harald/teepot
1
0
Fork 0
mirror of https://github.com/matter-labs/teepot.git synced 2025-07-21 07:03:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
479 commits 22 branches 61 tags 2.2 MiB
Commit graph

479 commits

This branch
This branch
All branches
Author SHA1 Message Date
renovate[bot]
7c655d151c
chore(deps): update rust crate reqwest to v0.12.15 (#315) 2025-05-23 12:13:46 +00:00
renovate[bot]
426e22138e
chore(deps): update rust crate sha2 to v0.10.9 (#318) 2025-05-23 11:40:12 +00:00
renovate[bot]
b16592ec34
chore(deps): update rust crate async-trait to v0.1.88 (#286) 2025-05-23 11:06:13 +00:00
renovate[bot]
119c2abe09
chore(deps): update rust crate bytes to v1.10.1 (#312) 2025-05-23 11:32:13 +01:00
renovate[bot]
5789fdd433
chore(deps): update rust crate getrandom to v0.3.3 (#314) 2025-05-22 16:49:26 +00:00
renovate[bot]
de010fd093
chore(deps): update rust crate thiserror to v2.0.12 (#287) 2025-05-22 16:14:06 +00:00
renovate[bot]
e039adf158
chore(deps): update rust crate tracing-actix-web to v0.7.18 (#280) 2025-05-22 15:40:23 +00:00
renovate[bot]
f2718456ef
chore(deps): update rust crate serde_json to v1.0.140 (#274) 2025-05-22 15:05:49 +00:00
renovate[bot]
bef406c456
chore(deps): update rust crate anyhow to v1.0.98 (#273) 2025-05-22 14:28:51 +00:00
renovate[bot]
bfd895e8f7
chore(deps): update rust crate clap to v4.5.38 (#266) 
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [clap](https://redirect.github.com/clap-rs/clap) |
workspace.dependencies | patch | `4.5.30` -> `4.5.38` |

---

### Release Notes

<details>
<summary>clap-rs/clap (clap)</summary>

###
[`v4.5.38`](https://redirect.github.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#4538---2025-05-11)

[Compare
Source](https://redirect.github.com/clap-rs/clap/compare/v4.5.37...v4.5.38)

##### Fixes

-   *(help)* When showing aliases, include leading `--` or `-`

###
[`v4.5.37`](https://redirect.github.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#4537---2025-04-18)

[Compare
Source](https://redirect.github.com/clap-rs/clap/compare/v4.5.36...v4.5.37)

##### Features

-   Added `ArgMatches::try_clear_id()`

###
[`v4.5.36`](https://redirect.github.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#4536---2025-04-11)

[Compare
Source](https://redirect.github.com/clap-rs/clap/compare/v4.5.35...v4.5.36)

##### Fixes

- *(help)* Revert 4.5.35's "Don't leave space for shorts if there are
none" for now

###
[`v4.5.35`](https://redirect.github.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#4535---2025-04-01)

[Compare
Source](https://redirect.github.com/clap-rs/clap/compare/v4.5.34...v4.5.35)

##### Fixes

- *(help)* Align positionals and flags when put in the same
`help_heading`
-   *(help)* Don't leave space for shorts if there are none

###
[`v4.5.34`](https://redirect.github.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#4534---2025-03-27)

[Compare
Source](https://redirect.github.com/clap-rs/clap/compare/v4.5.33...v4.5.34)

##### Fixes

- *(help)* Don't add extra blank lines with `flatten_help(true)` and
subcommands without arguments

###
[`v4.5.33`](https://redirect.github.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#4533---2025-03-26)

[Compare
Source](https://redirect.github.com/clap-rs/clap/compare/v4.5.32...v4.5.33)

##### Fixes

- *(error)* When showing the usage of a suggestion for an unknown
argument, don't show the group

###
[`v4.5.32`](https://redirect.github.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#4532---2025-03-10)

[Compare
Source](https://redirect.github.com/clap-rs/clap/compare/v4.5.31...v4.5.32)

##### Features

-   Add `Error::remove`

##### Documentation

-   *(cookbook)* Switch from `humantime` to `jiff`
-   *(tutorial)* Better cover required vs optional

##### Internal

-   Update `pulldown-cmark`

###
[`v4.5.31`](https://redirect.github.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#4531---2025-02-24)

[Compare
Source](https://redirect.github.com/clap-rs/clap/compare/v4.5.30...v4.5.31)

