DEV-3547: TCBLevelObj[] Read and Deserialization

contracts/PCCSRouter.sol

@@ -8,6 +8,7 @@
 import {FmspcTcbDao} from "@automata-network/on-chain-pccs/bases/FmspcTcbDao.sol";
 import {PcsDao} from "@automata-network/on-chain-pccs/bases/PcsDao.sol";
 import {PckDao} from "@automata-network/on-chain-pccs/bases/PckDao.sol";
+import {FmspcTcbHelper} from "@automata-network/on-chain-pccs/helpers/FmspcTcbHelper.sol";
 
 /**
  * @title Automata PCCS Router
@@ -31,10 +32,19 @@
     address public override pckDaoAddr;
     address public override pckHelperAddr;
     address public override crlHelperAddr;
+    address public override fmspcTcbHelperAddr;
 
-    constructor(address _qeid, address _fmspcTcb, address _pcs, address _pck, address _pckHelper, address _crlHelper) {
+    constructor(
+        address _qeid, 
+        address _fmspcTcb, 
+        address _pcs, 
+        address _pck,
+        address _x509,
+        address _x509Crl,
+        address _tcbHelper
+    ) {
         _initializeOwner(msg.sender);
-        _setConfig(_qeid, _fmspcTcb, _pcs, _pck, _pckHelper, _crlHelper);
+        _setConfig(_qeid, _fmspcTcb, _pcs, _pck, _x509, _x509Crl, _tcbHelper);
 
         // allowing eth_call
         _authorized[address(0)] = true;
@@ -73,30 +83,33 @@
     }
 
     function setConfig(
-        address _qeid,
-        address _fmspcTcb,
-        address _pcs,
+        address _qeid, 
+        address _fmspcTcb, 
+        address _pcs, 
         address _pck,
-        address _pckHelper,
-        address _crlHelper
+        address _x509,
+        address _x509Crl,
+        address _tcbHelper
     ) external onlyOwner {
-        _setConfig(_qeid, _fmspcTcb, _pcs, _pck, _pckHelper, _crlHelper);
+        _setConfig(_qeid, _fmspcTcb, _pcs, _pck, _x509, _x509Crl, _tcbHelper);
     }
 
     function _setConfig(
-        address _qeid,
-        address _fmspcTcb,
-        address _pcs,
+        address _qeid, 
+        address _fmspcTcb, 
+        address _pcs, 
         address _pck,
-        address _pckHelper,
-        address _crlHelper
+        address _x509,
+        address _x509Crl,
+        address _tcbHelper
     ) private {
         qeIdDaoAddr = _qeid;
         fmspcTcbDaoAddr = _fmspcTcb;
         pcsDaoAddr = _pcs;
         pckDaoAddr = _pck;
-        pckHelperAddr = _pckHelper;
-        crlHelperAddr = _crlHelper;
+        pckHelperAddr = _x509;
+        crlHelperAddr = _x509Crl;
+        fmspcTcbHelperAddr = _tcbHelper;
     }
 
     function getQeIdentity(EnclaveId id, uint256 quoteVersion)
@@ -130,7 +143,9 @@
         bytes memory data = tcbDao.getAttestedData(key);
         valid = data.length > 0;
         if (valid) {
-            (tcbInfo, tcbLevelsV2,,) = abi.decode(data, (TcbInfoBasic, TCBLevelsObj[], string, bytes));
+            bytes memory encodedLevels;
+            (tcbInfo, encodedLevels,,) = abi.decode(data, (TcbInfoBasic, bytes, string, bytes));
+            tcbLevelsV2 = _decodeTcbLevels(encodedLevels);
         } else {
             revert FmspcTcbNotFound(TcbId.SGX, 2);
         }
@@ -154,8 +169,10 @@
         bytes memory data = tcbDao.getAttestedData(key);
         valid = data.length > 0;
         if (valid) {
-            (tcbInfo, tdxModule, tdxModuleIdentities, tcbLevelsV3,,) =
-                abi.decode(data, (TcbInfoBasic, TDXModule, TDXModuleIdentity[], TCBLevelsObj[], string, bytes));
+            bytes memory encodedLevels;
+            (tcbInfo, tdxModule, tdxModuleIdentities, encodedLevels,,) =
+                abi.decode(data, (TcbInfoBasic, TDXModule, TDXModuleIdentity[], bytes, string, bytes));
+            tcbLevelsV3 = _decodeTcbLevels(encodedLevels);
         } else {
             revert FmspcTcbNotFound(id, 3);
         }
@@ -188,6 +205,16 @@
         (success, hash) = _getPcsHash(ca, true);
     }
 
