Extract the STF execution logic to a separate crate 'stf-executor'

Cargo.lock

@@ -2635,6 +2635,26 @@ dependencies = [
  "sgx_tstd",
 ]
 
+[[package]]
+name = "itp-stf-executor"
+version = "0.8.0"
+dependencies = [
+ "ita-stf",
+ "itp-ocall-api",
+ "itp-stf-state-handler",
+ "itp-storage",
+ "itp-storage-verifier",
+ "itp-types",
+ "log 0.4.14 (registry+https://github.com/rust-lang/crates.io-index)",
+ "parity-scale-codec",
+ "sgx-externalities",
+ "sgx_tstd",
+ "sgx_types",
+ "sp-runtime",
+ "thiserror 1.0.29",
+ "thiserror 1.0.9",
+]
+
 [[package]]
 name = "itp-stf-state-handler"
 version = "0.8.0"

Cargo.toml

@@ -16,6 +16,7 @@ members = [
     "core-primitives/settings",
     "core-primitives/sgx/crypto",
     "core-primitives/sgx/io",
+    "core-primitives/stf-executor",
     "core-primitives/stf-state-handler",
     "core-primitives/storage",
     "core-primitives/test",

app-libs/stf/Cargo.toml

@@ -12,7 +12,6 @@ sgx = [
     "log-sgx",
     "sp-io",
     "sgx-runtime",
-    "derive_more",
     "itp-types",
     "its-primitives",
     "its-state",
@@ -41,7 +40,7 @@ clap = { version = "2.33", optional = true }
 clap-nested = { version = "0.3.1", optional = true }
 log = { version = "0.4", optional = true }
 base58 = { version = "0.1", optional = true }
-derive_more = { version = "0.99.5", optional = true }
+derive_more = { version = "0.99.5" }
 hex = { version = "0.4.2", optional = true }
 codec = { version = "2.0.0", default-features = false, features = ["derive"], package = "parity-scale-codec" }
 sgx_tstd = { rev = "v1.1.3", features = ["untrusted_fs","net","backtrace"], git = "https://github.com/apache/teaclave-sgx-sdk.git", optional = true }

sidechain/top-pool-rpc-author/src/hash.rs → app-libs/stf/src/hash.rs

@@ -15,16 +15,14 @@
 
 */
 
-//! Extrinsic helpers for author RPC module.
-
+use crate::TrustedOperation;
 use codec::{Decode, Encode};
-use ita_stf::TrustedOperation;
 use std::vec::Vec;
 
-/// RPC Trusted call or hash
+/// Trusted operation Or hash
 ///
 /// Allows to refer to trusted calls either by its raw representation or its hash.
-#[derive(Debug, Encode, Decode)]
+#[derive(Clone, Debug, Encode, Decode)]
 pub enum TrustedOperationOrHash<Hash> {
 	/// The hash of the call.
 	Hash(Hash),

app-libs/stf/src/helpers.rs

@@ -14,10 +14,7 @@
 	limitations under the License.
 
 */
-use crate::{
-	stf_sgx_primitives::{types::*, StfError, StfResult},
-	AccountId, Index,
-};
+use crate::{stf_sgx_primitives::types::*, AccountId, Index, StfError, StfResult};
 use codec::{Decode, Encode};
 use itp_storage::{storage_double_map_key, storage_map_key, storage_value_key, StorageHasher};
 use log_sgx::*;

app-libs/stf/src/lib.rs

@@ -23,16 +23,21 @@
 #![cfg_attr(all(not(target_env = "sgx"), not(feature = "std")), no_std)]
 #![cfg_attr(target_env = "sgx", feature(rustc_private))]
 
+#[cfg(all(not(feature = "std"), feature = "sgx"))]
+extern crate sgx_tstd as std;
+
 extern crate alloc;
 
-use codec::{Compact, Decode, Encode};
 #[cfg(feature = "std")]
 use my_node_runtime::Balance;
 #[cfg(feature = "std")]
 pub use my_node_runtime::Index;
 
+use codec::{Compact, Decode, Encode};
+use derive_more::Display;
 use sp_core::{crypto::AccountId32, ed25519, sr25519, Pair, H256};
 use sp_runtime::{traits::Verify, MultiSignature};
+use std::string::String;
 
 pub type Signature = MultiSignature;
 pub type AuthorityId = <Signature as Verify>::Signer;
@@ -42,6 +47,24 @@ pub type BalanceTransferFn = ([u8; 2], AccountId, Compact<u128>);
 
 pub type ShardIdentifier = H256;
 
