merge target b extensions from upstream

Cargo.lock

@@ -849,19 +849,6 @@ dependencies = [
  "thiserror 1.0.40",
 ]
 
-[[package]]
-name = "common-primitives"
-version = "0.1.0"
-source = "git+https://github.com/integritee-network/pallets.git?branch=polkadot-v0.9.42#eaf611b79bc9d56b20c155150e99b549bf98436b"
-dependencies = [
- "derive_more",
- "parity-scale-codec",
- "scale-info",
- "sp-core",
- "sp-runtime",
- "sp-std",
-]
-
 [[package]]
 name = "common-primitives"
 version = "0.1.0"
@@ -1387,7 +1374,7 @@ name = "enclave-bridge-primitives"
 version = "0.1.0"
 source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42#eaf611b79bc9d56b20c155150e99b549bf98436b"
 dependencies = [
- "common-primitives 0.1.0 (git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42)",
+ "common-primitives",
  "log 0.4.19",
  "parity-scale-codec",
  "scale-info",
@@ -3019,7 +3006,7 @@ dependencies = [
  "serde 1.0.164",
  "serde_derive 1.0.164",
  "serde_json 1.0.96",
- "sgx-verify 0.1.4 (git+https://github.com/integritee-network/pallets.git?branch=polkadot-v0.9.42)",
+ "sgx-verify",
  "sgx_crypto_helper",
  "sgx_types",
  "sgx_urts",
@@ -3029,7 +3016,7 @@ dependencies = [
  "sp-keyring",
  "sp-runtime",
  "substrate-api-client",
- "teerex-primitives 0.1.0 (git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42)",
+ "teerex-primitives",
  "thiserror 1.0.40",
  "tokio",
  "warp",
@@ -3579,7 +3566,7 @@ dependencies = [
  "sp-consensus-grandpa",
  "sp-core",
  "sp-runtime",
- "teerex-primitives 0.1.0 (git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42)",
+ "teerex-primitives",
  "thiserror 1.0.40",
 ]
 
@@ -4028,7 +4015,7 @@ dependencies = [
  "sp-core",
  "sp-runtime",
  "sp-std",
- "teerex-primitives 0.1.0 (git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42)",
+ "teerex-primitives",
 ]
 
 [[package]]
@@ -5624,7 +5611,7 @@ dependencies = [
  "sp-io 7.0.0 (git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42)",
  "sp-runtime",
  "sp-std",
- "teerex-primitives 0.1.0 (git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42)",
+ "teerex-primitives",
 ]
 
 [[package]]
@@ -5809,7 +5796,7 @@ dependencies = [
  "sp-io 7.0.0 (git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42)",
  "sp-runtime",
  "sp-std",
- "teerex-primitives 0.1.0 (git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42)",
+ "teerex-primitives",
 ]
 
 [[package]]
@@ -5865,7 +5852,7 @@ dependencies = [
  "sp-std",
  "substrate-fixed",
  "teeracle-primitives",
- "teerex-primitives 0.1.0 (git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42)",
+ "teerex-primitives",
 ]
 
 [[package]]
@@ -5881,12 +5868,12 @@ dependencies = [
  "parity-scale-codec",
  "scale-info",
  "serde 1.0.164",
- "sgx-verify 0.1.4 (git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42)",
+ "sgx-verify",
  "sp-core",
  "sp-io 7.0.0 (git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42)",
  "sp-runtime",
  "sp-std",
- "teerex-primitives 0.1.0 (git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42)",
+ "teerex-primitives",
 ]
 
 [[package]]
@@ -7379,31 +7366,6 @@ dependencies = [
  "serde 1.0.164",
 ]
 
