better logging and README

Author: avalonche

Cargo.toml

@@ -107,7 +107,7 @@ revm = { version = "24.0.1", features = [
     "optional_balance_check",
 ], default-features = false }
 revm-inspectors = { version = "0.22.0", default-features = false }
-op-revm = { version = "5.0.1", default-features = false }
+op-revm = { version = "5.0.1", features = ["serde"], default-features = false }
 
 ethereum_ssz_derive = "0.9.0"
 ethereum_ssz = "0.9.0"

README.md

@@ -44,6 +44,10 @@ cargo run -p op-rbuilder --bin op-rbuilder -- node \
 
 ### Flashtestations 
 
+Flashtestations is a feature that enables Trusted Execution Environment (TEE) attestation for block building. It provides cryptographic proof that blocks were built within a secure enclave, ensuring the integrity and confidentiality of the block building process.
+
+#### Usage
+
 To run op-rbuilder with flashtestations:
 
 ```bash
@@ -53,14 +57,18 @@ cargo run -p op-rbuilder --bin op-rbuilder --features=flashtestations -- node \
     --authrpc.port 9551 \
     --authrpc.jwtsecret /path/to/jwt.hex \
     --flashtestations.enabled \
-    --flashtestations.rpc-url your-rpc-url \ # rpc to submit the attestation transaction to
     --flashtestations.funding-amount 0.01 \ # amount in ETH to fund the TEE generated key
     --flashtestations.funding-key secret-key \ # funding key for the TEE key
     --flashtestations.registry-address 0xFlashtestationsRegistryAddress \
-    flashtestations.builder-policy-address 0xBuilderPolicyAddress
+    --flashtestations.builder-policy-address 0xBuilderPolicyAddress
 ```
 
-Note that `--rollup.builder-secret-key` must be set and funded in order for the flashtestations key to be funded and submit the attestation on-chain.
+#### Additional CLI Config
+
+- `--flashtestations.enable-block-proofs`: Enable end-of-block transaction proofs that verify the block was built within a TEE
+- `--flashtestations.debug`: Enable debug mode with a deterministic TEE key and debug attestation server for testing and development
+- `--flashtestations.quote-provider <URL>`: Specify a remote URL to provide an attestation instead of generating a quote in process
+- `--flashtestations.rpc-url <URL>`: Use a remote provider to submit attestations to
 
 ## Observability
 
@@ -189,4 +197,4 @@ More instructions on installing and configuring `act` can be found on [their web
 ### Known issues
 
 -   Running actions locally require a Github Token. You can generate one by following instructions on [Github Docs](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens). After generating a token you will need to pass it to `act` either through the command line using `-s GITHUB_TOKEN=<your token>` or by adding it to the `~/.config/act/actrc` file.
--   You might get an error about missing or incompatible `warp-ubuntu-latest-x64-32x` platform. This can be mitigated by adding `-P warp-ubuntu-latest-x64-32x=ghcr.io/catthehacker/ubuntu:act-latest` on the command line when calling `act` or appending this flag to `~/.config/act/actrc`
+-   You might get an error about missing or incompatible `warp-ubuntu-latest-x64-32x` platform. This can be mitigated by adding `-P warp-ubuntu-latest-x64-32x=ghcr.io/catthehacker/ubuntu:act-latest` on the command line when calling `act` or appending this flag to `~/.config/act/actrc`

crates/op-rbuilder/src/builders/builder_tx.rs

@@ -153,11 +153,11 @@ impl StandardBuilderTx {
         Self { signer }
     }
 
-    pub fn simulate_builder_txs(
+    pub fn simulate_builder_tx(
         &self,
         ctx: &OpPayloadBuilderCtx,
         db: &mut State<impl Database<Error = ProviderError>>,
-    ) -> Result<Vec<BuilderTransactionCtx>, BuilderTransactionError> {
+    ) -> Result<Option<BuilderTransactionCtx>, BuilderTransactionError> {
         match self.signer {
             Some(signer) => {
                 let message: Vec<u8> = format!("Block Number: {}", ctx.block_number()).into_bytes();
@@ -166,13 +166,13 @@ impl StandardBuilderTx {
                 let da_size = op_alloy_flz::tx_estimated_size_fjord_bytes(
                     signed_tx.encoded_2718().as_slice(),
                 );
-                Ok(vec![BuilderTransactionCtx {
+                Ok(Some(BuilderTransactionCtx {
                     gas_used,
                     da_size,
                     signed_tx,
-                }])
+                }))
             }
-            None => Ok(vec![]),
+            None => Ok(None),
         }
     }
 