+pub type StfResult<T> = Result<T, StfError>;
+
+#[derive(Debug, Display, PartialEq, Eq)]
+pub enum StfError {
+	#[display(fmt = "Insufficient privileges {:?}, are you sure you are root?", _0)]
+	MissingPrivileges(AccountId),
+	#[display(fmt = "Error dispatching runtime call. {:?}", _0)]
+	Dispatch(String),
+	#[display(fmt = "Not enough funds to perform operation")]
+	MissingFunds,
+	#[display(fmt = "Account does not exist {:?}", _0)]
+	InexistentAccount(AccountId),
+	#[display(fmt = "Invalid Nonce {:?}", _0)]
+	InvalidNonce(Index),
+	StorageHashMismatch,
+	InvalidStorageDiff,
+}
+
 #[derive(Clone)]
 pub enum KeyPair {
 	Sr25519(sr25519::Pair),
@@ -69,6 +92,8 @@ impl From<sr25519::Pair> for KeyPair {
 	}
 }
 
+pub mod hash;
+
 #[cfg(feature = "sgx")]
 pub mod stf_sgx;
 

app-libs/stf/src/stf_sgx.rs

@@ -1,11 +1,27 @@
+/*
+	Copyright 2021 Integritee AG and Supercomputing Systems AG
+
+	Licensed under the Apache License, Version 2.0 (the "License");
+	you may not use this file except in compliance with the License.
+	You may obtain a copy of the License at
+
+		http://www.apache.org/licenses/LICENSE-2.0
+
+	Unless required by applicable law or agreed to in writing, software
+	distributed under the License is distributed on an "AS IS" BASIS,
+	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+	See the License for the specific language governing permissions and
+	limitations under the License.
+
+*/
+
 use crate::{
 	helpers::{
 		account_data, account_nonce, ensure_root, get_account_info, get_storage_value,
 		increment_nonce, root, validate_nonce,
 	},
-	stf_sgx_primitives::{StfError, StfResult},
 	AccountData, AccountId, Getter, Index, PublicGetter, ShardIdentifier, State, StateTypeDiff,
-	Stf, TrustedCall, TrustedCallSigned, TrustedGetter,
+	Stf, StfError, StfResult, TrustedCall, TrustedCallSigned, TrustedGetter,
 };
 use codec::Encode;
 use itp_settings::node::{TEEREX_MODULE, UNSHIELD};
@@ -57,7 +73,7 @@ impl Stf {
 		ext
 	}
 
-	pub fn get_state(ext: &mut State, getter: Getter) -> Option<Vec<u8>> {
+	pub fn get_state(ext: &mut impl SgxExternalitiesTrait, getter: Getter) -> Option<Vec<u8>> {
 		ext.execute_with(|| match getter {
 			Getter::trusted(g) => match g.getter {
 				TrustedGetter::free_balance(who) =>
@@ -92,7 +108,7 @@ impl Stf {
 	}
 
 	pub fn execute(
-		ext: &mut State,
+		ext: &mut impl SgxExternalitiesTrait,
 		call: TrustedCallSigned,
 		calls: &mut Vec<OpaqueCall>,
 	) -> StfResult<()> {
@@ -213,14 +229,19 @@ impl Stf {
 		});
 	}
 
-	pub fn update_layer_one_block_number(ext: &mut State, number: L1BlockNumer) {
+	pub fn update_layer_one_block_number(
+		ext: &mut impl SgxExternalitiesTrait,
+		number: L1BlockNumer,
+	) {
 		ext.execute_with(|| {
 			let key = storage_value_key("System", "LayerOneNumber");
 			sp_io::storage::set(&key, &number.encode());
 		});
 	}
 
-	pub fn get_layer_one_block_number(ext: &mut State) -> Option<L1BlockNumer> {
+	pub fn get_layer_one_block_number(
+		ext: &mut impl SgxExternalitiesTrait,
+	) -> Option<L1BlockNumer> {
 		ext.execute_with(|| get_storage_value("System", "LayerOneNumber"))
 	}
 
@@ -251,19 +272,22 @@ impl Stf {
 		key_hashes
 	}
 
-	pub fn get_root(ext: &mut State) -> AccountId {
+	pub fn get_root(ext: &mut impl SgxExternalitiesTrait) -> AccountId {
 		ext.execute_with(|| root())
 	}
 
-	pub fn account_nonce(ext: &mut State, account: &AccountId) -> Index {
+	pub fn account_nonce(ext: &mut impl SgxExternalitiesTrait, account: &AccountId) -> Index {
 		ext.execute_with(|| {
 			let nonce = account_nonce(account);
 			debug!("Account {:?} nonce is {}", account.encode(), nonce);
 			nonce
 		})
 	}
 
