search

microsoft / LSKV

A Ledger-backed Secure Key-Value store (LSKV), built on the Confidential Consortium Framework (CCF)
https://microsoft.github.io/CCF
MIT License
34 stars 6 forks source link

Add receipt claims for put, delete and txn #139

Closed jeffa5 closed 1 year ago

jeffa5 commented 1 year ago

Fixes #78

Later we will want to add more request types to the claims.

github-actions[bot] commented 1 year ago

Plots from benchmarking at 74568403766656c7ba4dae6866cb49d39b639bb2

Available from here

etcd/ecdf-latency_ms-ledger_chunk_bytes-sig_ms_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-ledger_chunk_bytes-snapshot_tx_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-sig_tx_interval-sig_ms_interval-vars.jpg
etcd/throughput_bar-rate-ledger_chunk_bytes-sig_ms_interval-vars.jpg
perf/ecdf-latency_ms-http_version-path-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-path-vars.jpg
ycsb/ecdf-latency_ms-operation-workload-vars.jpg
ycsb/scatter-start_ms-latency_ms-operation-workload-vars.jpg
ycsb/throughput_bar-rate-operation-workload-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at 273187c36b7b6ca8100fdc20594e5c73fd5610f1

Available from here

etcd/ecdf-latency_ms-ledger_chunk_bytes-sig_ms_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-ledger_chunk_bytes-snapshot_tx_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-sig_tx_interval-sig_ms_interval-vars.jpg
etcd/throughput_bar-rate-ledger_chunk_bytes-sig_ms_interval-vars.jpg
perf/ecdf-latency_ms-http_version-path-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-path-vars.jpg
ycsb/ecdf-latency_ms-operation-workload-vars.jpg
ycsb/scatter-start_ms-latency_ms-operation-workload-vars.jpg
ycsb/throughput_bar-rate-operation-workload-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at 1dc94123d9c9982c0c5945f53cf7729d5f353657

Available from here

etcd/ecdf-latency_ms-ledger_chunk_bytes-sig_ms_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-ledger_chunk_bytes-snapshot_tx_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-sig_tx_interval-sig_ms_interval-vars.jpg
etcd/throughput_bar-rate-ledger_chunk_bytes-sig_ms_interval-vars.jpg
perf/ecdf-latency_ms-http_version-path-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-path-vars.jpg
ycsb/ecdf-latency_ms-operation-workload-vars.jpg
ycsb/scatter-start_ms-latency_ms-operation-workload-vars.jpg
ycsb/throughput_bar-rate-operation-workload-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at 8762e2552f2b5ee91c225f3329f0687847d60cf5

Available from here

etcd/ecdf-latency_ms-ledger_chunk_bytes-sig_ms_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-ledger_chunk_bytes-snapshot_tx_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-sig_tx_interval-sig_ms_interval-vars.jpg
etcd/throughput_bar-rate-ledger_chunk_bytes-sig_ms_interval-vars.jpg
perf/ecdf-latency_ms-http_version-path-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-path-vars.jpg
ycsb/ecdf-latency_ms-operation-workload-vars.jpg
ycsb/scatter-start_ms-latency_ms-operation-workload-vars.jpg
ycsb/throughput_bar-rate-operation-workload-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at 0587e68d778f0c08f78a57049900c1aaf0ab383c

Available from here

etcd/ecdf-latency_ms-ledger_chunk_bytes-sig_ms_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-ledger_chunk_bytes-snapshot_tx_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-sig_tx_interval-sig_ms_interval-vars.jpg
etcd/throughput_bar-rate-ledger_chunk_bytes-sig_ms_interval-vars.jpg
perf/ecdf-latency_ms-http_version-path-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-path-vars.jpg
ycsb/ecdf-latency_ms-operation-workload-vars.jpg
ycsb/scatter-start_ms-latency_ms-operation-workload-vars.jpg
ycsb/throughput_bar-rate-operation-workload-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at 7e262064c2179d801cc01bffbc0fe0a1345c529a

Available from here

etcd/ecdf-latency_ms-ledger_chunk_bytes-sig_ms_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-ledger_chunk_bytes-snapshot_tx_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-sig_tx_interval-sig_ms_interval-vars.jpg
etcd/throughput_bar-rate-ledger_chunk_bytes-sig_ms_interval-vars.jpg
perf/ecdf-latency_ms-http_version-path-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-path-vars.jpg
ycsb/ecdf-latency_ms-operation-workload-vars.jpg
ycsb/scatter-start_ms-latency_ms-operation-workload-vars.jpg
ycsb/throughput_bar-rate-operation-workload-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at e2eff04ff2be9959f857286d1f33908fef05505b

