Merge pull request #295 from skalenetwork/bug/SKALE-2784-init-sgx-skaled

Bug/skale 2784 init sgx skaled

CMakeLists.txt

@@ -214,7 +214,6 @@ set( CPACK_INCLUDE_TOPLEVEL_DIRECTORY FALSE )
 include( CPack )
 
 if ( CONSENSUS )
-    set( CMAKE_CXX_FLAGS  "${CMAKE_CXX_FLAGS}  -Werror=unused-parameter" ) # hack to make libBLS compile
     set( SKALED_LATEST_STANDARD ON CACHE BOOL "Use latest standards" ) # depricated option. TODO: remove from consensus
     set( BUILD_TESTS OFF CACHE BOOL "Build tests" ) # do not build libbls tests
     add_subdirectory( libconsensus EXCLUDE_FROM_ALL)

libethcore/ChainOperationParams.h

@@ -80,11 +80,15 @@ struct NodeInfo {
     uint16_t port6;
     std::string sgxServerUrl;
     std::string keyShareName;
+    std::string ecdsaKeyName;
+    std::array< std::string, 4 > insecureBLSPublicKeys;
     std::array< std::string, 4 > insecureCommonBLSPublicKeys;
 
     NodeInfo( std::string _name = "TestNode", u256 _id = 1, std::string _ip = "127.0.0.11",
         uint16_t _port = 11111, std::string _ip6 = "::1", uint16_t _port6 = 11111,
-        std::string _sgxServerUrl = "", std::string _keyShareName = "",
+        std::string _sgxServerUrl = "", std::string _ecdsaKeyName = "",
+        std::string _keyShareName = "",
+        const std::array< std::string, 4 >& _insecureBLSPublicKeys = {"0", "1", "0", "1"},
         const std::array< std::string, 4 >& _insecureCommonBLSPublicKeys = {"0", "1", "0", "1"} ) {
         name = _name;
         id = _id;
@@ -93,7 +97,9 @@ struct NodeInfo {
         ip6 = _ip6;
         port6 = _port6;
         sgxServerUrl = _sgxServerUrl;
+        ecdsaKeyName = _ecdsaKeyName;
         keyShareName = _keyShareName;
+        insecureBLSPublicKeys = _insecureBLSPublicKeys;
         insecureCommonBLSPublicKeys = _insecureCommonBLSPublicKeys;
     }
 };
@@ -107,6 +113,7 @@ struct sChainNode {
     std::string ip6;
     u256 port6;
     u256 sChainIndex;
+    std::string publicKey;
 };
 
 /// skale
@@ -128,7 +135,8 @@ struct SChain {
 
         // HACK This creates one node and allows to run tests - BUT when loading config we need to
         // delete this explicitly!!
-        sChainNode me = {u256( 1 ), "127.0.0.11", u256( 11111 ), "::1", u256( 11111 ), u256( 1 )};
+        sChainNode me = {
+            u256( 1 ), "127.0.0.11", u256( 11111 ), "::1", u256( 11111 ), u256( 1 ), "0xfa"};
         nodes.push_back( me );
     }
 };

libethereum/ChainParams.cpp

@@ -136,7 +136,8 @@ ChainParams ChainParams::loadConfig(
         if ( cp.rotateAfterBlock_ < 0 )
             cp.rotateAfterBlock_ = 0;
 
-
+        std::string ecdsaKeyName = infoObj.at( "ecdsaKeyName" ).get_str();
+        std::array< std::string, 4 > insecureBLSPublicKeys;
         std::array< std::string, 4 > insecureCommonBLSPublicKeys;
 
