[CRE] [4/5] ConfidentialModule, config, DB migration, syncer routing by nadahalli · Pull Request #21641 · smartcontractkit/chainlink

nadahalli · 2026-03-23T17:01:07Z

Context

Part of #21635 (confidential workflow execution). [4/5] in the series.
Can be reviewed and merged independently.

What this does

Core abstractions for confidential workflow execution:

ConfidentialModule: implements host.ModuleV2, dispatches workflow
execution to TEE enclave via the confidential-workflows capability
instead of running WASM locally. Strategy pattern; the engine is
unchanged.
Syncer routing: tryEngineCreate checks IsConfidential(spec.Attributes).
If true, short-circuits to tryConfidentialEngineCreate. 6-line
early-return, existing path untouched.
DB migration: adds attributes bytea column to workflow_specs_v2.
WorkflowSpec.Attributes: persists on-chain workflow attributes.

Nothing is wired into CRE yet. The routing is inert until PR 5/5.

Dependencies

None. Compiles against develop independently.

github-actions · 2026-03-23T17:01:22Z

👋 nadahalli, thanks for creating this pull request!

To help reviewers, please consider creating future PRs as drafts first. This allows you to self-review and make any final changes before notifying the team.

Once you're ready, you can mark it as "Ready for review" to request feedback. Thanks!

github-actions · 2026-03-23T17:02:13Z

I see you updated files related to core. Please run make gocs in the root directory to add a changeset as well as in the text include at least one of the following tags:

#added For any new functionality added.
#breaking_change For any functionality that requires manual action for the node to boot.
#bugfix For bug fixes.
#changed For any change to the existing functionality.
#db_update For any feature that introduces updates to database schema.
#deprecation_notice For any upcoming deprecation functionality.
#internal For changesets that need to be excluded from the final changelog.
#nops For any feature that is NOP facing and needs to be in the official Release Notes for the release.
#removed For any functionality/config that is removed.
#updated For any functionality that is updated.
#wip For any change that is not ready yet and external communication about it should be held off till it is feature complete.

github-actions · 2026-03-23T17:02:52Z

✅ No conflicts with other open PRs targeting develop

Copilot

Pull request overview

Risk Rating: HIGH

This PR adds the core plumbing for “confidential workflow execution” by persisting on-chain workflow attributes, introducing a ConfidentialModule implementation that delegates execution to the confidential-workflows capability, and routing confidential workflows onto that path. It also introduces gateway + node-side confidential relay handlers and configuration needed for relay DON participation.

Changes:

Persist workflow Attributes (DB + ORM + model) and route confidential workflows to a confidential engine creation path.
Add ConfidentialModule (host.ModuleV2) that dispatches execution to the confidential-workflows capability, including secret identifiers forwarding.
Add confidential relay handler implementations (gateway-side fanout + quorum aggregation; node-side attestation validation + Vault/capability proxy) plus CRE config surface.

Reviewed changes

Copilot reviewed 20 out of 21 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
go.mod	Bumps deps needed for confidential workflow/relay support.
go.sum	Updates checksums for dependency changes.
core/store/migrate/migrations/0295_add_workflow_attributes_column.sql	Adds `attributes` column to `workflow_specs_v2`.
core/services/job/models.go	Adds `WorkflowSpec.Attributes` for DB persistence.
core/services/workflows/artifacts/v2/orm.go	Upsert now writes `attributes` to DB.
core/services/workflows/syncer/v2/handler.go	Persists attributes into specs; routes confidential workflows to confidential engine creation; refactors engine start/register helper.
core/services/workflows/syncer/v2/handler_test.go	Adds tests validating confidential vs non-confidential routing behavior.
core/services/workflows/v2/confidential_module.go	Implements `ConfidentialModule`, attributes parsing, and binary hashing for confidential execution.
core/services/workflows/v2/confidential_module_test.go	Unit tests for attribute parsing, hashing, and capability dispatch behavior.
core/services/workflows/syncer/fetcher.go	Extends file fetcher to accept HTTP(S) URLs for local reads (confidential workflow compatibility).
core/services/workflows/syncer/v2/fetcher.go	Same file-fetcher HTTP(S) URL support for v2 syncer.
core/services/standardcapabilities/conversions/conversions.go	Adds `mock` command/capability ID mapping.
core/services/gateway/handlers/confidentialrelay/handler.go	Adds gateway confidential relay handler (fanout, quorum aggregation, timeouts, metrics).
core/services/gateway/handlers/confidentialrelay/aggregator.go	Adds quorum aggregation logic based on response digest matching.
core/services/gateway/handlers/confidentialrelay/handler_test.go	Adds test coverage for gateway relay handler behaviors (quorum, timeouts, rate limiting, etc.).
core/config/cre_config.go	Extends CRE config interface with `ConfidentialRelay`.
core/config/toml/types.go	Adds `[CRE.ConfidentialRelay]` TOML block and merge behavior.
core/services/chainlink/config_cre.go	Implements `CREConfidentialRelay` accessors for runtime config.
core/capabilities/confidentialrelay/service.go	Adds lifecycle wrapper to create/start node-side relay handler once gateway connector is available.
core/capabilities/confidentialrelay/handler.go	Adds node-side enclave relay handler (attestation verification + Vault/capability proxy).
core/capabilities/confidentialrelay/handler_test.go	Adds tests for node-side relay handler behavior (cap exec, errors, lifecycle).

