Add additional verification to EspressoTEEVerifier

scripts/deployEspressoTEEVerifier.ts

@@ -5,15 +5,25 @@ import { deployContract } from './deploymentUtils'
 async function main() {
   const [deployer] = await ethers.getSigners()
 
-  const pccsRouterAddress = process.env.PCCS_ROUTER_ADDRESS as string
-  if (!pccsRouterAddress) {
-    throw new Error('PCCS_ROUTER_ADDRESS not set')
+  const v3QuoteVerifier = process.env.V3_QUOTE_VERIFIER_ADDRESS
+  if (!v3QuoteVerifier) {
+    throw new Error('V3_QUOTE_VERIFIER_ADDRESS not set')
+  }
+
+  const mrEnclave = process.env.MR_ENCLAVE
+  if (!mrEnclave) {
+    throw new Error('MR_ENCLAVE not set')
+  }
+
+  const mrSigner = process.env.MR_SIGNER
+  if (!mrSigner) {
+    throw new Error('MR_SIGNER not set')
   }
 
   const esperssoTEEVerifier = await deployContract(
     'EspressoTEEVerifier',
     deployer,
-    [pccsRouterAddress],
+    [mrEnclave, mrSigner, v3QuoteVerifier],
     true
   )
   console.log(

src/bridge/EspressoTEEVerifier.sol

@@ -14,50 +14,83 @@ import {
     ENCLAVE_REPORT_LENGTH
 } from "@automata-network/dcap-attestation/contracts/types/Constants.sol";
 import {EnclaveReport} from "@automata-network/dcap-attestation/contracts/types/V3Structs.sol";
+import {
+    V3QuoteVerifier
+} from "@automata-network/dcap-attestation/contracts/verifiers/V3QuoteVerifier.sol";
+import {BytesUtils} from "@automata-network/dcap-attestation/contracts/utils/BytesUtils.sol";
+import {Ownable} from "solady/auth/Ownable.sol";
+
 /**
  *
  * @title  Verifies quotes from the TEE and attests on-chain
  * @notice Contains the logic to verify a quote from the TEE and attest on-chain. It uses the V3QuoteVerifier contract
  *         to verify the quote. Along with some additional verification logic.
  */
 
-contract EspressoTEEVerifier is V3QuoteVerifier {
-    constructor(address _router) V3QuoteVerifier(_router) {}
+contract EspressoTEEVerifier is Ownable {
+    using BytesUtils for bytes;
+    // TODO: add comments
+    V3QuoteVerifier public quoteVerifier;
+    bytes32 public mrEnclave;
+    bytes32 public mrSigner;
+
+    constructor(bytes32 _mrEnclave, bytes32 _mrSigner, address _quoteVerifier) {
+        quoteVerifier = V3QuoteVerifier(_quoteVerifier);
+        mrEnclave = _mrEnclave;
+        mrSigner = _mrSigner;
+        _initializeOwner(msg.sender);
+    }
 
-    /**
+    /*
         @notice Verify a quote from the TEE and attest on-chain
         @param rawQuote The quote from the TEE
-        @return success True if the quote was verified and attested on-chain
-     */
-    function verify(bytes calldata rawQuote) external view returns (bool success) {
+        @param reportDataHash The hash of the report data
+        @return success True if the quote was verified and attested on-chain, false otherwise
+    */
+    function verify(
+        bytes calldata rawQuote,
+        bytes32 reportDataHash
+    ) external view returns (bool success) {
         // Parse the header
-        Header memory header = _parseQuoteHeader(rawQuote);
+        Header memory header = parseQuoteHeader(rawQuote);
 
+        // Currently only version 3 is supported
         if (header.version != 3) {
             return false;
         }
 
-        (success, ) = this.verifyQuote(header, rawQuote);
+        // Verify the quote
+        (success, ) = quoteVerifier.verifyQuote(header, rawQuote);
         if (!success) {
             return false;
         }
 
-        //  Parse enclave quote
+        // Parse enclave quote
         uint256 offset = HEADER_LENGTH + ENCLAVE_REPORT_LENGTH;
         EnclaveReport memory localReport;
         (success, localReport) = parseEnclaveReport(rawQuote[HEADER_LENGTH:offset]);
         if (!success) {
             return false;
         }
 
-        return true;
+        // Check that mrEnclave and mrSigner match
+        if (localReport.mrEnclave != mrEnclave || localReport.mrSigner != mrSigner) {
+            return false;
+        }
+
+        if (reportDataHash != bytes32(localReport.reportData.substring(0, 32))) {
+            return false;
+        }
 
-        // TODO: Use the parsed enclave report (localReport) to do other verifications
+        return true;
     }
 