-	pub fn account_data(ext: &mut State, account: &AccountId) -> Option<AccountData> {
+	pub fn account_data(
+		ext: &mut impl SgxExternalitiesTrait,
+		account: &AccountId,
+	) -> Option<AccountData> {
 		ext.execute_with(|| account_data(account))
 	}
 }

app-libs/stf/src/stf_sgx_primitives.rs

@@ -15,15 +15,10 @@
 
 */
 
-use crate::{AccountId, Index};
 use codec::{Decode, Encode};
-use derive_more::Display;
 use itp_types::H256;
-use sgx_tstd as std;
 use std::prelude::v1::*;
 
-pub type StfResult<T> = Result<T, StfError>;
-
 pub mod types {
 	pub use sgx_runtime::{Balance, Index};
 	pub type AccountData = balances::AccountData<Balance>;
@@ -73,19 +68,3 @@ impl StatePayload {
 		}
 	}
 }
-
-#[derive(Debug, Display, PartialEq, Eq)]
-pub enum StfError {
-	#[display(fmt = "Insufficient privileges {:?}, are you sure you are root?", _0)]
-	MissingPrivileges(AccountId),
-	#[display(fmt = "Error dispatching runtime call. {:?}", _0)]
-	Dispatch(String),
-	#[display(fmt = "Not enough funds to perform operation")]
-	MissingFunds,
-	#[display(fmt = "Account does not exist {:?}", _0)]
-	InexistentAccount(AccountId),
-	#[display(fmt = "Invalid Nonce {:?}", _0)]
-	InvalidNonce(Index),
-	StorageHashMismatch,
-	InvalidStorageDiff,
-}

app-libs/stf/src/test_genesis.rs

@@ -15,7 +15,7 @@
 
 */
 
-use crate::{helpers::get_account_info, stf_sgx_primitives::StfError};
+use crate::{helpers::get_account_info, StfError};
 use itp_storage::storage_value_key;
 use log_sgx::*;
 use sgx_externalities::SgxExternalitiesTrait;

core-primitives/ocall-api/src/lib.rs

@@ -17,13 +17,15 @@
 
 #![cfg_attr(not(feature = "std"), no_std)]
 
+pub extern crate alloc;
+
+use alloc::vec::Vec;
 use codec::{Decode, Encode};
 use core::fmt::Debug;
 use itp_types::{TrustedOperationStatus, WorkerRequest, WorkerResponse};
 use its_primitives::traits::SignedBlock;
 use sgx_types::*;
 use sp_runtime::OpaqueExtrinsic;
-use sp_std::prelude::Vec;
 
 /// Trait for the enclave to make o-calls related to remote attestation
 pub trait EnclaveAttestationOCallApi: Clone + Debug + Send + Sync {

core-primitives/stf-executor/Cargo.toml

@@ -0,0 +1,55 @@
+[package]
+name = "itp-stf-executor"
+version = "0.8.0"
+authors = ["Integritee AG <[email protected]>"]
+edition = "2018"
+resolver = "2"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[features]
+default = ["std"]
+std = [
+    "ita-stf/std",
+    "itp-ocall-api/std",
+    "itp-stf-state-handler/std",
+    "itp-storage/std",
+    "itp-storage-verifier/std",
+    "sgx-externalities/std",
+    "sp-runtime/std",
+    "thiserror",
+]
+sgx = [
+    "sgx_tstd",
+    "ita-stf/sgx",
+    "itp-stf-state-handler/sgx",
+    "itp-storage/sgx",
+    "sgx-externalities",
+    "thiserror_sgx",
+]
+test = []
+
+[dependencies]
+# sgx dependencies
+sgx_types = { rev = "v1.1.3", git = "https://github.com/apache/teaclave-sgx-sdk.git" }
+sgx_tstd = { rev = "v1.1.3", git = "https://github.com/apache/teaclave-sgx-sdk.git", optional = true }
+sgx-externalities = { default-features = false, git = "https://github.com/integritee-network/sgx-runtime", branch = "master", optional = true }
+
+# local dependencies
+ita-stf = { path = "../../app-libs/stf", default-features = false }
+itp-ocall-api = { path = "../ocall-api", default-features = false }
+itp-stf-state-handler = { path = "../stf-state-handler", default-features = false }
+itp-storage = { path = "../storage", default-features = false }
+itp-storage-verifier = { path = "../storage-verified", default-features = false }
+itp-types = { path = "../types", default-features = false }
+
+# sgx enabled external libraries
+thiserror_sgx = { package = "thiserror", git = "https://github.com/mesalock-linux/thiserror-sgx", tag = "sgx_1.1.3", optional = true }
+
+# std compatible external libraries (make sure these versions match with the sgx-enabled ones above)
+thiserror = { version = "1.0", optional = true }
+
+# no-std dependencies
+log = { version = "0.4", default-features = false }
+codec = { package = "parity-scale-codec", version = "2.0.0", default-features = false, features = ["derive"] }
+sp-runtime = { version = "4.0.0-dev", default-features = false, git = "https://github.com/paritytech/substrate.git", branch = "master"}