runtime: Add client node TEE freshness verification

[peternose]

Add client node TEE freshness verification

Executor and key manager TEE nodes currently use node registration (which includes the randomly generated Runtime Attestation Key and nonce) in order to establish consensus layer view freshness.

But this approach doesn’t work for client nodes. Since client nodes do not currently register, there is no way for TEE runtimes running on them to verify consensus layer freshness. There is however a need for client nodes to be able to execute signed queries and requiring an up-to-date consensus layer view is crucial for verifying quotes and policies.

To do this the runtime just needs to generate a transaction containing a nonce and that transaction must be published in a block, with the host node providing the height at which the transaction was published, its index and Merkle proof of inclusion. The runtime can then use the light client to verify the specified block header and the provided Merkle proof using the verified transaction root hash.

The newly added registry.ProveFreshness transaction that accepts a fixed-size binary blob of 32 bytes and always succeeds without doing any processing should be used for this purpose. The runtime host protocol should be extended to support this new flow, initiated by the consensus verifier in the runtime (immediately after initializing the light client in case enabled in the static runtime config), e.g. adding the HostProveFreshness{Request,Response} messages.

Note that this check can be used very early on as it doesn’t require the node to be registered.

Test

Unhappy path tested locally. Happy path already included in trust root tests.

[kostko]

Just left some quick comments.

[codecov]

Codecov Report

Merging #4922 (d80da34) into master (10925b2) will decrease coverage by 0.01%.
The diff coverage is 69.94%.

@@            Coverage Diff             @@
##           master    #4922      +/-   ##
==========================================
- Coverage   66.71%   66.70%   -0.02%     
==========================================
  Files         464      464              
  Lines       51127    51203      +76     
==========================================
+ Hits        34110    34155      +45     
- Misses      12836    12867      +31     
  Partials     4181     4181              

Impacted Files	Coverage Δ
go/consensus/api/api.go	69.23% <ø> (ø)
go/consensus/api/grpc.go	64.64% <0.00%> (-2.90%)	⬇️
go/consensus/api/transaction/transaction.go	44.85% <ø> (ø)
go/consensus/tendermint/full/common.go	66.10% <0.00%> (-1.29%)	⬇️
go/consensus/tendermint/seed/seed.go	64.70% <0.00%> (-0.65%)	⬇️
go/runtime/host/protocol/types.go	54.54% <ø> (ø)
go/runtime/registry/host.go	68.57% <75.32%> (+0.15%)	⬆️
go/consensus/tendermint/full/full.go	65.43% <75.75%> (+0.39%)	⬆️
go/consensus/api/submission.go	68.42% <83.33%> (+7.55%)	⬆️
go/runtime/host/sandbox/sandbox.go	70.00% <83.33%> (-7.82%)	⬇️
... and 36 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[kostko]

Looks good (pending on #4904), some minor comments.

[kostko]

Is there a need now for SignAndSubmitTx to also return the transaction or is having this only in SignAndSubmitTxWithProof enough (this would reduce the amount of changes required)?

[peternose]

No, currently there is no need. I just wanted to be consistent with SignAndSubmitTxWithProof. It is actually interesting that we never need the signed transaction, neither the height at which it was published.
I can remove it if you like.

[kostko]

I would remove it.

[peternose]

Removed and rebased.

[kostko]

Rebase on master now that #4904 is merged.

[kostko]

Given that this is checked above in which case there is an early return this could easily be changed to an unreachable! (with a comment that this is handled above) to make this explicit.

[peternose]

Agree, unreachable is better. However, I didn't want to remove this as I wanted to be consistent with GO version.

[kostko]

Could this be changed to &[Hash] to avoid conversions to vec?

[peternose]

Yes, much better.