         try {
@@ -146,6 +147,12 @@ ChainParams ChainParams::loadConfig(
 
             t = ima.at( "t" ).get_int();
             sgxServerUrl = ima.at( "url" ).get_str();
+
+            insecureBLSPublicKeys[0] = ima["insecureBLSPublicKey0"].get_str();
+            insecureBLSPublicKeys[1] = ima["insecureBLSPublicKey1"].get_str();
+            insecureBLSPublicKeys[2] = ima["insecureBLSPublicKey2"].get_str();
+            insecureBLSPublicKeys[3] = ima["insecureBLSPublicKey3"].get_str();
+
             insecureCommonBLSPublicKeys[0] = ima["insecureCommonBLSPublicKey0"].get_str();
             insecureCommonBLSPublicKeys[1] = ima["insecureCommonBLSPublicKey1"].get_str();
             insecureCommonBLSPublicKeys[2] = ima["insecureCommonBLSPublicKey2"].get_str();
@@ -157,8 +164,8 @@ ChainParams ChainParams::loadConfig(
         }
 
         cp.nodeInfo = {nodeName, nodeID, ip, static_cast< uint16_t >( port ), ip6,
-            static_cast< uint16_t >( port6 ), sgxServerUrl, keyShareName,
-            insecureCommonBLSPublicKeys};
+            static_cast< uint16_t >( port6 ), sgxServerUrl, ecdsaKeyName, keyShareName,
+            insecureBLSPublicKeys, insecureCommonBLSPublicKeys};
 
         auto sChainObj = skaleObj.at( "sChain" ).get_obj();
         SChain s{};
@@ -201,6 +208,7 @@ ChainParams ChainParams::loadConfig(
                 node.port6 = 0;
             }
             node.sChainIndex = nodeConfObj.at( "schainIndex" ).get_uint64();
+            node.publicKey = nodeConfObj.at( "publicKey" ).get_str();
             s.nodes.push_back( node );
         }
         cp.sChain = s;
@@ -416,6 +424,7 @@ const std::string& ChainParams::getOriginalJson() const {
     infoObj["basePort6"] = ( int64_t ) nodeInfo.port6;  // TODO not so many bits!
     infoObj["logLevel"] = "trace";
     infoObj["logLevelProposal"] = "trace";
+    infoObj["ecdsaKeyName"] = nodeInfo.ecdsaKeyName;
 
     skaleObj["nodeInfo"] = infoObj;
 
@@ -439,6 +448,7 @@ const std::string& ChainParams::getOriginalJson() const {
         nodeConfObj["ip6"] = node.ip6;
         nodeConfObj["basePort6"] = ( int64_t ) node.port6;
         nodeConfObj["schainIndex"] = ( int64_t ) node.sChainIndex;
+        nodeConfObj["publicKey"] = node.publicKey;
 
         nodes.push_back( nodeConfObj );
     }

libethereum/ConsensusStub.h

@@ -25,6 +25,7 @@
 #ifndef LIBETHEREUM_CONSENSUSSTUB_H_
 #define LIBETHEREUM_CONSENSUSSTUB_H_
 
+using namespace std;
 #include <libconsensus/node/ConsensusInterface.h>
 #include <libdevcore/Common.h>
 #include <libdevcore/FixedHash.h>

libethereum/SkaleHost.cpp

@@ -68,7 +68,13 @@ std::unique_ptr< ConsensusInterface > DefaultConsensusFactory::create(
 #if CONSENSUS
     const auto& nfo = static_cast< const Interface& >( m_client ).blockInfo( LatestBlock );
     auto ts = nfo.timestamp();
-    return make_unique< ConsensusEngine >( _extFace, m_client.number(), ts );
+    auto consensus_engine_ptr = make_unique< ConsensusEngine >( _extFace, m_client.number(), ts );
+
+    if ( m_client.chainParams().nodeInfo.sgxServerUrl != "" ) {
+        this->fillSgxInfo( *consensus_engine_ptr );
+    }
+
+    return consensus_engine_ptr;
 #else
     unsigned block_number = m_client.number();
     dev::h256 state_root =
@@ -77,6 +83,66 @@ std::unique_ptr< ConsensusInterface > DefaultConsensusFactory::create(
 #endif
 }
 
