JumpStartProgress` (r:1 w:1) /// Proof: `StakingExtension::JumpStartProgress` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) /// Storage: `StakingExtension::ReshareData` (r:0 w:1) /// Proof: `StakingExtension::ReshareData` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) /// Storage: `StakingExtension::NextSigners` (r:0 w:1) /// Proof: `StakingExtension::NextSigners` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) + /// Storage: `Babe::NextRandomness` (r:1 w:0) + /// Proof: `Babe::NextRandomness` (`max_values`: Some(1), `max_size`: Some(32), added: 527, mode: `MaxEncodedLen`) + /// Storage: `Babe::EpochStart` (r:1 w:0) + /// Proof: `Babe::EpochStart` (`max_values`: Some(1), `max_size`: Some(8), added: 503, mode: `MaxEncodedLen`) /// The range of component `c` is `[1, 14]`. /// The range of component `l` is `[0, 15]`. - fn new_session(c: u32, l: u32, ) -> Weight { + /// The range of component `v` is `[50, 100]`. + /// The range of component `r` is `[0, 15]`. + fn new_session(c: u32, _l: u32, v: u32, r: u32, ) -> Weight { // Proof Size summary in bytes: - // Measured: `482 + c * (32 ±0)` - // Estimated: `1966 + c * (32 ±0)` - // Minimum execution time: 13_000_000 picoseconds. - Weight::from_parts(12_791_889, 0) - .saturating_add(Weight::from_parts(0, 1966)) - // Standard Error: 22_917 - .saturating_add(Weight::from_parts(65_067, 0).saturating_mul(c.into())) - // Standard Error: 19_636 - .saturating_add(Weight::from_parts(30_071, 0).saturating_mul(l.into())) - .saturating_add(RocksDbWeight::get().reads(5)) + // Measured: `509 + c * (15 ±0)` + // Estimated: `2096 + c * (15 ±0) + r * (11364552184692736 ±340_282_366_920_938_463_463_374_607_431_768_211_455) + v * (18 ±2_466_463_158_054_763_722_435_771_498_496)` + // Minimum execution time: 10_000_000 picoseconds. + Weight::from_parts(16_699_930, 0) + .saturating_add(Weight::from_parts(0, 2096)) + // Standard Error: 2_130 + .saturating_add(Weight::from_parts(7_887, 0).saturating_mul(v.into())) + .saturating_add(RocksDbWeight::get().reads(6)) .saturating_add(RocksDbWeight::get().writes(3)) - .saturating_add(Weight::from_parts(0, 32).saturating_mul(c.into())) + .saturating_add(Weight::from_parts(0, 15).saturating_mul(c.into())) + .saturating_add(Weight::from_parts(0, 11364552184692736).saturating_mul(r.into())) + .saturating_add(Weight::from_parts(0, 18).saturating_mul(v.into())) } } diff --git a/runtime/src/weights/pallet_staking_extension.rs b/runtime/src/weights/pallet_staking_extension.rs index 2bc199b58..a6bc32bad 100644 --- a/runtime/src/weights/pallet_staking_extension.rs +++ b/runtime/src/weights/pallet_staking_extension.rs @@ -16,9 +16,9 @@ //! Autogenerated weights for `pallet_staking_extension` //! //! THIS FILE WAS AUTO-GENERATED USING THE SUBSTRATE BENCHMARK CLI VERSION 33.0.0 -//! DATE: 2024-10-03, STEPS: `25`, REPEAT: `10`, LOW RANGE: `[]`, HIGH RANGE: `[]` +//! DATE: 2024-10-17, STEPS: `5`, REPEAT: `2`, LOW RANGE: `[]`, HIGH RANGE: `[]` //! WORST CASE MAP SIZE: `1000000` -//! HOSTNAME: `ip-172-31-28-93`, CPU: `Intel(R) Xeon(R) Platinum 8375C CPU @ 2.90GHz` +//! HOSTNAME: `Jesses-MacBook-Pro.local`, CPU: `` //! WASM-EXECUTION: `Compiled`, CHAIN: `Some("dev")`, DB CACHE: 1024 // Executed Command: @@ -27,14 +27,11 @@ // pallet // --chain // dev -// --wasm-execution=compiled // --pallet=pallet_staking_extension // --extrinsic=* -// --steps=25 -// --repeat=10 +// --steps=5 +// --repeat=2 // --header=.maintain/AGPL-3.0-header.txt -// --template -// .maintain/frame-weight-template.hbs // --output=./runtime/src/weights/ #![cfg_attr(rustfmt, rustfmt_skip)] @@ -58,8 +55,8 @@ impl pallet_staking_extension::WeightInfo for WeightInf // Proof Size summary in bytes: // Measured: `1421` // Estimated: `4886` - // Minimum execution time: 37_448_000 picoseconds. - Weight::from_parts(39_440_000, 0) + // Minimum execution time: 23_000_000 picoseconds. + Weight::from_parts(25_000_000, 0) .saturating_add(Weight::from_parts(0, 4886)) .saturating_add(T::DbWeight::get().reads(3)) .saturating_add(T::DbWeight::get().writes(1)) @@ -78,10 +75,12 @@ impl pallet_staking_extension::WeightInfo for WeightInf fn change_threshold_accounts(s: u32, ) -> Weight { // Proof Size summary in bytes: // Measured: `1599 + s * (32 ±0)` - // Estimated: `5063 + s * (32 ±0)` - // Minimum execution time: 45_995_000 picoseconds. - Weight::from_parts(48_726_051, 0) - .saturating_add(Weight::from_parts(0, 5063)) + // Estimated: `5062 + s * (32 ±0)` + // Minimum execution time: 29_000_000 picoseconds. + Weight::from_parts(29_411_602, 0) + .saturating_add(Weight::from_parts(0, 5062)) + // Standard Error: 26_568 + .saturating_add(Weight::from_parts(40_055, 0).saturating_mul(s.into())) .saturating_add(T::DbWeight::get().reads(5)) .saturating_add(T::DbWeight::get().writes(2)) .saturating_add(Weight::from_parts(0, 32).saturating_mul(s.into())) @@ -114,13 +113,13 @@ impl pallet_staking_extension::WeightInfo for WeightInf // Proof Size summary in bytes: // Measured: `2140 + n * (32 ±0) + s * (64 ±0)` // Estimated: `4764 + n * (32 ±0) + s * (64 ±0)` - // Minimum execution time: 115_452_000 picoseconds. - Weight::from_parts(116_623_730, 0) + // Minimum execution time: 75_000_000 picoseconds. + Weight::from_parts(75_636_482, 0) .saturating_add(Weight::from_parts(0, 4764)) - // Standard Error: 33_652 - .saturating_add(Weight::from_parts(194_540, 0).saturating_mul(s.into())) - // Standard Error: 31_703 - .saturating_add(Weight::from_parts(188_097, 0).saturating_mul(n.into())) + // Standard Error: 179_756 + .saturating_add(Weight::from_parts(66_938, 0).saturating_mul(s.into())) + // Standard Error: 173_022 + .saturating_add(Weight::from_parts(89_861, 0).saturating_mul(n.into())) .saturating_add(T::DbWeight::get().reads(11)) .saturating_add(T::DbWeight::get().writes(4)) .saturating_add(Weight::from_parts(0, 32).saturating_mul(n.into())) @@ -152,13 +151,13 @@ impl pallet_staking_extension::WeightInfo for WeightInf // Proof Size summary in bytes: // Measured: `1985 + c * (64 ±0) + n * (32 ±0)` // Estimated: `6248 + c * (64 ±0) + n * (32 ±0)` - // Minimum execution time: 95_779_000 picoseconds. - Weight::from_parts(96_617_815, 0) + // Minimum execution time: 59_000_000 picoseconds. + Weight::from_parts(55_944_951, 0) .saturating_add(Weight::from_parts(0, 6248)) - // Standard Error: 23_179 - .saturating_add(Weight::from_parts(168_714, 0).saturating_mul(c.into())) - // Standard Error: 21_837 - .saturating_add(Weight::from_parts(185_817, 0).saturating_mul(n.into())) + // Standard Error: 204_369 + .saturating_add(Weight::from_parts(228_013, 0).saturating_mul(c.into())) + // Standard Error: 196_712 + .saturating_add(Weight::from_parts(371_213, 0).saturating_mul(n.into())) .saturating_add(T::DbWeight::get().reads(11)) .saturating_add(T::DbWeight::get().writes(6)) .saturating_add(Weight::from_parts(0, 64).saturating_mul(c.into())) @@ -188,13 +187,13 @@ impl pallet_staking_extension::WeightInfo for WeightInf // Proof Size summary in bytes: // Measured: `1655 + c * (64 ±0) + n * (32 ±0)` // Estimated: `4764 + c * (64 ±0) + n * (32 ±0)` - // Minimum execution time: 77_414_000 picoseconds. - Weight::from_parts(77_758_089, 0) + // Minimum execution time: 50_000_000 picoseconds. + Weight::from_parts(49_699_348, 0) .saturating_add(Weight::from_parts(0, 4764)) - // Standard Error: 24_246 - .saturating_add(Weight::from_parts(184_017, 0).saturating_mul(c.into())) - // Standard Error: 22_842 - .saturating_add(Weight::from_parts(181_804, 0).saturating_mul(n.into())) + // Standard Error: 98_741 + .saturating_add(Weight::from_parts(156_840, 0).saturating_mul(c.into())) + // Standard Error: 95_041 + .saturating_add(Weight::from_parts(112_011, 0).saturating_mul(n.into())) .saturating_add(T::DbWeight::get().reads(9)) .saturating_add(T::DbWeight::get().writes(3)) .saturating_add(Weight::from_parts(0, 64).saturating_mul(c.into())) @@ -232,8 +231,8 @@ impl pallet_staking_extension::WeightInfo for WeightInf // Proof Size summary in bytes: // Measured: `2141` // Estimated: `6248` - // Minimum execution time: 112_405_000 picoseconds. - Weight::from_parts(116_028_000, 0) + // Minimum execution time: 71_000_000 picoseconds. + Weight::from_parts(71_000_000, 0) .saturating_add(Weight::from_parts(0, 6248)) .saturating_add(T::DbWeight::get().reads(15)) .saturating_add(T::DbWeight::get().writes(8)) @@ -246,15 +245,13 @@ impl pallet_staking_extension::WeightInfo for WeightInf fn confirm_key_reshare_confirmed(c: u32, ) -> Weight { // Proof Size summary in bytes: // Measured: `830 + c * (32 ±0)` - // Estimated: `4320 + c * (30 ±0)` - // Minimum execution time: 18_737_000 picoseconds. - Weight::from_parts(20_163_892, 0) - .saturating_add(Weight::from_parts(0, 4320)) - // Standard Error: 7_914 - .saturating_add(Weight::from_parts(37_314, 0).saturating_mul(c.into())) + // Estimated: `4331 + c * (29 ±1)` + // Minimum execution time: 11_000_000 picoseconds. + Weight::from_parts(12_414_364, 0) + .saturating_add(Weight::from_parts(0, 4331)) .saturating_add(T::DbWeight::get().reads(2)) .saturating_add(T::DbWeight::get().writes(1)) - .saturating_add(Weight::from_parts(0, 30).saturating_mul(c.into())) + .saturating_add(Weight::from_parts(0, 29).saturating_mul(c.into())) } /// Storage: `StakingExtension::ThresholdToStash` (r:1 w:0) /// Proof: `StakingExtension::ThresholdToStash` (`max_values`: None, `max_size`: None, mode: `Measured`) @@ -268,8 +265,8 @@ impl pallet_staking_extension::WeightInfo for WeightInf // Proof Size summary in bytes: // Measured: `1342` // Estimated: `4807` - // Minimum execution time: 21_013_000 picoseconds. - Weight::from_parts(21_965_000, 0) + // Minimum execution time: 12_000_000 picoseconds. + Weight::from_parts(13_000_000, 0) .saturating_add(Weight::from_parts(0, 4807)) .saturating_add(T::DbWeight::get().reads(2)) .saturating_add(T::DbWeight::get().writes(3)) @@ -283,41 +280,45 @@ impl pallet_staking_extension::WeightInfo for WeightInf // Proof Size summary in bytes: // Measured: `266 + s * (32 ±0)` // Estimated: `1751 + s * (32 ±0)` - // Minimum execution time: 7_529_000 picoseconds. - Weight::from_parts(7_865_217, 0) + // Minimum execution time: 5_000_000 picoseconds. + Weight::from_parts(5_772_373, 0) .saturating_add(Weight::from_parts(0, 1751)) - // Standard Error: 2_909 - .saturating_add(Weight::from_parts(15_094, 0).saturating_mul(s.into())) + // Standard Error: 22_735 + .saturating_add(Weight::from_parts(15_564, 0).saturating_mul(s.into())) .saturating_add(T::DbWeight::get().reads(2)) .saturating_add(Weight::from_parts(0, 32).saturating_mul(s.into())) } - /// Storage: `StakingExtension::Signers` (r:1 w:0) + /// Storage: `StakingExtension::Signers` (r:1 w:0) /// Proof: `StakingExtension::Signers` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) /// Storage: `Parameters::SignersInfo` (r:1 w:0) /// Proof: `Parameters::SignersInfo` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) - /// Storage: `Babe::NextRandomness` (r:1 w:0) - /// Proof: `Babe::NextRandomness` (`max_values`: Some(1), `max_size`: Some(32), added: 527, mode: `MaxEncodedLen`) - /// Storage: `Babe::EpochStart` (r:1 w:0) - /// Proof: `Babe::EpochStart` (`max_values`: Some(1), `max_size`: Some(8), added: 503, mode: `MaxEncodedLen`) /// Storage: `StakingExtension::JumpStartProgress` (r:1 w:1) /// Proof: `StakingExtension::JumpStartProgress` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) /// Storage: `StakingExtension::ReshareData` (r:0 w:1) /// Proof: `StakingExtension::ReshareData` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) /// Storage: `StakingExtension::NextSigners` (r:0 w:1) /// Proof: `StakingExtension::NextSigners` (`max_values`: Some(1), `max_size`: None, mode: `Measured`) + /// Storage: `Babe::NextRandomness` (r:1 w:0) + /// Proof: `Babe::NextRandomness` (`max_values`: Some(1), `max_size`: Some(32), added: 527, mode: `MaxEncodedLen`) + /// Storage: `Babe::EpochStart` (r:1 w:0) + /// Proof: `Babe::EpochStart` (`max_values`: Some(1), `max_size`: Some(8), added: 503, mode: `MaxEncodedLen`) /// The range of component `c` is `[1, 14]`. /// The range of component `l` is `[0, 15]`. - fn new_session(c: u32, _l: u32, ) -> Weight { + /// The range of component `v` is `[50, 100]`. + /// The range of component `r` is `[0, 15]`. + fn new_session(c: u32, _l: u32, v: u32, r: u32, ) -> Weight { // Proof Size summary in bytes: - // Measured: `494 + c * (32 ±0)` - // Estimated: `1979 + c * (32 ±0)` - // Minimum execution time: 19_313_000 picoseconds. - Weight::from_parts(20_259_262, 0) - .saturating_add(Weight::from_parts(0, 1979)) - // Standard Error: 7_972 - .saturating_add(Weight::from_parts(49_077, 0).saturating_mul(c.into())) - .saturating_add(T::DbWeight::get().reads(5)) + // Measured: `509 + c * (15 ±0)` + // Estimated: `2096 + c * (15 ±0) + r * (11364552184692736 ±340_282_366_920_938_463_463_374_607_431_768_211_455) + v * (18 ±2_466_463_158_054_763_722_435_771_498_496)` + // Minimum execution time: 10_000_000 picoseconds. + Weight::from_parts(16_699_930, 0) + .saturating_add(Weight::from_parts(0, 2096)) + // Standard Error: 2_130 + .saturating_add(Weight::from_parts(7_887, 0).saturating_mul(v.into())) + .saturating_add(T::DbWeight::get().reads(6)) .saturating_add(T::DbWeight::get().writes(3)) - .saturating_add(Weight::from_parts(0, 32).saturating_mul(c.into())) + .saturating_add(Weight::from_parts(0, 15).saturating_mul(c.into())) + .saturating_add(Weight::from_parts(0, 11364552184692736).saturating_mul(r.into())) + .saturating_add(Weight::from_parts(0, 18).saturating_mul(v.into())) } } From c1a2233b8a5f3a60a9bce3e7d4dafbc1d51236b8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 25 Oct 2024 07:22:53 +0000 Subject: [PATCH 08/18] Bump scale-info from 2.11.4 to 2.11.5 in the patch-dependencies group (#1135) Bumps the patch-dependencies group with 1 update: [scale-info](https://github.com/paritytech/scale-info). Updates `scale-info` from 2.11.4 to 2.11.5 - [Release notes](https://github.com/paritytech/scale-info/releases) - [Changelog](https://github.com/paritytech/scale-info/blob/master/CHANGELOG.md) - [Commits](https://github.com/paritytech/scale-info/commits) --- updated-dependencies: - dependency-name: scale-info dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Cargo.lock | 10 +++++----- crates/shared/Cargo.toml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index ff9f7a205..23fa0e60a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -11207,9 +11207,9 @@ dependencies = [ [[package]] name = "scale-info" -version = "2.11.4" +version = "2.11.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22760a375f81a31817aeaf6f5081e9ccb7ffd7f2da1809a6e3fc82b6656f10d5" +checksum = "1aa7ffc1c0ef49b0452c6e2986abf2b07743320641ffd5fc63d552458e3b779b" dependencies = [ "bitvec", "cfg-if", @@ -11221,14 +11221,14 @@ dependencies = [ [[package]] name = "scale-info-derive" -version = "2.11.4" +version = "2.11.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abc61ebe25a5c410c0e245028fc9934bf8fa4817199ef5a24a68092edfd34614" +checksum = "46385cc24172cf615450267463f937c10072516359b3ff1cb24228a4a08bf951" dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.82", ] [[package]] diff --git a/crates/shared/Cargo.toml b/crates/shared/Cargo.toml index 450d5b049..2c5aa8698 100644 --- a/crates/shared/Cargo.toml +++ b/crates/shared/Cargo.toml @@ -10,7 +10,7 @@ edition ='2021' [dependencies] codec ={ package="parity-scale-codec", version="3.0.0", default-features=false } -scale-info ={ version='2.11.4', default-features=false, features=['derive'] } +scale-info ={ version='2.11.5', default-features=false, features=['derive'] } serde ={ version="1.0", default-features=false, features=["derive"] } serde_derive="1.0.147" strum ="0.26.3" From 5afd3f8921dfc874af594a73cecd764ffa338af1 Mon Sep 17 00:00:00 2001 From: peg Date: Mon, 28 Oct 2024 12:47:51 +0100 Subject: [PATCH 09/18] Handle PCK certificates (#1068) * Add x509-parser dependency and helper fns * Add pck cert chain parser * Doccomments * Use x509 crate that works with no-std * Tidy, comments * WIP - handle PCK certs in staking pallet * Rm pck cert stuff from attestation pallet * Fix mock pck cert chain verifying * Taplo * Compress verifying key * Add missing import * Add missing implementations of PckCertVerifyier * Fix staking pallet benchmarks * Validate cert chain of arbitrary length * Tidy, fix tests * Lockfile * Clippy * Error handling * Add test for production cert verifyer * Rm commented code in test * Changelog * update metadata * Hopefully fix staking extension pallet benchmarking for validate extrinsic * Update pallets/staking/src/lib.rs Co-authored-by: Hernando Castano * Update pallets/staking/src/tests.rs Co-authored-by: Hernando Castano * Update pallets/staking/src/pck/production.rs Co-authored-by: Hernando Castano * Update pallets/staking/src/pck/production.rs Co-authored-by: Hernando Castano * Typo in struct name and improve test readablilty * Rm calls to mock_attest_validate in staking pallet test as fn is now removed * Handle errors in production verify_cert fn * Doccomments * Alphabetically sort runtime config types * Changelog * derive serialize and deserialize for JoiningServerInfo * Rename struct (typo) * Make it clearer what is happenning with the PCK generation in staking pallet benchmark * Use intel root cert from web link and link to it in doccomments * Fix staking pallet benchmarks in always generate a mock quote before validate * Slightly improve error conversion --------- Co-authored-by: Jesse Abramowitz Co-authored-by: Hernando Castano --- CHANGELOG.md | 4 + Cargo.lock | 117 +++++++++++++++++ crates/client/entropy_metadata.scale | Bin 209375 -> 209698 bytes pallets/attestation/src/mock.rs | 1 + pallets/propagation/src/mock.rs | 1 + pallets/registry/src/mock.rs | 1 + pallets/staking/Cargo.toml | 4 + pallets/staking/src/benchmarking.rs | 121 ++++++++++-------- pallets/staking/src/lib.rs | 50 +++++++- pallets/staking/src/mock.rs | 2 + ..._SGX_Provisioning_Certification_RootCA.cer | Bin 0 -> 659 bytes pallets/staking/src/pck/mock.rs | 56 ++++++++ pallets/staking/src/pck/mod.rs | 58 +++++++++ pallets/staking/src/pck/production.rs | 110 ++++++++++++++++ pallets/staking/src/tests.rs | 84 ++++++------ pallets/staking/test_pck_certs/pck_cert.der | Bin 0 -> 1269 bytes .../test_pck_certs/platform_pcs_cert.der | Bin 0 -> 666 bytes runtime/src/lib.rs | 1 + 18 files changed, 516 insertions(+), 94 deletions(-) create mode 100644 pallets/staking/src/pck/Intel_SGX_Provisioning_Certification_RootCA.cer create mode 100644 pallets/staking/src/pck/mock.rs create mode 100644 pallets/staking/src/pck/mod.rs create mode 100644 pallets/staking/src/pck/production.rs create mode 100644 pallets/staking/test_pck_certs/pck_cert.der create mode 100644 pallets/staking/test_pck_certs/platform_pcs_cert.der diff --git a/CHANGELOG.md b/CHANGELOG.md index 72ef94fb8..be9f22026 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,10 +15,14 @@ At the moment this project **does not** adhere to structure, and the `NodeInfoChanged` event were removed from the Staking Extension pallet. The `AttestationHandler` config type was added to the Staking Extension pallet. The `KeyProvider` and `AttestationQueue` config types were removed from the Attestation pallet. +- In [#1068](https://github.com/entropyxyz/entropy-core/pull/1068) an extra type `PckCertChainVerifier` + was added to the staking extension pallet's `Config` trait. - In [#1134](https://github.com/entropyxyz/entropy-core/pull/1134/) the ```no-sync``` option was removed + ### Changed - Use correct key rotation endpoint in OCW ([#1104](https://github.com/entropyxyz/entropy-core/pull/1104)) - Change attestation flow to be pull based ([#1109](https://github.com/entropyxyz/entropy-core/pull/1109/)) +- Handle PCK certificates ([#1068](https://github.com/entropyxyz/entropy-core/pull/1068)) - Remove declare synced ([#1134](https://github.com/entropyxyz/entropy-core/pull/1134/)) ## [0.3.0-rc.1](https://github.com/entropyxyz/entropy-core/compare/release/v0.2.0...release/v0.3.0-rc.1) - 2024-10-04 diff --git a/Cargo.lock b/Cargo.lock index 23fa0e60a..2ad521315 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2055,6 +2055,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f55bf8e7b65898637379c1b74eb1551107c8294ed26d855ceb9fd1a09cfc9bc0" dependencies = [ "const-oid", + "der_derive", + "flagset", "zeroize", ] @@ -2072,6 +2074,17 @@ dependencies = [ "rusticata-macros", ] +[[package]] +name = "der_derive" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8034092389675178f570469e6c3b0465d3d30b4505c294a6550db47f3c17ad18" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.82", +] + [[package]] name = "deranged" version = "0.3.11" @@ -3170,6 +3183,12 @@ version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80" +[[package]] +name = "flagset" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b3ea1ec5f8307826a5b71094dd91fc04d4ae75d5709b20ad351c7fb4815c86ec" + [[package]] name = "flate2" version = "1.0.28" @@ -6423,6 +6442,23 @@ dependencies = [ "num-traits", ] +[[package]] +name = "num-bigint-dig" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc84195820f291c7697304f3cbdadd1cb7199c0efc917ff5eafd71225c136151" +dependencies = [ + "byteorder", + "lazy_static", + "libm", + "num-integer", + "num-iter", + "num-traits", + "rand", + "smallvec", + "zeroize", +] + [[package]] name = "num-complex" version = "0.4.6" @@ -6694,8 +6730,10 @@ version = "0.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "70786f51bcc69f6a4c0360e063a4cac5419ef7c5cd5b3c99ad70f3be5ba79209" dependencies = [ + "ecdsa", "elliptic-curve", "primeorder", + "sha2 0.10.8", ] [[package]] @@ -7430,6 +7468,7 @@ dependencies = [ "frame-support 29.0.2", "frame-system", "log", + "p256", "pallet-bags-list", "pallet-balances", "pallet-parameters", @@ -7438,6 +7477,7 @@ dependencies = [ "pallet-staking-reward-curve", "pallet-timestamp", "parity-scale-codec", + "rand", "rand_chacha 0.3.1", "rand_core 0.6.4", "scale-info", @@ -7449,7 +7489,9 @@ dependencies = [ "sp-runtime 32.0.0", "sp-staking 27.0.0", "sp-std 14.0.0", + "spki", "tdx-quote", + "x509-verify", ] [[package]] @@ -7957,6 +7999,17 @@ dependencies = [ "futures-io", ] +[[package]] +name = "pkcs1" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8ffb9f10fa047879315e6625af03c164b16962a5368d724ed16323b68ace47f" +dependencies = [ + "der", + "pkcs8", + "spki", +] + [[package]] name = "pkcs8" version = "0.10.2" @@ -8971,6 +9024,26 @@ dependencies = [ "windows-sys 0.48.0", ] +[[package]] +name = "rsa" +version = "0.9.