P-145 Update to VC schema version 1-1-0 (#2709)

- Adds the `issuer.runtimeVersion` field to all generated VCs

tee-worker/app-libs/stf/src/trusted_call.rs

@@ -37,9 +37,11 @@ use frame_support::{ensure, traits::UnfilteredDispatchable};
 use ita_sgx_runtime::{AddressMapping, HashedAddressMapping};
 pub use ita_sgx_runtime::{
 	Balance, IDGraph, Index, ParentchainInstanceLitentry, ParentchainInstanceTargetA,
-	ParentchainInstanceTargetB, ParentchainLitentry, Runtime, System,
+	ParentchainInstanceTargetB, ParentchainLitentry, Runtime, System, VERSION as SIDECHAIN_VERSION,
+};
+use itp_node_api::metadata::{
+	pallet_system::SystemConstants, provider::AccessNodeMetadata, NodeMetadataTrait,
 };
-use itp_node_api::metadata::{provider::AccessNodeMetadata, NodeMetadataTrait};
 use itp_node_api_metadata::{pallet_imp::IMPCallIndexes, pallet_vcmp::VCMPCallIndexes};
 use itp_stf_interface::ExecuteCall;
 use itp_stf_primitives::{
@@ -786,6 +788,10 @@ where
 					assertion
 				);
 
+				let parachain_runtime_version =
+					node_metadata_repo.get_from_metadata(|m| m.system_version())??.spec_version;
+				let sidechain_runtime_version = SIDECHAIN_VERSION.spec_version;
+
 				Self::request_vc_internal(
 					signer.to_account_id().ok_or(Self::Error::InvalidAccount)?,
 					who.clone(),
@@ -794,6 +800,8 @@ where
 					req_ext_hash,
 					maybe_key,
 					shard,
+					parachain_runtime_version,
+					sidechain_runtime_version,
 				)
 				.map_err(|e| {
 					debug!("pushing error event ... error: {}", e);

tee-worker/app-libs/stf/src/trusted_call_litentry.rs

@@ -148,6 +148,7 @@ impl TrustedCallSigned {
 		Ok(())
 	}
 
+	#[allow(clippy::too_many_arguments)]
 	pub fn request_vc_internal(
 		signer: AccountId,
 		who: Identity,
@@ -156,6 +157,8 @@ impl TrustedCallSigned {
 		req_ext_hash: H256,
 		maybe_key: Option<RequestAesKey>,
 		shard: &ShardIdentifier,
+		parachain_runtime_version: u32,
+		sidechain_runtime_version: u32,
 	) -> StfResult<()> {
 		match assertion {
 			// the signer will be checked inside A13, as we don't seem to have access to ocall_api here
@@ -210,6 +213,8 @@ impl TrustedCallSigned {
 			top_hash,
 			parachain_block_number,
 			sidechain_block_number,
+			parachain_runtime_version,
+			sidechain_runtime_version,
 			maybe_key,
 			should_create_id_graph,
 			req_ext_hash,

tee-worker/cli/tests/basic_tests.rs

@@ -10,15 +10,15 @@ fn test_version() {
 	init();
 
 	let res = Cli::try_parse_from(vec!["placeholder_cli_path", "--version"]);
-	let err = clap::Error::new(clap::error::ErrorKind::DisplayVersion);
-	assert!(matches!(res, Err(err)));
+	let _err = clap::Error::new(clap::error::ErrorKind::DisplayVersion);
+	assert!(matches!(res, Err(_err)));
 }
 
 #[test]
 fn test_help() {
 	init();
 
 	let res = Cli::try_parse_from(vec!["placeholder_cli_path", "--help"]);
-	let err = clap::Error::new(clap::error::ErrorKind::DisplayHelp);
-	assert!(matches!(res, Err(err)));
+	let _err = clap::Error::new(clap::error::ErrorKind::DisplayHelp);
+	assert!(matches!(res, Err(_err)));
 }

tee-worker/core-primitives/node-api/metadata/Cargo.toml

@@ -15,13 +15,15 @@ itp-stf-primitives = { default-features = false, path = "../../stf-primitives" }
 