+#if CONSENSUS
+void DefaultConsensusFactory::fillSgxInfo( ConsensusEngine& consensus ) const {
+    auto sgxServerUrl =
+        std::make_shared< std::string >( m_client.chainParams().nodeInfo.sgxServerUrl );
+
+    const std::string sgx_cert_path = "/skale_node_data/sgx_certs/";
+    const std::string sgx_cert_filename = "sgx.crt";
+    const std::string sgx_key_filename = "sgx.key";
+    auto sgxSSLKeyFilePath = std::make_shared< std::string >( sgx_cert_path + sgx_key_filename );
+    auto sgxSSLCertFilePath = std::make_shared< std::string >( sgx_cert_path + sgx_cert_filename );
+
+    auto ecdsaKeyName =
+        std::make_shared< std::string >( m_client.chainParams().nodeInfo.ecdsaKeyName );
+
+    auto blsKeyName =
+        std::make_shared< std::string >( m_client.chainParams().nodeInfo.keyShareName );
+
+    std::shared_ptr< std::vector< std::string > > ecdsaPublicKeys =
+        std::make_shared< std::vector< std::string > >();
+    for ( const auto& node : m_client.chainParams().sChain.nodes ) {
+        ecdsaPublicKeys->push_back( node.publicKey );
+    }
+
+    std::vector< std::shared_ptr< std::vector< std::string > > > blsPublicKeys;
+    for ( const auto& node : m_client.chainParams().sChain.nodes ) {
+        std::vector< std::string > public_key_share( 4 );
+        if ( node.id != this->m_client.chainParams().nodeInfo.id ) {
+            jsonrpc::HttpClient* jsonRpcClient = new jsonrpc::HttpClient(
+                "http://" + node.ip + ':' + ( node.port + 3 ).convert_to< std::string >() );
+            SkaleClient skaleClient( *jsonRpcClient );
+
+            Json::Value joPublicKeyResponse = skaleClient.skale_imaInfo();
+
+            public_key_share[0] = joPublicKeyResponse["insecureBLSPublicKey0"].asString();
+            public_key_share[1] = joPublicKeyResponse["insecureBLSPublicKey1"].asString();
+            public_key_share[2] = joPublicKeyResponse["insecureBLSPublicKey2"].asString();
+            public_key_share[3] = joPublicKeyResponse["insecureBLSPublicKey3"].asString();
+        } else {
+            public_key_share[0] = this->m_client.chainParams().nodeInfo.insecureBLSPublicKeys[0];
+            public_key_share[1] = this->m_client.chainParams().nodeInfo.insecureBLSPublicKeys[1];
+            public_key_share[2] = this->m_client.chainParams().nodeInfo.insecureBLSPublicKeys[2];
+            public_key_share[3] = this->m_client.chainParams().nodeInfo.insecureBLSPublicKeys[3];
+        }
+
+        blsPublicKeys.push_back(
+            std::make_shared< std::vector< std::string > >( public_key_share ) );
+    }
+
+    auto blsPublicKeysPtr =
+        std::make_shared< std::vector< std::shared_ptr< std::vector< std::string > > > >(
+            blsPublicKeys );
+
+    size_t n = m_client.chainParams().sChain.nodes.size();
+    size_t t = ( 2 * n + 2 ) / 3;
+
+    consensus.setSGXKeyInfo( sgxServerUrl, sgxSSLKeyFilePath, sgxSSLCertFilePath, ecdsaKeyName,
+        ecdsaPublicKeys, blsKeyName, blsPublicKeysPtr, t, n );
+}
+#endif
+
 class ConsensusExtImpl : public ConsensusExtFace {
 public:
     ConsensusExtImpl( SkaleHost& _host );

libethereum/SkaleHost.h

@@ -55,6 +55,8 @@ class BlockHeader;
 }  // namespace eth
 }  // namespace dev
 
+class ConsensusEngine;
+
 struct tx_hash_small {
     size_t operator()( const dev::eth::Transaction& t ) const {
         const dev::h256& h = t.sha3();
@@ -70,21 +72,14 @@ class ConsensusFactory {
 
