TREX is a project to develop a protocol and network to support permissionless & trustless timed-release encryption in Web3. 🚀
Install nix and optionally direnv and
lorri for a fully plug and play experience for setting up
the development environment. To get all the correct dependencies activate direnv direnv allow and
lorri lorri shell.
First, complete the basic Rust setup instructions.
Make sure that Google Protocol Buffers were installed in the machine.
Use Rust's native cargo command to build and launch the template node:
cargo run --release -- --devNote: The current code is built OK on Ubuntu 22.04 with current rust toolchain. It has errors when linking with "rust-lld" on macOS 13.0.1.
The cargo run command will perform an initial build. Use the following command to build the node
without launching it:
- If you can perform Remote Attestation:
cargo build --release - If you can NOT perform Remote Attestation:
cargo build --release --features "skip-ias-check"
Once the project has been built, the following command can be used to explore all parameters and subcommands:
./target/release/trex -hAll core functions are covered by unit tests. To test the core functions, simply run
cargo testIf using a container to run the unit test and develop inside a container, you may pull or build a prebuilt image
as run in docker section.
Once you have the image, assume the name of the image is trex-node:prebuild. You may run unittest inside the container.
docker run -it trexnode.azurecr.io/trex-node:prebuild
cd trex && cargo testThe provided cargo run command will launch a temporary node and its state will be discarded after
you terminate the process. After the project has been built, there are other ways to launch the
node.
This command will start the single-node development chain with non-persistent state:
./target/release/trex --devPurge the development chain's state:
./target/release/trex purge-chain --devStart the development chain with detailed logging:
RUST_BACKTRACE=1 ./target/release/trex -ldebug --devDevelopment chain means that the state of our chain will be in a tmp folder while the nodes are running. Also, alice account will be authority and sudo account as declared in the genesis state. At the same time the following accounts will be pre-funded:
- Alice
- Bob
- Alice//stash
- Bob//stash
In case of being interested in maintaining the chain' state between runs a base path must be added so the db can be stored in the provided folder instead of a temporal one. We could use this folder to store different chain databases, as a different folder will be created per different chain that is ran. The following commands shows how to use a newly created folder as our db base path.
// Create a folder to use as the db base path
$ mkdir my-chain-state
// Use of that folder to store the chain state
$ ./target/release/trex --dev --base-path ./my-chain-state/
// Check the folder structure created inside the base path after running the chain
$ ls ./my-chain-state
chains
$ ls ./my-chain-state/chains/
dev
$ ls ./my-chain-state/chains/dev
db keystore networkOnce the TREX node is running locally, you can connect it with Polkadot-JS Apps front-end to interact with your chain. Click here connecting the Apps to your local TREX node.
If you want to see the multi-node consensus algorithm in action, refer to our Simulate a network tutorial.
The TREX project consists of a number of components that are spread across a few directories.
A TREX node is an application that allows users to participate in a blockchain network. The TREX blockchain nodes expose a number of capabilities:
- Networking: TREX nodes use the
libp2pnetworking stack to allow the nodes in the network to communicate with one another. - Consensus: The TREX network uses Aura algorithm for authoring blocks and the GRANDPA algorithm for block finalization that have been built on top of Web3 Foundation research.
- RPC Server: A remote procedure call (RPC) server is used to interact with TREX nodes. The frontend applications will also use RPC calls to access key-holder data for threshold encryption.
There are several files in the node directory - take special note of the following:
chain_spec.rs: A chain specification is a source code file that defines a TREX blockchain's initial (genesis) state. Chain specifications are useful for development and testing, and critical when architecting the launch of a production chain. Take note of thedevelopment_configandtestnet_genesisfunctions, which are used to define the genesis state for the local development chain configuration. These functions identify some well-known accounts and use them to configure the blockchain's initial state.service.rs: This file defines the node implementation. Take note of the libraries that this file imports and the names of the functions it invokes. In particular, there are references to consensus-related topics, such as the block finalization and forks and other consensus mechanisms such as Aura for block authoring and GRANDPA for finality.
After the node has been built, refer to the embedded documentation to learn more about the capabilities and configuration parameters that it exposes:
./target/release/trex --helpIn TREX network, the terms "runtime" and "state transition function" are analogous - they refer to the core logic of the blockchain that is responsible for validating blocks and executing the state changes they define. The TREX project in this repository uses FRAME to construct a blockchain runtime. FRAME allows runtime developers to declare domain-specific logic in modules called "pallets". At the heart of FRAME is a helpful macro language that makes it easy to create pallets and flexibly compose them to create blockchains that can address a variety of needs.
Review the FRAME runtime implementation included in this project and note the following:
- This file configures several pallets to include in the runtime. Each pallet configuration is
defined by a code block that begins with
impl $PALLET_NAME::Config for Runtime. - The pallets are composed into a single runtime by way of the
construct_runtime!macro, which is part of the core FRAME Support system library.
The runtime in this project is constructed using many FRAME pallets that ship with the core Substrate repository
We also create two specific pallets for the TREX network and its off-chain workers.
This pallet is responsible for verification of remote attestation from off-chain workers, which are also called as key-holders in the TREX network.
- Storage: The on-chain storage keeps the verification status of each off-chain worker and its RSA public key for shielding the data communication between nodes and off-chain workers.
- Dispatchables: Runtime APIs to register, unregister an off-chain worker with Intel SGX enclaves, and query the status of off-chain workers.
- Events: A event is emitted when an off-chain worker is registered or unregistered.
- Errors: When registration of a new key-holder fails, it returns an error.
This pallet supports the core functionality of the TREX network - decentralized timed-release encryption.
- Dispatchables: Runtime APIs to send encrypted data with shielded key pieces and decrypt data with key pieces released from off-chain workers.
- Events: A event is emitted when encrypted data were sent to the blockchain and the key-holder will handle the event and hold corresponding keys in the enclave.
- Errors: When sending TREX data fails, it returns an error.
First, install Docker and Docker Compose. You may build docker images for deployments and test. Run the following command to build a docker image for deployment.
docker build -t trex-node:latest .For supporting integration tests in non-sgx environment with keyholder nodes, you may use the following command to build the test image. The corresponding keyholder nodes may run in software-simulated SGX mode, thus, the IAS check need to be skipped. This image is only for integration test alongside the keyholder but not unit tests.
docker build --build-arg FEATURES="skip-ias-check" -t trex-node:test .For unit tests inside a container, we have another image tagged as "prebuild".
docker build -f docker/prebuild.Dockerfile -t trex-node:prebuild .You may pull the latest image from a public container registry instead of building it by yourself. Use the following command to pull a pre-built image.
For deployment:
docker pull trexnode.azurecr.io/trex-node:latestFor integration test:
docker pull trexnode.azurecr.io/trex-node:testFor unit test:
docker pull trexnode.azurecr.io/trex-node:prebuildRemember to sign out with docker logout from your existing login credentials if you have errors.
Then run the following command to start a single node development chain.
./scripts/docker_run.shThis command will use the pre-compiled executable in the image, and then start a local development network. By default, it supports external WebSocket connection (for key-holder connections) and external RPC methods (for user queries).
You can also replace the default command
(--dev --ws-external --rpc-cors all --rpc-methods=unsafe --rpc-external)
by appending your own. Based on your application and deployment environments, you may turn off WebSocket or RPC supports
for enhanced safety.
A few useful ones are as follows.
# Run TREX node without RPC supports
./scripts/docker_run.sh --dev --ws-external
# Purge the local dev chain
./scripts/docker_run.sh purge-chain --dev