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5d0e5124fcb30e76a7e79bfee683a2746db83784b86289f6251b54b7950a0dfc" +dependencies = [ + "const-oid", + "digest 0.10.7", + "num-bigint-dig", + "num-integer", + "num-traits", + "pkcs1", + "pkcs8", + "rand_core 0.6.4", + "signature", + "spki", + "subtle 2.5.0", + "zeroize", +] + [[package]] name = "rtnetlink" version = "0.10.1" @@ -16532,6 +16605,29 @@ dependencies = [ "zeroize", ] +[[package]] +name = "x509-cert" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1301e935010a701ae5f8655edc0ad17c44bad3ac5ce8c39185f75453b720ae94" +dependencies = [ + "const-oid", + "der", + "spki", +] + +[[package]] +name = "x509-ocsp" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e54e695a31f0fecb826cf59ae2093c941d7ef932a1f8508185dd23b29ce2e2e" +dependencies = [ + "const-oid", + "der", + "spki", + "x509-cert", +] + [[package]] name = "x509-parser" version = "0.14.0" @@ -16550,6 +16646,27 @@ dependencies = [ "time", ] +[[package]] +name = "x509-verify" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "605feeee7186660fcb5ddaa1263b6d3b9ba16f128a6b48cb5e24ef7a241e43ab" +dependencies = [ + "const-oid", + "der", + "ecdsa", + "ed25519-dalek", + "k256", + "p256", + "p384", + "rsa", + "sha2 0.10.8", + "signature", + "spki", + "x509-cert", + "x509-ocsp", +] + [[package]] name = "yamux" version = "0.10.2" diff --git a/crates/client/entropy_metadata.scale b/crates/client/entropy_metadata.scale index c8e04d4635263100651d3b91fb5a7e923f53f639..fcfbd8800746eaa47293aebd17012d87cefbfd01 100644 GIT binary patch delta 9405 zcmZuX4O~=J_V1kc=Hu}>2qQDV;Gm9*!pfkyqEez#p`nnXks=N-%BXzJKuKmwMMY^v z6P|U=|B9PiR%&GQ)cj1{er~aaWu=K9yGy%PRBpMuv`hWZdow1k`}+;=o^$WH_ndp~ zJsZNWG+WjB27yD1WIYhcF!ahb8`3n@g z1d`UW$ls+TqfYXhj+FQp?j0@3Qjn-;Z;BKp!6mIn?Y_~H`C5;E?;9fJNYJ6R+`m6T z%9UWd#^s;;t9?~Lel!9LytLnK)jAgLcV!jqL9S zZD8}84m|)4|As?rA=Mv#c(vrzY0MV+|8{r;WcVYGG(#3QEb;dp83EaT`_V_G;%g)5 z-?mGx08;FK?Cl|v`{$Npqrl@Id+Z6Q^iMre;@;)^}>(1Tz%&bU^aII%8yUQOAG zk}|iq&a>20=Bjg-lvTJqRXqS{^W9}r)W7ud?8>KfQM%^!gjWiP^KZHwyxwzw7JVAT;)y0_fe-_|2~X`u4KdkPzv@7c=ofy7+w=FUqR3m} zI>MVFto&Jnb&vBu01&=sTz?T4{tZ7az$l4oH$&X(KNTaGX)(Z^U?msAA~GNpfmLC6 zHgMf*BFwegB)B7|w%&7ZHLJo?T{Y#76#HzRyiIM6r3O8O(^Lt}Qj!Fj^p*r^)GWa- z7~U(v-H=4QK}PExk~9~RDO(3=_6!LuqvogB=Ozna@wv;YtI7vd2@Yz}K^_xd&_S{_ zmD#(?(=#%hnUf~X^(?D$)zy35f{;o{dayg364)2kPn>L@Fuqt2oRT1jQw2dV3KO^6VMzyqfVV`*Rr*5!5%M;M!(=F+ zDd8{%3aKI-HZt~8IBaEXYXoFii&%P}_h#vf=<5iun{Jf8Sn@kdEi@q#YQaS>MZz4o zto$nyE+Sl^GlSqmsHC0IFc&Hnh=FqeSC#W-_&qT3_E^XUH~lphoOf4BV4C5oa|sZ$ z(!I>J@;V-NpS$!rX7YNf>#n0Q?n;+u0P&QXWi=&B*?!#K8n36Su7_$Y5TAIxLqgqs zp1L}>_vaeHEm6U8USJPvnzb)nVlAuIGLN^5M^j^^R4ECSv^4=N6lI0jQMFtRg6S^T zeY|${jG%_3OF{!9qK1r1&}NpPVc$QqI< z2^+X2M2Jy2q)9>xW1#_z8MZPO7QmR}CdR@87_;2MSVRCDF9~goMFxlAt+k!5SRvlF zgKGx`XqfFz#-all^KGZ(IEY`{!Igux%5-M2kFnSQ#w-ppW(i=-;wWR*0LC0nFcufU zc&;ZIiw|Ht*-pk10vNOHV$2r6nC)rC5;bfbPxnj&qeB8H&$pYp;^6MJwOlE(m9WO@ zRS-0=K?PZJT)RdERSKh^s$A4*psH|DuYsz%MS}*a`W0mjY*E1w4Qy4xPz~Iqf?*n{ z>QoG0tHG*9#Rv`Du7Z&osA^P<(m++6;vfxdSHWlv>`+0o2CB*w2Wz0JNikLfRW*th z4ODd~S~XBrpctotowurRyasovV1fp!iW6-bct!;iHLzO+hiKp>2GJu4J+w3dMn+#& z(Oya5A3GYMQWCDH`?@vxsw7$F)TpjflIB651V+>B>MC|wf@yAbrCSpExCg7ej~3e? z8B*zS8w`aadc_9z%zg=`y35Lau7S>u7o}ecOYqf{lvR7(FCcA3n}H%td3zWv=ZHY54tNTp=zs(6k<2=HmHzK7 z7)EPH!CZP~1ib#=bq7Ym^EcMLb0a#JjwC}B2bQs;VI&8W1*74Q05%$t!m%YuS(gG; z5=R9tr;*bM9)>qNnbM&gb3zEP-)|qspMR#qK1fy=u2t)XWiUyqGAje#5W)FoCQL@m z&}}SZQI|}HUvsqi_heYd#RF5ojafQ><3m>EKU2U5kWDqWKr`f!D+l5g^Q|yef?TSd z4)L^PI+y~m1M-NbLn0S%PG?qmbbdOFVsCDk0VV9sTV_CfQW39L2YpZkDX@ZBR#RQ4`{Hz2G_Z3q)AtAx`!|17grX;}=n0-VtlIH)@~RL{>t(bG$KcT8LY zcSc;&LBd^bm#@0YCkU6wzJ#Oc%S&LW+@td7)(Mw2dCa}RL9YBfh#>T;Gbd`e`8}D?JEV7TKjG(jAIw|Qz_)gGDi^X(+S~}zZ{%{qx6BDVjI9TN>52k zIJZ=}Mw|8j&DBirl|dYPn7@|6WXYowLU!6Y=$6JB_P zJw&7r?qUy7>I26w8}*WX+B~n@o#(1CO0z(a=7Wi|x+d{XA_kd>S2MA4Z2_* z45h>e*{<3H@U{nGDOT0dSmO`kl(p81R- zJ`805-P!`DUkdJ)o&me%lG-QC)XTY9k2)aZm$hMf^%gempLZU0HLN#PA&JeJD*>K(A=s2t7P4PEDW&jxrr*9vJB8)N+2gFz^ZH8%Pvqsb_{zb3`$b0pI zP1)BBYjl_t7@VwrwhsqA@HFh=JR;Q(2M|*SwmAcpAsH&8OoNbV@IUoq0!40wMN*c* zs2-l_@r_U-WgE1Uv?39VlrSeahHBs()oV8M_<1zsdF|}?=JQa_8A1FOn1F>Ep_!(> z2*YXp7Cy2SDQ#PzAK8L`vlW`r6&y*kWH(i{!PnrS;%$(?#r@l09*6e#x4~GbrJuIJ zXskE*Z!HY^vVz~jauFL0{%;lzrVoDy^Ks2}b}8n@0UB*o=a&jX6E(gF&tvm-y5Y7S zF|Yy~2GDO%>3c-BB)^ftMw52V_LKBq0n& zEw3+M=B{*C)%mtl`3@+Kaq*o%ZaG(Y>KbzS5=IcV2WCEUM{on|9Ke2uHn`~upQji? zM%yXnWf&=UXbqNq2HN^EjME$}9t;eWbu>88$pHg#-GDs&gyE));sg)KyYU2>UV(>0 zPO99F8idZ^jNW(!Y~fu7)z$mzmoD|J>Z0?nfCIY>+AR#8Ht=aZPAPj8p3`yE{#QFp zXUm=PI%IKi|LZUWy92^$l7?K;q-W3BLw|i;BOS8`CPs7{AmKKz$6Zy2h8eT*w+nKr)#PTLwC+}M$i)pOOcR5e0&QrF+U6({V4{=iMpsxBaZfj+sxK6wNBEkgt*2K7!pLO{#p2 zMxoiL9k+sW*;54IZx{;A=^B6I}#z4jR&uJ_T0pTX^%5X7GYC+-V2Ej!0{ zc#vK>2X;Ja^w&HUL#uCx1nNHr_i}w*H|G#X>DS#b5>EuXoa=@sk&hnQR319dzS%*q zpJ!s}A}8lhT!2_xml4JnR+aLlW`1?`O7-pw?0ivHQR4QxPSc?aa2s|72N-gZ1vq_u z_IX{w6*==irhn#tOux&>^Y2#YuYT|n=M{nZb3;#HJ6twW?JZze3NJyJ0eY3vzd<&8 zm_RL^_zIrn%f*6TK9O7{{nzYKu9EX>o_L?OM-n~=tVjQVEz+;D`al3#dEsm52F~jr z`WC)HS=NGjAnt}M$`$xTHSVXspUkEQ}|5&KqyWUbLC+A|4}HWbNn`hVIrUQM}*-o zIesq=L-j_cF$|*_YYoGN@qJQE&Z;`E3s^i!7|$v%VmYx;7K$k}9Fq%N@<1MB;3={NhM-Km$D-iKDsL6^Rzh z8ug-1{a~Xk@Q-c9h2uFjI3J03Mc2z5sH-a6UXIn;4YJUz4mgzDCY+GA;ReB5^A*+JSLjq%AlZWwXr%_Hs%jJT72jK(Q^xR@Nn8=`}LV`iN_ z8H1JVCp0+0j3e2mXP7ZP`QQzM9=&s$CzOeBuW3lQ)x}43Mh@cFF?(cn!v% z)(c(a8jN?dW8FU($3Q22&PC*D9jvO+!Y@Bxm3ycl7Gomxf<2g_`y?TWrp4kksZb9e z_!plVPOrwI4R+8UV)2*K2|a9mcASN57Op!(lP#FW7jY}Okdh7XAAgrVnj)+?nz}6* zCpiaHO~!14|3`fyd91wsa_Jc>&S8VNXvML-u}pESw+6~mizZqghfell&&OdJUN-o* z8e`~BaTv!Qq+hKHH~K*~(~NkG=ey1&@tlel&{JyRq66_vP;2xbkz;5?EJlzi0c9RJ zE&(U-)l@+OPR30}|B?_hyYL4=~yhX3=40^TRCoQz8#12$>hlGn4)9N^xnziXDAhU z*dRfU@}~ma22h|h&Bcdhz6p?vk)L;qlxP>~`9e^ME9c83z7f3W!3!Mwl_M*#8pKL{ zt&(1ezd^1!RgKA_Sg&tTe)OVQ%@1Pg@SofeR*x@o5}>?sFCO5iuGBW5N$uK7kKB(N zm~PN&^s<>Yt;PwuX8jiZI;u@XyK-?g=CfiH=NfDbgB{AAX0(cYUhiCwTiKebHsB(* zrgt~sbT*{Or|IVMFuhfQL?{!^9r1f}yiTmu|OW^F_RKTRrg3HiS1vhwIAT(9R%9laHk zShX2jc_@eS##Z*<>f7k2ZRo>f16}0ZL#5l8CiMmyNhiU-=xiI-@|Dfz7jPJ4(BT(w zF)u{ob~K}yWq3ptAc+>d$Zkhg4!nqq^n4<;2;|&_F_g9o?Hp4Ic43u~U)*I7*jnD% z#ak|qdUo+#3zQ+daka={Wb^CnRm{q<*YPs2E$w^*ml=xL{}V zm$PNO(7`L=rt~*)QVhS>CxJbUFDYxPeXf<$IJKx$*1d@wUn}YEy{xrbW%pimskgpS z`*Dhq-}D_UNP|+iAMZm>_c{;Yex`l=AU@1;g&o4vY`1?pgz2HpssQWle4pW?Z+BrL zWgW&)Hoe@#cqg02#=}_0ce+E7V7f zu^+RWilX@+vt?OnX6T@W7W&)@zY$(=2dvz zzKZIV<-S&B!B^;sfKAHLACPaL+ghI#U*z=}2jXfrz}+Cm1BaD&QM?L0%284LUfqRn z>crbk{3^c*!t8-_UT%4<60R3#h`cIy$>K%0qKpd>xAXrf(3wziu3XIjhQV^NEo6j= zlKS{ODO?=QS)e;y+|3JRju6w0ZXKLtqHvlMA^tkfqvJ!108#P;Aw}KAuE52Rz`7D6 z#ovLkRtHy^z)bBXaj3~E+hld+>UE$)f!{g)Y!WkJZG#SEMji4bL1Kf&J}FsFm^!_} zUAAIwjk}ER?0kINlq#DhYIXBg1#6tLDNU=n-CgDOd3+giT7V+2+FR#Z$(ItDa@r`3 zg5T-N+}ZLYDH^uG?O9e)mm@#2WO{|mYgy(VkaXp{8q_O}T=|ha+A~O;&07Ye#p6=3 zEUl-=7;!LNj26eRpAL%=cY;_byXk;gd|#}Wi|DDr;_{FJ*;LMt^!0KRVXW92(<~e7 zRu#&lO4XxxNrlT-k+wk*En>N3wn|f0xEo41>*N1osZpOQTIEg30|{b2!WN}7QS6a8 zTVN%#e39 zqc<`-(MrokrYN0;l54iJLZy)=-+QsBv7!l;-s{|`$mk9k71#UUd*gT<=l46my`E=% zJkMIsv!0K&*7^P40?+^dKufV&;STO>u}nEkRYy_}&$dWiBDMHFY{~O|^u`$JqDaSp ztnuY&vC@#)vc}h`B`}hFj+6Pmd*7Ta$`n&dp6*+*j)Rv!%4qUEwJ$nYkb_cJVAhaPj|^D4k+BbmFEozDK52 zz%r~f*%Bv7%PF20TPZm`NC7C>;-q*mv2JPA`8#Rb5OM3bsg=xJbsE;U{e`=>0_C*qHUZA?Y6$Prh z!uO%qIbwXdXMKsgqSCA8@YzB1G%ezv1knM?;SU5;8s+llV5}vVw+Bb*m3!^WH`n99s^d6z}gAtTTZhkz1 zQf7H1a?EpAxCIK^q^@^wx`qcnpcY)i99~ap#WgfcEp~f0d3chGT15jNV5N05$l28dmG>}^)p-LZUAX6n_o*>8uoF)m|(O@xVXgfN|Fb+RPX0UcqYm_t3VKoi3x8i3hN471n^ zEXc$#js3uaO$-xh1m-X?%p`{dA;iQml_s=}G%?KO5U@}aOBW@f`ROQ%s%}ALxKWu3 zwnu@DGBL0{1}wtFz_t~b%f!I84Opa!fo(gmC=&zQ)4-xl3~W1q#h4gm&R6v>2eS1JP=L zy3j?%0CjLM0{4N#Y;7-E3BIK`0$*sO!0 z2H2v5P6O11DTW)ME=h5e0qSBDBMeZNq3AL|U4UYw0iK?%!%+sT%TA0oz)l^EF~GAr zINAWaba0FTb^~OpB=qo%7@8P*QAc|v0Y7*q!6ONM`p%EwdtzvNLcb(Mm^LO!D`-F> zn`3cli3&oF<)y`-GJs)_`v6ZH{SPmgB}6axrlzH(q)S3BoN&2`+;-dYt8NEF!my+;_E# zPo@&UmMJumoZ3xO=nR3tP$I3S813#PDv=N~P|oGHRPq4!rqVPKjJ zWGW)UnOo=>#cP1e2z5WFfntI-b{f4dQj+#*I?Z4#MfO$KjN`Y?#Jtn^M>A;$isc!k zvUJ&3^M721i@%UT_mP+(2lD)d;NhN4rIe|4&Zavh%Hq-UXo^`xjTm3--kQI;v~*K> zHZPe+qY(<~=7DWCKRS;l!QG#mNBMB~Ph?RfUzJ6{!*CEKmZ%Tp7nD|(6slgM{bkDJ zU=hWa&!_p6tL>XlkBBT&=Jnl>N5-8ri)9TXi3`c@yLfRN%l50_-`z>$_Om(cy>)>@X3mn2mVT<5E)3HAMMgzP)K*Q(9W z!5%|^*}RO3S+UGF4^X5wxQu=!R))=RnZmg}mvX3*=jT#4beypgGTF{OD=A5?k&$5d zIxV66)s>Vb@A5~dI8tZ9p*dETdWztGWy(Zin8|nFO<`=i>^mP6!H?cebE$?`t%7QH z8AW)lY>O`6oL^Y#RgIClA=Jsf?_V9oC#b=Fkj-$jSH2c*8sLy5 zTMbJT_5xx+_Zvf!dGI|Hn$Rfw8())rgYh+C6nHlA{(C5zufGRD`w*|bhbD?GGV$;4 zCD+YNNM3HFE^cqt%4PH6x@B77U$fM!&hxBS%PSDfghM)|t)a~_C9m|}cgBk2^v_dxwZ*y!;)zClSG>#iA0Cc zt_uR#X>Cs)y-p)K^oBqoVyn=pEzXDWv9o?s4euJJ)#FF2ORn#W;0`w}4DOaGdYS4j zFD)q-gl^Q2;x%p>8_=V3>5_$u=9I#FhspH$k?A$aj3}Uc1N!vty|U0h+QCXt1n!TyfqPZW}a zhB%yzi@#M!QH(5xJNUVf;sRuZDmEYsip5B*!|fJxBf0#T+b#Oibmn0pmVag*V&Rtx z$OUJ1yohEO=(G&GlT4K+2e@=*c8d^W@tp{d)b^+}TckMt!3MfT zjJMc)J8HtX!_KTc)M)1)vlYj}y-eoM?UhP~);2-$jXpo@6*MtYw= zv=QEP^ClW4VH-ZOnL24Tzo(2Qv(>}%+5dYAg=_hLWt2$i{BjwsLl(NqOEX8R7D^n> zAS38l9%EGJUTC%LlBDjSufR$C^L9FkUv#&cRB5ZXZc$>ErVxCub_Ao`4u#3 zObvPo`iJeZ2>9vY)FIUB6?GP&jyF`$n*sGk{hJX&1OKiP&bO?R9;CfGye4$N-nG#p z;HR_SDl}Pqai5RYwr!!iZLsVM)d(LyJw$7%S%=5+s%iv;79HNk&sW2xKD2`-(=mQ% z2Q8ph{sV#tFr(|8H8cZN57%J6ZD!S(8X7_Kw9jj38}YW^BBC7Vr|~iE`YcXc1pM?B zbc;fV0d-oY3Y|Q1Crx2zExy;j8Kte=NehW}nPR@Bdst~beoE`sM+Q22;aYlhvcNAI z#Ck0eLa(WPoEvf;rc76_cx~g7EqY1G`chBHdP(T#uRIK&zw}{9>!#gUUoT(18*aUq z@7hgS&H)QeU*X=gscPo1%|VR=Iz<=%X*b;on*$um4?IdTzxNTkgAG~ui;v*ortpSZ z8bfw|v=)*}tEJm%fLGO0)O9Tr^#1yRb|P6#yOXWgjGmA?LQ`J}G5`ilvGNPMA<4TQ zr8zwHQ3}%;-{A}~`t^$cDLBm$y%xcx{rV_vm*F-WUxB%-c?!EUj-PmfUPZF7`6+sb z!M?6FC7E?fiq0v`isR#J98N!nQyz9T;B8`tHPARqYj-?D6D7oLjJ};^S$(ZnBKeu; z$cOk}u-`cD4eqBR#Qe3-(=-(BLv$Pe;CYyBuJ)hL(-4CRec4F0uo`0mh6TBK%kSws zQu%=wC>llU3$%iHtiEqQiR4KyVr(&=`y$M)%!)H*v_(WDzVb2xe3ii>CW%ZD zZub-6c6~ibB-HRz2a$yBGJE!jX3tu`p0#?<9ub!G<{|RN)*F({p{YWH0VO+xy#}z~ z+H4i}TY0AoKF<9IN(;%8gg}~fe`V2nwOB2wC~xF1|AF#C^CU{nE<%N;qAD9#C4$gs ztaoD5u&NLFac?qcJNj@w0>pqe^U_yn;)oWbA>yc2IBE!-A9#gQXSEKKX!j$5I=^JP z&3Z#TZv!dB^S0r+Z~P-|3~1N6wOWPK!_2=;atuRcNovHf#gp((MwV&dFQrG*<8R~8qjUUE!b3bR)$%9nUO z>pdmdV-@ev(#T$s9JixEpy|c#ssc5CGtT~{MV`VCe(oJgiLR3A`hhsCgAE&k@oH0A zX)D1cym*}I5HC|tAmt6=RVR=-J9*;?N{e)1mWjC~UbUwpe{QDC$ z3l@CyNm|HUHeXq64BvZ_Zkrkd@^GXsn-FL7UvSKg3)Z`01H{{|-J!7r8^3u9MQDX> zRLugD3}Pv^2qDGn@frjqU_*))F3DXI@k*B6#%6EciJnHZEgJSb~;P`2NoEFRNN z4=LIDpe&oPNPDrJvROcmF&MWSx%~2<=^$Lgf%j<=TWvF9H|1&e)3jDXNZr%{*QN5P zGf2`^E$a-99n9mm5-QdXen3AmD&xQVhGzPv|J4TE4Z58mW#)eoh5Sz1}5JXt3eX6vYpG4!5+IAN`#2 zQ8@pK>%RT`iEbP_p8PBFmN@?HUuirw@{liJ8I63&7j(z%O*Wc7cZF9~7r8gjT$mWU z67i(TCdFQ@vq=ldA+1Da2TuTQ#)mcA1pM?^5P`H9EF$@Te?epEC=c(ZI}mZ#c2f#4 zwB#Wqf7gxdsg(zxqnCkc=U~6By!#xsS(`a{%z661)Nao8z4LSv<~nemTIsae+;M?M z#dO$cYHmpZt|gb^q^I9sQ7rDdHsq^bcPFPFn$Q330@hm41IzBzS2t&I$FPjg{)<(f z{THk3uwj{9`ZDzo>qb6cE)xwse!3Me+RQXktN)Tht<%MDc9EBo_UlxtRz3_Q0Ud`9opI9IRcrMC~}q@%DbY#AL;^ z6eD^n+Rs1GrzF{x>&}e||MBlI>kzGU0I`obhld!R(&dLB5q zXhJ}`LV;Ocw;-fz@BKn84$3eGJQ>Im5u;B8vfIQgTCXQ^|BSZl2DaZgu-zP}7wohm;0N_g?X(CT z{KZjh72NL7C^iLdDIo$yC(n&wH^Yv0MX{hAGLI<9_ zC4#SWq3$ey$i(P&HHFGM55T*N!|B9C9u+lqN|j6o$Y zhE0=p+328g5^srtpG=I-p-p@$;jx zr9-$p22^ACv@t9N9>ljUaFn)V44Y<$h_pnukm@xtiM=ACd@Y$hO9(^@Q`u^2)S6OR zG+r@Hbr}7F{{FnL5p9`eowSWdw&J{twK54U2E|ghhxFY0%pMlotCFE+}pUdaU0or zT*YZ(F)Jm}V=2}uOW5xiYMf;(K@`g@m0D&6bL!W1cUQ8@Xjrm^y-ZZ4U4DS!Y*VYf z{u}1dht~5yZ)0^h5*P26SKtKkmU3z=yZ53!m+YSMmu zl(|G4i5-u#12CMH$JrVjgoF05+Yw}!?O_j6oA$vT7EaWz{p|_%6j3+d_9RP(B#%DH z?zG~C`3nJZwD{OVNQQU$*h;)(ec^+UZG9FT7haFe=FNLqBrk7ZMdG04Gu{SmYL2Jb zc0wq5oHHxoUij%}SSrKF)BD(C7Hs5|jVunL-r5MVaoXiZHkR~<&!`tzIrjIS7vRtn z{95CQe&R7NurloWb4_d<&VlSDwifzuzr>tOOt7|UIx6&z;UL`0EuN7zIQ9>eVv$iJV# z!nL^98LqT*`S(ZJdL(tL-e8ZzIR5JmR)<`!Qe(G;;k7)DVv}*(x4E?3y=g8o4UhIG zjeV*s_1R+(S+VxRG3F-N~N9@z_ar7i^^KB&&d9UfjkWh2Fc`*k9mGUwxN-h9k%BKe3b0?t)Y7 zKVTrvcJ?)$e&ap1pJ2xlc3k+4z^b8w)SZC9n6MoLECqR zy(Ph7azBPjdimCm!L^^ae+;fNzwIxq22SIhzpxoJsQvU8>`St1$|r0Co}{_=Q-nA> z-}@=d$H}`sW$8CJSmSN_!v`My%dp@C+Y})TV%l0oW?_rgF^^$_vXI0xKVzrh%}|7L zR~Ng9T-t&z_Ob-0^nEv*Am-R|x$7J}Xq=XHj;&`5x$Lo4n zCT_bv=z;5kMg96E3lO7qV^sx=j zbeS4RnmX6Le#Hi_TD}2Zr@UU<*T+0T)SyYfvePnr+ZhsHhRU`uaT_e~2PQ@lf<%xc z4p5IK$>QJjoi}I^?{H+uw3h;7&9hu~QL(nvD$Wz3sfGaY0`+NIMu<)L>j96pi^~=L zFA|v8kWJfa7bX2sd3%sJ8Oh+mAn`RQa#gUHYQw)JPNS2;p9~iFMXEA&0JAI8ghYKO zyVo0k1`r^=`3~_VvK7lTfDR%2?;+w?hf{GWx@OB{l9_;~o(UtxbgHhDNdX$C+$Knk ztc(pv@k;cZ+c&6%8<%fZ3s>TL6aO$sP#n{Zx)oc8YmyX4vQcw~TB4SF%2SkNv&W)R zZv~#cE2`3zL`v$i+V!gV;>nMQ@!~lCT)Y^Gd`OEIpFq4vr}^6B6U48Xc*q2PDZW8A)TaFUANiA{UJt0|iUB!;_ktyQ+`2WE66fu@?FnT^! KtPwjD;eP?2%rDXa diff --git a/pallets/attestation/src/mock.rs b/pallets/attestation/src/mock.rs index f75f82b58..c546530e4 100644 --- a/pallets/attestation/src/mock.rs +++ b/pallets/attestation/src/mock.rs @@ -315,6 +315,7 @@ impl pallet_staking_extension::Config for Test { type AttestationHandler = (); type Currency = Balances; type MaxEndpointLength = MaxEndpointLength; + type PckCertChainVerifier = pallet_staking_extension::pck::MockPckCertChainVerifier; type Randomness = TestPastRandomness; type RuntimeEvent = RuntimeEvent; type WeightInfo = (); diff --git a/pallets/propagation/src/mock.rs b/pallets/propagation/src/mock.rs index 31e4e1600..424010c8b 100644 --- a/pallets/propagation/src/mock.rs +++ b/pallets/propagation/src/mock.rs @@ -309,6 +309,7 @@ impl pallet_staking_extension::Config for Test { type AttestationHandler = (); type Currency = Balances; type MaxEndpointLength = MaxEndpointLength; + type PckCertChainVerifier = pallet_staking_extension::pck::MockPckCertChainVerifier; type Randomness = TestPastRandomness; type RuntimeEvent = RuntimeEvent; type WeightInfo = (); diff --git a/pallets/registry/src/mock.rs b/pallets/registry/src/mock.rs index 4f20fe263..ad5b26c3b 100644 --- a/pallets/registry/src/mock.rs +++ b/pallets/registry/src/mock.rs @@ -306,6 +306,7 @@ impl pallet_staking_extension::Config for Test { type AttestationHandler = (); type Currency = Balances; type MaxEndpointLength = MaxEndpointLength; + type PckCertChainVerifier = pallet_staking_extension::pck::MockPckCertChainVerifier; type Randomness = TestPastRandomness; type RuntimeEvent = RuntimeEvent; type WeightInfo = (); diff --git a/pallets/staking/Cargo.toml b/pallets/staking/Cargo.toml index 5729b1850..185002c38 100644 --- a/pallets/staking/Cargo.toml +++ b/pallets/staking/Cargo.toml @@ -28,6 +28,10 @@ sp-runtime ={ version="32.0.0", default-features=false } sp-staking ={ version="27.0.0", default-features=false } sp-std ={ version="14.0.0", default-features=false } sp-consensus-babe ={ version="0.33.0", default-features=false } +x509-verify ={ version="0.4.6", features=["x509"] } +spki ="0.7.3" +p256 ={ version="0.13.2", default-features=false, features=["ecdsa"] } +rand ={ version="0.8.5", default-features=false, features=["alloc"] } pallet-parameters={ version="0.3.0-rc.1", path="../parameters", default-features=false } entropy-shared={ version="0.3.0-rc.1", path="../../crates/shared", features=[ diff --git a/pallets/staking/src/benchmarking.rs b/pallets/staking/src/benchmarking.rs index 126cd6fed..7969acbd3 100644 --- a/pallets/staking/src/benchmarking.rs +++ b/pallets/staking/src/benchmarking.rs @@ -16,6 +16,7 @@ //! Benchmarking setup for pallet-propgation #![allow(unused_imports)] use super::*; +use crate::pck::{signing_key_from_seed, MOCK_PCK_DERIVED_FROM_NULL_ARRAY}; #[allow(unused_imports)] use crate::Pallet as Staking; use entropy_shared::{AttestationHandler, MAX_SIGNERS}; @@ -71,6 +72,46 @@ pub fn create_validators( validators } +/// Sets up a mock quote and requests an attestation in preparation for calling the `validate` +/// extrinsic +fn prepare_attestation_for_validate( + threshold: T::AccountId, + x25519_public_key: [u8; 32], + endpoint: Vec, + block_number: u32, +) -> (Vec, JoiningServerInfo) { + let nonce = NULL_ARR; + let quote = { + let pck = signing_key_from_seed(NULL_ARR); + /// This is a randomly generated secret p256 ECDSA key - for mocking attestation + const ATTESTATION_KEY: [u8; 32] = [ + 167, 184, 203, 130, 240, 249, 191, 129, 206, 9, 200, 29, 99, 197, 64, 81, 135, 166, 59, + 73, 31, 27, 206, 207, 69, 248, 56, 195, 64, 92, 109, 46, + ]; + + let attestation_key = tdx_quote::SigningKey::from_bytes(&ATTESTATION_KEY.into()).unwrap(); + + let input_data = + entropy_shared::QuoteInputData::new(&threshold, x25519_public_key, nonce, block_number); + + tdx_quote::Quote::mock(attestation_key.clone(), pck, input_data.0).as_bytes().to_vec() + }; + + let joining_server_info = JoiningServerInfo { + tss_account: threshold.clone(), + x25519_public_key, + endpoint, + // Since we are using the mock PckCertChainVerifier, this needs to be the same seed for + // generating the PCK as we used to sign the quote above + pck_certificate_chain: vec![NULL_ARR.to_vec()], + }; + + // We need to tell the attestation handler that we want a quote. This will let the system to + // know to expect one back when we call `validate()`. + T::AttestationHandler::request_quote(&threshold, nonce); + (quote, joining_server_info) +} + fn prep_bond_and_validate( validate_also: bool, caller: T::AccountId, @@ -91,22 +132,19 @@ fn prep_bond_and_validate( )); if validate_also { - let server_info = ServerInfo { - tss_account: threshold, + let block_number = 0; + let endpoint = vec![20, 20]; + let (quote, joining_server_info) = prepare_attestation_for_validate::( + threshold, x25519_public_key, - endpoint: vec![20, 20], - provisioning_certification_key: BoundedVec::with_max_capacity(), - }; - - // Note: This isn't a valid quote, but for testing benches this will pass. - // - // For actually running benches a valid quote will be required in the future. - let quote = [0; 32].to_vec(); + endpoint, + block_number, + ); assert_ok!(>::validate( RawOrigin::Signed(bonder.clone()).into(), ValidatorPrefs::default(), - server_info.clone(), + joining_server_info.clone(), quote, )); @@ -114,7 +152,17 @@ fn prep_bond_and_validate( .or(Err(Error::::InvalidValidatorId)) .unwrap(); - ThresholdToStash::::insert(&server_info.tss_account, &validator_id); + ThresholdToStash::::insert(&joining_server_info.tss_account, &validator_id); + + let server_info = ServerInfo { + tss_account: joining_server_info.tss_account, + x25519_public_key: joining_server_info.x25519_public_key, + endpoint: joining_server_info.endpoint, + provisioning_certification_key: MOCK_PCK_DERIVED_FROM_NULL_ARRAY + .to_vec() + .try_into() + .unwrap(), + }; ThresholdServers::::insert(&validator_id, server_info); } } @@ -152,7 +200,7 @@ benchmarks! { endpoint: vec![20, 20], tss_account: _bonder.clone(), x25519_public_key: NULL_ARR, - provisioning_certification_key: BoundedVec::with_max_capacity(), + provisioning_certification_key: MOCK_PCK_DERIVED_FROM_NULL_ARRAY.to_vec().try_into().unwrap(), }; assert_last_event::(Event::::ThresholdAccountChanged(bonder, server_info).into()); } @@ -269,7 +317,6 @@ benchmarks! { .or(Err(Error::::InvalidValidatorId)) .unwrap(); - let block_number = 1; let nonce = NULL_ARR; let x25519_public_key = NULL_ARR; let endpoint = vec![]; @@ -283,48 +330,10 @@ benchmarks! { x25519_public_key.clone() ); - /// This is a randomly generated secret p256 ECDSA key - for mocking the provisioning certification - /// key - const PCK: [u8; 32] = [ - 117, 153, 212, 7, 220, 16, 181, 32, 110, 138, 4, 68, 208, 37, 104, 54, 1, 110, 232, 207, 100, - 168, 16, 99, 66, 83, 21, 178, 81, 155, 132, 37, - ]; - - let pck = tdx_quote::SigningKey::from_bytes(&PCK.into()).unwrap(); - let pck_encoded = tdx_quote::encode_verifying_key(pck.verifying_key()).unwrap(); - let provisioning_certification_key = BoundedVec::try_from(pck_encoded.to_vec()).unwrap(); - - let quote = { - /// This is a randomly generated secret p256 ECDSA key - for mocking attestation - const ATTESTATION_KEY: [u8; 32] = [ - 167, 184, 203, 130, 240, 249, 191, 129, 206, 9, 200, 29, 99, 197, 64, 81, 135, 166, 59, 73, 31, - 27, 206, 207, 69, 248, 56, 195, 64, 92, 109, 46, - ]; - - let attestation_key = tdx_quote::SigningKey::from_bytes(&ATTESTATION_KEY.into()).unwrap(); - - let input_data = entropy_shared::QuoteInputData::new( - &threshold_account, - x25519_public_key, - nonce, - block_number, - ); - - tdx_quote::Quote::mock(attestation_key.clone(), pck, input_data.0).as_bytes().to_vec() - }; - - let server_info = ServerInfo { - tss_account: threshold_account.clone(), - x25519_public_key, - endpoint: endpoint.clone(), - provisioning_certification_key, - }; - - // We need to tell the attestation handler that we want a quote. This will let the system to - // know to expect one back when we call `validate()`. - T::AttestationHandler::request_quote(&threshold_account, nonce); - - }: _(RawOrigin::Signed(bonder.clone()), ValidatorPrefs::default(), server_info, quote) + let block_number = 1; + let (quote, joining_server_info) = + prepare_attestation_for_validate::(threshold_account.clone(), x25519_public_key, endpoint.clone(), block_number); + }: _(RawOrigin::Signed(bonder.clone()), ValidatorPrefs::default(), joining_server_info, quote) verify { assert_last_event::( Event::::ValidatorCandidateAccepted( diff --git a/pallets/staking/src/lib.rs b/pallets/staking/src/lib.rs index cd583982d..fcd37e88a 100644 --- a/pallets/staking/src/lib.rs +++ b/pallets/staking/src/lib.rs @@ -41,6 +41,8 @@ use serde::{Deserialize, Serialize}; pub use crate::weights::WeightInfo; +pub mod pck; + #[cfg(test)] mod mock; @@ -68,6 +70,7 @@ pub mod pallet { DefaultNoBound, }; use frame_system::pallet_prelude::*; + use pck::PckCertChainVerifier; use rand_chacha::{ rand_core::{RngCore, SeedableRng}, ChaCha20Rng, ChaChaRng, @@ -94,6 +97,9 @@ pub mod pallet { /// The weight information of this pallet. type WeightInfo: WeightInfo; + /// A type that verifies a provisioning certification key (PCK) certificate chain. + type PckCertChainVerifier: PckCertChainVerifier; + /// Something that provides randomness in the runtime. type Randomness: Randomness>; @@ -124,6 +130,18 @@ pub mod pallet { pub endpoint: TssServerURL, pub provisioning_certification_key: VerifyingKey, } + + /// Information about a threshold server in the process of joining + /// This becomes a [ServerInfo] when the Pck certificate chain has been validated + #[derive(Encode, Decode, Clone, Eq, PartialEq, RuntimeDebug, TypeInfo)] + #[cfg_attr(feature = "std", derive(Serialize, Deserialize))] + pub struct JoiningServerInfo { + pub tss_account: AccountId, + pub x25519_public_key: X25519PublicKey, + pub endpoint: TssServerURL, + pub pck_certificate_chain: Vec>, + } + /// Info that is requiered to do a proactive refresh #[derive(Clone, Encode, Decode, Eq, PartialEq, RuntimeDebug, TypeInfo, Default)] pub struct RefreshInfo { @@ -311,9 +329,24 @@ pub mod pallet { NoUnnominatingWhenSigner, NoUnnominatingWhenNextSigner, NoChangingThresholdAccountWhenSigner, + PckCertificateParse, + PckCertificateVerify, + PckCertificateBadPublicKey, + PckCertificateNoCertificate, FailedAttestationCheck, } + impl From for Error { + fn from(error: pck::PckParseVerifyError) -> Self { + match error { + pck::PckParseVerifyError::Parse => Error::::PckCertificateParse, + pck::PckParseVerifyError::Verify => Error::::PckCertificateVerify, + pck::PckParseVerifyError::BadPublicKey => Error::::PckCertificateBadPublicKey, + pck::PckParseVerifyError::NoCertificate => Error::::PckCertificateNoCertificate, + } + } + } + #[pallet::event] #[pallet::generate_deposit(pub(super) fn deposit_event)] pub enum Event { @@ -504,11 +537,26 @@ pub mod pallet { pub fn validate( origin: OriginFor, prefs: ValidatorPrefs, - server_info: ServerInfo, + joining_server_info: JoiningServerInfo, quote: Vec, ) -> DispatchResult { let who = ensure_signed(origin.clone())?; + let provisioning_certification_key = + T::PckCertChainVerifier::verify_pck_certificate_chain( + joining_server_info.pck_certificate_chain, + ) + .map_err(|error| { + let e: Error = error.into(); + e + })?; + + let server_info = ServerInfo:: { + tss_account: joining_server_info.tss_account, + x25519_public_key: joining_server_info.x25519_public_key, + endpoint: joining_server_info.endpoint, + provisioning_certification_key, + }; ensure!