update_commitment.py

'''
Recompute the commitment and derived values from a trace in CBOR format.
'''
import os
from pprint import pprint
import subprocess
import sys
import time

# Path to the witness-checker `commitment_tool` binary
COMMITMENT_TOOL = os.environ['COMMITMENT_TOOL']

def main():
    trace_cbor, = sys.argv[1:]

    p = subprocess.run(
            (COMMITMENT_TOOL,
                'calc',
                '--machine-readable',
                '--randomness-symbol', 'CC_COMMITMENT_RANDOMNESS',
                '--randomness-length', '32',
                '--uncommitted', '.rodata.secret.ssb_events',
                '--uncommitted', '.rodata.secret.ssb_num_valid_events',
                '--uncommitted', '.rodata.secret.ssb_channels',
                '--uncommitted', '.rodata.secret.ssb_threads',
                '--uncommitted', '.rodata.secret.ssb_data',
                trace_cbor),
            check=True,
            stdout=subprocess.PIPE);

    dct = {}
    for line in p.stdout.splitlines():
        line = line.decode('utf-8').strip()
        if line == '' or line.startswith('#'):
            continue
        k, _, v = line.partition('=')
        dct[k.strip()] = v.strip()

    pprint(dct)
    assert len(dct['commitment']) == 64
    assert len(dct['rng_seed']) == 64
    assert len(dct['randomness']) == 64

    now = time.asctime(time.localtime())

    with open('commitment.env', 'w') as f:
        f.write('# AUTO-GENERATED - DO NOT EDIT\n')
        f.write('# Generated by update_commitment.py at %s\n' % now)
        f.write('ssb_commitment=sha256:%s\n' % dct['commitment'])
        f.write('ssb_randomness=%s\n' % dct['randomness'])
    print('updated commitment.env')

    # TODO: for verifier mode, we should read the commitment from
    # `commitment.env` and update `constants/lib.rs` to check that it's right

    with open('constants/lib.rs', 'w') as f:
        f.write('// AUTO-GENERATED - DO NOT EDIT\n')
        f.write('// Generated by update_commitment.py at %s\n' % now)
        f.write('#![no_std]\n')
        f.write('pub const SEED: [u8; 32] = [\n')
        for i in range(0, 32, 8):
            parts = []
            for j in range(i, i + 8):
                parts.append('0x' + dct['rng_seed'][2 * j : 2 * (j + 1)])
            f.write('    %s,\n' % ', '.join(parts))
        f.write('];\n')
    print('updated constants/lib.rs')


if __name__ == '__main__':
    main()