├── .CodeQL.yml ├── .backportrc.json ├── .clang-format ├── .clang-tidy ├── .cmake-format.py ├── .devcontainer ├── Dockerfile ├── devcontainer.json ├── post_create_setup.sh └── tlaplus │ └── devcontainer.json ├── .gdn └── CredScanSuppressions.json ├── .gitattributes ├── .gitconfig ├── .github ├── CODEOWNERS ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── ISSUE_TEMPLATE │ ├── bug_report.md │ ├── feature_request.md │ └── task.md ├── dependabot.yml └── workflows │ ├── README.md │ ├── bencher.yml │ ├── ci-containers-ghcr.yml │ ├── ci-verification.yml │ ├── ci.yml │ ├── codeql-analysis.yml │ ├── containers-ghcr.yml │ ├── doc.yml │ ├── long-test.yml │ ├── long-verification.yml │ ├── npm.yml │ ├── pypi.yml │ └── release.yml ├── .gitignore ├── .prettierignore ├── .ruff.toml ├── .vscode ├── c_cpp_properties.json └── launch.json ├── 3rdparty ├── README.md ├── exported │ ├── QCBOR │ │ ├── .gitignore │ │ ├── .travis.yml │ │ ├── CMakeLists.txt │ │ ├── Makefile │ │ ├── QCBOR.xcodeproj │ │ │ └── project.pbxproj │ │ ├── README.md │ │ ├── SECURITY.md │ │ ├── UsefulBuf.h │ │ ├── cmd_line_main.c │ │ ├── doc │ │ │ ├── DocReadMe.txt │ │ │ ├── Tagging.md │ │ │ └── TimeTag1FAQ.md │ │ ├── example.c │ │ ├── example.h │ │ ├── qcbor │ │ │ ├── UsefulBuf.h │ │ │ ├── qcbor.h │ │ │ ├── qcbor_common.h │ │ │ ├── qcbor_decode.h │ │ │ ├── qcbor_encode.h │ │ │ ├── qcbor_private.h │ │ │ └── qcbor_spiffy_decode.h │ │ ├── src │ │ │ ├── UsefulBuf.c │ │ │ ├── ieee754.c │ │ │ ├── ieee754.h │ │ │ ├── qcbor_decode.c │ │ │ ├── qcbor_encode.c │ │ │ └── qcbor_err_to_str.c │ │ ├── test │ │ │ ├── CMakeLists.txt │ │ │ ├── UsefulBuf_Tests.c │ │ │ ├── UsefulBuf_Tests.h │ │ │ ├── float_tests.c │ │ │ ├── float_tests.h │ │ │ ├── half_to_double_from_rfc7049.c │ │ │ ├── half_to_double_from_rfc7049.h │ │ │ ├── not_well_formed_cbor.h │ │ │ ├── qcbor_decode_tests.c │ │ │ ├── qcbor_decode_tests.h │ │ │ ├── qcbor_encode_tests.c │ │ │ ├── qcbor_encode_tests.h │ │ │ ├── run_tests.c │ │ │ └── run_tests.h │ │ ├── ub-example.c │ │ └── ub-example.h │ ├── didx509cpp │ │ └── didx509cpp.h │ ├── fmt │ │ ├── args.h │ │ ├── base.h │ │ ├── chrono.h │ │ ├── color.h │ │ ├── compile.h │ │ ├── core.h │ │ ├── format-inl.h │ │ ├── format.h │ │ ├── os.h │ │ ├── ostream.h │ │ ├── printf.h │ │ ├── ranges.h │ │ ├── std.h │ │ └── xchar.h │ ├── llhttp │ │ ├── api.c │ │ ├── http.c │ │ ├── llhttp.c │ │ └── llhttp.h │ ├── merklecpp │ │ └── merklecpp.h │ ├── nlohmann │ │ └── json.hpp │ ├── quickjs │ │ ├── Changelog │ │ ├── LICENSE │ │ ├── Makefile │ │ ├── TODO │ │ ├── VERSION │ │ ├── cutils.c │ │ ├── cutils.h │ │ ├── doc │ │ │ ├── jsbignum.html │ │ │ ├── jsbignum.pdf │ │ │ ├── jsbignum.texi │ │ │ ├── quickjs.html │ │ │ ├── quickjs.pdf │ │ │ └── quickjs.texi │ │ ├── examples │ │ │ ├── fib.c │ │ │ ├── fib_module.js │ │ │ ├── hello.js │ │ │ ├── hello_module.js │ │ │ ├── pi_bigdecimal.js │ │ │ ├── pi_bigfloat.js │ │ │ ├── pi_bigint.js │ │ │ ├── point.c │ │ │ ├── test_fib.js │ │ │ └── test_point.js │ │ ├── jscompress.c │ │ ├── libbf.c │ │ ├── libbf.h │ │ ├── libregexp-opcode.h │ │ ├── libregexp.c │ │ ├── libregexp.h │ │ ├── libunicode-table.h │ │ ├── libunicode.c │ │ ├── libunicode.h │ │ ├── list.h │ │ ├── qjs.c │ │ ├── qjsc.c │ │ ├── qjscalc.js │ │ ├── quickjs-atom.h │ │ ├── quickjs-exports.c │ │ ├── quickjs-exports.h │ │ ├── quickjs-libc.c │ │ ├── quickjs-libc.h │ │ ├── quickjs-opcode.h │ │ ├── quickjs-time.h │ │ ├── quickjs.c │ │ ├── quickjs.h │ │ ├── readme.txt │ │ ├── release.sh │ │ ├── repl.js │ │ ├── run-test262.c │ │ ├── test262.conf │ │ ├── test262_errors.txt │ │ ├── test262o.conf │ │ ├── test262o_errors.txt │ │ ├── tests │ │ │ ├── bjson.c │ │ │ ├── microbench.js │ │ │ ├── test262.patch │ │ │ ├── test_bignum.js │ │ │ ├── test_bjson.js │ │ │ ├── test_builtin.js │ │ │ ├── test_closure.js │ │ │ ├── test_language.js │ │ │ ├── test_loop.js │ │ │ ├── test_op.js │ │ │ ├── test_op_overloading.js │ │ │ ├── test_qjscalc.js │ │ │ ├── test_std.js │ │ │ ├── test_worker.js │ │ │ └── test_worker_module.js │ │ ├── unicode_download.sh │ │ ├── unicode_gen.c │ │ └── unicode_gen_def.h │ ├── small_vector │ │ ├── LICENSE.TXT │ │ ├── README.md │ │ └── SmallVector.h │ ├── snmalloc │ │ ├── .clang-format │ │ ├── .clang-tidy │ │ ├── .github │ │ │ └── workflows │ │ │ │ └── main.yml │ │ ├── .gitignore │ │ ├── CMakeLists.txt │ │ ├── LICENSE │ │ ├── README.md │ │ ├── security.md │ │ └── src │ │ │ ├── snmalloc │ │ │ ├── README.md │ │ │ ├── aal │ │ │ │ ├── aal.h │ │ │ │ ├── aal_arm.h │ │ │ │ ├── aal_cheri.h │ │ │ │ ├── aal_concept.h │ │ │ │ ├── aal_consts.h │ │ │ │ ├── aal_powerpc.h │ │ │ │ ├── aal_riscv.h │ │ │ │ ├── aal_sparc.h │ │ │ │ ├── aal_x86.h │ │ │ │ ├── aal_x86_sgx.h │ │ │ │ └── address.h │ │ │ ├── backend │ │ │ │ ├── backend.h │ │ │ │ ├── base_constants.h │ │ │ │ ├── fixedglobalconfig.h │ │ │ │ ├── globalconfig.h │ │ │ │ ├── meta_protected_range.h │ │ │ │ └── standard_range.h │ │ │ ├── backend_helpers │ │ │ │ ├── authmap.h │ │ │ │ ├── backend_helpers.h │ │ │ │ ├── buddy.h │ │ │ │ ├── commitrange.h │ │ │ │ ├── commonconfig.h │ │ │ │ ├── defaultpagemapentry.h │ │ │ │ ├── empty_range.h │ │ │ │ ├── globalrange.h │ │ │ │ ├── indirectrange.h │ │ │ │ ├── largebuddyrange.h │ │ │ │ ├── lockrange.h │ │ │ │ ├── logrange.h │ │ │ │ ├── noprange.h │ │ │ │ ├── pagemap.h │ │ │ │ ├── pagemapregisterrange.h │ │ │ │ ├── palrange.h │ │ │ │ ├── range_helpers.h │ │ │ │ ├── smallbuddyrange.h │ │ │ │ ├── staticconditionalrange.h │ │ │ │ ├── staticrange.h │ │ │ │ ├── statsrange.h │ │ │ │ └── subrange.h │ │ │ ├── ds │ │ │ │ ├── aba.h │ │ │ │ ├── allocconfig.h │ │ │ │ ├── combininglock.h │ │ │ │ ├── ds.h │ │ │ │ ├── entropy.h │ │ │ │ ├── flaglock.h │ │ │ │ ├── mpmcstack.h │ │ │ │ ├── pagemap.h │ │ │ │ └── singleton.h │ │ │ ├── ds_core │ │ │ │ ├── bits.h │ │ │ │ ├── concept.h │ │ │ │ ├── defines.h │ │ │ │ ├── ds_core.h │ │ │ │ ├── helpers.h │ │ │ │ ├── mitigations.h │ │ │ │ ├── ptrwrap.h │ │ │ │ ├── redblacktree.h │ │ │ │ └── seqset.h │ │ │ ├── global │ │ │ │ ├── bounds_checks.h │ │ │ │ ├── global.h │ │ │ │ ├── libc.h │ │ │ │ ├── memcpy.h │ │ │ │ ├── scopedalloc.h │ │ │ │ └── threadalloc.h │ │ │ ├── mem │ │ │ │ ├── backend_concept.h │ │ │ │ ├── backend_wrappers.h │ │ │ │ ├── corealloc.h │ │ │ │ ├── entropy.h │ │ │ │ ├── external_alloc.h │ │ │ │ ├── freelist.h │ │ │ │ ├── freelist_queue.h │ │ │ │ ├── globalalloc.h │ │ │ │ ├── localalloc.h │ │ │ │ ├── localcache.h │ │ │ │ ├── mem.h │ │ │ │ ├── metadata.h │ │ │ │ ├── pool.h │ │ │ │ ├── pooled.h │ │ │ │ ├── remoteallocator.h │ │ │ │ ├── remotecache.h │ │ │ │ ├── sizeclasstable.h │ │ │ │ └── ticker.h │ │ │ ├── override │ │ │ │ ├── jemalloc_compat.cc │ │ │ │ ├── malloc-extensions.cc │ │ │ │ ├── malloc-extensions.h │ │ │ │ ├── malloc.cc │ │ │ │ ├── memcpy.cc │ │ │ │ ├── new.cc │ │ │ │ ├── override.h │ │ │ │ └── rust.cc │ │ │ ├── pal │ │ │ │ ├── pal.h │ │ │ │ ├── pal_apple.h │ │ │ │ ├── pal_bsd.h │ │ │ │ ├── pal_bsd_aligned.h │ │ │ │ ├── pal_concept.h │ │ │ │ ├── pal_consts.h │ │ │ │ ├── pal_dragonfly.h │ │ │ │ ├── pal_ds.h │ │ │ │ ├── pal_freebsd.h │ │ │ │ ├── pal_freebsd_kernel.h │ │ │ │ ├── pal_haiku.h │ │ │ │ ├── pal_linux.h │ │ │ │ ├── pal_netbsd.h │ │ │ │ ├── pal_noalloc.h │ │ │ │ ├── pal_open_enclave.h │ │ │ │ ├── pal_openbsd.h │ │ │ │ ├── pal_plain.h │ │ │ │ ├── pal_posix.h │ │ │ │ ├── pal_solaris.h │ │ │ │ ├── pal_tid_default.h │ │ │ │ ├── pal_timer_default.h │ │ │ │ └── pal_windows.h │ │ │ ├── snmalloc.h │ │ │ ├── snmalloc_core.h │ │ │ └── snmalloc_front.h │ │ │ └── test │ │ │ ├── func │ │ │ ├── bits │ │ │ │ └── bits.cc │ │ │ ├── cheri │ │ │ │ └── cheri.cc │ │ │ ├── client_meta │ │ │ │ └── client_meta.cc │ │ │ ├── domestication │ │ │ │ └── domestication.cc │ │ │ ├── external_pagemap │ │ │ │ └── external_pagemap.cc │ │ │ ├── first_operation │ │ │ │ └── first_operation.cc │ │ │ ├── fixed_region │ │ │ │ └── fixed_region.cc │ │ │ ├── jemalloc │ │ │ │ └── jemalloc.cc │ │ │ ├── malloc │ │ │ │ └── malloc.cc │ │ │ ├── memcpy │ │ │ │ └── func-memcpy.cc │ │ │ ├── memory │ │ │ │ └── memory.cc │ │ │ ├── memory_usage │ │ │ │ └── memory_usage.cc │ │ │ ├── miracle_ptr │ │ │ │ └── miracle_ptr.cc │ │ │ ├── pagemap │ │ │ │ └── pagemap.cc │ │ │ ├── pool │ │ │ │ └── pool.cc │ │ │ ├── redblack │ │ │ │ └── redblack.cc │ │ │ ├── sandbox │ │ │ │ └── sandbox.cc │ │ │ ├── sizeclass │ │ │ │ └── sizeclass.cc │ │ │ ├── statistics │ │ │ │ └── stats.cc │ │ │ ├── teardown │ │ │ │ └── teardown.cc │ │ │ ├── thread_alloc_external │ │ │ │ └── thread_alloc_external.cc │ │ │ └── two_alloc_types │ │ │ │ ├── alloc1.cc │ │ │ │ ├── alloc2.cc │ │ │ │ └── main.cc │ │ │ ├── helpers.h │ │ │ ├── measuretime.h │ │ │ ├── opt.h │ │ │ ├── perf │ │ │ ├── contention │ │ │ │ └── contention.cc │ │ │ ├── external_pointer │ │ │ │ └── externalpointer.cc │ │ │ ├── low_memory │ │ │ │ └── low-memory.cc │ │ │ ├── memcpy │ │ │ │ └── memcpy.cc │ │ │ ├── msgpass │ │ │ │ └── msgpass.cc │ │ │ ├── singlethread │ │ │ │ └── singlethread.cc │ │ │ └── startup │ │ │ │ └── startup.cc │ │ │ ├── setup.h │ │ │ ├── usage.h │ │ │ └── xoroshiro.h │ └── t_cose │ │ ├── .github │ │ └── workflows │ │ │ ├── ci.yml │ │ │ └── pages.yml │ │ ├── .gitignore │ │ ├── CMakeLists.txt │ │ ├── CONTRIBUTING.md │ │ ├── LICENSE │ │ ├── Makefile.ossl │ │ ├── Makefile.psa │ │ ├── Makefile.test │ │ ├── README.md │ │ ├── SECURITY.md │ │ ├── cmake │ │ ├── FindMbedTLS.cmake │ │ └── FindQCBOR.cmake │ │ ├── crypto_adapters │ │ ├── b_con_hash │ │ │ ├── sha256.c │ │ │ └── sha256.h │ │ ├── t_cose_openssl_crypto.c │ │ ├── t_cose_psa_crypto.c │ │ └── t_cose_test_crypto.c │ │ ├── examples │ │ ├── t_cose_basic_example_ossl.c │ │ └── t_cose_basic_example_psa.c │ │ ├── inc │ │ └── t_cose │ │ │ ├── q_useful_buf.h │ │ │ ├── t_cose_common.h │ │ │ ├── t_cose_sign1_sign.h │ │ │ └── t_cose_sign1_verify.h │ │ ├── main.c │ │ ├── mainpage.dox │ │ ├── src │ │ ├── t_cose_crypto.h │ │ ├── t_cose_parameters.c │ │ ├── t_cose_parameters.h │ │ ├── t_cose_short_circuit.c │ │ ├── t_cose_short_circuit.h │ │ ├── t_cose_sign1_sign.c │ │ ├── t_cose_sign1_verify.c │ │ ├── t_cose_standard_constants.h │ │ ├── t_cose_util.c │ │ └── t_cose_util.h │ │ ├── t-cose-logo.png │ │ ├── t_cose.xcodeproj │ │ └── project.pbxproj │ │ └── test │ │ ├── keys │ │ ├── README.txt │ │ ├── prime256v1.pem │ │ ├── secp384r1.pem │ │ └── secp521r1.pem │ │ ├── run_tests.c │ │ ├── run_tests.h │ │ ├── t_cose_make_openssl_test_key.c │ │ ├── t_cose_make_psa_test_key.c │ │ ├── t_cose_make_test_messages.c │ │ ├── t_cose_make_test_messages.h │ │ ├── t_cose_make_test_pub_key.h │ │ ├── t_cose_rsa_test_key.h │ │ ├── t_cose_sign_verify_test.c │ │ ├── t_cose_sign_verify_test.h │ │ ├── t_cose_test.c │ │ └── t_cose_test.h ├── internal │ ├── CLI11 │ │ └── CLI11.hpp │ └── valijson │ │ ├── adapters │ │ ├── adapter.hpp │ │ ├── basic_adapter.hpp │ │ ├── boost_json_adapter.hpp │ │ ├── frozen_value.hpp │ │ ├── json11_adapter.hpp │ │ ├── jsoncpp_adapter.hpp │ │ ├── nlohmann_json_adapter.hpp │ │ ├── picojson_adapter.hpp │ │ ├── poco_json_adapter.hpp │ │ ├── property_tree_adapter.hpp │ │ ├── qtjson_adapter.hpp │ │ ├── rapidjson_adapter.hpp │ │ ├── std_string_adapter.hpp │ │ └── yaml_cpp_adapter.hpp │ │ ├── constraint_builder.hpp │ │ ├── constraints │ │ ├── basic_constraint.hpp │ │ ├── concrete_constraints.hpp │ │ ├── constraint.hpp │ │ └── constraint_visitor.hpp │ │ ├── exceptions.hpp │ │ ├── internal │ │ ├── adapter.hpp │ │ ├── basic_adapter.hpp │ │ ├── custom_allocator.hpp │ │ ├── debug.hpp │ │ ├── frozen_value.hpp │ │ ├── json_pointer.hpp │ │ ├── json_reference.hpp │ │ ├── optional.hpp │ │ ├── optional_bundled.hpp │ │ └── uri.hpp │ │ ├── schema.hpp │ │ ├── schema_parser.hpp │ │ ├── subschema.hpp │ │ ├── utils │ │ ├── boost_json_utils.hpp │ │ ├── file_utils.hpp │ │ ├── json11_utils.hpp │ │ ├── jsoncpp_utils.hpp │ │ ├── nlohmann_json_utils.hpp │ │ ├── picojson_utils.hpp │ │ ├── poco_json_utils.hpp │ │ ├── property_tree_utils.hpp │ │ ├── qtjson_utils.hpp │ │ ├── rapidjson_utils.hpp │ │ ├── utf8_utils.hpp │ │ └── yaml_cpp_utils.hpp │ │ ├── validation_results.hpp │ │ ├── validation_visitor.hpp │ │ └── validator.hpp └── test │ ├── doctest │ └── doctest.h │ └── picobench │ └── picobench.hpp ├── CCF-PAPER-VLDB-2023.pdf ├── CCF-TECHNICAL-REPORT.pdf ├── CCF-VERIFICATION-NSDI-2025.pdf ├── CHANGELOG.md ├── CMakeLists.txt ├── Doxyfile ├── LICENSE ├── README.md ├── SECURITY.md ├── THIRD_PARTY_NOTICES.txt ├── cddl ├── ccf-cose-endorsement-service-identity.cddl ├── ccf-merkle-tree-cose-signature.cddl ├── ccf-receipt.cddl └── ccf-tree-alg.cddl ├── cgmanifest.json ├── cmake ├── ccf_app.cmake ├── ccf_snp-config.cmake.in ├── ccf_virtual-config.cmake.in ├── common.cmake ├── cpack_settings.cmake ├── crypto.cmake ├── preproject.cmake ├── qcbor.cmake ├── quickjs.cmake ├── t_cose.cmake ├── tools.cmake └── version.cmake ├── doc ├── _static │ ├── .gitkeep │ ├── ccf.svg │ ├── ccf_overview.png │ ├── css │ │ └── custom.css │ └── favicon.ico ├── _templates │ ├── .gitkeep │ ├── page.html │ └── sidebar │ │ └── brand.html ├── architecture │ ├── consensus │ │ └── index.rst │ ├── cryptography.rst │ ├── index.rst │ ├── indexing.rst │ ├── ledger.rst │ ├── merkle_tree.rst │ ├── node_to_node.rst │ ├── performance │ │ ├── analysis.rst │ │ ├── generator.rst │ │ ├── index.rst │ │ └── submitter.rst │ ├── raft_tla.rst │ ├── receipts.rst │ ├── request_flow.rst │ ├── tcp_internals.rst │ ├── threading.rst │ └── tls_internals.rst ├── audit │ ├── builtin_maps.rst │ ├── index.rst │ ├── python_library.rst │ ├── read_write_restrictions.rst │ └── receipts.rst ├── build_apps │ ├── api.rst │ ├── auth │ │ ├── cert.rst │ │ ├── index.rst │ │ └── jwt.rst │ ├── build_app.rst │ ├── crypto.rst │ ├── example.rst │ ├── example_cpp.rst │ ├── example_rpc_api.rst │ ├── fwd_to_redirect.rst │ ├── get_started.rst │ ├── index.rst │ ├── install_bin.rst │ ├── js_app_bundle.rst │ ├── js_app_ts.rst │ ├── kv │ │ ├── api.rst │ │ ├── index.rst │ │ ├── kv_how_to.rst │ │ └── kv_serialisation.rst │ ├── logging.rst │ ├── migration_5_x_to_6_0.rst │ ├── release_policy.rst │ └── run_app.rst ├── conf.py ├── contribute │ ├── build_ccf.rst │ ├── build_setup.rst │ ├── index.rst │ ├── onboarding.rst │ └── release_ccf.rst ├── generate_config_rst.py ├── governance │ ├── accept_recovery.rst │ ├── adding_member.rst │ ├── akv_identity_cert_policy.json │ ├── common_member_operations.rst │ ├── constitution.rst │ ├── gov_api_schemas │ │ ├── 2023-06-01-preview.rst │ │ ├── 2024-07-01.rst │ │ ├── classic.rst │ │ └── upgrading_from_classic.rst │ ├── hsm_keys.rst │ ├── index.rst │ ├── js_runtime.rst │ ├── jws_to_der.py │ ├── member_rpc_api.rst │ ├── open_network.rst │ └── proposals.rst ├── historical_ccf_requirements.txt ├── host_config_schema │ └── cchost_config.json ├── img │ ├── about-ccf.png │ ├── ccf_release.png │ ├── cpp.svg │ ├── merkle_compact.svg │ ├── merkle_single_signature.svg │ ├── merkle_two_signatures.svg │ ├── python.svg │ └── ts.svg ├── index.html ├── index.rst ├── operations │ ├── certificates.rst │ ├── code_upgrade.rst │ ├── configuration.rst │ ├── data_persistence.rst │ ├── index.rst │ ├── ledger_snapshot.rst │ ├── network.rst │ ├── operator_rpc_api.rst │ ├── platforms │ │ ├── index.rst │ │ ├── snp.rst │ │ └── virtual.rst │ ├── recovery.rst │ ├── resource_usage.rst │ ├── run_setup.rst │ ├── start_network.rst │ └── troubleshooting.rst ├── overview │ ├── glossary.rst │ ├── governance.rst │ ├── index.rst │ ├── performance.rst │ └── what_is_ccf.rst ├── requirements.txt ├── research │ └── index.rst ├── schemas │ ├── app_openapi.json │ ├── gov │ │ ├── 2023-06-01-preview │ │ │ ├── examples │ │ │ │ ├── Ballots_Get.json │ │ │ │ ├── Ballots_Submit.json │ │ │ │ ├── EncryptedShares_Get.json │ │ │ │ ├── Proposals_Create.json │ │ │ │ ├── Proposals_Get.json │ │ │ │ ├── Proposals_GetActions.json │ │ │ │ ├── Proposals_List.json │ │ │ │ ├── Proposals_Withdraw.json │ │ │ │ ├── ServiceState_GetConstitution.json │ │ │ │ ├── ServiceState_GetJoinPolicies.json │ │ │ │ ├── ServiceState_GetJsApp.json │ │ │ │ ├── ServiceState_GetJwkInfo.json │ │ │ │ ├── ServiceState_GetMember.json │ │ │ │ ├── ServiceState_GetNode.json │ │ │ │ ├── ServiceState_GetServiceInfo.json │ │ │ │ ├── ServiceState_ListMembers.json │ │ │ │ ├── ServiceState_ListNodes.json │ │ │ │ ├── Shares_Submit.json │ │ │ │ ├── StateDigests_Acknowledge.json │ │ │ │ ├── StateDigests_Get.json │ │ │ │ ├── StateDigests_Update.json │ │ │ │ ├── Transactions_Get.json │ │ │ │ └── Transactions_GetCommit.json │ │ │ └── gov.json │ │ └── 2024-07-01 │ │ │ ├── examples │ │ │ ├── Ballots_Get.json │ │ │ ├── Ballots_Submit.json │ │ │ ├── EncryptedShares_Get.json │ │ │ ├── Proposals_Create.json │ │ │ ├── Proposals_Get.json │ │ │ ├── Proposals_GetActions.json │ │ │ ├── Proposals_List.json │ │ │ ├── Proposals_Withdraw.json │ │ │ ├── ServiceState_GetConstitution.json │ │ │ ├── ServiceState_GetJoinPolicies.json │ │ │ ├── ServiceState_GetJsApp.json │ │ │ ├── ServiceState_GetJwkInfo.json │ │ │ ├── ServiceState_GetMember.json │ │ │ ├── ServiceState_GetNode.json │ │ │ ├── ServiceState_GetServiceInfo.json │ │ │ ├── ServiceState_ListMembers.json │ │ │ ├── ServiceState_ListNodes.json │ │ │ ├── Shares_Submit.json │ │ │ ├── StateDigests_Acknowledge.json │ │ │ ├── StateDigests_Get.json │ │ │ ├── StateDigests_Update.json │ │ │ ├── Transactions_Get.json │ │ │ └── Transactions_GetCommit.json │ │ │ └── gov.json │ ├── gov_openapi.json │ └── node_openapi.json ├── spelling_wordlist.txt └── use_apps │ ├── index.rst │ ├── issue_commands.rst │ ├── rpc_api.rst │ └── verify_tx.rst ├── getting_started ├── README.md └── setup_vm │ ├── app-dev.yml │ ├── app-run.yml │ ├── ccf-dev.yml │ ├── ccf-extended-testing.yml │ ├── roles │ ├── autoremove │ │ └── install.yml │ ├── az_dcap │ │ └── tasks │ │ │ └── install.yml │ ├── ccf_build │ │ ├── tasks │ │ │ └── install.yml │ │ └── vars │ │ │ └── clang15.yml │ ├── ccf_install │ │ ├── tasks │ │ │ └── deb_install.yml │ │ └── vars │ │ │ └── common.yml │ ├── ccf_run │ │ ├── tasks │ │ │ └── install.yml │ │ └── vars │ │ │ └── clang15.yml │ ├── h2spec │ │ ├── tasks │ │ │ └── install.yml │ │ └── vars │ │ │ └── common.yml │ ├── lldb │ │ ├── tasks │ │ │ └── install.yml │ │ └── vars │ │ │ └── common.yml │ ├── llvm_repo │ │ ├── tasks │ │ │ └── install.yml │ │ └── vars │ │ │ └── common.yml │ ├── nodejs │ │ ├── tasks │ │ │ └── install.yml │ │ └── vars │ │ │ └── common.yml │ ├── pebble │ │ ├── tasks │ │ │ └── install.yml │ │ └── vars │ │ │ └── common.yml │ └── perf-tool │ │ ├── tasks │ │ └── install.yml │ │ └── vars │ │ └── common.yml │ └── run.sh ├── include └── ccf │ ├── app_interface.h │ ├── base_endpoint_registry.h │ ├── byte_vector.h │ ├── ccf_deprecated.h │ ├── claims_digest.h │ ├── common_auth_policies.h │ ├── common_endpoint_registry.h │ ├── cose_signatures_config_interface.h │ ├── crypto │ ├── base64.h │ ├── cose.h │ ├── cose_verifier.h │ ├── curve.h │ ├── ecdsa.h │ ├── eddsa_key_pair.h │ ├── eddsa_public_key.h │ ├── entropy.h │ ├── hash_bytes.h │ ├── hash_provider.h │ ├── hkdf.h │ ├── hmac.h │ ├── jwk.h │ ├── key_pair.h │ ├── key_wrap.h │ ├── md_type.h │ ├── openssl │ │ └── openssl_wrappers.h │ ├── pem.h │ ├── public_key.h │ ├── rsa_key_pair.h │ ├── rsa_public_key.h │ ├── san.h │ ├── sha256.h │ ├── sha256_hash.h │ ├── symmetric_key.h │ └── verifier.h │ ├── ds │ ├── ccf_exception.h │ ├── contiguous_set.h │ ├── enum_formatter.h │ ├── hash.h │ ├── hex.h │ ├── json.h │ ├── json_schema.h │ ├── logger.h │ ├── logger_level.h │ ├── nonstd.h │ ├── openapi.h │ ├── quote_info.h │ ├── siphash.h │ ├── unit_strings.h │ └── x509_time_fmt.h │ ├── endpoint.h │ ├── endpoint_context.h │ ├── endpoint_metrics.h │ ├── endpoint_registry.h │ ├── endpoints │ └── authentication │ │ ├── all_of_auth.h │ │ ├── authentication_types.h │ │ ├── cert_auth.h │ │ ├── cose_auth.h │ │ ├── empty_auth.h │ │ ├── js.h │ │ └── jwt_auth.h │ ├── entity_id.h │ ├── frame_format.h │ ├── historical_queries_adapter.h │ ├── historical_queries_interface.h │ ├── historical_queries_utils.h │ ├── http_accept.h │ ├── http_configuration.h │ ├── http_consts.h │ ├── http_etag.h │ ├── http_header_map.h │ ├── http_query.h │ ├── http_responder.h │ ├── http_status.h │ ├── indexing │ ├── indexer_interface.h │ ├── strategies │ │ ├── seqnos_by_key_bucketed.h │ │ ├── seqnos_by_key_in_memory.h │ │ └── visit_each_entry_in_map.h │ └── strategy.h │ ├── js │ ├── audit_format.h │ ├── bundle.h │ ├── common_context.h │ ├── core │ │ ├── constants.h │ │ ├── context.h │ │ ├── runtime.h │ │ ├── wrapped_property_enum.h │ │ └── wrapped_value.h │ ├── extensions │ │ ├── README.md │ │ ├── ccf │ │ │ ├── consensus.h │ │ │ ├── converters.h │ │ │ ├── crypto.h │ │ │ ├── gov_effects.h │ │ │ ├── historical.h │ │ │ ├── host.h │ │ │ ├── kv.h │ │ │ ├── request.h │ │ │ └── rpc.h │ │ ├── console.h │ │ ├── extension_interface.h │ │ ├── math │ │ │ └── random.h │ │ └── snp_attestation.h │ ├── interpreter_cache_interface.h │ ├── kv_access_permissions.h │ ├── modules │ │ └── module_loader_interface.h │ ├── namespace_restrictions.h │ ├── registry.h │ ├── samples │ │ └── governance_driven_registry.h │ └── tx_access.h │ ├── json_handler.h │ ├── kv │ ├── abstract_handle.h │ ├── get_name.h │ ├── hooks.h │ ├── map.h │ ├── map_diff.h │ ├── map_handle.h │ ├── read_only_store.h │ ├── serialisers │ │ ├── blit_serialiser.h │ │ ├── json_serialiser.h │ │ └── serialised_entry.h │ ├── set.h │ ├── set_handle.h │ ├── unit.h │ ├── untyped.h │ ├── untyped_map_diff.h │ ├── untyped_map_handle.h │ ├── value.h │ ├── value_handle.h │ └── version.h │ ├── network_identity_interface.h │ ├── node │ ├── acme_subsystem_interface.h │ ├── cose_signatures_config.h │ ├── host_processes_interface.h │ ├── node_configuration_interface.h │ ├── quote.h │ ├── session.h │ └── startup_config.h │ ├── node_context.h │ ├── node_startup_state.h │ ├── node_subsystem_interface.h │ ├── odata_error.h │ ├── pal │ ├── attestation.h │ ├── attestation_sev_snp.h │ ├── attestation_sev_snp_endorsements.h │ ├── hardware_info.h │ ├── locking.h │ ├── measurement.h │ ├── mem.h │ ├── platform.h │ ├── report_data.h │ ├── snp_ioctl.h │ ├── snp_ioctl5.h │ ├── snp_ioctl6.h │ └── uvm_endorsements.h │ ├── receipt.h │ ├── redirect.h │ ├── research │ ├── create_tx_claims_digest.h │ └── custom_protocol_subsystem_interface.h │ ├── rest_verb.h │ ├── rpc_context.h │ ├── rpc_exception.h │ ├── seq_no_collection.h │ ├── service │ ├── acme_client_config.h │ ├── blit_serialiser_pem.h │ ├── code_status.h │ ├── consensus_config.h │ ├── consensus_type.h │ ├── map.h │ ├── node_info.h │ ├── node_info_network.h │ ├── reconfiguration_type.h │ ├── service_config.h │ ├── signed_req.h │ └── tables │ │ ├── acme_certificates.h │ │ ├── cert_bundles.h │ │ ├── code_id.h │ │ ├── constitution.h │ │ ├── gov.h │ │ ├── host_data.h │ │ ├── jsengine.h │ │ ├── jwt.h │ │ ├── members.h │ │ ├── modules.h │ │ ├── nodes.h │ │ ├── proposals.h │ │ ├── service.h │ │ ├── snp_measurements.h │ │ ├── tcb_verification.h │ │ ├── users.h │ │ ├── uvm_endorsements.h │ │ └── virtual_measurements.h │ ├── threading │ └── thread_ids.h │ ├── tx.h │ ├── tx_id.h │ └── tx_status.h ├── js └── ccf-app │ ├── .gitignore │ ├── DEVELOPMENT.md │ ├── README.md │ ├── doc │ └── theme │ │ ├── helpers │ │ ├── versions.cjs │ │ └── versions.sample.json │ │ └── partials │ │ └── analytics.hbs │ ├── package.json │ ├── src │ ├── consensus.ts │ ├── converters.ts │ ├── crypto.ts │ ├── endpoints.ts │ ├── global.ts │ ├── historical.ts │ ├── index.ts │ ├── kv.ts │ ├── polyfill.ts │ ├── scripts │ │ └── build_bundle.ts │ ├── snp_attestation.ts │ └── textcodec.ts │ ├── test │ ├── converters.test.ts │ ├── crypto.ts │ ├── kv.test.ts │ ├── polyfill.test.ts │ └── tsconfig.json │ ├── tsconfig.json │ └── typedoc.json ├── livehtml.sh ├── python ├── LICENSE ├── README.md ├── ledger_tutorial.py ├── pyproject.toml ├── src │ └── ccf │ │ ├── __init__.py │ │ ├── _versionifier.py │ │ ├── cose.py │ │ ├── ledger.py │ │ ├── ledger_code.py │ │ ├── ledger_viz.py │ │ ├── merkletree.py │ │ ├── py.typed │ │ ├── read_ledger.py │ │ ├── receipt.py │ │ ├── split_ledger.py │ │ ├── tx_id.py │ │ └── verify_ledger_secrets_chain.py └── utils │ ├── keygenerator.sh │ ├── submit_recovery_share.sh │ └── verify_quote.sh ├── samples ├── CMakeLists.txt ├── apps │ ├── basic │ │ ├── CMakeLists.txt │ │ ├── basic.cpp │ │ └── js │ │ │ ├── app.json │ │ │ └── src │ │ │ └── basic.js │ ├── basic_tv │ │ └── js │ │ │ ├── app.json │ │ │ └── src │ │ │ └── basic.js │ ├── logging │ │ ├── CMakeLists.txt │ │ ├── create_tx_claims_digest.cpp │ │ ├── js │ │ │ ├── app.json │ │ │ └── src │ │ │ │ └── logging.js │ │ ├── js_perf │ │ │ ├── app.json │ │ │ └── src │ │ │ │ └── logging.js │ │ ├── logging.cpp │ │ └── logging_schema.h │ ├── nobuiltins │ │ ├── CMakeLists.txt │ │ └── nobuiltins.cpp │ └── programmability │ │ ├── CMakeLists.txt │ │ └── programmability.cpp ├── config │ ├── join_config.json │ ├── minimal_config.json │ ├── minimal_config_redirects_role.json │ ├── minimal_config_redirects_static.json │ ├── recover_config.json │ ├── start_config.json │ ├── start_config_aci_sev_snp.json │ ├── start_config_aks_sev_snp.json │ └── start_config_amd_sev_snp.json ├── constitutions │ ├── default │ │ ├── actions.js │ │ ├── apply.js │ │ ├── resolve.js │ │ └── validate.js │ ├── operator │ │ └── resolve.js │ ├── operator_provisioner │ │ └── resolve.js │ ├── roles │ │ └── set_role_definition.js │ ├── sandbox │ │ └── resolve.js │ ├── test │ │ ├── resolve.js │ │ └── test_actions.js │ ├── veto │ │ └── resolve.js │ └── virtual │ │ └── virtual_attestation_actions.js ├── scripts │ ├── plot_tx_times.py │ └── snpinfo.sh └── templates │ ├── ballot.json.jinja │ ├── ballot_script.js.jinja │ ├── macros.jinja │ ├── proposals.json.jinja │ └── set_user_proposal.json.jinja ├── scripts ├── check-cmake-format.sh ├── check-format.sh ├── check-todo.sh ├── ci-checks.sh ├── extract-release-notes.py ├── fetch_amd_collateral.py ├── notice-check.py ├── prune_workspace.sh ├── requirements.txt ├── scan-build.sh ├── setup-ci.sh └── setup-dev.sh ├── src ├── apps │ ├── batched │ │ ├── app.json │ │ └── src │ │ │ └── batched.js │ ├── js_generic │ │ └── js_generic.cpp │ └── tpcc │ │ ├── app │ │ ├── test │ │ │ └── tpcc.cpp │ │ ├── tpcc.cpp │ │ ├── tpcc_common.h │ │ ├── tpcc_output.h │ │ ├── tpcc_setup.h │ │ ├── tpcc_tables.h │ │ └── tpcc_transactions.h │ │ ├── clients │ │ └── tpcc_client.cpp │ │ ├── tests │ │ └── tpcc.py │ │ ├── tpcc.cmake │ │ └── tpcc_serializer.h ├── clients │ ├── perf │ │ ├── perf_client.h │ │ └── timing.h │ ├── rpc_tls_client.h │ └── tls_client.h ├── common │ ├── configuration.h │ ├── enclave_interface_types.h │ └── version.h.in ├── consensus │ ├── aft │ │ ├── impl │ │ │ └── state.h │ │ ├── raft.h │ │ ├── raft_types.h │ │ └── test │ │ │ ├── committable_suffix.cpp │ │ │ ├── driver.cpp │ │ │ ├── driver.h │ │ │ ├── enclave.cpp │ │ │ ├── logging_stub.h │ │ │ ├── main.cpp │ │ │ ├── test_common.h │ │ │ └── view_history.cpp │ ├── consensus_types.h │ ├── ledger_enclave.h │ └── ledger_enclave_types.h ├── crypto │ ├── README.md │ ├── base64.cpp │ ├── certs.h │ ├── cose.cpp │ ├── csr.h │ ├── ecdsa.cpp │ ├── eddsa_key_pair.cpp │ ├── entropy.cpp │ ├── hash.cpp │ ├── hmac.cpp │ ├── key_exchange.h │ ├── key_pair.cpp │ ├── key_wrap.cpp │ ├── openssl │ │ ├── base64.h │ │ ├── cose_sign.cpp │ │ ├── cose_sign.h │ │ ├── cose_verifier.cpp │ │ ├── cose_verifier.h │ │ ├── eddsa_key_pair.cpp │ │ ├── eddsa_key_pair.h │ │ ├── eddsa_public_key.cpp │ │ ├── eddsa_public_key.h │ │ ├── entropy.h │ │ ├── hash.cpp │ │ ├── hash.h │ │ ├── key_pair.cpp │ │ ├── key_pair.h │ │ ├── public_key.cpp │ │ ├── public_key.h │ │ ├── rsa_key_pair.cpp │ │ ├── rsa_key_pair.h │ │ ├── rsa_public_key.cpp │ │ ├── rsa_public_key.h │ │ ├── symmetric_key.cpp │ │ ├── symmetric_key.h │ │ ├── verifier.cpp │ │ ├── verifier.h │ │ └── x509_time.h │ ├── pem.cpp │ ├── rsa_key_pair.cpp │ ├── sha256_hash.cpp │ ├── sharing.cpp │ ├── sharing.h │ ├── symmetric_key.cpp │ ├── test │ │ ├── base64.cpp │ │ ├── bench.cpp │ │ ├── cose.cpp │ │ ├── crypto.cpp │ │ ├── key_exchange.cpp │ │ ├── kp_cert.cpp │ │ ├── pem.cpp │ │ └── secret_sharing.cpp │ └── verifier.cpp ├── ds │ ├── README.md │ ├── actors.h │ ├── ccf_assert.h │ ├── champ_map.h │ ├── cli_helper.h │ ├── dl_list.h │ ├── files.h │ ├── lru.h │ ├── map_serializers.h │ ├── messaging.h │ ├── non_blocking.h │ ├── nonstd.h │ ├── notifying.h │ ├── oversized.h │ ├── pending_io.h │ ├── rb_map.h │ ├── ring_buffer.h │ ├── ring_buffer_types.h │ ├── serialized.h │ ├── serializer.h │ ├── state_machine.h │ ├── std_formatters.h │ ├── system.h │ ├── test │ │ ├── contiguous_set.cpp │ │ ├── dl_list.cpp │ │ ├── hash.cpp │ │ ├── hash_bench.cpp │ │ ├── hex.cpp │ │ ├── json_bench.cpp │ │ ├── json_schema.cpp │ │ ├── logger.cpp │ │ ├── logger_bench.cpp │ │ ├── logger_json_test.cpp │ │ ├── lru.cpp │ │ ├── map_bench.cpp │ │ ├── map_test.cpp │ │ ├── messaging.cpp │ │ ├── nonstd.cpp │ │ ├── openapi.cpp │ │ ├── oversized.cpp │ │ ├── ring_buffer.cpp │ │ ├── ring_buffer_bench.cpp │ │ ├── serialized.cpp │ │ ├── serializer.cpp │ │ ├── siphash_known_hashes.h │ │ ├── stub_writer.h │ │ ├── thread_messaging.cpp │ │ ├── typed_messages.cpp │ │ ├── unit_strings.cpp │ │ └── work_beacon.cpp │ ├── thread_messaging.h │ └── work_beacon.h ├── enclave │ ├── client_session.h │ ├── enclave.h │ ├── enclave_time.cpp │ ├── enclave_time.h │ ├── forwarder_types.h │ ├── interface.h │ ├── main.cpp │ ├── ringbuffer_logger.h │ ├── rpc_handler.h │ ├── rpc_map.h │ ├── rpc_sessions.h │ ├── session.h │ ├── thread_local.cpp │ ├── tls_session.h │ └── virtual_enclave.h ├── endpoints │ ├── authentication │ │ ├── all_of_auth.cpp │ │ ├── cert_auth.cpp │ │ ├── cose_auth.cpp │ │ ├── empty_auth.cpp │ │ └── jwt_auth.cpp │ ├── base_endpoint_registry.cpp │ ├── common_endpoint_registry.cpp │ ├── endpoint.cpp │ ├── endpoint_registry.cpp │ ├── endpoint_utils.cpp │ ├── endpoint_utils.h │ ├── json_handler.cpp │ ├── test │ │ ├── endpoint_registry.cpp │ │ └── test_jwt_auth.cpp │ └── user_endpoint_registry.cpp ├── host │ ├── after_io.h │ ├── before_io.h │ ├── config_schema.h.in │ ├── configuration.h │ ├── dns.h │ ├── enclave.h │ ├── env.cpp │ ├── env.h │ ├── every_io.h │ ├── handle_ring_buffer.h │ ├── json_schema.h │ ├── ledger.h │ ├── lfs_file_handler.h │ ├── load_monitor.h │ ├── main.cpp │ ├── node_connections.h │ ├── process_launcher.h │ ├── proxy.h │ ├── rpc_connections.h │ ├── sig_term.h │ ├── signal.h │ ├── snmalloc.cpp │ ├── socket.h │ ├── tcp.h │ ├── test │ │ ├── env.cpp │ │ └── ledger.cpp │ ├── ticker.h │ ├── time_bound_logger.h │ ├── time_updater.h │ ├── timer.h │ └── udp.h ├── http │ ├── curl.h │ ├── error_reporter.h │ ├── http2_callbacks.h │ ├── http2_parser.h │ ├── http2_session.h │ ├── http2_types.h │ ├── http2_utils.h │ ├── http_builder.h │ ├── http_exceptions.h │ ├── http_jwt.h │ ├── http_parser.h │ ├── http_proc.h │ ├── http_rpc_context.h │ ├── http_session.h │ ├── responder_lookup.h │ └── test │ │ ├── http_etag_test.cpp │ │ └── http_test.cpp ├── indexing │ ├── enclave_lfs_access.h │ ├── historical_transaction_fetcher.h │ ├── indexer.h │ ├── lfs_interface.h │ ├── lfs_ringbuffer_types.h │ ├── strategies │ │ ├── seqnos_by_key_bucketed.cpp │ │ ├── seqnos_by_key_in_memory.cpp │ │ └── visit_each_entry_in_map.cpp │ ├── test │ │ ├── common.h │ │ ├── indexing.cpp │ │ └── lfs.cpp │ └── transaction_fetcher_interface.h ├── js │ ├── checks.h │ ├── core │ │ ├── README.md │ │ ├── context.cpp │ │ ├── runtime.cpp │ │ └── wrapped_value.cpp │ ├── extensions │ │ ├── ccf │ │ │ ├── consensus.cpp │ │ │ ├── converters.cpp │ │ │ ├── crypto.cpp │ │ │ ├── gov_effects.cpp │ │ │ ├── historical.cpp │ │ │ ├── host.cpp │ │ │ ├── kv.cpp │ │ │ ├── kv_helpers.h │ │ │ ├── network.cpp │ │ │ ├── network.h │ │ │ ├── node.cpp │ │ │ ├── node.h │ │ │ ├── request.cpp │ │ │ └── rpc.cpp │ │ ├── console.cpp │ │ ├── math │ │ │ └── random.cpp │ │ └── snp_attestation.cpp │ ├── global_class_ids.cpp │ ├── global_class_ids.h │ ├── interpreter_cache.h │ ├── modules │ │ ├── chained_module_loader.h │ │ ├── kv_bytecode_module_loader.h │ │ └── kv_module_loader.h │ ├── permissions_checks.h │ ├── registry.cpp │ └── test │ │ └── js.cpp ├── kv │ ├── README.md │ ├── apply_changes.h │ ├── committable_tx.h │ ├── compacted_version_conflict.h │ ├── deserialise.h │ ├── encryptor.h │ ├── generic_serialise_wrapper.h │ ├── kv_serialiser.h │ ├── kv_types.h │ ├── raw_serialise.h │ ├── serialised_entry_format.h │ ├── serialiser_declare.h │ ├── snapshot.h │ ├── store.h │ ├── test │ │ ├── kv_bench.cpp │ │ ├── kv_contention.cpp │ │ ├── kv_dynamic_tables.cpp │ │ ├── kv_serialisation.cpp │ │ ├── kv_snapshot.cpp │ │ ├── kv_test.cpp │ │ ├── null_encryptor.h │ │ └── stub_consensus.h │ ├── tx.cpp │ ├── tx_pimpl.h │ ├── untyped_change_set.h │ ├── untyped_map.h │ ├── untyped_map_diff.cpp │ ├── untyped_map_handle.cpp │ └── version_v.h ├── node │ ├── acme_challenge_frontend.h │ ├── acme_client.h │ ├── ccf_acme_client.h │ ├── channels.h │ ├── cose_common.h │ ├── did.h │ ├── encryptor.h │ ├── endpoint_context_impl.h │ ├── gov │ │ ├── README.md │ │ ├── api_schema.h.in │ │ ├── api_version.h │ │ ├── gov_endpoint_registry.h │ │ └── handlers │ │ │ ├── README.md │ │ │ ├── acks.h │ │ │ ├── helpers.h │ │ │ ├── proposals.h │ │ │ ├── recovery.h │ │ │ ├── service_state.h │ │ │ └── transactions.h │ ├── historical_queries.h │ ├── historical_queries_adapter.cpp │ ├── historical_queries_utils.cpp │ ├── history.h │ ├── hooks.h │ ├── http_node_client.h │ ├── identity.h │ ├── jwt_key_auto_refresh.h │ ├── ledger_secret.h │ ├── ledger_secrets.h │ ├── local_sealing.h │ ├── merklecpp_trace.h │ ├── network_state.h │ ├── node_client.h │ ├── node_configuration_subsystem.h │ ├── node_signature_verify.h │ ├── node_state.h │ ├── node_to_node.h │ ├── node_to_node_channel_manager.h │ ├── node_types.h │ ├── quote.cpp │ ├── quote_endorsements_client.h │ ├── receipt.cpp │ ├── retired_nodes_cleanup.h │ ├── rpc │ │ ├── acme_subsystem.h │ │ ├── call_types.h │ │ ├── claims.h │ │ ├── cosesigconfig_subsystem.h │ │ ├── custom_protocol_subsystem.h │ │ ├── forwarder.h │ │ ├── frontend.h │ │ ├── gov_effects.h │ │ ├── gov_effects_interface.h │ │ ├── gov_logging.h │ │ ├── host_processes.h │ │ ├── jwt_management.h │ │ ├── member_frontend.h │ │ ├── network_identity_subsystem.h │ │ ├── no_create_tx_claims_digest.cpp │ │ ├── node_call_types.h │ │ ├── node_frontend.h │ │ ├── node_interface.h │ │ ├── node_operation.h │ │ ├── node_operation_interface.h │ │ ├── serialization.h │ │ ├── test │ │ │ ├── frontend_test.cpp │ │ │ ├── frontend_test_infra.h │ │ │ ├── node_frontend_test.cpp │ │ │ ├── node_stub.h │ │ │ └── tx_status_test.cpp │ │ └── user_frontend.h │ ├── rpc_context_impl.h │ ├── secret_broadcast.h │ ├── session_metrics.h │ ├── share_manager.h │ ├── snapshot_serdes.h │ ├── snapshotter.h │ ├── test │ │ ├── channel_stub.h │ │ ├── channels.cpp │ │ ├── encryptor.cpp │ │ ├── endorsements.cpp │ │ ├── historical_queries.cpp │ │ ├── history.cpp │ │ ├── history_bench.cpp │ │ ├── merkle_bench.cpp │ │ ├── merkle_mem.cpp │ │ ├── merkle_test.cpp │ │ ├── node_info_json.cpp │ │ ├── receipt.cpp │ │ ├── snapshot.cpp │ │ └── snapshotter.cpp │ ├── tx_receipt_impl.h │ ├── uvm_endorsements.cpp │ └── uvm_endorsements.h ├── pal │ ├── quote_generation.h │ └── test │ │ └── snp_ioctl_test.cpp ├── quic │ ├── quic_session.h │ └── test │ │ └── main.cpp ├── san_common.suppressions ├── service │ ├── internal_tables_access.h │ ├── network_tables.h │ └── tables │ │ ├── config.h │ │ ├── endpoints.h │ │ ├── governance_history.h │ │ ├── node_signature.h │ │ ├── previous_service_identity.h │ │ ├── recovery_type.h │ │ ├── secrets.h │ │ ├── shares.h │ │ ├── signatures.h │ │ ├── snapshot_evidence.h │ │ └── submitted_shares.h ├── snapshots │ ├── fetch.h │ ├── filenames.h │ └── snapshot_manager.h ├── tcp │ └── msg_types.h ├── tls │ ├── README.md │ ├── ca.h │ ├── cert.h │ ├── client.h │ ├── context.h │ ├── plaintext_server.h │ ├── server.h │ ├── test │ │ └── main.cpp │ └── tls.h └── udp │ └── msg_types.h ├── tests ├── acme_endorsement.py ├── ca_certs.py ├── certs.py ├── ci │ └── ccf_caci_ci ├── cleanup_iptables.py ├── client_protocols.py ├── code_update.py ├── commit_latency.py ├── committable.py ├── config.jinja ├── connections.py ├── connections.supp ├── consistency_trace_validation.py ├── convert_pico_to_bencher.py ├── docker_wrap.sh ├── e2e_batched.py ├── e2e_common_endpoints.py ├── e2e_logging.py ├── e2e_operations.py ├── e2e_suite.py ├── e2e_tutorial.py ├── election.py ├── fuzzing.py ├── governance.py ├── governance_api.py ├── governance_history.py ├── governance_js.py ├── historical_query_cache.py ├── historical_query_perf.py ├── infra │ ├── __init__.py │ ├── basicperf.py │ ├── bencher.py │ ├── checker.py │ ├── clients.py │ ├── commit.py │ ├── common_config.ini │ ├── concurrency.py │ ├── consortium.py │ ├── crypto.py │ ├── doc.py │ ├── e2e_args.py │ ├── github.py │ ├── health_watcher.py │ ├── interfaces.py │ ├── jwt_issuer.py │ ├── locust_file.py │ ├── log_capture.py │ ├── logging_app.py │ ├── member.py │ ├── net.py │ ├── network.py │ ├── node.py │ ├── partitions.py │ ├── path.py │ ├── perf.py │ ├── perfclient.py │ ├── piccolo │ │ ├── __init__.py │ │ ├── analyze_packages.py │ │ ├── analyzer.py │ │ ├── generate_packages.py │ │ ├── generator.py │ │ ├── logging_generator.py │ │ └── throughput_analysis.py │ ├── piccolo_driver.py │ ├── proc.py │ ├── proposal.py │ ├── remote.py │ ├── remote_client.py │ ├── runner.py │ ├── service_load.py │ ├── signing.py │ ├── snp.py │ ├── tx_status.py │ └── utils.py ├── js-api │ ├── app.json │ └── src │ │ └── endpoints.js ├── js-app-bundle │ ├── app.json │ └── src │ │ └── math.js ├── js-authentication │ ├── app.json │ └── src │ │ └── endpoints.js ├── js-content-types │ ├── app.json │ └── src │ │ └── content_types.js ├── js-custom-authorization │ ├── app.json │ ├── custom_authorization.py │ └── src │ │ └── custom_authorization.js ├── js-interpreter-reuse │ ├── app.json │ ├── package.json │ ├── rollup.config.js │ ├── src │ │ ├── SlowConstructorService.ts │ │ ├── bad_fib.js │ │ ├── cache.js │ │ ├── di_sample.ts │ │ ├── func_caching.js │ │ ├── global_handle.ts │ │ ├── inversify.config.ts │ │ └── rollup_entry.ts │ └── tsconfig.json ├── js-launch-host-process │ ├── app.json │ ├── host_process.py │ ├── host_process.sh │ └── src │ │ └── host_process.js ├── js-limits │ ├── app.json │ └── src │ │ └── limits.js ├── js-modules │ ├── basic-module-import │ │ ├── app.json │ │ └── src │ │ │ ├── bar.js │ │ │ ├── sub │ │ │ └── foo.js │ │ │ └── test_module.js │ ├── dynamic-module-import │ │ ├── app.json │ │ └── src │ │ │ ├── bar.js │ │ │ ├── sub │ │ │ └── foo.js │ │ │ └── test_module.js │ └── modules.py ├── jwt_test.py ├── limits.py ├── lts_compatibility.py ├── memberclient.py ├── membership.py ├── nobuiltins.py ├── npm-app │ ├── .gitignore │ ├── .npmrc │ ├── app.json │ ├── package.json │ ├── rollup.config.js │ ├── src │ │ └── endpoints │ │ │ ├── all.ts │ │ │ ├── auth.ts │ │ │ ├── converters.ts │ │ │ ├── crypto.ts │ │ │ ├── log.ts │ │ │ ├── partition.ts │ │ │ ├── proto.ts │ │ │ ├── rpc.ts │ │ │ ├── snp_attestation.ts │ │ │ └── spin.ts │ └── tsconfig.json ├── npm_tests.py ├── partitions_test.py ├── perf-system │ └── submitter │ │ ├── CMakeLists.txt │ │ ├── handle_arguments.h │ │ ├── parquet_data.h │ │ └── submit.cpp ├── plot_node_load.py ├── programmability.py ├── programmability │ └── restrictions.js ├── raft_scenarios │ ├── ackuracy │ ├── append │ ├── bad_network │ ├── candidate_viability │ ├── check_quorum │ ├── election │ ├── election_while_reconfiguration │ ├── fancy_election.1 │ ├── fancy_election.2 │ ├── liveness_through_conflict │ ├── multi_election │ ├── reconfig_01_12 │ ├── reconfig_01_23 │ ├── reconfig_01_el0_12 │ ├── reconfig_01_el0_23 │ ├── reconfig_01_el1_12 │ ├── reconfig_01_el2_12 │ ├── reconfig_01_el2_23 │ ├── reconfig_0_1 │ ├── reconfiguration │ ├── reconnect │ ├── reelection │ ├── replicate │ ├── retire_one │ ├── rollback_safety │ ├── soft_rollback │ ├── startup │ ├── startup_2nodes │ ├── suffix_collision.1 │ ├── suffix_collision.2 │ └── suffix_collision.3 ├── raft_scenarios_gen.py ├── raft_scenarios_runner.py ├── reconfiguration.py ├── recovery.py ├── recovery_benchmark.sh ├── redirects.py ├── requirements.txt ├── rotation.py ├── sandbox │ ├── actions.js │ ├── apply.js │ ├── resolve.js │ ├── sandbox.sh │ └── validate.js ├── schema.py ├── sim_trace_viz.py ├── start_network.py ├── suite │ ├── test_requirements.py │ └── test_suite.py ├── test_install.sh ├── test_install_build.sh ├── testdata │ ├── cose_flipflop_service │ │ ├── common │ │ │ ├── member0_cert.pem │ │ │ ├── member0_enc_privk.pem │ │ │ ├── member0_enc_pubk.pem │ │ │ ├── member0_privk.pem │ │ │ ├── service_cert.pem │ │ │ ├── user0_cert.pem │ │ │ └── user0_privk.pem │ │ ├── ledger │ │ │ ├── ledger_1-14.committed │ │ │ └── ledger_15-46.committed │ │ └── snapshots │ │ │ └── .gitkeep │ ├── double_sealed_service │ │ ├── common │ │ │ ├── member0_cert.pem │ │ │ ├── member0_enc_privk.pem │ │ │ ├── member0_enc_pubk.pem │ │ │ ├── member0_privk.pem │ │ │ ├── member1_cert.pem │ │ │ ├── member1_enc_privk.pem │ │ │ ├── member1_enc_pubk.pem │ │ │ ├── member1_privk.pem │ │ │ ├── member2_cert.pem │ │ │ ├── member2_enc_privk.pem │ │ │ ├── member2_enc_pubk.pem │ │ │ ├── member2_privk.pem │ │ │ ├── service_cert.pem │ │ │ ├── user0_cert.pem │ │ │ └── user0_privk.pem │ │ ├── ledger │ │ │ ├── ledger_1-2.committed │ │ │ ├── ledger_105-125.committed │ │ │ ├── ledger_126-145.committed │ │ │ ├── ledger_146-165.committed │ │ │ ├── ledger_166-186.committed │ │ │ ├── ledger_17-19.committed │ │ │ ├── ledger_187-206.committed │ │ │ ├── ledger_20-21.committed │ │ │ ├── ledger_207-227.committed │ │ │ ├── ledger_22-43.committed │ │ │ ├── ledger_228-247.committed │ │ │ ├── ledger_248-267.committed │ │ │ ├── ledger_268-288.committed │ │ │ ├── ledger_289-308.committed │ │ │ ├── ledger_3-16.committed │ │ │ ├── ledger_309-329.committed │ │ │ ├── ledger_330-349.committed │ │ │ ├── ledger_350-370.committed │ │ │ ├── ledger_371-390.committed │ │ │ ├── ledger_391-411.committed │ │ │ ├── ledger_412-431.committed │ │ │ ├── ledger_432-451.committed │ │ │ ├── ledger_44-64.committed │ │ │ ├── ledger_452-473.committed │ │ │ ├── ledger_474-483.committed │ │ │ ├── ledger_484-485.committed │ │ │ ├── ledger_486-491.committed │ │ │ ├── ledger_492-499.committed │ │ │ ├── ledger_500-502.committed │ │ │ ├── ledger_503-505.committed │ │ │ ├── ledger_506 │ │ │ ├── ledger_65-84.committed │ │ │ └── ledger_85-104.committed │ │ └── snapshots │ │ │ └── .gitkeep │ ├── eol_service │ │ ├── common │ │ │ ├── member0_cert.pem │ │ │ ├── member0_enc_privk.pem │ │ │ ├── member0_enc_pubk.pem │ │ │ ├── member0_privk.pem │ │ │ ├── member1_cert.pem │ │ │ ├── member1_enc_privk.pem │ │ │ ├── member1_enc_pubk.pem │ │ │ ├── member1_privk.pem │ │ │ ├── member2_cert.pem │ │ │ ├── member2_enc_privk.pem │ │ │ ├── member2_enc_pubk.pem │ │ │ ├── member2_privk.pem │ │ │ ├── service_cert.pem │ │ │ ├── user0_cert.pem │ │ │ └── user0_privk.pem │ │ ├── ledger │ │ │ ├── ledger_1-2.committed │ │ │ ├── ledger_104-130.committed │ │ │ ├── ledger_12-18.committed │ │ │ ├── ledger_131-152.committed │ │ │ ├── ledger_153-159.committed │ │ │ ├── ledger_160-161.committed │ │ │ ├── ledger_162-175.committed │ │ │ ├── ledger_176-185.committed │ │ │ ├── ledger_186-187.committed │ │ │ ├── ledger_188-212.committed │ │ │ ├── ledger_19-23.committed │ │ │ ├── ledger_213-233.committed │ │ │ ├── ledger_234-244.committed │ │ │ ├── ledger_24-28.committed │ │ │ ├── ledger_245-249.committed │ │ │ ├── ledger_250-255.committed │ │ │ ├── ledger_256-267.committed │ │ │ ├── ledger_268-277.committed │ │ │ ├── ledger_278-299.committed │ │ │ ├── ledger_29-33.committed │ │ │ ├── ledger_3-11.committed │ │ │ ├── ledger_300-321.committed │ │ │ ├── ledger_322-328.committed │ │ │ ├── ledger_329-330.committed │ │ │ ├── ledger_331-347.committed │ │ │ ├── ledger_34-35.committed │ │ │ ├── ledger_348-357.committed │ │ │ ├── ledger_358-359.committed │ │ │ ├── ledger_36-37.committed │ │ │ ├── ledger_360-384.committed │ │ │ ├── ledger_38-47.committed │ │ │ ├── ledger_385-405.committed │ │ │ ├── ledger_406-416.committed │ │ │ ├── ledger_417-421.committed │ │ │ ├── ledger_422-427.committed │ │ │ ├── ledger_428-439.committed │ │ │ ├── ledger_440-449.committed │ │ │ ├── ledger_450-470.committed │ │ │ ├── ledger_471-493.committed │ │ │ ├── ledger_48-52.committed │ │ │ ├── ledger_494 │ │ │ ├── ledger_53-57.committed │ │ │ ├── ledger_58-63.committed │ │ │ ├── ledger_64-65.committed │ │ │ ├── ledger_66-67.committed │ │ │ ├── ledger_68-81.committed │ │ │ ├── ledger_82-91.committed │ │ │ ├── ledger_92-93.committed │ │ │ └── ledger_94-103.committed │ │ └── snapshots │ │ │ └── snapshot_493_494.committed │ ├── expired_service │ │ ├── common │ │ │ ├── member0_cert.pem │ │ │ ├── member0_enc_privk.pem │ │ │ ├── member0_enc_pubk.pem │ │ │ ├── member0_privk.pem │ │ │ ├── member1_cert.pem │ │ │ ├── member1_enc_privk.pem │ │ │ ├── member1_enc_pubk.pem │ │ │ ├── member1_privk.pem │ │ │ ├── member2_cert.pem │ │ │ ├── member2_enc_privk.pem │ │ │ ├── member2_enc_pubk.pem │ │ │ ├── member2_privk.pem │ │ │ ├── service_cert.pem │ │ │ ├── user0_cert.pem │ │ │ └── user0_privk.pem │ │ ├── ledger │ │ │ ├── ledger_1-4.committed │ │ │ ├── ledger_16-26.committed │ │ │ ├── ledger_27-28.committed │ │ │ ├── ledger_29-46.committed │ │ │ ├── ledger_47-48.committed │ │ │ ├── ledger_49-61.committed │ │ │ ├── ledger_5-15.committed │ │ │ └── ledger_62 │ │ └── snapshots │ │ │ └── snapshot_61_62.committed │ └── sgx_service │ │ ├── common │ │ ├── member0_cert.pem │ │ ├── member0_enc_privk.pem │ │ ├── member0_enc_pubk.pem │ │ ├── member0_privk.pem │ │ ├── member1_cert.pem │ │ ├── member1_enc_privk.pem │ │ ├── member1_enc_pubk.pem │ │ ├── member1_privk.pem │ │ ├── member2_cert.pem │ │ ├── member2_enc_privk.pem │ │ ├── member2_enc_pubk.pem │ │ ├── member2_privk.pem │ │ ├── service_cert.pem │ │ ├── user0_cert.pem │ │ └── user0_privk.pem │ │ ├── ledger │ │ ├── ledger_1-37.committed │ │ ├── ledger_100-101.committed │ │ ├── ledger_102-103.committed │ │ ├── ledger_104-107.committed │ │ ├── ledger_108-120.committed │ │ ├── ledger_121-124.committed │ │ ├── ledger_125-130.committed │ │ ├── ledger_131-138.committed │ │ ├── ledger_139 │ │ ├── ledger_38-70.committed │ │ └── ledger_71-99.committed │ │ └── snapshots │ │ ├── snapshot_138_139.committed │ │ └── snapshot_99_100.committed ├── tests.sh ├── tls_report.csv ├── tls_report_azure_linux.csv ├── trace_viz.py ├── tvc.py └── uvm_endorsements │ ├── ecdsa_test1.cose │ └── rsa_test1.cose ├── tla ├── .gitignore ├── actions.py ├── consensus │ ├── MCAliases.tla │ ├── MCabs.cfg │ ├── MCabs.tla │ ├── MCccfraft.cfg │ ├── MCccfraft.tla │ ├── Network.tla │ ├── SIMCoverageccfraft.tla │ ├── SIMccfraft.cfg │ ├── SIMccfraft.tla │ ├── Traceccfraft.cfg │ ├── Traceccfraft.tla │ ├── abs.tla │ └── ccfraft.tla ├── consistency │ ├── Consistency.cfg │ ├── Consistency.tla │ ├── ExternalHistory.tla │ ├── ExternalHistoryInvars.tla │ ├── MCMultiNode.cfg │ ├── MCMultiNode.tla │ ├── MCMultiNodeCommitReachability.cfg │ ├── MCMultiNodeInvalidReachability.cfg │ ├── MCMultiNodeReads.cfg │ ├── MCMultiNodeReads.tla │ ├── MCMultiNodeReadsAlt.cfg │ ├── MCMultiNodeReadsAlt.tla │ ├── MCMultiNodeReadsNotLinearizable.cfg │ ├── MCSingleNode.cfg │ ├── MCSingleNode.tla │ ├── MCSingleNodeCommitReachability.cfg │ ├── MCSingleNodeReads.cfg │ ├── MCSingleNodeReads.tla │ ├── MultiNode.tla │ ├── MultiNodeReads.cfg │ ├── MultiNodeReads.tla │ ├── SingleNode.tla │ ├── SingleNodeReads.tla │ ├── TraceMultiNodeReads.cfg │ └── TraceMultiNodeReads.tla ├── install_deps.py ├── last_line.sh ├── loc.py ├── make_traces.sh ├── requirements.txt ├── tlc.py ├── tlc_debug.sh └── trace2scen.py └── tsan_env_suppressions /.CodeQL.yml: -------------------------------------------------------------------------------- 1 | # https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/codeql/troubleshooting/bugs/generated-library-code 2 | path_classifiers: 3 | # Everything under tests is test code 4 | test: 5 | - tests 6 | # Everything under build is generated 7 | generated: 8 | - build 9 | # Everything under 3rdparty is external libraries 10 | library: 11 | - 3rdparty 12 | -------------------------------------------------------------------------------- /.backportrc.json: -------------------------------------------------------------------------------- 1 | { 2 | "repoOwner": "microsoft", 3 | "repoName": "ccf", 4 | "targetBranchChoices": ["release/4.x", "release/5.x"], 5 | "branchLabelMapping": { 6 | "^(.+)-todo$": "release/$1" 7 | }, 8 | "autoMerge": true, 9 | "autoMergeMethod": "squash", 10 | "prTitle": "[{{targetBranch}}] Cherry pick: {{commitMessages}}", 11 | "prDescription": "Backports the following commits to `{{targetBranch}}`:\n{{commitMessages}}", 12 | "sourcePRLabels": ["backported"], 13 | "targetPRLabels": ["$1-backport"], 14 | "autoAssign": false, 15 | "publishStatusCommentOnSuccess": false, 16 | "publishStatusCommentOnFailure": true, 17 | "publishStatusCommentOnAbort": true 18 | } 19 | -------------------------------------------------------------------------------- /.devcontainer/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | 4 | ARG BASE_IMAGE=mcr.microsoft.com/azurelinux/base/core:3.0 5 | FROM ${BASE_IMAGE} 6 | 7 | # Trust Microsoft-signed packages 8 | RUN gpg --import /etc/pki/rpm-gpg/MICROSOFT-RPM-GPG-KEY \ 9 | && tdnf -y update 10 | 11 | # Basic dev deps, helps smoothly install VSCode server. 12 | RUN tdnf -y install build-essential 13 | -------------------------------------------------------------------------------- /.devcontainer/post_create_setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the Apache 2.0 License. 4 | 5 | set -ex 6 | 7 | ./scripts/setup-ci.sh 8 | ./scripts/setup-dev.sh 9 | 10 | git config --global --add safe.directory /workspaces/CCF -------------------------------------------------------------------------------- /.devcontainer/tlaplus/devcontainer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "TLA+ CCF", 3 | "extensions": [ 4 | "tlaplus.vscode-ide", 5 | "joaompinto.vscode-graphviz", 6 | "EFanZh.graphviz-preview", 7 | "cssho.vscode-svgviewer" 8 | ], 9 | "settings": { 10 | "tlaplus.tlc.statisticsSharing": "share", 11 | "tlaplus.java.options": "-XX:+UseParallelGC -Dtlc2.tool.impl.Tool.cdot=true", 12 | "tlaplus.java.home": "/home/codespace/java/current/", 13 | "[tlaplus]": { 14 | "editor.codeActionsOnSave": { 15 | "source": true 16 | } 17 | } 18 | }, 19 | "postCreateCommand": "(cd tla/ && python install_deps.py)" 20 | } 21 | -------------------------------------------------------------------------------- /.gdn/CredScanSuppressions.json: -------------------------------------------------------------------------------- 1 | { 2 | "tool": "Credential Scanner", 3 | "suppressions": [ 4 | { 5 | "folder": ["3rdparty"], 6 | "_justification": "Ignore 3rdparty test credentials" 7 | }, 8 | { 9 | "folder": ["tests/testdata"], 10 | "_justification": "Ignore test credentials" 11 | } 12 | ] 13 | } 14 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | 2 | *.pdf binary 3 | *.png binary 4 | *.jpg binary 5 | 6 | *.h linguist-language=C++ 7 | *.cpp linguist-language=C++ 8 | 9 | .*canary merge=keeplocal -------------------------------------------------------------------------------- /.gitconfig: -------------------------------------------------------------------------------- 1 | [merge "keeplocal"] 2 | name = Always keep local file during merge 3 | driver = true 4 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | # https://help.github.com/en/articles/about-code-owners 2 | 3 | # Every review will request the CCF team as reviewer, unless a later match takes precedence 4 | * @Microsoft/ccf 5 | -------------------------------------------------------------------------------- /.github/CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | ## Code of Conduct 2 | 3 | This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). 4 | For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) 5 | or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments. 6 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Report a bug in CCF 4 | title: "" 5 | type: bug 6 | assignees: "" 7 | --- 8 | 9 | **Describe the bug** 10 | A clear and concise description of what the bug is. 11 | 12 | **To Reproduce** 13 | Steps to reproduce the behavior. 14 | 15 | **Expected behavior** 16 | A clear and concise description of what you expected to happen. 17 | 18 | **Environment information** 19 | Version of the code being used, versions of dependencies, relevant environment info where applicable (OS, Platform component details...). 20 | 21 | **Additional context** 22 | Add any other context about the problem here. 23 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Request that a feature is implemented in CCF 4 | title: "" 5 | type: feature 6 | assignees: "" 7 | --- 8 | 9 | **Is your feature request related to a problem? Please describe.** 10 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 11 | 12 | **Describe the solution you'd like** 13 | A clear and concise description of what you want to happen. 14 | 15 | **Describe alternatives you've considered** 16 | A clear and concise description of any alternative solutions or features you've considered. 17 | 18 | **Additional context** 19 | Add any other context about the feature request here. 20 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/task.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Project task 3 | about: Create a task/TODO 4 | title: "" 5 | type: task 6 | assignees: "" 7 | --- 8 | 9 | **NOTE**: This type of issue is reserved for the project team. If you are not a member of the team, please use either the bug or feature templates. 10 | 11 | **What is the motivation for this task** 12 | A clear and concise description of the reason why the task must be completed. 13 | 14 | **Dependencies** 15 | A clear and concise description of what this task depends on, and when work on it can start. 16 | 17 | **Describe impact if task is not completed** 18 | A clear and concise description of the consequences if the task is not completed. 19 | -------------------------------------------------------------------------------- /.prettierignore: -------------------------------------------------------------------------------- 1 | build*/ 2 | _build/ 3 | Debug*/ 4 | Release*/ 5 | CMakeFiles/ 6 | .vscode/* 7 | !.vscode/launch.json 8 | .vs/ 9 | libuv/ 10 | raft_tests.md 11 | tests/raft_scenarios 12 | *.pyc 13 | __pycache__/ 14 | sphinx/build/ 15 | tests/Testing/ 16 | doxygen/ 17 | obj/ 18 | *.retry 19 | tests/env/ 20 | sphinx/env/ 21 | html/ 22 | latex/ 23 | env/ 24 | *.egg-info 25 | **/dist 26 | .mypy_cache 27 | 3rdparty/ 28 | *.html 29 | SECURITY.md 30 | doc/schemas/ 31 | .venv_ccf_sandbox -------------------------------------------------------------------------------- /.ruff.toml: -------------------------------------------------------------------------------- 1 | extend-exclude = ["*_pb2*.py"] 2 | line-length = 2000 -------------------------------------------------------------------------------- /.vscode/c_cpp_properties.json: -------------------------------------------------------------------------------- 1 | { 2 | "configurations": [ 3 | { 4 | "name": "Linux", 5 | "compileCommands": "${workspaceFolder}/build/compile_commands.json", 6 | "includePath": ["${workspaceFolder}/include", "${workspaceFolder}/src"] 7 | } 8 | ], 9 | "version": 4 10 | } -------------------------------------------------------------------------------- /3rdparty/README.md: -------------------------------------------------------------------------------- 1 | 3rdparty dependencies included here are divided into 3 categories. 2 | 3 | #### Test 4 | These dependencies are only used for building unit tests or sample apps for CCF, and are not distributed. 5 | 6 | #### Internal 7 | These may be built into the distributed artifacts, but are not distributed in source form. 8 | 9 | #### Exported 10 | These are used by the distributed artifacts and their source is exported so they can be re-used by applications consuming those artifacts. 11 | -------------------------------------------------------------------------------- /3rdparty/exported/QCBOR/.travis.yml: -------------------------------------------------------------------------------- 1 | os: 2 | - linux 3 | 4 | language: c 5 | compiler: 6 | - gcc 7 | 8 | env: 9 | sudo: false 10 | addons: 11 | apt: 12 | packages: 13 | - make 14 | 15 | install: 16 | - make 17 | 18 | script: 19 | - ./qcbortest 20 | 21 | -------------------------------------------------------------------------------- /3rdparty/exported/QCBOR/UsefulBuf.h: -------------------------------------------------------------------------------- 1 | #include "qcbor/UsefulBuf.h" 2 | -------------------------------------------------------------------------------- /3rdparty/exported/QCBOR/doc/DocReadMe.txt: -------------------------------------------------------------------------------- 1 | Most documentation is in the header files in ../inc/qcbor/. 