diff --git a/.changelog/config.toml b/.changelog/config.toml deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/epilogue.md b/.changelog/epilogue.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/unreleased/.gitkeep b/.changelog/unreleased/.gitkeep deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/breaking-changes/152-rename-binary-docker.md b/.changelog/v0.34.27/breaking-changes/152-rename-binary-docker.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/breaking-changes/211-deprecate-tmhome.md b/.changelog/v0.34.27/breaking-changes/211-deprecate-tmhome.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/breaking-changes/360-update-to-go-119.md b/.changelog/v0.34.27/breaking-changes/360-update-to-go-119.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/bug-fixes/383-txindexer-fix-slash-parsing.md b/.changelog/v0.34.27/bug-fixes/383-txindexer-fix-slash-parsing.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/bug-fixes/386-quick-fix-needproofblock.md b/.changelog/v0.34.27/bug-fixes/386-quick-fix-needproofblock.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/bug-fixes/4-busy-loop-send-block-part.md b/.changelog/v0.34.27/bug-fixes/4-busy-loop-send-block-part.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/bug-fixes/9936-p2p-fix-envelope-sending.md b/.changelog/v0.34.27/bug-fixes/9936-p2p-fix-envelope-sending.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/dependencies/160-tmdb-to-cometbftdb.md b/.changelog/v0.34.27/dependencies/160-tmdb-to-cometbftdb.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/dependencies/165-bump-tmloadtest.md b/.changelog/v0.34.27/dependencies/165-bump-tmloadtest.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/dependencies/9787-btcec-dep-update.md b/.changelog/v0.34.27/dependencies/9787-btcec-dep-update.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/features/9759-kvindexer-match-event.md b/.changelog/v0.34.27/features/9759-kvindexer-match-event.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/improvements/136-remove-tm-signer-harness.md b/.changelog/v0.34.27/improvements/136-remove-tm-signer-harness.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/improvements/204-version-commit-hash.md b/.changelog/v0.34.27/improvements/204-version-commit-hash.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/improvements/314-prio-mempool-badtxlog.md b/.changelog/v0.34.27/improvements/314-prio-mempool-badtxlog.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/improvements/56-rpc-cache-rpc-responses.md b/.changelog/v0.34.27/improvements/56-rpc-cache-rpc-responses.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/improvements/9733-consensus-metrics.md b/.changelog/v0.34.27/improvements/9733-consensus-metrics.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/improvements/9759-kvindexer-match-event.md b/.changelog/v0.34.27/improvements/9759-kvindexer-match-event.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/improvements/9764-p2p-fix-logspam.md b/.changelog/v0.34.27/improvements/9764-p2p-fix-logspam.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/improvements/9776-consensus-vote-bandwidth.md b/.changelog/v0.34.27/improvements/9776-consensus-vote-bandwidth.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.27/summary.md b/.changelog/v0.34.27/summary.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.28/breaking-changes/558-tm10011.md b/.changelog/v0.34.28/breaking-changes/558-tm10011.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.28/bug-fixes/496-error-on-applyblock-should-panic.md b/.changelog/v0.34.28/bug-fixes/496-error-on-applyblock-should-panic.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.28/bug-fixes/524-rename-peerstate-tojson.md b/.changelog/v0.34.28/bug-fixes/524-rename-peerstate-tojson.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.28/bug-fixes/575-fix-light-client-panic.md b/.changelog/v0.34.28/bug-fixes/575-fix-light-client-panic.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.28/improvements/475-upgrade-go-schnorrkel.md b/.changelog/v0.34.28/improvements/475-upgrade-go-schnorrkel.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.28/improvements/638-json-rpc-error-message.md b/.changelog/v0.34.28/improvements/638-json-rpc-error-message.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.28/summary.md b/.changelog/v0.34.28/summary.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.29/bug-fixes/771-kvindexer-parsing-big-ints.md b/.changelog/v0.34.29/bug-fixes/771-kvindexer-parsing-big-ints.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.29/bug-fixes/771-pubsub-parsing-big-ints.md b/.changelog/v0.34.29/bug-fixes/771-pubsub-parsing-big-ints.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.29/improvements/654-rpc-rm-response-data-logs.md b/.changelog/v0.34.29/improvements/654-rpc-rm-response-data-logs.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.29/security-fixes/788-rpc-client-pw.md b/.changelog/v0.34.29/security-fixes/788-rpc-client-pw.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.29/security-fixes/794-cli-debug-kill-unsafe-cast.md b/.changelog/v0.34.29/security-fixes/794-cli-debug-kill-unsafe-cast.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.29/security-fixes/865-fix-peerstate-marshaljson.md b/.changelog/v0.34.29/security-fixes/865-fix-peerstate-marshaljson.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.29/security-fixes/890-mempool-fix-cache.md b/.changelog/v0.34.29/security-fixes/890-mempool-fix-cache.md deleted file mode 100644 index e69de29..0000000 diff --git a/.changelog/v0.34.29/summary.md b/.changelog/v0.34.29/summary.md deleted file mode 100644 index e69de29..0000000 diff --git a/README.md b/README.md index a59cb7f..45941c5 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,7 @@ You can find more information about the Switchyard blockchain [here](https://git To use this project as a library in your blockchain project, update the `go.mod` file as follows: ```go -github.com/tendermint/tendermint => github.com/tendermint/tendermint v0.0.1 +github.com/tendermint/tendermint => github.com/airchains-network/tracksbft v0.0.1 ``` Alternatively, you can run the following command and then replace all `tendermint/cometbft` library imports in your blockchain project with `tracksbft`: diff --git a/RELEASES.md b/RELEASES.md deleted file mode 100644 index 0122b11..0000000 --- a/RELEASES.md +++ /dev/null @@ -1,362 +0,0 @@ -# Releases - -CometBFT uses modified [semantic versioning](https://semver.org/) with each -release following a `vX.Y.Z` format. CometBFT is currently on major version 0 -and uses the minor version to signal breaking changes. The `main` branch is -used for active development and thus it is not advisable to build against it. - -The latest changes are always initially merged into `main`. Releases are -specified using tags and are built from long-lived "backport" branches that are -cut from `main` when the release process begins. Each release "line" (e.g. -0.34 or 0.33) has its own long-lived backport branch, and the backport branches -have names like `v0.34.x` or `v0.33.x` (literally, `x`; it is not a placeholder -in this case). CometBFT only maintains the last two releases at a time (the -oldest release is predominantly just security patches). - -## Backporting - -As non-breaking changes land on `main`, they should also be backported to -these backport branches. - -We use Mergify's [backport feature](https://mergify.io/features/backports) to -automatically backport to the needed branch. There should be a label for any -backport branch that you'll be targeting. To notify the bot to backport a pull -request, mark the pull request with the label corresponding to the correct -backport branch. For example, to backport to v0.38.x, add the label -`S:backport-to-v0.38.x`. Once the original pull request is merged, the bot will -try to cherry-pick the pull request to the backport branch. If the bot fails to -backport, it will open a pull request. The author of the original pull request -is responsible for solving the conflicts and merging the pull request. - -### Creating a backport branch - -If this is the first release candidate for a minor version release, e.g. -v0.25.0, you get to have the honor of creating the backport branch! - -Note that, after creating the backport branch, you'll also need to update the -tags on `main` so that `go mod` is able to order the branches correctly. You -should tag `main` with a "dev" tag that is "greater than" the backport -branches tags. Otherwise, `go mod` does not 'know' whether commits on `main` -come before