Skip to content

Teerex


Calls


register_quoting_enclave

See [Pallet::register_quoting_enclave].

Attributes

Name Type
enclave_identity Vec<u8>
signature Vec<u8>
certificate_chain Vec<u8>

Python

call = substrate.compose_call(
    'Teerex', 'register_quoting_enclave', {
    'certificate_chain': 'Bytes',
    'enclave_identity': 'Bytes',
    'signature': 'Bytes',
}
)

register_sgx_enclave

See [Pallet::register_sgx_enclave].

Attributes

Name Type
proof Vec<u8>
worker_url Option<Vec<u8>>
attestation_method SgxAttestationMethod

Python

call = substrate.compose_call(
    'Teerex', 'register_sgx_enclave', {
    'attestation_method': {
        'Dcap': {'proxied': 'bool'},
        'Ias': None,
        'Skip': {'proxied': 'bool'},
    },
    'proof': 'Bytes',
    'worker_url': (None, 'Bytes'),
}
)

register_tcb_info

See [Pallet::register_tcb_info].

Attributes

Name Type
tcb_info Vec<u8>
signature Vec<u8>
certificate_chain Vec<u8>

Python

call = substrate.compose_call(
    'Teerex', 'register_tcb_info', {
    'certificate_chain': 'Bytes',
    'signature': 'Bytes',
    'tcb_info': 'Bytes',
}
)

set_security_flags

See [Pallet::set_security_flags].

Attributes

Name Type
allow_skipping_attestation bool
sgx_allow_debug_mode bool

Python

call = substrate.compose_call(
    'Teerex', 'set_security_flags', {
    'allow_skipping_attestation': 'bool',
    'sgx_allow_debug_mode': 'bool',
}
)

unregister_proxied_enclave

See [Pallet::unregister_proxied_enclave].

Attributes

Name Type
address EnclaveInstanceAddress<T::AccountId>

Python

call = substrate.compose_call(
    'Teerex', 'unregister_proxied_enclave', {
    'address': {
        'fingerprint': 'scale_info::12',
        'registrar': 'AccountId',
        'signer': {
            'Known': {
                'Ecdsa': '[u8; 33]',
                'Ed25519': '[u8; 32]',
                'Sr25519': '[u8; 32]',
            },
            'Opaque': 'Bytes',
        },
    },
}
)

unregister_sovereign_enclave

See [Pallet::unregister_sovereign_enclave].

Attributes

Name Type
enclave_signer T::AccountId

Python

call = substrate.compose_call(
    'Teerex', 'unregister_sovereign_enclave', {'enclave_signer': 'AccountId'}
)

Events


AddedSgxEnclave

An Intel SGX enclave has been added to the enclave registry

Attributes

Name Type Composition
registered_by T::AccountId AccountId
worker_url Option<Vec<u8>> (None, 'Bytes')
tcb_status Option<SgxStatus> (None, ('Invalid', 'Ok', 'GroupOutOfDate', 'GroupRevoked', 'ConfigurationNeeded'))
attestation_method SgxAttestationMethod {'Skip': {'proxied': 'bool'}, 'Ias': None, 'Dcap': {'proxied': 'bool'}}

RemovedProxiedEnclave

a proxied enclave has been removed from the enclave registry

Attributes

Name Type Composition
None EnclaveInstanceAddress<T::AccountId> {'fingerprint': 'scale_info::12', 'registrar': 'AccountId', 'signer': {'Opaque': 'Bytes', 'Known': {'Ed25519': '[u8; 32]', 'Sr25519': '[u8; 32]', 'Ecdsa': '[u8; 33]'}}}

RemovedSovereignEnclave

a sovereign enclave has been removed from the enclave registry

Attributes

Name Type Composition
None T::AccountId AccountId

SgxQuotingEnclaveRegistered

An Intel SGX quoting enclave has been registered

Attributes

Name Type Composition
quoting_enclave SgxQuotingEnclave {'issue_date': 'u64', 'next_update': 'u64', 'miscselect': '[u8; 4]', 'miscselect_mask': '[u8; 4]', 'attributes': '[u8; 16]', 'attributes_mask': '[u8; 16]', 'mrsigner': '[u8; 32]', 'isvprodid': 'u16', 'tcb': [{'isvsvn': 'u16'}]}

SgxTcbInfoRegistered

Intel SGX TCB info has been registered

Attributes

Name Type Composition
fmspc Fmspc [u8; 6]
on_chain_info SgxTcbInfoOnChain {'issue_date': 'u64', 'next_update': 'u64', 'tcb_levels': [{'cpusvn': '[u8; 16]', 'pcesvn': 'u16', 'tcb_status': ('Unknown', 'UpToDate', 'SWHardeningNeeded', 'ConfigurationAndSWHardeningNeeded', 'OutOfDate', 'OutOfDateConfigurationNeeded', 'Revoked')}]}

UpdatedSecurityFlags

the enclave registry security flags have been updated

Attributes

Name Type Composition
allow_skipping_attestation bool bool
sgx_allow_debug_mode bool bool

Storage functions


AllowSkippingAttestation

Python

result = substrate.query(
    'Teerex', 'AllowSkippingAttestation', []
)

Return value

'bool'

ProxiedEnclaves

Python

result = substrate.query(
    'Teerex', 'ProxiedEnclaves', [
    {
        'fingerprint': 'scale_info::12',
        'registrar': 'AccountId',
        'signer': {
            'Known': {
                'Ecdsa': '[u8; 33]',
                'Ed25519': '[u8; 32]',
                'Sr25519': '[u8; 32]',
            },
            'Opaque': 'Bytes',
        },
    },
]
)

