Implementing OmniAccount related native calls in the omni-executor (#…

…3250)

common/primitives/core/src/omni_account.rs

@@ -65,3 +65,13 @@ impl OmniAccountConverter for DefaultOmniAccountConverter {
         identity.to_omni_account()
     }
 }
+
+// This type must be kept in sync with the `Permission` type used in the runtime.
+#[derive(Encode, Decode, Clone, Debug, PartialEq, Eq)]
+pub enum OmniAccountPermission {
+    All,
+    AccountManagement,
+    RequestNativeIntent,
+    RequestEthereumIntent,
+    RequestSolanaIntent,
+}

tee-worker/omni-executor/Makefile

@@ -80,7 +80,7 @@ stop-local:
 
 .PHONY: get-metadata
 get-metadata:
-	subxt metadata --url http://localhost:9944 --allow-insecure --pallets OmniAccount,Teebag > parentchain/api-interface/artifacts/metadata.scale
+	subxt metadata --url http://localhost:9944 --allow-insecure --pallets System,Balances,OmniAccount,Teebag > parentchain/api-interface/artifacts/metadata.scale
 
 .PHONY: generate-api-interface
 generate-api-interface: get-metadata

tee-worker/omni-executor/executor-core/src/native_call.rs

@@ -1,19 +1,30 @@
-use executor_primitives::Identity;
+use executor_primitives::{intent::Intent, Identity, OmniAccountPermission, ValidationData};
 use heima_authentication::auth_token::AuthOptions;
 use parity_scale_codec::{Decode, Encode};
+use std::vec::Vec;
 
 #[derive(Encode, Decode, Clone, Debug, PartialEq, Eq)]
 #[allow(non_camel_case_types)]
 pub enum NativeCall {
 	request_auth_token(Identity, AuthOptions),
-	noop(Identity),
+	request_intent(Identity, Intent),
+	create_account_store(Identity),
+	add_account(Identity, Identity, ValidationData, bool, Option<Vec<OmniAccountPermission>>),
+	remove_accounts(Identity, Vec<Identity>),
+	publicize_account(Identity, Identity),
+	set_permissions(Identity, Identity, Vec<OmniAccountPermission>),
 }
 
 impl NativeCall {
 	pub fn sender_identity(&self) -> &Identity {
 		match self {
 			NativeCall::request_auth_token(sender_identity, ..) => sender_identity,
-			NativeCall::noop(sender_identity) => sender_identity,
+			NativeCall::request_intent(sender_identity, ..) => sender_identity,
+			NativeCall::create_account_store(sender_identity) => sender_identity,
+			NativeCall::add_account(sender_identity, ..) => sender_identity,
+			NativeCall::remove_accounts(sender_identity, ..) => sender_identity,
+			NativeCall::publicize_account(sender_identity, ..) => sender_identity,
+			NativeCall::set_permissions(sender_identity, ..) => sender_identity,
 		}
 	}
 

tee-worker/omni-executor/executor-primitives/src/lib.rs

@@ -14,18 +14,23 @@
 // You should have received a copy of the GNU General Public License
 // along with Litentry.  If not, see <https://www.gnu.org/licenses/>.
 
+mod validation_data;
+pub use validation_data::{
+	DiscordValidationData, TwitterValidationData, ValidationData, Web2ValidationData,
+	Web3ValidationData,
+};
+
 pub mod signature;
 pub mod utils;
 pub use heima_primitives::{
-	omni_account::{MemberAccount, OmniAccountAuthType},
-	AccountId, BlockNumber, Hash, Identity, Nonce, Web2IdentityType,
+	intent,
+	omni_account::{MemberAccount, OmniAccountAuthType, OmniAccountPermission},
+	AccountId, BlockNumber, Hash, Identity, Nonce, ShardIdentifier, Web2IdentityType,
 };
+use std::fmt::Debug;
 
 pub type MrEnclave = Hash;
 
