crypto-com / tmkms-light Goto Github PK
View Code? Open in Web Editor NEWThis project forked from tomtau/tmkms-light
TEE-based Key Management System for Tendermint validators.
Home Page: https://github.com/tendermint/tendermint/
License: Other
This project forked from tomtau/tmkms-light
TEE-based Key Management System for Tendermint validators.
Home Page: https://github.com/tendermint/tendermint/
License: Other
The Nitro helper uses a custom client for obtaining AWS credentials for KMS: https://github.com/crypto-com/tmkms-light/blob/main/providers/nitro/nitro-helper/src/key_utils.rs#L10
The mentioned issue is resolved and IMDS is supported in the official SDK: https://docs.rs/aws-config/0.9.0/aws_config/imds/index.html so it should be possible to use it.
Compiling tmkms-nitro-helper v0.2.0 (/home/runner/work/tmkms-light/tmkms-light/providers/nitro/nitro-helper)
398
error[E0599]: no method named `get_processes` found for struct `sysinfo::System` in the current scope
399
--> providers/nitro/nitro-helper/src/command.rs:110:12
400
|
401
110 | system.get_processes().iter().any(|(_pid, p)| {
402
| ^^^^^^^^^^^^^ method not found in `sysinfo::System`
403
404
error: unused import: `ProcessExt`
405
--> providers/nitro/nitro-helper/src/command.rs:6:15
406
|
407
6 | use sysinfo::{ProcessExt, SystemExt};
408
| ^^^^^^^^^^
409
|
410
= note: `-D unused-imports` implied by `-D warnings`
411
412
error: aborting due to 2 previous errors
Compiling tmkms-nitro-helper v0.1.0 (/home/runner/work/tmkms-light/tmkms-light/providers/nitro/nitro-helper)
431
error[E0308]: mismatched types
432
--> providers/nitro/nitro-helper/src/command.rs:141:54
433
|
434
141 | let mut socket = vsock::VsockStream::connect(&addr).map_err(|e| {
435
| ^^^^^ expected enum `vsock::SockAddr`, found enum `nix::sys::socket::SockAddr`
436
|
437
= note: expected reference `&vsock::SockAddr`
438
found reference `&nix::sys::socket::SockAddr`
439
= note: perhaps two different versions of crate `nix` are being used?
440
441
error[E0308]: mismatched types
442
--> providers/nitro/nitro-helper/src/proxy.rs:34:44
443
|
444
34 | let listener = VsockListener::bind(&sockaddr)
445
| ^^^^^^^^^ expected enum `vsock::SockAddr`, found enum `nix::sys::socket::SockAddr`
446
|
447
= note: expected reference `&vsock::SockAddr`
448
found reference `&nix::sys::socket::SockAddr`
449
= note: perhaps two different versions of crate `nix` are being used?
450
451
error[E0308]: mismatched types
452
--> providers/nitro/nitro-helper/src/state.rs:57:50
453
|
454
57 | let vsock_listener = VsockListener::bind(&sockaddr).map_err(|e| {
455
| ^^^^^^^^^ expected enum `vsock::SockAddr`, found enum `nix::sys::socket::SockAddr`
456
|
457
= note: expected reference `&vsock::SockAddr`
458
found reference `&nix::sys::socket::SockAddr`
459
= note: perhaps two different versions of crate `nix` are being used?
460
https://github.com/crypto-com/tmkms-light/pull/12/checks?check_run_id=2119561886#step:5:431
currently, CID is configured in tmkms.toml, but every time the enclave is launched, CID changes... it may be better to allow "auto" configuration -- e.g. trying to call similarly to https://github.com/aws/aws-nitro-enclaves-cli/blob/main/src/enclave_proc/commands.rs#L108 and if there's only one enclave, just pick its CID otherwise report an error?
Or perhaps at least allow passing CID as a command line argument (requested by @allthatjazzleo )
On Nitro Enclave, one doesn't have a console output in the production mode.
with tracing crate, one can potentially create a custom subscriber that will redirect the logs to a designated vsock port that the helper on the host will listen on and redirect to a console or a file
Compiling tmkms-light v0.1.0 (/home/runner/work/tmkms-light/tmkms-light)
280
error[E0599]: no function or associated item named `decode_length_delimited` found for struct `tendermint_proto::privval::Message` in the current scope
281
--> src/rpc.rs:41:32
282
|
283
41 | let msg = PrivMessage::decode_length_delimited(msg.as_ref())
284
| ^^^^^^^^^^^^^^^^^^^^^^^ function or associated item not found in `tendermint_proto::privval::Message`
285
|
286
= help: items from traits can only be used if the trait is in scope
287
= note: the following trait is implemented but not in scope; perhaps add a `use` for it:
288
`use prost::message::Message;`
289
290
error[E0599]: no method named `encode_length_delimited` found for struct `tendermint_proto::privval::Message` in the current scope
291
--> src/rpc.rs:191:14
292
|
293
191 | .encode_length_delimited(&mut buf)
294
| ^^^^^^^^^^^^^^^^^^^^^^^ method not found in `tendermint_proto::privval::Message`
295
|
296
::: /home/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/prost-0.6.1/src/message.rs:64:8
297
|
298
