From ede3edccfe7b4e54efcc59bd1af50da87f06328f Mon Sep 17 00:00:00 2001
From: Noor <noormohammedb@protonmail.com>
Date: Tue, 11 Feb 2025 11:37:40 +0000
Subject: [PATCH] authendication with brain

---
 Cargo.lock    |  2 +-
 src/global.rs |  5 +----
 src/grpc.rs   | 41 +++++++++++++++++++++++++++++------------
 3 files changed, 31 insertions(+), 17 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index e22c3de..885dc22 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -410,7 +410,7 @@ dependencies = [
 [[package]]
 name = "detee-shared"
 version = "0.1.0"
-source = "git+ssh://git@gitea.detee.cloud/noormohammedb/detee-shared?branch=stable_01#606c0ad395e2bad10b93f619a8c9d150ab806108"
+source = "git+ssh://git@gitea.detee.cloud/noormohammedb/detee-shared?branch=stable_01#f2bc29149e32df09508519f3f88cdf880728e6dd"
 dependencies = [
  "base64",
  "prost",
diff --git a/src/global.rs b/src/global.rs
index 7c75ac2..35e2369 100644
--- a/src/global.rs
+++ b/src/global.rs
@@ -5,9 +5,6 @@ use std::fs::File;
 use std::io::Write;
 use std::sync::LazyLock;
 
-pub const NODE_PUBKEY: &str = "0xd0837609aedd53854651210327db90f5c2626188a00e940bbc9eea2c7e6838b7";
-pub const ADMIN_PUBKEY: &str = "0x28a3a71197250b0fa4dd0f86288e07ec9cc78ce3338e21e2ebef84dd7780e3eb";
-
 pub const PACKAGE_ARCHIVE_POSTFIX: &str = "-enclave_packager.tar.gz";
 pub const PACKAGE_ARCHIVE_DIR_PATH: &str = "./enclave_archives";
 pub const PACKAGE_DIR_PATH: &str = "./enclaves";
@@ -21,7 +18,7 @@ pub static IP_INFO: LazyLock<IPInfo> = LazyLock::new(|| get_ip_info().unwrap());
 pub static USED_RESOURCES_PATH: LazyLock<String> = LazyLock::new(|| {
     let home = home::home_dir().unwrap().to_string_lossy().into_owned();
     std::env::var(DETEE_DIR_ENV_NAME)
-        .unwrap_or(format!("{home}/.detee/app_daemon/USED_RESOURCES_PATH.yaml"))
+        .unwrap_or(format!("{home}/.detee/app_daemon/used_resources.yaml"))
 });
 
 pub static DAEMON_CONFIG_PATH: LazyLock<String> = LazyLock::new(|| {
diff --git a/src/grpc.rs b/src/grpc.rs
index 5c827c0..b89a7e3 100644
--- a/src/grpc.rs
+++ b/src/grpc.rs
@@ -1,7 +1,7 @@
 use anyhow::Result;
 use detee_shared::pb::brain::brain_app_daemon_client::BrainAppDaemonClient;
 use detee_shared::pb::brain::{
-    AppContract, BrainMessageApp, DaemonMessageApp, Pubkey, RegisterAppNodeReq,
+    AppContract, BrainMessageApp, DaemonAuth, DaemonMessageApp, RegisterAppNodeReq,
 };
 use tokio::sync::mpsc::Receiver;
 use tokio::sync::mpsc::Sender;
@@ -14,7 +14,6 @@ use tonic::Request;
 
 use crate::global::IP_INFO;
 use crate::global::PUBLIC_KEY;
-use crate::global::{ADMIN_PUBKEY, NODE_PUBKEY};
 
 pub struct ConnectionData {
     pub brain_url: String,
@@ -30,8 +29,8 @@ pub async fn register_node(config: &crate::HostConfig) -> Result<Vec<AppContract
     log::debug!("registering node with brain");
 
     let req = RegisterAppNodeReq {
-        node_pubkey: NODE_PUBKEY.to_string(),
-        owner_pubkey: ADMIN_PUBKEY.to_string(),
+        node_pubkey: PUBLIC_KEY.to_string(),
+        owner_pubkey: config.owner_wallet.clone(),
         main_ip: IP_INFO.ip.clone(),
         city: IP_INFO.city.clone(),
         region: IP_INFO.region.clone(),
@@ -82,6 +81,7 @@ pub async fn connect_and_run(conn_data: ConnectionData) -> Result<()> {
     ));
     streaming_tasks.spawn(send_messages(
         client.clone(),
+        conn_data.app_contracts_uuid.clone(),
         conn_data.daemon_msg_rx,
         conn_data.daemon_msg_tx,
     ));
@@ -91,15 +91,29 @@ pub async fn connect_and_run(conn_data: ConnectionData) -> Result<()> {
     Ok(())
 }
 
+fn sign_stream_auth(contracts: Vec<String>) -> Result<DaemonAuth> {
+    let pubkey = PUBLIC_KEY.clone();
+    let timestamp = chrono::Utc::now().to_rfc3339();
+    let signature =
+        crate::global::sign_message(&(timestamp.to_string() + &format!("{contracts:?}")))?;
+    Ok(DaemonAuth {
+        timestamp,
+        pubkey,
+        contracts,
+        signature,
+    })
+}
+
 pub async fn receive_messages(
     mut client: BrainAppDaemonClient<Channel>,
-    _contracts: Vec<String>,
+    contracts: Vec<String>,
     tx: Sender<BrainMessageApp>,
 ) -> Result<()> {
-    let pubkey = NODE_PUBKEY.to_string();
-
     log::debug!("starting to listen for messages from brain");
-    let mut grpc_stream = client.brain_messages(Pubkey { pubkey }).await?.into_inner();
+    let mut grpc_stream = client
+        .brain_messages(sign_stream_auth(contracts)?)
+        .await?
+        .into_inner();
 
     while let Some(stream_update) = grpc_stream.next().await {
         match stream_update {
@@ -118,14 +132,17 @@ pub async fn receive_messages(
 
 pub async fn send_messages(
     mut client: BrainAppDaemonClient<Channel>,
+    contracts: Vec<String>,
     rx: Receiver<DaemonMessageApp>,
     tx: Sender<DaemonMessageApp>,
 ) -> Result<()> {
-    let pubkey = NODE_PUBKEY.to_string();
-
     let rx_stream = ReceiverStream::new(rx);
-
-    tx.send(pubkey.into()).await?;
+    tx.send(DaemonMessageApp {
+        msg: Some(detee_shared::pb::brain::daemon_message_app::Msg::Auth(
+            sign_stream_auth(contracts)?,
+        )),
+    })
+    .await?;
     client.daemon_messages(rx_stream).await?;
     log::debug!("daemon_messages is about to exit");
     Ok(())