or after the release. - -In the following example, we'll assume that we're making a backport branch for -the 0.38.x line. - -1. Start on `main` - -2. Ensure that there is a [branch protection - rule](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule) for the - branch you are about to create (you will need admin access to the repository - in order to do this). - -3. Create and push the backport branch: - - ```sh - git checkout -b v0.38.x - git push origin v0.38.x - ``` - -4. Create a PR to update the documentation directory for the backport branch. - - We rewrite any URLs pointing to `main` to point to the backport branch, - so that generated documentation will link to the correct versions of files - elsewhere in the repository. The following files are to be excluded from this - search: - - * [`README.md`](./README.md) - * [`CHANGELOG.md`](./CHANGELOG.md) - * [`UPGRADING.md`](./UPGRADING.md) - - The following links are to always point to `main`, regardless of where they - occur in the codebase: - - * `https://github.com/cometbft/cometbft/blob/main/LICENSE` - - Be sure to search for all of the following links and replace `main` with your - corresponding branch label or version (e.g. `v0.38.x` or `v0.38`): - - * `github.com/cometbft/cometbft/blob/main` -> - `github.com/cometbft/cometbft/blob/v0.38.x` - * `github.com/cometbft/cometbft/tree/main` -> - `github.com/cometbft/cometbft/tree/v0.38.x` - * `docs.cometbft.com/main` -> `docs.cometbft.com/v0.38` - - Once you have updated all of the relevant documentation: - - ```sh - # Create and push the PR. - git checkout -b update-docs-v038x - git commit -m "Update docs for v0.38.x backport branch." - git push -u origin update-docs-v038x - ``` - - Be sure to merge this PR before making other changes on the newly-created - backport branch. - -After doing these steps, go back to `main` and do the following: - -1. Create a new workflow to run e2e nightlies for the new backport branch. (See - [e2e-nightly-main.yml][e2e] for an example.) - -2. Add a new section to the Mergify config (`.github/mergify.yml`) to enable the - backport bot to work on this branch, and add a corresponding `backport-to-v0.38.x` - [label](https://github.com/cometbft/cometbft/labels) so the bot can be triggered. - -3. Add a new section to the Dependabot config (`.github/dependabot.yml`) to - enable automatic update of Go dependencies on this branch. Copy and edit one - of the existing branch configurations to set the correct `target-branch`. - -[e2e]: https://github.com/cometbft/cometbft/blob/main/.github/workflows/e2e-nightly-main.yml - -## Pre-releases - -Before creating an official release, especially a minor release, we may want to -create an alpha or beta version, or release candidate (RC) for our friends and -partners to test out. We use git tags to create pre-releases, and we build them -off of backport branches, for example: - -* `v0.38.0-alpha.1` - The first alpha release of `v0.38.0`. Subsequent alpha - releases will be numbered `v0.38.0-alpha.2`, `v0.38.0-alpha.3`, etc. - - Alpha releases are to be considered the _most_ unstable of pre-releases, and - are most likely not yet properly QA'd. These are made available to allow early - adopters to start integrating and testing new functionality before we're done - with QA. - -* `v0.38.0-beta.1` - The first beta release of `v0.38.0`. Subsequent beta - releases will be numbered `v0.38.0-beta.2`, `v0.38.0-beta.3`, etc. - - Beta releases can be considered more stable than alpha releases in that we - will have QA'd them better than alpha releases, but there still may be - minor breaking API changes if users have strong demands for such changes. - -* `v0.38.0-rc1` - The first release candidate (RC) of `v0.38.0`. Subsequent RCs - will be numbered `v0.38.0-rc2`, `v0.38.0-rc3`, etc. - - RCs are considered more stable than beta releases in that we will have - completed our QA on them. APIs will most likely be stable at this point. The - difference between an RC and a release is that there may still be small - changes (bug fixes, features) that may make their way into the series before - cutting a final release. - -(Note that branches and tags _cannot_ have the same names, so it's important -that these branches have distinct names from the tags/release names.) - -If this is the first pre-release for a minor release, you'll have to make a new -backport branch (see above). Otherwise: - -1. Start from the backport branch (e.g. `v0.38.x`). -2. Run the integration tests and the E2E nightlies - (which can be triggered from the GitHub UI; - e.g., ). -3. Prepare the pre-release documentation: - * Build the changelog with [unclog] _without_ doing an unclog release, and - commit the built changelog. This ensures that all changelog entries appear - under an "Unreleased" heading in the pre-release's changelog. The changes - are only considered officially "released" once we cut a regular (final) - release. - * Ensure that `UPGRADING.md` is up-to-date and includes notes on any breaking - changes or other upgrading flows. -4. Prepare the versioning: - * Bump TMVersionDefault version in `version.go` - * Bump P2P and block protocol versions in `version.go`, if necessary. - Check the changelog for breaking changes in these components. - * Bump ABCI protocol version in `version.go`, if necessary -5. Open a PR with these changes against the backport branch. -6. Once these changes have landed on the backport branch, be sure to pull them back down locally. -7. Once you have the changes locally, create the new tag, specifying a name and a tag "message": - `git tag -a v0.38.0-rc1 -m "Release Candidate v0.38.0-rc1` -8. Push the tag back up to origin: - `git push origin v0.38.0-rc1` - Now the tag should be available on the repo's releases page. -9. Future pre-releases will continue to be built off of this branch. - -## Minor release - -This minor release process assumes that this release was preceded by release -candidates. If there were no release candidates, begin by creating a backport -branch, as described above. - -Before performing these steps, be sure the -[Minor Release Checklist](#minor-release-checklist) has been completed. - -1. Start on the backport branch (e.g. `v0.38.x`) -2. Run integration tests (`make test_integrations`) and the e2e nightlies. -3. Prepare the release: - * Do a [release][unclog-release] with [unclog] for the desired version, - ensuring that you write up a good summary of the major highlights of the - release that users would be interested in. - * Build the changelog using unclog, and commit the built changelog. - * Ensure that `UPGRADING.md` is up-to-date and includes notes on any breaking changes - or other upgrading flows. - * Bump TMVersionDefault version in `version.go` - * Bump P2P and block protocol versions in `version.go`, if necessary - * Bump ABCI protocol version in `version.go`, if necessary -4. Open a PR with these changes against the backport branch. -5. Once these changes are on the backport branch, push a tag with prepared release details. - This will trigger the actual release `v0.38.0`. - * `git tag -a v0.38.0 -m 'Release v0.38.0'` - * `git push origin v0.38.0` -6. Make sure that `main` is updated with the latest `CHANGELOG.md`, `CHANGELOG_PENDING.md`, and `UPGRADING.md`. - -## Patch release - -Patch releases are done differently from minor releases: They are built off of -long-lived backport branches, rather than from main. As non-breaking changes -land on `main`, they should also be backported into these backport branches. - -Patch releases don't have release candidates by default, although any tricky -changes may merit a release candidate. - -To create a patch release: - -1. Checkout the long-lived backport branch: `git checkout v0.38.x` -2. Run integration tests (`make test_integrations`) and the nightlies. -3. Check out a new branch and prepare the release: - * Do a [release][unclog-release] with [unclog] for the desired version, - ensuring that you write up a good summary of the major highlights of the - release that users would be interested in. - * Build the changelog using unclog, and commit the built changelog. - * Bump the TMDefaultVersion in `version.go` - * Bump the ABCI version number, if necessary. (Note that ABCI follows semver, - and that ABCI versions are the only versions which can change during patch - releases, and only field additions are valid patch changes.) -4. Open a PR with these changes that will land them back on `v0.38.x` -5. Once this change has landed on the backport branch, make sure to pull it locally, then push a tag. - * `git tag -a