TSS attestation endpoint #1001
TSS attestation endpoint #1001
Conversation
| @@ -99,3 +100,22 @@ pub enum HashingAlgorithm { | |||
|
|
|||
| /// A compressed, serialized [synedrion::ecdsa::VerifyingKey<k256::Secp256k1>] | |||
| pub type EncodedVerifyingKey = [u8; VERIFICATION_KEY_LENGTH as usize]; | |||
|
|
|||
| /// Input data to be included in a TDX attestation | |||
| pub struct QuoteInputData(pub [u8; 64]); | |||
There was a problem hiding this comment.
This is in entropy-shared because it will also be used by the chain when verifying quote input
ameba23
requested review from
HCastano and
JesseAbram
and removed request for
HCastano
| @@ -178,6 +178,7 @@ pub fn app(app_state: AppState) -> Router { | |||
| .route("/user/sign_tx", post(sign_tx)) | |||
| .route("/signer/proactive_refresh", post(proactive_refresh)) | |||
| .route("/validator/reshare", post(new_reshare)) | |||
| .route("/attest", post(attest)) | |||
There was a problem hiding this comment.
this should go lower into the unsafe endpoints
There was a problem hiding this comment.
i can put it there for now but the idea is this same endpoint will be the real thing when unsafe feature is not present
There was a problem hiding this comment.
idk we can always change it when we remove the unsafe, it makes sense to me but your call
There was a problem hiding this comment.
FWIW I think it's fine as is
| assert_eq!(res.status(), 200); | ||
| let quote = res.bytes().await.unwrap(); | ||
| // This verifies the signature in the quote | ||
| tdx_quote::Quote::from_bytes("e).unwrap(); |
There was a problem hiding this comment.
Instead of unwrap-ing here we may want to check that the value we get back matches what we expect
| input: Bytes, | ||
| ) -> Result<(StatusCode, Bytes), ValidatorErr> { | ||
| // TODO #982 confirm with the chain that an attestation should be happenning | ||
| let nonce = input[..].try_into()?; |
There was a problem hiding this comment.
| let nonce = input[..].try_into()?; | |
| let nonce = input.as_slice().try_into()?; |
There was a problem hiding this comment.
i went for as_ref as as_slice doesn't seem to be available for Bytes
| @@ -83,6 +84,7 @@ ethers-core ="2.0.14" | |||
| schnorrkel ={ version="0.11.4", default-features=false, features=["std"] } | |||
| schemars ={ version="0.8.21" } | |||
| subxt-signer="0.35.3" | |||
| tdx-quote ={ git="https://github.com/entropyxyz/tdx-quote", features=["mock"] } | |||
There was a problem hiding this comment.
Do we need to have this in both norm deps and dev deps?
There was a problem hiding this comment.
the problem is if we don't, it wont compile in test mode without the unsafe feature present, which is the case in CI. Ideally i don't want tdx-quote with the mock feature available in production. but i do want it in a release build if the unsafe feature is present, in order to be able to test a release build on non-tdx hardware.
| let quote = tdx_quote::Quote::mock(signing_key.clone(), input_data.0); | ||
| // Here we would submit an attest extrinsic to the chain - but for now we just include it in the | ||
| // response | ||
| Ok((StatusCode::OK, Bytes::from(quote.as_bytes().to_vec()))) |
There was a problem hiding this comment.
Just a small thing for the future - would be nice to have a From/Into implementation for turning these quotes into Bytes
There was a problem hiding this comment.
I think thats only worth doing if we continue to include the quote in the http response. Initially i am proposing to only have on-chain quote verification, so the response body here will be empty and the quote will be included in an extrinsic instead. I want to keep the dependencies of tdx-quote as minimal as possible as its used in a pallet.
But if we decide to do quote verification by other TS servers, then we will want this.
| @@ -178,6 +178,7 @@ pub fn app(app_state: AppState) -> Router { | |||
| .route("/user/sign_tx", post(sign_tx)) | |||
| .route("/signer/proactive_refresh", post(proactive_refresh)) | |||
| .route("/validator/reshare", post(new_reshare)) | |||
| .route("/attest", post(attest)) | |||
There was a problem hiding this comment.
FWIW I think it's fine as is
* master: TSS attestation endpoint (#1001)
This is part of #982
This adds a HTTP endpoint
/attestto the TS server.With the
unsafefeature enabled, this will create a mock TDX quote for testing the attestation logic on non-TDX hardware.Without the
unsafefeature enabled, this will currently just respond with an error. Eventually though, it will create an actual TDX quote.The idea is that once there is a pallet handling attestation, this endpoint will be called by an offchain worker. The endpoint will create the quote and submit it to the chain in an extrinsic. That does not yet happen, as we don't yet have a pallet to handle this.