@inco/lightning 0.3.2 → 0.5.0

package/src/test/TEELifecycle/TEELifecycleHWTest.t.sol

@@ -1,119 +0,0 @@
-// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-
-import "forge-std/Test.sol";
-
-import "../../lightning-parts/TEELifecycle.types.sol";
-import "../../lightning-parts/TEELifecycle.sol";
-import "../../DeployUtils.sol";
-import "../../DeployTEE.sol";
-import {TestUtils} from "@inco/shared/src/TestUtils.sol";
-
-import {EnclaveIdentityJsonObj} from "@automata-network/on-chain-pccs/helpers/EnclaveIdentityHelper.sol";
-import {TcbInfoJsonObj} from "@automata-network/on-chain-pccs/helpers/FmspcTcbHelper.sol";
-import {IQuoteVerifier} from "automata-dcap-attestation/interfaces/IQuoteVerifier.sol";
-
-contract TEELifecycleHWTest is DeployUtils , TestUtils, DeployTEE {
-    using stdStorage for StdStorage;
-
-    // This is the MRTD from Adrian's v0 TDX VM running on GCP that was used to generate the test data.
-    bytes public v0mrtd = hex"409c0cd3e63d9ea54d817cf851983a220131262664ac8cd02cc6a2e19fd291d2fdd0cc035d7789b982a43a92a4424c99";
-
-    // This is the address that is used as the lifecycle contract address in Adrian's v0 TDX VM.
-    address lifecycleAddress = 0x63D8135aF4D393B1dB43B649010c8D3EE19FC9fd;
-
-    // Avoid expired collateral and certificate errors by setting time to
-    // the date when the test data was generated.
-    uint256 collateral_timestamp = 1754498833; 
-
-    // This is the location of the bootstrap and add node and test data files
-    string bootstrapDir;
-    string addNodeDir;
-
-    TEELifecycle lifecycle;
-
-    address immutable owner; 
-    
-    constructor() {
-        owner = getLabeledAddress("owner");
-    }
-    
-    function setUp() public {
-        // This test data was generate by running the TEELifecycle binary in a real TDX environment
-        // to generate the quote and other files.
-        bootstrapDir = string.concat(vm.projectRoot(), "/src/test/TEELifecycle/bootstrap_data/");
-        addNodeDir = string.concat(vm.projectRoot(), "/src/test/TEELifecycle/addnode_data/");
-        string memory certDir = string.concat(vm.projectRoot(), "/src/test/TEELifecycle/test_cert/");
-
-        vm.warp(collateral_timestamp);
-        vm.startPrank(owner);
-        
-        // PCCS Setup
-        deployP256();
-        deployPCCS(owner, certDir);
-        IQuoteVerifier quoteVerifier = deployQuoteVerifier();
-
-        bytes memory lifecycleCode = address(deployTEELifecycle(owner, address(quoteVerifier))).code;
-        // Make sure the verifyingContract for the EIP217 domain matches the one in the test data
-        // By using vm.etch to deploy the TEELifecycle contract at a specific address
-        vm.etch(lifecycleAddress, lifecycleCode);
-        lifecycle = TEELifecycle(lifecycleAddress);
-
-        // Make sure the name and version for the EIP712 domain matches the one in the test data
-        lifecycle.initialize(owner, "IncoTeeLifecycleBootstrap", "1.0.0", address(quoteVerifier));
-
-        vm.stopPrank();
-    }
-
-    function test_LifecycleBootstrap() public {
-        _uploadCollateral(bootstrapDir);
-        string memory expected_address_string = vm.readFile(string.concat(bootstrapDir, "eoa.txt"));
-        address expected_address = vm.parseAddress(expected_address_string);
-    
-        vm.startPrank(owner);
-        bytes memory pubkey = vm.readFileBinary(string.concat(bootstrapDir, "ecies_pubkey.bin"));
-        BootstrapResult memory bootstrapResult = BootstrapResult({ecies_pubkey: pubkey});
-        bytes memory quote = vm.readFileBinary(string.concat(bootstrapDir, "quote.bin"));
-        bytes memory sig = vm.readFileBinary(string.concat(bootstrapDir, "eip712_signature.bin"));
-        lifecycle.approveNewTEEVersion(v0mrtd);
-        lifecycle.verifyBootstrapResult(bootstrapResult, quote, sig);
-
-        (bytes memory mrtd,) = lifecycle.TEEVersionHistory(0);
-        assert(keccak256(mrtd) == keccak256(v0mrtd));
-        assert(lifecycle.isBootstrapComplete() == true);
-        assert(keccak256(lifecycle.ECIESPubkey()) == keccak256(pubkey));
-        assert(lifecycle.EOASigners(expected_address));
-        vm.stopPrank();
-    }
-
-    function test_LifecycleNewEOA() public {
-        // This test assumes that the lifecycle bootstrap is already completed
-        test_LifecycleBootstrap();
-
-        string memory expected_address_string = vm.readFile(string.concat(addNodeDir, "eoa.txt"));
-        address expected_address = vm.parseAddress(expected_address_string);
-
-        vm.startPrank(owner);
-        bytes memory quote2 = vm.readFileBinary(string.concat(addNodeDir, "quote.bin"));
-        lifecycle.addNewCovalidator(quote2);
-        vm.stopPrank();
-
-        assert(lifecycle.EOASigners(expected_address));
-    }
-
-    function _uploadCollateral(string memory collateralDir) private {
-        vm.startPrank(owner);
-        // upload collateral
-        string memory tcbInfoStr = vm.readFile(string.concat(collateralDir, "tcb_info"));
-        bytes memory tcbInfoSig = vm.readFileBinary(string.concat(collateralDir, "tcb_info_signature.bin"));
-        TcbInfoJsonObj memory tcbInfo = TcbInfoJsonObj(tcbInfoStr, tcbInfoSig);
-
-        string memory qeIdStr = vm.readFile(string.concat(collateralDir, "qe_identity"));
-        bytes memory qeIdSig = vm.readFileBinary(string.concat(collateralDir, "qe_identity_signature.bin"));
-        EnclaveIdentityJsonObj memory identityJson = EnclaveIdentityJsonObj(qeIdStr, qeIdSig);
-        
-        lifecycle.uploadCollateral(tcbInfo, identityJson);
-
-        vm.stopPrank();
-    }
-}

