refactor: remove smsDebugURL and related debug configurations (#518)

Author: Le-Caignec

packages/sdk/src/config/config.ts

@@ -7,7 +7,6 @@ export interface ChainConfig {
   subgraphUrl?: string;
   ipfsGateway?: string;
   ipfsNode?: string;
-  smsDebugURL?: string;
   workerpoolAddress?: string;
   isExperimental?: boolean;
 }
@@ -22,7 +21,6 @@ const CHAIN_CONFIG: Record<ChainId, ChainConfig> = {
       'https://thegraph.iex.ec/subgraphs/name/bellecour/dataprotector-v2',
     ipfsGateway: 'https://ipfs-gateway.v8-bellecour.iex.ec',
     ipfsNode: 'https://ipfs-upload.v8-bellecour.iex.ec',
-    smsDebugURL: 'https://sms-debug.iex.ec',
     workerpoolAddress: 'prod-v8-bellecour.main.pools.iexec.eth',
   },
   // Arbitrum Sepolia
@@ -34,7 +32,6 @@ const CHAIN_CONFIG: Record<ChainId, ChainConfig> = {
       'https://thegraph.arbitrum-sepolia-testnet.iex.ec/api/subgraphs/id/5YjRPLtjS6GH6bB4yY55Qg4HzwtRGQ8TaHtGf9UBWWd',
     ipfsGateway: 'https://ipfs-gateway.arbitrum-sepolia-testnet.iex.ec',
     ipfsNode: 'https://ipfs-upload.arbitrum-sepolia-testnet.iex.ec',
-    smsDebugURL: 'https://sms.arbitrum-sepolia-testnet.iex.ec', // ⚠️ default SMS is a debug SMS
     workerpoolAddress: '0xB967057a21dc6A66A29721d96b8Aa7454B7c383F',
     isExperimental: true,
   },
@@ -47,7 +44,6 @@ const CHAIN_CONFIG: Record<ChainId, ChainConfig> = {
       'https://thegraph.arbitrum.iex.ec/api/subgraphs/id/Ep5zs5zVr4tDiVuQJepUu51e5eWYJpka624X4DMBxe3u',
     ipfsGateway: 'https://ipfs-gateway.arbitrum-mainnet.iex.ec',
     ipfsNode: 'https://ipfs-upload.arbitrum-mainnet.iex.ec',
-    smsDebugURL: 'https://sms-debug.arbitrum-mainnet.iex.ec',
     workerpoolAddress: '0x2C06263943180Cc024dAFfeEe15612DB6e5fD248',
   },
 };

packages/sdk/src/lib/IExecDataProtectorModule.ts

@@ -27,7 +27,6 @@ interface IExecDataProtectorResolvedConfig {
   ipfsGateway: string;
   defaultWorkerpool: string;
   iexec: IExec;
-  iexecDebug: IExec;
 }
 
 abstract class IExecDataProtectorModule {
@@ -47,8 +46,6 @@ abstract class IExecDataProtectorModule {
 
   protected iexec!: IExec;
 
-  protected iexecDebug!: IExec;
-
   private initPromise: Promise<void> | null = null;
 
   private ethProvider: EthersCompatibleProvider;
@@ -73,7 +70,6 @@ abstract class IExecDataProtectorModule {
         this.ipfsGateway = config.ipfsGateway;
         this.defaultWorkerpool = config.defaultWorkerpool;
         this.iexec = config.iexec;
-        this.iexecDebug = config.iexecDebug;
       });
     }
     return this.initPromise;
@@ -97,9 +93,6 @@ abstract class IExecDataProtectorModule {
       this.options?.ipfsGateway || chainDefaultConfig?.ipfsGateway;
     const defaultWorkerpool = chainDefaultConfig?.workerpoolAddress;
     const ipfsNode = this.options?.ipfsNode || chainDefaultConfig?.ipfsNode;
-    const smsURL =
-      this.options?.iexecOptions?.smsDebugURL ||
-      chainDefaultConfig?.smsDebugURL;
 
     const missing = [];
     if (!subgraphUrl) missing.push('subgraphUrl');
@@ -109,7 +102,6 @@ abstract class IExecDataProtectorModule {
     if (!ipfsGateway) missing.push('ipfsGateway');
     if (!defaultWorkerpool) missing.push('defaultWorkerpool');
     if (!ipfsNode) missing.push('ipfsNode');
-    if (!smsURL) missing.push('smsDebugURL');
 
     if (missing.length > 0) {
       throw new Error(
@@ -119,7 +111,7 @@ abstract class IExecDataProtectorModule {
       );
     }
 