 # substrate
 sp-core = { git = "https://github.com/paritytech/substrate.git", default-features = false, branch = "polkadot-v0.9.42" }
+sp-version = { git = "https://github.com/paritytech/substrate", branch = "polkadot-v0.9.42", default-features = false }
 
 [features]
 default = ["std"]
 std = [
     "codec/std",
     "itp-api-client-types/std",
     "sp-core/std",
+    "sp-version/std",
     "itp-stf-primitives/std",
 ]
 

tee-worker/core-primitives/node-api/metadata/src/lib.rs

@@ -21,7 +21,7 @@
 
 use crate::{
 	error::Result, pallet_balances::BalancesCallIndexes, pallet_imp::IMPCallIndexes,
-	pallet_proxy::ProxyCallIndexes, pallet_system::SystemSs58Prefix,
+	pallet_proxy::ProxyCallIndexes, pallet_system::SystemConstants,
 	pallet_teebag::TeebagCallIndexes, pallet_timestamp::TimestampCallIndexes,
 	pallet_utility::UtilityCallIndexes, pallet_vcmp::VCMPCallIndexes,
 };
@@ -50,7 +50,7 @@ pub trait NodeMetadataTrait:
 	TeebagCallIndexes
 	+ IMPCallIndexes
 	+ VCMPCallIndexes
-	+ SystemSs58Prefix
+	+ SystemConstants
 	+ UtilityCallIndexes
 	+ ProxyCallIndexes
 	+ BalancesCallIndexes
@@ -62,7 +62,7 @@ impl<
 		T: TeebagCallIndexes
 			+ IMPCallIndexes
 			+ VCMPCallIndexes
-			+ SystemSs58Prefix
+			+ SystemConstants
 			+ UtilityCallIndexes
 			+ ProxyCallIndexes
 			+ BalancesCallIndexes
@@ -98,6 +98,7 @@ impl NodeMetadata {
 			runtime_transaction_version,
 		}
 	}
+
 	/// Return the substrate chain runtime version.
 	pub fn get_runtime_version(&self) -> u32 {
 		self.runtime_spec_version

tee-worker/core-primitives/node-api/metadata/src/metadata_mocks.rs

@@ -17,13 +17,14 @@
 
 use crate::{
 	error::Result, pallet_balances::BalancesCallIndexes, pallet_imp::IMPCallIndexes,
-	pallet_proxy::ProxyCallIndexes, pallet_system::SystemSs58Prefix,
+	pallet_proxy::ProxyCallIndexes, pallet_system::SystemConstants,
 	pallet_teebag::TeebagCallIndexes, pallet_timestamp::TimestampCallIndexes,
 	pallet_utility::UtilityCallIndexes, pallet_vcmp::VCMPCallIndexes, runtime_call::RuntimeCall,
 };
 use codec::{Decode, Encode};
 
 use itp_api_client_types::Metadata;
+use sp_version::RuntimeVersion;
 
 impl TryFrom<NodeMetadataMock> for Metadata {
 	type Error = ();
@@ -247,10 +248,18 @@ impl RuntimeCall for NodeMetadataMock {
 	}
 }
 
-impl SystemSs58Prefix for NodeMetadataMock {
+impl SystemConstants for NodeMetadataMock {
 	fn system_ss58_prefix(&self) -> Result<u16> {
 		Ok(131)
 	}
+
+	fn system_version(&self) -> Result<RuntimeVersion> {
+		Ok(RuntimeVersion {
+			spec_version: self.runtime_spec_version,
+			transaction_version: self.runtime_transaction_version,
+			..Default::default()
+		})
+	}
 }
 
 impl ProxyCallIndexes for NodeMetadataMock {

tee-worker/core-primitives/node-api/metadata/src/pallet_system.rs

@@ -13,6 +13,7 @@ limitations under the License.
 use crate::{error::Result, Error, NodeMetadata};
 use codec::Decode;
 use sp_core::storage::StorageKey;
+use sp_version::RuntimeVersion;
 
 /// Pallet' name:
 const SYSTEM: &str = "System";
@@ -34,11 +35,12 @@ impl SystemStorageIndexes for NodeMetadata {
 }
 
