harald/teepot
1
0
Fork 0
mirror of https://github.com/matter-labs/teepot.git synced 2025-07-21 07:03:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(tee-key-preexec): add support for Solidity-compatible pubkey in report_data

Browse source 
This PR is part of the effort to implement on-chain TEE proof
verification. This PR goes hand in hand with https://github.com/matter-labs/zksync-era/pull/3414.
This commit is contained in:
Patryk Bęza 2024-12-20 12:19:19 +01:00
parent d2fbdb5bed
commit a9b89ef584
No known key found for this signature in database
GPG key ID: 9AD1B44D9F6258EC
4 changed files with 42 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Cargo.lock generated
View file

@ -5214,8 +5214,10 @@ version = "0.3.0"
dependencies = [
"anyhow",
"clap 4.5.23",
"hex",
"rand",
"secp256k1 0.29.1",
"sha3",
"teepot",
"tracing",
"tracing-log 0.2.0",

1
Cargo.toml
View file

@ -49,6 +49,7 @@ serde = { version = "1", features = ["derive", "rc"] }
serde_json = "1"
serde_with = { version = "3.8", features = ["base64", "hex"] }
sha2 = "0.10.8"
sha3 = "0.10.8"
signature = "2.2.0"
tdx-attest-rs = { version = "0.1.2", git = "https://github.com/intel/SGXDataCenterAttestationPrimitives.git", rev = "aa239d25a437a28f3f4de92c38f5b6809faac842" }
teepot = { path = "crates/teepot" }

2
bin/tee-key-preexec/Cargo.toml
View file

@ -12,8 +12,10 @@ repository.workspace = true
[dependencies]
anyhow.workspace = true
clap.workspace = true
hex.workspace = true
rand.workspace = true
secp256k1.workspace = true
sha3.workspace = true
teepot.workspace = true
tracing.workspace = true
tracing-log.workspace = true

44
bin/tee-key-preexec/src/main.rs
View file

@ -8,7 +8,8 @@
use anyhow::{Context, Result};
use clap::Parser;
use secp256k1::{rand, Keypair, PublicKey, Secp256k1, SecretKey};
use secp256k1::{rand, PublicKey, Secp256k1, SecretKey};
use sha3::{Digest, Keccak256};
use std::{ffi::OsString, os::unix::process::CommandExt, process::Command};
use teepot::quote::get_quote;
use tracing::error;
@ -28,6 +29,19 @@ struct Args {
cmd_args: Vec<OsString>,
}
/// Converts a public key into an Ethereum address by hashing the encoded public key with Keccak256.
pub fn public_key_to_address(public: &PublicKey) -> [u8; 20] {
let public_key_bytes = public.serialize_uncompressed();
// Skip the first byte (0x04) which indicates uncompressed key
let hash: [u8; 32] = Keccak256::digest(&public_key_bytes[1..]).into();
// Take the last 20 bytes of the hash to get the Ethereum address
let mut address = [0u8; 20];
address.copy_from_slice(&hash[12..]);
address
}
fn main_with_error() -> Result<()> {
LogTracer::init().context("Failed to set logger")?;
@ -37,14 +51,11 @@ fn main_with_error() -> Result<()> {
tracing::subscriber::set_global_default(subscriber).context("Failed to set logger")?;
let args = Args::parse();
let mut rng = rand::thread_rng();
let secp = Secp256k1::new();
let keypair = Keypair::new(&secp, &mut rng);
let signing_key = SecretKey::from_keypair(&keypair);
let verifying_key = PublicKey::from_keypair(&keypair);
let verifying_key_bytes = verifying_key.serialize();
let tee_type = match get_quote(verifying_key_bytes.as_ref()) {
let (signing_key, verifying_key) = secp.generate_keypair(&mut rng);
let ethereum_address = public_key_to_address(&verifying_key);
let tee_type = match get_quote(ethereum_address.as_ref()) {
Ok((tee_type, quote)) => {
// save quote to file
std::fs::write(TEE_QUOTE_FILE, quote)?;
@ -85,3 +96,22 @@ fn main() -> Result<()> {
}
ret
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_public_key_to_address() {
let secp = Secp256k1::new();
let secret_key_bytes =
hex::decode("c87509a1c067bbde78beb793e6fa76530b6382a4c0241e5e4a9ec0a0f44dc0d3")
.unwrap();
let secret_key = SecretKey::from_slice(&secret_key_bytes).unwrap();
let public_key = PublicKey::from_secret_key(&secp, &secret_key);
let expected_address = hex::decode("627306090abaB3A6e1400e9345bC60c78a8BEf57").unwrap();
let address = public_key_to_address(&public_key);
assert_eq!(address, expected_address.as_slice());
}
}