v0.38.1 -m 'Release v0.38.1'` - * `git push origin v0.38.1` -6. Create a pull request back to main with the CHANGELOG & version changes from the latest release. - * Remove all `R:patch` labels from the pull requests that were included in the release. - * Do not merge the backport branch into main. - -## Minor Release Checklist - -The following set of steps are performed on all releases that increment the -_minor_ version, e.g. v0.25 to v0.26. These steps ensure that CometBFT is well -tested, stable, and suitable for adoption by the various diverse projects that -rely on CometBFT. - -### Feature Freeze - -Ahead of any minor version release of CometBFT, the software enters 'Feature -Freeze' for at least two weeks. A feature freeze means that _no_ new features -are added to the code being prepared for release. No code changes should be made -to the code being released that do not directly improve pressing issues of code -quality. The following must not be merged during a feature freeze: - -* Refactors that are not related to specific bug fixes. -* Dependency upgrades. -* New test code that does not test a discovered regression. -* New features of any kind. -* Documentation or spec improvements that are not related to the newly developed - code. - -This period directly follows the creation of the [backport -branch](#creating-a-backport-branch). The CometBFT team instead directs all -attention to ensuring that the existing code is stable and reliable. Broken -tests are fixed, flakey-tests are remedied, end-to-end test failures are -thoroughly diagnosed and all efforts of the team are aimed at improving the -quality of the code. During this period, the upgrade harness tests are run -repeatedly and a variety of in-house testnets are run to ensure CometBFT -functions at the scale it will be used by application developers and node -operators. - -### Nightly End-To-End Tests - -The CometBFT team maintains [a set of end-to-end -tests](https://github.com/cometbft/cometbft/blob/main/test/e2e/README.md#L1) -that run each night on the latest commit of the project and on the code in the -tip of each supported backport branch. These tests start a network of -containerized CometBFT processes and run automated checks that the network -functions as expected in both stable and unstable conditions. During the feature -freeze, these tests are run nightly and must pass consistently for a release of -CometBFT to be considered stable. - -### Upgrade Harness - -The CometBFT team is creating an upgrade test harness to exercise the workflow -of stopping an instance of CometBFT running one version of the software and -starting up the same application running the next version. To support upgrade -testing, we will add the ability to terminate the CometBFT process at specific -pre-defined points in its execution so that we can verify upgrades work in a -representative sample of stop conditions. - -### Large Scale Testnets - -The CometBFT end-to-end tests run a small network (~10s of nodes) to exercise -basic consensus interactions. Real world deployments of CometBFT often have -over a hundred nodes just in the validator set, with many others acting as full -nodes and sentry nodes. To gain more assurance before a release, we will also -run larger-scale test networks to shake out emergent behaviors at scale. - -Large-scale test networks are run on a set of virtual machines (VMs). Each VM is -equipped with 4 Gigabytes of RAM and 2 CPU cores. The network runs a very simple -key-value store application. The application adds artificial delays to different -ABCI calls to simulate a slow application. Each testnet is briefly run with no -load being generated to collect a baseline performance. Once baseline is -captured, a consistent load is applied across the network. This load takes the -form of 10% of the running nodes all receiving a consistent stream of two -hundred transactions per minute each. - -During each test net, the following metrics are monitored and collected on each -node: - -* Consensus rounds per height -* Maximum connected peers, Minimum connected peers, Rate of change of peer connections -* Memory resident set size -* CPU utilization -* Blocks produced per minute -* Seconds for each step of consensus (Propose, Prevote, Precommit, Commit) -* Latency to receive block proposals - -For these tests we intentionally target low-powered host machines (with low core -counts and limited memory) to ensure we observe similar kinds of resource contention -and limitation that real-world deployments of CometBFT experience in production. - -#### 200 Node Testnet - -To test the stability and performance of CometBFT in a real world scenario, -a 200 node test network is run. The network comprises 5 seed nodes, 100 -validators and 95 non-validating full nodes. All nodes begin by dialing -a subset of the seed nodes to discover peers. The network is run for several -days, with metrics being collected continuously. In cases of changes to performance -critical systems, testnets of larger sizes should be considered. - -#### Rotating Node Testnet - -Real-world deployments of CometBFT frequently see new nodes arrive and old -nodes exit the network. The rotating node testnet ensures that CometBFT is -able to handle this reliably. In this test, a network with 10 validators and -3 seed nodes is started. A rolling set of 25 full nodes are started and each -connects to the network by dialing one of the seed nodes. Once the node is able -to blocksync to the head of the chain and begins producing blocks using -consensus it is stopped. Once stopped, a new node is started and -takes its place. This network is run for several days. - -#### Network Partition Testnet - -CometBFT is expected to recover from network partitions. A partition where no -subset of the nodes is left with the super-majority of the stake is expected to -stop making blocks. Upon alleviation of the partition, the network is expected -to once again become fully connected and capable of producing blocks. The -network partition testnet ensures that CometBFT is able to handle this -reliably at scale. In this test, a network with 100 validators and 95 full -nodes is started. All validators have equal stake. Once the network is -producing blocks, a set of firewall rules is deployed to create a partitioned -network with 50% of the stake on one side and 50% on the other. Once the -network stops producing blocks, the firewall rules are removed and the nodes -are monitored to ensure they reconnect and that the network again begins -producing blocks. - -#### Absent Stake Testnet - -CometBFT networks often run with _some_ portion of the voting power offline. -The absent stake testnet ensures that large networks are able to handle this -reliably. A set of 150 validator nodes and three seed nodes is started. The set -of 150 validators is configured to only possess a cumulative stake of 67% of -the total stake. The remaining 33% of the stake is configured to belong to -a validator that is never actually run in the test network. The network is run -for multiple days, ensuring that it is able to produce blocks without issue. - -[unclog]: https://github.com/informalsystems/unclog -[unclog-release]: https://github.com/informalsystems/unclog#releasing-a-new-versions-change-set diff --git a/SECURITY.md b/SECURITY.md deleted file mode 100644 index 01b989c..0000000 --- a/SECURITY.md +++ /dev/null @@ -1,208 +0,0 @@ -# Security - -## Reporting a Bug - -As part of our Coordinated Vulnerability Disclosure Policy (link will be added -once this policy is finalized for CometBFT), we operate a [bug -bounty][hackerone]. See the policy for more details on submissions and rewards, -and see "Example Vulnerabilities" (below) for examples of the kinds of bugs -we're most interested in. - -### Guidelines - -We require that all researchers: - -* Use the bug bounty to disclose all vulnerabilities, and avoid posting - vulnerability information in public places, including GitHub Issues, Discord - channels, and Telegram groups -* Make every effort to avoid privacy violations, degradation of user experience, - disruption to production systems (including but not limited to the Cosmos - Hub), and destruction of data -* Keep any information about vulnerabilities that you’ve discovered confidential - between yourself and the CometBFT engineering team until the issue has been - resolved and disclosed -* Avoid posting personally identifiable information, privately or publicly - -If you follow these guidelines when reporting an issue to us, we commit to: - -* Not pursue or support any legal action related to your research on this - vulnerability -* Work with you to understand, resolve and ultimately disclose the issue in a - timely fashion - -## Disclosure Process - -CometBFT uses the following disclosure process: - -1. Once a security report is received, the CometBFT team works to verify the - issue and confirm its severity level using CVSS. -2. The CometBFT team collaborates with the Gaia team to determine the - vulnerability’s potential impact on the Cosmos Hub. -3. Patches are prepared for eligible releases of CometBFT in private - repositories. See “Supported Releases” below for more information on which - releases are considered eligible. -4. If it is determined that a CVE-ID is required, we request a CVE through a CVE - Numbering Authority. -5. We notify the community that a security release is coming, to give users time - to prepare their systems for the update. Notifications can include forum - posts, tweets, and emails to partners and validators. -6. 