-[[package]]
-name = "sgx-verify"
-version = "0.1.4"
-source = "git+https://github.com/integritee-network/pallets.git?branch=polkadot-v0.9.42#eaf611b79bc9d56b20c155150e99b549bf98436b"
-dependencies = [
- "base64 0.13.1",
- "chrono 0.4.26",
- "der 0.6.1",
- "frame-support",
- "hex",
- "hex-literal",
- "log 0.4.19",
- "parity-scale-codec",
- "ring 0.16.20 (git+https://github.com/Niederb/ring-xous.git?branch=0.16.20-cleanup)",
- "scale-info",
- "serde 1.0.164",
- "serde_json 1.0.96",
- "sp-core",
- "sp-io 7.0.0 (git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42)",
- "sp-std",
- "teerex-primitives 0.1.0 (git+https://github.com/integritee-network/pallets.git?branch=polkadot-v0.9.42)",
- "webpki 0.21.0",
- "x509-cert",
-]
-
 [[package]]
 name = "sgx-verify"
 version = "0.1.4"
@@ -7424,7 +7386,7 @@ dependencies = [
  "sp-core",
  "sp-io 7.0.0 (git+https://github.com/paritytech/substrate.git?branch=polkadot-v0.9.42)",
  "sp-std",
- "teerex-primitives 0.1.0 (git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42)",
+ "teerex-primitives",
  "webpki 0.21.0",
  "x509-cert",
 ]
@@ -8631,33 +8593,17 @@ name = "teeracle-primitives"
 version = "0.1.0"
 source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42#eaf611b79bc9d56b20c155150e99b549bf98436b"
 dependencies = [
- "common-primitives 0.1.0 (git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42)",
+ "common-primitives",
  "sp-std",
  "substrate-fixed",
 ]
 
-[[package]]
-name = "teerex-primitives"
-version = "0.1.0"
-source = "git+https://github.com/integritee-network/pallets.git?branch=polkadot-v0.9.42#eaf611b79bc9d56b20c155150e99b549bf98436b"
-dependencies = [
- "common-primitives 0.1.0 (git+https://github.com/integritee-network/pallets.git?branch=polkadot-v0.9.42)",
- "derive_more",
- "log 0.4.19",
- "parity-scale-codec",
- "scale-info",
- "serde 1.0.164",
- "sp-core",
- "sp-runtime",
- "sp-std",
-]
-
 [[package]]
 name = "teerex-primitives"
 version = "0.1.0"
 source = "git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42#eaf611b79bc9d56b20c155150e99b549bf98436b"
 dependencies = [
- "common-primitives 0.1.0 (git+https://github.com/integritee-network/pallets.git?branch=sdk-v0.12.0-polkadot-v0.9.42)",
+ "common-primitives",
  "derive_more",
  "log 0.4.19",
  "parity-scale-codec",

app-libs/stf/src/stf_sgx.rs

@@ -119,6 +119,7 @@ where
 		match parentchain_id {
 			ParentchainId::Integritee => vec![shards_key_hash()],
 			ParentchainId::TargetA => vec![],
+			ParentchainId::TargetB => vec![],
 		}
 	}
 }