 class DefaultConsensusFactory : public ConsensusFactory {
 public:
-    DefaultConsensusFactory( const dev::eth::Client& _client,
-        const std::string& _blsPrivateKey = "", const std::string& _blsPublicKey1 = "",
-        const std::string& _blsPublicKey2 = "", const std::string& _blsPublicKey3 = "",
-        const std::string& _blsPublicKey4 = "" )
-        : m_client( _client ),
-          m_blsPrivateKey( _blsPrivateKey ),
-          m_blsPublicKey1( _blsPublicKey1 ),
-          m_blsPublicKey2( _blsPublicKey2 ),
-          m_blsPublicKey3( _blsPublicKey3 ),
-          m_blsPublicKey4( _blsPublicKey4 ) {}
+    DefaultConsensusFactory( const dev::eth::Client& _client ) : m_client( _client ) {}
     virtual std::unique_ptr< ConsensusInterface > create( ConsensusExtFace& _extFace ) const;
 
 private:
     const dev::eth::Client& m_client;
-    std::string m_blsPrivateKey, m_blsPublicKey1, m_blsPublicKey2, m_blsPublicKey3, m_blsPublicKey4;
+#if CONSENSUS
+    void fillSgxInfo( ConsensusEngine& consensus ) const;
+#endif
 };
 
 class SkaleHost {

skaled/main.cpp

@@ -398,8 +398,6 @@ int main( int argc, char** argv ) try {
     string masterPassword;
     bool masterSet = false;
 
-    std::string blsJson;
-
     strings passwordsToNote;
     Secrets toImport;
 
@@ -981,18 +979,6 @@ int main( int argc, char** argv ) try {
     if ( !strPathDB.empty() )
         setDataDir( strPathDB );
 
-    if ( vm.count( "bls-key-file" ) && vm["bls-key-file"].as< string >() != "NULL" ) {
-        try {
-            fs::path blsFile = vm["bls-key-file"].as< string >();
-            blsJson = contentsString( blsFile.string() );
-            if ( blsJson.empty() )
-                throw "BLS key file probably not found";
-        } catch ( ... ) {
-            cerr << "Bad --bls-key-file option: " << vm["bls-key-file"].as< string >() << "\n";
-            return -1;
-        }
-    }
-
     if ( vm.count( "public-ip" ) ) {
         publicIP = vm["public-ip"].as< string >();
     }
@@ -1115,40 +1101,6 @@ int main( int argc, char** argv ) try {
         }
     }
 
-    string blsPrivateKey;
-    string blsPublicKey1;
-    string blsPublicKey2;
-    string blsPublicKey3;
-    string blsPublicKey4;
-
-    if ( !blsJson.empty() ) {
-        try {
-            using namespace json_spirit;
-
-            mValue val;
-            json_spirit::read_string_or_throw( blsJson, val );
-            mObject obj = val.get_obj();
-
-            string blsPrivateKey = obj["secret_key"].get_str();
-
-            mArray pub = obj["common_public"].get_array();
-
-            string blsPublicKey1 = pub[0].get_str();
-            string blsPublicKey2 = pub[1].get_str();
-            string blsPublicKey3 = pub[2].get_str();
-            string blsPublicKey4 = pub[3].get_str();
-
-        } catch ( const json_spirit::Error_position& err ) {
-            cerr << "error in parsing BLS keyfile:\n";
-            cerr << err.reason_ << " line " << err.line_ << endl;
-            cerr << blsJson << endl;
-        } catch ( ... ) {
-            cerr << "BLS keyfile is not well formatted\n";
-            cerr << blsJson << endl;
-            return 0;
-        }
-    }
-
     if ( !chainConfigIsSet )
         // default to skale if not already set with `--config`
         chainParams = ChainParams( genesisInfo( eth::Network::Skale ) );
@@ -1165,12 +1117,8 @@ int main( int argc, char** argv ) try {
         isStartedFromSnapshot = true;
         std::string commonPublicKey = "";
         if ( !vm.count( "public-key" ) ) {
-            // for tests only! remove it later
-            commonPublicKey = "";
-            //            throw std::runtime_error(
-            //                cc::error( "Missing --public-key option - cannot download
-            //                snapshot" )
-            //                );
+            throw std::runtime_error(
+                cc::error( "Missing --public-key option - cannot download snapshot" ) );
         } else {
             commonPublicKey = vm["public-key"].as< std::string >();
         }
@@ -1343,8 +1291,7 @@ int main( int argc, char** argv ) try {
 
         client->setAuthor( chainParams.sChain.owner );
 
