tendermint: Added conversions from signing requests to consensus states #1147
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0.23.1 was released before informalsystems#1023 or its backport to v0.23.x were merged.
…ems#1020) * Reformat readme Signed-off-by: Thane Thomson <[email protected]> * Expand README to better reflect current repo state/goals Signed-off-by: Thane Thomson <[email protected]> * Reformat contributing guidelines Signed-off-by: Thane Thomson <[email protected]> * Add note about assigning oneself to an issue Signed-off-by: Thane Thomson <[email protected]> * Clarify version/branch correlations Signed-off-by: Thane Thomson <[email protected]> * Fix readme formatting Signed-off-by: Thane Thomson <[email protected]> * Reorganize and deduplicate contributing guidelines Signed-off-by: Thane Thomson <[email protected]> * Format ADR documentation Signed-off-by: Thane Thomson <[email protected]> * Update GitHub issue/PR templates to accommodate new versioning Signed-off-by: Thane Thomson <[email protected]> * Fix spelling of GitHub Signed-off-by: Thane Thomson <[email protected]> * Add note on Tendermint Core version support Signed-off-by: Thane Thomson <[email protected]> * Simplify GitHub templates Signed-off-by: Thane Thomson <[email protected]> * Add version support matrix table to readme Signed-off-by: Thane Thomson <[email protected]> * Remove mention of `dev` branch for now Signed-off-by: Thane Thomson <[email protected]> * Fix versioning section and add note on pinning to patch version for v0.23.x Signed-off-by: Thane Thomson <[email protected]> * Fix typo in ADR readme Signed-off-by: Thane Thomson <[email protected]>
…0.35.0 (informalsystems#1022) * tendermint: add From<Infallible> for Error * Use hex for AppHash Debug formatting * Regenerate protobuf types using tools/proto-compiler. * Regenerate protos against tendermint v0.35.0-rc3. * Remove SetOption-related code in tendermint-abci. * Update imports to reflect protobuf movements. The BlockParams and ConsensusParams structs moved out of the ABCI protos. * Update tendermint-abci to reflect upstream proto changes. * p2p: treat all non-Ed25519 keys as unsupported This fixes a compile error introduced by upstream proto changes that add an Sr25519 variant. * Improve ABCI response code modeling with NonZeroU32 The previous data modeling allowed a user to construct an `Err(0)` value that would be serialized and deserialized as `Ok`. * Use the Bytes type in ABCI protos. * Add conversions between protobuf and chrono types. * tendermint: define Serde for Block in terms of RawBlock This changes the Serialize/Deserialize implementations for Block to convert to/from the proto-generated `RawBlock`, and use the derived serialization for that type. This is much cleaner and more maintainable than keeping Serde annotations for each sub-member of the data structure, because all of the serialization code is kept in one place, and there's only one validation path (the TryFrom conversion from RawBlock to Block) that applies to both kinds of serialization. * tendermint: simpler transaction modeling in Block This changes the Block type to hold the transactions as a plain `Vec<Vec<u8>>`, rather than as a custom `abci::transaction::Data` type (which is itself a wrapper for an `Option<Vec<Transaction>>`, the `Transaction` type being a wrapper for a `Vec<u8>`). This also updates the `Block` getter functions; it's not clear (to me) why they're there, since they access the public fields and aren't used anywhere else. * rpc: take over tendermint::abci The existing contents of the `tendermint::abci` module note that they're only for the purpose of implementing the RPC endpoints, not a general ABCI implementation. Moving that code from the `tendermint` crate to the `tendermint-rpc` crate decouples the