-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dynamic EVM assertions #2695
Dynamic EVM assertions #2695
Conversation
…grammable-vc-building
…grammable-vc-building
…grammable-vc-building
…grammable-vc-building
…grammable-vc-building
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks pretty good overall, the idea of dynamic assertions is quite nice.
I have a few observations. Since we are storing the assertions/smart contracts in the parachain, why don't we use that state instead of storing them also in a sealed file? or (if my assumption that there could by a sync issue in a multi worker setup is correct), how about storing this data on the sidechain storage?
Thanks @silva-fj for review. Getting state directly from parachain's store was my first choice but it requires parachain block header in order to verify date see There should be no sync issue because after initial sync workers will continously process parachain's events and apply changes to local state. Additionaly for data that is not used/produced by STF I see no point for using sidechain's storage. |
c6f7c42
to
759ec10
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not much I can complain, good job 👍
We might need a mechanism to "forcibly" sync the parachain assertion registry at once in case we lose the track of the events, but that's a general question between parachain <> worker sync
General
This PR adds foundation for creating user defined runtime assertions called Dynamic Assertions
Dynamic Assertion is a assertion logic represented by code/binary that can be added to parachain's storage by any account and executed by dynamic assertion runtime inside sidechain's sgx enclave.
The main purpose of dynamic assertions is to provide the infrastructure for the community to freely define and create assertions. Secondary goal is to remove assertions written in Rust that are baked into identity-worker's code.
Dynamic assertion has an access to:
Assertion secret is a string encrypted with worker's shielding key that is added during dynamic assertion creation and is passed to assertion execution. It can be an API-KEY used for authorizing request sent during execution.
Included assertions:
This evm assertion runtime implementation should allow for fulfilling any of the scenarios above. It might need further extension in order to support other cases.
Assertions are propagated to sidechain through parachain's event sync mechanism and are kept in memory + sealed to file.
Storage implementation is far from ideal and we should aim in the future for it's improvement.
Writing evm dynamic assertions
It should be possible to use any language that compiles to valid evm byte code (I tested only
Solidity
). Some of the features are still available but it doesn't make sense to use them in assertions because each assertion is executed inside clean evm runtime, for example writing to evm storage doesn't make sense because it's purged after the execution.Prerequisites for evm dynamic assertions:
function execute(Identity[] memory identities, string[] memory secrets) public
solc 0.8.11
(the most recent version tested)Abstract
DynamicAssertion
contract can be used for easier development. It containsvirtual
execute
function matching signature above. It has also various util functions to work with precompiles andIDGraph
data structures available during the execution.Reaching out to HTTP servers from assertion
EVM assertion runtime contains various precompiles providing ability for making HTTP calls and extracting data using JSONPointer .
Example of getting followers count from X api:
List of precompiles:
0x03E8
-GetI64
- for getting I64 value from HTTP server0x03E9
-GetBool
- for getting bool value from HTTP server0x03EA
-GetString
- for getting string value from HTTP server0x041B
-toHex
- for turning bytes into hex stringAssertion's Solidity source code can be found under
litentry-parachain/tee-worker/litentry/core/assertion-build/src/dynamic/contracts
.