perf(contract): contract should not store full attestation submission #1663
Conversation
…not-store-full-attestation-submission
| /// The digest of the MPC image running. | ||
| pub launcher_compose_hash: [u8; 32], | ||
| /// Unix timestamp for when the attestation was created. | ||
| pub creation_time_stamp_seonds: u64, |
There was a problem hiding this comment.
where do we get the time from?
There was a problem hiding this comment.
The comment is s currently misleading. The timestamp is taken from "now" time argument during the initial verification, so it's the timestamp of when the contract first saw the attestation and not the creation date.
In a follow up PR we should refactor this internal implementation to use the timestamp embedded in the attestation instead.
| clean_tee_status_tera_gas: Some(10), | ||
| cleanup_orphaned_node_migrations_tera_gas: Some(3), | ||
| remove_non_participant_update_votes_tera_gas: Some(5), | ||
| attestation_max_validity_duration_seconds: Some(1912312), |
There was a problem hiding this comment.
this equals to 22 days, why did you choose this number?
There was a problem hiding this comment.
This test is just testing a serialization and deserialization works as expected. The values are not used for anything here.
| /// The digest of the MPC image running. | ||
| pub launcher_compose_hash: [u8; 32], | ||
| /// Unix timestamp for when the attestation was created. | ||
| pub creation_time_stamp_seonds: u64, |
There was a problem hiding this comment.
| pub creation_time_stamp_seonds: u64, | |
| pub creation_time_stamp_seconds: u64, |
you will need to change in 5 places
| } | ||
|
|
||
| pub fn validate_tee( | ||
| pub fn re_veirfy_participants( |
There was a problem hiding this comment.
| pub fn re_veirfy_participants( | |
| pub fn re_verify_participants( |
There was a problem hiding this comment.
also since this method also does cleanup
consider caliing it:
reverify_and_update_participants
or
validate_and_cleanup_participants
| } | ||
|
|
||
| pub fn validate_tee( | ||
| pub fn re_veirfy_participants( |
There was a problem hiding this comment.
can you also add a Rust doc comment for the method?
…ion' of github.com:near/mpc into 1629-contract-should-not-store-full-attestation-submission
barakeinav1
left a comment
barakeinav1
left a comment
There was a problem hiding this comment.
overall look good,
I requested some changes (mainly nits, typo name etc..) ,
I also think you should add another test: (I didn't see something like it)
#[test]
fn re_verify_fails_after_allowed_hash_is_cleaned_up() {
// 1. Add allowed MPC hash H1 at time T0
// 2. Add participant attested with H1
// 3. Add new MPC hash H2 (upgrade)
// 4. Advance time > tee_upgrade_deadline_duration
// 5. cleanup_expired_hashes removes H1
// 6. re_verify_tee_participant fails
}
closes #1629