npm - @inco/lightning - Versions diffs - 0.3.2 → 0.5.0 - Mend

@inco/lightning 0.3.2 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (108) hide show

package/src/lightning-parts/DecryptionHandler.sol DELETED Viewed

@@ -1,307 +0,0 @@
-// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import "./DecryptionHandler.gen.sol";
-import "./DecryptionHandler.types.sol";
-import {BaseAccessControlList} from "./AccessControl/BaseAccessControlList.sol";
-import {EIP712} from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
-import {EventCounter} from "./primitives/EventCounter.sol";
-import {IDecryptionHandlerEip712CheckerGen} from "./DecryptionHandler.gen.sol";
-import {SenderNotAllowedForHandle} from "../Types.sol";
-import {SignatureVerifier} from "./primitives/SignatureVerifier.sol";
-contract DecryptionHandlerStorage {
-    struct DecryptionStorage {
-        // The next request ID to assign. This and higher numbers have never been used,
-        // hence there are no pending requests in that range.
-        uint256 nextRequestId;
-        mapping(uint256 => Request) requests;
-        // A requestId for which all previous requests have been fulfilled or are expired.
-        // Must be less than or equal to nextRequestId.  Only increases.
-        uint256 lowWatermark;
-    }
-    bytes32 private constant DecryptionStorageLocation =
-        keccak256("inco.storage.DecryptionHandler");
-    function getDecryptionStorage()
-        internal
-        pure
-        returns (DecryptionStorage storage $)
-    {
-        bytes32 loc = DecryptionStorageLocation;
-        assembly {
-            $.slot := loc
-        }
-    }
-}
-abstract contract DecryptionHandlerEip712Checker is IDecryptionHandlerEip712CheckerGen, EIP712, SignatureVerifier {
-    bytes32 constant DecryptionResultStructHash =
-        keccak256(
-            "DecryptionResult(bytes32 abiEncodedResult,uint256 requestId)"
-        );
-    function decryptionResultDigest(
-        DecryptionResult memory result
-    ) public view returns (bytes32) {
-        return
-            _hashTypedDataV4(
-                keccak256(
-                    abi.encode(
-                        DecryptionResultStructHash,
-                        result.abiEncodedResult,
-                        result.requestId
-                    )
-                )
-            );
-    }
-    function isValidResult(
-        DecryptionResult memory result,
-        bytes memory signature
-    ) internal view returns (bool) {
-        return isValidSignature(decryptionResultDigest(result), signature);
-    }
-}
-abstract contract DecryptionHandler is
-    IDecryptionHandlerGen,
-    BaseAccessControlList,
-    EventCounter,
-    DecryptionHandlerStorage,
-    DecryptionHandlerEip712Checker
-{
-    // The Covalidator callback machinery relies on these exact error signatures which are hardcoded in eth_callback.go
-    error AllRequestsAlreadyFulfilledOrExpired();
-    // Thrown when either msg.sender is not a valid signer or the signature is not from a valid signer
-    error InvalidResultSignature(address msgSender, bytes signature);
-    event RequestFulfilled(
-        uint256 indexed requestId,
-        bool success,
-        uint256 eventId,
-        bytes32 handle
-    );
-    // Maximum number of request mappings to access on any operation.
-    uint256 constant ITERATION_BOUND = 100;
-    function pending(Request memory r) internal view returns (bool) {
-        return !r.fulfilled && r.maxTimestamp >= block.timestamp;
-    }
-    /// @dev callback function MUST be of form `function name(bytes32 requestId, bytes32 result, bytes memory data)`
-    function requestDecryption(
-        // todo support multiple handles per request
-        bytes4 callbackSelector,
-        uint256 maxTimestamp,
-        bytes32 handle,
-        bytes memory data
-    ) external returns (uint256 requestId) {
-        require(
-            isAllowed(handle, msg.sender),
-            SenderNotAllowedForHandle(handle, msg.sender)
-        );
-        DecryptionStorage storage $ = getDecryptionStorage();