2 | The files here are additional articles. 3 | There is cross-referencing between these articles and the header files. 4 | 5 | -------------------------------------------------------------------------------- /3rdparty/exported/QCBOR/example.h: -------------------------------------------------------------------------------- 1 | /*============================================================================== 2 | example.h -- QCBOR encode and decode example 3 | 4 | Copyright (c) 2020, Laurence Lundblade. All rights reserved. 5 | 6 | SPDX-License-Identifier: BSD-3-Clause 7 | 8 | See BSD-3-Clause license in file named "LICENSE" 9 | 10 | Created on 6/30/20 11 | =============================================================================*/ 12 | 13 | #ifndef qcborExample_h 14 | #define qcborExample_h 15 | 16 | #include 17 | 18 | int32_t RunQCborExample(void); 19 | 20 | #endif /* qcborExample_h */ 21 | -------------------------------------------------------------------------------- /3rdparty/exported/QCBOR/ub-example.h: -------------------------------------------------------------------------------- 1 | /* ========================================================================= 2 | ub-example.h -- Example code for UsefulBuf 3 | 4 | Copyright (c) 2022, Laurence Lundblade. All rights reserved. 5 | 6 | SPDX-License-Identifier: BSD-3-Clause 7 | 8 | See BSD-3-Clause license in file named "LICENSE" 9 | 10 | Created on 4/8/22 11 | ========================================================================== */ 12 | #ifndef ub_example_h 13 | #define ub_example_h 14 | 15 | #include 16 | 17 | int32_t RunUsefulBufExample(void); 18 | 19 | #endif /* ub_example_h */ 20 | -------------------------------------------------------------------------------- /3rdparty/exported/fmt/core.h: -------------------------------------------------------------------------------- 1 | // This file is only provided for compatibility and may be removed in future 2 | // versions. Use fmt/base.h if you don't need fmt::format and fmt/format.h 3 | // otherwise. 4 | 5 | #include "format.h" 6 | -------------------------------------------------------------------------------- /3rdparty/exported/quickjs/VERSION: -------------------------------------------------------------------------------- 1 | 2024-01-13 2 | -------------------------------------------------------------------------------- /3rdparty/exported/quickjs/doc/jsbignum.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/3rdparty/exported/quickjs/doc/jsbignum.pdf -------------------------------------------------------------------------------- /3rdparty/exported/quickjs/doc/quickjs.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/3rdparty/exported/quickjs/doc/quickjs.pdf -------------------------------------------------------------------------------- /3rdparty/exported/quickjs/examples/fib_module.js: -------------------------------------------------------------------------------- 1 | /* fib module */ 2 | export function fib(n) 3 | { 4 | if (n <= 0) 5 | return 0; 6 | else if (n == 1) 7 | return 1; 8 | else 9 | return fib(n - 1) + fib(n - 2); 10 | } 11 | -------------------------------------------------------------------------------- /3rdparty/exported/quickjs/examples/hello.js: -------------------------------------------------------------------------------- 1 | console.log("Hello World"); 2 | -------------------------------------------------------------------------------- /3rdparty/exported/quickjs/examples/hello_module.js: -------------------------------------------------------------------------------- 1 | /* example of JS module */ 2 | 3 | import { fib } from "./fib_module.js"; 4 | 5 | console.log("Hello World"); 6 | console.log("fib(10)=", fib(10)); 7 | -------------------------------------------------------------------------------- /3rdparty/exported/quickjs/examples/test_fib.js: -------------------------------------------------------------------------------- 1 | /* example of JS module importing a C module */ 2 | 3 | import { fib } from "./fib.so"; 4 | 5 | console.log("Hello World"); 6 | console.log("fib(10)=", fib(10)); 7 | -------------------------------------------------------------------------------- /3rdparty/exported/quickjs/quickjs-exports.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "quickjs.h" 4 | 5 | // See quickjs-exports.c for details. 6 | 7 | extern "C" { 8 | 9 | int JS_GetModuleExportEntriesCount(JSModuleDef *m); 10 | JSValue JS_GetModuleExportEntry(JSContext *ctx, JSModuleDef *m, int idx); 11 | JSAtom JS_GetModuleExportEntryName(JSContext *ctx, JSModuleDef *m, int idx); 12 | 13 | } 14 | -------------------------------------------------------------------------------- /3rdparty/exported/quickjs/quickjs-time.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | extern int qjs_gettimeofday(struct JSContext* ctx, struct timeval* tv, void* tz); 4 | 5 | struct tm* qjs_localtime_r(const time_t* timep, struct tm* result) 6 | { 7 | if (result != NULL) 8 | { 9 | memset(result, 0, sizeof(struct tm)); 10 | } 11 | return 0; 12 | } 13 | 14 | // NB: Capturing JSContext* ctx that is assumed to exist at callsite! 15 | #define gettimeofday(tv, tz) qjs_gettimeofday(ctx, tv, tz) 16 | #define localtime_r qjs_localtime_r -------------------------------------------------------------------------------- /3rdparty/exported/quickjs/readme.txt: -------------------------------------------------------------------------------- 1 | The main documentation is in doc/quickjs.pdf or doc/quickjs.html. 2 | -------------------------------------------------------------------------------- /3rdparty/exported/quickjs/test262o_errors.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/3rdparty/exported/quickjs/test262o_errors.txt -------------------------------------------------------------------------------- /3rdparty/exported/quickjs/unicode_download.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | url="ftp://ftp.unicode.org/Public/15.0.0/ucd" 5 | emoji_url="${url}/emoji/emoji-data.txt" 6 | 7 | files="CaseFolding.txt DerivedNormalizationProps.txt PropList.txt \ 8 | SpecialCasing.txt CompositionExclusions.txt ScriptExtensions.txt \ 9 | UnicodeData.txt DerivedCoreProperties.txt NormalizationTest.txt Scripts.txt \ 10 | PropertyValueAliases.txt" 11 | 12 | mkdir -p unicode 13 | 14 | for f in $files; do 15 | g="${url}/${f}" 16 | wget $g -O unicode/$f 17 | done 18 | 19 | wget $emoji_url -O unicode/emoji-data.txt 20 | -------------------------------------------------------------------------------- /3rdparty/exported/small_vector/README.md: -------------------------------------------------------------------------------- 1 | # SmallVector 2 | 3 | This is [llvm::SmallVector](http://llvm.org/docs/doxygen/html/classllvm_1_1SmallVector.html) stripped from any LLVM dependency. 4 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/.gitignore: -------------------------------------------------------------------------------- 1 | # conventional build dirs 2 | release*/ 3 | debug*/ 4 | build*/ 5 | cmake-build-*/ 6 | 7 | # cmake intermediate files 8 | CMakeFiles/ 9 | 10 | # vscode dirs 11 | .vscode/ 12 | .vs/ 13 | 14 | # jetbrains IDE dirs 15 | .idea/ 16 | 17 | # special endings 18 | *~ 19 | *.sw? 20 | 21 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/backend/base_constants.h: -------------------------------------------------------------------------------- 1 | 2 | 3 | #pragma once 4 | 5 | #include "../backend/backend.h" 6 | 7 | namespace snmalloc 8 | { 9 | /** 10 | * Base range configuration contains common parts of other ranges. 11 | */ 12 | struct BaseLocalStateConstants 13 | { 14 | protected: 15 | // Size of requests that the global cache should use 16 | static constexpr size_t GlobalCacheSizeBits = 24; 17 | 18 | // Size of requests that the local cache should use 19 | static constexpr size_t LocalCacheSizeBits = 21; 20 | }; 21 | } // namespace snmalloc -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/backend_helpers/backend_helpers.h: -------------------------------------------------------------------------------- 1 | #include "../mem/mem.h" 2 | #include "authmap.h" 3 | #include "buddy.h" 4 | #include "commitrange.h" 5 | #include "commonconfig.h" 6 | #include "defaultpagemapentry.h" 7 | #include "empty_range.h" 8 | #include "globalrange.h" 9 | #include "indirectrange.h" 10 | #include "largebuddyrange.h" 11 | #include "logrange.h" 12 | #include "noprange.h" 13 | #include "pagemap.h" 14 | #include "pagemapregisterrange.h" 15 | #include "palrange.h" 16 | #include "range_helpers.h" 17 | #include "smallbuddyrange.h" 18 | #include "staticconditionalrange.h" 19 | #include "statsrange.h" 20 | #include "subrange.h" 21 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/backend_helpers/empty_range.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include "../ds_core/ds_core.h" 3 | 4 | namespace snmalloc 5 | { 6 | template 7 | class EmptyRange 8 | { 9 | public: 10 | static constexpr bool Aligned = true; 11 | 12 | static constexpr bool ConcurrencySafe = true; 13 | 14 | using ChunkBounds = B; 15 | 16 | constexpr EmptyRange() = default; 17 | 18 | CapPtr alloc_range(size_t) 19 | { 20 | return nullptr; 21 | } 22 | }; 23 | } // namespace snmalloc 24 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/backend_helpers/globalrange.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../ds/ds.h" 4 | #include "empty_range.h" 5 | #include "lockrange.h" 6 | #include "staticrange.h" 7 | 8 | namespace snmalloc 9 | { 10 | /** 11 | * Makes the supplied ParentRange into a global variable, 12 | * and protects access with a lock. 13 | */ 14 | struct GlobalRange 15 | { 16 | template> 17 | class Type : public Pipe 18 | {}; 19 | }; 20 | } // namespace snmalloc 21 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/ds/ds.h: -------------------------------------------------------------------------------- 1 | /** 2 | * Data structures used by snmalloc. 3 | * 4 | */ 5 | #pragma once 6 | #include "../pal/pal.h" 7 | #include "aba.h" 8 | #include "allocconfig.h" 9 | #include "combininglock.h" 10 | #include "entropy.h" 11 | #include "flaglock.h" 12 | #include "mpmcstack.h" 13 | #include "pagemap.h" 14 | #include "singleton.h" 15 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/ds/entropy.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #ifndef SNMALLOC_PLATFORM_HAS_GETENTROPY 4 | # include 5 | #endif 6 | 7 | namespace snmalloc 8 | { 9 | template 10 | std::enable_if_t, uint64_t> get_entropy64() 11 | { 12 | return PAL::get_entropy64(); 13 | } 14 | 15 | template 16 | std::enable_if_t, uint64_t> get_entropy64() 17 | { 18 | #ifdef SNMALLOC_PLATFORM_HAS_GETENTROPY 19 | return DefaultPal::get_entropy64(); 20 | #else 21 | std::random_device rd; 22 | uint64_t a = rd(); 23 | return (a << 32) ^ rd(); 24 | #endif 25 | } 26 | } // namespace snmalloc 27 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/ds_core/ds_core.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | /** 3 | * The core definitions for snmalloc. These provide some basic helpers that do 4 | * not depend on anything except for a working C++ implementation. 5 | * 6 | * Files in this directory may not include anything from any other directory in 7 | * snmalloc. 8 | */ 9 | 10 | #include "bits.h" 11 | #include "concept.h" 12 | #include "defines.h" 13 | #include "helpers.h" 14 | #include "mitigations.h" 15 | #include "ptrwrap.h" 16 | #include "redblacktree.h" 17 | #include "seqset.h" 18 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/global/global.h: -------------------------------------------------------------------------------- 1 | #include "bounds_checks.h" 2 | #include "libc.h" 3 | #include "memcpy.h" 4 | #include "scopedalloc.h" 5 | #include "threadalloc.h" 6 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/mem/mem.h: -------------------------------------------------------------------------------- 1 | #include "backend_concept.h" 2 | #include "backend_wrappers.h" 3 | #include "corealloc.h" 4 | #include "entropy.h" 5 | #include "external_alloc.h" 6 | #include "freelist.h" 7 | #include "globalalloc.h" 8 | #include "localalloc.h" 9 | #include "localcache.h" 10 | #include "metadata.h" 11 | #include "pool.h" 12 | #include "pooled.h" 13 | #include "remoteallocator.h" 14 | #include "remotecache.h" 15 | #include "sizeclasstable.h" 16 | #include "ticker.h" 17 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/override/malloc-extensions.cc: -------------------------------------------------------------------------------- 1 | #include "malloc-extensions.h" 2 | 3 | #include "../snmalloc.h" 4 | 5 | using namespace snmalloc; 6 | 7 | void get_malloc_info_v1(malloc_info_v1* stats) 8 | { 9 | auto curr = Alloc::Config::Backend::get_current_usage(); 10 | auto peak = Alloc::Config::Backend::get_peak_usage(); 11 | stats->current_memory_usage = curr; 12 | stats->peak_memory_usage = peak; 13 | } 14 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/override/memcpy.cc: -------------------------------------------------------------------------------- 1 | #include "override.h" 2 | 3 | extern "C" 4 | { 5 | /** 6 | * Snmalloc checked memcpy. 7 | */ 8 | SNMALLOC_EXPORT void* 9 | SNMALLOC_NAME_MANGLE(memcpy)(void* dst, const void* src, size_t len) 10 | { 11 | return snmalloc::memcpy(dst, src, len); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/override/override.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "snmalloc/snmalloc.h" 4 | 5 | #ifndef SNMALLOC_EXPORT 6 | # define SNMALLOC_EXPORT 7 | #endif 8 | #ifdef SNMALLOC_STATIC_LIBRARY_PREFIX 9 | # define __SN_CONCAT(a, b) a##b 10 | # define __SN_EVALUATE(a, b) __SN_CONCAT(a, b) 11 | # define SNMALLOC_NAME_MANGLE(a) \ 12 | __SN_EVALUATE(SNMALLOC_STATIC_LIBRARY_PREFIX, a) 13 | #elif !defined(SNMALLOC_NAME_MANGLE) 14 | # define SNMALLOC_NAME_MANGLE(a) a 15 | #endif 16 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/pal/pal_timer_default.h: -------------------------------------------------------------------------------- 1 | 2 | #pragma once 3 | 4 | #include "pal_consts.h" 5 | #include "pal_ds.h" 6 | 7 | namespace snmalloc 8 | { 9 | template 10 | class PalTimerDefaultImpl 11 | { 12 | inline static PalTimer timers{}; 13 | 14 | public: 15 | static uint64_t time_in_ms() 16 | { 17 | auto time = PalTime::internal_time_in_ms(); 18 | 19 | // Process timers 20 | timers.check(time); 21 | 22 | return time; 23 | } 24 | 25 | static void register_timer(PalTimerObject* timer) 26 | { 27 | timers.register_timer(timer); 28 | } 29 | }; 30 | } // namespace snmalloc 31 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/snmalloc_core.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "backend_helpers/backend_helpers.h" 4 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/snmalloc/snmalloc_front.h: -------------------------------------------------------------------------------- 1 | #include "global/global.h" 2 | -------------------------------------------------------------------------------- /3rdparty/exported/snmalloc/src/test/func/two_alloc_types/alloc2.cc: -------------------------------------------------------------------------------- 1 | #ifndef SNMALLOC_TRACING 2 | # define SNMALLOC_TRACING 3 | #endif 4 | 5 | #define SNMALLOC_NAME_MANGLE(a) host_##a 6 | // Redefine the namespace, so we can have two versions. 7 | #define snmalloc snmalloc_host 8 | #include 9 | -------------------------------------------------------------------------------- /3rdparty/exported/t_cose/mainpage.dox: -------------------------------------------------------------------------------- 1 | /*! @mainpage t_cose Documentation 2 | 3 | t_cose 1.x is available for download [here on github](http://github.com/laurencelundblade/t_cose) 4 | (alpha release of t_cose 2.x which supports encryption, multiple signature and mac is also available). 5 | 6 | This documentation is for t_cose 1.x. 7 | 8 | @par Table of Contents 9 | 10 | API Reference: 11 | - Common 12 | - Error codes and common constants: @ref inc/t_cose/t_cose_common.h "t_cose_common.h" 13 | - Signing 14 | - Main/Basic signing functions: @ref inc/t_cose/t_cose_sign1_sign.h "t_cose_sign1_sign.h" 15 | - Verification 16 | - Main/Basic verification functions: @ref inc/t_cose/t_cose_sign1_verify.h "t_cose_sign1_verify.h" 17 | 18 | */ 19 | -------------------------------------------------------------------------------- /3rdparty/exported/t_cose/t-cose-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/3rdparty/exported/t_cose/t-cose-logo.png -------------------------------------------------------------------------------- /3rdparty/exported/t_cose/test/keys/README.txt: -------------------------------------------------------------------------------- 1 | To list curves: 2 | 3 | openssl ecparam -list_curves 4 | 5 | To generate an ECDSA key: 6 | 7 | openssl ecparam -genkey -name secp384r1 -out k.pem 8 | 9 | To print out the ECDSA key: 10 | 11 | openssl ec -in k.pem -noout -text 12 | 13 | 14 | https://kjur.github.io/jsrsasign/sample/sample-ecdsa.html 15 | https://superuser.com/questions/1103401/generate-an-ecdsa-key-and-csr-with-openssl 16 | -------------------------------------------------------------------------------- /3rdparty/exported/t_cose/test/keys/prime256v1.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BggqhkjOPQMBBw== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MHcCAQEEIPG3FCNDQC87XecxXqiU+dpc9QP/eTijfKFOsDKGmIRQoAoGCCqGSM49 6 | AwEHoUQDQgAEN6tllV+uBGZnPDopNKNPLw7Cs+7CJBmFV5mPwEv0srSV2XmPJTnJ 7 | DX0QKzu72n/L2w6bWNThrS5hUI2nX4Smew== 8 | -----END EC PRIVATE KEY----- 9 | -------------------------------------------------------------------------------- /3rdparty/exported/t_cose/test/keys/secp384r1.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDAD3xT0uKQ/2Kt1pgRr0rXqpv0QsrID/Yp415Ft4gqiQes37D1MaT0j 6 | uitPbltm9X+gBwYFK4EEACKhZANiAAS92cP4GMnO8+EeLUDndb6ze8N2aY1xln+T 7 | M3pOAy3/sRtQUGfd20IUtW2bzsWRd+zNirBfUJdZM7mnONkMCwfrlRlWfvkHWAfP 8 | dxOfwf6FYIhRNhE2gGEj7cc1zloD6OQ= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /3rdparty/exported/t_cose/test/keys/secp521r1.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIw== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIHcAgEBBEIARdLRQ5Q1+rMzscbItTTwlpOWrWTV9TXWX2jyoWBlkLsV/VMi/Jek 6 | FsOVdF5yx8hRmMCSGrO46S3ZAbWkIVmtrG2gBwYFK4EEACOhgYkDgYYABADk0lMX 7 | WhQxH8LdSHaHcMtJsHvRXTJ765iqM+YM0BgbF/uPHL8H28hlL/W3tEUsCC4GhsD6 8 | uAiQccvFNxAdNEuUwgHmQk86GNpPIOyr+8hLhGfCF81nBV+l3sf7GuhwgjAsGBPK 9 | pLexzyjZRnfkhvtLMXCX6TB6vbnVAYd3mj0eaCwSPA== 10 | -----END EC PRIVATE KEY----- 11 | -------------------------------------------------------------------------------- /3rdparty/internal/valijson/constraint_builder.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | namespace valijson { 4 | 5 | namespace adapters { 6 | class Adapter; 7 | } 8 | 9 | namespace constraints { 10 | struct Constraint; 11 | } 12 | 13 | class ConstraintBuilder 14 | { 15 | public: 16 | virtual ~ConstraintBuilder() = default; 17 | 18 | virtual constraints::Constraint * make(const adapters::Adapter &) const = 0; 19 | }; 20 | 21 | } // namespace valijson 22 | -------------------------------------------------------------------------------- /3rdparty/internal/valijson/internal/optional.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #if __cplusplus >= 201703 4 | // Visual C++ only supports __has_include in versions 14.12 and greater 5 | # if !defined(_MSC_VER) || _MSC_VER >= 1912 6 | # if __has_include() 7 | # include 8 | namespace opt = std; 9 | # endif 10 | # endif 11 | #else 12 | # include 13 | namespace opt = std::experimental; 14 | #endif 15 | -------------------------------------------------------------------------------- /3rdparty/internal/valijson/internal/optional_bundled.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | namespace opt = std::experimental; 4 | -------------------------------------------------------------------------------- /CCF-PAPER-VLDB-2023.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/CCF-PAPER-VLDB-2023.pdf -------------------------------------------------------------------------------- /CCF-TECHNICAL-REPORT.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/CCF-TECHNICAL-REPORT.pdf -------------------------------------------------------------------------------- /CCF-VERIFICATION-NSDI-2025.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/CCF-VERIFICATION-NSDI-2025.pdf -------------------------------------------------------------------------------- /cddl/ccf-tree-alg.cddl: -------------------------------------------------------------------------------- 1 | ccf-inclusion-proof = { 2 | &(leaf: 1) => ccf-leaf 3 | &(path: 2) => [+ ccf-proof-element] 4 | } 5 | 6 | ccf-leaf = [ 7 | internal-transaction-hash: bstr .size 32 ; a string of HASH_SIZE(32) bytes 8 | internal-evidence: tstr .size (1..1024) ; a string of at most 1024 bytes 9 | data-hash: bstr .size 32 ; a string of HASH_SIZE(32) bytes 10 | ] 11 | 12 | ccf-proof-element = [ 13 | left: bool ; position of the element 14 | hash: bstr .size 32 ; hash of the proof element (string of HASH_SIZE(32) bytes) 15 | ] 16 | -------------------------------------------------------------------------------- /cmake/ccf_snp-config.cmake.in: -------------------------------------------------------------------------------- 1 | @PACKAGE_INIT@ 2 | 3 | set(CCF_DIR "@CMAKE_INSTALL_PREFIX@") 4 | set(SAN "@SAN@") 5 | 6 | include("${CCF_DIR}/cmake/ccf-targets.cmake") 7 | include("${CCF_DIR}/cmake/preproject.cmake") 8 | include("${CCF_DIR}/cmake/ccf_app.cmake") 9 | include("${CCF_DIR}/cmake/tools.cmake") 10 | -------------------------------------------------------------------------------- /cmake/ccf_virtual-config.cmake.in: -------------------------------------------------------------------------------- 1 | @PACKAGE_INIT@ 2 | 3 | set(CCF_DIR "@CMAKE_INSTALL_PREFIX@") 4 | set(SAN "@SAN@") 5 | 6 | include("${CCF_DIR}/cmake/ccf-targets.cmake") 7 | include("${CCF_DIR}/cmake/preproject.cmake") 8 | include("${CCF_DIR}/cmake/ccf_app.cmake") 9 | include("${CCF_DIR}/cmake/tools.cmake") 10 | -------------------------------------------------------------------------------- /doc/_static/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/doc/_static/.gitkeep -------------------------------------------------------------------------------- /doc/_static/ccf_overview.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/doc/_static/ccf_overview.png -------------------------------------------------------------------------------- /doc/_static/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/doc/_static/favicon.ico -------------------------------------------------------------------------------- /doc/_templates/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/doc/_templates/.gitkeep -------------------------------------------------------------------------------- /doc/architecture/receipts.rst: -------------------------------------------------------------------------------- 1 | Receipts 2 | ======== 3 | 4 | CCF implements `write` receipts, which are signed proofs associated with a transaction. They serve two main purposes: 5 | 6 | 1. :ref:`Endorse ` claims made by the application logic, ie. a signed statement of fact, verifiable offline and by third parties, equivalent to "this transaction produced this outcome at this position in the ledger". 7 | 2. Together with a copy of the ledger, or other receipts, they can be used to :ref:`audit ` the service and hold the consortium to account. 8 | 9 | Internally, receipts are also used to establish the validity of ledger snapshots. -------------------------------------------------------------------------------- /doc/build_apps/auth/cert.rst: -------------------------------------------------------------------------------- 1 | Certificate Authentication 2 | ========================== 3 | 4 | User identities in CCF are X.509 certificates. They can be added or removed via governance proposals, which are subject to the consortium constitution rules (see :ref:`governance/open_network:Adding Users`). 5 | 6 | Requests sent by users can be authenticated one of two ways: 7 | 8 | - via the TLS handshake, in which a client uses the user private key to prove its identity (e.g. using the ``--key`` and ``--cert`` argument to ``curl``) 9 | - by :ref:`use_apps/issue_commands:Signing` the request contents with the user private key, following the scheme described `here `_. 10 | -------------------------------------------------------------------------------- /doc/build_apps/build_app.rst: -------------------------------------------------------------------------------- 1 | Build CCF Applications 2 | ====================== 3 | 4 | .. note:: Before building a CCF application, make sure that CCF is installed (see :doc:`/build_apps/install_bin`). 5 | 6 | Once an application is complete, it needs to be built into a shared object. 7 | 8 | Using ``cmake``, an application can be built using the functions provided by CCF's ``cmake/ccf_app.cmake``. For example, for the ``js_generic`` JavaScript application: 9 | 10 | .. literalinclude:: ../../CMakeLists.txt 11 | :language: cmake 12 | :start-after: SNIPPET_START: JS generic application 13 | :end-before: SNIPPET_END: JS generic application -------------------------------------------------------------------------------- /doc/build_apps/example_rpc_api.rst: -------------------------------------------------------------------------------- 1 | Example app RPC API 2 | =================== 3 | 4 | .. openapi:: ../schemas/app_openapi.json 5 | :include: 6 | /app/log/.* 7 | 8 | There are also built-in endpoints added by CCF which are described in :doc:`/use_apps/rpc_api`. -------------------------------------------------------------------------------- /doc/build_apps/kv/index.rst: -------------------------------------------------------------------------------- 1 | Key-Value Store 2 | =============== 3 | 4 | The key-value store represents the internal state of the network. It is used by applications to store data to and read from the ledger. 5 | 6 | .. toctree:: 7 | kv_how_to 8 | kv_serialisation 9 | api -------------------------------------------------------------------------------- /doc/governance/akv_identity_cert_policy.json: -------------------------------------------------------------------------------- 1 | { 2 | "issuerParameters": { 3 | "certificateTransparency": null, 4 | "name": "Self" 5 | }, 6 | "keyProperties": { 7 | "curve": "P-384", 8 | "exportable": true, 9 | "keyType": "EC", 10 | "reuseKey": true 11 | }, 12 | "lifetimeActions": [ 13 | { 14 | "action": { 15 | "actionType": "AutoRenew" 16 | }, 17 | "trigger": { 18 | "daysBeforeExpiry": 90 19 | } 20 | } 21 | ], 22 | "secretProperties": { 23 | "contentType": "application/x-pkcs12" 24 | }, 25 | "x509CertificateProperties": { 26 | "keyUsage": ["digitalSignature"], 27 | "subject": "CN=Member", 28 | "validityInMonths": 12 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /doc/governance/gov_api_schemas/2023-06-01-preview.rst: -------------------------------------------------------------------------------- 1 | 2023-06-01-preview 2 | ================== 3 | 4 | This API is available by passing the query parameter ``api-version=2023-06-01-preview`` to endpoints under the ``/gov`` prefix. 5 | 6 | This is available from CCF 5.0.0-dev3. 7 | 8 | .. openapi:: ../../schemas/gov/2023-06-01-preview/gov.json 9 | -------------------------------------------------------------------------------- /doc/governance/gov_api_schemas/2024-07-01.rst: -------------------------------------------------------------------------------- 1 | 2024-07-01 2 | ========== 3 | 4 | This API is available by passing the query parameter ``api-version=2024-07-01`` to endpoints under the ``/gov`` prefix. 5 | 6 | This is available from CCF 5.0.0-rc1. 