clangenb
commented
1 year ago It seems not to be straightforward after all. This introduces some std leaks.
Open clangenb opened 1 year ago
clangenb
commented
1 year ago It seems not to be straightforward after all. This introduces some std leaks.
clangenb
commented
1 year ago The std leak has been fixed, there is a wip here: https://github.com/integritee-network/worker/tree/cl/merge-workspaces
But the insight is: sgx and non-sgx is interfeering, we should wait until we use teaclave v2.
Kailai-Wang
commented
1 year ago Absolutely looking forward to this. This brings the update and dependency management (e.g. cargo update, crate overrides) a lot easier, as well as some tooling (fmt, taplo...).
Moreover, at the beginning we stumbled due to the name enclave-runtime a bit, as we thought the code/crate in it will run inside the enclave, and the rest will run outside the enclave - which is not the case (e.g. the stf execution)
clangenb
commented
1 year ago Yeah, in hindsight this might not have been the best naming, it also doesn't fit the idea that we are similar to substrate and that the enclave-runtime is the only thing that needs to be touched for custom logic.
But it is true that it is the only binary crate inside the repo that executes stuff inside the enclave.
But you are right there are crates that are intended to only be used inside the enclave, it makes sense to improve the grouping here.
We had to split up the workspaces of the service and the rest because we had some not fixable dependency conflicts at some point between the sgx and the std world. However, as many of our crates do compile to both, sgx and std, now, I am quite confident that this is no longer the case. Hence we should merge the two workspaces into one to have:
cargo update -p <crate>, which needs to be run in both workspaces.