diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d3c3031243..79a1bfbefa 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,7 +21,7 @@ name: General CI # - fmt # - set-condition # - parachain-build-dev -# - tee-build +# - identity-build # # [4] please note that job-level if `env` is not supported: # https://github.com/actions/runner/issues/1189 @@ -240,14 +240,18 @@ jobs: if: failure() uses: andymckay/cancel-action@0.5 - tee-clippy: + tee-check: runs-on: ubuntu-latest needs: - fmt - set-condition - sequentialise - if: needs.set-condition.outputs.rebuild_tee == 'true' container: "litentry/litentry-tee-dev:latest" + strategy: + matrix: + type: + - tee # TODO: switch to identity + - bitacross steps: - uses: actions/checkout@v4 @@ -256,136 +260,52 @@ jobs: sudo apt-get update && \ sudo apt-get install -yq openssl clang libclang-dev cmake protobuf-compiler - - name: Pallet unittests - working-directory: ./tee-worker - run: | - cargo test --release -p pallet-* --lib - cargo test --release -p lc-* --lib - cargo test --release -p litentry-primitives --lib - - - name: Tee-worker clippy - working-directory: ./tee-worker - run: | - echo "::group::cargo clippy no features" - cargo clippy --release -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy sidechain" - cargo clippy --release --features sidechain -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy evm" - cargo clippy --release --features evm -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy offchain-worker" - cargo clippy --release --features offchain-worker -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy development" - cargo clippy --release --features development -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy sidechain development" - cargo clippy --release --features sidechain,development -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy evm development" - cargo clippy --release --features evm,development -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy offchain-worker develpment" - cargo clippy --release --features offchain-worker,development -- -D warnings - echo "::endgroup::" + - name: Cargo test + working-directory: ./${{ matrix.type }}-worker + run: | + cargo test --release + + - name: Worker common clippy + working-directory: ./${{ matrix.type }}-worker + shell: bash + run: | + for d in . enclave-runtime; do + pushd "$d" + echo "::group::cargo clippy all" + cargo clippy --release -- -D warnings + echo "::endgroup::" + echo "::group::cargo clippy development" + cargo clippy --release --features development -- -D warnings + echo "::endgroup::" + echo "::group::cargo clippy offchain-worker" + cargo clippy --release --features offchain-worker -- -D warnings + echo "::group::cargo clippy offchain-worker,development" + cargo clippy --release --features offchain-worker,development -- -D warnings + echo "::endgroup::" + popd + done - - name: Clean up disk + - name: Identity-worker specific clippy + if: matrix.type == 'tee' working-directory: ./tee-worker - run: | - echo "::group::Show disk usage" - df -h . - echo "::endgroup::" - cargo clean --profile release - echo "::group::Show disk usage" - df -h . - echo "::endgroup::" - - - name: Tee-enclave clippy - working-directory: ./tee-worker/enclave-runtime - run: | - echo "::group::cargo clippy no features" - cargo clippy --release -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy sidechain" - cargo clippy --release --features sidechain -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy offchain-worker" - cargo clippy --release --features offchain-worker -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy development" - cargo clippy --release --features development -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy sidechain development" - cargo clippy --release --features sidechain,development -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy evm development" - cargo clippy --release --features evm,development -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy offchain-worker develpment" - cargo clippy --release --features offchain-worker,development -- -D warnings - echo "::endgroup::" - - - name: Fail early - if: failure() - uses: andymckay/cancel-action@0.5 - - bitacross-clippy: - runs-on: ubuntu-latest - needs: - - fmt - - set-condition - - sequentialise - if: needs.set-condition.outputs.rebuild_bitacross == 'true' - # todo: we might want to change this image in the