-use parity_scale_codec::{Decode, Encode};
-use std::fmt::Debug;
-
 pub trait GetEventId<Id> {
 	fn get_event_id(&self) -> Id;
 }
@@ -68,21 +73,3 @@ impl GetEventId<EventId> for BlockEvent {
 		self.id.clone()
 	}
 }
-
-pub trait TryFromSubxtType<T: Encode>: Sized {
-	fn try_from_subxt_type(t: T) -> Result<Self, ()>;
-}
-
-impl<T: Encode> TryFromSubxtType<T> for Identity {
-	fn try_from_subxt_type(t: T) -> Result<Self, ()> {
-		let bytes = t.encode();
-		Identity::decode(&mut &bytes[..]).map_err(|_| ())
-	}
-}
-
-impl<T: Encode> TryFromSubxtType<T> for MemberAccount {
-	fn try_from_subxt_type(t: T) -> Result<Self, ()> {
-		let bytes = t.encode();
-		MemberAccount::decode(&mut &bytes[..]).map_err(|_| ())
-	}
-}

tee-worker/omni-executor/executor-primitives/src/validation_data.rs

@@ -0,0 +1,121 @@
+// Copyright 2020-2024 Trust Computing GmbH.
+// This file is part of Litentry.
+//
+// Litentry is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Litentry is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Litentry.  If not, see <https://www.gnu.org/licenses/>.
+
+use crate::signature::HeimaMultiSignature;
+use parity_scale_codec::{Decode, Encode, MaxEncodedLen};
+use scale_info::TypeInfo;
+use serde::{Deserialize, Serialize};
+use sp_core::{bounded_vec::BoundedVec, ConstU32};
+
+// The size limit value should be 128 otherwise the message size will exceed the limit while link identity.
+pub type ValidationString = BoundedVec<u8, ConstU32<128>>;
+
+#[derive(
+	Serialize, Deserialize, Encode, Decode, Clone, Debug, PartialEq, Eq, TypeInfo, MaxEncodedLen,
+)]
+pub enum TwitterValidationData {
+	PublicTweet { tweet_id: ValidationString },
+	OAuth2 { code: ValidationString, state: ValidationString, redirect_uri: ValidationString },
+}
+
+#[derive(
+	Serialize, Deserialize, Encode, Decode, Clone, Debug, PartialEq, Eq, TypeInfo, MaxEncodedLen,
+)]
+pub enum DiscordValidationData {
+	PublicMessage {
+		channel_id: ValidationString,
+		message_id: ValidationString,
+		guild_id: ValidationString,
+	},
+	OAuth2 {
+		code: ValidationString,
+		redirect_uri: ValidationString,
+	},
+}
+
+#[derive(
+	Serialize, Deserialize, Encode, Decode, Clone, Debug, PartialEq, Eq, TypeInfo, MaxEncodedLen,
+)]
+pub struct EmailValidationData {
+	pub email: ValidationString,
+	pub verification_code: ValidationString,
+}
+
+#[derive(
+	Serialize, Deserialize, Encode, Decode, Clone, Debug, PartialEq, Eq, TypeInfo, MaxEncodedLen,
+)]
+pub struct Web3CommonValidationData {
+	pub message: ValidationString, // or String if under std
+	pub signature: HeimaMultiSignature,
+}
+
+#[derive(
+	Serialize, Deserialize, Encode, Decode, Clone, Debug, PartialEq, Eq, TypeInfo, MaxEncodedLen,
+)]
+#[allow(non_camel_case_types)]
+pub enum Web2ValidationData {
+	#[codec(index = 0)]
+	Twitter(TwitterValidationData),
+	#[codec(index = 1)]
+	Discord(DiscordValidationData),
+	#[codec(index = 2)]
+	Email(EmailValidationData),
+}
+
+#[derive(
+	Serialize, Deserialize, Encode, Decode, Clone, Debug, PartialEq, Eq, TypeInfo, MaxEncodedLen,
+)]
+#[allow(non_camel_case_types)]
+pub enum Web3ValidationData {
+	#[codec(index = 0)]
+	Substrate(Web3CommonValidationData),
+	#[codec(index = 1)]
+	Evm(Web3CommonValidationData),
+	#[codec(index = 2)]
+	Bitcoin(Web3CommonValidationData),
+	#[codec(index = 3)]
+	Solana(Web3CommonValidationData),
+}
+
+impl Web3ValidationData {
+	pub fn message(&self) -> &ValidationString {
+		match self {
+			Self::Substrate(data) => &data.message,
+			Self::Evm(data) => &data.message,
+			Self::Bitcoin(data) => &data.message,
+			Self::Solana(data) => &data.message,
+		}
+	}
+
+	pub fn signature(&self) -> &HeimaMultiSignature {
+		match self {
+			Self::Substrate(data) => &data.signature,
+			Self::Evm(data) => &data.signature,
+			Self::Bitcoin(data) => &data.signature,
+			Self::Solana(data) => &data.signature,
+		}
+	}
+}
+
+#[derive(
+	Serialize, Deserialize, Encode, Decode, Clone, Debug, PartialEq, Eq, TypeInfo, MaxEncodedLen,
+)]
+pub enum ValidationData {
+	#[codec(index = 0)]
+	Web2(Web2ValidationData),
+	#[codec(index = 1)]
+	Web3(Web3ValidationData),
+}

