Merge pull request #5389 from oasisprotocol/kostko/fix/signed-attesta…

…tions-flag go/registry: Do not verify node TEE capabilities during genesis
oasisprotocol · Oct 9, 2023 · 2e2830b · 2e2830b
2 parents b14f0b8 + a815aa2
commit 2e2830b
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 14 deletions.
diff --git a/.changelog/5389.bugfix.md b/.changelog/5389.bugfix.md
@@ -0,0 +1 @@
+go/registry: Do not verify node TEE capabilities during genesis
diff --git a/go/oasis-node/cmd/genesis/migrate.go b/go/oasis-node/cmd/genesis/migrate.go
@@ -293,24 +293,14 @@ NodeLoop:
 			continue
 		}
 		for _, rt := range node.Runtimes {
-			knownRt, exists := knownRuntimes[rt.ID]
+			_, exists := knownRuntimes[rt.ID]
 			if !exists {
 				logger.Warn("removing node referencing unknown runtime",
 					"node_id", node.ID,
 					"runtime_id", rt.ID,
 				)
 				continue NodeLoop
 			}
-			if rt.Capabilities.TEE != nil {
-				if err := registry.VerifyNodeRuntimeEnclaveIDs(logger, node.ID, rt, knownRt, newDoc.Registry.Parameters.TEEFeatures, oldDoc.Time, uint64(oldDoc.Height)); err != nil {
-					logger.Warn("removing node with invalid TEE capability",
-						"err", err,
-						"node_id", node.ID,
-						"runtime_id", rt.ID,
-					)
-					continue NodeLoop
-				}
-			}
 		}
 		newDoc.Registry.Nodes = append(newDoc.Registry.Nodes, sigNode)
 	}

diff --git a/go/registry/api/api.go b/go/registry/api/api.go
@@ -614,9 +614,14 @@ func VerifyRegisterNodeArgs( // nolint: gocyclo
 				return nil, nil, fmt.Errorf("failed to lookup runtime: %w", err)
 			}
 
-			// If the node indicates TEE support for any of it's runtimes,
-			// validate the attestation evidence.
-			if err := VerifyNodeRuntimeEnclaveIDs(logger, n.ID, rt, regRt, params.TEEFeatures, now, height); err != nil && !isSanityCheck {
+			// If the node indicates TEE support for any of it's runtimes, validate the attestation
+			// evidence.
+			//
+			// These checks are skipped at time of genesis as there can be nodes present which are
+			// both validators and compute nodes and have out of date attestation evidence. Removing
+			// such nodes could lead to consensus not having the proper majority. This is safe as
+			// attestation evidence is independently verified before scheduling committees.
+			if err := VerifyNodeRuntimeEnclaveIDs(logger, n.ID, rt, regRt, params.TEEFeatures, now, height); err != nil && !isSanityCheck && !isGenesis {
 				return nil, nil, err
 			}