7 | 8 | .. openapi:: ../../schemas/gov/2024-07-01/gov.json 9 | -------------------------------------------------------------------------------- /doc/governance/gov_api_schemas/classic.rst: -------------------------------------------------------------------------------- 1 | Classic API (Deprecated) 2 | ======================== 3 | 4 | Available in CCF versions before 5.0.0. 5 | 6 | Any request calling a path with a ``/gov`` prefix which does not include the ``api-version`` query parameter is calling the classic API. 7 | 8 | .. warning:: This API is deprecated, and will be removed in a future release. See :doc:`/governance/gov_api_schemas/upgrading_from_classic` for a guide to upgrading to a more recent version. 9 | 10 | .. openapi:: ../../schemas/gov_openapi.json 11 | -------------------------------------------------------------------------------- /doc/governance/member_rpc_api.rst: -------------------------------------------------------------------------------- 1 | Member RPC API 2 | ============== 3 | 4 | Member RPCs are exposed under the ``/gov`` prefix. Many require COSE authentication, with the payload signed by a member identity. Others provide public read access to governance state. 5 | 6 | Multiple API versions are available, with the versions supported by the current CCF version listed below: 7 | 8 | .. toctree:: 9 | 10 | gov_api_schemas/2024-07-01 11 | gov_api_schemas/2023-06-01-preview 12 | gov_api_schemas/classic 13 | gov_api_schemas/upgrading_from_classic 14 | -------------------------------------------------------------------------------- /doc/historical_ccf_requirements.txt: -------------------------------------------------------------------------------- 1 | # Only used to build documentation for historical versions 2 | requests_http_signature 3 | websocket 4 | httpx -------------------------------------------------------------------------------- /doc/img/about-ccf.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/doc/img/about-ccf.png -------------------------------------------------------------------------------- /doc/img/ccf_release.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/doc/img/ccf_release.png -------------------------------------------------------------------------------- /doc/index.html: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /doc/operations/operator_rpc_api.rst: -------------------------------------------------------------------------------- 1 | Operator RPC API 2 | ================ 3 | 4 | Operator RPCs are exposed under ``/node`` and do not require authentication. 5 | 6 | .. openapi:: ../schemas/node_openapi.json -------------------------------------------------------------------------------- /doc/operations/platforms/index.rst: -------------------------------------------------------------------------------- 1 | Platforms 2 | =================== 3 | 4 | CCF can run on several hardware platforms/trusted execution environments, which will have impact on the security guarantees of the service and on how attestation reports are generated and verified. 5 | 6 | .. toctree:: 7 | :maxdepth: 1 8 | 9 | snp 10 | virtual 11 | 12 | CCF releases (RPM packages) are available for each platform. -------------------------------------------------------------------------------- /doc/requirements.txt: -------------------------------------------------------------------------------- 1 | breathe 2 | sphinx 3 | bottle 4 | sphinx-autobuild 5 | sphinxcontrib-mermaid 6 | sphinx-multiversion 7 | sphinx-copybutton 8 | sphinxcontrib.openapi 9 | sphinx-panels 10 | sphinx-inline-tabs 11 | furo 12 | # docutils 0.17.0 causes "AttributeError: module 13 | # 'docutils.nodes' has no attribute 'meta'" error when building doc 14 | docutils==0.18.* 15 | # Required-by: sphinxcontrib-openapi 16 | # cannot import name 'error_string' from 'docutils.io' 17 | sphinx-mdinclude==0.5.4 18 | -------------------------------------------------------------------------------- /doc/schemas/gov/2023-06-01-preview/examples/Ballots_Get.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "Ballots_Get", 3 | "operationId": "Ballots_Get", 4 | "parameters": { 5 | "api-version": "2023-06-01-preview", 6 | "proposalId": "1c04c5bb4bdc207dbf35bc4b32dbf92cbc23eabb34a6e8b163b2de2c7833e87b", 7 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970" 8 | }, 9 | "responses": { 10 | "200": { 11 | "body": { 12 | "script": "export function vote (rawProposal, proposerId) { return true }" 13 | } 14 | } 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /doc/schemas/gov/2023-06-01-preview/examples/EncryptedShares_Get.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "EncryptedShares_Get", 3 | "operationId": "EncryptedShares_Get", 4 | "parameters": { 5 | "api-version": "2023-06-01-preview", 6 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970" 7 | }, 8 | "responses": { 9 | "200": { 10 | "body": { 11 | "encryptedShare": "ZW5jcnlwdGVkU2hhcmUx" 12 | } 13 | } 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /doc/schemas/gov/2023-06-01-preview/examples/Proposals_Create.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "Proposals_Create", 3 | "operationId": "Proposals_Create", 4 | "parameters": { 5 | "api-version": "2023-06-01-preview", 6 | "body": "{binary COSE Sign1}" 7 | }, 8 | "responses": { 9 | "200": { 10 | "body": { 11 | "proposalId": "1c04c5bb4bdc207dbf35bc4b32dbf92cbc23eabb34a6e8b163b2de2c7833e87b", 12 | "proposerId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970", 13 | "proposalState": "Open", 14 | "ballotCount": 0, 15 | "finalVotes": {} 16 | } 17 | } 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /doc/schemas/gov/2023-06-01-preview/examples/ServiceState_GetConstitution.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "ServiceState_GetConstitution", 3 | "operationId": "ServiceState_GetConstitution", 4 | "parameters": { 5 | "api-version": "2023-06-01-preview" 6 | }, 7 | "responses": { 8 | "200": { 9 | "body": { 10 | "constitution": "export function validate(input) {\n ...\n}\n\nexport function resolve(proposal, proposerId, votes) {\n ...\n}\n\nexport function apply(proposal, proposalId) {\n ...\n}\n" 11 | } 12 | } 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /doc/schemas/gov/2023-06-01-preview/examples/Shares_Submit.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "Shares_Submit", 3 | "operationId": "Shares_Submit", 4 | "parameters": { 5 | "api-version": "2023-06-01-preview", 6 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970", 7 | "body": "{binary COSE Sign1}" 8 | }, 9 | "responses": { 10 | "200": { 11 | "body": { 12 | "message": "3/3 recovery shares successfully submitted.", 13 | "submittedCount": 0, 14 | "recoveryThreshold": 0 15 | } 16 | } 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /doc/schemas/gov/2023-06-01-preview/examples/StateDigests_Acknowledge.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "StateDigests_Acknowledge", 3 | "operationId": "StateDigests_Acknowledge", 4 | "parameters": { 5 | "api-version": "2023-06-01-preview", 6 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970", 7 | "body": "{binary COSE Sign1}" 8 | }, 9 | "responses": { 10 | "204": {} 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /doc/schemas/gov/2023-06-01-preview/examples/StateDigests_Get.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "StateDigests_Get", 3 | "operationId": "StateDigests_Get", 4 | "parameters": { 5 | "api-version": "2023-06-01-preview", 6 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970" 7 | }, 8 | "responses": { 9 | "200": { 10 | "body": { 11 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970", 12 | "stateDigest": "1cdc59855bb6b7edee42769ca3767bc9684b7a62ffcfcb8751a75dbe71c28e49" 13 | } 14 | } 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /doc/schemas/gov/2023-06-01-preview/examples/StateDigests_Update.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "StateDigests_Update", 3 | "operationId": "StateDigests_Update", 4 | "parameters": { 5 | "api-version": "2023-06-01-preview", 6 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970", 7 | "body": "{binary COSE Sign1}" 8 | }, 9 | "responses": { 10 | "200": { 11 | "body": { 12 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970", 13 | "stateDigest": "1cdc59855bb6b7edee42769ca3767bc9684b7a62ffcfcb8751a75dbe71c28e49" 14 | } 15 | } 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /doc/schemas/gov/2023-06-01-preview/examples/Transactions_Get.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "Transactions_Get", 3 | "operationId": "Transactions_Get", 4 | "parameters": { 5 | "api-version": "2023-06-01-preview", 6 | "transactionId": "2.42" 7 | }, 8 | "responses": { 9 | "200": { 10 | "body": { 11 | "status": "Committed" 12 | } 13 | } 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /doc/schemas/gov/2023-06-01-preview/examples/Transactions_GetCommit.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "Transactions_GetCommit", 3 | "operationId": "Transactions_GetCommit", 4 | "parameters": { 5 | "api-version": "2023-06-01-preview" 6 | }, 7 | "responses": { 8 | "200": { 9 | "body": { 10 | "status": "Committed", 11 | "transactionId": "7.2385" 12 | } 13 | } 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /doc/schemas/gov/2024-07-01/examples/Ballots_Get.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "Ballots_Get", 3 | "operationId": "Ballots_Get", 4 | "parameters": { 5 | "api-version": "2024-07-01", 6 | "proposalId": "1c04c5bb4bdc207dbf35bc4b32dbf92cbc23eabb34a6e8b163b2de2c7833e87b", 7 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970" 8 | }, 9 | "responses": { 10 | "200": { 11 | "body": { 12 | "script": "export function vote (rawProposal, proposerId) { return true }" 13 | } 14 | } 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /doc/schemas/gov/2024-07-01/examples/EncryptedShares_Get.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "EncryptedShares_Get", 3 | "operationId": "EncryptedShares_Get", 4 | "parameters": { 5 | "api-version": "2024-07-01", 6 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970" 7 | }, 8 | "responses": { 9 | "200": { 10 | "body": { 11 | "encryptedShare": "ZW5jcnlwdGVkU2hhcmUx" 12 | } 13 | } 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /doc/schemas/gov/2024-07-01/examples/Proposals_Create.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "Proposals_Create", 3 | "operationId": "Proposals_Create", 4 | "parameters": { 5 | "api-version": "2024-07-01", 6 | "body": "{binary COSE Sign1}" 7 | }, 8 | "responses": { 9 | "200": { 10 | "body": { 11 | "proposalId": "1c04c5bb4bdc207dbf35bc4b32dbf92cbc23eabb34a6e8b163b2de2c7833e87b", 12 | "proposerId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970", 13 | "proposalState": "Open", 14 | "ballotCount": 0, 15 | "finalVotes": {} 16 | } 17 | } 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /doc/schemas/gov/2024-07-01/examples/ServiceState_GetConstitution.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "ServiceState_GetConstitution", 3 | "operationId": "ServiceState_GetConstitution", 4 | "parameters": { 5 | "api-version": "2024-07-01" 6 | }, 7 | "responses": { 8 | "200": { 9 | "body": { 10 | "constitution": "export function validate(input) {\n ...\n}\n\nexport function resolve(proposal, proposerId, votes) {\n ...\n}\n\nexport function apply(proposal, proposalId) {\n ...\n}\n" 11 | } 12 | } 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /doc/schemas/gov/2024-07-01/examples/ServiceState_GetJwkInfo.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "ServiceState_GetJwkInfo", 3 | "operationId": "ServiceState_GetJwkInfo", 4 | "parameters": { 5 | "api-version": "2024-07-01" 6 | }, 7 | "responses": { 8 | "200": { 9 | "body": { 10 | "issuers": { 11 | "idprovider.myservice.example.com": { 12 | "autoRefresh": true, 13 | "caCertBundleName": "MyIdProviderCa" 14 | } 15 | }, 16 | "caCertBundles": { 17 | "MyIdProviderCa": "-----BEGIN CERTIFICATE-----\n...\n-----END CERTIFICATE-----\n" 18 | } 19 | } 20 | } 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /doc/schemas/gov/2024-07-01/examples/Shares_Submit.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "Shares_Submit", 3 | "operationId": "Shares_Submit", 4 | "parameters": { 5 | "api-version": "2024-07-01", 6 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970", 7 | "body": "{binary COSE Sign1}" 8 | }, 9 | "responses": { 10 | "200": { 11 | "body": { 12 | "message": "3/3 recovery shares successfully submitted.", 13 | "submittedCount": 0, 14 | "recoveryThreshold": 0 15 | } 16 | } 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /doc/schemas/gov/2024-07-01/examples/StateDigests_Acknowledge.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "StateDigests_Acknowledge", 3 | "operationId": "StateDigests_Acknowledge", 4 | "parameters": { 5 | "api-version": "2024-07-01", 6 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970", 7 | "body": "{binary COSE Sign1}" 8 | }, 9 | "responses": { 10 | "204": {} 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /doc/schemas/gov/2024-07-01/examples/StateDigests_Get.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "StateDigests_Get", 3 | "operationId": "StateDigests_Get", 4 | "parameters": { 5 | "api-version": "2024-07-01", 6 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970" 7 | }, 8 | "responses": { 9 | "200": { 10 | "body": { 11 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970", 12 | "stateDigest": "1cdc59855bb6b7edee42769ca3767bc9684b7a62ffcfcb8751a75dbe71c28e49" 13 | } 14 | } 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /doc/schemas/gov/2024-07-01/examples/StateDigests_Update.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "StateDigests_Update", 3 | "operationId": "StateDigests_Update", 4 | "parameters": { 5 | "api-version": "2024-07-01", 6 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970", 7 | "body": "{binary COSE Sign1}" 8 | }, 9 | "responses": { 10 | "200": { 11 | "body": { 12 | "memberId": "f8ac7c60c164f7f13c04ba41645b18eabcc55a8f799c83a90d001f4e89907970", 13 | "stateDigest": "1cdc59855bb6b7edee42769ca3767bc9684b7a62ffcfcb8751a75dbe71c28e49" 14 | } 15 | } 16 | } 17 | } -------------------------------------------------------------------------------- /doc/schemas/gov/2024-07-01/examples/Transactions_Get.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "Transactions_Get", 3 | "operationId": "Transactions_Get", 4 | "parameters": { 5 | "api-version": "2024-07-01", 6 | "transactionId": "2.42" 7 | }, 8 | "responses": { 9 | "200": { 10 | "body": { 11 | "status": "Committed" 12 | } 13 | } 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /doc/schemas/gov/2024-07-01/examples/Transactions_GetCommit.json: -------------------------------------------------------------------------------- 1 | { 2 | "title": "Transactions_GetCommit", 3 | "operationId": "Transactions_GetCommit", 4 | "parameters": { 5 | "api-version": "2024-07-01" 6 | }, 7 | "responses": { 8 | "200": { 9 | "body": { 10 | "status": "Committed", 11 | "transactionId": "7.2385" 12 | } 13 | } 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /doc/spelling_wordlist.txt: -------------------------------------------------------------------------------- 1 | Ansible 2 | auditability 3 | auditable 4 | Boolean 5 | ccf 6 | cryptographic 7 | cryptographically 8 | Diffie 9 | IPv 10 | js 11 | kv 12 | Lua 13 | mbedTLS 14 | Merkle 15 | npm 16 | plaintext 17 | ringbuffer 18 | ringbuffers 19 | Rollup 20 | schemas 21 | SGX 22 | stderr 23 | stdout 24 | uint 25 | -------------------------------------------------------------------------------- /doc/use_apps/rpc_api.rst: -------------------------------------------------------------------------------- 1 | RPC API 2 | ======= 3 | 4 | Application RPCs are exposed under ``/app`` and require authentication with a valid user identity. 5 | You can read what application endpoints may look like, as generated by the :doc:`example C++ logging app `, in :doc:`/build_apps/example_rpc_api`. 6 | 7 | Built-ins 8 | ---------- 9 | 10 | By default, CCF will also add some built-in endpoints: 11 | 12 | .. openapi:: ../schemas/app_openapi.json 13 | :include: 14 | /app/api 15 | /app/tx 16 | /app/commit 17 | /app/receipt 18 | /app/quote -------------------------------------------------------------------------------- /getting_started/README.md: -------------------------------------------------------------------------------- 1 | The `setup_vm` directory contains Ansible playbooks that allow setting up a VM or container with the necessary dependencies to build or run CCF applications. 2 | 3 | See https://microsoft.github.io/CCF/main/build_apps/install_bin.html for more detail. 4 | -------------------------------------------------------------------------------- /getting_started/setup_vm/app-dev.yml: -------------------------------------------------------------------------------- 1 | - hosts: localhost 2 | vars: 3 | run_only: false 4 | platform: "snp" 5 | clang_version: "15" 6 | tasks: 7 | - import_role: 8 | name: llvm_repo 9 | tasks_from: install.yml 10 | - import_role: 11 | name: ccf_build 12 | tasks_from: install.yml 13 | - import_role: 14 | name: ccf_install 15 | tasks_from: deb_install.yml 16 | - import_role: 17 | name: autoremove 18 | tasks_from: install.yml 19 | -------------------------------------------------------------------------------- /getting_started/setup_vm/app-run.yml: -------------------------------------------------------------------------------- 1 | - hosts: localhost 2 | vars: 3 | run_only: true 4 | platform: "snp" 5 | clang_version: "15" 6 | tasks: 7 | - import_role: 8 | name: llvm_repo 9 | tasks_from: install.yml 10 | - import_role: 11 | name: ccf_install 12 | tasks_from: deb_install.yml 13 | - import_role: 14 | name: autoremove 15 | tasks_from: install.yml 16 | -------------------------------------------------------------------------------- /getting_started/setup_vm/ccf-extended-testing.yml: -------------------------------------------------------------------------------- 1 | - hosts: localhost 2 | tasks: 3 | - import_role: 4 | name: pebble 5 | tasks_from: install.yml 6 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/autoremove/install.yml: -------------------------------------------------------------------------------- 1 | - name: Remove graphviz debian package 2 | apt: 3 | name: graphviz 4 | state: absent 5 | become: yes 6 | 7 | - name: Remove any uncessary packages 8 | apt: 9 | name: "autoremove" 10 | autoremove: yes 11 | become: yes 12 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/az_dcap/tasks/install.yml: -------------------------------------------------------------------------------- 1 | - name: Add Microsoft repository key 2 | apt_key: 3 | url: "https://packages.microsoft.com/keys/microsoft.asc" 4 | state: present 5 | become: true 6 | 7 | - name: Add Microsoft sources list 8 | apt_repository: 9 | repo: "deb [arch=amd64] https://packages.microsoft.com/ubuntu/{{ ansible_distribution_version }}/prod {{ ansible_distribution_release }} main" 10 | state: present 11 | become: true 12 | 13 | - name: Install the Azure DCAP Client 14 | apt: 15 | name: az-dcap-client 16 | state: present 17 | force: true 18 | become: true 19 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/ccf_install/vars/common.yml: -------------------------------------------------------------------------------- 1 | ccf_ver: "latest" 2 | run_js: false 3 | ccf_js_app_name: "libjs_generic" 4 | platform: "snp" 5 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/ccf_run/tasks/install.yml: -------------------------------------------------------------------------------- 1 | - name: Include vars for Clang 2 | include_vars: "clang{{ clang_version }}.yml" 3 | 4 | - name: Add stdcxx APT repository 5 | apt_repository: 6 | repo: "ppa:ubuntu-toolchain-r/test" 7 | state: present 8 | update_cache: yes 9 | become: true 10 | 11 | - name: Install debs 12 | apt: 13 | name: "{{ debs }}" 14 | update_cache: yes 15 | become: yes 16 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/ccf_run/vars/clang15.yml: -------------------------------------------------------------------------------- 1 | workspace: "/tmp/" 2 | debs: 3 | - libstdc++6 4 | - libuv1 5 | - libnghttp2-14 6 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/h2spec/tasks/install.yml: -------------------------------------------------------------------------------- 1 | - name: Include vars 2 | include_vars: common.yml 3 | 4 | - name: Download h2spec 5 | get_url: 6 | url: https://github.com/summerwind/h2spec/releases/download/v{{ h2spec_version }}/h2spec_linux_amd64.tar.gz 7 | dest: "{{ workspace }}/h2spec.tar.gz" 8 | become: true 9 | 10 | - name: Create directory for h2spec 11 | file: 12 | path: "{{ h2spec_install_prefix }}" 13 | state: directory 14 | become: true 15 | 16 | - name: Unpack h2spec 17 | unarchive: 18 | src: "{{ workspace }}/h2spec.tar.gz" 19 | dest: "{{ h2spec_install_prefix }}" 20 | become: true 21 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/h2spec/vars/common.yml: -------------------------------------------------------------------------------- 1 | workspace: "/tmp/" 2 | h2spec_version: 2.6.0 3 | h2spec_install_prefix: "/opt/h2spec" 4 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/lldb/tasks/install.yml: -------------------------------------------------------------------------------- 1 | - name: Include vars 2 | include_vars: common.yml 3 | 4 | - name: Install debs 5 | apt: 6 | name: "lldb" 7 | update_cache: yes 8 | become: yes 9 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/lldb/vars/common.yml: -------------------------------------------------------------------------------- 1 | workspace: "/tmp/" 2 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/llvm_repo/tasks/install.yml: -------------------------------------------------------------------------------- 1 | - name: Include vars 2 | include_vars: common.yml 3 | 4 | - name: Add LLVM repository key 5 | apt_key: 6 | url: "https://apt.llvm.org/llvm-snapshot.gpg.key" 7 | state: present 8 | become: yes 9 | 10 | - name: Add LLVM repository 11 | apt_repository: 12 | repo: "deb http://apt.llvm.org/{{ ansible_distribution_release }} llvm-toolchain-{{ ansible_distribution_release }}-{{ llvm_version }} main" 13 | state: present 14 | update_cache: yes 15 | become: yes 16 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/llvm_repo/vars/common.yml: -------------------------------------------------------------------------------- 1 | llvm_version: 15 2 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/nodejs/tasks/install.yml: -------------------------------------------------------------------------------- 1 | - name: Include vars 2 | include_vars: common.yml 3 | 4 | - name: Add NodeSource repository key 5 | apt_key: 6 | url: "https://deb.nodesource.com/gpgkey/nodesource.gpg.key" 7 | state: present 8 | become: yes 9 | 10 | - name: Add NodeSource repository 11 | apt_repository: 12 | repo: "deb https://deb.nodesource.com/node_{{ nodejs_version }}.x {{ ansible_distribution_release }} main" 13 | state: present 14 | update_cache: yes 15 | become: yes 16 | 17 | - name: Install Node.js 18 | apt: 19 | name: "nodejs" 20 | state: latest 21 | update_cache: yes 22 | install_recommends: no 23 | become: true 24 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/nodejs/vars/common.yml: -------------------------------------------------------------------------------- 1 | nodejs_version: 20 2 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/pebble/vars/common.yml: -------------------------------------------------------------------------------- 1 | pebble_version: "v2.3.1" 2 | pebble_install_prefix: "/opt/pebble" 3 | -------------------------------------------------------------------------------- /getting_started/setup_vm/roles/perf-tool/vars/common.yml: -------------------------------------------------------------------------------- 1 | # Copyright (c) Open Enclave SDK contributors. 2 | # Licensed under the MIT License. 3 | 4 | workspace: "/tmp" 5 | -------------------------------------------------------------------------------- /getting_started/setup_vm/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the Apache 2.0 License. 4 | 5 | set -ex 6 | 7 | # Install ansible from ppa because service_facts 8 | # is broken on Ubuntu 20.04 with the default apt package. 9 | # See https://github.com/ansible/ansible/issues/68536 (fixed in ansible >= 2.10) 10 | sudo apt-get -y update 11 | sudo apt install software-properties-common -y 12 | sudo add-apt-repository -y --update ppa:ansible/ansible 13 | sudo apt install ansible -y 14 | ansible-playbook "$@" -------------------------------------------------------------------------------- /include/ccf/ccf_deprecated.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #define CCF_DEPRECATED(reason) [[deprecated(reason)]] 6 | 7 | // ci-checks exception - only defines a macro 8 | namespace ccf 9 | {} 10 | -------------------------------------------------------------------------------- /include/ccf/crypto/hash_bytes.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include 6 | #include 7 | 8 | namespace ccf::crypto 9 | { 10 | using HashBytes = std::vector; 11 | } -------------------------------------------------------------------------------- /include/ccf/crypto/hkdf.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/crypto/md_type.h" 6 | 7 | #include 8 | #include 9 | 10 | namespace ccf::crypto 11 | { 12 | /** Perform HKDF key derivation */ 13 | std::vector hkdf( 14 | MDType md_type, 15 | size_t length, 16 | const std::span& ikm, 17 | const std::span& salt = {}, 18 | const std::span& info = {}); 19 | } -------------------------------------------------------------------------------- /include/ccf/crypto/hmac.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/crypto/hash_bytes.h" 6 | #include "ccf/crypto/md_type.h" 7 | 8 | namespace ccf::crypto 9 | { 10 | /** Compute the HMAC of @p key and @p data 11 | */ 12 | HashBytes hmac( 13 | MDType type, 14 | const std::vector& key, 15 | const std::vector& data); 16 | } 17 | -------------------------------------------------------------------------------- /include/ccf/crypto/md_type.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/ds/json.h" 6 | 7 | namespace ccf::crypto 8 | { 9 | enum class MDType 10 | { 11 | NONE = 0, 12 | SHA1, 13 | SHA256, 14 | SHA384, 15 | SHA512 16 | }; 17 | 18 | DECLARE_JSON_ENUM( 19 | MDType, 20 | {{MDType::NONE, "NONE"}, 21 | {MDType::SHA1, "SHA1"}, 22 | {MDType::SHA256, "SHA256"}, 23 | {MDType::SHA384, "SHA384"}, 24 | {MDType::SHA512, "SHA512"}}); 25 | } 26 | -------------------------------------------------------------------------------- /include/ccf/crypto/sha256.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/crypto/hash_bytes.h" 6 | 7 | #include 8 | 9 | namespace ccf::crypto 10 | { 11 | /** Compute the SHA256 hash of @p data 12 | * @param data The data to compute the hash of 13 | * 14 | * @return hashed value 15 | */ 16 | HashBytes sha256(const std::span& data); 17 | 18 | /** Compute the SHA256 hash of @p data 19 | * @param data The data to compute the hash of 20 | * @param len Length of the data 21 | * 22 | * @return hashed value 23 | */ 24 | HashBytes sha256(const uint8_t* data, size_t len); 25 | } 26 | -------------------------------------------------------------------------------- /include/ccf/ds/logger_level.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | namespace ccf 6 | { 7 | enum LoggerLevel 8 | { 9 | TRACE, 10 | DEBUG, // events useful for debugging 11 | INFO, // important events that should be logged even in release mode 12 | FAIL, // survivable failures that should always be logged 13 | FATAL, // fatal errors that may be non-recoverable 14 | MAX_LOG_LEVEL 15 | }; 16 | } 17 | -------------------------------------------------------------------------------- /include/ccf/frame_format.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | namespace ccf 6 | { 7 | enum class FrameFormat : uint8_t 8 | { 9 | http = 0 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /include/ccf/http_header_map.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include 6 | #include 7 | 8 | namespace ccf::http 9 | { 10 | using HeaderMap = std::map>; 11 | using HeaderKeyValue = HeaderMap::value_type; 12 | } 13 | -------------------------------------------------------------------------------- /include/ccf/http_status.