-    let iexec: IExec, iexecDebug: IExec, graphQLClient: GraphQLClient;
+    let iexec: IExec, graphQLClient: GraphQLClient;
 
     try {
       iexec = new IExec(
@@ -130,16 +122,6 @@ abstract class IExecDataProtectorModule {
           allowExperimentalNetworks: this.options.allowExperimentalNetworks,
         }
       );
-
-      iexecDebug = new IExec(
-        { ethProvider: this.ethProvider },
-        {
-          ipfsGatewayURL: ipfsGateway,
-          ...this.options?.iexecOptions,
-          smsURL,
-          allowExperimentalNetworks: this.options.allowExperimentalNetworks,
-        }
-      );
     } catch (e: any) {
       throw new Error(`Unsupported ethProvider: ${e.message}`);
     }
@@ -158,7 +140,6 @@ abstract class IExecDataProtectorModule {
       ipfsNode,
       ipfsGateway,
       iexec,
-      iexecDebug,
     };
   }
 }

packages/sdk/src/lib/dataProtectorCore/IExecDataProtectorCore.ts

@@ -41,7 +41,6 @@ class IExecDataProtectorCore extends IExecDataProtectorModule {
       ipfsGateway: this.ipfsGateway,
       arweaveUploadApi: this.arweaveUploadApi,
       iexec: this.iexec,
-      iexecDebug: this.iexecDebug,
     });
   }
 

packages/sdk/src/lib/dataProtectorCore/protectData.ts

@@ -35,7 +35,6 @@ import {
   ArweaveUploadConsumer,
   DataProtectorContractConsumer,
   IExecConsumer,
-  IExecDebugConsumer,
 } from '../types/internalTypes.js';
 import { getDataProtectorCoreContract } from './smartContract/getDataProtectorCoreContract.js';
 
@@ -45,18 +44,15 @@ export type ProtectData = typeof protectData;
 
 export const protectData = async ({
   iexec = throwIfMissing(),
-  iexecDebug = throwIfMissing(),
   dataprotectorContractAddress,
   name = DEFAULT_DATA_NAME,
   uploadMode = 'ipfs',
   ipfsNode,
   ipfsGateway,
   arweaveUploadApi,
-  allowDebug = false,
   data,
   onStatusUpdate = () => {},
 }: IExecConsumer &
-  IExecDebugConsumer &
   DataProtectorContractConsumer &
   IpfsNodeAndGateway &
   ArweaveUploadConsumer &
@@ -287,35 +283,6 @@ export const protectData = async ({
       },
     });
 
-    if (allowDebug === true) {
-      // share secret with scone debug SMS
-      vOnStatusUpdate({
-        title: 'PUSH_SECRET_TO_DEBUG_SMS',
-        isDone: false,
-        payload: {
-          teeFramework: 'scone',
-        },
-      });
-      await iexecDebug.dataset
-        .pushDatasetSecret(protectedDataAddress, encryptionKey, {
-          teeFramework: 'scone',
-        })
-        .catch((e: Error) => {
-          handleIfProtocolError(e);
-          throw new WorkflowError({
-            message: 'Failed to push protected data encryption key',
-            errorCause: e,
-          });
-        });
-      vOnStatusUpdate({
-        title: 'PUSH_SECRET_TO_DEBUG_SMS',
-        isDone: true,
-        payload: {
-          teeFramework: 'scone',
-        },
-      });
-    }
-
     return {
       name,
       address: protectedDataAddress,

packages/sdk/src/lib/types/commonTypes.ts

@@ -69,7 +69,7 @@ export type DataProtectorConfigOptions = {
    * Options specific to iExec integration.
    * If not provided, default iexec options will be used.
    */
-  iexecOptions?: IExecConfigOptionsExtended;
+  iexecOptions?: IExecConfigOptions;
 