##### Features

-   Add `ValueParserFactory` for `Saturating<T>`

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/matter-labs/teepot).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xNjQuMSIsInVwZGF0ZWRJblZlciI6IjQwLjE2LjAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-22 14:52:46 +01:00
Harald Hoyer
8b01d8d5b0
Merge pull request #267 from matter-labs/renovate/trufflesecurity-trufflehog-3.x 
chore(deps): update trufflesecurity/trufflehog action to v3.88.30
 2025-05-22 09:08:54 +02:00
renovate[bot]
ad26c5e9ae
chore(deps): update trufflesecurity/trufflehog action to v3.88.30 2025-05-16 21:21:53 +00:00
Harald Hoyer
336576d812
Merge pull request #310 from matter-labs/add-dcap-collateral-updater 
feat(teepot): add `Quote::tee_type` method for TEE type determination
 2025-05-06 13:46:58 +02:00
Harald Hoyer
6379e9aa9e
feat(teepot): add Quote::tee_type method for TEE type determination 
- Introduced `tee_type` method to extract TEE type from the quote header.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-05-06 13:18:17 +02:00
Harald Hoyer
1536e00d63
Merge pull request #309 from matter-labs/platform 
feat: add platform-specific implementations for quote verification
 2025-05-06 13:08:45 +02:00
Harald Hoyer
2a8614c08f
feat: add platform-specific implementations for quote verification 
- Introduced conditional compilation for Intel SGX/TDX quote verification based on target OS and architecture.
- Moved Intel-specific logic to a separate module and added a fallback for unsupported platforms.

This is done, so we can pull in the `teepot` crate even on `linux-x86_64`
without the Intel SGX SDK lib dependency.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-05-06 12:36:01 +02:00
Harald Hoyer
905487dac8
Merge pull request #307 from matter-labs/fmspc 
feat(quote): add FMSPC and CPUSVN extraction support
 2025-05-06 12:31:15 +02:00
Harald Hoyer
2bbfb2415c
feat(quote): add FMSPC and CPUSVN extraction support 
- Introduced new types `Fmspc`, `CpuSvn`, and `Svn` for SGX metadata.
- Added methods to extract raw certificate chains and FMSPC from SGX quotes.
- Created new test file for validating FMSPC extraction with example quotes.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-05-06 11:43:51 +02:00
Harald Hoyer
fca60adc1a
Merge pull request #306 from matter-labs/rm_dupl 
refactor: replace custom Quote parsing with library version
 2025-05-06 11:11:08 +02:00
Harald Hoyer
2118466a8a
refactor: replace custom Quote parsing with library version 
- Removed custom `Quote` structure and parsing logic in `teepot/src/sgx/mod.rs`.
- Updated references to use the library-provided `Quote` methods, such as `Quote::parse` and `get_report_data`.
- Simplified code and reduced redundancy by leveraging existing library functionality.
 2025-05-05 14:54:41 +02:00
Lucille Blumire
9bd0e9c36e
Merge pull request #305 from matter-labs/small-quality 
refactor: many small code quality improvements
 2025-04-17 17:43:22 +01:00
Lucille L. Blumire
d54f7b14ad
refactor: remove redundant continue 2025-04-17 16:53:01 +01:00
Lucille L. Blumire
2ca0b47169
refactor: improve punctuation readability 2025-04-17 16:52:59 +01:00
Lucille L. Blumire
6a9e035d19
refactor: combine equivalent match branches 2025-04-17 16:52:59 +01:00
Lucille L. Blumire
36afc85d38
refactor: prefer if let to single variant match 2025-04-17 16:52:57 +01:00
Lucille L. Blumire
2ff169da9f
refactor: improve type ergonomics 2025-04-17 16:52:56 +01:00
Lucille L. Blumire
0768b0ad67
refactor: prefer conversion methods to infallable casts 2025-04-17 16:52:54 +01:00
Lucille L. Blumire
2dea589c0e
refactor: prefer inline format args 2025-04-17 16:52:53 +01:00
Lucille L. Blumire
71a04ad4e2
refactor: bring items to top level of files 2025-04-17 16:52:49 +01:00
Harald Hoyer
b8398ad15f
Merge pull request #303 from matter-labs/ld_library_path 
refactor(shells): simplify environment variable declarations
 2025-04-14 18:02:07 +02:00
Harald Hoyer
8903c1dc62
Merge branch 'main' into ld_library_path 2025-04-14 17:52:44 +02:00
Harald Hoyer
2d9a7bd384
Merge pull request #304 from matter-labs/intel-dcap-api-descriptionj 
feat: add description to intel-dcap-api package
 2025-04-14 17:52:21 +02:00
Harald Hoyer
d03ed96bb8
feat: add description to intel-dcap-api package 
- Added a description field to the Cargo.toml for the intel-dcap-api crate.
 2025-04-14 17:26:21 +02:00
Harald Hoyer
7b1c386e14
refactor(shells): simplify environment variable declarations 
Refactored the environment variable setup by consolidating into a single `env` map for better clarity.
- Removed `TEE_LD_LIBRARY_PATH` and inlined its logic directly within `LD_LIBRARY_PATH`.
- Improved structure and readability of configuration-specific variables like `QCNL_CONF_PATH`.