tee-worker/omni-executor/executor-storage/src/lib.rs

@@ -8,12 +8,13 @@ mod oauth2_state_verifier;
 pub use oauth2_state_verifier::OAuth2StateVerifierStorage;
 
 use executor_crypto::hashing::{blake2_128, twox_128};
-use executor_primitives::{AccountId, MemberAccount, TryFromSubxtType};
+use executor_primitives::{AccountId, MemberAccount};
 use frame_support::sp_runtime::traits::BlakeTwo256;
 use frame_support::storage::storage_prefix;
 use parentchain_api_interface::omni_account::storage::types::account_store::AccountStore;
 use parentchain_rpc_client::{
 	CustomConfig, SubstrateRpcClient, SubstrateRpcClientFactory, SubxtClient, SubxtClientFactory,
+	ToPrimitiveType,
 };
 use parity_scale_codec::Decode;
 use rocksdb::DB;
@@ -87,7 +88,7 @@ async fn init_omni_account_storages(
 					log::error!("Could not get storage proof by keys: {:?}", e);
 				})?;
 		let header = match client.get_last_finalized_header().await {
-			Ok(Some(header)) => header,
+			Ok(header) => header,
 			_ => {
 				log::error!("Could not get last finalized header");
 				return Err(());
@@ -132,10 +133,7 @@ async fn init_omni_account_storages(
 							log::error!("Error decoding account store: {:?}", e);
 						})?;
 					for member in account_store.0.iter() {
-						let member_account =
-							MemberAccount::try_from_subxt_type(member).map_err(|e| {
-								log::error!("Error decoding member account: {:?}", e);
-							})?;
+						let member_account: MemberAccount = member.to_primitive_type();
 						member_omni_account_storage
 							.insert(member_account.hash(), omni_account.clone())
 							.map_err(|e| {

tee-worker/omni-executor/executor-worker/src/cli.rs

@@ -28,7 +28,14 @@ pub struct RunArgs {
 		default_value = "local/keystore/substrate_alice.bin",
 		value_name = "keystore file path"
 	)]
-	pub keystore_path: String,
+	pub substrate_keystore_path: String,
+	#[arg(
+		short,
+		long,
+		default_value = "local/keystore/aes_256_key.bin",
+		value_name = "Aes256 keystore file path"
+	)]
+	pub aes256_key_store_path: String,
 	#[arg(
 		short,
 		long,
@@ -46,5 +53,5 @@ pub struct GenKeyArgs {
 		default_value = "local/keystore/substrate_alice.bin",
 		value_name = "keystore file path"
 	)]
-	pub keystore_path: String,
+	pub substrate_keystore_path: String,
 }