introduce shard birth concept and a bit of renaming throughout

core-primitives/enclave-api/ffi/src/lib.rs

@@ -67,6 +67,17 @@ extern "C" {
 		parentchain_id_size: u32,
 	) -> sgx_status_t;
 
+	pub fn init_shard_birth_parentchain_header(
+		eid: sgx_enclave_id_t,
+		retval: *mut sgx_status_t,
+		shard: *const u8,
+		shard_size: u32,
+		parentchain_id: *const u8,
+		parentchain_id_size: u32,
+		header: *const u8,
+		header_size: u32,
+	) -> sgx_status_t;
+
 	pub fn execute_trusted_calls(eid: sgx_enclave_id_t, retval: *mut sgx_status_t) -> sgx_status_t;
 
 	pub fn sync_parentchain(

core-primitives/enclave-api/src/enclave_base.rs

@@ -20,7 +20,7 @@ use crate::EnclaveResult;
 use codec::Decode;
 use core::fmt::Debug;
 use itc_parentchain::primitives::{ParentchainId, ParentchainInitParams};
-use itp_types::ShardIdentifier;
+use itp_types::{parentchain::Header, ShardIdentifier};
 use sgx_crypto_helper::rsa3072::Rsa3072PubKey;
 use sp_core::ed25519;
 use teerex_primitives::EnclaveFingerprint;
@@ -57,6 +57,19 @@ pub trait EnclaveBase: Send + Sync + 'static {
 		parentchain_id: &ParentchainId,
 	) -> EnclaveResult<()>;
 
+	/// Initialize parentchain checkpoint after which invocations will be processed
+	fn init_shard_birth_parentchain_header(
+		&self,
+		shard: &ShardIdentifier,
+		parentchain_id: &ParentchainId,
+		header: &Header,
+	) -> EnclaveResult<()>;
+
+	fn get_shard_birth_header(
+		&self,
+		shard: &ShardIdentifier,
+	) -> EnclaveResult<(ParentchainId, Header)>;
+
 	fn set_nonce(&self, nonce: u32, parentchain_id: ParentchainId) -> EnclaveResult<()>;
 
 	fn set_node_metadata(
@@ -88,7 +101,7 @@ mod impl_ffi {
 	use itp_settings::worker::{
 		HEADER_MAX_SIZE, MR_ENCLAVE_SIZE, SHIELDING_KEY_SIZE, SIGNING_KEY_SIZE,
 	};
-	use itp_types::ShardIdentifier;
+	use itp_types::{parentchain::Header, ShardIdentifier};
 	use log::*;
 	use sgx_crypto_helper::rsa3072::Rsa3072PubKey;
 	use sgx_types::*;
@@ -208,6 +221,62 @@ mod impl_ffi {
 			Ok(())
 		}
 
+		fn init_shard_birth_parentchain_header(
+			&self,
+			shard: &ShardIdentifier,
+			parentchain_id: &ParentchainId,
+			header: &Header,
+		) -> EnclaveResult<()> {
+			let mut retval = sgx_status_t::SGX_SUCCESS;
+			let parentchain_id_enc = parentchain_id.encode();
+			let header_bytes = header.encode();
+			let shard_bytes = shard.encode();
+			let result = unsafe {
+				ffi::init_shard_birth_parentchain_header(
+					self.eid,
+					&mut retval,
+					shard_bytes.as_ptr(),
+					shard_bytes.len() as u32,
+					parentchain_id_enc.as_ptr(),
+					parentchain_id_enc.len() as u32,
+					header_bytes.as_ptr(),
+					header_bytes.len() as u32,
+				)
+			};
+
+			ensure!(result == sgx_status_t::SGX_SUCCESS, Error::Sgx(result));
+			ensure!(retval == sgx_status_t::SGX_SUCCESS, Error::Sgx(retval));
+
+			Ok(())
+		}
+
+		fn get_shard_birth_header(
+			&self,
+			shard: &ShardIdentifier,
+		) -> EnclaveResult<(ParentchainId, Header)> {
+			let mut retval = sgx_status_t::SGX_SUCCESS;
+			let mut birth =
+				[0u8; std::mem::size_of::<Header>() + std::mem::size_of::<ParentchainId>()];
+			let shard_bytes = shard.encode();
+
+			let result = unsafe {
+				ffi::get_ecc_vault_pubkey(
+					self.eid,
+					&mut retval,
+					shard_bytes.as_ptr(),
+					shard_bytes.len() as u32,
+					birth.as_mut_ptr(),
+					birth.len() as u32,
+				)
+			};
+
+			ensure!(result == sgx_status_t::SGX_SUCCESS, Error::Sgx(result));
+			ensure!(retval == sgx_status_t::SGX_SUCCESS, Error::Sgx(retval));
+			let (birth_parentchain_id, birth_header): (ParentchainId, Header) =
+				Decode::decode(&mut birth.as_slice())?;
+			Ok((birth_parentchain_id, birth_header))
+		}
+
 		fn set_nonce(&self, nonce: u32, parentchain_id: ParentchainId) -> EnclaveResult<()> {
 			let mut retval = sgx_status_t::SGX_SUCCESS;
 