 // litentry
-pub trait SystemSs58Prefix {
+pub trait SystemConstants {
 	fn system_ss58_prefix(&self) -> Result<u16>;
+	fn system_version(&self) -> Result<RuntimeVersion>;
 }
 
-impl SystemSs58Prefix for NodeMetadata {
+impl SystemConstants for NodeMetadata {
 	fn system_ss58_prefix(&self) -> Result<u16> {
 		match &self.node_metadata {
 			None => Err(Error::MetadataNotSet),
@@ -49,4 +51,14 @@ impl SystemSs58Prefix for NodeMetadata {
 			},
 		}
 	}
+	fn system_version(&self) -> Result<RuntimeVersion> {
+		match &self.node_metadata {
+			None => Err(Error::MetadataNotSet),
+			Some(meta_data) => {
+				let pallet = meta_data.pallet_by_name(SYSTEM).ok_or(Error::MetadataNotSet)?;
+				let mut raw = pallet.constant_by_name("Version").unwrap().value.as_slice();
+				RuntimeVersion::decode(&mut raw).map_err(|_| Error::InvalidMetadata)
+			},
+		}
+	}
 }

tee-worker/core-primitives/primitives-cache/src/primitives_cache.rs

@@ -83,6 +83,7 @@ pub mod tests {
 		let mut lock = cache.load_for_mutation().unwrap();
 		let mu_ra_url = "hello".to_string();
 		let untrusted_url = "world".to_string();
+
 		let primitives = Primitives::new(mu_ra_url, untrusted_url);
 		*lock = primitives.clone();
 		std::mem::drop(lock);

tee-worker/core-primitives/stf-executor/Cargo.toml

@@ -12,6 +12,7 @@ sgx_tstd = { branch = "master", git = "https://github.com/apache/teaclave-sgx-sd
 sgx_types = { branch = "master", git = "https://github.com/apache/teaclave-sgx-sdk.git" }
 
 # local dependencies
+ita-sgx-runtime = { path = "../../app-libs/sgx-runtime", default-features = false }
 itp-enclave-metrics = { path = "../enclave-metrics", default-features = false }
 itp-node-api = { path = "../node-api", default-features = false }
 itp-ocall-api = { path = "../ocall-api", default-features = false }

tee-worker/core-primitives/stf-executor/src/executor.rs

@@ -123,6 +123,7 @@ where
 		}
 
 		debug!("execute on STF, call with nonce {}", trusted_call.nonce());
+
 		let mut extrinsic_call_backs: Vec<ParentchainCall> = Vec::new();
 		return match Stf::execute_call(
 			state,

tee-worker/core-primitives/stf-interface/Cargo.toml

@@ -5,6 +5,8 @@ authors = ['Trust Computing GmbH <info@litentry.com>', 'Integritee AG <hello@int
 edition = "2021"
 
 [dependencies]
+sgx_tstd = { branch = "master", git = "https://github.com/apache/teaclave-sgx-sdk.git", optional = true, features = ["net", "thread"] }
+
 codec = { version = "3.0.0", default-features = false, features = ["derive"], package = "parity-scale-codec" }
 
 itp-node-api-metadata = { path = "../node-api/metadata", default-features = false, features = ["mocks"] }
@@ -20,4 +22,7 @@ std = [
     "itp-stf-primitives/std",
     "itp-types/std",
 ]
+sgx = [
+    "sgx_tstd",
+]
 mocks = []

tee-worker/core-primitives/top-pool-author/src/api.rs

@@ -132,9 +132,6 @@ mod tests {
 
 	type TestChainApi = SidechainApi<ParentchainBlock, TrustedCallSignedMock>;
 
-	type Seed = [u8; 32];
-	const TEST_SEED: Seed = *b"12345678901234567890123456789012";
-
 	pub fn endowed_account() -> ed25519::Pair {
 		ed25519::Pair::from_seed(&[42u8; 32].into())
 	}

tee-worker/core-primitives/top-pool-author/src/author_tests.rs

@@ -39,7 +39,6 @@ use itp_top_pool::mocks::trusted_operation_pool_mock::TrustedOperationPoolMock;
 use itp_utils::ToHexPrefixed;
 use litentry_primitives::BroadcastedRequest;
 use sgx_crypto_helper::{rsa3072::Rsa3072KeyPair, RsaKeyPair};
-use sp_core::H256;
 use std::sync::Arc;
 
 type TestAuthor<Filter, BroadcastedFilter> = Author<

tee-worker/core-primitives/top-pool-author/src/test_fixtures.rs

@@ -22,9 +22,6 @@ use sp_core::{ed25519, Pair};
 use sp_runtime::traits::{BlakeTwo256, Hash};
 use std::vec;
 