-        requestId = $.nextRequestId;
-        $.nextRequestId++;
-        $.requests[requestId] = Request({
-            maxTimestamp: maxTimestamp,
-            callbackContract: msg.sender,
-            callbackSelector: callbackSelector,
-            fulfilled: false,
-            data: data,
-            handle: handle,
-            requestId: requestId
-        });
-        advanceLowWatermark(ITERATION_BOUND);
-        emit DecryptionRequested(
-            requestId,
-            handle,
-            maxTimestamp,
-            getNewEventId()
-        );
-    }
-    function fulfillRequest(
-        DecryptionResult memory result,
-        bytes memory signature
-    ) external {
-        SignedDecryptionResult[]
-            memory signedResults = new SignedDecryptionResult[](1);
-        signedResults[0] = SignedDecryptionResult({
-            result: result,
-            signature: signature
-        });
-        fulfillRequestsBatch(signedResults);
-    }
-    function fulfillRequestsBatch(
-        SignedDecryptionResult[] memory results
-    ) public {
-        DecryptionStorage storage $ = getDecryptionStorage();
-        bool fulfilledSome = false;
-        for (uint i = 0; i < results.length; i++) {
-            Request storage request = $.requests[results[i].result.requestId];
-            if (!pending(request)) {
-                // The request was already fulfilled, or has expired.  Neither is an error.
-                continue;
-            }
-            // Support either an EIP712 signature or a direct call from the signer
-            require(
-                isSigner(msg.sender) ||
-                    isValidResult(results[i].result, results[i].signature),
-                InvalidResultSignature(msg.sender, results[i].signature)
-            );
-            bytes memory callbackCalldata = abi.encodeWithSelector(
-                request.callbackSelector,
-                results[i].result.requestId,
-                results[i].result.abiEncodedResult,
-                request.data
-                // TODO: add handle as an integrity check - already added to DecryptionResult but adding here would mean
-                //   dapp callback function signatures would need to change - which would be a breaking change
-                // request.handle
-            );
-            (bool success, ) = request.callbackContract.call(callbackCalldata);
-            request.fulfilled = true;
-            fulfilledSome = true;
-            emit RequestFulfilled(
-                results[i].result.requestId,
-                success,
-                getNewEventId(),
-                results[i].result.handle
-            );
-        }
-        // If we did not advance we revert, so that we can detect if everything is fulfilled during gas estimation
-        require(fulfilledSome, AllRequestsAlreadyFulfilledOrExpired());
-        // Otherwise, do some work to advance the low water mark.
-        advanceLowWatermark(ITERATION_BOUND);
-    }
-    /**
-     * @dev Get some pending requests.
-     * @param offset A parameter for paginating through the whole set of pending requests.
-     *     Use zero for an initial query, then use the previous query's nextOffset to continue traversal.
-     * @param maxRequests The maximum number of pending to return.
-     * @param iterationBound The maximum number of non-pending requests to iterate over before returning.
-     * @return nextOffset The next offset to use to continue to scan through the pending request set.
-     *     Returns the input offset if the whole set has been scanned.  Can re-query with this offset
-     *     to see any new pending requests, or re-query with a zero offset to return the whole set again.
-     * @return requests Some pending requests.  May be fewer than requested, possibly zero.  There may be
-     *     more requests available if the returned nextOffset is greater than the input offset.
-     */
-    function getPendingRequests(
-        uint256 offset,
-        uint256 maxRequests,
-        uint256 iterationBound
-    ) external view returns (uint256 nextOffset, Request[] memory requests) {