( server_info.endpoint.len() as u32 <= T::MaxEndpointLength::get(), Error::::EndpointTooLong diff --git a/pallets/staking/src/mock.rs b/pallets/staking/src/mock.rs index 58898d137..6dea3171c 100644 --- a/pallets/staking/src/mock.rs +++ b/pallets/staking/src/mock.rs @@ -37,6 +37,7 @@ use sp_staking::{EraIndex, SessionIndex}; use sp_std::vec; use crate as pallet_staking_extension; +use pallet_staking_extension::pck::MockPckCertChainVerifier; type Block = frame_system::mocking::MockBlock; type BlockNumber = u64; @@ -419,6 +420,7 @@ impl pallet_staking_extension::Config for Test { type AttestationHandler = MockAttestationHandler; type Currency = Balances; type MaxEndpointLength = MaxEndpointLength; + type PckCertChainVerifier = MockPckCertChainVerifier; type Randomness = TestPastRandomness; type RuntimeEvent = RuntimeEvent; type WeightInfo = (); diff --git a/pallets/staking/src/pck/Intel_SGX_Provisioning_Certification_RootCA.cer b/pallets/staking/src/pck/Intel_SGX_Provisioning_Certification_RootCA.cer new file mode 100644 index 0000000000000000000000000000000000000000..768806c673709fb71537020abbabad2b1dc23773 GIT binary patch literal 659 zcmXqLV(K?&Vlr94%*4pVB%+kcb1iDFN$2P0EmMQ`2S{70v#l}UV&l+i^EhYA!pvll zVJKxF!NwfQ!ptM+nOBmUqY&&Kp%9dxU!vgb2$SQ2$vNj2733EsmSpDV8HyMPf%LKS za0e&ml_V-S=Oh*-8gd(OfM-Ch~kvMtrKjmv1bZ!Z(*nQf5%loS+O>FXz_7L{bCWhN(hi5#{Wtmy%j!APX{+k420HyOn$(X?{k= z|17|0XJi9Mo~$s4&tbp@q?i~PkrM{9Cxd|-lOn^@{ZBasf9gARD%>&aGSGW`QSWG5 z{WqmIDbv3SH3&@mV{?50sw!g B#yS81 literal 0 HcmV?d00001 diff --git a/pallets/staking/src/pck/mock.rs b/pallets/staking/src/pck/mock.rs new file mode 100644 index 000000000..5623cdd0d --- /dev/null +++ b/pallets/staking/src/pck/mock.rs @@ -0,0 +1,56 @@ +// Copyright (C) 2023 Entropy Cryptography Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +use super::{CompressedVerifyingKey, PckCertChainVerifier, PckParseVerifyError}; +use p256::ecdsa::{SigningKey, VerifyingKey}; +use rand::{rngs::StdRng, SeedableRng}; +use sp_std::vec::Vec; + +/// This is used in the benchmarking tests to check that ServerInfo is as expected +pub const MOCK_PCK_DERIVED_FROM_NULL_ARRAY: [u8; 33] = [ + 3, 237, 193, 27, 177, 204, 234, 67, 54, 141, 157, 13, 62, 87, 113, 224, 4, 121, 206, 251, 190, + 151, 134, 87, 68, 46, 37, 163, 127, 97, 252, 174, 108, +]; + +/// A PCK certificate chain verifier for testing. +/// Rather than actually use test certificates, we give here the TSS account ID instead of the first +/// certificate, and derive a keypair from it. The same keypair will be derived when creating a mock +/// quote in entropy-tss +pub struct MockPckCertChainVerifier {} + +impl PckCertChainVerifier for MockPckCertChainVerifier { + fn verify_pck_certificate_chain( + pck_certificate_chain: Vec>, + ) -> Result { + let first_certificate = + pck_certificate_chain.first().ok_or(PckParseVerifyError::NoCertificate)?; + + // Read the certificate bytes as a TSS account id + let tss_account_id: [u8; 32] = + first_certificate.clone().try_into().map_err(|_| PckParseVerifyError::Parse)?; + + // Derive a keypair + let pck_secret = signing_key_from_seed(tss_account_id); + + // Convert/compress the public key + let pck_public = VerifyingKey::from(&pck_secret); + let pck_public = pck_public.to_encoded_point(true).as_bytes().to_vec(); + pck_public.try_into().map_err(|_| PckParseVerifyError::Parse) + } +} + +pub fn signing_key_from_seed(input: [u8; 32]) -> SigningKey { + let mut pck_seeder = StdRng::from_seed(input); + SigningKey::random(&mut pck_seeder) +} diff --git a/pallets/staking/src/pck/mod.rs b/pallets/staking/src/pck/mod.rs new file mode 100644 index 000000000..3694d988a --- /dev/null +++ b/pallets/staking/src/pck/mod.rs @@ -0,0 +1,58 @@ +// Copyright (C) 2023 Entropy Cryptography Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +mod mock; +pub use mock::{signing_key_from_seed, MockPckCertChainVerifier, MOCK_PCK_DERIVED_FROM_NULL_ARRAY}; +mod production; +use super::VerifyingKey as CompressedVerifyingKey; +use core::array::TryFromSliceError; +use sp_std::vec::Vec; + +/// Provides a way of verifying a chain of certificates to give a chain of trust between the +/// provisioning certification key used to sign a TDX quote to the Intel route certificate authority +pub trait PckCertChainVerifier { + /// Verify an arbitrary chain of DER-encoded x509 certificates against Intel's root CA. + /// Typically this is two certificates, the PCK certificate and an intermediary provider + /// certificate + fn verify_pck_certificate_chain( + pck_certificate_chain: Vec>, + ) -> Result; +} + +/// An error when parsing or verifying a PCK or provider certificate +#[derive(Debug)] +pub enum PckParseVerifyError { + Parse, + Verify, + BadPublicKey, + NoCertificate, +} + +impl From for PckParseVerifyError { + fn from(_: spki::der::Error) -> PckParseVerifyError { + PckParseVerifyError::Parse + } +} + +impl From for PckParseVerifyError { + fn from(_: x509_verify::Error) -> PckParseVerifyError { + PckParseVerifyError::Verify + } +} + +impl From for PckParseVerifyError { + fn from(_: TryFromSliceError) -> PckParseVerifyError { + PckParseVerifyError::BadPublicKey + } +} diff --git a/pallets/staking/src/pck/production.rs b/pallets/staking/src/pck/production.rs new file mode 100644 index 000000000..7a0404123 --- /dev/null +++ b/pallets/staking/src/pck/production.rs @@ -0,0 +1,110 @@ +// Copyright (C) 2023 Entropy Cryptography Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +use sp_std::vec::Vec; +use x509_verify::{ + der::{Decode, Encode}, + x509_cert::Certificate, + Signature, VerifyInfo, VerifyingKey, +}; + +use super::{CompressedVerifyingKey, PckCertChainVerifier, PckParseVerifyError}; + +/// Intels root CA certificate in DER format available from here: +/// https://certificates.trustedservices.intel.com/Intel_SGX_Provisioning_Certification_RootCA.cer +/// Valid until December 31 2049 +const INTEL_ROOT_CA_DER: &[u8; 659] = + include_bytes!("Intel_SGX_Provisioning_Certification_RootCA.cer"); + +/// A PCK certificate chain verifier for use in production where entropy-tss is running on TDX +/// hardware and we have a PCK certificate chain +pub struct ProductionPckCertChainVerifier {} + +impl PckCertChainVerifier for ProductionPckCertChainVerifier { + fn verify_pck_certificate_chain( + pck_certificate_chain: Vec>, + ) -> Result { + let pck_uncompressed = verify_pck_cert_chain(pck_certificate_chain)?; + + // Compress / convert public key + let point = p256::EncodedPoint::from_bytes(pck_uncompressed) + .map_err(|_| PckParseVerifyError::BadPublicKey)?; + let pck_verifying_key = p256::ecdsa::VerifyingKey::from_encoded_point(&point) + .map_err(|_| PckParseVerifyError::BadPublicKey)?; + let pck_compressed = pck_verifying_key.to_encoded_point(true).as_bytes().to_vec(); + pck_compressed.try_into().map_err(|_| PckParseVerifyError::BadPublicKey) + } +} + +/// Validate PCK and provider certificates and if valid return the PCK +/// These certificates will be provided by a joining validator +fn verify_pck_cert_chain(certificates_der: Vec>) -> Result<[u8; 65], PckParseVerifyError> { + if certificates_der.is_empty() { + return Err(PckParseVerifyError::NoCertificate); + } + + // Parse the certificates + let mut certificates = Vec::new(); + for certificate in certificates_der { + certificates.push(Certificate::from_der(&certificate)?); + } + // Add the root certificate to the end of the chain. Since the root cert is self-signed, this + // will work regardless of whether the user has included this certicate in the chain or not + certificates.push(Certificate::from_der(INTEL_ROOT_CA_DER)?); + + // Verify the certificate chain + for i in 0..certificates.len() { + let verifying_key: &VerifyingKey = if i + 1 == certificates.len() { + &certificates[i].tbs_certificate.subject_public_key_info.clone().try_into()? + } else { + &certificates[i + 1].tbs_certificate.subject_public_key_info.clone().try_into()? + }; + verify_cert(&certificates[i], verifying_key)?; + } + + // Get the first certificate + let pck_key = &certificates + .first() + .ok_or(PckParseVerifyError::NoCertificate)? + .tbs_certificate + .subject_public_key_info + .subject_public_key; + + Ok(pck_key.as_bytes().ok_or(PckParseVerifyError::BadPublicKey)?.try_into()?) +} + +/// Given a cerificate and a public key, verify the certificate +fn verify_cert(subject: &Certificate, issuer_pk: &VerifyingKey) -> Result<(), PckParseVerifyError> { + let verify_info = VerifyInfo::new( + subject.tbs_certificate.to_der()?.into(), + Signature::new( + &subject.signature_algorithm, + subject.signature.as_bytes().ok_or(PckParseVerifyError::Parse)?, + ), + ); + Ok(issuer_pk.verify(&verify_info)?) +} + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn test_verify_pck_cert_chain() { + let pck = include_bytes!("../../test_pck_certs/pck_cert.der").to_vec(); + let platform = include_bytes!("../../test_pck_certs/platform_pcs_cert.der").to_vec(); + assert!(ProductionPckCertChainVerifier::verify_pck_certificate_chain(vec![pck, platform]) + .is_ok()); + } +} diff --git a/pallets/staking/src/tests.rs b/pallets/staking/src/tests.rs index 98faa0d24..0340d4cf9 100644 --- a/pallets/staking/src/tests.rs +++ b/pallets/staking/src/tests.rs @@ -14,7 +14,8 @@ // along with this program. If not, see . use crate::{ - mock::*, tests::RuntimeEvent, Error, NextSignerInfo, NextSigners, ServerInfo, Signers, + mock::*, pck::MOCK_PCK_DERIVED_FROM_NULL_ARRAY, tests::RuntimeEvent, Error, JoiningServerInfo, + NextSignerInfo, NextSigners, ServerInfo, Signers, }; use codec::Encode; use frame_support::{assert_noop, assert_ok}; @@ -60,16 +61,16 @@ fn it_takes_in_an_endpoint() { pallet_staking::RewardDestination::Account(1), )); - let server_info = ServerInfo { + let joining_server_info = JoiningServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20], - provisioning_certification_key: BoundedVec::with_max_capacity(), + pck_certificate_chain: vec![[0u8; 32].to_vec()], }; assert_ok!(Staking::validate( RuntimeOrigin::signed(1), pallet_staking::ValidatorPrefs::default(), - server_info.clone(), + joining_server_info.clone(), VALID_QUOTE.to_vec(), )); @@ -78,33 +79,33 @@ fn it_takes_in_an_endpoint() { assert_eq!(tss_account, 3); assert_eq!(Staking::threshold_to_stash(3).unwrap(), 1); - let server_info = ServerInfo { + let joining_server_info = JoiningServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20; 26], - provisioning_certification_key: BoundedVec::with_max_capacity(), + pck_certificate_chain: vec![[0u8; 32].to_vec()], }; assert_noop!( Staking::validate( RuntimeOrigin::signed(4), pallet_staking::ValidatorPrefs::default(), - server_info, + joining_server_info, VALID_QUOTE.to_vec(), ), Error::::EndpointTooLong ); - let server_info = ServerInfo { + let joining_server_info = JoiningServerInfo { tss_account: 5, x25519_public_key: NULL_ARR, endpoint: vec![20, 20], - provisioning_certification_key: BoundedVec::with_max_capacity(), + pck_certificate_chain: vec![[0u8; 32].to_vec()], }; assert_noop!( Staking::validate( RuntimeOrigin::signed(4), pallet_staking::ValidatorPrefs::default(), - server_info, + joining_server_info, VALID_QUOTE.to_vec(), ), pallet_staking::Error::::NotController @@ -121,16 +122,16 @@ fn it_will_not_allow_validator_to_use_existing_tss_account() { pallet_staking::RewardDestination::Account(1), )); - let server_info = ServerInfo { + let joining_server_info = JoiningServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20], - provisioning_certification_key: BoundedVec::with_max_capacity(), + pck_certificate_chain: vec![[0u8; 32].to_vec()], }; assert_ok!(Staking::validate( RuntimeOrigin::signed(1), pallet_staking::ValidatorPrefs::default(), - server_info.clone(), + joining_server_info.clone(), VALID_QUOTE.to_vec(), )); @@ -144,7 +145,7 @@ fn it_will_not_allow_validator_to_use_existing_tss_account() { Staking::validate( RuntimeOrigin::signed(2), pallet_staking::ValidatorPrefs::default(), - server_info, + joining_server_info, VALID_QUOTE.to_vec(), ), Error::::TssAccountAlreadyExists @@ -161,16 +162,16 @@ fn it_changes_endpoint() { pallet_staking::RewardDestination::Account(1), )); - let server_info = ServerInfo { + let joining_server_info = JoiningServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20], - provisioning_certification_key: BoundedVec::with_max_capacity(), + pck_certificate_chain: vec![[0u8; 32].to_vec()], }; assert_ok!(Staking::validate( RuntimeOrigin::signed(1), pallet_staking::ValidatorPrefs::default(), - server_info.clone(), + joining_server_info.clone(), VALID_QUOTE.to_vec(), )); @@ -193,16 +194,16 @@ fn it_changes_threshold_account() { pallet_staking::RewardDestination::Account(1), )); - let server_info = ServerInfo { + let joining_server_info = JoiningServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20], - provisioning_certification_key: BoundedVec::with_max_capacity(), + pck_certificate_chain: vec![[0u8; 32].to_vec()], }; assert_ok!(Staking::validate( RuntimeOrigin::signed(1), pallet_staking::ValidatorPrefs::default(), - server_info.clone(), + joining_server_info.clone(), VALID_QUOTE.to_vec(), )); @@ -222,16 +223,16 @@ fn it_changes_threshold_account() { pallet_staking::RewardDestination::Account(2), )); - let server_info = ServerInfo { + let joining_server_info = JoiningServerInfo { tss_account: 5, x25519_public_key: NULL_ARR, endpoint: vec![20], - provisioning_certification_key: BoundedVec::with_max_capacity(), + pck_certificate_chain: vec![[0u8; 32].to_vec()], }; assert_ok!(Staking::validate( RuntimeOrigin::signed(2), pallet_staking::ValidatorPrefs::default(), - server_info.clone(), + joining_server_info.clone(), VALID_QUOTE.to_vec(), )); @@ -257,16 +258,16 @@ fn it_will_not_allow_existing_tss_account_when_changing_threshold_account() { pallet_staking::RewardDestination::Account(1), )); - let server_info = ServerInfo { + let joining_server_info = JoiningServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20], - provisioning_certification_key: BoundedVec::with_max_capacity(), + pck_certificate_chain: vec![[0u8; 32].to_vec()], }; assert_ok!(Staking::validate( RuntimeOrigin::signed(1), pallet_staking::ValidatorPrefs::default(), - server_info, + joining_server_info, VALID_QUOTE.to_vec(), )); @@ -277,16 +278,16 @@ fn it_will_not_allow_existing_tss_account_when_changing_threshold_account() { pallet_staking::RewardDestination::Account(2), )); - let server_info = ServerInfo { + let joining_server_info = JoiningServerInfo { tss_account: 5, x25519_public_key: NULL_ARR, endpoint: vec![20], - provisioning_certification_key: BoundedVec::with_max_capacity(), + pck_certificate_chain: vec![[0u8; 32].to_vec()], }; assert_ok!(Staking::validate( RuntimeOrigin::signed(2), pallet_staking::ValidatorPrefs::default(), - server_info.clone(), + joining_server_info.clone(), VALID_QUOTE.to_vec(), )); @@ -309,16 +310,16 @@ fn it_deletes_when_no_bond_left() { pallet_staking::RewardDestination::Account(1), )); - let server_info = ServerInfo { + let joining_server_info = JoiningServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20], - provisioning_certification_key: BoundedVec::with_max_capacity(), + pck_certificate_chain: vec![[0u8; 32].to_vec()], }; assert_ok!(Staking::validate( RuntimeOrigin::signed(2), pallet_staking::ValidatorPrefs::default(), - server_info.clone(), + joining_server_info.clone(), VALID_QUOTE.to_vec(), )); @@ -588,11 +589,11 @@ fn it_requires_attestation_before_validate_is_succesful() { pallet_staking::RewardDestination::Account(alice), )); - let server_info = ServerInfo { + let joining_server_info = JoiningServerInfo { tss_account: bob, x25519_public_key: NULL_ARR, endpoint: vec![20], - provisioning_certification_key: BoundedVec::try_from([0; 32].to_vec()).unwrap(), + pck_certificate_chain: vec![[0u8; 32].to_vec()], }; // First we test that an invalid attestation doesn't allow us to submit our candidacy. @@ -600,23 +601,32 @@ fn it_requires_attestation_before_validate_is_succesful() { Staking::validate( RuntimeOrigin::signed(alice), pallet_staking::ValidatorPrefs::default(), - server_info.clone(), + joining_server_info.clone(), INVALID_QUOTE.to_vec(), ), Error::::FailedAttestationCheck ); assert_eq!(Staking::threshold_server(bob), None); - assert_eq!(Staking::threshold_to_stash(server_info.tss_account), None); + assert_eq!(Staking::threshold_to_stash(joining_server_info.tss_account), None); // Next we test that a valid attestation gets us into a candidate state. assert_ok!(Staking::validate( RuntimeOrigin::signed(alice), pallet_staking::ValidatorPrefs::default(), - server_info.clone(), + joining_server_info.clone(), VALID_QUOTE.to_vec(), )); + let server_info = ServerInfo:: { + tss_account: joining_server_info.tss_account, + x25519_public_key: joining_server_info.x25519_public_key, + endpoint: joining_server_info.endpoint, + provisioning_certification_key: MOCK_PCK_DERIVED_FROM_NULL_ARRAY + .to_vec() + .try_into() + .unwrap(), + }; assert_eq!(Staking::threshold_to_stash(bob), Some(alice)); assert_eq!(Staking::threshold_server(alice), Some(server_info)); }) diff --git a/pallets/staking/test_pck_certs/pck_cert.der b/pallets/staking/test_pck_certs/pck_cert.der new file mode 100644 index 0000000000000000000000000000000000000000..69279aeca337b2536d497de4fdc38585bde91867 GIT binary patch literal 1269 zcmXqLV)#WGZP~dlPJU0iU66pKbgx<%%5=Zk4CBS8ix=T11>fWtu~Kywk*s{ z1_g#n1`2G3{l0*gPoW!C;Lv903kSGTa6Hq&p!zRoW8f+jZ&TC|1 zU}<1(U|?iyY7`~TYix+b#p5F9)S{Biw9Mqhl2od?DAGWfjU5~!OpMT=VP<4!c4A;z zmfm4CcXrJ#@4(jZ|1Y;4sD1sca_!_C{e2&{dT*7V((v%W0r$5uTf7&l6wmi5eWX_u zedPTQhZU0lQ$H>${Q7sw;wEMugC=GU19@Oz$SSi)7>G59OwEryyI1<*O9#)BSH2jZ zV+`lM7h;eNQXtQgVvuBzupn+hOj}e&Nl8JmmA-yrL8e|wQE72WYD#fxQCVhkYO!7> zD5mt1^KfWtu~Kywk*s{ z1{sD@1`=${p)AZif}VLLsW}S4?hy(>`S~RZ&W&&c?n1sMH|Y~Vium7cJD1+O*yP+FDmRCJa*u6P_jD!& mHR-DgYW#CjYE3iu^@%Ljn3ODaIAZ4%_lAxymp0XWt^)wcYROCh literal 0 HcmV?d00001 diff --git a/runtime/src/lib.rs b/runtime/src/lib.rs index b50d3dcaa..f801c6a94 100644 --- a/runtime/src/lib.rs +++ b/runtime/src/lib.rs @@ -718,6 +718,7 @@ impl pallet_staking_extension::Config for Runtime { type AttestationHandler = Attestation; type Currency = Balances; type MaxEndpointLength = MaxEndpointLength; + type PckCertChainVerifier = pallet_staking_extension::pck::MockPckCertChainVerifier; type Randomness = pallet_babe::RandomnessFromOneEpochAgo; type RuntimeEvent = RuntimeEvent; type WeightInfo = weights::pallet_staking_extension::WeightInfo; From 417e42af0f014e6ab146d57164e7ebe31d932764 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 29 Oct 2024 07:35:17 +0000 Subject: [PATCH 10/18] Bump the patch-dependencies group with 3 updates (#1137) Bumps the patch-dependencies group with 3 updates: [serde](https://github.com/serde-rs/serde), [reqwest](https://github.com/seanmonstar/reqwest) and [serde_derive](https://github.com/serde-rs/serde). Updates `serde` from 1.0.213 to 1.0.214 - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](https://github.com/serde-rs/serde/compare/v1.0.213...v1.0.214) Updates `reqwest` from 0.12.8 to 0.12.9 - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](https://github.com/seanmonstar/reqwest/compare/v0.12.8...v0.12.9) Updates `serde_derive` from 1.0.213 to 1.0.214 - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](https://github.com/serde-rs/serde/compare/v1.0.213...v1.0.214) --- updated-dependencies: - dependency-name: serde dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies - dependency-name: reqwest dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies - dependency-name: serde_derive dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Cargo.lock | 12 ++++++------ crates/client/Cargo.toml | 2 +- crates/threshold-signature-server/Cargo.toml | 2 +- node/cli/Cargo.toml | 2 +- pallets/staking/Cargo.toml | 2 +- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 2ad521315..84db1a106 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -8857,9 +8857,9 @@ checksum = "adad44e29e4c806119491a7f06f03de4d1af22c3a680dd47f1e6e179439d1f56" [[package]] name = "reqwest" -version = "0.12.8" +version = "0.12.