harald/teepot
1
0
Fork 0
mirror of https://github.com/matter-labs/teepot.git synced 2025-07-22 15:34:48 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(tee-proof-verifier): add backward compatibility logic

Browse source
This commit is contained in:
Patryk Bęza 2025-01-08 18:25:35 +01:00
parent bdb213c5f6
commit 7f15706733
No known key found for this signature in database
GPG key ID: 9AD1B44D9F6258EC
4 changed files with 252 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

87
bin/verify-era-proof-attestation/src/verification.rs
View file

@ -2,19 +2,65 @@
// Copyright (c) 2023-2024 Matter Labs // Copyright (c) 2023-2024 Matter Labs
use crate::{args::AttestationPolicyArgs, client::JsonRpcClient}; use crate::{args::AttestationPolicyArgs, client::JsonRpcClient};
use anyhow::{Context, Result}; use anyhow::{anyhow, Context, Result};
use hex::encode; use hex::encode;
use secp256k1::Message; use secp256k1::{ecdsa::Signature, Message};
use teepot::{ use teepot::{
client::TcbLevel, client::TcbLevel,
ethereum::recover_signer, ethereum::recover_signer,
prover::reportdata::ReportData,
quote::{ quote::{
error::QuoteContext, tee_qv_get_collateral, verify_quote_with_collateral, error::QuoteContext, tee_qv_get_collateral, verify_quote_with_collateral,
QuoteVerificationResult, Report, QuoteVerificationResult, Report,
}, },
}; };
use tracing::{debug, info, warn}; use tracing::{debug, info, warn};
use zksync_basic_types::L1BatchNumber; use zksync_basic_types::{L1BatchNumber, H256};
struct TeeProof {
report: ReportData,
root_hash: H256,
signature: Vec<u8>,
}
impl TeeProof {
pub fn new(report: ReportData, root_hash: H256, signature: Vec<u8>) -> Self {
Self {
report,
root_hash,
signature,
}
}
pub fn verify(&self) -> Result<bool> {
match &self.report {
ReportData::V0(report) => {
let signature = Signature::from_compact(&self.signature)?;
let root_hash_msg = Message::from_digest_slice(&self.root_hash.0)?;
Ok(signature.verify(&root_hash_msg, &report.pubkey).is_ok())
}
ReportData::V1(report) => {
let ethereum_address_from_report = report.ethereum_addr;
let root_hash_msg = Message::from_digest_slice(self.root_hash.as_bytes())?;
let signature_bytes: [u8; 65] = self
.signature
.clone()
.try_into()
.map_err(|e| anyhow!("{:?}", e))?;
let ethereum_address_from_signature =
recover_signer(&signature_bytes, &root_hash_msg)?;
debug!(
"Root hash: {}. Ethereum address from the attestation quote: {}. Ethereum address from the signature: {}.",
self.root_hash,
encode(ethereum_address_from_report),
encode(ethereum_address_from_signature),
);
Ok(ethereum_address_from_signature == ethereum_address_from_report)
}
ReportData::Unknown(_) => Ok(false),
}
}
}
pub async fn verify_batch_proof( pub async fn verify_batch_proof(
quote_verification_result: &QuoteVerificationResult, quote_verification_result: &QuoteVerificationResult,
@ -27,38 +73,11 @@ pub async fn verify_batch_proof(
return Ok(false); return Ok(false);
} }
let batch_no = batch_number.0;
let root_hash = node_client.get_root_hash(batch_number).await?; let root_hash = node_client.get_root_hash(batch_number).await?;
let ethereum_address_from_quote = &quote_verification_result.quote.get_report_data()[..20]; let report_data_bytes = quote_verification_result.quote.get_report_data();
let signature_bytes: &[u8; 65] = signature.try_into()?; let report_data = ReportData::try_from(report_data_bytes)?;
let root_hash_bytes = root_hash.as_bytes(); let tee_proof = TeeProof::new(report_data, root_hash, signature.to_vec());
let root_hash_msg = Message::from_digest_slice(root_hash_bytes)?; let verification_successful = tee_proof.verify().is_ok();
let ethereum_address_from_signature = recover_signer(signature_bytes, &root_hash_msg)?;
let verification_successful = ethereum_address_from_signature == ethereum_address_from_quote;
debug!(
batch_no,
"Root hash: {}. Ethereum address from the attestation quote: {}. Ethereum address from the signature: {}.",
root_hash,
encode(ethereum_address_from_quote),
encode(ethereum_address_from_signature),
);
if verification_successful {
info!(
batch_no,
signature = encode(signature),
ethereum_address = encode(ethereum_address_from_quote),
"Signature verified successfully."
);
} else {
warn!(
batch_no,
signature = encode(signature),
ethereum_address_from_signature = encode(ethereum_address_from_signature),
ethereum_address_from_quote = encode(ethereum_address_from_quote),
"Failed to verify signature!"
);
}
Ok(verification_successful) Ok(verification_successful)
} }