   /**
    * if true allows using a provider connected to an experimental networks (default false)
@@ -79,11 +79,6 @@ export type DataProtectorConfigOptions = {
   allowExperimentalNetworks?: boolean;
 };
 
-interface IExecConfigOptionsExtended extends IExecConfigOptions {
-  // adds smsDebugURL to possible options, used ton configure an IExec debug instance seamlessly (no JS doc test purpose only)
-  smsDebugURL?: string;
-}
-
 // ---------------------ProtectedData Schema Types------------------------------------
 export type MimeType =
   | 'application/octet-stream'

packages/sdk/src/lib/types/coreTypes.ts

@@ -40,8 +40,7 @@ export type ProtectDataStatuses =
   | 'ENCRYPT_FILE'
   | 'UPLOAD_ENCRYPTED_FILE'
   | 'DEPLOY_PROTECTED_DATA'
-  | 'PUSH_SECRET_TO_SMS'
-  | 'PUSH_SECRET_TO_DEBUG_SMS';
+  | 'PUSH_SECRET_TO_SMS';
 
 export type OneProtectDataStatus = {
   title: ProtectDataStatuses;
@@ -62,16 +61,6 @@ export type ProtectDataParams = {
    */
   name?: string;
 
-  /**
-   * allow to use the protected data in TEE debug apps (default `false`)
-   *
-   * ⚠️ TEE debug apps runs in enclave simulation mode which does not prevent the worker host to inspect data or temper the app output.
-   * You should never set this parameter to `true` with real data, use it for development purpose only.
-   *
-   * setting this parameter to `true` adds a signature request to the protectData workflow, this signature is used to push the protected data encryption key to the debug Secret Management System
-   */
-  allowDebug?: boolean;
-
   /**
    * specify the platform used for storing the encrypted payload of the protected data
    *

packages/sdk/src/lib/types/internalTypes.ts

@@ -6,13 +6,6 @@ export type IExecConsumer = {
   iexec: IExec;
 };
 
-export type IExecDebugConsumer = {
-  /**
-   * iexec instance connected to debug SMS
-   */
-  iexecDebug: IExec;
-};
-
 export type DataProtectorContractConsumer = {
   dataprotectorContractAddress: AddressOrENS;
 };

packages/sdk/tests/docker-compose.yml

@@ -37,27 +37,6 @@ services:
       bellecour-fork:
         condition: service_healthy
 
-  sms-debug:
-    image: iexechub/iexec-sms:8.7.0
-    restart: unless-stopped
-    environment:
-      JAVA_TOOL_OPTIONS: '-Xmx256M'
-      IEXEC_SMS_BLOCKCHAIN_NODE_ADDRESS: http://bellecour-fork:8545
-      IEXEC_HUB_ADDRESS: '0x3eca1B216A7DF1C7689aEb259fFB83ADFB894E7f'
-      IEXEC_SMS_TEE_RUNTIME_FRAMEWORK: scone
-      IEXEC_SMS_IMAGE_LAS_IMAGE: 'las-image'
-      IEXEC_TEE_WORKER_PRE_COMPUTE_IMAGE: 'pre-compute-image'
-      IEXEC_TEE_WORKER_PRE_COMPUTE_FINGERPRINT: 'pre-compute-fingerprint'
-      IEXEC_TEE_WORKER_POST_COMPUTE_IMAGE: 'post-compute-image'
-      IEXEC_TEE_WORKER_POST_COMPUTE_FINGERPRINT: 'post-compute-fingerprint'
-    ports:
-      - 13301:13300
-    healthcheck:
-      test: curl -f localhost:13300/actuator/health || exit 1
-    depends_on:
-      bellecour-fork:
-        condition: service_healthy
-
   result-proxy:
     image: iexechub/iexec-result-proxy:7.1.0
     restart: unless-stopped
@@ -245,8 +224,6 @@ services:
         condition: service_healthy
       sms:
         condition: service_healthy
-      sms-debug:
-        condition: service_healthy
       market-watcher:
         condition: service_started
       market-api: