Receipts

CMakeLists.txt

@@ -299,6 +299,12 @@ if(BUILD_TESTS)
           --app-script ${CMAKE_CURRENT_SOURCE_DIR}/samples/apps/txregulator/app/txregulator.lua
           --datafile ${CMAKE_CURRENT_SOURCE_DIR}/samples/apps/txregulator/dataset/sample_data.csv)
 
+      ## Receipts end to end test
+      add_e2e_test(
+        NAME receipts_test
+        PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/receipts.py
+      )
+
       if(QUOTES_ENABLED)
         add_e2e_test(
           NAME governance_tests

src/kv/kvtypes.h

@@ -106,6 +106,8 @@ namespace kv
     virtual void clear_on_result() = 0;
     virtual void clear_on_response() = 0;
     virtual crypto::Sha256Hash get_root() = 0;
+    virtual std::vector<uint8_t> get_receipt(Version v) = 0;
+    virtual bool verify_receipt(const std::vector<uint8_t>& receipt) = 0;
   };
 
   class Consensus

src/node/history.h

@@ -174,6 +174,16 @@ namespace ccf
     {
       return crypto::Sha256Hash();
     }
+
+    std::vector<uint8_t> get_receipt(kv::Version v) override
+    {
+      return {};
+    }
+
+    bool verify_receipt(const std::vector<uint8_t>& v) override
+    {
+      return true;
+    }
   };
 
   class MerkleTreeHistory
@@ -232,6 +242,76 @@ namespace ccf
         throw std::logic_error("Precondition to mt_retract_to violated");
       mt_retract_to(tree, index);
     }
+
+    std::
+      tuple<std::unique_ptr<hash_vec>, crypto::Sha256Hash, uint64_t, uint32_t>
+      get_path(uint64_t index)
+    {
+      crypto::Sha256Hash res;
+      auto path = std::unique_ptr<hash_vec>(init_path());
+
+      if (!mt_get_path_pre(tree, index, path.get(), res.h))
+        throw std::logic_error("Precondition to mt_get_path violated");
+
+      auto nbelem = mt_get_path(tree, index, path.get(), res.h);
+
+      return {std::move(path), get_root(), index, nbelem};
+    }
+
+    std::vector<uint8_t> get_pathv(uint64_t index)
+    {
+      auto path = get_path(index);
+
+      nlohmann::json j;
+      j["index"] = std::get<2>(path);
+      j["max_index"] = std::get<3>(path);
+      auto r = std::get<1>(path);
+      j["root"] = std::vector<uint8_t>(r.h, r.h + r.SIZE);
+
+      std::vector<uint8_t> p;
+      for (size_t i = 0; i < std::get<0>(path)->sz; ++i)
+        p.insert(
+          p.end(),
+          *(std::get<0>(path)->vs + i),
+          *(std::get<0>(path)->vs + i) + r.SIZE);
+
+      j["path"] = p;
+
+      auto d = j.dump();
+      return std::vector<uint8_t>(d.begin(), d.end());
+    }
+
+    bool verify(const std::tuple<
+                std::unique_ptr<hash_vec>,
+                crypto::Sha256Hash,
+                uint64_t,
+                uint32_t>& path)
+    {
+      auto index = std::get<2>(path);
+      auto max_index = std::get<3>(path);
+      uint8_t* root = const_cast<uint8_t*>(std::get<1>(path).h);
+
+      if (!mt_verify_pre(tree, index, max_index, std::get<0>(path).get(), root))
+        throw std::logic_error("Precondition to mt_verify violated");
+
+      return mt_verify(tree, index, max_index, std::get<0>(path).get(), root);
+    }
+
+    bool verifyv(const std::vector<uint8_t>& v)
+    {
+      auto j = nlohmann::json::parse(v);
+      std::vector<uint8_t> path = j["path"];
+      auto p = std::unique_ptr<hash_vec>(init_path());
+      for (size_t i = 0; i < path.size(); i += 32)
+        path_insert(p.get(), &path[i]);
+
+      std::vector<uint8_t> r = j["root"];
+      crypto::Sha256Hash root;
+      std::copy(r.begin(), r.end(), root.h);
+      uint64_t index = j["index"];
+      uint32_t max_index = j["max_index"];
+      return verify({std::move(p), root, index, max_index});
+    }
   };
 
   template <class T>
@@ -432,6 +512,16 @@ namespace ccf
       LOG_DEBUG << fmt::format("HISTORY: add_response {0}", id) << std::endl;
       responses[id] = response;
     }
+
+    std::vector<uint8_t> get_receipt(kv::Version index) override
+    {
+      return tree.get_pathv(index);
+    }
+
+    bool verify_receipt(const std::vector<uint8_t>& v) override
+    {
+      return tree.verifyv(v);
+    }
   };
 
   using MerkleTxHistory = HashedTxHistory<MerkleTreeHistory>;

src/node/rpc/calltypes.h

@@ -89,4 +89,30 @@ namespace ccf
       ds::json::JsonSchema result_schema = {};
     };
   };
+
+  struct GetReceipt
+  {
+    struct In
+    {
+      int64_t commit = 0;
+    };
+
+    struct Out
+    {
+      std::vector<std::uint8_t> receipt = {};
+    };
+  };
+
+  struct VerifyReceipt
+  {
+    struct In
+    {
+      std::vector<std::uint8_t> receipt = {};
+    };
+
+    struct Out
+    {
+      bool valid = false;
+    };
+  };
 }

src/node/rpc/consts.h

@@ -23,6 +23,8 @@ namespace ccf
     static constexpr auto GET_NETWORK_INFO = "getNetworkInfo";
     static constexpr auto LIST_METHODS = "listMethods";
     static constexpr auto GET_SCHEMA = "getSchema";
+    static constexpr auto GET_RECEIPT = "getReceipt";
+    static constexpr auto VERIFY_RECEIPT = "verifyReceipt";
   };
 
   struct MemberProcs

src/node/rpc/frontend.h

@@ -446,6 +446,61 @@ namespace ccf
         return jsonrpc::success(out);
       };
 
+      auto get_receipt = [this](Store::Tx& tx, const nlohmann::json& params) {
+        const auto in = params.get<GetReceipt::In>();
+
+        update_history();
+
+        if (history != nullptr)
+        {
+          try
+          {
+            auto p = history->get_receipt(in.commit);
+            const GetReceipt::Out out{p};
+
+            return jsonrpc::success(out);
+          }
+          catch (const std::exception& e)
+          {
+            return jsonrpc::error(
+              jsonrpc::StandardErrorCodes::INTERNAL_ERROR,
+              fmt::format("Unable to produce receipt: {}", e.what()));
+          }
+        }
+
+        return jsonrpc::error(
+          jsonrpc::StandardErrorCodes::INTERNAL_ERROR,
+          "Unable to produce receipt");
+      };
+
+      auto verify_receipt =
+        [this](Store::Tx& tx, const nlohmann::json& params) {
+          const auto in = params.get<VerifyReceipt::In>();
+
+          update_history();
+
+          if (history != nullptr)
+          {
+            try
+            {
+              bool v = history->verify_receipt(in.receipt);
+              const VerifyReceipt::Out out{v};
+
+              return jsonrpc::success(out);
+            }
+            catch (const std::exception& e)
+            {
+              return jsonrpc::error(
+                jsonrpc::StandardErrorCodes::INTERNAL_ERROR,
+                fmt::format("Unable to verify receipt: {}", e.what()));
+            }
+          }
+
+          return jsonrpc::error(
+            jsonrpc::StandardErrorCodes::INTERNAL_ERROR,
+            "Unable to produce receipt");
+        };
+
       install_with_auto_schema<GetCommit>(
         GeneralProcs::GET_COMMIT, get_commit, Read);
       install_with_auto_schema<void, GetMetrics::Out>(
@@ -460,6 +515,10 @@ namespace ccf
         GeneralProcs::LIST_METHODS, list_methods, Read);
       install_with_auto_schema<GetSchema>(
         GeneralProcs::GET_SCHEMA, get_schema, Read);
+      install_with_auto_schema<GetReceipt>(
+        GeneralProcs::GET_RECEIPT, get_receipt, Read);
+      install_with_auto_schema<VerifyReceipt>(
+        GeneralProcs::VERIFY_RECEIPT, verify_receipt, Read);
     }
 
