go: Per-role quote policies

[martintomazic]

Wip.

Closes #6387, follows #6331

TODO:

• Write corresponding rust code runtime/src/...
• Write tests
• Hide behind feature flag and ensure emptiness of the per role policy before it is enabled.

[netlify]

✅ Deploy Preview for oasisprotocol-oasis-core ready!

Name	Link
🔨 Latest commit	db8d2a6
🔍 Latest deploy log	https://app.netlify.com/projects/oasisprotocol-oasis-core/deploys/69414aca19704500084141e9
😎 Deploy Preview	https://deploy-preview-6410--oasisprotocol-oasis-core.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[martintomazic]

NIT: Followed the pattern from the admission policy. Alternative is to pass nodeID and roles (bitmask) by value.

Passing whole struct by reference feels dangerous as accidental mutations in the helper functions (possibly in the future) may affect the logic upstream.

[codecov]

Codecov Report

❌ Patch coverage is 55.96330% with 48 lines in your changes missing coverage. Please review.
✅ Project coverage is 64.51%. Comparing base (d13337b) to head (9e35bd3).

Files with missing lines	Patch %	Lines
go/common/node/sgx.go	23.07%	7 Missing and 3 partials ⚠️
go/common/sgx/quote/quote.go	44.44%	10 Missing ⚠️
go/registry/api/api.go	25.00%	2 Missing and 4 partials ⚠️
go/registry/api/sanity_check.go	58.33%	2 Missing and 3 partials ⚠️
go/common/node/tee.go	20.00%	3 Missing and 1 partial ⚠️
...onsensus/cometbft/apps/keymanager/secrets/epoch.go	50.00%	1 Missing and 1 partial ⚠️
go/consensus/cometbft/apps/registry/messages.go	50.00%	1 Missing and 1 partial ⚠️
...o/consensus/cometbft/apps/registry/transactions.go	84.61%	1 Missing and 1 partial ⚠️
go/consensus/cometbft/apps/scheduler/scheduler.go	71.42%	1 Missing and 1 partial ⚠️
...sensus/cometbft/apps/supplementarysanity/checks.go	60.00%	1 Missing and 1 partial ⚠️
... and 3 more

Additional details and impacted files

@@             Coverage Diff             @@
##           master    #6410       +/-   ##
===========================================
+ Coverage        0   64.51%   +64.51%     
===========================================
  Files           0      698      +698     
  Lines           0    68130    +68130     
===========================================
+ Hits            0    43955    +43955     
- Misses          0    19130    +19130     
- Partials        0     5045     +5045     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[martintomazic]

?

[martintomazic]

cc @peternose | @kostko.

[kostko]

It needs to query verified consensus state via the consensus verifier.

The host cannot spoof the node ID as it is included in the TEE capability which includes a node ID which is checked during on-chain registration.

Binding generated during attestation:

oasis-core/runtime/src/attestation.rs

Lines 143 to 150 in f73f73c

	// Sign the report data, latest verified consensus height, REK and host node ID.
	let consensus_state = self.consensus_verifier.latest_state().await?;
	let height = consensus_state.height();
	let rek = self.identity.public_rek();
	let h = SGXAttestation::hash(&verified_quote.report_data, &node_id, height, &rek);
	let signature = self.identity.sign(ATTESTATION_SIGNATURE_CONTEXT, &h)?;
	Ok(Body::RuntimeCapabilityTEERakQuoteResponse { height, signature })

And verified by consensus during each registration refresh:

oasis-core/go/common/node/sgx.go

Line 250 in f73f73c

return sa.verifyAttestationSignature(sc, rak, rek, verifiedQuote.ReportData, nodeID, height)

We could also change the way the host returns its identity by having the runtime produce a nonce which the host must sign using a special context and return the signature together with the public key. This would prove the host has access to the private key.