future - container: "litentry/litentry-tee-dev:latest" - steps: - - uses: actions/checkout@v4 - - - name: Install dependencies - run: | - sudo apt-get update && \ - sudo apt-get install -yq openssl clang libclang-dev cmake protobuf-compiler - - - name: bitacross-worker clippy - working-directory: ./bitacross-worker - run: | - echo "::group::cargo clippy all" - cargo clippy --release -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy offchain-worker" - cargo clean --profile release - cargo clippy --release --features offchain-worker -- -D warnings - echo "::group::cargo clippy offchain-worker,development" - cargo clean --profile release - cargo clippy --release --features offchain-worker,development -- -D warnings - echo "::endgroup::" - - - name: Clean up disk - working-directory: ./bitacross-worker - run: | - echo "::group::Show disk usage" - df -h . - echo "::endgroup::" - cargo clean --profile release - echo "::group::Show disk usage" - df -h . - echo "::endgroup::" - - - name: bitacross-enclave clippy - working-directory: ./bitacross-worker/enclave-runtime - run: | - echo "::group::cargo clippy all" - cargo clippy --release -- -D warnings - echo "::endgroup::" - echo "::group::cargo clippy offchain-worker" - cargo clean --profile release - cargo clippy --release --features offchain-worker -- -D warnings - echo "::group::cargo clippy offchain-worker,development" - cargo clean --profile release - cargo clippy --release --features offchain-worker,development -- -D warnings - echo "::endgroup::" + shell: bash + run: | + for d in . enclave-runtime; do + pushd "$d" + echo "::group::cargo clippy sidechain" + cargo clippy --release --features sidechain -- -D warnings + echo "::endgroup::" + echo "::group::cargo clippy evm" + cargo clippy --release --features evm -- -D warnings + echo "::endgroup::" + echo "::group::cargo clippy sidechain development" + cargo clippy --release --features sidechain,development -- -D warnings + echo "::endgroup::" + echo "::group::cargo clippy evm development" + cargo clippy --release --features evm,development -- -D warnings + echo "::endgroup::" + popd + done - name: Fail early if: failure() @@ -438,7 +358,7 @@ jobs: if: failure() uses: andymckay/cancel-action@0.5 - tee-build: + identity-build: runs-on: ubuntu-latest needs: - fmt @@ -706,12 +626,12 @@ jobs: if: failure() uses: andymckay/cancel-action@0.5 - tee-single-worker-test: + identity-single-worker-test: runs-on: ubuntu-latest needs: - set-condition - parachain-build-dev - - tee-build + - identity-build strategy: fail-fast: false matrix: @@ -793,13 +713,13 @@ jobs: if-no-files-found: ignore retention-days: 3 - tee-multi-worker-test: + identity-multi-worker-test: runs-on: ubuntu-latest continue-on-error: true needs: - set-condition - parachain-build-dev - - tee-build + - identity-build strategy: fail-fast: false matrix: @@ -882,7 +802,7 @@ jobs: # # Only try to push docker image when # - parachain-ts-test passes - # - tee-single-worker-test passes + # - identity-single-worker-test passes # - set-condition.outputs.push_docker is `true` # Whether the parachain or tee-worker image will actually be pushed still depends on if a new image was built/rebuilt. # This is important not to overwrite any other jobs where a rebuild **was** triggered. @@ -896,7 +816,7 @@ jobs: needs: - set-condition - parachain-ts-test - - tee-single-worker-test + - identity-single-worker-test if: ${{ !failure() && needs.set-condition.outputs.push_docker == 'true' }} steps: - uses: actions/download-artifact@v4 diff --git a/bitacross-worker/bitacross/core/bc-musig2-runner/src/lib.rs b/bitacross-worker/bitacross/core/bc-musig2-runner/src/lib.rs index 704a0278d4..87fbe87b63 100644 --- a/bitacross-worker/bitacross/core/bc-musig2-runner/src/lib.rs +++ b/bitacross-worker/bitacross/core/bc-musig2-runner/src/lib.rs @@ -320,7 +320,7 @@ pub fn init_ceremonies_thread>( debug!("Ceremony {:?} not found, saving events...", ceremony_id); let mut commands = ceremony_commands.lock().unwrap(); // ~1 minute (1 tick ~ 1 s) - let ceremony_tick_to_live = 60; + let ceremony_tick_to_live = 60_000; let command = PendingCeremonyCommand { ticks_left: ceremony_tick_to_live, command: CeremonyCommand::SaveNonce(*address.as_ref(), nonce), @@ -90,11 +90,11 @@ pub fn handle>( pub mod test { use crate::handler::nonce_share::{handle, NonceShareError, SchnorrPair}; use alloc::sync::Arc; - use bc_enclave_registry::{EnclaveRegistry, EnclaveRegistryLookup, EnclaveRegistryUpdater}; + use bc_enclave_registry::{EnclaveRegistry, EnclaveRegistryUpdater}; use bc_musig2_ceremony::{CeremonyCommandsRegistry, CeremonyRegistry, SignBitcoinPayload}; use codec::alloc::sync::Mutex; use itp_sgx_crypto::{key_repository::AccessKey, Error}; - use parentchain_primitives::{Address32, Identity}; + use parentchain_primitives::Identity; use sp_core::{sr25519, Pair}; struct SignerAccess {} @@ -116,7 +116,8 @@ pub mod test { let ceremony_registry = Arc::new(Mutex::new(CeremonyRegistry::::new())); let ceremony_commands_registry = Arc::new(Mutex::new(CeremonyCommandsRegistry::new())); let enclave_registry = Arc::new(EnclaveRegistry::default()); - enclave_registry.update(alice_key_pair.public().into(), "localhost:2000".to_string()); + let _ = + enclave_registry.update(alice_key_pair.public().into(), "localhost:2000".to_string()); // when let result = handle( diff --git a/bitacross-worker/litentry/core/direct-call/src/handler/partial_signature_share.rs b/bitacross-worker/litentry/core/direct-call/src/handler/partial_signature_share.rs index 94dabffe65..3880aadeac 100644 --- a/bitacross-worker/litentry/core/direct-call/src/handler/partial_signature_share.rs +++ b/bitacross-worker/litentry/core/direct-call/src/handler/partial_signature_share.rs @@ -76,7 +76,7 @@ pub mod test { }; use alloc::sync::Arc; use bc_enclave_registry::{EnclaveRegistry, EnclaveRegistryUpdater}; - use bc_musig2_ceremony::{CeremonyCommandsRegistry, CeremonyRegistry, SignBitcoinPayload}; + use bc_musig2_ceremony::{CeremonyRegistry, SignBitcoinPayload}; use codec::alloc::sync::Mutex; use itp_sgx_crypto::{key_repository::AccessKey, Error}; use parentchain_primitives::Identity; @@ -100,7 +100,8 @@ pub mod test { let ceremony_id = SignBitcoinPayload::Derived(vec![]); let ceremony_registry = Arc::new(Mutex::new(CeremonyRegistry::::new())); let enclave_registry = Arc::new(EnclaveRegistry::default()); - enclave_registry.update(alice_key_pair.public().into(), "localhost:2000".to_string()); + let _ = + enclave_registry.update(alice_key_pair.public().into(), "localhost:2000".to_string()); // when let result = handle( diff --git a/bitacross-worker/litentry/core/direct-call/src/handler/sign_bitcoin.rs b/bitacross-worker/litentry/core/direct-call/src/handler/sign_bitcoin.rs index 07dfbdc026..b5635938ee 100644 --- a/bitacross-worker/litentry/core/direct-call/src/handler/sign_bitcoin.rs +++ b/bitacross-worker/litentry/core/direct-call/src/handler/sign_bitcoin.rs @@ -51,8 +51,8 @@ pub fn handle< ) -> Result<(), SignBitcoinError> { if relayer_registry.contains_key(signer) { let mut registry = ceremony_registry.lock().map_err(|_| SignBitcoinError::CeremonyError)?; - // ~1 minute (1 tick ~ 1 s) - let ceremony_tick_to_live = 60; + // ~1 minute (1 tick ~ 1 ms) + let ceremony_tick_to_live = 60_000; let signers: Result = signer_registry .get_all() @@ -99,17 +99,14 @@ pub mod test { use bc_relayer_registry::{RelayerRegistry, RelayerRegistryUpdater}; use bc_signer_registry::{PubKey, SignerRegistryLookup}; use codec::alloc::sync::Mutex; - use itp_sgx_crypto::{ - key_repository::AccessKey, mocks::KeyRepositoryMock, schnorr::Pair as SchnorrPair, Error, - }; - use k256::elliptic_curve::{rand_core, PublicKey}; + use itp_sgx_crypto::{key_repository::AccessKey, schnorr::Pair as SchnorrPair, Error}; use parentchain_primitives::{Address32, Identity}; use sp_core::{sr25519, Pair}; struct SignersRegistryMock {} impl SignerRegistryLookup for SignersRegistryMock { - fn contains_key(&self, account: &Address32) -> bool { + fn contains_key(&self, _account: &Address32) -> bool { true } diff --git a/tee-worker/litentry/core/assertion-build/src/dynamic/contracts/token_holding_amount/TokenHoldingAmount.sol b/tee-worker/litentry/core/assertion-build/src/dynamic/contracts/token_holding_amount/TokenHoldingAmount.sol index 4458c8453a..ebaa5f627e 100644 --- a/tee-worker/litentry/core/assertion-build/src/dynamic/contracts/token_holding_amount/TokenHoldingAmount.sol +++ b/tee-worker/litentry/core/assertion-build/src/dynamic/contracts/token_holding_amount/TokenHoldingAmount.sol @@ -23,6 +23,7 @@ import "../libraries/AssertionLogic.sol"; import "../libraries/Identities.sol"; import "../DynamicAssertion.sol"; abstract contract TokenHoldingAmount is DynamicAssertion { + uint256 constant decimals_factor = 1000; function execute( Identity[] memory identities, string[] memory secrets,