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include 6 | 7 | namespace ccf 8 | { 9 | using http_status = llhttp_status; 10 | 11 | /* Returns a string version of the HTTP status code. */ 12 | static inline const char* http_status_str(http_status s) 13 | { 14 | return llhttp_status_name(s); 15 | } 16 | 17 | static inline bool is_http_status_client_error(http_status s) 18 | { 19 | return s >= 400 && s < 500; 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /include/ccf/js/extensions/README.md: -------------------------------------------------------------------------------- 1 | Files within this directory structure contain code which populate globals on the JS runtime environment. They should be named and nested to match the name of the global they insert. For instance `extensions/console.h` populates the object `console` in a JS env, and `extensions/ccf/crypto.h` populates `ccf.crypto`. 2 | -------------------------------------------------------------------------------- /include/ccf/js/extensions/ccf/host.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/js/extensions/extension_interface.h" 6 | #include "ccf/node/host_processes_interface.h" 7 | 8 | namespace ccf::js::extensions 9 | { 10 | /** 11 | * Adds the following functions: 12 | * 13 | * - ccf.host.triggerSubprocess 14 | * 15 | **/ 16 | class HostExtension : public ExtensionInterface 17 | { 18 | public: 19 | ccf::AbstractHostProcesses* host_processes; 20 | 21 | HostExtension(ccf::AbstractHostProcesses* hp) : host_processes(hp) {} 22 | 23 | void install(js::core::Context& ctx) override; 24 | }; 25 | } 26 | -------------------------------------------------------------------------------- /include/ccf/js/extensions/ccf/rpc.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/js/extensions/extension_interface.h" 6 | #include "ccf/rpc_context.h" 7 | 8 | namespace ccf::js::extensions 9 | { 10 | /** 11 | * Adds the following functions: 12 | * 13 | * - ccf.rpc.setApplyWrites 14 | * - ccf.rpc.setClaimsDigest 15 | * 16 | **/ 17 | class RpcExtension : public ExtensionInterface 18 | { 19 | public: 20 | ccf::RpcContext* rpc_ctx; 21 | 22 | RpcExtension(ccf::RpcContext* rc) : rpc_ctx(rc) {} 23 | 24 | void install(js::core::Context& ctx) override; 25 | }; 26 | } 27 | -------------------------------------------------------------------------------- /include/ccf/js/extensions/extension_interface.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include 6 | #include 7 | 8 | namespace ccf::js::core 9 | { 10 | class Context; 11 | } 12 | 13 | namespace ccf::js::extensions 14 | { 15 | class ExtensionInterface 16 | { 17 | public: 18 | virtual ~ExtensionInterface() = default; 19 | 20 | virtual void install(js::core::Context& ctx) = 0; 21 | }; 22 | 23 | using ExtensionPtr = std::shared_ptr; 24 | using Extensions = std::vector; 25 | } 26 | -------------------------------------------------------------------------------- /include/ccf/js/extensions/math/random.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/js/extensions/extension_interface.h" 6 | 7 | namespace ccf::js::extensions 8 | { 9 | // Implements Math.random in an enclave-compatible way 10 | class MathRandomExtension : public ExtensionInterface 11 | { 12 | public: 13 | MathRandomExtension() {} 14 | 15 | void install(js::core::Context& ctx) override; 16 | }; 17 | } 18 | -------------------------------------------------------------------------------- /include/ccf/js/extensions/snp_attestation.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/js/extensions/extension_interface.h" 6 | 7 | namespace ccf::js::extensions 8 | { 9 | /** 10 | * Adds the following functions: 11 | * 12 | * - snp_attestation.verifySnpAttestation 13 | * 14 | **/ 15 | class SnpAttestationExtension : public ExtensionInterface 16 | { 17 | public: 18 | SnpAttestationExtension() {} 19 | 20 | void install(js::core::Context& ctx) override; 21 | }; 22 | } -------------------------------------------------------------------------------- /include/ccf/js/kv_access_permissions.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/js/core/context.h" 6 | 7 | namespace ccf::js 8 | { 9 | enum class KVAccessPermissions 10 | { 11 | READ_WRITE, 12 | READ_ONLY, 13 | ILLEGAL 14 | }; 15 | } 16 | -------------------------------------------------------------------------------- /include/ccf/js/namespace_restrictions.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/js/kv_access_permissions.h" 6 | 7 | #include 8 | #include 9 | 10 | namespace ccf::js 11 | { 12 | // A function which calculates some access permission based on the given map 13 | // name. Should also populate an explanation, which can be included in error 14 | // messages if disallowed methods are accessed. 15 | using NamespaceRestriction = std::function; 17 | } -------------------------------------------------------------------------------- /include/ccf/kv/abstract_handle.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | namespace ccf::kv 6 | { 7 | class AbstractHandle 8 | { 9 | public: 10 | virtual ~AbstractHandle() = default; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /include/ccf/kv/get_name.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include 6 | 7 | namespace ccf::kv 8 | { 9 | struct GetName 10 | { 11 | protected: 12 | std::string name; 13 | 14 | public: 15 | GetName(const std::string& s) : name(s) {} 16 | virtual ~GetName() = default; 17 | 18 | const std::string& get_name() const 19 | { 20 | return name; 21 | } 22 | }; 23 | } 24 | -------------------------------------------------------------------------------- /include/ccf/kv/read_only_store.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/tx.h" 6 | #include "ccf/tx_id.h" 7 | 8 | #include 9 | 10 | namespace ccf::kv 11 | { 12 | class ReadOnlyStore 13 | { 14 | public: 15 | virtual ~ReadOnlyStore() = default; 16 | 17 | virtual ccf::TxID get_txid() = 0; 18 | virtual ccf::kv::ReadOnlyTx create_read_only_tx() = 0; 19 | virtual std::unique_ptr create_read_only_tx_ptr() = 0; 20 | virtual ccf::kv::TxDiff create_tx_diff() = 0; 21 | }; 22 | 23 | using ReadOnlyStorePtr = std::shared_ptr; 24 | } -------------------------------------------------------------------------------- /include/ccf/kv/serialisers/serialised_entry.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | #include "ccf/byte_vector.h" 5 | 6 | namespace ccf::kv::serialisers 7 | { 8 | using SerialisedEntry = ccf::ByteVector; 9 | } 10 | -------------------------------------------------------------------------------- /include/ccf/kv/untyped.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/kv/hooks.h" 6 | #include "ccf/kv/serialisers/serialised_entry.h" 7 | 8 | #include 9 | #include 10 | 11 | namespace ccf::kv::untyped 12 | { 13 | // nullopt values represent deletions 14 | using Write = std::map< 15 | ccf::kv::serialisers::SerialisedEntry, 16 | std::optional>; 17 | 18 | using CommitHook = ccf::kv::CommitHook; 19 | using MapHook = ccf::kv::MapHook; 20 | } -------------------------------------------------------------------------------- /include/ccf/kv/version.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | namespace ccf::kv 6 | { 7 | // Version indexes modifications to the local kv store. 8 | using Version = uint64_t; 9 | static constexpr Version NoVersion = 0u; 10 | } 11 | -------------------------------------------------------------------------------- /include/ccf/network_identity_interface.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/node_subsystem_interface.h" 6 | 7 | #include 8 | #include 9 | #include 10 | 11 | namespace ccf 12 | { 13 | struct NetworkIdentity; 14 | 15 | class NetworkIdentitySubsystemInterface : public ccf::AbstractNodeSubSystem 16 | { 17 | public: 18 | virtual ~NetworkIdentitySubsystemInterface() = default; 19 | 20 | static char const* get_subsystem_name() 21 | { 22 | return "NetworkIdentity"; 23 | } 24 | 25 | virtual const std::unique_ptr& get() = 0; 26 | }; 27 | } 28 | -------------------------------------------------------------------------------- /include/ccf/node/cose_signatures_config.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/ds/json.h" 6 | 7 | #include 8 | 9 | namespace ccf 10 | { 11 | struct COSESignaturesConfig 12 | { 13 | std::string issuer = ""; 14 | std::string subject = ""; 15 | 16 | bool operator==(const COSESignaturesConfig& other) const = default; 17 | }; 18 | 19 | DECLARE_JSON_TYPE(COSESignaturesConfig); 20 | DECLARE_JSON_REQUIRED_FIELDS(COSESignaturesConfig, issuer, subject); 21 | } 22 | -------------------------------------------------------------------------------- /include/ccf/node/host_processes_interface.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/node_subsystem_interface.h" 6 | 7 | #include 8 | #include 9 | 10 | namespace ccf 11 | { 12 | class AbstractHostProcesses : public ccf::AbstractNodeSubSystem 13 | { 14 | public: 15 | virtual ~AbstractHostProcesses() = default; 16 | 17 | static char const* get_subsystem_name() 18 | { 19 | return "HostProcesses"; 20 | } 21 | 22 | virtual void trigger_host_process_launch( 23 | const std::vector& args, 24 | const std::vector& input = {}) = 0; 25 | }; 26 | } 27 | -------------------------------------------------------------------------------- /include/ccf/node/session.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include 6 | #include 7 | 8 | namespace ccf 9 | { 10 | class Session 11 | { 12 | public: 13 | virtual ~Session() = default; 14 | 15 | virtual void handle_incoming_data(std::span data) = 0; 16 | virtual void send_data(std::span data) = 0; 17 | virtual void close_session() = 0; 18 | }; 19 | } -------------------------------------------------------------------------------- /include/ccf/node_subsystem_interface.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | namespace ccf 6 | { 7 | class AbstractNodeSubSystem 8 | { 9 | public: 10 | virtual ~AbstractNodeSubSystem() = default; 11 | 12 | // Must contain a static function with signature: 13 | // static char const* get_subsystem_name() 14 | }; 15 | } 16 | -------------------------------------------------------------------------------- /include/ccf/pal/locking.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #if !defined(INSIDE_ENCLAVE) || defined(VIRTUAL_ENCLAVE) 6 | # include 7 | #else 8 | # include 9 | # include // For oe_lfence 10 | #endif 11 | 12 | namespace ccf::pal 13 | { 14 | /** 15 | * Virtual enclaves and the host code share the same PAL. 16 | */ 17 | using Mutex = std::mutex; 18 | } -------------------------------------------------------------------------------- /include/ccf/redirect.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/http_status.h" 6 | 7 | namespace ccf 8 | { 9 | struct RedirectDetails 10 | { 11 | http_status status; 12 | }; 13 | } -------------------------------------------------------------------------------- /include/ccf/research/create_tx_claims_digest.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include 6 | #include 7 | 8 | namespace ccf 9 | { 10 | /** Can be optionally implemented by the application to set the claims digest 11 | * for the initial network create transaction. 12 | * 13 | * @return an optional claims digest 14 | */ 15 | std::optional get_create_tx_claims_digest( 16 | ccf::kv::ReadOnlyTx& tx) 17 | } 18 | -------------------------------------------------------------------------------- /include/ccf/rpc_exception.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/odata_error.h" 6 | 7 | #include 8 | #include 9 | 10 | namespace ccf 11 | { 12 | struct RpcException : public std::exception 13 | { 14 | ErrorDetails error; 15 | 16 | RpcException( 17 | ccf::http_status status, const std::string& code, std::string&& msg) : 18 | error{status, code, std::move(msg)} 19 | {} 20 | 21 | const char* what() const throw() override 22 | { 23 | return error.msg.c_str(); 24 | } 25 | }; 26 | } -------------------------------------------------------------------------------- /include/ccf/seq_no_collection.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/ds/contiguous_set.h" 6 | #include "ccf/tx_id.h" 7 | 8 | namespace ccf 9 | { 10 | using SeqNoCollection = ccf::ds::ContiguousSet; 11 | } 12 | -------------------------------------------------------------------------------- /include/ccf/service/blit_serialiser_pem.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/crypto/pem.h" 6 | #include "ccf/kv/serialisers/blit_serialiser.h" 7 | 8 | namespace ccf::kv::serialisers 9 | { 10 | template <> 11 | struct BlitSerialiser 12 | { 13 | static SerialisedEntry to_serialised(const ccf::crypto::Pem& pem) 14 | { 15 | const auto& data = pem.raw(); 16 | return SerialisedEntry(data.begin(), data.end()); 17 | } 18 | 19 | static ccf::crypto::Pem from_serialised(const SerialisedEntry& data) 20 | { 21 | return ccf::crypto::Pem(data.data(), data.size()); 22 | } 23 | }; 24 | } -------------------------------------------------------------------------------- /include/ccf/service/code_status.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/ds/hex.h" 6 | #include "ccf/ds/json.h" 7 | #include "ccf/pal/measurement.h" 8 | 9 | namespace ccf 10 | { 11 | enum class CodeStatus 12 | { 13 | ALLOWED_TO_JOIN = 0 14 | }; 15 | DECLARE_JSON_ENUM( 16 | CodeStatus, {{CodeStatus::ALLOWED_TO_JOIN, "AllowedToJoin"}}); 17 | } -------------------------------------------------------------------------------- /include/ccf/service/consensus_config.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/ds/unit_strings.h" 6 | #include "ccf/service/consensus_type.h" 7 | 8 | namespace ccf::consensus 9 | { 10 | struct Configuration 11 | { 12 | ccf::ds::TimeString message_timeout = {"100ms"}; 13 | ccf::ds::TimeString election_timeout = {"5000ms"}; 14 | size_t max_uncommitted_tx_count = 10000; 15 | 16 | bool operator==(const Configuration&) const = default; 17 | bool operator!=(const Configuration&) const = default; 18 | }; 19 | } 20 | -------------------------------------------------------------------------------- /include/ccf/service/consensus_type.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/ds/json.h" 6 | 7 | namespace ccf 8 | { 9 | enum ConsensusType 10 | { 11 | CFT = 0, 12 | BFT = 1 13 | }; 14 | 15 | DECLARE_JSON_ENUM( 16 | ConsensusType, {{ConsensusType::CFT, "CFT"}, {ConsensusType::BFT, "BFT"}}) 17 | } 18 | -------------------------------------------------------------------------------- /include/ccf/service/reconfiguration_type.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/ds/json.h" 6 | 7 | namespace ccf 8 | { 9 | enum ReconfigurationType 10 | { 11 | ONE_TRANSACTION = 0, 12 | TWO_TRANSACTION = 1 13 | }; 14 | 15 | DECLARE_JSON_ENUM( 16 | ReconfigurationType, 17 | {{ReconfigurationType::ONE_TRANSACTION, "OneTransaction"}, 18 | {ReconfigurationType::TWO_TRANSACTION, "TwoTransaction"}}) 19 | } 20 | -------------------------------------------------------------------------------- /include/ccf/service/tables/acme_certificates.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/crypto/pem.h" 6 | #include "ccf/ds/json.h" 7 | #include "ccf/service/map.h" 8 | 9 | namespace ccf 10 | { 11 | // Maps each interface name to a certificate 12 | using ACMECertificates = ServiceMap; 13 | 14 | namespace Tables 15 | { 16 | static constexpr auto ACME_CERTIFICATES = 17 | "public:ccf.gov.service.acme_certificates"; 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /include/ccf/service/tables/cert_bundles.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/service/map.h" 6 | 7 | namespace ccf 8 | { 9 | using CACertBundlePEMs = ServiceMap; 10 | namespace Tables 11 | { 12 | static constexpr auto CA_CERT_BUNDLE_PEMS = 13 | "public:ccf.gov.tls.ca_cert_bundles"; 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /include/ccf/service/tables/code_id.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/pal/measurement.h" 6 | #include "ccf/service/code_status.h" 7 | #include "ccf/service/map.h" 8 | 9 | namespace ccf 10 | { 11 | using CodeIDs = ServiceMap; 12 | 13 | namespace Tables 14 | { 15 | // Note: Only used for SGX 16 | static constexpr auto NODE_CODE_IDS = "public:ccf.gov.nodes.code_ids"; 17 | } 18 | } -------------------------------------------------------------------------------- /include/ccf/service/tables/constitution.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/service/map.h" 6 | 7 | namespace ccf 8 | { 9 | using Constitution = ServiceValue; 10 | namespace Tables 11 | { 12 | static constexpr auto CONSTITUTION = "public:ccf.gov.constitution"; 13 | } 14 | } -------------------------------------------------------------------------------- /include/ccf/service/tables/snp_measurements.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/pal/measurement.h" 6 | #include "ccf/service/code_status.h" 7 | #include "ccf/service/map.h" 8 | 9 | namespace ccf 10 | { 11 | using SnpMeasurements = 12 | ServiceMap; 13 | 14 | namespace Tables 15 | { 16 | static constexpr auto NODE_SNP_MEASUREMENTS = 17 | "public:ccf.gov.nodes.snp.measurements"; 18 | } 19 | } -------------------------------------------------------------------------------- /include/ccf/service/tables/tcb_verification.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/ds/json.h" 6 | #include "ccf/pal/attestation_sev_snp.h" 7 | #include "ccf/service/map.h" 8 | 9 | namespace ccf 10 | { 11 | using SnpTcbVersionMap = ServiceMap; 12 | 13 | namespace Tables 14 | { 15 | static constexpr auto SNP_TCB_VERSIONS = 16 | "public:ccf.gov.nodes.snp.tcb_versions"; 17 | } 18 | } -------------------------------------------------------------------------------- /include/ccf/service/tables/virtual_measurements.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/pal/measurement.h" 6 | #include "ccf/service/code_status.h" 7 | #include "ccf/service/map.h" 8 | 9 | namespace ccf 10 | { 11 | using VirtualMeasurements = 12 | ServiceMap; 13 | 14 | namespace Tables 15 | { 16 | static constexpr auto NODE_VIRTUAL_MEASUREMENTS = 17 | "public:ccf.gov.nodes.virtual.measurements"; 18 | } 19 | } -------------------------------------------------------------------------------- /include/ccf/threading/thread_ids.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #define FMT_HEADER_ONLY 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | 13 | namespace ccf::threading 14 | { 15 | // Assign monotonic thread IDs for display + storage 16 | using ThreadID = uint16_t; 17 | static constexpr ThreadID invalid_thread_id = 18 | std::numeric_limits::max(); 19 | 20 | static constexpr ThreadID MAIN_THREAD_ID = 0; 21 | 22 | uint16_t get_current_thread_id(); 23 | void reset_thread_id_generator(); 24 | } -------------------------------------------------------------------------------- /js/ccf-app/.gitignore: -------------------------------------------------------------------------------- 1 | /*.tgz 2 | /*.d.ts 3 | /*.js 4 | /html 5 | /scripts -------------------------------------------------------------------------------- /js/ccf-app/README.md: -------------------------------------------------------------------------------- 1 | # ccf-app 2 | 3 | ccf-app is a support package for developing [CCF](https://github.com/microsoft/CCF) JavaScript or TypeScript apps. It is published as [@microsoft/ccf-app](https://www.npmjs.com/package/@microsoft/ccf-app) on npm. 4 | 5 | The package exposes commonly used functionality of CCF in high-level APIs, 6 | for example, Key-Value Store access, cryptography, and data type converters. 7 | Usage of the package is not required but recommended. 8 | 9 | TypeScript definitions are supplied with the package, but it can also be used for JavaScript projects. 10 | -------------------------------------------------------------------------------- /js/ccf-app/doc/theme/helpers/versions.sample.json: -------------------------------------------------------------------------------- 1 | { 2 | "1": { 3 | "name": "main", 4 | "source": "branches" 5 | }, 6 | "2": { 7 | "name": "ccf-0.19.1", 8 | "source": "tags" 9 | }, 10 | "3": { 11 | "name": "ccf-0.19.2", 12 | "source": "tags" 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /js/ccf-app/src/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | 4 | /** 5 | * This module exports the main API giving access to common functionality 6 | * in a flat namespace. 7 | * 8 | * Any modules not re-exported here have to be explicitly imported. 9 | * This is the case for advanced functionality like cryptography. 10 | * 11 | * ``` 12 | * import * as ccfapp from '@microsoft/ccf-app'; 13 | * ``` 14 | * 15 | * @module ROOT 16 | */ 17 | 18 | export * from "./kv.js"; 19 | export * from "./converters.js"; 20 | export * from "./consensus.js"; 21 | export * from "./historical.js"; 22 | export * from "./endpoints.js"; 23 | -------------------------------------------------------------------------------- /js/ccf-app/src/snp_attestation.ts: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | 4 | /** 5 | * The `snp_attestation` module provides SNP Attestation Validation. 6 | * 7 | * @module 8 | */ 9 | 10 | import { snp_attestation } from "./global"; 11 | 12 | /** 13 | * @inheritDoc global!SnpAttestation.verifySnpAttestation 14 | */ 15 | export const verifySnpAttestation = snp_attestation.verifySnpAttestation; 16 | -------------------------------------------------------------------------------- /js/ccf-app/test/tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "extends": "../tsconfig.json", 3 | "compilerOptions": { 4 | "rootDir": ".." 5 | }, 6 | "include": ["./**/*"] 7 | } 8 | -------------------------------------------------------------------------------- /js/ccf-app/tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "target": "ES2020", 4 | "module": "ES2020", 5 | "moduleResolution": "node", 6 | "esModuleInterop": true, 7 | "resolveJsonModule": true, 8 | "allowJs": true, 9 | "lib": ["ES2020"], 10 | "declaration": true, 11 | "strict": true, 12 | "rootDir": "src", 13 | "outDir": "." 14 | }, 15 | "include": ["src"], 16 | "exclude": [] 17 | } 18 | -------------------------------------------------------------------------------- /js/ccf-app/typedoc.json: -------------------------------------------------------------------------------- 1 | { 2 | "entryPoints": [ 3 | "src/index.ts", 4 | "src/consensus.ts", 5 | "src/converters.ts", 6 | "src/crypto.ts", 7 | "src/endpoints.ts", 8 | "src/global.ts", 9 | "src/historical.ts", 10 | "src/kv.ts", 11 | "src/polyfill.ts", 12 | "src/snp_attestation.ts" 13 | ], 14 | "out": "html", 15 | "theme": "default", 16 | "categorizeByGroup": false, 17 | "validation": { 18 | "invalidLink": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /python/README.md: -------------------------------------------------------------------------------- 1 | # CCF Python 2 | 3 | Suite of Python tools for the Confidential Consortium Framework (CCF). 4 | 5 | For more information, please find the CCF documentation at https://microsoft.github.io/CCF. 6 | 7 | Package sources are available at https://github.com/microsoft/CCF/tree/main/python. 8 | -------------------------------------------------------------------------------- /python/src/ccf/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | -------------------------------------------------------------------------------- /python/src/ccf/py.typed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/python/src/ccf/py.typed -------------------------------------------------------------------------------- /samples/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # Add Logging app 2 | add_subdirectory(${CMAKE_CURRENT_LIST_DIR}/apps/logging) 3 | 4 | # Add Basic app 5 | add_subdirectory(${CMAKE_CURRENT_LIST_DIR}/apps/basic) 6 | 7 | # Add NoBuiltins app 8 | add_subdirectory(${CMAKE_CURRENT_LIST_DIR}/apps/nobuiltins) 9 | 10 | # Add Programmability app 11 | add_subdirectory(${CMAKE_CURRENT_LIST_DIR}/apps/programmability) 12 | -------------------------------------------------------------------------------- /samples/apps/basic/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | 4 | cmake_minimum_required(VERSION 3.16) 5 | 6 | project(basic LANGUAGES C CXX) 7 | 8 | set(CCF_PROJECT "ccf_${COMPILE_TARGET}") 9 | 10 | if(NOT TARGET "ccf") 11 | find_package(${CCF_PROJECT} REQUIRED) 12 | endif() 13 | 14 | add_ccf_app(basic SRCS basic.cpp) 15 | -------------------------------------------------------------------------------- /samples/apps/basic_tv/js/app.json: -------------------------------------------------------------------------------- 1 | { 2 | "endpoints": { 3 | "/records/{key}": { 4 | "get": { 5 | "js_module": "basic.js", 6 | "js_function": "get_record", 7 | "forwarding_required": "always", 8 | "authn_policies": ["no_auth"], 9 | "mode": "readonly", 10 | "openapi": {} 11 | }, 12 | "put": { 13 | "js_module": "basic.js", 14 | "js_function": "put_record", 15 | "forwarding_required": "always", 16 | "authn_policies": ["no_auth"], 17 | "mode": "readwrite", 18 | "openapi": {} 19 | } 20 | } 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /samples/apps/logging/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | 4 | cmake_minimum_required(VERSION 3.16) 5 | 6 | project(logging LANGUAGES C CXX) 7 | 8 | set(CCF_PROJECT "ccf_${COMPILE_TARGET}") 9 | 10 | if(NOT TARGET "ccf") 11 | find_package(${CCF_PROJECT} REQUIRED) 12 | endif() 13 | 14 | add_ccf_app(logging SRCS logging.cpp create_tx_claims_digest.cpp) 15 | -------------------------------------------------------------------------------- /samples/apps/logging/create_tx_claims_digest.cpp: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | namespace ccf 9 | { 10 | std::optional get_create_tx_claims_digest( 11 | ccf::kv::ReadOnlyTx& tx) 12 | { 13 | auto constitution = 14 | tx.ro(ccf::Tables::CONSTITUTION)->get(); 15 | if (!constitution.has_value()) 16 | { 17 | throw std::logic_error("Constitution is missing"); 18 | } 19 | return ccf::ClaimsDigest::Digest(constitution.value()); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /samples/apps/nobuiltins/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | 4 | cmake_minimum_required(VERSION 3.16) 5 | 6 | project(nobuiltins LANGUAGES C CXX) 7 | 8 | set(CCF_PROJECT "ccf_${COMPILE_TARGET}") 9 | 10 | if(NOT TARGET "ccf") 11 | find_package(${CCF_PROJECT} REQUIRED) 12 | endif() 13 | 14 | add_ccf_app(nobuiltins SRCS nobuiltins.cpp) 15 | -------------------------------------------------------------------------------- /samples/apps/programmability/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | 4 | cmake_minimum_required(VERSION 3.16) 5 | 6 | project(programmability LANGUAGES C CXX) 7 | 8 | set(CCF_PROJECT "ccf_${COMPILE_TARGET}") 9 | 10 | if(NOT TARGET "ccf") 11 | find_package(${CCF_PROJECT} REQUIRED) 12 | endif() 13 | 14 | add_ccf_app(programmability SRCS programmability.cpp) 15 | -------------------------------------------------------------------------------- /samples/constitutions/default/apply.js: -------------------------------------------------------------------------------- 1 | export function apply(proposal, proposalId) { 2 | const proposed_actions = JSON.parse(proposal)["actions"]; 3 | for (const proposed_action of proposed_actions) { 4 | const definition = actions.get(proposed_action.name); 5 | definition.apply(proposed_action.args, proposalId); 6 | } 7 | } 8 | -------------------------------------------------------------------------------- /samples/constitutions/default/resolve.js: -------------------------------------------------------------------------------- 1 | export function resolve(proposal, proposerId, votes) { 2 | const memberVoteCount = votes.filter((v) => v.vote).length; 3 | 4 | let activeMemberCount = 0; 5 | ccf.kv["public:ccf.gov.members.info"].forEach((v) => { 6 | const info = ccf.bufToJsonCompatible(v); 7 | if (info.status === "Active") { 8 | activeMemberCount++; 9 | } 10 | }); 11 | 12 | // A majority of members can accept a proposal. 13 | if (memberVoteCount > Math.floor(activeMemberCount / 2)) { 14 | return "Accepted"; 15 | } 16 | 17 | return "Open"; 18 | } 19 | -------------------------------------------------------------------------------- /samples/constitutions/default/validate.js: -------------------------------------------------------------------------------- 1 | export function validate(input) { 2 | let proposal = JSON.parse(input); 3 | let errors = []; 4 | let position = 0; 5 | for (const action of proposal["actions"]) { 6 | const definition = actions.get(action.name); 7 | if (definition) { 8 | try { 9 | definition.validate(action.args); 10 | } catch (e) { 11 | errors.push( 12 | `${action.name} at position ${position} failed validation: ${e}\n${e.stack}`, 13 | ); 14 | } 15 | } else { 16 | errors.push(`${action.name}: no such action`); 17 | } 18 | position++; 19 | } 20 | return { valid: errors.length === 0, description: errors.join(", ") }; 21 | } 22 | -------------------------------------------------------------------------------- /samples/constitutions/sandbox/resolve.js: -------------------------------------------------------------------------------- 1 | export function resolve(proposal, proposerId, votes) { 2 | // The constitution in a real CCF application deployment would at least 3 | // count votes and compare to a threshold of active members, but in the sandbox sample, 4 | // all votes pass automatically. 5 | 6 | return "Accepted"; 7 | } 8 | -------------------------------------------------------------------------------- /samples/scripts/snpinfo.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the Apache 2.0 License. 4 | 5 | set +e 6 | 7 | # Path to the SEV guest device on patched 5.x kernels 8 | AMD_SEV_DEVICE="/dev/sev" 9 | # Path to the SEV guest device from 6.0 onwards 10 | # https://www.kernel.org/doc/html/v6.0/virt/coco/sev-guest.html 11 | AMD_SEV_GUEST_DEVICE="/dev/sev-guest" 12 | 13 | echo "AMD SEV-SNP DEVICE:" 14 | if test -c "$AMD_SEV_DEVICE"; then 15 | echo "$AMD_SEV_DEVICE detected." 16 | elif test -c "$AMD_SEV_GUEST_DEVICE"; then 17 | echo "$AMD_SEV_GUEST_DEVICE detected." 18 | else 19 | echo "Neither $AMD_SEV_DEVICE, nor $AMD_SEV_GUEST_DEVICE detected." 20 | fi -------------------------------------------------------------------------------- /samples/templates/ballot.json.jinja: -------------------------------------------------------------------------------- 1 | { 2 | "ballot": {% filter tojson %}{% include "ballot_script.js.jinja" %}{% endfilter %} 3 | } -------------------------------------------------------------------------------- /samples/templates/proposals.json.jinja: -------------------------------------------------------------------------------- 1 | {%- from "macros.jinja" import json_encode as json_encode -%} 2 | { 3 | "actions": [ 4 | {% for action in actions %} { 5 | "name": "{{ action.name }}"{% if action.args is defined and action.args is mapping %}, 6 | "args": { 7 | {% for arg_name, arg_value in action.args.items() %} {{ arg_name|tojson }}: {{ json_encode(arg_value) }}{% if not loop.last %}, 8 | {% endif %}{% endfor %} 9 | }{% endif %} 10 | }{% if not loop.last %}, 11 | {% endif %}{% endfor %} 12 | ] 13 | } 14 | -------------------------------------------------------------------------------- /samples/templates/set_user_proposal.json.jinja: -------------------------------------------------------------------------------- 1 | { 2 | "actions": [ 3 | { 4 | "name": "set_user", 5 | "args": { 6 | "cert": {% filter tojson %}{% include cert %}{% endfilter %} 7 | } 8 | } 9 | ] 10 | } 11 | -------------------------------------------------------------------------------- /scripts/check-todo.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the Apache 2.0 License. 4 | 5 | set -u 6 | 7 | if [ "$#" -eq 0 ]; then 8 | echo "check-todo.sh takes at least one file or directory" 9 | exit 1 10 | fi 11 | 12 | DENYLIST="TODO FIXME" 13 | STATUS=0 14 | 15 | for DENYTERM in $DENYLIST; do 16 | FOUND=$(git ls-files ":!:3rdparty" ":!:.github/ISSUE_TEMPLATE" ":!:scripts/ci-checks.sh" ":!:scripts/check-todo.sh" ":!:Doxyfile" "$@" | xargs grep -n "$DENYTERM") 17 | 18 | if [ "$FOUND" == "" ]; then 19 | echo "No ${DENYTERM}s found" 20 | else 21 | echo "$FOUND" 22 | STATUS=1 23 | fi 24 | done 25 | 26 | exit $STATUS 27 | -------------------------------------------------------------------------------- /scripts/requirements.txt: -------------------------------------------------------------------------------- 1 | cryptography==44.0.2 2 | httpx==0.28.1 -------------------------------------------------------------------------------- /scripts/scan-build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the Apache 2.0 License. 4 | 5 | CLANG_VERSION=18 6 | 7 | export CCC_CC="clang-$CLANG_VERSION" 8 | export CCC_CXX="clang++-$CLANG_VERSION" 9 | 10 | SCAN="scan-build-$CLANG_VERSION --exclude 3rdparty --exclude test" 11 | 12 | # Fails on the current build of clang, because of false positives in doctest, WIP 13 | $SCAN ninja || true -------------------------------------------------------------------------------- /scripts/setup-dev.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the Apache 2.0 License. 4 | 5 | set -ex 6 | 7 | tdnf -y install \ 8 | vim \ 9 | clang-tools-extra \ 10 | python-pip 11 | 12 | # For LTS test to extract binaries from rpms 13 | tdnf -y install cpio 14 | 15 | pip install cmakelang 16 | 17 | # For shellcheck 18 | curl -L https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.linux.x86_64.tar.xz \ 19 | --output shellcheck.tar.gz 20 | mkdir -p shellcheck-dir 21 | tar -xvf shellcheck.tar.gz -C shellcheck-dir 22 | mv shellcheck-dir/shellcheck-stable/shellcheck /usr/local/bin/shellcheck 23 | rm -rf shellcheck-dir shellcheck.tar.gz 24 | -------------------------------------------------------------------------------- /src/apps/js_generic/js_generic.cpp: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | 4 | #include "ccf/app_interface.h" 5 | #include "ccf/js/samples/governance_driven_registry.h" 6 | 7 | namespace ccf 8 | { 9 | std::unique_ptr make_user_endpoints( 10 | ccf::AbstractNodeContext& context) 11 | { 12 | return std::make_unique(context); 13 | } 14 | 15 | } // namespace ccf 16 | -------------------------------------------------------------------------------- /src/apps/tpcc/tests/tpcc.py: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | import infra.perfclient 4 | import sys 5 | import os 6 | 7 | if __name__ == "__main__": 8 | 9 | args, unknown_args = infra.perfclient.cli_args(accept_unknown=True) 10 | 11 | unknown_args = [term for arg in unknown_args for term in arg.split(" ")] 12 | 13 | def get_command(*common_args): 14 | return [*common_args] + unknown_args 15 | 16 | args.package = "libtpcc" 17 | infra.perfclient.run(get_command, args) 18 | -------------------------------------------------------------------------------- /src/common/version.h.in: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include 6 | 7 | namespace ccf 8 | { 9 | // clang-format off 10 | 11 | // 12 | // @CMAKE_GENERATED_COMMENT@ 13 | // 14 | 15 | static constexpr auto ccf_version = "@CCF_VERSION@"; 16 | static constexpr auto quickjs_version = "@QUICKJS_VERSION@"; 17 | 18 | // clang-format on 19 | } -------------------------------------------------------------------------------- /src/crypto/README.md: -------------------------------------------------------------------------------- 1 | # Crypto 2 | 3 | This directory implements several cryptography helper types. The only directory 4 | it should depend on is `ds`. 5 | -------------------------------------------------------------------------------- /src/crypto/entropy.cpp: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | 4 | #include "ccf/crypto/entropy.h" 5 | 6 | #include "openssl/entropy.h" 7 | 8 | namespace ccf::crypto 9 | { 10 | EntropyPtr get_entropy() 11 | { 12 | return std::make_shared(); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /src/ds/README.md: -------------------------------------------------------------------------------- 1 | # Data Structures 2 | 3 | This directory contains data structures and utilities used by the rest of the code. No files 4 | in this directory should include files from any other directory. 5 | -------------------------------------------------------------------------------- /src/enclave/enclave_time.cpp: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #include "enclave/enclave_time.h" 4 | 5 | namespace ccf::enclavetime 6 | { 7 | std::atomic* host_time_us = nullptr; 8 | std::atomic last_value( 9 | std::chrono::microseconds(0)); 10 | } -------------------------------------------------------------------------------- /src/enclave/thread_local.cpp: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #include "ccf/threading/thread_ids.h" 4 | 5 | namespace ccf::threading 6 | { 7 | static std::atomic next_thread_id = MAIN_THREAD_ID; 8 | 9 | uint16_t get_current_thread_id() 10 | { 11 | thread_local ThreadID this_thread_id = next_thread_id.fetch_add(1); 12 | return this_thread_id; 13 | } 14 | 15 | void reset_thread_id_generator() 16 | { 17 | next_thread_id.store(MAIN_THREAD_ID); 18 | } 19 | } -------------------------------------------------------------------------------- /src/endpoints/authentication/empty_auth.cpp: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | 4 | #include "ccf/endpoints/authentication/empty_auth.h" 5 | 6 | namespace ccf 7 | { 8 | std::unique_ptr EmptyAuthnPolicy::authenticate( 9 | ccf::kv::ReadOnlyTx&, const std::shared_ptr&, std::string&) 10 | { 11 | return std::make_unique(); 12 | } 13 | 14 | void EmptyAuthnPolicy::set_unauthenticated_error( 15 | std::shared_ptr, std::string&&) 16 | { 17 | throw std::logic_error("Should not happen"); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /src/endpoints/endpoint_utils.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | 4 | #pragma once 5 | 6 | #include 7 | 8 | namespace ccf::endpoints 9 | { 10 | std::string camel_case( 11 | std::string s, 12 | // Should the first character be upper-cased? 13 | bool camel_first = true, 14 | // Regex fragment to identify which characters should be upper-cased, by 15 | // matching a separator preceding them. Default is to match any 16 | // non-alphanumeric character 17 | const std::string& separator_regex = "[^[:alnum:]]"); 18 | } -------------------------------------------------------------------------------- /src/host/config_schema.h.in: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include 6 | 7 | namespace host 8 | { 9 | // clang-format off 10 | 11 | // 12 | // @CMAKE_GENERATED_COMMENT@ 13 | // 14 | 15 | static constexpr auto host_config_schema = R"!!!(@HOST_CONFIG_SCHEMA@)!!!"; 16 | 17 | // clang-format on 18 | } -------------------------------------------------------------------------------- /src/host/env.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include 6 | 7 | namespace ccf::env 8 | { 9 | std::string expand_envvar(const std::string& str); 10 | 11 | std::string expand_envvars_in_path(const std::string& str); 12 | } 13 | -------------------------------------------------------------------------------- /src/host/snmalloc.cpp: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | // NOLINTBEGIN 4 | #define NO_BOOTSTRAP_ALLOCATOR 5 | #define SNMALLOC_USE_WAIT_ON_ADDRESS 0 6 | 7 | #ifndef NDEBUG 8 | # define NDEBUG 9 | #endif 10 | 11 | #include "snmalloc/src/snmalloc/override/malloc.cc" 12 | #include "snmalloc/src/snmalloc/override/new.cc" 13 | // NOLINTEND -------------------------------------------------------------------------------- /src/http/error_reporter.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | namespace http 6 | { 7 | class ErrorReporter 8 | { 9 | public: 10 | virtual ~ErrorReporter() {} 11 | virtual void report_parsing_error(const ccf::ListenInterfaceID&) = 0; 12 | virtual void report_request_payload_too_large_error( 13 | const ccf::ListenInterfaceID&) = 0; 14 | virtual void report_request_header_too_large_error( 15 | const ccf::ListenInterfaceID&) = 0; 16 | }; 17 | } -------------------------------------------------------------------------------- /src/indexing/transaction_fetcher_interface.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/seq_no_collection.h" 6 | #include "ccf/tx_id.h" 7 | 8 | namespace ccf::indexing 9 | { 10 | class TransactionFetcher 11 | { 12 | public: 13 | virtual ~TransactionFetcher() = default; 14 | 15 | virtual ccf::kv::ReadOnlyStorePtr deserialise_transaction( 16 | ccf::SeqNo seqno, const uint8_t* data, size_t size) = 0; 17 | 18 | virtual std::vector fetch_transactions( 19 | const SeqNoCollection& seqnos) = 0; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /src/js/checks.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #define JS_CHECK_EXC(val) \ 6 | do \ 7 | { \ 8 | if (val.is_exception()) \ 9 | { \ 10 | return val.take(); \ 11 | } \ 12 | } while (0) 13 | 14 | #define JS_CHECK_SET(val) \ 15 | do \ 16 | { \ 17 | if (val != 1) \ 18 | { \ 19 | return ccf::js::core::constants::Exception; \ 20 | } \ 21 | } while (0) 22 | -------------------------------------------------------------------------------- /src/js/core/README.md: -------------------------------------------------------------------------------- 1 | C++ API around QuickJS, with lifetime management wrappers. 2 | -------------------------------------------------------------------------------- /src/js/global_class_ids.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include 6 | 7 | namespace ccf::js 8 | { 9 | extern JSClassID kv_class_id; 10 | extern JSClassID kv_historical_class_id; 11 | extern JSClassID kv_map_handle_class_id; 12 | extern JSClassID historical_state_class_id; 13 | 14 | extern JSClassDef kv_class_def; 15 | extern JSClassDef kv_historical_class_def; 16 | extern JSClassDef kv_map_handle_class_def; 17 | extern JSClassDef historical_state_class_def; 18 | 19 | // Not thread-safe, must happen exactly once 20 | void register_class_ids(); 21 | } 22 | -------------------------------------------------------------------------------- /src/kv/README.md: -------------------------------------------------------------------------------- 1 | # Transactional Key Value Store 2 | 3 | This directory implements a transactional key value store. The only directory 4 | it should depend on is `ds`. 5 | -------------------------------------------------------------------------------- /src/kv/compacted_version_conflict.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include 6 | 7 | namespace ccf::kv 8 | { 9 | class CompactedVersionConflict 10 | { 11 | private: 12 | std::string msg; 13 | 14 | public: 15 | CompactedVersionConflict(const std::string& s) : msg(s) {} 16 | 17 | char const* what() const 18 | { 19 | return msg.c_str(); 20 | } 21 | }; 22 | } 23 | -------------------------------------------------------------------------------- /src/kv/kv_serialiser.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | 4 | #pragma once 5 | 6 | #include "kv/raw_serialise.h" -------------------------------------------------------------------------------- /src/kv/version_v.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | namespace ccf::kv 6 | { 7 | using Version = uint64_t; 8 | 9 | template 10 | struct VersionV 11 | { 12 | Version version; 13 | Version read_version; 14 | V value; 15 | 16 | VersionV() : 17 | version(std::numeric_limits::min()), 18 | read_version(std::numeric_limits::min()) 19 | {} 20 | 21 | VersionV(Version ver, Version read_ver, V val) : 22 | version(ver), 23 | read_version(read_ver), 24 | value(val) 25 | {} 26 | }; 27 | } -------------------------------------------------------------------------------- /src/node/gov/handlers/README.md: -------------------------------------------------------------------------------- 1 | This folder mirrors the structure and content of the TypeSpec API: 2 | https://github.com/Azure/azure-rest-api-specs/tree/main/specification/confidentialledger/Microsoft.ManagedCcf 3 | 4 | This contains C++ implementations of each of the interfaces defined there. 5 | -------------------------------------------------------------------------------- /src/node/merklecpp_trace.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/ds/logger.h" 6 | 7 | // Use the CCF logging infrastructure for merklecpp traces. 8 | #define MERKLECPP_TRACE_ENABLED 9 | #define MERKLECPP_TRACE(X) \ 10 | { \ 11 | X; \ 12 | }; 13 | #define MERKLECPP_TOUT CCF_LOG_OUT(TRACE, "merkl") 14 | -------------------------------------------------------------------------------- /src/node/network_state.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "identity.h" 6 | #include "ledger_secrets.h" 7 | #include "service/network_tables.h" 8 | 9 | namespace ccf 10 | { 11 | struct NetworkState : public NetworkTables 12 | { 13 | std::unique_ptr identity; 14 | std::shared_ptr ledger_secrets; 15 | 16 | NetworkState() = default; 17 | }; 18 | } -------------------------------------------------------------------------------- /src/node/rpc/gov_logging.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/ds/logger.h" 6 | 7 | #define GOV_TRACE_FMT CCF_LOG_FMT(TRACE, "gov") 8 | #define GOV_DEBUG_FMT CCF_LOG_FMT(DEBUG, "gov") 9 | 10 | #define GOV_INFO_FMT CCF_LOG_FMT(INFO, "gov") 11 | #define GOV_FAIL_FMT CCF_LOG_FMT(FAIL, "gov") 12 | #define GOV_FATAL_FMT CCF_LOG_FMT(FATAL, "gov") -------------------------------------------------------------------------------- /src/node/rpc/host_processes.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/node/host_processes_interface.h" 6 | 7 | namespace ccf 8 | { 9 | class HostProcesses : public AbstractHostProcesses 10 | { 11 | protected: 12 | AbstractNodeState& impl; 13 | 14 | public: 15 | HostProcesses(AbstractNodeState& impl_) : impl(impl_) {} 16 | 17 | void trigger_host_process_launch( 18 | const std::vector& args, 19 | const std::vector& input) override 20 | { 21 | impl.trigger_host_process_launch(args, input); 22 | } 23 | }; 24 | } 25 | -------------------------------------------------------------------------------- /src/node/rpc/no_create_tx_claims_digest.cpp: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | 4 | #include 5 | 6 | namespace ccf 7 | { 8 | std::optional __attribute__((weak)) 9 | get_create_tx_claims_digest(ccf::kv::ReadOnlyTx& tx) 10 | { 11 | return std::nullopt; 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/quic/test/main.cpp: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | 4 | #define DOCTEST_CONFIG_IMPLEMENT_WITH_MAIN 5 | #include "tls/tls.h" 6 | 7 | #include 8 | #include 9 | 10 | using namespace std; 11 | using namespace ccf::crypto; 12 | 13 | TEST_CASE("check QUIC OpenSSL library call") 14 | { 15 | OpenSSL::Unique_SSL_CTX cfg(TLS_client_method()); 16 | OpenSSL::Unique_SSL ssl(cfg); 17 | SSL_QUIC_METHOD* quic; 18 | SSL_set_quic_method(ssl, quic); 19 | } -------------------------------------------------------------------------------- /src/san_common.suppressions: -------------------------------------------------------------------------------- 1 | ############################################################################# 2 | # Common Sanitizer suppressions. 3 | ############################################################################# 4 | 5 | ############################################################################# 6 | 7 | src:*/3rdparty/internal/sss/hazmat.c 8 | src:*/3rdparty/exported/quickjs/quickjs.c 9 | src:*/3rdparty/exported/quickjs/quickjs.h 10 | src:*/3rdparty/exported/quickjs/cutils.c 11 | src:*/3rdparty/exported/quickjs/cutils.h 12 | 13 | ############################################################################# 14 | -------------------------------------------------------------------------------- /src/service/tables/endpoints.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "ccf/endpoint.h" 6 | #include "ccf/service/map.h" 7 | 8 | namespace ccf 9 | { 10 | using DynamicEndpoints = 11 | ccf::ServiceMap; 12 | } -------------------------------------------------------------------------------- /src/tls/client.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | #pragma once 4 | 5 | #include "context.h" 6 | 7 | namespace tls 8 | { 9 | class Client : public ccf::tls::Context 10 | { 11 | private: 12 | std::shared_ptr cert; 13 | 14 | public: 15 | Client(std::shared_ptr cert_) : Context(true), cert(cert_) 16 | { 17 | cert->use(ssl, cfg); 18 | } 19 | }; 20 | } 21 | -------------------------------------------------------------------------------- /tests/ci/ccf_caci_ci: -------------------------------------------------------------------------------- 1 | FROM mcr.microsoft.com/azurelinux/base/core:3.0 2 | ENV DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=1 3 | RUN gpg --import /etc/pki/rpm-gpg/MICROSOFT-RPM-GPG-KEY 4 | RUN tdnf -y update 5 | RUN tdnf -y install ca-certificates git 6 | RUN tdnf -y install wget tar dotnet-sdk-8.0 7 | ENV RUNNER_ALLOW_RUNASROOT=true 8 | 9 | COPY scripts/setup-ci.sh /tmp/setup-ci.sh 10 | RUN chmod +x /tmp/setup-ci.sh 11 | RUN /tmp/setup-ci.sh -------------------------------------------------------------------------------- /tests/cleanup_iptables.py: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | import infra.partitions 4 | import sys 5 | 6 | from loguru import logger as LOG 7 | 8 | if __name__ == "__main__": 9 | LOG.remove() 10 | LOG.add( 11 | sys.stdout, 12 | format="[{time:HH:mm:ss.SSS}] {message}", 13 | ) 14 | 15 | if len(sys.argv) > 1 and sys.argv[1] in ["-d", "--dump"]: 16 | infra.partitions.Partitioner.dump() 17 | else: 18 | infra.partitions.Partitioner.dump() 19 | infra.partitions.Partitioner.cleanup() 20 | -------------------------------------------------------------------------------- /tests/connections.supp: -------------------------------------------------------------------------------- 1 | ############################################################################# 2 | 3 | # Sanitizer runtime suppressions. The undefined behavior sanitizer (specifically 4 | # the vptr check) produces spurious reports when we run out of file descriptors. 5 | # See https://reviews.llvm.org/D117793 for a more detailed description. 6 | 7 | vptr:snapshots.h 8 | vptr:locale 9 | vptr:streambuf 10 | vptr:ostream 11 | 12 | ############################################################################# 13 | -------------------------------------------------------------------------------- /tests/infra/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | -------------------------------------------------------------------------------- /tests/infra/common_config.ini: -------------------------------------------------------------------------------- 1 | ; Available options 2 | ;label 3 | ;host 4 | ;port 5 | cert = "user1_cert.pem" 6 | pk = "user1_privk.pem" 7 | ca = "service_cert.pem" 8 | 9 | ;transactions 10 | ;threads 11 | ;sessions 12 | ;batch-size 13 | ;max-writes-ahead 14 | 15 | ;latency-rounds 16 | verbose = 2 17 | 18 | ;sign = true 19 | ;no-create = true 20 | ;no-wait = true 21 | ;write-tx-times = true 22 | -------------------------------------------------------------------------------- /tests/infra/concurrency.py: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | 4 | import threading 5 | 6 | 7 | class StoppableThread(threading.Thread): 8 | def __init__(self, *args, **kwargs): 9 | super().__init__(*args, **kwargs) 10 | self.daemon = True 11 | self._stop_event = threading.Event() 12 | 13 | def stop(self): 14 | self._stop_event.set() 15 | 16 | def is_stopped(self): 17 | return self._stop_event.is_set() 18 | -------------------------------------------------------------------------------- /tests/infra/log_capture.py: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | 4 | 5 | from loguru import logger as LOG # type: ignore 6 | 7 | 8 | def flush_info(lines, log_capture=None, depth=0): 9 | for line in lines: 10 | if log_capture is None: 11 | LOG.opt(colors=True, depth=depth + 1).info(line) 12 | else: 13 | log_capture.append(line) 14 | -------------------------------------------------------------------------------- /tests/infra/perf.py: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | # All columns, written as csv header (changes should be reflected in clients) 4 | PERF_COLUMNS = "timeStamp,elapsed,label,bytes,allThreads,latency,SampleCount,local_commit_latency,local_commit_samples,global_commit_latency,global_commit_samples\n" 5 | -------------------------------------------------------------------------------- /tests/infra/piccolo/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | -------------------------------------------------------------------------------- /tests/infra/tx_status.py: -------------------------------------------------------------------------------- 1 | # Copyright (c) Microsoft Corporation. All rights reserved. 2 | # Licensed under the Apache 2.0 License. 3 | 4 | from enum import Enum 5 | 6 | 7 | class TxStatus(Enum): 8 | Unknown = "Unknown" 9 | Pending = "Pending" 10 | Committed = "Committed" 11 | Invalid = "Invalid" 12 | -------------------------------------------------------------------------------- /tests/js-custom-authorization/app.json: -------------------------------------------------------------------------------- 1 | { 2 | "endpoints": { 3 | "/custom_auth": { 4 | "get": { 5 | "js_module": "custom_authorization.js", 6 | "js_function": "compare_bearer", 7 | "forwarding_required": "sometimes", 8 | "redirection_strategy": "none", 9 | "authn_policies": ["user_cert"], 10 | "mode": "readonly", 11 | "openapi": {} 12 | } 13 | } 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /tests/js-custom-authorization/src/custom_authorization.js: -------------------------------------------------------------------------------- 1 | export function compare_bearer(request) { 2 | // Header names become lower-case 3 | const auth = request.headers["authorization"]; 4 | return { body: auth === "Bearer 42" }; 5 | } 6 | -------------------------------------------------------------------------------- /tests/js-interpreter-reuse/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "private": true, 3 | "scripts": { 4 | "build": "del-cli -f dist/ && rollup --config && cp app.json dist/" 5 | }, 6 | "type": "module", 7 | "engines": { 8 | "node": ">=14" 9 | }, 10 | "dependencies": { 11 | "@microsoft/ccf-app": "file:../../js/ccf-app", 12 | "inversify": "^6.1.5" 13 | }, 14 | "devDependencies": { 15 | "@rollup/plugin-commonjs": "^17.1.0", 16 | "@rollup/plugin-node-resolve": "^11.2.0", 17 | "@rollup/plugin-typescript": "^8.2.0", 18 | "del-cli": "^5.0.0", 19 | "tslib": "^2.0.1", 20 | "typescript": "^5.7.2" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /tests/js-interpreter-reuse/rollup.config.js: -------------------------------------------------------------------------------- 1 | import { nodeResolve } from "@rollup/plugin-node-resolve"; 2 | import commonjs from "@rollup/plugin-commonjs"; 3 | import typescript from "@rollup/plugin-typescript"; 4 | 5 | export default { 6 | input: "src/rollup_entry.ts", 7 | output: { 8 | dir: "dist/src", 9 | format: "es", 10 | preserveModules: true, 11 | preserveModulesRoot: "src", 12 | }, 13 | plugins: [nodeResolve(), typescript(), commonjs()], 14 | }; 15 | -------------------------------------------------------------------------------- /tests/js-interpreter-reuse/src/SlowConstructorService.ts: -------------------------------------------------------------------------------- 1 | import { injectable } from "inversify"; 2 | import { fibonacci } from "./bad_fib"; 3 | 4 | @injectable() 5 | export class SlowConstructorService { 6 | static ServiceId = "SlowConstructorService"; 7 | 8 | constructor() { 9 | console.log(" Starting slow construction"); 10 | console.log(` fibonacci(25) = ${fibonacci(25)}`); 11 | console.log(" Completed slow construction"); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /tests/js-interpreter-reuse/src/bad_fib.js: -------------------------------------------------------------------------------- 1 | console.log("Logging at global scope of bad_fib"); 2 | 3 | function fibonacci(n) { 4 | if (n < 2) { 5 | return 1; 6 | } 7 | 8 | return fibonacci(n - 1) + fibonacci(n - 2); 9 | } 10 | 11 | export { fibonacci }; 12 | -------------------------------------------------------------------------------- /tests/js-interpreter-reuse/src/func_caching.js: -------------------------------------------------------------------------------- 1 | export function func_caching(request) { 2 | const s = ""; 3 | console.log(`Executing with s: ${s}`); 4 | 5 | return { body: s }; 6 | } 7 | -------------------------------------------------------------------------------- /tests/js-interpreter-reuse/src/inversify.config.ts: -------------------------------------------------------------------------------- 1 | import { Container, interfaces } from "inversify"; 2 | import { SlowConstructorService } from "./SlowConstructorService"; 3 | 4 | const container = new Container(); 5 | 6 | container 7 | .bind(SlowConstructorService.ServiceId) 8 | .to(SlowConstructorService) 9 | // NB: The latter is critical - we only get cache reuse benefits for 10 | // state which is actually cached, such as singleton bindings. 