@@ -242,6 +242,7 @@ impl BuilderTransactions for StandardBuilderTx {
         ctx: &OpPayloadBuilderCtx,
         db: &mut State<impl Database<Error = ProviderError>>,
     ) -> Result<Vec<BuilderTransactionCtx>, BuilderTransactionError> {
-        self.simulate_builder_txs(ctx, db)
+        let builder_tx = self.simulate_builder_tx(ctx, db)?;
+        Ok(builder_tx.into_iter().collect())
     }
 }

crates/op-rbuilder/src/flashtestations/args.rs

@@ -24,8 +24,19 @@ pub struct FlashtestationsArgs {
     pub debug: bool,
 
     // Debug url for attestations
-    #[arg(long = "flashtestations.debug-url", env = "FLASHTESTATIONS_DEBUG_URL")]
-    pub debug_url: Option<String>,
+    #[arg(
+        long = "flashtestations.debug-tee-key-seed",
+        env = "FLASHTESTATIONS_DEBUG_TEE_KEY_SEED",
+        default_value = "debug"
+    )]
+    pub debug_tee_key_seed: String,
+
+    // Remote url for attestations
+    #[arg(
+        long = "flashtestations.quote-provider",
+        env = "FLASHTESTATIONS_QUOTE_PROVIDER"
+    )]
+    pub quote_provider: Option<String>,
 
     /// The rpc url to post the onchain attestation requests to
     #[arg(long = "flashtestations.rpc-url", env = "FLASHTESTATIONS_RPC_URL")]

crates/op-rbuilder/src/flashtestations/attestation.rs

@@ -11,8 +11,8 @@ const DEBUG_QUOTE_SERVICE_URL: &str = "http://ns31695324.ip-141-94-163.eu:10080/
 pub struct AttestationConfig {
     /// If true, uses the debug HTTP service instead of real TDX hardware
     pub debug: bool,
-    /// The URL of the debug HTTP service
-    pub debug_url: Option<String>,
+    /// The URL of the quote provider
+    pub quote_provider: Option<String>,
 }
 
 /// Trait for attestation providers
@@ -51,18 +51,18 @@ impl AttestationProvider for TdxAttestationProvider {
     }
 }
 
-/// Debug HTTP service attestation provider
-pub struct DebugAttestationProvider {
+/// Remote HTTP service attestation provider
+pub struct RemoteAttestationProvider {
     service_url: String,
 }
 
-impl DebugAttestationProvider {
+impl RemoteAttestationProvider {
     pub fn new(service_url: String) -> Self {
         Self { service_url }
     }
 }
 
-impl AttestationProvider for DebugAttestationProvider {
+impl AttestationProvider for RemoteAttestationProvider {
     fn get_attestation(&self, report_data: [u8; 64]) -> eyre::Result<Vec<u8>> {
         let report_data_hex = hex::encode(report_data);
         let url = format!("{}/{}", self.service_url, report_data_hex);
@@ -83,10 +83,12 @@ impl AttestationProvider for DebugAttestationProvider {
 pub fn get_attestation_provider(
     config: AttestationConfig,
 ) -> Box<dyn AttestationProvider + Send + Sync> {
-    if config.debug {
-        Box::new(DebugAttestationProvider::new(
+    if let Some(quote_provider) = config.quote_provider {
+        Box::new(RemoteAttestationProvider::new(quote_provider))
+    } else if config.debug {
+        Box::new(RemoteAttestationProvider::new(
             config
-                .debug_url
+                .quote_provider
                 .unwrap_or(DEBUG_QUOTE_SERVICE_URL.to_string()),
         ))
     } else {
@@ -97,7 +99,7 @@ pub fn get_attestation_provider(
         #[cfg(not(feature = "flashtestations"))]
         {
             info!("Using debug attestation provider as flashtestations feature is disabled");
-            Box::new(DebugAttestationProvider::new(
+            Box::new(RemoteAttestationProvider::new(
                 DEBUG_QUOTE_SERVICE_URL.to_string(),
             ))
         }