diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index 3879be9047..0000000000 --- a/.circleci/config.yml +++ /dev/null @@ -1 +0,0 @@ -version: 2.1 diff --git a/.github/actions/check-dependent-rust-repo/action.yml b/.github/actions/check-dependent-rust-repo/action.yml deleted file mode 100644 index 343e18658a..0000000000 --- a/.github/actions/check-dependent-rust-repo/action.yml +++ /dev/null @@ -1,139 +0,0 @@ -name: Pull an outside repo that submodules the current repo, try to uprev the submodule and see if it still builds. - -inputs: - remoteRepo: - description: The username/repository-name of the repository to check - required: true - id: - description: A unique identifier for this step - required: true - githubToken: - description: A GitHub token for API access. - required: true - submodulePath: - description: The path to the submodule we are going to try upreving - required: true - buildCmd: - description: The command to build the remote repo - required: true - -runs: - using: composite - steps: - - name: Setup Rust - uses: ./mobilecoin/.github/actions/setup-rust - - # Checkout the repository we are going to try upreving in - - uses: actions/checkout@v3 - with: - repository: ${{ inputs.remoteRepo }} - submodules: 'recursive' - path: workdir-${{ inputs.id }} - - # We use the cache to store state about previous runs of this action - - name: Cache state - id: cache-state - uses: actions/cache@v3 - with: - path: state-${{ inputs.id }} - key: dep-v1-${{ runner.os }}-${{ github.ref }}-${{ inputs.id }}-${{ github.sha }} - restore-keys: | - dep-v1-${{ runner.os }}-${{ github.ref }}-${{ inputs.id }}- - - - name: Build outside repo with current branch - shell: bash - run: | - set -x - cd workdir-${{ inputs.id }} - - STATE_DIR=$GITHUB_WORKSPACE/state-${{ inputs.id }} - mkdir -p $STATE_DIR - CUR_BRANCH=${GITHUB_REF//\//_} - - # If this file exists, it means we have failed building this branch at least once. - STATE_FILE="$STATE_DIR/$CUR_BRANCH-failed" - - # Attempt to uprev the submodule to the latest revision in the current PR this action is running in - cd ${{ inputs.submodulePath }} - #git remote set-url origin ${{ github.repositoryUrl }} - this is git:// and GHA doesn't seem to like it - git remote set-url origin https://github.com/${{ github.repository }} - git fetch origin ${{ github.ref }}:uprev-test - git checkout uprev-test - git log -1 --format='%H' - cd .. - - # Try to build - cat <<'EOF' > build-cmd - ${{ inputs.buildCmd }} - EOF - - if bash build-cmd; then - # Build succeeded, lets see if this is a new development. - if [ -f "$STATE_FILE" ]; then - echo "We previously failed building, but this run succeeded :)" - rm $STATE_FILE - - # This lets the steps below know that we fixed a previously failed build. - echo "UPREV_FIXED=1" >> "$GITHUB_ENV" - fi - else - # We failed building, so keep track of that in the env. This lets the steps below - # take action based on whether we failed or not. - echo "UPREV_FAILED=1" >> "$GITHUB_ENV" - - # If this a new failure? - if [ -f "$STATE_FILE" ]; then - echo "Not the first time this branch failed, so we won't be posting an update." - echo "NEW_FAILURE=0" >> "$GITHUB_ENV" - else - echo "Detected a new failure, indicating by writing to $STATE_FILE" - echo > $STATE_FILE - echo "NEW_FAILURE=1" >> "$GITHUB_ENV" - fi - fi - - # A step that tries to build the remote repository with the upstream branch of the current PR. - # We do this since if it fails, we can't blame the failure on the changes in the current PR - # and there is no point in posting about the failure (but we will post if this PR fixes the build). - - name: Build with base branch (${{ github.base_ref }}) - if: env.UPREV_FAILED == '1' && env.NEW_FAILURE == '1' - shell: bash - run: | - set -x - cd workdir-${{ inputs.id }} - - cd ${{ inputs.submodulePath }} - # NB: ${{ github.repositoryUrl }} is a git:// URL, GHA doesn't seem to like it - git remote set-url origin https://github.com/${{ github.repository }} - git fetch origin ${{ github.base_ref }}:gha-test-base - git checkout gha-test-base - cd .. - - cat <<'EOF' > build-cmd - ${{ inputs.buildCmd }} - EOF - - bash build-cmd && echo "BASE_FAILED=0" >> "$GITHUB_ENV" || echo "BASE_FAILED=1" >> "$GITHUB_ENV" - - # TODO it would be nice if this message included a link to the log with the failed build - - name: Comment on PR (failure) - uses: mshick/add-pr-comment@v1 - if: env.UPREV_FAILED == '1' && env.BASE_FAILED == '0' && env.NEW_FAILURE == '1' - with: - message: | - ❌ Heads up, I tried building ${{ inputs.id }} using this branch and it failed. - Build logs can be found by inspecting the github action run `Check that repositories submoduling us will still build after this PR / ${{ inputs.id }}` or by clicking [here](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}). - repo-token: ${{ inputs.githubToken }} - repo-token-user-login: 'github-actions[bot]' # The user.login for temporary GitHub tokens - allow-repeats: true # This is the default - - - name: Comment on PR (success) - uses: mshick/add-pr-comment@v1 - if: env.UPREV_FIXED == '1' - with: - message: | - ✅ Good job, ${{ inputs.id }} was built successfully. - Build logs can be found by inspecting the github action run `Check that repositories submoduling us will still build after this PR / ${{ inputs.id }}` or by clicking [here](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}). - repo-token: ${{ inputs.githubToken }} - repo-token-user-login: 'github-actions[bot]' # The user.login for temporary GitHub tokens - allow-repeats: true # This is the default diff --git a/.github/actions/mobilecoin-cache-cargo-package/action.yaml b/.github/actions/mobilecoin-cache-cargo-package/action.yaml deleted file mode 100644 index 2ac02e4754..0000000000 --- a/.github/actions/mobilecoin-cache-cargo-package/action.yaml +++ /dev/null @@ -1,31 +0,0 @@ -name: Mobilecoin Cargo Package Cache -description: Standardized rust cargo package cache setup - -inputs: - cache_buster: - description: "string to make cache unique" - required: false - path: - description: "path to mount cache" - required: false - default: | - /opt/cargo/git - /opt/cargo/registry/index - /opt/cargo/registry/cache - -outputs: - cache-hit: - description: "did we get a cache hit?" - value: ${{ steps.rust_artifact_cache.outputs.cache-hit }} - -runs: - using: composite - steps: - - name: Cache rust build binaries - id: rust_artifact_cache - uses: actions/cache@v3 - with: - path: ${{ inputs.path }} - # Key is a hash of all the Cargo.toml and Cargo.lock files. - # if packages change, invalidate cache and rebuild - key: ${{ inputs.cache_buster }}-${{ runner.os }}-${{ hashFiles('**/Cargo.toml', '**/Cargo.lock') }}-cargo-cache diff --git a/.github/actions/mobilecoin-cache-go-binaries/action.yaml b/.github/actions/mobilecoin-cache-go-binaries/action.yaml deleted file mode 100644 index 21923b36a6..0000000000 --- a/.github/actions/mobilecoin-cache-go-binaries/action.yaml +++ /dev/null @@ -1,29 +0,0 @@ -name: Mobilecoin Go Binaries Cache -description: Standardized go binary cache setup - -inputs: - cache_buster: - description: "string to make cache unique" - required: false - path: - description: "path to mount cache" - required: false - default: | - go_build_artifacts - -outputs: - cache-hit: - description: "did we get a cache hit?" - value: ${{ steps.rust_artifact_cache.outputs.cache-hit }} - -runs: - using: composite - steps: - - name: Cache rust build binaries - id: rust_artifact_cache - uses: actions/cache@v3 - with: - path: ${{ inputs.path }} - # Key is a hash of all the .go, .proto and go. files. - # if code changes, invalidate cache and rebuild - key: ${{ inputs.cache_buster }}-${{ runner.os }}-${{ hashFiles('go-grpc-gateway/**/*.go', 'go-grpc-gateway/go.*', '**/*.proto') }}-go-build-artifacts diff --git a/.github/actions/mobilecoin-cache-rust-binaries/action.yaml b/.github/actions/mobilecoin-cache-rust-binaries/action.yaml deleted file mode 100644 index 80ae2891b7..0000000000 --- a/.github/actions/mobilecoin-cache-rust-binaries/action.yaml +++ /dev/null @@ -1,29 +0,0 @@ -name: Mobilecoin Rust Binary Cache -description: Standardized rust binary cache setup - -inputs: - cache_buster: - description: "string to make cache unique" - required: false - path: - description: "path to mount cache" - required: false - default: | - rust_build_artifacts - -outputs: - cache-hit: - description: "did we get a cache hit?" - value: ${{ steps.rust_artifact_cache.outputs.cache-hit }} - -runs: - using: composite - steps: - - name: Cache rust build binaries - id: rust_artifact_cache - uses: actions/cache@v3 - with: - path: ${{ inputs.path }} - # Key is a hash of all the .rs, .proto and Cargo.toml files. - # if code changes, invalidate cache and rebuild - key: ${{ inputs.cache_buster }}-${{ runner.os }}-${{ hashFiles('**/*.rs', '**/*.proto', '**/Cargo.toml', '**/*.edl', '.cargo/config') }}-rust-build-artifacts diff --git a/.github/actions/setup-rust/action.yml b/.github/actions/setup-rust/action.yml index 39cb68e602..98c72d8bce 100644 --- a/.github/actions/setup-rust/action.yml +++ b/.github/actions/setup-rust/action.yml @@ -1,9 +1,10 @@ name: Set up Rust and associated tools +description: Set up Rust and associated tools inputs: components: description: Comma-separated list of the additional components to install, e.g. 'clippy, rustfmt' - default: + default: '' required: false default: description: Set installed toolchain as a default toolchain diff --git a/.github/workflows/android-bindings-dispatch.yml b/.github/workflows/android-bindings-dispatch.yml index dc63d6f0d7..3746598595 100644 --- a/.github/workflows/android-bindings-dispatch.yml +++ b/.github/workflows/android-bindings-dispatch.yml @@ -10,7 +10,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Build and Publish Bindings env: MAVEN_USER: ${{ secrets.MAVEN_USER }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 046f6fc936..383e5a2661 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,13 +2,10 @@ name: CI on: pull_request: - paths-ignore: - - '**.md' push: branches: - - master - main - - develop + - 'release/**' paths-ignore: - '**.md' workflow_dispatch: @@ -24,11 +21,11 @@ permissions: jobs: build-dev: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 + container: mobilecoin/builder-install:v0.0.33 steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: Cargo build (SW) @@ -41,11 +38,11 @@ jobs: build-prod: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 + container: mobilecoin/builder-install:v0.0.33 steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: Cargo build (HW) @@ -60,11 +57,11 @@ jobs: build-and-test-wasm: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 + container: mobilecoin/builder-install:v0.0.33 steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - uses: actions/setup-node@v4 with: node-version: 18 @@ -77,11 +74,11 @@ jobs: lint-rust: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 + container: mobilecoin/builder-install:v0.0.33 steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust with: @@ -94,11 +91,11 @@ jobs: build-and-test-go: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 + container: mobilecoin/builder-install:v0.0.33 steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Set up Go uses: actions/setup-go@v5 with: @@ -127,11 +124,11 @@ jobs: docs: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 + container: mobilecoin/builder-install:v0.0.33 steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: Generate docs @@ -146,7 +143,7 @@ jobs: mc-tests: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 + container: mobilecoin/builder-install:v0.0.33 strategy: matrix: @@ -160,7 +157,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: List packages to test @@ -189,7 +186,7 @@ jobs: consensus-tests: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 + container: mobilecoin/builder-install:v0.0.33 strategy: matrix: @@ -203,7 +200,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: List packages to test @@ -222,7 +219,7 @@ jobs: fog-tests: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 + container: mobilecoin/builder-install:v0.0.33 strategy: matrix: @@ -248,7 +245,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: List packages to test @@ -281,7 +278,7 @@ jobs: fog-ingest-tests: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 + container: mobilecoin/builder-install:v0.0.33 services: postgres: @@ -297,7 +294,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: Run tests @@ -314,7 +311,7 @@ jobs: fog-conformance-tests: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 + container: mobilecoin/builder-install:v0.0.33 services: postgres: @@ -330,7 +327,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Python uses: actions/setup-python@v5 with: @@ -365,7 +362,7 @@ jobs: # sample keys and sample ledger minting-and-burning-tests: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 + container: mobilecoin/builder-install:v0.0.33 services: postgres: @@ -381,7 +378,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Python uses: actions/setup-python@v5 with: diff --git a/.github/workflows/dependent-repos.yml b/.github/workflows/dependent-repos.yml index ea4623441e..c7af7163b4 100644 --- a/.github/workflows/dependent-repos.yml +++ b/.github/workflows/dependent-repos.yml @@ -3,8 +3,10 @@ name: Check that repositories submoduling us will still build after this PR on: pull_request: branches: - - master - - main + - main + - 'release/**' + paths-ignore: + - '**.md' env: CARGO_TERM_COLOR: always @@ -12,48 +14,27 @@ env: jobs: android-bindings: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 - + container: mobilecoin/builder-install:v0.0.33 permissions: pull-requests: write - steps: - - uses: actions/checkout@v4 - with: - path: mobilecoin - name: Check that android-bindings still builds - uses: ./mobilecoin/.github/actions/check-dependent-rust-repo + uses: mobilecoinofficial/gh-actions/build-downstream-rust-repo@v0 with: - remoteRepo: mobilecoinofficial/android-bindings - submodulePath: mobilecoin - id: android-bindings - githubToken: ${{ secrets.GITHUB_TOKEN }} - buildCmd: cargo build + remote_repo: mobilecoinofficial/android-bindings + submodule_path: mobilecoin full-service: runs-on: mcf-dev-large-x64 - container: mobilecoin/builder-install:v0.0.32 - + container: mobilecoin/builder-install:v0.0.33 permissions: pull-requests: write - + env: + SGX_MODE: SW steps: - - uses: actions/checkout@v4 - with: - path: mobilecoin - name: Check that full-service still builds - uses: ./mobilecoin/.github/actions/check-dependent-rust-repo + uses: mobilecoinofficial/gh-actions/build-downstream-rust-repo@v0 with: - remoteRepo: mobilecoinofficial/full-service - submodulePath: mobilecoin - id: full-service - githubToken: ${{ secrets.GITHUB_TOKEN }} - buildCmd: | - export CONSENSUS_ENCLAVE_CSS=$PWD/consensus-enclave.css - echo "CONSENSUS_ENCLAVE_CSS = $CONSENSUS_ENCLAVE_CSS" - if [ ! -f "$CONSENSUS_ENCLAVE_CSS" ]; then - CONSENSUS_SIGSTRUCT_URI=$(curl -s https://enclave-distribution.test.mobilecoin.com/production.json | jq -r .consensus.sigstruct) - curl -O https://enclave-distribution.test.mobilecoin.com/${CONSENSUS_SIGSTRUCT_URI} - fi + remote_repo: mobilecoinofficial/full-service + submodule_path: mobilecoin - SGX_MODE=SW cargo test diff --git a/.github/workflows/mobilecoin-dev-cd.yaml b/.github/workflows/mobilecoin-dev-cd.yaml index a565999ae3..2f13348983 100644 --- a/.github/workflows/mobilecoin-dev-cd.yaml +++ b/.github/workflows/mobilecoin-dev-cd.yaml @@ -9,6 +9,11 @@ env: DOCKER_ORG: mobilecoin RELEASE_5X_TAG: v5.1.1-dev GH_SHORT_SHA: placeholder + RUST_CACHE_PATH: .tmp/rust-bin-cache + RUST_ARTIFACTS_PATH: .tmp/rust-bin-cache/bin/mobilecoin + MEASUREMENTS_ARTIFACTS_PATH: .tmp/rust-bin-cache/measurements/mobilecoin + GO_CACHE_PATH: .tmp/go-bin-cache + GO_ARTIFACTS_PATH: .tmp/go-bin-cache/bin/mobilecoin on: pull_request: @@ -49,7 +54,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Generate version metadata id: meta @@ -74,46 +79,35 @@ jobs: - generate-metadata runs-on: mcf-dev-large-x64 container: - image: mobilecoin/rust-sgx-base:v0.0.32 + image: mobilecoin/rust-sgx-base:v0.0.33 env: + # build cannot use relative paths for singing and minting trust root. ENCLAVE_SIGNING_KEY_PATH: ${{ github.workspace }}/.tmp/enclave_signing.pem MINTING_TRUST_ROOT_PUBLIC_KEY_PEM: ${{ github.workspace }}/.tmp/minting_trust_root.public.pem + steps: - name: Checkout - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Write environment values - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} env: ENCLAVE_SIGNING_KEY: ${{ secrets.DEV_ENCLAVE_SIGNING_KEY }} MINTING_TRUST_ROOT_PUBLIC: ${{ secrets.DEV_MINTING_TRUST_ROOT_PUBLIC }} run: | - mkdir -p "${GITHUB_WORKSPACE}/.tmp" + mkdir -p .tmp echo "${ENCLAVE_SIGNING_KEY}" > "${ENCLAVE_SIGNING_KEY_PATH}" echo "${MINTING_TRUST_ROOT_PUBLIC}" > "${MINTING_TRUST_ROOT_PUBLIC_KEY_PEM}" - name: Cache rust build binaries - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} id: rust_artifact_cache - uses: ./.github/actions/mobilecoin-cache-rust-binaries - with: - cache_buster: ${{ secrets.CACHE_BUSTER }} - - - name: Cache cargo packages - # We don't need cargo packages if we already have binaries. - if: | - steps.rust_artifact_cache.outputs.cache-hit != 'true' && - ! contains(github.event.head_commit.message, '[skip build]') - uses: ./.github/actions/mobilecoin-cache-cargo-package + uses: mobilecoinofficial/gh-actions/cache-rust-binaries@v0 with: - cache_buster: ${{ secrets.CACHE_BUSTER }} + cache_buster: ${{ vars.CACHE_BUSTER }} + path: ${{ env.RUST_CACHE_PATH }} - name: Build rust hardware projects - if: | - steps.rust_artifact_cache.outputs.cache-hit != 'true' && - ! contains(github.event.head_commit.message, '[skip build]') + if: steps.rust_artifact_cache.outputs.cache-hit != 'true' env: SGX_MODE: HW RUST_BACKTRACE: full @@ -123,67 +117,83 @@ jobs: VIEW_ENCLAVE_PRIVKEY: ${{ env.ENCLAVE_SIGNING_KEY_PATH }} INGEST_ENCLAVE_PRIVKEY: ${{ env.ENCLAVE_SIGNING_KEY_PATH }} run: | - git config --global --add safe.directory '*' - cargo build --release \ - -p mc-admin-http-gateway \ - -p mc-consensus-mint-client \ - -p mc-consensus-service \ - -p mc-fog-distribution \ - -p mc-fog-ingest-client \ - -p mc-fog-ingest-server \ - -p mc-fog-ledger-server \ - -p mc-fog-report-cli \ - -p mc-fog-report-server \ - -p mc-fog-sql-recovery-db \ - -p mc-fog-test-client \ - -p mc-fog-view-load-test \ - -p mc-fog-view-server \ - -p mc-ledger-distribution \ - -p mc-ledger-from-archive \ - -p mc-ledger-migration \ - -p mc-mobilecoind \ - -p mc-mobilecoind-dev-faucet \ - -p mc-mobilecoind-json \ - -p mc-util-generate-sample-ledger \ - -p mc-util-grpc-admin-tool \ - -p mc-util-grpc-token-generator \ - -p mc-util-keyfile \ - -p mc-util-seeded-ed25519-key-gen \ - -p mc-watcher + cargo build --release --locked - name: Copy artifacts to cache - if: | - steps.rust_artifact_cache.outputs.cache-hit != 'true' && - ! contains(github.event.head_commit.message, '[skip build]') + if: steps.rust_artifact_cache.outputs.cache-hit != 'true' + shell: bash run: | - mkdir -p rust_build_artifacts - find target/release -maxdepth 1 -executable -type f -exec cp "{}" rust_build_artifacts/ \; - find target/release -maxdepth 1 -name "*.signed.so" -exec cp "{}" rust_build_artifacts/ \; + mkdir -p "${RUST_ARTIFACTS_PATH}" + find target/release -maxdepth 1 -executable -type f -exec cp "{}" "${RUST_ARTIFACTS_PATH}" \; + find target/release -maxdepth 1 -name "*.signed.so" -exec cp "{}" "${RUST_ARTIFACTS_PATH}" \; + + # clean up target directory so the cache hash compute doesn't fail. + # unable to access ???: + # target/release/build/mc-crypto-x509-test-vectors-***/out/openssl/ok_intermediate1/private + rm -rf target/release - name: Create css measurements - if: | - steps.rust_artifact_cache.outputs.cache-hit != 'true' && - ! contains(github.event.head_commit.message, '[skip build]') + if: steps.rust_artifact_cache.outputs.cache-hit != 'true' shell: bash run: | - cd rust_build_artifacts + mkdir -p "${MEASUREMENTS_ARTIFACTS_PATH}" + + orig_dir=$(pwd) + + cd "${RUST_ARTIFACTS_PATH}" for i in *.signed.so do css=$(echo -n "${i}" | sed -r 's/(.*)\.signed\.so/\1/') sgx_sign dump -enclave "${i}" -dumpfile /dev/null -cssfile "${css}.css" + cp "${css}.css" "${orig_dir}/${MEASUREMENTS_ARTIFACTS_PATH}" done - name: Check artifacts - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} + shell: bash run: | - ls -alR rust_build_artifacts + ls -alR "${RUST_CACHE_PATH}" - - name: Upload artifacts - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} - uses: actions/upload-artifact@v4 + - name: Upload artifacts - rust + uses: mobilecoinofficial/gh-actions/upload-artifact@v0 with: name: rust-binaries - path: rust_build_artifacts/ + path: ${{ env.RUST_ARTIFACTS_PATH }} + + - name: Upload artifacts - measurements + uses: mobilecoinofficial/gh-actions/upload-artifact@v0 + with: + name: measurements + path: ${{ env.MEASUREMENTS_ARTIFACTS_PATH }} + + mrenclave-values: + strategy: + matrix: + enclave: + - libconsensus-enclave.signed.so + - libledger-enclave.signed.so + - libview-enclave.signed.so + - libingest-enclave.signed.so + runs-on: mcf-dev-small-x64 + needs: + - build-rust-hardware-projects + container: + image: mobilecoin/rust-sgx-base:v0.0.33 + steps: + - name: Checkout + uses: mobilecoinofficial/gh-actions/checkout@v0 + + - name: Cache rust build binaries + id: rust_artifact_cache + uses: mobilecoinofficial/gh-actions/cache-rust-binaries@v0 + with: + cache_buster: ${{ vars.CACHE_BUSTER }} + path: ${{ env.RUST_CACHE_PATH }} + + - name: Get enclave MRSIGNER/MRENCLAVE values + id: enclave + uses: mobilecoinofficial/gh-actions/enclave-measurements@v0 + with: + enclave_so_path: ${{ env.RUST_ARTIFACTS_PATH }}/${{ matrix.enclave }} build-go-projects: runs-on: mcf-dev-small-x64 @@ -193,44 +203,41 @@ jobs: image: golang:1.18.5 steps: - name: Checkout - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Add protobuf-compiler - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} run: | apt update apt install -y protobuf-compiler zstd - name: Cache go build binaries - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} - id: go_artifact_cache - uses: ./.github/actions/mobilecoin-cache-go-binaries + id: go_cache + uses: mobilecoinofficial/gh-actions/cache-go-binaries@v0 with: - cache_buster: ${{ secrets.CACHE_BUSTER }} + cache_buster: ${{ vars.CACHE_BUSTER }} + path: ${{ env.GO_CACHE_PATH }} - name: Build go-grpc-gateway - if: | - steps.go_artifact_cache.outputs.cache-hit != 'true' && - ! contains(github.event.head_commit.message, '[skip build]') + if: steps.go_cache.outputs.cache-hit != 'true' + shell: bash run: | - cd go-grpc-gateway + mkdir -p "${GO_ARTIFACTS_PATH}" + pushd go-grpc-gateway ./install_tools.sh ./build.sh - mkdir -p ../go_build_artifacts - cp go-grpc-gateway ../go_build_artifacts/ + popd + cp go-grpc-gateway/go-grpc-gateway "${GO_ARTIFACTS_PATH}" - name: check artifacts - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} + shell: bash run: | - ls -alR go_build_artifacts + ls -alR "${GO_ARTIFACTS_PATH}" - name: Upload Artifacts - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} uses: actions/upload-artifact@v4 with: name: go-binaries - path: go_build_artifacts/ + path: ${{ env.GO_ARTIFACTS_PATH }} ######################################## # Create/Refresh base runtime image @@ -241,39 +248,19 @@ jobs: - generate-metadata steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - - name: Generate Docker Tags - id: docker_meta - uses: docker/metadata-action@v5 + - name: Docker + uses: mobilecoinofficial/gh-actions/docker@v0 with: + dockerfile: .internal-ci/docker/Dockerfile.dcap-runtime-base + flavor: latest=true images: ${{ env.DOCKER_ORG }}/dcap-runtime-base - flavor: | - latest=true tags: | type=sha - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to DockerHub - uses: docker/login-action@v3 - with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Publish to DockerHub - id: docker_publish_dockerhub - uses: docker/build-push-action@v5 - with: - build-args: | - REPO_ORG=${{ env.DOCKER_ORG }} - context: . - file: .internal-ci/docker/Dockerfile.dcap-runtime-base - labels: ${{ steps.docker_meta.outputs.labels }} - push: true - tags: ${{ steps.docker_meta.outputs.tags }} - ######################################### # Build/Publish public artifacts ######################################### @@ -299,55 +286,38 @@ jobs: - watcher steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Cache rust build binaries id: rust_artifact_cache - uses: ./.github/actions/mobilecoin-cache-rust-binaries + uses: mobilecoinofficial/gh-actions/cache-rust-binaries@v0 with: - cache_buster: ${{ secrets.CACHE_BUSTER }} + cache_buster: ${{ vars.CACHE_BUSTER }} + path: ${{ env.RUST_CACHE_PATH }} - name: Cache go build binaries - id: go_artifact_cache - uses: ./.github/actions/mobilecoin-cache-go-binaries + uses: mobilecoinofficial/gh-actions/cache-go-binaries@v0 with: - cache_buster: ${{ secrets.CACHE_BUSTER }} - - - name: Generate Docker Tags - id: docker_meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.DOCKER_ORG }}/${{ matrix.image }} - tags: ${{ needs.generate-metadata.outputs.docker_tag }} - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to DockerHub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + cache_buster: ${{ vars.CACHE_BUSTER }} + path: ${{ env.GO_CACHE_PATH }} - name: Get short SHA run: echo "GH_SHORT_SHA=sha-$(echo "${GITHUB_SHA}" | cut -c1-7)" >> "${GITHUB_ENV}" - - name: Publish to DockerHub - id: docker_publish_dockerhub - uses: docker/build-push-action@v5 + - name: Docker + uses: mobilecoinofficial/gh-actions/docker@v0 with: - build-args: | + build_args: | REPO_ORG=${{ env.DOCKER_ORG }} BASE_TAG=${{ env.GH_SHORT_SHA }} - RUST_BIN_PATH=rust_build_artifacts - GO_BIN_PATH=go_build_artifacts - cache-from: type=registry,ref=${{ env.DOCKER_ORG }}/${{ matrix.image }}:buildcache-${{ needs.generate-metadata.outputs.namespace }} - cache-to: type=registry,ref=${{ env.DOCKER_ORG }}/${{ matrix.image }}:buildcache-${{ needs.generate-metadata.outputs.namespace }} - context: . - file: .internal-ci/docker/Dockerfile.${{ matrix.image }} - labels: ${{ steps.docker_meta.outputs.labels }} - push: true - tags: ${{ steps.docker_meta.outputs.tags }} + RUST_BIN_PATH=${{ env.RUST_ARTIFACTS_PATH }} + GO_BIN_PATH=${{ env.GO_ARTIFACTS_PATH }} + dockerfile: .internal-ci/docker/Dockerfile.${{ matrix.image }} + flavor: latest=true + images: ${{ env.DOCKER_ORG }}/${{ matrix.image }} + tags: ${{ needs.generate-metadata.outputs.docker_tag }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} charts: runs-on: mcf-dev-small-x64 @@ -358,11 +328,8 @@ jobs: matrix: chart: - consensus-node - - consensus-node-config - fog-ingest - fog-test-client - - mc-core-common-config - - mc-core-dev-env-setup - mobilecoind - watcher - fog-report @@ -370,11 +337,9 @@ jobs: - fog-ledger steps: - name: Checkout - if: ${{ ! contains(github.event.head_commit.message, '[skip charts]') }} - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Package and publish chart - if: ${{ ! contains(github.event.head_commit.message, '[skip charts]') }} uses: mobilecoinofficial/gha-k8s-toolbox@v1 with: action: helm-publish @@ -386,7 +351,7 @@ jobs: chart_path: .internal-ci/helm/${{ matrix.chart }} ################################################ -# Bootstrap namespace to v5.0.3-dev from backup +# Bootstrap namespace to v5.2.3-dev from backup ################################################ bootstrap-v5-bv3: uses: ./.github/workflows/mobilecoin-workflow-dev-bootstrap.yaml @@ -400,16 +365,16 @@ jobs: secrets: inherit ############################################### -# Deploy current version to namespace block v3 +# Deploy current version to namespace block v4 ############################################### - deploy-current-bv3-release: + deploy-current-bv4-release: uses: ./.github/workflows/mobilecoin-workflow-dev-deploy.yaml needs: - bootstrap-v5-bv3 - charts - generate-metadata with: - block_version: 3 + block_version: 4 chart_repo: ${{ needs.generate-metadata.outputs.chart_repo }} docker_image_org: ${{ needs.generate-metadata.outputs.docker_org }} ingest_color: blue @@ -418,10 +383,10 @@ jobs: minimum_block: '5946' secrets: inherit - test-current-bv3-release: + test-current-bv4-release: uses: ./.github/workflows/mobilecoin-workflow-dev-test.yaml needs: - - deploy-current-bv3-release + - deploy-current-bv4-release - generate-metadata with: fog_distribution: false @@ -442,13 +407,13 @@ jobs: # - test-current-bv2-release # - generate-metadata # with: - # block_version: 3 + # block_version: 4 # chart_repo: ${{ needs.generate-metadata.outputs.chart_repo }} # namespace: ${{ needs.generate-metadata.outputs.namespace }} # version: ${{ needs.generate-metadata.outputs.tag }} # secrets: inherit - # test-current-bv3-release: + # test-current-bv4-release: # uses: ./.github/workflows/mobilecoin-workflow-dev-test.yaml # needs: # - update-current-to-bv3 @@ -467,7 +432,7 @@ jobs: # Dummy step for a standard GHA Check that won't change when we update the tests. runs-on: mcf-dev-small-x64 needs: - - test-current-bv3-release + - test-current-bv4-release steps: - name: CD is Complete run: 'true' @@ -481,7 +446,7 @@ jobs: cleanup-after-tag: if: github.ref_type == 'tag' needs: - - test-current-bv3-release + - test-current-bv4-release - generate-metadata uses: ./.github/workflows/mobilecoin-workflow-dev-reset.yaml with: @@ -492,7 +457,7 @@ jobs: cleanup-after-pr-to-release-branch: if: github.event_name == 'pull_request' && startsWith(github.base_ref, 'release/') needs: - - test-current-bv3-release + - test-current-bv4-release - generate-metadata uses: ./.github/workflows/mobilecoin-workflow-dev-reset.yaml with: diff --git a/.github/workflows/mobilecoin-dev-delete.yaml b/.github/workflows/mobilecoin-dev-delete.yaml index a7bcd1f413..3129270c72 100644 --- a/.github/workflows/mobilecoin-dev-delete.yaml +++ b/.github/workflows/mobilecoin-dev-delete.yaml @@ -15,7 +15,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Generate version metadata id: meta diff --git a/.github/workflows/mobilecoin-dispatch-dev-deploy.yaml b/.github/workflows/mobilecoin-dispatch-dev-deploy.yaml index e0f4216f26..a8a86389a5 100644 --- a/.github/workflows/mobilecoin-dispatch-dev-deploy.yaml +++ b/.github/workflows/mobilecoin-dispatch-dev-deploy.yaml @@ -21,7 +21,7 @@ on: description: "Consensus block_version" type: string required: true - default: '3' + default: '4' bootstrap_version: description: "Bootstrap Blockchain from selected version" type: choice @@ -56,7 +56,7 @@ jobs: runs-on: mcf-dev-small-x64 steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: 👾 Print Environment Details 👾 env: diff --git a/.github/workflows/mobilecoin-dispatch-dev-mainnet-fog.yaml b/.github/workflows/mobilecoin-dispatch-dev-mainnet-fog.yaml index 49310e3bf5..806183373b 100644 --- a/.github/workflows/mobilecoin-dispatch-dev-mainnet-fog.yaml +++ b/.github/workflows/mobilecoin-dispatch-dev-mainnet-fog.yaml @@ -122,6 +122,7 @@ jobs: configMap: enabled: true database: recovery + EOF - name: Generate fog-ingest-config values run: | @@ -138,6 +139,7 @@ jobs: enabled: true password: '${{ secrets.DEV_POSTGRESQL_FOG_RECOVERY_PASSWORD }}' database: recovery + EOF - name: Deploy core-common-config setup uses: mobilecoinofficial/gha-k8s-toolbox@v1 diff --git a/.github/workflows/mobilecoin-dispatch-dev-testnet-fog.yaml b/.github/workflows/mobilecoin-dispatch-dev-testnet-fog.yaml index ed22bb19d4..f3d61d2424 100644 --- a/.github/workflows/mobilecoin-dispatch-dev-testnet-fog.yaml +++ b/.github/workflows/mobilecoin-dispatch-dev-testnet-fog.yaml @@ -112,6 +112,7 @@ jobs: configMap: enabled: true database: recovery + EOF - name: Generate fog-ingest-config values run: | @@ -128,6 +129,7 @@ jobs: enabled: true password: '${{ secrets.DEV_POSTGRESQL_FOG_RECOVERY_PASSWORD }}' database: recovery + EOF - name: Deploy core-common-config setup uses: mobilecoinofficial/gha-k8s-toolbox@v1 diff --git a/.github/workflows/mobilecoin-dispatch-dev-update-consensus.yaml b/.github/workflows/mobilecoin-dispatch-dev-update-consensus.yaml index 7529485ce2..50eab22ed0 100644 --- a/.github/workflows/mobilecoin-dispatch-dev-update-consensus.yaml +++ b/.github/workflows/mobilecoin-dispatch-dev-update-consensus.yaml @@ -21,7 +21,7 @@ on: description: "Block Version" type: string required: true - default: '3' + default: '4' chart_repo: description: "Chart Repo URL" type: string diff --git a/.github/workflows/mobilecoin-workflow-dev-bootstrap.yaml b/.github/workflows/mobilecoin-workflow-dev-bootstrap.yaml index a33462a2e5..f7cb83226d 100644 --- a/.github/workflows/mobilecoin-workflow-dev-bootstrap.yaml +++ b/.github/workflows/mobilecoin-workflow-dev-bootstrap.yaml @@ -63,16 +63,16 @@ jobs: for i in 1 2 3 do aws s3 cp --only-show-errors --recursive --acl public-read \ - "s3://${BUCKET}/prebuilt/${VERSION}/chain/node${i}" \ - "s3://${BUCKET}/node${i}.