64 | fn encode_length_delimited<B>(&self, buf: &mut B) -> Result<(), EncodeError>
299
| ----------------------- the method is available for `Box<tendermint_proto::privval::Message>` here
300
|
301
= help: items from traits can only be used if the trait is in scope
302
= note: the following trait is implemented but not in scope; perhaps add a `use` for it:
303
`use prost::message::Message;`
304
305
error: unused import: `prost::Message`
306
--> src/rpc.rs:7:5
307
|
308
7 | use prost::Message as _;
309
| ^^^^^^^^^^^^^^
310
|
311
= note: `-D unused-imports` implied by `-D warnings`
312
https://github.com/crypto-com/tmkms-light/pull/7/checks?check_run_id=2119555563#step:5:279
error[E0599]: no function or associated item named `decode_length_delimited` found for struct `tendermint_proto::privval::Message` in the current scope
523
--> src/rpc.rs:41:32
524
|
525
41 | let msg = PrivMessage::decode_length_delimited(msg.as_ref())
526
| ^^^^^^^^^^^^^^^^^^^^^^^ function or associated item not found in `tendermint_proto::privval::Message`
527
|
528
= help: items from traits can only be used if the trait is in scope
529
= note: the following trait is implemented but not in scope; perhaps add a `use` for it:
530
`use prost::message::Message;`
531
532
error[E0599]: no method named `encode_length_delimited` found for struct `tendermint_proto::privval::Message` in the current scope
533
--> src/rpc.rs:191:14
534
|
535
191 | .encode_length_delimited(&mut buf)
536
| ^^^^^^^^^^^^^^^^^^^^^^^ method not found in `tendermint_proto::privval::Message`
537
|
538
::: /home/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/prost-0.7.0/src/message.rs:65:8
539
|
540
65 | fn encode_length_delimited<B>(&self, buf: &mut B) -> Result<(), EncodeError>
541
| ----------------------- the method is available for `tendermint_proto::privval::Message` here
542
|
543
= help: items from traits can only be used if the trait is in scope
544
= note: the following trait is implemented but not in scope; perhaps add a `use` for it:
545
`use prost::message::Message;`
546
547
error: unused import: `prost::Message`
548
--> src/rpc.rs:7:5
549
|
550
7 | use prost::Message as _;
551
| ^^^^^^^^^^^^^^
552
|
553
= note: `-D unused-imports` implied by `-D warnings`
554
555
error: aborting due to 3 previous errors
it may be more convenient to have a "launch-all" command that would need the EIF file path and do the required steps (run-enclave
+ if not running, perhaps vsock_proxy
)...
This may perhaps be better done when https://github.com/aws/aws-nitro-enclaves-cli is exposed as a library / crate, so the functionality can be directly called (instead of indirectly invoking it via a shell command)
https://github.com/crypto-com/tmkms-light/pull/140/checks?check_run_id=3224899855#step:4:385
error[E0412]: cannot find type `RSAPublicKey` in crate `rsa`
386
--> providers/sgx/sgx-runner/src/shared.rs:227:28
387
|
388
227 | wrap_pub_key: rsa::RSAPublicKey,
389
| ^^^^^^^^^^^^ help: a struct with a similar name exists: `RsaPublicKey`
390
|
391
::: /home/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/rsa-0.5.0/src/key.rs:48:1
392
|
393
48 | pub struct RsaPublicKey {
394
| ----------------------- similarly named struct `RsaPublicKey` defined here
395
396
error[E0412]: cannot find type `RSAPublicKey` in crate `rsa`
397
--> providers/sgx/sgx-runner/src/shared.rs:243:38
398
|
399
243 | pub fn get_claim(wrap_pub_key: &rsa::RSAPublicKey) -> String {
400
| ^^^^^^^^^^^^ help: a struct with a similar name exists: `RsaPublicKey`
401
|
402
::: /home/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/rsa-0.5.0/src/key.rs:48:1
403
|
404
48 | pub struct RsaPublicKey {
405
| ----------------------- similarly named struct `RsaPublicKey` defined here
406
407
error: unused import: `rsa::PublicKeyParts`
408
--> providers/sgx/sgx-runner/src/shared.rs:1:5
409
|
410
1 | use rsa::PublicKeyParts;
411
| ^^^^^^^^^^^^^^^^^^^
412
|
413
= note: `-D unused-imports` implied by `-D warnings`
414
@borischeuk-crypto came across an issue where priv_validator_state.json
was empty and the nitro helper would crash with:
failed to get a state syncing helper: Error(Context { kind: SyncError, source: Some(Message("error parsing .../.tmkms/state/priv_validator_state.json: EOF while parsing a value at line 1 column 0")), backtrace: Some( 0: tmkms_nitro_helper::command::start
There are probably a few ways how this can be improved:
priv_validator_state.json
... e.g. with DynamoDB instead of a local fileOption key_backup_data_path
in command::init
refer to directory where consensus-key.backup will be created
while
Option key_backup_data_path
in command::recover
refer to the file path of consensus-key.backup
It could be confusing.
key_backup_data_path
in command::recover
should refer to directory as well?
error: 3 denied warnings found!
