Merge pull request #61 from scs/brenzi-private-tx

private-tx demo

Cargo.toml

@@ -5,8 +5,15 @@ members = [
 	 "worker/worker-api",
 	 "substratee-node-calls",
 	 "client",
+	 "stf",
+	 "application-crypto"
 ]
 
 [patch.'https://github.com/paritytech/substrate']
-sr-io = { git = "https://github.com/scs/substraTEE-node", tag = "M4" }
-substrate-executor = { git = "https://github.com/scs/substraTEE-node", tag = "M4" }
+sr-io = { git = "https://github.com/scs/substraTEE-node", branch = "brenzi-private-tx", default-features=false }
+substrate-executor = { git = "https://github.com/scs/substraTEE-node", branch = "brenzi-private-tx", default-features=false }
+substrate-primitives = { git = "https://github.com/scs/substrate-api-client", branch = "no_std_rstd"}
+substrate-application-crypto = { path = "application-crypto"}
+
+[patch.crates-io]
+ed25519-dalek = { git = "https://github.com/scs/ed25519-dalek.git", branch = "no_std_sgx"}

Makefile

@@ -138,12 +138,9 @@ RustEnclave_Link_Flags := $(SGX_COMMON_CFLAGS) -Wl,--no-undefined -nostdlib -nod
 RustEnclave_Name := enclave/enclave.so
 Signed_RustEnclave_Name := bin/enclave.signed.so
 
-######## WASM settings ########
-Wasm_Name := bin/worker_enclave.compact.wasm
-
 ######## Targets ########
 .PHONY: all
-all: $(Wasm_Name) $(Client_Name) $(Worker_Name) $(Signed_RustEnclave_Name)
+all: $(Client_Name) $(Worker_Name) $(Signed_RustEnclave_Name)
 worker: $(Worker_Name)
 client: $(Client_Name)
 
@@ -174,8 +171,8 @@ $(Worker_Name): $(Worker_Enclave_u_Object) $(Worker_SRC_Files)
 $(Client_Name): $(Client_SRC_Files)
 	@echo
 	@echo "Building the substraTEE-client"
-	@cp Cargo.lock.bip39-fix Cargo.lock
-	@cd $(Client_SRC_Path) && cargo build $(Client_Rust_Flags)
+	# remove next line when https://github.com/libp2p/rust-libp2p/issues/1259 is fixed
+	@cd $(Client_SRC_Path) && cargo update -p protobuf --precise 2.8.1 && cargo build $(Client_Rust_Flags)
 	@echo "Cargo  =>  $@"
 	cp $(Client_Rust_Path)/$(Client_Binary) ./bin
 
@@ -195,12 +192,6 @@ $(Signed_RustEnclave_Name): $(RustEnclave_Name)
 	@$(SGX_ENCLAVE_SIGNER) sign -key enclave/Enclave_private.pem -enclave $(RustEnclave_Name) -out $@ -config enclave/Enclave.config.xml
 	@echo "SIGN =>  $@"
 
-######## Wasm objects ########
-.PHONY: $(Wasm_Name)
-$(Wasm_Name):
-	@echo
-	@echo "Building the WASM"
-	@cd enclave/wasm && SGX_DEBUG=$(SGX_DEBUG) ./build.sh
 
 .PHONY: enclave
 enclave:

README.md

@@ -5,4 +5,93 @@ This is part of [substraTEE](https://github.com/scs/substraTEE)
 
