v0.35.0

Release v0.35.0

The release mostly fixes funding during the audit and integration with the bridge. But the release also contains some new features like:

• Asynchronous predicate estimation/verification.
• Multi-asset support per contract.
• Support Secp256r1 signature recovery and Ed25519 verificaiton.

Added

• #486: Adds ed25519 signature verification and secp256r1 signature recovery to fuel-crypto, and corresponding opcodes ED19 and ECR1 to fuel-vm.

• #500: Introduced ParallelExecutor trait
  and made available async versions of verify and estimate predicates.
  Updated tests to test for both parallel and sequential execution.
  Fixed a bug in transaction/check_predicate_owners.

Breaking

• #506: Added new Mint and Burn variants to Receipt enum.
  It affects serialization and deserialization with new variants.

Changed

Breaking

• #506: The mint and burn
  opcodes accept a new $rB register. It is a sub-identifier used to generate an
  AssetId by this rule.
  This feature allows having multi-asset per one contract. It is a huge breaking change, and
  after this point, ContractId can't be equal to AssetId.

  The conversion like AssetId::from(*contract_id) is no longer valid. Instead, the ContractId implements the ContractIdExt trait:

  /// Trait extends the functionality of the `ContractId` type.
  pub trait ContractIdExt {
      /// Creates an `AssetId` from the `ContractId` and `sub_id`.
      fn asset_id(&self, sub_id: &Bytes32) -> AssetId;
  }

• #506: The mint and burn
  opcodes affect the receipts_root of the Script transaction.

Removed

Breaking

• #486: Removes apparently unused Keystore and Signer traits from fuel-crypto. Also renames ECR opcode to ECK1.

Fixed

• #500: Fixed a bug where MessageCoinPredicate wasn't checked for in check_predicate_owners.

Breaking

• #502: The algorithm used by the
  binary Merkle tree for generating Merkle proofs has been updated to remove
  the leaf data from the proof set. This change allows BMT proofs to conform
  to the format expected by the Solidity contracts used for verifying proofs.

• #503: Use correct amount of gas in call
  receipts when limited by cgas. Before this change, the Receipt::Call could show an incorrect value for the gas limit.

• #504: The CROO and CSIZ opcodes require
  the existence of corresponding ContractId in the transaction's
  inputs(the same behavior as for the CROO opcode).

• #504: The size of the contract
  was incorrectly padded. It affects the end of the call frame in the memory,
  making it not 8 bytes align. Also, it affects the cost of the contract
  call(in some cases, we charged less in some more).

• #504: The charging for DependentCost
  was done incorrectly, devaluing the dep_per_unit part. After the fixing of
  this, the execution should become much more expensive.

• #505: The data field of the Receipt
  is not part of the canonical serialization and deserialization anymore. The SDK should use the
  Receipt type instead of OpaqueReceipt. The Receipt.raw_payload will be removed for the
  fuel-core 0.20. The data field is optional now. The SDK should update serialization and
  deserialization for MessageOut, LogData, and ReturnData receipts.

• #505: The len field of the Receipt
  is not padded anymore and represents an initial value.

All changes:

What's Changed

• Some additional test to verify ecrecovery with TxId and coin witness by @xgreenx in #495
• Add argument names to fuel-asm opcodes by @Dentosal in #497
• Use correct amount of gas in call receipts when limited by cgas by @Dentosal in #503
• bug: Remove leaf data from BMT proofs by @bvrooman in #502
• Bugfixes found during chatting with Auditors on July 7th by @xgreenx in #504
• Removed the data field from canonical serialization and deserialization of receipts by @xgreenx in #505
• Secp256r1 signature recovery and Ed25519 verification by @Dentosal in #486
• enable parallel predicate verification by @leviathanbeak in #500
• Support of the multi-assets per contract by @xgreenx in #506

Full Changelog: v0.34.1...v0.35.0

v0.34.1

Release v0.34.1

Mainly new opcodes prices and small performance improvements in the BinaryMerkleTree.

Changed

• #492 Minor improvements to BMT internals, including a reduction in usage of Box, using expect(...) over unwrap(), and additional comments.

Breaking

• #493 The default GasCostsValues is updated according to the benches with fuel-core 0.19. It may break some unit tests that compare actual gas usage with expected.