Scrupulous human review recommended for:

core/services/workflows/syncer/v2/handler.go: tryEngineCreate / tryConfidentialEngineCreate / startAndRegisterEngine flow (engine lifecycle + hook wiring).
core/capabilities/confidentialrelay/handler.go: verifyAttestationHash + request translation into Vault/capability calls (security-sensitive).

Suggested reviewers (per .github/CODEOWNERS):

@smartcontractkit/keystone (workflows + capabilities areas)
@smartcontractkit/capabilities-team (capabilities handlers)
@smartcontractkit/foundations / @smartcontractkit/core (job models, config, deps)

github-actions · 2026-03-23T17:19:49Z

CORA - Analysis Skipped

Reason: The number of code owners (3) is less than the minimum required (5) and/or the number of CODEOWNERS entries with changed files (4) is less than the minimum required (2).

trunk-io · 2026-03-24T11:46:39Z

Failed Test	Failure Summary	Logs
`TestFunctionsConfigPoller/S4Plugin`	The test failed due to an unexpected 'replacement transaction underpriced' error during configuration polling.	Logs ↗︎
`TestConfigPoller`	The test failed because a quarantined flaky test was run despite being marked as such.	Logs ↗︎
`Test_workflowDeletedHandler`	The test 'Test_workflowDeletedHandler' failed during execution.	Logs ↗︎
`Test_StratReconciliation_RetriesWithBackoff`	The test failed due to a timeout while waiting for a specific log or event to appear.	Logs ↗︎

... and 15 more

View Full Report ↗︎ ⋅ Docs

Group string params together in newV2EngineConfig, move SdkName and DebugMode into the constructor, drop unused wid param from confidentialEngineFactory.

The enclave needs an authenticated URL to download WASM binaries from the CRE storage service. BinaryURLResolver resolves the raw on-chain URL into a presigned/ephemeral URL per execution. Nil-safe: falls back to the raw URL when no resolver is set. PR 5/5 (#21642) wires this to the storage service retriever.

host.ExecutionHelper gained EmitUserMetric in chainlink-common #1924.

Bump chainlink-common to pick up OrgId field on WorkflowExecution proto. Read org from the CRE execution context and include it in the proto sent to the enclave, matching the pattern used by the framework executor for VaultDON requests.

Adds a deny-list check in ExecutionHelper.CallCapability() that prevents user workflow steps from invoking internal capabilities like confidential-workflows. The ConfidentialModule bypasses this gate because it calls the registry directly.

Resolve go.mod/go.sum conflicts: take develop's newer chainlink-ccv and chainlink-common versions.

cl-sonarqube-production · 2026-04-16T12:44:36Z

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.2% Duplication on New Code

See analysis details on SonarQube

Copilot AI review requested due to automatic review settings March 23, 2026 17:01

nadahalli requested review from a team as code owners March 23, 2026 17:01

product-security-plaid-production Bot requested a review from MStreet3 March 23, 2026 17:01

nadahalli mentioned this pull request Mar 23, 2026

[CRE] [5/5] Wire confidential workflow execution into CRE #21642

Closed

product-security-plaid-production Bot requested a review from bolekk March 23, 2026 17:01

nadahalli mentioned this pull request Mar 23, 2026

[CRE] Confidential workflow execution #21635

Open

5 tasks

Copilot started reviewing on behalf of nadahalli March 23, 2026 17:02 View session

Copilot AI reviewed Mar 23, 2026

View reviewed changes

Comment thread core/services/workflows/syncer/fetcher.go Outdated

Comment thread core/services/workflows/syncer/v2/fetcher.go Outdated

Comment thread core/capabilities/confidentialrelay/handler.go

nadahalli requested a review from a team as a code owner March 23, 2026 17:19

product-security-plaid-production Bot requested a review from kalverra March 23, 2026 17:19

nadahalli force-pushed the tejaswi/cw-4-confidential-module branch 3 times, most recently from 54fbf1c to e7a3894 Compare March 24, 2026 11:40