Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: remove unnecessary sp1 risc0 dependencies #11

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

pbeza
Copy link

@pbeza pbeza commented Dec 11, 2024

No description provided.

@pbeza pbeza force-pushed the feat/remove-unnecessary-sp1-risc0-deps branch 2 times, most recently from 1168b05 to b181729 Compare December 12, 2024 09:03
@pbeza pbeza force-pushed the feat/remove-unnecessary-sp1-risc0-deps branch from b181729 to 1a0705c Compare December 13, 2024 11:37
@@ -0,0 +1,77 @@
//SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

Check warning

Code scanning / Slither

Different pragma directives are used

4 different versions of Solidity are used: - Version constraint ^0.8.0 is used by: -^0.8.0 (contracts/AutomataDcapAttestation.sol#2) -^0.8.0 (contracts/PCCSRouter.sol#2) -^0.8.0 (contracts/bases/EnclaveIdBase.sol#2) -^0.8.0 (contracts/bases/QuoteVerifierBase.sol#2) -^0.8.0 (contracts/bases/TDXModuleBase.sol#2) -^0.8.0 (contracts/bases/X509ChainBase.sol#2) -^0.8.0 (contracts/bases/tcb/TCBInfoV2Base.sol#2) -^0.8.0 (contracts/bases/tcb/TCBInfoV3Base.sol#2) -^0.8.0 (contracts/types/CommonStruct.sol#2) -^0.8.0 (contracts/types/Constants.sol#2) -^0.8.0 (contracts/types/V3Structs.sol#2) -^0.8.0 (contracts/types/V4Structs.sol#2) -^0.8.0 (contracts/utils/BELE.sol#2) -^0.8.0 (contracts/utils/BytesUtils.sol#2) -^0.8.0 (contracts/utils/P256Verifier.sol#2) -^0.8.0 (contracts/verifiers/V3QuoteVerifier.sol#2) -^0.8.0 (contracts/verifiers/V4QuoteVerifier.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/Common.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/bases/EnclaveIdentityDao.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/bases/FmspcTcbDao.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/bases/PckDao.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/bases/PcsDao.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/bases/SigVerifyBase.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/helpers/EnclaveIdentityHelper.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/helpers/FmspcTcbHelper.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/helpers/PCKHelper.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/helpers/X509CRLHelper.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/helpers/X509Helper.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/utils/Asn1Decode.sol#3) -^0.8.0 (lib/automata-on-chain-pccs/src/utils/BytesUtils.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/utils/DateTimeUtils.sol#2) -^0.8.0 (lib/automata-on-chain-pccs/src/utils/P256Verifier.sol#2) - Version constraint >=0.8.0 is used by: ->=0.8.0 (contracts/interfaces/IPCCSRouter.sol#2) ->=0.8.0 (contracts/interfaces/IQuoteVerifier.sol#2) ->=0.8.0 (lib/automata-on-chain-pccs/src/bases/DaoBase.sol#2) ->=0.8.0 (lib/automata-on-chain-pccs/src/interfaces/IDaoAttestationResolver.sol#2) - Version constraint ^0.8.20 is used by: -^0.8.20 (lib/automata-on-chain-pccs/lib/openzeppelin-contracts/contracts/utils/structs/EnumerableSet.sol#5) - Version constraint ^0.8.4 is used by: -^0.8.4 (lib/automata-on-chain-pccs/lib/solady/src/auth/Ownable.sol#2) -^0.8.4 (lib/automata-on-chain-pccs/lib/solady/src/utils/Base64.sol#2) -^0.8.4 (lib/automata-on-chain-pccs/lib/solady/src/utils/DateTimeLib.sol#2) -^0.8.4 (lib/automata-on-chain-pccs/lib/solady/src/utils/JSONParserLib.sol#2) -^0.8.4 (lib/automata-on-chain-pccs/lib/solady/src/utils/LibString.sol#2)
@@ -0,0 +1,77 @@
//SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