RPC interface from improvements to the ABCI domain modeling. Eventually, it would be good to eliminate this code and align it with the new ABCI domain types. * tendermint: add ABCI domain types. These types mirror the generated types in tendermint_proto, but have better naming. The documentation for each request type is adapted from the ABCI Methods and Types spec document. However, the same logical request may appear three times, as a struct with the request data, as a Request variant, and as a CategoryRequest variant. To avoid duplication, this PR uses the `#[doc = include_str!(...)]` functionality stabilized in Rust 1.54 to keep common definitions of the documentation. * tendermint: eliminate &'static str errors in ABCI domain types. * Merge `abci::params::ConsensusParams` with `consensus::Params`. The code in the `abci` module had more complete documentation from the ABCI docs, so I copied it onto the existing structure. * Add hex encoding Serde attribute to Sr25519 keys. * Replace integers with `block::Height`, `vote::Power` * Replace integer with block::Round * Fix tools build by using correct imports Signed-off-by: Thane Thomson <[email protected]> * Fix clippy complaints in tools Signed-off-by: Thane Thomson <[email protected]> * Fix clippy warning Signed-off-by: Thane Thomson <[email protected]> * Fix clippy lints Signed-off-by: Thane Thomson <[email protected]> * Fix more clippy lints Signed-off-by: Thane Thomson <[email protected]> * Fix deprecation notices from ed25519 crate Signed-off-by: Thane Thomson <[email protected]> * Regenerate protos for Tendermint v0.35.0 Signed-off-by: Thane Thomson <[email protected]> * Fix raw bytes conversion in tests/docs Signed-off-by: Thane Thomson <[email protected]> * Add Tendermint v0.35.0 Docker config Signed-off-by: Thane Thomson <[email protected]> * Add Tendermint v0.35.0 Docker image for ABCI integration testing Signed-off-by: Thane Thomson <[email protected]> * Remove RPC deserialization tests The support files for these tests were manually generated some time ago. We should rather favour testing with the `kvstore_fixtures` tests, whose fixtures are automatically generated by our rpc-probe tool. Signed-off-by: Thane Thomson <[email protected]> * Reformat Docker folder readme Signed-off-by: Thane Thomson <[email protected]> * Bump version of Tendermint used in ABCI integration test Signed-off-by: Thane Thomson <[email protected]> * Bump version of Tendermint used in rpc probe Signed-off-by: Thane Thomson <[email protected]> * Bump version of Tendermint used in kvstore integration test Signed-off-by: Thane Thomson <[email protected]> * Bump version of Tendermint used in proto-compiler Signed-off-by: Thane Thomson <[email protected]> * Regenerate kvstore fixtures with rpc-probe for Tendermint v0.35.0 Signed-off-by: Thane Thomson <[email protected]> * Update kvstore integration test to accommodate newly generated fixtures Signed-off-by: Thane Thomson <[email protected]> * Update RPC tests and data structures to accommodate Tendermint v0.35.0 changes Signed-off-by: Thane Thomson <[email protected]> * Update ABCI encoding scheme to accommodate breaking change in tendermint/tendermint#5783 Signed-off-by: Thane Thomson <[email protected]> * Bump Tendermint version in GitHub Actions kvstore integration test Signed-off-by: Thane Thomson <[email protected]> * Add changelog entries to capture breaking changes Signed-off-by: Thane Thomson <[email protected]> * Change tx hash encoding from base64 to hex and update tests Signed-off-by: Thane Thomson <[email protected]> * Add changelog entry for /tx endpoint change Signed-off-by: Thane Thomson <[email protected]> Co-authored-by: Henry de Valence <[email protected]> Co-authored-by: Henry de Valence <[email protected]>
This does not seem to be produced anywhere.