-        DecryptionStorage storage $ = getDecryptionStorage();
-        uint256 lwm = $.lowWatermark;
-        uint256 nextRequestId = $.nextRequestId;
-        // Start at the higher of offset and lwm, possibly skipping many completed requests.
-        uint256 id = offset;
-        if (id < lwm) {
-            id = lwm;
-        }
-        // Don't scan more than iterationBound extra entries or pass the nextRequestId.
-        uint256 limit = id + maxRequests + iterationBound;
-        if (limit > nextRequestId) {
-            limit = nextRequestId;
-        }
-        // Now id >= lmw and limit <= nextRequestId.
-        // It's possible that id >= limit, which is fine,
-        // and the next two loops will exit immediately.
-        // First calculate the size of array we need to allocate.
-        // (It's cheaper to scan the requests twice instead of allocating too much.)
-        uint256 numRequests = 0;
-        for (uint256 i = id; i < limit && numRequests < maxRequests; i++) {
-            Request memory request = $.requests[i];
-            if (pending(request)) {
-                numRequests++;
-            }
-        }
-        // Now populate the array
-        requests = new Request[](numRequests);
-        for (uint256 n = 0; id < limit && n < numRequests; id++) {
-            Request memory request = $.requests[id];
-            if (pending(request)) {
-                requests[n] = request;
-                n++;
-            }
-        }
-        nextOffset = id;
-    }
-    /**
-     * @param offset A parameter for paginating through the whole set of pending requests.
-     *     Use zero for an initial query, then use the previous query's nextOffset to continue traversal.
-     * @param maxRequests The maximum number of pending to return.
-     * @return nextOffset The next offset to use to continue to scan through the pending request set.
-     *     Returns the input offset if the whole set has been scanned.  Can re-query with this offset
-     *     to see any new pending requests, or re-query with a zero offset to return the whole set again.
-     * @return requests Some pending requests.  May be fewer than requested, possibly zero.  There may be
-     *     more requests available if the returned nextOffset is greater than the input offset.
-     */
-    function getPendingRequests(
-        uint256 offset,
-        uint256 maxRequests
-    ) external view returns (uint256 nextOffset, Request[] memory requests) {
-        return this.getPendingRequests(offset, maxRequests, ITERATION_BOUND);
-    }
-    function getNextRequestId() external view returns (uint256) {
-        return getDecryptionStorage().nextRequestId;
-    }
-    function getLowWatermarkRequestId() external view returns (uint256) {
-        return getDecryptionStorage().lowWatermark;
-    }
-    /**
-     * @dev Advance the low watermark until we hit a pending request, the requestId counter, or iterationBound steps.
-     * @param iterationBound The maximum number of requests to iterate over.
-     * @notice This function is public so that we can externally drive the low watermark in extreme cases.
-     */
-    function advanceLowWatermark(uint256 iterationBound) public {
-        DecryptionStorage storage $ = getDecryptionStorage();
-        uint256 lwm = $.lowWatermark;
-        uint256 nextRequestId = $.nextRequestId;
-        // Calling advanceLowWatermark with a 0 iterationBound will have no effect, but it will waste gas, and previously
-        // has been indicative of a bug, so leaving this revert as a affordance to callers.
-        require(iterationBound > 0, "iterateBound is zero!");
-        uint256 limit = lwm + iterationBound;
-        if (limit > nextRequestId) {
-            limit = nextRequestId;
-        }
-        while (lwm < limit) {
-            Request storage request = $.requests[lwm];
-            // Stop advancing when we hit the first still pending request
-            if (pending(request)) {
-                break;
-            }
-            lwm++;
-        }
-        $.lowWatermark = lwm;
-    }
-}