package/src/test/TEELifecycle/addnode_data/eoa.txt

@@ -1 +0,0 @@
-0x32B70C13186E3B81137ec09c0CB3ee8e14e69f64

package/src/test/TEELifecycle/bootstrap_data/ecies_pubkey.bin

@@ -1 +0,0 @@
-�@��3��X���r�F��[s�X"�t��$��

package/src/test/TEELifecycle/bootstrap_data/eip712_signature.bin

@@ -1 +0,0 @@
-�a�[O$��������G�s#������@ZH �W#��3�-`�x'r�U�?G�)|H3}�K;

package/src/test/TEELifecycle/bootstrap_data/eoa.txt

@@ -1 +0,0 @@
-0x8461984E47D19e9B86702F398982a5c2747A734D

package/src/test/TEELifecycle/bootstrap_data/qe_identity

@@ -1 +0,0 @@
-{"id":"TD_QE","version":2,"issueDate":"2025-08-06T16:32:25Z","nextUpdate":"2025-09-05T16:32:25Z","tcbEvaluationDataNumber":17,"miscselect":"00000000","miscselectMask":"FFFFFFFF","attributes":"11000000000000000000000000000000","attributesMask":"FBFFFFFFFFFFFFFF0000000000000000","mrsigner":"DC9E2A7C6F948F17474E34A7FC43ED030F7C1563F1BABDDF6340C82E0E54A8C5","isvprodid":2,"tcbLevels":[{"tcb":{"isvsvn":4},"tcbDate":"2024-03-13T00:00:00Z","tcbStatus":"UpToDate"}]}

package/src/test/TEELifecycle/bootstrap_data/qe_identity_signature.bin

@@ -1 +0,0 @@
-ETw���bwޱ�˧����-ĭ�%u#O�Po�����'�ࣳE&T�d�.F�����|��

package/src/test/TEELifecycle/bootstrap_data/tcb_info

@@ -1 +0,0 @@
-{"id":"TDX","version":3,"issueDate":"2025-08-06T16:25:19Z","nextUpdate":"2025-09-05T16:25:19Z","fmspc":"00806F050000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":17,"tdxModule":{"mrsigner":"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","attributes":"0000000000000000","attributesMask":"FFFFFFFFFFFFFFFF"},"tdxModuleIdentities":[{"id":"TDX_03","mrsigner":"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","attributes":"0000000000000000","attributesMask":"FFFFFFFFFFFFFFFF","tcbLevels":[{"tcb":{"isvsvn":3},"tcbDate":"2024-03-13T00:00:00Z","tcbStatus":"UpToDate"}]},{"id":"TDX_01","mrsigner":"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","attributes":"0000000000000000","attributesMask":"FFFFFFFFFFFFFFFF","tcbLevels":[{"tcb":{"isvsvn":4},"tcbDate":"2024-03-13T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"isvsvn":2},"tcbDate":"2023-08-09T00:00:00Z","tcbStatus":"OutOfDate"}]}],"tcbLevels":[{"tcb":{"sgxtcbcomponents":[{"svn":7,"category":"BIOS","type":"Early Microcode Update"},{"svn":7,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":2,"category":"OS/VMM","type":"TXT SINIT"},{"svn":2,"category":"BIOS"},{"svn":3,"category":"BIOS"},{"svn":1,"category":"BIOS"},{"svn":0},{"svn":3,"category":"OS/VMM","type":"SEAMLDR ACM"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":11,"tdxtcbcomponents":[{"svn":5,"category":"OS/VMM","type":"TDX Module"},{"svn":0,"category":"OS/VMM","type":"TDX Module"},{"svn":7,"category":"OS/VMM","type":"TDX Late Microcode Update"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}]},"tcbDate":"2024-03-13T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"sgxtcbcomponents":[{"svn":6,"category":"BIOS","type":"Early Microcode Update"},{"svn":6,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":2,"category":"OS/VMM","type":"TXT SINIT"},{"svn":2,"category":"BIOS"},{"svn":3,"category":"BIOS"},{"svn":1,"category":"BIOS"},{"svn":0},{"svn":3,"category":"OS/VMM","type":"SEAMLDR ACM"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":11,"tdxtcbcomponents":[{"svn":3,"category":"OS/VMM","type":"TDX Module"},{"svn":0,"category":"OS/VMM","type":"TDX Module"},{"svn":6,"category":"OS/VMM","type":"TDX Late Microcode Update"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}]},"tcbDate":"2023-08-09T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00960","INTEL-SA-00982","INTEL-SA-00986"]},{"tcb":{"sgxtcbcomponents":[{"svn":5,"category":"BIOS","type":"Early Microcode Update"},{"svn":5,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":2,"category":"OS/VMM","type":"TXT SINIT"},{"svn":2,"category":"BIOS"},{"svn":3,"category":"BIOS"},{"svn":1,"category":"BIOS"},{"svn":0},{"svn":3,"category":"OS/VMM","type":"SEAMLDR ACM"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":11,"tdxtcbcomponents":[{"svn":3,"category":"OS/VMM","type":"TDX Module"},{"svn":0,"category":"OS/VMM","type":"TDX Module"},{"svn":5,"category":"OS/VMM","type":"TDX Late Microcode Update"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}]},"tcbDate":"2023-02-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00837","INTEL-SA-00960","INTEL-SA-00982","INTEL-SA-00986"]},{"tcb":{"sgxtcbcomponents":[{"svn":5,"category":"BIOS","type":"Early Microcode Update"},{"svn":5,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":2,"category":"OS/VMM","type":"TXT SINIT"},{"svn":2,"category":"BIOS"},{"svn":3,"category":"BIOS"},{"svn":1,"category":"BIOS"},{"svn":0},{"svn":3,"category":"OS/VMM","type":"SEAMLDR ACM"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":5,"tdxtcbcomponents":[{"svn":3,"category":"OS/VMM","type":"TDX Module"},{"svn":0,"category":"OS/VMM","type":"TDX Module"},{"svn":5,"category":"OS/VMM","type":"TDX Late Microcode Update"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}]},"tcbDate":"2018-01-04T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00106","INTEL-SA-00115","INTEL-SA-00135","INTEL-SA-00203","INTEL-SA-00220","INTEL-SA-00233","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00837","INTEL-SA-00960","INTEL-SA-00982","INTEL-SA-00986"]}]}

package/src/test/TEELifecycle/bootstrap_data/tcb_info_signature.bin

@@ -1 +0,0 @@
-��e�3?��b� \���@E\�B���2���v3��KLm�C����

package/src/version/Version.gen.sol

@@ -1,14 +0,0 @@
-/// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-
-import { Strings } from "@openzeppelin/contracts/utils/Strings.sol";
-import { EIP712 } from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
-import { ShortStrings, ShortString } from "@openzeppelin/contracts/utils/ShortStrings.sol";
-
-interface IVersionGen {
-    function getVersionedName() external view returns (string memory);
-
-    function getVersion() external view returns (string memory);
-
-    function getName() external view returns (string memory);
-}