Crate: cpuid-bool
Version: 0.1.2
Warning: unmaintained
Title: `cpuid-bool` has been renamed to `cpufeatures`
Date: 2021-05-06
ID: RUSTSEC-2021-0064
URL: https://rustsec.org/advisories/RUSTSEC-2021-0064
Dependency tree:
cpuid-bool 0.1.2
Crate: cpuid-bool
Version: 0.2.0
Warning: unmaintained
Title: `cpuid-bool` has been renamed to `cpufeatures`
Date: 2021-05-06
ID: RUSTSEC-2021-0064
URL: https://rustsec.org/advisories/RUSTSEC-2021-0064
Dependency tree:
cpuid-bool 0.2.0
Crate: aead
Version: 0.4.0
Warning: yanked
Dependency tree:
aead 0.4.0
one can use the official AWS SDK: https://github.com/awslabs/aws-sdk-rust
Crate: crypto-bigint
14
Version: 0.2.8
15
Warning: yanked
16
Dependency tree:
17
crypto-bigint 0.2.8
18
└── der 0.4.0
19
├── spki 0.4.0
20
│ └── pkcs8 0.7.5
21
│ └── rsa 0.5.0
22
│ ├── tmkms-light-sgx-runner 0.2.0
23
│ │ └── tmkms-light-sgx-app 0.2.0
24
│ └── tmkms-light-sgx-app 0.2.0
25
├── pkcs8 0.7.5
26
└── pkcs1 0.2.3
27
├── rsa 0.5.0
28
Compiling tmkms-light-sgx-app v0.3.0 (/home/runner/work/tmkms-light/tmkms-light/providers/sgx/sgx-app)
388
error[E0277]: the trait bound `CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>>>: digest::Update` is not satisfied
389
--> providers/sgx/sgx-app/src/sgx_app/cloud.rs:78:13
390
|
391
78 | PaddingScheme::new_oaep::<sha2::Sha256>(),
392
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ the trait `digest::Update` is not implemented for `CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>>>`
393
|
394
= note: required because of the requirements on the impl of `ed25519_dalek::Digest` for `CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>>>`
395
note: required by a bound in `PaddingScheme::new_oaep`
396
--> /home/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/rsa-0.5.0/src/padding.rs:111:34
397
|
398
111 | pub fn new_oaep<T: 'static + Digest + DynDigest>() -> Self {
399
| ^^^^^^ required by this bound in `PaddingScheme::new_oaep`
400
401
error[E0277]: the trait bound `CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>>>: digest::Reset` is not satisfied
402
--> providers/sgx/sgx-app/src/sgx_app/cloud.rs:78:13
403
|
404
78 | PaddingScheme::new_oaep::<sha2::Sha256>(),
405
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ the trait `digest::Reset` is not implemented for `CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>>>`
406
|
407
= note: required because of the requirements on the impl of `ed25519_dalek::Digest` for `CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>>>`
408
note: required by a bound in `PaddingScheme::new_oaep`
409
--> /home/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/rsa-0.5.0/src/padding.rs:111:34
410
|
411
111 | pub fn new_oaep<T: 'static + Digest + DynDigest>() -> Self {
412
| ^^^^^^ required by this bound in `PaddingScheme::new_oaep`
413
414
error[E0277]: the trait bound `CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>>>: digest::fixed::FixedOutputDirty` is not satisfied
415
--> providers/sgx/sgx-app/src/sgx_app/cloud.rs:78:13
416
|
417
78 | PaddingScheme::new_oaep::<sha2::Sha256>(),
418
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ the trait `digest::fixed::FixedOutputDirty` is not implemented for `CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>>>`
419
|
420
= note: required because of the requirements on the impl of `digest::fixed::FixedOutput` for `CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>>>`
421
= note: required because of the requirements on the impl of `ed25519_dalek::Digest` for `CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<aes_gcm_siv::aead::generic_array::typenum::UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>>>`
422
note: required by a bound in `PaddingScheme::new_oaep`
423
--> /home/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/rsa-0.5.0/src/padding.rs:111:34
424
|
425
111 | pub fn new_oaep<T: 'static + Digest + DynDigest>() -> Self {
426
| ^^^^^^ required by this bound in `PaddingScheme::new_oaep`
https://github.com/crypto-com/tmkms-light/runs/4512066100?check_suite_focus=true#step:4:387
Compiling tmkms-light v0.1.0 (/home/runner/work/tmkms-light/tmkms-light)
286
error[E0277]: the trait bound `tendermint::vote::SignVoteRequest: From<tendermint_proto::privval::SignVoteRequest>` is not satisfied
287
--> src/rpc.rs:47:27
288
|
289
47 | let svr = SignVoteRequest::try_from(req).map_err(|e| {
290
| ^^^^^^^^^^^^^^^^^^^^^^^^^ the trait `From<tendermint_proto::privval::SignVoteRequest>` is not implemented for `tendermint::vote::SignVoteRequest`
291
|
292
= note: required because of the requirements on the impl of `Into<tendermint::vote::SignVoteRequest>` for `tendermint_proto::privval::SignVoteRequest`
293
= note: required because of the requirements on the impl of `TryFrom<tendermint_proto::privval::SignVoteRequest>` for `tendermint::vote::SignVoteRequest`
294
= note: required by `try_from`
295
296
error[E0277]: the trait bound `tendermint::proposal::SignProposalRequest: From<tendermint_proto::privval::SignProposalRequest>` is not satisfied
297
--> src/rpc.rs:57:27
298
|
299
57 | let spr = SignProposalRequest::try_from(spr).map_err(|e| {
300
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ the trait `From<tendermint_proto::privval::SignProposalRequest>` is not implemented for `tendermint::proposal::SignProposalRequest`
301
|
302
= note: required because of the requirements on the impl of `Into<tendermint::proposal::SignProposalRequest>` for `tendermint_proto::privval::SignProposalRequest`
303
= note: required because of the requirements on the impl of `TryFrom<tendermint_proto::privval::SignProposalRequest>` for `tendermint::proposal::SignProposalRequest`
304
= note: required by `try_from`
305
306
error[E0277]: the trait bound `tendermint::public_key::PubKeyRequest: From<tendermint_proto::privval::PubKeyRequest>` is not satisfied
307
--> src/rpc.rs:67:27
308