What's Changed

• chore: BMT clean up by @bvrooman in #492
• Update gas prices based on fuel-core 0.19 by @xgreenx in #493

Full Changelog: v0.34.0...v0.34.1

v0.34.0

Release v0.34.0

This release contains fixes for critical issues that we found before the audit. Mainly, these changes pertain to the Sparse Merkle Tree (SMT) and related code. The SMT API was extended to provide more flexibility and to allow users to select the most appropriate method their performance needs. Where possible, sequential SMT updates were replaced with constructors that take in a complete data set.

Added

• #476: The fuel_vm::Call supports From<[u8; Self::LEN]> and Into<[u8; Self::LEN]>.

• #484: The sparse::in_memory::MerkleTree got new methods from_set, root_from_set, and nodes_from_set methods. These methods allow a more optimal way to build and calculate the SMT when you know all leaves. The Contract::initial_state_root is much faster now (by ~15 times).

Removed

• #478: The CheckedMemRange is replaced by the MemoryRange.

Changed

• #477: The PanicReason::UnknownPanicReason is 0x00. The PanicReason now implements From<u8> instead of TryFrom<u8> and can't return an error anymore.

• #478: The memcopy method is updated and returns MemoryWriteOverlap instead of MemoryOverflow.

Fixed

• #482: This PR address a security issue where updates to a Sparse Merkle Tree could deliberately overwrite existing leaves by setting the leaf key to the hash of an existing leaf or node. This is done by removing the insertion of the leaf using the leaf key.

• #484: Fixed bug with not-working CreateMetadata.

Breaking

• #473: CFS and CFSI were not validating
  that the new $sp value isn't below $ssp, allowing write access to non-owned
  memory. This is now fixed, and attempting to set an incorrect $sp value panics.

• #485: This PR addresses a security
  issue where the user may manipulate the structure of the Sparse Merkle Tree.
  SMT expects hashed storage key wrapped into a MerkleTreeKey structure.
  The change is breaking because it changes the state_root generated by the SMT
  and may change the ContractId if the Create transaction has non-empty StoargeSlots.

All changes:

• Disallow setting $sp < $ssp using CFS and CFSI instructions by @Dentosal in #473
• MemoryRange rework by @Dentosal in #478
• Return the previous behavior of the data length GTF by @xgreenx in #481
• chore: optimize smt common prefix count by @bvrooman in #475
• refactor: SMT path iter uses leaf key by @bvrooman in #482
• Added a test to show a problem with leaf overriding by @xgreenx in #469
• Minor readibility improvements by @Dentosal in #476
• feat: SMT update set by @bvrooman in #467
• Added more detailed descriptions to README files by @xgreenx in #487
• Use a new sparse::MerkleTree::from_set function to calculate state root by @xgreenx in #484
• Changed the API of the SparseMerkleTree to accept MerkleStorageKey by @xgreenx in #485
• PanicReason rework by @Dentosal in #477
• Use nightly rustfmt with .rustfmt.toml from fuel-core by @xgreenx in #489
• Bump version to 0.34.0 and finilized the CHANGELOG.md by @xgreenx in #488
• dev-deps on local crate must use path by @Voxelot in #490

Full Changelog: v0.33.0...v0.34.0

v0.31.2

What's Changed

• Return the previous behavior of the data length GTF by @xgreenx in #479

Full Changelog: v0.31.1...v0.31.2

v0.33.0

Release v0.33.0

The release contains a lot of breaking changes.
Most of them are audit blockers and affect the protocol itself.
Starting this release we plan to maintain the changelog file and describe all minor and major changes that make sense.

Added

Breaking

• #386: The coin and message inputs
  got a new field - predicate_gas_used. So it breaks the constructor API
  of these inputs.

  The value of this field is zero for non-predicate inputs, but for the
  predicates, it indicates the exact amount of gas used by the predicate
  to execute. If after the execution of the predicate remaining gas is not
  zero, then the predicate execution failed.

  This field is malleable but will be used by the VM, and each predicate
  should be estimated before performing the verification logic.
  The Transaction, Create, and Script types implement the
  EstimatePredicates for these purposes.

  /// Provides predicate estimation functionality for the transaction.
  pub trait EstimatePredicates: Sized {
      /// Estimates predicates of the transaction.
      fn estimate_predicates(&mut self, params: &ConsensusParameters, gas_costs: &GasCosts) -> Result<(), CheckError>;
  }

  During the creation of the Input, the best strategy is to use a default
  value like 0 and call the estimate_predicates method to actualize
  the predicate_gas_used after.

