Skip to main content

input-verification-executable

Note that type-1 or type-2 markets don't need to run the Input Verification Service (IVS) enclave, hence building the input-verification-executable for such markets isn't required. In the case of type-3 and type-4 markets, the Market Creator is required to build the input-verification-executable which is used to build the IVS enclave.

The input-verification-executable is a server that implements the following APIs/webhooks. It is language-agnostic and can be implemented in any programming language of your choice. However, it must be available as an executable.

A rust-based template for an input-verification-executable

Repo: https://github.com/marlinprotocol/kalypso-base

  1. Clone the repo

    git clone https://github.com/marlinprotocol/kalypso-base
    cd kalypso-base

  2. The repo contains multiple files and directories. We have to modify ./ivs/src/handler.rs.

    ├── bindings
    ├── Cargo.lock
    ├── Cargo.toml
    ├── common
    ├── prover
    ├── LICENSE
    ├── ivs
    │   ├── Cargo.toml
    │   └── src
    │       ├── handler.rs
    │       └── main.rs
    └── README.m

    You will need to add logic to the following API handlers:

    a. Check the input and syntax as below.

    ./ivs/src/handler.rs
    #[post("/checkInputs")]
    async fn check_input_handler(_payload: web::Json<common::InputPayload>) -> impl Responder {
        // receive inputs
        // check if the input follows the correct format
        common::response(
            "Check Inputs API is not implemented",
            StatusCode::NOT_IMPLEMENTED,
            None,
        )
    }

    b. Ignore /checkEncryptedInputs as this is not required in markets with only public inputs.

    ./ivs/src/handler.rs
    #[post("/checkEncryptedInputs")]
    async fn check_enc_handler(_payload: web::Json<common::EncryptedInputPayload>) -> impl Responder {
        common::response(
            "Check Encrypted Inputs API is not implemented",
            StatusCode::NOT_IMPLEMENTED,
            None,
        )
    }

    c. This endpoint responds with a signed message in the specified format in case the input is invalid.

    ./ivs/src/handler.rs
    #[post("/checkInputsWithSignature")]
    async fn check_input_with_signature(_payload: web::Json<common::AskPayload>) -> impl Responder {
        // use common::secret_inputs_helpers to decrypt the encrypted payload

        // if inputs are wrong, send signature
        let values = vec![ ethers::abi::Token::Uint(_payload.ask.askId, _payload.ask.proverData) ];

        let encoded = ethers::abi::encode(&values);
        let digest = ethers::utils::keccak256(encoded);

        let signature = matching_engine_signer
            .sign_message(ethers::types::H256(digest))
            .await?;

        common::response(
            "Check Inputs with signature is not implemented",
            StatusCode::NOT_IMPLEMENTED,
            None,
        )
    }

    d. Verify Inputs and Proofs. Returns true/false based on inputs and proofs received

    ./ivs/src/handler.rs
    #[post("/verifyInputsAndProof")]
    async fn verify_inputs_and_proof(_payload: web::Json<common::InputPayload>) -> impl Responder {
        // use common::secret_inputs_helpers to decrypt the encrypted payload
        common::response(
            "Check Inputs with signature is not implemented",
            StatusCode::NOT_IMPLEMENTED,
            None,
        )
    }

    For better clarity on payloads and responses, refer the APIs shared above.

  3. Once done, create the executable. Make sure the right tool chain and setting is used, else the executable won't run inside the enclave.

    .cargo/config.toml
    [build]
    target = "x86_64-unknown-linux-musl"

    [target.'cfg(target_os = "linux")']
    rustflags = ["-C", "target-feature=+crt-static"]

    Build the executable

    cargo build --release

    Copy and save your executable

    cp ./target/x86_64-unknown-linux-musl/release/ivs input-verification-executable