Trigger attestation check during validate

CHANGELOG.md

@@ -28,6 +28,11 @@ At the moment this project **does not** adhere to
   As such, `UserSignatureRequest` no longer requires the `validators_info` field since the the
   relayer adds that in after. The response received from the validator is now a `Vec<Responses>`
   from the signers.
+- In ([#1063](https://github.com/entropyxyz/entropy-core/pull/1063)) the
+  `pallet_staking_extension::validate()` extrinsic was changed so that in order to populate certain
+  data structures related to a candidates state (namely `ThresholdToStash` and `ThresholdServer`) an
+  attestation from the Attestation pallet must have been received. Success of the `validate()`
+  extrinsic **does not** mean the caller is a candidate or validator.
 
 ### Added
 - Jumpstart network ([#918](https://github.com/entropyxyz/entropy-core/pull/918))
@@ -51,6 +56,7 @@ At the moment this project **does not** adhere to
 - Fix TSS `AccountId` keys in chainspec ([#993](https://github.com/entropyxyz/entropy-core/pull/993))
 - No unbonding when signer or next signer ([#1031](https://github.com/entropyxyz/entropy-core/pull/1031))
 - Add relay tx endpoint ([#1050](https://github.com/entropyxyz/entropy-core/pull/1050))
+- Trigger attestation check during validate ([#1063](https://github.com/entropyxyz/entropy-core/pull/1063))
 
 ### Removed
 - Remove `prune_registration` extrinsic ([#1022](https://github.com/entropyxyz/entropy-core/pull/1022))

crates/shared/src/types.rs

@@ -131,3 +131,34 @@ impl QuoteInputData {
         Self(hasher.finalize().into())
     }
 }
+
+/// A trait used to get different stored keys for a given account ID.
+///
+/// Not every account ID will have an given key, in which case the implementer is expected to
+/// return `None`.
+pub trait KeyProvider<T> {
+    /// Get an X25519 public key, if any, for the given account ID.
+    fn x25519_public_key(account_id: &T) -> Option<X25519PublicKey>;
+
+    /// Get a provisioning certification key, if any, for the given account ID.
+    fn provisioning_key(account_id: &T) -> Option<EncodedVerifyingKey>;
+}
+
+/// A trait used to describe a queue of attestations.
+pub trait AttestationQueue<T> {
+    /// Indicate that a given attestation is ready to be moved from a pending state to a confirmed
+    /// state.
+    fn confirm_attestation(account_id: &T);
+
+    /// Request that an attestation get added to the queue for later processing.
+    fn push_pending_attestation(
+        signer: T,
+        tss_account: T,
+        x25519_public_key: X25519PublicKey,
+        endpoint: Vec<u8>,
+        provisioning_certification_key: EncodedVerifyingKey,
+    );
+
+    /// The list of pending (not processed) attestations.
+    fn pending_attestations() -> Vec<T>;
+}

pallets/attestation/Cargo.toml

@@ -21,6 +21,7 @@ sp-staking        ={ version="27.0.0", default-features=false }
 frame-benchmarking={ version="29.0.0", default-features=false, optional=true }
 sp-std            ={ version="14.0.0", default-features=false }
 pallet-session    ={ version="29.0.0", default-features=false, optional=true }
+rand_chacha       ={ version="0.3", default-features=false }
 
 pallet-parameters={ version="0.2.0", path="../parameters", default-features=false }
 entropy-shared={ version="0.2.0", path="../../crates/shared", features=[
@@ -54,5 +55,6 @@ std=[
   'pallet-parameters/std',
   'sp-io/std',
   "sp-runtime/std",
+  "rand_chacha/std",
 ]
 try-runtime=['frame-support/try-runtime']

pallets/attestation/src/benchmarking.rs

@@ -13,11 +13,9 @@
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
-use entropy_shared::QuoteInputData;
-use frame_benchmarking::{benchmarks, impl_benchmark_test_suite, whitelisted_caller};
-use frame_support::BoundedVec;
+use entropy_shared::{AttestationQueue, QuoteInputData};
+use frame_benchmarking::{account, benchmarks, impl_benchmark_test_suite, whitelisted_caller};
 use frame_system::{EventRecord, RawOrigin};
-use pallet_staking_extension::{ServerInfo, ThresholdServers, ThresholdToStash};
 
 use super::*;
 #[allow(unused)]
@@ -64,18 +62,16 @@ benchmarks! {
     // Insert a pending attestation so that this quote is expected
     <PendingAttestations<T>>::insert(attestee.clone(), nonce);
 