1
crates/teepot/src/lib.rs
View file

@ -10,6 +10,7 @@ pub mod client;
pub mod ethereum; pub mod ethereum;
pub mod json; pub mod json;
pub mod log; pub mod log;
pub mod prover;
pub mod quote; pub mod quote;
pub mod server; pub mod server;
pub mod sgx; pub mod sgx;

6
crates/teepot/src/prover/mod.rs Normal file
View file

@ -0,0 +1,6 @@
// SPDX-License-Identifier: Apache-2.0
// Copyright (c) 2023 Matter Labs
//! Common functionality for TEE provers and verifiers.
pub mod reportdata;

192
crates/teepot/src/prover/reportdata.rs Normal file
View file

@ -0,0 +1,192 @@
// SPDX-License-Identifier: Apache-2.0
// Copyright (c) 2024 Matter Labs
//! Versioning of Intel SGX/TDX quote's report data for TEE prover and verifier.
use core::convert::Into;
use anyhow::{anyhow, Result};
use secp256k1::{constants::PUBLIC_KEY_SIZE, PublicKey};
/// Report data length for Intel SGX/TDX.
const REPORT_DATA_LENGTH: usize = 64;
/// Ethereum address length.
const ETHEREUM_ADDR_LENGTH: usize = 20;
/// Report data version.
#[derive(Debug, Clone, PartialEq, Eq)]
pub enum ReportData {
/// Legacy version of report data that was initially not intended to be versioned.
/// The report_data was on-chain incompatible and consisted of a compressed ECDSA public key.
///
/// +-------------------------------------+--------------------------------+------------------+
/// | compressed ECDSA pubkey (33 bytes) | zeroes (30 bytes) | version (1 byte) |
/// +-------------------------------------+--------------------------------+------------------+
V0(ReportDataV0),
/// Latest version of report data compatible with on-chain verification.
///
/// +--------------------------+-------------------------------------------+------------------+
/// | Ethereum addr (20 bytes) | zeros (43 bytes) | version (1 byte) |
/// +--------------------------+-------------------------------------------+------------------+
V1(ReportDataV1),
/// Unknown version of report data.
Unknown(Vec<u8>),
}
impl TryFrom<&[u8]> for ReportData {
type Error = anyhow::Error;
fn try_from(report_data_bytes: &[u8]) -> Result<Self> {
if report_data_bytes.len() != REPORT_DATA_LENGTH {
return Err(anyhow!("Invalid byte slice length"));
}
let version = report_data_bytes[REPORT_DATA_LENGTH - 1];
match version {
0 => Ok(Self::V0(ReportDataV0::try_from(report_data_bytes)?)),
1 => Ok(Self::V1(ReportDataV1::try_from(report_data_bytes)?)),
_ => Ok(Self::Unknown(report_data_bytes.into())),
}
}
}
#[derive(Debug, Clone, PartialEq, Eq)]
#[allow(missing_docs)]
pub struct ReportDataV0 {
pub pubkey: PublicKey,
}
impl TryFrom<&[u8]> for ReportDataV0 {
type Error = anyhow::Error;
fn try_from(report_data_bytes: &[u8]) -> Result<Self> {
if report_data_bytes.len() != REPORT_DATA_LENGTH {
return Err(anyhow!("Invalid byte slice length"));
}
let pubkey = PublicKey::from_slice(&report_data_bytes[..PUBLIC_KEY_SIZE])?;
Ok(Self { pubkey })
}
}
impl Into<[u8; REPORT_DATA_LENGTH]> for ReportDataV0 {
fn into(self) -> [u8; REPORT_DATA_LENGTH] {
let mut bytes = [0u8; REPORT_DATA_LENGTH];
bytes[..PUBLIC_KEY_SIZE].copy_from_slice(&self.pubkey.serialize());
bytes
}
}
#[derive(Debug, Clone, PartialEq, Eq)]
#[allow(missing_docs)]
pub struct ReportDataV1 {
pub ethereum_addr: [u8; ETHEREUM_ADDR_LENGTH],
