Refactor admin in teerex and VCMP (#1584)

* rename to admin

* update runtime

* fix tests

* change call_index

* try to add genesis config

* update ts-test

* slightly adjust default weight

* fix genesis

* fix clippy

* Revert "update ts-test"

This reverts commit 686dc31.

node/src/chain_specs/litmus.rs

@@ -19,7 +19,7 @@ use cumulus_primitives_core::ParaId;
 use litmus_parachain_runtime::{
 	AccountId, AuraId, Balance, BalancesConfig, CollatorSelectionConfig, CouncilMembershipConfig,
 	GenesisConfig, ParachainInfoConfig, PolkadotXcmConfig, SessionConfig, SystemConfig,
-	TechnicalCommitteeMembershipConfig, TeerexConfig, UNIT, WASM_BINARY,
+	TechnicalCommitteeMembershipConfig, TeerexConfig, VCManagementConfig, UNIT, WASM_BINARY,
 };
 use sc_service::ChainType;
 use sc_telemetry::TelemetryEndpoints;
@@ -237,7 +237,8 @@ fn generate_genesis(
 		aura_ext: Default::default(),
 		parachain_system: Default::default(),
 		polkadot_xcm: PolkadotXcmConfig { safe_xcm_version: Some(SAFE_XCM_VERSION) },
-		teerex: TeerexConfig { allow_sgx_debug_mode: true },
+		teerex: TeerexConfig { allow_sgx_debug_mode: true, admin: None },
+		vc_management: VCManagementConfig { admin: None },
 		transaction_payment: Default::default(),
 		tokens: Default::default(),
 	}

node/src/chain_specs/rococo.rs

@@ -19,7 +19,8 @@ use cumulus_primitives_core::ParaId;
 use rococo_parachain_runtime::{
 	AccountId, AuraId, Balance, BalancesConfig, CouncilMembershipConfig, GenesisConfig,
 	ParachainInfoConfig, ParachainStakingConfig, PolkadotXcmConfig, SessionConfig, SudoConfig,
-	SystemConfig, TechnicalCommitteeMembershipConfig, TeerexConfig, UNIT, WASM_BINARY,
+	SystemConfig, TechnicalCommitteeMembershipConfig, TeerexConfig, VCManagementConfig, UNIT,
+	WASM_BINARY,
 };
 use sc_service::ChainType;
 use sc_telemetry::TelemetryEndpoints;
@@ -199,7 +200,7 @@ fn generate_genesis(
 			code: WASM_BINARY.expect("WASM binary was not build, please build it!").to_vec(),
 		},
 		balances: BalancesConfig { balances: endowed_accounts },
-		sudo: SudoConfig { key: Some(root_key) },
+		sudo: SudoConfig { key: Some(root_key.clone()) },
 		parachain_info: ParachainInfoConfig { parachain_id: id },
 		parachain_staking: ParachainStakingConfig {
 			candidates: invulnerables.iter().cloned().map(|(acc, _)| (acc, 50 * UNIT)).collect(),
@@ -235,7 +236,9 @@ fn generate_genesis(
 		aura_ext: Default::default(),
 		parachain_system: Default::default(),
 		polkadot_xcm: PolkadotXcmConfig { safe_xcm_version: Some(SAFE_XCM_VERSION) },
-		teerex: TeerexConfig { allow_sgx_debug_mode: true },
+		// use sudo key as genesis admin for teerex and VCMP
+		teerex: TeerexConfig { allow_sgx_debug_mode: true, admin: Some(root_key.clone()) },
+		vc_management: VCManagementConfig { admin: Some(root_key) },
 		transaction_payment: Default::default(),
 		tokens: Default::default(),
 	}

pallets/identity-management/src/lib.rs

@@ -64,7 +64,7 @@ pub mod pallet {
 		type WeightInfo: WeightInfo;
 		// some extrinsics should only be called by origins from TEE
 		type TEECallOrigin: EnsureOrigin<Self::RuntimeOrigin>;
-		/// origin to manage authorised delegatee list
+		// origin to manage authorised delegatee list
 		type DelegateeAdminOrigin: EnsureOrigin<Self::RuntimeOrigin>;
 		// origin that is allowed to call extrinsics
 		type ExtrinsicWhitelistOrigin: EnsureOrigin<Self::RuntimeOrigin, Success = Self::AccountId>;
@@ -256,7 +256,7 @@ pub mod pallet {
 		/// ---------------------------------------------------
 		/// The following extrinsics are supposed to be called by TEE only
 		/// ---------------------------------------------------
-		#[pallet::call_index(6)]
+		#[pallet::call_index(30)]
 		#[pallet::weight(195_000_000)]
 		pub fn user_shielding_key_set(
 			origin: OriginFor<T>,
@@ -268,7 +268,7 @@ pub mod pallet {
 			Ok(Pays::No.into())
 		}
 