${NAMESPACE}.development.mobilecoin.com" & + "s3://${BUCKET}/prebuilt/${VERSION}/chain/node${i}" \ + "s3://${BUCKET}/node${i}.${NAMESPACE}.development.mobilecoin.com" & # capture pids - pids[${i}]=$! + pids[i]=$! done # wait for all pids to finish - for pid in ${pids[*]} + for pid in "${pids[@]}" do - wait ${pid} + wait "${pid}" done setup-environment: @@ -81,9 +81,6 @@ jobs: - reset with: namespace: ${{ inputs.namespace }} - block_version: ${{ inputs.block_version }} - chart_repo: ${{ inputs.chart_repo }} - version: ${{ inputs.version }} secrets: inherit # We now have a db with setup-environment diff --git a/.github/workflows/mobilecoin-workflow-dev-deploy.yaml b/.github/workflows/mobilecoin-workflow-dev-deploy.yaml index 33f59ea484..594a84011b 100644 --- a/.github/workflows/mobilecoin-workflow-dev-deploy.yaml +++ b/.github/workflows/mobilecoin-workflow-dev-deploy.yaml @@ -34,7 +34,7 @@ on: type: string required: true minimum_block: - description: "The minimum block height before the enviroment is ready" + description: "The minimum block height before the environment is ready" type: string required: false default: "500" @@ -57,10 +57,7 @@ jobs: setup-environment: uses: ./.github/workflows/mobilecoin-workflow-dev-setup-environment.yaml with: - block_version: ${{ inputs.block_version }} - chart_repo: ${{ inputs.chart_repo }} namespace: ${{ inputs.namespace }} - version: ${{ inputs.version }} secrets: inherit consensus-deploy: @@ -69,24 +66,36 @@ jobs: runs-on: mcf-dev-small-x64 strategy: matrix: - release_name: - - consensus-node-1 - - consensus-node-2 - - consensus-node-3 + release: + - name: consensus-node-1 + instance: 1 + - name: consensus-node-2 + instance: 2 + - name: consensus-node-3 + instance: 3 steps: - # use values file because intel.com/sgx is hard to escape on the --set option. - name: Generate consensus-node values file run: | mkdir -p "${VALUES_BASE_PATH}" cat < "${VALUES_BASE_PATH}/consensus-node-values.yaml" - image: - org: ${{ inputs.docker_image_org }} - global: - certManagerClusterIssuer: google-public-ca + + mobilecoin: + network: ${{ inputs.namespace }} + partner: dev + node: + config: + clientHostname: node${{ matrix.release.instance }}.${{ inputs.namespace }}.development.mobilecoin.com + peerHostname: peer${{ matrix.release.instance }}.${{ inputs.namespace }}.development.mobilecoin.com + blockVersion: ${{ inputs.block_version }} + persistence: enabled: false + ingress: + common: + tls: + clusterIssuer: google-public-ca clientAttest: rateLimits: enabled: false @@ -101,7 +110,7 @@ jobs: chart_version: ${{ inputs.version }} chart_values: ${{ env.VALUES_BASE_PATH }}/consensus-node-values.yaml chart_wait_timeout: 10m - release_name: ${{ matrix.release_name }} + release_name: ${{ matrix.release.name }} namespace: ${{ inputs.namespace }} rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} rancher_url: ${{ secrets.DEV_RANCHER_URL }} @@ -174,6 +183,7 @@ jobs: externalSecrets: signingCert: name: fog-report-signing-cert-a + EOF - name: Deploy fog-report-a uses: mobilecoinofficial/gha-k8s-toolbox@v1 @@ -219,6 +229,7 @@ jobs: externalSecrets: signingCert: name: fog-report-signing-cert-b + EOF - name: Deploy fog-report-b uses: mobilecoinofficial/gha-k8s-toolbox@v1 @@ -264,6 +275,7 @@ jobs: enabled: false tls: clusterIssuer: google-public-ca + EOF - name: Deploy fog-view uses: mobilecoinofficial/gha-k8s-toolbox@v1 @@ -310,6 +322,7 @@ jobs: enabled: false tls: clusterIssuer: google-public-ca + EOF - name: Deploy fog-ledger @@ -342,6 +355,7 @@ jobs: mobilecoin: network: ${{ inputs.namespace }} partner: dev + EOF - name: Deploy fog-ingest uses: mobilecoinofficial/gha-k8s-toolbox@v1.0.13 diff --git a/.github/workflows/mobilecoin-workflow-dev-setup-environment.yaml b/.github/workflows/mobilecoin-workflow-dev-setup-environment.yaml index 7161680e29..fda53cf162 100644 --- a/.github/workflows/mobilecoin-workflow-dev-setup-environment.yaml +++ b/.github/workflows/mobilecoin-workflow-dev-setup-environment.yaml @@ -7,23 +7,10 @@ name: mobilecoin-workflow-dev-setup-environment on: workflow_call: inputs: - block_version: - description: "block_version" - type: string - required: true - chart_repo: - description: "Chart Repo URL" - type: string - required: false - default: https://harbor.mobilecoin.com/chartrepo/mobilecoinfoundation-public namespace: description: "Target Namespace" type: string required: true - version: - description: "Chart Version" - type: string - required: true secrets: DEV_FOG_REPORT_B_SIGNING_CA_CERT: description: "Fog Report signing CA cert" @@ -97,27 +84,6 @@ on: DEV_RANCHER_TOKEN: description: "Rancher access token" required: true - DEV_TOKENS_CONFIG_V1_JSON: - description: "dev signed tokens config json" - required: true - DEV_TOKENS_CONFIG_V2_JSON: - description: "dev signed tokens config json" - required: true - IP_INFO_TOKEN: - description: "ipinfo.io token for authenticated access" - required: true - MAIN_TOKENS_CONFIG_V1_JSON: - description: "MainNet signed tokens config json" - required: true - MAIN_TOKENS_CONFIG_V2_JSON: - description: "MainNet signed tokens config json" - required: true - TEST_TOKENS_CONFIG_V1_JSON: - description: "TestNet signed tokens config json" - required: true - TEST_TOKENS_CONFIG_V2_JSON: - description: "TestNet signed tokens config json" - required: true env: BASE_PATH: .tmp @@ -128,13 +94,22 @@ env: PG_PATH: .tmp/pg CERTS_BASE_PATH: .tmp/certs MOBILECOIND_BASE_PATH: ./tmp/mobilecoind + N1: "node1.${{ inputs.namespace }}.development.mobilecoin.com" + N2: "node2.${{ inputs.namespace }}.development.mobilecoin.com" + N3: "node3.${{ inputs.namespace }}.development.mobilecoin.com" + P1: "peer1.${{ inputs.namespace }}.development.mobilecoin.com" + P2: "peer2.${{ inputs.namespace }}.development.mobilecoin.com" + P3: "peer3.${{ inputs.namespace }}.development.mobilecoin.com" + TX_BASE: "s3-eu-central-1.amazonaws.com" + TX_BUCKET: "mobilecoin.eu.development.chain" + TX_BUCKET_REGION: "eu-central-1" jobs: setup-environment: runs-on: mcf-dev-small-x64 steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Create namespace uses: mobilecoinofficial/gha-k8s-toolbox@v1 @@ -145,7 +120,10 @@ jobs: rancher_url: ${{ secrets.DEV_RANCHER_URL }} rancher_token: ${{ secrets.DEV_RANCHER_TOKEN }} + ### Wallet keys and seeds and report values + - name: Write seeds and fog-report values + shell: bash run: | # Create seeds dir. mkdir -p "${SEEDS_BASE_PATH}" @@ -173,7 +151,10 @@ jobs: object_name: sample-keys-seeds src: ${{ env.SEEDS_BASE_PATH }} + ### Minting and tokens config + - name: Write minting keys + shell: bash run: | # Create minting secrets dir mkdir -p "${MINTING_BASE_PATH}" @@ -205,50 +186,10 @@ jobs: object_name: consensus-minting-secrets src: ${{ env.MINTING_BASE_PATH }} - - name: Write tokens.signed.json - env: - DEV_TOKENS_CONFIG_V1_JSON: ${{ secrets.DEV_TOKENS_CONFIG_V1_JSON }} - DEV_TOKENS_CONFIG_V2_JSON: ${{ secrets.DEV_TOKENS_CONFIG_V2_JSON }} - MAIN_TOKENS_CONFIG_V1_JSON: ${{ secrets.MAIN_TOKENS_CONFIG_V1_JSON }} - MAIN_TOKENS_CONFIG_V2_JSON: ${{ secrets.MAIN_TOKENS_CONFIG_V2_JSON }} - TEST_TOKENS_CONFIG_V1_JSON: ${{ secrets.TEST_TOKENS_CONFIG_V1_JSON }} - TEST_TOKENS_CONFIG_V2_JSON: ${{ secrets.TEST_TOKENS_CONFIG_V2_JSON }} - run: | - # Create base path - mkdir -p "${BASE_PATH}" - - # Set dev/main/test tokens file based on semver tag. - .internal-ci/util/set_tokens_config_version.sh ${{ inputs.version }} > "${TOKENS_PATH}" - - - name: Generate environment values file - env: - LEDGER_AWS_ACCESS_KEY_ID: ${{ secrets.DEV_LEDGER_AWS_ACCESS_KEY_ID }} - LEDGER_AWS_SECRET_ACCESS_KEY: ${{ secrets.DEV_LEDGER_AWS_SECRET_ACCESS_KEY }} - IP_INFO_TOKEN: ${{ secrets.IP_INFO_TOKEN }} - run: | - # Create values base path - mkdir -p "${VALUES_BASE_PATH}" - - # Generate values for standard dev cluster deployment. - .internal-ci/util/generate_dev_values-v5.1.sh ${{ inputs.version }} > "${VALUES_BASE_PATH}/mc-core-dev-env-values.yaml" - - - name: Deploy environment setup - uses: mobilecoinofficial/gha-k8s-toolbox@v1 - with: - action: helm-deploy - chart_repo: ${{ inputs.chart_repo }} - chart_name: mc-core-dev-env-setup - chart_version: ${{ inputs.version }} - chart_values: ${{ env.VALUES_BASE_PATH }}/mc-core-dev-env-values.yaml - chart_set: | - --set=global.node.nodeConfig.blockVersion=${{ inputs.block_version }} - release_name: mc-core-dev-env-setup - namespace: ${{ inputs.namespace }} - rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} - rancher_url: ${{ secrets.DEV_RANCHER_URL }} - rancher_token: ${{ secrets.DEV_RANCHER_TOKEN }} + ### Fog report signing certificates - name: Write fog-report signing certificate + shell: bash run: | # Create secrets dir mkdir -p "${CERTS_BASE_PATH}/fog-report-a" @@ -282,7 +223,10 @@ jobs: object_name: fog-report-signing-cert-b src: ${{ env.CERTS_BASE_PATH }}/fog-report-b + ### Fog PostgreSQL setup + - name: Generate postgres cm and secret + shell: bash run: | mkdir -p "${PG_PATH}/cm" mkdir -p "${PG_PATH}/cm-reader" @@ -350,23 +294,38 @@ jobs: object_name: fog-recovery-reader-0-postgresql src: ${{ env.PG_PATH }}/sec + - name: Deploy PostgreSQL instance + uses: mobilecoinofficial/gha-k8s-toolbox@v1 + with: + action: helm-deploy + chart_repo: https://charts.bitnami.com/bitnami + chart_name: postgresql + chart_version: 15.2.2 + chart_set: | + --set=global.postgresql.auth.existingSecret=fog-recovery-postgresql + --set=global.postgresql.auth.database=fog_recovery + --set=architecture=replication + chart_wait_timeout: 5m + release_name: fog-recovery-postgresql + namespace: ${{ inputs.namespace }} + rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} + rancher_url: ${{ secrets.DEV_RANCHER_URL }} + rancher_token: ${{ secrets.DEV_RANCHER_TOKEN }} + + ### Mobilecoind setup + - name: Generate mobilecoind ConfigMap file + shell: bash run: | mkdir -p "${MOBILECOIND_BASE_PATH}" - p1="node1.${{ inputs.namespace }}.development.mobilecoin.com" - p2="node2.${{ inputs.namespace }}.development.mobilecoin.com" - p3="node3.${{ inputs.namespace }}.development.mobilecoin.com" + tx1="https://${TX_BASE}/${TX_BUCKET}/${N1}/" + tx2="https://${TX_BASE}/${TX_BUCKET}/${N2}/" + tx3="https://${TX_BASE}/${TX_BUCKET}/${N3}/" - tx_base="s3-eu-central-1.amazonaws.com" - tx_bucket="mobilecoin.eu.development.chain" - tx1="https://${tx_base}/${tx_bucket}/${p1}/" - tx2="https://${tx_base}/${tx_bucket}/${p2}/" - tx3="https://${tx_base}/${tx_bucket}/${p3}/" + q="{\"threshold\": 2, \"members\": [{\"args\":\"${N1}:443\",\"type\":\"Node\"},{\"args\":\"${N2}:443\",\"type\":\"Node\"},{\"args\":\"${N3}:443\",\"type\":\"Node\"}]}" - q="{\"threshold\": 2, \"members\": [{\"args\":\"${p1}:443\",\"type\":\"Node\"},{\"args\":\"${p2}:443\",\"type\":\"Node\"},{\"args\":\"${p3}:443\",\"type\":\"Node\"}]}" - - echo -n "mc://${p1}:443,mc://${p2}:443,mc://${p3}:443" > "${MOBILECOIND_BASE_PATH}/MC_PEER" + echo -n "mc://${N1}:443,mc://${N2}:443,mc://${N3}:443" > "${MOBILECOIND_BASE_PATH}/MC_PEER" echo -n "${tx1},${tx2},${tx3}" > "${MOBILECOIND_BASE_PATH}/MC_TX_SOURCE_URL" echo -n "${q}" > "${MOBILECOIND_BASE_PATH}/MC_QUORUM_SET" @@ -381,35 +340,249 @@ jobs: object_name: fog-mobilecoind src: ${{ env.MOBILECOIND_BASE_PATH }} + ### Consensus setup + - name: Write tokens.signed.json - env: - DEV_TOKENS_CONFIG_V1_JSON: ${{ secrets.DEV_TOKENS_CONFIG_V1_JSON }} - DEV_TOKENS_CONFIG_V2_JSON: ${{ secrets.DEV_TOKENS_CONFIG_V2_JSON }} - MAIN_TOKENS_CONFIG_V1_JSON: ${{ secrets.MAIN_TOKENS_CONFIG_V1_JSON }} - MAIN_TOKENS_CONFIG_V2_JSON: ${{ secrets.MAIN_TOKENS_CONFIG_V2_JSON }} - TEST_TOKENS_CONFIG_V1_JSON: ${{ secrets.TEST_TOKENS_CONFIG_V1_JSON }} - TEST_TOKENS_CONFIG_V2_JSON: ${{ secrets.TEST_TOKENS_CONFIG_V2_JSON }} + shell: bash run: | # Create base path mkdir -p "${BASE_PATH}" - # Set dev/main/test tokens file based on semver tag. - .internal-ci/util/set_tokens_config_version.sh ${{ inputs.version }} > "${TOKENS_PATH}" + echo '${{ vars.DEV_TOKENS_CONFIG_JSON_V2 }}' > "${TOKENS_PATH}" - - name: Deploy PostgreSQL instance + - name: Create tokens-config configMap uses: mobilecoinofficial/gha-k8s-toolbox@v1 with: - action: helm-deploy - chart_repo: https://charts.bitnami.com/bitnami - chart_name: postgresql - chart_version: 11.9.13 - chart_set: | - --set=global.postgresql.auth.existingSecret=fog-recovery-postgresql - --set=global.postgresql.auth.database=fog_recovery - --set=architecture=replication - chart_wait_timeout: 5m - release_name: fog-recovery-postgresql + action: configmap-create-from-file + namespace: ${{ inputs.namespace }} + rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} + rancher_url: ${{ secrets.DEV_RANCHER_URL }} + rancher_token: ${{ secrets.DEV_RANCHER_TOKEN }} + object_name: tokens-config + src: ${{ env.TOKENS_PATH }} + + - name: Generate Msg Signer Keys + id: generate-msg-signer-keys + shell: bash + run: | + for i in 1 2 3 + do + # generate ed25519 key pair + key=$(.internal-ci/util/generate_ed25519_keys.sh) + key_pub=$(echo -n "${key}" | grep public | awk -F': ' '{print $2}') + key_pri=$(echo -n "${key}" | grep private | awk -F': ' '{print $2}') + + # hide private key for gha output + echo "::add-mask::${key_pri}" + + # write private key to file + mkdir -p "${VALUES_BASE_PATH}/message-signer-key-node${i}" + echo -n "${key_pri}" > "${VALUES_BASE_PATH}/message-signer-key-node${i}/MC_MSG_SIGNER_KEY" + + # write gha outputs + echo "MSG_SIGNER_KEY_PRIVATE_NODE${i}=${key_pri}" >> "${GITHUB_ENV}" + echo "MSG_SIGNER_KEY_PUBLIC_NODE${i}=${key_pub}" >> "${GITHUB_ENV}" + done + + - name: Create node1 msg-signer-key secret + uses: mobilecoinofficial/gha-k8s-toolbox@v1 + with: + action: secrets-create-from-file + namespace: ${{ inputs.namespace }} + rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} + rancher_url: ${{ secrets.DEV_RANCHER_URL }} + rancher_token: ${{ secrets.DEV_RANCHER_TOKEN }} + object_name: consensus-node-1-msg-signer-key + src: ${{ env.VALUES_BASE_PATH }}/message-signer-key-node1 + + - name: Create node2 msg-signer-key secret + uses: mobilecoinofficial/gha-k8s-toolbox@v1 + with: + action: secrets-create-from-file + namespace: ${{ inputs.namespace }} + rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} + rancher_url: ${{ secrets.DEV_RANCHER_URL }} + rancher_token: ${{ secrets.DEV_RANCHER_TOKEN }} + object_name: consensus-node-2-msg-signer-key + src: ${{ env.VALUES_BASE_PATH }}/message-signer-key-node2 + + - name: Create node3 msg-signer-key secret + uses: mobilecoinofficial/gha-k8s-toolbox@v1 + with: + action: secrets-create-from-file + namespace: ${{ inputs.namespace }} + rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} + rancher_url: ${{ secrets.DEV_RANCHER_URL }} + rancher_token: ${{ secrets.DEV_RANCHER_TOKEN }} + object_name: consensus-node-3-msg-signer-key + src: ${{ env.VALUES_BASE_PATH }}/message-signer-key-node3 + + - name: Write node 1 network config + run: | + mkdir -p "${VALUES_BASE_PATH}/consensus-node-1-network-config" + cat < "${VALUES_BASE_PATH}/consensus-node-1-network-config/network.json" + { + "broadcast_peers": [ + "mcp://${P2}:443?consensus-msg-key=${MSG_SIGNER_KEY_PUBLIC_NODE2}", + "mcp://${P3}:443?consensus-msg-key=${MSG_SIGNER_KEY_PUBLIC_NODE3}" + ], + "quorum_set": { + "members": [ + { + "args": "${P2}:443", + "type": "Node" + }, + { + "args": "${P3}:443", + "type": "Node" + } + ], + "threshold": 1 + }, + "tx_source_urls": [ + "https://${TX_BASE}/${TX_BUCKET}/${N2}/", + "https://${TX_BASE}/${TX_BUCKET}/${N3}/" + ] + } + EOF + + - name: Create consensus-node-1-network-config configMap + uses: mobilecoinofficial/gha-k8s-toolbox@v1 + with: + action: configmap-create-from-file + namespace: ${{ inputs.namespace }} + rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} + rancher_url: ${{ secrets.DEV_RANCHER_URL }} + rancher_token: ${{ secrets.DEV_RANCHER_TOKEN }} + object_name: consensus-node-1-network-config + src: ${{ env.VALUES_BASE_PATH }}/consensus-node-1-network-config/network.json + + - name: Write node 2 network config + run: | + mkdir -p "${VALUES_BASE_PATH}/consensus-node-2-network-config" + cat < "${VALUES_BASE_PATH}/consensus-node-2-network-config/network.json" + { + "broadcast_peers": [ + "mcp://${P1}:443?consensus-msg-key=${MSG_SIGNER_KEY_PUBLIC_NODE1}", + "mcp://${P3}:443?consensus-msg-key=${MSG_SIGNER_KEY_PUBLIC_NODE3}" + ], + "quorum_set": { + "members": [ + { + "args": "${P1}:443", + "type": "Node" + }, + { + "args": "${P3}:443", + "type": "Node" + } + ], + "threshold": 1 + }, + "tx_source_urls": [ + "https://${TX_BASE}/${TX_BUCKET}/${N1}/", + "https://${TX_BASE}/${TX_BUCKET}/${N3}/" + ] + } + EOF + + - name: Create consensus-node-2-network-config configMap + uses: mobilecoinofficial/gha-k8s-toolbox@v1 + with: + action: configmap-create-from-file + namespace: ${{ inputs.namespace }} + rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} + rancher_url: ${{ secrets.DEV_RANCHER_URL }} + rancher_token: ${{ secrets.DEV_RANCHER_TOKEN }} + object_name: consensus-node-2-network-config + src: ${{ env.VALUES_BASE_PATH }}/consensus-node-2-network-config/network.json + + - name: Write node 3 network config + run: | + mkdir -p "${VALUES_BASE_PATH}/consensus-node-3-network-config" + cat < "${VALUES_BASE_PATH}/consensus-node-3-network-config/network.json" + { + "broadcast_peers": [ + "mcp://${P1}:443?consensus-msg-key=${MSG_SIGNER_KEY_PUBLIC_NODE1}", + "mcp://${P2}:443?consensus-msg-key=${MSG_SIGNER_KEY_PUBLIC_NODE2}" + ], + "quorum_set": { + "members": [ + { + "args": "${P1}:443", + "type": "Node" + }, + { + "args": "${P2}:443", + "type": "Node" + } + ], + "threshold": 1 + }, + "tx_source_urls": [ + "https://${TX_BASE}/${TX_BUCKET}/${N1}/", + "https://${TX_BASE}/${TX_BUCKET}/${N2}/" + ] + } + EOF + + - name: Create consensus-node-3-network-config configMap + uses: mobilecoinofficial/gha-k8s-toolbox@v1 + with: + action: configmap-create-from-file + namespace: ${{ inputs.namespace }} + rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} + rancher_url: ${{ secrets.DEV_RANCHER_URL }} + rancher_token: ${{ secrets.DEV_RANCHER_TOKEN }} + object_name: consensus-node-3-network-config + src: ${{ env.VALUES_BASE_PATH }}/consensus-node-3-network-config/network.json + + - name: Generate consensus-node-1-ledger-distribution + shell: bash + run: | + for i in 1 2 3 + do + node="N${i}" + + mkdir -p "${VALUES_BASE_PATH}/consensus-node-${i}-ledger-distribution" + + echo -n '${{ secrets.DEV_LEDGER_AWS_ACCESS_KEY_ID }}' > "${VALUES_BASE_PATH}/consensus-node-${i}-ledger-distribution/AWS_ACCESS_KEY_ID" + echo -n '${{ secrets.DEV_LEDGER_AWS_SECRET_ACCESS_KEY }}' > "${VALUES_BASE_PATH}/consensus-node-${i}-ledger-distribution/AWS_SECRET_ACCESS_KEY" + echo -n "${TX_BUCKET_REGION}" > "${VALUES_BASE_PATH}/consensus-node-${i}-ledger-distribution/AWS_REGION" + echo -n "${TX_BUCKET}" > "${VALUES_BASE_PATH}/consensus-node-${i}-ledger-distribution/LEDGER_DISTRIBUTION_S3_BUCKET" + echo -n "s3://${TX_BUCKET}/${!node}?=${TX_BUCKET_REGION}" > "${VALUES_BASE_PATH}/consensus-node-${i}-ledger-distribution/MC_DEST" + echo -n "https://${TX_BASE}/${TX_BUCKET}/${!node}/" > "${VALUES_BASE_PATH}/consensus-node-${i}-ledger-distribution/MC_TX_SOURCE_URL" + done + + - name: Create consensus-node-1-ledger-distribution secret + uses: mobilecoinofficial/gha-k8s-toolbox@v1 + with: + action: secrets-create-from-file + namespace: ${{ inputs.namespace }} + rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} + rancher_url: ${{ secrets.DEV_RANCHER_URL }} + rancher_token: ${{ secrets.DEV_RANCHER_TOKEN }} + object_name: consensus-node-1-ledger-distribution + src: ${{ env.VALUES_BASE_PATH }}/consensus-node-1-ledger-distribution + + - name: Create consensus-node-2-ledger-distribution secret + uses: mobilecoinofficial/gha-k8s-toolbox@v1 + with: + action: secrets-create-from-file + namespace: ${{ inputs.namespace }} + rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} + rancher_url: ${{ secrets.DEV_RANCHER_URL }} + rancher_token: ${{ secrets.DEV_RANCHER_TOKEN }} + object_name: consensus-node-2-ledger-distribution + src: ${{ env.VALUES_BASE_PATH }}/consensus-node-2-ledger-distribution + + - name: Create consensus-node-3-ledger-distribution secret + uses: mobilecoinofficial/gha-k8s-toolbox@v1 + with: + action: secrets-create-from-file namespace: ${{ inputs.namespace }} rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} rancher_url: ${{ secrets.DEV_RANCHER_URL }} rancher_token: ${{ secrets.DEV_RANCHER_TOKEN }} + object_name: consensus-node-3-ledger-distribution + src: ${{ env.VALUES_BASE_PATH }}/consensus-node-3-ledger-distribution diff --git a/.github/workflows/mobilecoin-workflow-dev-test.yaml b/.github/workflows/mobilecoin-workflow-dev-test.yaml index 184ff98d8b..90664fb353 100644 --- a/.github/workflows/mobilecoin-workflow-dev-test.yaml +++ b/.github/workflows/mobilecoin-workflow-dev-test.yaml @@ -103,7 +103,7 @@ jobs: END_KEYS: '499' steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Delete existing keys uses: mobilecoinofficial/gha-k8s-toolbox@v1 diff --git a/.github/workflows/mobilecoin-workflow-dev-update-consensus.yaml b/.github/workflows/mobilecoin-workflow-dev-update-consensus.yaml index 754d8bc2b5..c5a32b936c 100644 --- a/.github/workflows/mobilecoin-workflow-dev-update-consensus.yaml +++ b/.github/workflows/mobilecoin-workflow-dev-update-consensus.yaml @@ -35,32 +35,67 @@ on: description: "Rancher access token" required: true +env: + VALUES_BASE_PATH: .tmp/values + jobs: setup-environment: uses: ./.github/workflows/mobilecoin-workflow-dev-setup-environment.yaml with: namespace: ${{ inputs.namespace }} - block_version: ${{ inputs.block_version }} - chart_repo: ${{ inputs.chart_repo }} - version: ${{ inputs.version }} secrets: inherit - consensus-restart: - runs-on: mcf-dev-small-x64 + consensus-deploy: needs: - setup-environment + runs-on: mcf-dev-small-x64 strategy: matrix: - object_name: - - deployment.app/consensus-node-1 - - deployment.app/consensus-node-2 - - deployment.app/consensus-node-3 + release: + - name: consensus-node-1 + instance: 1 + - name: consensus-node-2 + instance: 2 + - name: consensus-node-3 + instance: 3 steps: - - name: Restart Consensus Nodes + - name: Generate consensus-node values file + run: | + mkdir -p "${VALUES_BASE_PATH}" + cat < "${VALUES_BASE_PATH}/consensus-node-values.yaml" + + mobilecoin: + network: main + partner: mc + + node: + config: + clientHostname: node${{ matrix.release.instance }}.${{ inputs.namespace }}.development.mobilecoin.com + peerHostname: peer${{ matrix.release.instance }}.${{ inputs.namespace }}.development.mobilecoin.com + blockVersion: ${{ inputs.block_version }} + + persistence: + enabled: false + + ingress: + common: + tls: + clusterIssuer: google-public-ca + clientAttest: + rateLimits: + enabled: false + EOF + + - name: Deploy Consensus nodes uses: mobilecoinofficial/gha-k8s-toolbox@v1 with: - action: pod-restart - object_name: ${{ matrix.object_name }} + action: helm-deploy + chart_repo: ${{ inputs.chart_repo }} + chart_name: consensus-node + chart_version: ${{ inputs.version }} + chart_values: ${{ env.VALUES_BASE_PATH }}/consensus-node-values.yaml + chart_wait_timeout: 10m + release_name: ${{ matrix.release.name }} namespace: ${{ inputs.namespace }} rancher_cluster: ${{ secrets.DEV_RANCHER_CLUSTER }} rancher_url: ${{ secrets.DEV_RANCHER_URL }} diff --git a/.github/workflows/refresh-ledger-bootstrap.yaml b/.github/workflows/refresh-ledger-bootstrap.yaml index e12259c6a9..129df1a942 100644 --- a/.github/workflows/refresh-ledger-bootstrap.yaml +++ b/.github/workflows/refresh-ledger-bootstrap.yaml @@ -77,8 +77,8 @@ jobs: then ls -l ./ledger-data.mdb md5sum ./ledger-data.mdb - mkdir -p ${MC_LEDGER_DB} - mv ./ledger-data.mdb ${MC_LEDGER_DB}/data.mdb + mkdir -p "${MC_LEDGER_DB}" + mv ./ledger-data.mdb "${MC_LEDGER_DB}/data.mdb" fi # Download the current watcher db @@ -87,8 +87,8 @@ jobs: then ls -l ./watcher-data.mdb md5sum ./watcher-data.mdb - mkdir -p ${MC_WATCHER_DB} - mv ./watcher-data.mdb ${MC_WATCHER_DB}/data.mdb + mkdir -p "${MC_WATCHER_DB}" + mv ./watcher-data.mdb "${MC_WATCHER_DB}/data.mdb" fi - name: Run mobilecoind mobilecoind-json - wait for ledger sync diff --git a/.internal-ci/README.md b/.internal-ci/README.md index 977cdba36f..038d43724d 100644 --- a/.internal-ci/README.md +++ b/.internal-ci/README.md @@ -105,24 +105,3 @@ This workflow watches the head(latest) commit for the current push and parses th ### `[tag=]` Flag The `[tag=]` flag will override the automatically generated docker/helm tag and deploy the specified version in the `current-release-*` steps. - -### `[skip *]` Flags - -⚠️ Using skip flags may lead to incomplete and/or broken builds. - -Available skips: - -- `[skip ci]` - GHA built-in to skip all workflow steps. -- `[skip build]` - Skip rust/go builds. -- `[skip docker]` - Skip docker image build/publish. -- `[skip charts]` - Skip helm chart build/publish. -- `[skip deploy-v1-bv0-release]` - Skip deploy of v1 at block_version 0 -- `[skip test-v1-bv0-release]` - Skip test of v1 at block_version 0 -- `[skip deploy-v2-bv0-release]` - Skip deploy of v2 at block_version 0 -- `[skip test-v2-bv0-release]` - Skip test of v2 at block_version 0 -- `[skip update-v2-to-bv2-release]` - Skip update of v2 at block_version 2 -- `[skip test-v2-bv2-release]` - Skip test of v2 at block_version 2 -- `[skip deploy-current-bv2-release]` - Skip deploy of current at block_version 2 -- `[skip test-current-bv2-release]` - Skip test of current at block_version 2 -- `[skip update-current-to-bv3]` - Skip update of current at block_version 3 -- `[skip test-current-bv3-release]` - Skip test of current at block_version 3 diff --git a/.internal-ci/helm/consensus-node-config/.helmignore b/.internal-ci/helm/consensus-node-config/.helmignore deleted file mode 100644 index 0e8a0eb36f..0000000000 --- a/.internal-ci/helm/consensus-node-config/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/.internal-ci/helm/consensus-node-config/Chart.yaml b/.internal-ci/helm/consensus-node-config/Chart.yaml deleted file mode 100644 index d74496c03d..0000000000 --- a/.internal-ci/helm/consensus-node-config/Chart.yaml +++ /dev/null @@ -1,7 +0,0 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation -apiVersion: v2 -name: consensus-node-config -description: Consensus node specific configuration. -type: application -version: 0.0.0 -appVersion: 1.0.0 diff --git a/.internal-ci/helm/consensus-node-config/templates/NOTES.txt b/.internal-ci/helm/consensus-node-config/templates/NOTES.txt deleted file mode 100644 index 2671db2149..0000000000 --- a/.internal-ci/helm/consensus-node-config/templates/NOTES.txt +++ /dev/null @@ -1,5 +0,0 @@ -Common consensus config - -Client hostname: {{ include "consensusNodeConfig.clientHostname" . }} -Peer hostname: {{ include "consensusNodeConfig.peerHostname" . }} -Blockchain Path: {{ include "consensusNodeConfig.ledgerDistributionAWSPath" . }} diff --git a/.internal-ci/helm/consensus-node-config/templates/_helpers.tpl b/.internal-ci/helm/consensus-node-config/templates/_helpers.tpl deleted file mode 100644 index cb15b45bf0..0000000000 --- a/.internal-ci/helm/consensus-node-config/templates/_helpers.tpl +++ /dev/null @@ -1,97 +0,0 @@ -{{/* Copyright (c) 2018-2022 The MobileCoin Foundation */}} - -{{/* -Expand the name of the consensusNodeConfig. -*/}} -{{- define "consensusNodeConfig.