Members should vote for Lua app before opening the network (#411)

Author: jumaffre

CMakeLists.txt

@@ -273,13 +273,6 @@ if(BUILD_TESTS)
         NAME voting_history_test
         PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/votinghistory.py)
 
-      ## Lua Logging client end to end test
-      add_e2e_test(
-        NAME lua_logging_client_test
-        PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/loggingclient.py
-        ADDITIONAL_ARGS
-          --app-script ${CMAKE_SOURCE_DIR}/src/apps/logging/logging.lua)
-
       ## Lua sample app (tx regulator) end to end test
       add_e2e_test(
         NAME lua_txregulator_test
@@ -317,6 +310,12 @@ if(BUILD_TESTS)
         PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_logging.py
       )
 
+      add_e2e_test(
+        NAME lua_end_to_end_logging
+        PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_logging.py
+        ADDITIONAL_ARGS
+          --app-script ${CMAKE_SOURCE_DIR}/src/apps/logging/logging.lua)
+
       add_e2e_test(
         NAME end_to_end_scenario
         PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_scenarios.py

sphinx/source/start_network.rst

@@ -73,6 +73,30 @@ Other members are then allowed to vote for the proposal, using the proposal ID r
 
 The user is successfully added once a :term:`quorum` of members have accepted the proposal (``"result":true"``).
 