package/src/lightning-parts/DecryptionHandler.types.sol DELETED Viewed

@@ -1,34 +0,0 @@
-// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-struct Request {
-    uint256 maxTimestamp;
-    address callbackContract;
-    bytes4 callbackSelector;
-    bool fulfilled;
-    bytes data;
-    // Adding at end of struct which should be unused state slot for version 0.2.0
-    bytes32 handle;
-    // This value is redundant for the contract but required for getPendingRequests, rather than duplicate this struct
-    // adding it here redundantly for now
-    uint256 requestId;
-}
-struct DecryptionResult {
-    bytes32 abiEncodedResult;
-    uint256 requestId;
-    // Added in 0.2.0 to offer an integrity check
-    bytes32 handle;
-}
-struct SignedDecryptionResult {
-    DecryptionResult result;
-    bytes signature;
-}
-event DecryptionRequested(
-    uint256 indexed requestId,
-    bytes32 indexed handle,
-    uint256 maxTimestamp,
-    uint256 eventId
-);

package/src/lightning-parts/EncryptedInput.gen.sol DELETED Viewed

@@ -1,16 +0,0 @@
-/// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import { BaseAccessControlList } from "./AccessControl/BaseAccessControlList.sol";
-import { EventCounter } from "./primitives/EventCounter.sol";
-import { HandleGeneration } from "./primitives/HandleGeneration.sol";
-import { euint256, ebool, eaddress, ETypes, EVM_HOST_CHAIN_PREFIX, HANDLE_VERSION, HANDLE_INDEX } from "../Types.sol";
-import { HandleAlreadyExists } from "../Errors.sol";
-interface IEncryptedInputGen {
-    function newEuint256(bytes memory ciphertext, address user) external returns (euint256 newValue);
-    function newEbool(bytes memory ciphertext, address user) external returns (ebool newValue);
-    function newEaddress(bytes memory ciphertext, address user) external returns (eaddress newValue);
-}

package/src/lightning-parts/EncryptedOperations.gen.sol DELETED Viewed

@@ -1,59 +0,0 @@
-/// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import { euint256, ebool, EOps, SenderNotAllowedForHandle, ETypes, isTypeSupported, typeToBitMask } from "../Types.sol";
-import { BaseAccessControlList } from "./AccessControl/BaseAccessControlList.sol";
-import { EventCounter } from "./primitives/EventCounter.sol";
-import { HandleGeneration } from "./primitives/HandleGeneration.sol";
-interface IEncryptedOperationsGen {
-    function eAdd(euint256 lhs, euint256 rhs) external returns (euint256 result);
-    function eSub(euint256 lhs, euint256 rhs) external returns (euint256 result);
-    function eMul(euint256 lhs, euint256 rhs) external returns (euint256 result);
-    function eDiv(euint256 lhs, euint256 rhs) external returns (euint256 result);
-    function eRem(euint256 lhs, euint256 rhs) external returns (euint256 result);
-    function eBitAnd(bytes32 lhs, bytes32 rhs) external returns (bytes32 result);
-    function eBitOr(bytes32 lhs, bytes32 rhs) external returns (bytes32 result);
-    function eBitXor(bytes32 lhs, bytes32 rhs) external returns (bytes32 result);
-    function eShl(euint256 lhs, euint256 rhs) external returns (euint256 result);
-    function eShr(euint256 lhs, euint256 rhs) external returns (euint256 result);
-    function eRotl(euint256 lhs, euint256 rhs) external returns (euint256 result);
-    function eRotr(euint256 lhs, euint256 rhs) external returns (euint256 result);
-    function eEq(bytes32 lhs, bytes32 rhs) external returns (ebool result);
-    function eNe(bytes32 lhs, bytes32 rhs) external returns (ebool result);
-    function eGe(euint256 lhs, euint256 rhs) external returns (ebool result);
-    function eGt(euint256 lhs, euint256 rhs) external returns (ebool result);
-    function eLe(euint256 lhs, euint256 rhs) external returns (ebool result);
-    function eLt(euint256 lhs, euint256 rhs) external returns (ebool result);
-    function eMin(euint256 lhs, euint256 rhs) external returns (euint256 result);
-    function eMax(euint256 lhs, euint256 rhs) external returns (euint256 result);
-    function eNot(ebool operand) external returns (ebool result);
-    function eCast(bytes32 ct, ETypes toType) external returns (bytes32 result);
-    function eRand(ETypes randType) external returns (bytes32 result);
-    function eRandBounded(bytes32 upperBound, ETypes randType) external returns (bytes32 result);
-    function eIfThenElse(ebool control, bytes32 ifTrue, bytes32 ifFalse) external returns (bytes32 result);
-}