|
309
67 | let pkr = PubKeyRequest::try_from(pkr).map_err(|e| {
310
| ^^^^^^^^^^^^^^^^^^^^^^^ the trait `From<tendermint_proto::privval::PubKeyRequest>` is not implemented for `tendermint::public_key::PubKeyRequest`
311
|
312
= note: required because of the requirements on the impl of `Into<tendermint::public_key::PubKeyRequest>` for `tendermint_proto::privval::PubKeyRequest`
313
= note: required because of the requirements on the impl of `TryFrom<tendermint_proto::privval::PubKeyRequest>` for `tendermint::public_key::PubKeyRequest`
314
= note: required by `try_from`
315
316
error[E0277]: the trait bound `tendermint_proto::privval::SignedVoteResponse: From<tendermint::vote::SignedVoteResponse>` is not satisfied
317
--> src/rpc.rs:162:67
318
|
319
162 | Response::SignedVote(resp) => Sum::SignedVoteResponse(resp.into()),
320
| ^^^^^^^^^^^ the trait `From<tendermint::vote::SignedVoteResponse>` is not implemented for `tendermint_proto::privval::SignedVoteResponse`
321
|
322
= help: the following implementations were found:
323
<tendermint_proto::privval::SignedVoteResponse as From<tendermint::vote::sign_vote::SignedVoteResponse>>
324
= note: required because of the requirements on the impl of `Into<tendermint_proto::privval::SignedVoteResponse>` for `tendermint::vote::SignedVoteResponse`
325
326
error[E0277]: the trait bound `tendermint_proto::privval::SignedProposalResponse: From<tendermint::proposal::SignedProposalResponse>` is not satisfied
327
--> src/rpc.rs:163:75
328
|
329
163 | Response::SignedProposal(resp) => Sum::SignedProposalResponse(resp.into()),
330
| ^^^^^^^^^^^ the trait `From<tendermint::proposal::SignedProposalResponse>` is not implemented for `tendermint_proto::privval::SignedProposalResponse`
331
|
332
= help: the following implementations were found:
333
<tendermint_proto::privval::SignedProposalResponse as From<tendermint::proposal::sign_proposal::SignedProposalResponse>>
334
= note: required because of the requirements on the impl of `Into<tendermint_proto::privval::SignedProposalResponse>` for `tendermint::proposal::SignedProposalResponse`
335
336
error: aborting due to 5 previous errors
337
338
For more information about this error, try `rustc --explain E0277`.
https://github.com/crypto-com/tmkms-light/pull/14/checks?check_run_id=2119673471#step:5:330
Compiling tmkms-nitro-helper v0.1.0 (/home/runner/work/tmkms-light/tmkms-light/providers/nitro/nitro-helper)
429
error[E0277]: the trait bound `OsRng: rand_core::CryptoRng` is not satisfied
430
--> providers/nitro/nitro-helper/src/key_utils.rs:19:46
431
|
432
19 | let keypair: Keypair = Keypair::generate(&mut csprng);
433
| ^^^^^^^^^^^ the trait `rand_core::CryptoRng` is not implemented for `OsRng`
434
|
435
::: /home/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/ed25519-dalek-1.0.1/src/keypair.rs:129:12
436
|
437
129 | R: CryptoRng + RngCore,
438
| --------- required by this bound in `Keypair::generate`
439
440
error[E0277]: the trait bound `OsRng: rand_core::RngCore` is not satisfied
441
--> providers/nitro/nitro-helper/src/key_utils.rs:19:46
442
|
443
19 | let keypair: Keypair = Keypair::generate(&mut csprng);
444
| ^^^^^^^^^^^ the trait `rand_core::RngCore` is not implemented for `OsRng`
445
|
446
::: /home/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/ed25519-dalek-1.0.1/src/keypair.rs:129:24
447
|
448
129 | R: CryptoRng + RngCore,
449
| ------- required by this bound in `Keypair::generate`
450
451
error: aborting due to 2 previous errors
https://github.com/crypto-com/tmkms-light/pull/17/checks?check_run_id=2119555530#step:5:442
use IMDSv2
Compiling tmkms-nitro-helper v0.2.0 (/home/runner/work/tmkms-light/tmkms-light/providers/nitro/nitro-helper)
392
error[E0407]: method `new_span` is not a member of trait `tracing_subscriber::Layer`
393
--> providers/nitro/nitro-helper/src/tracing_layer.rs:52:5
394
|
395
52 | / fn new_span(&self, attrs: &Attributes, id: &Id, ctx: Context<S>) {
396
53 | | let span = ctx.span(id).expect("unknown span");
397
54 | | let mut buf = Vec::with_capacity(256);
398
55 | |
399
... |
400
68 | | span.extensions_mut().insert(SpanFields(buf));
401
69 | | }
402
| |_____^ not a member of trait `tracing_subscriber::Layer`
403
currently, one needs a symmetric key in plaintext on the machine temporarily
due to deprecated functions https://github.com/crypto-com/tmkms-light/pull/111/checks?check_run_id=2936133752#step:5:393
Compiling tmkms-nitro-helper v0.2.0 (/home/runner/work/tmkms-light/tmkms-light/providers/nitro/nitro-helper)
394
error: use of deprecated associated function `tracing_subscriber::registry::SpanRef::<'a, R>::parents`: equivalent to `self.parent().into_iter().flat_map(SpanRef::scope)`, but consider whether excluding `self` is actually intended
395
--> providers/nitro/nitro-helper/src/tracing_layer.rs:56:26
396
|
397
56 | let depth = span.parents().count();
398
| ^^^^^^^
399
|
400
= note: `-D deprecated` implied by `-D warnings`
401
402
error: use of deprecated associated function `tracing_subscriber::registry::SpanRef::<'a, R>::parents`: equivalent to `self.parent().into_iter().flat_map(SpanRef::scope)`, but consider whether excluding `self` is actually intended
403
--> providers/nitro/nitro-helper/src/tracing_layer.rs:73:26
404
|
405
73 | let depth = span.parents().count();
406
| ^^^^^^^
407
408
error: use of deprecated associated function `tracing_subscriber::layer::Context::<'a, S>::scope`: equivalent to `self.current_span().id().and_then(|id| self.span_scope(id).from_root())` but consider passing an explicit ID instead of relying on the contextual span
409
--> providers/nitro/nitro-helper/src/tracing_layer.rs:87:25
410
|
411
87 | for span in ctx.scope() {
412
| ^^^^^
413
414
error: aborting due to 3 previous errors
415
416
error: could not compile `tmkms-nitro-helper`
417
418
To learn more, run the command again with --verbose.