+Register the Lua application
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. note:: This section only applies when deploying Lua applications (i.e. using the ``libluageneric.so.signed`` enclave library). For C++ applications, this step should be skipped.
+
+Before opening the CCF network to users, members should vote to register the Lua application defining the user-specific business logic (see for example :ref:`Logging (Lua)`):
+
+.. code-block:: bash
+
+    $ memberclient --cert member1_cert --privk member1_privk --rpc-address rpc_ip:rpc_port --ca network_cert set_lua_app --lua-app-file /path/to/lua/app_script
+    {"commit":9,"global_commit":8,"id":0,"jsonrpc":"2.0","result":{"completed":false,"id":1},"term":2}
+
+Other members are then allowed to vote for the proposal, using the proposal ID returned to the proposer member (here ``1``, as per ``"result":{"completed":false,"id":1}``).
+
+.. code-block::
+
+    $ memberclient --cert member2_cert --privk member2_privk --rpc-address rpc_ip:rpc_port --ca network_cert vote --proposal-id 1 --accept
+    {"commit":11,"global_commit":10,"id":0,"jsonrpc":"2.0","result":{"completed":false,"id":1},"term":2}
+
+    $ memberclient --cert member3_cert --privk member3_privk --rpc-address rpc_ip:rpc_port --ca network_cert vote --proposal-id 1 --accept
+    {"commit":13,"global_commit":12,"id":0,"jsonrpc":"2.0","result":{"completed":true,"id":1},"term":2}
+
+The Lua application is successfully registered once a :term:`quorum` of members have accepted the proposal (``"result":true"``).
+
 Open a network
 ~~~~~~~~~~~~~~
 
@@ -81,17 +105,17 @@ Once users are added to the opening network, members should decide to make a pro
 .. code-block:: bash
 
     $ memberclient --cert member1_cert --privk member1_privk --rpc-address rpc_ip:rpc_port --ca network_cert open_network
-    {"commit":4,"global_commit":3,"id":0,"jsonrpc":"2.0","result":{"completed":false,"id":1},"term":2}
+    {"commit":15,"global_commit":14,"id":0,"jsonrpc":"2.0","result":{"completed":false,"id":2},"term":2}
 
-Other members are then allowed to vote for the proposal, using the proposal ID returned to the proposer member (here ``1``, as per ``"result":{"completed":false,"id":1}``).
+Other members are then allowed to vote for the proposal, using the proposal ID returned to the proposer member (here ``2``, as per ``"result":{"completed":false,"id":2}``).
 
 .. code-block:: bash
 
-    $ memberclient --cert member2_cert --privk member2_privk --rpc-address rpc_ip:rpc_port --ca network_cert vote --proposal-id 1 --accept
-    {"commit":9,"global_commit":8,"id":0,"jsonrpc":"2.0","result":false,"term":2}
+    $ memberclient --cert member2_cert --privk member2_privk --rpc-address rpc_ip:rpc_port --ca network_cert vote --proposal-id 2 --accept
+    {"commit":17,"global_commit":16,"id":0,"jsonrpc":"2.0","result":false,"term":2}
 
-    $ memberclient --cert member3_cert --privk member3_privk --rpc-address rpc_ip:rpc_port --ca network_cert vote --proposal-id 1 --accept
-    {"commit":11,"global_commit":10,"id":0,"jsonrpc":"2.0","result":true,"term":2}
+    $ memberclient --cert member3_cert --privk member3_privk --rpc-address rpc_ip:rpc_port --ca network_cert vote --proposal-id 2 --accept
+    {"commit":19,"global_commit":18,"id":0,"jsonrpc":"2.0","result":true,"term":2}
 
 Once a quorum of members have approved the network opening (``"result":true``), the network is opened to users (see :ref:`Example App` for a simple business logic and :term:`JSON-RPC` transactions). It is only then that users are able to execute transactions on the business logic defined by the enclave file (``--enclave-file`` option to ``cchost``).
 
@@ -128,7 +152,7 @@ Summary diagram
 
 Once a node is part of the network (started with either the ``start`` or ``join`` option), members are authorised to issue governance transactions and eventually open the network. Only then are users authorised to issue JSON-RPC transactions to CCF.
 
-.. note:: After the network is open to users, members can still issue governance transactions to CCF (for example, adding new users or additional members to the consortium). See :ref:`Governance` for more information about member governance.
+.. note:: After the network is open to users, members can still issue governance transactions to CCF (for example, adding new users or additional members to the consortium or updating the Lua app, when applicable). See :ref:`Governance` for more information about member governance.
 
 The following diagram summarises the steps required to bootstrap a CCF network:
 

src/apps/logging/logging.lua

@@ -18,14 +18,14 @@ return {
     function env.get(table)
       msg = table:get(args.params.id)
       if not msg then
-        return env.jerr(env.error_codes.UNKNOWN_ID, "No such record: " .. args.params.id) 
+        return env.jerr(env.error_codes.UNKNOWN_ID, "No such record: " .. args.params.id)
       end
-      return env.jsucc(msg)
+      return env.jsucc({msg = msg})
     end
-    
+
     function env.record(table)
       if string.len(args.params.msg) == 0 then
-        return env.jerr(env.error_codes.MESSAGE_EMPTY, "Cannot record an empty log message") 
+        return env.jerr(env.error_codes.MESSAGE_EMPTY, "Cannot record an empty log message")
       end
       table:put(args.params.id, args.params.msg)
       return env.jsucc(true)

src/apps/luageneric/luageneric.cpp

@@ -162,7 +162,9 @@ namespace ccfapp
           return make_pair(false, *err_it);
         }
       };
-      set_default(default_handler, MayWrite);
+
+      // TODO: https://github.com/microsoft/CCF/issues/409
+      set_default(default_handler, Write);
     }
   };
 

src/clients/memberclient.cpp

@@ -23,7 +23,6 @@ using namespace std;
