runtime-sdk: randomize deoxysii nonce in simulation

oasisprotocol · Oct 19, 2022 · 1ea36a4 · 1ea36a4
1 parent 2ae6f57
commit 1ea36a4
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 14 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/runtime-sdk/Cargo.toml b/runtime-sdk/Cargo.toml
@@ -31,6 +31,7 @@ num-traits = "0.2.14"
 impl-trait-for-tuples = "0.2.1"
 base64 = "0.13.0"
 once_cell = "1.8.0"
+rand_core = "0.6.4"
 slog = "2.7.0"
 tiny-keccak = { version = "2.0", features = ["tuple_hash"] }
 tokio = { version = "~1.20", features = ["rt"] }

diff --git a/runtime-sdk/src/callformat.rs b/runtime-sdk/src/callformat.rs
@@ -4,6 +4,7 @@ use std::convert::TryInto;
 use anyhow::anyhow;
 use byteorder::{BigEndian, WriteBytesExt};
 use oasis_core_runtime::consensus::beacon;
+use rand_core::{OsRng, RngCore};
 
 use crate::{
     context::Context,
@@ -206,6 +207,10 @@ pub fn encode_result<C: Context>(
                 .write_u32::<BigEndian>(index.try_into().unwrap())
                 .unwrap();
             nonce.extend(&[0, 0, 0]);
+            if ctx.is_simulation() {
+                // Randomize the lower-order bytes of the nonce to facilitate private queries.
+                OsRng.fill_bytes(&mut nonce[12..]);
+            }
             let nonce = nonce.try_into().unwrap();
             // Serialize result.
             let result: CallResult = result.into();