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "consensusNodeConfig.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- tpl .Values.fullnameOverride . | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "consensusNodeConfig.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" | trimSuffix "." }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "consensusNodeConfig.labels" -}} -helm.sh/chart: {{ include "consensusNodeConfig.chart" . }} -{{ include "consensusNodeConfig.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "consensusNodeConfig.selectorLabels" -}} -app.kubernetes.io/name: {{ include "consensusNodeConfig.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* Figure out our node id from the name or use values clientHostname/peerHostname */}} - -{{/* clientHostname */}} -{{- define "consensusNodeConfig.clientHostname" -}} -{{- tpl .Values.node.client.hostname . }} -{{- end }} - -{{/* peerHostname */}} -{{- define "consensusNodeConfig.peerHostname" -}} -{{- tpl .Values.node.peer.hostname . }} -{{- end }} - -{{/* TX_SOURCE_URL */}} -{{- define "consensusNodeConfig.txSourceUrl" -}} -{{- tpl .Values.node.txSourceUrl . }} -{{- end }} - -{{/* ledgerDistributionAWSPath */}} -{{- define "consensusNodeConfig.ledgerDistributionAWSPath" -}} -{{ printf "s3://%s/%s?region=%s" .Values.global.node.ledgerDistribution.s3Bucket (include "consensusNodeConfig.clientHostname" .) .Values.global.node.ledgerDistribution.awsRegion }} -{{- end }} - -{{/* networkJson */}} -{{- define "consensusNodeConfig.networkJson" -}} -{{- $peers := .Values.global.node.networkConfig.peers }} -{{- $localPeer := (include "consensusNodeConfig.peerHostname" .) }} -{{- $threshold := .Values.global.node.networkConfig.threshold }} -{{- $broadcastPeers := list }} -{{- $txSourceUrls := list }} -{{- $members := list }} -{{- range $key, $value := $peers }} -{{- $peer := tpl $value.peer.hostname $ }} -{{- $archive := tpl $value.ledgerArchiveLocation $ }} -{{- if not (eq $peer $localPeer) }} -{{- $broadcastPeers = append $broadcastPeers (printf "mcp://%s:%s/?consensus-msg-key=%s" $peer $value.peer.port $value.signerPublicKey) }} -{{- $txSourceUrls = append $txSourceUrls $archive }} -{{- $members = append $members (dict "type" "Node" "args" (printf "%s:%s" $peer $value.peer.port)) }} -{{- end }} -{{- end }} -{{- $quorumSet := dict "threshold" (atoi $threshold) "members" $members }} -{{- $networkJson := dict "broadcast_peers" $broadcastPeers "tx_source_urls" $txSourceUrls "quorum_set" $quorumSet }} -{{- toPrettyJson $networkJson }} -{{- end }} diff --git a/.internal-ci/helm/consensus-node-config/templates/node-config-configmap.yaml b/.internal-ci/helm/consensus-node-config/templates/node-config-configmap.yaml deleted file mode 100644 index 23e904d5f5..0000000000 --- a/.internal-ci/helm/consensus-node-config/templates/node-config-configmap.yaml +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "consensusNodeConfig.fullname" . }}-consensus-node - labels: - {{- include "consensusNodeConfig.labels" . | nindent 4 }} -data: - CLIENT_HOSTNAME: {{ include "consensusNodeConfig.clientHostname" . | squote }} - PEER_HOSTNAME: {{ include "consensusNodeConfig.peerHostname" . | squote }} - MC_TX_SOURCE_URL: {{ include "consensusNodeConfig.txSourceUrl" . | squote }} - MC_BLOCK_VERSION: {{ .Values.global.node.nodeConfig.blockVersion | squote }} - MC_CLIENT_RESPONDER_ID: "{{ include "consensusNodeConfig.clientHostname" . }}:443" - MC_PEER_RESPONDER_ID: "{{ include "consensusNodeConfig.peerHostname" . }}:443" diff --git a/.internal-ci/helm/consensus-node-config/templates/node-ingress-blocklist-configmap.yaml b/.internal-ci/helm/consensus-node-config/templates/node-ingress-blocklist-configmap.yaml deleted file mode 100644 index cf6a613f00..0000000000 --- a/.internal-ci/helm/consensus-node-config/templates/node-ingress-blocklist-configmap.yaml +++ /dev/null @@ -1,10 +0,0 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "consensusNodeConfig.fullname" . }}-ingress-blocklist - labels: - {{- include "consensusNodeConfig.labels" . | nindent 4 }} -data: - BLOCKLIST_ENABLED: {{ .Values.global.blocklist.enabled | squote }} - BLOCKLIST_PATTERN: {{ .Values.global.blocklist.pattern | squote }} diff --git a/.internal-ci/helm/consensus-node-config/templates/node-ledger-distribution-secret.yaml b/.internal-ci/helm/consensus-node-config/templates/node-ledger-distribution-secret.yaml deleted file mode 100644 index 996119ee17..0000000000 --- a/.internal-ci/helm/consensus-node-config/templates/node-ledger-distribution-secret.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "consensusNodeConfig.fullname" . }}-ledger-distribution - labels: - {{- include "consensusNodeConfig.labels" . | nindent 4 }} -type: Opaque -stringData: - {{- with .Values.global.node.ledgerDistribution }} - AWS_ACCESS_KEY_ID: {{ .awsAccessKeyId | quote }} - AWS_SECRET_ACCESS_KEY: {{ .awsSecretAccessKey | quote }} - AWS_REGION: {{ .awsRegion | quote }} - LEDGER_DISTRIBUTION_S3_BUCKET: {{ .s3Bucket | quote }} - MC_DEST: {{ tpl .awsPath $ | quote }} - {{- end }} diff --git a/.internal-ci/helm/consensus-node-config/templates/node-msg-signer-key-secret.yaml b/.internal-ci/helm/consensus-node-config/templates/node-msg-signer-key-secret.yaml deleted file mode 100644 index c3a85d0d63..0000000000 --- a/.internal-ci/helm/consensus-node-config/templates/node-msg-signer-key-secret.yaml +++ /dev/null @@ -1,10 +0,0 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ include "consensusNodeConfig.fullname" . }}-msg-signer-key - labels: - {{- include "consensusNodeConfig.labels" . | nindent 4 }} -stringData: - MC_MSG_SIGNER_KEY: {{ .Values.node.msgSignerKey.privateKey | quote }} diff --git a/.internal-ci/helm/consensus-node-config/templates/node-network-config-configmap.yaml b/.internal-ci/helm/consensus-node-config/templates/node-network-config-configmap.yaml deleted file mode 100644 index ffbe1a2247..0000000000 --- a/.internal-ci/helm/consensus-node-config/templates/node-network-config-configmap.yaml +++ /dev/null @@ -1,10 +0,0 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "consensusNodeConfig.fullname" . }}-network-config - labels: - {{- include "consensusNodeConfig.labels" . | nindent 4 }} -data: - network.json: |- - {{- include "consensusNodeConfig.networkJson" . | nindent 4 }} diff --git a/.internal-ci/helm/consensus-node-config/templates/node-tokens-config-configmap.yaml b/.internal-ci/helm/consensus-node-config/templates/node-tokens-config-configmap.yaml deleted file mode 100644 index 5c4ffe74f0..0000000000 --- a/.internal-ci/helm/consensus-node-config/templates/node-tokens-config-configmap.yaml +++ /dev/null @@ -1,12 +0,0 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation -{{- if .Values.global.node.tokensConfig }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "consensusNodeConfig.fullname" . }}-tokens-config - labels: - {{- include "consensusNodeConfig.labels" . | nindent 4 }} -data: - tokens.signed.json: | - {{- .Values.global.node.tokensConfig.tokensSignedJson | nindent 4 }} -{{- end }} diff --git a/.internal-ci/helm/consensus-node-config/values.yaml b/.internal-ci/helm/consensus-node-config/values.yaml deleted file mode 100644 index a1a4b4770f..0000000000 --- a/.internal-ci/helm/consensus-node-config/values.yaml +++ /dev/null @@ -1,67 +0,0 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation -### Set fullnameOverride to match the consensus-node release name. -# example consensus-node-1 -fullnameOverride: '' - -### This node's specific values -node: - ### This node's client fully qualified domain name. - client: - hostname: '' - ### This node's peer fully qualified domain name. - # maps to - peer: - hostname: '' - - ### S3 bucket for thin node's ledger - txSourceUrl: '' - - ### This nodes's Message Signing Key - msgSignerKey: - privateKey: '' - -### Values that will be shared by all nodes, but generate a unique k8s objects per node. -global: - node: - ### Node configuration settings - nodeConfig: - ### Block version - set to upgrade block version. - blockVersion: 0 - - ### Ledger distribution settings. The default for awsPath is auto-generated based on - # this values, but can be overridden. - # https://github.com/mobilecoinfoundation/mobilecoin/tree/main/ledger/distribution - ledgerDistribution: - awsAccessKeyId: '' - awsSecretAccessKey: '' - awsRegion: '' - s3Bucket: '' - awsPath: '{{ include "consensusNodeConfig.ledgerDistributionAWSPath" . }}' - startFrom: last - - ### Network config list of settings to generate the network.toml file. - # You can list all the peers here. When we generate the node's config we - # will skip the the local node. - # https://github.com/mobilecoinfoundation/mobilecoin/tree/main/consensus/service - networkConfig: - threshold: '' - peers: {} - ### Needs to be a map so we can override a specific entry. - # The keys names don't really matter. - # 1: - # peer: - # hostname: peer1.test.example.com - # port: '443' - # signerPublicKey: public-key - # ledgerArchiveLocation: https://s3-location-hostname/ledger/peer1.test.example.com - - # json formatted tokens configuration file. see consensus/service/config/src/tokens.rs - # Add signed tokens.json with --set-file=global.node.tokensConfig.tokensSignedJson=tokens.signed.json - # tokensConfig: - # tokensSignedJson: |- - - ### Enable haproxy IP blocklist for ingress - # pattern is the object in the configmap shared between infra-haproxy-blocklist and haproxy kubernetes-ingress - blocklist: - enabled: "false" - pattern: patterns/blocked-countries diff --git a/.internal-ci/helm/consensus-node/Chart.yaml b/.internal-ci/helm/consensus-node/Chart.yaml index 8b959dfaa2..5c2d6729a5 100644 --- a/.internal-ci/helm/consensus-node/Chart.yaml +++ b/.internal-ci/helm/consensus-node/Chart.yaml @@ -1,18 +1,7 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation +# Copyright (c) 2018-2024 The MobileCoin Foundation apiVersion: v2 name: consensus-node description: MobileCoin consensus node type: application version: 0.0.0 appVersion: 0.0.0 -dependencies: -- name: consensus-node-config - repository: file://../consensus-node-config - version: 0.0.0 - condition: consensusNodeConfig.enabled - alias: consensusNodeConfig -- name: mc-core-common-config - repository: file://../mc-core-common-config - version: 0.0.0 - condition: mcCoreCommonConfig.enabled - alias: mcCoreCommonConfig diff --git a/.internal-ci/helm/consensus-node/README.md b/.internal-ci/helm/consensus-node/README.md index f237d4d171..bc29ba41c4 100644 --- a/.internal-ci/helm/consensus-node/README.md +++ b/.internal-ci/helm/consensus-node/README.md @@ -1,26 +1,115 @@ # consensus-node Helm Chart -Deploy a single node of the consensus service +## Launch a node. -```sh -helm upgrade node1 ./ -i -n \ - --set image.tag=prod-1.0.1-pre2 +The example node will be `consensus-node-1` + +### Required Secrets + +__Ledger Distribution__ + +Configuration for AWS S3 bucket used to store the ledger. + +The name should be prefixed with the name of the helm release (`consensus-node-1`). + +```yaml +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: consensus-node-1-ledger-distribution +stringData: + AWS_ACCESS_KEY_ID: + AWS_SECRET_ACCESS_KEY: + AWS_REGION: eu-west-2 + # bucket name + LEDGER_DISTRIBUTION_S3_BUCKET: ledger.mainnet.mobilecoinww.com + # s3 url to bucket + MC_DEST: s3://ledger.mainnet.mobilecoinww.com/node1.prod.mobilecoinww.com?region=eu-west-2 + # HTTP path to s3 bucket - may be behind a CDN + MC_TX_SOURCE_URL: https://ledger.mobilecoinww.com/node1.prod.mobilecoinww.com/ ``` -Note: generated PersistentVolumeClaims will stick around if the Helm Chart is removed or the pods are deleted and allowed to regenerate. -## Setup +__Message Signer Private Key__ -Configure a `values.yaml` file or pre-populate your namespace with the following ConfigMaps and Secrets. +The private key for peer communication. -- `mobilecoin-network` +The name should be prefixed with the name of the helm release (`consensus-node-1`). - Mobilecoin network value for monitoring: mainnet, testnet, alpha... +```yaml +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: consensus-node-1-msg-signer-key +stringData: + MC_MSG_SIGNER_KEY: +``` + +### Required ConfigMaps + +__Tokens Config__ + +The tokens config is shared by all consensus nodes on the network. It only needs to be installed once and should be named `tokens-config` + +```yaml +apiVersion: v1 + kind: ConfigMap +metadata: + name: tokens-config +data: + tokens.signed.json: | + { + + } +``` +__Network Config__ - ```yaml - apiVersion: v1 - kind: ConfigMap - metadata: - name: mobilecoin-network - data: - network: testnet - ``` \ No newline at end of file +Network Config is unique for each node and contains the list of all _other_ peers and their message public keys. + +The name should be prefixed with the name of the helm release (`consensus-node-1`). + +```yaml +apiVersion: v1 + kind: ConfigMap +metadata: + name: consensus-node-1-network-config +data: + network.json: |- + { + "broadcast_peers": [ + ], + "quorum_set": { + "members": [ + { + "args": "", + "type": "Node" + }, + ], + "threshold": 7 + }, + "tx_source_urls": [ + ] + } +``` + +### Helm chart + +Set up values yaml: +```yaml +mobilecoin: + network: main + partner: mc + +node: + config: + clientHostname: node1.prod.mobilecoinww.com + peerHostname: peer1.prod.mobilecoinww.com +``` + +Launch Helm chart + +```sh +helm upgrade consensus-node-1 mcf-public/consensus-node -i -n --version \ + -f values.yaml +``` diff --git a/.internal-ci/helm/consensus-node/templates/NOTES.txt b/.internal-ci/helm/consensus-node/templates/NOTES.txt deleted file mode 100644 index b63e476da3..0000000000 --- a/.internal-ci/helm/consensus-node/templates/NOTES.txt +++ /dev/null @@ -1,17 +0,0 @@ - -:::: :::: :::::::: ::::::::: ::::::::::: ::: :::::::::: -+:+:+: :+:+:+ :+: :+: :+: :+: :+: :+: :+: -+:+ +:+:+ +:+ +:+ +:+ +:+ +:+ +:+ +:+ +:+ -+#+ +:+ +#+ +#+ +:+ +#++:++#+ +#+ +#+ +#++:++# -+#+ +#+ +#+ +#+ +#+ +#+ +#+ +#+ +#+ -#+# #+# #+# #+# #+# #+# #+# #+# #+# -### ### ######## ######### ########### ########## ########## - :::::::: :::::::: ::::::::::: :::: ::: -:+: :+: :+: :+: :+: :+:+: :+: -+:+ +:+ +:+ +:+ :+:+:+ +:+ -+#+ +#+ +:+ +#+ +#+ +:+ +#+ -+#+ +#+ +#+ +#+ +#+ +#+#+# -#+# #+# #+# #+# #+# #+# #+#+# - ######## ######## ########### ### #### - -MobileCoin Node deployment completed successfully. \ No newline at end of file diff --git a/.internal-ci/helm/consensus-node/templates/_helpers.tpl b/.internal-ci/helm/consensus-node/templates/_helpers.tpl index 039724dbf5..99d1e721ac 100644 --- a/.internal-ci/helm/consensus-node/templates/_helpers.tpl +++ b/.internal-ci/helm/consensus-node/templates/_helpers.tpl @@ -1,4 +1,4 @@ -{{/* Copyright (c) 2018-2022 The MobileCoin Foundation */}} +{{/* Copyright (c) 2018-2024 The MobileCoin Foundation */}} {{/* Expand the name of the consensusNode. */}} {{- define "consensusNode.name" -}} @@ -44,100 +44,6 @@ app.kubernetes.io/name: {{ include "consensusNode.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} -{{/* Define Secret and ConfigMap object names */}} -{{- define "consensusNode.nodeConfig.configMap.name" -}} -{{ include "consensusNode.fullname" . }}-consensus-node -{{- end }} - -{{- define "consensusNode.ledgerDistribution.secret.name" -}} -{{ include "consensusNode.fullname" . }}-ledger-distribution -{{- end }} - -{{- define "consensusNode.msgSignerKey.secret.name" -}} -{{ include "consensusNode.fullname" . }}-msg-signer-key -{{- end }} - -{{- define "consensusNode.networkConfig.configMap.name" -}} -{{ include "consensusNode.fullname" . }}-network-config -{{- end }} - -{{- define "consensusNode.tokensConfig.configMap.name" -}} -{{ include "consensusNode.fullname" . }}-tokens-config -{{- end }} - -{{- define "consensusNode.ingressBlocklist.configMap.name" -}} -{{ include "consensusNode.fullname" . }}-ingress-blocklist -{{- end }} - -{{/* -peer and client hostnames - we need this for ingress. -lookup name from configmap if we have created the objects in consensus-node-config separately. -*/}} -{{- define "consensusNode.peerHostname" -}} - {{- if eq .Values.consensusNodeConfig.enabled false }} - {{- (lookup "v1" "ConfigMap" .Release.Namespace (include "consensusNode.nodeConfig.configMap.name" .)).data.PEER_HOSTNAME | default "" }} - {{- else }} - {{- tpl .Values.consensusNodeConfig.node.peer.hostname . }} - {{- end }} -{{- end }} - -{{- define "consensusNode.clientHostname" -}} - {{- if eq .Values.consensusNodeConfig.enabled false }} - {{- (lookup "v1" "ConfigMap" .Release.Namespace (include "consensusNode.nodeConfig.configMap.name" .)).data.CLIENT_HOSTNAME | default "" }} - {{- else }} - {{- tpl .Values.consensusNodeConfig.node.client.hostname . }} - {{- end }} -{{- end }} - -{{- define "consensusNode.blockVersion" -}} - {{- if eq .Values.consensusNodeConfig.enabled false }} - {{- (lookup "v1" "ConfigMap" .Release.Namespace (include "consensusNode.nodeConfig.configMap.name" .)).data.BLOCK_VERSION | default "false" }} - {{- else }} - {{- tpl .Values.global.node.nodeConfig.blockVersion . }} - {{- end }} -{{- end }} - -{{- define "consensusNode.txSourceUrl" -}} - {{- if eq .Values.consensusNodeConfig.enabled false }} - {{- (lookup "v1" "ConfigMap" .Release.Namespace (include "consensusNode.nodeConfig.configMap.name" .)).data.TX_SOURCE_URL | default "false" }} - {{- else }} - {{- tpl .Values.global.node.nodeConfig.txSourceUrl . }} - {{- end }} -{{- end }} - -{{/* Mobilecoin Network monitoring labels */}} -{{- define "consensusNode.mobileCoinNetwork.network" -}} - {{- if eq .Values.mcCoreCommonConfig.enabled false }} - {{- (lookup "v1" "ConfigMap" .Release.Namespace "mobilecoin-network").data.network | default "" }} - {{- else }} - {{- tpl .Values.mcCoreCommonConfig.mobileCoinNetwork.network . }} - {{- end }} -{{- end }} - -{{- define "consensusNode.mobileCoinNetwork.partner" -}} - {{- if eq .Values.mcCoreCommonConfig.enabled false }} - {{- (lookup "v1" "ConfigMap" .Release.Namespace "mobilecoin-network").data.partner | default "" }} - {{- else }} - {{- tpl .Values.mcCoreCommonConfig.mobileCoinNetwork.partner . }} - {{- end }} -{{- end }} - -{{- define "consensusNode.blocklist.enabled" -}} - {{- if eq .Values.consensusNodeConfig.enabled false }} - {{- (lookup "v1" "ConfigMap" .Release.Namespace (include "consensusNode.ingressBlocklist.configMap.name" .)).data.BLOCKLIST_ENABLED | default "false" }} - {{- else }} - {{- tpl .Values.global.blocklist.enabled . }} - {{- end }} -{{- end }} - -{{- define "consensusNode.blocklist.pattern" -}} - {{- if eq .Values.consensusNodeConfig.enabled false }} - {{- (lookup "v1" "ConfigMap" .Release.Namespace (include "consensusNode.ingressBlocklist.configMap.name" .)).data.BLOCKLIST_PATTERN | default "" }} - {{- else }} - {{- tpl .Values.global.blocklist.pattern . }} - {{- end }} -{{- end }} - {{/* Find the instance number of the consensus deploy (1, 2, 3...) */}} {{- define "consensusNode.instanceNumber" -}} {{- if (regexMatch ".*-[0-9]+$" (include "consensusNode.fullname" .)) }} diff --git a/.internal-ci/helm/consensus-node/templates/client-grpc-attest-ingress.yaml b/.internal-ci/helm/consensus-node/templates/client-grpc-attest-ingress.yaml index 28063d3928..e6610e55f9 100644 --- a/.internal-ci/helm/consensus-node/templates/client-grpc-attest-ingress.yaml +++ b/.internal-ci/helm/consensus-node/templates/client-grpc-attest-ingress.yaml @@ -1,34 +1,38 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation +# Copyright (c) 2018-2024 The MobileCoin Foundation # split out attest endpoint for client port so we can set rate limiting. +{{- with .Values.node.ingress }} +{{- if .enabled }} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: {{ include "consensusNode.fullname" . }}-client-grpc-attest + name: {{ include "consensusNode.fullname" $ }}-client-grpc-attest annotations: - {{- if .Values.node.ingress.clientAttest.rateLimits.enabled }} - {{- toYaml .Values.node.ingress.clientAttest.rateLimits.annotations | nindent 4 }} - haproxy.org/rate-limit-period: {{ include "consensusNode.rateLimitPeriod" . | quote }} + {{- if .clientAttest.rateLimits.enabled }} + {{- toYaml .clientAttest.rateLimits.annotations | nindent 4 }} + haproxy.org/rate-limit-period: {{ include "consensusNode.rateLimitPeriod" $ | quote }} {{- end }} - {{- if eq (include "consensusNode.blocklist.enabled" .) "true" }} - haproxy.org/blacklist: {{ include "consensusNode.blocklist.pattern" . }} + {{- if .common.blocklist.enabled }} + haproxy.org/blacklist: {{ .common.blocklist.pattern | quote }} {{- end }} - {{- toYaml .Values.node.ingress.common.annotations | nindent 4 }} - {{- toYaml .Values.node.ingress.grpc.annotations | nindent 4 }} + {{- toYaml .common.annotations | nindent 4 }} + {{- toYaml .grpc.annotations | nindent 4 }} labels: - {{- include "consensusNode.labels" . | nindent 4 }} + {{- include "consensusNode.labels" $ | nindent 4 }} spec: tls: - hosts: - - {{ include "consensusNode.clientHostname" . }} - secretName: {{ include "consensusNode.fullname" . }}-ingress-tls + - {{ $.Values.node.config.clientHostname }} + secretName: {{ include "consensusNode.fullname" $ }}-ingress-tls rules: - - host: {{ include "consensusNode.clientHostname" . }} + - host: {{ $.Values.node.config.clientHostname }} http: paths: - path: /attest.AttestedApi pathType: Prefix backend: service: - name: {{ include "consensusNode.fullname" . }} + name: {{ include "consensusNode.fullname" $ }} port: name: client-grpc +{{- end }} +{{- end }} diff --git a/.internal-ci/helm/consensus-node/templates/client-grpc-ingress.yaml b/.internal-ci/helm/consensus-node/templates/client-grpc-ingress.yaml index d34632cf1e..9e2d32902a 100644 --- a/.internal-ci/helm/consensus-node/templates/client-grpc-ingress.yaml +++ b/.internal-ci/helm/consensus-node/templates/client-grpc-ingress.yaml @@ -1,43 +1,47 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation +# Copyright (c) 2018-2024 The MobileCoin Foundation +{{- with .Values.node.ingress }} +{{- if .enabled }} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: {{ include "consensusNode.fullname" . }}-client-grpc + name: {{ include "consensusNode.fullname" $ }}-client-grpc annotations: - {{- if eq (include "consensusNode.blocklist.enabled" .) "true" }} - haproxy.org/blacklist: {{ include "consensusNode.blocklist.pattern" . }} + {{- if .common.blocklist.enabled }} + haproxy.org/blacklist: {{ .common.blocklist.pattern | quote }} {{- end }} - {{- toYaml .Values.node.ingress.common.annotations | nindent 4 }} - {{- toYaml .Values.node.ingress.grpc.annotations | nindent 4 }} + {{- toYaml .common.annotations | nindent 4 }} + {{- toYaml .grpc.annotations | nindent 4 }} labels: - {{- include "consensusNode.labels" . | nindent 4 }} + {{- include "consensusNode.labels" $ | nindent 4 }} spec: tls: - hosts: - - {{ include "consensusNode.clientHostname" . }} - secretName: {{ include "consensusNode.fullname" . }}-ingress-tls + - {{ $.Values.node.config.clientHostname }} + secretName: {{ include "consensusNode.fullname" $ }}-ingress-tls rules: - - host: {{ include "consensusNode.clientHostname" . }} + - host: {{ $.Values.node.config.clientHostname }} http: paths: - path: /build_info.BuildInfoApi pathType: Prefix backend: service: - name: {{ include "consensusNode.fullname" . }} + name: {{ include "consensusNode.fullname" $ }} port: name: client-grpc - path: /consensus_common.BlockchainAPI pathType: Prefix backend: service: - name: {{ include "consensusNode.fullname" . }} + name: {{ include "consensusNode.fullname" $ }} port: name: client-grpc - path: /consensus_client.ConsensusClientAPI pathType: Prefix backend: service: - name: {{ include "consensusNode.fullname" . }} + name: {{ include "consensusNode.fullname" $ }} port: name: client-grpc +{{- end }} +{{- end }} diff --git a/.internal-ci/helm/consensus-node/templates/client-http-attest-ingress.yaml b/.internal-ci/helm/consensus-node/templates/client-http-attest-ingress.yaml index 11e307f928..7915200a9f 100644 --- a/.internal-ci/helm/consensus-node/templates/client-http-attest-ingress.yaml +++ b/.internal-ci/helm/consensus-node/templates/client-http-attest-ingress.yaml @@ -1,34 +1,38 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation +# Copyright (c) 2018-2024 The MobileCoin Foundation # split out attest endpoint for client port so we can set rate limiting. +{{- with .Values.node.ingress }} +{{- if .enabled }} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: {{ include "consensusNode.fullname" . }}-client-http-attest + name: {{ include "consensusNode.fullname" $ }}-client-http-attest annotations: - {{- if .Values.node.ingress.clientAttest.rateLimits.enabled }} - {{- toYaml .Values.node.ingress.clientAttest.rateLimits.annotations | nindent 4 }} - haproxy.org/rate-limit-period: {{ include "consensusNode.rateLimitPeriod" . | quote }} + {{- if .clientAttest.rateLimits.enabled }} + {{- toYaml .clientAttest.rateLimits.annotations | nindent 4 }} + haproxy.org/rate-limit-period: {{ include "consensusNode.rateLimitPeriod" $ | quote }} {{- end }} - {{- if eq (include "consensusNode.blocklist.enabled" .) "true" }} - haproxy.org/blacklist: {{ include "consensusNode.blocklist.pattern" . }} + {{- if .common.blocklist.enabled }} + haproxy.org/blacklist: {{ .common.blocklist.pattern | quote }} {{- end }} - {{- toYaml .Values.node.ingress.common.annotations | nindent 4 }} - {{- toYaml .Values.node.ingress.http.annotations | nindent 4 }} + {{- toYaml .common.annotations | nindent 4 }} + {{- toYaml .http.annotations | nindent 4 }} labels: - {{- include "consensusNode.labels" . | nindent 4 }} + {{- include "consensusNode.labels" $ | nindent 4 }} spec: tls: - hosts: - - {{ include "consensusNode.clientHostname" . }} - secretName: {{ include "consensusNode.fullname" . }}-ingress-tls + - {{ $.Values.node.config.clientHostname }} + secretName: {{ include "consensusNode.fullname" $ }}-ingress-tls rules: - - host: {{ include "consensusNode.clientHostname" . }} + - host: {{ $.Values.node.config.clientHostname }} http: paths: - path: /gw/attest.AttestedApi pathType: Prefix backend: service: - name: {{ include "consensusNode.fullname" . }} + name: {{ include "consensusNode.fullname" $ }} port: name: client-http +{{- end }} +{{- end }} diff --git a/.internal-ci/helm/consensus-node/templates/client-http-ingress.yaml b/.internal-ci/helm/consensus-node/templates/client-http-ingress.yaml index f48ba02edd..4156312729 100644 --- a/.internal-ci/helm/consensus-node/templates/client-http-ingress.yaml +++ b/.internal-ci/helm/consensus-node/templates/client-http-ingress.yaml @@ -1,43 +1,47 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation +# Copyright (c) 2018-2024 The MobileCoin Foundation +{{- with .Values.node.ingress }} +{{- if .enabled }} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: {{ include "consensusNode.fullname" . }}-client-http + name: {{ include "consensusNode.fullname" $ }}-client-http annotations: - {{- if eq (include "consensusNode.blocklist.enabled" .) "true" }} - haproxy.org/blacklist: {{ include "consensusNode.blocklist.pattern" . }} + {{- if .common.blocklist.enabled }} + haproxy.org/blacklist: {{ .common.blocklist.pattern | quote }} {{- end }} - {{- toYaml .Values.node.ingress.common.annotations | nindent 4 }} - {{- toYaml .Values.node.ingress.http.annotations | nindent 4 }} + {{- toYaml .common.annotations | nindent 4 }} + {{- toYaml .http.annotations | nindent 4 }} labels: - {{- include "consensusNode.labels" . | nindent 4 }} + {{- include "consensusNode.labels" $ | nindent 4 }} spec: tls: - hosts: - - {{ include "consensusNode.clientHostname" . }} - secretName: {{ include "consensusNode.fullname" . }}-ingress-tls + - {{ $.Values.node.config.clientHostname }} + secretName: {{ include "consensusNode.fullname" $ }}-ingress-tls rules: - - host: {{ include "consensusNode.clientHostname" . }} + - host: {{ $.Values.node.config.clientHostname }} http: paths: - path: /gw/build_info.BuildInfoApi pathType: Prefix backend: service: - name: {{ include "consensusNode.fullname" . }} + name: {{ include "consensusNode.fullname" $ }} port: name: client-http - path: /gw/consensus_common.BlockchainAPI pathType: Prefix backend: service: - name: {{ include "consensusNode.fullname" . }} + name: {{ include "consensusNode.fullname" $ }} port: name: client-http - path: /gw/consensus_client.ConsensusClientAPI pathType: Prefix backend: service: - name: {{ include "consensusNode.fullname" . }} + name: {{ include "consensusNode.fullname" $ }} port: name: client-http +{{- end }} +{{- end }} diff --git a/.internal-ci/helm/consensus-node/templates/ingress-tls-certificate.yaml b/.internal-ci/helm/consensus-node/templates/ingress-tls-certificate.yaml index 9afc02f5a3..79dae87355 100644 --- a/.internal-ci/helm/consensus-node/templates/ingress-tls-certificate.yaml +++ b/.internal-ci/helm/consensus-node/templates/ingress-tls-certificate.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation +# Copyright (c) 2018-2024 The MobileCoin Foundation apiVersion: cert-manager.io/v1 kind: Certificate metadata: @@ -12,8 +12,8 @@ spec: algorithm: RSA encoding: PKCS1 dnsNames: - - {{ include "consensusNode.clientHostname" . }} - - {{ include "consensusNode.peerHostname" . }} + - {{ .Values.node.config.clientHostname }} + - {{ .Values.node.config.peerHostname }} issuerRef: - name: {{ .Values.global.certManagerClusterIssuer }} + name: {{ .Values.node.ingress.common.tls.clusterIssuer }} kind: ClusterIssuer diff --git a/.internal-ci/helm/consensus-node/templates/node-certificate.yaml b/.internal-ci/helm/consensus-node/templates/node-certificate.yaml index 3a927c4695..3cc11fe167 100644 --- a/.internal-ci/helm/consensus-node/templates/node-certificate.yaml +++ b/.internal-ci/helm/consensus-node/templates/node-certificate.