 using namespace nlohmann;
 
 constexpr auto members_sni = "members";
-constexpr NodeId INVALID_NODE_ID = std::numeric_limits<NodeId>::max();
 
 static const string add_member_proposal(R"xxx(
       tables, member_cert = ...
@@ -77,6 +76,11 @@ static const string accept_code_proposal(R"xxx(
       return Calls:call("new_code", code_digest)
     )xxx");
 
+static const string set_lua_app(R"xxx(
+      tables, app = ...
+      return Calls:call("set_lua_app", app)
+    )xxx");
+
 json proposal_params(const string& script)
 {
   return Propose::In{script};
@@ -186,6 +190,14 @@ void submit_open_network(RpcTlsClient& tls_connection)
   cout << response.dump() << std::endl;
 }
 
+void submit_set_lua_app(RpcTlsClient& tls_connection, const std::string& app)
+{
+  const auto params = proposal_params<json>(set_lua_app, app);
+  const auto response =
+    json::from_msgpack(tls_connection.call("propose", params));
+  cout << response.dump() << std::endl;
+}
+
 void submit_raw_puts(
   RpcTlsClient& tls_connection, const string& script, const string& param_file)
 {
@@ -363,6 +375,14 @@ int main(int argc, char** argv)
   auto accept_recovery =
     app.add_subcommand("accept_recovery", "Accept to recover network");
 
+  auto set_lua_app =
+    app.add_subcommand("set_lua_app", "Update lua application");
+  string lua_app_file;
+  set_lua_app
+    ->add_option("--lua-app-file", lua_app_file, "Lua application file")
+    ->required(true)
+    ->check(CLI::ExistingFile);
+
   string sealed_secrets_file;
   accept_recovery
     ->add_option(
@@ -487,6 +507,11 @@ int main(int argc, char** argv)
     {
       submit_open_network(*tls_connection);
     }
+
+    if (*set_lua_app)
+    {
+      submit_set_lua_app(*tls_connection, slurp_string(lua_app_file));
+    }
   }
   catch (const exception& ex)
   {

src/enclave/interface.h

@@ -47,8 +47,7 @@ struct CCFConfig
   {
     std::vector<std::vector<uint8_t>> member_certs;
     std::string gov_script;
-    std::string app_script;
-    MSGPACK_DEFINE(member_certs, gov_script, app_script);
+    MSGPACK_DEFINE(member_certs, gov_script);
   };
   Genesis genesis = {};
 

src/host/main.cpp

@@ -194,15 +194,6 @@ int main(int argc, char** argv)
     ->check(CLI::ExistingFile)
     ->required();
 
-  // TODO: For now, lua app is passed when the node starts up
-  // See https://github.com/microsoft/CCF/issues/293
-  std::string app_script;
-  const auto app_script_opt = start->add_option(
-    "--app-script",
-    app_script,
-    "Path to Lua file that defines the user business logic",
-    true);
-
   std::string member_cert_file = "member*_cert.pem";
   start
     ->add_option(
@@ -317,8 +308,6 @@ int main(int argc, char** argv)
     start_type = StartType::New;
     ccf_config.genesis.member_certs = files::slurp_certs(member_cert_file);
     ccf_config.genesis.gov_script = files::slurp_string(gov_script);
-    if (*app_script_opt)
-      ccf_config.genesis.app_script = files::slurp_string(app_script);
   }
   else if (*join)
   {

src/node/nodestate.h

@@ -241,10 +241,6 @@ namespace ccf
           g.set_gov_scripts(lua::Interpreter().invoke<nlohmann::json>(
             args.config.genesis.gov_script));
 
-          if (!args.config.genesis.app_script.empty())
-            g.set_app_scripts(lua::Interpreter().invoke<nlohmann::json>(
-              args.config.genesis.app_script));
-
           network.secrets = std::make_unique<NetworkSecrets>(
             "CN=The CA", std::make_unique<Seal>(writer_factory));
 

src/node/rpc/memberfrontend.h

@@ -1,11 +1,11 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the Apache 2.0 License.
 #pragma once
-#include "../../luainterp/txscriptrunner.h"
-#include "../../tls/entropy.h"
-#include "../../tls/keypair.h"
-#include "../quoteverification.h"
 #include "frontend.h"
+#include "luainterp/txscriptrunner.h"
+#include "node/quoteverification.h"
+#include "tls/entropy.h"
+#include "tls/keypair.h"
 
 #include <exception>
 #include <initializer_list>
@@ -28,11 +28,39 @@ namespace ccf
       return *s;
     }
 
+    // TODO: This function is very similar to set_app_scripts() in genesisgen.h
+    // Change this as part of https://github.com/microsoft/CCF/issues/320
+    void set_app_scripts(
+      Store::Tx& tx, std::map<std::string, std::string> scripts)
+    {
+      auto tx_scripts = tx.get_view(network.app_scripts);
+
+      // First, remove all existing handlers
+      tx_scripts->foreach(
+        [&tx_scripts](const std::string& name, const Script& script) {
+          tx_scripts->remove(name);
+          return true;
+        });
+
+      for (auto& rs : scripts)
+      {
+        tx_scripts->put(rs.first, lua::compile(rs.second));
+      }
+    }
+
     //! Table of functions that proposal scripts can propose to invoke
     const std::unordered_map<
       std::string,
       std::function<bool(Store::Tx&, const nlohmann::json&)>>
       hardcoded_funcs = {
+        // set the lua application script
+        {"set_lua_app",
+         [this](Store::Tx& tx, const nlohmann::json& args) {
+           const std::string app = args;
+           set_app_scripts(tx, lua::Interpreter().invoke<nlohmann::json>(app));
+
+           return true;
+         }},
         // add a new member
         {"new_member",
          [this](Store::Tx& tx, const nlohmann::json& args) {

tests/code_update.py

@@ -30,7 +30,9 @@ def add_new_code(network, new_code_id):
     LOG.debug(f"Adding new code id: {new_code_id}")
 
     primary, _ = network.find_primary()
-    result = network.propose(1, primary, "add_code", f"--new-code-id={new_code_id}")
+    result = network.propose(
+        1, primary, None, None, "add_code", f"--new-code-id={new_code_id}"
+    )
 
     network.vote_using_majority(primary, result[1]["id"])