package/src/lightning-parts/TEELifecycle.gen.sol DELETED Viewed

@@ -1,58 +0,0 @@
-/// SPDX-License-Identifier: No License
-pragma solidity ^0.8.19;
-import "./TEELifecycle.types.sol";
-import { ECDSA } from "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
-import { EIP712 } from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
-import { OwnableUpgradeable } from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
-import { IQuoteVerifier } from "automata-dcap-attestation/interfaces/IQuoteVerifier.sol";
-import { BELE } from "automata-dcap-attestation/utils/BELE.sol";
-import { HEADER_LENGTH } from "automata-dcap-attestation/types/Constants.sol";
-import { TD10ReportBody, Header } from "automata-dcap-attestation/types/V4Structs.sol";
-import { EIP712Upgradeable } from "@openzeppelin/contracts-upgradeable/utils/cryptography/EIP712Upgradeable.sol";
-import { EnclaveIdentityJsonObj, IdentityObj } from "@automata-network/on-chain-pccs/helpers/EnclaveIdentityHelper.sol";
-import { TcbInfoJsonObj } from "@automata-network/on-chain-pccs/helpers/FmspcTcbHelper.sol";
-import { AutomataFmspcTcbDao } from "@automata-network/on-chain-pccs/automata_pccs/AutomataFmspcTcbDao.sol";
-import { AutomataEnclaveIdentityDao } from "@automata-network/on-chain-pccs/automata_pccs/AutomataEnclaveIdentityDao.sol";
-interface ITEELifecycleGen {
-    function initialize(address owner, string memory eip712Name, string memory eip712Version, address quoteVerifierAddress) external;
-    ///  @notice Uploads the collateral to the contract
-    ///  @param tcbInfo - The TCB info to upload
-    ///  @param identity - The identity to upload
-    function uploadCollateral(TcbInfoJsonObj memory tcbInfo, EnclaveIdentityJsonObj memory identity) external;
-    ///  @notice Verifies the bootstrap data against the provided quote and signature
-    ///  @param bootstrapResult - The bootstrap data to verify
-    ///  @param quote - The quote to verify against
-    ///  @param signature - The signature to verify against
-    function verifyBootstrapResult(BootstrapResult calldata bootstrapResult, bytes calldata quote, bytes calldata signature) external;
-    ///  @notice Approves a new TEE version and updates the TEEVersionHistory
-    ///  @param newMRTD - The MRTD bytes of the new TEE version
-    ///  @dev This function increments the version number automatically based on the current history
-    function approveNewTEEVersion(bytes calldata newMRTD) external;
-    ///  @notice Adds a new covalidator to the contract state
-    ///  @param quote - The quote from the new covalidator that contains the current MRTD and the eoa address of the new party in the report data
-    function addNewCovalidator(bytes calldata quote) external;
-    ///  @notice Checks if the bootstrap is complete, meaning that there is an active TEE version.
-    ///  @return true if the bootstrap is complete, false otherwise
-    function isBootstrapComplete() external view returns (bool);
-    ///  @notice From https://github.com/automata-network/automata-dcap-attestation/blob/evm-v1.0.0/evm/contracts/verifiers/V4QuoteVerifier.sol#L309
-    ///  @notice Parses the TD10 report body from the raw quote
-    ///  @param rawQuote - The raw quote bytes
-    ///  @return report - The parsed TD10 report body
-    function parseTD10ReportBody(bytes calldata rawQuote) external pure returns (TD10ReportBody memory report);
-    ///  @notice Parses the TD10 report to extract the report data and MRTD
-    ///  @param tdReport - The TD10 report body
-    ///  @return reportDataSigner - The signing address of the report data signer
-    ///  @return reportMRTD - The MRTD bytes from the report
-    function parseReport(TD10ReportBody memory tdReport) external pure returns (address, bytes memory);
-    function bootstrapResultDigest(BootstrapResult memory bootstrapResult) external view returns (bytes32);
-}