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f713147fbe92361e52392c73b8c9e48c04c6625bce969ef54dc901e58e042a7b" +checksum = "a77c62af46e79de0a562e1a9849205ffcb7fc1238876e9bd743357570e04046f" dependencies = [ "base64 0.22.1", "bytes", @@ -11573,9 +11573,9 @@ checksum = "cd0b0ec5f1c1ca621c432a25813d8d60c88abe6d3e08a3eb9cf37d97a0fe3d73" [[package]] name = "serde" -version = "1.0.213" +version = "1.0.214" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ea7893ff5e2466df8d720bb615088341b295f849602c6956047f8f80f0e9bc1" +checksum = "f55c3193aca71c12ad7890f1785d2b73e1b9f63a0bbc353c08ef26fe03fc56b5" dependencies = [ "serde_derive", ] @@ -11591,9 +11591,9 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.213" +version = "1.0.214" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e85ad2009c50b58e87caa8cd6dac16bdf511bbfb7af6c33df902396aa480fa5" +checksum = "de523f781f095e28fa605cdce0f8307e451cc0fd14e2eb4cd2e98a355b147766" dependencies = [ "proc-macro2", "quote", diff --git a/crates/client/Cargo.toml b/crates/client/Cargo.toml index 14403aca7..2bafc3fa1 100644 --- a/crates/client/Cargo.toml +++ b/crates/client/Cargo.toml @@ -26,7 +26,7 @@ rand_core ={ version="0.6.4", optional=true } serde_json ={ version="1.0", optional=true } x25519-dalek ={ version="2.0.1", features=["static_secrets"], optional=true } entropy-protocol={ version="0.3.0-rc.1", path="../protocol", optional=true, default-features=false } -reqwest ={ version="0.12.8", features=["json", "stream"], optional=true } +reqwest ={ version="0.12.9", features=["json", "stream"], optional=true } base64 ={ version="0.22.0", optional=true } synedrion ={ version="0.2.0-beta.0", optional=true } hex ={ version="0.4.3", optional=true } diff --git a/crates/threshold-signature-server/Cargo.toml b/crates/threshold-signature-server/Cargo.toml index eec257622..4f07b96c9 100644 --- a/crates/threshold-signature-server/Cargo.toml +++ b/crates/threshold-signature-server/Cargo.toml @@ -31,7 +31,7 @@ futures="0.3" tokio ={ version="1.41", features=["macros", "fs", "rt-multi-thread", "io-util", "process", "sync"] } # HTTP -reqwest={ version="0.12.8", features=["json", "stream"] } +reqwest={ version="0.12.9", features=["json", "stream"] } axum ={ version="0.7.7", features=["ws"] } # Substrate diff --git a/node/cli/Cargo.toml b/node/cli/Cargo.toml index a23ed0153..885e2629d 100644 --- a/node/cli/Cargo.toml +++ b/node/cli/Cargo.toml @@ -29,7 +29,7 @@ lazy_static ={ version="1.5.0", features=["spin_no_std"] } log ="0.4.22" pallet-im-online={ version="28.0.0" } rand ="0.8.5" -serde ={ version="1.0.213", features=["derive"] } +serde ={ version="1.0.214", features=["derive"] } serde_json ='1.0.132' # Substrate Client diff --git a/pallets/staking/Cargo.toml b/pallets/staking/Cargo.toml index 185002c38..4aa83ec0e 100644 --- a/pallets/staking/Cargo.toml +++ b/pallets/staking/Cargo.toml @@ -15,7 +15,7 @@ targets=['x86_64-unknown-linux-gnu'] codec ={ package="parity-scale-codec", version="3.6.3", default-features=false, features=["derive"] } scale-info ={ version="2.11", default-features=false, features=["derive"] } log ={ version="0.4.22", default-features=false } -serde ={ version="1.0.213", default-features=false } +serde ={ version="1.0.214", default-features=false } rand_chacha={ version="0.3", default-features=false } frame-benchmarking={ version="29.0.0", default-features=false, optional=true } From f01b7199c35e62382317c2e58d143affa93f31cc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 1 Nov 2024 07:18:58 +0000 Subject: [PATCH 11/18] Bump the patch-dependencies group with 2 updates (#1139) Bumps the patch-dependencies group with 2 updates: [thiserror](https://github.com/dtolnay/thiserror) and [anyhow](https://github.com/dtolnay/anyhow). Updates `thiserror` from 1.0.65 to 1.0.66 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](https://github.com/dtolnay/thiserror/compare/1.0.65...1.0.66) Updates `anyhow` from 1.0.91 to 1.0.92 - [Release notes](https://github.com/dtolnay/anyhow/releases) - [Commits](https://github.com/dtolnay/anyhow/compare/1.0.91...1.0.92) --- updated-dependencies: - dependency-name: thiserror dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies - dependency-name: anyhow dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Cargo.lock | 164 +++++++++---------- crates/client/Cargo.toml | 4 +- crates/kvdb/Cargo.toml | 2 +- crates/protocol/Cargo.toml | 4 +- crates/test-cli/Cargo.toml | 2 +- crates/threshold-signature-server/Cargo.toml | 4 +- 6 files changed, 90 insertions(+), 90 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 84db1a106..3b38789c3 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -215,9 +215,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.91" +version = "1.0.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c042108f3ed77fd83760a5fd79b53be043192bb3b9dba91d8c574c0ada7850c8" +checksum = "74f37166d7d48a0284b99dd824694c26119c700b53bf0d1540cdb147dbdaaf13" [[package]] name = "approx" @@ -239,7 +239,7 @@ dependencies = [ "proc-macro-error", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -600,7 +600,7 @@ checksum = "721cae7de5c34fbb2acd27e21e6d2cf7b886dce0c27388d46c4e6c47ea4318dd" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -636,7 +636,7 @@ checksum = "3c87f3f15e7794432337fc718554eaa4dc8f04c9677a950ffe366f20a162ae42" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -819,7 +819,7 @@ dependencies = [ "regex", "rustc-hash", "shlex", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -1331,7 +1331,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -1883,7 +1883,7 @@ checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -1910,7 +1910,7 @@ dependencies = [ "proc-macro2", "quote", "scratch", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -1927,7 +1927,7 @@ checksum = "ad08a837629ad949b73d032c637653d069e909cffe4ee7870b02301939ce39cc" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -1975,7 +1975,7 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.10.0", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -1997,7 +1997,7 @@ checksum = "a668eda54683121533a393014d8692171709ff57a7d61f187b6e782719f8933f" dependencies = [ "darling_core 0.20.8", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -2082,7 +2082,7 @@ checksum = "8034092389675178f570469e6c3b0465d3d30b4505c294a6550db47f3c17ad18" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -2124,7 +2124,7 @@ checksum = "d65d7ce8132b7c0e54497a4d9a55a1c2a0912a0d786cf894472ba818fba45762" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -2157,7 +2157,7 @@ checksum = "cb7330aeadfbe296029522e6c40f315320aba36fc43a5b3632f3795348f3bd22" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -2246,7 +2246,7 @@ checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -2270,7 +2270,7 @@ dependencies = [ "proc-macro2", "quote", "regex", - "syn 2.0.82", + "syn 2.0.86", "termcolor", "toml 0.8.12", "walkdir", @@ -2884,7 +2884,7 @@ checksum = "5c785274071b1b420972453b306eeca06acf4633829db4223b58a2a8c5953bc4" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -3076,7 +3076,7 @@ dependencies = [ "prettier-please", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -3347,7 +3347,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -3534,7 +3534,7 @@ dependencies = [ "proc-macro2", "quote", "sp-crypto-hashing", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -3554,7 +3554,7 @@ dependencies = [ "proc-macro2", "quote", "sp-crypto-hashing", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -3567,7 +3567,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -3580,7 +3580,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -3591,7 +3591,7 @@ checksum = "68672b9ec6fe72d259d3879dc212c5e42e977588cdac830c76f54d9f492aeb58" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -3602,7 +3602,7 @@ checksum = "ed971c6435503a099bdac99fe4c5bea08981709e5b5a0a8535a1856f48561191" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -3783,7 +3783,7 @@ checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -5008,7 +5008,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -5828,7 +5828,7 @@ dependencies = [ "macro_magic_core", "macro_magic_macros", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -5842,7 +5842,7 @@ dependencies = [ "macro_magic_core_macros", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -5853,7 +5853,7 @@ checksum = "9ea73aa640dc01d62a590d48c0c3521ed739d53b27f919b25c3551e233481654" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -5864,7 +5864,7 @@ checksum = "ef9d79ae96aaba821963320eb2b6e34d17df1e5a83d8a1985c29cc5be59577b3" dependencies = [ "macro_magic_core", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -6553,7 +6553,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -6679,7 +6679,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -7503,7 +7503,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -7926,7 +7926,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -7967,7 +7967,7 @@ checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -8096,7 +8096,7 @@ dependencies = [ "polkavm-common 0.8.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -8108,7 +8108,7 @@ dependencies = [ "polkavm-common 0.9.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -8118,7 +8118,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "15e85319a0d5129dc9f021c62607e0804f5fb777a05cdda44d750ac0732def66" dependencies = [ "polkavm-derive-impl 0.8.0", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -8128,7 +8128,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8ba81f7b5faac81e528eb6158a6f3c9e0bb1008e0ffa19653bc8dea925ecb429" dependencies = [ "polkavm-derive-impl 0.9.0", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -8241,7 +8241,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "22020dfcf177fcc7bf5deaf7440af371400c67c0de14c399938d8ed4fb4645d3" dependencies = [ "proc-macro2", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -8261,7 +8261,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8d3928fb5db768cb86f891ff014f0144589297e3c6a1aba6ed7cecfdace270c7" dependencies = [ "proc-macro2", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -8338,7 +8338,7 @@ checksum = "834da187cfe638ae8abb0203f0b33e5ccdb02a28e7199f2f47b3e2754f50edca" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -8390,7 +8390,7 @@ checksum = "440f724eba9f6996b75d63681b0a92b06947f1457076d503a4d2e2c8f56442b8" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -8474,7 +8474,7 @@ dependencies = [ "itertools 0.12.1", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -8783,7 +8783,7 @@ checksum = "5fddb4f8d99b0a2ebafc65a87a69a7b9875e4b1ae1f00db265d300ef7f28bccc" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -9487,7 +9487,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -11086,7 +11086,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -11301,7 +11301,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -11323,7 +11323,7 @@ dependencies = [ "proc-macro2", "quote", "scale-info", - "syn 2.0.82", + "syn 2.0.86", "thiserror", ] @@ -11387,7 +11387,7 @@ dependencies = [ "proc-macro2", "quote", "serde_derive_internals", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -11597,7 +11597,7 @@ checksum = "de523f781f095e28fa605cdce0f8307e451cc0fd14e2eb4cd2e98a355b147766" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -11608,7 +11608,7 @@ checksum = "330f01ce65a3a5fe59a60c82f3c9a024b573b8a6e875bd233fe5f934e71d54e3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -11686,7 +11686,7 @@ checksum = "82fe9db325bcef1fbcde82e078a5cc4efdf787e96b3b9cf45b50b529f2083d67" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -12084,7 +12084,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -12099,7 +12099,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -12577,7 +12577,7 @@ checksum = "b85d0f1f1e44bd8617eb2a48203ee854981229e3e79e6f468c7175d5fd37489b" dependencies = [ "quote", "sp-crypto-hashing", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -12598,7 +12598,7 @@ checksum = "48d09fa0a5f7299fb81ee25ae3853d26200f7a348148aed6de76be905c007dbe" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -13111,7 +13111,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -13125,7 +13125,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -13565,7 +13565,7 @@ dependencies = [ "parity-scale-codec", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -13577,7 +13577,7 @@ dependencies = [ "parity-scale-codec", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -13823,7 +13823,7 @@ dependencies = [ "proc-macro2", "quote", "rustversion", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -14005,7 +14005,7 @@ dependencies = [ "scale-info", "scale-typegen", "subxt-metadata", - "syn 2.0.82", + "syn 2.0.86", "thiserror", "tokio", ] @@ -14049,7 +14049,7 @@ dependencies = [ "quote", "scale-typegen", "subxt-codegen", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -14102,9 +14102,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.82" +version = "2.0.86" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "83540f837a8afc019423a8edb95b52a8effe46957ee402287f4292fae35be021" +checksum = "e89275301d38033efb81a6e60e3497e734dfcc62571f2854bf4b16690398824c" dependencies = [ "proc-macro2", "quote", @@ -14282,22 +14282,22 @@ checksum = "3369f5ac52d5eb6ab48c6b4ffdc8efbcad6b89c765749064ba298f2c68a16a76" [[package]] name = "thiserror" -version = "1.0.65" +version = "1.0.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d11abd9594d9b38965ef50805c5e469ca9cc6f197f883f717e0269a3057b3d5" +checksum = "5d171f59dbaa811dbbb1aee1e73db92ec2b122911a48e1390dfe327a821ddede" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.65" +version = "1.0.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae71770322cbd277e69d762a16c444af02aa0575ac0d174f0b9562d3b37f8602" +checksum = "b08be0f17bd307950653ce45db00cd31200d82b624b36e181337d9c7d92765b5" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -14418,7 +14418,7 @@ checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -14676,7 +14676,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -15228,7 +15228,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", "wasm-bindgen-shared", ] @@ -15284,7 +15284,7 @@ checksum = "26c6ab57572f7a24a4985830b120de1594465e5d500f24afe89e16b4e833ef68" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -15637,7 +15637,7 @@ dependencies = [ "anyhow", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", "wasmtime-component-util", "wasmtime-wit-bindgen", "wit-parser 0.9.2", @@ -15961,7 +15961,7 @@ checksum = "ca7af9bb3ee875c4907835e607a275d10b04d15623d3aebe01afe8fbd3f85050" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -16481,7 +16481,7 @@ checksum = "78cce32dd08007af45dbaa00e225eb73d05524096f93933d7ecba852d50d8af3" dependencies = [ "anyhow", "proc-macro2", - "syn 2.0.82", + "syn 2.0.86", "wit-bindgen-core", "wit-bindgen-rust", "wit-component", @@ -16713,7 +16713,7 @@ checksum = "9ce1b18ccd8e73a9321186f97e46f9f04b778851177567b1975109d26a08d2a6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] @@ -16733,7 +16733,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.86", ] [[package]] diff --git a/crates/client/Cargo.toml b/crates/client/Cargo.toml index 2bafc3fa1..6d986713b 100644 --- a/crates/client/Cargo.toml +++ b/crates/client/Cargo.toml @@ -14,7 +14,7 @@ serde ={ version="1.0", default-features=false, features=["derive"] } entropy-shared={ version="0.3.0-rc.1", path="../shared", default-features=false } subxt ={ version="0.35.3", default-features=false, features=["jsonrpsee"] } num ="0.4.3" -thiserror ="1.0.65" +thiserror ="1.0.66" futures ="0.3" sp-core ={ version="31.0.0", default-features=false, features=["full_crypto", "serde"] } tracing ="0.1.37" @@ -30,7 +30,7 @@ reqwest ={ version="0.12.9", features=["json", "stream"], optional=true base64 ={ version="0.22.0", optional=true } synedrion ={ version="0.2.0-beta.0", optional=true } hex ={ version="0.4.3", optional=true } -anyhow ="1.0.91" +anyhow ="1.0.92" # Only for the browser js-sys={ version="0.3.72", optional=true } diff --git a/crates/kvdb/Cargo.toml b/crates/kvdb/Cargo.toml index 4044ceade..46932061c 100644 --- a/crates/kvdb/Cargo.toml +++ b/crates/kvdb/Cargo.toml @@ -12,7 +12,7 @@ edition ='2021' # Common rand ={ version="0.8", default-features=false } serde ={ version="1.0", features=["derive"] } -thiserror="1.0.65" +thiserror="1.0.66" hex ="0.4.3" # Substrate diff --git a/crates/protocol/Cargo.toml b/crates/protocol/Cargo.toml index 5e88c3dcf..031f03db6 100644 --- a/crates/protocol/Cargo.toml +++ b/crates/protocol/Cargo.toml @@ -20,7 +20,7 @@ x25519-dalek ={ version="2.0.1", features=["static_secrets"] } futures ="0.3" hex ="0.4.3" blake2 ="0.10.4" -thiserror ="1.0.65" +thiserror ="1.0.66" snow ="0.9.6" getrandom ={ version="0.2", features=["js"] } rand_core ={ version="0.6.4", features=["getrandom"] } @@ -49,7 +49,7 @@ schnorrkel ={ version="0.11.4", default-features=false, features=["std" [dev-dependencies] serial_test="3.1.1" sp-keyring ="34.0.0" -anyhow ="1.0.91" +anyhow ="1.0.92" num_cpus ="1.16.0" [features] diff --git a/crates/test-cli/Cargo.toml b/crates/test-cli/Cargo.toml index 192915798..e4e69ec7b 100644 --- a/crates/test-cli/Cargo.toml +++ b/crates/test-cli/Cargo.toml @@ -14,7 +14,7 @@ clap ={ version="4.5.20", features=["derive"] } colored ="2.0.4" subxt ="0.35.3" sp-core ="31.0.0" -anyhow ="1.0.91" +anyhow ="1.0.92" tokio ={ version="1.41", features=["macros", "rt-multi-thread", "io-util", "process"] } hex ="0.4.3" bincode ="1.3.3" diff --git a/crates/threshold-signature-server/Cargo.toml b/crates/threshold-signature-server/Cargo.toml index 4f07b96c9..9a1000050 100644 --- a/crates/threshold-signature-server/Cargo.toml +++ b/crates/threshold-signature-server/Cargo.toml @@ -12,8 +12,8 @@ edition ='2021' # Common serde ={ version="1.0", default-features=false, features=["derive"] } serde_json ="1.0" -anyhow ="1.0.91" -thiserror ="1.0.65" +anyhow ="1.0.92" +thiserror ="1.0.66" blake2 ="0.10.4" x25519-dalek ={ version="2.0.1", features=["static_secrets"] } rand_core ="0.6.4" From 4528bf8112414ce3ab3a2a51cd12aa85aa725c7b Mon Sep 17 00:00:00 2001 From: peg Date: Fri, 1 Nov 2024 17:09:05 +0100 Subject: [PATCH 12/18] Concurrently process messages in protocol execution loop (#1136) * Re-apply fjarris suggestions * Use RwLock rather than mutex * Dont use a mutex * Error handling * Error handling * Tidy * Also concurrently process outgoing messages * Only send outgoing messages if there are messages to send * Error handling * Dont use more than 16 worker threads * Use join handle for outgoing messages * Tidy --- crates/protocol/src/errors.rs | 16 +++ crates/protocol/src/execute_protocol.rs | 135 +++++++++++++++--------- crates/protocol/tests/protocol.rs | 25 +++-- 3 files changed, 116 insertions(+), 60 deletions(-) diff --git a/crates/protocol/src/errors.rs b/crates/protocol/src/errors.rs index b76ec1d59..6555a05e4 100644 --- a/crates/protocol/src/errors.rs +++ b/crates/protocol/src/errors.rs @@ -31,6 +31,10 @@ pub enum GenericProtocolError { Broadcast(#[from] Box>), #[error("Mpsc send error: {0}")] Mpsc(#[from] tokio::sync::mpsc::error::SendError), + #[error("Could not get session out of Arc - session has finalized before message processing finished")] + ArcUnwrapError, + #[error("Message processing task panic or cancellation: {0}")] + JoinHandle(#[from] tokio::task::JoinError), } impl From for GenericProtocolError { @@ -61,6 +65,8 @@ impl From>> GenericProtocolError::IncomingStream(err) => ProtocolExecutionErr::IncomingStream(err), GenericProtocolError::Broadcast(err) => ProtocolExecutionErr::Broadcast(err), GenericProtocolError::Mpsc(err) => ProtocolExecutionErr::Mpsc(err), + GenericProtocolError::ArcUnwrapError => ProtocolExecutionErr::ArcUnwrapError, + GenericProtocolError::JoinHandle(err) => ProtocolExecutionErr::JoinHandle(err), } } } @@ -73,6 +79,8 @@ impl From>> for ProtocolE GenericProtocolError::IncomingStream(err) => ProtocolExecutionErr::IncomingStream(err), GenericProtocolError::Broadcast(err) => ProtocolExecutionErr::Broadcast(err), GenericProtocolError::Mpsc(err) => ProtocolExecutionErr::Mpsc(err), + GenericProtocolError::ArcUnwrapError => ProtocolExecutionErr::ArcUnwrapError, + GenericProtocolError::JoinHandle(err) => ProtocolExecutionErr::JoinHandle(err), } } } @@ -85,6 +93,8 @@ impl From>> for Prot GenericProtocolError::IncomingStream(err) => ProtocolExecutionErr::IncomingStream(err), GenericProtocolError::Broadcast(err) => ProtocolExecutionErr::Broadcast(err), GenericProtocolError::Mpsc(err) => ProtocolExecutionErr::Mpsc(err), + GenericProtocolError::ArcUnwrapError => ProtocolExecutionErr::ArcUnwrapError, + GenericProtocolError::JoinHandle(err) => ProtocolExecutionErr::JoinHandle(err), } } } @@ -97,6 +107,8 @@ impl From>> for ProtocolEx GenericProtocolError::IncomingStream(err) => ProtocolExecutionErr::IncomingStream(err), GenericProtocolError::Broadcast(err) => ProtocolExecutionErr::Broadcast(err), GenericProtocolError::Mpsc(err) => ProtocolExecutionErr::Mpsc(err), + GenericProtocolError::ArcUnwrapError => ProtocolExecutionErr::ArcUnwrapError, + GenericProtocolError::JoinHandle(err) => ProtocolExecutionErr::JoinHandle(err), } } } @@ -136,6 +148,10 @@ pub enum ProtocolExecutionErr { BadVerifyingKey(String), #[error("Expected verifying key but got a protocol message")] UnexpectedMessage, + #[error("Could not get session out of Arc")] + ArcUnwrapError, + #[error("Message processing task panic or cancellation: {0}")] + JoinHandle(#[from] tokio::task::JoinError), } #[derive(Debug, Error)] diff --git a/crates/protocol/src/execute_protocol.rs b/crates/protocol/src/execute_protocol.rs index c7df58fe0..835f3c673 100644 --- a/crates/protocol/src/execute_protocol.rs +++ b/crates/protocol/src/execute_protocol.rs @@ -15,10 +15,11 @@ //! A wrapper for the threshold signing library to handle sending and receiving messages. +use futures::future::try_join_all; use num::bigint::BigUint; use rand_core::{CryptoRngCore, OsRng}; use sp_core::{sr25519, Pair}; -use std::collections::VecDeque; +use std::sync::Arc; use subxt::utils::AccountId32; use synedrion::{ ecdsa::VerifyingKey, @@ -69,11 +70,15 @@ impl RandomizedPrehashSigner for PairWrapper { } } -pub async fn execute_protocol_generic( +pub async fn execute_protocol_generic( mut chans: Channels, session: Session, session_id_hash: [u8; 32], -) -> Result<(Res::Success, Channels), GenericProtocolError> { +) -> Result<(Res::Success, Channels), GenericProtocolError> +where + ::ProvableError: std::marker::Send, + ::CorrectnessProof: std::marker::Send, +{ let session_id = synedrion::SessionId::from_seed(&session_id_hash); let tx = &chans.0; let rx = &mut chans.1; @@ -85,64 +90,96 @@ pub async fn execute_protocol_generic( loop { let mut accum = session.make_accumulator(); - - // Send out messages - let destinations = session.message_destinations(); - // TODO (#641): this can happen in a spawned task - for destination in destinations.iter() { - let (message, artifact) = session.make_message(&mut OsRng, destination)?; - tx.send(ProtocolMessage::new(&my_id, destination, message))?; - - // This will happen in a host task - accum.add_artifact(artifact)?; + let current_round = session.current_round(); + let session_arc = Arc::new(session); + + // Send outgoing messages + let destinations = session_arc.message_destinations(); + let join_handles = destinations.iter().map(|destination| { + let session_arc = session_arc.clone(); + let tx = tx.clone(); + let my_id = my_id.clone(); + let destination = destination.clone(); + tokio::spawn(async move { + session_arc + .make_message(&mut OsRng, &destination) + .map(|(message, artifact)| { + tx.send(ProtocolMessage::new(&my_id, &destination, message)) + .map(|_| artifact) + .map_err(|err| { + let err: GenericProtocolError = err.into(); + err + }) + }) + .map_err(|err| { + let err: GenericProtocolError = err.into(); + err + }) + }) + }); + + for result in try_join_all(join_handles).await? { + accum.add_artifact(result??)