proper handling of nonce and decrypting vc result

tee-worker/cli/Cargo.toml

@@ -48,6 +48,7 @@ itp-stf-primitives = { path = "../core-primitives/stf-primitives" }
 itp-time-utils = { path = "../core-primitives/time-utils" }
 itp-types = { path = "../core-primitives/types" }
 itp-utils = { path = "../core-primitives/utils" }
+lc-credentials = { path = "../litentry/core/credentials" }
 
 # litentry
 frame-metadata = "15.0.0"

tee-worker/cli/src/evm/commands/evm_call.rs

@@ -22,7 +22,6 @@ use crate::{
 	trusted_operation::perform_trusted_operation,
 	Cli, CliResult, CliResultOk,
 };
-use codec::Decode;
 use ita_stf::{Index, TrustedCall, TrustedGetter, TrustedOperation};
 use itp_stf_primitives::types::KeyPair;
 use itp_types::AccountId;
@@ -80,7 +79,7 @@ impl EvmCallCommands {
 		)
 		.sign(&KeyPair::Sr25519(Box::new(sender)), nonce, &mrenclave, &shard)
 		.into_trusted_operation(trusted_args.direct);
-		Ok(perform_trusted_operation(cli, trusted_args, &function_call)
+		Ok(perform_trusted_operation::<()>(cli, trusted_args, &function_call)
 			.map(|_| CliResultOk::None)?)
 	}
 }

tee-worker/cli/src/evm/commands/evm_command_utils.rs

@@ -20,11 +20,8 @@ macro_rules! get_layer_two_evm_nonce {
 		let top: TrustedOperation = TrustedGetter::evm_nonce($signer_pair.public().into())
 			.sign(&KeyPair::Sr25519(Box::new($signer_pair.clone())))
 			.into();
-		let res = perform_trusted_operation($cli, $trusted_args, &top).unwrap_or_default();
-		let nonce = match res {
-			Some(n) => Index::decode(&mut n.as_slice()).unwrap_or(0),
-			None => 0,
-		};
+		let nonce =
+			perform_trusted_operation::<Index>($cli, $trusted_args, &top).unwrap_or_default();
 		debug!("got evm nonce: {:?}", nonce);
 		nonce
 	}};

tee-worker/cli/src/evm/commands/evm_create.rs

@@ -22,7 +22,6 @@ use crate::{
 	trusted_operation::perform_trusted_operation,
 	Cli, CliResult, CliResultOk,
 };
-use codec::Decode;
 use ita_stf::{
 	evm_helpers::evm_create_address, Index, TrustedCall, TrustedGetter, TrustedOperation,
 };
@@ -80,7 +79,7 @@ impl EvmCreateCommands {
 		.sign(&from.into(), nonce, &mrenclave, &shard)
 		.into_trusted_operation(trusted_args.direct);
 
-		let _ = perform_trusted_operation(cli, trusted_args, &top)?;
+		perform_trusted_operation(cli, trusted_args, &top)?;
 
 		let execution_address = evm_create_address(sender_evm_acc, evm_account_nonce);
 		info!("trusted call evm_create executed");

tee-worker/cli/src/evm/commands/evm_read.rs

@@ -17,9 +17,8 @@
 
 use crate::{
 	trusted_cli::TrustedCli, trusted_command_utils::get_pair_from_str,
-	trusted_operation::perform_trusted_operation, Cli, CliError, CliResult, CliResultOk,
+	trusted_operation::perform_trusted_operation, Cli, CliResult, CliResultOk,
 };
-use codec::Decode;
 use ita_stf::{TrustedGetter, TrustedOperation};
 use itp_stf_primitives::types::KeyPair;
 use itp_types::AccountId;
@@ -56,20 +55,7 @@ impl EvmReadCommands {
 			TrustedGetter::evm_account_storages(sender_acc.into(), execution_address, H256::zero())
 				.sign(&KeyPair::Sr25519(Box::new(sender)))
 				.into();
-		let res = perform_trusted_operation(cli, trusted_args, &top)?;
-
-		debug!("received result for balance");
-		if let Some(v) = res {
-			if let Ok(vd) = H256::decode(&mut v.as_slice()) {
-				println!("{:?}", vd);
-				Ok(CliResultOk::H256 { hash: vd })
-			} else {
-				error!("could not decode value. {:x?}", v);
-				Err(CliError::EvmRead { msg: format!("could not decode value. {:x?}", v) })
-			}
-		} else {
-			error!("Nothing in state!");
-			Err(CliError::EvmRead { msg: "Nothing in state!".to_string() })
-		}
+		let hash = perform_trusted_operation::<H256>(cli, trusted_args, &top)?;
+		Ok(CliResultOk::H256 { hash })
 	}
 }

