newton-core 0.4.16

newton protocol core sdk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

//! Sentinel PCR0 hash for the development stub path.
//!
//! [`STATE_COMMIT_STUB_PCR0_HASH`] identifies the `StubPcr0Provider` used by
//! test and devnet builds. Production uses `EnclavePcr0Provider` (NEWT-1116,
//! `crates/operator/src/enclave.rs`). The hash is non-zero so the
//! `pcr0Commitment != bytes32(0)` check
//! at the `StateCommitRegistry` boundary passes — `InvalidPcr0Commitment`
//! (`0x6dfbfc74`) reverts only on the zero hash in Phase 1; full
//! `EnclaveVersionRegistry` whitelist enforcement is deferred to Phase 3.
//!
//! Phase 1 wrong-environment safety relies on operator-side rejection at
//! BLS signing time plus off-chain `StateTreeAnomalyDetected` events
//! (`anomalyKind = 0x04 tee_pcr0_unknown`, PRIVATE_DATA_STORAGE.md §7.5),
//! not an on-chain typed revert. The sentinel is never seeded into any
//! `EnclaveVersionRegistry`, but because it is non-zero the registry's
//! Phase 1 `pcr0Commitment != bytes32(0)` check passes — a stub leaking
//! into stagef/mainnet is a deployment regression operators MUST refuse
//! to BLS-sign, not something the on-chain check catches on its own.
//! Full whitelist enforcement is deferred to Phase 3.
//!
//! Loopback-enclave PCR0 recognition (when present) is handled by the
//! attestation parsing path, not by this module — the state-commit seam
//! only needs the stub sentinel.

use alloy::primitives::{keccak256, B256};
use std::sync::LazyLock;

/// Pre-image label for [`STATE_COMMIT_STUB_PCR0_HASH`]. Exposed so off-chain
/// tooling and Solidity seed scripts can derive the same hash.
pub const STATE_COMMIT_STUB_PCR0_LABEL: &[u8] = b"newton-state-commit-stub-pcr0-v1";

/// Sentinel PCR0-hash returned by `StubPcr0Provider`.
///
/// Never whitelisted in any `EnclaveVersionRegistry` instance. The value is
/// non-zero so the registry's Phase 1 `pcr0Commitment != bytes32(0)` check
/// passes — `InvalidPcr0Commitment` (`0x6dfbfc74`) does NOT fire on the
/// stub. A stub leaking into stagef/mainnet is a deployment regression
/// operators MUST refuse to BLS-sign; the on-chain registry alone cannot
/// catch it until full whitelist enforcement lands in Phase 3.
pub static STATE_COMMIT_STUB_PCR0_HASH: LazyLock<B256> = LazyLock::new(|| keccak256(STATE_COMMIT_STUB_PCR0_LABEL));

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn sentinel_hash_is_nonzero() {
        assert_ne!(*STATE_COMMIT_STUB_PCR0_HASH, B256::ZERO);
    }

    #[test]
    fn hash_matches_label_keccak() {
        assert_eq!(*STATE_COMMIT_STUB_PCR0_HASH, keccak256(STATE_COMMIT_STUB_PCR0_LABEL));
    }
}