Available from here

etcd/ecdf-latency_ms-ledger_chunk_bytes-sig_ms_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-ledger_chunk_bytes-snapshot_tx_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-sig_tx_interval-sig_ms_interval-vars.jpg
etcd/throughput_bar-rate-ledger_chunk_bytes-sig_ms_interval-vars.jpg
perf/ecdf-latency_ms-http_version-path-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-path-vars.jpg
ycsb/ecdf-latency_ms-operation-workload-vars.jpg
ycsb/scatter-start_ms-latency_ms-operation-workload-vars.jpg
ycsb/throughput_bar-rate-operation-workload-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at 2b6873207c4159da640e000587d3093203e25522

Available from here

etcd/ecdf-latency_ms-ledger_chunk_bytes-sig_ms_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-ledger_chunk_bytes-snapshot_tx_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-sig_tx_interval-sig_ms_interval-vars.jpg
etcd/throughput_bar-rate-ledger_chunk_bytes-sig_ms_interval-vars.jpg
perf/ecdf-latency_ms-http_version-path-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-path-vars.jpg
ycsb/ecdf-latency_ms-operation-workload-vars.jpg
ycsb/scatter-start_ms-latency_ms-operation-workload-vars.jpg
ycsb/throughput_bar-rate-operation-workload-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at 908f01a929c3f5b54de7b9d9bd6c28d581f41bc8

Available from here

etcd/ecdf-latency_ms-ledger_chunk_bytes-sig_ms_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-ledger_chunk_bytes-snapshot_tx_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-sig_tx_interval-sig_ms_interval-vars.jpg
etcd/throughput_bar-rate-ledger_chunk_bytes-sig_ms_interval-vars.jpg
perf/ecdf-latency_ms-http_version-path-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-path-vars.jpg
ycsb/ecdf-latency_ms-operation-workload-vars.jpg
ycsb/scatter-start_ms-latency_ms-operation-workload-vars.jpg
ycsb/throughput_bar-rate-operation-workload-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at 0b5a93e964bc7dac21ba6b15231c2fa16c001c42

Available from here

etcd/ecdf-latency_ms-ledger_chunk_bytes-sig_ms_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-ledger_chunk_bytes-snapshot_tx_interval-vars.jpg
etcd/scatter-start_ms-latency_ms-sig_tx_interval-sig_ms_interval-vars.jpg
etcd/throughput_bar-rate-ledger_chunk_bytes-sig_ms_interval-vars.jpg
k6/ecdf-latency_ms-None-None-vars.jpg
k6/scatter-start_ms-latency_ms-None-None-vars.jpg
perf/ecdf-latency_ms-http_version-path-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-path-vars.jpg
ycsb/ecdf-latency_ms-operation-workload-vars.jpg
ycsb/scatter-start_ms-latency_ms-operation-workload-vars.jpg
ycsb/throughput_bar-rate-operation-workload-vars.jpg
jeffa5 commented 1 year ago

Could you include a sample receipt from LSKV as a comment in this PR so that we have an overview of what receipts look like and that they don't leak confidential information?

Sure!