+    function _decodeTcbLevels(bytes memory encodedTcbLevels) private view returns (TCBLevelsObj[] memory tcbLevels) {
+        FmspcTcbHelper fmspcTcbHelper = FmspcTcbHelper(fmspcTcbHelperAddr);
+        bytes[] memory encodedTcbLevelsArr = abi.decode(encodedTcbLevels, (bytes[]));
+        uint256 n = encodedTcbLevelsArr.length;
+        tcbLevels = new TCBLevelsObj[](n);
+        for (uint256 i = 0; i < n; i++) {
+            tcbLevels[i] = fmspcTcbHelper.tcbLevelsObjFromBytes(encodedTcbLevelsArr[i]);
+        }
+    }
+
     function _getPcsAttestationData(CA ca, bool crl) private view returns (bool valid, bytes memory ret) {
         PcsDao pcsDao = PcsDao(pcsDaoAddr);
         ret = pcsDao.getAttestedData(pcsDao.PCS_KEY(ca, crl));

contracts/interfaces/IPCCSRouter.sol

@@ -30,6 +30,8 @@ interface IPCCSRouter {
 
     function crlHelperAddr() external view returns (address);
 
+    function fmspcTcbHelperAddr() external view returns (address);
+
     function getQeIdentity(EnclaveId id, uint256 quoteVersion) external view returns (bool, IdentityObj memory);
 
     function getFmspcTcbV2(bytes6 fmspc) external view returns (bool, TCBLevelsObj[] memory);

forge-script/DeployRouter.s.sol

@@ -21,7 +21,15 @@ contract DeployRouter is Script {
         vm.startBroadcast(deployerKey);
 
         PCCSRouter router =
-            new PCCSRouter(enclaveIdDaoAddr, tcbDaoAddr, pcsDaoAddr, pckDaoAddr, pckHelperAddr, crlHelperAddr);
+            new PCCSRouter(
+                enclaveIdDaoAddr, 
+                tcbDaoAddr, 
+                pcsDaoAddr, 
+                pckDaoAddr,
+                pckHelperAddr,
+                crlHelperAddr,
+                tcbHelperAddr
+            );
         console2.log("Deployed PCCSRouter to", address(router));
 
         vm.stopBroadcast();
@@ -31,7 +39,15 @@ contract DeployRouter is Script {
         vm.startBroadcast(deployerKey);
 
         PCCSRouter router = PCCSRouter(vm.envAddress("PCCS_ROUTER"));
-        router.setConfig(enclaveIdDaoAddr, tcbDaoAddr, pcsDaoAddr, pckDaoAddr, pckHelperAddr, crlHelperAddr);
+        router.setConfig(
+            enclaveIdDaoAddr, 
+            tcbDaoAddr, 
+            pcsDaoAddr, 
+            pckDaoAddr,
+            pckHelperAddr,
+            crlHelperAddr,
+            tcbHelperAddr
+        );
 
         vm.stopBroadcast();
     }

forge-test/AutomataDcapAttestationFeeTest.t.sol

@@ -83,7 +83,7 @@ contract AutomataDcapAttestationFeeTest is PCCSSetupBase, RiscZeroSetup {
         // verify the quote
         uint256 balanceBefore = user.balance;
         uint256 expectedFee = GAS_PRICE_WEI * EXPECTED_GAS;
-        console.log("expected fee: ", expectedFee);
+        // console.log("expected fee: ", expectedFee);
 
         vm.prank(user);
         uint256 a = gasleft();
@@ -94,11 +94,11 @@ contract AutomataDcapAttestationFeeTest is PCCSSetupBase, RiscZeroSetup {
             console.log(string(output));
         } else {
             uint256 gas = a - b;
-            console.log("gas: ", gas);
+            // console.log("gas: ", gas);
 
             uint256 balanceAfter = user.balance;
             uint256 paidFee = balanceBefore - balanceAfter;
-            console.log("paid fee: ", paidFee);
+            // console.log("paid fee: ", paidFee);
         }
 
         assertTrue(success);

forge-test/utils/PCCSSetupBase.sol

@@ -23,7 +23,7 @@ import {AutomataPcsDao} from "@automata-network/on-chain-pccs/automata_pccs/Auto
 import {AutomataPckDao} from "@automata-network/on-chain-pccs/automata_pccs/AutomataPckDao.sol";
 import {AutomataDaoStorage} from "@automata-network/on-chain-pccs/automata_pccs/shared/AutomataDaoStorage.sol";
 
-import {PCCSRouter} from "../../contracts/PCCSRouter.sol";
+import "../../contracts/PCCSRouter.sol";
 
 abstract contract PCCSSetupBase is Test {
     using JSONParserLib for JSONParserLib.Item;
@@ -96,7 +96,8 @@ abstract contract PCCSSetupBase is Test {
             address(pcsDao),
             address(pckDao),
             address(x509),
-            address(x509Crl)
+            address(x509Crl),
+            address(tcbHelper)
         );
 
         // allow PCCS Router to read collaterals from the storage