Add dependencies for merkle proofs

scrtlabs · Oct 30, 2023 · 7bc88bf · 7bc88bf
1 parent ee397ab
commit 7bc88bf
Show file tree

Hide file tree

Showing 3 changed files with 80 additions and 18 deletions.
diff --git a/cosmwasm/enclaves/Cargo.lock b/cosmwasm/enclaves/Cargo.lock
diff --git a/cosmwasm/enclaves/execute/Cargo.toml b/cosmwasm/enclaves/execute/Cargo.toml
@@ -21,25 +21,25 @@ production = [
   "log/max_level_warn",
   "log/release_max_level_warn",
   "block-verifier/production",
-  "block-verifier/verify-validator-whitelist"
+  "block-verifier/verify-validator-whitelist",
 ]
 debug-print = ["enclave_contract_engine/debug-print"]
 test = [
   "enclave_contract_engine/test",
   "enclave_crypto/test",
   "enclave_cosmos_types/test",
-  "block-verifier/test"
+  "block-verifier/test",
 ]
 use_seed_service_on_bootstrap = []
 epid_whitelist_disabled = []
 light-client-validation = [
   "enclave_contract_engine/light-client-validation",
-  "block-verifier"
+  "block-verifier",
 ]
 random = ["enclave_contract_engine/random", "enclave_crypto/random"]
 verify-validator-whitelist = [
   "block-verifier/verify-validator-whitelist",
-  "light-client-validation"
+  "light-client-validation",
 ]
 go-tests = []
 check-hw = []
@@ -50,7 +50,7 @@ check-hw = []
 [target.'cfg(not(target_env = "sgx"))'.dependencies]
 sgx_tstd = { rev = "d2d339cbb005f676bb700059bd51dc689c025f6b", git = "https://github.com/apache/teaclave-sgx-sdk.git", features = [
   "backtrace",
-  "untrusted_time"
+  "untrusted_time",
 ] }
 sgx_types = { rev = "d2d339cbb005f676bb700059bd51dc689c025f6b", git = "https://github.com/apache/teaclave-sgx-sdk.git" }
 
@@ -64,14 +64,14 @@ enclave_crypto = { path = "../shared/crypto" }
 enclave_utils = { path = "../shared/utils" }
 enclave_cosmos_types = { path = "../shared/cosmos-types", optional = true }
 serde = { git = "https://github.com/mesalock-linux/serde-sgx", features = [
-  "derive"
+  "derive",
 ] }
 serde_json = { git = "https://github.com/mesalock-linux/serde-json-sgx" }
 ctor = "0.1.13"
 derive_more = "0.99"
 pwasm-utils = { version = "0.12.0", default-features = false }
 parity-wasm = { version = "0.45.0", default-features = false, features = [
-  "sign_ext"
+  "sign_ext",
 ] }
 base64 = { rev = "dc7389e10817b078f289386b3b6a852ab6c4c021", git = "https://github.com/mesalock-linux/rust-base64-sgx" }
 # for attestation
@@ -85,10 +85,13 @@ lazy_static = "1.4"
 hex = "0.4.2"
 log = "0.4.17"
 simple_logger = { version = "2.3.0", default-features = false, features = [
-  "stderr"
+  "stderr",
 ] }
 block-verifier = { path = "../shared/block-verifier", optional = true }
 time = "=0.3.17"
+tendermint = { git = "https://github.com/scrtlabs/tendermint-rs", branch = "fix-val-set-parsing", default-features = false }
+cosmos-sdk-proto = { version = "0.16.0", default-features = false }
+integer-encoding = "3.0.4"
 
 [dependencies.webpki]
 git = "https://github.com/mesalock-linux/webpki"

diff --git a/cosmwasm/enclaves/execute/src/ecalls.rs b/cosmwasm/enclaves/execute/src/ecalls.rs
@@ -1,4 +1,8 @@
+use cosmos_sdk_proto::cosmos::base::kv::v1beta1::{Pair, Pairs};
+use cosmos_sdk_proto::traits::Message;
+use integer_encoding::VarInt;
 use sgx_types::sgx_status_t;
+use tendermint::merkle;
 
 /// # Safety
 ///  This function reads buffers which must be correctly initialized by the caller,
@@ -45,3 +49,64 @@ pub unsafe extern "C" fn ecall_submit_block_signatures(
         sgx_status_t::SGX_ERROR_ECALL_NOT_ALLOWED
     }
 }
+
+#[no_mangle]
+#[allow(unused_variables)]
+pub unsafe extern "C" fn ecall_submit_store_roots(
+    in_roots: *const u8,
+    in_roots_len: u32,
+    in_compute_root: *const u8,
+    in_compute_root_len: u32,
+) -> sgx_status_t {
+    validate_input_length!(in_roots_len, "roots", MAX_VARIABLE_LENGTH);
+    validate_const_ptr!(
+        in_roots,
+        in_roots_len as usize,
+        sgx_status_t::SGX_ERROR_INVALID_PARAMETER
+    );
+    validate_input_length!(in_compute_root_len, "roots", MAX_VARIABLE_LENGTH);
+    validate_const_ptr!(
+        in_compute_root,
+        in_compute_root_len as usize,
+        sgx_status_t::SGX_ERROR_INVALID_PARAMETER
+    );
+
+    let store_roots_slice = slice::from_raw_parts(in_roots, in_roots_len as usize);
+    let compute_root_slice = slice::from_raw_parts(in_compute_root, in_compute_root_len as usize);
+
+    let store_roots: Pairs = Pairs::decode(store_roots_slice).unwrap();
+    let mut store_roots_bytes = vec![];
+
+    // Encode all key-value pairs to bytes
+    for root in store_roots.pairs {
+        store_roots_bytes.push(pair_to_bytes(root));
+    }
+
+    let h = merkle::simple_hash_from_byte_vectors(store_roots_bytes);
+    debug!("received app_hash: {:?}", h);
+    debug!("received compute_root: {:?}", compute_root_slice);
+
+    return sgx_status_t::SGX_SUCCESS;
+}
+
+// This is a copy of a cosmos-sdk function: https://github.com/scrtlabs/cosmos-sdk/blob/1b9278476b3ac897d8ebb90241008476850bf212/store/internal/maps/maps.go#LL152C1-L152C1
+// Returns key || value, with both the key and value length prefixed.
+fn pair_to_bytes(kv: Pair) -> Vec<u8> {
+    // In the worst case:
+    // * 8 bytes to Uvarint encode the length of the key
+    // * 8 bytes to Uvarint encode the length of the value
+    // So preallocate for the worst case, which will in total
+    // be a maximum of 14 bytes wasted, if len(key)=1, len(value)=1,
+    // but that's going to rare.
+    let mut buf = vec![];
+
+    // Encode the key, prefixed with its length.
+    buf.extend_from_slice(&(kv.key.len()).encode_var_vec());
+    buf.extend_from_slice(&kv.key);
+
+    // Encode the value, prefixing with its length.
+    buf.extend_from_slice(&(kv.value.len()).encode_var_vec());
+    buf.extend_from_slice(&kv.value);
+
+    return buf;
+}