 **Supports Rust nightly-2019-07-15**
 
-**Enclave is compiled with nightly-2019-05-22**
+**Enclave is compiled with nightly-2019-08-01**
+
+## Private-tx demo
+To run a demo for private tokens do the following:
+
+Assumptions: 
+* your machine has SGX support 
+* Intel SGX SDK installed.
+* rust toolchain is ready to build substrate
+
+in terminal 1 run a substraTEE-node
+```
+git clone https://github.com/scs/substraTEE-node
+cd substraTEE-node
+git checkout brenzi-private-tx
+cargo build --release
+./target/release/substratee-node --dev --ws-port 9979 --rpc-port 9969
+```
+
+in terminal 2, run the worker
+```
+git clone https://github.com/scs/substraTEE-worker
+cd substraTEE-worker
+git checkout brenzi-private-tx
+make
+cd bin
+RUST_LOG=info ./substratee_worker -p 9979 worker
+```
+
+in terminal 3, run the client
+```
+cd substraTEE-worker/bin
+./substratee_client --node-ws-port 9979
+```
+
+Then you should see this in terminal 3:
+```
+*** Getting the amount of the registered workers
+[<] Found 1  workers
+
+[>] Getting the first worker's from the substraTEE-node
+[<] Got first worker's coordinates:
+    W1's public key : "5Gkzji8EtE1hTjVzTmZXWqrs6sqcHcbCooGqVH7iRRuxdnar"
+    W1's url: "127.0.0.1:2000"
+
+[>] Get the shielding key from W1 (=5Gkzji8EtE1hTjVzTmZXWqrs6sqcHcbCooGqVH7iRRuxdnar)
+[<] Got worker shielding key Rsa3072KeyPair: { n:CF67550FB00AB959A76219EA35188B360380037123FCAA77B683A791A1F980331F9D9E11D04C7F5FB3B63787F8AAB579FDFFE1DCE79A29B6ACED2628635C8463965D5D839BD58072AA77B8CAE124E40562955FE9936DAE2976CD57B41A2DE89EEDBF9DA77C155365E8BB45DCA1E0EC3B32604D9489712762BE63B3D1F04801D796887F70115BFDD440450A04BFE81DEE7BE718F56F766E6B0C2D9DE270583C4DFBA64FD59B4DE39C07977F1FD2956588DDBF73987EECB5BB303AF2115C4E72879C5EC69B7CD5C00DAEF9F9B062B40ADA16984C574246C8AB882A79D2E1C2F597C1017FBA69D7449BAD85ADE822D92A775DB1766F21C886E762C3E260390B72C82515F1D48FD190059B419C639E3688BCC2070E9CDB6BDDD49202B7296EA2AB01EA2D3AC2990C5078446582A4C03194BBF8D7E557B4503FF4645C053D7288398C79781F642F3A8D399195E6D2E6F74B434791D881BC97BAA0F0B228BD031C40E357BC61644E68CC40F3E08BDCBBD92E306FA9353FAEA05FDCBFCF4729FECC008C, e:01000001 }
+
+[+] Alice's Incognito Pubkey: 5Dt1Wg85pXGLstt36t6TDdvXXoCtG6zkUL17KkyVaPYSrzGH
+
+[+] Bob's Incognito Pubkey: 5GTTq4EnvMk4oTXYJp2kqTd2T9hbnARuee5awLiKFKsxWgRy
+
+[+] pre-funding Alice's Incognito account (ROOT call)
+[+] Subscribed, waiting for event...
+
+[+] Received confirm call from 5Gkzji8EtE1hTjVzTmZXWqrs6sqcHcbCooGqVH7iRRuxdnar
+[+] query Alice's Incognito account balance
+    got getter response from worker: Ok("State is 1000000")
+[+] query Bob's Incognito account balance
+    got getter response from worker: Ok("State is 0")
+
+*** incognito transfer from Alice to Bob
+
+[+] Subscribed, waiting for event...
+
+[+] Received confirm call from 5Gkzji8EtE1hTjVzTmZXWqrs6sqcHcbCooGqVH7iRRuxdnar
+[+] query Alice's Incognito account balance
+    got getter response from worker: Ok("State is 900000")
+[+] query Bob's Incognito account balance
+    got getter response from worker: Ok("State is 100000")
+
+```
+
+### So, what happens here?
+
+Alice wants to transfer 100k tokens privately to Bob. She doesn't use her substraTEE-node account for this as the transfer would be publicly visible.
+
+Instead, she creates an *incognito* account and she keeps her account secret (also the public key). This account will never hit the substraTEE-node blockchain transparently.
+
+The *Demo God* then gives Alice some initial Balance of 1M.
+
+Bob also creates an *incognito* account and tells Alice (and only her) his public key.
+
+Alice now uses SubstraTEE's *shielded transaction* feature to send 100k to Bob.
+
+### under the hood
+
+TODO:
+* block diagram
+* sequence diagram

application-crypto/Cargo.toml

@@ -0,0 +1,32 @@
+[package]
+name = "substrate-application-crypto"
+version = "2.0.0"
+authors = ["Parity Technologies <[email protected]>"]
+edition = "2018"
+description = "Provides facilities for generating application specific crypto wrapper types."
+
+[dependencies]
+codec = { package = "parity-scale-codec", version = "1.0.0", default-features = false, features = ["derive"] }
+serde = { version = "1.0", optional = true, features = ["derive"] }
+runtime-io = { package = "sr-io", git = "https://github.com/scs/substraTEE-node", branch = "brenzi-private-tx", default-features = false}
+
+[dependencies.rstd]
+git = 'https://github.com/paritytech/substrate'
+rev = '9b08e7ff938a45dbec7fcdb854063202e2b0cb48'
+package = "sr-std"
+default-features = false
+
+[dependencies.primitives]
+git = "https://github.com/scs/substrate-api-client"
+package = "substrate-primitives"
+branch = "no_std_rstd"
+default-features = false
+
+[dev-dependencies]
+#test-client = { package = "substrate-test-runtime-client", path = "../test-runtime/client" }
+sr-primitives = { git = 'https://github.com/paritytech/substrate', rev = '9b08e7ff938a45dbec7fcdb854063202e2b0cb48'}
+
+
+[features]
+default = [ "std" ]
+std = [ "primitives/std", "codec/std", "serde", "rstd/std", "runtime-io/std" ]

application-crypto/src/ed25519.rs

@@ -0,0 +1,75 @@
+// Copyright 2019 Parity Technologies (UK) Ltd.
+// This file is part of Substrate.
+
+// Substrate is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Substrate is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Substrate.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Ed25519 crypto types.
+
+use crate::{RuntimePublic, KeyTypeId};
+
+pub use primitives::ed25519::*;
+
+mod app {
+	use crate::Vec;
+	use crate::key_types::ED25519;
+	crate::app_crypto!(super, ED25519);
+}
+
+pub use app::Public as AppPublic;
+pub use app::Signature as AppSignature;
+pub use app::Pair as AppPair;
+
+impl RuntimePublic for Public {
+	type Signature = Signature;
+
+	fn all(key_type: KeyTypeId) -> crate::Vec<Self> {
+		runtime_io::ed25519_public_keys(key_type)
+	}
+
+	fn generate_pair(key_type: KeyTypeId, seed: Option<&str>) -> Self {
+		runtime_io::ed25519_generate(key_type, seed)
+	}
+
+	fn sign<M: AsRef<[u8]>>(&self, key_type: KeyTypeId, msg: &M) -> Option<Self::Signature> {
+		runtime_io::ed25519_sign(key_type, self, msg)
+	}
+
+	fn verify<M: AsRef<[u8]>>(&self, msg: &M, signature: &Self::Signature) -> bool {
+		runtime_io::ed25519_verify(&signature, msg.as_ref(), self)
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use sr_primitives::{generic::BlockId, traits::ProvideRuntimeApi};
+	use primitives::{testing::KeyStore, crypto::Pair, traits::BareCryptoStore as _};
+	use test_client::{
+		TestClientBuilder, DefaultTestClientBuilderExt, TestClientBuilderExt,
+		runtime::{TestAPI, app_crypto::ed25519::{AppPair, AppPublic}},
+	};
+
+	#[test]
+	fn ed25519_works_in_runtime() {
+		let keystore = KeyStore::new();
+		let test_client = TestClientBuilder::new().set_keystore(keystore.clone()).build();
+		let (signature, public) = test_client.runtime_api()
+			.test_ed25519_crypto(&BlockId::Number(0))
+			.expect("Tests `ed25519` crypto.");
+
+		let key_pair = keystore.read().ed25519_key_pair(crate::key_types::ED25519, &public.as_ref())
+			.expect("There should be at a `ed25519` key in the keystore for the given public key.");
+
+		assert!(AppPair::verify(&signature, "ed25519", &AppPublic::from(key_pair.public())));
+	}
+}