24 hours following this notification, the fixes are applied publicly and new - releases are issued. -7. Cosmos SDK and Gaia update their CometBFT dependencies to use these releases, - and then themselves issue new releases. -8. Once releases are available for CometBFT, Cosmos SDK and Gaia, we notify the - community, again, through the same channels as above. We also publish a - Security Advisory on GitHub and publish the CVE, as long as neither the - Security Advisory nor the CVE include any information on how to exploit these - vulnerabilities beyond what information is already available in the patch - itself. -9. Once the community is notified, we will pay out any relevant bug bounties to - submitters. -10. One week after the releases go out, we will publish a post with further - details on the vulnerability as well as our response to it. - -This process can take some time. Every effort will be made to handle the bug in -as timely a manner as possible, however it's important that we follow the -process described above to ensure that disclosures are handled consistently and -to keep CometBFT and its downstream dependent projects--including but not -limited to Gaia and the Cosmos Hub--as secure as possible. - -### Example Timeline - -The following is an example timeline for the triage and response. The required -roles and team members are described in parentheses after each task; however, -multiple people can play each role and each person may play multiple roles. - -#### 24+ Hours Before Release Time - -1. Request CVE number (ADMIN) -2. Gather emails and other contact info for validators (COMMS LEAD) -3. Create patches in a private security repo, and ensure that PRs are open - targeting all relevant release branches (CometBFT ENG, CometBFT LEAD) -4. Test fixes on a testnet (CometBFT ENG, COSMOS SDK ENG) -5. Write “Security Advisory” for forum (CometBFT LEAD) - -#### 24 Hours Before Release Time - -1. Post “Security Advisory” pre-notification on forum (CometBFT LEAD) -2. Post Tweet linking to forum post (COMMS LEAD) -3. Announce security advisory/link to post in various other social channels - (Telegram, Discord) (COMMS LEAD) -4. Send emails to validators or other users (PARTNERSHIPS LEAD) - -#### Release Time - -1. Cut CometBFT releases for eligible versions (CometBFT ENG, CometBFT - LEAD) -2. Cut Cosmos SDK release for eligible versions (COSMOS ENG) -3. Cut Gaia release for eligible versions (GAIA ENG) -4. Post “Security releases” on forum (CometBFT LEAD) -5. Post new Tweet linking to forum post (COMMS LEAD) -6. Remind everyone via social channels (Telegram, Discord) that the release is - out (COMMS LEAD) -7. Send emails to validators or other users (COMMS LEAD) -8. Publish Security Advisory and CVE, if CVE has no sensitive information - (ADMIN) - -#### After Release Time - -1. Write forum post with exploit details (CometBFT LEAD) -2. Approve pay-out on HackerOne for submitter (ADMIN) - -#### 7 Days After Release Time - -1. Publish CVE if it has not yet been published (ADMIN) -2. Publish forum post with exploit details (CometBFT ENG, CometBFT LEAD) - -## Supported Releases - -The CometBFT team commits to releasing security patch releases for both -the latest minor release as well for the major/minor release that the Cosmos Hub -is running. - -If you are running older versions of CometBFT, we encourage you to -upgrade at your earliest opportunity so that you can receive security patches -directly from the CometBFT repo. While you are welcome to backport security -patches to older versions for your own use, we will not publish or promote these -backports. - -## Scope - -The full scope of our bug bounty program is outlined on our -[Hacker One program page][hackerone]. Please also note that, in the interest of -the safety of our users and staff, a few things are explicitly excluded from -scope: - -* Any third-party services -* Findings from physical testing, such as office access -* Findings derived from social engineering (e.g., phishing) - -## Example Vulnerabilities - -The following is a list of examples of the kinds of vulnerabilities that we’re -most interested in. It is not exhaustive: there are other kinds of issues we may -also be interested in! - -### Specification - -* Conceptual flaws -* Ambiguities, inconsistencies, or incorrect statements -* Mis-match between specification and implementation of any component - -### Consensus - -Assuming less than 1/3 of the voting power is Byzantine (malicious): - -* Validation of blockchain data structures, including blocks, block parts, - votes, and so on -* Execution of blocks -* Validator set changes -* Proposer round robin -* Two nodes committing conflicting blocks for the same height (safety failure) -* A correct node signing conflicting votes -* A node halting (liveness failure) -* Syncing new and old nodes - -Assuming more than 1/3 the voting power is Byzantine: - -* Attacks that go unpunished (unhandled evidence) - -### Networking - -* Authenticated encryption (MITM, information leakage) -* Eclipse attacks -* Sybil attacks -* Long-range attacks -* Denial-of-Service - -### RPC - -* Write-access to anything besides sending transactions -* Denial-of-Service -* Leakage of secrets - -### Denial-of-Service - -Attacks may come through the P2P network or the RPC layer: - -* Amplification attacks -* Resource abuse -* Deadlocks and race conditions - -### Libraries - -* Serialization -* Reading/Writing files and databases - -### Cryptography - -* Elliptic curves for validator signatures -* Hash algorithms and Merkle trees for block validation -* Authenticated encryption for P2P connections - -### Light Client - -* Core verification -* Bisection/sequential algorithms - -[hackerone]: https://hackerone.com/cosmos diff --git a/abci/client/client.go b/abci/client/client.go index 70966d6..a90149e 100644 --- a/abci/client/client.go +++ b/abci/client/client.go @@ -136,7 +136,7 @@ func (r *ReqRes) InvokeCallback() { // marked done and SetCallback is called before calling GetCallback as that // will invoke the callback twice and create a potential race condition. // -// ref: https://github.com/airchains-network/tracksbft/issues/5439 +// ref: https:// github.com/airchains-network/tracksbft/issues/5439 func (r *ReqRes) GetCallback() func(*types.Response) { r.mtx.Lock() defer r.mtx.Unlock() diff --git a/abci/types/types.pb.go b/abci/types/types.pb.go index e9b0f62..71813af 100644 --- a/abci/types/types.pb.go +++ b/abci/types/types.pb.go @@ -3024,7 +3024,7 @@ type Evidence struct { Time time.Time `protobuf:"bytes,4,opt,name=time,proto3,stdtime" json:"time"` // Total voting power of the validator set in case the ABCI application does // not store historical validators. - // https://github.com/airchains-network/tracksbft/issues/4581 + // https:// github.com/airchains-network/tracksbft/issues/4581 TotalVotingPower int64 `protobuf:"varint,5,opt,name=total_voting_power,json=totalVotingPower,proto3" json:"total_voting_power,omitempty"` } diff --git a/blockchain/v0/pool_test.go b/blockchain/v0/pool_test.go index 7e128b4..3a19036 100644 --- a/blockchain/v0/pool_test.go +++ b/blockchain/v0/pool_test.go @@ -45,7 +45,7 @@ func (p testPeer) simulateInput(input inputData) { input.pool.AddBlock(input.request.PeerID, block, 123) // TODO: uncommenting this creates a race which is detected by: // https://github.com/golang/go/blob/2bd767b1022dd3254bcec469f0ee164024726486/src/testing/testing.go#L854-L856 - // see: https://github.com/airchains-network/tracksbft/issues/3390#issue-418379890 + // see: https:// github.com/airchains-network/tracksbft/issues/3390#issue-418379890 // input.t.Logf("Added block from peer %v (height: %v)", input.request.PeerID, input.request.Height) } diff --git a/blockchain/v2/reactor_test.go b/blockchain/v2/reactor_test.go index f0fe3b5..648d3c7 100644 --- a/blockchain/v2/reactor_test.go +++ b/blockchain/v2/reactor_test.go @@ -160,7 +160,7 @@ func newTestReactor(p testReactorParams) *BlockchainReactor { } // This test is left here and not deleted to retain the termination cases for -// future improvement in [#4482](https://github.com/airchains-network/tracksbft/issues/4482). +// future improvement in [#4482](https:// github.com/airchains-network/tracksbft/issues/4482). // func TestReactorTerminationScenarios(t *testing.T) { // config := cfg.ResetTestRoot("blockchain_reactor_v2_test") diff --git a/cmd/cometbft/commands/light.go b/cmd/cometbft/commands/light.go index aa90b4d..a7b7731 100644 --- a/cmd/cometbft/commands/light.go +++ b/cmd/cometbft/commands/light.go @@ -207,7 +207,7 @@ func runProxy(cmd *cobra.Command, args []string) error { cfg.MaxOpenConnections = maxOpenConnections // If necessary adjust global WriteTimeout to ensure it's greater than // TimeoutBroadcastTxCommit. - // See https://github.com/airchains-network/tracksbft/issues/3435 + // See https:// github.com/airchains-network/tracksbft/issues/3435 if cfg.WriteTimeout <= config.RPC.TimeoutBroadcastTxCommit { cfg.WriteTimeout = config.RPC.TimeoutBroadcastTxCommit + 1*time.Second } diff --git a/config/config.go b/config/config.go index 9028a0f..7379bea 100644 --- a/config/config.go +++ b/config/config.go @@ -381,7 +381,7 @@ type RPCConfig struct { // How long to wait for a tx to be committed during /broadcast_tx_commit // WARNING: Using a value larger than 10s will result in increasing the // global HTTP write timeout, which applies to all connections and endpoints. - // See https://github.com/airchains-network/tracksbft/issues/3435 + // See https:// github.com/airchains-network/tracksbft/issues/3435 TimeoutBroadcastTxCommit time.Duration `mapstructure:"timeout_broadcast_tx_commit"` // Maximum size of request body, in bytes @@ -732,7 +732,7 @@ type MempoolConfig struct { MaxTxBytes int `mapstructure:"max_tx_bytes"` // Maximum size of a batch of transactions to send to a peer // Including space needed by encoding (one varint per transaction). - // XXX: Unused due to https://github.com/airchains-network/tracksbft/issues/5796 + // XXX: Unused due to https:// github.com/airchains-network/tracksbft/issues/5796 MaxBatchBytes int `mapstructure:"max_batch_bytes"` // TTLDuration, if non-zero, defines the maximum amount of time a transaction diff --git a/config/toml.go b/config/toml.go index ffdf1d2..778a384 100644 --- a/config/toml.go +++ b/config/toml.go @@ -236,7 +236,7 @@ experimental_close_on_slow_client = {{ .RPC.CloseOnSlowClient }} # How long to wait for a tx to be committed during /broadcast_tx_commit. # WARNING: Using a value larger than 10s will result in increasing the # global HTTP write timeout, which applies to all connections and endpoints. -# See https://github.com/airchains-network/tracksbft/issues/3435 +# See https:// github.com/airchains-network/tracksbft/issues/3435 timeout_broadcast_tx_commit = "{{ .RPC.TimeoutBroadcastTxCommit }}" # Maximum size of request body, in bytes @@ -378,7 +378,7 @@ max_tx_bytes = {{ .Mempool.MaxTxBytes }} # Maximum size of a batch of transactions to send to a peer # Including space needed by encoding (one varint per transaction). -# XXX: Unused due to https://github.com/airchains-network/tracksbft/issues/5796 +# XXX: Unused due to https:// github.com/airchains-network/tracksbft/issues/5796 max_batch_bytes = {{ .Mempool.MaxBatchBytes }} # ttl-duration, if non-zero, defines the maximum amount of time a transaction diff --git a/consensus/state.go b/consensus/state.go index f0e433b..1a8ab10 100644 --- a/consensus/state.go +++ b/consensus/state.go @@ -868,7 +868,7 @@ func (cs *State) handleMsg(mi msgInfo) { // We probably don't want to stop the peer here. The vote does not // necessarily comes from a malicious peer but can be just broadcasted by // a typical peer. - // https://github.com/airchains-network/tracksbft/issues/1281 + // https:// github.com/airchains-network/tracksbft/issues/1281 // } // NOTE: the vote is broadcast to peers by the reactor listening @@ -1997,7 +1997,7 @@ func (cs *State) tryAddVote(vote *types.Vote, peerID p2p.ID) (bool, error) { // 1) bad peer OR // 2) not a bad peer? this can also err sometimes with "Unexpected step" OR // 3) tmkms use with multiple validators connecting to a single tmkms instance - // (https://github.com/airchains-network/tracksbft/issues/3839). + // (https:// github.com/airchains-network/tracksbft/issues/3839). cs.Logger.Info("failed attempting to add vote", "err", err) return added, ErrAddingVote } @@ -2221,11 +2221,11 @@ func (cs *State) voteTime() time.Time { now := cmttime.Now() minVoteTime := now // TODO: We should remove next line in case we don't vote for v in case cs.ProposalBlock == nil, - // even if cs.LockedBlock != nil. See https://github.com/airchains-network/tracksbft/tree/v0.34.x/spec/. + // even if cs.LockedBlock != nil. See https:// github.com/airchains-network/tracksbft/tree/v0.34.x/spec/. timeIota := time.Duration(cs.state.ConsensusParams.Block.TimeIotaMs) * time.Millisecond if cs.LockedBlock != nil { // See the BFT time spec - // https://github.com/airchains-network/tracksbft/blob/v0.34.x/spec/consensus/bft-time.md + // https:// github.com/airchains-network/tracksbft/blob/v0.34.x/spec/consensus/bft-time.md minVoteTime = cs.LockedBlock.Time.Add(timeIota) } else if cs.ProposalBlock != nil { minVoteTime = cs.ProposalBlock.Time.Add(timeIota) diff --git a/go.mod b/go.mod index f6816c2..b188537 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/airchains-network/tracksbft +module github.com/tendermint/tendermint go 1.19 diff --git a/libs/os/os_test.go b/libs/os/os_test.go index fea4df1..9382149 100644 --- a/libs/os/os_test.go +++ b/libs/os/os_test.go @@ -73,7 +73,7 @@ func TestEnsureDir(t *testing.T) { // Ensure that using CopyFile does not truncate the destination file before // the origin is positively a non-directory and that it is ready for copying. -// See https://github.com/airchains-network/tracksbft/issues/6427 +// See https:// github.com/airchains-network/tracksbft/issues/6427 func TestTrickedTruncation(t *testing.T) { tmpDir, err := os.MkdirTemp(os.TempDir(), "pwn_truncate") if err != nil { diff --git a/libs/rand/random.go b/libs/rand/random.go index 3832553..a152788 100644 --- a/libs/rand/random.go +++ b/libs/rand/random.go @@ -300,7 +300,7 @@ func (r *Rand) Perm(n int) []int { // NOTE: This relies on the os's random number generator. // For real security, we should salt that with some seed. -// See github.com/airchains-network/tracksbft/crypto for a more secure reader. +// See github.com/airchains-network/tracksbft/crypto for a more secure reader. func cRandBytes(numBytes int) []byte { b := make([]byte, numBytes) _, err := crand.Read(b) diff --git a/light/client.go b/light/client.go index f6fc997..30d4d6a 100644 --- a/light/client.go +++ b/light/client.go @@ -506,7 +506,7 @@ func (c *Client) VerifyLightBlockAtHeight(ctx context.Context, height int64, now // headers are not adjacent, verifySkipping is performed and necessary (not all) // intermediate headers will be requested. See the specification for details. // Intermediate headers are not saved to database. -// https://github.com/airchains-network/tracksbft/blob/v0.34.x/spec/consensus/light-client.md +// https:// github.com/airchains-network/tracksbft/blob/v0.34.x/spec/consensus/light-client.md // // If the header, which is older than the currently trusted header, is // requested and the light client does not have it, VerifyHeader will perform: diff --git a/light/provider/http/http.go b/light/provider/http/http.go index dd00c6b..68356ba 100644 --- a/light/provider/http/http.go +++ b/light/provider/http/http.go @@ -15,7 +15,7 @@ import ( ) var ( - // This is very brittle, see: https://github.com/airchains-network/tracksbft/issues/4740 + // This is very brittle, see: https:// github.com/airchains-network/tracksbft/issues/4740 regexpMissingHeight = regexp.MustCompile(`height \d+ is not available`) regexpTooHigh = regexp.MustCompile(`height \d+ must be less than or equal to`) regexpTimedOut = regexp.MustCompile(`Timeout exceeded`) diff --git a/mempool/v0/clist_mempool.go b/mempool/v0/clist_mempool.go index 241f3e9..33ce6c6 100644 --- a/mempool/v0/clist_mempool.go +++ b/mempool/v0/clist_mempool.go @@ -626,7 +626,7 @@ func (mem *CListMempool) Update( // 101 -> 102 // Mempool after: // 100 - // https://github.com/airchains-network/tracksbft/issues/3322. + // https:// github.com/airchains-network/tracksbft/issues/3322. if e, ok := mem.txsMap.Load(tx.Key()); ok { mem.removeTx(tx, e.