?; } - for preprocessed in cached_messages { - // TODO (#641): this may happen in a spawned task. - let processed = session.process_message(&mut OsRng, preprocessed)?; + // Process cached messages + let join_handles = cached_messages.into_iter().map(|preprocessed| { + let session_arc = session_arc.clone(); + tokio::spawn(async move { session_arc.process_message(&mut OsRng, preprocessed) }) + }); - // This will happen in a host task. - accum.add_processed_message(processed)??; + for result in try_join_all(join_handles).await? { + accum.add_processed_message(result?)??; } - while !session.can_finalize(&accum)? { - let mut messages_for_later = VecDeque::new(); - let (from, payload) = loop { - let message = rx.recv().await.ok_or_else(|| { - GenericProtocolError::::IncomingStream(format!( - "{:?}", - session.current_round() - )) - })?; - - if let ProtocolMessagePayload::MessageBundle(payload) = message.payload.clone() { - if payload.session_id() == &session_id { - break (message.from, *payload); + // Receive and process incoming messages + let (process_tx, mut process_rx) = mpsc::channel(1024); + while !session_arc.can_finalize(&accum)? { + tokio::select! { + // Incoming message from remote peer + maybe_message = rx.recv() => { + let message = maybe_message.ok_or_else(|| { + GenericProtocolError::IncomingStream(format!("{:?}", current_round)) + })?; + + if let ProtocolMessagePayload::MessageBundle(payload) = message.payload.clone() { + if payload.session_id() == &session_id { + // Perform quick checks before proceeding with the verification. + let preprocessed = + session_arc.preprocess_message(&mut accum, &message.from, *payload)?; + + if let Some(preprocessed) = preprocessed { + let session_arc = session_arc.clone(); + let tx = process_tx.clone(); + tokio::spawn(async move { + let result = session_arc.process_message(&mut OsRng, preprocessed); + if tx.send(result).await.is_err() { + tracing::error!("Protocol finished before message processing result sent"); + } + }); + } + } else { + tracing::warn!("Got protocol message with incorrect session ID - putting back in queue"); + tx.incoming_sender.send(message).await?; + } } else { - tracing::warn!("Got protocol message with incorrect session ID - putting back in queue"); - messages_for_later.push_back(message); + tracing::warn!("Got verifying key during protocol - ignoring"); } - } else { - tracing::warn!("Got verifying key during protocol - ignoring"); } - }; - // Put messages which were not for this session back onto the incoming message channel - for message in messages_for_later.into_iter() { - tx.incoming_sender.send(message).await?; - } - // Perform quick checks before proceeding with the verification. - let preprocessed = session.preprocess_message(&mut accum, &from, payload)?; - if let Some(preprocessed) = preprocessed { - // TODO (#641): this may happen in a spawned task. - let result = session.process_message(&mut OsRng, preprocessed)?; - - // This will happen in a host task. - accum.add_processed_message(result)??; + // Result from processing a message + maybe_result = process_rx.recv() => { + if let Some(result) = maybe_result { + accum.add_processed_message(result?)??; + } + } } } - match session.finalize_round(&mut OsRng, accum)? { + // Get session back out of Arc + let session_inner = + Arc::try_unwrap(session_arc).map_err(|_| GenericProtocolError::ArcUnwrapError)?; + match session_inner.finalize_round(&mut OsRng, accum)? { FinalizeOutcome::Success(res) => break Ok((res, chans)), FinalizeOutcome::AnotherRound { session: new_session, diff --git a/crates/protocol/tests/protocol.rs b/crates/protocol/tests/protocol.rs index 73c19d814..19e04adaa 100644 --- a/crates/protocol/tests/protocol.rs +++ b/crates/protocol/tests/protocol.rs @@ -22,7 +22,7 @@ use futures::future; use rand_core::OsRng; use serial_test::serial; use sp_core::{sr25519, Pair}; -use std::time::Instant; +use std::{cmp::min, time::Instant}; use subxt::utils::AccountId32; use synedrion::{ecdsa::VerifyingKey, AuxInfo, KeyShare, ThresholdKeyShare}; use tokio::{net::TcpListener, runtime::Runtime, sync::oneshot}; @@ -33,37 +33,40 @@ use helpers::{server, ProtocolOutput}; use std::collections::BTreeSet; +/// The maximum number of worker threads that tokio should use +const MAX_THREADS: usize = 16; + #[test] #[serial] fn sign_protocol_with_time_logged() { - let cpus = num_cpus::get(); - get_tokio_runtime(cpus).block_on(async { - test_sign_with_parties(cpus).await; + let num_parties = min(num_cpus::get(), MAX_THREADS); + get_tokio_runtime(num_parties).block_on(async { + test_sign_with_parties(num_parties).await; }) } #[test] #[serial] fn refresh_protocol_with_time_logged() { - let cpus = num_cpus::get(); - get_tokio_runtime(cpus).block_on(async { - test_refresh_with_parties(cpus).await; + let num_parties = min(num_cpus::get(), MAX_THREADS); + get_tokio_runtime(num_parties).block_on(async { + test_refresh_with_parties(num_parties).await; }) } #[test] #[serial] fn dkg_protocol_with_time_logged() { - let cpus = num_cpus::get(); - get_tokio_runtime(cpus).block_on(async { - test_dkg_with_parties(cpus).await; + let num_parties = min(num_cpus::get(), MAX_THREADS); + get_tokio_runtime(num_parties).block_on(async { + test_dkg_with_parties(num_parties).await; }) } #[test] #[serial] fn t_of_n_dkg_and_sign() { - let cpus = num_cpus::get(); + let cpus = min(num_cpus::get(), MAX_THREADS); // For this test we need at least 3 parties let parties = 3; get_tokio_runtime(cpus).block_on(async { From df9c245f68d6f8a692c050faeec5d850055e496c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Nov 2024 08:01:54 +0000 Subject: [PATCH 13/18] Bump thiserror from 1.0.66 to 1.0.67 in the patch-dependencies group (#1143) Bumps the patch-dependencies group with 1 update: [thiserror](https://github.com/dtolnay/thiserror). Updates `thiserror` from 1.0.66 to 1.0.67 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](https://github.com/dtolnay/thiserror/compare/1.0.66...1.0.67) --- updated-dependencies: - dependency-name: thiserror dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Cargo.lock | 160 +++++++++---------- crates/client/Cargo.toml | 2 +- crates/kvdb/Cargo.toml | 2 +- crates/protocol/Cargo.toml | 2 +- crates/threshold-signature-server/Cargo.toml | 2 +- 5 files changed, 84 insertions(+), 84 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 3b38789c3..b3e8b6f44 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -239,7 +239,7 @@ dependencies = [ "proc-macro-error", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -600,7 +600,7 @@ checksum = "721cae7de5c34fbb2acd27e21e6d2cf7b886dce0c27388d46c4e6c47ea4318dd" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -636,7 +636,7 @@ checksum = "3c87f3f15e7794432337fc718554eaa4dc8f04c9677a950ffe366f20a162ae42" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -819,7 +819,7 @@ dependencies = [ "regex", "rustc-hash", "shlex", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -1331,7 +1331,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -1883,7 +1883,7 @@ checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -1910,7 +1910,7 @@ dependencies = [ "proc-macro2", "quote", "scratch", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -1927,7 +1927,7 @@ checksum = "ad08a837629ad949b73d032c637653d069e909cffe4ee7870b02301939ce39cc" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -1975,7 +1975,7 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.10.0", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -1997,7 +1997,7 @@ checksum = "a668eda54683121533a393014d8692171709ff57a7d61f187b6e782719f8933f" dependencies = [ "darling_core 0.20.8", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -2082,7 +2082,7 @@ checksum = "8034092389675178f570469e6c3b0465d3d30b4505c294a6550db47f3c17ad18" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -2124,7 +2124,7 @@ checksum = "d65d7ce8132b7c0e54497a4d9a55a1c2a0912a0d786cf894472ba818fba45762" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -2157,7 +2157,7 @@ checksum = "cb7330aeadfbe296029522e6c40f315320aba36fc43a5b3632f3795348f3bd22" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -2246,7 +2246,7 @@ checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -2270,7 +2270,7 @@ dependencies = [ "proc-macro2", "quote", "regex", - "syn 2.0.86", + "syn 2.0.87", "termcolor", "toml 0.8.12", "walkdir", @@ -2884,7 +2884,7 @@ checksum = "5c785274071b1b420972453b306eeca06acf4633829db4223b58a2a8c5953bc4" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -3076,7 +3076,7 @@ dependencies = [ "prettier-please", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -3347,7 +3347,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -3534,7 +3534,7 @@ dependencies = [ "proc-macro2", "quote", "sp-crypto-hashing", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -3554,7 +3554,7 @@ dependencies = [ "proc-macro2", "quote", "sp-crypto-hashing", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -3567,7 +3567,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -3580,7 +3580,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -3591,7 +3591,7 @@ checksum = "68672b9ec6fe72d259d3879dc212c5e42e977588cdac830c76f54d9f492aeb58" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -3602,7 +3602,7 @@ checksum = "ed971c6435503a099bdac99fe4c5bea08981709e5b5a0a8535a1856f48561191" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -3783,7 +3783,7 @@ checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -5008,7 +5008,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -5828,7 +5828,7 @@ dependencies = [ "macro_magic_core", "macro_magic_macros", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -5842,7 +5842,7 @@ dependencies = [ "macro_magic_core_macros", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -5853,7 +5853,7 @@ checksum = "9ea73aa640dc01d62a590d48c0c3521ed739d53b27f919b25c3551e233481654" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -5864,7 +5864,7 @@ checksum = "ef9d79ae96aaba821963320eb2b6e34d17df1e5a83d8a1985c29cc5be59577b3" dependencies = [ "macro_magic_core", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -6553,7 +6553,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -6679,7 +6679,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -7503,7 +7503,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -7926,7 +7926,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -7967,7 +7967,7 @@ checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -8096,7 +8096,7 @@ dependencies = [ "polkavm-common 0.8.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -8108,7 +8108,7 @@ dependencies = [ "polkavm-common 0.9.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -8118,7 +8118,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "15e85319a0d5129dc9f021c62607e0804f5fb777a05cdda44d750ac0732def66" dependencies = [ "polkavm-derive-impl 0.8.0", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -8128,7 +8128,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8ba81f7b5faac81e528eb6158a6f3c9e0bb1008e0ffa19653bc8dea925ecb429" dependencies = [ "polkavm-derive-impl 0.9.0", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -8241,7 +8241,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "22020dfcf177fcc7bf5deaf7440af371400c67c0de14c399938d8ed4fb4645d3" dependencies = [ "proc-macro2", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -8261,7 +8261,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8d3928fb5db768cb86f891ff014f0144589297e3c6a1aba6ed7cecfdace270c7" dependencies = [ "proc-macro2", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -8338,7 +8338,7 @@ checksum = "834da187cfe638ae8abb0203f0b33e5ccdb02a28e7199f2f47b3e2754f50edca" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -8390,7 +8390,7 @@ checksum = "440f724eba9f6996b75d63681b0a92b06947f1457076d503a4d2e2c8f56442b8" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -8474,7 +8474,7 @@ dependencies = [ "itertools 0.12.1", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -8783,7 +8783,7 @@ checksum = "5fddb4f8d99b0a2ebafc65a87a69a7b9875e4b1ae1f00db265d300ef7f28bccc" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -9487,7 +9487,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -11086,7 +11086,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -11301,7 +11301,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -11323,7 +11323,7 @@ dependencies = [ "proc-macro2", "quote", "scale-info", - "syn 2.0.86", + "syn 2.0.87", "thiserror", ] @@ -11387,7 +11387,7 @@ dependencies = [ "proc-macro2", "quote", "serde_derive_internals", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -11597,7 +11597,7 @@ checksum = "de523f781f095e28fa605cdce0f8307e451cc0fd14e2eb4cd2e98a355b147766" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -11608,7 +11608,7 @@ checksum = "330f01ce65a3a5fe59a60c82f3c9a024b573b8a6e875bd233fe5f934e71d54e3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -11686,7 +11686,7 @@ checksum = "82fe9db325bcef1fbcde82e078a5cc4efdf787e96b3b9cf45b50b529f2083d67" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -12084,7 +12084,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -12099,7 +12099,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -12577,7 +12577,7 @@ checksum = "b85d0f1f1e44bd8617eb2a48203ee854981229e3e79e6f468c7175d5fd37489b" dependencies = [ "quote", "sp-crypto-hashing", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -12598,7 +12598,7 @@ checksum = "48d09fa0a5f7299fb81ee25ae3853d26200f7a348148aed6de76be905c007dbe" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -13111,7 +13111,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -13125,7 +13125,7 @@ dependencies = [ "proc-macro-crate 3.1.0", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -13565,7 +13565,7 @@ dependencies = [ "parity-scale-codec", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -13577,7 +13577,7 @@ dependencies = [ "parity-scale-codec", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -13823,7 +13823,7 @@ dependencies = [ "proc-macro2", "quote", "rustversion", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -14005,7 +14005,7 @@ dependencies = [ "scale-info", "scale-typegen", "subxt-metadata", - "syn 2.0.86", + "syn 2.0.87", "thiserror", "tokio", ] @@ -14049,7 +14049,7 @@ dependencies = [ "quote", "scale-typegen", "subxt-codegen", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -14102,9 +14102,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.86" +version = "2.0.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e89275301d38033efb81a6e60e3497e734dfcc62571f2854bf4b16690398824c" +checksum = "25aa4ce346d03a6dcd68dd8b4010bcb74e54e62c90c573f394c46eae99aba32d" dependencies = [ "proc-macro2", "quote", @@ -14282,22 +14282,22 @@ checksum = "3369f5ac52d5eb6ab48c6b4ffdc8efbcad6b89c765749064ba298f2c68a16a76" [[package]] name = "thiserror" -version = "1.0.66" +version = "1.0.67" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d171f59dbaa811dbbb1aee1e73db92ec2b122911a48e1390dfe327a821ddede" +checksum = "3b3c6efbfc763e64eb85c11c25320f0737cb7364c4b6336db90aa9ebe27a0bbd" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.66" +version = "1.0.67" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b08be0f17bd307950653ce45db00cd31200d82b624b36e181337d9c7d92765b5" +checksum = "b607164372e89797d78b8e23a6d67d5d1038c1c65efd52e1389ef8b77caba2a6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -14418,7 +14418,7 @@ checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -14676,7 +14676,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -15228,7 +15228,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", "wasm-bindgen-shared", ] @@ -15284,7 +15284,7 @@ checksum = "26c6ab57572f7a24a4985830b120de1594465e5d500f24afe89e16b4e833ef68" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -15637,7 +15637,7 @@ dependencies = [ "anyhow", "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", "wasmtime-component-util", "wasmtime-wit-bindgen", "wit-parser 0.9.2", @@ -15961,7 +15961,7 @@ checksum = "ca7af9bb3ee875c4907835e607a275d10b04d15623d3aebe01afe8fbd3f85050" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -16481,7 +16481,7 @@ checksum = "78cce32dd08007af45dbaa00e225eb73d05524096f93933d7ecba852d50d8af3" dependencies = [ "anyhow", "proc-macro2", - "syn 2.0.86", + "syn 2.0.87", "wit-bindgen-core", "wit-bindgen-rust", "wit-component", @@ -16713,7 +16713,7 @@ checksum = "9ce1b18ccd8e73a9321186f97e46f9f04b778851177567b1975109d26a08d2a6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] @@ -16733,7 +16733,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.86", + "syn 2.0.87", ] [[package]] diff --git a/crates/client/Cargo.toml b/crates/client/Cargo.toml index 6d986713b..dda8c8fee 100644 --- a/crates/client/Cargo.toml +++ b/crates/client/Cargo.toml @@ -14,7 +14,7 @@ serde ={ version="1.0", default-features=false, features=["derive"] } entropy-shared={ version="0.3.0-rc.1", path="../shared", default-features=false } subxt ={ version="0.35.3", default-features=false, features=["jsonrpsee"] } num ="0.4.3" -thiserror ="1.0.66" +thiserror ="1.0.67" futures ="0.3" sp-core ={ version="31.0.0", default-features=false, features=["full_crypto", "serde"] } tracing ="0.1.37" diff --git a/crates/kvdb/Cargo.toml b/crates/kvdb/Cargo.toml index 46932061c..06a2152c2 100644 --- a/crates/kvdb/Cargo.toml +++ b/crates/kvdb/Cargo.toml @@ -12,7 +12,7 @@ edition ='2021' # Common rand ={ version="0.8", default-features=false } serde ={ version="1.0", features=["derive"] } -thiserror="1.0.66" +thiserror="1.0.67" hex ="0.4.3" # Substrate diff --git a/crates/protocol/Cargo.toml b/crates/protocol/Cargo.toml index 031f03db6..dccc09335 100644 --- a/crates/protocol/Cargo.toml +++ b/crates/protocol/Cargo.toml @@ -20,7 +20,7 @@ x25519-dalek ={ version="2.0.1", features=["static_secrets"] } futures ="0.3" hex ="0.4.3" blake2 ="0.10.4" -thiserror ="1.0.66" +thiserror ="1.0.67" snow ="0.9.6" getrandom ={ version="0.2", features=["js"] } rand_core ={ version="0.6.4", features=["getrandom"] } diff --git a/crates/threshold-signature-server/Cargo.toml b/crates/threshold-signature-server/Cargo.toml index 9a1000050..bbf74c54c 100644 --- a/crates/threshold-signature-server/Cargo.toml +++ b/crates/threshold-signature-server/Cargo.toml @@ -13,7 +13,7 @@ edition ='2021' serde ={ version="1.0", default-features=false, features=["derive"] } serde_json ="1.0" anyhow ="1.0.92" -thiserror ="1.0.66" +thiserror ="1.0.67" blake2 ="0.10.4" x25519-dalek ={ version="2.0.1", features=["static_secrets"] } rand_core ="0.6.4" From b2def0abc11129161477d0d36fe2201bee2e923f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Nov 2024 07:58:36 +0000 Subject: [PATCH 14/18] Bump thiserror from 1.0.67 to 1.0.68 in the patch-dependencies group (#1146) Bumps the patch-dependencies group with 1 update: [thiserror](https://github.com/dtolnay/thiserror). Updates `thiserror` from 1.0.67 to 1.0.68 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](https://github.com/dtolnay/thiserror/compare/1.0.67...1.0.68) --- updated-dependencies: - dependency-name: thiserror dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Cargo.lock | 8 ++++---- crates/client/Cargo.toml | 2 +- crates/kvdb/Cargo.toml | 2 +- crates/protocol/Cargo.toml | 2 +- crates/threshold-signature-server/Cargo.toml | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index b3e8b6f44..702a3f9b1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -14282,18 +14282,18 @@ checksum = "3369f5ac52d5eb6ab48c6b4ffdc8efbcad6b89c765749064ba298f2c68a16a76" [[package]] name = "thiserror" -version = "1.0.67" +version = "1.0.68" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b3c6efbfc763e64eb85c11c25320f0737cb7364c4b6336db90aa9ebe27a0bbd" +checksum = "02dd99dc800bbb97186339685293e1cc5d9df1f8fae2d0aecd9ff1c77efea892" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.67" +version = "1.0.68" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b607164372e89797d78b8e23a6d67d5d1038c1c65efd52e1389ef8b77caba2a6" +checksum = "a7c61ec9a6f64d2793d8a45faba21efbe3ced62a886d44c36a009b2b519b4c7e" dependencies = [ "proc-macro2", "quote", diff --git a/crates/client/Cargo.toml b/crates/client/Cargo.toml index dda8c8fee..36e5a27e1 100644 --- a/crates/client/Cargo.toml +++ b/crates/client/Cargo.toml @@ -14,7 +14,7 @@ serde ={ version="1.0", default-features=false, features=["derive"] } entropy-shared={ version="0.3.0-rc.1", path="../shared", default-features=false } subxt ={ version="0.35.3", default-features=false, features=["jsonrpsee"] } num ="0.4.3" -thiserror ="1.0.67" +thiserror ="1.0.68" futures ="0.3" sp-core ={ version="31.0.0", default-features=false, features=["full_crypto", "serde"] } tracing ="0.1.37" diff --git a/crates/kvdb/Cargo.toml b/crates/kvdb/Cargo.toml index 06a2152c2..5efcae38b 100644 --- a/crates/kvdb/Cargo.toml +++ b/crates/kvdb/Cargo.toml @@ -12,7 +12,7 @@ edition ='2021' # Common rand ={ version="0.8", default-features=false } serde ={ version="1.0", features=["derive"] } -thiserror="1.0.67" +thiserror="1.0.68" hex ="0.4.3" # Substrate diff --git a/crates/protocol/Cargo.toml b/crates/protocol/Cargo.toml index dccc09335..470013cff 100644 --- a/crates/protocol/Cargo.toml +++ b/crates/protocol/Cargo.toml @@ -20,7 +20,7 @@ x25519-dalek ={ version="2.0.1", features=["static_secrets"] } futures ="0.3" hex ="0.4.3" blake2 ="0.10.4" -thiserror ="1.0.67" +thiserror ="1.0.68" snow ="0.9.6" getrandom ={ version="0.2", features=["js"] } rand_core ={ version="0.6.4", features=["getrandom"] } diff --git a/crates/threshold-signature-server/Cargo.toml b/crates/threshold-signature-server/Cargo.toml index bbf74c54c..ef2652f41 100644 --- a/crates/threshold-signature-server/Cargo.toml +++ b/crates/threshold-signature-server/Cargo.toml @@ -13,7 +13,7 @@ edition ='2021' serde ={ version="1.0", default-features=false, features=["derive"] } serde_json ="1.0" anyhow ="1.0.92" -thiserror ="1.0.67" +thiserror ="1.0.68" blake2 ="0.10.4" x25519-dalek ={ version="2.0.1", features=["static_secrets"] } rand_core ="0.6.4" From 2e6418f1ad8cd0a17bfaa1df51eef50b6be49c24 Mon Sep 17 00:00:00 2001 From: peg Date: Tue, 5 Nov 2024 09:50:24 +0100 Subject: [PATCH 15/18] Protocol message versioning (#1140) * Add version number to subscribe message and check it * Doccomments * Comments * Changelog --- CHANGELOG.md | 3 + crates/protocol/src/lib.rs | 7 +++ .../protocol/src/protocol_transport/errors.rs | 9 +++ .../protocol_transport/subscribe_message.rs | 59 ++++++++++++++++++- .../src/signing_client/errors.rs | 4 ++ .../src/signing_client/protocol_transport.rs | 6 ++ 6 files changed, 85 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index be9f22026..ada5aaea8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,9 @@ At the moment this project **does not** adhere to was added to the staking extension pallet's `Config` trait. - In [#1134](https://github.com/entropyxyz/entropy-core/pull/1134/) the ```no-sync``` option was removed +### Added +- Protocol message versioning ([#1140](https://github.com/entropyxyz/entropy-core/pull/1140)) + ### Changed - Use correct key rotation endpoint in OCW ([#1104](https://github.com/entropyxyz/entropy-core/pull/1104)) - Change attestation flow to be pull based ([#1109](https://github.com/entropyxyz/entropy-core/pull/1109/)) diff --git a/crates/protocol/src/lib.rs b/crates/protocol/src/lib.rs index 648f0d96c..27770df46 100644 --- a/crates/protocol/src/lib.rs +++ b/crates/protocol/src/lib.rs @@ -46,6 +46,13 @@ use synedrion::{ AuxInfo, ThresholdKeyShare, }; +/// The current version number of the protocol message format or protocols themselves +pub const PROTOCOL_MESSAGE_VERSION: u32 = 1; + +/// Currently supported protocol message versions for backward compatibility +/// This must contain the current version +pub const SUPPORTED_PROTOCOL_MESSAGE_VERSIONS: [u32; 1] = [PROTOCOL_MESSAGE_VERSION]; + /// Identifies a party participating in a protocol session #[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq, PartialOrd, Ord)] pub struct PartyId(AccountId32); diff --git a/crates/protocol/src/protocol_transport/errors.rs b/crates/protocol/src/protocol_transport/errors.rs index be954884c..b22f7d93b 100644 --- a/crates/protocol/src/protocol_transport/errors.rs +++ b/crates/protocol/src/protocol_transport/errors.rs @@ -65,3 +65,12 @@ pub enum EncryptedConnectionErr { #[error("Could not get remote public key")] RemotePublicKey, } + +/// Error when checking supported protocol versions +#[derive(Debug, Error, PartialEq)] +pub enum ProtocolVersionMismatchError { + #[error("This version of the protocol is newer than ours - we are on version {0}")] + VersionTooNew(u32), + #[error("This version of the protocol is no longer supported - the oldest we support is {0}")] + VersionTooOld(u32), +} diff --git a/crates/protocol/src/protocol_transport/subscribe_message.rs b/crates/protocol/src/protocol_transport/subscribe_message.rs index 01eeb2275..7e47d02f4 100644 --- a/crates/protocol/src/protocol_transport/subscribe_message.rs +++ b/crates/protocol/src/protocol_transport/subscribe_message.rs @@ -13,11 +13,13 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -use crate::SessionId; +use crate::{SessionId, PROTOCOL_MESSAGE_VERSION, SUPPORTED_PROTOCOL_MESSAGE_VERSIONS}; use serde::{Deserialize, Serialize}; use sp_core::{sr25519, Pair}; use subxt::utils::AccountId32; +use super::errors::ProtocolVersionMismatchError; + /// A message sent by a party when initiating a websocket connection to participate /// in the signing or DKG protcol #[derive(Debug, Clone, Serialize, Deserialize)] @@ -29,14 +31,20 @@ pub struct SubscribeMessage { pub public_key: sr25519::Public, /// Signature to authenticate connecting party pub signature: sr25519::Signature, + /// Specifies the version of the protocol messages which will be used for this session + pub version: u32, } impl SubscribeMessage { pub fn new(session_id: SessionId, pair: &sr25519::Pair) -> Result { let session_id_serialized = bincode::serialize(&session_id)?; - let signature = pair.sign(&session_id_serialized); - Ok(Self { session_id, public_key: pair.public(), signature }) + Ok(Self { + session_id, + public_key: pair.public(), + signature, + version: PROTOCOL_MESSAGE_VERSION, + }) } pub fn account_id(&self) -> AccountId32 { @@ -47,4 +55,49 @@ impl SubscribeMessage { let session_id_serialized = bincode::serialize(&self.session_id)?; Ok(sr25519::Pair::verify(&self.signature, session_id_serialized, &self.public_key)) } + + pub fn check_supported(&self) -> Result<(), ProtocolVersionMismatchError> { + if self.version > PROTOCOL_MESSAGE_VERSION { + Err(ProtocolVersionMismatchError::VersionTooNew(PROTOCOL_MESSAGE_VERSION)) + } else if !SUPPORTED_PROTOCOL_MESSAGE_VERSIONS.contains(&self.version) { + Err(ProtocolVersionMismatchError::VersionTooOld( + *SUPPORTED_PROTOCOL_MESSAGE_VERSIONS + .iter() + .min() + .expect("At least one protocol message version must be supported"), + )) + } else { + Ok(()) + } + } +} + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn test_protocol_version_check() { + let session_id = SessionId::Dkg { block_number: 0 }; + let pair = sr25519::Pair::from_seed(&[0; 32]); + let subscribe_message = SubscribeMessage::new(session_id.clone(), &pair).unwrap(); + assert!(subscribe_message.check_supported().is_ok()); + + let session_id_serialized = bincode::serialize(&session_id).unwrap(); + let signature = pair.sign(&session_id_serialized); + let mut subscribe_message = + SubscribeMessage { session_id, public_key: pair.public(), signature, version: 0 }; + assert_eq!( + subscribe_message.check_supported(), + Err(ProtocolVersionMismatchError::VersionTooOld( + *SUPPORTED_PROTOCOL_MESSAGE_VERSIONS.iter().min().unwrap() + )) + ); + + subscribe_message.version = 2; + assert_eq!( + subscribe_message.check_supported(), + Err(ProtocolVersionMismatchError::VersionTooNew(PROTOCOL_MESSAGE_VERSION)) + ); + } } diff --git a/crates/threshold-signature-server/src/signing_client/errors.rs b/crates/threshold-signature-server/src/signing_client/errors.rs index abe5c9065..4079c0162 100644 --- a/crates/threshold-signature-server/src/signing_client/errors.rs +++ b/crates/threshold-signature-server/src/signing_client/errors.rs @@ -139,6 +139,10 @@ pub enum SubscribeErr { UserError(String), #[error("Listener: {0}")] Listener(#[from] entropy_protocol::errors::ListenerErr), + #[error("Protocol version mismatch: {0}")] + VersionMismatch( + #[from] entropy_protocol::protocol_transport::errors::ProtocolVersionMismatchError, + ), } impl IntoResponse for SubscribeErr { diff --git a/crates/threshold-signature-server/src/signing_client/protocol_transport.rs b/crates/threshold-signature-server/src/signing_client/protocol_transport.rs index 992e777f2..4912e2dce 100644 --- a/crates/threshold-signature-server/src/signing_client/protocol_transport.rs +++ b/crates/threshold-signature-server/src/signing_client/protocol_transport.rs @@ -84,6 +84,8 @@ pub async fn open_protocol_connections( .map_err(|e| ProtocolErr::EncryptedConnection(e.to_string()))?; let subscribe_response: Result<(), String> = bincode::deserialize(&response_message)?; if let Err(error_message) = subscribe_response { + // In future versions, we can check here if the error is VersionTooNew(version) + // and if possible the downgrade protocol messages used to be backward compatible return Err(ProtocolErr::BadSubscribeMessage(error_message)); } @@ -158,6 +160,10 @@ async fn handle_initial_incoming_ws_message( let msg: SubscribeMessage = bincode::deserialize(&serialized_subscribe_message)?; tracing::info!("Got ws connection, with message: {msg:?}"); + // In future versions we may have backwards compatibility with the + // old version and be able to recover here + msg.check_supported()?; + if !msg.verify()? { return Err(SubscribeErr::InvalidSignature("Invalid signature.")); } From 2acaeff4494efa6b000a651944c7f428dec357ab Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 6 Nov 2024 07:48:02 +0000 Subject: [PATCH 16/18] Bump anyhow from 1.0.92 to 1.0.93 in the patch-dependencies group (#1149) Bumps the patch-dependencies group with 1 update: [anyhow](https://github.com/dtolnay/anyhow). Updates `anyhow` from 1.0.92 to 1.0.93 - [Release notes](https://github.com/dtolnay/anyhow/releases) - [Commits](https://github.com/dtolnay/anyhow/compare/1.0.92...1.0.93) --- updated-dependencies: - dependency-name: anyhow dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Cargo.lock | 4 ++-- crates/client/Cargo.toml | 2 +- crates/protocol/Cargo.toml | 2 +- crates/test-cli/Cargo.toml | 2 +- crates/threshold-signature-server/Cargo.toml | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 702a3f9b1..0acea213c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -215,9 +215,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.92" +version = "1.0.93" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "74f37166d7d48a0284b99dd824694c26119c700b53bf0d1540cdb147dbdaaf13" +checksum = "4c95c10ba0b00a02636238b814946408b1322d5ac4760326e6fb8ec956d85775" [[package]] name = "approx" diff --git a/crates/client/Cargo.toml b/crates/client/Cargo.toml index 36e5a27e1..4d78151f7 100644 --- a/crates/client/Cargo.toml +++ b/crates/client/Cargo.toml @@ -30,7 +30,7 @@ reqwest ={ version="0.12.9", features=["json", "stream"], optional=true base64 ={ version="0.22.0", optional=true } synedrion ={ version="0.2.0-beta.0", optional=true } hex ={ version="0.4.3", optional=true } -anyhow ="1.0.92" +anyhow ="1.0.93" # Only for the browser js-sys={ version="0.3.72", optional=true } diff --git a/crates/protocol/Cargo.toml b/crates/protocol/Cargo.toml index 470013cff..60d38e90f 100644 --- a/crates/protocol/Cargo.toml +++ b/crates/protocol/Cargo.toml @@ -49,7 +49,7 @@ schnorrkel ={ version="0.11.4", default-features=false, features=["std" [dev-dependencies] serial_test="3.1.1" sp-keyring ="34.0.0" -anyhow ="1.0.92" +anyhow ="1.0.93" num_cpus ="1.16.0" [features] diff --git a/crates/test-cli/Cargo.toml b/crates/test-cli/Cargo.toml index e4e69ec7b..8f545c199 100644 --- a/crates/test-cli/Cargo.toml +++ b/crates/test-cli/Cargo.toml @@ -14,7 +14,7 @@ clap ={ version="4.5.20", features=["derive"] } colored ="2.0.4" subxt ="0.35.3" sp-core ="31.0.0" -anyhow ="1.0.92" +anyhow ="1.0.93" tokio ={ version="1.41", features=["macros", "rt-multi-thread", "io-util", "process"] } hex ="0.4.3" bincode ="1.3.3" diff --git a/crates/threshold-signature-server/Cargo.toml b/crates/threshold-signature-server/Cargo.toml index ef2652f41..e9e0f6197 100644 --- a/crates/threshold-signature-server/Cargo.toml +++ b/crates/threshold-signature-server/Cargo.toml @@ -12,7 +12,7 @@ edition ='2021' # Common serde ={ version="1.0", default-features=false, features=["derive"] } serde_json ="1.0" -anyhow ="1.0.92" +anyhow ="1.0.93" thiserror ="1.0.68" blake2 ="0.10.4" x25519-dalek ={ version="2.0.1", features=["static_secrets"] } From 07225c7330cf9cb9d2bc25dd8bf45f42f01765a7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 7 Nov 2024 08:56:49 +0100 Subject: [PATCH 17/18] Bump thiserror from 1.0.68 to 2.0.0 (#1150) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.68 to 2.0.0. - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](https://github.com/dtolnay/thiserror/compare/1.0.68...2.0.0) --- updated-dependencies: - dependency-name: thiserror dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: peg --- Cargo.lock | 270 ++++++++++--------- crates/client/Cargo.toml | 2 +- crates/kvdb/Cargo.toml | 2 +- crates/protocol/Cargo.toml | 2 +- crates/threshold-signature-server/Cargo.toml | 2 +- 5 files changed, 149 insertions(+), 129 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 0acea213c..d1f661d4e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -422,7 +422,7 @@ dependencies = [ "nom", "num-traits", "rusticata-macros", - "thiserror", + "thiserror 1.0.68", "time", ] @@ -1129,7 +1129,7 @@ dependencies = [ "semver 1.0.22", "serde", "serde_json", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -2533,7 +2533,7 @@ dependencies = [ "sp-keyring 34.0.0", "subxt", "synedrion", - "thiserror", + "thiserror 2.0.0", "tokio", "tracing", "x25519-dalek 2.0.1", @@ -2568,7 +2568,7 @@ dependencies = [ "sled", "sp-core 31.0.0", "synedrion", - "thiserror", + "thiserror 2.0.0", "tokio", "tracing", "zeroize", @@ -2593,7 +2593,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a50c0e3e7224af04d8bebc6994f7428796de5f88861c89291644f2a85a44d3c" dependencies = [ "entropy-programs-core", - "thiserror", + "thiserror 1.0.68", "wasmtime 12.0.2", ] @@ -2628,7 +2628,7 @@ dependencies = [ "sp-keyring 34.0.0", "subxt", "synedrion", - "thiserror", + "thiserror 2.0.0", "tokio", "tokio-tungstenite", "tracing", @@ -2841,7 +2841,7 @@ dependencies = [ "subxt-signer", "synedrion", "tdx-quote", - "thiserror", + "thiserror 2.0.0", "tokio", "tokio-tungstenite", "tower-http 0.6.1", @@ -2935,7 +2935,7 @@ dependencies = [ "serde", "serde_json", "sha3", - "thiserror", + "thiserror 1.0.68", "uint", ] @@ -2992,7 +2992,7 @@ dependencies = [ "serde_json", "strum 0.26.3", "tempfile", - "thiserror", + "thiserror 1.0.68", "tiny-keccak", "unicode-xid", ] @@ -3098,7 +3098,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e182f7dbc2ef73d9ef67351c5fbbea084729c48362d3ce9dd44c28e32e277fe5" dependencies = [ "libc", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -3334,7 +3334,7 @@ dependencies = [ "sp-storage 20.0.0", "sp-trie 30.0.0", "sp-wasm-interface 20.0.0", - "thiserror", + "thiserror 1.0.68", "thousands", ] @@ -3971,7 +3971,7 @@ dependencies = [ "pin-project", "serde", "serde_json", - "thiserror", + "thiserror 1.0.68", "wasm-bindgen", "wasm-bindgen-futures", "web-sys", @@ -3990,7 +3990,7 @@ dependencies = [ "http 1.1.0", "js-sys", "pin-project", - "thiserror", + "thiserror 1.0.68", "wasm-bindgen", "wasm-bindgen-futures", "web-sys", @@ -4101,7 +4101,7 @@ dependencies = [ "pest_derive", "serde", "serde_json", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -4908,7 +4908,7 @@ dependencies = [ "rustls-native-certs 0.7.0", "rustls-pki-types", "soketto", - "thiserror", + "thiserror 1.0.68", "tokio", "tokio-rustls 0.25.0", "tokio-util", @@ -4934,7 +4934,7 @@ dependencies = [ "serde", "serde_json", "soketto", - "thiserror", + "thiserror 1.0.68", "tokio", "tracing", ] @@ -4958,7 +4958,7 @@ dependencies = [ "rustc-hash", "serde", "serde_json", - "thiserror", + "thiserror 1.0.68", "tokio", "tokio-stream", "tracing", @@ -4978,7 +4978,7 @@ dependencies = [ "jsonrpsee-types 0.22.4", "serde", "serde_json", - "thiserror", + "thiserror 1.0.68", "tokio", "tower 0.4.13", "tracing", @@ -5026,7 +5026,7 @@ dependencies = [ "serde", "serde_json", "soketto", - "thiserror", + "thiserror 1.0.68", "tokio", "tokio-stream", "tokio-util", @@ -5050,7 +5050,7 @@ dependencies = [ "serde", "serde_json", "soketto", - "thiserror", + "thiserror 1.0.68", "tokio", "tokio-stream", "tokio-util", @@ -5068,7 +5068,7 @@ dependencies = [ "beef", "serde", "serde_json", - "thiserror", + "thiserror 1.0.68", "tracing", ] @@ -5082,7 +5082,7 @@ dependencies = [ "beef", "serde", "serde_json", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -5283,7 +5283,7 @@ dependencies = [ "rand", "rw-stream-sink", "smallvec", - "thiserror", + "thiserror 1.0.68", "unsigned-varint", "void", ] @@ -5320,7 +5320,7 @@ dependencies = [ "quick-protobuf", "quick-protobuf-codec", "smallvec", - "thiserror", + "thiserror 1.0.68", "void", ] @@ -5338,7 +5338,7 @@ dependencies = [ "quick-protobuf", "rand", "sha2 0.10.8", - "thiserror", + "thiserror 1.0.68", "zeroize", ] @@ -5364,7 +5364,7 @@ dependencies = [ "rand", "sha2 0.10.8", "smallvec", - "thiserror", + "thiserror 1.0.68", "uint", "unsigned-varint", "void", @@ -5423,7 +5423,7 @@ dependencies = [ "sha2 0.10.8", "snow", "static_assertions", - "thiserror", + "thiserror 1.0.68", "x25519-dalek 1.1.1", "zeroize", ] @@ -5463,7 +5463,7 @@ dependencies = [ "quinn-proto", "rand", "rustls 0.20.9", - "thiserror", + "thiserror 1.0.68", "tokio", ] @@ -5544,7 +5544,7 @@ dependencies = [ "rcgen", "ring 0.16.20", "rustls 0.20.9", - "thiserror", + "thiserror 1.0.68", "webpki", "x509-parser", "yasna", @@ -5592,7 +5592,7 @@ dependencies = [ "futures", "libp2p-core", "log", - "thiserror", + "thiserror 1.0.68", "yamux", ] @@ -6045,7 +6045,7 @@ dependencies = [ "rand_chacha 0.3.1", "rand_distr", "subtle 2.5.0", - "thiserror", + "thiserror 1.0.68", "zeroize", ] @@ -6320,7 +6320,7 @@ dependencies = [ "anyhow", "byteorder", "paste", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -6334,7 +6334,7 @@ dependencies = [ "log", "netlink-packet-core", "netlink-sys", - "thiserror", + "thiserror 1.0.68", "tokio", ] @@ -7902,7 +7902,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "311fb059dee1a7b802f036316d790138c613a4e8b180c822e3925a662e9f0c95" dependencies = [ "memchr", - "thiserror", + "thiserror 1.0.68", "ucd-trie", ] @@ -8367,7 +8367,7 @@ dependencies = [ "lazy_static", "memchr", "parking_lot 0.12.3", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -8556,7 +8556,7 @@ dependencies = [ "asynchronous-codec", "bytes", "quick-protobuf", - "thiserror", + "thiserror 1.0.68", "unsigned-varint", ] @@ -8583,7 +8583,7 @@ dependencies = [ "rustc-hash", "rustls 0.20.9", "slab", - "thiserror", + "thiserror 1.0.68", "tinyvec", "tracing", "webpki", @@ -8763,7 +8763,7 @@ checksum = "bd283d9651eeda4b2a83a43c1c91b266c40fd76ecd39a50a8c630ae69dc72891" dependencies = [ "getrandom 0.2.15", "libredox", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -8913,7 +8913,7 @@ dependencies = [ "nom", "pin-project-lite 0.2.14", "reqwest", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -9055,7 +9055,7 @@ dependencies = [ "netlink-packet-route", "netlink-proto", "nix", - "thiserror", + "thiserror 1.0.68", "tokio", ] @@ -9324,7 +9324,7 @@ dependencies = [ "log", "sp-core 29.0.0", "sp-wasm-interface 20.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -9336,7 +9336,7 @@ dependencies = [ "log", "sp-core 32.0.0", "sp-wasm-interface 21.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -9366,7 +9366,7 @@ dependencies = [ "sp-keystore 0.35.0", "sp-runtime 32.0.0", "substrate-prometheus-endpoint", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -9528,7 +9528,7 @@ dependencies = [ "sp-panic-handler", "sp-runtime 32.0.0", "sp-version 30.0.0", - "thiserror", + "thiserror 1.0.68", "tokio", ] @@ -9570,7 +9570,7 @@ dependencies = [ "sp-panic-handler", "sp-runtime 35.0.0", "sp-version 33.0.0", - "thiserror", + "thiserror 1.0.68", "tokio", ] @@ -9707,7 +9707,7 @@ dependencies = [ "sp-runtime 32.0.0", "sp-state-machine 0.36.0", "substrate-prometheus-endpoint", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -9733,7 +9733,7 @@ dependencies = [ "sp-runtime 35.0.0", "sp-state-machine 0.39.0", "substrate-prometheus-endpoint", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -9770,7 +9770,7 @@ dependencies = [ "sp-keystore 0.35.0", "sp-runtime 32.0.0", "substrate-prometheus-endpoint", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -9793,7 +9793,7 @@ dependencies = [ "sp-core 29.0.0", "sp-keystore 0.35.0", "sp-runtime 32.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -9851,7 +9851,7 @@ dependencies = [ "sp-keystore 0.35.0", "sp-runtime 32.0.0", "substrate-prometheus-endpoint", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -9872,7 +9872,7 @@ dependencies = [ "sp-blockchain 29.0.0", "sp-core 29.0.0", "sp-runtime 32.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -9955,7 +9955,7 @@ dependencies = [ "sc-allocator 24.0.0", "sp-maybe-compressed-blob", "sp-wasm-interface 20.0.0", - "thiserror", + "thiserror 1.0.68", "wasm-instrument", ] @@ -9969,7 +9969,7 @@ dependencies = [ "sc-allocator 27.0.0", "sp-maybe-compressed-blob", "sp-wasm-interface 21.0.0", - "thiserror", + "thiserror 1.0.68", "wasm-instrument", ] @@ -10071,7 +10071,7 @@ dependencies = [ "sp-application-crypto 31.0.0", "sp-core 29.0.0", "sp-keystore 0.35.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -10086,7 +10086,7 @@ dependencies = [ "sp-application-crypto 34.0.0", "sp-core 32.0.0", "sp-keystore 0.38.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -10116,7 +10116,7 @@ dependencies = [ "sp-keystore 0.35.0", "sp-mixnet 0.5.0", "sp-runtime 32.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -10146,7 +10146,7 @@ dependencies = [ "sp-keystore 0.38.0", "sp-mixnet 0.8.0", "sp-runtime 35.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -10185,7 +10185,7 @@ dependencies = [ "sp-core 29.0.0", "sp-runtime 32.0.0", "substrate-prometheus-endpoint", - "thiserror", + "thiserror 1.0.68", "tokio", "tokio-stream", "unsigned-varint", @@ -10229,7 +10229,7 @@ dependencies = [ "sp-core 32.0.0", "sp-runtime 35.0.0", "substrate-prometheus-endpoint", - "thiserror", + "thiserror 1.0.68", "tokio", "tokio-stream", "unsigned-varint", @@ -10254,7 +10254,7 @@ dependencies = [ "sc-network 0.35.0", "sp-blockchain 29.0.0", "sp-runtime 32.0.0", - "thiserror", + "thiserror 1.0.68", "unsigned-varint", ] @@ -10275,7 +10275,7 @@ dependencies = [ "sc-network 0.38.0", "sp-blockchain 32.0.0", "sp-runtime 35.0.0", - "thiserror", + "thiserror 1.0.68", "unsigned-varint", ] @@ -10354,7 +10354,7 @@ dependencies = [ "sp-blockchain 29.0.0", "sp-core 29.0.0", "sp-runtime 32.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -10376,7 +10376,7 @@ dependencies = [ "sp-blockchain 32.0.0", "sp-core 32.0.0", "sp-runtime 35.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -10411,7 +10411,7 @@ dependencies = [ "sp-core 29.0.0", "sp-runtime 32.0.0", "substrate-prometheus-endpoint", - "thiserror", + "thiserror 1.0.68", "tokio", "tokio-stream", ] @@ -10448,7 +10448,7 @@ dependencies = [ "sp-core 32.0.0", "sp-runtime 35.0.0", "substrate-prometheus-endpoint", - "thiserror", + "thiserror 1.0.68", "tokio", "tokio-stream", ] @@ -10622,7 +10622,7 @@ dependencies = [ "sp-rpc 27.0.0", "sp-runtime 32.0.0", "sp-version 30.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -10643,7 +10643,7 @@ dependencies = [ "sp-rpc 30.0.0", "sp-runtime 35.0.0", "sp-version 33.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -10707,7 +10707,7 @@ dependencies = [ "sp-rpc 27.0.0", "sp-runtime 32.0.0", "sp-version 30.0.0", - "thiserror", + "thiserror 1.0.68", "tokio", "tokio-stream", ] @@ -10739,7 +10739,7 @@ dependencies = [ "sp-rpc 30.0.0", "sp-runtime 35.0.0", "sp-version 33.0.0", - "thiserror", + "thiserror 1.0.68", "tokio", "tokio-stream", ] @@ -10802,7 +10802,7 @@ dependencies = [ "static_init", "substrate-prometheus-endpoint", "tempfile", - "thiserror", + "thiserror 1.0.68", "tokio", "tracing", "tracing-futures", @@ -10867,7 +10867,7 @@ dependencies = [ "static_init", "substrate-prometheus-endpoint", "tempfile", - "thiserror", + "thiserror 1.0.68", "tokio", "tracing", "tracing-futures", @@ -10907,7 +10907,7 @@ dependencies = [ "fs4", "log", "sp-core 29.0.0", - "thiserror", + "thiserror 1.0.68", "tokio", ] @@ -10928,7 +10928,7 @@ dependencies = [ "serde_json", "sp-blockchain 29.0.0", "sp-runtime 32.