The TEEracle demo can be a good starting point for understanding how the TEEracle service provides a trustworthy oracle to an Integritee Node.
The demo sets up an Integritee Node (layer 1 chain) and runs 1 worker that provides the TEER-USD exchange rate. The exchange rate will be updated on the Integritee Node only when it comes from audited code:
- The enclave is registered in the Integritee Node in the teerex pallet -> Proof that the oracle runs on an SGX device.
- The enclave is in the teeracle whitelist -> The running code is reliable because Sudo or the technical committee have audited it.
The CLI client (called by a script) is used to count the ExchangeRateUpdated events and added the enclave to the whitelist.
The sequence is as following:
- Count the exchange rate updates when the enclave is not in the whitelist.
- Add the enclave to the whitelist for the source https://api.coingecko.com/.
- Count the exchange rate updates for that oracle source.
- Add the enclave in the whitelist for a second source, https://pro-api.coinmarketcap.com/
- Count the exchange rate updates for the two oracle sources.
The test passed if
- There are no exchange rate updates before the enclave is added to the whitelist
- The number of exchange rate updates with one trusted oracle > Minimum expected number of events with a single oracle.
- The number of exchange rate updates with two trusted oracles > Minimum expected number of events with two oracles
The demo is executed in docker to set up the the Integritee node and the teeracle, but it essentially runs the demo_teeracle_whitelist.sh script for teeracle's registration process.
In order to run the demo, clone the worker repository:
git clone https://github.com/integritee-network/worker.git
Change directory to
cd docker
Build all necessary images in the docker-compose setup (takes upwards of 10 minutes, depending on your hardware):
{% code overflow="wrap" lineNumbers="true" %}
COMPOSE_DOCKER_CLI_BUILD=1 DOCKER_BUILDKIT=1 docker compose -f <(envsubst < docker-compose.yml) -f <(envsubst < demo-teeracle.yml) build --build-arg WORKER_MODE_ARG=teeracle --build-arg ADDITIONAL_FEATURES_ARG=dcap --build-arg SGX_MODE=SW {% endcode %}
Run the demo in the docker-compose setup:
{% code overflow="wrap" lineNumbers="true" %}
export ADDITIONAL_RUNTIME_FLAGS="--skip-ra"
export TEERACLE_INTERVAL_SECONDS=10
export COINMARKETCAP_KEY=<your own api key. optional>
docker compose -f <(envsubst < docker-compose.yml) -f <(envsubst < demo-teeracle.yml) up demo-teeracle --exit-code-from demo-teeracle{% endcode %}
You will see log output from the worker and the demo service. The first worker is started. The demo service waits for worker to be fully initialized before running. This whole process can take a couple of minutes and will automatically shut down once the demo script ran through.
To see the logs of a specific container, use
docker logs fd-integritee-teeracle-worker--1 -f
The output:
integritee-teeracle-demo | 2022/09/01 08:57:58 Waiting for http://integritee-teeracle-worker:4645/is_initialized: unexpected HTTP status code: 404.
is expected. It results from the demo service integritee-teeracle-demo polling and waiting until teeracle-worker:4645 is initialized.
The demo run will show :
integritee-teeracle-demo | Minimum expected number of events with a single oracle: 3
integritee-teeracle-demo | Minimum expected number of events with two oracles: 6
...
integritee-teeracle-demo | Got 0 exchange rate updates when no trusted oracle source is in the whitelist
...
integritee-teeracle-demo | MRENCLAVE in whitelist for https://api.coingecko.com/
...
integritee-teeracle-demo | Got 4 exchange rate updates from the trusted oracle source in 21 second(s)
...
integritee-teeracle-demo | MRENCLAVE in whitelist for https://pro-api.coinmarketcap.com/
...
integritee-teeracle-demo | Got 7 exchange rate updates from 2 trusted oracle sources in 21 second(s)
The number of events can be different. A successful demo run will show
integritee-teeracle-demo |
integritee-teeracle-demo | Results :
integritee-teeracle-demo | test passed
integritee-teeracle-demo exited with code 0
at the end of the log output, before the docker containers are stopped.
The test can fail for various reasons:
integritee-teeracle-demo | The test ran through but we received ExchangeRateUpdated events before the enclave was added to the whitelist. Was the enclave previously whitelisted? Perhaps by another teeracle?
or
integritee-teeracle-demo | test failed: Not enough events received for single oracle source: $EVENTS_COUNT. Should be greater than $MIN_EXPECTED_NUM_OF_EVENTS
or
integritee-teeracle-demo |test failed: Not enough events received for 2 oracle sources: $EVENTS_COUNT_2. Should be greater than $MIN_EXPECTED_NUM_OF_EVENTS_2
Clean up the container context (including logs):
{% code overflow="wrap" lineNumbers="true" %}
docker-compose -f <(envsubst < docker-compose.yml) -f <(envsubst < demo-teeracle.yml) down{% endcode %}