Check warning

Code scanning / Slither

Incorrect versions of Solidity

Version constraint ^0.8.0 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html) - FullInlinerNonExpressionSplitArgumentEvaluationOrder - MissingSideEffectsOnSelectorAccess - AbiReencodingHeadOverflowWithStaticArrayCleanup - DirtyBytesArrayToStorage - DataLocationChangeInInternalOverride - NestedCalldataArrayAbiReencodingSizeValidation - SignedImmutables - ABIDecodeTwoDimensionalArrayMemory - KeccakCaching. It is used by: - ^0.8.0 (contracts/AutomataDcapAttestation.sol#2) - ^0.8.0 (contracts/PCCSRouter.sol#2) - ^0.8.0 (contracts/bases/EnclaveIdBase.sol#2) - ^0.8.0 (contracts/bases/QuoteVerifierBase.sol#2) - ^0.8.0 (contracts/bases/TDXModuleBase.sol#2) - ^0.8.0 (contracts/bases/X509ChainBase.sol#2) - ^0.8.0 (contracts/bases/tcb/TCBInfoV2Base.sol#2) - ^0.8.0 (contracts/bases/tcb/TCBInfoV3Base.sol#2) - ^0.8.0 (contracts/types/CommonStruct.sol#2) - ^0.8.0 (contracts/types/Constants.sol#2) - ^0.8.0 (contracts/types/V3Structs.sol#2) - ^0.8.0 (contracts/types/V4Structs.sol#2) - ^0.8.0 (contracts/utils/BELE.sol#2) - ^0.8.0 (contracts/utils/BytesUtils.sol#2) - ^0.8.0 (contracts/utils/P256Verifier.sol#2) - ^0.8.0 (contracts/verifiers/V3QuoteVerifier.sol#2) - ^0.8.0 (contracts/verifiers/V4QuoteVerifier.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/Common.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/bases/EnclaveIdentityDao.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/bases/FmspcTcbDao.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/bases/PckDao.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/bases/PcsDao.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/bases/SigVerifyBase.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/helpers/EnclaveIdentityHelper.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/helpers/FmspcTcbHelper.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/helpers/PCKHelper.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/helpers/X509CRLHelper.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/helpers/X509Helper.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/utils/Asn1Decode.sol#3) - ^0.8.0 (lib/automata-on-chain-pccs/src/utils/BytesUtils.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/utils/DateTimeUtils.sol#2) - ^0.8.0 (lib/automata-on-chain-pccs/src/utils/P256Verifier.sol#2)
Comment on lines +15 to +77
contract AutomataDcapAttestation is Ownable {
mapping(uint16 quoteVersion => IQuoteVerifier verifier)
public quoteVerifiers;

constructor() {
_initializeOwner(msg.sender);
}

/**
* @notice Sets the QuoteVerifier contract for specific DCAP quote version
* @param verifier - the address of a version-specific QuoteVerifier contract
*/
function setQuoteVerifier(address verifier) external onlyOwner {
IQuoteVerifier quoteVerifier = IQuoteVerifier(verifier);
quoteVerifiers[quoteVerifier.quoteVersion()] = quoteVerifier;
}

/**
* @notice full on-chain verification for an attestation
* @param rawQuote - Intel DCAP Quote serialized in raw bytes
* @return success - whether the quote has been successfully verified or not
* @return output - the output upon completion of verification. The output data may require post-processing by the consumer.
* For verification failures, the output is simply a UTF-8 encoded string, describing the reason for failure.
* @dev can directly type-cast the failed output as a string
*/
function verifyAndAttestOnChain(
bytes calldata rawQuote
) external view returns (bool success, bytes memory output) {
// Parse the header
Header memory header = _parseQuoteHeader(rawQuote);

IQuoteVerifier quoteVerifier = quoteVerifiers[header.version];
if (address(quoteVerifier) == address(0)) {
return (false, bytes("Unsupported quote version"));
}

// We found a supported version, begin verifying the quote
// Note: The quote header cannot be trusted yet, it will be validated by the Verifier library
(success, output) = quoteVerifier.verifyQuote(header, rawQuote);
}

/**
* @notice Parses the header to get basic information about the quote, such as the version, TEE types etc.
*/
function _parseQuoteHeader(
bytes calldata rawQuote
) private pure returns (Header memory header) {
bytes2 attestationKeyType = bytes2(rawQuote[2:4]);
bytes2 qeSvn = bytes2(rawQuote[8:10]);
bytes2 pceSvn = bytes2(rawQuote[10:12]);
bytes16 qeVendorId = bytes16(rawQuote[12:28]);

header = Header({
version: uint16(BELE.leBytesToBeUint(rawQuote[0:2])),
attestationKeyType: attestationKeyType,
teeType: bytes4(uint32(BELE.leBytesToBeUint(rawQuote[4:8]))),
qeSvn: qeSvn,
pceSvn: pceSvn,
qeVendorId: qeVendorId,
userData: bytes20(rawQuote[28:48])
});
}
}

Check warning

Code scanning / Slither

Contracts that lock Ether

Contract locking ether found: Contract AutomataDcapAttestation (contracts/AutomataDcapAttestation.sol#15-77) has payable functions: - Ownable.transferOwnership(address) (lib/automata-on-chain-pccs/lib/solady/src/auth/Ownable.sol#174-183) - Ownable.renounceOwnership() (lib/automata-on-chain-pccs/lib/solady/src/auth/Ownable.sol#186-188) - Ownable.requestOwnershipHandover() (lib/automata-on-chain-pccs/lib/solady/src/auth/Ownable.sol#192-205) - Ownable.cancelOwnershipHandover() (lib/automata-on-chain-pccs/lib/solady/src/auth/Ownable.sol#208-218) - Ownable.completeOwnershipHandover(address) (lib/automata-on-chain-pccs/lib/solady/src/auth/Ownable.sol#222-238) But does not have a function to withdraw the ether
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant