Implement Message for EvidenceKind

[nick-mobilecoin]

Previously EvidenceMessage was a proxy to decode the EvidenceKind
enum. This resulted in clients needing to first attempt to decode as
EvidenceMessage and then fall back to VerificationReport. Now the
logic of decoding VerificationReport versus DcapEvidence is wrapped
in the Message implementation of EvidenceKind.

[nick-mobilecoin]

Current dependencies on/for this PR:

• master
  • PR Implement Message for EvidenceKind #3605 👈

This comment was auto-generated by Graphite.

[eranrund]

I don't think I have a super clear understanding of how this gets used.
How does this look in a .proto file or non-Rust code that wants to look at the report?

[nick-mobilecoin]

I don't think I have a super clear understanding of how this gets used. How does this look in a .proto file or non-Rust code that wants to look at the report?

Sorry, that context wasn't really provided.
This wouldn't work in a .proto file. Fortunately all places where the VerificationReport leaves a service via protobufs it's a field inside of another type so we're able to leverage oneof in those cases.

Where this proposed change comes into play, is in 2 places:

1. Sending the VerificationReport around in the kex handshake,

• mobilecoin/attest/ake/src/responder.rs

  Line 93 in f48e226

  let mut report_bytes = Vec::with_capacity(ias_report.encoded_len());

• mobilecoin/attest/ake/src/initiator.rs

  Line 163 in f48e226

  let remote_report = VerificationReport::decode(output.payload.as_slice())

• mobilecoin/attest/ake/src/initiator.rs

  Line 222 in f48e226

  let remote_report = VerificationReport::decode(output.payload.as_slice())

2. Watcher being able to retrieve previously stored VerificationReport and store new DcapEvidence unambiguosly

• mobilecoin/watcher/src/watcher_db.rs

  Line 722 in f48e226

  let value_bytes = verification_report

• mobilecoin/watcher/src/watcher_db.rs

  Line 786 in f48e226

  Some(mc_util_serial::decode(value_bytes)?)

The first use case is temporary and will only need to persist for clients to ease the transition from VerificationReport to DcapEvidence.

For watcher, I think it will need to persist indefinitely. It may be that we could migrate the entry in the database similar to what Fog Report is doing,

mobilecoin/fog/sql_recovery_db/src/lib.rs

Line 1222 in f48e226

let report_bytes =

.
Fog report didn't need special logic as it's an ephemeral entry that will be changed on service restart.

[eranrund]

I don't think I have a super clear understanding of how this gets used. How does this look in a .proto file or non-Rust code that wants to look at the report?

Sorry, that context wasn't really provided. This wouldn't work in a .proto file. Fortunately all places where the VerificationReport leaves a service via protobufs it's a field inside of another type so we're able to leverage oneof in those cases.

Where this proposed change comes into play, is in 2 places:

1. Sending the `VerificationReport` around in the kex handshake,


* https://github.com/mobilecoinfoundation/mobilecoin/blob/f48e2267a4f269097d4459ab17b874e021250171/attest/ake/src/responder.rs#L93

* https://github.com/mobilecoinfoundation/mobilecoin/blob/f48e2267a4f269097d4459ab17b874e021250171/attest/ake/src/initiator.rs#L163

* https://github.com/mobilecoinfoundation/mobilecoin/blob/f48e2267a4f269097d4459ab17b874e021250171/attest/ake/src/initiator.rs#L222


2. Watcher being able to retrieve previously stored `VerificationReport` and store new `DcapEvidence` unambiguosly


* https://github.com/mobilecoinfoundation/mobilecoin/blob/f48e2267a4f269097d4459ab17b874e021250171/watcher/src/watcher_db.rs#L722

* https://github.com/mobilecoinfoundation/mobilecoin/blob/f48e2267a4f269097d4459ab17b874e021250171/watcher/src/watcher_db.rs#L786

The first use case is temporary and will only need to persist for clients to ease the transition from VerificationReport to DcapEvidence.

For watcher, I think it will need to persist indefinitely. It may be that we could migrate the entry in the database similar to what Fog Report is doing,

mobilecoin/fog/sql_recovery_db/src/lib.rs

Line 1222 in f48e226

let report_bytes =

.
Fog report didn't need special logic as it's an ephemeral entry that will be changed on service restart.

Thanks for the detailed explanation! I like the thought of not having this kind of hack stick around forever, so I think a migration for the watcher to use a oneof field would be beneficial.