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation +# Copyright (c) 2018-2024 The MobileCoin Foundation apiVersion: cert-manager.io/v1 kind: Certificate metadata: @@ -18,7 +18,7 @@ spec: - server auth - client auth dnsNames: - - {{ include "consensusNode.peerHostname" . }} + - {{ .Values.node.config.peerHostname }} issuerRef: name: internal-ca-issuer kind: ClusterIssuer diff --git a/.internal-ci/helm/consensus-node/templates/node-configmap.yaml b/.internal-ci/helm/consensus-node/templates/node-configmap.yaml new file mode 100644 index 0000000000..18e22d966c --- /dev/null +++ b/.internal-ci/helm/consensus-node/templates/node-configmap.yaml @@ -0,0 +1,11 @@ +# Copyright (c) 2018-2024 The MobileCoin Foundation +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "consensusNode.fullname" . }} + labels: + {{- include "consensusNode.labels" . | nindent 4 }} +data: + MC_BLOCK_VERSION: {{ .Values.node.config.blockVersion | squote }} + MC_CLIENT_RESPONDER_ID: "{{ .Values.node.config.clientHostname }}:443" + MC_PEER_RESPONDER_ID: "{{ .Values.node.config.peerHostname }}:443" diff --git a/.internal-ci/helm/consensus-node/templates/node-data-volume.yaml b/.internal-ci/helm/consensus-node/templates/node-data-volume.yaml index e98be24574..c8985b9eff 100644 --- a/.internal-ci/helm/consensus-node/templates/node-data-volume.yaml +++ b/.internal-ci/helm/consensus-node/templates/node-data-volume.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation +# Copyright (c) 2018-2024 The MobileCoin Foundation {{- if .Values.node.persistence.enabled }} apiVersion: v1 kind: PersistentVolumeClaim diff --git a/.internal-ci/helm/consensus-node/templates/node-deployment.yaml b/.internal-ci/helm/consensus-node/templates/node-deployment.yaml index e4faa8db49..908ad3b990 100644 --- a/.internal-ci/helm/consensus-node/templates/node-deployment.yaml +++ b/.internal-ci/helm/consensus-node/templates/node-deployment.yaml @@ -26,9 +26,6 @@ spec: labels: app: consensus-node {{- include "consensusNode.labels" . | nindent 8 }} - {{- if .Values.loadBalancedNode }} - client-load-balanced: 'true' - {{- end }} spec: # Try to balance pods across zones topologySpreadConstraints: @@ -96,11 +93,11 @@ spec: initialDelaySeconds: 30 envFrom: - secretRef: - name: {{ include "consensusNode.ledgerDistribution.secret.name" . }} + name: {{ include "consensusNode.fullname" . }}-ledger-distribution - secretRef: - name: {{ include "consensusNode.msgSignerKey.secret.name" . }} + name: {{ include "consensusNode.fullname" . }}-msg-signer-key - configMapRef: - name: {{ include "consensusNode.nodeConfig.configMap.name" . }} + name: {{ include "consensusNode.fullname" . }} - secretRef: name: sample-keys-seeds optional: true @@ -116,21 +113,17 @@ spec: configMapKeyRef: name: sentry key: consensus-sentry-dsn + optional: true - name: LEDGER_DISTRIBUTION_SENTRY_DSN valueFrom: configMapKeyRef: name: sentry key: ledger-distribution-sentry-dsn + optional: true - name: MC_BRANCH - valueFrom: - configMapKeyRef: - name: mobilecoin-network - key: network + value: {{ .Values.mobilecoin.network }} - name: MC_CHAIN_ID - valueFrom: - configMapKeyRef: - name: mobilecoin-network - key: network + value: {{ .Values.mobilecoin.network }} volumeMounts: - name: sealed-signing-key mountPath: /sealed @@ -194,7 +187,7 @@ spec: apiVersion: v1 fieldPath: status.hostIP args: - - --reporter.grpc.host-port={{ .Values.jaegerTracing.collector }} + - --reporter.grpc.host-port=dns:///jaeger-collector:14250 - --reporter.type=grpc - --agent.tags=cluster=undefined,container.name=node,deployment.name={{ include "consensusNode.fullname" . }},host.ip=${HOST_IP:},pod.name=${POD_NAME:},pod.namespace={{ .Release.Namespace }} {{- end }} @@ -209,9 +202,9 @@ spec: projected: sources: - configMap: - name: {{ include "consensusNode.networkConfig.configMap.name" . }} + name: {{ include "consensusNode.fullname" . }}-network-config - configMap: - name: {{ include "consensusNode.tokensConfig.configMap.name" . }} + name: tokens-config - name: node-cert secret: secretName: {{ include "consensusNode.fullname" . }}-internal-tls diff --git a/.internal-ci/helm/consensus-node/templates/node-service.yaml b/.internal-ci/helm/consensus-node/templates/node-service.yaml index 48910a16ea..9a5d796c0f 100644 --- a/.internal-ci/helm/consensus-node/templates/node-service.yaml +++ b/.internal-ci/helm/consensus-node/templates/node-service.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation +# Copyright (c) 2018-2024 The MobileCoin Foundation apiVersion: v1 kind: Service metadata: diff --git a/.internal-ci/helm/consensus-node/templates/node-servicemonitor.yaml b/.internal-ci/helm/consensus-node/templates/node-servicemonitor.yaml index 2b28963428..9434d91cb0 100644 --- a/.internal-ci/helm/consensus-node/templates/node-servicemonitor.yaml +++ b/.internal-ci/helm/consensus-node/templates/node-servicemonitor.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation +# Copyright (c) 2018-2024 The MobileCoin Foundation apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -16,8 +16,8 @@ spec: - port: mgmt-http relabelings: - targetLabel: instance - replacement: {{ include "consensusNode.clientHostname" . }} + replacement: {{ .Values.node.config.clientHostname }} - targetLabel: network - replacement: {{ include "consensusNode.mobileCoinNetwork.network" . }} + replacement: {{ .Values.mobilecoin.network }} - targetLabel: partner - replacement: {{ include "consensusNode.mobileCoinNetwork.partner" . }} + replacement: {{ .Values.mobilecoin.partner }} diff --git a/.internal-ci/helm/consensus-node/templates/peer-grpc-ingress.yaml b/.internal-ci/helm/consensus-node/templates/peer-grpc-ingress.yaml index 014f236ade..e3d33aaa33 100644 --- a/.internal-ci/helm/consensus-node/templates/peer-grpc-ingress.yaml +++ b/.internal-ci/helm/consensus-node/templates/peer-grpc-ingress.yaml @@ -1,57 +1,61 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation +# Copyright (c) 2018-2024 The MobileCoin Foundation +{{- with .Values.node.ingress }} +{{- if .enabled }} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: {{ include "consensusNode.fullname" . }}-peer-grpc + name: {{ include "consensusNode.fullname" $ }}-peer-grpc annotations: - {{- if eq (include "consensusNode.blocklist.enabled" .) "true" }} - haproxy.org/blacklist: {{ include "consensusNode.blocklist.pattern" . }} + {{- if .common.blocklist.enabled }} + haproxy.org/blacklist: {{ .common.blocklist.pattern | quote }} {{- end }} - {{- toYaml .Values.node.ingress.common.annotations | nindent 4 }} - {{- toYaml .Values.node.ingress.grpc.annotations | nindent 4 }} + {{- toYaml .common.annotations | nindent 4 }} + {{- toYaml .grpc.annotations | nindent 4 }} labels: - {{- include "consensusNode.labels" . | nindent 4 }} + {{- include "consensusNode.labels" $ | nindent 4 }} spec: tls: - hosts: - - {{ include "consensusNode.peerHostname" . }} - secretName: {{ include "consensusNode.fullname" . }}-ingress-tls + - {{ $.Values.node.config.peerHostname }} + secretName: {{ include "consensusNode.fullname" $ }}-ingress-tls rules: - - host: {{ include "consensusNode.peerHostname" . }} + - host: {{ $.Values.node.config.peerHostname }} http: paths: - path: /attest.AttestedApi pathType: Prefix backend: service: - name: {{ include "consensusNode.fullname" . }} + name: {{ include "consensusNode.fullname" $ }} port: name: peer-grpc - path: /build_info pathType: Prefix backend: service: - name: {{ include "consensusNode.fullname" . }} + name: {{ include "consensusNode.fullname" $ }} port: name: peer-grpc - path: /consensus_common.BlockchainAPI pathType: Prefix backend: service: - name: {{ include "consensusNode.fullname" . }} + name: {{ include "consensusNode.fullname" $ }} port: name: peer-grpc - path: /consensus_peer.ConsensusPeerAPI pathType: Prefix backend: service: - name: {{ include "consensusNode.fullname" . }} + name: {{ include "consensusNode.fullname" $ }} port: name: peer-grpc - path: /grpc.health.v1.Health pathType: Prefix backend: service: - name: {{ include "consensusNode.fullname" . }} + name: {{ include "consensusNode.fullname" $ }} port: name: peer-grpc +{{- end }} +{{- end }} diff --git a/.internal-ci/helm/consensus-node/values.yaml b/.internal-ci/helm/consensus-node/values.yaml index 36d9b1450c..020b3dd210 100644 --- a/.internal-ci/helm/consensus-node/values.yaml +++ b/.internal-ci/helm/consensus-node/values.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018-2022 The MobileCoin Foundation +# Copyright (c) 2018-2024 The MobileCoin Foundation fullnameOverride: '' imagePullSecrets: @@ -8,63 +8,14 @@ image: org: mobilecoin tag: '' -### Shared values with child charts. -global: - certManagerClusterIssuer: letsencrypt-production-http - - # Shared across all instances of consensusNodeConfig config. - node: - ledgerDistribution: - awsAccessKeyId: '' - awsSecretAccessKey: '' - awsRegion: '' - s3Bucket: '' - startFrom: last - - networkConfig: - threshold: '' - peers: {} - - # tokensConfig: - # tokensSignedJson: |- - # { json } - - blocklist: - enabled: "false" - pattern: patterns/blocked-countries +# disable client ports on the service +acceptClientConnections: true -### Enable to launch child chart to create node required configMaps and secrets. -# See helm/consensus-node-config/values.yaml for config details. -consensusNodeConfig: - enabled: false - fullnameOverride: '{{ .Release.Name }}' - node: - client: - hostname: '' - peer: - hostname: '' - txSourceUrl: '' - msgSignerKey: - privateKey: '' +# Mobilecoin network instance +mobilecoin: + network: '' + partner: '' -### Enable to launch child chart to create core common configMaps and secrets. -# See helm/mc-core-common-config/values.yaml for config details. -mcCoreCommonConfig: - enabled: false - # clientAuth: - # token: '' - # mobileCoinNetwork: - # network: '' - # partner: '' - # sentry: - # consensus-sentry-dsn: '' - # ledger-distribution-sentry-dsn: '' - # fog-report-sentry-dsn: '' - # fog-view-sentry-dsn: '' - # fog-ledger-sentry-dsn: '' - # fog-ingest-sentry-dsn: '' - -# Consensus node settings node: image: org: '' @@ -83,6 +34,8 @@ node: limits: sgx.intel.com/epc: 512Ki requests: + cpu: 1 + memory: 10Gi sgx.intel.com/epc: 512Ki tolerations: @@ -103,8 +56,19 @@ node: requests: storage: 512Gi + config: + clientHostname: '' + peerHostname: '' + blockVersion: '4' + ingress: + enabled: true common: + tls: + clusterIssuer: letsencrypt-production-http + blocklist: + enabled: true + pattern: patterns/blocked-countries annotations: haproxy.org/server-ssl: 'false' # The backend (server) is http haproxy.org/timeout-client: 239s # 4 min timeout on azure @@ -137,6 +101,43 @@ node: haproxy.org/rate-limit-requests: "60" # rate-limit-period is defined in _helpers.tpl based on the consensus node instance number + ### These configmaps and secrets must be deployed by external process to the namespace. + # override the name of the required configmaps + externalConfigMaps: + # Sentry is Optional + sentry: + name: sentry + ### required keys: + # consensus-sentry-dsn: + # ledger-distribution-sentry-dsn: + tokensConfig: + name: tokens-config + ### required keys: + # tokens.signed.json: + networkConfig: + # The name will be be set unique to the instance + # "{{ include "consensusNode.fullname" . }}-network-config" + ### required keys: + # network.json: + + + # override the name of the required secrets + externalSecrets: + ledgerDistribution: + # The name will be be set unique to the instance + # "{{ include "consensusNode.fullname" . }}-ledger-distribution" + ### required keys: + # AWS_ACCESS_KEY_ID: + # AWS_SECRET_ACCESS_KEY: + # AWS_REGION: + # LEDGER_DISTRIBUTION_S3_BUCKET: + # MC_DEST: + msgSignerKey: + # The name will be be set unique to the instance + # "{{ include "consensusNode.fullname" . }}-msg-signer-key" + ### required keys: + # MC_MSG_SIGNER_KEY: + # GRPC Gateway settings grpcGateway: image: @@ -144,9 +145,5 @@ grpcGateway: name: go-grpc-gateway nodeSelector: {} -# Disable Client Connects -acceptClientConnections: true - jaegerTracing: - enabled: true - collector: 'dns:///jaeger-collector:14250' + enabled: false diff --git a/.internal-ci/helm/fog-ledger/values.yaml b/.internal-ci/helm/fog-ledger/values.yaml index 8b285497db..4c8b278934 100644 --- a/.internal-ci/helm/fog-ledger/values.yaml +++ b/.internal-ci/helm/fog-ledger/values.yaml @@ -18,7 +18,7 @@ fogLedger: # Assume default is a dev network. We can always define a "network" value if needed. default: shardSize: 20_000 - exceedBlockHeightBy: 5_000 + exceedBlockHeightBy: 0 shardOverlap: 0 count: 2 blockHeightRetrieval: @@ -28,7 +28,7 @@ fogLedger: requestBody: '' test: shardSize: 400_000 - exceedBlockHeightBy: 10_000 + exceedBlockHeightBy: 0 shardOverlap: 0 count: 2 blockHeightRetrieval: @@ -38,7 +38,7 @@ fogLedger: requestBody: '' main: shardSize: 400_000 - exceedBlockHeightBy: 10_000 + exceedBlockHeightBy: 0 shardOverlap: 0 count: 3 blockHeightRetrieval: diff --git a/.internal-ci/helm/fog-view/templates/fog-view-fogshardrangegenerator.yaml b/.internal-ci/helm/fog-view/templates/fog-view-fogshardrangegenerator.yaml index 97385cd191..172f8e1e51 100644 --- a/.internal-ci/helm/fog-view/templates/fog-view-fogshardrangegenerator.yaml +++ b/.internal-ci/helm/fog-view/templates/fog-view-fogshardrangegenerator.yaml @@ -196,7 +196,7 @@ spec: apiVersion: v1 fieldPath: status.hostIP args: - - --reporter.grpc.host-port={{ $.Values.jaegerTracing.collector }} + - --reporter.grpc.host-port=dns:///jaeger-collector:14250 - --reporter.type=grpc - --agent.tags=cluster=undefined,container.name=fog-view-router,deployment.name={{ include "fog-view.fullname" $ }},host.ip=${HOST_IP:},pod.name=${POD_NAME:},pod.namespace={{ $.Release.Namespace }} {{- end }} @@ -416,7 +416,7 @@ spec: apiVersion: v1 fieldPath: status.hostIP args: - - --reporter.grpc.host-port={{ $.Values.jaegerTracing.collector }} + - --reporter.grpc.host-port=dns:///jaeger-collector:14250 - --reporter.type=grpc - --agent.tags=cluster=undefined,container.name=fog-view,deployment.name={{ include "fog-view.fullname" $ }},host.ip=${HOST_IP:},pod.name=${POD_NAME:},pod.namespace={{ $.Release.Namespace }} {{- end }} diff --git a/.internal-ci/util/generate_dev_values-v5.1.sh b/.internal-ci/util/generate_dev_values-v5.1.sh deleted file mode 100755 index edab8b3a3e..0000000000 --- a/.internal-ci/util/generate_dev_values-v5.1.sh +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/bash -# Copyright (c) 2018-2022 The MobileCoin Foundation -# -# Generates message signer keys and populates other variables. - -location=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) - -# shellcheck source=.shared_functions -source "${location}/.shared_functions" - -BASE_PATH=${BASE_PATH:-.tmp} -TOKENS_PATH=${TOKENS_PATH:-"${BASE_PATH}/tokens.signed.json"} - -# generate msg signer keys -declare -a signer_keys_pub -declare -a signer_keys_pri - -count=1 -while [ ${count} -le 3 ] -do - key=$("${location}/generate_ed25519_keys.sh") - signer_keys_pub+=("$(echo -n "${key}" | grep public | awk -F': ' '{print $2}')") - signer_keys_pri+=("$(echo -n "${key}" | grep private | awk -F': ' '{print $2}')") - ((count++)) -done - -# Get token config or set empty for older configs. -tokens_signed_json="{}" -if [[ -f "${TOKENS_PATH}" ]] -then - tokens_signed_json=$(cat "${TOKENS_PATH}") -fi - -cat << EOF -global: - node: - ledgerDistribution: - awsAccessKeyId: '${LEDGER_AWS_ACCESS_KEY_ID}' - awsSecretAccessKey: '${LEDGER_AWS_SECRET_ACCESS_KEY}' - - networkConfig: - peers: - 1: - signerPublicKey: ${signer_keys_pub[0]} - 2: - signerPublicKey: ${signer_keys_pub[1]} - 3: - signerPublicKey: ${signer_keys_pub[2]} - - tokensConfig: - tokensSignedJson: | -$(echo -n "${tokens_signed_json}" | sed 's/^/ /') - -mcCoreCommonConfig: - ipinfo: - token: '${IP_INFO_TOKEN}' - sentry: - consensus-sentry-dsn: '${SENTRY_DSN_CONSENSUS}' - ledger-distribution-sentry-dsn: '${SENTRY_DSN_LEDGER_DISTRIBUTION}' - fog-report-sentry-dsn: '${SENTRY_DSN_FOG_INGEST}' - fog-view-sentry-dsn: '${SENTRY_DSN_FOG_VIEW}' - fog-ledger-sentry-dsn: '${SENTRY_DSN_FOG_LEDGER}' - fog-ingest-sentry-dsn: '${SENTRY_DSN_FOG_INGEST}' - -consensusNodeConfig1: - node: - msgSignerKey: - privateKey: ${signer_keys_pri[0]} - -consensusNodeConfig2: - node: - msgSignerKey: - privateKey: ${signer_keys_pri[1]} - -consensusNodeConfig3: - node: - msgSignerKey: - privateKey: ${signer_keys_pri[2]} -EOF diff --git a/.internal-ci/util/generate_dev_values.sh b/.internal-ci/util/generate_dev_values.sh deleted file mode 100755 index 5248fab843..0000000000 --- a/.internal-ci/util/generate_dev_values.sh +++ /dev/null @@ -1,90 +0,0 @@ -#!/bin/bash -# Copyright (c) 2018-2022 The MobileCoin Foundation -# -# Generates message signer keys and populates other variables. - -location=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) - -# shellcheck source=.shared_functions -source "${location}/.shared_functions" - -BASE_PATH=${BASE_PATH:-.tmp} -TOKENS_PATH=${TOKENS_PATH:-"${BASE_PATH}/tokens.signed.json"} - -# generate msg signer keys -declare -a signer_keys_pub -declare -a signer_keys_pri - -count=1 -while [ ${count} -le 3 ] -do - key=$("${location}/generate_ed25519_keys.sh") - signer_keys_pub+=("$(echo -n "${key}" | grep public | awk -F': ' '{print $2}')") - signer_keys_pri+=("$(echo -n "${key}" | grep private | awk -F': ' '{print $2}')") - ((count++)) -done - -# Get token config or set empty for older configs. -tokens_signed_json="{}" -if [[ -f "${TOKENS_PATH}" ]] -then - tokens_signed_json=$(cat "${TOKENS_PATH}") -fi - -cat << EOF -global: - node: - ledgerDistribution: - awsAccessKeyId: '${LEDGER_AWS_ACCESS_KEY_ID}' - awsSecretAccessKey: '${LEDGER_AWS_SECRET_ACCESS_KEY}' - - networkConfig: - peers: - 1: - signerPublicKey: ${signer_keys_pub[0]} - 2: - signerPublicKey: ${signer_keys_pub[1]} - 3: - signerPublicKey: ${signer_keys_pub[2]} - - tokensConfig: - tokensSignedJson: | -$(echo -n "${tokens_signed_json}" | sed 's/^/ /') - -mcCoreCommonConfig: - ipinfo: - token: '${IP_INFO_TOKEN}' - clientAuth: - token: '${CLIENT_AUTH_TOKEN}' - sentry: - consensus-sentry-dsn: '${SENTRY_DSN_CONSENSUS}' - ledger-distribution-sentry-dsn: '${SENTRY_DSN_LEDGER_DISTRIBUTION}' - fog-report-sentry-dsn: '${SENTRY_DSN_FOG_INGEST}' - fog-view-sentry-dsn: '${SENTRY_DSN_FOG_VIEW}' - fog-ledger-sentry-dsn: '${SENTRY_DSN_FOG_LEDGER}' - fog-ingest-sentry-dsn: '${SENTRY_DSN_FOG_INGEST}' - -consensusNodeConfig1: - node: - msgSignerKey: - privateKey: ${signer_keys_pri[0]} - -consensusNodeConfig2: - node: - msgSignerKey: - privateKey: ${signer_keys_pri[1]} - -consensusNodeConfig3: - node: - msgSignerKey: - privateKey: ${signer_keys_pri[2]} - -fogServicesConfig: - fogReport: - signingCert: - key: |- -$(echo -n "${FOG_REPORT_SIGNING_CERT_KEY}" | sed 's/^/ /') - crt: |- -$(echo -n "${FOG_REPORT_SIGNING_CERT}" | sed 's/^/ /') - -EOF diff --git a/.internal-ci/util/print_details.sh b/.internal-ci/util/print_details.sh index c5717e5800..96a98df0e4 100755 --- a/.internal-ci/util/print_details.sh +++ b/.internal-ci/util/print_details.sh @@ -14,23 +14,19 @@ ${VERSION} --- Dev Environment Logs --- -https://kibana.logit.io/app/kibana#/discover?_g=()&_a=(columns:!(_source),filters:!(('\$state':(store:appState),meta:(alias:!n,disabled:!f,index:'8ac115c0-aac1-11e8-88ea-0383c11b333c',key:azure.subscription,negate:!f,params:(query:development,type:phrase),type:phrase,value:development),query:(match:(azure.subscription:(query:development,type:phrase)))),('\$state':(store:appState),meta:(alias:!n,disabled:!f,index:'8ac115c0-aac1-11e8-88ea-0383c11b333c',key:kubernetes.namespace_name,negate:!f,params:(query:${NAMESPACE},type:phrase),type:phrase,value:${NAMESPACE}),query:(match:(kubernetes.namespace_name:(query:${NAMESPACE},type:phrase))))),index:'8ac115c0-aac1-11e8-88ea-0383c11b333c',interval:auto,query:(language:kuery,query:''),sort:!('@timestamp',desc)) +https://kibana.logit.io/s/c915db13-afe2-4ccb-85fd-723e18574a68/app/discover#/?_g=()&_a=(columns:!(_source),filters:!(('\$state':(store:appState),meta:(alias:!n,disabled:!f,index:'8ac115c0-aac1-11e8-88ea-0383c11b333c',key:kubernetes.namespace_name,negate:!f,params:(query:${NAMESPACE}),type:phrase),query:(match_phrase:(kubernetes.namespace_name:${NAMESPACE})))),index:'8ac115c0-aac1-11e8-88ea-0383c11b333c',interval:auto,query:(language:kuery,query:''),sort:!()) --- Consensus Endpoints --- node1.${NAMESPACE}.development.mobilecoin.com node2.${NAMESPACE}.development.mobilecoin.com node3.${NAMESPACE}.development.mobilecoin.com -node4.${NAMESPACE}.development.mobilecoin.com -node5.${NAMESPACE}.development.mobilecoin.com --- Consensus S3 Buckets --- https://s3-eu-central-1.amazonaws.com/mobilecoin.eu.development.chain/node1.${NAMESPACE}.development.mobilecoin.com/ https://s3-eu-central-1.amazonaws.com/mobilecoin.eu.development.chain/node2.${NAMESPACE}.development.mobilecoin.com/ https://s3-eu-central-1.amazonaws.com/mobilecoin.eu.development.chain/node3.${NAMESPACE}.development.mobilecoin.com/ -https://s3-eu-central-1.amazonaws.com/mobilecoin.eu.development.chain/node4.${NAMESPACE}.development.mobilecoin.com/ -https://s3-eu-central-1.amazonaws.com/mobilecoin.eu.development.chain/node5.${NAMESPACE}.development.mobilecoin.com/ --- Fog Endpoint --- @@ -56,12 +52,8 @@ Then Connect to localhost: --tx-source-url https://s3-eu-central-1.amazonaws.com/mobilecoin.eu.development.chain/node2.${NAMESPACE}.development.mobilecoin.com/ \ --peer mc://node3.${NAMESPACE}.development.mobilecoin.com:443/ \ --tx-source-url https://s3-eu-central-1.amazonaws.com/mobilecoin.eu.development.chain/node3.${NAMESPACE}.development.mobilecoin.com/ \ ---peer mc://node4.${NAMESPACE}.development.mobilecoin.com:443/ \ ---tx-source-url https://s3-eu-central-1.amazonaws.com/mobilecoin.eu.development.chain/node4.${NAMESPACE}.development.mobilecoin.com/ \ ---peer mc://node5.${NAMESPACE}.development.mobilecoin.com:443/ \ ---tx-source-url https://s3-eu-central-1.amazonaws.com/mobilecoin.eu.development.chain/node5.${NAMESPACE}.development.mobilecoin.com/ \ --poll-interval 1 \ ---quorum-set '{ "threshold": 3, "members": [{"args":"node1.${NAMESPACE}.development.mobilecoin.com:443","type":"Node"},{"args":"node2.${NAMESPACE}.development.mobilecoin.com:443","type":"Node"},{"args":"node3.${NAMESPACE}.development.mobilecoin.com:443","type":"Node"},{"args":"node4.${NAMESPACE}.development.mobilecoin.com:443","type":"Node"},{"args":"node5.${NAMESPACE}.development.mobilecoin.com:443","type":"Node"}] }' +--quorum-set '{ "threshold": 2, "members": [{"args":"node1.${NAMESPACE}.development.mobilecoin.com:443","type":"Node"},{"args":"node2.${NAMESPACE}.development.mobilecoin.com:443","type":"Node"},{"args":"node3.${NAMESPACE}.development.mobilecoin.com:443"] }' --- Get key seeds --- @@ -80,16 +72,16 @@ export MNEMONIC_FOG_KEYS_SEED=\$(kubectl -n ${NAMESPACE} get secrets sample-keys kubectl -n ${NAMESPACE} get secrets sample-keys-seeds -ojsonpath='{.data.FOG_REPORT_SIGNING_CA_CERT}' | base64 -d > /tmp/fog_report_signing_ca_cert.pem # Regenerate keys to /tmp/sample_keys: -docker run -it --rm \ - --env FOG_REPORT_URL="fog://fog.${NAMESPACE}.development.mobilecoin.com" \ - --env FOG_REPORT_SIGNING_CA_CERT="\$(cat fog_report_signing_ca_cert.pem)" \ - --env FOG_KEYS_SEED \ - --env INITIAL_KEYS_SEED \ - --env MNEMONIC_KEYS_SEED \ - --env MNEMONIC_FOG_KEYS_SEED \ - --env FOG_REPORT_SIGNING_CA_CERT_PATH=/tmp/fog_report_signing_ca_cert.pem \ - -v /tmp/fog_report_signing_ca_cert.pem:/tmp/fog_report_signing_ca_cert.pem \ - -v /tmp/sample_data:/tmp/sample_data \ +docker run -it --rm \\ + --env FOG_REPORT_URL="fog://fog.${NAMESPACE}.development.mobilecoin.com" \\ + --env FOG_REPORT_SIGNING_CA_CERT="\$(cat fog_report_signing_ca_cert.pem)" \\ + --env FOG_KEYS_SEED \\ + --env INITIAL_KEYS_SEED \\ + --env MNEMONIC_KEYS_SEED \\ + --env MNEMONIC_FOG_KEYS_SEED \\ + --env FOG_REPORT_SIGNING_CA_CERT_PATH=/tmp/fog_report_signing_ca_cert.pem \\ + -v /tmp/fog_report_signing_ca_cert.pem:/tmp/fog_report_signing_ca_cert.pem \\ + -v /tmp/sample_data:/tmp/sample_data \\ ${DOCKER_ORG}/bootstrap-tools:${VERSION} /util/generate_origin_data.sh --- Charts --- diff --git a/.internal-ci/util/set_tokens_config_version.sh b/.internal-ci/util/set_tokens_config_version.sh deleted file mode 100755 index 80403f7d62..0000000000 --- a/.internal-ci/util/set_tokens_config_version.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Copyright (c) 2018-2023 The MobileCoin Foundation - -# Select the correct tokens file to use based on release version. - -set -eu - -location=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) - -# shellcheck source=.shared_functions -source "${location}/.shared_functions" - -network=$(get_network_tier "${1}") -major=$(get_major_version "${1}") - -echo "Found network ${network}" >&2 -echo "Found major version ${major}" >&2 - -# 0 - dev use V2 -# 1|2|3 - use V1 - note 1 doesn't consume -# 4 or greater use v2 -if [[ ${major} -eq 0 ]] -then - version="V2" -elif [[ ${major} -ge 1 ]] && [[ ${major} -le 3 ]] -then - version="V1" -elif [[ ${major} -ge 4 ]] -then - version="V2" -else - echo "Major version is invalid? ${1} ${major}" >&2 - exit 1 -fi - -# ^^ upper case network -token_json="${network^^}_TOKENS_CONFIG_${version}_JSON" -echo "Using ${token_json}" >&2 -# ! use value as the variable name -echo "${!token_json}" diff --git a/.internal-ci/util/tokens.v1.base.json b/.internal-ci/util/tokens.v1.base.json deleted file mode 100644 index a03072bb56..0000000000 --- a/.internal-ci/util/tokens.v1.base.json +++ /dev/null @@ -1,25 +0,0 @@ -{ - "governors_signature": "", - "tokens": [ - { - "token_id": 0, - "minimum_fee": 400000000 - }, - { - "token_id": 1, - "minimum_fee": 1024, - "governors": { - "signers": "", - "threshold": 1 - } - }, - { - "token_id": 8192, - "minimum_fee": 1024, - "governors": { - "signers": "", - "threshold": 1 - } - } - ] -} diff --git a/.mobconf b/.mobconf index 33205a9837..d7034e71ba 100644 --- a/.mobconf +++ b/.mobconf @@ -1,9 +1,9 @@ [image] url = mobilecoin/builder-install -tag = v0.0.32 +tag = v0.0.33 [builder-install] url = mobilecoin/builder-install -tag = v0.0.32 +tag = v0.0.33 [signing-tools] url = mobilecoin/signing-tools tag = v0.0.1 diff --git a/CHANGELOG.md b/CHANGELOG.md index abc605b0f7..b2d33e0502 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,9 +6,563 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). The crates in this repository do not adhere to [Semantic Versioning](https://semver.org/spec/v2.0.0.html) at this time. +## [6.0.0] + +### Added + +- Add `payment_id` to `PaymentRequest` protobuf ([#3341]) +- Add zeroize on drop to core account types ([#3402]) +- Add light client verifier ([#3390], [#3399], [#3397], [#3411], [#3412], [#3401]) +- Add light client relayer ([#3400]) + +#### CI/CD + +- Add "Deploy Fog" manual actions ([#3642], [#3611], [#3599]) +- Add GHA job to save ledger/watcher DB files to azure blob storage ([#3349]) +- Add a download step to the ledger refresh ([#3372]) +- Add rust version to workspace for enclaves ([#3700]) + +### Fixed + +- Fix an error code returned by mobilecoind for bad b58 address ([#3657]) +- Fix fog ingest load test ([#3394]) +- Fix incremental builds always rebuilding on the second run ([#3808]) +- Fix intermittent incremental build failures, move sim certificates to build + directory ([#3807]) +- Fix optimization tx's when using nonzero token ids ([#3817]) +- Fix fog-view load test to report more useful metrics and actually work ([#3357]) + +#### CI/CD + +- Fix intermittent Postgres failures by using postgres service in GH actions ([#3785]) + +### Security + +- Update Intel SGX SDK to 2.22.100.3 ([#3617], [#3618], [#3777]) + +### Changed + +- Bump ISV SVN for enclaves ([#3855]) +- The enclaves now use DCAP attestation. Clients now need to pass a vec of + `TrustedIdentity` instead of a verifier. This allows clients to consume this + version of the code and attest with both the legacy EPID enclaves and the + newer DCAP enclaves. ([#3482], [#3603], [#3514], [#3497], [#3504], [#3516], + [#3577], [#3573], [#3572], [#3554], [#3537], [#3377], [#3588], [#3569], + [#3565], [#3509], [#3510], [#3610], [#3481], [#3485], [#3575], [#3524], + [#3508], [#3586], [#3375], [#3480], [#3583], [#3496], [#3566], [#3369], + [#3521], [#3749], [#3790], [#3612], [#3605], [#3593], [#3570], [#3568], + [#3579], [#3495], [#3615], [#3616], [#3614], [#3561], [#3395], [#3602], + [#3436], [#3634], [#3580], [#3503], [#3589], [#3613], [#3608], [#3438], + [#3439], [#3440], [#3441], [#3523], [#3735], [#3445], [#3444], [#3442], + [#3434], [#3443], [#3435], [#3449], [#3421], [#3620], [#3607], [#3585], + [#3454], [#3592], [#3856]) +- Rename primary development branch from `master` branch to `main` ([#3633]) +- Limit `cargo sort` in `tools/lint.sh` to only modify incorrect files. ([#3595]) +- Update lint script to lint root workspace once ([#3501]) +- Move the enclaves into the same build directory, reducing overall compilation + time ([#3775]) +- Reduce the static startup memory of enclaves ([#3719]) +- Remove "-D warnings" for development builds ([#3500]) +- Remove newlines from enclave panic message ([#3770]) + +#### CI/CD + +- Remove 4 core restriction on CI builds ([#3798]) +- Remove nodejs from docker image ([#3627]) +- Remove fog local network test ([#3799]) +- Update ledger bootstrap to 5.0.8 ([#3371], [#3373], [#3600]) +- Use gha-runner-scale-sets ([#3849]) + +#### Github Actions + +- Bump actions/checkout from 3 to 4 ([#3531], [#3705]) +- Bump actions/download-artifact from 3 to 4 ([#3806]) +- Bump actions/setup-go from 4 to 5 ([#3778]) +- Bump actions/setup-node from 3 to 4 ([#3648]) +- Bump actions/setup-python from 4 to 5 ([#3779]) +- Bump docker/build-push-action from 4 to 5 ([#3548]) +- Bump docker/login-action from 2 to 3 ([#3552]) +- Bump docker/metadata-action from 4 to 5 ([#3547]) +- Bump docker/setup-buildx-action from 2 to 3 ([#3553]) + +#### Python Dependencies + +- Bump flask from 1.1.2 to 2.3.2 ([#3343], [#3344]) +- Bump jinja2 from 2.11.3 to 3.1.3 ([#3851]) +- Bump grpcio from 1.32.0 to 1.53.0 ([#3403], [#3404], [#3405], [#3406]) +- Bump requests from 2.27.1 to 2.31.0 ([#3359]) +- Bump urllib3 from 1.26.8 to 1.26.18 ([#3624], [#3598]) +- Bump werkzeug from 2.2.3 to 3.0.1 ([#3654]) + +#### Rust Dependencies + +- Update rust toolchain