Add events for all dispatchables (#180)

* adding events for teerex pallet * adding parentchain event * addressing comment * addressing comments * address comments for named event fields in teerex pallet * solving issue 179 * satisfying both cases for skipping and not skipping ias * add to dcap as well * fixing bug * refactor naming --------- Co-authored-by: Alain Brenzikofer <[email protected]>
integritee-network · Jun 8, 2023 · be26e6b · be26e6b
1 parent b47aedc
commit be26e6b
Show file tree

Hide file tree

Showing 6 changed files with 109 additions and 23 deletions.
diff --git a/parentchain/src/lib.rs b/parentchain/src/lib.rs
@@ -14,9 +14,16 @@ pub mod pallet {
 	/// Configuration trait.
 	#[pallet::config]
 	pub trait Config: frame_system::Config {
+		type RuntimeEvent: From<Event<Self>> + IsType<<Self as frame_system::Config>::RuntimeEvent>;
 		type WeightInfo: WeightInfo;
 	}
 
+	#[pallet::event]
+	#[pallet::generate_deposit(pub(super) fn deposit_event)]
+	pub enum Event<T: Config> {
+		SetBlock { block_number: T::BlockNumber, parent_hash: T::Hash, block_hash: T::Hash },
+	}
+
 	/// The current block number being processed. Set by `set_block`.
 	#[pallet::storage]
 	#[pallet::getter(fn block_number)]
@@ -44,6 +51,11 @@ pub mod pallet {
 			<Number<T>>::put(header.number());
 			<ParentHash<T>>::put(header.parent_hash());
 			<BlockHash<T>>::put(header.hash());
+			Self::deposit_event(Event::SetBlock {
+				block_number: *header.number(),
+				parent_hash: *header.parent_hash(),
+				block_hash: header.hash(),
+			});
 			Ok(())
 		}
 	}

diff --git a/parentchain/src/mock.rs b/parentchain/src/mock.rs
@@ -52,11 +52,12 @@ frame_support::construct_runtime!(
 	{
 		System: frame_system::{Pallet, Call, Config, Storage, Event<T>},
 		Balances: pallet_balances::{Pallet, Call, Storage, Config<T>, Event<T>},
-		Parentchain: pallet_parentchain::{Pallet, Call, Storage},
+		Parentchain: pallet_parentchain::{Pallet, Call, Storage, Event<T>},
 	}
 );
 
 impl Config for Test {
+	type RuntimeEvent = RuntimeEvent;
 	type WeightInfo = ();
 }
 

diff --git a/parentchain/src/tests.rs b/parentchain/src/tests.rs
@@ -14,7 +14,7 @@
 	limitations under the License.
 
 */
-use crate::mock::*;
+use crate::{mock::*, Event as ParentchainEvent};
 use frame_support::{assert_err, assert_ok};
 use sp_core::H256;
 use sp_keyring::AccountKeyring;
@@ -45,6 +45,10 @@ fn verify_storage_works() {
 		assert_eq!(Parentchain::block_number(), block_number);
 		assert_eq!(Parentchain::parent_hash(), parent_hash);
 		assert_eq!(Parentchain::block_hash(), hash);
+
+		System::assert_last_event(
+			ParentchainEvent::SetBlock { block_number, parent_hash, block_hash: hash }.into(),
+		);
 	})
 }
 

diff --git a/primitives/teerex/src/lib.rs b/primitives/teerex/src/lib.rs
@@ -34,6 +34,13 @@ impl Default for SgxBuildMode {
 	}
 }
 
+#[derive(Encode, Decode, Copy, Clone, PartialEq, Eq, sp_core::RuntimeDebug, TypeInfo)]
+pub enum AttestationMethod {
+	Dcap,
+	Ias,
+	Skip,
+}
+
 #[derive(Encode, Decode, Default, Copy, Clone, PartialEq, Eq, sp_core::RuntimeDebug, TypeInfo)]
 pub struct Enclave<PubKey, Url> {
 	pub pubkey: PubKey, // FIXME: this is redundant information

diff --git a/teerex/src/lib.rs b/teerex/src/lib.rs
@@ -26,6 +26,7 @@ use frame_support::{
 use frame_system::{self, ensure_signed};
 use sgx_verify::{
 	deserialize_enclave_identity, deserialize_tcb_info, extract_certs, verify_certificate_chain,
+	SgxStatus,
 };
 use sp_core::H256;
 use sp_runtime::{traits::SaturatedConversion, Saturating};
@@ -80,7 +81,12 @@ pub mod pallet {
 	#[pallet::event]
 	#[pallet::generate_deposit(pub(super) fn deposit_event)]
 	pub enum Event<T: Config> {
-		AddedEnclave(T::AccountId, Vec<u8>),
+		AddedEnclave {
+			registered_by: T::AccountId,
+			worker_url: Vec<u8>,
+			tcb_status: Option<SgxStatus>,
+			attestation_method: AttestationMethod,
+		},
 		RemovedEnclave(T::AccountId),
 		Forwarded(ShardIdentifier),
 		ShieldFunds(Vec<u8>),
@@ -92,6 +98,13 @@ pub mod pallet {
 			hash: H256,
 			data: Vec<u8>,
 		},
+		TcbInfoRegistered {
+			fmspc: Fmspc,
+			on_chain_info: TcbInfoOnChain,
+		},
+		QuotingEnclaveRegistered {
+			quoting_enclave: QuotingEnclave,
+		},
 	}
 