tee-worker/cli/src/trusted_base_cli/commands/litentry/id_graph.rs

@@ -18,7 +18,6 @@ use crate::{
 	trusted_cli::TrustedCli, trusted_command_utils::get_pair_from_str,
 	trusted_operation::perform_trusted_operation, Cli, CliResult, CliResultOk,
 };
-use codec::Decode;
 use ita_stf::{IDGraph, Runtime, TrustedGetter, TrustedOperation};
 use itp_stf_primitives::types::KeyPair;
 use litentry_primitives::Identity;
@@ -45,7 +44,7 @@ impl IDGraphCommand {
 
 		let top: TrustedOperation =
 			TrustedGetter::id_graph(id).sign(&KeyPair::Sr25519(Box::new(alice))).into();
-		let idgraph = perform_trusted_operation::<Option<IDGraph::<Runtime>>>(cli, trusted_cli, &top);
+		let idgraph = perform_trusted_operation::<Option<IDGraph<Runtime>>>(cli, trusted_cli, &top);
 		println!("{:?}", idgraph.unwrap().unwrap());
 
 		Ok(CliResultOk::None)

tee-worker/cli/src/trusted_base_cli/commands/litentry/id_graph_stats.rs

@@ -18,7 +18,6 @@ use crate::{
 	trusted_cli::TrustedCli, trusted_command_utils::get_pair_from_str,
 	trusted_operation::perform_trusted_operation, Cli, CliError, CliResult, CliResultOk,
 };
-use codec::Decode;
 use ita_stf::{TrustedGetter, TrustedOperation};
 use itp_stf_primitives::types::KeyPair;
 use litentry_primitives::ParentchainAccountId;
@@ -38,7 +37,8 @@ impl IDGraphStats {
 		let top: TrustedOperation = TrustedGetter::id_graph_stats(who.public().into())
 			.sign(&KeyPair::Sr25519(Box::new(who)))
 			.into();
-		let id_graph_stats = perform_trusted_operation::<Option<IDGraphStatsVec>>(cli, trusted_cli, &top);
+		let id_graph_stats =
+			perform_trusted_operation::<Option<IDGraphStatsVec>>(cli, trusted_cli, &top);
 		println!("IDGraph stats:");
 		match id_graph_stats {
 			Ok(id_graph_stats) => {

tee-worker/cli/src/trusted_base_cli/commands/litentry/link_identity.rs

@@ -22,11 +22,9 @@ use crate::{
 	Cli, CliResult, CliResultOk,
 };
 use clap::Parser;
-use codec::Decode;
 use ita_stf::{Index, TrustedCall, TrustedOperation};
 use itp_stf_primitives::types::KeyPair;
 use litentry_primitives::{Identity, Web3Network};
-use log::*;
 use sp_core::Pair;
 
 // usage exmaple:
@@ -80,6 +78,7 @@ impl LinkIdentityCommand {
 		.sign(&KeyPair::Sr25519(Box::new(alice)), nonce, &mrenclave, &shard)
 		.into_trusted_operation(trusted_cli.direct);
 		//todo proper generic type
-		Ok(perform_trusted_operation::<Vec<u8>>(cli, trusted_cli, &top).map(|_| CliResultOk::None)?)
+		Ok(perform_trusted_operation::<Vec<u8>>(cli, trusted_cli, &top)
+			.map(|_| CliResultOk::None)?)
 	}
 }

tee-worker/cli/src/trusted_base_cli/commands/litentry/request_vc.rs

@@ -21,19 +21,18 @@ use crate::{
 	trusted_operation::perform_trusted_operation,
 	Cli, CliResult, CliResultOk,
 };
-use codec::Decode;
-use ita_stf::{Index, TrustedCall, TrustedOperation, TrustedGetter};
+use ita_stf::{trusted_call_result::RequestVCResult, Index, TrustedCall, TrustedOperation};
 use itp_stf_primitives::types::KeyPair;
 use itp_utils::hex::decode_hex;
+use lc_credentials::Credential;
 use litentry_primitives::{
-	AchainableAmount, AchainableAmountHolding, AchainableAmountToken, AchainableAmounts,
-	AchainableBasic, AchainableBetweenPercents, AchainableClassOfYear, AchainableDate,
-	AchainableDateInterval, AchainableDatePercent, AchainableParams, AchainableToken, Assertion,
-	Identity, OneBlockCourseType, ParameterString, Web3Network, UserShieldingKeyType, AesOutput, aes_decrypt
+	aes_decrypt, AchainableAmount, AchainableAmountHolding, AchainableAmountToken,
+	AchainableAmounts, AchainableBasic, AchainableBetweenPercents, AchainableClassOfYear,
+	AchainableDate, AchainableDateInterval, AchainableDatePercent, AchainableParams,
+	AchainableToken, Assertion, Identity, OneBlockCourseType, ParameterString, RequestAesKey,
+	Web3Network, REQUEST_AES_KEY_LEN,
 };
-use log::*;
 use sp_core::Pair;
-use ita_stf::trusted_call_result::RequestVCResult;
 