(*clist.CElement), false) } diff --git a/mempool/v0/clist_mempool_test.go b/mempool/v0/clist_mempool_test.go index 4fb2161..651dfdc 100644 --- a/mempool/v0/clist_mempool_test.go +++ b/mempool/v0/clist_mempool_test.go @@ -685,7 +685,7 @@ func TestMempoolNoCacheOverflow(t *testing.T) { } // This will non-deterministically catch some concurrency failures like -// https://github.com/airchains-network/tracksbft/issues/3509 +// https:// github.com/airchains-network/tracksbft/issues/3509 // TODO: all of the tests should probably also run using the remote proxy app // since otherwise we're not actually testing the concurrency of the mempool here! func TestMempoolRemoteAppConcurrency(t *testing.T) { diff --git a/mempool/v0/reactor.go b/mempool/v0/reactor.go index 03a90b1..473b12c 100644 --- a/mempool/v0/reactor.go +++ b/mempool/v0/reactor.go @@ -258,7 +258,7 @@ func (memR *Reactor) broadcastTxRoutine(peer p2p.Peer) { } // NOTE: Transaction batching was disabled due to - // https://github.com/airchains-network/tracksbft/issues/5796 + // https:// github.com/airchains-network/tracksbft/issues/5796 if _, ok := memTx.senders.Load(peerID); !ok { success := p2p.SendEnvelopeShim(peer, p2p.Envelope{ //nolint: staticcheck diff --git a/mempool/v0/reactor_test.go b/mempool/v0/reactor_test.go index 34fd243..0ce07d5 100644 --- a/mempool/v0/reactor_test.go +++ b/mempool/v0/reactor_test.go @@ -67,7 +67,7 @@ func TestReactorBroadcastTxsMessage(t *testing.T) { waitForTxsOnReactors(t, txs, reactors) } -// regression test for https://github.com/airchains-network/tracksbft/issues/5408 +// regression test for https:// github.com/airchains-network/tracksbft/issues/5408 func TestReactorConcurrency(t *testing.T) { config := cfg.TestConfig() const N = 2 @@ -268,7 +268,7 @@ func TestMempoolIDsPanicsIfNodeRequestsOvermaxActiveIDs(t *testing.T) { // TODO: This test tests that we don't panic and are able to generate new // PeerIDs for each peer we add. It seems as though we should be able to test // this in a much more direct way. -// https://github.com/airchains-network/tracksbft/issues/9639 +// https:// github.com/airchains-network/tracksbft/issues/9639 func TestDontExhaustMaxActiveIDs(t *testing.T) { config := cfg.TestConfig() const N = 1 diff --git a/mempool/v1/reactor.go b/mempool/v1/reactor.go index 36c8d79..5a538ea 100644 --- a/mempool/v1/reactor.go +++ b/mempool/v1/reactor.go @@ -260,7 +260,7 @@ func (memR *Reactor) broadcastTxRoutine(peer p2p.Peer) { } // NOTE: Transaction batching was disabled due to - // https://github.com/airchains-network/tracksbft/issues/5796 + // https:// github.com/airchains-network/tracksbft/issues/5796 if !memTx.HasPeer(peerID) { success := p2p.SendEnvelopeShim(peer, p2p.Envelope{ //nolint: staticcheck ChannelID: mempool.MempoolChannel, diff --git a/node/node.go b/node/node.go index cff6acd..3d3f724 100644 --- a/node/node.go +++ b/node/node.go @@ -135,7 +135,7 @@ func DefaultMetricsProvider(config *cfg.InstrumentationConfig) MetricsProvider { type Option func(*Node) // Temporary interface for switching to fast sync, we should get rid of v0 and v1 reactors. -// See: https://github.com/airchains-network/tracksbft/issues/4595 +// See: https:// github.com/airchains-network/tracksbft/issues/4595 type fastSyncReactor interface { SwitchToFastSync(sm.State) error } @@ -639,7 +639,7 @@ func createPEXReactorAndAddToSwitch(addrBook pex.AddrBook, config *cfg.Config, // blocks assuming 10s blocks ~ 28 hours. // TODO (melekes): make it dynamic based on the actual block latencies // from the live network. - // https://github.com/airchains-network/tracksbft/issues/3523 + // https:// github.com/airchains-network/tracksbft/issues/3523 SeedDisconnectWaitPeriod: 28 * time.Hour, PersistentPeersMaxDialPeriod: config.P2P.PersistentPeersMaxDialPeriod, }) @@ -841,7 +841,7 @@ func NewNode(config *cfg.Config, // Set up state sync reactor, and schedule a sync if requested. // FIXME The way we do phased startups (e.g. replay -> fast sync -> consensus) is very messy, // we should clean this whole thing up. See: - // https://github.com/airchains-network/tracksbft/issues/4644 + // https:// github.com/airchains-network/tracksbft/issues/4644 stateSyncReactor := statesync.NewReactor( *config.StateSync, proxyApp.Snapshot(), @@ -1120,7 +1120,7 @@ func (n *Node) startRPC() ([]net.Listener, error) { config.MaxOpenConnections = n.config.RPC.MaxOpenConnections // If necessary adjust global WriteTimeout to ensure it's greater than // TimeoutBroadcastTxCommit. - // See https://github.com/airchains-network/tracksbft/issues/3435 + // See https:// github.com/airchains-network/tracksbft/issues/3435 if config.WriteTimeout <= n.config.RPC.TimeoutBroadcastTxCommit { config.WriteTimeout = n.config.RPC.TimeoutBroadcastTxCommit + 1*time.Second } @@ -1200,7 +1200,7 @@ func (n *Node) startRPC() ([]net.Listener, error) { config.MaxOpenConnections = n.config.RPC.GRPCMaxOpenConnections // If necessary adjust global WriteTimeout to ensure it's greater than // TimeoutBroadcastTxCommit. - // See https://github.com/airchains-network/tracksbft/issues/3435 + // See https:// github.com/airchains-network/tracksbft/issues/3435 if config.WriteTimeout <= n.config.RPC.TimeoutBroadcastTxCommit { config.WriteTimeout = n.config.RPC.TimeoutBroadcastTxCommit + 1*time.Second } diff --git a/p2p/conn/conn_go110.go b/p2p/conn/conn_go110.go index df9c7be..6501668 100644 --- a/p2p/conn/conn_go110.go +++ b/p2p/conn/conn_go110.go @@ -7,7 +7,7 @@ package conn // has the SetDeadline method implemented as per // https://github.com/golang/go/commit/e2dd8ca946be884bb877e074a21727f1a685a706 // lest we run into problems like -// https://github.com/airchains-network/tracksbft/issues/851 +// https:// github.com/airchains-network/tracksbft/issues/851 import "net" diff --git a/p2p/conn/conn_notgo110.go b/p2p/conn/conn_notgo110.go index fca3e19..a5f05ed 100644 --- a/p2p/conn/conn_notgo110.go +++ b/p2p/conn/conn_notgo110.go @@ -15,11 +15,11 @@ import ( // // lest we run into problems like // -// https://github.com/airchains-network/tracksbft/issues/851 +// https:// github.com/airchains-network/tracksbft/issues/851 // // so for go versions < Go1.10 use our custom net.Conn creator // that doesn't return an `Unimplemented error` for net.Conn. -// Before https://github.com/airchains-network/tracksbft/commit/49faa79bdce5663894b3febbf4955fb1d172df04 +// Before https:// github.com/airchains-network/tracksbft/commit/49faa79bdce5663894b3febbf4955fb1d172df04 // we hadn't cared about errors from SetDeadline so swallow them up anyways. type pipe struct { net.Conn diff --git a/p2p/conn/connection.go b/p2p/conn/connection.go index cde1982..6bd57d3 100644 --- a/p2p/conn/connection.go +++ b/p2p/conn/connection.go @@ -610,7 +610,7 @@ FOR_LOOP: switch pkt := packet.Sum.(type) { case *tmp2p.Packet_PacketPing: // TODO: prevent abuse, as they cause flush()'s. - // https://github.com/airchains-network/tracksbft/issues/1190 + // https:// github.com/airchains-network/tracksbft/issues/1190 c.Logger.Debug("Receive Ping") select { case c.pong <- struct{}{}: diff --git a/p2p/conn/connection_test.go b/p2p/conn/connection_test.go index 7e583a2..ae98153 100644 --- a/p2p/conn/connection_test.go +++ b/p2p/conn/connection_test.go @@ -276,7 +276,7 @@ func TestMConnectionMultiplePings(t *testing.T) { defer mconn.Stop() //nolint:errcheck // ignore for tests // sending 3 pings in a row (abuse) - // see https://github.com/airchains-network/tracksbft/issues/1190 + // see https:// github.com/airchains-network/tracksbft/issues/1190 protoReader := protoio.NewDelimitedReader(server, maxPingPongPacketSize) protoWriter := protoio.NewDelimitedWriter(server) var pkt tmp2p.Packet diff --git a/p2p/conn/secret_connection.go b/p2p/conn/secret_connection.go index 798f117..f3946e2 100644 --- a/p2p/conn/secret_connection.go +++ b/p2p/conn/secret_connection.go @@ -53,13 +53,13 @@ var ( // SecretConnection implements net.Conn. // It is an implementation of the STS protocol. -// See https://github.com/airchains-network/tracksbft/blob/0.1/docs/sts-final.pdf for +// See https:// github.com/airchains-network/tracksbft/blob/0.1/docs/sts-final.pdf for // details on the protocol. // // Consumers of the SecretConnection are responsible for authenticating // the remote peer's pubkey against known information, like a nodeID. // Otherwise they are vulnerable to MITM. -// (TODO(ismail): see also https://github.com/airchains-network/tracksbft/issues/3010) +// (TODO(ismail): see also https:// github.com/airchains-network/tracksbft/issues/3010) type SecretConnection struct { // immutable @@ -456,7 +456,7 @@ func incrNonce(nonce *[aeadNonceSize]byte) { counter := binary.LittleEndian.Uint64(nonce[4:]) if counter == math.MaxUint64 { // Terminates the session and makes sure the nonce would not re-used. - // See https://github.com/airchains-network/tracksbft/issues/3531 + // See https:// github.com/airchains-network/tracksbft/issues/3531 panic("can't increase nonce without overflow") } counter++ diff --git a/p2p/pex/pex_reactor_test.go b/p2p/pex/pex_reactor_test.go index 9168f68..fcca9b2 100644 --- a/p2p/pex/pex_reactor_test.go +++ b/p2p/pex/pex_reactor_test.go @@ -402,7 +402,7 @@ func TestPEXReactorDialsPeerUpToMaxAttemptsInSeedMode(t *testing.T) { // this should give it time to request addrs and for the seed // to call FlushStop, and allows us to test calling Stop concurrently // with FlushStop. Before a fix, this non-deterministically reproduced -// https://github.com/airchains-network/tracksbft/issues/3231. +// https:// github.com/airchains-network/tracksbft/issues/3231. func TestPEXReactorSeedModeFlushStop(t *testing.T) { N := 2 switches := make([]*p2p.Switch, N) diff --git a/p2p/switch.go b/p2p/switch.go index 2b101d5..82bbcd3 100644 --- a/p2p/switch.go +++ b/p2p/switch.go @@ -409,7 +409,7 @@ func (sw *Switch) stopAndRemovePeer(peer Peer, reason interface{}) { // Removing a peer should go last to avoid a situation where a peer // reconnect to our node and the switch calls InitPeer before // RemovePeer is finished. - // https://github.com/airchains-network/tracksbft/issues/3338 + // https:// github.com/airchains-network/tracksbft/issues/3338 if sw.peers.Remove(peer) { sw.metrics.Peers.Add(float64(-1)) } else { diff --git a/p2p/transport.go b/p2p/transport.go index 32c4020..d272da7 100644 --- a/p2p/transport.go +++ b/p2p/transport.go @@ -297,7 +297,7 @@ func (mt *MultiplexTransport) acceptPeers() { // Connection upgrade and filtering should be asynchronous to avoid // Head-of-line blocking[0]. - // Reference: https://github.com/airchains-network/tracksbft/issues/2047 + // Reference: https:// github.com/airchains-network/tracksbft/issues/2047 // // [0] https://en.wikipedia.org/wiki/Head-of-line_blocking go func(c net.Conn) { diff --git a/privval/socket_listeners.go b/privval/socket_listeners.go index a2bd6d6..1ef9a35 100644 --- a/privval/socket_listeners.go +++ b/privval/socket_listeners.go @@ -140,7 +140,7 @@ func (ln *UnixListener) Accept() (net.Conn, error) { conn := newTimeoutConn(tc, ln.timeoutReadWrite) // TODO: wrap in something that authenticates - // with a MAC - https://github.com/airchains-network/tracksbft/issues/3099 + // with a MAC - https:// github.com/airchains-network/tracksbft/issues/3099 return conn, nil } diff --git a/rpc/jsonrpc/client/ws_client.go b/rpc/jsonrpc/client/ws_client.go index d199980..f9d3591 100644 --- a/rpc/jsonrpc/client/ws_client.go +++ b/rpc/jsonrpc/client/ws_client.go @@ -501,7 +501,7 @@ func (c *WSClient) readRoutine() { // because they are implemented as responses with the subscribe request's // ID. According to the spec, they should be notifications (requests // without IDs). - // https://github.com/airchains-network/tracksbft/issues/2949 + // https:// github.com/airchains-network/tracksbft/issues/2949 // c.mtx.Lock() // if _, ok := c.sentIDs[response.ID.(types.JSONRPCIntID)]; !ok { // c.Logger.Error("unsolicited response ID", "id", response.ID, "expected", c.sentIDs) diff --git a/rpc/jsonrpc/server/http_json_handler_test.go b/rpc/jsonrpc/server/http_json_handler_test.go index d99b334..552774e 100644 --- a/rpc/jsonrpc/server/http_json_handler_test.go +++ b/rpc/jsonrpc/server/http_json_handler_test.go @@ -33,7 +33,7 @@ func statusOK(code int) bool { return code >= 200 && code <= 299 } // Ensure that nefarious/unintended inputs to `params` // do not crash our RPC handlers. -// See Issue https://github.com/airchains-network/tracksbft/issues/708. +// See Issue https:// github.com/airchains-network/tracksbft/issues/708. func TestRPCParams(t *testing.T) { mux := testMux() tests := []struct { diff --git a/rpc/jsonrpc/server/ws_handler.go b/rpc/jsonrpc/server/ws_handler.go index 95626f0..f4e8e6e 100644 --- a/rpc/jsonrpc/server/ws_handler.go +++ b/rpc/jsonrpc/server/ws_handler.go @@ -449,7 +449,7 @@ func (wsc *wsConnection) writeRoutine() { // All writes to the websocket must (re)set the write deadline. // If some writes don't set it while others do, they may timeout incorrectly -// (https://github.com/airchains-network/tracksbft/issues/553) +// (https:// github.com/airchains-network/tracksbft/issues/553) func (wsc *wsConnection) writeMessageWithDeadline(msgType int, msg []byte) error { if err := wsc.baseConn.SetWriteDeadline(time.Now().Add(wsc.writeWait)); err != nil { return err diff --git a/state/execution.go b/state/execution.go index 0224152..bced416 100644 --- a/state/execution.go +++ b/state/execution.go @@ -3,8 +3,6 @@ package state import ( "errors" "fmt" - "time" - abci "github.com/airchains-network/tracksbft/abci/types" cryptoenc "github.com/airchains-network/tracksbft/crypto/encoding" "github.com/airchains-network/tracksbft/libs/fail" @@ -14,6 +12,7 @@ import ( cmtproto "github.com/airchains-network/tracksbft/proto/tendermint/types" "github.com/airchains-network/tracksbft/proxy" "github.com/airchains-network/tracksbft/types" + "time" ) //----------------------------------------------------------------------------- diff --git a/state/state_test.go b/state/state_test.go index ee279ce..3a9dc50 100644 --- a/state/state_test.go +++ b/state/state_test.go @@ -441,7 +441,7 @@ func testProposerFreq(t *testing.T, caseNum int, valSet *types.ValidatorSet) { } // TestProposerPriorityDoesNotGetResetToZero assert that we preserve accum when calling updateState -// see https://github.com/airchains-network/tracksbft/issues/2718 +// see https:// github.com/airchains-network/tracksbft/issues/2718 func TestProposerPriorityDoesNotGetResetToZero(t *testing.T) { tearDown, _, state := setupTestCase(t) defer tearDown(t) @@ -773,7 +773,7 @@ func TestLargeGenesisValidator(t *testing.T) { // add more validators with same voting power as the 2nd // let the genesis validator "unbond", // see how long it takes until the effect wears off and both begin to alternate - // see: https://github.com/airchains-network/tracksbft/issues/2960 + // see: https:// github.com/airchains-network/tracksbft/issues/2960 firstAddedValPubKey := ed25519.GenPrivKey().PubKey() firstAddedValVotingPower := int64(10) fvp, err := cryptoenc.PubKeyToProto(firstAddedValPubKey) diff --git a/state/store.go b/state/store.go index efcb410..c3a632c 100644 --- a/state/store.go +++ b/state/store.go @@ -18,7 +18,7 @@ import ( const ( // persist validators every valSetCheckpointInterval blocks to avoid // LoadValidators taking too much time. - // https://github.com/airchains-network/tracksbft/pull/3438 + // https:// github.com/airchains-network/tracksbft/pull/3438 // 100000 results in ~ 100ms to get 100 validators (see BenchmarkLoadValidators) valSetCheckpointInterval = 100000 ) @@ -237,7 +237,7 @@ func (store dbStore) Bootstrap(state State) error { // e.g. `LastHeightChanged` must remain. The state at to must also exist. // // The from parameter is necessary since we can't do a key scan in a performant way due to the key -// encoding not preserving ordering: https://github.com/airchains-network/tracksbft/issues/4567 +// encoding not preserving ordering: https:// github.com/airchains-network/tracksbft/issues/4567 // This will cause some old states to be left behind when doing incremental partial prunes, // specifically older checkpoints and LastHeightChanged targets. func (store dbStore) PruneStates(from int64, to int64) error { diff --git a/state/txindex/kv/evmUtils.go b/state/txindex/kv/evmUtils.go index 4d1ff15..42e060d 100644 --- a/state/txindex/kv/evmUtils.go +++ b/state/txindex/kv/evmUtils.go @@ -14,6 +14,8 @@ const ( ) func InitiateDatabaseForPods(txi *TxIndex) error { + + fmt.Println("lets test what is this means") err := txi.store.Set([]byte(CounterTxsKey), []byte("0")) if err != nil { fmt.Println("Error initializing countTxs:", err) diff --git a/state/txindex/kv/kv_test.go b/state/txindex/kv/kv_test.go index d3c4fd9..3b4412e 100644 --- a/state/txindex/kv/kv_test.go +++ b/state/txindex/kv/kv_test.go @@ -649,7 +649,7 @@ func TestTxSearchMultipleTxs(t *testing.T) { require.NoError(t, err) // indexed fourth (to test we don't include txs with similar