feat(protocol): check if addresses ever reregistered in SGXProver (#1…

…5665) Co-authored-by: Keszey Dániel <keszeyd@MacBook-Pro.local>
taikoxyz · Feb 6, 2024 · 27c86c1 · 27c86c1
1 parent 8e43ffe
commit 27c86c1
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 1 deletion.
diff --git a/packages/protocol/contracts/verifiers/SgxVerifier.sol b/packages/protocol/contracts/verifiers/SgxVerifier.sol
@@ -52,14 +52,21 @@ contract SgxVerifier is EssentialContract, IVerifier {
     /// public key shall expire after some time. (For now it is a long enough 6
     /// months setting.)
     mapping(uint256 instanceId => Instance) public instances; // slot 2
+    /// @dev One address shall be registered (during attestation) only once, otherwise it could
+    /// bypass this contract's expiry check by always registering with the same attestation and
+    /// getting multiple valid instanceIds. While during proving, it is technically possible to
+    /// register the old addresses, it is less of a problem, because the instanceId would be the
+    /// same for those addresses and if deleted - the attestation cannot be reused anyways.
+    mapping(address instanceAddress => bool alreadyAttested) public addressRegistered; // slot 3
 
-    uint256[48] private __gap;
+    uint256[47] private __gap;
 
     event InstanceAdded(
         uint256 indexed id, address indexed instance, address replaced, uint256 validSince
     );
     event InstanceDeleted(uint256 indexed id, address indexed instance);
 
+    error SGX_ALREADY_ATTESTED();
     error SGX_DELETE_NOT_AUTHORIZED();
     error SGX_INVALID_ATTESTATION();
     error SGX_INVALID_INSTANCE();
@@ -192,6 +199,10 @@ contract SgxVerifier is EssentialContract, IVerifier {
         }
 
         for (uint256 i; i < _instances.length; ++i) {
+            if (addressRegistered[_instances[i]]) revert SGX_ALREADY_ATTESTED();
+
+            addressRegistered[_instances[i]] = true;
+
             if (_instances[i] == address(0)) revert SGX_INVALID_INSTANCE();
 
             instances[nextInstanceId] = Instance(_instances[i], validSince);

diff --git a/packages/protocol/test/verifiers/SgxVerifier.t.sol b/packages/protocol/test/verifiers/SgxVerifier.t.sol
@@ -65,6 +65,18 @@ contract TestSgxVerifier is TaikoL1TestBase, AttestationBase {
         sv.registerInstance(v3quote);
     }
 
+    function test_registerInstanceTwiceWithSameAttestation() external {
+        V3Struct.ParsedV3QuoteStruct memory v3quote =
+            ParseV3QuoteBytes(address(pemCertChainLib), sampleQuote);
+
+        vm.prank(Bob, Bob);
+        sv.registerInstance(v3quote);
+
+        vm.expectRevert(SgxVerifier.SGX_ALREADY_ATTESTED.selector);
+        vm.prank(Carol, Carol);
+        sv.registerInstance(v3quote);
+    }
+
     function _getSignature(
         address _newInstance,
         address[] memory _instances,