core-primitives/stf-interface/src/lib.rs

@@ -37,6 +37,7 @@ pub mod sudo_pallet;
 pub mod system_pallet;
 
 pub const SHARD_VAULT_KEY: &str = "ShardVaultPubKey";
+pub const SHARD_BIRTH_HEADER_KEY: &str = "ShardBirthHeaderKey";
 
 /// Interface to initialize a new state.
 pub trait InitState<State, AccountId> {

core/parentchain/block-importer/src/block_importer.rs

@@ -18,6 +18,7 @@
 //! Imports parentchain blocks and executes any indirect calls found in the extrinsics.
 
 use crate::{error::Result, ImportParentchainBlocks};
+use codec::Decode;
 use ita_stf::ParentchainHeader;
 use itc_parentchain_indirect_calls_executor::ExecuteIndirectCalls;
 use itc_parentchain_light_client::{
@@ -26,8 +27,8 @@ use itc_parentchain_light_client::{
 use itp_extrinsics_factory::CreateExtrinsics;
 use itp_stf_executor::traits::StfUpdateState;
 use itp_types::{
-	parentchain::{IdentifyParentchain, ParentchainId},
-	OpaqueCall, H256,
+	parentchain::{Header, IdentifyParentchain, ParentchainId},
+	OpaqueCall, ShardIdentifier, H256,
 };
 use log::*;
 use sp_runtime::{
@@ -48,6 +49,7 @@ pub struct ParentchainBlockImporter<
 	stf_executor: Arc<StfExecutor>,
 	extrinsics_factory: Arc<ExtrinsicsFactory>,
 	pub indirect_calls_executor: Arc<IndirectCallsExecutor>,
+	maybe_birth_header: Option<Header>,
 	_phantom: PhantomData<ParentchainBlock>,
 }
 
@@ -71,12 +73,14 @@ impl<
 		stf_executor: Arc<StfExecutor>,
 		extrinsics_factory: Arc<ExtrinsicsFactory>,
 		indirect_calls_executor: Arc<IndirectCallsExecutor>,
+		maybe_birth_header: Option<Header>,
 	) -> Self {
 		ParentchainBlockImporter {
 			validator_accessor,
 			stf_executor,
 			extrinsics_factory,
 			indirect_calls_executor,
+			maybe_birth_header,
 			_phantom: Default::default(),
 		}
 	}
@@ -125,6 +129,23 @@ impl<
 				return Err(e.into())
 			}
 
+			// check if we can fast-sync
+			if id == ParentchainId::Integritee {
+				if let Some(birth_header) = self.maybe_birth_header.clone() {
+					if signed_block.block.header().number < birth_header.number {
+						trace!(
+							"fast-syncing block import, ignoring any invocations up to block {:}",
+							birth_header.number
+						);
+						continue
+					} else {
+						trace!(
+							"only Integritee parentchain is supported for shard birth fast-syncing"
+						);
+					}
+				}
+			}
+
 			let block = signed_block.block;
 			// Perform state updates.
 			if let Err(e) = self

core/parentchain/parentchain-crate/src/primitives.rs

@@ -22,7 +22,9 @@ use codec::{Decode, Encode};
 
 use sp_runtime::traits::Block;
 