}
impl TryFrom<&[u8]> for ReportDataV1 {
type Error = anyhow::Error;
fn try_from(report_data_bytes: &[u8]) -> Result<Self> {
if report_data_bytes.len() != REPORT_DATA_LENGTH {
return Err(anyhow!("Invalid byte slice length"));
}
let mut ethereum_addr = [0u8; ETHEREUM_ADDR_LENGTH];
ethereum_addr.copy_from_slice(&report_data_bytes[..ETHEREUM_ADDR_LENGTH]);
Ok(Self { ethereum_addr })
}
}
impl Into<[u8; REPORT_DATA_LENGTH]> for ReportDataV1 {
fn into(self) -> [u8; REPORT_DATA_LENGTH] {
let mut bytes = [0u8; REPORT_DATA_LENGTH];
bytes[..ETHEREUM_ADDR_LENGTH].copy_from_slice(&self.ethereum_addr);
bytes[REPORT_DATA_LENGTH - 1] = 1;
bytes
}
}
#[cfg(test)]
mod tests {
use super::*;
use hex;
use secp256k1::{Secp256k1, SecretKey};
const ETHEREUM_ADDR: [u8; ETHEREUM_ADDR_LENGTH] = [
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14,
];
fn generate_test_report_data(version_byte: u8) -> [u8; REPORT_DATA_LENGTH] {
let mut data = [0u8; REPORT_DATA_LENGTH];
data[..ETHEREUM_ADDR.len()].copy_from_slice(&ETHEREUM_ADDR);
data[REPORT_DATA_LENGTH - 1] = version_byte;
data
}
fn generate_test_pubkey() -> PublicKey {
let secp = Secp256k1::new();
let secret_key_bytes =
hex::decode("c87509a1c067bbde78beb793e6fa76530b6382a4c0241e5e4a9ec0a0f44dc0d3")
.unwrap();
let secret_key = SecretKey::from_slice(&secret_key_bytes).unwrap();
PublicKey::from_secret_key(&secp, &secret_key)
}
fn generate_test_report_data_v0(pubkey: PublicKey) -> [u8; REPORT_DATA_LENGTH] {
let pubkey_bytes = pubkey.serialize();
let mut report_data_bytes = [0u8; REPORT_DATA_LENGTH];
report_data_bytes[..PUBLIC_KEY_SIZE].copy_from_slice(&pubkey_bytes);
report_data_bytes
}
#[test]
fn test_from_bytes_v0() {
let pubkey = generate_test_pubkey();
let report_data_bytes = generate_test_report_data_v0(pubkey);
let report_data = ReportData::try_from(report_data_bytes.as_ref()).unwrap();
assert_eq!(report_data, ReportData::V0(ReportDataV0 { pubkey }));
}
#[test]
fn report_data_from_bytes_v1() {
let data = generate_test_report_data(1);
let report_data = ReportData::try_from(data.as_ref()).unwrap();
assert_eq!(
report_data,
ReportData::V1(ReportDataV1 {
ethereum_addr: ETHEREUM_ADDR
})
);
}
#[test]
fn report_data_from_bytes_unknown() {
let report_data_bytes = generate_test_report_data(99);
let report_data = ReportData::try_from(report_data_bytes.as_ref()).unwrap();
assert_eq!(report_data, ReportData::Unknown(report_data_bytes.into()));
}
#[test]
fn report_data_to_bytes_v0() {
let pubkey = generate_test_pubkey();
let report_data = ReportDataV0 { pubkey };
let report_data: [u8; REPORT_DATA_LENGTH] = report_data.into();
assert_eq!(&report_data[..PUBLIC_KEY_SIZE], pubkey.serialize().as_ref());
assert_eq!(report_data[REPORT_DATA_LENGTH - 1], 0);
assert!(report_data[PUBLIC_KEY_SIZE..REPORT_DATA_LENGTH - 1]
.iter()
.all(|&byte| byte == 0));
}
#[test]
fn report_data_to_bytes_v1() {
let report_data = ReportDataV1 {
ethereum_addr: ETHEREUM_ADDR,
};
let report_data: [u8; REPORT_DATA_LENGTH] = report_data.into();
assert_eq!(&report_data[..ETHEREUM_ADDR_LENGTH], &ETHEREUM_ADDR);
assert_eq!(report_data[REPORT_DATA_LENGTH - 1], 1);
assert!(report_data[ETHEREUM_ADDR_LENGTH..REPORT_DATA_LENGTH - 1]
.iter()
.all(|&byte| byte == 0));
}
}