Deprecate ScheduledEnclave and introduce AuthorizedEnclave
#2856
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Kailai-Wang
added
the
C1-noteworthy
Kailai-Wang
requested review from
kziemianek,
silva-fj,
jonalvarezz,
BillyWooo,
m1iktea and
a team
and removed request for
kziemianek
|
I assume this is not a breaking change for the sdk as it doesn't use |
|
cc @jonalvarezz |
|
for the record, from the client side, the |
wangminqi
added a commit
that referenced
this pull request
Jul 12, 2024
* dockerfile fix (#2853) * client-api: package update for publishing (#2850) --------- Signed-off-by: Jonathan Alvarez <jonathan@litentry.com> Co-authored-by: 0xverin <104152026+0xverin@users.noreply.github.com> * close ws connection in case of BrokenPipe error (#2854) * fix: add developer committee to basefilter (#2855) * Continuous Websocket Message Reading on Readiness Event (#2852) * ws connection read messages fix * fix fmt * optim handling * close ws when read error * optimize error handling --------- Co-authored-by: Kasper Ziemianek <kasper.ziemianek@gmail.com> Co-authored-by: Jayanring <junjie@liteng.io> * Bump syn from 2.0.66 to 2.0.68 (#2839) Bumps [syn](https://github.com/dtolnay/syn) from 2.0.66 to 2.0.68. - [Release notes](https://github.com/dtolnay/syn/releases) - [Commits](dtolnay/syn@2.0.66...2.0.68) --- updated-dependencies: - dependency-name: syn dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Adjust logging level and messages (#2857) * adjust log level * use trace lvl * more log * fix clippy * Deprecate `ScheduledEnclave` and introduce `AuthorizedEnclave` (#2856) * add AuthorizedEnclave * adjust tests * remove old scheduled enclave * bump version * remove indirect call * Use new keys from env setting (#2858) * Add teebag and bitacross to litentry runtime (#2859) * Add teebag and bitacross to litentry runtime * fix compile * P-872 basic tests for contracts (#2845) * Flattening contracts * fix omports * init tests * add compile.json * fix params * fix assertionId * try encryptWithTeeShieldingKey * fix encryptedSecrets * add ci shell * fmt * add lit-tee-vc-contracts-test * rename * chmod +x * source /root/.bashrc * install git * remove sudo * fix shell scripts * ls * ls one more * ls one more * add volumes * cp contracts&&compile * remove hardcode json * fix entrypoint * fix compilation * try to fix assertionId * testing:cli encrypt * fmt * testing:cli response * testing:create assertionId with secretsEncryptedByCli * check:Is cli encrypt the same as ts encrypt * add sleep * update README * merge assertion tests shell * fix docker yml * identity-linking via cli * remove unused code * add developerCommittee * rename scripts name * add alice to developerCommittee * fix copy-contracts * identity-linking using di call * feat: P-860 add logging support for dynamic contract (#2848) * feat: P-860 add logging support for dynamic contract * fix: change vc_logs to optional in RequestVCResult, default log response in http precompile contract * remove default log response in http precompile contract * fix: update ts definition for dynamic assertion * fix clippy * fix: change type of return_log to bool, using Precompiles instead of thread_local variable DYNAMIC_ASSERTION_LOGS, only include vc_logs in rpc response * add the log to vc_logs in all json_utils precompile contracts, do not return vc_logs if stf is true when using CLI * return vc_logs if stf is true * add logs in dynamic contract A20 --------- Co-authored-by: higherordertech <higherordertech> * reuse websocket connection for ceremony rounds (#2861) * Adding force-migrate-shard flag to run worker command (#2862) * fix dynamic assertion integration test (#2864) * Add remove_vault in pallet-bitacross (#2863) * Add remove_vault * Do not pay fees for now * Improve shard migration (#2866) * removing force-migrate-shard and improving migrate-shard * improving mrenclave command * fixing ci * putting back comment * cleaning up mock * update cli doc --------- Co-authored-by: Kailai Wang <Kailai.Wang@hotmail.com> * Disable docker build record upload (#2867) * feat: add DelegatorState CandidateInfo migration * debug: fmt * chore * chore * chore * chore * feat: add a parachain event for completion of contract sync (#2870) * feat: add callback extrinsic for extrinsic * fix: add TEE Origin * fix: add evm_assertions metadata * fix: fix test error * refactor: fix clippy * chore * chore * chore * chore * chore * chore * feat: P-914 implemented NFT token holder VC for MFAN on Polygon (#2877) Co-authored-by: higherordertech <higherordertech> * Disable issue creation GHA (#2881) * fix: request-vc in cli with ii and stf fails to decode (#2882) * fix: request-vc in cli with ii and stf fails to decode * refactor: remove unused import * chore * feat: add ScheduledRequest * feat: add TopDelegations * chore * chore * chore * chore * chore: allow clippy type complexity * chore: add bitacross try-runtime * An and tuna holding amount vc (#2884) * feat: P-915 implemented token holding amount for AN * feat: P-915 implemented token holding amount for TUNA * fix: updated TokenHoldingAmount credentials schema --------- Co-authored-by: higherordertech <higherordertech> * chore * feat: add Total storage * Update dependabot deps (#2880) Co-authored-by: BillyWooo <thedreamofbilly@gmail.com> * Support DCAP RA (#2869) * remove println * consider prod too * add RA_METHOD * temporarily ignore tcb check * lenient tcb level * use Intel for default dcap provider * same change for bc * patch Makefile --------- Co-authored-by: BillyWooo <thedreamofbilly@gmail.com> * chore * feat: add CandidatePool, DelayedPayouts, Staked * chore * chore * chore * chore * chore --------- Signed-off-by: Jonathan Alvarez <jonathan@litentry.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Mi1kTea <73102617+m1iktea@users.noreply.github.com> Co-authored-by: Jonathan Alvarez <jonathan@litentry.com> Co-authored-by: 0xverin <104152026+0xverin@users.noreply.github.com> Co-authored-by: Kasper Ziemianek <kasper.ziemianek@gmail.com> Co-authored-by: Faisal Ahmed <42486737+felixfaisal@users.noreply.github.com> Co-authored-by: Jayanring <81245047+Jayanring@users.noreply.github.com> Co-authored-by: Jayanring <junjie@liteng.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Kai <7630809+Kailai-Wang@users.noreply.github.com> Co-authored-by: will.li <120463031+higherordertech@users.noreply.github.com> Co-authored-by: Francisco Silva <franjs.francisco@gmail.com> Co-authored-by: Kailai Wang <Kailai.Wang@hotmail.com> Co-authored-by: BillyWooo <thedreamofbilly@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Context
This PR introduces a new
AuthorizedEnclaveaiming to supersede (and simplify) the use of the oldScheduledEnclave. It serves as a list of whitelisted MRENCLAVEs without any sidechain block number.So the enclave upgrade flow becomes:
teebag.forceAddAuthorizedEnclaveto add the new MRENCLAVEWe don't have to wait for anything. cc @BillyWooo @m1iktea
The old
ScheduledEnclaveis kept for vc verification purpose. It will be discarded once we use litentry as the parentchain.The
AuthorizedEnclaveis a bounded list, we only keep the latestMaxAuthorizedEnclaveentries (5 for now).More context and decison-making in the linked issue.