* Fix trivial lints reported by clippy 0.1.57 * Boxing to reduce oversized enum variants * abci: fix one more clippy 0.1.57 lint * Changelog on breaking changes in informalsystems#1041
* pbt-gen: Converted from chrono to time 0.3 chrono has soundness issues (see RUSTSEC-2020-0159) and does not seem to be maintained. * Replace dependency on chrono with time 0.3 Change Time implementation to crate time: chrono has soundness issues (see RUSTSEC-2020-0159) and does not seem to be actively maintained. * Add Time methods checked_add and checked_sub These should be used instead of the overloaded operators that broke the operator convention by returning a Result. * proto: Don't use formatting methods of time Drop the "formatting" feature of time, as this brings in std. * pbt-gen: Add arb_datetime_for_rfc3339 With crate time, the range of supported dates stretches to the ancient past beyond the common era, which is not representable in RFC 3339. Add a generator to produce `OffsetDateTime` values that are within the RFC 3339 spec. * Ensure Time can only have values good for RFC 3339 As the time values are meant for human-readable representation in the RFC 3339 format, make it not possible to construct Time with values that fall outside this standard representation. Conversion from time::OffsetDateTime is made fallible with a TryFrom impl replacing the From impl. Conversion from Unix timestamps is also affected. * rpc: Replaced chrono with time 0.3 * testgen: Replaced chrono with time 0.3 * Less allocatey ways of formatting date-times Provide and use another helper in proto mod serializers::timestamp, one that formats into a provided fmt::Write object rather than allocating a string. * light-client: port from chrono to time * Revert to Add/Sub returning Result * light-client: changed the MBTs from chrono to time * tendermint: Remove a comment referencing chrono We use ErrorDetail::DurationOutOfRange without the source error from the time library because that is uninformative in the context. Also move the DateOutOfRange close with DurationOutOfRange since they can occur in the same operations and are generally similar. * light-client: add std feature for time The clock needs OffsetDateTime::now_utc(). * tendermint: Simplify Time::duration_since * testgen: minor code cleanup * Restrict valid Time years to 1-9999 Exclude year 0 because the spec on Google protobuf Timestamp forbids it. Add more helpers in pbt-gen to produce protobuf-safe values in both OffsetDateTime and RFC 3339 strings. Restrict the property tests to only use the protobuf-safe values where expected. * Test Time::checked_add and Time::checked_sub * Changelog entries for informalsystems#1030 * Improve documentation of tendermint::Time * proto: remove the chrono type conversions The From impls are panicky and do not enforce compliance with protobuf message value restrictions. * tendermint: remove direct uses of chrono types Replace with tendermint::Time. * Harden Timestamp conversions and serde Require the timestamp to be in the validity range (years 1-9999 in UTC) and the nanosecond member value to not exceed 999_999_999. Rename ErrorDetail::TimestampOverflow to TimestampNanosOutOfRange, because the old variant was not very informative (the chained TryFromIntError did not help) and we also use it for the above-range case now which is not an overflow. * Changelog entry about changed error variants * Restore nanosecond range check in Time::from_unix_timestamp Add a unit test to exercise the check. * proto: Improve timestamp::fmt_as_rfc3339_nanos - More ergonomic signature - A non-allocating implementation * Fix component name in changelog for 1030-remove-chrono Co-authored-by: Thane Thomson <[email protected]> * time: Use Self instead of the type name in methods Co-authored-by: Thane Thomson <[email protected]> * Comment on the inner representation of `Time` * Don't alias crate time in testgen * Document the Time::from_utc helper Co-authored-by: Thane Thomson <[email protected]>
…alsystems#1044) Signed-off-by: Thane Thomson <[email protected]>
tendermint uses checked_add/checked_sub methods which were added in time 0.3.5.