From the CCF native receipt endpoint

{
  "cert": "-----BEGIN CERTIFICATE-----\nMIIBwzCCAUmgAwIBAgIRAL8azkEXL7nLL5Yhp9p6DN0wCgYIKoZIzj0EAwMwFjEU\nMBIGA1UEAwwLQ0NGIE5ldHdvcmswHhcNMjIxMTAyMTcwNzU3WhcNMjMwMTMxMTcw\nNzU2WjATMREwDwYDVQQDDAhDQ0YgTm9kZTB2MBAGByqGSM49AgEGBSuBBAAiA2IA\nBON2qNOiUFwR+Ef0FqEfE5EV58gALq76yI4PjPAx7plDPb5/addKDq4+SP77+5nl\nsJfX9PRx5Ar8zXsbcE/V8EJq3uZid27Ovvez8Kq3VR7MO2qZ9/VbtDCcNI4hgh0K\nPqNeMFwwCQYDVR0TBAIwADAdBgNVHQ4EFgQUP3z6t+rmgxRn4Q8p/xcbO6xP1/8w\nHwYDVR0jBBgwFoAUN0AJObg6ky1oCUjT4z0EvU0beuUwDwYDVR0RBAgwBocEfwAA\nATAKBggqhkjOPQQDAwNoADBlAjEA4Ul6UcDpRlkKmqWWXknCkBff6C75xOKX0QAH\nZ2aRKM5LYqG+Sf9BX4zqgGxM+rRlAjA/i5C+GK2ozYcGXTKePmWXu7KA4qNtfZ6z\nieKOcOD3fZBhKHnQKMR7O0nNHmobiu0=\n-----END CERTIFICATE-----\n",
  "leaf_components": {
    "claims_digest": "59845c1960ad5b384991994b5e3668d63d564b3241aad381dc842ce9765ffa9d",
    "commit_evidence": "ce:2.16:60336ec9dbf02babca64faf85d794a94cfaa01e9f4984378f710d4a20dbd1792",
    "write_set_digest": "6ef580c37c21d75bda380beb713d4b989aec629d3dedeb3f9d808417204db83c"
  },
  "node_id": "dc95a6d0610974b722485646e0be5f92312d792917fff3b8e67a5155cb5cbd1d",
  "proof": [
    {
      "left": "c8f9e1a52e32524328c4874dfc2fdf70d8d5c5264699264fd4d8983f558705dc"
    }
  ],
  "signature": "MGUCMQDi3HIesiKldQPd7ReZAOEsHiwugRf4KrpsN+PXscPrj3XdJZwzSokp3na+YViLFggCMEJzNcuucQvLaPEbEPsfndmZM6a5oFjA0tf/yQWjP7amiB0pGX7iKMLh/KE6q89F6A=="
}

From the new gRPC receipt endpoint:

{
  "header": {
    "clusterId": "16768088272863050520",
    "memberId": "13219201121956304348",
    "revision": "17",
    "raftTerm": "2"
  },
  "receipt": {
    "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJ3ekNDQVVtZ0F3SUJBZ0lSQUw4YXprRVhMN25MTDVZaHA5cDZETjB3Q2dZSUtvWkl6ajBFQXdNd0ZqRVUKTUJJR0ExVUVBd3dMUTBOR0lFNWxkSGR2Y21zd0hoY05Nakl4TVRBeU1UY3dOelUzV2hjTk1qTXdNVE14TVRjdwpOelUyV2pBVE1SRXdEd1lEVlFRRERBaERRMFlnVG05a1pUQjJNQkFHQnlxR1NNNDlBZ0VHQlN1QkJBQWlBMklBCkJPTjJxTk9pVUZ3UitFZjBGcUVmRTVFVjU4Z0FMcTc2eUk0UGpQQXg3cGxEUGI1L2FkZEtEcTQrU1A3Nys1bmwKc0pmWDlQUng1QXI4elhzYmNFL1Y4RUpxM3VaaWQyN092dmV6OEtxM1ZSN01PMnFaOS9WYnREQ2NOSTRoZ2gwSwpQcU5lTUZ3d0NRWURWUjBUQkFJd0FEQWRCZ05WSFE0RUZnUVVQM3o2dCtybWd4Um40UThwL3hjYk82eFAxLzh3Ckh3WURWUjBqQkJnd0ZvQVVOMEFKT2JnNmt5MW9DVWpUNHowRXZVMGJldVV3RHdZRFZSMFJCQWd3Qm9jRWZ3QUEKQVRBS0JnZ3Foa2pPUFFRREF3Tm9BREJsQWpFQTRVbDZVY0RwUmxrS21xV1dYa25Da0JmZjZDNzV4T0tYMFFBSApaMmFSS001TFlxRytTZjlCWDR6cWdHeE0rclJsQWpBL2k1QytHSzJvelljR1hUS2VQbVdYdTdLQTRxTnRmWjZ6CmllS09jT0QzZlpCaEtIblFLTVI3TzBuTkhtb2JpdTA9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K",
    "signature": "MGUCMQDi3HIesiKldQPd7ReZAOEsHiwugRf4KrpsN+PXscPrj3XdJZwzSokp3na+YViLFggCMEJzNcuucQvLaPEbEPsfndmZM6a5oFjA0tf/yQWjP7amiB0pGX7iKMLh/KE6q89F6A==",
    "nodeId": "ZGM5NWE2ZDA2MTA5NzRiNzIyNDg1NjQ2ZTBiZTVmOTIzMTJkNzkyOTE3ZmZmM2I4ZTY3YTUxNTVjYjVjYmQxZA==",
    "txReceipt": {
      "leafComponents": {
        "claimsDigest": "NTk4NDVjMTk2MGFkNWIzODQ5OTE5OTRiNWUzNjY4ZDYzZDU2NGIzMjQxYWFkMzgxZGM4NDJjZTk3NjVmZmE5ZA==",
        "commitEvidence": "Y2U6Mi4xNjo2MDMzNmVjOWRiZjAyYmFiY2E2NGZhZjg1ZDc5NGE5NGNmYWEwMWU5ZjQ5ODQzNzhmNzEwZDRhMjBkYmQxNzky",
        "writeSetDigest": "NmVmNTgwYzM3YzIxZDc1YmRhMzgwYmViNzEzZDRiOTg5YWVjNjI5ZDNkZWRlYjNmOWQ4MDg0MTcyMDRkYjgzYw=="
      },
      "proof": [
        {
          "left": "YzhmOWUxYTUyZTMyNTI0MzI4YzQ4NzRkZmMyZmRmNzBkOGQ1YzUyNjQ2OTkyNjRmZDRkODk4M2Y1NTg3MDVkYw=="
        }
      ]
    }
  }
}
jeffa5 commented 1 year ago