Return value

{
    'Sgx': {
        'attestation_method': {
            'Dcap': {'proxied': 'bool'},
            'Ias': None,
            'Skip': {'proxied': 'bool'},
        },
        'build_mode': ('Debug', 'Production'),
        'mr_enclave': '[u8; 32]',
        'mr_signer': '[u8; 32]',
        'report_data': {'d': '[u8; 64]'},
        'status': (
            'Invalid',
            'Ok',
            'GroupOutOfDate',
            'GroupRevoked',
            'ConfigurationNeeded',
        ),
        'timestamp': 'u64',
        'url': (None, 'Bytes'),
    },
}

SgxAllowDebugMode

Python

result = substrate.query(
    'Teerex', 'SgxAllowDebugMode', []
)

Return value

'bool'

SgxQuotingEnclaveRegistry

Python

result = substrate.query(
    'Teerex', 'SgxQuotingEnclaveRegistry', []
)

Return value

{
    'attributes': '[u8; 16]',
    'attributes_mask': '[u8; 16]',
    'issue_date': 'u64',
    'isvprodid': 'u16',
    'miscselect': '[u8; 4]',
    'miscselect_mask': '[u8; 4]',
    'mrsigner': '[u8; 32]',
    'next_update': 'u64',
    'tcb': [{'isvsvn': 'u16'}],
}

SgxTcbInfo

Python

result = substrate.query(
    'Teerex', 'SgxTcbInfo', ['[u8; 6]']
)

Return value

{
    'issue_date': 'u64',
    'next_update': 'u64',
    'tcb_levels': [
        {
            'cpusvn': '[u8; 16]',
            'pcesvn': 'u16',
            'tcb_status': (
                'Unknown',
                'UpToDate',
                'SWHardeningNeeded',
                'ConfigurationAndSWHardeningNeeded',
                'OutOfDate',
                'OutOfDateConfigurationNeeded',
                'Revoked',
            ),
        },
    ],
}

SovereignEnclaves

Python

result = substrate.query(
    'Teerex', 'SovereignEnclaves', ['AccountId']
)

Return value

{
    'Sgx': {
        'attestation_method': {
            'Dcap': {'proxied': 'bool'},
            'Ias': None,
            'Skip': {'proxied': 'bool'},
        },
        'build_mode': ('Debug', 'Production'),
        'mr_enclave': '[u8; 32]',
        'mr_signer': '[u8; 32]',
        'report_data': {'d': '[u8; 64]'},
        'status': (
            'Invalid',
            'Ok',
            'GroupOutOfDate',
            'GroupRevoked',
            'ConfigurationNeeded',
        ),
        'timestamp': 'u64',
        'url': (None, 'Bytes'),
    },
}

Constants


MaxAttestationRenewalPeriod

If a worker does not re-register within MaxAttestationRenewalPeriod, it can be unregistered by anyone.

Value

172800000

Python

constant = substrate.get_constant('Teerex', 'MaxAttestationRenewalPeriod')

MomentsPerDay

Value

86400000

Python

constant = substrate.get_constant('Teerex', 'MomentsPerDay')

Errors


CaVerificationFailed


CertificateChainIsInvalid


CertificateChainIsTooShort


CollateralIsInvalid

The provided collateral data is invalid


CpuSvnDecodingError


CpuSvnLengthMismatch


CpuSvnOidIsMissing


DcapKeyTypeMismatch


DcapQuoteDecodingError


DcapQuoteIsTooLong


DcapQuoteVersionMismatch


DerEncodingError


EmptyEnclaveRegistry

No enclave is registered.


EnclaveIdentityDecodingError


EnclaveIdentitySignatureIsInvalid


EnclaveIsNotRegistered

The enclave is not registered.


EnclaveSignerDecodeError

Failed to decode enclave signer.


EnclaveUrlIsTooLong

The worker url is too long.


FmspcDecodingError


FmspcLengthMismatch


FmspcOidIsMissing


IntelExtensionAmbiguity


IntelExtensionCertificateDecodingError


IsvEnclaveReportSignatureIsInvalid


KeyLengthIsInvalid


LeafCertificateParsingError


MissingTcbInfoForFmspc

No TCB info could be found onchain for the examinee&#x27;s fmspc


NetscapeDecodingError


NetscapeDerError


OtherSgxVerifyError

An error originating in the sgx_verify crate


PceSvnDecodingError


PceSvnLengthMismatch


PceSvnOidIsMissing


PckCertFormatMismatch


PublicKeyIsInvalid


QeHasRejectedEnclave


QeReportHashMismatch


QuoteBodyDecodingError


QuoteBodyIsInvalid


QuoteBodyMissing


QuoteStatusMissing


RaProofIsTooLong

The Remote Attestation proof is too long.


RemoteAttestationIsTooOld

IAS remote attestation is too old


RemoteAttestationVerificationFailed

Verifying RA report failed.


RsaSignatureIsInvalid


SenderIsNotAttestedEnclave

Sender does not match attested enclave in report.


SgxModeIsNotAllowed

The enclave cannot attest, because its building mode is not allowed.


SgxReportParsingError


SkippingAttestationIsNotAllowed

skipping attestation not allowed by configuration


TcbInfoIsInvalid


TcbInfoIsOutdated

Either the enclave TCB has outdated status or the onchain TCB collateral is outdated


TimestampIsInvalid


TimestampIsMissing


UnregisterActiveEnclaveIsNotAllowed

It is not allowed to unregister enclaves with recent activity