* Derive Hash on tendermint::Time Now that we're backed by a data structure with unambiguously unique values, we can make time moments hashable. * Changelog entry for informalsystems#1054 * Update changelog entry with package name Signed-off-by: Thane Thomson <[email protected]> Co-authored-by: Thane Thomson <[email protected]>
Release notes: RustCrypto/elliptic-curves#485
…#1067) * Use ed25519-consensus instead of ed25519-dalek Closes informalsystems#355 (see that issue for more context; `ed25519-consensus` is a fork of `ed25519-zebra` that's Zcash-independent). This change ensures that `tendermint-rs` has the same signature verification as `tendermint`, which uses the validation criteria provided by the Go `ed25519consensus` library. * clippy fixes Co-authored-by: Thane Thomson <[email protected]> * Remove redundant dependency Signed-off-by: Thane Thomson <[email protected]> * cargo fmt Signed-off-by: Thane Thomson <[email protected]> * Add changelog entries Signed-off-by: Thane Thomson <[email protected]> Co-authored-by: Henry de Valence <[email protected]>
* rpc: Switch hyper-proxy to use rustls The rest of the stack already uses rustls for their TLS needs. * Changelog entry for informalsystems#1068
…light-client-verifier` (informalsystems#1071) * Split out verifier parts of tendermint-light-client to tendermint-light-client-verifier * Add Time::now() method behind clock feature * light-client refactor: Re-export new verifier crate from `tendermint-light-client` (informalsystems#1074) * Re-export tendermint_light_client_verifier as verifier from tendermint_light_client Signed-off-by: Thane Thomson <[email protected]> * Remove unnecessary tendermint-light-client import Signed-off-by: Thane Thomson <[email protected]> * Fix crate docs to reflect verifier extraction Signed-off-by: Thane Thomson <[email protected]> * Add changelog entry Signed-off-by: Thane Thomson <[email protected]> * Re-export the original exports in light-client crate Co-authored-by: Thane Thomson <[email protected]>
Signed-off-by: Thane Thomson <[email protected]>
…informalsystems#1081) * Use Time instead of u64 seconds in tendermint-testgen Header * Fix testgen time serialization for MBT
…ems#1082) * Implement Clone for tendermint::PrivateKey Signed-off-by: Thane Thomson <[email protected]> * Add changelog entry Signed-off-by: Thane Thomson <[email protected]>
* Changelog release Signed-off-by: Thane Thomson <[email protected]> * Build changelog Signed-off-by: Thane Thomson <[email protected]> * Bump versions to v0.24.0-pre.1 Signed-off-by: Thane Thomson <[email protected]> * Add tendermint-light-client-verifier crate to release script Signed-off-by: Thane Thomson <[email protected]> * Rebuild changelog Signed-off-by: Thane Thomson <[email protected]> * Update date in changelog and rebuild Signed-off-by: Thane Thomson <[email protected]> * Add readme for tendermint-light-client-verifier Signed-off-by: Thane Thomson <[email protected]>
…s#1084) * Rename kvstore module to common, since it provides common RPC requests Signed-off-by: Thane Thomson <[email protected]> * Rename quick module to kvstore, since it caters exclusively for the kvstore Signed-off-by: Thane Thomson <[email protected]> * Move attribute after comment Signed-off-by: Thane Thomson <[email protected]> * Add support for simple query plan for Gaia Signed-off-by: Thane Thomson <[email protected]> * Enable rustls for wss support Signed-off-by: Thane Thomson <[email protected]> * Fix clippy lint Signed-off-by: Thane Thomson <[email protected]> * Add changelog entry Signed-off-by: Thane Thomson <[email protected]>
Signed-off-by: Thane Thomson <[email protected]>
(informalsystems#1086) * Add convenience method to decode RPC requests from strings Signed-off-by: Thane Thomson <[email protected]> * Add deserialization workaround for validator updates This introduces a (somewhat hacky, yet temporary) approach to being able to deserialize public keys in validator updates until such time that Tendermint addresses the problem. Signed-off-by: Thane Thomson <[email protected]> * Add changelog entry Signed-off-by: Thane Thomson <[email protected]>
…formalsystems#1087) (informalsystems#1088) * Remove tendermint-rpc dependency from tendermint-light-client-verifier * Add CI check for no-std compliance * Fix path to no-std-check Co-authored-by: Soares Chen <[email protected]>
* Make encode_vec() infallible * Add .changelog entry * Undo changes to kvstore * Expand on changelog entry Co-authored-by: Thane Thomson <[email protected]>
* Add block_by_hash RPC endpoint and tests * rpc-probe part of this * Fix comments * Update .changelog/unreleased/features/832-block-by-hash.md Co-authored-by: Thane Thomson <[email protected]> * cargo fmt Co-authored-by: Thane Thomson <[email protected]>
Signed-off-by: Thane Thomson <[email protected]>
* Fix clippy warnings from Rust v1.59.0 Signed-off-by: Thane Thomson <[email protected]> * Workaround for flex-error-related clippy warning Signed-off-by: Thane Thomson <[email protected]> * Upgrade to contracts v0.6.2 and fix clippy errors Signed-off-by: Thane Thomson <[email protected]> * Add changelog entry Signed-off-by: Thane Thomson <[email protected]>
In PeggyJV/ocular#18 we are trying to create a registry of "well-known" chain IDs. I proposed using `tendermint::chain::Id` for this, but to do so we'd need to have a const initializer support. This commit changes the internal representation of `chain::Id` to `Cow<'static, str>`. This permits a `const fn` initializer, but avoids adding a lifetime to `chain::Id` itself. It also adds `chain::Id::new` which is defined as a `const fn`, which can be used to define chain ID constants.