And with updated .proto to use strings more in the receipts:

{
  "header": {
    "clusterId": "1136169219888705108",
    "memberId": "28684126496562193",
    "revision": "11",
    "raftTerm": "2"
  },
  "receipt": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIBxDCCAUmgAwIBAgIRAML8hKWDqB01ffbUZLJD+64wCgYIKoZIzj0EAwMwFjEU\nMBIGA1UEAwwLQ0NGIE5ldHdvcmswHhcNMjIxMTAyMTcxODAxWhcNMjMwMTMxMTcx\nODAwWjATMREwDwYDVQQDDAhDQ0YgTm9kZTB2MBAGByqGSM49AgEGBSuBBAAiA2IA\nBLVeMTnYdCHrWfQB32r68kqIwvAtZ9zki03HX7qFzr9PCsvItx38bRfySV3TxxcP\nijy4wZKU9Y3++zLs6xD2rYA/WUaAYR9fIbZvaLaQu+gvocHTxKbXiV1hsHQ1AaoQ\nAqNeMFwwCQYDVR0TBAIwADAdBgNVHQ4EFgQUtxTmUJTCr/SisItTgexC3+TeFvow\nHwYDVR0jBBgwFoAUVKRNO5V1Zbs6nWUvViQdSThOIg4wDwYDVR0RBAgwBocEfwAA\nATAKBggqhkjOPQQDAwNpADBmAjEAiaXbOdQ/80t4QoayguPC+L9+k4Jf+BsYzhcf\nc7Q7Udl3h5ZqaZmsaP/yefNmE4J/AjEAl/JTbSTunjSTP/JbUaRtaBdUT8JkcDq2\nV0eU713HN+kvuFQ9uEpeeHqOpoE7sUCx\n-----END CERTIFICATE-----\n",
    "signature": "MGYCMQDBT7Q8+xu12zBiqGwjx4BJ6oke1ZUdGHxcPYVSfAsOBKC6l6wJxqC2XLddZcjJVgcCMQC89kp7UtSLJSMKMa5b5yPElhgnpN3+3zAA1ZlnOeGUOnUbuNCKHYEDKOYK4sMDB2A=",
    "nodeId": "111c85a20fe865007036486eaacbf9b4fc4f57c35ad0abab104f9ec5f772304a",
    "txReceipt": {
      "leafComponents": {
        "claimsDigest": "60b64951446c6eba0c03d244341bbd9ac7ce52bb104060066c8c630cd131f59f",
        "commitEvidence": "ce:2.10:1981d2fec3435f88e70a45deff905bc551c86e4199f1a4a5b23482b2f467810c",
        "writeSetDigest": "bf91e4ee95e7f3eb24fb6b0f6d278b5386384d1fe4f29d4904078e0ce48a0f33"
      },
      "proof": [
        {
          "left": "b028ea76c8039f709f230edfe9335219467e2c8b81d46e7858a63f73d01da066"
        },
        {
          "left": "bc6c0998957b979780855e8568c9a06d70dd6dd6c504d4aebcd6aed4423ba82f"
        }
      ]
    }
  }
}
github-actions[bot] commented 1 year ago