 // usage example (you can always use --help on subcommands to see more details)
 //
@@ -383,31 +382,34 @@ impl RequestVcCommand {
 			},
 		};
 
-		let top_getter: TrustedOperation = TrustedGetter::user_shielding_key(id.clone())
-			.sign(&KeyPair::Sr25519(Box::new(alice.clone())))
-			.into();
-		let key = perform_trusted_operation::<Option<UserShieldingKeyType>>(cli, trusted_cli, &top_getter);
-
-		let real_key = key.unwrap().unwrap();
-		println!("Got real key: {:?}", real_key);
-
-
-		let top: TrustedOperation =
-			TrustedCall::request_vc(alice.public().into(), id, assertion, None, Default::default())
-				.sign(&KeyPair::Sr25519(Box::new(alice)), 2, &mrenclave, &shard)
-				.into_trusted_operation(trusted_cli.direct);
+		let key = Self::random_aes_key();
 
+		let top: TrustedOperation = TrustedCall::request_vc(
+			alice.public().into(),
+			id,
+			assertion,
+			Some(key),
+			Default::default(),
+		)
+		.sign(&KeyPair::Sr25519(Box::new(alice)), nonce, &mrenclave, &shard)
+		.into_trusted_operation(trusted_cli.direct);
 
 		match perform_trusted_operation::<RequestVCResult>(cli, trusted_cli, &top) {
 			Ok(mut vc) => {
-
-				let vc_content = aes_decrypt(&real_key, &mut vc.vc_payload);
-				println!("Got vc result: {:?} with vc_content: {:?}", vc, vc_content);
+				let decrypted = aes_decrypt(&key, &mut vc.vc_payload).unwrap();
+				let credential: Credential = serde_json::from_slice(&decrypted).unwrap();
+				println!("----Generated VC-----");
+				println!("{:?}", credential);
 			},
 			Err(e) => {
 				println!("{:?}", e);
-			}
+			},
 		}
 		Ok(CliResultOk::None)
 	}
+
+	fn random_aes_key() -> RequestAesKey {
+		let random: Vec<u8> = (0..REQUEST_AES_KEY_LEN).map(|_| rand::random::<u8>()).collect();
+		random[0..REQUEST_AES_KEY_LEN].try_into().unwrap()
+	}
 }

tee-worker/cli/src/trusted_base_cli/commands/litentry/send_erroneous_parentchain_call.rs

@@ -21,12 +21,9 @@ use crate::{
 	trusted_operation::perform_trusted_operation,
 	Cli, CliResult, CliResultOk,
 };
-use codec::Decode;
-use ita_stf::{Index, TrustedCall, TrustedOperation};
+use ita_stf::{trusted_call_result::TrustedCallResult, Index, TrustedCall, TrustedOperation};
 use itp_stf_primitives::types::KeyPair;
-use log::*;
 use sp_core::Pair;
-use ita_stf::trusted_call_result::TrustedCallResult;
 
 #[derive(Parser)]
 pub struct SendErroneousParentchainCallCommand {}
@@ -42,6 +39,7 @@ impl SendErroneousParentchainCallCommand {
 			TrustedCall::send_erroneous_parentchain_call(root.public().into())
 				.sign(&KeyPair::Sr25519(Box::new(root)), nonce, &mrenclave, &shard)
 				.into_trusted_operation(trusted_cli.direct);
-		Ok(perform_trusted_operation::<TrustedCallResult>(cli, trusted_cli, &top).map(|_| CliResultOk::None)?)
+		Ok(perform_trusted_operation::<TrustedCallResult>(cli, trusted_cli, &top)
+			.map(|_| CliResultOk::None)?)
 	}
 }

tee-worker/cli/src/trusted_base_cli/commands/set_balance.rs

@@ -22,14 +22,12 @@ use crate::{
 	trusted_operation::perform_trusted_operation,
 	Cli, CliResult, CliResultOk,
 };
-use codec::Decode;
-use ita_stf::{Index, TrustedCall, TrustedOperation};
+use ita_stf::{trusted_call_result::TrustedCallResult, Index, TrustedCall, TrustedOperation};
 use itp_stf_primitives::types::KeyPair;
 use litentry_primitives::ParentchainBalance as Balance;
 use log::*;
 use sp_core::{crypto::Ss58Codec, Pair};
 use std::boxed::Box;
-use ita_stf::trusted_call_result::TrustedCallResult;
 