419
warning: build failed, waiting for other jobs to finish...
420
error: build failed
421
Error: Process completed with exit code 101.
error[E0277]: the trait bound `tendermint_proto::privval::SignedProposalResponse: From<tendermint::proposal::SignedProposalResponse>` is not satisfied
346
--> src/rpc.rs:163:75
347
|
348
163 | Response::SignedProposal(resp) => Sum::SignedProposalResponse(resp.into()),
349
| ^^^^^^^^^^^ the trait `From<tendermint::proposal::SignedProposalResponse>` is not implemented for `tendermint_proto::privval::SignedProposalResponse`
350
|
351
= help: the following implementations were found:
352
<tendermint_proto::privval::SignedProposalResponse as From<tendermint::proposal::sign_proposal::SignedProposalResponse>>
353
= note: required because of the requirements on the impl of `Into<tendermint_proto::privval::SignedProposalResponse>` for `tendermint::proposal::SignedProposalResponse`
https://github.com/crypto-com/tmkms-light/pull/131/checks?check_run_id=3165853429#step:5:345
#30 1.787 Downloaded zeroize v1.4.0
1850
#30 1.811 error: failed to parse manifest at `/root/.cargo/registry/src/github.com-1ecc6299db9ec823/zeroize-1.4.0/Cargo.toml`
1851
#30 1.811
1852
#30 1.811 Caused by:
1853
#30 1.811 feature `resolver` is required
1854
#30 1.811
1855
#30 1.811 this Cargo does not support nightly features, but if you
1856
#30 1.812 switch to nightly channel you can add
1857
#30 1.812 `cargo-features = ["resolver"]` to enable this feature
1858
#30 ERROR: executor failed running [/bin/sh -c cargo build --target=x86_64-unknown-linux-musl --package tmkms-nitro-enclave --release && cp target/x86_64-unknown-linux-musl/release/tmkms-nitro-enclave /usr/bin/tmkms-nitro-enclave]: exit code: 101
1859
------
1860
> [builder 3/8] RUN cargo build --target=x86_64-unknown-linux-musl --package tmkms-nitro-enclave --release && cp target/x86_64-unknown-linux-musl/release/tmkms-nitro-enclave /usr/bin/tmkms-nitro-enclave:
1861
------
1862
error: failed to solve: rpc error: code = Unknown desc = executor failed running [/bin/sh -c cargo build --target=x86_64-unknown-linux-musl --package tmkms-nitro-enclave --release && cp target/x86_64-unknown-linux-musl/release/tmkms-nitro-enclave /usr/bin/tmkms-nitro-enclave]: exit code: 101
1863
Error: buildx failed with: error: failed to solve: rpc error: code = Unknown desc = executor failed running [/bin/sh -c cargo build --target=x86_64-unknown-linux-musl --package tmkms-nitro-enclave --release && cp target/x86_64-unknown-linux-musl/release/tmkms-nitro-enclave /usr/bin/tmkms-nitro-enclave]: exit code: 101
https://github.com/crypto-com/tmkms-light/pull/128/checks?check_run_id=3108220791#step:3:1849
Compiling tmkms-light-sgx-app v0.1.0 (/home/runner/work/tmkms-light/tmkms-light/providers/sgx/sgx-app)
323
error[E0277]: the trait bound `OsRng: rand_core::CryptoRng` is not satisfied
324
--> providers/sgx/sgx-app/src/sgx_app.rs:100:40
325
|
326
100 | let kp = Keypair::generate(&mut csprng);
327
| ^^^^^^^^^^^ the trait `rand_core::CryptoRng` is not implemented for `OsRng`
328
|
329
::: /home/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/ed25519-dalek-1.0.1/src/keypair.rs:129:12
330
|
331
129 | R: CryptoRng + RngCore,
332
| --------- required by this bound in `Keypair::generate`
333
334
error[E0277]: the trait bound `OsRng: rand_core::RngCore` is not satisfied
335
--> providers/sgx/sgx-app/src/sgx_app.rs:100:40
336
|
337
100 | let kp = Keypair::generate(&mut csprng);
338
| ^^^^^^^^^^^ the trait `rand_core::RngCore` is not implemented for `OsRng`
339
|
340
::: /home/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/ed25519-dalek-1.0.1/src/keypair.rs:129:24
341
|
342
129 | R: CryptoRng + RngCore,
343
| ------- required by this bound in `Keypair::generate`
https://github.com/crypto-com/tmkms-light/pull/4/checks?check_run_id=2119575521#step:4:340
error[E0310]: the parameter type `BS` may not live long enough
[424](https://github.com/crypto-com/tmkms-light/runs/5190820448?check_suite_focus=true#step:4:424)
--> /home/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/cipher-0.4.0/src/stream_core.rs:272:5
[425](https://github.com/crypto-com/tmkms-light/runs/5190820448?check_suite_focus=true#step:4:425)
|
[426](https://github.com/crypto-com/tmkms-light/runs/5190820448?check_suite_focus=true#step:4:426)
272 | type BlockSize = BS;
[427](https://github.com/crypto-com/tmkms-light/runs/5190820448?check_suite_focus=true#step:4:427)
| ^^^^^^^^^^^^^^^^^^^^
error: 2 denied warnings found!
