Drop unencrypted transactions by default

[matevz]

This PR:

• drops unencrypted eth transaction, if Oasis RPC is enabled (e.g. sapphire) and the data is a wrapped Oasis transaction with CallFormat==Plain
• adds gateway.allow_unencrypted_txs flag to config which enables accepting unencrypted transactions
• adds conf/tests-c10l.yml and use it in Sapphire e2e tests
• enables Oasis RPC in default server.yml config

[codecov]

Codecov Report

Merging #340 (3d3495f) into main (508ca6b) will decrease coverage by 0.09%.
The diff coverage is 56.00%.

❗ Current head 3d3495f differs from pull request most recent head 8e0b48c. Consider uploading reports for the commit 8e0b48c to get more accurate results

@@            Coverage Diff             @@
##             main     #340      +/-   ##
==========================================
- Coverage   60.02%   59.93%   -0.10%     
==========================================
  Files          37       37              
  Lines        4025     4043      +18     
==========================================
+ Hits         2416     2423       +7     
- Misses       1402     1410       +8     
- Partials      207      210       +3     

Impacted Files	Coverage Δ
conf/config.go	43.47% <ø> (ø)
rpc/eth/api.go	51.35% <54.16%> (-0.45%)	⬇️
rpc/apis.go	100.00% <100.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[ptrus]

Maybe it would be nicer to use the default test config (conf/tests.yml) and use ENV variables to set the necessary overrides.

[ptrus]

This looks like a leftover?

[ptrus]

Maybe rename the method to isEncrypted(tx) and only call it if allowUnencryptedTxs is set to false. Then it can also be made a standalone function (and not a method on the api backend), which will make it easy to write some unit tests for it.
It might also make sense to return a more descriptive error on rejection.

if !api.allowUnencryptedTxs && !isEncrypted(ethTx.Data()) {
    logger.Debug("unencrypted transaction rejected", "hash" ..., 
    return common.Hash{}, ErrUnencryptedNotAllowed
}   

[kostko]

Hm, I'm not convinced this belongs in the gateway? Shouldn't this be up to the clients?

[kostko]

This does not seem correct as the data field does not contain an entire SDK transaction, but rather just a call? This should have a corresponding E2E test.

[CedarMist]

Re: discussion with Matevz

Based on the hostname, could we force encrypted transaction?

E.g. sapphire-encrypted-only-rpc.oasis.io

[matevz]

Re: discussion with Matevz

Based on the hostname, could we force encrypted transaction?

E.g. sapphire-encrypted-only-rpc.oasis.io

To put our discussion into context, since we still want to support standard Ethereum transactions, we cannot simply drop all unencrypted ones on the existing public RPC endpoint. But what we can do for c10l dApp developers out there that know they want to use explicitly encrypted txes and queries is to set up another Web3 endpoint that requires encrypted transactions, e.g. encrypted.sapphire.oasis.io.

While this is fine for CLI dApps, where you simply point to a different RPC, it may cause some issues on the frontend MetaMask where the RPC URL should be unique per chain ID.