machine_id as string (fixes)

Author: vlad

cosmwasm/enclaves/execute/src/registration/offchain.rs

@@ -724,13 +724,13 @@ fn is_msg_machine_id(msg_in_block: &[u8], machine_id: &[u8]) -> bool {
     trace!("*** block msg: {:?}", hex::encode(msg_in_block));
 
     // we expect a message of the form:
-    // 0a 3d (addr, len=45 bytes)
+    // 0a 2d (addr, len=45 bytes)
     // 10 (proposal-id, varible length)
-    // 1a 14 (machine_id 20 bytes)
+    // 1a 28 (machine_id 40 bytes)
 
     let msg_len = msg_in_block.len();
 
-    if msg_len < 71 {
+    if msg_len < 91 {
         trace!("len mismatch: {}", msg_in_block.len());
         return false;
     }
@@ -745,14 +745,14 @@ fn is_msg_machine_id(msg_in_block: &[u8], machine_id: &[u8]) -> bool {
         return false;
     }
 
-    let offs = msg_len - 22;
+    let offs = msg_len - 42;
 
-    if &msg_in_block[offs..offs + 2] != [0x1a, 0x14].as_slice() {
+    if &msg_in_block[offs..offs + 2] != [0x1a, 0x28].as_slice() {
         trace!("wrong sub3");
         return false;
     }
 
-    if &msg_in_block[offs + 2..offs + 22] != machine_id {
+    if &msg_in_block[offs + 2..offs + 42] != machine_id {
         trace!("wrong mrenclave");
         return false;
     }
@@ -798,7 +798,9 @@ pub unsafe extern "C" fn ecall_onchain_approve_machine_id(
     let proof = calculate_machine_id_evidence(machine_id);
 
     if is_on_chain {
-        if !check_machine_id_in_block(machine_id) {
+        let machine_id_str = hex::encode(machine_id);
+
+        if !check_machine_id_in_block(machine_id_str.as_bytes()) {
             error!("machine ID not approved");
             return sgx_types::sgx_status_t::SGX_ERROR_UNEXPECTED;
         }

x/compute/client/cli/tx.go

@@ -648,20 +648,10 @@ Examples:
 
 func UpdateMachineWhitelistCmd() *cobra.Command {
 	cmd := &cobra.Command{
-		Use:   "update-machine-whitelist [proposal-id] [machine-ids-file]",
+		Use:   "update-machine-whitelist [proposal-id] [machine-id]",
 		Short: "Update machine whitelist after governance approval",
 		Long: `Execute machine whitelist update after governance proposal passes.
-Machine IDs must match the approved proposal exactly.
-
-Machine IDs file format (JSON):
-{
-  "machine_ids": [
-    "01507c9577896bc1afde972d67f1fd53af1a8da",
-    "a3b4c5d6e7f8091a2b3c4d5e6f708192a3b4c5d6"
-  ]
-}
-
-Each machine ID must be exactly 20 bytes.`,
+Machine ID must match the approved proposal exactly.`,
 		Args: cobra.ExactArgs(2),
 		RunE: func(cmd *cobra.Command, args []string) error {
 			clientCtx, err := client.GetClientTxContext(cmd)
@@ -674,11 +664,8 @@ Each machine ID must be exactly 20 bytes.`,
 				return fmt.Errorf("invalid proposal ID: %w", err)
 			}
 
-			// Read machine IDs from file
-			machineId, err := hex.DecodeString(args[1])
-			if err != nil {
-				return err
-			}
+			// Read machine ID
+			machineId := args[1]
 
 			msg := &types.MsgUpdateMachineWhitelist{
 				Sender:     clientCtx.GetFromAddress().String(),

x/compute/internal/keeper/ante.go

@@ -147,7 +147,7 @@ func (a *CountTXDecorator) validateUpdateMachineWhitelist(ctx sdk.Context, msgUp
 		return err
 	}
 
-	if !bytes.Equal(msgUpdateWhitelist.MachineId, updateMachineWhitelistProposalMsg.MachineId) {
+	if msgUpdateWhitelist.MachineId != updateMachineWhitelistProposalMsg.MachineId {
 		return sdkerrors.ErrInvalidRequest.Wrapf("machine id %s does not match the proposal %s", msgUpdateWhitelist.MachineId, updateMachineWhitelistProposalMsg.MachineId)
 	}
 

x/compute/internal/keeper/msg_server.go

@@ -2,6 +2,7 @@ package keeper
 
 import (
 	"context"
+	"encoding/hex"
 	"fmt"
 
 	errorsmod "cosmossdk.io/errors"
@@ -351,7 +352,11 @@ func (m msgServer) UpdateMachineWhitelist(goCtx context.Context, msg *types.MsgU
 
 	store := m.keeper.storeService.OpenKVStore(ctx)
 
-	id := msg.MachineId
+	id, err := hex.DecodeString(msg.MachineId)
+	if err != nil {
+		return nil, err
+	}
+
 	{
 		proof := [32]byte{}
 		if err := api.OnApproveMachineID(id, &proof, true); err != nil {

x/compute/internal/types/msg.go

@@ -332,8 +332,8 @@ func (msg MsgUpdateMachineWhitelistProposal) ValidateBasic() error {
 		return errorsmod.Wrap(err, "invalid authority")
 	}
 
-	if len(msg.MachineId) != 20 {
-		return errorsmod.Wrap(ErrInvalid, "machine_id must be 20 bytes")
+	if len(msg.MachineId) != 40 {
+		return errorsmod.Wrap(ErrInvalid, "machine_id must be 40 characters")
 	}
 
 	return nil
@@ -368,8 +368,8 @@ func (msg MsgUpdateMachineWhitelist) ValidateBasic() error {
 		return errorsmod.Wrap(sdkerrors.ErrInvalidRequest, "proposal ID cannot be zero")
 	}
 
-	if len(msg.MachineId) != 20 {
-		return errorsmod.Wrap(sdkerrors.ErrInvalidRequest, "machine ID must be 20 bytes")
+	if len(msg.MachineId) != 40 {
+		return errorsmod.Wrap(sdkerrors.ErrInvalidRequest, "machine ID must be 40 characters")
 	}
 
 	return nil