-		#[pallet::call_index(7)]
+		#[pallet::call_index(31)]
 		#[pallet::weight(195_000_000)]
 		pub fn identity_created(
 			origin: OriginFor<T>,
@@ -282,7 +282,7 @@ pub mod pallet {
 			Ok(Pays::No.into())
 		}
 
-		#[pallet::call_index(8)]
+		#[pallet::call_index(32)]
 		#[pallet::weight(195_000_000)]
 		pub fn identity_removed(
 			origin: OriginFor<T>,
@@ -295,7 +295,7 @@ pub mod pallet {
 			Ok(Pays::No.into())
 		}
 
-		#[pallet::call_index(9)]
+		#[pallet::call_index(33)]
 		#[pallet::weight(195_000_000)]
 		pub fn identity_verified(
 			origin: OriginFor<T>,
@@ -314,7 +314,7 @@ pub mod pallet {
 			Ok(Pays::No.into())
 		}
 
-		#[pallet::call_index(10)]
+		#[pallet::call_index(34)]
 		#[pallet::weight(195_000_000)]
 		pub fn some_error(
 			origin: OriginFor<T>,

pallets/identity-management/src/mock.rs

@@ -129,7 +129,7 @@ impl pallet_teerex::Config for Test {
 	type Currency = Balances;
 	type MomentsPerDay = MomentsPerDay;
 	type WeightInfo = ();
-	type SetEnclaveAdminOrigin = EnsureRoot<Self::AccountId>;
+	type SetAdminOrigin = EnsureRoot<Self::AccountId>;
 }
 
 impl pallet_identity_management::Config for Test {

pallets/sidechain/src/mock.rs

@@ -131,7 +131,7 @@ impl pallet_teerex::Config for Test {
 	type Currency = Balances;
 	type MomentsPerDay = MomentsPerDay;
 	type WeightInfo = ();
-	type SetEnclaveAdminOrigin = EnsureRoot<Self::AccountId>;
+	type SetAdminOrigin = EnsureRoot<Self::AccountId>;
 }
 
 parameter_types! {
@@ -152,7 +152,7 @@ pub fn new_test_ext() -> sp_io::TestExternalities {
 	}
 	.assimilate_storage(&mut t)
 	.unwrap();
-	let teerex_config = pallet_teerex::GenesisConfig { allow_sgx_debug_mode: true };
+	let teerex_config = pallet_teerex::GenesisConfig { allow_sgx_debug_mode: true, admin: None };
 	GenesisBuild::<Test>::assimilate_storage(&teerex_config, &mut t).unwrap();
 
 	let mut ext: sp_io::TestExternalities = t.into();

pallets/teeracle/src/benchmarking.rs

@@ -50,7 +50,7 @@ benchmarks! {
 		let rate = U32F32::from_num(43.65);
 		let data_source: DataSource = "https://api.coingecko.com".into();
 
-		Teerex::<T>::set_enclave_admin(
+		Teerex::<T>::set_admin(
 			RawOrigin::Root.into(),
 			signer.clone(),
 		).unwrap();
@@ -92,7 +92,7 @@ benchmarks! {
 		let oracle_blob: crate::OracleDataBlob<T> =
 			vec![1].try_into().expect("Can Convert to OracleDataBlob<T>; QED");
 
-		Teerex::<T>::set_enclave_admin(
+		Teerex::<T>::set_admin(
 			RawOrigin::Root.into(),
 			signer.clone(),
 		).unwrap();

pallets/teeracle/src/mock.rs

@@ -131,7 +131,7 @@ impl pallet_teerex::Config for Test {
 	type Currency = Balances;
 	type MomentsPerDay = MomentsPerDay;
 	type WeightInfo = ();
-	type SetEnclaveAdminOrigin = EnsureRoot<Self::AccountId>;
+	type SetAdminOrigin = EnsureRoot<Self::AccountId>;
 }
 
 impl Config for Test {
@@ -150,7 +150,7 @@ pub fn new_test_ext() -> sp_io::TestExternalities {
 	}
 	.assimilate_storage(&mut t)
 	.unwrap();
-	let teerex_config = pallet_teerex::GenesisConfig { allow_sgx_debug_mode: true };
+	let teerex_config = pallet_teerex::GenesisConfig { allow_sgx_debug_mode: true, admin: None };
 	GenesisBuild::<Test>::assimilate_storage(&teerex_config, &mut t).unwrap();
 
 	let mut ext: sp_io::TestExternalities = t.into();

pallets/teerex/src/benchmarking.rs

@@ -76,7 +76,7 @@ benchmarks! {
 		timestamp::Pallet::<T>::set_timestamp(TEST4_SETUP.timestamp.checked_into().unwrap());
 		let signer: T::AccountId = get_signer(TEST4_SETUP.signer_pub);
 