13
Crate: base64ct
14
Version: 1.0.0
15
Warning: yanked
16
Dependency tree:
17
base64ct 1.0.0
18
└── pem-rfc7468 0.2.0
19
├── pkcs8 0.7.5
20
│ └── rsa 0.5.0
21
│ ├── tmkms-light-sgx-runner 0.2.0
22
│ │ └── tmkms-light-sgx-app 0.2.0
23
│ └── tmkms-light-sgx-app 0.2.0
24
└── pkcs1 0.2.3
25
├── rsa 0.5.0
26
└── pkcs8 0.7.5
27
28
Crate: crypto-bigint
29
Version: 0.2.2
30
Warning: yanked
31
Dependency tree:
32
crypto-bigint 0.2.2
33
└── der 0.4.0
34
├── spki 0.4.0
35
│ └── pkcs8 0.7.5
36
│ └── rsa 0.5.0
37
│ ├── tmkms-light-sgx-runner 0.2.0
38
│ │ └── tmkms-light-sgx-app 0.2.0
39
│ └── tmkms-light-sgx-app 0.2.0
40
├── pkcs8 0.7.5
41
└── pkcs1 0.2.3
42
├── rsa 0.5.0
43
└── pkcs8 0.7.5
https://github.com/crypto-com/tmkms-light/runs/3344416765?check_suite_focus=true#step:5:12
e.g. #94 didn't execute the tmkms.yml workflow
Right now, the default Dockerfile executes the enclave without any arguments: https://github.com/crypto-com/tmkms-light/blob/main/Dockerfile.nitro#L246
With that Dockerfile, default choices will be used: https://github.com/crypto-com/tmkms-light/blob/main/providers/nitro/nitro-enclave/src/main.rs#L15
This may be confusing to node operators who may expect the enclave code would follow their configuration provided in the helper code on their host (in the toml configuration or from command line arguments).
error[E0277]: the trait bound `tendermint::vote::SignVoteRequest: From<tendermint_proto::privval::SignVoteRequest>` is not satisfied
297
--> src/rpc.rs:47:27
298
|
299
47 | let svr = SignVoteRequest::try_from(req).map_err(|e| {
300
| ^^^^^^^^^^^^^^^^^^^^^^^^^ the trait `From<tendermint_proto::privval::SignVoteRequest>` is not implemented for `tendermint::vote::SignVoteRequest`
301
|
302
= note: required because of the requirements on the impl of `Into<tendermint::vote::SignVoteRequest>` for `tendermint_proto::privval::SignVoteRequest`
303
= note: required because of the requirements on the impl of `TryFrom<tendermint_proto::privval::SignVoteRequest>` for `tendermint::vote::SignVoteRequest`
304
= note: required by `try_from`
305
306
error[E0277]: the trait bound `tendermint::proposal::SignProposalRequest: From<tendermint_proto::privval::SignProposalRequest>` is not satisfied
307
--> src/rpc.rs:57:27
308
|
309
57 | let spr = SignProposalRequest::try_from(spr).map_err(|e| {
310
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ the trait `From<tendermint_proto::privval::SignProposalRequest>` is not implemented for `tendermint::proposal::SignProposalRequest`
311
|
312
= note: required because of the requirements on the impl of `Into<tendermint::proposal::SignProposalRequest>` for `tendermint_proto::privval::SignProposalRequest`
313
= note: required because of the requirements on the impl of `TryFrom<tendermint_proto::privval::SignProposalRequest>` for `tendermint::proposal::SignProposalRequest`
314
= note: required by `try_from`
315
316
error[E0277]: the trait bound `tendermint::public_key::PubKeyRequest: From<tendermint_proto::privval::PubKeyRequest>` is not satisfied
317
--> src/rpc.rs:67:27
318
|
319
67 | let pkr = PubKeyRequest::try_from(pkr).map_err(|e| {
320
| ^^^^^^^^^^^^^^^^^^^^^^^ the trait `From<tendermint_proto::privval::PubKeyRequest>` is not implemented for `tendermint::public_key::PubKeyRequest`
321
|
322
= note: required because of the requirements on the impl of `Into<tendermint::public_key::PubKeyRequest>` for `tendermint_proto::privval::PubKeyRequest`
323
= note: required because of the requirements on the impl of `TryFrom<tendermint_proto::privval::PubKeyRequest>` for `tendermint::public_key::PubKeyRequest`
324
= note: required by `try_from`
325
326
error[E0277]: the trait bound `tendermint_proto::privval::SignedVoteResponse: From<tendermint::vote::SignedVoteResponse>` is not satisfied
327
--> src/rpc.rs:162:67
328
|
329
162 | Response::SignedVote(resp) => Sum::SignedVoteResponse(resp.into()),
330
| ^^^^^^^^^^^ the trait `From<tendermint::vote::SignedVoteResponse>` is not implemented for `tendermint_proto::privval::SignedVoteResponse`
331
|
332
= help: the following implementations were found:
333
<tendermint_proto::privval::SignedVoteResponse as From<tendermint::vote::sign_vote::SignedVoteResponse>>
334
= note: required because of the requirements on the impl of `Into<tendermint_proto::privval::SignedVoteResponse>` for `tendermint::vote::SignedVoteResponse`
335
336
error[E0277]: the trait bound `tendermint_proto::privval::SignedProposalResponse: From<tendermint::proposal::SignedProposalResponse>` is not satisfied
337
--> src/rpc.rs:163:75
338
|
339
163 | Response::SignedProposal(resp) => Sum::SignedProposalResponse(resp.into()),
340
| ^^^^^^^^^^^ the trait `From<tendermint::proposal::SignedProposalResponse>` is not implemented for `tendermint_proto::privval::SignedProposalResponse`
341
|
342
= help: the following implementations were found:
343
<tendermint_proto::privval::SignedProposalResponse as From<tendermint::proposal::sign_proposal::SignedProposalResponse>>
