Fix production feature propagation

primitives/core/Cargo.toml

@@ -38,3 +38,6 @@ std = [
     "ring/std",
     "pallet-evm/std",
 ]
+production = [
+    "litentry-macros/production",
+]

primitives/core/macros/Cargo.toml

@@ -4,3 +4,6 @@ description = 'Proc-macros used by Litentry crates.'
 name = "litentry-macros"
 version = "0.9.12"
 edition = "2021"
+
+[features]
+production = []

tee-worker/app-libs/stf/Cargo.toml

@@ -91,3 +91,6 @@ std = [
     "itp-node-api-metadata-provider/std",
 ]
 test = []
+production = [
+    "litentry-macros/production",
+]

tee-worker/app-libs/stf/src/helpers.rs

@@ -17,19 +17,17 @@
 use crate::ENCLAVE_ACCOUNT_KEY;
 use codec::{Decode, Encode};
 use frame_support::ensure;
-use hex_literal::hex;
 use itp_stf_primitives::error::{StfError, StfResult};
 use itp_storage::{storage_double_map_key, storage_map_key, storage_value_key, StorageHasher};
 use itp_types::Index;
 use itp_utils::stringify::account_id_to_string;
 use litentry_primitives::{ErrorDetail, Identity, Web3ValidationData};
 use log::*;
 use sp_core::blake2_256;
-use sp_runtime::AccountId32;
 use std::prelude::v1::*;
 
-pub const ALICE_ACCOUNTID32: AccountId32 =
-	AccountId32::new(hex!["d43593c715fdd31c61141abd04a99fd6822c8558854ccde39a5684e7a56da27d"]);
+#[cfg(not(feature = "production"))]
+pub use non_prod::*;
 
 pub fn get_storage_value<V: Decode>(
 	storage_prefix: &'static str,
@@ -128,16 +126,6 @@ pub fn ensure_enclave_signer_or_self<AccountId: Encode + Decode + PartialEq>(
 	}
 }
 
-#[cfg(not(feature = "production"))]
-pub fn ensure_alice(signer: &AccountId32) -> bool {
-	signer == &ALICE_ACCOUNTID32
-}
-
-#[cfg(not(feature = "production"))]
-pub fn ensure_enclave_signer_or_alice(signer: &AccountId32) -> bool {
-	signer == &enclave_signer_account::<AccountId32>() || ensure_alice(signer)
-}
-
 // verification message format:
 // ```
 // blake2_256(<sidechain nonce> + <primary account> + <identity-to-be-linked>)
@@ -173,3 +161,21 @@ pub fn verify_web3_identity(
 
 	Ok(())
 }
+
+#[cfg(not(feature = "production"))]
+mod non_prod {
+	use super::*;
+	use hex_literal::hex;
+	use sp_runtime::AccountId32;
+
+	pub const ALICE_ACCOUNTID32: AccountId32 =
+		AccountId32::new(hex!["d43593c715fdd31c61141abd04a99fd6822c8558854ccde39a5684e7a56da27d"]);
+
+	pub fn ensure_alice(signer: &AccountId32) -> bool {
+		signer == &ALICE_ACCOUNTID32
+	}
+
+	pub fn ensure_enclave_signer_or_alice(signer: &AccountId32) -> bool {
+		signer == &enclave_signer_account::<AccountId32>() || ensure_alice(signer)
+	}
+}

tee-worker/app-libs/stf/src/trusted_call.rs

@@ -23,10 +23,11 @@ use std::vec::Vec;
 
 #[cfg(feature = "evm")]
 use crate::evm_helpers::{create_code_hash, evm_create2_address, evm_create_address};
+#[cfg(not(feature = "production"))]
+use crate::helpers::ensure_enclave_signer_or_alice;
 use crate::{
 	helpers::{
-		enclave_signer_account, ensure_enclave_signer_account, ensure_enclave_signer_or_alice,
-		ensure_self, get_storage_by_key_hash,
+		enclave_signer_account, ensure_enclave_signer_account, ensure_self, get_storage_by_key_hash,
 	},
 	trusted_call_result::{
 		ActivateIdentityResult, DeactivateIdentityResult, RequestVCResult,

tee-worker/enclave-runtime/Cargo.toml

@@ -17,7 +17,15 @@ evm = [
     "ita-sgx-runtime/evm",
     "ita-stf/evm",
 ]
-production = ["itp-settings/production", "itp-attestation-handler/production"]
+production = [
+    "ita-stf/production",
+    "itp-settings/production",
+    "itp-attestation-handler/production",
+    "lc-data-providers/production",
+    "lc-vc-task-receiver/production",
+    "litentry-primitives/production",
+    "litentry-macros/production",
+]
 sidechain = ["itp-settings/sidechain", "itp-top-pool-author/sidechain"]
 offchain-worker = [
     "itp-settings/offchain-worker",

tee-worker/enclave-runtime/src/rpc/worker_api_direct.rs

@@ -42,9 +42,7 @@ use itp_stf_executor::{getter_executor::ExecuteGetter, traits::StfShardVaultQuer
 use itp_stf_primitives::types::AccountId;
 use itp_stf_state_handler::handle_state::HandleState;
 use itp_top_pool_author::traits::AuthorApi;
-use itp_types::{
-	DirectRequestStatus, Index, MrEnclave, RsaRequest, ShardIdentifier, SidechainBlockNumber, H256,
-};
+use itp_types::{DirectRequestStatus, Index, RsaRequest, ShardIdentifier, H256};
 use itp_utils::{FromHexPrefixed, ToHexPrefixed};
 use its_primitives::types::block::SignedBlock;
 use its_sidechain::rpc_handler::{
@@ -340,6 +338,7 @@ where
 	});
 