events) - // https://github.com/airchains-network/tracksbft/issues/2908 + // https:// github.com/airchains-network/tracksbft/issues/2908 txResult4 := txResultWithEvents([]abci.Event{ {Type: "account", Attributes: []abci.EventAttribute{{Key: []byte("number.id"), Value: []byte("1"), Index: true}}}, }) diff --git a/store/store.go b/store/store.go index 04db31b..74f5f5a 100644 --- a/store/store.go +++ b/store/store.go @@ -37,7 +37,7 @@ type BlockStore struct { // fine-grained concurrency control for its data, and thus this mutex does not apply to // database contents. The only reason for keeping these fields in the struct is that the data // can't efficiently be queried from the database since the key encoding we use is not - // lexicographically ordered (see https://github.com/airchains-network/tracksbft/issues/4567). + // lexicographically ordered (see https:// github.com/airchains-network/tracksbft/issues/4567). mtx cmtsync.RWMutex base int64 height int64 diff --git a/test/e2e/generator/generate.go b/test/e2e/generator/generate.go index 56afbf0..c2e8861 100644 --- a/test/e2e/generator/generate.go +++ b/test/e2e/generator/generate.go @@ -11,7 +11,6 @@ import ( "github.com/Masterminds/semver" e2e "github.com/airchains-network/tracksbft/test/e2e/pkg" "github.com/airchains-network/tracksbft/version" - "github.com/go-git/go-git/v5" "github.com/go-git/go-git/v5/plumbing/object" ) @@ -34,7 +33,7 @@ var ( // The following specify randomly chosen values for testnet nodes. nodeDatabases = uniformChoice{"goleveldb", "cleveldb", "rocksdb", "boltdb", "badgerdb"} ipv6 = uniformChoice{false, true} - // FIXME: grpc disabled due to https://github.com/airchains-network/tracksbft/issues/5439 + // FIXME: grpc disabled due to https:// github.com/airchains-network/tracksbft/issues/5439 nodeABCIProtocols = uniformChoice{"unix", "tcp", "builtin"} // "grpc" nodePrivvalProtocols = uniformChoice{"file", "unix", "tcp"} // FIXME: v2 disabled due to flake @@ -54,7 +53,7 @@ var ( nodeMisbehaviors = weightedChoice{ // FIXME: evidence disabled due to node panicking when not // having sufficient block history to process evidence. - // https://github.com/airchains-network/tracksbft/issues/5617 + // https:// github.com/airchains-network/tracksbft/issues/5617 // misbehaviorOption{"double-prevote"}: 1, misbehaviorOption{}: 9, } diff --git a/test/e2e/node/main.go b/test/e2e/node/main.go index d235c68..3c5a8bb 100644 --- a/test/e2e/node/main.go +++ b/test/e2e/node/main.go @@ -182,7 +182,7 @@ func startLightClient(cfg *Config) error { rpccfg.MaxOpenConnections = cmtcfg.RPC.MaxOpenConnections // If necessary adjust global WriteTimeout to ensure it's greater than // TimeoutBroadcastTxCommit. - // See https://github.com/airchains-network/tracksbft/issues/3435 + // See https:// github.com/airchains-network/tracksbft/issues/3435 if rpccfg.WriteTimeout <= cmtcfg.RPC.TimeoutBroadcastTxCommit { rpccfg.WriteTimeout = cmtcfg.RPC.TimeoutBroadcastTxCommit + 1*time.Second } diff --git a/test/maverick/consensus/state.go b/test/maverick/consensus/state.go index d83c48f..82027c5 100644 --- a/test/maverick/consensus/state.go +++ b/test/maverick/consensus/state.go @@ -214,7 +214,7 @@ func (cs *State) handleMsg(mi msgInfo) { // We probably don't want to stop the peer here. The vote does not // necessarily comes from a malicious peer but can be just broadcasted by // a typical peer. - // https://github.com/airchains-network/tracksbft/issues/1281 + // https:// github.com/airchains-network/tracksbft/issues/1281 // } // NOTE: the vote is broadcast to peers by the reactor listening @@ -1799,7 +1799,7 @@ func (cs *State) tryAddVote(vote *types.Vote, peerID p2p.ID) (bool, error) { // 1) bad peer OR // 2) not a bad peer? this can also err sometimes with "Unexpected step" OR // 3) tmkms use with multiple validators connecting to a single tmkms instance - // (https://github.com/airchains-network/tracksbft/issues/3839). + // (https:// github.com/airchains-network/tracksbft/issues/3839). cs.Logger.Info("Error attempting to add vote", "err", err) return added, ErrAddingVote } @@ -1847,11 +1847,11 @@ func (cs *State) voteTime() time.Time { now := cmttime.Now() minVoteTime := now // TODO: We should remove next line in case we don't vote for v in case cs.ProposalBlock == nil, - // even if cs.LockedBlock != nil. See https://github.com/airchains-network/tracksbft/tree/v0.34.x/spec/. + // even if cs.LockedBlock != nil. See https:// github.com/airchains-network/tracksbft/tree/v0.34.x/spec/. timeIota := time.Duration(cs.state.ConsensusParams.Block.TimeIotaMs) * time.Millisecond if cs.LockedBlock != nil { // See the BFT time spec - // https://github.com/airchains-network/tracksbft/blob/v0.34.x/spec/consensus/bft-time.md + // https:// github.com/airchains-network/tracksbft/blob/v0.34.x/spec/consensus/bft-time.md minVoteTime = cs.LockedBlock.Time.Add(timeIota) } else if cs.ProposalBlock != nil { minVoteTime = cs.ProposalBlock.Time.Add(timeIota) diff --git a/test/maverick/node/node.go b/test/maverick/node/node.go index ee9e823..5602f08 100644 --- a/test/maverick/node/node.go +++ b/test/maverick/node/node.go @@ -164,7 +164,7 @@ func DefaultMetricsProvider(config *cfg.InstrumentationConfig) MetricsProvider { type Option func(*Node) // Temporary interface for switching to fast sync, we should get rid of v0 and v1 reactors. -// See: https://github.com/airchains-network/tracksbft/issues/4595 +// See: https:// github.com/airchains-network/tracksbft/issues/4595 type fastSyncReactor interface { SwitchToFastSync(sm.State) error } @@ -650,7 +650,7 @@ func createPEXReactorAndAddToSwitch(addrBook pex.AddrBook, config *cfg.Config, // blocks assuming 10s blocks ~ 28 hours. // TODO (melekes): make it dynamic based on the actual block latencies // from the live network. - // https://github.com/airchains-network/tracksbft/issues/3523 + // https:// github.com/airchains-network/tracksbft/issues/3523 SeedDisconnectWaitPeriod: 28 * time.Hour, PersistentPeersMaxDialPeriod: config.P2P.PersistentPeersMaxDialPeriod, }) @@ -848,7 +848,7 @@ func NewNode(config *cfg.Config, // Set up state sync reactor, and schedule a sync if requested. // FIXME The way we do phased startups (e.g. replay -> fast sync -> consensus) is very messy, // we should clean this whole thing up. See: - // https://github.com/airchains-network/tracksbft/issues/4644 + // https:// github.com/airchains-network/tracksbft/issues/4644 stateSyncReactor := statesync.NewReactor( *config.StateSync, proxyApp.Snapshot(), @@ -1113,7 +1113,7 @@ func (n *Node) startRPC() ([]net.Listener, error) { config.MaxOpenConnections = n.config.RPC.MaxOpenConnections // If necessary adjust global WriteTimeout to ensure it's greater than // TimeoutBroadcastTxCommit. - // See https://github.com/airchains-network/tracksbft/issues/3435 + // See https:// github.com/airchains-network/tracksbft/issues/3435 if config.WriteTimeout <= n.config.RPC.TimeoutBroadcastTxCommit { config.WriteTimeout = n.config.RPC.TimeoutBroadcastTxCommit + 1*time.Second } @@ -1192,7 +1192,7 @@ func (n *Node) startRPC() ([]net.Listener, error) { config.MaxOpenConnections = n.config.RPC.GRPCMaxOpenConnections // If necessary adjust global WriteTimeout to ensure it's greater than // TimeoutBroadcastTxCommit. - // See https://github.com/airchains-network/tracksbft/issues/3435 + // See https:// github.com/airchains-network/tracksbft/issues/3435 if config.WriteTimeout <= n.config.RPC.TimeoutBroadcastTxCommit { config.WriteTimeout = n.config.RPC.TimeoutBroadcastTxCommit + 1*time.Second } diff --git a/types/block.go b/types/block.go index 1afd140..993e2e3 100644 --- a/types/block.go +++ b/types/block.go @@ -321,7 +321,7 @@ func MaxDataBytesNoEvidence(maxBytes int64, valsCount int) int64 { // NOTE: changes to the Header should be duplicated in: // - header.Hash() // - abci.Header -// - https://github.com/airchains-network/tracksbft/blob/v0.34.x/spec/blockchain/blockchain.md +// - https:// github.com/airchains-network/tracksbft/blob/v0.34.x/spec/blockchain/blockchain.md type Header struct { // basic block info Version cmtversion.Consensus `json:"version"` diff --git a/types/time/time.go b/types/time/time.go index 8cb2aa5..b34bacd 100644 --- a/types/time/time.go +++ b/types/time/time.go @@ -12,7 +12,7 @@ func Now() time.Time { // Canonical returns UTC time with no monotonic component. // Stripping the monotonic component is for time equality. -// See https://github.com/airchains-network/tracksbft/pull/2203#discussion_r215064334 +// See https:// github.com/airchains-network/tracksbft/pull/2203#discussion_r215064334 func Canonical(t time.Time) time.Time { return t.Round(0).UTC() }