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -10991,7 +10991,7 @@ dependencies = [ "sc-utils 15.0.0", "serde", "serde_json", - "thiserror", + "thiserror 1.0.68", "wasm-timer", ] @@ -11011,7 +11011,7 @@ dependencies = [ "sc-utils 17.0.0", "serde", "serde_json", - "thiserror", + "thiserror 1.0.68", "wasm-timer", ] @@ -11040,7 +11040,7 @@ dependencies = [ "sp-rpc 27.0.0", "sp-runtime 32.0.0", "sp-tracing 16.0.0", - "thiserror", + "thiserror 1.0.68", "tracing", "tracing-log 0.1.4", "tracing-subscriber 0.2.25", @@ -11071,7 +11071,7 @@ dependencies = [ "sp-rpc 30.0.0", "sp-runtime 35.0.0", "sp-tracing 17.0.0", - "thiserror", + "thiserror 1.0.68", "tracing", "tracing-log 0.1.4", "tracing-subscriber 0.2.25", @@ -11114,7 +11114,7 @@ dependencies = [ "sp-tracing 16.0.0", "sp-transaction-pool 27.0.0", "substrate-prometheus-endpoint", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -11142,7 +11142,7 @@ dependencies = [ "sp-tracing 17.0.0", "sp-transaction-pool 30.0.0", "substrate-prometheus-endpoint", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -11159,7 +11159,7 @@ dependencies = [ "sp-blockchain 29.0.0", "sp-core 29.0.0", "sp-runtime 32.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -11176,7 +11176,7 @@ dependencies = [ "sp-blockchain 32.0.0", "sp-core 32.0.0", "sp-runtime 35.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -11324,7 +11324,7 @@ dependencies = [ "quote", "scale-info", "syn 2.0.87", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -12046,7 +12046,7 @@ dependencies = [ "sp-std 14.0.0", "sp-trie 30.0.0", "sp-version 30.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -12069,7 +12069,7 @@ dependencies = [ "sp-std 14.0.0", "sp-trie 33.0.0", "sp-version 33.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -12243,7 +12243,7 @@ dependencies = [ "sp-database", "sp-runtime 32.0.0", "sp-state-machine 0.36.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -12262,7 +12262,7 @@ dependencies = [ "sp-database", "sp-runtime 35.0.0", "sp-state-machine 0.39.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -12278,7 +12278,7 @@ dependencies = [ "sp-inherents 27.0.0", "sp-runtime 32.0.0", "sp-state-machine 0.36.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -12294,7 +12294,7 @@ dependencies = [ "sp-inherents 30.0.0", "sp-runtime 35.0.0", "sp-state-machine 0.39.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -12455,7 +12455,7 @@ dependencies = [ "sp-storage 20.0.0", "ss58-registry", "substrate-bip39 0.4.6", - "thiserror", + "thiserror 1.0.68", "tracing", "w3f-bls", "zeroize", @@ -12502,7 +12502,7 @@ dependencies = [ "sp-storage 20.0.0", "ss58-registry", "substrate-bip39 0.5.0", - "thiserror", + "thiserror 1.0.68", "tracing", "w3f-bls", "zeroize", @@ -12549,7 +12549,7 @@ dependencies = [ "sp-storage 21.0.0", "ss58-registry", "substrate-bip39 0.6.0", - "thiserror", + "thiserror 1.0.68", "tracing", "w3f-bls", "zeroize", @@ -12671,7 +12671,7 @@ dependencies = [ "scale-info", "sp-runtime 32.0.0", "sp-std 14.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -12685,7 +12685,7 @@ dependencies = [ "parity-scale-codec", "scale-info", "sp-runtime 35.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -12811,7 +12811,7 @@ dependencies = [ "parking_lot 0.12.3", "sp-core 29.0.0", "sp-externalities 0.26.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -12844,7 +12844,7 @@ version = "11.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f0c768c11afbe698a090386876911da4236af199cd38a5866748df4d8628aeff" dependencies = [ - "thiserror", + "thiserror 1.0.68", "zstd 0.12.4", ] @@ -13205,7 +13205,7 @@ dependencies = [ "sp-panic-handler", "sp-std 14.0.0", "sp-trie 30.0.0", - "thiserror", + "thiserror 1.0.68", "tracing", "trie-db", ] @@ -13227,7 +13227,7 @@ dependencies = [ "sp-panic-handler", "sp-std 14.0.0", "sp-trie 32.0.0", - "thiserror", + "thiserror 1.0.68", "tracing", "trie-db", ] @@ -13248,7 +13248,7 @@ dependencies = [ "sp-externalities 0.28.0", "sp-panic-handler", "sp-trie 33.0.0", - "thiserror", + "thiserror 1.0.68", "tracing", "trie-db", ] @@ -13275,7 +13275,7 @@ dependencies = [ "sp-runtime 32.0.0", "sp-runtime-interface 25.0.0", "sp-std 14.0.0", - "thiserror", + "thiserror 1.0.68", "x25519-dalek 2.0.1", ] @@ -13300,7 +13300,7 @@ dependencies = [ "sp-externalities 0.28.0", "sp-runtime 35.0.0", "sp-runtime-interface 27.0.0", - "thiserror", + "thiserror 1.0.68", "x25519-dalek 2.0.1", ] @@ -13354,7 +13354,7 @@ dependencies = [ "sp-inherents 27.0.0", "sp-runtime 32.0.0", "sp-std 14.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -13367,7 +13367,7 @@ dependencies = [ "parity-scale-codec", "sp-inherents 30.0.0", "sp-runtime 35.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -13465,7 +13465,7 @@ dependencies = [ "sp-core 29.0.0", "sp-externalities 0.26.0", "sp-std 14.0.0", - "thiserror", + "thiserror 1.0.68", "tracing", "trie-db", "trie-root", @@ -13490,7 +13490,7 @@ dependencies = [ "sp-core 31.0.0", "sp-externalities 0.27.0", "sp-std 14.0.0", - "thiserror", + "thiserror 1.0.68", "tracing", "trie-db", "trie-root", @@ -13514,7 +13514,7 @@ dependencies = [ "schnellru", "sp-core 32.0.0", "sp-externalities 0.28.0", - "thiserror", + "thiserror 1.0.68", "tracing", "trie-db", "trie-root", @@ -13535,7 +13535,7 @@ dependencies = [ "sp-runtime 32.0.0", "sp-std 14.0.0", "sp-version-proc-macro 13.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -13553,7 +13553,7 @@ dependencies = [ "sp-runtime 35.0.0", "sp-std 14.0.0", "sp-version-proc-macro 14.0.0", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -13900,7 +13900,7 @@ dependencies = [ "hyper 0.14.28", "log", "prometheus", - "thiserror", + "thiserror 1.0.68", "tokio", ] @@ -13982,7 +13982,7 @@ dependencies = [ "subxt-lightclient", "subxt-macro", "subxt-metadata", - "thiserror", + "thiserror 1.0.68", "tokio-util", "tracing", "url", @@ -14006,7 +14006,7 @@ dependencies = [ "scale-typegen", "subxt-metadata", "syn 2.0.87", - "thiserror", + "thiserror 1.0.68", "tokio", ] @@ -14028,7 +14028,7 @@ dependencies = [ "serde_json", "smoldot", "smoldot-light", - "thiserror", + "thiserror 1.0.68", "tokio", "tokio-stream", "tracing", @@ -14122,7 +14122,7 @@ dependencies = [ "proc-macro2", "quote", "syn 1.0.109", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -14286,7 +14286,16 @@ version = "1.0.68" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "02dd99dc800bbb97186339685293e1cc5d9df1f8fae2d0aecd9ff1c77efea892" dependencies = [ - "thiserror-impl", + "thiserror-impl 1.0.68", +] + +[[package]] +name = "thiserror" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "15291287e9bff1bc6f9ff3409ed9af665bec7a5fc8ac079ea96be07bca0e2668" +dependencies = [ + "thiserror-impl 2.0.0", ] [[package]] @@ -14300,6 +14309,17 @@ dependencies = [ "syn 2.0.87", ] +[[package]] +name = "thiserror-impl" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "22efd00f33f93fa62848a7cab956c3d38c8d43095efda1decfc2b3a5dc0b8972" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.87", +] + [[package]] name = "thousands" version = "0.2.0" @@ -14855,7 +14875,7 @@ dependencies = [ "rand", "smallvec", "socket2 0.4.10", - "thiserror", + "thiserror 1.0.68", "tinyvec", "tokio", "tracing", @@ -14876,7 +14896,7 @@ dependencies = [ "parking_lot 0.12.3", "resolv-conf", "smallvec", - "thiserror", + "thiserror 1.0.68", "tokio", "tracing", "trust-dns-proto", @@ -14945,7 +14965,7 @@ dependencies = [ "log", "rand", "sha1", - "thiserror", + "thiserror 1.0.68", "utf-8", ] @@ -15171,7 +15191,7 @@ dependencies = [ "rand_core 0.6.4", "sha2 0.10.8", "sha3", - "thiserror", + "thiserror 1.0.68", "zeroize", ] @@ -15355,7 +15375,7 @@ dependencies = [ "strum 0.24.1", "strum_macros 0.24.3", "tempfile", - "thiserror", + "thiserror 1.0.68", "wasm-opt-cxx-sys", "wasm-opt-sys", ] @@ -15665,7 +15685,7 @@ dependencies = [ "log", "object 0.30.4", "target-lexicon", - "thiserror", + "thiserror 1.0.68", "wasmparser 0.102.0", "wasmtime-cranelift-shared 8.0.1", "wasmtime-environ 8.0.1", @@ -15688,7 +15708,7 @@ dependencies = [ "log", "object 0.31.1", "target-lexicon", - "thiserror", + "thiserror 1.0.68", "wasmparser 0.110.0", "wasmtime-cranelift-shared 12.0.2", "wasmtime-environ 12.0.2", @@ -15740,7 +15760,7 @@ dependencies = [ "object 0.30.4", "serde", "target-lexicon", - "thiserror", + "thiserror 1.0.68", "wasmparser 0.102.0", "wasmtime-types 8.0.1", ] @@ -15759,7 +15779,7 @@ dependencies = [ "object 0.31.1", "serde", "target-lexicon", - "thiserror", + "thiserror 1.0.68", "wasm-encoder 0.31.1", "wasmparser 0.110.0", "wasmprinter", @@ -15937,7 +15957,7 @@ checksum = "a4f6fffd2a1011887d57f07654dd112791e872e3ff4a2e626aee8059ee17f06f" dependencies = [ "cranelift-entity 0.95.1", "serde", - "thiserror", + "thiserror 1.0.68", "wasmparser 0.102.0", ] @@ -15949,7 +15969,7 @@ checksum = "77943729d4b46141538e8d0b6168915dc5f88575ecdfea26753fd3ba8bab244a" dependencies = [ "cranelift-entity 0.99.2", "serde", - "thiserror", + "thiserror 1.0.68", "wasmparser 0.110.0", ] @@ -16642,7 +16662,7 @@ dependencies = [ "nom", "oid-registry", "rusticata-macros", - "thiserror", + "thiserror 1.0.68", "time", ] diff --git a/crates/client/Cargo.toml b/crates/client/Cargo.toml index 4d78151f7..3798ff9c8 100644 --- a/crates/client/Cargo.toml +++ b/crates/client/Cargo.toml @@ -14,7 +14,7 @@ serde ={ version="1.0", default-features=false, features=["derive"] } entropy-shared={ version="0.3.0-rc.1", path="../shared", default-features=false } subxt ={ version="0.35.3", default-features=false, features=["jsonrpsee"] } num ="0.4.3" -thiserror ="1.0.68" +thiserror ="2.0.0" futures ="0.3" sp-core ={ version="31.0.0", default-features=false, features=["full_crypto", "serde"] } tracing ="0.1.37" diff --git a/crates/kvdb/Cargo.toml b/crates/kvdb/Cargo.toml index 5efcae38b..b10b8705a 100644 --- a/crates/kvdb/Cargo.toml +++ b/crates/kvdb/Cargo.toml @@ -12,7 +12,7 @@ edition ='2021' # Common rand ={ version="0.8", default-features=false } serde ={ version="1.0", features=["derive"] } -thiserror="1.0.68" +thiserror="2.0.0" hex ="0.4.3" # Substrate diff --git a/crates/protocol/Cargo.toml b/crates/protocol/Cargo.toml index 60d38e90f..80981fb70 100644 --- a/crates/protocol/Cargo.toml +++ b/crates/protocol/Cargo.toml @@ -20,7 +20,7 @@ x25519-dalek ={ version="2.0.1", features=["static_secrets"] } futures ="0.3" hex ="0.4.3" blake2 ="0.10.4" -thiserror ="1.0.68" +thiserror ="2.0.0" snow ="0.9.6" getrandom ={ version="0.2", features=["js"] } rand_core ={ version="0.6.4", features=["getrandom"] } diff --git a/crates/threshold-signature-server/Cargo.toml b/crates/threshold-signature-server/Cargo.toml index e9e0f6197..a6c94dfa1 100644 --- a/crates/threshold-signature-server/Cargo.toml +++ b/crates/threshold-signature-server/Cargo.toml @@ -12,8 +12,8 @@ edition ='2021' # Common serde ={ version="1.0", default-features=false, features=["derive"] } serde_json ="1.0" +thiserror ="2.0.0" anyhow ="1.0.93" -thiserror ="1.0.68" blake2 ="0.10.4" x25519-dalek ={ version="2.0.1", features=["static_secrets"] } rand_core ="0.6.4" From 72e6d3370ed272b77ffd867cd3f14c414fd30d02 Mon Sep 17 00:00:00 2001 From: Hernando Castano Date: Fri, 8 Nov 2024 11:00:37 +0700 Subject: [PATCH 18/18] Add quote guards to `ServerInfo` related extrinsics (#1123) * Add quote guard to `change_endpoint` extrinsic * Add quote guard to `change_threshold_accounts` extrinsic * Bump metadata * RustFmt * Get `entropy-client` test for `change_endpoint` working * Get `change_threshold_account` test compiling Doesn't work yet though, but this is at least a good checkpoint * Add way to `request_attestation` from client * Almost have `change_threshold_account` test working Faling to verify the PCK though... * TaploFmt * Be a bit more descriptive with the TSS public key variable * Make `update_threshold_account()` use updated PCK It looks like if the TSS Account ID and X25519 public keys are changing then we're probably on different hardware so the PCK will also change. This also gets the client test for the extrisnic passing. * Clean up `change_threshold_account()` test * Clean up the `request_attestation` client method a bit * Get `entropy-test-cli` compiling again * Remove unnecessary `.clone()` * Update `test-cli` for new extrinsic arguments * Get staking tests working again * Get Staking benchmarks compiling * Get `change_endpoint` benchmark working * Get `change_threshold_accounts` benchmark working * RustFmt benches * Use better mock endpoint * Switch to requiring a PCK chain instead of a certificate directly This matches what `validate()` does and prevents us from having an invalid PCK become part of `ServerInfo`. * Bump metadata * Update `client` to use PCK certificate chains * Update the `test-cli` to use PCK certificate chains * Undo some formatting changes * Variables mystery amount * Add `CHANGELOG` entry * Revert "Add `CHANGELOG` entry" This reverts commit fe7aadd6b01dcb839f3026ed5bdb57042a64f588. * Updated `CHANGELOG` without formatting --- CHANGELOG.md | 6 +- Cargo.lock | 1 + crates/client/Cargo.toml | 1 + crates/client/entropy_metadata.scale | Bin 209698 -> 209774 bytes crates/client/src/client.rs | 45 +++++- crates/client/src/tests.rs | 112 +++++++++++++-- crates/test-cli/src/lib.rs | 23 ++- crates/testing-utils/src/lib.rs | 2 + .../src/helpers/validator.rs | 2 +- pallets/staking/src/benchmarking.rs | 78 ++++++++-- pallets/staking/src/lib.rs | 101 +++++++++++-- pallets/staking/src/tests.rs | 134 ++++++++++++++++-- 12 files changed, 442 insertions(+), 63 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ada5aaea8..4665f8a79 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,7 +17,10 @@ At the moment this project **does not** adhere to `AttestationQueue` config types were removed from the Attestation pallet. - In [#1068](https://github.com/entropyxyz/entropy-core/pull/1068) an extra type `PckCertChainVerifier` was added to the staking extension pallet's `Config` trait. -- In [#1134](https://github.com/entropyxyz/entropy-core/pull/1134/) the ```no-sync``` option was removed +- In [#1123](https://github.com/entropyxyz/entropy-core/pull/1123/) the `change_endpoint()` and + `change_threshold_accounts()` extrinsics got new TDX `quote` related parameters added. +- In [#1134](https://github.com/entropyxyz/entropy-core/pull/1134/) the `--no-sync` option was + removed. ### Added - Protocol message versioning ([#1140](https://github.com/entropyxyz/entropy-core/pull/1140)) @@ -26,6 +29,7 @@ At the moment this project **does not** adhere to - Use correct key rotation endpoint in OCW ([#1104](https://github.com/entropyxyz/entropy-core/pull/1104)) - Change attestation flow to be pull based ([#1109](https://github.com/entropyxyz/entropy-core/pull/1109/)) - Handle PCK certificates ([#1068](https://github.com/entropyxyz/entropy-core/pull/1068)) +- Add quote guards to `ServerInfo` related extrinsics ([#1123](https://github.com/entropyxyz/entropy-core/pull/1123/)) - Remove declare synced ([#1134](https://github.com/entropyxyz/entropy-core/pull/1134/)) ## [0.3.0-rc.1](https://github.com/entropyxyz/entropy-core/compare/release/v0.2.0...release/v0.3.0-rc.1) - 2024-10-04 diff --git a/Cargo.lock b/Cargo.lock index d1f661d4e..46fcf7257 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2533,6 +2533,7 @@ dependencies = [ "sp-keyring 34.0.0", "subxt", "synedrion", + "tdx-quote", "thiserror 2.0.0", "tokio", "tracing", diff --git a/crates/client/Cargo.toml b/crates/client/Cargo.toml index 3798ff9c8..ed0ac71ac 100644 --- a/crates/client/Cargo.toml +++ b/crates/client/Cargo.toml @@ -40,6 +40,7 @@ tokio ={ version="1.41", features=["time"] } serial_test ="3.1.1" sp-keyring ="34.0.0" entropy-testing-utils={ path="../testing-utils" } +tdx-quote ={ version="0.0.1", features=["mock"] } [features] default=["native", "full-client-native"] diff --git a/crates/client/entropy_metadata.scale b/crates/client/entropy_metadata.scale index fcfbd8800746eaa47293aebd17012d87cefbfd01..00e10f14ada10341859b6eaa12033d6e59070578 100644 GIT binary patch delta 84 zcmZ4VjOX1mo(-8VWH}fWQu9&@@-y>FOc-UtQj={;E$kQ=MG8yvOHwD7yzpQYn7sFe c%jDMA>Vi;Fgu3ScFWUdVVBG%y1(UKD0Ax@hv;Y7A delta 44 zcmV+{0Mq~O<_x0d46teF3j_fmWo~3}Z)t9HlZNO>0SJ@N=tP4}>4#0}0k=)*0wGGp C(i6A< diff --git a/crates/client/src/client.rs b/crates/client/src/client.rs index 5e5ace6e0..98e73bda6 100644 --- a/crates/client/src/client.rs +++ b/crates/client/src/client.rs @@ -341,8 +341,10 @@ pub async fn change_endpoint( rpc: &LegacyRpcMethods, user_keypair: sr25519::Pair, new_endpoint: String, + quote: Vec, ) -> anyhow::Result { - let change_endpoint_tx = entropy::tx().staking_extension().change_endpoint(new_endpoint.into()); + let change_endpoint_tx = + entropy::tx().staking_extension().change_endpoint(new_endpoint.into(), quote); let in_block = submit_transaction_with_pair(api, rpc, &user_keypair, &change_endpoint_tx, None).await?; let result_event = in_block @@ -358,13 +360,18 @@ pub async fn change_threshold_accounts( user_keypair: sr25519::Pair, new_tss_account: String, new_x25519_public_key: String, + new_pck_certificate_chain: Vec>, + quote: Vec, ) -> anyhow::Result { let tss_account = SubxtAccountId32::from_str(&new_tss_account)?; + let x25519_public_key = hex::decode(new_x25519_public_key)? + .try_into() + .map_err(|_| anyhow!("X25519 pub key needs to be 32 bytes"))?; let change_threshold_accounts = entropy::tx().staking_extension().change_threshold_accounts( tss_account, - hex::decode(new_x25519_public_key)? - .try_into() - .map_err(|_| anyhow!("X25519 pub key needs to be 32 bytes"))?, + x25519_public_key, + new_pck_certificate_chain, + quote, ); let in_block = submit_transaction_with_pair(api, rpc, &user_keypair, &change_threshold_accounts, None) @@ -414,3 +421,33 @@ async fn jumpstart_inner( Ok(()) } + +/// An extrinsic to indicate to the chain that it should expect an attestation from the `signer` at +/// some point in the near future. +/// +/// The returned `nonce` must be used when generating a `quote` for the chain. +#[tracing::instrument( + skip_all, + fields( + attestee = ?attestee.public(), + ) +)] +pub async fn request_attestation( + api: &OnlineClient, + rpc: &LegacyRpcMethods, + attestee: sr25519::Pair, +) -> Result, ClientError> { + tracing::debug!("{} is requesting an attestation.", attestee.public()); + + let request_attestation = entropy::tx().attestation().request_attestation(); + + let result = + submit_transaction_with_pair(api, rpc, &attestee, &request_attestation, None).await?; + let result_event = result + .find_first::()? + .ok_or(crate::errors::SubstrateError::NoEvent)?; + + let nonce = result_event.0; + + Ok(nonce) +} diff --git a/crates/client/src/tests.rs b/crates/client/src/tests.rs index 819bf8bae..93e406037 100644 --- a/crates/client/src/tests.rs +++ b/crates/client/src/tests.rs @@ -11,17 +11,23 @@ use crate::{ }, get_api, get_rpc, EntropyConfig, }, - change_endpoint, change_threshold_accounts, register, remove_program, store_program, + change_endpoint, change_threshold_accounts, register, remove_program, request_attestation, + store_program, substrate::query_chain, update_programs, }; + use entropy_testing_utils::{ - constants::{TEST_PROGRAM_WASM_BYTECODE, TSS_ACCOUNTS}, - helpers::{derive_mock_pck_verifying_key, encode_verifying_key}, + constants::{TEST_PROGRAM_WASM_BYTECODE, TSS_ACCOUNTS, X25519_PUBLIC_KEYS}, + helpers::encode_verifying_key, jump_start_network, spawn_testing_validators, substrate_context::test_context_stationary, test_node_process_testing_state, ChainSpecType, }; +use rand::{ + rngs::{OsRng, StdRng}, + SeedableRng, +}; use serial_test::serial; use sp_core::{sr25519, Pair, H256}; use sp_keyring::AccountKeyring; @@ -36,7 +42,33 @@ async fn test_change_endpoint() { let api = get_api(&substrate_context.node_proc.ws_url).await.unwrap(); let rpc = get_rpc(&substrate_context.node_proc.ws_url).await.unwrap(); - let result = change_endpoint(&api, &rpc, one.into(), "new_endpoint".to_string()).await.unwrap(); + // By using this `Alice` account we can skip the `request_attestation` step since this is + // already set up at genesis. + let tss_account_id = &TSS_ACCOUNTS[0]; + let x25519_public_key = X25519_PUBLIC_KEYS[0]; + + // This nonce is what was used in the genesis config for `Alice`. + let nonce = [0; 32]; + + let quote = { + let signing_key = tdx_quote::SigningKey::random(&mut OsRng); + let public_key = sr25519::Public(tss_account_id.0); + + // We need to add `1` here since the quote is being checked in the next block + let block_number = rpc.chain_get_header(None).await.unwrap().unwrap().number + 1; + + let input_data = + entropy_shared::QuoteInputData::new(public_key, x25519_public_key, nonce, block_number); + + let mut pck_seeder = StdRng::from_seed(public_key.0); + let pck = tdx_quote::SigningKey::random(&mut pck_seeder); + + tdx_quote::Quote::mock(signing_key.clone(), pck, input_data.0).as_bytes().to_vec() + }; + + let result = + change_endpoint(&api, &rpc, one.into(), "new_endpoint".to_string(), quote).await.unwrap(); + assert_eq!( format!("{:?}", result), format!