-type Seed = [u8; 32];
-const TEST_SEED: Seed = *b"12345678901234567890123456789012";
-
 pub(crate) fn mr_enclave() -> [u8; 32] {
 	[1u8; 32]
 }

tee-worker/core-primitives/top-pool/src/pool.rs

@@ -478,7 +478,6 @@ pub mod tests {
 		primitives::from_low_u64_to_be_h256,
 	};
 	use codec::{Decode, Encode};
-	use itp_stf_primitives::types::Nonce;
 	use itp_test::mock::stf_mock::{
 		mock_top_direct_trusted_call_signed, mock_trusted_call_signed, TrustedOperationMock,
 	};
@@ -541,7 +540,6 @@ pub mod tests {
 	/// Test RPC responder
 	pub type TestRpcResponder = RpcResponderMock<H256>;
 
-	const INVALID_NONCE: Nonce = 254;
 	const SOURCE: TrustedOperationSource = TrustedOperationSource::External;
 
 	#[derive(Clone, Debug, Default)]

tee-worker/core/rpc-client/src/mock.rs

@@ -21,7 +21,7 @@ use crate::{direct_client::DirectApi, error::Result};
 use codec::Decode;
 use frame_metadata::RuntimeMetadataPrefixed;
 use itp_api_client_types::Metadata;
-use itp_stf_primitives::types::{AccountId, ShardIdentifier};
+use itp_stf_primitives::types::ShardIdentifier;
 use itp_types::{MrEnclave, H256};
 use litentry_primitives::Identity;
 use sgx_crypto_helper::rsa3072::Rsa3072PubKey;

tee-worker/enclave-runtime/src/test/evm_pallet_tests.rs

@@ -82,6 +82,8 @@ pub fn test_evm_call() {
 	TestStf::execute_call(
 		&mut state,
 		&shard,
+		&parachain_runtime_version,
+		&sidechain_runtime_version,
 		trusted_call,
 		Default::default(),
 		&mut parentchain_calls,
@@ -136,6 +138,8 @@ pub fn test_evm_counter() {
 	TestStf::execute_call(
 		&mut state,
 		&shard,
+		&parachain_runtime_version,
+		&sidechain_runtime_version,
 		trusted_call,
 		Default::default(),
 		&mut parentchain_calls,
@@ -268,7 +272,17 @@ fn execute_and_verify_evm_call(
 	.sign(&pair, nonce, mrenclave, shard);
 	let repo = Arc::new(NodeMetadataRepository::<NodeMetadataMock>::default());
 	let shard = ShardIdentifier::default();
-	TestStf::execute_call(state, &shard, inc_call, Default::default(), calls, repo).unwrap();
+	TestStf::execute_call(
+		state,
+		&shard,
+		&parachain_runtime_version,
+		&sidechain_runtime_version,
+		inc_call,
+		Default::default(),
+		calls,
+		repo,
+	)
+	.unwrap();
 
 	let counter_value = state
 		.execute_with(|| get_evm_account_storages(&execution_address, &H256::zero()))
@@ -318,6 +332,8 @@ pub fn test_evm_create() {
 	TestStf::execute_call(
 		&mut state,
 		&shard,
+		&parachain_runtime_version,
+		&sidechain_runtime_version,
 		trusted_call,
 		Default::default(),
 		&mut parentchain_calls,
@@ -382,6 +398,8 @@ pub fn test_evm_create2() {
 	TestStf::execute_call(
 		&mut state,
 		&shard,
+		&parachain_runtime_version,
+		&sidechain_runtime_version,
 		trusted_call,
 		Default::default(),
 		&mut parentchain_calls,