* Update prost to v0.10 * Regenerate protos * Add changelog entry
Signed-off-by: Thane Thomson <[email protected]>
Add an explicit audit config to control its behaviour, also ignore advisory for serde_cbor until resolved. Signed-off-by: xla <[email protected]>
* p2p: Update cargo metadata Signed-off-by: xla <[email protected]> * p2p: Rework transport to be async While it was well-intended the reality is that it's going to be impractical and hinder potential adoption trying to not give in to the sweet siren sounds of the async ecosystem. The author since has changed their stance and adopted a conviction that well tuned and guard-railed async can be workable and lead to maintainable solutions. This change-set is in preparation of bringing in peer and supervisor abstractions as described in the ADR. Signed-off-by: xla <[email protected]>
Signed-off-by: Thane Thomson <[email protected]>
When reading through the codebase it is apparent that there are glaring inconsistencies when it comes to imports and other smaller style questions. This makes it harder and more time consuming navigating and altering the code. This might be a highly controversial change, depending on your personal believes. Signed-off-by: xla <[email protected]>
* light-client: Rename ProdIo to RpcIo The implication of production always has been an unfortunate choice at it assumes implicit consensus of what a production deployment environment entails. Instead it does exactly what it says on the tin. Signed-off-by: xla <[email protected]> * light-client: Turn denies into warning To make local development more forgiving while doing larger changes this turns denies into warnings. This should be reasonably safe as long as CI keeps using `-Dwarnings`. Signed-off-by: xla <[email protected]> * light-client: Replace Io trait with async variant While invasive this change transforms the light-client to be async all the way. This touches all places where some I/O is taking place. Achieved by roping in the async-trait[0] crate and dropping the existing `block_on` implementation. Lo, this drops the timeout which guarded the side-effectful operation, which will be reintroduced in a follow-up change. [0] https://github.com/dtolnay/async-trait Signed-off-by: xla <[email protected]> * light-client: Guard rpc calls with timeout During the move to async io the block_on implementation was dropped, which relied on tokio. In said implementation a timeout was enforced to limit the duration of the execution of the given task. To not permanently loose that guard rail this change introduces a timeout implementation based on the futures-timer[0] crate. It supports a wasm environment, which hasn't been validated or assessed yet but should give reasonable confidence that it might work in a `no_std` environment, q.e.d. [0] https://crates.io/crates/futures-timer Signed-off-by: xla <[email protected]> * light-client: Guard rpc calls with timeout During the move to async io the block_on implementation was dropped, which relied on tokio. In said implementation a timeout was enforced to limit the duration of the execution of the given task. To not permanently loose that guard rail this change introduces a timeout implementation based on the futures-timer[0] crate. It supports a wasm environment, which hasn't been validated or assessed yet but should give reasonable confidence that it might work in a `no_std` environment, q.e.d. [0] https://crates.io/crates/futures-timer Signed-off-by: xla <[email protected]> * light-client: Add changelog for async Io changes Signed-off-by: xla <[email protected]> * light-client: Fix import Signed-off-by: xla <[email protected]> * tools: Fix kv-test impl Signed-off-by: xla <[email protected]> * tools: Fix rpc-probe Signed-off-by: xla <[email protected]> * light-client: Fix blocking supervisor handle Signed-off-by: xla <[email protected]> * light-client: Formatting Signed-off-by: xla <[email protected]>