-    let stash_account = <T as pallet_session::Config>::ValidatorId::try_from(attestee.clone())
-        .or(Err(()))
-        .unwrap();
-
-    <ThresholdToStash<T>>::insert(attestee.clone(), stash_account.clone());
-    <ThresholdServers<T>>::insert(stash_account.clone(), ServerInfo {
-        tss_account: attestee.clone(),
-        x25519_public_key: [0; 32],
-        endpoint: b"http://localhost:3001".to_vec(),
-        provisioning_certification_key: pck_encoded.to_vec().try_into().unwrap(),
-    });
-
+    // We also need to write to the queue (whose specific implementation writes to the staking
+    // pallet in this case) to ensure that the `attest` extrinsic has all the information about our
+    // attestee available.
+    T::AttestationQueue::push_pending_attestation(
+        attestee.clone(),
+        attestee.clone(),
+        [0; 32],
+        b"http://localhost:3001".to_vec(),
+        pck_encoded,
+    );
   }: _(RawOrigin::Signed(attestee.clone()), quote.clone())
   verify {
     assert_last_event::<T>(
@@ -84,6 +80,42 @@ benchmarks! {
     // Check that there is no longer a pending attestation
     assert!(!<PendingAttestations<T>>::contains_key(attestee));
   }
+
+  on_initialize {
+      // Note: We should technically be using `MaxPendingAttestations` but we don't have access to
+      // that here...
+      let s in 1 .. 250;
+
+    let caller: T::AccountId = whitelisted_caller();
+    let nonce = [0; 32];
+    let block_number = <frame_system::Pallet<T>>::block_number();
+
+    let pck = tdx_quote::SigningKey::from_bytes(&PCK.into()).unwrap();
+    let pck_encoded = tdx_quote::encode_verifying_key(pck.verifying_key()).unwrap();
+
+    for i in 0..s {
+        let threshold_account_id: T::AccountId = account("threshold", 0, i);
+        T::AttestationQueue::push_pending_attestation(
+            threshold_account_id.clone(),
+            threshold_account_id.clone(),
+            [0; 32],
+            b"http://localhost:3001".to_vec(),
+            pck_encoded,
+        );
+    }
+  }: {
+      use frame_support::traits::Hooks;
+      let _ = AttestationPallet::<T>::on_initialize(block_number);
+  } verify {
+      // Here we'll just spot check one account instead of `s` accounts since if one was written
+      // all were
+      let threshold_account_id: T::AccountId = account("threshold", 0, 0);
+      assert!(PendingAttestations::<T>::get(threshold_account_id).is_some());
+
+      // We want to ensure that all the requests that we added to the `T::AttestationQueue` were
+      // also added to `AttestationRequests`
+      assert!(AttestationRequests::<T>::get(block_number).unwrap().len() == s as usize);
+  }
 }
 
 impl_benchmark_test_suite!(AttestationPallet, crate::mock::new_test_ext(), crate::mock::Test);

pallets/attestation/src/lib.rs

@@ -47,10 +47,17 @@ mod tests;
 
 #[frame_support::pallet]
 pub mod pallet {
-    use entropy_shared::QuoteInputData;
+    use entropy_shared::{AttestationQueue, KeyProvider, QuoteInputData};
     use frame_support::pallet_prelude::*;
+    use frame_support::traits::Randomness;
     use frame_system::pallet_prelude::*;
+    use sp_runtime::traits::TrailingZeroInput;
     use sp_std::vec::Vec;
+
+    use rand_chacha::{
+        rand_core::{RngCore, SeedableRng},
+        ChaCha20Rng, ChaChaRng,
+    };
     use tdx_quote::{decode_verifying_key, Quote};
 
     pub use crate::weights::WeightInfo;
@@ -63,11 +70,17 @@ pub mod pallet {
     pub struct Pallet<T>(_);
 
     #[pallet::config]
-    pub trait Config: frame_system::Config + pallet_staking_extension::Config {
+    pub trait Config: frame_system::Config + pallet_parameters::Config {
         /// The overarching event type.
         type RuntimeEvent: From<Event<Self>> + IsType<<Self as frame_system::Config>::RuntimeEvent>;
         /// Describes the weights of the dispatchables exposed by this pallet.
         type WeightInfo: WeightInfo;
+        /// Something that provides randomness in the runtime.
+        type Randomness: Randomness<Self::Hash, BlockNumberFor<Self>>;
+        /// A type used to get different keys for a given account ID.
+        type KeyProvider: entropy_shared::KeyProvider<Self::AccountId>;
+        /// A type used to describe a queue of attestations.
+        type AttestationQueue: entropy_shared::AttestationQueue<Self::AccountId>;
     }
 
     #[pallet::genesis_config]
@@ -89,7 +102,7 @@ pub mod pallet {
         }
     }
 
-    /// A map of TSS account id to quote nonce for pending attestations
+    /// A map of TSS Account ID to quote nonce for pending attestations
     #[pallet::storage]
     #[pallet::getter(fn pending_attestations)]
     pub type PendingAttestations<T: Config> =
@@ -117,10 +130,10 @@ pub mod pallet {
         UnexpectedAttestation,
         /// Hashed input data does not match what was expected
         IncorrectInputData,
-        /// Cannot lookup associated stash account
-        NoStashAccount,
-        /// Cannot lookup associated TS server info
-        NoServerInfo,
+        /// The given account doesn't have a registered X25519 public key.
+        NoX25519KeyForAccount,
+        /// The given account doesn't have a registered provisioning certification key.
+        NoPCKForAccount,
         /// Unacceptable VM image running
         BadMrtdValue,
         /// Cannot decode verifying key (PCK)
@@ -149,13 +162,9 @@ pub mod pallet {
             // Parse the quote (which internally verifies the attestation key signature)
             let quote = Quote::from_bytes(&quote).map_err(|_| Error::<T>::BadQuote)?;
 