package/src/lightning-parts/TrivialEncryption.gen.sol DELETED Viewed

@@ -1,15 +0,0 @@
-/// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import { EventCounter } from "./primitives/EventCounter.sol";
-import { euint256, ebool, eaddress, ETypes } from "../Types.sol";
-import { BaseAccessControlList } from "./AccessControl/BaseAccessControlList.sol";
-import { HandleGeneration } from "./primitives/HandleGeneration.sol";
-interface ITrivialEncryptionGen {
-    function asEuint256(uint256 value) external returns (euint256 newEuint256);
-    function asEbool(bool value) external returns (ebool newEbool);
-    function asEaddress(address value) external returns (eaddress newEaddress);
-}

package/src/lightning-parts/primitives/HandleGeneration.gen.sol DELETED Viewed

@@ -1,19 +0,0 @@
-/// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import { ETypes, EOps, EVM_HOST_CHAIN_PREFIX, HANDLE_INDEX } from "../../Types.sol";
-import { HandleMetadata } from "./HandleMetadata.sol";
-interface IHandleGenerationGen {
-    function getTrivialEncryptHandle(bytes32 plaintextBytes, ETypes handleType) external view returns (bytes32 generatedHandle);
-    function getInputHandle(bytes memory ciphertext, address user, address contractAddress, ETypes inputType) external view returns (bytes32 generatedHandle);
-    function getOpResultHandle(EOps op, ETypes returnType, bytes32 lhs, bytes32 rhs) external pure returns (bytes32 generatedHandle);
-    function getOpResultHandle(EOps op, ETypes returnType, uint256 counter, bytes32 upperBound) external pure returns (bytes32 generatedHandle);
-    function getOpResultHandle(EOps op, ETypes returnType, bytes32 value) external pure returns (bytes32 generatedHandle);
-    function getOpResultHandle(EOps op, ETypes returnType, bytes32 inputA, bytes32 inputB, bytes32 inputC) external pure returns (bytes32 generatedHandle);
-}

package/src/lightning-parts/primitives/HandleMetadata.gen.sol DELETED Viewed

@@ -1,4 +0,0 @@
-/// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import { HANDLE_VERSION, HANDLE_INDEX, ETypes } from "../../Types.sol";

package/src/lightning-parts/primitives/SignatureVerifier.gen.sol DELETED Viewed

@@ -1,16 +0,0 @@
-/// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import { OwnableUpgradeable } from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
-import { ECDSA } from "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
-import { TEELifecycle } from "../TEELifecycle.sol";
-interface ISignatureVerifierGen {
-    function addSigner(address signerAddress) external;
-    function removeSigner(address signerAddress) external;
-    function isSigner(address signerAddress) external view returns (bool);
-    function isValidSignature(bytes32 hash, bytes memory signature) external view returns (bool);
-}

package/src/test/FibonacciDecrypt.sol DELETED Viewed

@@ -1,49 +0,0 @@
-// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import {IncoLightning} from "../IncoLightning.sol";
-import {euint256} from "../Types.sol";
-contract FibonacciDecrypt {
-    IncoLightning immutable inco;
-    constructor(IncoLightning _inco) {
-        inco = _inco;
-    }
-    // Stores the result of the last callback.
-    uint256 public lastResult;
-    function fib(
-        uint256 n
-    ) external returns (uint256 lastRequestId, euint256 nthTerm) {
-        require(address(inco) != address(0), "IncoLightning not set");
-        euint256 prev = inco.asEuint256(0);
-        lastRequestId = emitTerm(prev);
-        nthTerm = inco.asEuint256(1);
-        lastRequestId = emitTerm(nthTerm);
-        for (uint256 i = 0; i < n-2; i++) {
-            euint256 temp = nthTerm;
-            nthTerm = inco.eAdd(prev, nthTerm);
-            prev = temp;
-            lastRequestId = emitTerm(nthTerm);
-        }
-    }
-    function emitTerm(euint256 term) internal returns (uint256 requestId) {
-        requestId = inco.requestDecryption(
-            this.callback.selector,
-            block.timestamp + 2 hours,
-            euint256.unwrap(term),
-            ""
-        );
-    }
-    function callback(
-        uint256 /* requestId */,
-        uint256 result,
-        bytes memory /* data */
-    ) external {
-        lastResult = result;
-    }
-}