Plots from benchmarking at 60364a4df266a75303f590d44a9cb21a7cfb3f24

Available from here

etcd/ecdf-latency_ms-None-nodes-vars.jpg
etcd/scatter-start_ms-latency_ms-None-nodes-vars.jpg
etcd/throughput_bar-rate-None-nodes-vars.jpg
k6/ecdf-latency_ms-None-nodes-vars.jpg
k6/scatter-start_ms-latency_ms-None-nodes-vars.jpg
perf/ecdf-latency_ms-http_version-nodes-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-nodes-vars.jpg
ycsb/ecdf-latency_ms-nodes-operation-vars.jpg
ycsb/scatter-start_ms-latency_ms-nodes-operation-vars.jpg
ycsb/throughput_bar-rate-nodes-operation-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at d893db83ab3a52fef2783577fea891b013f67b5d

Available from here

etcd/ecdf-latency_ms-None-nodes-vars.jpg
etcd/scatter-start_ms-latency_ms-None-nodes-vars.jpg
etcd/throughput_bar-rate-None-nodes-vars.jpg
k6/ecdf-latency_ms-None-nodes-vars.jpg
k6/scatter-start_ms-latency_ms-None-nodes-vars.jpg
perf/ecdf-latency_ms-http_version-nodes-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-nodes-vars.jpg
ycsb/ecdf-latency_ms-nodes-operation-vars.jpg
ycsb/scatter-start_ms-latency_ms-nodes-operation-vars.jpg
ycsb/throughput_bar-rate-nodes-operation-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at 623f741f922ec11512af844f089400dcd19af84e

Available from here

etcd/ecdf-latency_ms-None-nodes-vars.jpg
etcd/scatter-start_ms-latency_ms-None-nodes-vars.jpg
etcd/throughput_bar-rate-None-nodes-vars.jpg
k6/ecdf-latency_ms-None-nodes-vars.jpg
k6/scatter-start_ms-latency_ms-None-nodes-vars.jpg
perf/ecdf-latency_ms-http_version-nodes-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-nodes-vars.jpg
ycsb/ecdf-latency_ms-nodes-operation-vars.jpg
ycsb/scatter-start_ms-latency_ms-nodes-operation-vars.jpg
ycsb/throughput_bar-rate-nodes-operation-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at e82db7e1718064cef08232598a0b8bab1f67b3e4

Available from here

etcd/ecdf-latency_ms-None-nodes-vars.jpg
etcd/scatter-start_ms-latency_ms-None-nodes-vars.jpg
etcd/throughput_bar-rate-None-nodes-vars.jpg
k6/ecdf-latency_ms-None-nodes-vars.jpg
k6/scatter-start_ms-latency_ms-None-nodes-vars.jpg
perf/ecdf-latency_ms-http_version-nodes-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-nodes-vars.jpg
ycsb/ecdf-latency_ms-nodes-operation-vars.jpg
ycsb/scatter-start_ms-latency_ms-nodes-operation-vars.jpg
ycsb/throughput_bar-rate-nodes-operation-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at 94cc055222ac4f888e86958625d50b3382423269

Available from here

etcd/ecdf-latency_ms-None-nodes-vars.jpg
etcd/scatter-start_ms-latency_ms-None-nodes-vars.jpg
etcd/throughput_bar-rate-None-nodes-vars.jpg
k6/ecdf-latency_ms-None-nodes-vars.jpg
k6/scatter-start_ms-latency_ms-None-nodes-vars.jpg
perf/ecdf-latency_ms-http_version-nodes-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-nodes-vars.jpg
ycsb/ecdf-latency_ms-nodes-operation-vars.jpg
ycsb/scatter-start_ms-latency_ms-nodes-operation-vars.jpg
ycsb/throughput_bar-rate-nodes-operation-vars.jpg
github-actions[bot] commented 1 year ago