cli/test_shield_on_target_nodes_with_transfer_to_alice.sh

@@ -0,0 +1,158 @@
+#!/bin/bash
+set -euo pipefail
+
+# Verifies that shielding from the Target A and B parentchains works by sending a transfer to //Alice.
+#
+# Note: This test does not do anything meaningful. It only verifies the basic functionality of the Target parentchain
+# connections.
+
+while getopts ":m:p:A:u:V:w:x:y:z:C:" opt; do
+    case $opt in
+        p)
+            INTEGRITEE_RPC_PORT=$OPTARG
+            ;;
+        A)
+            WORKER_1_PORT=$OPTARG
+            ;;
+        u)
+            INTEGRITEE_RPC_URL=$OPTARG
+            ;;
+        V)
+            WORKER_1_URL=$OPTARG
+            ;;
+        w)
+            TARGET_A_PARENTCHAIN_RPC_URL=$OPTARG
+            ;;
+        x)
+            TARGET_A_PARENTCHAIN_RPC_PORT=$OPTARG
+            ;;
+        y)
+            TARGET_B_PARENTCHAIN_RPC_URL=$OPTARG
+            ;;
+        z)
+            TARGET_B_PARENTCHAIN_RPC_PORT=$OPTARG
+            ;;
+        C)
+            CLIENT_BIN=$OPTARG
+            ;;
+        *)
+            echo "invalid arg ${OPTARG}"
+            exit 1
+    esac
+done
+
+# Using default port if none given as arguments.
+INTEGRITEE_RPC_PORT=${INTEGRITEE_RPC_PORT:-9944}
+INTEGRITEE_RPC_URL=${INTEGRITEE_RPC_URL:-"ws://127.0.0.1"}
+TARGET_A_PARENTCHAIN_RPC_PORT=${TARGET_A_PARENTCHAIN_RPC_PORT:-9966}
+TARGET_A_PARENTCHAIN_RPC_URL=${TARGET_A_PARENTCHAIN_RPC_URL:-"ws://127.0.0.1"}
+TARGET_B_PARENTCHAIN_RPC_PORT=${TARGET_B_PARENTCHAIN_RPC_PORT:-9988}
+TARGET_B_PARENTCHAIN_RPC_URL=${TARGET_B_PARENTCHAIN_RPC_URL:-"ws://127.0.0.1"}
+
+WORKER_1_PORT=${WORKER_1_PORT:-2000}
+WORKER_1_URL=${WORKER_1_URL:-"wss://127.0.0.1"}
+
+CLIENT_BIN=${CLIENT_BIN:-"./../bin/integritee-cli"}
+
+echo "Using client binary ${CLIENT_BIN}"
+${CLIENT_BIN} --version
+echo "Using Integritee RPC uri ${INTEGRITEE_RPC_URL}:${INTEGRITEE_RPC_PORT}"
+echo "Using Target A RPC uri ${TARGET_A_PARENTCHAIN_RPC_URL}:${TARGET_A_PARENTCHAIN_RPC_PORT}"
+echo "Using Target B RPC uri ${TARGET_B_PARENTCHAIN_RPC_URL}:${TARGET_B_PARENTCHAIN_RPC_PORT}"
+echo "Using trusted-worker 1 uri ${WORKER_1_URL}:${WORKER_1_PORT}"
+echo ""
+
+# the parentchain token is 12 decimal
+UNIT=$(( 10 ** 12 ))
+
+# make these amounts greater than ED
+AMOUNT_SHIELD=$(( 6 * UNIT ))
+
+CLIENT="${CLIENT_BIN} -p ${INTEGRITEE_RPC_PORT} -P ${WORKER_1_PORT} -u ${INTEGRITEE_RPC_URL} -U ${WORKER_1_URL}"
+CLIENT2="${CLIENT_BIN} -p ${TARGET_A_PARENTCHAIN_RPC_PORT} -P ${WORKER_1_PORT} -u ${TARGET_A_PARENTCHAIN_RPC_URL} -U ${WORKER_1_URL}"
+CLIENT3="${CLIENT_BIN} -p ${TARGET_B_PARENTCHAIN_RPC_PORT} -P ${WORKER_1_PORT} -u ${TARGET_B_PARENTCHAIN_RPC_URL} -U ${WORKER_1_URL}"
+
+# interval and max rounds to wait to check the given account balance in sidechain
+WAIT_INTERVAL_SECONDS=10
+WAIT_ROUNDS=20
+
+# Poll and assert the given account's state is equal to expected,
+# with timeout WAIT_INTERVAL_SECONDS * WAIT_ROUNDS
+# usage:
+#   wait_assert_state <mrenclave> <account> <state-name> <expected-state>
+#   the `state-name` has to be the supported subcommand, e.g. `balance`, `nonce`
+function wait_assert_state()
+{
+    for i in $(seq 1 $WAIT_ROUNDS); do
+        sleep $WAIT_INTERVAL_SECONDS
+        state=$(${CLIENT} trusted --mrenclave "$1" "$3" "$2")
+        if [ $state -eq "$4" ]; then
+            return
+        else
+            :
+        fi
+    done
+    echo
+    echo "Assert $2 $3 failed, expected = $4, actual = $state"
+    exit 1
+}
+
+# Do a live query and assert the given account's state is equal to expected
+# usage:
+#   assert_state <mrenclave> <account> <state-name> <expected-state>
+function assert_state()
+{
+    state=$(${CLIENT} trusted --mrenclave "$1" "$3" "$2")
+    if [ -z "$state" ]; then
+        echo "Query $2 $3 failed"
+        exit 1
+    fi
+
+    if [ $state -eq "$4" ]; then
+        return
+    fi
+    echo
+    echo "Assert $2 $3 failed, expected = $4, actual = $state"
+    exit 1
+}
+
+echo "* Query on-chain enclave registry:"
+${CLIENT} list-workers
+echo ""
+
+# this will always take the first MRENCLAVE found in the registry !!
+read MRENCLAVE <<< $($CLIENT list-workers | awk '/  MRENCLAVE: / { print $2; exit }')
+echo "Reading MRENCLAVE from worker list: ${MRENCLAVE}"
+
+[[ -z $MRENCLAVE ]] && { echo "MRENCLAVE is empty. cannot continue" ; exit 1; }
+
+ALICETRUSTEDACCOUNT=//Alice
+echo "  Alice's trusted account (same as public account) = ${ALICETRUSTEDACCOUNT}"
+echo ""
+
+# Assert the initial trusted balance of Alice incognito
+TRUSTED_BALANCE_ALICE=1000000000000000
+wait_assert_state ${MRENCLAVE} ${ALICETRUSTEDACCOUNT} balance ${TRUSTED_BALANCE_ALICE}
+
+
+echo "* Send ${AMOUNT_SHIELD} from //Alice to //Alice on the Target A parentchain, which should trigger the shield process"
+${CLIENT2} transfer //Alice ${ALICETRUSTEDACCOUNT} ${AMOUNT_SHIELD}
+echo ""
+
+echo "* Wait and assert Alice's incognito account balance, should be $(( TRUSTED_BALANCE_ALICE + AMOUNT_SHIELD ))"
+wait_assert_state ${MRENCLAVE} ${ALICETRUSTEDACCOUNT} balance $(( TRUSTED_BALANCE_ALICE + AMOUNT_SHIELD ))
+echo "✔ ok"
+
+echo "* Send ${AMOUNT_SHIELD} from //Alice to //Alice on the Target B Parentchain, which should trigger the shield process again"
+${CLIENT3} transfer //Alice ${ALICETRUSTEDACCOUNT} ${AMOUNT_SHIELD}
+echo ""
+
+echo "* Wait and assert Alice's incognito account balance, should be $(( TRUSTED_BALANCE_ALICE + 2*AMOUNT_SHIELD ))"
+wait_assert_state ${MRENCLAVE} ${ALICETRUSTEDACCOUNT} balance $(( TRUSTED_BALANCE_ALICE + 2*AMOUNT_SHIELD ))
+echo "✔ ok"
+
+echo ""
+echo "-----------------------"
+echo "✔ The test passed!"
+echo "-----------------------"
+echo ""

core-primitives/settings/src/lib.rs

@@ -48,6 +48,9 @@ pub mod files {
 	/// Path to the light-client db for the Target A parentchain.
 	pub const TARGET_A_PARENTCHAIN_LIGHT_CLIENT_DB_PATH: &str = "target_a_lcdb";
 
+	/// Path to the light-client db for the Target B parentchain.
+	pub const TARGET_B_PARENTCHAIN_LIGHT_CLIENT_DB_PATH: &str = "target_b_lcdb";
+
 	pub const RA_DUMP_CERT_DER_FILE: &str = "ra_dump_cert.der";
 
 	// used by worker and enclave

core-primitives/types/src/parentchain.rs

@@ -46,8 +46,10 @@ pub type Signature = MultiSignature;
 pub enum ParentchainId {
 	/// The Integritee Parentchain, the trust root of the enclave and serving finality to sidechains.
 	Integritee,
-	/// A target chain containing custom business logics.
+	/// A target chain containing custom business logic.
 	TargetA,
+	/// Another target chain containing custom business logic.
+	TargetB,
 }
 
 pub trait IdentifyParentchain {