-		Teerex::<T>::set_enclave_admin(
+		Teerex::<T>::set_admin(
 			RawOrigin::Root.into(),
 			signer.clone(),
 		).unwrap();

pallets/teerex/src/lib.rs

@@ -77,13 +77,13 @@ pub mod pallet {
 		type MomentsPerDay: Get<Self::Moment>;
 		type WeightInfo: WeightInfo;
 		/// The origin who can set the admin account
-		type SetEnclaveAdminOrigin: EnsureOrigin<Self::RuntimeOrigin>;
+		type SetAdminOrigin: EnsureOrigin<Self::RuntimeOrigin>;
 	}
 
 	#[pallet::event]
 	#[pallet::generate_deposit(pub(super) fn deposit_event)]
 	pub enum Event<T: Config> {
-		EnclaveAdminChanged {
+		AdminChanged {
 			old_admin: Option<T::AccountId>,
 		},
 		AddedEnclave(T::AccountId, Vec<u8>),
@@ -104,8 +104,8 @@ pub mod pallet {
 	}
 
 	#[pallet::storage]
-	#[pallet::getter(fn enclave_admin)]
-	pub type EnclaveAdmin<T: Config> = StorageValue<_, T::AccountId, OptionQuery>;
+	#[pallet::getter(fn admin)]
+	pub type Admin<T: Config> = StorageValue<_, T::AccountId, OptionQuery>;
 
 	// Watch out: we start indexing with 1 instead of zero in order to
 	// avoid ambiguity between Null and 0.
@@ -146,7 +146,7 @@ pub mod pallet {
 	}
 
 	// keep track of a list of scheduled/allowed enchalves, mainly used for enclave updates,
-	// can only be modified by EnclaveAdminOrigin
+	// can only be modified by AdminOrigin
 	// sidechain_block_number -> expected MrEnclave
 	//
 	// about the first time enclave registration:
@@ -168,15 +168,25 @@ pub mod pallet {
 		StorageValue<_, T::Moment, ValueQuery, HeartbeatTimeoutDefault<T>>;
 
 	#[pallet::genesis_config]
-	#[cfg_attr(feature = "std", derive(Default))]
-	pub struct GenesisConfig {
+	pub struct GenesisConfig<T: Config> {
 		pub allow_sgx_debug_mode: bool,
+		pub admin: Option<T::AccountId>,
+	}
+
+	#[cfg(feature = "std")]
+	impl<T: Config> Default for GenesisConfig<T> {
+		fn default() -> Self {
+			Self { allow_sgx_debug_mode: false, admin: None }
+		}
 	}
 
 	#[pallet::genesis_build]
-	impl<T: Config> GenesisBuild<T> for GenesisConfig {
+	impl<T: Config> GenesisBuild<T> for GenesisConfig<T> {
 		fn build(&self) {
 			AllowSGXDebugMode::<T>::put(self.allow_sgx_debug_mode);
+			if let Some(ref admin) = self.admin {
+				Admin::<T>::put(admin);
+			}
 		}
 	}
 
@@ -385,13 +395,13 @@ pub mod pallet {
 		}
 
 		#[pallet::call_index(6)]
-		#[pallet::weight((1000, DispatchClass::Normal, Pays::No))]
+		#[pallet::weight((195_000_000, DispatchClass::Normal, Pays::No))]
 		pub fn set_heartbeat_timeout(
 			origin: OriginFor<T>,
 			timeout: u64,
 		) -> DispatchResultWithPostInfo {
 			let sender = ensure_signed(origin)?;
-			ensure!(Some(sender) == Self::enclave_admin(), Error::<T>::RequireAdmin);
+			ensure!(Some(sender) == Self::admin(), Error::<T>::RequireAdmin);
 			<HeartbeatTimeout<T>>::put(T::Moment::saturated_from(timeout));
 			Self::deposit_event(Event::SetHeartbeatTimeout(timeout));
 			Ok(().into())
@@ -455,14 +465,14 @@ pub mod pallet {
 		}
 