-        DefaultConsensusFactory cons_fact(
-            *client, blsPrivateKey, blsPublicKey1, blsPublicKey2, blsPublicKey3, blsPublicKey4 );
+        DefaultConsensusFactory cons_fact( *client );
         std::shared_ptr< SkaleHost > skaleHost =
             std::make_shared< SkaleHost >( *client, &cons_fact );
         gasPricer = std::make_shared< ConsensusGasPricer >( *skaleHost );

test/unittests/libethereum/ClientTest.cpp

@@ -306,13 +306,14 @@ static std::string const c_genesisInfoSkaleTest = std::string() +
       "bindIP": "127.0.0.1",
       "basePort": 1231,
       "logLevel": "trace",
-      "logLevelProposal": "trace"
+      "logLevelProposal": "trace",
+      "ecdsaKeyName": "NEK:fa112"
     },
     "sChain": {
         "schainName": "TestChain",
         "schainID": 1,
         "nodes": [
-          { "nodeID": 1112, "ip": "127.0.0.1", "basePort": 1231, "schainIndex" : 1}
+          { "nodeID": 1112, "ip": "127.0.0.1", "basePort": 1231, "schainIndex" : 1, "publicKey": "0xfa"}
         ]
     }
   },
@@ -473,14 +474,15 @@ static std::string const c_skaleConfigString = R"(
             "nodeName": "TestNode",
             "nodeID": 1112,
             "bindIP": "127.0.0.1",
-            "basePort": 1231
+            "basePort": 1231,
+            "ecdsaKeyName": "NEK:fa112"
         },
         "sChain": {
             "schainName": "TestChain",
             "schainID": 1,
             "snapshotIntervalMs": 10,
             "nodes": [
-              { "nodeID": 1112, "ip": "127.0.0.1", "basePort": 1231, "ip6": "::1", "basePort6": 1231, "schainIndex" : 1}
+              { "nodeID": 1112, "ip": "127.0.0.1", "basePort": 1231, "ip6": "::1", "basePort6": 1231, "schainIndex" : 1, "publicKey" : "0xfa"}
             ]
         }
     },

test/unittests/libweb3jsonrpc/jsonrpc.cpp

@@ -84,14 +84,15 @@ static std::string const c_genesisConfigString =
             "bindIP": "127.0.0.1",
             "basePort": 1231,
             "logLevel": "trace",
-            "logLevelProposal": "trace"
+            "logLevelProposal": "trace",
+            "ecdsaKeyName": "NEK:fa112"
         },
         "sChain": {
             "schainName": "TestChain",
             "schainID": 1,
             "storageLimit": 128,
             "nodes": [
-                { "nodeID": 1112, "ip": "127.0.0.1", "basePort": 1231, "schainIndex" : 1}
+                { "nodeID": 1112, "ip": "127.0.0.1", "basePort": 1231, "schainIndex" : 1, "publicKey": "0xfa"}
             ]
         }
     },

test/unittests/mapreduce_consensus/ConsensusEngine.cpp

@@ -193,7 +193,7 @@ class ConsensusExtFaceFixture : public ConsensusExtFace {
         chainParams.gasLimit = chainParams.maxGasLimit;
         chainParams.extraData = h256::random().asBytes();
 
-        sChainNode node2{u256( 2 ), "127.0.0.12", u256( 11111 ), "::1", u256( 11111 ), u256( 1 )};
+        sChainNode node2{u256( 2 ), "127.0.0.12", u256( 11111 ), "::1", u256( 11111 ), u256( 1 ), "0xfa"};
         chainParams.sChain.nodes.push_back( node2 );
         //////////////////////////////////////////////