-            // Get associated server info from staking pallet
-            let server_info = {
-                let stash_account = pallet_staking_extension::Pallet::<T>::threshold_to_stash(&who)
-                    .ok_or(Error::<T>::NoStashAccount)?;
-                pallet_staking_extension::Pallet::<T>::threshold_server(&stash_account)
-                    .ok_or(Error::<T>::NoServerInfo)?
-            };
+            // Get associated x25519 public key from staking pallet
+            let x25519_public_key =
+                T::KeyProvider::x25519_public_key(&who).ok_or(Error::<T>::NoX25519KeyForAccount)?;
 
             // Get current block number
             let block_number: u32 = {
@@ -165,7 +174,7 @@ pub mod pallet {
 
             // Check report input data matches the nonce, TSS details and block number
             let expected_input_data =
-                QuoteInputData::new(&who, server_info.x25519_public_key, nonce, block_number);
+                QuoteInputData::new(&who, x25519_public_key, nonce, block_number);
             ensure!(
                 quote.report_input_data() == expected_input_data.0,
                 Error::<T>::IncorrectInputData
@@ -177,21 +186,24 @@ pub mod pallet {
             let accepted_mrtd_values = pallet_parameters::Pallet::<T>::accepted_mrtd_values();
             ensure!(accepted_mrtd_values.contains(&mrtd_value), Error::<T>::BadMrtdValue);
 
+            let provisioning_certification_key =
+                T::KeyProvider::provisioning_key(&who).ok_or(Error::<T>::NoPCKForAccount)?;
+
             // Check that the attestation public key is signed with the PCK
             let provisioning_certification_key = decode_verifying_key(
-                &server_info
-                    .provisioning_certification_key
+                &provisioning_certification_key
                     .to_vec()
                     .try_into()
                     .map_err(|_| Error::<T>::CannotDecodeVerifyingKey)?,
             )
             .map_err(|_| Error::<T>::CannotDecodeVerifyingKey)?;
+
             quote
                 .verify_with_pck(provisioning_certification_key)
                 .map_err(|_| Error::<T>::PckVerification)?;
 
-            // Remove the entry from PendingAttestations
             PendingAttestations::<T>::remove(&who);
+            T::AttestationQueue::confirm_attestation(&who);
 
             // TODO #982 If anything fails, don't just return an error - do something mean
 
@@ -200,4 +212,37 @@ pub mod pallet {
             Ok(())
         }
     }
+
+    #[pallet::hooks]
+    impl<T: Config> Hooks<BlockNumberFor<T>> for Pallet<T> {
+        fn on_initialize(now: BlockNumberFor<T>) -> Weight {
+            let pending_validators = T::AttestationQueue::pending_attestations();
+            let num_pending_attestations = pending_validators.len() as u32;
+            let mut requests = AttestationRequests::<T>::get(now).unwrap_or_default();
+
+            for account_id in pending_validators {
+                let mut nonce = [0; 32];
+                Self::get_randomness().fill_bytes(&mut nonce[..]);
+                PendingAttestations::<T>::insert(&account_id, nonce);
+                requests.push(account_id.encode());
+            }
+
+            AttestationRequests::<T>::insert(now, requests);
+
+            <T as Config>::WeightInfo::on_initialize(num_pending_attestations)
+        }
+    }
+
+    impl<T: Config> Pallet<T> {
+        pub fn get_randomness() -> ChaCha20Rng {
+            let phrase = b"quote_creation";
+            // TODO: Is randomness freshness an issue here
+            // https://github.com/paritytech/substrate/issues/8312
+            let (seed, _) = T::Randomness::random(phrase);
+            // seed needs to be guaranteed to be 32 bytes.
+            let seed = <[u8; 32]>::decode(&mut TrailingZeroInput::new(seed.as_ref()))
+                .expect("input is padded with zeroes; qed");
+            ChaChaRng::from_seed(seed)
+        }
+    }
 }

pallets/attestation/src/mock.rs

@@ -70,6 +70,9 @@ frame_support::construct_runtime!(
 impl pallet_attestation::Config for Test {
     type RuntimeEvent = RuntimeEvent;
     type WeightInfo = ();
+    type Randomness = TestPastRandomness;
+    type KeyProvider = Staking;
+    type AttestationQueue = Staking;
 }
 
 parameter_types! {
@@ -309,12 +312,14 @@ impl Randomness<H256, BlockNumber> for TestPastRandomness {
 }
 parameter_types! {
   pub const MaxEndpointLength: u32 = 3;
+  pub const MaxPendingAttestations: u32 = 4;
 }
 impl pallet_staking_extension::Config for Test {
     type Currency = Balances;
     type MaxEndpointLength = MaxEndpointLength;
     type Randomness = TestPastRandomness;
     type RuntimeEvent = RuntimeEvent;
+    type MaxPendingAttestations = MaxPendingAttestations;
     type WeightInfo = ();
 }