+use itp_types::ShardIdentifier;
 pub use itp_types::{parentchain::ParentchainId, Block as ParachainBlock, Block as SolochainBlock};
+
 pub type HeaderFor<B> = <B as Block>::Header;
 pub type SolochainHeader = HeaderFor<SolochainBlock>;
 pub type ParachainHeader = HeaderFor<ParachainBlock>;
@@ -33,8 +35,8 @@ pub type ParachainParams = SimpleParams<ParachainHeader>;
 /// Allows to use a single E-call for the initialization of different parentchain types.
 #[derive(Encode, Decode, Clone)]
 pub enum ParentchainInitParams {
-	Solochain { id: ParentchainId, params: SolochainParams },
-	Parachain { id: ParentchainId, params: ParachainParams },
+	Solochain { id: ParentchainId, shard: ShardIdentifier, params: SolochainParams },
+	Parachain { id: ParentchainId, shard: ShardIdentifier, params: ParachainParams },
 }
 
 impl ParentchainInitParams {
@@ -46,14 +48,14 @@ impl ParentchainInitParams {
 	}
 }
 
-impl From<(ParentchainId, SolochainParams)> for ParentchainInitParams {
-	fn from(value: (ParentchainId, SolochainParams)) -> Self {
-		Self::Solochain { id: value.0, params: value.1 }
+impl From<(ParentchainId, ShardIdentifier, SolochainParams)> for ParentchainInitParams {
+	fn from(value: (ParentchainId, ShardIdentifier, SolochainParams)) -> Self {
+		Self::Solochain { id: value.0, shard: value.1, params: value.2 }
 	}
 }
 
-impl From<(ParentchainId, ParachainParams)> for ParentchainInitParams {
-	fn from(value: (ParentchainId, ParachainParams)) -> Self {
-		Self::Parachain { id: value.0, params: value.1 }
+impl From<(ParentchainId, ShardIdentifier, ParachainParams)> for ParentchainInitParams {
+	fn from(value: (ParentchainId, ShardIdentifier, ParachainParams)) -> Self {
+		Self::Parachain { id: value.0, shard: value.1, params: value.2 }
 	}
 }

enclave-runtime/Cargo.lock

@@ -789,6 +789,7 @@ dependencies = [
  "itc-offchain-worker-executor",
  "itc-parentchain",
  "itc-parentchain-block-import-dispatcher",
+ "itc-parentchain-block-importer",
  "itc-parentchain-test",
  "itc-tls-websocket-server",
  "itp-attestation-handler",

enclave-runtime/Cargo.toml

@@ -98,6 +98,7 @@ itc-direct-rpc-server = { path = "../core/direct-rpc-server", default-features =
 itc-offchain-worker-executor = { path = "../core/offchain-worker-executor", default-features = false, features = ["sgx"] }
 itc-parentchain = { path = "../core/parentchain/parentchain-crate", default-features = false, features = ["sgx"] }
 itc-parentchain-block-import-dispatcher = { path = "../core/parentchain/block-import-dispatcher", default-features = false, features = ["sgx"] }
+itc-parentchain-block-importer = { path = "../core/parentchain/block-importer", default-features = false, features = ["sgx"] }
 itc-parentchain-test = { path = "../core/parentchain/test", default-features = false }
 itc-tls-websocket-server = { path = "../core/tls-websocket-server", default-features = false, features = ["sgx"] }
 itp-attestation-handler = { path = "../core-primitives/attestation-handler", default-features = false, features = ["sgx"] }

enclave-runtime/Enclave.edl

@@ -63,6 +63,16 @@ enclave {
 			[in, size=parentchain_id_size] uint8_t* parentchain_id, uint32_t parentchain_id_size
 		);
 
+		public sgx_status_t init_shard_birth_parentchain_header(
+		    [in, size=shard_size] uint8_t* shard, uint32_t shard_size,
+			[in, size=parentchain_id_size] uint8_t* parentchain_id, uint32_t parentchain_id_size,
+    		[in, size=header_size] uint8_t* header, uint32_t header_size
+		);
+
+		public sgx_status_t get_shard_birth_header(
+			[in, size=shard_size] uint8_t* shard, uint32_t shard_size,
+			[out, size=birth_size] uint8_t* birth, uint32_t birth_size);
+
 		public sgx_status_t execute_trusted_calls();
 