Plots from benchmarking at 6b54ce41f3638a843ba84f7a4a0e7c83eaab597f

Available from here

etcd/achieved_throughput_bar-vars-None-nodes.jpg
etcd/ecdf-latency_ms-None-nodes-vars.jpg
etcd/scatter-start_ms-latency_ms-None-nodes-vars.jpg
etcd/target_throughput_latency_line-rate-None-nodes-vars.jpg
etcd/throughput_bar-rate-None-nodes-vars.jpg
k6/achieved_throughput_bar-vars-None-nodes.jpg
k6/ecdf-latency_ms-None-nodes-vars.jpg
k6/scatter-start_ms-latency_ms-None-nodes-vars.jpg
k6/target_throughput_latency_line-rate-None-nodes-vars.jpg
k6/throughput_bar-rate-None-nodes-vars.jpg
perf/achieved_throughput_bar-vars-http_version-nodes.jpg
perf/ecdf-latency_ms-http_version-nodes-vars.jpg
perf/scatter-start_ms-latency_ms-http_version-nodes-vars.jpg
ycsb/achieved_throughput_bar-vars-None-None.jpg
ycsb/ecdf-latency_ms-nodes-operation-vars.jpg
ycsb/scatter-start_ms-latency_ms-nodes-operation-vars.jpg
ycsb/target_throughput_latency_line-rate-None-nodes-vars.jpg
ycsb/throughput_bar-rate-nodes-operation-vars.jpg
heidihoward commented 1 year ago

Could you include a sample receipt from LSKV as a comment in this PR so that we have an overview of what receipts look like and that they don't leak confidential information?

Sure!

From the CCF native receipt endpoint

{
  "cert": "-----BEGIN CERTIFICATE-----\nMIIBwzCCAUmgAwIBAgIRAL8azkEXL7nLL5Yhp9p6DN0wCgYIKoZIzj0EAwMwFjEU\nMBIGA1UEAwwLQ0NGIE5ldHdvcmswHhcNMjIxMTAyMTcwNzU3WhcNMjMwMTMxMTcw\nNzU2WjATMREwDwYDVQQDDAhDQ0YgTm9kZTB2MBAGByqGSM49AgEGBSuBBAAiA2IA\nBON2qNOiUFwR+Ef0FqEfE5EV58gALq76yI4PjPAx7plDPb5/addKDq4+SP77+5nl\nsJfX9PRx5Ar8zXsbcE/V8EJq3uZid27Ovvez8Kq3VR7MO2qZ9/VbtDCcNI4hgh0K\nPqNeMFwwCQYDVR0TBAIwADAdBgNVHQ4EFgQUP3z6t+rmgxRn4Q8p/xcbO6xP1/8w\nHwYDVR0jBBgwFoAUN0AJObg6ky1oCUjT4z0EvU0beuUwDwYDVR0RBAgwBocEfwAA\nATAKBggqhkjOPQQDAwNoADBlAjEA4Ul6UcDpRlkKmqWWXknCkBff6C75xOKX0QAH\nZ2aRKM5LYqG+Sf9BX4zqgGxM+rRlAjA/i5C+GK2ozYcGXTKePmWXu7KA4qNtfZ6z\nieKOcOD3fZBhKHnQKMR7O0nNHmobiu0=\n-----END CERTIFICATE-----\n",
  "leaf_components": {
    "claims_digest": "59845c1960ad5b384991994b5e3668d63d564b3241aad381dc842ce9765ffa9d",
    "commit_evidence": "ce:2.16:60336ec9dbf02babca64faf85d794a94cfaa01e9f4984378f710d4a20dbd1792",
    "write_set_digest": "6ef580c37c21d75bda380beb713d4b989aec629d3dedeb3f9d808417204db83c"
  },
  "node_id": "dc95a6d0610974b722485646e0be5f92312d792917fff3b8e67a5155cb5cbd1d",
  "proof": [
    {
      "left": "c8f9e1a52e32524328c4874dfc2fdf70d8d5c5264699264fd4d8983f558705dc"
    }
  ],
  "signature": "MGUCMQDi3HIesiKldQPd7ReZAOEsHiwugRf4KrpsN+PXscPrj3XdJZwzSokp3na+YViLFggCMEJzNcuucQvLaPEbEPsfndmZM6a5oFjA0tf/yQWjP7amiB0pGX7iKMLh/KE6q89F6A=="
}

From the new gRPC receipt endpoint:

