1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118

use crate::{
    core::{
        common::crypto::{signature, x25519},
        consensus::{beacon::EpochTime, registry},
    },
    crypto::signature::PublicKey,
    types::{address::Address, token},
};

use super::{app_id::AppId, policy::AppAuthPolicy};

/// Create new ROFL application call.
#[derive(Clone, Debug, Default, cbor::Encode, cbor::Decode)]
pub struct Create {
    /// Application authentication policy.
    pub policy: AppAuthPolicy,
    /// Identifier generation scheme.
    pub scheme: IdentifierScheme,
}

/// ROFL application identifier generation scheme.
#[derive(Clone, Copy, Debug, Default, cbor::Encode, cbor::Decode)]
#[repr(u8)]
pub enum IdentifierScheme {
    #[default]
    CreatorRoundIndex = 0,
    CreatorNonce = 1,
}

/// Update an existing ROFL application call.
#[derive(Clone, Debug, Default, cbor::Encode, cbor::Decode)]
pub struct Update {
    /// ROFL application identifier.
    pub id: AppId,
    /// Authentication policy.
    pub policy: AppAuthPolicy,
    /// Application administrator address.
    pub admin: Option<Address>,
}

/// Remove an existing ROFL application call.
#[derive(Clone, Debug, Default, cbor::Encode, cbor::Decode)]
pub struct Remove {
    /// ROFL application identifier.
    pub id: AppId,
}

/// ROFL application configuration.
#[derive(Clone, Debug, Default, cbor::Encode, cbor::Decode)]
#[cfg_attr(test, derive(PartialEq, Eq))]
pub struct AppConfig {
    /// ROFL application identifier.
    pub id: AppId,
    /// Authentication policy.
    pub policy: AppAuthPolicy,
    /// Application administrator address.
    pub admin: Option<Address>,
    /// Staked amount.
    pub stake: token::BaseUnits,
}

/// Register ROFL call.
#[derive(Clone, Debug, Default, cbor::Encode, cbor::Decode)]
pub struct Register {
    /// ROFL application identifier.
    pub app: AppId,
    /// Endorsed TEE capability.
    pub ect: registry::EndorsedCapabilityTEE,
    /// Epoch when the ROFL registration expires if not renewed.
    pub expiration: EpochTime,
    /// Extra public keys to endorse (e.g. secp256k1 keys).
    ///
    /// All of these keys need to co-sign the registration transaction to prove ownership.
    pub extra_keys: Vec<PublicKey>,
}

/// ROFL registration descriptor.
#[derive(Clone, Debug, Default, PartialEq, Eq, cbor::Encode, cbor::Decode)]
pub struct Registration {
    /// Application this enclave is registered for.
    pub app: AppId,
    /// Identifier of the endorsing node.
    pub node_id: signature::PublicKey,
    /// Optional identifier of the endorsing entity.
    pub entity_id: Option<signature::PublicKey>,
    /// Runtime Attestation Key.
    pub rak: signature::PublicKey,
    /// Runtime Encryption Key.
    pub rek: x25519::PublicKey,
    /// Epoch when the ROFL registration expires if not renewed.
    pub expiration: EpochTime,
    /// Extra public keys to endorse (e.g. secp256k1 keys).
    pub extra_keys: Vec<PublicKey>,
}

/// Application-related query.
#[derive(Clone, Debug, Default, cbor::Encode, cbor::Decode)]
pub struct AppQuery {
    /// ROFL application identifier.
    pub id: AppId,
}

/// Application instance query.
#[derive(Clone, Debug, cbor::Encode, cbor::Decode)]
#[cbor(no_default)]
pub struct AppInstanceQuery {
    /// ROFL application identifier.
    pub app: AppId,
    /// Runtime Attestation Key.
    pub rak: PublicKey,
}

/// Stake thresholds for managing ROFL.
#[derive(Clone, Debug, Default, cbor::Encode, cbor::Decode)]
pub struct StakeThresholds {
    /// Required stake for creating new ROFL application.
    pub app_create: token::BaseUnits,
}