6.2 Batcher tests in enclave

[QuentinI]

Closes #<ISSUE_NUMBER>

This PR:

• Pulls docker image for enclave back into the main dockerfile
• Adds infrastructure for building and starting enclaver EIF images to espresso/environment
• Adds infrastructure for batcher-in-enclave tests to espresso/environment, which builds the batcher EIF, registers its PCR0 with attestation verifier and starts the EIF.
• Adds a smoke test for batcher in enclave, which mirrors TestE2eDevNetWithEspressoSimpleTransactions, just with batcher in enclave

This PR does not:

• Fix gas limit issues
• Add any other tests

Key places to review:

How to test this PR:

On a EC2 machine with enclave support:

• cd kurtosis-devnet/
• just op-batcher-enclave-image
• cd ../
• export ESPRESSO_RUN_ENCLAVE_TESTS=true
• go test ./espresso/enclave-tests/... -v -count 1

---

• To see the specific tasks where the Asana app for GitHub is being used, see below:
  • https://app.asana.com/0/0/1210220384389444

[QuentinI]

This is mostly just reformatting according to nixfmt, the only real change is adding enclaver to the devShell.

[dailinsubjam]

Amazing! The test could pass on my ec2 machine. Let's add the test instructions also to the comment on top of the test.

[dailinsubjam]

I haven't had a chance to review all the code yet, will continue later.

[shenkeyao]

Haven't tested this on an EC2 machine yet, but the changes look good!

[shenkeyao]

Could you add the task link to the comment as well? https://app.asana.com/1/1208976916964769/project/1209392461754458/task/1210016054362985?focus=true (I think this is the corresponding task?).

[philippecamacho]

Amazing! The test could pass on my ec2 machine. Let's add the test instructions also to the comment on top of the test.

@dailinsubjam Great indeed. Could you help @QuentinI document how to set up an EC2 instance with an enclave in the Espresso README.md, so that everyone can run the tests on her own?

[dailinsubjam]

@philippecamacho Sure! Instruction on how to setup an enclave-enabled EC2 instance added in https://github.com/EspressoSystems/optimism-espresso-integration/pull/152/files.

[dailinsubjam]

LGTM, there's just too much code for me to go through every detail lol.

[philippecamacho]

I get this error

[ec2-user@ip-172-31-42-29 kurtosis-devnet]$ just op-batcher-enclave-image
error: Variable `KURTOSIS_PACKAGE` has multiple definitions
  ——▶ justfile:51:1
   │
51 │ KURTOSIS_PACKAGE := "github.com/ethpandaops/optimism-package"

[QuentinI]

I get this error

[ec2-user@ip-172-31-42-29 kurtosis-devnet]$ just op-batcher-enclave-image
error: Variable `KURTOSIS_PACKAGE` has multiple definitions
  ——▶ justfile:51:1
   │
51 │ KURTOSIS_PACKAGE := "github.com/ethpandaops/optimism-package"

Oh, this was an uncaught merge error after rebasing onto celo's updates. Fixed.

[philippecamacho]

I get this error now. Maybe I did not configure my EC2 instance correctly.
( I followed Sishan's README.md)

 INFO  enclaver::run > starting egress proxy on vsock port 17002
 INFO  enclaver::vsock > Listening on vsock port 17002
 INFO  enclaver::run   > starting enclave
 ERROR enclaver::nitro_cli > nitro-cli failed (exit status: 39)
 ERROR enclaver::nitro_cli > stderr:
[ E22 ] Insufficient CPUs available in the pool. User provided `cpu-count` is 2, which is more than the configured CPU pool size.
You can increase the CPU pool size by editing the `cpu_count` value from '/etc/nitro_enclaves/allocator.yaml' and then enable the nitro-enclaves-allocator.service.

For more details, please visit https://docs.aws.amazon.com/enclaves/latest/user/cli-errors.html#E22

If you open a support ticket, please provide the error log found at "/var/log/nitro_enclaves/err2025-05-28T14:39:18.206963221+00:00.log"
Failed connections: 1
[ E39 ] Enclave process connection failure. Such error appears when the enclave manager fails to connect to at least one enclave process for retrieving the description information.

For more details, please visit https://docs.aws.amazon.com/enclaves/latest/user/cli-errors.html#E39

If you open a support ticket, please provide the error log found at "/var/log/nitro_enclaves/err2025-05-28T14:39:18.207121071+00:00.log"

 ERROR enclaver::nitro_cli > /var/log/nitro_enclaves/err2025-05-28T14:39:18.206963221+00:00.log:
  Action: Run Enclave
  Subactions:
    Failed to execute command `Run`
    Failed to trigger enclave run
    Failed to get CPU configuration
    Insufficient CPUs available (requested 2, but maximum is 0)
  Root error file: src/enclave_proc/cpu_info.rs
  Root error line: 70
  Version: 1.3.1
 ERROR enclaver::nitro_cli > /var/log/nitro_enclaves/err2025-05-28T14:39:18.207121071+00:00.log:
  Action: Run Enclave
  Subactions:
    Failed to handle all enclave process replies
    Failed to connect to 1 enclave processes
  Root error file: src/enclave_proc_comm.rs
  Root error line: 358
  Version: 1.3.1
Error: failed to run enclave
panic: enclave exited with an error: exit status 1

goroutine 186464 [running]:
github.com/ethereum-optimism/optimism/espresso/environment.(*EnclaverCli).RunEnclave.func1()
	/home/ec2-user/optimism-espresso-integration/espresso/environment/enclave_helpers.go:413 +0x65
created by github.com/ethereum-optimism/optimism/espresso/environment.(*EnclaverCli).RunEnclave in goroutine 157890
	/home/ec2-user/optimism-espresso-integration/espresso/environment/enclave_helpers.go:410 +0x2a5
FAIL	github.com/ethereum-optimism/optimism/espresso/enclave-tests	50.544s

[philippecamacho]

All tests (enclave and no-enclave) passing.
LGTM