{
  "header": {
    "clusterId": "16768088272863050520",
    "memberId": "13219201121956304348",
    "revision": "17",
    "raftTerm": "2"
  },
  "receipt": {
    "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJ3ekNDQVVtZ0F3SUJBZ0lSQUw4YXprRVhMN25MTDVZaHA5cDZETjB3Q2dZSUtvWkl6ajBFQXdNd0ZqRVUKTUJJR0ExVUVBd3dMUTBOR0lFNWxkSGR2Y21zd0hoY05Nakl4TVRBeU1UY3dOelUzV2hjTk1qTXdNVE14TVRjdwpOelUyV2pBVE1SRXdEd1lEVlFRRERBaERRMFlnVG05a1pUQjJNQkFHQnlxR1NNNDlBZ0VHQlN1QkJBQWlBMklBCkJPTjJxTk9pVUZ3UitFZjBGcUVmRTVFVjU4Z0FMcTc2eUk0UGpQQXg3cGxEUGI1L2FkZEtEcTQrU1A3Nys1bmwKc0pmWDlQUng1QXI4elhzYmNFL1Y4RUpxM3VaaWQyN092dmV6OEtxM1ZSN01PMnFaOS9WYnREQ2NOSTRoZ2gwSwpQcU5lTUZ3d0NRWURWUjBUQkFJd0FEQWRCZ05WSFE0RUZnUVVQM3o2dCtybWd4Um40UThwL3hjYk82eFAxLzh3Ckh3WURWUjBqQkJnd0ZvQVVOMEFKT2JnNmt5MW9DVWpUNHowRXZVMGJldVV3RHdZRFZSMFJCQWd3Qm9jRWZ3QUEKQVRBS0JnZ3Foa2pPUFFRREF3Tm9BREJsQWpFQTRVbDZVY0RwUmxrS21xV1dYa25Da0JmZjZDNzV4T0tYMFFBSApaMmFSS001TFlxRytTZjlCWDR6cWdHeE0rclJsQWpBL2k1QytHSzJvelljR1hUS2VQbVdYdTdLQTRxTnRmWjZ6CmllS09jT0QzZlpCaEtIblFLTVI3TzBuTkhtb2JpdTA9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K",
    "signature": "MGUCMQDi3HIesiKldQPd7ReZAOEsHiwugRf4KrpsN+PXscPrj3XdJZwzSokp3na+YViLFggCMEJzNcuucQvLaPEbEPsfndmZM6a5oFjA0tf/yQWjP7amiB0pGX7iKMLh/KE6q89F6A==",
    "nodeId": "ZGM5NWE2ZDA2MTA5NzRiNzIyNDg1NjQ2ZTBiZTVmOTIzMTJkNzkyOTE3ZmZmM2I4ZTY3YTUxNTVjYjVjYmQxZA==",
    "txReceipt": {
      "leafComponents": {
        "claimsDigest": "NTk4NDVjMTk2MGFkNWIzODQ5OTE5OTRiNWUzNjY4ZDYzZDU2NGIzMjQxYWFkMzgxZGM4NDJjZTk3NjVmZmE5ZA==",
        "commitEvidence": "Y2U6Mi4xNjo2MDMzNmVjOWRiZjAyYmFiY2E2NGZhZjg1ZDc5NGE5NGNmYWEwMWU5ZjQ5ODQzNzhmNzEwZDRhMjBkYmQxNzky",
        "writeSetDigest": "NmVmNTgwYzM3YzIxZDc1YmRhMzgwYmViNzEzZDRiOTg5YWVjNjI5ZDNkZWRlYjNmOWQ4MDg0MTcyMDRkYjgzYw=="
      },
      "proof": [
        {
          "left": "YzhmOWUxYTUyZTMyNTI0MzI4YzQ4NzRkZmMyZmRmNzBkOGQ1YzUyNjQ2OTkyNjRmZDRkODk4M2Y1NTg3MDVkYw=="
        }
      ]
    }
  }
}

Stupid question but how does the client verify that the receipt received corresponds to their request, write set and the response received?

jeffa5 commented 1 year ago

Stupid question but how does the client verify that the receipt received corresponds to their request, write set and the response received?

They can use the signature to verify the receipt as is (https://microsoft.github.io/CCF/main/use_apps/verify_tx.html#receipt-verification). In doing so they can compute the claims_digest with the request they sent and the response they received. If their computed claims_digest is equal to that in the receipt then coupled with the txid being equal they can be sure that the receipt is for their request.

I think that covers it but let me know if there is still a bit that isn't clear.

jumaffre commented 1 year ago

@jumaffre are you happy with this use of receipts from a security point of view?

It looks good to me. @jeffa5, could you also spell out somewhere in the docs how the claims_digest is computed for all 3 APIs that generate receipts?