to `nightly-2023-10-01` ([#3621], [#3623], [#3635], + [#3622], [#3619], [#3626], [#3628]) +- Bump x25519-dalek, curve25519-dalek and ed25519-dalek ([#3544]) +- Bump aead from 0.5.1 to 0.5.2 ([#3416]) +- Bump aes from 0.8.2 to 0.8.3 ([#3426]) +- Bump aes-gcm from 0.10.1 to 0.10.2 ([#3415], [#3576]) +- Bump anyhow from 1.0.69 to 1.0.79 ([#3498], [#3507], [#3539], [#3828]) +- Bump assert_cmd from 2.0.10 to 2.0.12 ([#3356], [#3499]) +- Bump async-channel from 1.7.1 to 2.1.1 ([#3804]) +- Bump backtrace from 0.3.67 to 0.3.69 ([#3647]) +- Bump base64 from 0.21.0 to 0.21.6 ([#3483], [#3650], [#3845]) +- Bump bitflags from 2.3.3 to 2.4.1 ([#3644]) +- Bump cargo_metadata from 0.15.3 to 0.18.1 ([#3528], [#3564], [#3652]) +- Bump cc from 1.0.79 to 1.0.84 ([#3515], [#3679], [#3716]) +- Bump certifi from 2022.12.7 to 2023.7.22 in /mobilecoind/strategies ([#3453]) +- Bump chrono from 0.4.24 to 0.4.31 ([#3493], [#3546], [#3653]) +- Bump clap from 4.1.11 to 4.4.14 ([#3325], [#3462], [#3591], [#3762], [#3826], + [#3831], [#3847], [#3658], [#3709], [#3751]) +- Bump clio from 0.3.4 to 0.3.5 ([#3800]) +- Bump cookie from 0.17.0 to 0.18.0 ([#3666]) +- Bump criterion from 0.4.0 to 0.5.1 ([#3479]) +- Bump crossbeam-channel from 0.5.7 to 0.5.11 ([#3466], [#3801], [#3824], [#3844]) +- Bump ctrlc from 3.2.5 to 3.4.2 ([#3447], [#3693], [#3822]) +- Bump curve25519-dalek from 4.1.0 to 4.1.1 ([#3667]) +- Bump der from 0.7.7 to 0.7.8 ([#3578]) +- Bump diesel from 2.1.0 to 2.1.4 ([#3604], [#3683], [#3723]) +- Bump diesel-derive-enum from 2.0.1 to 2.1.0 ([#3432]) +- Bump diesel_migrations from 2.0.0 to 2.1.0 ([#3455]) +- Bump digest from 0.10.6 to 0.10.7 ([#3456]) +- Bump dirs from 4.0.0 to 5.0.1 ([#3345]) +- Bump displaydoc from 0.2.3 to 0.2.4 ([#3490]) +- Bump ed25519 from 2.2.0 to 2.2.3 ([#3347], [#3590], [#3681]) +- Bump ed25519-dalek from 2.0.0 to 2.1.0 ([#3726]) +- Bump futures from 0.3.28 to 0.3.30 ([#3669], [#3821]) +- Bump generic-array from 0.14.6 to 0.14.7 ([#3448]) +- Bump getrandom from 0.2.8 to 0.2.12 ([#3324], [#3489], [#3699], [#3842]) +- Bump grpcio from 0.12.1 to 0.13.0 ([#3609]) +- Bump h2 from 0.3.16 to 0.3.18 ([#3330]) +- Bump hashbrown from 0.13.2 to 0.14.3 ([#3460], [#3640], [#3746]) +- Bump heapless from 0.7.16 to 0.8.0 ([#3702]) +- Bump hex-literal from 0.3.4 to 0.4.1 ([#3413]) +- Bump hkdf from 0.12.3 to 0.12.4 ([#3802]) +- Bump itertools from 0.10.5 to 0.12.0 ([#3606], [#3722]) +- Bump libc from 0.2.140 to 0.2.152 ([#3433], [#3587], [#3682], [#3695], + [#3791], [#3841]) +- Bump libz-sys from 1.1.8 to 1.1.14 ([#3467], [#3848]) +- Bump link-cplusplus from 1.0.8 to 1.0.9 ([#3581]) +- Bump log from 0.4.17 to 0.4.20 ([#3505]) +- Update `mbedtls`, `mbedtls-sys` forks to support apple m1 and android builds + ([#3823], [#3656]) +- Bump mc-sgx-core-sys-types from 0.9.0 to 0.10.0 ([#3768]) +- Bump mikepenz/action-junit-report from 3 to 4 ([#3540]) +- Bump mockall from 0.11.3 to 0.12.1 ([#3425], [#3793], [#3819], [#3794]) +- Bump num_cpus from 1.15.0 to 1.16.0 ([#3420]) +- Bump once_cell from 1.17.1 to 1.19.0 ([#3450], [#3781]) +- Bump opentelemetry from 0.18.0 to 0.21.0 ([#3469], [#3697]) +- Bump opentelemetry_sdk from 0.21.0 to 0.21.2 ([#3714], [#3830]) +- Bump pem from 2.0.0 to 3.0.3 ([#3459], [#3670], [#3795]) +- Bump percent-encoding from 2.2.0 to 2.3.1 ([#3471], [#3741]) +- Bump pkg-config from 0.3.26 to 0.3.28 ([#3584], [#3812]) +- Bump predicates from 3.0.1 to 3.0.4 ([#3470], [#3651]) +- Bump primitive-types from 0.12.1 to 0.12.2 ([#3645]) +- Bump proc-macro2 from 1.0.52 to 1.0.76 ([#3326], [#3661], [#3745], [#3836]) +- Bump proptest from 1.1.0 to 1.4.0 ([#3452], [#3637], [#3710]) +- Bump prost from 0.11.8 to 0.12.1 ([#3474], [#3562]) +- Bump prost-build from 0.12.1 to 0.12.3 ([#3729], [#3739]) +- Bump pygments from 2.7.4 to 2.15.0 in /mobilecoind/strategies ([#3427]) +- Bump quote from 1.0.26 to 1.0.33 ([#3446], [#3464], [#3629]) +- Bump rand_hc from 0.3.1 to 0.3.2 ([#3465]) +- Bump rayon from 1.7.0 to 1.10.2 ([#3680], [#3487], [#3715], [#3724]) +- Bump reqwest from 0.11.15 to 0.11.23 ([#3451], [#3601], [#3809]) +- Bump rocket from 0.5.0-rc.2 to 0.5.0 ([#3488], [#3690], [#3732]) +- Bump rustls-webpki from 0.100.1 to 0.100.2 ([#3519]) +- Bump semver from 1.0.17 to 1.0.21 ([#3431], [#3646], [#3832]) +- Bump sentry from 0.30.0 to 0.32.1 ([#3393], [#3597], [#3708], [#3750], [#3810]) +- Bump serde from 1.0.159 to 1.0.195 ([#3327], [#3424], [#3457], [#3476], + [#3522], [#3543], [#3632], [#3664], [#3698], [#3736], [#3834], [#3835]) +- Bump serde_json from 1.0.103 to 1.0.111 ([#3478], [#3527], [#3571], [#3678], + [#3827], [#3837]) +- Bump serde_with from 3.2.0 to 3.4.0 ([#3594], [#3671]) +- Bump serial_test from 1.0.0 to 3.0.0 ([#3419], [#3843]) +- Bump sha2 from 0.10.6 to 0.10.8 ([#3477], [#3638], [#3494]) +- Bump signal-hook from 0.3.15 to 0.3.17 ([#3418]) +- Bump signature from 2.0.0 to 2.1.0 ([#3728]) +- Bump siphasher from 0.3.10 to 1.0.0 ([#3567]) +- Bump slog-async from 2.7.0 to 2.8.0 ([#3641]) +- Bump syn from 2.0.12 to 2.0.48 ([#3339], [#3473], [#3636], [#3660], [#3694], + [#3792], [#3796], [#3816], [#3825], [#3833]) +- Bump tempfile from 3.4.0 to 3.9.0 ([#3353], [#3458], [#3542], [#3672], [#3818]) +- Bump textwrap from 0.11.0 to 0.16.2 ([#3665], [#3685]) +- Bump tokio from 1.25.0 to 1.35.1 ([#3511], [#3513], [#3684], [#3704], [#3783], + [#3811]) +- Bump toml from 0.7.3 to 0.8.2 ([#3414], [#3631]) +- Bump url from 2.3.1 to 2.5.0 ([#3484], [#3659], [#3744]) +- Bump walkdir from 2.3.3 to 2.4.0 ([#3639]) +- Bump wasm-bindgen from 0.2.88 to 0.2.89 ([#3743]) +- Bump wasm-bindgen-test from 0.3.34 to 0.3.39 ([#3461], [#3692], [#3747]) +- Bump webpki from 0.22.0 to 0.22.2 ([#3534], [#3596]) +- Bump x509-cert from 0.2.3 to 0.2.5 ([#3518], [#3820]) +- Bump xml-rs from 0.8.3 to 0.8.14 ([#3381]) +- Bump yare from 1.0.2 to 2.0.0 ([#3630]) +- Bump zeroize from 1.5.6 to 1.7.0 ([#3506], [#3725], [#3731]) + +[#3324]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3324 +[#3325]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3325 +[#3326]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3326 +[#3327]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3327 +[#3330]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3330 +[#3339]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3339 +[#3341]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3341 +[#3343]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3343 +[#3344]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3344 +[#3345]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3345 +[#3347]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3347 +[#3349]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3349 +[#3353]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3353 +[#3356]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3356 +[#3357]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3357 +[#3359]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3359 +[#3369]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3369 +[#3371]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3371 +[#3372]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3372 +[#3373]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3373 +[#3375]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3375 +[#3377]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3377 +[#3381]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3381 +[#3390]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3390 +[#3393]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3393 +[#3394]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3394 +[#3395]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3395 +[#3397]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3397 +[#3399]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3399 +[#3400]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3400 +[#3401]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3401 +[#3402]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3402 +[#3403]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3403 +[#3404]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3404 +[#3405]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3405 +[#3406]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3406 +[#3411]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3411 +[#3412]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3412 +[#3413]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3413 +[#3414]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3414 +[#3415]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3415 +[#3416]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3416 +[#3418]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3418 +[#3419]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3419 +[#3420]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3420 +[#3421]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3421 +[#3424]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3424 +[#3425]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3425 +[#3426]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3426 +[#3427]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3427 +[#3431]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3431 +[#3432]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3432 +[#3433]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3433 +[#3434]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3434 +[#3435]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3435 +[#3436]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3436 +[#3438]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3438 +[#3439]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3439 +[#3440]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3440 +[#3441]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3441 +[#3442]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3442 +[#3443]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3443 +[#3444]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3444 +[#3445]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3445 +[#3446]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3446 +[#3447]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3447 +[#3448]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3448 +[#3449]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3449 +[#3450]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3450 +[#3451]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3451 +[#3452]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3452 +[#3453]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3453 +[#3454]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3454 +[#3455]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3455 +[#3456]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3456 +[#3457]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3457 +[#3458]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3458 +[#3459]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3459 +[#3460]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3460 +[#3461]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3461 +[#3462]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3462 +[#3464]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3464 +[#3465]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3465 +[#3466]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3466 +[#3467]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3467 +[#3469]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3469 +[#3470]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3470 +[#3471]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3471 +[#3473]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3473 +[#3474]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3474 +[#3476]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3476 +[#3477]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3477 +[#3478]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3478 +[#3479]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3479 +[#3480]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3480 +[#3481]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3481 +[#3482]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3482 +[#3483]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3483 +[#3484]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3484 +[#3485]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3485 +[#3487]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3487 +[#3488]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3488 +[#3489]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3489 +[#3490]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3490 +[#3493]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3493 +[#3494]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3494 +[#3495]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3495 +[#3496]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3496 +[#3497]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3497 +[#3498]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3498 +[#3499]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3499 +[#3500]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3500 +[#3501]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3501 +[#3503]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3503 +[#3504]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3504 +[#3505]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3505 +[#3506]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3506 +[#3507]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3507 +[#3508]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3508 +[#3509]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3509 +[#3510]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3510 +[#3511]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3511 +[#3513]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3513 +[#3514]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3514 +[#3515]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3515 +[#3516]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3516 +[#3518]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3518 +[#3519]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3519 +[#3521]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3521 +[#3522]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3522 +[#3523]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3523 +[#3524]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3524 +[#3527]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3527 +[#3528]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3528 +[#3531]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3531 +[#3534]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3534 +[#3537]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3537 +[#3539]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3539 +[#3540]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3540 +[#3542]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3542 +[#3543]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3543 +[#3544]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3544 +[#3546]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3546 +[#3547]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3547 +[#3548]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3548 +[#3552]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3552 +[#3553]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3553 +[#3554]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3554 +[#3561]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3561 +[#3562]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3562 +[#3564]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3564 +[#3565]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3565 +[#3566]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3566 +[#3567]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3567 +[#3568]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3568 +[#3569]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3569 +[#3570]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3570 +[#3571]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3571 +[#3572]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3572 +[#3573]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3573 +[#3575]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3575 +[#3576]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3576 +[#3577]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3577 +[#3578]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3578 +[#3579]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3579 +[#3580]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3580 +[#3581]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3581 +[#3583]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3583 +[#3584]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3584 +[#3585]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3585 +[#3586]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3586 +[#3587]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3587 +[#3588]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3588 +[#3589]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3589 +[#3590]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3590 +[#3591]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3591 +[#3592]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3592 +[#3593]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3593 +[#3594]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3594 +[#3595]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3595 +[#3596]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3596 +[#3597]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3597 +[#3598]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3598 +[#3599]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3599 +[#3600]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3600 +[#3601]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3601 +[#3602]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3602 +[#3603]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3603 +[#3604]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3604 +[#3605]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3605 +[#3606]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3606 +[#3607]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3607 +[#3608]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3608 +[#3609]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3609 +[#3610]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3610 +[#3611]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3611 +[#3612]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3612 +[#3613]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3613 +[#3614]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3614 +[#3615]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3615 +[#3616]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3616 +[#3617]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3617 +[#3618]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3618 +[#3619]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3619 +[#3620]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3620 +[#3621]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3621 +[#3622]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3622 +[#3623]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3623 +[#3624]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3624 +[#3626]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3626 +[#3627]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3627 +[#3628]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3628 +[#3629]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3629 +[#3630]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3630 +[#3631]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3631 +[#3632]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3632 +[#3633]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3633 +[#3634]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3634 +[#3635]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3635 +[#3636]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3636 +[#3637]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3637 +[#3638]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3638 +[#3639]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3639 +[#3640]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3640 +[#3641]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3641 +[#3642]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3642 +[#3644]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3644 +[#3645]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3645 +[#3646]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3646 +[#3647]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3647 +[#3648]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3648 +[#3650]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3650 +[#3651]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3651 +[#3652]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3652 +[#3653]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3653 +[#3654]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3654 +[#3656]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3656 +[#3657]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3657 +[#3658]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3658 +[#3659]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3659 +[#3660]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3660 +[#3661]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3661 +[#3664]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3664 +[#3665]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3665 +[#3666]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3666 +[#3667]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3667 +[#3669]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3669 +[#3670]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3670 +[#3671]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3671 +[#3672]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3672 +[#3678]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3678 +[#3679]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3679 +[#3680]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3680 +[#3681]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3681 +[#3682]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3682 +[#3683]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3683 +[#3684]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3684 +[#3685]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3685 +[#3690]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3690 +[#3692]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3692 +[#3693]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3693 +[#3694]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3694 +[#3695]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3695 +[#3697]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3697 +[#3698]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3698 +[#3699]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3699 +[#3700]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3700 +[#3702]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3702 +[#3704]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3704 +[#3705]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3705 +[#3708]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3708 +[#3709]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3709 +[#3710]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3710 +[#3714]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3714 +[#3715]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3715 +[#3716]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3716 +[#3719]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3719 +[#3722]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3722 +[#3723]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3723 +[#3724]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3724 +[#3725]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3725 +[#3726]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3726 +[#3728]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3728 +[#3729]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3729 +[#3731]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3731 +[#3732]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3732 +[#3735]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3735 +[#3736]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3736 +[#3739]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3739 +[#3741]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3741 +[#3743]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3743 +[#3744]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3744 +[#3745]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3745 +[#3746]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3746 +[#3747]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3747 +[#3749]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3749 +[#3750]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3750 +[#3751]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3751 +[#3762]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3762 +[#3768]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3768 +[#3770]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3770 +[#3775]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3775 +[#3777]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3777 +[#3778]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3778 +[#3779]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3779 +[#3781]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3781 +[#3783]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3783 +[#3785]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3785 +[#3790]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3790 +[#3791]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3791 +[#3792]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3792 +[#3793]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3793 +[#3794]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3794 +[#3795]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3795 +[#3796]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3796 +[#3798]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3798 +[#3799]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3799 +[#3800]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3800 +[#3801]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3801 +[#3802]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3802 +[#3804]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3804 +[#3806]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3806 +[#3807]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3807 +[#3808]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3808 +[#3809]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3809 +[#3810]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3810 +[#3811]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3811 +[#3812]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3812 +[#3816]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3816 +[#3817]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3817 +[#3818]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3818 +[#3819]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3819 +[#3820]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3820 +[#3821]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3821 +[#3822]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3822 +[#3823]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3823 +[#3824]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3824 +[#3825]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3825 +[#3826]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3826 +[#3827]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3827 +[#3828]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3828 +[#3830]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3830 +[#3831]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3831 +[#3832]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3832 +[#3833]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3833 +[#3834]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3834 +[#3835]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3835 +[#3836]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3836 +[#3837]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3837 +[#3841]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3841 +[#3842]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3842 +[#3843]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3843 +[#3844]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3844 +[#3845]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3845 +[#3847]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3847 +[#3848]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3848 +[#3849]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3849 +[#3851]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3851 +[#3855]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3855 +[#3856]: https://github.com/mobilecoinfoundation/mobilecoin/pull/3856 + ## [5.2.3] -### Fixed +### Fixed - Fixed mobilecoind returning a gRPC invalid argument error instead of a not found error when ledger data is not found ([#3787]) diff --git a/Cargo.lock b/Cargo.lock index 2ade58f21a..d4f0f89c30 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1754,7 +1754,7 @@ checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" [[package]] name = "go-grpc-gateway-testing" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "displaydoc", @@ -2438,7 +2438,7 @@ dependencies = [ [[package]] name = "mc-account-keys" -version = "5.2.3" +version = "6.0.0" dependencies = [ "criterion", "curve25519-dalek", @@ -2469,14 +2469,14 @@ dependencies = [ [[package]] name = "mc-account-keys-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-keys", ] [[package]] name = "mc-admin-http-gateway" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "grpcio", @@ -2491,7 +2491,7 @@ dependencies = [ [[package]] name = "mc-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "assert_matches", "bs58", @@ -2539,7 +2539,7 @@ dependencies = [ [[package]] name = "mc-attest-ake" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "aes-gcm", @@ -2568,7 +2568,7 @@ dependencies = [ [[package]] name = "mc-attest-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "assert_matches", @@ -2592,7 +2592,7 @@ dependencies = [ [[package]] name = "mc-attest-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64 0.21.7", "bincode", @@ -2627,7 +2627,7 @@ dependencies = [ [[package]] name = "mc-attest-enclave-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-ake", @@ -2642,7 +2642,7 @@ dependencies = [ [[package]] name = "mc-attest-trusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -2653,7 +2653,7 @@ dependencies = [ [[package]] name = "mc-attest-untrusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "displaydoc", @@ -2676,7 +2676,7 @@ dependencies = [ [[package]] name = "mc-attest-verifier" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "cfg-if 1.0.0", @@ -2711,7 +2711,7 @@ dependencies = [ [[package]] name = "mc-attest-verifier-config" -version = "5.2.3" +version = "6.0.0" dependencies = [ "assert_matches", "displaydoc", @@ -2725,7 +2725,7 @@ dependencies = [ [[package]] name = "mc-attest-verifier-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "assert_matches", "base64 0.21.7", @@ -2770,7 +2770,7 @@ dependencies = [ [[package]] name = "mc-blockchain-test-utils" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-blockchain-types", "mc-common", @@ -2784,7 +2784,7 @@ dependencies = [ [[package]] name = "mc-blockchain-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "hex_fmt", @@ -2812,7 +2812,7 @@ dependencies = [ [[package]] name = "mc-blockchain-validators" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "hex", @@ -2830,7 +2830,7 @@ dependencies = [ [[package]] name = "mc-common" -version = "5.2.3" +version = "6.0.0" dependencies = [ "backtrace", "cfg-if 1.0.0", @@ -2867,7 +2867,7 @@ dependencies = [ [[package]] name = "mc-connection" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "cookie", @@ -2899,7 +2899,7 @@ dependencies = [ [[package]] name = "mc-connection-test-utils" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-blockchain-types", "mc-connection", @@ -2910,7 +2910,7 @@ dependencies = [ [[package]] name = "mc-consensus-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "futures", @@ -2931,7 +2931,7 @@ dependencies = [ [[package]] name = "mc-consensus-enclave" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "cargo-emit", @@ -2969,7 +2969,7 @@ dependencies = [ [[package]] name = "mc-consensus-enclave-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "hex", @@ -2992,7 +2992,7 @@ dependencies = [ [[package]] name = "mc-consensus-enclave-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-util-build-script", @@ -3000,7 +3000,7 @@ dependencies = [ [[package]] name = "mc-consensus-enclave-impl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "hex", @@ -3037,7 +3037,7 @@ dependencies = [ [[package]] name = "mc-consensus-enclave-measurement" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-attest-core", @@ -3050,7 +3050,7 @@ dependencies = [ [[package]] name = "mc-consensus-enclave-mock" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-account-keys", "mc-attest-core", @@ -3074,7 +3074,7 @@ dependencies = [ [[package]] name = "mc-consensus-mint-client" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "displaydoc", @@ -3110,7 +3110,7 @@ dependencies = [ [[package]] name = "mc-consensus-mint-client-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "hex", @@ -3123,7 +3123,7 @@ dependencies = [ [[package]] name = "mc-consensus-scp" -version = "5.2.3" +version = "6.0.0" dependencies = [ "crossbeam-channel", "maplit", @@ -3147,7 +3147,7 @@ dependencies = [ [[package]] name = "mc-consensus-scp-play" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "mc-common", @@ -3159,7 +3159,7 @@ dependencies = [ [[package]] name = "mc-consensus-scp-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-common", "mc-crypto-digestible", @@ -3175,7 +3175,7 @@ dependencies = [ [[package]] name = "mc-consensus-service" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64 0.21.7", "chrono", @@ -3240,7 +3240,7 @@ dependencies = [ [[package]] name = "mc-consensus-service-config" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64 0.21.7", "clap 4.5.1", @@ -3267,7 +3267,7 @@ dependencies = [ [[package]] name = "mc-consensus-tool" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "grpcio", @@ -3281,7 +3281,7 @@ dependencies = [ [[package]] name = "mc-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "anyhow", "clap 4.5.1", @@ -3309,7 +3309,7 @@ dependencies = [ [[package]] name = "mc-core-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "mc-crypto-keys", @@ -3321,7 +3321,7 @@ dependencies = [ [[package]] name = "mc-crypto-ake-enclave" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "digest 0.10.7", @@ -3343,7 +3343,7 @@ dependencies = [ [[package]] name = "mc-crypto-box" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "digest 0.10.7", @@ -3359,7 +3359,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "curve25519-dalek", @@ -3372,7 +3372,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible-derive" -version = "5.2.3" +version = "6.0.0" dependencies = [ "proc-macro2", "quote", @@ -3381,7 +3381,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible-derive-test" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-digestible", "mc-crypto-digestible-test-utils", @@ -3389,7 +3389,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible-signature" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-digestible", "signature", @@ -3397,7 +3397,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible-test-utils" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-digestible", "serde_json", @@ -3405,7 +3405,7 @@ dependencies = [ [[package]] name = "mc-crypto-hashes" -version = "5.2.3" +version = "6.0.0" dependencies = [ "blake2", "digest 0.10.7", @@ -3414,7 +3414,7 @@ dependencies = [ [[package]] name = "mc-crypto-keys" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64 0.21.7", "curve25519-dalek", @@ -3449,7 +3449,7 @@ dependencies = [ [[package]] name = "mc-crypto-memo-mac" -version = "5.2.3" +version = "6.0.0" dependencies = [ "hmac 0.12.1", "mc-crypto-keys", @@ -3458,7 +3458,7 @@ dependencies = [ [[package]] name = "mc-crypto-message-cipher" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "displaydoc", @@ -3472,7 +3472,7 @@ dependencies = [ [[package]] name = "mc-crypto-multisig" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-digestible", "mc-crypto-keys", @@ -3486,7 +3486,7 @@ dependencies = [ [[package]] name = "mc-crypto-noise" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "aes-gcm", @@ -3507,7 +3507,7 @@ dependencies = [ [[package]] name = "mc-crypto-ring-signature" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -3533,7 +3533,7 @@ dependencies = [ [[package]] name = "mc-crypto-ring-signature-signer" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -3558,7 +3558,7 @@ dependencies = [ [[package]] name = "mc-crypto-sig" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-keys", "mc-util-from-random", @@ -3571,7 +3571,7 @@ dependencies = [ [[package]] name = "mc-crypto-x509-test-vectors" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "clap 4.5.1", @@ -3582,7 +3582,7 @@ dependencies = [ [[package]] name = "mc-crypto-x509-utils" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-crypto-keys", @@ -3593,7 +3593,7 @@ dependencies = [ [[package]] name = "mc-enclave-boundary" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-common", "mc-rand", @@ -3604,7 +3604,7 @@ dependencies = [ [[package]] name = "mc-fog-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "displaydoc", @@ -3638,7 +3638,7 @@ dependencies = [ [[package]] name = "mc-fog-block-provider" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "dyn-clone", @@ -3658,7 +3658,7 @@ dependencies = [ [[package]] name = "mc-fog-distribution" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "crossbeam-channel", @@ -3691,7 +3691,7 @@ dependencies = [ [[package]] name = "mc-fog-enclave-connection" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "cookie", @@ -3716,7 +3716,7 @@ dependencies = [ [[package]] name = "mc-fog-ingest-client" -version = "5.2.3" +version = "6.0.0" dependencies = [ "assert_cmd", "clap 4.5.1", @@ -3752,7 +3752,7 @@ dependencies = [ [[package]] name = "mc-fog-ingest-enclave" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "criterion", @@ -3787,7 +3787,7 @@ dependencies = [ [[package]] name = "mc-fog-ingest-enclave-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -3804,7 +3804,7 @@ dependencies = [ [[package]] name = "mc-fog-ingest-enclave-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-util-build-script", @@ -3812,7 +3812,7 @@ dependencies = [ [[package]] name = "mc-fog-ingest-enclave-impl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aligned-cmov", "mc-account-keys", @@ -3845,7 +3845,7 @@ dependencies = [ [[package]] name = "mc-fog-ingest-enclave-measurement" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-attest-core", @@ -3858,7 +3858,7 @@ dependencies = [ [[package]] name = "mc-fog-ingest-report" -version = "5.2.3" +version = "6.0.0" dependencies = [ "der", "displaydoc", @@ -3874,7 +3874,7 @@ dependencies = [ [[package]] name = "mc-fog-ingest-server" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "dirs", @@ -3932,7 +3932,7 @@ dependencies = [ [[package]] name = "mc-fog-ingest-server-test-utils" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-blockchain-test-utils", "mc-blockchain-types", @@ -3957,7 +3957,7 @@ dependencies = [ [[package]] name = "mc-fog-kex-rng" -version = "5.2.3" +version = "6.0.0" dependencies = [ "digest 0.10.7", "displaydoc", @@ -3973,7 +3973,7 @@ dependencies = [ [[package]] name = "mc-fog-ledger-connection" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "der", @@ -4004,7 +4004,7 @@ dependencies = [ [[package]] name = "mc-fog-ledger-enclave" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-attest-core", @@ -4033,7 +4033,7 @@ dependencies = [ [[package]] name = "mc-fog-ledger-enclave-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -4051,7 +4051,7 @@ dependencies = [ [[package]] name = "mc-fog-ledger-enclave-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-util-build-script", @@ -4059,7 +4059,7 @@ dependencies = [ [[package]] name = "mc-fog-ledger-enclave-impl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aligned-cmov", "mc-attest-core", @@ -4084,7 +4084,7 @@ dependencies = [ [[package]] name = "mc-fog-ledger-enclave-measurement" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-attest-core", @@ -4097,7 +4097,7 @@ dependencies = [ [[package]] name = "mc-fog-ledger-server" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "clap 4.5.1", @@ -4153,6 +4153,7 @@ dependencies = [ "serde", "serde_json", "sha2 0.10.8", + "stdext", "tempfile", "tokio", "url", @@ -4160,10 +4161,8 @@ dependencies = [ [[package]] name = "mc-fog-ledger-test-infra" -version = "5.2.3" +version = "6.0.0" dependencies = [ - "http", - "hyper", "mc-attest-core", "mc-attest-enclave-api", "mc-attest-untrusted", @@ -4176,13 +4175,11 @@ dependencies = [ "mc-ledger-db", "mc-sgx-report-cache-api", "mc-transaction-core", - "rand", - "tokio", ] [[package]] name = "mc-fog-load-testing" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "grpcio", @@ -4210,14 +4207,14 @@ dependencies = [ [[package]] name = "mc-fog-ocall-oram-storage-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-fog-ocall-oram-storage-testing" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aligned-cmov", "mc-fog-ocall-oram-storage-trusted", @@ -4228,7 +4225,7 @@ dependencies = [ [[package]] name = "mc-fog-ocall-oram-storage-trusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes", "aligned-cmov", @@ -4246,7 +4243,7 @@ dependencies = [ [[package]] name = "mc-fog-ocall-oram-storage-untrusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "lazy_static", "mc-common", @@ -4254,7 +4251,7 @@ dependencies = [ [[package]] name = "mc-fog-overseer-server" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "displaydoc", @@ -4291,7 +4288,7 @@ dependencies = [ [[package]] name = "mc-fog-recovery-db-iface" -version = "5.2.3" +version = "6.0.0" dependencies = [ "chrono", "displaydoc", @@ -4307,7 +4304,7 @@ dependencies = [ [[package]] name = "mc-fog-report-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "futures", @@ -4327,7 +4324,7 @@ dependencies = [ [[package]] name = "mc-fog-report-api-test-utils" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-util-serial", "prost", @@ -4336,7 +4333,7 @@ dependencies = [ [[package]] name = "mc-fog-report-cli" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64 0.21.7", "clap 4.5.1", @@ -4359,7 +4356,7 @@ dependencies = [ [[package]] name = "mc-fog-report-connection" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "grpcio", @@ -4374,7 +4371,7 @@ dependencies = [ [[package]] name = "mc-fog-report-resolver" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-account-keys", "mc-attest-verifier", @@ -4390,7 +4387,7 @@ dependencies = [ [[package]] name = "mc-fog-report-server" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "displaydoc", @@ -4427,7 +4424,7 @@ dependencies = [ [[package]] name = "mc-fog-report-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-attest-verifier-types", "mc-blockchain-test-utils", @@ -4440,7 +4437,7 @@ dependencies = [ [[package]] name = "mc-fog-report-validation" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-account-keys", @@ -4453,7 +4450,7 @@ dependencies = [ [[package]] name = "mc-fog-report-validation-test-utils" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-account-keys", "mc-fog-report-validation", @@ -4461,7 +4458,7 @@ dependencies = [ [[package]] name = "mc-fog-sample-paykit" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "clap 4.5.1", @@ -4513,7 +4510,7 @@ dependencies = [ [[package]] name = "mc-fog-sig" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-account-keys", @@ -4534,7 +4531,7 @@ dependencies = [ [[package]] name = "mc-fog-sig-authority" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-keys", "mc-util-from-random", @@ -4544,7 +4541,7 @@ dependencies = [ [[package]] name = "mc-fog-sig-report" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-verifier-types", @@ -4559,7 +4556,7 @@ dependencies = [ [[package]] name = "mc-fog-sql-recovery-db" -version = "5.2.3" +version = "6.0.0" dependencies = [ "chrono", "clap 4.5.1", @@ -4593,7 +4590,7 @@ dependencies = [ [[package]] name = "mc-fog-sql-recovery-db-cleanup" -version = "5.2.3" +version = "6.0.0" dependencies = [ "chrono", "clap 4.5.1", @@ -4605,7 +4602,7 @@ dependencies = [ [[package]] name = "mc-fog-test-client" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "displaydoc", @@ -4639,7 +4636,7 @@ dependencies = [ [[package]] name = "mc-fog-test-infra" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "digest 0.10.7", @@ -4674,7 +4671,7 @@ dependencies = [ [[package]] name = "mc-fog-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "crc", "displaydoc", @@ -4696,7 +4693,7 @@ dependencies = [ [[package]] name = "mc-fog-uri" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-common", "mc-util-uri", @@ -4704,7 +4701,7 @@ dependencies = [ [[package]] name = "mc-fog-view-connection" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "der", @@ -4733,7 +4730,7 @@ dependencies = [ [[package]] name = "mc-fog-view-enclave" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "criterion", @@ -4767,7 +4764,7 @@ dependencies = [ [[package]] name = "mc-fog-view-enclave-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -4786,7 +4783,7 @@ dependencies = [ [[package]] name = "mc-fog-view-enclave-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-util-build-script", @@ -4794,7 +4791,7 @@ dependencies = [ [[package]] name = "mc-fog-view-enclave-impl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aligned-cmov", "itertools 0.12.1", @@ -4818,7 +4815,7 @@ dependencies = [ [[package]] name = "mc-fog-view-enclave-measurement" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-attest-core", @@ -4831,7 +4828,7 @@ dependencies = [ [[package]] name = "mc-fog-view-load-test" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "ctrlc", @@ -4850,7 +4847,7 @@ dependencies = [ [[package]] name = "mc-fog-view-protocol" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-account-keys", @@ -4873,7 +4870,7 @@ dependencies = [ [[package]] name = "mc-fog-view-server" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "displaydoc", @@ -4926,7 +4923,7 @@ dependencies = [ [[package]] name = "mc-fog-view-server-test-utils" -version = "5.2.3" +version = "6.0.0" dependencies = [ "grpcio", "mc-attestation-verifier", @@ -4952,7 +4949,7 @@ dependencies = [ [[package]] name = "mc-ledger-db" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "lazy_static", @@ -4981,7 +4978,7 @@ dependencies = [ [[package]] name = "mc-ledger-distribution" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "dirs", @@ -5004,7 +5001,7 @@ dependencies = [ [[package]] name = "mc-ledger-from-archive" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "mc-api", @@ -5015,7 +5012,7 @@ dependencies = [ [[package]] name = "mc-ledger-migration" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "lmdb-rkv", @@ -5028,7 +5025,7 @@ dependencies = [ [[package]] name = "mc-ledger-sync" -version = "5.2.3" +version = "6.0.0" dependencies = [ "crossbeam-channel", "displaydoc", @@ -5134,7 +5131,7 @@ dependencies = [ [[package]] name = "mc-mobilecoind" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "clap 4.5.1", @@ -5205,7 +5202,7 @@ dependencies = [ [[package]] name = "mc-mobilecoind-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "futures", @@ -5225,7 +5222,7 @@ dependencies = [ [[package]] name = "mc-mobilecoind-dev-faucet" -version = "5.2.3" +version = "6.0.0" dependencies = [ "async-channel", "clap 4.5.1", @@ -5257,7 +5254,7 @@ dependencies = [ [[package]] name = "mc-mobilecoind-json" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "grpcio", @@ -5334,7 +5331,7 @@ dependencies = [ [[package]] name = "mc-peers" -version = "5.2.3" +version = "6.0.0" dependencies = [ "crossbeam-channel", "displaydoc", @@ -5367,7 +5364,7 @@ dependencies = [ [[package]] name = "mc-peers-test-utils" -version = "5.2.3" +version = "6.0.0" dependencies = [ "grpcio", "hex", @@ -5402,7 +5399,7 @@ dependencies = [ [[package]] name = "mc-sgx-build" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cc", "lazy_static", @@ -5412,7 +5409,7 @@ dependencies = [ [[package]] name = "mc-sgx-compat" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "mc-sgx-types", @@ -5420,7 +5417,7 @@ dependencies = [ [[package]] name = "mc-sgx-compat-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-sgx-debug-edl", @@ -5470,7 +5467,7 @@ dependencies = [ [[package]] name = "mc-sgx-css" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-sgx-core-types", @@ -5479,7 +5476,7 @@ dependencies = [ [[package]] name = "mc-sgx-css-dump" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "hex_fmt", @@ -5621,21 +5618,21 @@ dependencies = [ [[package]] name = "mc-sgx-debug-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-panic-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-report-cache-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -5647,7 +5644,7 @@ dependencies = [ [[package]] name = "mc-sgx-report-cache-untrusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -5665,7 +5662,7 @@ dependencies = [ [[package]] name = "mc-sgx-slog" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "mc-common", @@ -5675,21 +5672,21 @@ dependencies = [ [[package]] name = "mc-sgx-slog-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-core-sys-types", ] [[package]] name = "mc-sgx-urts" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-common", "mc-sgx-build", @@ -5706,7 +5703,7 @@ checksum = "70a17bdd557d482382794a59232314fe9cfb7a9c4450aec867f737d815e5f5b0" [[package]] name = "mc-test-vectors-account-keys" -version = "5.2.3" +version = "6.0.0" dependencies = [ "hex", "mc-account-keys", @@ -5718,7 +5715,7 @@ dependencies = [ [[package]] name = "mc-test-vectors-b58-encodings" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-account-keys", "mc-api", @@ -5728,7 +5725,7 @@ dependencies = [ [[package]] name = "mc-test-vectors-definitions" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-util-test-vector", "serde", @@ -5736,7 +5733,7 @@ dependencies = [ [[package]] name = "mc-test-vectors-memos" -version = "5.2.3" +version = "6.0.0" dependencies = [ "hex", "mc-account-keys", @@ -5751,7 +5748,7 @@ dependencies = [ [[package]] name = "mc-test-vectors-tx-out-records" -version = "5.2.3" +version = "6.0.0" dependencies = [ "hex", "mc-account-keys", @@ -5772,7 +5769,7 @@ dependencies = [ [[package]] name = "mc-transaction-builder" -version = "5.2.3" +version = "6.0.0" dependencies = [ "assert_matches", "cfg-if 1.0.0", @@ -5806,7 +5803,7 @@ dependencies = [ [[package]] name = "mc-transaction-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes", "assert_matches", @@ -5853,7 +5850,7 @@ dependencies = [ [[package]] name = "mc-transaction-core-test-utils" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-account-keys", "mc-crypto-keys", @@ -5868,19 +5865,19 @@ dependencies = [ [[package]] name = "mc-transaction-extra" -version = "5.2.3" +version = "6.0.0" dependencies = [ "assert_matches", "cfg-if 1.0.0", "curve25519-dalek", "displaydoc", - "hmac 0.12.1", "maplit", "mc-account-keys", "mc-core", "mc-crypto-digestible", "mc-crypto-hashes", "mc-crypto-keys", + "mc-crypto-memo-mac", "mc-crypto-ring-signature", "mc-crypto-ring-signature-signer", "mc-fog-report-validation-test-utils", @@ -5899,7 +5896,6 @@ dependencies = [ "rand", "rand_core", "serde", - "sha2 0.10.8", "subtle", "yaml-rust", "zeroize", @@ -5907,7 +5903,7 @@ dependencies = [ [[package]] name = "mc-transaction-signer" -version = "5.2.3" +version = "6.0.0" dependencies = [ "anyhow", "clap 4.5.1", @@ -5935,7 +5931,7 @@ dependencies = [ [[package]] name = "mc-transaction-summary" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-account-keys", @@ -5954,7 +5950,7 @@ dependencies = [ [[package]] name = "mc-transaction-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "crc", "displaydoc", @@ -5973,7 +5969,7 @@ dependencies = [ [[package]] name = "mc-util-b58-decoder" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "hex", @@ -5983,7 +5979,7 @@ dependencies = [ [[package]] name = "mc-util-build-enclave" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "cargo_metadata", @@ -5999,7 +5995,7 @@ dependencies = [ [[package]] name = "mc-util-build-grpc" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-util-build-script", "protoc-grpcio", @@ -6007,7 +6003,7 @@ dependencies = [ [[package]] name = "mc-util-build-info" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "json", @@ -6015,7 +6011,7 @@ dependencies = [ [[package]] name = "mc-util-build-script" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "displaydoc", @@ -6026,7 +6022,7 @@ dependencies = [ [[package]] name = "mc-util-build-sgx" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "cc", @@ -6037,7 +6033,7 @@ dependencies = [ [[package]] name = "mc-util-cli" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "mc-util-build-info", @@ -6045,7 +6041,7 @@ dependencies = [ [[package]] name = "mc-util-dump-ledger" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "displaydoc", @@ -6058,7 +6054,7 @@ dependencies = [ [[package]] name = "mc-util-encodings" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64 0.21.7", "displaydoc", @@ -6069,18 +6065,18 @@ dependencies = [ [[package]] name = "mc-util-ffi" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-util-from-random" -version = "5.2.3" +version = "6.0.0" dependencies = [ "rand_core", ] [[package]] name = "mc-util-generate-sample-ledger" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "mc-account-keys", @@ -6099,7 +6095,7 @@ dependencies = [ [[package]] name = "mc-util-grpc" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64 0.21.7", "clap 4.5.1", @@ -6133,7 +6129,7 @@ dependencies = [ [[package]] name = "mc-util-grpc-admin-tool" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "grpcio", @@ -6144,7 +6140,7 @@ dependencies = [ [[package]] name = "mc-util-grpc-token-generator" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "mc-common", @@ -6155,11 +6151,11 @@ dependencies = [ [[package]] name = "mc-util-host-cert" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-util-keyfile" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64 0.21.7", "clap 4.5.1", @@ -6188,7 +6184,7 @@ dependencies = [ [[package]] name = "mc-util-lmdb" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "lmdb-rkv", @@ -6198,7 +6194,7 @@ dependencies = [ [[package]] name = "mc-util-logger-macros" -version = "5.2.3" +version = "6.0.0" dependencies = [ "proc-macro2", "quote", @@ -6207,7 +6203,7 @@ dependencies = [ [[package]] name = "mc-util-metered-channel" -version = "5.2.3" +version = "6.0.0" dependencies = [ "crossbeam-channel", "mc-util-metrics", @@ -6215,7 +6211,7 @@ dependencies = [ [[package]] name = "mc-util-metrics" -version = "5.2.3" +version = "6.0.0" dependencies = [ "chrono", "grpcio", @@ -6228,7 +6224,7 @@ dependencies = [ [[package]] name = "mc-util-parse" -version = "5.2.3" +version = "6.0.0" dependencies = [ "hex", "itertools 0.12.1", @@ -6237,7 +6233,7 @@ dependencies = [ [[package]] name = "mc-util-repr-bytes" -version = "5.2.3" +version = "6.0.0" dependencies = [ "generic-array", "hex_fmt", @@ -6248,7 +6244,7 @@ dependencies = [ [[package]] name = "mc-util-seeded-ed25519-key-gen" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "mc-crypto-keys", @@ -6261,7 +6257,7 @@ dependencies = [ [[package]] name = "mc-util-serial" -version = "5.2.3" +version = "6.0.0" dependencies = [ "prost", "protobuf", @@ -6273,7 +6269,7 @@ dependencies = [ [[package]] name = "mc-util-telemetry" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "displaydoc", @@ -6285,7 +6281,7 @@ dependencies = [ [[package]] name = "mc-util-test-helper" -version = "5.2.3" +version = "6.0.0" dependencies = [ "clap 4.5.1", "itertools 0.12.1", @@ -6298,7 +6294,7 @@ dependencies = [ [[package]] name = "mc-util-test-vector" -version = "5.2.3" +version = "6.0.0" dependencies = [ "serde", "serde_json", @@ -6306,7 +6302,7 @@ dependencies = [ [[package]] name = "mc-util-test-with-data" -version = "5.2.3" +version = "6.0.0" dependencies = [ "proc-macro2", "quote", @@ -6315,11 +6311,11 @@ dependencies = [ [[package]] name = "mc-util-u64-ratio" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-util-uri" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64 0.21.7", "displaydoc", @@ -6337,7 +6333,7 @@ dependencies = [ [[package]] name = "mc-util-vec-map" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "heapless", @@ -6345,14 +6341,14 @@ dependencies = [ [[package]] name = "mc-util-zip-exact" -version = "5.2.3" +version = "6.0.0" dependencies = [ "serde", ] [[package]] name = "mc-wasm-test" -version = "5.2.3" +version = "6.0.0" dependencies = [ "getrandom", "mc-account-keys", @@ -6367,7 +6363,7 @@ dependencies = [ [[package]] name = "mc-watcher" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "clap 4.5.1", @@ -6417,7 +6413,7 @@ dependencies = [ [[package]] name = "mc-watcher-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "serde", @@ -8535,6 +8531,12 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" +[[package]] +name = "stdext" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6012f6ef4d674ce7021a8b0f5093f7e339f54d4ba04fc1f9c901659459b4f35b" + [[package]] name = "strsim" version = "0.8.0" diff --git a/account-keys/Cargo.toml b/account-keys/Cargo.toml index 37aaad347f..5d31eef43d 100644 --- a/account-keys/Cargo.toml +++ b/account-keys/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-account-keys" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/account-keys/types/Cargo.toml b/account-keys/types/Cargo.toml index f495aed6c6..fa97466bb2 100644 --- a/account-keys/types/Cargo.toml +++ b/account-keys/types/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-account-keys-types" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/admin-http-gateway/Cargo.toml b/admin-http-gateway/Cargo.toml index 90512aefbf..14d2c2b277 100644 --- a/admin-http-gateway/Cargo.toml +++ b/admin-http-gateway/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-admin-http-gateway" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/api/Cargo.toml b/api/Cargo.toml index 68a599a653..4bf12feb8d 100644 --- a/api/Cargo.toml +++ b/api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-api" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] build = "build.rs" edition = "2021" diff --git a/attest/ake/Cargo.toml b/attest/ake/Cargo.toml index 816853a174..0e40c99730 100644 --- a/attest/ake/Cargo.toml +++ b/attest/ake/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-attest-ake" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/attest/api/Cargo.toml b/attest/api/Cargo.toml index b7c185c3c7..f588b2f6d7 100644 --- a/attest/api/Cargo.toml +++ b/attest/api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-attest-api" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "gRPC