Disable shield temporarily

pallets/shield/src/benchmarking.rs

@@ -14,10 +14,10 @@ use sp_std::vec;
 // }
 
 /// Helper to build bounded bytes (ciphertext) of a given length.
-fn bounded_ct<const N: u32>(len: usize) -> BoundedVec<u8, ConstU32<N>> {
-    let v = vec![0u8; len];
-    BoundedVec::<u8, ConstU32<N>>::try_from(v).expect("within bound; qed")
-}
+// fn bounded_ct<const N: u32>(len: usize) -> BoundedVec<u8, ConstU32<N>> {
+//     let v = vec![0u8; len];
+//     BoundedVec::<u8, ConstU32<N>>::try_from(v).expect("within bound; qed")
+// }
 
 // /// Seed Aura authorities so `EnsureAuraAuthority` passes for a given sr25519 pubkey.
 // ///
@@ -70,38 +70,38 @@ mod benches {
     //     assert_eq!(stored, public_key);
     // }
 
-    /// Benchmark `submit_encrypted`.
-    #[benchmark]
-    fn submit_encrypted() {
-        // Any whitelisted caller is fine (no authority requirement).
-        let who: T::AccountId = whitelisted_caller();
+    // Benchmark `submit_encrypted`.
+    // #[benchmark]
+    // fn submit_encrypted() {
+    //     // Any whitelisted caller is fine (no authority requirement).
+    //     let who: T::AccountId = whitelisted_caller();
 
-        // Dummy commitment and ciphertext (bounded to 8192).
-        let commitment: T::Hash = <T as frame_system::Config>::Hashing::hash(b"bench-commitment");
-        const CT_DEFAULT_LEN: usize = 256;
-        let ciphertext: BoundedVec<u8, ConstU32<8192>> = super::bounded_ct::<8192>(CT_DEFAULT_LEN);
+    //     // Dummy commitment and ciphertext (bounded to 8192).
+    //     let commitment: T::Hash = <T as frame_system::Config>::Hashing::hash(b"bench-commitment");
+    //     const CT_DEFAULT_LEN: usize = 256;
+    //     let ciphertext: BoundedVec<u8, ConstU32<8192>> = super::bounded_ct::<8192>(CT_DEFAULT_LEN);
 
-        // Pre-compute expected id to assert postconditions.
-        let id: T::Hash =
-            <T as frame_system::Config>::Hashing::hash_of(&(who.clone(), commitment, &ciphertext));
+    //     // Pre-compute expected id to assert postconditions.
+    //     let id: T::Hash =
+    //         <T as frame_system::Config>::Hashing::hash_of(&(who.clone(), commitment, &ciphertext));
 
-        // Measure: dispatch the extrinsic.
-        #[extrinsic_call]
-        submit_encrypted(
-            RawOrigin::Signed(who.clone()),
-            commitment,
-            ciphertext.clone(),
-        );
-
-        // Assert: stored under expected id.
-        let got = Submissions::<T>::get(id).expect("submission must exist");
-        assert_eq!(got.author, who);
-        assert_eq!(
-            got.commitment,
-            <T as frame_system::Config>::Hashing::hash(b"bench-commitment")
-        );
-        assert_eq!(got.ciphertext.as_slice(), ciphertext.as_slice());
-    }
+    //     // Measure: dispatch the extrinsic.
+    //     #[extrinsic_call]
+    //     submit_encrypted(
+    //         RawOrigin::Signed(who.clone()),
+    //         commitment,
+    //         ciphertext.clone(),
+    //     );
+
+    //     // Assert: stored under expected id.
+    //     let got = Submissions::<T>::get(id).expect("submission must exist");
+    //     assert_eq!(got.author, who);
+    //     assert_eq!(
+    //         got.commitment,
+    //         <T as frame_system::Config>::Hashing::hash(b"bench-commitment")
+    //     );
+    //     assert_eq!(got.ciphertext.as_slice(), ciphertext.as_slice());
+    // }
 
     /// Benchmark `mark_decryption_failed`.
     #[benchmark]

pallets/shield/src/lib.rs

@@ -167,6 +167,8 @@ pub mod pallet {
         KeyExpired,
         /// The provided `key_hash` does not match the expected epoch key hash.
         KeyHashMismatch,
+        /// The shield is disabled while upgrading.
+        ShieldDisabledWhileUpgrading,
     }
 
     // ----------------- Hooks -----------------
@@ -250,7 +252,7 @@ pub mod pallet {
             Weight::from_parts(20_999_999_999, 0)
                 .saturating_add(T::DbWeight::get().reads(1_u64))
                 .saturating_add(T::DbWeight::get().writes(1_u64)),
-            DispatchClass::Operational,
+            DispatchClass::Normal,
             Pays::Yes
         ))]
         #[allow(clippy::useless_conversion)]
@@ -301,26 +303,11 @@ pub mod pallet {
             Pays::Yes,
         ))]
         pub fn submit_encrypted(
-            origin: OriginFor<T>,
-            commitment: T::Hash,
-            ciphertext: BoundedVec<u8, ConstU32<8192>>,
+            _origin: OriginFor<T>,
+            _commitment: T::Hash,
+            _ciphertext: BoundedVec<u8, ConstU32<8192>>,
         ) -> DispatchResult {
-            let who = ensure_signed(origin)?;
-
-            let id: T::Hash = T::Hashing::hash_of(&(who.clone(), commitment, &ciphertext));
-            let sub = Submission::<T::AccountId, BlockNumberFor<T>, T::Hash> {
-                author: who.clone(),
-                commitment,
-                ciphertext,
-                submitted_in: <frame_system::Pallet<T>>::block_number(),
-            };
-            ensure!(
-                !Submissions::<T>::contains_key(id),
-                Error::<T>::SubmissionAlreadyExists
-            );
-            Submissions::<T>::insert(id, sub);
-            Self::deposit_event(Event::EncryptedSubmitted { id, who });
-            Ok(())
+            Err(Error::<T>::ShieldDisabledWhileUpgrading.into())
         }
 
         /// Marks a submission as failed to decrypt and removes it from storage.