344
= note: required because of the requirements on the impl of `Into<tendermint_proto::privval::SignedProposalResponse>` for `tendermint::proposal::SignedProposalResponse`
345
e.g. https://github.com/crypto-com/tmkms-light/blob/main/providers/nitro/nitro-enclave/src/main.rs#L29
it may be good in the enclave and the helper to be able to provide a -verbose
argument that would switch from info to debug or something like that
Crate: nix
118
Version: 0.19.1
119
Warning: unsound
120
Title: Out-of-bounds write in nix::unistd::getgrouplist
121
Date: 2021-09-27
122
ID: RUSTSEC-2021-0119
123
URL: https://rustsec.org/advisories/RUSTSEC-2021-0119
124
Dependency tree:
125
nix 0.19.1
126
127
Crate: nix
128
Version: 0.22.0
129
Warning: unsound
130
Title: Out-of-bounds write in nix::unistd::getgrouplist
131
Date: 2021-09-27
132
ID: RUSTSEC-2021-0119
133
URL: https://rustsec.org/advisories/RUSTSEC-2021-0119
134
Dependency tree:
135
nix 0.22.0
136
137
Crate: zeroize_derive
138
Version: 1.1.0
139
Warning: yanked
there is now https://github.com/fortanix/rust-sgx/tree/master/fortanix-vme
so it may be perhaps possibly to unify the SGX and Nitro enclave code better
https://github.com/crypto-com/tmkms-light/blob/main/providers/sgx/sgx-app/src/main.rs#L7
https://github.com/crypto-com/tmkms-light/blob/main/providers/sgx/sgx-runner/src/main.rs#L74
It may be good to be able to provide a e.g. -verbose
argument that would switch from "info" to "debug" in both the enclave and the runner
log:
Sep 16 02:22:29 ... tmkms[21550]: Sep 16 02:22:29.810 DEBUG tmkms_light::utils: writing u16-sized payload
Sep 16 02:22:29 ... tmkms[21550]: Sep 16 02:22:29.811 DEBUG tmkms_light::utils: successfully wrote u16-sized payload
Sep 16 02:22:29 ... tmkms[21550]: Sep 16 02:22:29.811 DEBUG tmkms_nitro_helper::command: ...: Creating a proxy unix:///......
Sep 16 02:22:29 ... tmkms[21550]: Sep 16 02:22:29.811 INFO tmkms_nitro_helper::state: listening for enclave persistence
Sep 16 02:22:29 ... tmkms[21550]: Sep 16 02:22:29.811 INFO tmkms_nitro_helper::enclave_log_server: binding enclave log server to vsock port: 5556
Sep 16 02:22:29 ...tmkms[21550]: Sep 16 02:22:29.812 INFO tmkms_nitro_helper::enclave_log_server: Bound enclave log server to Vsock(cid: 3 port: 5556)
Sep 16 02:22:29 ... tmkms[21550]: Sep 16 02:22:29.812 INFO tmkms_nitro_helper::proxy: binding proxy to vsock port: 5000
Sep 16 02:22:29 ... tmkms[21550]: Sep 16 02:22:29.812 INFO tmkms_nitro_helper::proxy: Bound to Vsock(cid: 3 port: 5000
anomaly is retired and will receive no further updates.
We recommend transitioning to one or more of the following alternatives:
signal capture and shutdown gracefully
error[E0308]: mismatched types
432
--> providers/nitro/nitro-helper/src/command.rs:141:54
433
|
434
141 | let mut socket = vsock::VsockStream::connect(&addr).map_err(|e| {
435
| ^^^^^ expected enum `nix::sys::socket::addr::SockAddr`, found enum `SockAddr`
436
|
437
= note: expected reference `&nix::sys::socket::addr::SockAddr`
438
found reference `&SockAddr`
439
= note: perhaps two different versions of crate `nix` are being used?
440
441
error[E0308]: mismatched types
442
--> providers/nitro/nitro-helper/src/proxy.rs:34:44
443
|
444
34 | let listener = VsockListener::bind(&sockaddr)
445
| ^^^^^^^^^ expected enum `nix::sys::socket::addr::SockAddr`, found enum `SockAddr`
446
|
447
= note: expected reference `&nix::sys::socket::addr::SockAddr`
448
found reference `&SockAddr`
449
= note: perhaps two different versions of crate `nix` are being used?
450
451
error[E0308]: mismatched types
452
--> providers/nitro/nitro-helper/src/state.rs:57:50
453
|
454
57 | let vsock_listener = VsockListener::bind(&sockaddr).map_err(|e| {
455
| ^^^^^^^^^ expected enum `nix::sys::socket::addr::SockAddr`, found enum `SockAddr`
456
|
457
= note: expected reference `&nix::sys::socket::addr::SockAddr`
458
found reference `&SockAddr`
459
= note: perhaps two different versions of crate `nix` are being used?
460
461
error: aborting due to 3 previous errors
462
https://github.com/crypto-com/tmkms-light/pull/20/checks?check_run_id=2119554777#step:5:431
Describe the bug
enclave + helper can't communicate on initial state file from host.
To Reproduce
Steps to reproduce the behavior:
./run.sh
Expected behavior
A working state sync + attempts to reach validator address.
Desktop (please complete the following information):
Additional context
enclave output
...
[ 0.132043] Write protecting the kernel read-only data: 14336k
[ 0.133920] Freeing unused kernel memory: 2016K
[ 0.135182] Freeing unused kernel memory: 476K
[ 0.135827] nsm: loading out-of-tree module taints kernel.
[ 0.136271] nsm: module verification failed: signature and/or required key missing - tainting kernel
May 20 15:55:09.589 INFO tmkms_nitro_enclave: waiting for config to be pushed on cid: 4294967295 port: 5050
[ 1.218763] random: crng init done
May 20 15:55:10.666 INFO tmkms_nitro_enclave: got connection on Vsock(cid: 4294967295 port: 5050)
Connected.