* Fix changelog organization Signed-off-by: Thane Thomson <[email protected]> * Bump version to v0.24.0-pre.2 Signed-off-by: Thane Thomson <[email protected]> * Build changelog for release Signed-off-by: Thane Thomson <[email protected]>
…1126) Signed-off-by: Thane Thomson <[email protected]>
Release notes: RustCrypto/elliptic-curves#548
…lsystems#1130) These crates are both based on `digest` v0.10, which is also the same version used by `k256` v0.11 (informalsystems#1129). Note that the `ripemd160` crate is now deprecated: https://docs.rs/ripemd160/latest/ripemd160/ The `ripemd` crate is the replacement. It has the same maintainers (@RustCrypto), but now combines the former `ripemd160` and `ripemd320` crates into a single crate. Co-authored-by: Thane Thomson <[email protected]>
…ms#1133) * Replace serde_cbor with serde_json * add changelog entry
Signed-off-by: Thane Thomson <[email protected]>
* Fix JSON deserialization of abci::ResponseInfo The fields are annotated with json:"omitempty" in the Go source, so give them default values for Deserialize. The /abci_info endpoint is known to omit the app_version field in some recent revisions of Gaia. * Changelog entry for informalsystems#1131 * Annotate last_block_add_hash with serde(default) The only field of abci::ResponseInfo where it remained missing, to match the json:"omitempty" flag in Go. * rpc: Drop "std" feature from serde_json dependency * Revert "rpc: Drop "std" feature from serde_json dependency" This reverts commit 11396ba.
…s#1144) * Update config file format to Tendermint v0.35 Signed-off-by: Thane Thomson <[email protected]> * Update structs and tests to support v0.35 config format Signed-off-by: Thane Thomson <[email protected]> * Add changelog entry Signed-off-by: Thane Thomson <[email protected]> * Rename TxIndexer::KV back to Kv Signed-off-by: Thane Thomson <[email protected]>
…ions (informalsystems#1137) - `proto-compiler` uses `tonic-build` - tendermint-proto can be compiled with std for the `grpc` feature (as required by the generated `tonic` code) - the primary motivation is the new gRPC-based PrivVal interface in Tendermint 0.35 (see informalsystems#1134)
* rpc: Sanitize slice data accessors for ABCI types It does not make sense to access wrapped data as references to container types &Vec<u8> and &String. Expose the data as slice references instead. * Changelog entry for informalsystems#1140
Codecov Report
@@ Coverage Diff @@
## master #1147 +/- ##
========================================
+ Coverage 64.7% 64.8% +0.1%
========================================
Files 232 232
Lines 15667 15730 +63
========================================
+ Hits 10138 10205 +67
+ Misses 5529 5525 -4
Continue to review full report at Codecov.
|
tomtau
force-pushed
the
fix/validator-fixes
branch
from
f7c3647 to
9d2d10b
Compare
|
@thanethomson I noticed the private key definition in the Tendermint-rs crate (tendermint/src/private_key.rs) didn't a |
|
@thanethomson I noticed there were these two deprecated methods for converting votes and proposals to consensus states: tendermint-rs/tendermint/src/proposal.rs Line 101 in b23d626 tendermint-rs/tendermint/src/vote.rs Line 140 in b23d626 which appear to have a similar aim -- should I "undeprecate" them and fix them? |
tony-iqlusion
approved these changes
Sep 21, 2023
romac
requested changes
Sep 29, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a sub-PR for ADR-011.
(ref: #1134)
.changelog/