11 | .inSingletonScope(); 12 | 13 | export { container }; 14 | -------------------------------------------------------------------------------- /tests/js-interpreter-reuse/src/rollup_entry.ts: -------------------------------------------------------------------------------- 1 | export * from "./cache.js"; 2 | export * from "./func_caching.js"; 3 | export * from "./di_sample"; 4 | export * from "./global_handle"; 5 | -------------------------------------------------------------------------------- /tests/js-interpreter-reuse/tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "experimentalDecorators": true, 4 | "emitDecoratorMetadata": true 5 | } 6 | } 7 | -------------------------------------------------------------------------------- /tests/js-launch-host-process/host_process.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the Apache 2.0 License. 4 | 5 | echo "Writing to stdout" 6 | echo >&2 "Writing to stderr" 7 | 8 | STDIN=$(cat) 9 | echo -n "$1$STDIN" > "$2" 10 | -------------------------------------------------------------------------------- /tests/js-launch-host-process/src/host_process.js: -------------------------------------------------------------------------------- 1 | export function launch(request) { 2 | const body = request.body.json(); 3 | 4 | ccf.host.triggerSubprocess(body.args, ccf.strToBuf(body.input)); 5 | return {}; 6 | } 7 | 8 | export function launchMany(request) { 9 | const body = request.body.json(); 10 | for (let i = 0; i < body.count; i++) { 11 | const args = [body.program, `${i}`, `${body.out_dir}/${i}`]; 12 | ccf.host.triggerSubprocess(args); 13 | } 14 | return {}; 15 | } 16 | -------------------------------------------------------------------------------- /tests/js-modules/basic-module-import/app.json: -------------------------------------------------------------------------------- 1 | { 2 | "endpoints": { 3 | "/test_module": { 4 | "post": { 5 | "js_module": "test_module.js", 6 | "js_function": "test_module", 7 | "forwarding_required": "sometimes", 8 | "authn_policies": ["user_cert"], 9 | "mode": "readonly" 10 | } 11 | } 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /tests/js-modules/basic-module-import/src/bar.js: -------------------------------------------------------------------------------- 1 | import { foo, C } from "./sub/foo.js"; 2 | 3 | export function bar() { 4 | return foo(); 5 | } 6 | 7 | export function getC() { 8 | return new C(); 9 | } 10 | -------------------------------------------------------------------------------- /tests/js-modules/basic-module-import/src/sub/foo.js: -------------------------------------------------------------------------------- 1 | export function foo() { 2 | return "Hello world!"; 3 | } 4 | 5 | export class C {} 6 | -------------------------------------------------------------------------------- /tests/js-modules/basic-module-import/src/test_module.js: -------------------------------------------------------------------------------- 1 | import { bar, getC } from "./bar.js"; 2 | import { C } from "./sub/foo.js"; 3 | 4 | export function test_module() { 5 | if (!(getC() instanceof C)) { 6 | // happens if foo.js has been compiled multiple times 7 | // through different import chains 8 | throw new Error("inconsistent class prototype"); 9 | } 10 | return { body: bar(), statusCode: 201 }; 11 | } 12 | -------------------------------------------------------------------------------- /tests/js-modules/dynamic-module-import/app.json: -------------------------------------------------------------------------------- 1 | { 2 | "endpoints": { 3 | "/test_module": { 4 | "post": { 5 | "js_module": "test_module.js", 6 | "js_function": "test_module", 7 | "forwarding_required": "sometimes", 8 | "redirection_strategy": "none", 9 | "authn_policies": ["user_cert"], 10 | "mode": "readonly", 11 | "openapi": {} 12 | } 13 | } 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /tests/js-modules/dynamic-module-import/src/bar.js: -------------------------------------------------------------------------------- 1 | import { foo, C } from "./sub/foo.js"; 2 | 3 | export function bar() { 4 | return foo(); 5 | } 6 | 7 | export function getC() { 8 | return new C(); 9 | } 10 | -------------------------------------------------------------------------------- /tests/js-modules/dynamic-module-import/src/sub/foo.js: -------------------------------------------------------------------------------- 1 | export function foo() { 2 | return "Hello world!"; 3 | } 4 | 5 | export class C {} 6 | -------------------------------------------------------------------------------- /tests/js-modules/dynamic-module-import/src/test_module.js: -------------------------------------------------------------------------------- 1 | import { C } from "./sub/foo.js"; 2 | 3 | export async function test_module() { 4 | const { bar, getC } = await import("./bar.js"); 5 | if (!(getC() instanceof C)) { 6 | // happens if foo.js has been compiled multiple times 7 | // through different import chains 8 | throw new Error("inconsistent class prototype"); 9 | } 10 | return { body: bar(), statusCode: 201 }; 11 | } 12 | -------------------------------------------------------------------------------- /tests/npm-app/.gitignore: -------------------------------------------------------------------------------- 1 | package-lock.json 2 | node_modules/ 3 | dist/ 4 | -------------------------------------------------------------------------------- /tests/npm-app/.npmrc: -------------------------------------------------------------------------------- 1 | engine-strict=true -------------------------------------------------------------------------------- /tests/npm-app/rollup.config.js: -------------------------------------------------------------------------------- 1 | import { nodeResolve } from "@rollup/plugin-node-resolve"; 2 | import commonjs from "@rollup/plugin-commonjs"; 3 | import typescript from "@rollup/plugin-typescript"; 4 | 5 | export default { 6 | input: "src/endpoints/all.ts", 7 | output: { 8 | dir: "dist/src", 9 | format: "es", 10 | preserveModules: true, 11 | preserveModulesRoot: "src", 12 | }, 13 | plugins: [ 14 | nodeResolve(), 15 | typescript({ compilerOptions: { noEmitOnError: true } }), 16 | commonjs(), 17 | ], 18 | }; 19 | -------------------------------------------------------------------------------- /tests/npm-app/src/endpoints/all.ts: -------------------------------------------------------------------------------- 1 | export * from "./crypto"; 2 | export * from "./snp_attestation"; 3 | export * from "./partition"; 4 | export * from "./proto"; 5 | export * from "./log"; 6 | export * from "./rpc"; 7 | export * from "./auth"; 8 | export * from "./converters"; 9 | export * from "./spin"; 10 | -------------------------------------------------------------------------------- /tests/npm-app/src/endpoints/partition.ts: -------------------------------------------------------------------------------- 1 | import * as _ from "lodash-es"; 2 | 3 | import * as ccfapp from "@microsoft/ccf-app"; 4 | 5 | type PartitionRequest = any[]; 6 | type PartitionResponse = [any[], any[]]; 7 | 8 | export function partition( 9 | request: ccfapp.Request, 10 | ): ccfapp.Response { 11 | // Example from https://lodash.com. 12 | let arr = request.body.json(); 13 | return { body: _.partition(arr, (n) => n % 2) }; 14 | } 15 | -------------------------------------------------------------------------------- /tests/npm-app/src/endpoints/spin.ts: -------------------------------------------------------------------------------- 1 | import * as ccfapp from "@microsoft/ccf-app"; 2 | 3 | interface SpinRequest { 4 | iterations: number; 5 | } 6 | 7 | export function spin( 8 | request: ccfapp.Request, 9 | ): ccfapp.Response { 10 | for (let i = 0; i <= request.body.json().iterations; i++) { 11 | // 12 | } 13 | return { body: true }; 14 | } 15 | -------------------------------------------------------------------------------- /tests/npm-app/tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "lib": ["ES2020"], 4 | "target": "ES2020", 5 | "module": "ES2020", 6 | "moduleResolution": "node", 7 | "allowSyntheticDefaultImports": true, 8 | "noImplicitAny": false, 9 | "removeComments": true, 10 | "preserveConstEnums": true, 11 | "sourceMap": false 12 | }, 13 | "include": ["src/**/*"] 14 | } 15 | -------------------------------------------------------------------------------- /tests/perf-system/submitter/parquet_data.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the Apache 2.0 License. 3 | 4 | #pragma once 5 | 6 | #include 7 | #include 8 | 9 | class ParquetData 10 | { 11 | public: 12 | ParquetData() {} 13 | 14 | std::vector ids; 15 | std::vector> request; 16 | std::vector response_status_code; 17 | std::vector response_headers; 18 | std::vector> response_body; 19 | std::vector send_time; 20 | std::vector response_time; 21 | }; -------------------------------------------------------------------------------- /tests/raft_scenarios/replicate: -------------------------------------------------------------------------------- 1 | start_node,0 2 | assert_detail,0,leadership_state,Leader 3 | emit_signature,2 4 | 5 | assert_detail,0,leadership_state,Leader 6 | assert_commit_idx,0,2 7 | 8 | trust_node,2,1 9 | emit_signature,2 10 | 11 | dispatch_all 12 | periodic_all,10 13 | dispatch_all 14 | assert_commit_idx,0,4 15 | 16 | replicate,2,helloworld 17 | emit_signature,2 18 | periodic_all,10 19 | dispatch_all 20 | periodic_all,1 21 | state_all 22 | 23 | assert_commit_idx,0,6 24 | 25 | periodic_all,10 26 | dispatch_all 27 | 28 | periodic_all,10 29 | dispatch_all 30 | 31 | state_all 32 | assert_state_sync -------------------------------------------------------------------------------- /tests/raft_scenarios/startup: -------------------------------------------------------------------------------- 1 | # Create a Start Node, commit initial transaction and signature 2 | # https://microsoft.github.io/CCF/main/operations/start_network.html#starting-the-first-node 3 | start_node,0 4 | assert_detail,0,leadership_state,Leader 5 | emit_signature,2 6 | 7 | assert_detail,0,leadership_state,Leader 8 | assert_commit_idx,0,2 -------------------------------------------------------------------------------- /tests/raft_scenarios/startup_2nodes: -------------------------------------------------------------------------------- 1 | start_node,0 2 | assert_detail,0,leadership_state,Leader 3 | emit_signature,2 4 | 5 | assert_detail,0,leadership_state,Leader 6 | assert_commit_idx,0,2 7 | 8 | trust_node,2,1 9 | emit_signature,2 10 | 11 | dispatch_all 12 | periodic_all,10 13 | dispatch_all 14 | assert_commit_idx,0,4 -------------------------------------------------------------------------------- /tests/requirements.txt: -------------------------------------------------------------------------------- 1 | wheel 2 | loguru 3 | psutil 4 | openapi-spec-validator 5 | PyJWT 6 | docutils 7 | python-iptables 8 | py-spy 9 | GitPython 10 | better_exceptions 11 | pyasn1 12 | Jinja2 13 | httpx[http2] == 0.23.* 14 | locust 15 | pyOpenSSL 16 | JWCrypto>=1.5.1 # x25519 support 17 | pycose 18 | rich 19 | gelidum 20 | matplotlib 21 | # Piccolo dependencies 22 | fastparquet==2023.* 23 | prettytable==3.* 24 | polars 25 | plotext 26 | boofuzz 27 | numpy<2 -------------------------------------------------------------------------------- /tests/sandbox/actions.js: -------------------------------------------------------------------------------- 1 | ../../samples/constitutions/default/actions.js -------------------------------------------------------------------------------- /tests/sandbox/apply.js: -------------------------------------------------------------------------------- 1 | ../../samples/constitutions/default/apply.js -------------------------------------------------------------------------------- /tests/sandbox/resolve.js: -------------------------------------------------------------------------------- 1 | ../../samples/constitutions/default/resolve.js -------------------------------------------------------------------------------- /tests/sandbox/validate.js: -------------------------------------------------------------------------------- 1 | ../../samples/constitutions/default/validate.js -------------------------------------------------------------------------------- /tests/test_install_build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the Apache 2.0 License. 4 | set -ex 5 | 6 | mkdir -p build_against_install 7 | cd build_against_install 8 | 9 | CC=$(which clang || true) 10 | CXX=$(which clang++ || true) 11 | 12 | if [ "$CC" = "" ] || [ "$CXX" = "" ]; then 13 | CC=$(command -v clang-15 || true) 14 | CXX=$(command -v clang++-15 || true) 15 | fi 16 | 17 | CC=$CC CXX=$CXX cmake -GNinja "$@" ../samples/apps/logging/ 18 | 19 | ninja -------------------------------------------------------------------------------- /tests/testdata/cose_flipflop_service/common/member0_enc_pubk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIELtiBrg2FsDt1M2tZP 3 | 2M/ee25kOr7FAXMPNGo/RdbNEOMW1+cyx3XX/NCj3VXmnFy+vel4+Hmlkd6dilVP 4 | uPOUQF5xj7IK51ziqfvrGJtkm4P0uwtIDdxfp0iozr9lLnHnxqSVBkdsxFaPrUfh 5 | eQjsSoqQqXlSmKl/XGj0rMWucfNH3WN/NC78TuQwNk2R4m5+eULq4/YPmuTN6bwQ 6 | fneLUagEAiwup5mAYuxH7O9YKYNBsupkHnMd4qrRRdoR0qUpDjg0C+z9MMm4XzHD 7 | 1vpdsfLZxmbQLbUWuJt/aVWaEV2gL5HtkDj5qzjIZ0ieIIjo68sxveI+vcfcm4qS 8 | /QIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/cose_flipflop_service/common/member0_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MD4CAQEEMJE8kt9YzL1Rzq4KEJr6cwGaQzNBaXRT+H5o7D0Q3lzJb2YElOTbf4Bc 6 | JxtMzasj7KAHBgUrgQQAIg== 7 | -----END EC PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /tests/testdata/cose_flipflop_service/common/user0_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MD4CAQEEMOyzlQIbgQgSdhgKF/ZEdcbW7yZ0FMXPf2q6HVb0dl+pcol7BDCVq1M5 6 | 6x3R/L/WHqAHBgUrgQQAIg== 7 | -----END EC PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /tests/testdata/cose_flipflop_service/ledger/ledger_1-14.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/cose_flipflop_service/ledger/ledger_1-14.committed -------------------------------------------------------------------------------- /tests/testdata/cose_flipflop_service/ledger/ledger_15-46.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/cose_flipflop_service/ledger/ledger_15-46.committed -------------------------------------------------------------------------------- /tests/testdata/cose_flipflop_service/snapshots/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/cose_flipflop_service/snapshots/.gitkeep -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/common/member0_enc_pubk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9qkI8MvA9bxIH+XQFCcZ 3 | XjBOdrczadiI7k4vegDzTBT5TrQa0+MdTLDlHosQ2tKYRzvoTrf95MVV5gyJ1lnG 4 | 23sBfY5ZPEeJNy1yT7Hg0vSwX7WkwvRtyQPHp8xYwGxzslbu+rwNAaokh3/koFne 5 | 9nmovuJkH9IHDIj2JKA16BVk7Le5eiFHN4vIoXmhUQtsf0BszbSOj4Dz0G0TCEDg 6 | +cGtSOocPOVaXJVcpUpcNfxKvMvQ8DCs1+bvkMcFmkrM4ES4zykq0g8k7rTDx5Aj 7 | ohU1vf7PYSewH6n39Ez59hHYBcHQ+bdxJkMXhujbvctNEbiwOuIsg8YmE4UJ7Qie 8 | 1QIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/common/member0_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MD4CAQEEMCNoAj3RDb9ksY2F0Z3rOstsugsQOmgkcrtDwI0Wv9GsgOiwD2xwLR1b 6 | RxQuM608naAHBgUrgQQAIg== 7 | -----END EC PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/common/member1_enc_pubk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwT7mKHxH1cWshH7SEVJY 3 | rlXmdf5029TN0WInA4gkeofyD1Z5JfzGkrOoZbhz99bl4XkCtlX5sgiH5Hv1/aO3 4 | tT4TC1mJb+l6uGxrEp3kmitAa4Bhg4APwcIYoVHZGt9yZ3FL2FcdZPN6BJTvkQO6 5 | cJyhQz7RaV/7WjymOzD2nXLhO+PEBsDizDkPVg9OstjsbYIPvE28nvehvBrvURf5 6 | SkYN3u8xASAr5fj1d3K0Cuc28kR+7NOeeqZDXqaffpzgVF/kihjzh2yCf9WfnceG 7 | s8ZWJkL80/IMcLPRej184XUxmjm52+nhqvPq7u6nf2pgiYMQzP9tl2i53fTWMEp+ 8 | tQIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/common/member1_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MD4CAQEEMBRfG14GlbLmg46/nF627oGCj2O0KoYoHrr8wKcRqT1e/pDhBxIEnd09 6 | 8O0jNt783aAHBgUrgQQAIg== 7 | -----END EC PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/common/member2_enc_pubk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvk4Du6/dRKcla0Qh8Pl 3 | ufulkcli65v3feymAMhpaSyFjzx0Pc1AXf+wfaOrpWVrQJhQVmdhAsXZ2SZCac8B 4 | rKKW6zqiR76bDjui4G7zVJizv5sdeHKiM7iNQAFkckHQgg8inCTvmH1jVsTQqSMb 5 | PHo//hZyifJLpLgSQYIU1yRy4qXAp6qAH4QsbzQh6Qt4APpLyHQsVV/yk329slNQ 6 | 9V/2biIgry3otJUYwxZsz0e94OqqwV+4bp0SJtST6YUciAoN7L+4X2tY0XaW8Xm3 7 | nGlXUH0Df1RxrQkZz4i/QXZgHpzxqJCT0UeRkMrNr3D5twJS3LlH1SP0aiLgUFuA 8 | tQIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/common/member2_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MD4CAQEEMJyJmH8xgKTMj9v+qll0O2IcZ7D+S7tm2bvfI9TQEJpZ1podbMPiQzCY 6 | uqSWMSDUjaAHBgUrgQQAIg== 7 | -----END EC PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/common/user0_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MD4CAQEEMDrzpXF8RolN/u4AuhMVCNDDe5tWjl+Wb28gdbT8rOFywWUDLBW3wI9D 6 | 4V6bRv8EHqAHBgUrgQQAIg== 7 | -----END EC PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_1-2.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_1-2.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_105-125.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_105-125.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_126-145.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_126-145.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_146-165.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_146-165.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_166-186.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_166-186.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_17-19.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_17-19.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_187-206.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_187-206.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_20-21.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_20-21.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_207-227.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_207-227.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_22-43.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_22-43.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_228-247.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_228-247.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_248-267.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_248-267.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_268-288.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_268-288.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_289-308.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_289-308.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_3-16.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_3-16.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_309-329.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_309-329.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_330-349.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_330-349.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_350-370.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_350-370.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_371-390.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_371-390.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_391-411.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_391-411.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_412-431.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_412-431.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_432-451.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_432-451.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_44-64.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_44-64.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_452-473.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_452-473.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_474-483.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_474-483.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_484-485.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_484-485.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_486-491.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_486-491.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_492-499.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_492-499.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_500-502.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_500-502.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_503-505.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_503-505.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_506: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_506 -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_65-84.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_65-84.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/ledger/ledger_85-104.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/ledger/ledger_85-104.committed -------------------------------------------------------------------------------- /tests/testdata/double_sealed_service/snapshots/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/double_sealed_service/snapshots/.gitkeep -------------------------------------------------------------------------------- /tests/testdata/eol_service/common/member0_cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIBtTCCATygAwIBAgIUaJxS1rUh8VMs1VLiVkaKNbpOubYwCgYIKoZIzj0EAwMw 3 | EjEQMA4GA1UEAwwHbWVtYmVyMDAeFw0yMzA2MTIwMDAwMDZaFw0yNDA2MTEwMDAw 4 | MDZaMBIxEDAOBgNVBAMMB21lbWJlcjAwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATu 5 | RLXmi9HK2TPyAg2/DRlrnPCGpmQNSsIDJhC1p4kfycVwd7u+CRCK2AVmpLE61HGy 6 | 8exj5KwtsZf5V+vHsd46610SWUzvXLColkxnrv7JnmMZ/XkGSIlAP6iRSd9JAwij 7 | UzBRMB0GA1UdDgQWBBRHSq25h+78+Au5y/fZMvQJi8ChTjAfBgNVHSMEGDAWgBRH 8 | Sq25h+78+Au5y/fZMvQJi8ChTjAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMD 9 | A2cAMGQCMHcL5n64uU69B87FnAakpoLIH8UTXOjVKhmMX5d67V7qz/0AphWJ4N+T 10 | eZA6AnhrfQIwbYWhImA2envP5Nup4Fz/Yi87fLLi/jKNhOUXBcbu3zC+WiR7k7x9 11 | AOFMu/1b7jGq 12 | -----END CERTIFICATE----- 13 | -------------------------------------------------------------------------------- /tests/testdata/eol_service/common/member0_enc_pubk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NfN71CKrUX3gtFMDsR6 3 | DGrQZfF8vpSLtSpmFcjyQdKkDRgaB0uE5rAfcMdTKSqPEIaqgDmvjBnrQEjMoytd 4 | Uclf419VunUly7Bzju3N9bDtMvd2LqD3X8rzNUquP+Gz3tI5nxMwxp0571tlf8Oa 5 | 95QwRm5DF2ovXdmjCD3F8OCVnF648V0gh15+s1Hq1ehHKTWu7XRyiZJQo2ksm/3f 6 | mj94TTCOmNzhfJxsfOF246cuj9sHZmjzy4p8dXDQcopbQV+CjRSmzj48k3lt7TA+ 7 | 6CT5OHt3Mx3DL/cNu+w6Oe+YJdnwn7k+tXS+w3tJHSFRBjWrq9A9CaKupM2/y25R 8 | zwIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/eol_service/common/member0_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDDNpyB4+k1FwfMhgIotbx6gY9U0sMrsu97rPoUGTg9n6uGoUpDEMc9b 6 | 7fFWp7EyzSmgBwYFK4EEACKhZANiAATuRLXmi9HK2TPyAg2/DRlrnPCGpmQNSsID 7 | JhC1p4kfycVwd7u+CRCK2AVmpLE61HGy8exj5KwtsZf5V+vHsd46610SWUzvXLCo 8 | lkxnrv7JnmMZ/XkGSIlAP6iRSd9JAwg= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/eol_service/common/member1_cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIBtTCCATygAwIBAgIUInY8vcgZhYyoPDKDBh/tZqC4O5QwCgYIKoZIzj0EAwMw 3 | EjEQMA4GA1UEAwwHbWVtYmVyMTAeFw0yMzA2MTIwMDAwMDdaFw0yNDA2MTEwMDAw 4 | MDdaMBIxEDAOBgNVBAMMB21lbWJlcjEwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAS+ 5 | iZM4Emi0YAwH6lUCxqHUGRzdLYq7/m2CGftYXPdG81mDzVjIHkC9KrKxwD05AeLw 6 | mODZWYxO3KxiDwBqZdwRM2hDTWEmpCEZBhd+4FzfdFjCiOtUoVm8x2F8Stc3xLCj 7 | UzBRMB0GA1UdDgQWBBQGZP/xIEGWCLYyJBZVbfuEXLL98DAfBgNVHSMEGDAWgBQG 8 | ZP/xIEGWCLYyJBZVbfuEXLL98DAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMD 9 | A2cAMGQCMA71vYE2mvrz4L6crOk7Y2OPsKVXCvpHAPKhkU4U3BVQb7+lNXotMJ4Z 10 | a+d3C7pyNgIwag9ZHXmQ+MsiyVReF4GnjcLxBhPgx7mQ5U/Dnn5THn+wHqLfdhnC 11 | IBsztdxDrldv 12 | -----END CERTIFICATE----- 13 | -------------------------------------------------------------------------------- /tests/testdata/eol_service/common/member1_enc_pubk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxk6tutcV4ygF2Jm+idD 3 | TZRBoUMu0KcGrzDuXZmRmM3nHF2W69W8JLxK1UGGytb/h9zf1LzG12Aw8F+uFCw1 4 | C170fnwAtR2ak3mmeseZij3qn5b9rTqv8WgEAOzW2lcSG8fFt6G7RiSxOzDG4/zq 5 | hBW9NJOt72afExdzaQn9eqT9zNvKfdKKlEJX5DPlXdaMjXCpiM0IN0eSoL/1hr8J 6 | ecfOQNivB2huPJNCOHl3uJxkpf+3UYgHLMv5D3OvOGyX7bt6JDzg4UhtPogWT/h3 7 | uHVhMdvrJ9smPcvdo5pjhL8l2SHwuhSeeqSAXHWadgzyhQOgnXInDSjkC4Omol0C 8 | tQIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/eol_service/common/member1_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDAAdTWprEQGjaDQJ7GvVuG7swTI3LqejWROO6M2RaooB869saMgHr3N 6 | fJmGAEmpTeCgBwYFK4EEACKhZANiAAS+iZM4Emi0YAwH6lUCxqHUGRzdLYq7/m2C 7 | GftYXPdG81mDzVjIHkC9KrKxwD05AeLwmODZWYxO3KxiDwBqZdwRM2hDTWEmpCEZ 8 | Bhd+4FzfdFjCiOtUoVm8x2F8Stc3xLA= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/eol_service/common/member2_cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIBtTCCATygAwIBAgIUc421QWJz501P0gn9heCBSzQMqOowCgYIKoZIzj0EAwMw 3 | EjEQMA4GA1UEAwwHbWVtYmVyMjAeFw0yMzA2MTIwMDAwMDdaFw0yNDA2MTEwMDAw 4 | MDdaMBIxEDAOBgNVBAMMB21lbWJlcjIwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQW 5 | YCozNG6eaHw1F8nTL6AQ6DMHG47HHSnWOnP85N3H7DWgi8+Ub+8nmenmIuhE2rZH 6 | h5AkYgPaAm+Dv7AtJC9vDd6pS7X2CsNTRVjZv880U8jWEvDptzlvH/4IQsffTT+j 7 | UzBRMB0GA1UdDgQWBBT5Hl9uX56N30vKtQtTQc8JrnzwpDAfBgNVHSMEGDAWgBT5 8 | Hl9uX56N30vKtQtTQc8JrnzwpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMD 9 | A2cAMGQCMBW2QQjYVPkrNHLr7AzGXdIwue2Ezdt/II3h+Zag5mmnRoq2EQCfxYJ/ 10 | aByZdxjqggIwMI0Kl6El5l5JqBLnNo6DlsS6oaMA8hwvuWsRFFlMvom6jpZLn33X 11 | cpG5+DFKPygU 12 | -----END CERTIFICATE----- 13 | -------------------------------------------------------------------------------- /tests/testdata/eol_service/common/member2_enc_pubk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gsjbOfKdsD5Pwt7DB4r 3 | WMWROEFZKRmOuXqUgHZY+sJt2NQGEAuWkmDphoVHF5+YS4M10WNHH4bvfuJHoHHn 4 | RCZXFXdDvxCF39kCrQunlWGdGnQM6gtGtoU/+fL7g1p6xIZypIvGSrwyCOvxWaSS 5 | IlhL8dFVuSNJ3WD5Sc51J5o09MZ+AE7LX7E6aYJnLZbW3NfnfN+JQdJVhlJWXqSt 6 | 5c96zAYThP4p2Q2raQhecQkFNXDcBw10YKXPI3SmfRD0POdZ38ynEFNF2AlI9KS7 7 | ccYhgMsMm5fkxy7jSWUOlVH/bSvlxpOnZzvTuflktfihxTbSqR158vQZyId431VF 8 | bwIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/eol_service/common/member2_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDCEIE9M83dvWkSTKzgofEIXEPMeaqtPqC6ulVAzgKNGbR0bbxP+KsnX 6 | ZdZ7qLDZ8V2gBwYFK4EEACKhZANiAAQWYCozNG6eaHw1F8nTL6AQ6DMHG47HHSnW 7 | OnP85N3H7DWgi8+Ub+8nmenmIuhE2rZHh5AkYgPaAm+Dv7AtJC9vDd6pS7X2CsNT 8 | RVjZv880U8jWEvDptzlvH/4IQsffTT8= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/eol_service/common/user0_cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIBsjCCATigAwIBAgIUebgi0+Xlgn8xfFzCN7CunSZjN3gwCgYIKoZIzj0EAwMw 3 | EDEOMAwGA1UEAwwFdXNlcjAwHhcNMjMwNjEyMDAwMDE0WhcNMjQwNjExMDAwMDE0 4 | WjAQMQ4wDAYDVQQDDAV1c2VyMDB2MBAGByqGSM49AgEGBSuBBAAiA2IABAFnQift 5 | fYzNLKcV5nWtHC+gV6xtXSox37uu/+0FL/II5rCtnMZ3EMQYHLt2z9c0H1gToQRp 6 | WP2OZHw6Fdp9tDTexEHkwjzflsOpd3no0fWOBZMtCBSeaT1vScnpz+yuYqNTMFEw 7 | HQYDVR0OBBYEFN381PX7/mhtB1eOvf2lJNEYDgvFMB8GA1UdIwQYMBaAFN381PX7 8 | /mhtB1eOvf2lJNEYDgvFMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwMDaAAw 9 | ZQIwQEZGwkh+CuzxDLMC9w3e6a/8hy5SXfe9a1Lr4dEWy0pGjdb8uykD5LxDVGSr 10 | oHC0AjEA4CknVcj2yhKMG/AB0nihcyJl9RwjcG+bb1JZ+BXuqPzL6Vfk3P8Ss/CB 11 | Ely3H4sM 12 | -----END CERTIFICATE----- 13 | -------------------------------------------------------------------------------- /tests/testdata/eol_service/common/user0_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDBnO3cr5Lq/5hm3/00dNVUwCPpbzfMBSB00Aa7RvZBYAoypyGRwjM7X 6 | qWCCFW4nCXGgBwYFK4EEACKhZANiAAQBZ0In7X2MzSynFeZ1rRwvoFesbV0qMd+7 7 | rv/tBS/yCOawrZzGdxDEGBy7ds/XNB9YE6EEaVj9jmR8OhXafbQ03sRB5MI835bD 8 | qXd56NH1jgWTLQgUnmk9b0nJ6c/srmI= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_1-2.