 	// Watch out: we start indexing with 1 instead of zero in order to
@@ -162,13 +175,16 @@ pub mod pallet {
 			log::info!("teerex: parameter length ok");
 
 			#[cfg(not(feature = "skip-ias-check"))]
-			let enclave = Self::verify_report(&sender, ra_report).map(|report| {
-				Enclave::new(
-					sender.clone(),
-					report.mr_enclave,
-					report.timestamp,
-					worker_url.clone(),
-					report.build_mode,
+			let (enclave, report) = Self::verify_report(&sender, ra_report).map(|report| {
+				(
+					Enclave::new(
+						sender.clone(),
+						report.mr_enclave,
+						report.timestamp,
+						worker_url.clone(),
+						report.build_mode,
+					),
+					report,
 				)
 			})?;
 
@@ -192,7 +208,22 @@ pub mod pallet {
 			);
 
 			Self::add_enclave(&sender, &enclave)?;
-			Self::deposit_event(Event::AddedEnclave(sender, worker_url));
+
+			#[cfg(not(feature = "skip-ias-check"))]
+			Self::deposit_event(Event::AddedEnclave {
+				registered_by: sender,
+				worker_url,
+				tcb_status: Some(report.status),
+				attestation_method: AttestationMethod::Ias,
+			});
+
+			#[cfg(feature = "skip-ias-check")]
+			Self::deposit_event(Event::AddedEnclave {
+				registered_by: sender,
+				worker_url,
+				tcb_status: None,
+				attestation_method: AttestationMethod::Skip,
+			});
 			Ok(().into())
 		}
 
@@ -314,13 +345,16 @@ pub mod pallet {
 			log::info!("teerex: parameter length ok");
 
 			#[cfg(not(feature = "skip-ias-check"))]
-			let enclave = Self::verify_dcap_quote(&sender, dcap_quote).map(|report| {
-				Enclave::new(
-					sender.clone(),
-					report.mr_enclave,
-					report.timestamp,
-					worker_url.clone(),
-					report.build_mode,
+			let (enclave, report) = Self::verify_dcap_quote(&sender, dcap_quote).map(|report| {
+				(
+					Enclave::new(
+						sender.clone(),
+						report.mr_enclave,
+						report.timestamp,
+						worker_url.clone(),
+						report.build_mode,
+					),
+					report,
 				)
 			})?;
 
@@ -344,7 +378,22 @@ pub mod pallet {
 			);
 
 			Self::add_enclave(&sender, &enclave)?;
-			Self::deposit_event(Event::AddedEnclave(sender, worker_url));
+
+			#[cfg(not(feature = "skip-ias-check"))]
+			Self::deposit_event(Event::AddedEnclave {
+				registered_by: sender,
+				worker_url,
+				tcb_status: Some(report.status),
+				attestation_method: AttestationMethod::Dcap,
+			});
+
+			#[cfg(feature = "skip-ias-check")]
+			Self::deposit_event(Event::AddedEnclave {
+				registered_by: sender,
+				worker_url,
+				tcb_status: None,
+				attestation_method: AttestationMethod::Skip,
+			});
 			Ok(().into())
 		}
 
@@ -359,9 +408,13 @@ pub mod pallet {
 			log::info!("teerex: called into runtime call register_quoting_enclave()");
 			// Quoting enclaves are registered globally and not for a specific sender
 			let _sender = ensure_signed(origin)?;
-			let quoting_enclave =
-				Self::verify_quoting_enclave(enclave_identity, signature, certificate_chain)?;
-			<QuotingEnclaveRegistry<T>>::put(quoting_enclave);
+			let quoting_enclave = Self::verify_quoting_enclave(
+				enclave_identity.clone(),
+				signature,
+				certificate_chain,
+			)?;
+			<QuotingEnclaveRegistry<T>>::put(&quoting_enclave);
+			Self::deposit_event(Event::QuotingEnclaveRegistered { quoting_enclave });
 			Ok(().into())
 		}
 
@@ -378,7 +431,8 @@ pub mod pallet {
 			let _sender = ensure_signed(origin)?;
 			let (fmspc, on_chain_info) =
 				Self::verify_tcb_info(tcb_info, signature, certificate_chain)?;
-			<TcbInfo<T>>::insert(fmspc, on_chain_info);
+			<TcbInfo<T>>::insert(fmspc, &on_chain_info);
+			Self::deposit_event(Event::TcbInfoRegistered { fmspc, on_chain_info });
 			Ok(().into())
 		}
 

diff --git a/teerex/src/tests/test_cases.rs b/teerex/src/tests/test_cases.rs
@@ -75,6 +75,10 @@ fn register_quoting_enclave_works() {
 		register_test_quoting_enclave::<Test>(alice);
 		let qe = Teerex::quoting_enclave();
 		assert_eq!(qe.isvprodid, 1);
+
+		let expected_event =
+			RuntimeEvent::Teerex(TeerexEvent::QuotingEnclaveRegistered { quoting_enclave: qe });
+		assert!(System::events().iter().any(|a| a.event == expected_event))
 	})
 }
 
@@ -88,6 +92,10 @@ fn register_tcb_info_works() {
 		let tcb_info = Teerex::tcb_info(fmspc);
 		// This is the date that the is registered in register_tcb_info and represents the date 2023-04-16T12:45:32Z
 		assert_eq!(tcb_info.next_update, 1681649132000);
+
+		let expected_event =
+			RuntimeEvent::Teerex(TeerexEvent::TcbInfoRegistered { fmspc, on_chain_info: tcb_info });
+		assert!(System::events().iter().any(|a| a.event == expected_event))
 	})
 }