 #[derive(Parser)]
 pub struct SetBalanceCommand {
@@ -58,6 +56,7 @@ impl SetBalanceCommand {
 		)
 		.sign(&KeyPair::Sr25519(Box::new(signer)), nonce, &mrenclave, &shard)
 		.into_trusted_operation(trusted_args.direct);
-		Ok(perform_trusted_operation::<TrustedCallResult>(cli, trusted_args, &top).map(|_| CliResultOk::None)?)
+		Ok(perform_trusted_operation::<TrustedCallResult>(cli, trusted_args, &top)
+			.map(|_| CliResultOk::None)?)
 	}
 }

tee-worker/cli/src/trusted_base_cli/commands/transfer.rs

@@ -22,14 +22,12 @@ use crate::{
 	trusted_operation::perform_trusted_operation,
 	Cli, CliResult, CliResultOk,
 };
-use codec::Decode;
-use ita_stf::{Index, TrustedCall, TrustedOperation};
+use ita_stf::{trusted_call_result::TrustedCallResult, Index, TrustedCall, TrustedOperation};
 use itp_stf_primitives::types::KeyPair;
 use litentry_primitives::ParentchainBalance as Balance;
 use log::*;
 use sp_core::{crypto::Ss58Codec, Pair};
 use std::boxed::Box;
-use ita_stf::trusted_call_result::TrustedCallResult;
 
 #[derive(Parser)]
 pub struct TransferCommand {
@@ -63,7 +61,8 @@ impl TransferCommand {
 			TrustedCall::balance_transfer(from.public().into(), to, self.amount)
 				.sign(&KeyPair::Sr25519(Box::new(from)), nonce, &mrenclave, &shard)
 				.into_trusted_operation(trusted_args.direct);
-		let res = perform_trusted_operation::<TrustedCallResult>(cli, trusted_args, &top).map(|_| CliResultOk::None)?;
+		let res = perform_trusted_operation::<TrustedCallResult>(cli, trusted_args, &top)
+			.map(|_| CliResultOk::None)?;
 		info!("trusted call transfer executed");
 		Ok(res)
 	}

tee-worker/cli/src/trusted_base_cli/commands/unshield_funds.rs

@@ -22,14 +22,11 @@ use crate::{
 	trusted_operation::perform_trusted_operation,
 	Cli, CliResult, CliResultOk,
 };
-use codec::Decode;
-use ita_stf::{Index, TrustedCall, TrustedOperation};
+use ita_stf::{trusted_call_result::TrustedCallResult, Index, TrustedCall, TrustedOperation};
 use itp_stf_primitives::types::KeyPair;
 use litentry_primitives::ParentchainBalance as Balance;
-use log::*;
 use sp_core::{crypto::Ss58Codec, Pair};
 use std::boxed::Box;
-use ita_stf::trusted_call_result::TrustedCallResult;
 
 #[derive(Parser)]
 pub struct UnshieldFundsCommand {
@@ -63,6 +60,7 @@ impl UnshieldFundsCommand {
 			TrustedCall::balance_unshield(from.public().into(), to, self.amount, shard)
 				.sign(&KeyPair::Sr25519(Box::new(from)), nonce, &mrenclave, &shard)
 				.into_trusted_operation(trusted_args.direct);
-		Ok(perform_trusted_operation::<TrustedCallResult>(cli, trusted_args, &top).map(|_| CliResultOk::None)?)
+		Ok(perform_trusted_operation::<TrustedCallResult>(cli, trusted_args, &top)
+			.map(|_| CliResultOk::None)?)
 	}
 }

tee-worker/cli/src/trusted_command_utils.rs

@@ -50,18 +50,15 @@ macro_rules! get_layer_two_nonce {
 
 		let getter =
 			Getter::public(PublicGetter::nonce(Identity::Substrate($signer_pair.public().into())));
-		let getter_result = execute_getter_from_cli_args::<Option<Index>>($cli, $trusted_args, &getter);
+		let getter_result = execute_getter_from_cli_args::<Index>($cli, $trusted_args, &getter);
 		let nonce = match getter_result {
-			Ok(Some(nonce)) => nonce,
-			Ok(None) => Default::default(),
+			Ok(nonce) => nonce,
 			Err(_) => todo!(),
 		};
 
-		debug!("got system nonce: {:?}", nonce);
 		let pending_tx_count =
 			get_pending_trusted_calls_for($cli, $trusted_args, &$signer_pair.public().into()).len();
 		let pending_tx_count = Index::try_from(pending_tx_count).unwrap();
-		debug!("got pending tx count: {:?}", pending_tx_count);
 		nonce + pending_tx_count
 	}};
 }