Disconnected.
Connected.
Disconnected.
May 20 15:55:11.412 ERROR tmkms_nitro_enclave: io error I/O error: failed get state connection
helper output
[ec2-user@ip-10-0-0-172 ~]$ ./run.sh
Start allocating memory...
Started enclave with enclave-cid: 62, memory: 8192 MiB, cpu-ids: [1, 3]
{
"EnclaveID": "i-0c3cd5d3dbff334de-enc1798a7cccefaf24",
"ProcessID": 22651,
"EnclaveCID": 62,
"NumberOfCPUs": 2,
"CPUIDs": [
1,
3
],
"MemoryMiB": 8192
}
Os { code: 2, kind: NotFound, message: "No such file or directory" }
It fails here
. I've tried changing both of these settingsenclave_config_cid = 61
and enclave_state_port = 5555
but they all produce this same result.
The fact that it made it to this point means that the config pushed to enclave and kms decryption was successful. I can even change the state_file_path
to an incorrect value and produce an error saying it was incorrect, which means that when I have it correct it is finding and pulling the initial state correctly.
There's now an official crate: aws-nitro-enclaves-nsm-api
so perhaps better to switch to that
As mentioned in the comment, it can be done in the enclave: https://github.com/crypto-com/tmkms-light/blob/main/providers/nitro/nitro-helper/src/key_utils.rs#L11
https://github.com/crypto-com/tmkms-light/runs/2855299679
error: this function has too many arguments (8/7)
502
--> providers/sgx/sgx-runner/src/command.rs:261:1
503
|
504
261 | / pub fn recover(
505
262 | | config_path: Option<PathBuf>,
506
263 | | pubkey_display: Option<PubkeyDisplay>,
507
264 | | bech32_prefix: Option<String>,
508
... |
509
269 | | log_level: String,
510
270 | | ) -> Result<(), String> {
511
| |_______________________^
512
|
513
= note: `-D clippy::too-many-arguments` implied by `-D warnings`
514
= help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#too_many_arguments
515
516
error: aborting due to previous error
Diff in /home/runner/work/tmkms-light/tmkms-light/providers/sgx/sgx-app/src/main.rs at line 6:
11
let mut args = std::env::args();
12
let command = args.next();
13
let log_level = match args.next() {
14
- Some(s) if s == "verbose" => {
15
- tracing::Level::DEBUG
16
- },
17
+ Some(s) if s == "verbose" => tracing::Level::DEBUG,
18
_ => tracing::Level::INFO,
19
};
20
let subscriber = tracing_subscriber::FmtSubscriber::builder()
21
Error: The process '/usr/share/rust/.cargo/bin/cargo' failed with exit code 1
will be good to resolve #97 first
https://github.com/crypto-com/tmkms-light/runs/2854780929#step:5:8
error[E0277]: the trait bound `SubCommand: FromStr` is not satisfied
420
--> providers/sgx/sgx-runner/src/main.rs:23:5
421
|
422
23 | subcommand: SubCommand,
423
| ^^^^^^^^^^^^^^^^^^^^^^ the trait `FromStr` is not implemented for `SubCommand`
424
|
425
= note: required by `std::str::FromStr::from_str`
426
427
error[E0599]: no associated item named `Debug` found for struct `Level` in the current scope
428
--> providers/sgx/sgx-runner/src/main.rs:84:21
429
|
430
84 | 2 => Level::Debug,
431
| ^^^^^ associated item not found in `Level`
432
433
error[E0223]: ambiguous associated type
434
--> providers/sgx/sgx-runner/src/main.rs:92:9
435
|
436
92 | TmkmsLight::CloudWrapKeyGen {
437
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: use fully-qualified syntax: `<TmkmsLight as Trait>::CloudWrapKeyGen`
438
439
error[E0223]: ambiguous associated type
440
--> providers/sgx/sgx-runner/src/main.rs:103:9
441
|
442
103 | TmkmsLight::Init {
443
| ^^^^^^^^^^^^^^^^ help: use fully-qualified syntax: `<TmkmsLight as Trait>::Init`
444
445
error[E0223]: ambiguous associated type
446
--> providers/sgx/sgx-runner/src/main.rs:119:9
447
|
448
119 | TmkmsLight::Start { config_path } => command::start(config_path, log_level_str),
449
| ^^^^^^^^^^^^^^^^^ help: use fully-qualified syntax: `<TmkmsLight as Trait>::Start`
450
451
error[E0223]: ambiguous associated type
452
--> providers/sgx/sgx-runner/src/main.rs:120:9
453
|
454
120 | TmkmsLight::Recover {
455
| ^^^^^^^^^^^^^^^^^^^ help: use fully-qualified syntax: `<TmkmsLight as Trait>::Recover`
456
457
error: aborting due to 6 previous errors
458
459
Some errors have detailed explanations: E0223, E0277, E0599.
460
For more information about an error, try `rustc --explain E0223`.
461
error: could not compile `tmkms-light-sgx-runner`
462
463
To learn more, run the command again with --verbose.
464
Error: Process completed with exit code 101.
Right now, the enclave app is compiled with plain cargo build
.
For example, the aes
crate uses the cpufeatures
crate to detect whether to use AES-NI -- for SGX, that would only be done if all the target features are enabled: https://github.com/RustCrypto/utils/blob/master/cpufeatures/src/x86.rs#L10
which may not always be the case -- so perhaps instructions should explicitly say to put it in the cargo config or RUSTFLAGS="-C target-feature=+aes " (... and all the other needed target-feature ...)
error: 1 denied warning found!
Crate: crossbeam-epoch
Version: 0.9.4
Warning: yanked
Dependency tree:
crossbeam-epoch 0.9.4
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.