( @@ -57,22 +89,72 @@ async fn test_change_threshold_accounts() { let api = get_api(&substrate_context.node_proc.ws_url).await.unwrap(); let rpc = get_rpc(&substrate_context.node_proc.ws_url).await.unwrap(); - let x25519_public_key = [0u8; 32]; - let result = change_threshold_accounts( + + // We need to use an account that's not a validator (so not our default development/test accounts) + // otherwise we're not able to update the TSS and X25519 keys for our existing validator. + let non_validator_seed = + "gospel prosper cactus remember snap enact refuse review bind rescue guard sock"; + let (tss_signer_pair, x25519_secret) = + entropy_testing_utils::get_signer_and_x25519_secret_from_mnemonic(non_validator_seed) + .unwrap(); + + let tss_public_key = tss_signer_pair.signer().public(); + let x25519_public_key = x25519_dalek::PublicKey::from(&x25519_secret); + + // We need to give our new TSS account some funds before it can request an attestation. + let dest = tss_signer_pair.account_id().clone().into(); + let amount = 10 * entropy_shared::MIN_BALANCE; + let balance_transfer_tx = entropy::tx().balances().transfer_allow_death(dest, amount); + let _transfer_result = crate::substrate::submit_transaction_with_pair( &api, &rpc, - one.into(), - AccountId32(one.pair().public().0.into()).to_string(), - hex::encode(x25519_public_key), + &one.pair(), + &balance_transfer_tx, + None, ) .await .unwrap(); - let provisioning_certification_key = { - let key = derive_mock_pck_verifying_key(&TSS_ACCOUNTS[0]); - BoundedVec(encode_verifying_key(&key).unwrap().to_vec()) + // When we request an attestation we get a nonce back that we must use when generating our quote. + let nonce = request_attestation(&api, &rpc, tss_signer_pair.signer().clone()).await.unwrap(); + let nonce: [u8; 32] = nonce.try_into().unwrap(); + + let mut pck_seeder = StdRng::from_seed(tss_public_key.0.clone()); + let pck = tdx_quote::SigningKey::random(&mut pck_seeder); + let encoded_pck = encode_verifying_key(&pck.verifying_key()).unwrap().to_vec(); + + // Our runtime is using the mock `PckCertChainVerifier`, which means that the expected + // "certificate" basically is just our TSS account ID. This account needs to match the one + // used to sign the following `quote`. + let pck_certificate_chain = vec![tss_public_key.0.to_vec()]; + + let quote = { + // We need to add `1` here since the quote is being checked in the next block + let block_number = rpc.chain_get_header(None).await.unwrap().unwrap().number + 1; + + let input_data = entropy_shared::QuoteInputData::new( + tss_public_key, + *x25519_public_key.as_bytes(), + nonce, + block_number, + ); + + let signing_key = tdx_quote::SigningKey::random(&mut OsRng); + tdx_quote::Quote::mock(signing_key.clone(), pck.clone(), input_data.0).as_bytes().to_vec() }; + let result = change_threshold_accounts( + &api, + &rpc, + one.into(), + tss_public_key.to_string(), + hex::encode(*x25519_public_key.as_bytes()), + pck_certificate_chain, + quote, + ) + .await + .unwrap(); + assert_eq!( format!("{:?}", result), format!( @@ -80,10 +162,10 @@ async fn test_change_threshold_accounts() { events::ThresholdAccountChanged( AccountId32(one.pair().public().0), ServerInfo { - tss_account: AccountId32(one.pair().public().0), - x25519_public_key, + tss_account: AccountId32(tss_public_key.0), + x25519_public_key: *x25519_public_key.as_bytes(), endpoint: "127.0.0.1:3001".as_bytes().to_vec(), - provisioning_certification_key, + provisioning_certification_key: BoundedVec(encoded_pck), } ) ) diff --git a/crates/test-cli/src/lib.rs b/crates/test-cli/src/lib.rs index 9bc063167..6a9007861 100644 --- a/crates/test-cli/src/lib.rs +++ b/crates/test-cli/src/lib.rs @@ -145,6 +145,11 @@ enum CliCommand { ChangeEndpoint { /// New endpoint to change to (ex. "127.0.0.1:3001") new_endpoint: String, + /// The Intel TDX quote used to prove that this TSS is running on TDX hardware. + /// + /// The quote format is specified in: + /// https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_TDX_DCAP_Quoting_Library_API.pdf + quote: String, /// The mnemonic for the validator stash account to use for the call, should be stash address #[arg(short, long)] mnemonic_option: Option, @@ -155,6 +160,13 @@ enum CliCommand { new_tss_account: String, /// New x25519 public key new_x25519_public_key: String, + /// The new Provisioning Certification Key (PCK) certificate chain to be used for the TSS. + new_pck_certificate_chain: Vec, + /// The Intel TDX quote used to prove that this TSS is running on TDX hardware. + /// + /// The quote format is specified in: + /// https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_TDX_DCAP_Quoting_Library_API.pdf + quote: String, /// The mnemonic for the validator stash account to use for the call, should be stash address #[arg(short, long)] mnemonic_option: Option, @@ -433,7 +445,7 @@ pub async fn run_command( Ok("Got status".to_string()) }, - CliCommand::ChangeEndpoint { new_endpoint, mnemonic_option } => { + CliCommand::ChangeEndpoint { new_endpoint, quote, mnemonic_option } => { let mnemonic = if let Some(mnemonic_option) = mnemonic_option { mnemonic_option } else { @@ -443,13 +455,16 @@ pub async fn run_command( let user_keypair = ::from_string(&mnemonic, None)?; println!("User account for current call: {}", user_keypair.public()); - let result_event = change_endpoint(&api, &rpc, user_keypair, new_endpoint).await?; + let result_event = + change_endpoint(&api, &rpc, user_keypair, new_endpoint, quote.into()).await?; println!("Event result: {:?}", result_event); Ok("Endpoint changed".to_string()) }, CliCommand::ChangeThresholdAccounts { new_tss_account, new_x25519_public_key, + new_pck_certificate_chain, + quote, mnemonic_option, } => { let mnemonic = if let Some(mnemonic_option) = mnemonic_option { @@ -460,12 +475,16 @@ pub async fn run_command( let user_keypair = ::from_string(&mnemonic, None)?; println!("User account for current call: {}", user_keypair.public()); + let new_pck_certificate_chain = + new_pck_certificate_chain.iter().cloned().map(|i| i.into()).collect::<_>(); let result_event = change_threshold_accounts( &api, &rpc, user_keypair, new_tss_account, new_x25519_public_key, + new_pck_certificate_chain, + quote.into(), ) .await?; println!("Event result: {:?}", result_event); diff --git a/crates/testing-utils/src/lib.rs b/crates/testing-utils/src/lib.rs index 22329cb1c..435cd9afa 100644 --- a/crates/testing-utils/src/lib.rs +++ b/crates/testing-utils/src/lib.rs @@ -27,3 +27,5 @@ pub use entropy_tss::helpers::tests::{ }; pub use node_proc::TestNodeProcess; pub use substrate_context::*; + +pub use entropy_tss::helpers::validator::get_signer_and_x25519_secret_from_mnemonic; diff --git a/crates/threshold-signature-server/src/helpers/validator.rs b/crates/threshold-signature-server/src/helpers/validator.rs index b571e0181..3811b0414 100644 --- a/crates/threshold-signature-server/src/helpers/validator.rs +++ b/crates/threshold-signature-server/src/helpers/validator.rs @@ -88,7 +88,7 @@ fn get_x25519_secret_from_hkdf(hkdf: &Hkdf) -> Result( if validate_also { let block_number = 0; - let endpoint = vec![20, 20]; + let endpoint = b"http://localhost:3001".to_vec(); let (quote, joining_server_info) = prepare_attestation_for_validate::( threshold, x25519_public_key, @@ -172,33 +172,86 @@ benchmarks! { let caller: T::AccountId = whitelisted_caller(); let bonder: T::AccountId = account("bond", 0, SEED); let threshold: T::AccountId = account("threshold", 0, SEED); + + let endpoint = b"http://localhost:3001"; let x25519_public_key = NULL_ARR; - prep_bond_and_validate::(true, caller.clone(), bonder.clone(), threshold, NULL_ARR); + let validate_also = true; + prep_bond_and_validate::( + validate_also, + caller.clone(), + bonder.clone(), + threshold.clone(), + x25519_public_key.clone(), + ); - }: _(RawOrigin::Signed(bonder.clone()), vec![30]) + // For quote verification this needs to be the _next_ block, and right now we're at block `0`. + let block_number = 1; + let quote = prepare_attestation_for_validate::( + threshold, + x25519_public_key, + endpoint.clone().to_vec(), + block_number, + ) + .0; + }: _(RawOrigin::Signed(bonder.clone()), endpoint.to_vec(), quote) verify { - assert_last_event::(Event::::EndpointChanged(bonder, vec![30]).into()); + assert_last_event::(Event::::EndpointChanged(bonder, endpoint.to_vec()).into()); } change_threshold_accounts { let s in 0 .. MAX_SIGNERS as u32; + let caller: T::AccountId = whitelisted_caller(); let _bonder: T::AccountId = account("bond", 0, SEED); - let validator_id_res = ::ValidatorId::try_from(_bonder.clone()).or(Err(Error::::InvalidValidatorId)); - let validator_id_signers = ::ValidatorId::try_from(caller.clone()).or(Err(Error::::InvalidValidatorId)).unwrap(); - let bonder: T::ValidatorId = validator_id_res.expect("Issue converting account id into validator id"); + + let validator_id_res = ::ValidatorId::try_from(_bonder.clone()) + .or(Err(Error::::InvalidValidatorId)); + let validator_id_signers = ::ValidatorId::try_from(caller.clone()) + .or(Err(Error::::InvalidValidatorId)) + .unwrap(); + let bonder: T::ValidatorId = + validator_id_res.expect("Issue converting account id into validator id"); + let threshold: T::AccountId = account("threshold", 0, SEED); + let new_threshold: T::AccountId = account("new_threshold", 0, SEED); + let x25519_public_key: [u8; 32] = NULL_ARR; - prep_bond_and_validate::(true, caller.clone(), _bonder.clone(), threshold, NULL_ARR); + let endpoint = b"http://localhost:3001".to_vec(); + + let validate_also = true; + prep_bond_and_validate::( + validate_also, + caller.clone(), + _bonder.clone(), + threshold.clone(), + x25519_public_key.clone(), + ); + + // For quote verification this needs to be the _next_ block, and right now we're at block `0`. + let block_number = 1; + let (quote , joining_server_info) = prepare_attestation_for_validate::( + new_threshold.clone(), + x25519_public_key, + endpoint.clone().to_vec(), + block_number, + ); + + let pck_certificate_chain = joining_server_info.pck_certificate_chain; + let signers = vec![validator_id_signers.clone(); s as usize]; Signers::::put(signers.clone()); - - }: _(RawOrigin::Signed(_bonder.clone()), _bonder.clone(), NULL_ARR) + }: _( + RawOrigin::Signed(_bonder.clone()), + new_threshold.clone(), + x25519_public_key.clone(), + pck_certificate_chain, + quote + ) verify { let server_info = ServerInfo { - endpoint: vec![20, 20], - tss_account: _bonder.clone(), + endpoint: b"http://localhost:3001".to_vec(), + tss_account: new_threshold.clone(), x25519_public_key: NULL_ARR, provisioning_certification_key: MOCK_PCK_DERIVED_FROM_NULL_ARRAY.to_vec().try_into().unwrap(), }; @@ -330,6 +383,7 @@ benchmarks! { x25519_public_key.clone() ); + // For quote verification this needs to be the _next_ block, and right now we're at block `0`. let block_number = 1; let (quote, joining_server_info) = prepare_attestation_for_validate::(threshold_account.clone(), x25519_public_key, endpoint.clone(), block_number); diff --git a/pallets/staking/src/lib.rs b/pallets/staking/src/lib.rs index fcd37e88a..8154f3bde 100644 --- a/pallets/staking/src/lib.rs +++ b/pallets/staking/src/lib.rs @@ -378,12 +378,26 @@ pub mod pallet { #[pallet::call] impl Pallet { - /// Allows a validator to change their endpoint so signers can find them when they are coms - /// manager `endpoint`: nodes's endpoint + /// Allows a validator to change the endpoint used by their Threshold Siganture Scheme + /// (TSS) server. + /// + /// # Expects TDX Quote + /// + /// A valid TDX quote must be passed along in order to ensure that the validator is running + /// TDX hardware. In order for the chain to be aware that a quote is expected from the + /// validator `pallet_attestation::request_attestation()` must be called first. + /// + /// The quote format is specified in: + /// https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_TDX_DCAP_Quoting_Library_API.pdf #[pallet::call_index(0)] #[pallet::weight(::WeightInfo::change_endpoint())] - pub fn change_endpoint(origin: OriginFor, endpoint: Vec) -> DispatchResult { + pub fn change_endpoint( + origin: OriginFor, + endpoint: Vec, + quote: Vec, + ) -> DispatchResult { let who = ensure_signed(origin)?; + ensure!( endpoint.len() as u32 <= T::MaxEndpointLength::get(), Error::::EndpointTooLong @@ -396,31 +410,60 @@ pub mod pallet { ThresholdServers::::try_mutate(&validator_id, |maybe_server_info| { if let Some(server_info) = maybe_server_info { + // Before we modify the `server_info`, we want to check that the validator is + // still running TDX hardware. + ensure!( + >::verify_quote( + &server_info.tss_account.clone(), + server_info.x25519_public_key, + server_info.provisioning_certification_key.clone(), + quote + ) + .is_ok(), + Error::::FailedAttestationCheck + ); + server_info.endpoint.clone_from(&endpoint); + Ok(()) } else { Err(Error::::NoBond) } })?; + Self::deposit_event(Event::EndpointChanged(who, endpoint)); Ok(()) } - /// Allows a validator to change their threshold key so can confirm done when coms manager - /// `new_account`: nodes's threshold account + /// Allows a validator to change their associated threshold server AccountID and X25519 + /// public key. + /// + /// # Expects TDX Quote + /// + /// A valid TDX quote must be passed along in order to ensure that the validator is running + /// TDX hardware. In order for the chain to be aware that a quote is expected from the + /// validator `pallet_attestation::request_attestation()` must be called first. + /// + /// The **new** TSS AccountID must be used when requesting this quote. + /// + /// The quote format is specified in: + /// https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_TDX_DCAP_Quoting_Library_API.pdf #[pallet::call_index(1)] #[pallet::weight(::WeightInfo::change_threshold_accounts(MAX_SIGNERS as u32))] pub fn change_threshold_accounts( origin: OriginFor, tss_account: T::AccountId, x25519_public_key: X25519PublicKey, + pck_certificate_chain: Vec>, + quote: Vec, ) -> DispatchResultWithPostInfo { + let who = ensure_signed(origin)?; + ensure!( !ThresholdToStash::::contains_key(&tss_account), Error::::TssAccountAlreadyExists ); - let who = ensure_signed(origin)?; let stash = Self::get_stash(&who)?; let validator_id = ::ValidatorId::try_from(stash) .or(Err(Error::::InvalidValidatorId))?; @@ -431,20 +474,48 @@ pub mod pallet { Error::::NoChangingThresholdAccountWhenSigner ); - let new_server_info: ServerInfo = - ThresholdServers::::try_mutate(&validator_id, |maybe_server_info| { + let provisioning_certification_key = + T::PckCertChainVerifier::verify_pck_certificate_chain(pck_certificate_chain) + .map_err(|error| { + let e: Error = error.into(); + e + })?; + + let new_server_info: ServerInfo = ThresholdServers::::try_mutate( + &validator_id, + |maybe_server_info| { if let Some(server_info) = maybe_server_info { - server_info.tss_account = tss_account.clone(); + // Before we modify the `server_info`, we want to check that the validator is + // still running TDX hardware. + ensure!( + >::verify_quote( + &tss_account.clone(), + x25519_public_key, + provisioning_certification_key.clone(), + quote + ) + .is_ok(), + Error::::FailedAttestationCheck + ); + + server_info.tss_account = tss_account; server_info.x25519_public_key = x25519_public_key; - ThresholdToStash::::insert(&tss_account, &validator_id); + server_info.provisioning_certification_key = provisioning_certification_key; + + ThresholdToStash::::insert(&server_info.tss_account, &validator_id); + Ok(server_info.clone()) } else { Err(Error::::NoBond) } - })?; + }, + )?; + Self::deposit_event(Event::ThresholdAccountChanged(validator_id, new_server_info)); - Ok(Some(::WeightInfo::change_threshold_accounts(signers.len() as u32)) - .into()) + + let actual_weight = + ::WeightInfo::change_threshold_accounts(signers.len() as u32); + Ok(Some(actual_weight).into()) } /// Wraps's Substrate's `unbond` extrinsic but checks to make sure targeted account is not a signer or next signer @@ -521,9 +592,11 @@ pub mod pallet { /// Wrap's Substrate's `staking_pallet::validate()` extrinsic, but enforces that /// information about a validator's threshold server is provided. /// + /// # Expects TDX Quote + /// /// A valid TDX quote must be passed along in order to ensure that the validator candidate /// is running TDX hardware. In order for the chain to be aware that a quote is expected - /// from the candidate, `pallet_attestation::request_attestation()` must be called first. + /// from the candidate `pallet_attestation::request_attestation()` must be called first. /// /// The quote format is specified in: /// https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_TDX_DCAP_Quoting_Library_API.pdf diff --git a/pallets/staking/src/tests.rs b/pallets/staking/src/tests.rs index 0340d4cf9..01eef85a6 100644 --- a/pallets/staking/src/tests.rs +++ b/pallets/staking/src/tests.rs @@ -82,7 +82,7 @@ fn it_takes_in_an_endpoint() { let joining_server_info = JoiningServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, - endpoint: vec![20; 26], + endpoint: [20; (crate::tests::MaxEndpointLength::get() + 1) as usize].to_vec(), pck_certificate_chain: vec![[0u8; 32].to_vec()], }; assert_noop!( @@ -156,6 +156,8 @@ fn it_will_not_allow_validator_to_use_existing_tss_account() { #[test] fn it_changes_endpoint() { new_test_ext().execute_with(|| { + let endpoint = b"http://localhost:3001".to_vec(); + assert_ok!(FrameStaking::bond( RuntimeOrigin::signed(1), 100u64, @@ -165,7 +167,7 @@ fn it_changes_endpoint() { let joining_server_info = JoiningServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, - endpoint: vec![20], + endpoint: endpoint.clone(), pck_certificate_chain: vec![[0u8; 32].to_vec()], }; assert_ok!(Staking::validate( @@ -175,16 +177,52 @@ fn it_changes_endpoint() { VALID_QUOTE.to_vec(), )); - assert_ok!(Staking::change_endpoint(RuntimeOrigin::signed(1), vec![30])); - assert_eq!(Staking::threshold_server(1).unwrap().endpoint, vec![30]); + assert_ok!(Staking::change_endpoint( + RuntimeOrigin::signed(1), + endpoint.clone(), + VALID_QUOTE.to_vec() + )); + assert_eq!(Staking::threshold_server(1).unwrap().endpoint, endpoint); assert_noop!( - Staking::change_endpoint(RuntimeOrigin::signed(3), vec![30]), + Staking::change_endpoint(RuntimeOrigin::signed(3), endpoint, VALID_QUOTE.to_vec()), Error::::NoBond ); }); } +#[test] +fn it_doesnt_change_endpoint_with_invalid_quote() { + new_test_ext().execute_with(|| { + let endpoint = b"http://localhost:3001".to_vec(); + + assert_ok!(FrameStaking::bond( + RuntimeOrigin::signed(1), + 100u64, + pallet_staking::RewardDestination::Account(1), + )); + + let joining_server_info = JoiningServerInfo { + tss_account: 3, + x25519_public_key: NULL_ARR, + endpoint: endpoint.clone(), + pck_certificate_chain: vec![[0u8; 32].to_vec()], + }; + + assert_ok!(Staking::validate( + RuntimeOrigin::signed(1), + pallet_staking::ValidatorPrefs::default(), + joining_server_info.clone(), + VALID_QUOTE.to_vec(), + )); + + assert_noop!( + Staking::change_endpoint(RuntimeOrigin::signed(1), endpoint, INVALID_QUOTE.to_vec()), + Error::::FailedAttestationCheck + ); + }) +} + #[test] fn it_changes_threshold_account() { new_test_ext().execute_with(|| { @@ -194,11 +232,12 @@ fn it_changes_threshold_account() { pallet_staking::RewardDestination::Account(1), )); + let pck_certificate_chain = vec![vec![0u8; 32]]; let joining_server_info = JoiningServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20], - pck_certificate_chain: vec![[0u8; 32].to_vec()], + pck_certificate_chain: pck_certificate_chain.clone(), }; assert_ok!(Staking::validate( RuntimeOrigin::signed(1), @@ -207,12 +246,24 @@ fn it_changes_threshold_account() { VALID_QUOTE.to_vec(), )); - assert_ok!(Staking::change_threshold_accounts(RuntimeOrigin::signed(1), 4, NULL_ARR)); + assert_ok!(Staking::change_threshold_accounts( + RuntimeOrigin::signed(1), + 4, + NULL_ARR, + pck_certificate_chain.clone(), + VALID_QUOTE.to_vec() + )); assert_eq!(Staking::threshold_server(1).unwrap().tss_account, 4); assert_eq!(Staking::threshold_to_stash(4).unwrap(), 1); assert_noop!( - Staking::change_threshold_accounts(RuntimeOrigin::signed(4), 5, NULL_ARR), + Staking::change_threshold_accounts( + RuntimeOrigin::signed(4), + 5, + NULL_ARR, + pck_certificate_chain.clone(), + VALID_QUOTE.to_vec() + ), Error::::NotController ); @@ -227,7 +278,7 @@ fn it_changes_threshold_account() { tss_account: 5, x25519_public_key: NULL_ARR, endpoint: vec![20], - pck_certificate_chain: vec![[0u8; 32].to_vec()], + pck_certificate_chain: pck_certificate_chain.clone(), }; assert_ok!(Staking::validate( RuntimeOrigin::signed(2), @@ -237,18 +288,66 @@ fn it_changes_threshold_account() { )); assert_noop!( - Staking::change_threshold_accounts(RuntimeOrigin::signed(1), 5, NULL_ARR), + Staking::change_threshold_accounts( + RuntimeOrigin::signed(1), + 5, + NULL_ARR, + pck_certificate_chain.clone(), + VALID_QUOTE.to_vec() + ), Error::::TssAccountAlreadyExists ); Signers::::put(vec![1]); assert_noop!( - Staking::change_threshold_accounts(RuntimeOrigin::signed(1), 9, NULL_ARR,), + Staking::change_threshold_accounts( + RuntimeOrigin::signed(1), + 9, + NULL_ARR, + pck_certificate_chain.clone(), + VALID_QUOTE.to_vec() + ), Error::::NoChangingThresholdAccountWhenSigner ); }); } +#[test] +fn it_doesnt_allow_changing_threshold_account_with_invalid_quote() { + new_test_ext().execute_with(|| { + assert_ok!(FrameStaking::bond( + RuntimeOrigin::signed(1), + 100u64, + pallet_staking::RewardDestination::Account(1), + )); + + let pck_certificate_chain = vec![[0u8; 32].to_vec()]; + let joining_server_info = JoiningServerInfo { + tss_account: 3, + x25519_public_key: NULL_ARR, + endpoint: vec![20], + pck_certificate_chain: pck_certificate_chain.clone(), + }; + assert_ok!(Staking::validate( + RuntimeOrigin::signed(1), + pallet_staking::ValidatorPrefs::default(), + joining_server_info.clone(), + VALID_QUOTE.to_vec(), + )); + + assert_noop!( + Staking::change_threshold_accounts( + RuntimeOrigin::signed(1), + 4, + NULL_ARR, + pck_certificate_chain.clone(), + INVALID_QUOTE.to_vec() + ), + Error::::FailedAttestationCheck + ); + }) +} + #[test] fn it_will_not_allow_existing_tss_account_when_changing_threshold_account() { new_test_ext().execute_with(|| { @@ -258,11 +357,12 @@ fn it_will_not_allow_existing_tss_account_when_changing_threshold_account() { pallet_staking::RewardDestination::Account(1), )); + let pck_certificate_chain = vec![[0u8; 32].to_vec()]; let joining_server_info = JoiningServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20], - pck_certificate_chain: vec![[0u8; 32].to_vec()], + pck_certificate_chain: pck_certificate_chain.clone(), }; assert_ok!(Staking::validate( RuntimeOrigin::signed(1), @@ -282,7 +382,7 @@ fn it_will_not_allow_existing_tss_account_when_changing_threshold_account() { tss_account: 5, x25519_public_key: NULL_ARR, endpoint: vec![20], - pck_certificate_chain: vec![[0u8; 32].to_vec()], + pck_certificate_chain: pck_certificate_chain.clone(), }; assert_ok!(Staking::validate( RuntimeOrigin::signed(2), @@ -292,7 +392,13 @@ fn it_will_not_allow_existing_tss_account_when_changing_threshold_account() { )); assert_noop!( - Staking::change_threshold_accounts(RuntimeOrigin::signed(1), 5, NULL_ARR), + Staking::change_threshold_accounts( + RuntimeOrigin::signed(1), + 5, + NULL_ARR, + pck_certificate_chain.clone(), + VALID_QUOTE.to_vec() + ), Error::::TssAccountAlreadyExists ); });