harald/teepot
1
0
Fork 0
mirror of https://github.com/matter-labs/teepot.git synced 2025-07-21 23:23:57 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(verifier): don't retry verifying permanently ignored batches

Browse source 
Currently, the [TEE verifier][1] – the tool for continuous SGX
attestation and batch signature verification – is [stuck][2] on batches
that failed to be proven and are marked as `permanently_ignored`. The
tool should be able to distinguish between batches that are permanently
ignored (and should be skipped) and batches that have failed but will be
retried. This PR enables that distinction.

This commit goes hand in hand with the following PR:
https://github.com/matter-labs/zksync-era/pull/3321

[1]: https://github.com/matter-labs/teepot/blob/main/bin/verify-era-proof-attestation/src/main.rs
[2]: https://grafana.matterlabs.dev/goto/unFqf57Hg?orgId=1
This commit is contained in:
Patryk Bęza 2024-11-26 16:16:40 +01:00
parent 1a8a9f17fa
commit e63d0901fa
No known key found for this signature in database
GPG key ID: 9AD1B44D9F6258EC
2 changed files with 27 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

19
bin/verify-era-proof-attestation/src/main.rs
View file

@ -155,19 +155,24 @@ async fn verify_batch_proofs(
total_proofs_count += 1; total_proofs_count += 1;
let tee_type = proof.tee_type.to_uppercase(); let tee_type = proof.tee_type.to_uppercase();
if proof.status.eq_ignore_ascii_case("permanently_ignored") {
trace!(
batch_no,
tee_type,
"Proof is marked as permanently ignored. Skipping."
);
continue;
}
trace!(batch_no, tee_type, proof.proved_at, "Verifying proof."); trace!(batch_no, tee_type, proof.proved_at, "Verifying proof.");
debug!( let attestation = proof.attestation.unwrap_or_default();
batch_no, debug!(batch_no, "Verifying quote ({} bytes)...", attestation.len());
"Verifying quote ({} bytes)...", let quote_verification_result = verify_attestation_quote(&attestation)?;
proof.attestation.len()
);
let quote_verification_result = verify_attestation_quote(&proof.attestation)?;
let verified_successfully = verify_batch_proof( let verified_successfully = verify_batch_proof(
&quote_verification_result, &quote_verification_result,
attestation_policy, attestation_policy,
node_client, node_client,
&proof.signature, &proof.signature.unwrap_or_default(),
L1BatchNumber(proof.l1_batch_number), L1BatchNumber(proof.l1_batch_number),
) )
.await?; .await?;

24
bin/verify-era-proof-attestation/src/proof.rs
View file

@ -37,7 +37,12 @@ pub async fn get_proofs(
.send(stop_receiver, http_client, rpc_url) .send(stop_receiver, http_client, rpc_url)
.await?; .await?;
if !proofs.is_empty() { if !proofs.is_empty()
&& proofs.iter().all(|proof| {
!proof.status.eq_ignore_ascii_case("failed")
&& !proof.status.eq_ignore_ascii_case("picked_by_prover")
})
{
return Ok(proofs); return Ok(proofs);
} }
@ -153,13 +158,14 @@ pub struct GetProofsResponse {
pub struct Proof { pub struct Proof {
pub l1_batch_number: u32, pub l1_batch_number: u32,
pub tee_type: String, pub tee_type: String,
#[serde_as(as = "Hex")] #[serde_as(as = "Option<Hex>")]
pub pubkey: Vec<u8>, pub pubkey: Option<Vec<u8>>,
#[serde_as(as = "Hex")] #[serde_as(as = "Option<Hex>")]
pub signature: Vec<u8>, pub signature: Option<Vec<u8>>,
#[serde_as(as = "Hex")] #[serde_as(as = "Option<Hex>")]
pub proof: Vec<u8>, pub proof: Option<Vec<u8>>,
pub proved_at: String, pub proved_at: String,
#[serde_as(as = "Hex")] pub status: String,
pub attestation: Vec<u8>, #[serde_as(as = "Option<Hex>")]
pub attestation: Option<Vec<u8>>,
} }