diff --git a/.changelog/716.feature.md b/.changelog/716.feature.md new file mode 100644 index 000000000..05fd902af --- /dev/null +++ b/.changelog/716.feature.md @@ -0,0 +1 @@ +Vendor oasis-core v24.0 diff --git a/analyzer/consensus/convert_tx.go b/analyzer/consensus/convert_tx.go index ad4bf072b..e867a54aa 100644 --- a/analyzer/consensus/convert_tx.go +++ b/analyzer/consensus/convert_tx.go @@ -20,13 +20,15 @@ import ( roothash "github.com/oasisprotocol/nexus/coreapi/v22.2.11/roothash/api" staking "github.com/oasisprotocol/nexus/coreapi/v22.2.11/staking/api" - beaconEden "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" - consensusEden "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api" - governanceEden "github.com/oasisprotocol/nexus/coreapi/v23.0/governance/api" - keymanagerEden "github.com/oasisprotocol/nexus/coreapi/v23.0/keymanager/api" - registryEden "github.com/oasisprotocol/nexus/coreapi/v23.0/registry/api" - roothashEden "github.com/oasisprotocol/nexus/coreapi/v23.0/roothash/api" - stakingEden "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" + beaconEden "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" + consensusEden "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api" + governanceEden "github.com/oasisprotocol/nexus/coreapi/v24.0/governance/api" + keymanagerChurpEden "github.com/oasisprotocol/nexus/coreapi/v24.0/keymanager/churp" + keymanagerSecretsEden "github.com/oasisprotocol/nexus/coreapi/v24.0/keymanager/secrets" + registryEden "github.com/oasisprotocol/nexus/coreapi/v24.0/registry/api" + roothashEden "github.com/oasisprotocol/nexus/coreapi/v24.0/roothash/api" + stakingEden "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" + vaultEden "github.com/oasisprotocol/nexus/coreapi/v24.0/vault/api" ) var bodyTypeForTxMethodCobalt = map[string]interface{}{ @@ -80,9 +82,9 @@ var bodyTypeForTxMethodEden = map[string]interface{}{ "consensus.Meta": consensusEden.BlockMetadata{}, "governance.SubmitProposal": governanceEden.ProposalContent{}, "governance.CastVote": governanceEden.ProposalVote{}, - "keymanager.PublishMasterSecret": keymanagerEden.SignedEncryptedMasterSecret{}, - "keymanager.PublishEphemeralSecret": keymanagerEden.SignedEncryptedEphemeralSecret{}, - "keymanager.UpdatePolicy": keymanagerEden.SignedPolicySGX{}, + "keymanager.PublishMasterSecret": keymanagerSecretsEden.SignedEncryptedMasterSecret{}, + "keymanager.PublishEphemeralSecret": keymanagerSecretsEden.SignedEncryptedEphemeralSecret{}, + "keymanager.UpdatePolicy": keymanagerSecretsEden.SignedPolicySGX{}, "registry.RegisterEntity": entity.SignedEntity{}, "registry.DeregisterEntity": registryEden.DeregisterEntity{}, "registry.RegisterNode": node.MultiSignedNode{}, @@ -99,6 +101,14 @@ var bodyTypeForTxMethodEden = map[string]interface{}{ "staking.AmendCommissionSchedule": stakingEden.AmendCommissionSchedule{}, "staking.Allow": stakingEden.Allow{}, "staking.Withdraw": stakingEden.Withdraw{}, + // Added in v24.0. + "keymanager/churp.Apply": keymanagerChurpEden.ApplicationRequest{}, + "keymanager/churp.Confirm": keymanagerChurpEden.ConfirmationRequest{}, + "keymanager/churp.Create": keymanagerChurpEden.CreateRequest{}, + "keymanager/churp.Update": keymanagerChurpEden.UpdateRequest{}, + "vault.AuthorizeAction": vaultEden.AuthorizeAction{}, + "vault.CancelAction": vaultEden.CancelAction{}, + "vault.Create": vaultEden.Create{}, } type freshnessProofEden struct { diff --git a/api/spec/v1.yaml b/api/spec/v1.yaml index 07ca27fe5..dd2bf16fc 100644 --- a/api/spec/v1.yaml +++ b/api/spec/v1.yaml @@ -1463,6 +1463,14 @@ components: - staking.ReclaimEscrow - staking.Transfer - staking.Withdraw + # Added in v24.0. + - keymanager/churp.Apply + - keymanager/churp.Confirm + - keymanager/churp.Create + - keymanager/churp.Update + - vault.AuthorizeAction + - vault.CancelAction + - vault.Create example: staking.Transfer TransactionList: diff --git a/cmd/bisect/data_fetch.go b/cmd/bisect/data_fetch.go index d9b6a911b..9568cd95c 100644 --- a/cmd/bisect/data_fetch.go +++ b/cmd/bisect/data_fetch.go @@ -7,7 +7,7 @@ import ( "github.com/oasisprotocol/nexus/storage/oasis/nodeapi/history" "github.com/oasisprotocol/nexus/storage/postgres" - staking "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" ) // Returns number of shares delegated by `delegator` to `delegatee` at `height`. diff --git a/cmd/bisect/main.go b/cmd/bisect/main.go index df7d542de..8fcedca70 100644 --- a/cmd/bisect/main.go +++ b/cmd/bisect/main.go @@ -28,7 +28,7 @@ import ( "github.com/oasisprotocol/nexus/storage/oasis/nodeapi/history" "github.com/oasisprotocol/nexus/storage/postgres" - staking "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" ) var logger = log.NewDefaultLogger("cmd/bisect") diff --git a/coreapi/v23.0/staking/api/address.go b/coreapi/v23.0/staking/api/address.go deleted file mode 100644 index 42e6764db..000000000 --- a/coreapi/v23.0/staking/api/address.go +++ /dev/null @@ -1,7 +0,0 @@ -package api - -import ( - original "github.com/oasisprotocol/oasis-core/go/staking/api" -) - -type Address = original.Address diff --git a/coreapi/v23.0/beacon/api/api.go b/coreapi/v24.0/beacon/api/api.go similarity index 100% rename from coreapi/v23.0/beacon/api/api.go rename to coreapi/v24.0/beacon/api/api.go diff --git a/coreapi/v23.0/beacon/api/grpc.go b/coreapi/v24.0/beacon/api/grpc.go similarity index 100% rename from coreapi/v23.0/beacon/api/grpc.go rename to coreapi/v24.0/beacon/api/grpc.go diff --git a/coreapi/v23.0/beacon/api/sanity_check.go b/coreapi/v24.0/beacon/api/sanity_check.go similarity index 100% rename from coreapi/v23.0/beacon/api/sanity_check.go rename to coreapi/v24.0/beacon/api/sanity_check.go diff --git a/coreapi/v23.0/beacon/api/vrf.go b/coreapi/v24.0/beacon/api/vrf.go similarity index 97% rename from coreapi/v23.0/beacon/api/vrf.go rename to coreapi/v24.0/beacon/api/vrf.go index d367a7889..c2dd90245 100644 --- a/coreapi/v23.0/beacon/api/vrf.go +++ b/coreapi/v24.0/beacon/api/vrf.go @@ -1,9 +1,8 @@ package api import ( + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" - - "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api/transaction" ) // GasOpVRFProve is the gas operation identifier for VRF proof submission. diff --git a/coreapi/v23.0/common/node/address.go b/coreapi/v24.0/common/node/address.go similarity index 100% rename from coreapi/v23.0/common/node/address.go rename to coreapi/v24.0/common/node/address.go diff --git a/coreapi/v23.0/common/node/node.go b/coreapi/v24.0/common/node/node.go similarity index 94% rename from coreapi/v23.0/common/node/node.go rename to coreapi/v24.0/common/node/node.go index 4e274610e..236f1a311 100644 --- a/coreapi/v23.0/common/node/node.go +++ b/coreapi/v24.0/common/node/node.go @@ -424,6 +424,22 @@ type CapabilityTEE struct { // Verify verifies the node's TEE capabilities, at the provided timestamp and height. // removed func +// EndorseCapabilityTEESignatureContext is the signature context used for TEE capability endorsement. +// removed var statement + +// EndorsedCapabilityTEE is the endorsed CapabilityTEE structure. +// +// Endorsement is needed for off-chain runtime components where their RAK is not published in the +// consensus layer and verification is part of the runtime itself. Via endorsement one can enforce +// policies like "only components executed by the current compute committee are authorized". +type EndorsedCapabilityTEE struct { + // CapabilityTEE is the TEE capability structure to be endorsed. + CapabilityTEE CapabilityTEE `json:"capability_tee"` + + // NodeEndorsement is the node endorsement signature. + NodeEndorsement signature.Signature `json:"node_endorsement"` +} + // String returns a string representation of itself. func (n *Node) String() string { return "" diff --git a/coreapi/v23.0/common/node/sgx.go b/coreapi/v24.0/common/node/sgx.go similarity index 100% rename from coreapi/v23.0/common/node/sgx.go rename to coreapi/v24.0/common/node/sgx.go diff --git a/coreapi/v23.0/common/node/tee.go b/coreapi/v24.0/common/node/tee.go similarity index 100% rename from coreapi/v23.0/common/node/tee.go rename to coreapi/v24.0/common/node/tee.go diff --git a/coreapi/v23.0/consensus/api/api.go b/coreapi/v24.0/consensus/api/api.go similarity index 96% rename from coreapi/v23.0/consensus/api/api.go rename to coreapi/v24.0/consensus/api/api.go index 524ece111..c4eedeb92 100644 --- a/coreapi/v23.0/consensus/api/api.go +++ b/coreapi/v24.0/consensus/api/api.go @@ -7,17 +7,16 @@ import ( "strings" "time" + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" + "github.com/oasisprotocol/nexus/coreapi/v24.0/common/node" + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction/results" + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" "github.com/oasisprotocol/oasis-core/go/common/cbor" "github.com/oasisprotocol/oasis-core/go/common/crypto/hash" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" "github.com/oasisprotocol/oasis-core/go/common/version" mkvsNode "github.com/oasisprotocol/oasis-core/go/storage/mkvs/node" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" - "github.com/oasisprotocol/nexus/coreapi/v23.0/common/node" - "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api/transaction" - "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api/transaction/results" - staking "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" ) const ( diff --git a/coreapi/v23.0/consensus/api/events/events.go b/coreapi/v24.0/consensus/api/events/events.go similarity index 66% rename from coreapi/v23.0/consensus/api/events/events.go rename to coreapi/v24.0/consensus/api/events/events.go index c6c87631c..add6ac661 100644 --- a/coreapi/v23.0/consensus/api/events/events.go +++ b/coreapi/v24.0/consensus/api/events/events.go @@ -1,5 +1,20 @@ package events +import ( + "sync" +) + +// eventSeparator is the separator used to separate module from event name. +const eventSeparator = "." + +// registeredEvents stores registered event names. +var registeredEvents sync.Map + +// NewEventName creates a new event name. +// +// Module and event must be unique. If they are not, this method will panic. +// removed func + // Provable is an interface implemented by event types which can be proven. // removed interface diff --git a/coreapi/v23.0/consensus/api/grpc.go b/coreapi/v24.0/consensus/api/grpc.go similarity index 98% rename from coreapi/v23.0/consensus/api/grpc.go rename to coreapi/v24.0/consensus/api/grpc.go index 8c38fc759..e7af7b114 100644 --- a/coreapi/v23.0/consensus/api/grpc.go +++ b/coreapi/v24.0/consensus/api/grpc.go @@ -126,5 +126,7 @@ type stateReadSync struct { // removed func +// removed func + // NewConsensusClient creates a new gRPC consensus client service. // removed func diff --git a/coreapi/v23.0/consensus/api/light.go b/coreapi/v24.0/consensus/api/light.go similarity index 96% rename from coreapi/v23.0/consensus/api/light.go rename to coreapi/v24.0/consensus/api/light.go index 82abea77f..dbdba691d 100644 --- a/coreapi/v23.0/consensus/api/light.go +++ b/coreapi/v24.0/consensus/api/light.go @@ -3,9 +3,8 @@ package api import ( "time" + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/genesis" "github.com/oasisprotocol/oasis-core/go/common/crypto/hash" - - "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/genesis" ) // LightService is a consensus light client service. diff --git a/coreapi/v23.0/consensus/api/meta.go b/coreapi/v24.0/consensus/api/meta.go similarity index 100% rename from coreapi/v23.0/consensus/api/meta.go rename to coreapi/v24.0/consensus/api/meta.go diff --git a/coreapi/v23.0/consensus/api/submission.go b/coreapi/v24.0/consensus/api/submission.go similarity index 86% rename from coreapi/v23.0/consensus/api/submission.go rename to coreapi/v24.0/consensus/api/submission.go index a762e967b..9ca7ce8ed 100644 --- a/coreapi/v23.0/consensus/api/submission.go +++ b/coreapi/v24.0/consensus/api/submission.go @@ -2,8 +2,6 @@ package api import ( "time" - - "github.com/oasisprotocol/oasis-core/go/common/quantity" ) const ( @@ -14,22 +12,9 @@ const ( // PriceDiscovery is the consensus fee price discovery interface. // removed interface -type staticPriceDiscovery struct { - price quantity.Quantity -} - -// NewStaticPriceDiscovery creates a price discovery mechanism which always returns the same static -// price specified at construction time. -// removed func - -// removed func - -type noOpPriceDiscovery struct{} - -// removed func - // SubmissionManager is a transaction submission manager interface. // removed interface + // removed type // Implements SubmissionManager. @@ -75,6 +60,10 @@ type noOpPriceDiscovery struct{} // estimation and current gas price discovery. // removed func +type noOpPriceDiscovery struct{} + +// removed func + // NoOpSubmissionManager implements a submission manager that doesn't support submitting transactions. type NoOpSubmissionManager struct{} diff --git a/coreapi/v23.0/consensus/api/transaction/gas.go b/coreapi/v24.0/consensus/api/transaction/gas.go similarity index 100% rename from coreapi/v23.0/consensus/api/transaction/gas.go rename to coreapi/v24.0/consensus/api/transaction/gas.go diff --git a/coreapi/v23.0/consensus/api/transaction/results/results.go b/coreapi/v24.0/consensus/api/transaction/results/results.go similarity index 76% rename from coreapi/v23.0/consensus/api/transaction/results/results.go rename to coreapi/v24.0/consensus/api/transaction/results/results.go index 998935bbb..085eedd49 100644 --- a/coreapi/v23.0/consensus/api/transaction/results/results.go +++ b/coreapi/v24.0/consensus/api/transaction/results/results.go @@ -1,10 +1,10 @@ package results import ( - governance "github.com/oasisprotocol/nexus/coreapi/v23.0/governance/api" - registry "github.com/oasisprotocol/nexus/coreapi/v23.0/registry/api" - roothash "github.com/oasisprotocol/nexus/coreapi/v23.0/roothash/api" - staking "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" + governance "github.com/oasisprotocol/nexus/coreapi/v24.0/governance/api" + registry "github.com/oasisprotocol/nexus/coreapi/v24.0/registry/api" + roothash "github.com/oasisprotocol/nexus/coreapi/v24.0/roothash/api" + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" ) // Event is a consensus service event that may be emitted during processing of diff --git a/coreapi/v23.0/consensus/api/transaction/testvectors/testvectors.go b/coreapi/v24.0/consensus/api/transaction/testvectors/testvectors.go similarity index 95% rename from coreapi/v23.0/consensus/api/transaction/testvectors/testvectors.go rename to coreapi/v24.0/consensus/api/transaction/testvectors/testvectors.go index e3c82324c..dcffe6bf4 100644 --- a/coreapi/v23.0/consensus/api/transaction/testvectors/testvectors.go +++ b/coreapi/v24.0/consensus/api/transaction/testvectors/testvectors.go @@ -1,9 +1,8 @@ package testvectors import ( + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" - - "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api/transaction" ) const keySeedPrefix = "oasis-core test vectors: " diff --git a/coreapi/v23.0/consensus/api/transaction/transaction.go b/coreapi/v24.0/consensus/api/transaction/transaction.go similarity index 100% rename from coreapi/v23.0/consensus/api/transaction/transaction.go rename to coreapi/v24.0/consensus/api/transaction/transaction.go diff --git a/coreapi/v23.0/consensus/genesis/genesis.go b/coreapi/v24.0/consensus/genesis/genesis.go similarity index 92% rename from coreapi/v23.0/consensus/genesis/genesis.go rename to coreapi/v24.0/consensus/genesis/genesis.go index 7331d1a8a..3c0663a3f 100644 --- a/coreapi/v23.0/consensus/genesis/genesis.go +++ b/coreapi/v24.0/consensus/genesis/genesis.go @@ -4,9 +4,8 @@ package genesis import ( "time" + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" - - "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api/transaction" ) // Genesis contains various consensus config flags that should be part of the genesis state. @@ -26,6 +25,9 @@ type Parameters struct { // nolint: maligned MaxBlockGas transaction.Gas `json:"max_block_gas"` MaxEvidenceSize uint64 `json:"max_evidence_size"` + // MinGasPrice is the minimum gas price. + MinGasPrice uint64 `json:"min_gas_price,omitempty"` + // StateCheckpointInterval is the expected state checkpoint interval (in blocks). StateCheckpointInterval uint64 `json:"state_checkpoint_interval"` // StateCheckpointNumKept is the expected minimum number of state checkpoints to keep. diff --git a/coreapi/v23.0/genesis/api/api.go b/coreapi/v24.0/genesis/api/api.go similarity index 79% rename from coreapi/v23.0/genesis/api/api.go rename to coreapi/v24.0/genesis/api/api.go index bd2464e86..f3d338934 100644 --- a/coreapi/v23.0/genesis/api/api.go +++ b/coreapi/v24.0/genesis/api/api.go @@ -4,16 +4,16 @@ package api import ( "time" + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" + consensus "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/genesis" + governance "github.com/oasisprotocol/nexus/coreapi/v24.0/governance/api" + keymanager "github.com/oasisprotocol/nexus/coreapi/v24.0/keymanager/api" + registry "github.com/oasisprotocol/nexus/coreapi/v24.0/registry/api" + roothash "github.com/oasisprotocol/nexus/coreapi/v24.0/roothash/api" + scheduler "github.com/oasisprotocol/nexus/coreapi/v24.0/scheduler/api" + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" + vault "github.com/oasisprotocol/nexus/coreapi/v24.0/vault/api" "github.com/oasisprotocol/oasis-core/go/common/crypto/hash" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" - consensus "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/genesis" - governance "github.com/oasisprotocol/nexus/coreapi/v23.0/governance/api" - keymanager "github.com/oasisprotocol/nexus/coreapi/v23.0/keymanager/api" - registry "github.com/oasisprotocol/nexus/coreapi/v23.0/registry/api" - roothash "github.com/oasisprotocol/nexus/coreapi/v23.0/roothash/api" - scheduler "github.com/oasisprotocol/nexus/coreapi/v23.0/scheduler/api" - staking "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" ) const filePerm = 0o600 @@ -40,6 +40,8 @@ type Document struct { Beacon beacon.Genesis `json:"beacon"` // Governance is the governance genesis state. Governance governance.Genesis `json:"governance"` + // Vault is the optional vault genesis state. + Vault *vault.Genesis `json:"vault,omitempty"` // Consensus is the consensus genesis state. Consensus consensus.Genesis `json:"consensus"` // Extra data is arbitrary extra data that is part of the diff --git a/coreapi/v23.0/genesis/api/sanity_check.go b/coreapi/v24.0/genesis/api/sanity_check.go similarity index 100% rename from coreapi/v23.0/genesis/api/sanity_check.go rename to coreapi/v24.0/genesis/api/sanity_check.go diff --git a/coreapi/v23.0/governance/api/api.go b/coreapi/v24.0/governance/api/api.go similarity index 86% rename from coreapi/v23.0/governance/api/api.go rename to coreapi/v24.0/governance/api/api.go index 689826b38..14e3d369c 100644 --- a/coreapi/v23.0/governance/api/api.go +++ b/coreapi/v24.0/governance/api/api.go @@ -2,27 +2,25 @@ package api import ( + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" + upgrade "github.com/oasisprotocol/nexus/coreapi/v24.0/upgrade/api" "github.com/oasisprotocol/oasis-core/go/common/cbor" "github.com/oasisprotocol/oasis-core/go/common/crypto/hash" "github.com/oasisprotocol/oasis-core/go/common/quantity" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" - "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api/transaction" - staking "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" - upgrade "github.com/oasisprotocol/nexus/coreapi/v23.0/upgrade/api" ) // ModuleName is a unique module name for the governance backend. const ModuleName = "governance" -// ProposalContentInvalidText is the textual representation of an invalid -// ProposalContent. -const ProposalContentInvalidText = "(invalid)" - // removed var block // ProposalContent is a consensus layer governance proposal content. type ProposalContent struct { + // Metadata contains optional proposal metadata which is ignored during proposal execution. + Metadata *ProposalMetadata `json:"metadata,omitempty"` + Upgrade *UpgradeProposal `json:"upgrade,omitempty"` CancelUpgrade *CancelUpgradeProposal `json:"cancel_upgrade,omitempty"` ChangeParameters *ChangeParametersProposal `json:"change_parameters,omitempty"` @@ -45,6 +43,30 @@ type ProposalContent struct { // pretty printing. // removed func +const ( + // MinProposalTitleLength is the minimum length of a proposal's title. + MinProposalTitleLength = 3 + // MaxProposalTitleLength is the maximum length of a proposal's title. + MaxProposalTitleLength = 100 +) + +// ProposalMetadata contains metadata about a proposal. +type ProposalMetadata struct { + // Title is the human-readable proposal title. + Title string `json:"title"` + // Description is the human-readable description. + Description string `json:"description,omitempty"` +} + +// ValidateBasic performs basic proposal metadata validity checks. +// removed func + +// PrettyPrint writes a pretty-printed representation of ProposalMetadata to the given writer. +// removed func + +// PrettyType returns a representation of ProposalMetadata that can be used for pretty printing. +// removed func + // UpgradeProposal is an upgrade proposal. type UpgradeProposal struct { upgrade.Descriptor @@ -175,6 +197,12 @@ type ConsensusParameters struct { // EnableChangeParametersProposal is true iff change parameters proposals are allowed. EnableChangeParametersProposal bool `json:"enable_change_parameters_proposal,omitempty"` + + // AllowVoteWithoutEntity is true iff casting votes without a registered entity is allowed. + AllowVoteWithoutEntity bool `json:"allow_vote_without_entity,omitempty"` + + // AllowProposalMetadata is true iff proposals are allowed to contain metadata. + AllowProposalMetadata bool `json:"allow_proposal_metadata,omitempty"` } // ConsensusParameterChanges are allowed governance consensus parameter changes. diff --git a/coreapi/v23.0/governance/api/grpc.go b/coreapi/v24.0/governance/api/grpc.go similarity index 100% rename from coreapi/v23.0/governance/api/grpc.go rename to coreapi/v24.0/governance/api/grpc.go diff --git a/coreapi/v23.0/governance/api/proposal.go b/coreapi/v24.0/governance/api/proposal.go similarity index 97% rename from coreapi/v23.0/governance/api/proposal.go rename to coreapi/v24.0/governance/api/proposal.go index 55285652a..c6fd30a9f 100644 --- a/coreapi/v23.0/governance/api/proposal.go +++ b/coreapi/v24.0/governance/api/proposal.go @@ -3,10 +3,9 @@ package api import ( "fmt" + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" "github.com/oasisprotocol/oasis-core/go/common/quantity" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" - staking "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" ) // ProposalState is the state of the proposal. diff --git a/coreapi/v23.0/governance/api/sanity_check.go b/coreapi/v24.0/governance/api/sanity_check.go similarity index 100% rename from coreapi/v23.0/governance/api/sanity_check.go rename to coreapi/v24.0/governance/api/sanity_check.go diff --git a/coreapi/v24.0/keymanager/api/api.go b/coreapi/v24.0/keymanager/api/api.go new file mode 100644 index 000000000..53cbc4637 --- /dev/null +++ b/coreapi/v24.0/keymanager/api/api.go @@ -0,0 +1,21 @@ +// Package api implements the key manager management API and common data types. +package api + +import ( + "github.com/oasisprotocol/nexus/coreapi/v24.0/keymanager/secrets" +) + +const ( + // ModuleName is a unique module name for the keymanager module. + ModuleName = "keymanager" +) + +// removed var block + +// Backend is a key manager management implementation. +// removed interface + +// Genesis is the key manager management genesis state. +type Genesis = secrets.Genesis + +// removed func diff --git a/coreapi/v24.0/keymanager/api/grpc.go b/coreapi/v24.0/keymanager/api/grpc.go new file mode 100644 index 000000000..0ddb1ba5c --- /dev/null +++ b/coreapi/v24.0/keymanager/api/grpc.go @@ -0,0 +1,22 @@ +package api + +import ( + "github.com/oasisprotocol/nexus/coreapi/v24.0/keymanager/churp" + "github.com/oasisprotocol/nexus/coreapi/v24.0/keymanager/secrets" +) + +// RegisterService registers a new keymanager backend service with the given gRPC server. +// removed func + +// KeymanagerClient is a gRPC keymanager client. +type KeymanagerClient struct { + secretsClient *secrets.Client + churpClient *churp.Client +} + +// removed func + +// removed func + +// NewKeymanagerClient creates a new gRPC keymanager client service. +// removed func diff --git a/coreapi/v24.0/keymanager/churp/api.go b/coreapi/v24.0/keymanager/churp/api.go new file mode 100644 index 000000000..d91663d38 --- /dev/null +++ b/coreapi/v24.0/keymanager/churp/api.go @@ -0,0 +1,62 @@ +package churp + +import ( + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" + "github.com/oasisprotocol/oasis-core/go/common" +) + +const ( + // ModuleName is the module name for CHURP extension. + ModuleName = "keymanager/churp" +) + +// removed var block + +const ( + // GasOpCreate is the gas operation identifier for creation costs. + GasOpCreate transaction.Op = "create" + // GasOpUpdate is the gas operation identifier for update costs. + GasOpUpdate transaction.Op = "update" + // GasOpApply is the gas operation identifier for application costs. + GasOpApply transaction.Op = "apply" + // GasOpConfirm is the gas operation identifier for confirmation costs. + GasOpConfirm transaction.Op = "confirm" +) + +// DefaultGasCosts are the "default" gas costs for operations. +// removed var statement + +// DefaultConsensusParameters are the "default" consensus parameters. +// removed var statement + +const ( + // StakeClaimScheme is the stake claim template used for creating + // new CHURP schemes. + StakeClaimScheme = "keymanager.churp.Scheme.%s.%d" +) + +// StakeClaim generates a new stake claim identifier for a specific +// scheme creation. +// removed func + +// StakeThresholds returns the staking thresholds. +// removed func + +// NewCreateTx creates a new create transaction. +// removed func + +// NewUpdateTx creates a new update transaction. +// removed func + +// NewApplyTx creates a new apply transaction. +// removed func + +// NewConfirmTx creates a new confirm transaction. +// removed func + +// StatusQuery is a status query by CHURP and runtime ID. +type StatusQuery struct { + Height int64 `json:"height"` + RuntimeID common.Namespace `json:"runtime_id"` + ChurpID uint8 `json:"churp_id"` +} diff --git a/coreapi/v24.0/keymanager/churp/backend.go b/coreapi/v24.0/keymanager/churp/backend.go new file mode 100644 index 000000000..5e939f666 --- /dev/null +++ b/coreapi/v24.0/keymanager/churp/backend.go @@ -0,0 +1,4 @@ +package churp + +// Backend is a CHURP management implementation. +// removed interface diff --git a/coreapi/v24.0/keymanager/churp/events.go b/coreapi/v24.0/keymanager/churp/events.go new file mode 100644 index 000000000..3f6eacd94 --- /dev/null +++ b/coreapi/v24.0/keymanager/churp/events.go @@ -0,0 +1,19 @@ +package churp + +// removed var block + +// CreateEvent is the key manager CHURP create event. +type CreateEvent struct { + Status *Status +} + +// EventKind returns a string representation of this event's kind. +// removed func + +// UpdateEvent is the key manager CHURP update event. +type UpdateEvent struct { + Status *Status +} + +// EventKind returns a string representation of this event's kind. +// removed func diff --git a/coreapi/v24.0/keymanager/churp/grpc.go b/coreapi/v24.0/keymanager/churp/grpc.go new file mode 100644 index 000000000..8f334cf05 --- /dev/null +++ b/coreapi/v24.0/keymanager/churp/grpc.go @@ -0,0 +1,38 @@ +package churp + +import ( + "google.golang.org/grpc" +) + +// removed var block + +// removed func + +// removed func + +// removed func + +// removed func + +// removed func + +// RegisterService registers a new keymanager CHURP backend service with the given gRPC server. +// removed func + +// Client is a gRPC keymanager secrets client. +type Client struct { + conn *grpc.ClientConn +} + +// removed func + +// removed func + +// removed func + +// removed func + +// removed func + +// NewClient creates a new gRPC keymanager CHURP client service. +// removed func diff --git a/coreapi/v24.0/keymanager/churp/policy.go b/coreapi/v24.0/keymanager/churp/policy.go new file mode 100644 index 000000000..d1655e4a4 --- /dev/null +++ b/coreapi/v24.0/keymanager/churp/policy.go @@ -0,0 +1,47 @@ +package churp + +import ( + "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" + "github.com/oasisprotocol/oasis-core/go/common/sgx" +) + +// PolicySGXSignatureContext is the context used to sign PolicySGX documents. +// removed var statement + +// PolicySGX represents an SGX access control policy used to authenticate +// key manager enclaves during handoffs. +type PolicySGX struct { + Identity + + // Serial is the monotonically increasing policy serial number. + Serial uint32 `json:"serial"` + + // MayShare is the vector of enclave identities from which a share can be + // obtained during handouts. + MayShare []sgx.EnclaveIdentity `json:"may_share"` + + // MayJoin is the vector of enclave identities that may form the new + // committee in the next handoffs. + MayJoin []sgx.EnclaveIdentity `json:"may_join"` +} + +// SanityCheck verifies the validity of the policy. +// removed func + +// SignedPolicySGX represents a signed SGX access control policy. +// +// The runtime extension will accept the policy only if all signatures are +// valid, and a sufficient number of trusted policy signers have signed it. +type SignedPolicySGX struct { + // Policy is an SGX access control policy. + Policy PolicySGX `json:"policy"` + + // Signatures is a vector of signatures. + Signatures []signature.Signature `json:"signatures,omitempty"` +} + +// SanityCheck verifies the validity of the policy and the signatures. +// removed func + +// Sign signs the policy with the given signer and appends the signatures. +// removed func diff --git a/coreapi/v24.0/keymanager/churp/requests.go b/coreapi/v24.0/keymanager/churp/requests.go new file mode 100644 index 000000000..df98a734c --- /dev/null +++ b/coreapi/v24.0/keymanager/churp/requests.go @@ -0,0 +1,114 @@ +package churp + +import ( + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" + + "github.com/oasisprotocol/oasis-core/go/common/crypto/hash" + "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" +) + +// maxThreshold is the maximum threshold. +// +// Limiting the threshold ensures that the dimensions of bivariate polynomials +// (t, 2t) never exceed the range of uint8. +const maxThreshold = 127 + +// removed var block + +// CreateRequest contains the initial configuration. +type CreateRequest struct { + Identity + + // SuiteID is the identifier of a cipher suite used for verifiable secret + // sharing and key derivation. + SuiteID uint8 `json:"suite_id,omitempty"` + + // Threshold is the minimum number of distinct shares required + // to reconstruct a key. + Threshold uint8 `json:"threshold,omitempty"` + + // ExtraShares represents the minimum number of shares that can be lost + // to render the secret unrecoverable. + ExtraShares uint8 `json:"extra_shares,omitempty"` + + // HandoffInterval is the time interval in epochs between handoffs. + // + // A zero value disables handoffs. + HandoffInterval beacon.EpochTime `json:"handoff_interval,omitempty"` + + // Policy is a signed SGX access control policy. + Policy SignedPolicySGX `json:"policy,omitempty"` +} + +// ValidateBasic performs basic config validity checks. +// removed func + +// UpdateRequest contains the updated configuration. +type UpdateRequest struct { + Identity + + // ExtraShares represents the minimum number of shares that can be lost + // to render the secret unrecoverable. + ExtraShares *uint8 `json:"extra_shares,omitempty"` + + // HandoffInterval is the time interval in epochs between handoffs. + // + // Zero value disables handoffs. + HandoffInterval *beacon.EpochTime `json:"handoff_interval,omitempty"` + + // Policy is a signed SGX access control policy. + Policy *SignedPolicySGX `json:"policy,omitempty"` +} + +// ValidateBasic performs basic config validity checks. +// removed func + +// ApplicationRequest contains node's application to form a new committee. +type ApplicationRequest struct { + // Identity of the CHRUP scheme. + Identity + + // Epoch is the epoch of the handoff for which the node would like + // to register. + Epoch beacon.EpochTime `json:"epoch"` + + // Checksum is the hash of the verification matrix. + Checksum hash.Hash `json:"checksum"` +} + +// SignedApplicationRequest is an application request signed by the key manager +// enclave using its runtime attestation key (RAK). +type SignedApplicationRequest struct { + Application ApplicationRequest `json:"application"` + + // Signature is the RAK signature of the application request. + Signature signature.RawSignature `json:"signature"` +} + +// VerifyRAK verifies the runtime attestation key (RAK) signature. +// removed func + +// ConfirmationRequest confirms that the node successfully completed +// the handoff. +type ConfirmationRequest struct { + Identity + + // Epoch is the epoch of the handoff for which the node reconstructed + // the share. + Epoch beacon.EpochTime `json:"epoch"` + + // Checksum is the hash of the verification matrix. + Checksum hash.Hash `json:"checksum"` +} + +// SignedConfirmationRequest is a confirmation request signed by the key manager +// enclave using its runtime attestation key (RAK). +type SignedConfirmationRequest struct { + Confirmation ConfirmationRequest `json:"confirmation"` + + // Signature is the RAK signature of the confirmation request. + Signature signature.RawSignature `json:"signature"` +} + +// VerifyRAK verifies the runtime attestation key (RAK) signature. +// removed func diff --git a/coreapi/v24.0/keymanager/churp/rpc.go b/coreapi/v24.0/keymanager/churp/rpc.go new file mode 100644 index 000000000..f30e1ac82 --- /dev/null +++ b/coreapi/v24.0/keymanager/churp/rpc.go @@ -0,0 +1,41 @@ +package churp + +import ( + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" + "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" +) + +// removed var block + +// HandoffRequest represents a handoff request. +type HandoffRequest struct { + Identity + + // Epoch is the epoch of the handoff. + Epoch beacon.EpochTime `json:"epoch,omitempty"` +} + +// FetchRequest is a fetch handoff data request. +type FetchRequest struct { + Identity + + // Epoch is the epoch of the handoff. + Epoch beacon.EpochTime `json:"epoch,omitempty"` + + // NodeIDs contains the public keys of nodes from which to fetch data. + NodeIDs []signature.PublicKey `json:"node_ids"` +} + +// FetchResponse is a fetch handoff data response. +type FetchResponse struct { + // Completed indicates whether the data fetching was completed. + Completed bool `json:"completed,omitempty"` + + // Succeeded contains the public keys of nodes from which data was + // successfully fetched. + Succeeded []signature.PublicKey `json:"succeeded,omitempty"` + + // Failed contains the public keys of nodes from which data failed + // to be fetched. + Failed []signature.PublicKey `json:"failed,omitempty"` +} diff --git a/coreapi/v24.0/keymanager/churp/sanity_check.go b/coreapi/v24.0/keymanager/churp/sanity_check.go new file mode 100644 index 000000000..d5ce70d7b --- /dev/null +++ b/coreapi/v24.0/keymanager/churp/sanity_check.go @@ -0,0 +1,4 @@ +package churp + +// AddStakeClaims adds stake claims for the given schemes. +// removed func diff --git a/coreapi/v24.0/keymanager/churp/status.go b/coreapi/v24.0/keymanager/churp/status.go new file mode 100644 index 000000000..df018d436 --- /dev/null +++ b/coreapi/v24.0/keymanager/churp/status.go @@ -0,0 +1,167 @@ +package churp + +import ( + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" + "github.com/oasisprotocol/oasis-core/go/common" + "github.com/oasisprotocol/oasis-core/go/common/crypto/hash" + "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" +) + +const ( + // HandoffsDisabled is the epoch of the next handoff when handoffs + // are disabled, i.e., when the handoff interval is set to zero. + HandoffsDisabled = beacon.EpochInvalid +) + +const ( + // NistP384Sha3_384 represents the NIST P-384 elliptic curve group with + // the SHA3-384 hash function used to encode arbitrary-length byte strings + // to elements of the underlying prime field or elliptic curve points. + NistP384Sha3_384 uint8 = iota +) + +// HandoffKind represents the kind of a handoff. +type HandoffKind int + +const ( + // HandoffKindDealingPhase represents the initial setup phase. + HandoffKindDealingPhase HandoffKind = iota + // HandoffKindCommitteeUnchanged represents a handoff where the committee + // doesn't change. + HandoffKindCommitteeUnchanged + // HandoffKindCommitteeChanged represents a handoff where the committee + // changes. + HandoffKindCommitteeChanged +) + +// String returns the string representation of the HandoffKind. +func (h HandoffKind) String() string { + switch h { + case HandoffKindDealingPhase: + return "dealing phase" + case HandoffKindCommitteeUnchanged: + return "committee unchanged" + case HandoffKindCommitteeChanged: + return "committee changed" + default: + return "unknown" + } +} + +// ConsensusParameters are the key manager CHURP consensus parameters. +type ConsensusParameters struct { + GasCosts transaction.Costs `json:"gas_costs,omitempty"` +} + +// Identity uniquely identifies a CHURP instance. +type Identity struct { + // ID is a unique CHURP identifier within the key manager runtime. + ID uint8 `json:"id"` + + // RuntimeID is the identifier of the key manager runtime. + RuntimeID common.Namespace `json:"runtime_id"` +} + +// Status represents the current state of a CHURP instance. +type Status struct { + Identity + + // SuiteID is the identifier of a cipher suite used for verifiable secret + // sharing and key derivation. + SuiteID uint8 `json:"suite_id"` + + // Threshold represents the degree of the secret-sharing polynomial. + // + // In a (t,n) secret-sharing scheme, where t represents the threshold, + // any combination of t+1 or more shares can reconstruct the secret, + // while losing n-t or fewer shares still allows the secret to be + // recovered. + Threshold uint8 `json:"threshold"` + + // ExtraShares represents the minimum number of shares that can be lost + // to render the secret unrecoverable. + // + // If t and e represent the threshold and extra shares, respectively, + // then the minimum size of the committee is t+e+1. + ExtraShares uint8 `json:"extra_shares"` + + // HandoffInterval is the time interval in epochs between handoffs. + // + // A zero value disables handoffs. + HandoffInterval beacon.EpochTime `json:"handoff_interval"` + + // Policy is a signed SGX access control policy. + Policy SignedPolicySGX `json:"policy"` + + // Handoff is the epoch of the last successfully completed handoff. + // + // The zero value indicates that no handoffs have been completed so far. + // Note that the first handoff is special and is called the dealer phase, + // in which nodes do not reshare or randomize shares but instead construct + // the secret and shares. + Handoff beacon.EpochTime `json:"handoff"` + + // The hash of the verification matrix from the last successfully completed + // handoff. + Checksum *hash.Hash `json:"checksum,omitempty"` + + // Committee is a vector of nodes holding a share of the secret + // in the active handoff. + // + // A client needs to obtain more than a threshold number of key shares + // from the nodes in this vector to construct the key. + Committee []signature.PublicKey `json:"committee,omitempty"` + + // NextHandoff defines the epoch in which the next handoff will occur. + // + // If an insufficient number of applications is received, the next handoff + // will be delayed by one epoch. + NextHandoff beacon.EpochTime `json:"next_handoff"` + + // NextChecksum is the hash of the verification matrix from the current + // handoff. + // + // The first candidate to confirm share reconstruction is the source + // of truth for the checksum. All other candidates need to confirm + // with the same checksum; otherwise, the applications will be annulled, + // and the nodes will need to apply for the new committee again. + NextChecksum *hash.Hash `json:"next_checksum,omitempty"` + + // Applications is a map of nodes that wish to form the new committee. + // + // Candidates are expected to generate a random bivariate polynomial, + // construct a verification matrix, compute its checksum, and submit + // an application one epoch in advance of the next scheduled handoff. + // Subsequently, upon the arrival of the handoff epoch, nodes must execute + // the handoff protocol and confirm the reconstruction of its share. + Applications map[signature.PublicKey]Application `json:"applications,omitempty"` +} + +// HandoffKind returns the type of the next handoff depending on which nodes +// submitted an application to form the next committee. +// removed func + +// MinCommitteeSize returns the minimum number of nodes in the committee. +// removed func + +// MinApplicants returns the minimum number of nodes that must participate +// in a handoff. +// removed func + +// HandoffsDisabled returns true iff handoffs are disabled, i.e., when +// the handoff interval is set to zero. +// removed func + +// Application represents a node's application to form a new committee. +type Application struct { + // Checksum is the hash of the random verification matrix. + // + // In all handoffs, except in the dealer phase, the verification matrix + // needs to be zero-hole. + Checksum hash.Hash `json:"checksum"` + + // Reconstructed is true if and only if the node verified all matrices + // and successfully reconstructed its share during the handoff. + Reconstructed bool `json:"reconstructed"` +} diff --git a/coreapi/v23.0/keymanager/api/api.go b/coreapi/v24.0/keymanager/secrets/api.go similarity index 91% rename from coreapi/v23.0/keymanager/api/api.go rename to coreapi/v24.0/keymanager/secrets/api.go index 2ddf50c81..ad1a57f64 100644 --- a/coreapi/v23.0/keymanager/api/api.go +++ b/coreapi/v24.0/keymanager/secrets/api.go @@ -1,19 +1,18 @@ // Package api implements the key manager management API and common data types. -package api +package secrets import ( "github.com/oasisprotocol/curve25519-voi/primitives/x25519" + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" "github.com/oasisprotocol/oasis-core/go/common" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" - "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api/transaction" ) const ( - // ModuleName is a unique module name for the keymanager module. - ModuleName = "keymanager" + // moduleName is a unique module name for the keymanager module. + moduleName = "keymanager" // ChecksumSize is the length of checksum in bytes. ChecksumSize = 32 @@ -95,10 +94,7 @@ type Status struct { // InitRequest is the initialization RPC request, sent to the key manager // enclave. type InitRequest struct { - Status *Status `json:"status,omitempty"` // TODO: Change in PR-5205. - Checksum []byte `json:"checksum,omitempty"` // TODO: Remove in PR-5205. - Policy []byte `json:"policy,omitempty"` // TODO: Remove in PR-5205. - MayGenerate bool `json:"may_generate,omitempty"` // TODO: Remove in PR-5205. + Status Status `json:"status,omitempty"` } // InitResponse is the initialization RPC response, returned as part of a @@ -189,10 +185,6 @@ type LoadEphemeralSecretRequest struct { SignedSecret SignedEncryptedEphemeralSecret `json:"signed_secret"` } -// VerifyExtraInfo verifies and parses the per-node + per-runtime ExtraInfo -// blob for a key manager. -// removed func - // Genesis is the key manager management genesis state. type Genesis struct { // Parameters are the key manager consensus parameters. @@ -238,5 +230,3 @@ type EphemeralSecretPublishedEvent struct { // EventKind returns a string representation of this event's kind. // removed func - -// removed func diff --git a/coreapi/v24.0/keymanager/secrets/grpc.go b/coreapi/v24.0/keymanager/secrets/grpc.go new file mode 100644 index 000000000..da06ab176 --- /dev/null +++ b/coreapi/v24.0/keymanager/secrets/grpc.go @@ -0,0 +1,46 @@ +package secrets + +import ( + "google.golang.org/grpc" +) + +// removed var block + +// removed func + +// removed func + +// removed func + +// removed func + +// removed func + +// removed func + +// removed func + +// RegisterService registers a new keymanager secrets backend service with the given gRPC server. +// removed func + +// Client is a gRPC keymanager secrets client. +type Client struct { + conn *grpc.ClientConn +} + +// removed func + +// removed func + +// removed func + +// removed func + +// removed func + +// removed func + +// removed func + +// NewClient creates a new gRPC keymanager secrets client service. +// removed func diff --git a/coreapi/v23.0/keymanager/api/policy_sgx.go b/coreapi/v24.0/keymanager/secrets/policy_sgx.go similarity index 96% rename from coreapi/v23.0/keymanager/api/policy_sgx.go rename to coreapi/v24.0/keymanager/secrets/policy_sgx.go index ebd66808b..2953ffb4b 100644 --- a/coreapi/v23.0/keymanager/api/policy_sgx.go +++ b/coreapi/v24.0/keymanager/secrets/policy_sgx.go @@ -1,11 +1,10 @@ -package api +package secrets import ( + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" "github.com/oasisprotocol/oasis-core/go/common" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" "github.com/oasisprotocol/oasis-core/go/common/sgx" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" ) // PolicySGXSignatureContext is the context used to sign PolicySGX documents. diff --git a/coreapi/v23.0/keymanager/api/sanity_check.go b/coreapi/v24.0/keymanager/secrets/sanity_check.go similarity index 95% rename from coreapi/v23.0/keymanager/api/sanity_check.go rename to coreapi/v24.0/keymanager/secrets/sanity_check.go index bfb5620b6..2895d2608 100644 --- a/coreapi/v23.0/keymanager/api/sanity_check.go +++ b/coreapi/v24.0/keymanager/secrets/sanity_check.go @@ -1,4 +1,4 @@ -package api +package secrets // SanityCheckStatuses examines the statuses table. // removed func diff --git a/coreapi/v23.0/keymanager/api/secret.go b/coreapi/v24.0/keymanager/secrets/secret.go similarity index 97% rename from coreapi/v23.0/keymanager/api/secret.go rename to coreapi/v24.0/keymanager/secrets/secret.go index 93956c28c..0c5a0a95c 100644 --- a/coreapi/v23.0/keymanager/api/secret.go +++ b/coreapi/v24.0/keymanager/secrets/secret.go @@ -1,4 +1,4 @@ -package api +package secrets import ( "encoding/base64" @@ -6,10 +6,9 @@ import ( "github.com/oasisprotocol/curve25519-voi/primitives/x25519" + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" "github.com/oasisprotocol/oasis-core/go/common" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" ) // minEnclavesPercent is the minimum percentage of key manager enclaves from the key manager diff --git a/coreapi/v23.0/registry/api/admission.go b/coreapi/v24.0/registry/api/admission.go similarity index 98% rename from coreapi/v23.0/registry/api/admission.go rename to coreapi/v24.0/registry/api/admission.go index ac5d78ccb..8d9a9047a 100644 --- a/coreapi/v23.0/registry/api/admission.go +++ b/coreapi/v24.0/registry/api/admission.go @@ -1,9 +1,8 @@ package api import ( + "github.com/oasisprotocol/nexus/coreapi/v24.0/common/node" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" - - "github.com/oasisprotocol/nexus/coreapi/v23.0/common/node" ) // RuntimeAdmissionPolicy is a specification of which nodes are allowed to register for a runtime. diff --git a/coreapi/v23.0/registry/api/api.go b/coreapi/v24.0/registry/api/api.go similarity index 97% rename from coreapi/v23.0/registry/api/api.go rename to coreapi/v24.0/registry/api/api.go index fda43d142..78389d402 100644 --- a/coreapi/v23.0/registry/api/api.go +++ b/coreapi/v24.0/registry/api/api.go @@ -2,13 +2,12 @@ package api import ( + "github.com/oasisprotocol/nexus/coreapi/v24.0/common/node" + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" "github.com/oasisprotocol/oasis-core/go/common" "github.com/oasisprotocol/oasis-core/go/common/crypto/hash" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" "github.com/oasisprotocol/oasis-core/go/common/entity" - - "github.com/oasisprotocol/nexus/coreapi/v23.0/common/node" - "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api/transaction" ) // ModuleName is a unique module name for the registry module. @@ -228,10 +227,6 @@ type ConsensusParameters struct { // be registered. DebugAllowTestRuntimes bool `json:"debug_allow_test_runtimes,omitempty"` - // DebugBypassStake is true iff the registry should bypass all of the staking - // related checks and operations. - DebugBypassStake bool `json:"debug_bypass_stake,omitempty"` - // DebugDeployImmediately is true iff runtime registrations should // allow immediate deployment. DebugDeployImmediately bool `json:"debug_deploy_immediately,omitempty"` @@ -244,6 +239,9 @@ type ConsensusParameters struct { // disabled outside of the genesis block. DisableKeyManagerRuntimeRegistration bool `json:"disable_km_runtime_registration,omitempty"` + // EnableKeyManagerCHURP is true iff the CHURP extension for the key manager is enabled. + EnableKeyManagerCHURP bool `json:"enable_km_churp,omitempty"` + // GasCosts are the registry transaction gas costs. GasCosts transaction.Costs `json:"gas_costs,omitempty"` diff --git a/coreapi/v23.0/registry/api/grpc.go b/coreapi/v24.0/registry/api/grpc.go similarity index 100% rename from coreapi/v23.0/registry/api/grpc.go rename to coreapi/v24.0/registry/api/grpc.go diff --git a/coreapi/v23.0/registry/api/runtime.go b/coreapi/v24.0/registry/api/runtime.go similarity index 98% rename from coreapi/v23.0/registry/api/runtime.go rename to coreapi/v24.0/registry/api/runtime.go index 973349b91..4d1bc4ec5 100644 --- a/coreapi/v23.0/registry/api/runtime.go +++ b/coreapi/v24.0/registry/api/runtime.go @@ -4,17 +4,16 @@ import ( "fmt" "time" + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" + "github.com/oasisprotocol/nexus/coreapi/v24.0/common/node" + scheduler "github.com/oasisprotocol/nexus/coreapi/v24.0/scheduler/api" + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" "github.com/oasisprotocol/oasis-core/go/common" "github.com/oasisprotocol/oasis-core/go/common/cbor" "github.com/oasisprotocol/oasis-core/go/common/crypto/hash" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" "github.com/oasisprotocol/oasis-core/go/common/quantity" "github.com/oasisprotocol/oasis-core/go/common/version" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" - "github.com/oasisprotocol/nexus/coreapi/v23.0/common/node" - scheduler "github.com/oasisprotocol/nexus/coreapi/v23.0/scheduler/api" - staking "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" ) // removed var block diff --git a/coreapi/v23.0/registry/api/sanity_check.go b/coreapi/v24.0/registry/api/sanity_check.go similarity index 83% rename from coreapi/v23.0/registry/api/sanity_check.go rename to coreapi/v24.0/registry/api/sanity_check.go index b0da0d89b..560ca5e74 100644 --- a/coreapi/v23.0/registry/api/sanity_check.go +++ b/coreapi/v24.0/registry/api/sanity_check.go @@ -1,10 +1,9 @@ package api import ( + "github.com/oasisprotocol/nexus/coreapi/v24.0/common/node" "github.com/oasisprotocol/oasis-core/go/common" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" - - "github.com/oasisprotocol/nexus/coreapi/v23.0/common/node" ) // SanityCheck performs a sanity check on the consensus parameters. @@ -28,9 +27,8 @@ import ( // and SanityCheckRuntimes for cross referencing purposes. // removed func -// SanityCheckStake ensures entities' stake accumulator claims are consistent -// with general state and entities have enough stake for themselves and all -// their registered nodes and runtimes. +// AddStakeClaims adds stake claims for entities and all their registered nodes +// and runtimes. // removed func // Runtimes lookup used in sanity checks. diff --git a/coreapi/v23.0/registry/api/status.go b/coreapi/v24.0/registry/api/status.go similarity index 97% rename from coreapi/v23.0/registry/api/status.go rename to coreapi/v24.0/registry/api/status.go index b87800397..afec07765 100644 --- a/coreapi/v23.0/registry/api/status.go +++ b/coreapi/v24.0/registry/api/status.go @@ -1,10 +1,9 @@ package api import ( + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" "github.com/oasisprotocol/oasis-core/go/common" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" ) // FreezeForever is an epoch that can be used to freeze a node for diff --git a/coreapi/v23.0/roothash/api/api.go b/coreapi/v24.0/roothash/api/api.go similarity index 95% rename from coreapi/v23.0/roothash/api/api.go rename to coreapi/v24.0/roothash/api/api.go index e6a88db56..8c9e4c017 100644 --- a/coreapi/v23.0/roothash/api/api.go +++ b/coreapi/v24.0/roothash/api/api.go @@ -4,17 +4,16 @@ package api import ( "math" + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" + registry "github.com/oasisprotocol/nexus/coreapi/v24.0/registry/api" + "github.com/oasisprotocol/nexus/coreapi/v24.0/roothash/api/block" + "github.com/oasisprotocol/nexus/coreapi/v24.0/roothash/api/commitment" + scheduler "github.com/oasisprotocol/nexus/coreapi/v24.0/scheduler/api" + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" "github.com/oasisprotocol/oasis-core/go/common" "github.com/oasisprotocol/oasis-core/go/common/cbor" "github.com/oasisprotocol/oasis-core/go/common/crypto/hash" "github.com/oasisprotocol/oasis-core/go/common/quantity" - - "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api/transaction" - registry "github.com/oasisprotocol/nexus/coreapi/v23.0/registry/api" - "github.com/oasisprotocol/nexus/coreapi/v23.0/roothash/api/block" - "github.com/oasisprotocol/nexus/coreapi/v23.0/roothash/api/commitment" - scheduler "github.com/oasisprotocol/nexus/coreapi/v23.0/scheduler/api" - staking "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" ) const ( @@ -51,6 +50,13 @@ type RuntimeRequest struct { Height int64 `json:"height"` } +// RoundRootsRequest is a request for a specific runtime and round's state and I/O roots. +type RoundRootsRequest struct { + RuntimeID common.Namespace `json:"runtime_id"` + Height int64 `json:"height"` + Round uint64 `json:"round"` +} + // InMessageQueueRequest is a request for queued incoming messages. type InMessageQueueRequest struct { RuntimeID common.Namespace `json:"runtime_id"` @@ -193,7 +199,7 @@ type ExecutorCommittedEvent struct { // ExecutionDiscrepancyDetectedEvent is an execute discrepancy detected event. type ExecutionDiscrepancyDetectedEvent struct { // Round is the round in which the discrepancy was detected. - Round *uint64 `json:"round,omitempty"` + Round *uint64 `json:"round"` // Rank is the rank of the transaction scheduler. Rank uint64 `json:"rank"` // Timeout signals whether the discrepancy was due to a timeout. diff --git a/coreapi/v23.0/roothash/api/block/block.go b/coreapi/v24.0/roothash/api/block/block.go similarity index 100% rename from coreapi/v23.0/roothash/api/block/block.go rename to coreapi/v24.0/roothash/api/block/block.go diff --git a/coreapi/v23.0/roothash/api/block/header.go b/coreapi/v24.0/roothash/api/block/header.go similarity index 95% rename from coreapi/v23.0/roothash/api/block/header.go rename to coreapi/v24.0/roothash/api/block/header.go index 065f3bd55..a9070c408 100644 --- a/coreapi/v23.0/roothash/api/block/header.go +++ b/coreapi/v24.0/roothash/api/block/header.go @@ -110,3 +110,9 @@ type Header struct { // nolint: maligned // StorageRoots returns the storage roots contained in this header. // removed func + +// StorageRootIO returns the full IO storage root. +// removed func + +// StorageRootState returns the full state storage root. +// removed func diff --git a/coreapi/v23.0/roothash/api/commitment/commitment.go b/coreapi/v24.0/roothash/api/commitment/commitment.go similarity index 100% rename from coreapi/v23.0/roothash/api/commitment/commitment.go rename to coreapi/v24.0/roothash/api/commitment/commitment.go diff --git a/coreapi/v23.0/roothash/api/commitment/executor.go b/coreapi/v24.0/roothash/api/commitment/executor.go similarity index 98% rename from coreapi/v23.0/roothash/api/commitment/executor.go rename to coreapi/v24.0/roothash/api/commitment/executor.go index 9433998f7..db2053097 100644 --- a/coreapi/v23.0/roothash/api/commitment/executor.go +++ b/coreapi/v24.0/roothash/api/commitment/executor.go @@ -2,10 +2,9 @@ package commitment import ( + "github.com/oasisprotocol/nexus/coreapi/v24.0/roothash/api/message" "github.com/oasisprotocol/oasis-core/go/common/crypto/hash" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" - - "github.com/oasisprotocol/nexus/coreapi/v23.0/roothash/api/message" ) // removed var block diff --git a/coreapi/v23.0/roothash/api/commitment/pool.go b/coreapi/v24.0/roothash/api/commitment/pool.go similarity index 96% rename from coreapi/v23.0/roothash/api/commitment/pool.go rename to coreapi/v24.0/roothash/api/commitment/pool.go index 57e0311b4..e2bcaa393 100644 --- a/coreapi/v23.0/roothash/api/commitment/pool.go +++ b/coreapi/v24.0/roothash/api/commitment/pool.go @@ -1,7 +1,7 @@ package commitment import ( - "github.com/oasisprotocol/nexus/coreapi/v23.0/roothash/api/message" + "github.com/oasisprotocol/nexus/coreapi/v24.0/roothash/api/message" ) // moduleName is the module name used for namespacing errors. diff --git a/coreapi/v23.0/roothash/api/commitment/proposal.go b/coreapi/v24.0/roothash/api/commitment/proposal.go similarity index 100% rename from coreapi/v23.0/roothash/api/commitment/proposal.go rename to coreapi/v24.0/roothash/api/commitment/proposal.go diff --git a/coreapi/v23.0/roothash/api/commitment/votes.go b/coreapi/v24.0/roothash/api/commitment/votes.go similarity index 100% rename from coreapi/v23.0/roothash/api/commitment/votes.go rename to coreapi/v24.0/roothash/api/commitment/votes.go diff --git a/coreapi/v23.0/roothash/api/grpc.go b/coreapi/v24.0/roothash/api/grpc.go similarity index 91% rename from coreapi/v23.0/roothash/api/grpc.go rename to coreapi/v24.0/roothash/api/grpc.go index 89138c755..ade3a6260 100644 --- a/coreapi/v23.0/roothash/api/grpc.go +++ b/coreapi/v24.0/roothash/api/grpc.go @@ -30,6 +30,10 @@ import ( // removed func +// removed func + +// removed func + // RegisterService registers a new roothash service with the given gRPC server. // removed func @@ -65,5 +69,9 @@ type roothashClient struct { // removed func +// removed func + +// removed func + // NewRootHashClient creates a new gRPC roothash client service. // removed func diff --git a/coreapi/v23.0/roothash/api/history.go b/coreapi/v24.0/roothash/api/history.go similarity index 100% rename from coreapi/v23.0/roothash/api/history.go rename to coreapi/v24.0/roothash/api/history.go diff --git a/coreapi/v23.0/roothash/api/liveness.go b/coreapi/v24.0/roothash/api/liveness.go similarity index 92% rename from coreapi/v23.0/roothash/api/liveness.go rename to coreapi/v24.0/roothash/api/liveness.go index 6182a1cfb..087fc7e48 100644 --- a/coreapi/v23.0/roothash/api/liveness.go +++ b/coreapi/v24.0/roothash/api/liveness.go @@ -11,14 +11,14 @@ type LivenessStatistics struct { LiveRounds []uint64 `json:"good_rounds"` // FinalizedProposals is a list that records the number of finalized rounds when a node - // acted as a proposer. + // acted as a proposer with the highest rank. // // The list is ordered according to the committee arrangement (i.e., the counter at index i // holds the value for the node at index i in the committee). FinalizedProposals []uint64 `json:"finalized_proposals"` // MissedProposals is a list that records the number of failed rounds when a node - // acted as a proposer. + // acted as a proposer with the highest rank. // // The list is ordered according to the committee arrangement (i.e., the counter at index i // holds the value for the node at index i in the committee). diff --git a/coreapi/v23.0/roothash/api/message/incoming_message.go b/coreapi/v24.0/roothash/api/message/incoming_message.go similarity index 95% rename from coreapi/v23.0/roothash/api/message/incoming_message.go rename to coreapi/v24.0/roothash/api/message/incoming_message.go index fd09bda74..ebfb0414a 100644 --- a/coreapi/v23.0/roothash/api/message/incoming_message.go +++ b/coreapi/v24.0/roothash/api/message/incoming_message.go @@ -1,9 +1,8 @@ package message import ( + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" "github.com/oasisprotocol/oasis-core/go/common/quantity" - - staking "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" ) // IncomingMessage is an incoming message. diff --git a/coreapi/v23.0/roothash/api/message/message.go b/coreapi/v24.0/roothash/api/message/message.go similarity index 90% rename from coreapi/v23.0/roothash/api/message/message.go rename to coreapi/v24.0/roothash/api/message/message.go index b585b5ea6..1bc32dd0a 100644 --- a/coreapi/v23.0/roothash/api/message/message.go +++ b/coreapi/v24.0/roothash/api/message/message.go @@ -2,11 +2,10 @@ package message import ( + governance "github.com/oasisprotocol/nexus/coreapi/v24.0/governance/api" + registry "github.com/oasisprotocol/nexus/coreapi/v24.0/registry/api" + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" "github.com/oasisprotocol/oasis-core/go/common/cbor" - - governance "github.com/oasisprotocol/nexus/coreapi/v23.0/governance/api" - registry "github.com/oasisprotocol/nexus/coreapi/v23.0/registry/api" - staking "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" ) // Message is a message that can be sent by a runtime. diff --git a/coreapi/v23.0/roothash/api/results.go b/coreapi/v24.0/roothash/api/results.go similarity index 100% rename from coreapi/v23.0/roothash/api/results.go rename to coreapi/v24.0/roothash/api/results.go diff --git a/coreapi/v23.0/roothash/api/sanity_check.go b/coreapi/v24.0/roothash/api/sanity_check.go similarity index 100% rename from coreapi/v23.0/roothash/api/sanity_check.go rename to coreapi/v24.0/roothash/api/sanity_check.go diff --git a/coreapi/v23.0/scheduler/api/api.go b/coreapi/v24.0/scheduler/api/api.go similarity index 99% rename from coreapi/v23.0/scheduler/api/api.go rename to coreapi/v24.0/scheduler/api/api.go index 2935c1edc..d5976e5c6 100644 --- a/coreapi/v23.0/scheduler/api/api.go +++ b/coreapi/v24.0/scheduler/api/api.go @@ -5,11 +5,10 @@ import ( "fmt" "strings" + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" "github.com/oasisprotocol/oasis-core/go/common" "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" "github.com/oasisprotocol/oasis-core/go/common/quantity" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" ) // ModuleName is a unique module name for the scheduler module. diff --git a/coreapi/v23.0/scheduler/api/grpc.go b/coreapi/v24.0/scheduler/api/grpc.go similarity index 100% rename from coreapi/v23.0/scheduler/api/grpc.go rename to coreapi/v24.0/scheduler/api/grpc.go diff --git a/coreapi/v23.0/scheduler/api/sanity_check.go b/coreapi/v24.0/scheduler/api/sanity_check.go similarity index 100% rename from coreapi/v23.0/scheduler/api/sanity_check.go rename to coreapi/v24.0/scheduler/api/sanity_check.go diff --git a/coreapi/v24.0/staking/api/address.go b/coreapi/v24.0/staking/api/address.go new file mode 100644 index 000000000..1f706bbe2 --- /dev/null +++ b/coreapi/v24.0/staking/api/address.go @@ -0,0 +1,7 @@ +package api + +import ( + original "github.com/oasisprotocol/oasis-core/go/staking/api" +) + +type Address = original.Address diff --git a/coreapi/v23.0/staking/api/address_internal.go b/coreapi/v24.0/staking/api/address_internal.go similarity index 100% rename from coreapi/v23.0/staking/api/address_internal.go rename to coreapi/v24.0/staking/api/address_internal.go diff --git a/coreapi/v23.0/staking/api/api.go b/coreapi/v24.0/staking/api/api.go similarity index 94% rename from coreapi/v23.0/staking/api/api.go rename to coreapi/v24.0/staking/api/api.go index 0ab67a673..b0d2fed2b 100644 --- a/coreapi/v23.0/staking/api/api.go +++ b/coreapi/v24.0/staking/api/api.go @@ -4,11 +4,10 @@ package api import ( "fmt" + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" "github.com/oasisprotocol/oasis-core/go/common/crypto/hash" "github.com/oasisprotocol/oasis-core/go/common/quantity" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" - "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api/transaction" ) const ( @@ -372,6 +371,7 @@ const ( KindNodeKeyManager ThresholdKind = 4 KindRuntimeCompute ThresholdKind = 5 KindRuntimeKeyManager ThresholdKind = 6 + KindKeyManagerChurp ThresholdKind = 7 KindEntityName = "entity" KindNodeValidatorName = "node-validator" @@ -380,6 +380,7 @@ const ( KindNodeKeyManagerName = "node-keymanager" KindRuntimeComputeName = "runtime-compute" KindRuntimeKeyManagerName = "runtime-keymanager" + KindKeyManagerChurpName = "keymanager-churp" ) // ThresholdKinds are the valid threshold kinds. @@ -402,6 +403,8 @@ func (k ThresholdKind) String() string { return KindRuntimeComputeName case KindRuntimeKeyManager: return KindRuntimeKeyManagerName + case KindKeyManagerChurp: + return KindKeyManagerChurpName default: return "[unknown threshold kind]" } @@ -429,6 +432,8 @@ func (k *ThresholdKind) UnmarshalText(text []byte) error { *k = KindRuntimeCompute case KindRuntimeKeyManagerName: *k = KindRuntimeKeyManager + case KindKeyManagerChurpName: + *k = KindKeyManagerChurp default: return fmt.Errorf("%w: %s", fmt.Errorf("invalid threshold"), string(text)) } @@ -504,12 +509,41 @@ type StakeAccumulator struct { // TotalClaims computes the total amount of stake claims in the accumulator. // removed func +// HookKind is an account hook kind. +type HookKind uint8 + +const ( + // HookKindWithdraw is the hook kind invoked during withdrawals. It may either allow or reject + // the given withdrawal based on custom logic. + HookKindWithdraw HookKind = 1 +) + +// String returns a string representation of an account hook kind. +func (hk HookKind) String() string { + switch hk { + case HookKindWithdraw: + return "withdraw" + default: + return "[invalid]" + } +} + +// HookDestination describes a hook destination. +type HookDestination struct { + // Module is the identifier of a module that should handle the hook. + Module string `json:"module"` +} + // GeneralAccount is a general-purpose account. type GeneralAccount struct { Balance quantity.Quantity `json:"balance,omitempty"` Nonce uint64 `json:"nonce,omitempty"` + // Allowances is the set of per-beneficiary allowances. Allowances map[Address]quantity.Quantity `json:"allowances,omitempty"` + // Hooks is the set of hooks that should be invoked when specific actions happen to override + // common behavior. + Hooks map[HookKind]HookDestination `json:"hooks,omitempty"` } // PrettyPrint writes a pretty-printed representation of GeneralAccount to the @@ -542,7 +576,7 @@ type EscrowAccount struct { // AddStakeClaim attempts to add a stake claim to the given escrow account. // -// In case there is insufficient stake to cover the claim or an error occurrs, no modifications are +// In case there is insufficient stake to cover the claim or an error occurs, no modifications are // made to the stake accumulator. // removed func @@ -635,6 +669,13 @@ type Genesis struct { // ConsensusParameters are the staking consensus parameters. type ConsensusParameters struct { // nolint: maligned + // TokenSymbol is the token's ticker symbol. + // Only upper case A-Z characters are allowed. + TokenSymbol string `json:"token_symbol,omitempty"` + // TokenValueExponent is the token's value base-10 exponent, i.e. + // 1 token = 10**TokenValueExponent base units. + TokenValueExponent uint8 `json:"token_value_exponent,omitempty"` + Thresholds map[ThresholdKind]quantity.Quantity `json:"thresholds,omitempty"` DebondingInterval beacon.EpochTime `json:"debonding_interval,omitempty"` RewardSchedule []RewardStep `json:"reward_schedule,omitempty"` @@ -671,6 +712,10 @@ type ConsensusParameters struct { // nolint: maligned // RewardFactorBlockProposed is the factor for a reward distributed per block // to the entity that proposed the block. RewardFactorBlockProposed quantity.Quantity `json:"reward_factor_block_proposed"` + + // DebugBypassStake is true iff all of the staking-related checks and + // operations should be bypassed. + DebugBypassStake bool `json:"debug_bypass_stake,omitempty"` } // ConsensusParameterChanges are allowed staking consensus parameter changes. diff --git a/coreapi/v23.0/staking/api/commission.go b/coreapi/v24.0/staking/api/commission.go similarity index 98% rename from coreapi/v23.0/staking/api/commission.go rename to coreapi/v24.0/staking/api/commission.go index d7b53aa37..d75f275d9 100644 --- a/coreapi/v23.0/staking/api/commission.go +++ b/coreapi/v24.0/staking/api/commission.go @@ -1,9 +1,8 @@ package api import ( + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" "github.com/oasisprotocol/oasis-core/go/common/quantity" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" ) // commissionRateDenominatorExponent is the commission rate denominator's diff --git a/coreapi/v23.0/staking/api/grpc.go b/coreapi/v24.0/staking/api/grpc.go similarity index 100% rename from coreapi/v23.0/staking/api/grpc.go rename to coreapi/v24.0/staking/api/grpc.go diff --git a/coreapi/v23.0/staking/api/prettyprint.go b/coreapi/v24.0/staking/api/prettyprint.go similarity index 100% rename from coreapi/v23.0/staking/api/prettyprint.go rename to coreapi/v24.0/staking/api/prettyprint.go diff --git a/coreapi/v23.0/staking/api/rewards.go b/coreapi/v24.0/staking/api/rewards.go similarity index 85% rename from coreapi/v23.0/staking/api/rewards.go rename to coreapi/v24.0/staking/api/rewards.go index daa72a306..70850bc25 100644 --- a/coreapi/v23.0/staking/api/rewards.go +++ b/coreapi/v24.0/staking/api/rewards.go @@ -1,9 +1,8 @@ package api import ( + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" "github.com/oasisprotocol/oasis-core/go/common/quantity" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" ) // RewardAmountDenominator is the denominator for the reward rate. diff --git a/coreapi/v23.0/staking/api/sanity_check.go b/coreapi/v24.0/staking/api/sanity_check.go similarity index 88% rename from coreapi/v23.0/staking/api/sanity_check.go rename to coreapi/v24.0/staking/api/sanity_check.go index fbbda9723..7377c9bc6 100644 --- a/coreapi/v23.0/staking/api/sanity_check.go +++ b/coreapi/v24.0/staking/api/sanity_check.go @@ -22,3 +22,6 @@ package api // SanityCheck does basic sanity checking on the genesis state. // removed func + +// SanityCheckStake compares generated escrow accounts with actual ones. +// removed func diff --git a/coreapi/v23.0/staking/api/slashing.go b/coreapi/v24.0/staking/api/slashing.go similarity index 98% rename from coreapi/v23.0/staking/api/slashing.go rename to coreapi/v24.0/staking/api/slashing.go index ece39f902..63b413644 100644 --- a/coreapi/v23.0/staking/api/slashing.go +++ b/coreapi/v24.0/staking/api/slashing.go @@ -3,9 +3,8 @@ package api import ( "fmt" + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" "github.com/oasisprotocol/oasis-core/go/common/quantity" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" ) // SlashReason is the reason why a node was slashed. diff --git a/coreapi/v23.0/staking/api/token/prettyprint.go b/coreapi/v24.0/staking/api/token/prettyprint.go similarity index 100% rename from coreapi/v23.0/staking/api/token/prettyprint.go rename to coreapi/v24.0/staking/api/token/prettyprint.go diff --git a/coreapi/v23.0/staking/api/token/token.go b/coreapi/v24.0/staking/api/token/token.go similarity index 100% rename from coreapi/v23.0/staking/api/token/token.go rename to coreapi/v24.0/staking/api/token/token.go diff --git a/coreapi/v23.0/upgrade/api/api.go b/coreapi/v24.0/upgrade/api/api.go similarity index 98% rename from coreapi/v23.0/upgrade/api/api.go rename to coreapi/v24.0/upgrade/api/api.go index 48537a6f3..b3ddd2d3b 100644 --- a/coreapi/v23.0/upgrade/api/api.go +++ b/coreapi/v24.0/upgrade/api/api.go @@ -2,10 +2,9 @@ package api import ( + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" "github.com/oasisprotocol/oasis-core/go/common/cbor" "github.com/oasisprotocol/oasis-core/go/common/version" - - beacon "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" ) const ( diff --git a/coreapi/v24.0/vault/api/action.go b/coreapi/v24.0/vault/api/action.go new file mode 100644 index 000000000..d1fa472ee --- /dev/null +++ b/coreapi/v24.0/vault/api/action.go @@ -0,0 +1,146 @@ +package api + +import ( + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" + "github.com/oasisprotocol/oasis-core/go/common/cbor" +) + +// removed var statement + +// PendingAction is an action waiting for authorizations in order to be executed. +type PendingAction struct { + // Nonce is the action nonce. + Nonce uint64 `json:"nonce"` + // AuthorizedBy contains the addresses that have authorized the action. + AuthorizedBy []staking.Address `json:"authorized_by"` + // Action is the pending action itself. + Action Action `json:"action"` +} + +// ContainsAuthorizationFrom returns true iff the given address is among the action authorizers. +// removed func + +// Action is a vault action. +type Action struct { + // Suspend is the suspend action. + Suspend *ActionSuspend `json:"suspend,omitempty"` + // Resume is the resume action. + Resume *ActionResume `json:"resume,omitempty"` + // ExecuteMessage is the execute message action. + ExecuteMessage *ActionExecuteMessage `json:"execute_msg,omitempty"` + // UpdateWithdrawPolicy is the withdraw policy update action. + UpdateWithdrawPolicy *ActionUpdateWithdrawPolicy `json:"update_withdraw_policy,omitempty"` + // UpdateAuthority is the authority update action. + UpdateAuthority *ActionUpdateAuthority `json:"update_authority,omitempty"` +} + +// Validate validates the given action. +// removed func + +// Equal returns true iff one action is equal to another. +// removed func + +// Authorities returns the authorities of the given vault that can authorize this action. +// removed func + +// IsAuthorized returns true iff the given address is authorized to execute this action. +// removed func + +// PrettyPrint writes a pretty-printed representation of Action to the given writer. +// removed func + +// PrettyType returns a representation of Action that can be used for pretty printing. +// removed func + +// ActionSuspend is the action to suspend the vault. +type ActionSuspend struct{} + +// Authorities returns the authorities of the given vault that can authorize this action. +// removed func + +// ActionResume is the action to suspend the vault. +type ActionResume struct{} + +// Authorities returns the authorities of the given vault that can authorize this action. +// removed func + +// ActionExecuteMessage is the action to execute a message on behalf of the vault. The message is +// dispatched as if the vault originated a transaction. +type ActionExecuteMessage struct { + // Method is the method that should be called. + Method transaction.MethodName `json:"method"` + // Body is the method call body. + Body cbor.RawMessage `json:"body,omitempty"` +} + +// Validate validates the given action. +// removed func + +// Authorities returns the authorities of the given vault that can authorize this action. +// removed func + +// PrettyPrintBody writes a pretty-printed representation of the message body to the given writer. +// removed func + +// PrettyPrint writes a pretty-printed representation of ActionExecuteMessage to the given writer. +// removed func + +// PrettyType returns a representation of ActionExecuteMessage that can be used for pretty printing. +// removed func + +// PrettyActionExecuteMessage is used for pretty-printing execute message actions so that the actual +// content is displayed instead of the binary blob. +// +// It should only be used for pretty printing. +type PrettyActionExecuteMessage struct { + Method transaction.MethodName `json:"method"` + Body interface{} `json:"body,omitempty"` +} + +// ActionUpdateWithdrawPolicy is the action to update the withdraw policy for a given address. +type ActionUpdateWithdrawPolicy struct { + // Address is the address the policy update is for. + Address staking.Address `json:"address"` + // Policy is the new withdraw policy. + Policy WithdrawPolicy `json:"policy"` +} + +// Validate validates the given action. +// removed func + +// Authorities returns the authorities of the given vault that can authorize this action. +// removed func + +// PrettyPrint writes a pretty-printed representation of ActionUpdateWithdrawPolicy to the given +// writer. +// removed func + +// PrettyType returns a representation of ActionUpdateWithdrawPolicy that can be used for pretty +// printing. +// removed func + +// ActionUpdateAuthority is the action to update one of the vault authorities. +type ActionUpdateAuthority struct { + // AdminAuthority is the new admin authority. If the field is nil no update should be done. + AdminAuthority *Authority `json:"admin_authority,omitempty"` + // SuspendAuthority is the new suspend authority. If the field is nil no update should be done. + SuspendAuthority *Authority `json:"suspend_authority,omitempty"` +} + +// Validate validates the given action. +// removed func + +// Authorities returns the authorities of the given vault that can authorize this action. +// removed func + +// Apply applies the authority update to the given vault. +// removed func + +// PrettyPrint writes a pretty-printed representation of ActionUpdateAuthority to the given +// writer. +// removed func + +// PrettyType returns a representation of ActionUpdateAuthority that can be used for pretty +// printing. +// removed func diff --git a/coreapi/v24.0/vault/api/api.go b/coreapi/v24.0/vault/api/api.go new file mode 100644 index 000000000..1719ce6e7 --- /dev/null +++ b/coreapi/v24.0/vault/api/api.go @@ -0,0 +1,77 @@ +// Package api implements the vault backend API. +package api + +import ( + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" +) + +const ( + // ModuleName is a unique module name for the vault module. + ModuleName = "vault" +) + +// removed var block + +// Backend is a vault implementation. +// removed interface + +// VaultQuery is a query for data about a given vault. +type VaultQuery struct { + // Height is the query height. + Height int64 `json:"height"` + // Address is the vault address. + Address staking.Address `json:"address"` +} + +// AddressQuery is a query for data about a given address for the given vault. +type AddressQuery struct { + // Height is the query height. + Height int64 `json:"height"` + // Vault is the vault address. + Vault staking.Address `json:"vault"` + // Address is the queried address. + Address staking.Address `json:"address"` +} + +// Genesis is the initial vault state for use in the genesis block. +type Genesis struct { + // Parameters are the genesis consensus parameters. + Parameters ConsensusParameters `json:"params"` + + // Vaults are the vaults. + Vaults []*Vault `json:"vaults,omitempty"` + // States are the per vault per-address states. + States map[staking.Address]map[staking.Address]*AddressState `json:"states,omitempty"` + // PendingActions are the per-vault pending actions. + PendingActions map[staking.Address][]*PendingAction `json:"pending_actions,omitempty"` +} + +// ConsensusParameters are the vault consensus parameters. +type ConsensusParameters struct { + // Enabled specifies whether the vault service is enabled. + Enabled bool `json:"enabled,omitempty"` + + // MaxAuthorityAddresses is the maximum number of addresses that can be configured for each + // authority. + MaxAuthorityAddresses uint8 `json:"max_authority_addresses,omitempty"` + + // GasCosts are the vault transaction gas costs. + GasCosts transaction.Costs `json:"gas_costs,omitempty"` +} + +// DefaultConsensusParameters are the default vault consensus parameters. +// removed var statement + +// ConsensusParameterChanges are allowed vault consensus parameter changes. +type ConsensusParameterChanges struct { + // MaxAuthorityAddresses is the new maximum number of addresses that can be configured for each + // authority. + MaxAuthorityAddresses *uint8 `json:"max_authority_addresses,omitempty"` + + // GasCosts are the new gas costs. + GasCosts transaction.Costs `json:"gas_costs,omitempty"` +} + +// Apply applies changes to the given consensus parameters. +// removed func diff --git a/coreapi/v24.0/vault/api/events.go b/coreapi/v24.0/vault/api/events.go new file mode 100644 index 000000000..f7ab373b3 --- /dev/null +++ b/coreapi/v24.0/vault/api/events.go @@ -0,0 +1,95 @@ +package api + +import ( + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" + "github.com/oasisprotocol/oasis-core/go/common/crypto/hash" +) + +// Event signifies a vault event. +type Event struct { + Height int64 `json:"height,omitempty"` + TxHash hash.Hash `json:"tx_hash,omitempty"` + + ActionSubmitted *ActionSubmittedEvent `json:"action_submitted,omitempty"` + ActionCanceled *ActionCanceledEvent `json:"action_canceled,omitempty"` + ActionExecuted *ActionExecutedEvent `json:"action_executed,omitempty"` + StateChanged *StateChangedEvent `json:"state_changed,omitempty"` + PolicyUpdated *PolicyUpdatedEvent `json:"policy_updated"` + AuthorityUpdated *AuthorityUpdatedEvent `json:"authority_updated"` +} + +// ActionSubmittedEvent is the event emitted when a new vault action is submitted. +type ActionSubmittedEvent struct { + // Submitter is the account address of the submitter. + Submitter staking.Address `json:"submitter"` + // Vault is the vault address. + Vault staking.Address `json:"vault"` + // Nonce is the action nonce. + Nonce uint64 `json:"nonce"` +} + +// EventKind returns a string representation of this event's kind. +// removed func + +// ActionCanceledEvent is the event emitted when a vault action is canceled. +type ActionCanceledEvent struct { + // Vault is the vault address. + Vault staking.Address `json:"vault"` + // Nonce is the action nonce. + Nonce uint64 `json:"nonce"` +} + +// EventKind returns a string representation of this event's kind. +// removed func + +// ActionExecutedEvent is the event emitted when a new vault action is executed. +type ActionExecutedEvent struct { + // Vault is the vault address. + Vault staking.Address `json:"vault"` + // Nonce is the action nonce. + Nonce uint64 `json:"nonce"` + // Result is the action execution result. + Result ActionExecutionResult `json:"result,omitempty"` +} + +// EventKind returns a string representation of this event's kind. +// removed func + +// ActionExecutionResult is the result of executing an action. +type ActionExecutionResult struct { + Module string `json:"module,omitempty"` + Code uint32 `json:"code,omitempty"` +} + +// StateChangedEvent is the event emitted when a vault state is changed. +type StateChangedEvent struct { + // Vault is the vault address. + Vault staking.Address `json:"vault"` + // OldState is the old vault state. + OldState State `json:"old_state"` + // NewState is the new vault state. + NewState State `json:"new_state"` +} + +// EventKind returns a string representation of this event's kind. +// removed func + +// PolicyUpdatedEvent is the event emitted when a vault policy for an address is updated. +type PolicyUpdatedEvent struct { + // Vault is the vault address. + Vault staking.Address `json:"vault"` + // Address is the address for which the policy has been updated. + Address staking.Address `json:"address"` +} + +// EventKind returns a string representation of this event's kind. +// removed func + +// AuthorityUpdatedEvent is the event emitted when a vault authority is updated. +type AuthorityUpdatedEvent struct { + // Vault is the vault address. + Vault staking.Address `json:"vault"` +} + +// EventKind returns a string representation of this event's kind. +// removed func diff --git a/coreapi/v23.0/keymanager/api/grpc.go b/coreapi/v24.0/vault/api/grpc.go similarity index 60% rename from coreapi/v23.0/keymanager/api/grpc.go rename to coreapi/v24.0/vault/api/grpc.go index 33a307264..40378f10a 100644 --- a/coreapi/v23.0/keymanager/api/grpc.go +++ b/coreapi/v24.0/vault/api/grpc.go @@ -20,11 +20,12 @@ import ( // removed func -// RegisterService registers a new keymanager backend service with the given gRPC server. // removed func -// KeymanagerClient is a gRPC keymanager client. -type KeymanagerClient struct { +// RegisterService registers a new vault service with the given gRPC server. +// removed func + +type vaultClient struct { conn *grpc.ClientConn } @@ -42,5 +43,9 @@ type KeymanagerClient struct { // removed func -// NewKeymanagerClient creates a new gRPC keymanager client service. +// removed func + +// removed func + +// NewVaultClient creates a new gRPC vault client service. // removed func diff --git a/coreapi/v24.0/vault/api/methods.go b/coreapi/v24.0/vault/api/methods.go new file mode 100644 index 000000000..5eab064f8 --- /dev/null +++ b/coreapi/v24.0/vault/api/methods.go @@ -0,0 +1,82 @@ +package api + +import ( + "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction" + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" +) + +// removed var block + +// Create is a create call body. +type Create struct { + // AdminAuthority specifies the vault's admin authority. + AdminAuthority Authority `json:"admin_authority"` + // SuspendAuthority specifies the vault's suspend authority. + SuspendAuthority Authority `json:"suspend_authority"` +} + +// Validate validates the create call. +// removed func + +// PrettyPrint writes a pretty-printed representation of Create to the given writer. +// removed func + +// PrettyType returns a representation of Create that can be used for pretty printing. +// removed func + +// AuthorizeAction is an action authorization call body. +type AuthorizeAction struct { + // Vault is the address of the target vault. + Vault staking.Address `json:"vault"` + // Nonce is the action nonce. + Nonce uint64 `json:"nonce"` + // Action is the action that should be authorized. + Action Action `json:"action"` +} + +// Validate validates the action authorization call. +// removed func + +// PrettyPrint writes a pretty-printed representation of AuthorizeAction to the given writer. +// removed func + +// PrettyType returns a representation of AuthorizeAction that can be used for pretty printing. +// removed func + +// CancelAction is an action cancelation call body. +type CancelAction struct { + // Vault is the address of the target vault. + Vault staking.Address `json:"vault"` + // Nonce is the action nonce. + Nonce uint64 `json:"nonce"` +} + +// Validate validates the action cancelation call. +// removed func + +// PrettyPrint writes a pretty-printed representation of CancelAction to the given writer. +// removed func + +// PrettyType returns a representation of CancelAction that can be used for pretty printing. +// removed func + +// NewCreateTx creates a new vault creation transaction. +// removed func + +// NewAuthorizeActionTx creates a new authorize action transaction. +// removed func + +// NewCancelActionTx creates a new cancel action transaction. +// removed func + +const ( + // GasOpCreate is the gas operation identifier for creating a vault. + GasOpCreate transaction.Op = "create" + // GasOpAuthorizeAction is the gas operation identifier for authorizing an action. + GasOpAuthorizeAction transaction.Op = "authorize_action" + // GasOpCancelAction is the gas operation identifier for canceling an action. + GasOpCancelAction transaction.Op = "cancel_action" +) + +// DefaultGasCosts are the "default" gas costs for operations. +// removed var statement diff --git a/coreapi/v24.0/vault/api/policy.go b/coreapi/v24.0/vault/api/policy.go new file mode 100644 index 000000000..b7fb430af --- /dev/null +++ b/coreapi/v24.0/vault/api/policy.go @@ -0,0 +1,44 @@ +package api + +import ( + "github.com/oasisprotocol/oasis-core/go/common/quantity" +) + +// AddressState is the state stored for the given address. +type AddressState struct { + // WithdrawPolicy is the active withdraw policy. + WithdrawPolicy WithdrawPolicy `json:"withdraw_policy"` + + // CurrentBucket specifies the interval we are currently doing accounting for. + CurrentBucket uint64 `json:"bucket"` + // CurrentAmount specifies the amount already withdrawn in the current interval. + CurrentAmount quantity.Quantity `json:"amount"` +} + +// UpdateWithdrawPolicy updates the withdraw policy to a new policy together with any internal +// accounting adjustments. +// removed func + +// AuthorizeWithdrawal performs withdrawal authorization. In case withdrawal is allowed, the state +// is also updated to reflect the additional withdrawal. +// removed func + +// WithdrawPolicy is the per-address withdraw policy. +type WithdrawPolicy struct { + // LimitAmount is the maximum amount of tokens that may be withdrawn in the given interval. + LimitAmount quantity.Quantity `json:"limit_amount"` + // LimitInterval is the interval (in blocks) when the limit amount resets. + LimitInterval uint64 `json:"limit_interval"` +} + +// IsDisabled returns true iff the policy is disabled and no withdrawal is allowed. +// removed func + +// Validate validates the withdrawal policy. +// removed func + +// PrettyPrint writes a pretty-printed representation of WithdrawPolicy to the given writer. +// removed func + +// PrettyType returns a representation of WithdrawPolicy that can be used for pretty printing. +// removed func diff --git a/coreapi/v24.0/vault/api/sanity_check.go b/coreapi/v24.0/vault/api/sanity_check.go new file mode 100644 index 000000000..e2fef84ed --- /dev/null +++ b/coreapi/v24.0/vault/api/sanity_check.go @@ -0,0 +1,11 @@ +// Package api implements the vault backend API. +package api + +// SanityCheck performs a sanity check on the consensus parameters. +// removed func + +// SanityCheck performs a sanity check on the consensus parameter changes. +// removed func + +// SanityCheck does basic sanity checking on the genesis state. +// removed func diff --git a/coreapi/v24.0/vault/api/vault.go b/coreapi/v24.0/vault/api/vault.go new file mode 100644 index 000000000..2703e56af --- /dev/null +++ b/coreapi/v24.0/vault/api/vault.go @@ -0,0 +1,70 @@ +package api + +import ( + staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" +) + +// removed var statement + +// State is the vault state. +type State uint8 + +const ( + StateSuspended = 0 + StateActive = 1 +) + +// Vault contains metadata about a vault. +type Vault struct { + // Creator is the address of the vault creator. + Creator staking.Address `json:"creator"` + // ID is the unique per-creator identifier of the vault. + ID uint64 `json:"id"` + // State is the vault state. + State State `json:"state"` + // Nonce is the nonce to use for the next action. + Nonce uint64 `json:"nonce,omitempty"` + + // AdminAuthority specifies the vault's admin authority. + AdminAuthority Authority `json:"admin_authority"` + // SuspendAuthority specifies the vault's suspend authority. + SuspendAuthority Authority `json:"suspend_authority"` +} + +// NewVaultAddress returns the address for the vault. +// removed func + +// Address returns the address for the vault. +// removed func + +// IsActive returns true iff the vault is currently active (processing withdrawals). +// removed func + +// AuthoritiesContain returns true iff any of the vault's authorities contain the address. +// removed func + +// Authorities returns the list of all vault authorities. +// removed func + +// Authority is the vault multisig authority. +type Authority struct { + // Addresses are the addresses that can authorize an action. + Addresses []staking.Address `json:"addresses"` + // Threshold is the minimum number of addresses that must authorize an action. + Threshold uint8 `json:"threshold"` +} + +// Validate validates the authority configuration. +// removed func + +// Contains checks whether the authority contains the given address. +// removed func + +// Verify checks whether the passed addresses are sufficient to authorize an action. +// removed func + +// PrettyPrint writes a pretty-printed representation of Authority to the given writer. +// removed func + +// PrettyType returns a representation of Authority that can be used for pretty printing. +// removed func diff --git a/scripts/vendor-oasis-core/patches/v24.0/discrepancy_round.patch b/scripts/vendor-oasis-core/patches/v24.0/discrepancy_round.patch new file mode 100644 index 000000000..5d9d86680 --- /dev/null +++ b/scripts/vendor-oasis-core/patches/v24.0/discrepancy_round.patch @@ -0,0 +1,13 @@ +diff --git a/coreapi/v24.0/roothash/api/api.go b/coreapi/v24.0/roothash/api/api.go +index 180852d..8c9e4c0 100644 +--- a/coreapi/v24.0/roothash/api/api.go ++++ b/coreapi/v24.0/roothash/api/api.go +@@ -199,7 +199,7 @@ type ExecutorCommittedEvent struct { + // ExecutionDiscrepancyDetectedEvent is an execute discrepancy detected event. + type ExecutionDiscrepancyDetectedEvent struct { + // Round is the round in which the discrepancy was detected. +- Round uint64 `json:"round"` ++ Round *uint64 `json:"round"` + // Rank is the rank of the transaction scheduler. + Rank uint64 `json:"rank"` + // Timeout signals whether the discrepancy was due to a timeout. diff --git a/scripts/vendor-oasis-core/patches/v24.0/inline_err_constants_1.patch b/scripts/vendor-oasis-core/patches/v24.0/inline_err_constants_1.patch new file mode 100644 index 000000000..270a1c213 --- /dev/null +++ b/scripts/vendor-oasis-core/patches/v24.0/inline_err_constants_1.patch @@ -0,0 +1,22 @@ +diff --git a/coreapi/v24.0/registry/api/runtime.go b/coreapi/v24.0/registry/api/runtime.go +index 6909eb7..4d1bc4e 100644 +--- a/coreapi/v24.0/registry/api/runtime.go ++++ b/coreapi/v24.0/registry/api/runtime.go +@@ -279,7 +279,7 @@ func (gm RuntimeGovernanceModel) MarshalText() ([]byte, error) { + case GovernanceConsensus: + return []byte(gmConsensus), nil + default: +- return nil, ErrUnsupportedRuntimeGovernanceModel ++ return nil, fmt.Errorf("unspported runtime governance model: %d", gm) + } + } + +@@ -292,7 +292,7 @@ func (gm *RuntimeGovernanceModel) UnmarshalText(text []byte) error { + case gmConsensus: + *gm = GovernanceConsensus + default: +- return fmt.Errorf("%w: '%s'", ErrUnsupportedRuntimeGovernanceModel, string(text)) ++ return fmt.Errorf("unspported runtime governance model: '%s'", string(text)) + } + + return nil diff --git a/scripts/vendor-oasis-core/patches/v24.0/inline_err_constants_2.patch b/scripts/vendor-oasis-core/patches/v24.0/inline_err_constants_2.patch new file mode 100644 index 000000000..4bb429880 --- /dev/null +++ b/scripts/vendor-oasis-core/patches/v24.0/inline_err_constants_2.patch @@ -0,0 +1,13 @@ +diff --git a/coreapi/v24.0/staking/api/api.go b/coreapi/v24.0/staking/api/api.go +index f6a98a8..b0d2fed 100644 +--- a/coreapi/v24.0/staking/api/api.go ++++ b/coreapi/v24.0/staking/api/api.go +@@ -435,7 +435,7 @@ func (k *ThresholdKind) UnmarshalText(text []byte) error { + case KindKeyManagerChurpName: + *k = KindKeyManagerChurp + default: +- return fmt.Errorf("%w: %s", ErrInvalidThreshold, string(text)) ++ return fmt.Errorf("%w: %s", fmt.Errorf("invalid threshold"), string(text)) + } + return nil + } diff --git a/scripts/vendor-oasis-core/patches/v24.0/keep_node_err_constants_and_unmarshal_helper.patch b/scripts/vendor-oasis-core/patches/v24.0/keep_node_err_constants_and_unmarshal_helper.patch new file mode 100644 index 000000000..06c96ad59 --- /dev/null +++ b/scripts/vendor-oasis-core/patches/v24.0/keep_node_err_constants_and_unmarshal_helper.patch @@ -0,0 +1,89 @@ +diff --git a/coreapi/v24.0/common/node/address.go b/coreapi/v24.0/common/node/address.go +index dff45b2..6d97844 100644 +--- a/coreapi/v24.0/common/node/address.go ++++ b/coreapi/v24.0/common/node/address.go +@@ -1,6 +1,8 @@ + package node + + import ( ++ "encoding" ++ "errors" + "fmt" + "net" + "strings" +@@ -8,7 +10,21 @@ import ( + "github.com/oasisprotocol/oasis-core/go/common/crypto/signature" + ) + +-// removed var block ++var ( ++ // ErrInvalidAddress is the error returned when a transport address is ++ // invalid. ++ ErrInvalidAddress = errors.New("node: invalid transport address") ++ // ErrConsensusAddressNoID is the error returned when a consensus address ++ // doesn't have the ID@ part. ++ ErrConsensusAddressNoID = errors.New("node: consensus address doesn't have ID@ part") ++ // ErrTLSAddressNoPubKey is the error returned when a TLS address doesn't have the PubKey@ part. ++ ErrTLSAddressNoPubKey = errors.New("node: TLS address missing PubKey@ part") ++ ++ _ encoding.TextMarshaler = (*Address)(nil) ++ _ encoding.TextUnmarshaler = (*Address)(nil) ++ _ encoding.TextMarshaler = (*ConsensusAddress)(nil) ++ _ encoding.TextUnmarshaler = (*ConsensusAddress)(nil) ++) + + // Address represents a TCP address for the purpose of node descriptors. + type Address struct { +diff --git a/coreapi/v24.0/common/node/node.go b/coreapi/v24.0/common/node/node.go +index 38000b5..236f1a3 100644 +--- a/coreapi/v24.0/common/node/node.go ++++ b/coreapi/v24.0/common/node/node.go +@@ -105,7 +105,24 @@ type nodeV2 struct { // nolint: maligned + } + + // ToV3 returns the V3 representation of the V2 node descriptor. +-// removed func ++func (nv2 *nodeV2) ToV3() *Node { ++ nv3 := &Node{ ++ Versioned: cbor.NewVersioned(3), ++ ID: nv2.ID, ++ EntityID: nv2.EntityID, ++ Expiration: nv2.Expiration, ++ P2P: nv2.P2P, ++ Consensus: nv2.Consensus, ++ Runtimes: nv2.Runtimes, ++ SoftwareVersion: nv2.SoftwareVersion, ++ Roles: nv2.Roles & ^roleReserved3, // Clear consensus-rpc role. ++ TLS: TLSInfo{PubKey: nv2.TLS.PubKey}, // Migrate to new TLS Info. ++ } ++ if nv2.VRF != nil { ++ nv3.VRF = *nv2.VRF ++ } ++ return nv3 ++} + + // SoftwareVersion is the node's oasis-node software version. + type SoftwareVersion string +@@ -181,7 +198,12 @@ func (m RolesMask) MarshalText() ([]byte, error) { + return []byte(m.String()), nil + } + +-// removed func ++func checkDuplicateRole(newRole RolesMask, curRoles RolesMask) error { ++ if curRoles&newRole != 0 { ++ return fmt.Errorf("node: duplicate role: '%s'", newRole) ++ } ++ return nil ++} + + // UnmarshalText decodes a text slice into a RolesMask. + func (m *RolesMask) UnmarshalText(text []byte) error { +@@ -215,7 +237,7 @@ func (m *RolesMask) UnmarshalText(text []byte) error { + } + *m |= RoleStorageRPC + default: +- return fmt.Errorf("%w: '%s'", ErrInvalidRole, role) ++ return fmt.Errorf("node: invalid role: '%s'", role) + } + } + return nil diff --git a/scripts/vendor-oasis-core/patches/v24.0/keymanager_secrets_marshal.patch b/scripts/vendor-oasis-core/patches/v24.0/keymanager_secrets_marshal.patch new file mode 100644 index 000000000..b71f25ab9 --- /dev/null +++ b/scripts/vendor-oasis-core/patches/v24.0/keymanager_secrets_marshal.patch @@ -0,0 +1,37 @@ +diff --git a/coreapi/v24.0/keymanager/secrets/secret.go b/coreapi/v24.0/keymanager/secrets/secret.go +index 010ef4a..0c5a0a9 100644 +--- a/coreapi/v24.0/keymanager/secrets/secret.go ++++ b/coreapi/v24.0/keymanager/secrets/secret.go +@@ -1,6 +1,9 @@ + package secrets + + import ( ++ "encoding/base64" ++ "encoding/json" ++ + "github.com/oasisprotocol/curve25519-voi/primitives/x25519" + + beacon "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" +@@ -30,6 +33,22 @@ type EncryptedSecret struct { + Ciphertexts map[x25519.PublicKey][]byte `json:"ciphertexts"` + } + ++// XXX: Nexus-specific addition/hack. ++// We implement MarshalJSON here because the the encoding/json library ++// does not recognize the x25519.PublicKey type as a valid map key. ++func (es *EncryptedSecret) MarshalJSON() ([]byte, error) { ++ ciphertexts := make(map[string][]byte) ++ for pubkey, ciphertext := range es.Ciphertexts { ++ ciphertexts[base64.StdEncoding.EncodeToString(pubkey[:])] = ciphertext ++ } ++ esJSON := make(map[string]interface{}) ++ esJSON["checksum"] = es.Checksum ++ esJSON["pub_key"] = es.PubKey ++ esJSON["ciphertexts"] = ciphertexts ++ ++ return json.Marshal(esJSON) ++} ++ + // SanityCheck performs a sanity check on the encrypted secret. + // removed func + diff --git a/scripts/vendor-oasis-core/patches/v24.0/remove_submission_manager.patch b/scripts/vendor-oasis-core/patches/v24.0/remove_submission_manager.patch new file mode 100644 index 000000000..39c548255 --- /dev/null +++ b/scripts/vendor-oasis-core/patches/v24.0/remove_submission_manager.patch @@ -0,0 +1,35 @@ +diff --git a/coreapi/v24.0/consensus/api/submission.go b/coreapi/v24.0/consensus/api/submission.go +index fcd0610..9ca7ce8 100644 +--- a/coreapi/v24.0/consensus/api/submission.go ++++ b/coreapi/v24.0/consensus/api/submission.go +@@ -1,12 +1,7 @@ + package api + + import ( +- "sync" + "time" +- +- staking "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" +- "github.com/oasisprotocol/oasis-core/go/common/logging" +- "github.com/oasisprotocol/oasis-core/go/common/quantity" + ) + + const ( +@@ -20,16 +15,7 @@ const ( + // SubmissionManager is a transaction submission manager interface. + // removed interface + +-type submissionManager struct { +- backend ClientBackend +- priceDiscovery PriceDiscovery +- maxFee quantity.Quantity +- +- noncesLock sync.Mutex +- nonces map[staking.Address]uint64 +- +- logger *logging.Logger +-} ++// removed type + + // Implements SubmissionManager. + // removed func diff --git a/scripts/vendor-oasis-core/patches/v24.0/reuse_epoch_time.patch b/scripts/vendor-oasis-core/patches/v24.0/reuse_epoch_time.patch new file mode 100644 index 000000000..efa504ce8 --- /dev/null +++ b/scripts/vendor-oasis-core/patches/v24.0/reuse_epoch_time.patch @@ -0,0 +1,24 @@ +diff --git a/coreapi/v24.0/beacon/api/api.go b/coreapi/v24.0/beacon/api/api.go +index 5de5a6b..57eabc8 100644 +--- a/coreapi/v24.0/beacon/api/api.go ++++ b/coreapi/v24.0/beacon/api/api.go +@@ -1,6 +1,10 @@ + // Package api implements the random beacon and time keeping APIs. + package api + ++import ( ++ original "github.com/oasisprotocol/oasis-core/go/beacon/api" ++) ++ + const ( + // ModuleName is a unique module name for the beacon module. + ModuleName = "beacon" +@@ -25,7 +29,7 @@ const ( + + // EpochTime is the number of intervals (epochs) since a fixed instant + // in time/block height (epoch date/height). +-type EpochTime uint64 ++type EpochTime = original.EpochTime + + // AbsDiff returns the absolute difference (in epochs) between two epochtimes. + // removed func diff --git a/scripts/vendor-oasis-core/patches/v24.0/status_state_enum_constants.patch b/scripts/vendor-oasis-core/patches/v24.0/status_state_enum_constants.patch new file mode 100644 index 000000000..374dd2008 --- /dev/null +++ b/scripts/vendor-oasis-core/patches/v24.0/status_state_enum_constants.patch @@ -0,0 +1,18 @@ +diff --git a/coreapi/v24.0/consensus/api/api.go b/coreapi/v24.0/consensus/api/api.go +index 7a8a20b..c4eedeb 100644 +--- a/coreapi/v24.0/consensus/api/api.go ++++ b/coreapi/v24.0/consensus/api/api.go +@@ -112,7 +112,12 @@ type Vote struct { + // StatusState is the concise status state of the consensus backend. + type StatusState uint8 + +-// removed var block ++var ( ++ // StatusStateReady is the ready status state. ++ StatusStateReady StatusState ++ // StatusStateSyncing is the syncing status state. ++ StatusStateSyncing StatusState = 1 ++) + + // String returns a string representation of a status state. + func (s StatusState) String() string { diff --git a/scripts/vendor-oasis-core/vendor_oasis_core.sh b/scripts/vendor-oasis-core/vendor_oasis_core.sh index 1c232fde6..59832bd49 100755 --- a/scripts/vendor-oasis-core/vendor_oasis_core.sh +++ b/scripts/vendor-oasis-core/vendor_oasis_core.sh @@ -14,7 +14,7 @@ # (which nexus uses to communicate with the node) changes. # The gRPC protocol is NOT VERSIONED (!), so technically we'd need to # deep-read the oasis-core release notes for every release to see if -# the gRPC API changed. In practice, it's strongly correlated with +# the gRPC API changed. In practice, it's strongly correlated with # the consensus version (listed on top of release notes). Also in practice, # we needed to vendor types exactly once for each named release # (Beta, Cobalt, Damask, etc). @@ -33,7 +33,9 @@ set -euo pipefail VERSION="${1:-v22.2.11}" # Damask MODULES=(beacon consensus genesis governance keymanager registry roothash scheduler staking) if [[ $VERSION == v22.* ]]; then MODULES+=(runtime/client); fi -if [[ $VERSION == v22.* ]] || [[ $VERSION == v23.* ]]; then MODULES+=(upgrade); fi +if [[ $VERSION == v22.* ]] || [[ $VERSION == v23.* ]] || [[ $VERSION == v24.* ]]; then MODULES+=(upgrade); fi +if [[ $VERSION == v24.* ]]; then MODULES+=(vault); fi + OUTDIR="coreapi/$VERSION" echo "Vendoring oasis-core $VERSION into $OUTDIR" @@ -57,6 +59,13 @@ done cp -r ../oasis-core/go/consensus/genesis "$OUTDIR/consensus" mkdir -p "$OUTDIR/common/node" cp ../oasis-core/go/common/node/*.go "$OUTDIR/common/node" + +# Copy keymanager/secrets package for v24, and fix imports. +if [[ $VERSION == v24.* ]]; then + cp -r ../oasis-core/go/keymanager/secrets "$OUTDIR/keymanager/secrets" + cp -r ../oasis-core/go/keymanager/churp "$OUTDIR/keymanager/churp" +fi + rm $(find "$OUTDIR/" -name '*_test.go') # Fix imports: References to the "real" oasis-core must now point to the vendored coutnerpart. @@ -64,6 +73,8 @@ modules_or=$(IFS="|"; echo "${MODULES[*]}") sed -E -i "s#github.com/oasisprotocol/oasis-core/go/($modules_or)/api(/[^\"]*)?#github.com/oasisprotocol/nexus/$OUTDIR/\\1/api\\2#" $(find "$OUTDIR/" -type f) sed -E -i "s#github.com/oasisprotocol/oasis-core/go/common/node#github.com/oasisprotocol/nexus/$OUTDIR/common/node#" $(find "$OUTDIR/" -type f) sed -E -i "s#github.com/oasisprotocol/oasis-core/go/consensus/genesis#github.com/oasisprotocol/nexus/$OUTDIR/consensus/genesis#" $(find "$OUTDIR/" -type f) +sed -E -i "s#github.com/oasisprotocol/oasis-core/go/keymanager/secrets#github.com/oasisprotocol/nexus/$OUTDIR/keymanager/secrets#" $(find "$OUTDIR/" -type f) +sed -E -i "s#github.com/oasisprotocol/oasis-core/go/keymanager/churp#github.com/oasisprotocol/nexus/$OUTDIR/keymanager/churp#" $(find "$OUTDIR/" -type f) # Remove functions and interfaces. We only need the types. for f in $(find "$OUTDIR/" -name "*.go" -type f | sort); do @@ -97,7 +108,7 @@ EOF for p in scripts/vendor-oasis-core/patches/"$VERSION"/*.patch; do echo "Applying patch $p" git apply "$p" -done +done # Check that no unexpected direct oasis-core imports are left, # now that we've removed non-API code and minimized imports. diff --git a/storage/oasis/nodeapi/eden/convert.go b/storage/oasis/nodeapi/eden/convert.go index 0c138825b..5e850c8c8 100644 --- a/storage/oasis/nodeapi/eden/convert.go +++ b/storage/oasis/nodeapi/eden/convert.go @@ -23,14 +23,14 @@ import ( "github.com/oasisprotocol/nexus/storage/oasis/nodeapi" // data types for Eden gRPC APIs. - nodeEden "github.com/oasisprotocol/nexus/coreapi/v23.0/common/node" - txResultsEden "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api/transaction/results" - genesisEden "github.com/oasisprotocol/nexus/coreapi/v23.0/genesis/api" - governanceEden "github.com/oasisprotocol/nexus/coreapi/v23.0/governance/api" - registryEden "github.com/oasisprotocol/nexus/coreapi/v23.0/registry/api" - roothashEden "github.com/oasisprotocol/nexus/coreapi/v23.0/roothash/api" - schedulerEden "github.com/oasisprotocol/nexus/coreapi/v23.0/scheduler/api" - stakingEden "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" + nodeEden "github.com/oasisprotocol/nexus/coreapi/v24.0/common/node" + txResultsEden "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction/results" + genesisEden "github.com/oasisprotocol/nexus/coreapi/v24.0/genesis/api" + governanceEden "github.com/oasisprotocol/nexus/coreapi/v24.0/governance/api" + registryEden "github.com/oasisprotocol/nexus/coreapi/v24.0/registry/api" + roothashEden "github.com/oasisprotocol/nexus/coreapi/v24.0/roothash/api" + schedulerEden "github.com/oasisprotocol/nexus/coreapi/v24.0/scheduler/api" + stakingEden "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" ) func convertProposal(p *governanceEden.Proposal) *governance.Proposal { @@ -78,7 +78,11 @@ func convertAccount(a *stakingEden.Account) *staking.Account { rateBoundSteps[i] = staking.CommissionRateBoundStep(r) } return &staking.Account{ - General: staking.GeneralAccount(a.General), + General: staking.GeneralAccount{ + Balance: a.General.Balance, + Nonce: a.General.Nonce, + Allowances: a.General.Allowances, + }, Escrow: staking.EscrowAccount{ Active: staking.SharePool(a.Escrow.Active), Debonding: staking.SharePool(a.Escrow.Debonding), diff --git a/storage/oasis/nodeapi/eden/node.go b/storage/oasis/nodeapi/eden/node.go index 0d6f9b61e..1f03d998c 100644 --- a/storage/oasis/nodeapi/eden/node.go +++ b/storage/oasis/nodeapi/eden/node.go @@ -20,15 +20,15 @@ import ( "github.com/oasisprotocol/nexus/storage/oasis/nodeapi" // data types for Eden gRPC APIs. - beaconEden "github.com/oasisprotocol/nexus/coreapi/v23.0/beacon/api" - consensusEden "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api" - txResultsEden "github.com/oasisprotocol/nexus/coreapi/v23.0/consensus/api/transaction/results" - genesisEden "github.com/oasisprotocol/nexus/coreapi/v23.0/genesis/api" - governanceEden "github.com/oasisprotocol/nexus/coreapi/v23.0/governance/api" - registryEden "github.com/oasisprotocol/nexus/coreapi/v23.0/registry/api" - roothashEden "github.com/oasisprotocol/nexus/coreapi/v23.0/roothash/api" - schedulerEden "github.com/oasisprotocol/nexus/coreapi/v23.0/scheduler/api" - stakingEden "github.com/oasisprotocol/nexus/coreapi/v23.0/staking/api" + beaconEden "github.com/oasisprotocol/nexus/coreapi/v24.0/beacon/api" + consensusEden "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api" + txResultsEden "github.com/oasisprotocol/nexus/coreapi/v24.0/consensus/api/transaction/results" + genesisEden "github.com/oasisprotocol/nexus/coreapi/v24.0/genesis/api" + governanceEden "github.com/oasisprotocol/nexus/coreapi/v24.0/governance/api" + registryEden "github.com/oasisprotocol/nexus/coreapi/v24.0/registry/api" + roothashEden "github.com/oasisprotocol/nexus/coreapi/v24.0/roothash/api" + schedulerEden "github.com/oasisprotocol/nexus/coreapi/v24.0/scheduler/api" + stakingEden "github.com/oasisprotocol/nexus/coreapi/v24.0/staking/api" ) var logger = cmdCommon.RootLogger().WithModule("eden-consensus-api-lite")