 		public sgx_status_t sync_parentchain(

enclave-runtime/src/initialization/parentchain/common.rs

@@ -46,6 +46,7 @@ use crate::{
 use itp_component_container::ComponentGetter;
 use itp_nonce_cache::NonceCache;
 use itp_sgx_crypto::key_repository::AccessKey;
+use itp_types::parentchain::Header;
 use log::*;
 use sp_core::H256;
 use std::sync::Arc;
@@ -55,6 +56,7 @@ pub(crate) fn create_integritee_parentchain_block_importer(
 	stf_executor: Arc<EnclaveStfExecutor>,
 	extrinsics_factory: Arc<EnclaveExtrinsicsFactory>,
 	node_metadata_repository: Arc<EnclaveNodeMetadataRepository>,
+	birth_header: Header,
 ) -> Result<IntegriteeParentchainBlockImporter> {
 	let state_observer = GLOBAL_STATE_OBSERVER_COMPONENT.get()?;
 	let top_pool_author = GLOBAL_TOP_POOL_AUTHOR_COMPONENT.get()?;
@@ -78,6 +80,7 @@ pub(crate) fn create_integritee_parentchain_block_importer(
 		stf_executor,
 		extrinsics_factory,
 		indirect_calls_executor,
+		Some(birth_header),
 	))
 }
 
@@ -109,6 +112,7 @@ pub(crate) fn create_target_a_parentchain_block_importer(
 		stf_executor,
 		extrinsics_factory,
 		indirect_calls_executor,
+		None,
 	))
 }
 
@@ -140,6 +144,7 @@ pub(crate) fn create_target_b_parentchain_block_importer(
 		stf_executor,
 		extrinsics_factory,
 		indirect_calls_executor,
+		None,
 	))
 }
 

enclave-runtime/src/initialization/parentchain/integritee_parachain.rs

@@ -40,7 +40,7 @@ use itp_types::parentchain::ParentchainId;
 use std::{path::PathBuf, sync::Arc};
 
 pub use itc_parentchain::primitives::{ParachainBlock, ParachainHeader, ParachainParams};
-
+use itp_types::parentchain::Header;
 #[derive(Clone)]
 pub struct IntegriteeParachainHandler {
 	pub genesis_header: ParachainHeader,
@@ -55,6 +55,7 @@ impl IntegriteeParachainHandler {
 	pub fn init<WorkerModeProvider: ProvideWorkerMode>(
 		_base_path: PathBuf,
 		params: ParachainParams,
+		birth_header: Header,
 	) -> Result<Self> {
 		let ocall_api = GLOBAL_OCALL_API_COMPONENT.get()?;
 		let state_handler = GLOBAL_STATE_HANDLER_COMPONENT.get()?;
@@ -91,6 +92,7 @@ impl IntegriteeParachainHandler {
 			stf_executor.clone(),
 			extrinsics_factory.clone(),
 			node_metadata_repository.clone(),
+			birth_header,
 		)?;
 
 		let import_dispatcher = match WorkerModeProvider::worker_mode() {

enclave-runtime/src/initialization/parentchain/integritee_solochain.rs

@@ -36,7 +36,7 @@ use crate::{
 use itc_parentchain::light_client::{concurrent_access::ValidatorAccess, LightClientState};
 use itp_component_container::ComponentGetter;
 use itp_settings::worker_mode::{ProvideWorkerMode, WorkerMode};
-use itp_types::parentchain::ParentchainId;
+use itp_types::parentchain::{Header, ParentchainId};
 use std::{path::PathBuf, sync::Arc};
 
 pub use itc_parentchain::primitives::{SolochainBlock, SolochainHeader, SolochainParams};
@@ -54,6 +54,7 @@ impl IntegriteeSolochainHandler {
 	pub fn init<WorkerModeProvider: ProvideWorkerMode>(
 		_base_path: PathBuf,
 		params: SolochainParams,
+		birth_header: Header,
 	) -> Result<Self> {
 		let ocall_api = GLOBAL_OCALL_API_COMPONENT.get()?;
 		let state_handler = GLOBAL_STATE_HANDLER_COMPONENT.get()?;
@@ -90,6 +91,7 @@ impl IntegriteeSolochainHandler {
 			stf_executor.clone(),
 			extrinsics_factory.clone(),
 			node_metadata_repository.clone(),
+			birth_header,
 		)?;
 
 		let import_dispatcher = match WorkerModeProvider::worker_mode() {