-    function _parseQuoteHeader(
-        bytes calldata rawQuote
-    ) private pure returns (Header memory header) {
+    /*
+        @notice Parses the header from the quote
+        @param rawQuote The raw quote in bytes
+        @return header The parsed header
+    */
+    function parseQuoteHeader(bytes calldata rawQuote) public pure returns (Header memory header) {
         bytes2 attestationKeyType = bytes2(rawQuote[2:4]);
         bytes2 qeSvn = bytes2(rawQuote[8:10]);
         bytes2 pceSvn = bytes2(rawQuote[10:12]);
@@ -73,4 +106,44 @@ contract EspressoTEEVerifier is V3QuoteVerifier {
             userData: bytes20(rawQuote[28:48])
         });
     }
+
+    /*
+        @notice Parses the enclave report from the quote
+        @param rawEnclaveReport The raw enclave report from the quote in bytes
+        @return success True if the enclave report was parsed successfully
+        @return enclaveReport The parsed enclave report
+    */
+
+    function parseEnclaveReport(
+        bytes memory rawEnclaveReport
+    ) public pure returns (bool success, EnclaveReport memory enclaveReport) {
+        if (rawEnclaveReport.length != ENCLAVE_REPORT_LENGTH) {
+            return (false, enclaveReport);
+        }
+        enclaveReport.cpuSvn = bytes16(rawEnclaveReport.substring(0, 16));
+        enclaveReport.miscSelect = bytes4(rawEnclaveReport.substring(16, 4));
+        enclaveReport.reserved1 = bytes28(rawEnclaveReport.substring(20, 28));
+        enclaveReport.attributes = bytes16(rawEnclaveReport.substring(48, 16));
+        enclaveReport.mrEnclave = bytes32(rawEnclaveReport.substring(64, 32));
+        enclaveReport.reserved2 = bytes32(rawEnclaveReport.substring(96, 32));
+        enclaveReport.mrSigner = bytes32(rawEnclaveReport.substring(128, 32));
+        enclaveReport.reserved3 = rawEnclaveReport.substring(160, 96);
+        enclaveReport.isvProdId = uint16(BELE.leBytesToBeUint(rawEnclaveReport.substring(256, 2)));
+        enclaveReport.isvSvn = uint16(BELE.leBytesToBeUint(rawEnclaveReport.substring(258, 2)));
+        enclaveReport.reserved4 = rawEnclaveReport.substring(260, 60);
+        enclaveReport.reportData = rawEnclaveReport.substring(320, 64);
+        success = true;
+    }
+
+    function setOwner(address newOwner) external onlyOwner {
+        _setOwner(newOwner);
+    }
+
+    function setMrEnclave(bytes32 _mrEnclave) external onlyOwner {
+        mrEnclave = _mrEnclave;
+    }
+
+    function setMrSigner(bytes32 _mrSigner) external onlyOwner {
+        mrSigner = _mrSigner;
+    }
 }

src/bridge/SequencerInbox.sol

@@ -182,10 +182,7 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
         __LEGACY_MAX_TIME_VARIATION.futureSeconds = 0;
     }
 
-    function initialize(
-        IBridge bridge_,
-        ISequencerInbox.MaxTimeVariation calldata maxTimeVariation_
-    ) external onlyDelegated {
+    function initialize(IBridge, ISequencerInbox.MaxTimeVariation calldata) external onlyDelegated {
         revert Deprecated();
     }
 
@@ -373,7 +370,18 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
         if (msg.sender != tx.origin) revert NotOrigin();
         if (!isBatchPoster[msg.sender]) revert NotBatchPoster();
 
-        bool success = espressoTEEVerifier.verify(quote);
+        // take keccak2256 hash of all the function arguments except the quote
+        bytes32 reportDataHash = keccak256(
+            abi.encodePacked(
+                sequenceNumber,
+                data,
+                afterDelayedMessagesRead,
+                address(gasRefunder),
+                prevMessageCount,
+                newMessageCount
+            )
+        );
+        bool success = espressoTEEVerifier.verify(quote, reportDataHash);
         if (!success) {
             revert InvalidTEEAttestationQuote();
         }
@@ -481,12 +489,12 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
     }
 
     function addSequencerL2Batch(
-        uint256 sequenceNumber,
-        bytes calldata data,
-        uint256 afterDelayedMessagesRead,
+        uint256,
+        bytes calldata,
+        uint256,
         IGasRefunder gasRefunder,
-        uint256 prevMessageCount,
-        uint256 newMessageCount
+        uint256,
+        uint256
     ) external override refundsGas(gasRefunder, IReader4844(address(0))) {
         revert Deprecated();
     }
@@ -516,7 +524,18 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
         // Only check the attestation quote if the batch has been posted by the
         // batch poster
         if (isBatchPoster[msg.sender]) {
-            bool success = espressoTEEVerifier.verify(quote);
+            // take keccak2256 hash of all the function arguments except the quote
+            bytes32 reportDataHash = keccak256(
+                abi.encodePacked(
+                    sequenceNumber,
+                    data,
+                    afterDelayedMessagesRead,
+                    address(gasRefunder),
+                    prevMessageCount,
+                    newMessageCount
+                )
+            );
+            bool success = espressoTEEVerifier.verify(quote, reportDataHash);
             if (!success) {
                 revert InvalidTEEAttestationQuote();
             }

src/rollup/BridgeCreator.sol

@@ -80,10 +80,10 @@ contract BridgeCreator is Ownable {
 
     /// @dev Deprecated
     function createBridge(
-        address adminProxy,
-        address rollup,
-        address nativeToken,
-        ISequencerInbox.MaxTimeVariation calldata maxTimeVariation
+        address,
+        address,
+        address,
+        ISequencerInbox.MaxTimeVariation calldata
     ) external returns (BridgeContracts memory) {
         revert Deprecated();
     }