 		#[pallet::call_index(8)]
-		#[pallet::weight((1000, DispatchClass::Normal, Pays::No))]
+		#[pallet::weight((195_000_000, DispatchClass::Normal, Pays::No))]
 		pub fn update_scheduled_enclave(
 			origin: OriginFor<T>,
 			sidechain_block_number: SidechainBlockNumber,
 			mr_enclave: MrEnclave,
 		) -> DispatchResultWithPostInfo {
 			let sender = ensure_signed(origin)?;
-			ensure!(Some(sender) == Self::enclave_admin(), Error::<T>::RequireAdmin);
+			ensure!(Some(sender) == Self::admin(), Error::<T>::RequireAdmin);
 			ScheduledEnclave::<T>::insert(sidechain_block_number, mr_enclave);
 			Self::deposit_event(Event::UpdatedScheduledEnclave(sidechain_block_number, mr_enclave));
 			Ok(().into())
@@ -486,13 +496,13 @@ pub mod pallet {
 		}
 
 		#[pallet::call_index(10)]
-		#[pallet::weight((1000, DispatchClass::Normal, Pays::No))]
+		#[pallet::weight((195_000_000, DispatchClass::Normal, Pays::No))]
 		pub fn remove_scheduled_enclave(
 			origin: OriginFor<T>,
 			sidechain_block_number: SidechainBlockNumber,
 		) -> DispatchResultWithPostInfo {
 			let sender = ensure_signed(origin)?;
-			ensure!(Some(sender) == Self::enclave_admin(), Error::<T>::RequireAdmin);
+			ensure!(Some(sender) == Self::admin(), Error::<T>::RequireAdmin);
 			ensure!(
 				ScheduledEnclave::<T>::contains_key(sidechain_block_number),
 				Error::<T>::ScheduledEnclaveNotExist
@@ -555,14 +565,11 @@ pub mod pallet {
 		/// Change the admin account
 		/// similar to sudo.set_key, the old account will be supplied in event
 		#[pallet::call_index(13)]
-		#[pallet::weight((1000, DispatchClass::Normal, Pays::No))]
-		pub fn set_enclave_admin(
-			origin: OriginFor<T>,
-			new: T::AccountId,
-		) -> DispatchResultWithPostInfo {
-			T::SetEnclaveAdminOrigin::ensure_origin(origin)?;
-			Self::deposit_event(Event::EnclaveAdminChanged { old_admin: Self::enclave_admin() });
-			<EnclaveAdmin<T>>::put(new);
+		#[pallet::weight((195_000_000, DispatchClass::Normal, Pays::No))]
+		pub fn set_admin(origin: OriginFor<T>, new: T::AccountId) -> DispatchResultWithPostInfo {
+			T::SetAdminOrigin::ensure_origin(origin)?;
+			Self::deposit_event(Event::AdminChanged { old_admin: Self::admin() });
+			<Admin<T>>::put(new);
 			// Do not pay a fee
 			Ok(Pays::No.into())
 		}

pallets/teerex/src/mock.rs

@@ -135,7 +135,7 @@ impl Config for Test {
 	type Currency = Balances;
 	type MomentsPerDay = MomentsPerDay;
 	type WeightInfo = ();
-	type SetEnclaveAdminOrigin = EnsureRoot<Self::AccountId>;
+	type SetAdminOrigin = EnsureRoot<Self::AccountId>;
 }
 
 // This function basically just builds a genesis storage key/value store according to
@@ -147,7 +147,7 @@ pub fn new_test_ext() -> sp_io::TestExternalities {
 	}
 	.assimilate_storage(&mut t)
 	.unwrap();
-	let teerex_config = crate::GenesisConfig { allow_sgx_debug_mode: true };
+	let teerex_config = crate::GenesisConfig { allow_sgx_debug_mode: true, admin: None };
 	GenesisBuild::<Test>::assimilate_storage(&teerex_config, &mut t).unwrap();
 
 	let mut ext: sp_io::TestExternalities = t.into();
@@ -164,7 +164,7 @@ pub fn new_test_production_ext() -> sp_io::TestExternalities {
 	.assimilate_storage(&mut t)
 	.unwrap();
 
-	let teerex_config = crate::GenesisConfig { allow_sgx_debug_mode: false };
+	let teerex_config = crate::GenesisConfig { allow_sgx_debug_mode: false, admin: None };
 	GenesisBuild::<Test>::assimilate_storage(&teerex_config, &mut t).unwrap();
 
 	let mut ext: sp_io::TestExternalities = t.into();