     void set_sig_intervals(size_t sig_max_tx_, size_t sig_max_ms_) override

src/node/rpc/serialization.h

@@ -74,4 +74,14 @@ namespace ccf
   DECLARE_JSON_REQUIRED_FIELDS(GetSchema::In, method)
   DECLARE_JSON_TYPE(GetSchema::Out)
   DECLARE_JSON_REQUIRED_FIELDS(GetSchema::Out, params_schema, result_schema)
-}
+
+  DECLARE_JSON_TYPE(GetReceipt::In)
+  DECLARE_JSON_REQUIRED_FIELDS(GetReceipt::In, commit)
+  DECLARE_JSON_TYPE(GetReceipt::Out)
+  DECLARE_JSON_REQUIRED_FIELDS(GetReceipt::Out, receipt)
+
+  DECLARE_JSON_TYPE(VerifyReceipt::In)
+  DECLARE_JSON_REQUIRED_FIELDS(VerifyReceipt::In, receipt)
+  DECLARE_JSON_TYPE(VerifyReceipt::Out)
+  DECLARE_JSON_REQUIRED_FIELDS(VerifyReceipt::Out, valid)
+}

src/node/test/merkle_bench.cpp

@@ -88,12 +88,80 @@ static void append_flush(picobench::state& s)
   s.stop_timer();
 }
 
-const std::vector<int> sizes = {10000, 100000};
+static void append_get_path_verify(picobench::state& s)
+{
+  ccf::MerkleTreeHistory t;
+  vector<crypto::Sha256Hash> hashes;
+  std::random_device r;
+
+  for (size_t i = 0; i < s.iterations(); ++i)
+  {
+    crypto::Sha256Hash h;
+    for (size_t j = 0; j < crypto::Sha256Hash::SIZE; j++)
+      h.h[j] = r();
+
+    hashes.emplace_back(h);
+  }
+
+  size_t index = 0;
+  s.start_timer();
+  for (auto _ : s)
+  {
+    (void)_;
+    t.append(hashes[index++]);
+
+    auto p = t.get_path(index);
+    if (!t.verify(p))
+      throw std::runtime_error("Bad path");
+
+    // do_not_optimize();
+    clobber_memory();
+  }
+  s.stop_timer();
+}
+
+static void append_get_pathv_verifyv(picobench::state& s)
+{
+  ccf::MerkleTreeHistory t;
+  vector<crypto::Sha256Hash> hashes;
+  std::random_device r;
+
+  for (size_t i = 0; i < s.iterations(); ++i)
+  {
+    crypto::Sha256Hash h;
+    for (size_t j = 0; j < crypto::Sha256Hash::SIZE; j++)
+      h.h[j] = r();
+
+    hashes.emplace_back(h);
+  }
+
+  size_t index = 0;
+  s.start_timer();
+  for (auto _ : s)
+  {
+    (void)_;
+    t.append(hashes[index++]);
+
+    auto p = t.get_pathv(index);
+    if (!t.verifyv(p))
+      throw std::runtime_error("Bad path");
+
+    // do_not_optimize();
+    clobber_memory();
+  }
+  s.stop_timer();
+}
+
+const std::vector<int> sizes = {1000, 10000};
 
 PICOBENCH_SUITE("append_retract");
 PICOBENCH(append_retract).iterations(sizes).samples(10).baseline();
 PICOBENCH_SUITE("append_flush");
 PICOBENCH(append_flush).iterations(sizes).samples(10).baseline();
+PICOBENCH_SUITE("append_get_path_verify");
+PICOBENCH(append_get_path_verify).iterations(sizes).samples(10).baseline();
+PICOBENCH_SUITE("append_get_pathv_verifyv");
+PICOBENCH(append_get_pathv_verifyv).iterations(sizes).samples(10).baseline();
 
 // We need an explicit main to initialize kremlib and EverCrypt
 int main(int argc, char* argv[])