• #454: VM native array-backed types
  Address, AssetId, ContractId, Bytes4, Bytes8, Bytes20, Bytes32,
  Nonce, MessageId, Salt now use more compact representation instead of
  hex-encoded string when serialized using serde format that sets
  is_human_readable to false.

• #456: Added a new type - ChainId to represent the identifier of the chain.
  It is a wrapper around the u64, so any u64 can be converted into this type via .into() or ChainId::new(...).

• #459 Require witness index to be specified when adding an unsigned coin to a transaction.
  This allows for better reuse of witness data when using the transaction builder and helper methods to make transactions compact.

• #462: Adds a cache parameter to Input::check and Input::check_signature.
  This is used to avoid redundant signature recovery when multiple inputs share the same witness index.

Changed

• #458: Automatically sort storage slots for creation transactions.

Breaking

• #386: Several methods of the TransactionFee are renamed total -> max_fee
  and bytes -> min_fee. The TransactionFee::min_fee take into account the gas used by predicates.

• #450: The Merkle root of a contract's code is now calculated by partitioning the code into chunks of 16 KiB, instead of 8 bytes. If the last leaf is does not a full 16 KiB, it is padded with 0 up to the nearest multiple of 8 bytes. This affects the ContractId and PredicateId calculations, breaking all code that used hardcoded values.

• #456: The basic methods UniqueIdentifier::id, Signable::sign_inputs,
  and Input::predicate_owner use ChainId instead of the ConsensusParameters.
  It is a less strict requirement than before because you can get ChainId
  from ConsensusParameters.chain_id, and it makes the API cleaner.
  It affects all downstream functions that use listed methods.

• #463: Moves verification that the Output::ContractCreated
  output contains valid contract_id and state_root(the values from the Output match with calculated
  values from the bytecode, storage slots, and salt) from fuel-vm to fuel-tx.
  It means the end-user will receive this error earlier on the SDK side before dry_run instead of after.

Fixed

Breaking

• #457: Transactions got one more validity rule:
  Each Script or Create transaction requires at least one input coin or message to be spendable.
  It may break code/tests that previously didn't set any spendable inputs.
  Note: Message with non-empty data field is not spendable.

• #458: The storage slots with the same key inside the Create transaction are forbidden.

All changes:

• Add empty changelog file by @xgreenx in #455
• Added a new type ChainId and re-used it for signing of transactions by @xgreenx in #456
• Sort storage slots on create transactions automatically by @Voxelot in #458
• Do not hex-format primitives when format doesn't require it by @Dentosal in #454
• Predicate Estimation VM part by @xgreenx in #460
• Reuse witnesses for identical secrets when building transactions by @Voxelot in #459
• Inputs have at least one spendable coin or message by @xgreenx in #457
• feat: Update contract leaf size by @bvrooman in #450
• Signature caching during validation by @Voxelot in #462
• Moved the check of the contract_id and state_root from fuel-vm to fuel-tx by @xgreenx in #463
• Minor improvements during integration with fuel-core by @xgreenx in #465
• Bump version to 0.33.0 by @xgreenx in #466

Full Changelog: v0.32.0...v0.33.0

v0.32.0

A new release adds support for wide math operations that should decrease the size of the contracts.

Breaking

• Renamed InstructionResult into PanicInstruction - #444

What's Changed

• Add wide math operations by @Dentosal in #424
• Do not panic when shifting by more than u32::MAX bits by @Dentosal in #433
• Allow empty range in the checked memory by @xgreenx in #436
• Modify "with" functions for consensus parameters by @mitch-fuel in #446
• Fix to_bytes for numeric types by @Voxelot in #447
• Addressing minor issues by @xgreenx in #444
• Bump the version to the 0.32.0 by @xgreenx in #449

Full Changelog: v0.31.0...v0.32.0

v0.31.1

What's Changed

• Allow empty range in the checked memory - #435

Full Changelog: v0.31.0...v0.31.1

v0.31.0

What's Changed

• Serialize BlockHeight as integer again by @Dentosal in #422
• Duplicate patch from 0.26.3 by @xgreenx in #428
• Adding more unit tests by @freesig in #390
• Update deps and audit by @freesig in #429
• Bump the version to 0.31.0 by @xgreenx in #431

Full Changelog: v0.30.0...v0.31.0

v0.26.3

What's Changed:

• Disable tracing for each instruction - #427

Full Changelog: v0.26.2...v0.26.3

v0.26.2

What's Changed:

• Truncation of large fields (script, script data, witnesses, etc) when debug formatting transactions (#423)

Full Changelog: v0.26.1...v0.26.2