 	if_not_production!({
+		use itp_types::{MrEnclave, SidechainBlockNumber};
 		// state_updateScheduledEnclave, params: sidechainBlockNumber, hex encoded mrenclave
 		io.add_sync_method("state_updateScheduledEnclave", move |params: Params| {
 			match params.parse::<(SidechainBlockNumber, String)>() {

tee-worker/enclave-runtime/src/top_pool_execution.rs

@@ -15,11 +15,12 @@
 
 */
 
+#[cfg(not(feature = "production"))]
+use crate::initialization::global_components::GLOBAL_SIDECHAIN_FAIL_SLOT_ON_DEMAND_COMPONENT;
 use crate::{
 	error::Result,
 	initialization::global_components::{
 		GLOBAL_OCALL_API_COMPONENT, GLOBAL_SIDECHAIN_BLOCK_COMPOSER_COMPONENT,
-		GLOBAL_SIDECHAIN_FAIL_SLOT_ON_DEMAND_COMPONENT,
 		GLOBAL_SIDECHAIN_IMPORT_QUEUE_WORKER_COMPONENT, GLOBAL_SIGNING_KEY_REPOSITORY_COMPONENT,
 		GLOBAL_STATE_HANDLER_COMPONENT, GLOBAL_TOP_POOL_AUTHOR_COMPONENT,
 	},
@@ -172,6 +173,7 @@ fn execute_top_pool_trusted_calls_internal() -> Result<()> {
 
 	let authority = GLOBAL_SIGNING_KEY_REPOSITORY_COMPONENT.get()?.retrieve_key()?;
 
+	#[cfg(not(feature = "production"))]
 	let fail_on_demand = GLOBAL_SIDECHAIN_FAIL_SLOT_ON_DEMAND_COMPONENT.get()?;
 
 	match yield_next_slot(

tee-worker/litentry/core/data-providers/Cargo.toml

@@ -69,3 +69,6 @@ std = [
     "litentry-primitives/std",
     "chrono",
 ]
+production = [
+    "litentry-macros/production",
+]

tee-worker/litentry/core/vc-issuance/lc-vc-task-receiver/Cargo.toml

@@ -94,3 +94,8 @@ std = [
     "itp-storage/std",
     "lc-vc-task-sender/std",
 ]
+production = [
+    "ita-stf/production",
+    "lc-data-providers/production",
+    "litentry-macros/production",
+]

tee-worker/litentry/core/vc-issuance/lc-vc-task-receiver/src/lib.rs

@@ -20,12 +20,11 @@ use crate::vc_handling::VCRequestHandler;
 use codec::{Decode, Encode};
 use frame_support::{ensure, sp_runtime::traits::One};
 use ita_sgx_runtime::{pallet_imt::get_eligible_identities, BlockNumber, Hash, Runtime};
+#[cfg(not(feature = "production"))]
+use ita_stf::helpers::ensure_alice;
 use ita_stf::{
-	aes_encrypt_default,
-	helpers::{ensure_alice, ensure_self},
-	trusted_call_result::RequestVCResult,
-	Getter, OpaqueCall, TrustedCall, TrustedCallSigned, TrustedCallVerification, TrustedOperation,
-	H256,
+	aes_encrypt_default, helpers::ensure_self, trusted_call_result::RequestVCResult, Getter,
+	OpaqueCall, TrustedCall, TrustedCallSigned, TrustedCallVerification, TrustedOperation, H256,
 };
 use itp_extrinsics_factory::CreateExtrinsics;
 use itp_node_api::metadata::{

tee-worker/litentry/primitives/Cargo.toml

@@ -39,7 +39,9 @@ base64 = { version = "0.13", features = ["alloc"] }
 
 [features]
 default = ["std"]
-production = []
+production = [
+    "parentchain-primitives/production",
+]
 sgx = [
     "sgx_tstd",
     "rand-sgx",

tee-worker/service/Cargo.toml

@@ -86,7 +86,13 @@ default = []
 evm = []
 sidechain = ["itp-settings/sidechain"]
 offchain-worker = ["itp-settings/offchain-worker"]
-production = ["itp-settings/production"]
+production = [
+    "ita-stf/production",
+    "itp-settings/production",
+    "lc-data-providers/production",
+    "litentry-macros/production",
+    "litentry-primitives/production",
+]
 teeracle = ["itp-settings/teeracle"]
 dcap = []
 attesteer = ["dcap"]

tee-worker/service/src/main_impl.rs

@@ -242,6 +242,8 @@ pub(crate) fn main() {
 		setup::generate_shielding_key_file(enclave.as_ref());
 	} else if matches.is_present("signing-key") {
 		setup::generate_signing_key_file(enclave.as_ref());
+		let tee_accountid = enclave_account(enclave.as_ref());
+		println!("Enclave signing account: {:}", &tee_accountid.to_ss58check());
 	} else if matches.is_present("dump-ra") {
 		info!("*** Perform RA and dump cert to disk");
 		#[cfg(not(feature = "dcap"))]