Let us run directly on x86_64:
```
❯ cargo run --bin verify-era-proof-attestation -- \
            --rpc https://mainnet.era.zksync.io \
            --continuous 493220 \
            --attestation-policy-file bin/verify-era-proof-attestation/examples/attestation_policy.yaml \
            --tee-types sgx \
            --log-level info
```
 2025-04-14 17:07:35 +02:00
Harald Hoyer
9b9acfc0c6
Merge pull request #302 from matter-labs/intel-dcap-api 
feat(api): add Intel DCAP API client module
 2025-04-11 20:12:31 +02:00
Harald Hoyer
1a392e800a
fixup! refactor(intel-dcap-api): split client.rs into smaller files 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-04-11 12:34:09 +02:00
Harald Hoyer
4501b3421c
fixup! refactor(intel-dcap-api): split client.rs into smaller files 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-04-11 12:23:53 +02:00
Harald Hoyer
0e69105a43
refactor(intel-dcap-api): split client.rs into smaller files 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-04-11 11:06:13 +02:00
Harald Hoyer
ed84a424db
feat(api): add Intel DCAP API client module 
Introduced a new `intel-dcap-api` crate for interacting with Intel's DCAP APIs.
- Implemented various API client functionalities for SGX/TDX attestation services.
- Added support for registration, certification, enclave identity, and FMSPC retrieval.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-04-10 14:51:51 +02:00
Harald Hoyer
93c35dad38
Merge pull request #300 from matter-labs/darwin 
feat: compat code for non `x86_64-linux`
 2025-04-10 13:25:33 +02:00
Harald Hoyer
0b8f1d54c7
feat: bump rust version to 1.86 
fixes the hardcoded `/usr/bin/strip` issue on macos

see https://github.com/rust-lang/rust/issues/131206

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-04-10 11:57:47 +02:00
Harald Hoyer
eb39705ff1
feat: compat code for non x86_64-linux 
- do not build packages, which require `x86_64-linux`
- use Phala `dcap-qvl` crate for remote attestation, if possible
- nix: exclude `nixsgx` on non `x86_64-linux` platforms

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-04-10 11:57:46 +02:00
Harald Hoyer
ed808efd03
Merge pull request #296 from matter-labs/verify-era-proof-attestation-tdx 
refactor(verify-era-proof-attestation): modularize and restructure proof verification logic
 2025-04-07 10:13:52 +02:00
Harald Hoyer
95b6a2d70a
refactor(verify-era-proof-attestation): replace watch channel with CancellationToken 
Refactored stop signal handling in all components to use `tokio_util::sync::CancellationToken` instead of `tokio::sync::watch`.

- Improved cancellation logic by leveraging `CancellationToken` for cleaner and more efficient handling.
- Updated corresponding dependency to `tokio-util` version `0.7.14`.
 2025-04-07 08:54:00 +02:00
Harald Hoyer
2605e2ae3a
refactor(verify-era-proof-attestation): modularize and restructure proof verification logic 
- Split `verify-era-proof-attestation` into modular subcomponents for maintainability.
- Moved client, proof handling, and core types into dedicated modules.
 2025-04-04 17:05:30 +02:00
Harald Hoyer
1e853f653a
refactor(quote): move TCB level logic to a dedicated module 
- Extracted `TcbLevel` functionality from `sgx` module to `quote::tcblevel`.
- Updated all references to import `TcbLevel` and related utilities from `quote::tcblevel`.
- Updated copyright headers to reflect the new year range.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-04-04 17:05:23 +02:00
Harald Hoyer
2ba5c45d31
Merge pull request #299 from matter-labs/leftover 
fix(teepot-vault): remove leftover `tdx` module
 2025-04-04 16:04:09 +02:00
Harald Hoyer
8596e0dc6a
fix(teepot-vault): remove leftover tdx module 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-04-04 14:40:43 +02:00
Harald Hoyer
fdad63e4b1
Merge pull request #298 from matter-labs/yaml 
feat(ci): switch to GitHub Container Registry for images
 2025-04-02 17:28:06 +02:00
Harald Hoyer
3257f316b5
feat(ci): switch to GitHub Container Registry for images 
Updated the workflow to push container images to GitHub Container Registry instead of Docker Hub. Added a login step for GHCR and updated image tagging and pushing commands accordingly.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-04-02 17:10:20 +02:00