diff --git a/apps/mtcs/enclave/src/mtcs_server.rs b/apps/mtcs/enclave/src/mtcs_server.rs index 1bd2f141..ec1e23b0 100644 --- a/apps/mtcs/enclave/src/mtcs_server.rs +++ b/apps/mtcs/enclave/src/mtcs_server.rs @@ -17,7 +17,7 @@ use mtcs::{ }; use quartz_common::{ contract::{msg::execute::attested::RawAttested, state::Config}, - enclave::attestor::Attestor, + enclave::{attestor::Attestor, server::ProofOfPublication}, }; use serde::{Deserialize, Serialize}; use tonic::{Request, Response, Result as TonicResult, Status}; @@ -64,10 +64,21 @@ where &self, request: Request, ) -> TonicResult> { - let message: RunClearingMessage = { + // Light client check + let message: ProofOfPublication = { let message = request.into_inner().message; serde_json::from_str(&message).map_err(|e| Status::invalid_argument(e.to_string()))? }; + + let (proof_value, message) = message + .verify(self.config.light_client_opts()) + .map_err(Status::failed_precondition)?; + + let proof_value_matches_msg = + serde_json::to_string(&message.intents).is_ok_and(|s| s.as_bytes() == proof_value); + if !proof_value_matches_msg { + return Err(Status::failed_precondition("proof verification")); + } // TODO: ensure no duplicates somewhere else! let liquidity_sources: Vec = message.liquidity_sources.into_iter().collect(); diff --git a/cli/src/cli.rs b/cli/src/cli.rs index 65185335..315c286f 100644 --- a/cli/src/cli.rs +++ b/cli/src/cli.rs @@ -65,4 +65,4 @@ pub enum EnclaveCommand { #[clap(long)] path: Option, }, -} \ No newline at end of file +}