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_1-2.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_104-130.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_104-130.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_12-18.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_12-18.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_131-152.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_131-152.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_153-159.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_153-159.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_160-161.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_160-161.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_162-175.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_162-175.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_176-185.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_176-185.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_186-187.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_186-187.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_188-212.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_188-212.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_19-23.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_19-23.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_213-233.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_213-233.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_234-244.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_234-244.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_24-28.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_24-28.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_245-249.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_245-249.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_250-255.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_250-255.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_256-267.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_256-267.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_268-277.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_268-277.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_278-299.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_278-299.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_29-33.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_29-33.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_3-11.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_3-11.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_300-321.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_300-321.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_322-328.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_322-328.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_329-330.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_329-330.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_331-347.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_331-347.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_34-35.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_34-35.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_348-357.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_348-357.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_358-359.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_358-359.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_36-37.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_36-37.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_360-384.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_360-384.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_38-47.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_38-47.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_385-405.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_385-405.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_406-416.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_406-416.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_417-421.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_417-421.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_422-427.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_422-427.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_428-439.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_428-439.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_440-449.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_440-449.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_450-470.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_450-470.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_471-493.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_471-493.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_48-52.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_48-52.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_494: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_494 -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_53-57.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_53-57.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_58-63.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_58-63.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_64-65.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_64-65.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_66-67.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_66-67.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_68-81.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_68-81.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_82-91.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_82-91.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_92-93.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_92-93.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/ledger/ledger_94-103.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/ledger/ledger_94-103.committed -------------------------------------------------------------------------------- /tests/testdata/eol_service/snapshots/snapshot_493_494.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/eol_service/snapshots/snapshot_493_494.committed -------------------------------------------------------------------------------- /tests/testdata/expired_service/common/member0_enc_pubk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTU1me3d7g5/NTMm0HNz 3 | X6H1aHkqEsRvnka9gfhWJc2gvhMnFpG2RPdW6EMkBzu8qD7YIJtYjQyNQbK8aNsH 4 | DMDWMW+0JgaFcUN7Pkb5mMvNGRFG83pOuxboCQexKf+D2+BmgbKmQc6S/jGXj4zH 5 | zpit9SXmWy9M7l9YbcyaESxbZEIBCP41aH1U45+GWbUEM91ZDPw72Hb4SGA1bduE 6 | 5+mdpcV/AUYtw3hLWbbGGSg2P0cLc1bLerCsD0Vph49OEEkYcs7MmszX3kWbg0EG 7 | UOGpnPelq3FWwrKR6pC/Dj9NEZ1McYEx54z6vSHfXskdMmYCmTeMURSoLXHNEkmF 8 | QwIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/expired_service/common/member0_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDDS5HtKn7TACY5T9qOfVydq9PNTyqR8Nqvd4eTjDcxV3hCGYpoWucUm 6 | 6w9B8H06neegBwYFK4EEACKhZANiAARblAKwY263U5KNvCnMP44HKdsgydQk+f7G 7 | MtqLFfYlhzjVGWfb4sbfWFrgEP5GMYurECkYtgPgM8R+uGfk5sJ3QANvbt/jTzph 8 | 7cvGyeWv6bvw2GWSpsNHQMxV2SfDsb4= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/expired_service/common/member1_enc_pubk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgRDN3CEqz1gTwwR0bAy 3 | eQIcG2zgJS/pXcbACYrEum60cJr7Dg3254jleaZ48zzMFQ8d5VnO8ShZtXSNALj3 4 | SBuh6mZnxp+w24J1UIypuSFpqUqIU43nJP+K1vhDqOhHQyFQCd5mV/QkAJeJFmLU 5 | p+ByQCLpLMhF2xYFmLtcjq5emkTMNSl6ZHp7hjLWT+Cy1gltNfLESKxiBIbs2SzF 6 | wCCAhi61eV3U6p5MQBaIWbbqVrz07o3QxA466XHLRoPKN4XbDTMbA5tLX03kitAA 7 | r24nbbqvwSJaSRzzcH6W5V1nn900cPvgsVpAKcio2hVRurZMfZQA5VD/vFwBc/ik 8 | VQIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/expired_service/common/member1_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDClep1yr7cZFZLirWcZB2c+Ys9DqwptdAmaMCKE/TUrML9JNBuI8Wlz 6 | 62auj06VTbigBwYFK4EEACKhZANiAARo3NV3MmuEQp7uOhrvGwyX/sXykM2mXCC5 7 | LiDwAXQPOCnNY8xlR/imTJjcPPxxBMaAussD9XvXMxsyvs6c38cg9VFfLKNMnbPD 8 | dmvKGzWzoxUbC5eO5fgNbdgAnLym9Bo= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/expired_service/common/member2_enc_pubk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyryiRqUHwjSKiCvTFl7D 3 | yHUaQTkwKM8oJUf+wDxx2EceSvQo4JOelrNsLTn5GLUfnb8vi1xsFE2merwY4tfy 4 | z1hHBPcfbkUwGA3KWtrvGasMC9Lw09NosF9cteUCLRIibIhum/CPcnS47jl63ftS 5 | efkZqml7kys00b6bWW7JLaQozXZw7A4gNMXIcmdPYW5PpRuI3G4QiC9hnn8jCC6V 6 | w5p1asHdUkZygyB361G4TRF/P5qU8qoGrY24/7BNAAj4B845TBhIKtyzMMUgVjan 7 | l548OM52fiPQPnMSz4XUcWQsVaW8GNuo/tZpFpecpqP0v7CTPkz9dNWeSnb9dizg 8 | JwIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/expired_service/common/member2_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDBlwrhixQKn983GRsuTruz4iXLRH6EHRY9YiOz+522D6f9Ng7uGpcJ9 6 | zB4xcw4cnDugBwYFK4EEACKhZANiAAQ6bn8zY5rMpPQuHn906uHimDASz56oFmlc 7 | keFarbC42T/n4DCf4THRDh8xYAsAVebI1UKHRbhRESZ/BE9W/Da0pXeakgOL/rFX 8 | U83l6HgPnyedtgmnCQbWg+FY/9IhqMU= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/expired_service/common/user0_cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIBsjCCATigAwIBAgIUHVRwixgDyIVc7XY+qVWq+IMHxngwCgYIKoZIzj0EAwMw 3 | EDEOMAwGA1UEAwwFdXNlcjAwHhcNMjIwMzA0MDAwMDE0WhcNMjMwMzA0MDAwMDE0 4 | WjAQMQ4wDAYDVQQDDAV1c2VyMDB2MBAGByqGSM49AgEGBSuBBAAiA2IABM/qjPDI 5 | JQnHstYCMwEqu9Nsi9ttivFJV3KGrQrKX/ntOf8lCdBQoD58PGf2Uf+nOAwE9GmL 6 | toRfTM0GpP4ls9B3jcpZhfcU3GxyQJAbNt+Rw5wOWUtA31g70X6ymXc0SKNTMFEw 7 | HQYDVR0OBBYEFCcWQU2t0WE8UqyUG5g21tH87ZveMB8GA1UdIwQYMBaAFCcWQU2t 8 | 0WE8UqyUG5g21tH87ZveMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwMDaAAw 9 | ZQIwO/J5gxQ40VV/68g0UIFC8ZCBhH73qOvwNr6m3hmLTNzZ/Ku2Zbb5UHBSQZZ5 10 | 3+qoAjEAu1s0rXvwMlTcxvkg5h4wjscMnc6LApRDhP3VNnHyPUDuFXRu1DuRKaYy 11 | DDF5Sph6 12 | -----END CERTIFICATE----- 13 | -------------------------------------------------------------------------------- /tests/testdata/expired_service/common/user0_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDBP5n4M08zQhqjxXqO2DSJ5UJ6a90AyDOpXuutDAH+OR71LXcAoE37I 6 | Ast95Gn6ZoygBwYFK4EEACKhZANiAATP6ozwyCUJx7LWAjMBKrvTbIvbbYrxSVdy 7 | hq0Kyl/57Tn/JQnQUKA+fDxn9lH/pzgMBPRpi7aEX0zNBqT+JbPQd43KWYX3FNxs 8 | ckCQGzbfkcOcDllLQN9YO9F+spl3NEg= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/expired_service/ledger/ledger_1-4.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/expired_service/ledger/ledger_1-4.committed -------------------------------------------------------------------------------- /tests/testdata/expired_service/ledger/ledger_16-26.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/expired_service/ledger/ledger_16-26.committed -------------------------------------------------------------------------------- /tests/testdata/expired_service/ledger/ledger_27-28.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/expired_service/ledger/ledger_27-28.committed -------------------------------------------------------------------------------- /tests/testdata/expired_service/ledger/ledger_29-46.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/expired_service/ledger/ledger_29-46.committed -------------------------------------------------------------------------------- /tests/testdata/expired_service/ledger/ledger_47-48.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/expired_service/ledger/ledger_47-48.committed -------------------------------------------------------------------------------- /tests/testdata/expired_service/ledger/ledger_49-61.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/expired_service/ledger/ledger_49-61.committed -------------------------------------------------------------------------------- /tests/testdata/expired_service/ledger/ledger_5-15.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/expired_service/ledger/ledger_5-15.committed -------------------------------------------------------------------------------- /tests/testdata/expired_service/ledger/ledger_62: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/expired_service/ledger/ledger_62 -------------------------------------------------------------------------------- /tests/testdata/expired_service/snapshots/snapshot_61_62.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/expired_service/snapshots/snapshot_61_62.committed -------------------------------------------------------------------------------- /tests/testdata/sgx_service/common/member0_enc_pubk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw31fwbH0KCXK8yL1TV44 3 | 9XL0iK+O7YTQZYYeTo2AnPmDpn6DkEZoWpvbuU1N11oYBC8Su8Y2t3iEN4zIcWw4 4 | gkygsawfuPD7IlK4ckIcL3+tfqNh5ol7cPj7PqnOJHZeE0M4RolBW1d+FiF0XGSq 5 | UqystiWDP+anCxfKBdY6dQ8/EGhnjP6t7XfbqLJo4LRVAvHcO3GHki++JtQXua+a 6 | 1Ht/ZwjlLm6X1MSqVDmUYIUh4E0iopVzce/LlWSNp9TVWOYHKNB0+QKuu3REIg/H 7 | oI4G80Cbot2RWgedTTiSGguauLgHRD0aYpsCLVhIF51SAvcSelfKlnaNeu5iz2tU 8 | 4QIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/sgx_service/common/member0_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDAsLdHrCFDxOKgwJ8t9qErShDpRVI4gE66DsZ28CRLS7N9YO3KVfuHx 6 | 3G0AFSR9sXKgBwYFK4EEACKhZANiAAQBXvFeU1yOVHLfIuh+VQuBmZv5eZkFB51O 7 | PXszhGOCuZjVpaFGFPsgzsVRRW1fubP3EfzUR7qHnIKopeKr7l29xsVG6YTQqTSi 8 | BYBDveEOtI+Yc1sLF97KdYNF1nEQf9g= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/sgx_service/common/member1_enc_pubk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvpBY3a5BUAHNIUgLVnr 3 | 36ve/tOhyWzOa4qtQhbhqI7LuAVe6M25MXelRgW21tHCFS0GCEurTP5tZQsYeTDC 4 | 9D+wpMG7Dwo7jEKUzfEWl933j5zXNFubpabCx+jtwJGwiUc1D6ayxmXOoWNQL2TX 5 | nu2MqAyfMctxq+3he0tsa57obNsbQ3LqmLnSVzYvLFUzpbOCulXSRnFwR1SBYBsQ 6 | 33kuexPDJRc/xozYLNF+yo9Eg3ZA5w0INe5/MEPO5Qem8rs0b5bUa3F5SxJdbpTi 7 | 4lvdUtciTqJSFTz4GY5N6i6GZ9XumFN3CGYD7PX8b11MntZx2/sJ3cDpdy3WnAgf 8 | IQIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/sgx_service/common/member1_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDBfcrUeiYvLfeJU2rJexgOdh9txSTjSgYThki4jPqzSF8leDzefJSa8 6 | XvXWp5CMVTqgBwYFK4EEACKhZANiAAT3dqY+C+7emqhFleBUhiegDOkI6q6a+tHM 7 | 836AkxPkgx/At4vn7pm/nC1rHiYDzTPlOHHDXlm2QroJYQ3ZhzFodlkrMUIeWLhc 8 | 3WKUPsQeszOCFkZFAzvx9BZ4uvQALaw= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/sgx_service/common/member2_enc_pubk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydzFBh9C8ShM/PfAmhKh 3 | OKm/paY4JaTYI5C2p9B6EIGcM6a3UTpvrQ/TOYoEHXLA/F2tNSEeOYYxJPYkkLfN 4 | ID3tlHoQCy7qUStbaXLQrY5X2Bse4mQo3OdTpkF484LCVyNsbzj8ze0ItPTgmCMV 5 | yIFI8mqD4qVX5qrXXzT3QDULLmx9Pf+FKKBR2gOqEJiAP+0QsAl2Yz46rmsjGD3T 6 | z6WjfMdMkWpmR0aj6dWSQxpKqkQyZCt58af2XKERK1tF/RO8km35oxtmggzqJILO 7 | qL7ff875yETC1GZfpqn5cLbUdk+zPv4P7DWz0A0ejbD4ZFTVgCnoPrQ5uKX6GYSC 8 | gQIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/sgx_service/common/member2_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDCmWK0b+RQl4qQ+3IZUqFcnYXU5ophrP0mXCR9y+DK/U9kX7uM0GjBv 6 | 4h8AR+7deJKgBwYFK4EEACKhZANiAARUnaG6E6jYltqXgtdVuQXLxl5+XhJc1K41 7 | UjEXf4XEaPZaJTGF973Pws+VB7K6CneQNiGT5UOuJKr603rdPwY5uvOpn6yhHf9G 8 | tDwkHyWZUQTnIGpS0wC88LD3H3vPZ9I= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/sgx_service/common/user0_cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIBszCCATigAwIBAgIUZ2gECb6wi50hZLr72cDpnybTXrgwCgYIKoZIzj0EAwMw 3 | EDEOMAwGA1UEAwwFdXNlcjAwHhcNMjMwMzE1MTQwMTE4WhcNMjQwMzE0MTQwMTE4 4 | WjAQMQ4wDAYDVQQDDAV1c2VyMDB2MBAGByqGSM49AgEGBSuBBAAiA2IABKaA4Nmd 5 | nDsfIov656ex8PTL/jCptSyiVBatxcy8FsT75DGUZ160miVqcklBHcJtjksTghVG 6 | DPHupN6O++TTmE6VEZSCqca6bR7jzHmWttNTokrct7gkql7er1JCOO0RG6NTMFEw 7 | HQYDVR0OBBYEFIZ2n9onivDXiRs+pIsFrdrjV+oUMB8GA1UdIwQYMBaAFIZ2n9on 8 | ivDXiRs+pIsFrdrjV+oUMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwMDaQAw 9 | ZgIxANB9cfrpBqfjIPxfkFJdB7opIz3nbN8WFb7nHdwwoP2xTy7zNeYpBcTHen1/ 10 | UvSIXAIxAOWqYaRLmspTEqYP/5PYFzZKG99YRHgonfZ0tHFDzQuytJ2VBwB9/SwL 11 | PXmknCz/cg== 12 | -----END CERTIFICATE----- 13 | -------------------------------------------------------------------------------- /tests/testdata/sgx_service/common/user0_privk.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDAmdATScP2U5nuWty7xnvi8JjWf7oIF//NYbvbz06jjeKjtWKjwJDMk 6 | 8NdnsXE7EdCgBwYFK4EEACKhZANiAASmgODZnZw7HyKL+uensfD0y/4wqbUsolQW 7 | rcXMvBbE++QxlGdetJolanJJQR3CbY5LE4IVRgzx7qTejvvk05hOlRGUgqnGum0e 8 | 48x5lrbTU6JK3Le4JKpe3q9SQjjtERs= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /tests/testdata/sgx_service/ledger/ledger_1-37.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/sgx_service/ledger/ledger_1-37.committed -------------------------------------------------------------------------------- /tests/testdata/sgx_service/ledger/ledger_100-101.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/sgx_service/ledger/ledger_100-101.committed -------------------------------------------------------------------------------- /tests/testdata/sgx_service/ledger/ledger_102-103.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/sgx_service/ledger/ledger_102-103.committed -------------------------------------------------------------------------------- /tests/testdata/sgx_service/ledger/ledger_104-107.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/sgx_service/ledger/ledger_104-107.committed -------------------------------------------------------------------------------- /tests/testdata/sgx_service/ledger/ledger_108-120.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/sgx_service/ledger/ledger_108-120.committed -------------------------------------------------------------------------------- /tests/testdata/sgx_service/ledger/ledger_121-124.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/sgx_service/ledger/ledger_121-124.committed -------------------------------------------------------------------------------- /tests/testdata/sgx_service/ledger/ledger_125-130.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/sgx_service/ledger/ledger_125-130.committed -------------------------------------------------------------------------------- /tests/testdata/sgx_service/ledger/ledger_131-138.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/sgx_service/ledger/ledger_131-138.committed -------------------------------------------------------------------------------- /tests/testdata/sgx_service/ledger/ledger_139: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/sgx_service/ledger/ledger_139 -------------------------------------------------------------------------------- /tests/testdata/sgx_service/ledger/ledger_38-70.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/sgx_service/ledger/ledger_38-70.committed -------------------------------------------------------------------------------- /tests/testdata/sgx_service/ledger/ledger_71-99.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/sgx_service/ledger/ledger_71-99.committed -------------------------------------------------------------------------------- /tests/testdata/sgx_service/snapshots/snapshot_138_139.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/sgx_service/snapshots/snapshot_138_139.committed -------------------------------------------------------------------------------- /tests/testdata/sgx_service/snapshots/snapshot_99_100.committed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/testdata/sgx_service/snapshots/snapshot_99_100.committed -------------------------------------------------------------------------------- /tests/uvm_endorsements/ecdsa_test1.cose: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/uvm_endorsements/ecdsa_test1.cose -------------------------------------------------------------------------------- /tests/uvm_endorsements/rsa_test1.cose: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/CCF/6aec57bfc9765f9f85e8870d1022cb0c759a91e6/tests/uvm_endorsements/rsa_test1.cose -------------------------------------------------------------------------------- /tla/.gitignore: -------------------------------------------------------------------------------- 1 | *.jar 2 | states/ 3 | tools/ 4 | *.out 5 | *.toolbox/ 6 | *.tlaps/ 7 | .Rproj.user/ 8 | .RData 9 | .Rhistory 10 | *.Rproj 11 | .DS_Store 12 | *.dot 13 | *TTrace*.tla 14 | *TTrace*.bin 15 | *_stats.json 16 | **/states.dump* 17 | -------------------------------------------------------------------------------- /tla/consensus/MCabs.cfg: -------------------------------------------------------------------------------- 1 | SPECIFICATION AbsSpec 2 | 3 | CONSTANTS 4 | NodeOne = n1 5 | NodeTwo = n2 6 | NodeThree = n3 7 | Servers <- MCServers 8 | Terms <- MCTerms 9 | StartTerm <- MCStartTerm 10 | Seq <- MCSeq 11 | TypeOK <- MCTypeOK 12 | 13 | INVARIANTS 14 | NoConflicts 15 | TypeOK 16 | 17 | PROPERTIES 18 | AppendOnlyProp 19 | \* EquivExtendProp 20 | \* EquivCopyMaxAndExtendProp 21 | 22 | SYMMETRY 23 | Symmetry 24 | 25 | CONSTRAINT 26 | MaxLogLengthConstraint 27 | 28 | CHECK_DEADLOCK 29 | FALSE 30 | -------------------------------------------------------------------------------- /tla/consensus/MCabs.tla: -------------------------------------------------------------------------------- 1 | ---- MODULE MCabs ---- 2 | 3 | EXTENDS abs, TLC, SequencesExt, FiniteSetsExt 4 | 5 | Symmetry == 6 | Permutations(Servers) 7 | 8 | CONSTANTS NodeOne, NodeTwo, NodeThree 9 | 10 | MCServers == {NodeOne, NodeTwo, NodeThree} 11 | MCTerms == 2..4 12 | MCStartTerm == Min(MCTerms) 13 | MaxExtend == 3 14 | 15 | MCTypeOK == 16 | \* 4 because of the initial log. 17 | cLogs \in [Servers -> BoundedSeq(Terms, 4 + MaxExtend)] 18 | 19 | MCSeq(S) == 20 | BoundedSeq(S, MaxExtend) 21 | 22 | \* Limit length of logs to terminate model checking. 23 | MaxLogLengthConstraint == 24 | \A i \in Servers : 25 | Len(cLogs[i]) <= 7 26 | ==== -------------------------------------------------------------------------------- /tla/consistency/Consistency.cfg: -------------------------------------------------------------------------------- 1 | SPECIFICATION Spec 2 | 3 | CHECK_DEADLOCK 4 | FALSE 5 | -------------------------------------------------------------------------------- /tla/consistency/MCMultiNodeCommitReachability.cfg: -------------------------------------------------------------------------------- 1 | SPECIFICATION MCSpecMultiNodeReads 2 | 3 | CONSTANTS 4 | FirstBranch = 1 5 | HistoryLimit = 6 6 | ViewLimit = 1 7 | 8 | RwTxRequest = T_RwTxRequest 9 | RwTxResponse = T_RwTxResponse 10 | RoTxRequest = T_RoTxRequest 11 | RoTxResponse = T_RoTxResponse 12 | TxStatusReceived = T_TxStatusReceived 13 | 14 | CommittedStatus = S_CommittedStatus 15 | InvalidStatus = S_InvalidStatus 16 | 17 | INVARIANTS 18 | MultiCommittedTxDebugInv 19 | 20 | CHECK_DEADLOCK 21 | FALSE 22 | -------------------------------------------------------------------------------- /tla/consistency/MCMultiNodeInvalidReachability.cfg: -------------------------------------------------------------------------------- 1 | SPECIFICATION MCSpecMultiNodeReads 2 | 3 | CONSTANTS 4 | FirstBranch = 1 5 | HistoryLimit = 7 6 | ViewLimit = 2 7 | 8 | RwTxRequest = T_RwTxRequest 9 | RwTxResponse = T_RwTxResponse 10 | RoTxRequest = T_RoTxRequest 11 | RoTxResponse = T_RoTxResponse 12 | TxStatusReceived = T_TxStatusReceived 13 | 14 | CommittedStatus = S_CommittedStatus 15 | InvalidStatus = S_InvalidStatus 16 | 17 | INVARIANTS 18 | SomeInvalidTxDebugInv 19 | 20 | CHECK_DEADLOCK 21 | FALSE -------------------------------------------------------------------------------- /tla/consistency/MCMultiNodeReads.tla: -------------------------------------------------------------------------------- 1 | ---- MODULE MCMultiNodeReads ---- 2 | \* Bounded version of MultiNodeReads 3 | 4 | EXTENDS MCSingleNodeReads, MCMultiNode 5 | 6 | MCNextMultiNodeReadsAction == 7 | \/ MCNextMultiNodeAction 8 | \/ MCRoTxRequestAction 9 | \/ MCRoTxResponseAction 10 | 11 | MCSpecMultiNodeReads == Init /\ [][MCNextMultiNodeReadsAction]_vars 12 | 13 | ==== -------------------------------------------------------------------------------- /tla/consistency/MCMultiNodeReadsNotLinearizable.cfg: -------------------------------------------------------------------------------- 1 | SPECIFICATION MCSpecMultiNodeReads 2 | 3 | CONSTANTS 4 | FirstBranch = 1 5 | HistoryLimit = 8 6 | ViewLimit = 2 7 | 8 | RwTxRequest = T_RwTxRequest 9 | RwTxResponse = T_RwTxResponse 10 | RoTxRequest = T_RoTxRequest 11 | RoTxResponse = T_RoTxResponse 12 | TxStatusReceived = T_TxStatusReceived 13 | 14 | CommittedStatus = S_CommittedStatus 15 | InvalidStatus = S_InvalidStatus 16 | INVARIANTS 17 | AllCommittedObservedRoInv 18 | 19 | CHECK_DEADLOCK 20 | FALSE 21 | -------------------------------------------------------------------------------- /tla/consistency/MCSingleNodeCommitReachability.cfg: -------------------------------------------------------------------------------- 1 | SPECIFICATION MCSpecSingleNode 2 | 3 | CONSTANTS 4 | FirstBranch = 1 5 | HistoryLimit = 3 6 | 7 | RwTxRequest = T_RwTxRequest 8 | RwTxResponse = T_RwTxResponse 9 | RoTxRequest = T_RoTxRequest 10 | RoTxResponse = T_RoTxResponse 11 | TxStatusReceived = T_TxStatusReceived 12 | 13 | CommittedStatus = S_CommittedStatus 14 | InvalidStatus = S_InvalidStatus 15 | 16 | INVARIANTS 17 | SomeCommittedTxDebugInv 18 | 19 | CHECK_DEADLOCK 20 | FALSE -------------------------------------------------------------------------------- /tla/consistency/MCSingleNodeReads.tla: -------------------------------------------------------------------------------- 1 | ---- MODULE MCSingleNodeReads ---- 2 | \* Bounded version of SingleNodeReads 3 | 4 | EXTENDS SingleNodeReads, MCSingleNode 5 | 6 | MCRoTxRequestAction == 7 | /\ Len(history) < HistoryLimit 8 | /\ RoTxRequestAction 9 | 10 | MCRoTxResponseAction == 11 | /\ Len(history) < HistoryLimit 12 | /\ RoTxResponseAction 13 | 14 | MCNextSingleNodeReadsAction == 15 | \/ MCNextSingleNodeAction 16 | \/ MCRoTxRequestAction 17 | \/ MCRoTxResponseAction 18 | 19 | MCSpecSingleNodeReads == Init /\ [][MCNextSingleNodeReadsAction]_vars 20 | 21 | ==== -------------------------------------------------------------------------------- /tla/consistency/MultiNodeReads.tla: -------------------------------------------------------------------------------- 1 | ---- MODULE MultiNodeReads ---- 2 | \* This specification extends MultiNode to add read-only transactions 3 | 4 | EXTENDS SingleNodeReads, MultiNode 5 | 6 | NextMultiNodeReadsAction == 7 | \/ NextMultiNodeAction 8 | \/ RoTxRequestAction 9 | \/ RoTxResponseAction 10 | 11 | SpecMultiNodeReads == Init /\ [][NextMultiNodeReadsAction]_vars 12 | 13 | ==== -------------------------------------------------------------------------------- /tla/last_line.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the Apache 2.0 License. 4 | 5 | # Extract a summary of the last line in a trace, useful when finding out where a scenario has mismatched 6 | 7 | RED="\033[31m" 8 | NORMAL="\033[0;39m" 9 | 10 | if [ -e "$1" ]; then 11 | echo -ne "$RED" 12 | cat "$1" | jq '.action | last | .[2][1]._logline | "Last matched [" + .h_ts + "] " + .msg.function + " (" + .cmd + ")"' | xargs 13 | echo -ne "$NORMAL" 14 | exit 1 15 | fi 16 | exit 0 -------------------------------------------------------------------------------- /tla/make_traces.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the Apache 2.0 License. 4 | set -ex 5 | 6 | pushd .. 7 | mkdir -p build 8 | pushd build 9 | cmake -GNinja -DCOMPILE_TARGET=virtual -DCMAKE_BUILD_TYPE=Debug -DVERBOSE_LOGGING=ON -DCCF_RAFT_TRACING=ON .. 10 | ninja raft_driver 11 | ./tests.sh -VV -R scenario 12 | popd 13 | popd -------------------------------------------------------------------------------- /tla/requirements.txt: -------------------------------------------------------------------------------- 1 | polars 2 | hvplot 3 | pyarrow -------------------------------------------------------------------------------- /tsan_env_suppressions: -------------------------------------------------------------------------------- 1 | # For ThreadSanitizerSuppressions 2 | # https://github.com/google/sanitizers/wiki/ThreadSanitizerSuppressions 3 | 4 | # Awkward usages of '*' in this file like '/ds/*ring_buffer.h' are necessary to handle the cases where tsan thinks 5 | # src/ds/ring_buffer.h as src/ds/test/../ring_buffer.h for example 6 | 7 | # For partitions_test 8 | deadlock:*/store.h 9 | deadlock:*/untyped_map.h 10 | 11 | # For governance_test 12 | race:*/node/*rpc/*frontend.h 13 | --------------------------------------------------------------------------------