APIs for encrypted communications with an enclave" edition = "2021" diff --git a/attest/core/Cargo.toml b/attest/core/Cargo.toml index 295bf78ba1..9f7a21a3da 100644 --- a/attest/core/Cargo.toml +++ b/attest/core/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-attest-core" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = ''' This crate contains necessary functions and utilities to perform remote diff --git a/attest/enclave-api/Cargo.toml b/attest/enclave-api/Cargo.toml index f7b309520a..8e3cca1a43 100644 --- a/attest/enclave-api/Cargo.toml +++ b/attest/enclave-api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-attest-enclave-api" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = """ no_std structs used commonly in enclave api's in connection with attestation and key exchange diff --git a/attest/trusted/Cargo.toml b/attest/trusted/Cargo.toml index cd01b9838d..1c0b2b321f 100644 --- a/attest/trusted/Cargo.toml +++ b/attest/trusted/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-attest-trusted" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/attest/untrusted/Cargo.toml b/attest/untrusted/Cargo.toml index c5bc2b6034..69312640ae 100644 --- a/attest/untrusted/Cargo.toml +++ b/attest/untrusted/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-attest-untrusted" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/attest/verifier/Cargo.toml b/attest/verifier/Cargo.toml index 79d98b01f8..c6a82eb48c 100644 --- a/attest/verifier/Cargo.toml +++ b/attest/verifier/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-attest-verifier" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = ''' This crate contains necessary functions and utilities to perform verification of diff --git a/attest/verifier/config/Cargo.toml b/attest/verifier/config/Cargo.toml index 524bbf4e6c..f326fc7b4d 100644 --- a/attest/verifier/config/Cargo.toml +++ b/attest/verifier/config/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-attest-verifier-config" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "A JSON schema for basic attestation configs" diff --git a/attest/verifier/types/Cargo.toml b/attest/verifier/types/Cargo.toml index 189c014886..069e441545 100644 --- a/attest/verifier/types/Cargo.toml +++ b/attest/verifier/types/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-attest-verifier-types" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "This crate contains the type definitions for attestation" diff --git a/blockchain/test-utils/Cargo.toml b/blockchain/test-utils/Cargo.toml index 7ea8a19556..2ae3364d55 100644 --- a/blockchain/test-utils/Cargo.toml +++ b/blockchain/test-utils/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-blockchain-test-utils" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/blockchain/types/Cargo.toml b/blockchain/types/Cargo.toml index 4e0ac91ee2..7a1ce5bf25 100644 --- a/blockchain/types/Cargo.toml +++ b/blockchain/types/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-blockchain-types" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/blockchain/validators/Cargo.toml b/blockchain/validators/Cargo.toml index 9d1dd4887a..959e3bfbe2 100644 --- a/blockchain/validators/Cargo.toml +++ b/blockchain/validators/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-blockchain-validators" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/common/Cargo.toml b/common/Cargo.toml index 6a86ceaa15..2160d59608 100644 --- a/common/Cargo.toml +++ b/common/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-common" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/connection/Cargo.toml b/connection/Cargo.toml index 5cae91fd3e..77e371e910 100644 --- a/connection/Cargo.toml +++ b/connection/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-connection" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/connection/test-utils/Cargo.toml b/connection/test-utils/Cargo.toml index c1cbd6c58d..b083e1f263 100644 --- a/connection/test-utils/Cargo.toml +++ b/connection/test-utils/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-connection-test-utils" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" rust-version = { workspace = true } diff --git a/consensus/api/Cargo.toml b/consensus/api/Cargo.toml index b168760b4c..89e9a29dd9 100644 --- a/consensus/api/Cargo.toml +++ b/consensus/api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-api" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] build = "build.rs" edition = "2021" diff --git a/consensus/enclave/Cargo.toml b/consensus/enclave/Cargo.toml index fd45f4fe94..a317c0fbe3 100644 --- a/consensus/enclave/Cargo.toml +++ b/consensus/enclave/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-enclave" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "MobileCoin Consensus Enclave - Application Code" diff --git a/consensus/enclave/api/Cargo.toml b/consensus/enclave/api/Cargo.toml index c224afd886..91a204dc9d 100644 --- a/consensus/enclave/api/Cargo.toml +++ b/consensus/enclave/api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-enclave-api" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = """ The ECALL API declarations and API for operating an enclave. diff --git a/consensus/enclave/edl/Cargo.toml b/consensus/enclave/edl/Cargo.toml index e3c8e0c904..6d466cf5b0 100644 --- a/consensus/enclave/edl/Cargo.toml +++ b/consensus/enclave/edl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-enclave-edl" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/consensus/enclave/impl/Cargo.toml b/consensus/enclave/impl/Cargo.toml index 01e5dd52d9..d805bac0dd 100644 --- a/consensus/enclave/impl/Cargo.toml +++ b/consensus/enclave/impl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-enclave-impl" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = ''' This crate contains the actual implementation of a mobilenode enclave. diff --git a/consensus/enclave/measurement/Cargo.toml b/consensus/enclave/measurement/Cargo.toml index 37a8280b1e..bda3df9e58 100644 --- a/consensus/enclave/measurement/Cargo.toml +++ b/consensus/enclave/measurement/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-enclave-measurement" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "MobileCoin Consensus Enclave - Application Code" edition = "2021" diff --git a/consensus/enclave/measurement/build.rs b/consensus/enclave/measurement/build.rs index 77b866f8dc..43214a2858 100644 --- a/consensus/enclave/measurement/build.rs +++ b/consensus/enclave/measurement/build.rs @@ -13,7 +13,7 @@ use std::{env::var, path::PathBuf}; const SGX_VERSION: &str = "2.22.100.3"; const CONSENSUS_ENCLAVE_PRODUCT_ID: u16 = 1; -const CONSENSUS_ENCLAVE_SECURITY_VERSION: u16 = 8; +const CONSENSUS_ENCLAVE_SECURITY_VERSION: u16 = 9; const CONSENSUS_ENCLAVE_NAME: &str = "consensus-enclave"; const CONSENSUS_ENCLAVE_DIR: &str = "../trusted"; const CONSENSUS_ENCLAVE_BUILD_DIR: &str = "enclave"; diff --git a/consensus/enclave/mock/Cargo.toml b/consensus/enclave/mock/Cargo.toml index af9178f288..fa6a916bab 100644 --- a/consensus/enclave/mock/Cargo.toml +++ b/consensus/enclave/mock/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-enclave-mock" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/consensus/enclave/trusted/Cargo.lock b/consensus/enclave/trusted/Cargo.lock index 78dd8b2405..68a5fa255d 100644 --- a/consensus/enclave/trusted/Cargo.lock +++ b/consensus/enclave/trusted/Cargo.lock @@ -949,7 +949,7 @@ dependencies = [ [[package]] name = "mc-account-keys" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -973,14 +973,14 @@ dependencies = [ [[package]] name = "mc-account-keys-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-keys", ] [[package]] name = "mc-attest-ake" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "cargo-emit", @@ -1003,7 +1003,7 @@ dependencies = [ [[package]] name = "mc-attest-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "bitflags 2.4.1", @@ -1033,7 +1033,7 @@ dependencies = [ [[package]] name = "mc-attest-enclave-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-ake", @@ -1048,7 +1048,7 @@ dependencies = [ [[package]] name = "mc-attest-trusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -1059,7 +1059,7 @@ dependencies = [ [[package]] name = "mc-attest-verifier" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "cfg-if 1.0.0", @@ -1091,7 +1091,7 @@ dependencies = [ [[package]] name = "mc-attest-verifier-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "displaydoc", @@ -1133,7 +1133,7 @@ dependencies = [ [[package]] name = "mc-blockchain-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "hex_fmt", @@ -1156,7 +1156,7 @@ dependencies = [ [[package]] name = "mc-common" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "displaydoc", @@ -1177,7 +1177,7 @@ dependencies = [ [[package]] name = "mc-consensus-enclave-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "hex", @@ -1199,7 +1199,7 @@ dependencies = [ [[package]] name = "mc-consensus-enclave-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-util-build-script", @@ -1207,7 +1207,7 @@ dependencies = [ [[package]] name = "mc-consensus-enclave-impl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "hex", @@ -1239,7 +1239,7 @@ dependencies = [ [[package]] name = "mc-consensus-enclave-trusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "lazy_static", @@ -1270,7 +1270,7 @@ dependencies = [ [[package]] name = "mc-consensus-scp-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-common", "mc-crypto-digestible", @@ -1282,7 +1282,7 @@ dependencies = [ [[package]] name = "mc-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "ed25519-dalek", @@ -1297,7 +1297,7 @@ dependencies = [ [[package]] name = "mc-core-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "mc-crypto-keys", @@ -1307,7 +1307,7 @@ dependencies = [ [[package]] name = "mc-crypto-ake-enclave" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "digest", @@ -1329,7 +1329,7 @@ dependencies = [ [[package]] name = "mc-crypto-box" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "digest", @@ -1343,7 +1343,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "curve25519-dalek", @@ -1356,7 +1356,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible-derive" -version = "5.2.3" +version = "6.0.0" dependencies = [ "proc-macro2", "quote", @@ -1365,7 +1365,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible-signature" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-digestible", "signature", @@ -1373,7 +1373,7 @@ dependencies = [ [[package]] name = "mc-crypto-hashes" -version = "5.2.3" +version = "6.0.0" dependencies = [ "blake2", "digest", @@ -1382,7 +1382,7 @@ dependencies = [ [[package]] name = "mc-crypto-keys" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "curve25519-dalek", @@ -1411,7 +1411,7 @@ dependencies = [ [[package]] name = "mc-crypto-message-cipher" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "displaydoc", @@ -1424,7 +1424,7 @@ dependencies = [ [[package]] name = "mc-crypto-multisig" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-digestible", "mc-crypto-keys", @@ -1434,7 +1434,7 @@ dependencies = [ [[package]] name = "mc-crypto-noise" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "aes-gcm", @@ -1454,7 +1454,7 @@ dependencies = [ [[package]] name = "mc-crypto-ring-signature" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -1475,7 +1475,7 @@ dependencies = [ [[package]] name = "mc-crypto-ring-signature-signer" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -1495,7 +1495,7 @@ dependencies = [ [[package]] name = "mc-enclave-boundary" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-common", "mc-rand", @@ -1506,7 +1506,7 @@ dependencies = [ [[package]] name = "mc-fog-sig-authority" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-keys", ] @@ -1539,11 +1539,11 @@ dependencies = [ [[package]] name = "mc-sgx-alloc" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-sgx-build" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cc", "lazy_static", @@ -1553,7 +1553,7 @@ dependencies = [ [[package]] name = "mc-sgx-compat" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "mc-sgx-alloc", @@ -1607,7 +1607,7 @@ dependencies = [ [[package]] name = "mc-sgx-css" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-sgx-core-types", @@ -1648,29 +1648,29 @@ dependencies = [ [[package]] name = "mc-sgx-debug" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-sgx-enclave-id" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-types", ] [[package]] name = "mc-sgx-panic" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-sgx-panic-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-report-cache-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -1682,7 +1682,7 @@ dependencies = [ [[package]] name = "mc-sgx-service" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-build", "mc-sgx-types", @@ -1690,7 +1690,7 @@ dependencies = [ [[package]] name = "mc-sgx-slog" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "mc-common", @@ -1700,14 +1700,14 @@ dependencies = [ [[package]] name = "mc-sgx-slog-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-sync" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-panic", "mc-sgx-types", @@ -1715,7 +1715,7 @@ dependencies = [ [[package]] name = "mc-sgx-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-core-sys-types", ] @@ -1728,7 +1728,7 @@ checksum = "70a17bdd557d482382794a59232314fe9cfb7a9c4450aec867f737d815e5f5b0" [[package]] name = "mc-transaction-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes", "bulletproofs-og", @@ -1766,7 +1766,7 @@ dependencies = [ [[package]] name = "mc-transaction-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "crc", "displaydoc", @@ -1784,7 +1784,7 @@ dependencies = [ [[package]] name = "mc-util-build-script" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "displaydoc", @@ -1795,7 +1795,7 @@ dependencies = [ [[package]] name = "mc-util-build-sgx" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "cc", @@ -1806,7 +1806,7 @@ dependencies = [ [[package]] name = "mc-util-encodings" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "displaydoc", @@ -1817,14 +1817,14 @@ dependencies = [ [[package]] name = "mc-util-from-random" -version = "5.2.3" +version = "6.0.0" dependencies = [ "rand_core", ] [[package]] name = "mc-util-repr-bytes" -version = "5.2.3" +version = "6.0.0" dependencies = [ "generic-array", "hex_fmt", @@ -1834,7 +1834,7 @@ dependencies = [ [[package]] name = "mc-util-serial" -version = "5.2.3" +version = "6.0.0" dependencies = [ "prost", "serde", @@ -1843,11 +1843,11 @@ dependencies = [ [[package]] name = "mc-util-u64-ratio" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-util-zip-exact" -version = "5.2.3" +version = "6.0.0" dependencies = [ "serde", ] diff --git a/consensus/enclave/trusted/Cargo.toml b/consensus/enclave/trusted/Cargo.toml index 7a557eabfa..e7f28c869f 100644 --- a/consensus/enclave/trusted/Cargo.toml +++ b/consensus/enclave/trusted/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-enclave-trusted" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "The MobileCoin Consensus Service's internal enclave entry point." diff --git a/consensus/mint-client/Cargo.toml b/consensus/mint-client/Cargo.toml index d8d78336b2..241f41597c 100644 --- a/consensus/mint-client/Cargo.toml +++ b/consensus/mint-client/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-mint-client" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/consensus/mint-client/types/Cargo.toml b/consensus/mint-client/types/Cargo.toml index 537e4e4bcf..e78587a70f 100644 --- a/consensus/mint-client/types/Cargo.toml +++ b/consensus/mint-client/types/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-mint-client-types" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/consensus/scp/Cargo.toml b/consensus/scp/Cargo.toml index 9418e7f92d..6dd3bce3bf 100644 --- a/consensus/scp/Cargo.toml +++ b/consensus/scp/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-scp" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "Stellar Consensus Protocol" edition = "2021" diff --git a/consensus/scp/play/Cargo.toml b/consensus/scp/play/Cargo.toml index a6a6f5f96c..dced3d3d42 100644 --- a/consensus/scp/play/Cargo.toml +++ b/consensus/scp/play/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-scp-play" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/consensus/scp/types/Cargo.toml b/consensus/scp/types/Cargo.toml index e62c108602..c65b1ff71c 100644 --- a/consensus/scp/types/Cargo.toml +++ b/consensus/scp/types/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-scp-types" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2018" license = "Apache-2.0" diff --git a/consensus/service/Cargo.toml b/consensus/service/Cargo.toml index 2c2b9a21ac..bad8ed52b8 100644 --- a/consensus/service/Cargo.toml +++ b/consensus/service/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-service" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/consensus/service/config/Cargo.toml b/consensus/service/config/Cargo.toml index cd46cf31d6..4968b72281 100644 --- a/consensus/service/config/Cargo.toml +++ b/consensus/service/config/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-service-config" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/consensus/tool/Cargo.toml b/consensus/tool/Cargo.toml index dd0fc2a38e..18318c3a15 100644 --- a/consensus/tool/Cargo.toml +++ b/consensus/tool/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-consensus-tool" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/core/Cargo.toml b/core/Cargo.toml index 80a3dc5345..dcfcc7385f 100644 --- a/core/Cargo.toml +++ b/core/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-core" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "MobileCoin Core Library" diff --git a/core/types/Cargo.toml b/core/types/Cargo.toml index 21b82562c4..5b690c4b26 100644 --- a/core/types/Cargo.toml +++ b/core/types/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-core-types" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "MobileCoin Core Types" diff --git a/crypto/ake/enclave/Cargo.toml b/crypto/ake/enclave/Cargo.toml index a9026efe78..5bc9361d49 100644 --- a/crypto/ake/enclave/Cargo.toml +++ b/crypto/ake/enclave/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-ake-enclave" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/crypto/box/Cargo.toml b/crypto/box/Cargo.toml index 27a6db1ee6..68c87e70a9 100644 --- a/crypto/box/Cargo.toml +++ b/crypto/box/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-box" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/crypto/digestible/Cargo.toml b/crypto/digestible/Cargo.toml index 82d3439af0..5c7baa5588 100644 --- a/crypto/digestible/Cargo.toml +++ b/crypto/digestible/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-digestible" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/crypto/digestible/derive/Cargo.toml b/crypto/digestible/derive/Cargo.toml index 565a289a5b..246598419d 100644 --- a/crypto/digestible/derive/Cargo.toml +++ b/crypto/digestible/derive/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-digestible-derive" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/crypto/digestible/derive/test/Cargo.toml b/crypto/digestible/derive/test/Cargo.toml index fd942a991c..96dbaac3e3 100644 --- a/crypto/digestible/derive/test/Cargo.toml +++ b/crypto/digestible/derive/test/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-digestible-derive-test" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" rust-version = { workspace = true } diff --git a/crypto/digestible/signature/Cargo.toml b/crypto/digestible/signature/Cargo.toml index f49c718758..ab9dd692e4 100644 --- a/crypto/digestible/signature/Cargo.toml +++ b/crypto/digestible/signature/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-digestible-signature" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "Digestible Signatures" diff --git a/crypto/digestible/test-utils/Cargo.toml b/crypto/digestible/test-utils/Cargo.toml index 2eed7f07f2..69d841293b 100644 --- a/crypto/digestible/test-utils/Cargo.toml +++ b/crypto/digestible/test-utils/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-digestible-test-utils" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/crypto/hashes/Cargo.toml b/crypto/hashes/Cargo.toml index f638e7dade..7df0e661f2 100644 --- a/crypto/hashes/Cargo.toml +++ b/crypto/hashes/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-hashes" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/crypto/keys/Cargo.toml b/crypto/keys/Cargo.toml index 4548ed7f59..60cd103b1c 100644 --- a/crypto/keys/Cargo.toml +++ b/crypto/keys/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-keys" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "MobileCoin Diffie-Hellman Key Exchange and Digital Signatures" diff --git a/crypto/keys/src/ristretto.rs b/crypto/keys/src/ristretto.rs index 4c857dfab5..54788686f9 100644 --- a/crypto/keys/src/ristretto.rs +++ b/crypto/keys/src/ristretto.rs @@ -1,4 +1,4 @@ -// Copyright (c) 2018-2022 The MobileCoin Foundation +// Copyright (c) 2018-2024 The MobileCoin Foundation #![allow(non_snake_case)] @@ -141,6 +141,14 @@ impl RistrettoPrivate { let transcript = attach_rng(t, csprng); RistrettoSignature::from(keypair.sign(transcript)) } + + /// Curve25519-dalek exposes Scalar::from_bytes_mod_order, which is helpful + /// for converting a hash into a valid scalar, and can be useful at API + /// boundaries. Callers need not import curve25519-dalek in order to + /// convert a hash to a valid scalar. + pub fn from_bytes_mod_order(src: &[u8; 32]) -> Self { + Self(Scalar::from_bytes_mod_order(*src)) + } } impl AsRef for RistrettoPrivate { diff --git a/crypto/memo-mac/Cargo.toml b/crypto/memo-mac/Cargo.toml index 33cb1b123f..fc27258c1f 100644 --- a/crypto/memo-mac/Cargo.toml +++ b/crypto/memo-mac/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-memo-mac" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" diff --git a/crypto/message-cipher/Cargo.toml b/crypto/message-cipher/Cargo.toml index 094311e1f1..de3a7fcaa6 100644 --- a/crypto/message-cipher/Cargo.toml +++ b/crypto/message-cipher/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-message-cipher" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/crypto/multisig/Cargo.toml b/crypto/multisig/Cargo.toml index 890e1a3b0f..95f5c49deb 100644 --- a/crypto/multisig/Cargo.toml +++ b/crypto/multisig/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-multisig" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "MobileCoin multi-signature implementations" edition = "2021" diff --git a/crypto/noise/Cargo.toml b/crypto/noise/Cargo.toml index 1a750504e9..d971d25128 100644 --- a/crypto/noise/Cargo.toml +++ b/crypto/noise/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-noise" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/crypto/ring-signature/Cargo.toml b/crypto/ring-signature/Cargo.toml index e7d60ee590..a6daff9230 100644 --- a/crypto/ring-signature/Cargo.toml +++ b/crypto/ring-signature/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-ring-signature" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/crypto/ring-signature/signer/Cargo.toml b/crypto/ring-signature/signer/Cargo.toml index 8904fb71b3..dc9bc7d3d1 100644 --- a/crypto/ring-signature/signer/Cargo.toml +++ b/crypto/ring-signature/signer/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-ring-signature-signer" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/crypto/sig/Cargo.toml b/crypto/sig/Cargo.toml index 9aea186b04..9cb68f2a0b 100644 --- a/crypto/sig/Cargo.toml +++ b/crypto/sig/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-sig" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/crypto/x509/test-vectors/Cargo.toml b/crypto/x509/test-vectors/Cargo.toml index a6a7974cf0..e74b133eb6 100644 --- a/crypto/x509/test-vectors/Cargo.toml +++ b/crypto/x509/test-vectors/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-x509-test-vectors" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "Utilities for generating certificates and chains for unit tests" diff --git a/crypto/x509/utils/Cargo.toml b/crypto/x509/utils/Cargo.toml index a51838304a..4dc413db51 100644 --- a/crypto/x509/utils/Cargo.toml +++ b/crypto/x509/utils/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-crypto-x509-utils" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "Verification of X509 certificate chains" edition = "2021" diff --git a/deploy/.gitignore b/deploy/.gitignore deleted file mode 100644 index 378eac25d3..0000000000 --- a/deploy/.gitignore +++ /dev/null @@ -1 +0,0 @@ -build diff --git a/deploy/00-node-grpc-ingress.yaml b/deploy/00-node-grpc-ingress.yaml deleted file mode 100644 index 4fcd5fc3e6..0000000000 --- a/deploy/00-node-grpc-ingress.yaml +++ /dev/null @@ -1,334 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: node-grpc-NETWORKNAME - namespace: NETWORKNAME - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "true" - nginx.ingress.kubernetes.io/backend-protocol: "GRPCS" - cert-manager.io/cluster-issuer: letsencrypt-production - - ### HAProxy Ingress - haproxy.org/server-proto: "h2" # Force GRPC/H2 mode - haproxy.org/server-ssl: "true" # The backend (server) is http - haproxy.org/abortonclose: "true" - haproxy.org/backend-config-snippet: |- - http-reuse aggressive - -spec: - tls: - - hosts: - - NETWORKNAME.mobilecoin.com - - '*.NETWORKNAME.mobilecoin.com' - secretName: NETWORKNAME-mobilecoin-wildcard-tls - rules: - - host: node1.NETWORKNAME.mobilecoin.com - http: - paths: - - path: /attest.AttestedApi - pathType: Prefix - backend: - service: - name: node1 - port: - number: 3223 - - path: /build_info.BuildInfoApi - pathType: Prefix - backend: - service: - name: node1 - port: - number: 3223 - - path: /consensus_common.BlockchainAPI - pathType: Prefix - backend: - service: - name: node1 - port: - number: 3223 - - path: /consensus_client.ConsensusClientAPI - pathType: Prefix - backend: - service: - name: node1 - port: - number: 3223 - - host: peer1.NETWORKNAME.mobilecoin.com - http: - paths: - - path: /attest.AttestedApi - pathType: Prefix - backend: - service: - name: node1 - port: - number: 8443 - - path: /build_info - pathType: Prefix - backend: - service: - name: node1 - port: - number: 8443 - - path: /consensus_common.BlockchainAPI - pathType: Prefix - backend: - service: - name: node1 - port: - number: 8443 - - path: /consensus_peer.ConsensusPeerAPI - pathType: Prefix - backend: - service: - name: node1 - port: - number: 8443 - - host: node2.NETWORKNAME.mobilecoin.com - http: - paths: - - path: /attest.AttestedApi - pathType: Prefix - backend: - service: - name: node2 - port: - number: 3223 - - path: /build_info.BuildInfoApi - pathType: Prefix - backend: - service: - name: node2 - port: - number: 3223 - - path: /consensus_common.BlockchainAPI - pathType: Prefix - backend: - service: - name: node2 - port: - number: 3223 - - path: /consensus_client.ConsensusClientAPI - pathType: Prefix - backend: - service: - name: node2 - port: - number: 3223 - - host: peer2.NETWORKNAME.mobilecoin.com - http: - paths: - - path: /attest.AttestedApi - pathType: Prefix - backend: - service: - name: node2 - port: - number: 8443 - - path: /build_info.BuildInfoApi - pathType: Prefix - backend: - service: - name: node2 - port: - number: 8443 - - path: /consensus_common.BlockchainAPI - pathType: Prefix - backend: - service: - name: node2 - port: - number: 8443 - - path: /consensus_peer.ConsensusPeerAPI - pathType: Prefix - backend: - service: - name: node2 - port: - number: 8443 - - host: node3.NETWORKNAME.mobilecoin.com - http: - paths: - - path: /attest.AttestedApi - pathType: Prefix - backend: - service: - name: node3 - port: - number: 3223 - - path: /build_info.BuildInfoApi - pathType: Prefix - backend: - service: - name: node3 - port: - number: 3223 - - path: /consensus_common.BlockchainAPI - pathType: Prefix - backend: - service: - name: node3 - port: - number: 3223 - - path: /consensus_client.ConsensusClientAPI - pathType: Prefix - backend: - service: - name: node3 - port: - number: 3223 - - host: peer3.NETWORKNAME.mobilecoin.com - http: - paths: - - path: /attest.AttestedApi - pathType: Prefix - backend: - service: - name: node3 - port: - number: 8443 - - path: /build_info - pathType: Prefix - backend: - service: - name: node3 - port: - number: 8443 - - path: /consensus_common.BlockchainAPI - pathType: Prefix - backend: - service: - name: node3 - port: - number: 8443 - - path: /consensus_peer.ConsensusPeerAPI - pathType: Prefix - backend: - service: - name: node3 - port: - number: 8443 - - host: node4.NETWORKNAME.mobilecoin.com - http: - paths: - - path: /attest.AttestedApi - pathType: Prefix - backend: - service: - name: node4 - port: - number: 3223 - - path: /build_info.BuildInfoApi - pathType: Prefix - backend: - service: - name: node4 - port: - number: 3223 - - path: /consensus_common.BlockchainAPI - pathType: Prefix - backend: - service: - name: node4 - port: - number: 3223 - - path: /consensus_client.ConsensusClientAPI - pathType: Prefix - backend: - service: - name: node4 - port: - number: 3223 - - host: peer4.NETWORKNAME.mobilecoin.com - http: - paths: - - path: /attest.AttestedApi - pathType: Prefix - backend: - service: - name: node4 - port: - number: 8443 - - path: /build_info - pathType: Prefix - backend: - service: - name: node4 - port: - number: 8443 - - path: /consensus_common.BlockchainAPI - pathType: Prefix - backend: - service: - name: node4 - port: - number: 8443 - - path: /consensus_peer.ConsensusPeerAPI - pathType: Prefix - backend: - service: - name: node4 - port: - number: 8443 - - host: node5.NETWORKNAME.mobilecoin.com - http: - paths: - - path: /attest.AttestedApi - pathType: Prefix - backend: - service: - name: node5 - port: - number: 3223 - - path: /build_info.BuildInfoApi - pathType: Prefix - backend: - service: - name: node5 - port: - number: 3223 - - path: /consensus_common.BlockchainAPI - pathType: Prefix - backend: - service: - name: node5 - port: - number: 3223 - - path: /consensus_client.ConsensusClientAPI - pathType: Prefix - backend: - service: - name: node5 - port: - number: 3223 - - host: peer5.NETWORKNAME.mobilecoin.com - http: - paths: - - path: /attest.AttestedApi - pathType: Prefix - backend: - service: - name: node5 - port: - number: 8443 - - path: /build_info - pathType: Prefix - backend: - service: - name: node5 - port: - number: 8443 - - path: /consensus_common.BlockchainAPI - pathType: Prefix - backend: - service: - name: node5 - port: - number: 8443 - - path: /consensus_peer.ConsensusPeerAPI - pathType: Prefix - backend: - service: - name: node5 - port: - number: 8443 diff --git a/deploy/01-node-certificates.yaml b/deploy/01-node-certificates.yaml deleted file mode 100644 index 9c3c497af9..0000000000 --- a/deploy/01-node-certificates.yaml +++ /dev/null @@ -1,119 +0,0 @@ -apiVersion: cert-manager.io/v1alpha2 -kind: Certificate -metadata: - name: node1-peer-tls - namespace: NETWORKNAME -spec: - # Secret names are always required. - secretName: node1-peer-tls - duration: 8760h # 365d - renewBefore: 360h # 15d - organization: - - mobilecoin - keySize: 2048 - keyAlgorithm: rsa - keyEncoding: pkcs1 - usages: - - server auth - - client auth - dnsNames: - - node1.NETWORKNAME.mobilecoin.com - issuerRef: - name: internal-ca-issuer - kind: ClusterIssuer ---- -apiVersion: cert-manager.io/v1alpha2 -kind: Certificate -metadata: - name: node2-peer-tls - namespace: NETWORKNAME -spec: - # Secret names are always required. - secretName: node2-peer-tls - duration: 8760h # 365d - renewBefore: 360h # 15d - organization: - - mobilecoin - keySize: 2048 - keyAlgorithm: rsa - keyEncoding: pkcs1 - usages: - - server auth - - client auth - dnsNames: - - node2.NETWORKNAME.mobilecoin.com - issuerRef: - name: internal-ca-issuer - kind: ClusterIssuer ---- -apiVersion: cert-manager.io/v1alpha2 -kind: Certificate -metadata: - name: node3-peer-tls - namespace: NETWORKNAME -spec: - # Secret names are always required. - secretName: node3-peer-tls - duration: 8760h # 365d - renewBefore: 360h # 15d - organization: - - mobilecoin - keySize: 2048 - keyAlgorithm: rsa - keyEncoding: pkcs1 - usages: - - server auth - - client auth - dnsNames: - - node3.NETWORKNAME.mobilecoin.com - issuerRef: - name: internal-ca-issuer - kind: ClusterIssuer ---- -apiVersion: cert-manager.io/v1alpha2 -kind: Certificate -metadata: - name: node4-peer-tls - namespace: NETWORKNAME -spec: - # Secret names are always required. - secretName: node4-peer-tls - duration: 8760h # 365d - renewBefore: 360h # 15d - organization: - - mobilecoin - keySize: 2048 - keyAlgorithm: rsa - keyEncoding: pkcs1 - usages: - - server auth - - client auth - dnsNames: - - node4.NETWORKNAME.mobilecoin.com - issuerRef: - name: internal-ca-issuer - kind: ClusterIssuer ---- -apiVersion: cert-manager.io/v1alpha2 -kind: Certificate -metadata: - name: node5-peer-tls - namespace: NETWORKNAME -spec: - # Secret names are always required. - secretName: node5-peer-tls - duration: 8760h # 365d - renewBefore: 360h # 15d - organization: - - mobilecoin - keySize: 2048 - keyAlgorithm: rsa - keyEncoding: pkcs1 - usages: - - server auth - - client auth - dnsNames: - - node5.NETWORKNAME.mobilecoin.com - issuerRef: - name: internal-ca-issuer - kind: ClusterIssuer diff --git a/deploy/01-node-services.yaml b/deploy/01-node-services.yaml deleted file mode 100644 index 481855eb03..0000000000 --- a/deploy/01-node-services.yaml +++ /dev/null @@ -1,104 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: node1 - namespace: NETWORKNAME -spec: - type: ClusterIP - selector: - app: mobilenode-NETWORKNAME - nodename: node1 - ports: - - name: cns-port - port: 8443 - targetPort: cns-port - - name: cns-mgmt - port: 8000 - targetPort: cns-mgmt - - name: cns-client - port: 3223 - targetPort: cns-client ---- -apiVersion: v1 -kind: Service -metadata: - name: node2 - namespace: NETWORKNAME -spec: - type: ClusterIP - selector: - app: mobilenode-NETWORKNAME - nodename: node2 - ports: - - name: cns-port - port: 8443 - targetPort: cns-port - - name: cns-mgmt - port: 8000 - targetPort: cns-mgmt - - name: cns-client - port: 3223 - targetPort: cns-client ---- -apiVersion: v1 -kind: Service -metadata: - name: node3 - namespace: NETWORKNAME -spec: - type: ClusterIP - selector: - app: mobilenode-NETWORKNAME - nodename: node3 - ports: - - name: cns-port - port: 8443 - targetPort: cns-port - - name: cns-mgmt - port: 8000 - targetPort: cns-mgmt - - name: cns-client - port: 3223 - targetPort: cns-client ---- -apiVersion: v1 -kind: Service -metadata: - name: node4 - namespace: NETWORKNAME -spec: - type: ClusterIP - selector: - app: mobilenode-NETWORKNAME - nodename: node4 - ports: - - name: cns-port - port: 8443 - targetPort: cns-port - - name: cns-mgmt - port: 8000 - targetPort: cns-mgmt - - name: cns-client - port: 3223 - targetPort: cns-client ---- -apiVersion: v1 -kind: Service -metadata: - name: node5 - namespace: NETWORKNAME -spec: - type: ClusterIP - selector: - app: mobilenode-NETWORKNAME - nodename: node5 - ports: - - name: cns-port - port: 8443 - targetPort: cns-port - - name: cns-mgmt - port: 8000 - targetPort: cns-mgmt - - name: cns-client - port: 3223 - targetPort: cns-client \ No newline at end of file diff --git a/deploy/01-supervisor-daemon.yaml b/deploy/01-supervisor-daemon.yaml deleted file mode 100644 index f063173474..0000000000 --- a/deploy/01-supervisor-daemon.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-daemon-config - namespace: NETWORKNAME -data: - supervisor.conf: | - [supervisord] - nodaemon=true \ No newline at end of file diff --git a/deploy/01-supervisor-mobilecoind.yaml b/deploy/01-supervisor-mobilecoind.yaml deleted file mode 100644 index 1f38b1acf9..0000000000 --- a/deploy/01-supervisor-mobilecoind.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-mobilecoind - namespace: NETWORKNAME -data: - mobilecoind.conf: | - [program:mobilecoind] - command=/usr/bin/mobilecoind - --peer mc://node1.NETWORKNAME.mobilecoin.com:443/ - --peer mc://node2.NETWORKNAME.mobilecoin.com:443/ - --peer mc://node3.NETWORKNAME.mobilecoin.com:443/ - --peer mc://node4.NETWORKNAME.mobilecoin.com:443/ - --peer mc://node5.NETWORKNAME.mobilecoin.com:443/ - --tx-source-url https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node1.NETWORKNAME.mobilecoin.com/ - --tx-source-url https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node2.NETWORKNAME.mobilecoin.com/ - --ledger-db /ledger - --poll-interval 1 - --mobilecoind-db /mobilecoind - --listen-uri insecure-mobilecoind://0.0.0.0:3229/ - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true diff --git a/deploy/01-supervisor-sgx-config.yaml b/deploy/01-supervisor-sgx-config.yaml deleted file mode 100644 index 8ebe97e0d2..0000000000 --- a/deploy/01-supervisor-sgx-config.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-sgx-config - namespace: NETWORKNAME -data: - sgx.conf: | - [program:aesm-service] - command=/opt/intel/sgx-aesm-service/aesm/aesm_service --no-daemon - environment=AESM_PATH="/opt/intel/sgx-aesm-service/aesm",LD_LIBRARY_PATH="/opt/intel/sgx-aesm-service/aesm" - stdout_logfile=/dev/null - stderr_logfile=/dev/null - autorestart=true diff --git a/deploy/03-node1.yaml b/deploy/03-node1.yaml deleted file mode 100644 index f309658c8b..0000000000 --- a/deploy/03-node1.yaml +++ /dev/null @@ -1,272 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-ledger-dist-node1 - namespace: NETWORKNAME -data: - ledger_dist.conf: | - [program:ledger-distribution] - command=/usr/bin/ledger-distribution - --dest s3://mobilecoin.chain/node1.NETWORKNAME.mobilecoin.com - --ledger-path /ledger - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-admin-http-gw-node1 - namespace: NETWORKNAME -data: - admin_http_gw.conf: | - [program:mc-admin-http-gateway] - command=/usr/bin/mc-admin-http-gateway - --listen-host 0.0.0.0 - --listen-port 8000 - --admin-uri insecure-mca://127.0.0.1:8001/ - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-consensus-node1 - namespace: NETWORKNAME -data: - consensus-service-node.conf: | - [program:consensus-service] - command=/usr/bin/consensus-service - --client-responder-id node1.NETWORKNAME.mobilecoin.com:443 - --peer-responder-id peer1.NETWORKNAME.mobilecoin.com:443 - --peer-listen-uri=mcp://0.0.0.0:8443/?tls-chain=/certs/tls.crt&tls-key=/certs/tls.key - --client-listen-uri=mc://0.0.0.0:3223/?tls-chain=/certs/tls.crt&tls-key=/certs/tls.key - --admin-listen-uri=insecure-mca://127.0.0.1:8001/ - --network /config/network.toml - --ledger-path /ledger - --msg-signer-key %(ENV_NODE1_SIGNER_KEY)s - --sealed-block-signing-key %(ENV_SEALED_BLOCK_SIGNING_KEY)s - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-consensus-node1 - namespace: NETWORKNAME -data: - network.toml: | - broadcast_peers = [ - "mcp://peer2.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEA7i8HyecUp-0lcw5c8yP3BNP_R6JRlpXoxjJD-gWcqUE=", - "mcp://peer3.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEAHzaqHvf66h03cd3-Ny4VOYoa0zhcnak8tKTb3P0gMHE=", - "mcp://peer4.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEAYYmxZMX2B4kkhfPap8NrV4JMp_s6j06oxwlMD0DAiC8=", - "mcp://peer5.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEA0XQ0Hy_nKTlPyxD7LYBEWVoayf_JfUsIaYy7olOZhNM=", - ] - - tx_source_urls = [ - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node2.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node3.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node4.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node5.NETWORKNAME.mobilecoin.com/", - ] - - quorum_set = { threshold = 3, members = [ - { type = "Node", args = "peer2.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer3.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer4.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer5.NETWORKNAME.mobilecoin.com:443" }, - ] } ---- -# Node1 -apiVersion: apps/v1 -kind: Deployment -metadata: - name: node1 - namespace: NETWORKNAME - labels: - app: mobilenode-NETWORKNAME - nodename: node1 -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app: mobilenode-NETWORKNAME - nodename: node1 - template: - metadata: - labels: - app: mobilenode-NETWORKNAME - nodename: node1 - spec: - # Need better node-selector semantics. This depends on agentpool naming - nodeSelector: - builder-node: "false" - sgx-enabled-node: "true" - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - mobilenode-NETWORKNAME - topologyKey: "kubernetes.io/hostname" - imagePullSecrets: - - name: docker-credentials - initContainers: - - name: install-ledger-data - image: mobilecoin/node_hw:DOCKER_TAG - imagePullPolicy: IfNotPresent - command: [ "/bin/bash" ] - args: - - -c - - | - set -x - rm -rf /ledger/* - cp -r /var/lib/mobilecoin/origin_data/data.mdb /ledger - volumeMounts: - - name: ledger-db-dir - mountPath: /ledger - - containers: - - - name: node - image: mobilecoin/node_hw:DOCKER_TAG - imagePullPolicy: IfNotPresent - # Override entrypoint for this container - command: [ "/usr/bin/supervisord" ] - ports: - - name: cns-client - containerPort: 3223 - - name: cns-port - containerPort: 8443 - - name: cns-mgmt - containerPort: 8000 - livenessProbe: - exec: - command: - - /bin/grpc_health_probe - - -tls - - -tls-ca-cert - - /certs/ca.crt - - -tls-server-name - - node1.NETWORKNAME.mobilecoin.com - - -addr=:8443 - failureThreshold: 3 - periodSeconds: 30 - readinessProbe: - exec: - command: - - /bin/grpc_health_probe - - -tls - - -tls-ca-cert - - /certs/ca.crt - - -tls-server-name - - node1.NETWORKNAME.mobilecoin.com - - -addr=:8443 - # This will need to be updated as initial sync and startup times increase. - failureThreshold: 30 - periodSeconds: 30 - env: - # Contents of /opt/intel/sgxsdk/environment and AESM requirements - - name: "PATH" - value: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/intel/sgxsdk/bin:/opt/intel/sgxsdk/bin/x64" - # Rust env settings - - name: "RUST_BACKTRACE" - value: "1" - - name: "RUST_LOG" - value: "debug,rustls=warn,hyper=warn,tokio_reactor=warn,mio=warn,want=warn,reqwest=warn,rusoto_core=error,rusoto_signature=error,h2=error,rocket=warn,=warn" - - name: "SGX_MODE" - value: "HW" - - name: LOCAL_NODE_ID - value: "peer1.NETWORKNAME.mobilecoin.com:443" - - name: MC_LOG_UDP_JSON - value: "127.0.0.1:16666" - - name: MC_LOG_EXTRA_CONTEXT - value: "mc.local_node_id=$(LOCAL_NODE_ID)" - - name: MC_BRANCH - value: "NETWORKNAME" - - name: AWS_PATH - value: "AWS_PATH=s3://mobilecoin.chain/node1.NETWORKNAME.mobilecoin.com" - - name: AWS_REGION - value: "us-west-1" - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: aws-creds-env - key: aws-access-key-id - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: aws-creds-env - key: aws-secret-access-key - - name: NODE1_SIGNER_KEY - valueFrom: - secretKeyRef: - name: node-signer-keys - key: node1 - - name: "SEALED_BLOCK_SIGNING_KEY" - value: "/keys/sealed-block-signing-key" - volumeMounts: - - name: aesm-socket-dir - mountPath: /var/run/aesmd - - name: config-dir - mountPath: /config - - name: ledger-db-dir - mountPath: /ledger - - name: keys-dir - mountPath: /keys - - name: node-cert - mountPath: /certs - readOnly: true - - name: supervisor-conf - mountPath: /etc/supervisor/conf.d - readOnly: true - resources: - limits: - intel.com/sgx: 5000 - requests: - intel.com/sgx: 5000 - - volumes: - - name: ledger-db-dir - emptyDir: {} - - name: config-dir - configMap: - name: config-consensus-node1 - - name: keys-dir - emptyDir: {} - - name: aesm-socket-dir - emptyDir: {} - - name: node-cert - secret: - secretName: node1-peer-tls - - name: supervisor-conf - projected: - sources: - - configMap: - name: supervisor-daemon-config - - configMap: - name: supervisor-sgx-config - - configMap: - name: supervisor-consensus-node1 - - configMap: - name: supervisor-ledger-dist-node1 - - configMap: - name: supervisor-admin-http-gw-node1 diff --git a/deploy/03-node2.yaml b/deploy/03-node2.yaml deleted file mode 100644 index 260a053e5d..0000000000 --- a/deploy/03-node2.yaml +++ /dev/null @@ -1,272 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-ledger-dist-node2 - namespace: NETWORKNAME -data: - ledger_dist.conf: | - [program:ledger-distribution] - command=/usr/bin/ledger-distribution - --dest s3://mobilecoin.chain/node2.NETWORKNAME.mobilecoin.com - --ledger-path /ledger - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-admin-http-gw-node2 - namespace: NETWORKNAME -data: - admin_http_gw.conf: | - [program:mc-admin-http-gateway] - command=/usr/bin/mc-admin-http-gateway - --listen-host 0.0.0.0 - --listen-port 8000 - --admin-uri insecure-mca://127.0.0.1:8001/ - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-consensus-node2 - namespace: NETWORKNAME -data: - consensus-service-node.conf: | - [program:consensus-service] - command=/usr/bin/consensus-service - --client-responder-id node2.NETWORKNAME.mobilecoin.com:443 - --peer-responder-id peer2.NETWORKNAME.mobilecoin.com:443 - --peer-listen-uri=mcp://0.0.0.0:8443/?tls-chain=/certs/tls.crt&tls-key=/certs/tls.key - --client-listen-uri=mc://0.0.0.0:3223/?tls-chain=/certs/tls.crt&tls-key=/certs/tls.key - --admin-listen-uri=insecure-mca://127.0.0.1:8001/ - --network /config/network.toml - --ledger-path /ledger - --msg-signer-key %(ENV_NODE2_SIGNER_KEY)s - --sealed-block-signing-key %(ENV_SEALED_BLOCK_SIGNING_KEY)s - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-consensus-node2 - namespace: NETWORKNAME -data: - network.toml: | - broadcast_peers = [ - "mcp://peer1.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEAg1iGuFv37uEFrn71kn31TE38TC-ma_Fb4wX239H0c8M=", - "mcp://peer3.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEAHzaqHvf66h03cd3-Ny4VOYoa0zhcnak8tKTb3P0gMHE=", - "mcp://peer4.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEAYYmxZMX2B4kkhfPap8NrV4JMp_s6j06oxwlMD0DAiC8=", - "mcp://peer5.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEA0XQ0Hy_nKTlPyxD7LYBEWVoayf_JfUsIaYy7olOZhNM=", - ] - - tx_source_urls = [ - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node1.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node3.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node4.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node5.NETWORKNAME.mobilecoin.com/", - ] - - quorum_set = { threshold = 3, members = [ - { type = "Node", args = "peer1.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer3.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer4.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer5.NETWORKNAME.mobilecoin.com:443" }, - ] } ---- -# node2 -apiVersion: apps/v1 -kind: Deployment -metadata: - name: node2 - namespace: NETWORKNAME - labels: - app: mobilenode-NETWORKNAME - nodename: node2 -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app: mobilenode-NETWORKNAME - nodename: node2 - template: - metadata: - labels: - app: mobilenode-NETWORKNAME - nodename: node2 - spec: - # Need better node-selector semantics. This depends on agentpool naming - nodeSelector: - builder-node: "false" - sgx-enabled-node: "true" - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - mobilenode-NETWORKNAME - topologyKey: "kubernetes.io/hostname" - imagePullSecrets: - - name: docker-credentials - initContainers: - - name: install-ledger-data - image: mobilecoin/node_hw:DOCKER_TAG - imagePullPolicy: IfNotPresent - command: [ "/bin/bash" ] - args: - - -c - - | - set -x - rm -rf /ledger/* - cp -r /var/lib/mobilecoin/origin_data/data.mdb /ledger - volumeMounts: - - name: ledger-db-dir - mountPath: /ledger - - containers: - - - name: node - image: mobilecoin/node_hw:DOCKER_TAG - imagePullPolicy: IfNotPresent - # Override entrypoint for this container - command: [ "/usr/bin/supervisord" ] - ports: - - name: cns-client - containerPort: 3223 - - name: cns-port - containerPort: 8443 - - name: cns-mgmt - containerPort: 8000 - livenessProbe: - exec: - command: - - /bin/grpc_health_probe - - -tls - - -tls-ca-cert - - /certs/ca.crt - - -tls-server-name - - node2.NETWORKNAME.mobilecoin.com - - -addr=:8443 - failureThreshold: 3 - periodSeconds: 30 - readinessProbe: - exec: - command: - - /bin/grpc_health_probe - - -tls - - -tls-ca-cert - - /certs/ca.crt - - -tls-server-name - - node2.NETWORKNAME.mobilecoin.com - - -addr=:8443 - # This will need to be updated as initial sync and startup times increase. - failureThreshold: 30 - periodSeconds: 30 - env: - # Contents of /opt/intel/sgxsdk/environment and AESM requirements - - name: "PATH" - value: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/intel/sgxsdk/bin:/opt/intel/sgxsdk/bin/x64" - # Rust env settings - - name: "RUST_BACKTRACE" - value: "1" - - name: "RUST_LOG" - value: "debug,rustls=warn,hyper=warn,tokio_reactor=warn,mio=warn,want=warn,reqwest=warn,rusoto_core=error,rusoto_signature=error,h2=error,rocket=warn,=warn" - - name: "SGX_MODE" - value: "HW" - - name: LOCAL_NODE_ID - value: "peer2.NETWORKNAME.mobilecoin.com:443" - - name: MC_LOG_UDP_JSON - value: "127.0.0.1:16666" - - name: MC_LOG_EXTRA_CONTEXT - value: "mc.local_node_id=$(LOCAL_NODE_ID)" - - name: MC_BRANCH - value: "NETWORKNAME" - - name: AWS_PATH - value: "AWS_PATH=s3://mobilecoin.chain/node2.NETWORKNAME.mobilecoin.com" - - name: AWS_REGION - value: "us-west-1" - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: aws-creds-env - key: aws-access-key-id - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: aws-creds-env - key: aws-secret-access-key - - name: NODE2_SIGNER_KEY - valueFrom: - secretKeyRef: - name: node-signer-keys - key: node2 - - name: "SEALED_BLOCK_SIGNING_KEY" - value: "/keys/sealed-block-signing-key" - volumeMounts: - - name: aesm-socket-dir - mountPath: /var/run/aesmd - - name: config-dir - mountPath: /config - - name: ledger-db-dir - mountPath: /ledger - - name: keys-dir - mountPath: /keys - - name: node-cert - mountPath: /certs - readOnly: true - - name: supervisor-conf - mountPath: /etc/supervisor/conf.d - readOnly: true - resources: - limits: - intel.com/sgx: 5000 - requests: - intel.com/sgx: 5000 - - volumes: - - name: ledger-db-dir - emptyDir: {} - - name: config-dir - configMap: - name: config-consensus-node2 - - name: keys-dir - emptyDir: {} - - name: aesm-socket-dir - emptyDir: {} - - name: node-cert - secret: - secretName: node2-peer-tls - - name: supervisor-conf - projected: - sources: - - configMap: - name: supervisor-daemon-config - - configMap: - name: supervisor-sgx-config - - configMap: - name: supervisor-consensus-node2 - - configMap: - name: supervisor-ledger-dist-node2 - - configMap: - name: supervisor-admin-http-gw-node2 diff --git a/deploy/03-node3.yaml b/deploy/03-node3.yaml deleted file mode 100644 index d263df46f7..0000000000 --- a/deploy/03-node3.yaml +++ /dev/null @@ -1,272 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-ledger-dist-node3 - namespace: NETWORKNAME -data: - ledger_dist.conf: | - [program:ledger-distribution] - command=/usr/bin/ledger-distribution - --dest s3://mobilecoin.chain/node3.NETWORKNAME.mobilecoin.com - --ledger-path /ledger - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-admin-http-gw-node3 - namespace: NETWORKNAME -data: - admin_http_gw.conf: | - [program:mc-admin-http-gateway] - command=/usr/bin/mc-admin-http-gateway - --listen-host 0.0.0.0 - --listen-port 8000 - --admin-uri insecure-mca://127.0.0.1:8001/ - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-consensus-node3 - namespace: NETWORKNAME -data: - consensus-service-node.conf: | - [program:consensus-service] - command=/usr/bin/consensus-service - --client-responder-id node3.NETWORKNAME.mobilecoin.com:443 - --peer-responder-id peer3.NETWORKNAME.mobilecoin.com:443 - --peer-listen-uri=mcp://0.0.0.0:8443/?tls-chain=/certs/tls.crt&tls-key=/certs/tls.key - --client-listen-uri=mc://0.0.0.0:3223/?tls-chain=/certs/tls.crt&tls-key=/certs/tls.key - --admin-listen-uri=insecure-mca://127.0.0.1:8001/ - --network /config/network.toml - --ledger-path /ledger - --msg-signer-key %(ENV_NODE3_SIGNER_KEY)s - --sealed-block-signing-key %(ENV_SEALED_BLOCK_SIGNING_KEY)s - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-consensus-node3 - namespace: NETWORKNAME -data: - network.toml: | - broadcast_peers = [ - "mcp://peer1.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEAg1iGuFv37uEFrn71kn31TE38TC-ma_Fb4wX239H0c8M=", - "mcp://peer2.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEA7i8HyecUp-0lcw5c8yP3BNP_R6JRlpXoxjJD-gWcqUE=", - "mcp://peer4.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEAYYmxZMX2B4kkhfPap8NrV4JMp_s6j06oxwlMD0DAiC8=", - "mcp://peer5.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEA0XQ0Hy_nKTlPyxD7LYBEWVoayf_JfUsIaYy7olOZhNM=", - ] - - tx_source_urls = [ - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node1.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node2.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node4.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node5.NETWORKNAME.mobilecoin.com/", - ] - - quorum_set = { threshold = 3, members = [ - { type = "Node", args = "peer1.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer2.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer4.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer5.NETWORKNAME.mobilecoin.com:443" }, - ] } ---- -# node3 -apiVersion: apps/v1 -kind: Deployment -metadata: - name: node3 - namespace: NETWORKNAME - labels: - app: mobilenode-NETWORKNAME - nodename: node3 -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app: mobilenode-NETWORKNAME - nodename: node3 - template: - metadata: - labels: - app: mobilenode-NETWORKNAME - nodename: node3 - spec: - # Need better node-selector semantics. This depends on agentpool naming - nodeSelector: - builder-node: "false" - sgx-enabled-node: "true" - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - mobilenode-NETWORKNAME - topologyKey: "kubernetes.io/hostname" - imagePullSecrets: - - name: docker-credentials - initContainers: - - name: install-ledger-data - image: mobilecoin/node_hw:DOCKER_TAG - imagePullPolicy: IfNotPresent - command: [ "/bin/bash" ] - args: - - -c - - | - set -x - rm -rf /ledger/* - cp -r /var/lib/mobilecoin/origin_data/data.mdb /ledger - volumeMounts: - - name: ledger-db-dir - mountPath: /ledger - - containers: - - - name: node - image: mobilecoin/node_hw:DOCKER_TAG - imagePullPolicy: IfNotPresent - # Override entrypoint for this container - command: [ "/usr/bin/supervisord" ] - ports: - - name: cns-client - containerPort: 3223 - - name: cns-port - containerPort: 8443 - - name: cns-mgmt - containerPort: 8000 - livenessProbe: - exec: - command: - - /bin/grpc_health_probe - - -tls - - -tls-ca-cert - - /certs/ca.crt - - -tls-server-name - - node3.NETWORKNAME.mobilecoin.com - - -addr=:8443 - failureThreshold: 3 - periodSeconds: 30 - readinessProbe: - exec: - command: - - /bin/grpc_health_probe - - -tls - - -tls-ca-cert - - /certs/ca.crt - - -tls-server-name - - node3.NETWORKNAME.mobilecoin.com - - -addr=:8443 - # This will need to be updated as initial sync and startup times increase. - failureThreshold: 30 - periodSeconds: 30 - env: - # Contents of /opt/intel/sgxsdk/environment and AESM requirements - - name: "PATH" - value: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/intel/sgxsdk/bin:/opt/intel/sgxsdk/bin/x64" - # Rust env settings - - name: "RUST_BACKTRACE" - value: "1" - - name: "RUST_LOG" - value: "debug,rustls=warn,hyper=warn,tokio_reactor=warn,mio=warn,want=warn,reqwest=warn,rusoto_core=error,rusoto_signature=error,h2=error,rocket=warn,=warn" - - name: "SGX_MODE" - value: "HW" - - name: LOCAL_NODE_ID - value: "peer3.NETWORKNAME.mobilecoin.com:443" - - name: MC_LOG_UDP_JSON - value: "127.0.0.1:16666" - - name: MC_LOG_EXTRA_CONTEXT - value: "mc.local_node_id=$(LOCAL_NODE_ID)" - - name: MC_BRANCH - value: "NETWORKNAME" - - name: AWS_PATH - value: "AWS_PATH=s3://mobilecoin.chain/node3.NETWORKNAME.mobilecoin.com" - - name: AWS_REGION - value: "us-west-1" - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: aws-creds-env - key: aws-access-key-id - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: aws-creds-env - key: aws-secret-access-key - - name: NODE3_SIGNER_KEY - valueFrom: - secretKeyRef: - name: node-signer-keys - key: node3 - - name: "SEALED_BLOCK_SIGNING_KEY" - value: "/keys/sealed-block-signing-key" - volumeMounts: - - name: aesm-socket-dir - mountPath: /var/run/aesmd - - name: config-dir - mountPath: /config - - name: ledger-db-dir - mountPath: /ledger - - name: keys-dir - mountPath: /keys - - name: node-cert - mountPath: /certs - readOnly: true - - name: supervisor-conf - mountPath: /etc/supervisor/conf.d - readOnly: true - resources: - limits: - intel.com/sgx: 5000 - requests: - intel.com/sgx: 5000 - - volumes: - - name: ledger-db-dir - emptyDir: {} - - name: config-dir - configMap: - name: config-consensus-node3 - - name: keys-dir - emptyDir: {} - - name: aesm-socket-dir - emptyDir: {} - - name: node-cert - secret: - secretName: node3-peer-tls - - name: supervisor-conf - projected: - sources: - - configMap: - name: supervisor-daemon-config - - configMap: - name: supervisor-sgx-config - - configMap: - name: supervisor-consensus-node3 - - configMap: - name: supervisor-ledger-dist-node3 - - configMap: - name: supervisor-admin-http-gw-node3 diff --git a/deploy/03-node4.yaml b/deploy/03-node4.yaml deleted file mode 100644 index e8323ece17..0000000000 --- a/deploy/03-node4.yaml +++ /dev/null @@ -1,274 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-ledger-dist-node4 - namespace: NETWORKNAME -data: - ledger_dist.conf: | - [program:ledger-distribution] - command=/usr/bin/ledger-distribution - --dest s3://mobilecoin.chain/node4.NETWORKNAME.mobilecoin.com - --ledger-path /ledger - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-admin-http-gw-node4 - namespace: NETWORKNAME -data: - admin_http_gw.conf: | - [program:mc-admin-http-gateway] - command=/usr/bin/mc-admin-http-gateway - --listen-host 0.0.0.0 - --listen-port 8000 - --admin-uri insecure-mca://127.0.0.1:8001/ - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-consensus-node4 - namespace: NETWORKNAME -data: - consensus-service-node.conf: | - [program:consensus-service] - command=/usr/bin/consensus-service - --client-responder-id node4.NETWORKNAME.mobilecoin.com:443 - --peer-responder-id peer4.NETWORKNAME.mobilecoin.com:443 - --peer-listen-uri=mcp://0.0.0.0:8443/?tls-chain=/certs/tls.crt&tls-key=/certs/tls.key - --client-listen-uri=mc://0.0.0.0:3223/?tls-chain=/certs/tls.crt&tls-key=/certs/tls.key - --admin-listen-uri=insecure-mca://127.0.0.1:8001/ - --network /config/network.toml - --ledger-path /ledger - --msg-signer-key %(ENV_NODE4_SIGNER_KEY)s - --sealed-block-signing-key %(ENV_SEALED_BLOCK_SIGNING_KEY)s - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-consensus-node4 - namespace: NETWORKNAME -data: - network.toml: | - broadcast_peers = [ - "mcp://peer1.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEAg1iGuFv37uEFrn71kn31TE38TC-ma_Fb4wX239H0c8M=", - "mcp://peer2.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEA7i8HyecUp-0lcw5c8yP3BNP_R6JRlpXoxjJD-gWcqUE=", - "mcp://peer3.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEAHzaqHvf66h03cd3-Ny4VOYoa0zhcnak8tKTb3P0gMHE=", - "mcp://peer5.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEA0XQ0Hy_nKTlPyxD7LYBEWVoayf_JfUsIaYy7olOZhNM=", - ] - - tx_source_urls = [ - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node1.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node2.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node3.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node5.NETWORKNAME.mobilecoin.com/", - ] - - quorum_set = { threshold = 3, members = [ - { type = "Node", args = "peer1.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer2.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer3.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer5.NETWORKNAME.mobilecoin.com:443" }, - ] } ---- -# node4 -apiVersion: apps/v1 -kind: Deployment -metadata: - name: node4 - namespace: NETWORKNAME - labels: - app: mobilenode-NETWORKNAME - nodename: node4 -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app: mobilenode-NETWORKNAME - nodename: node4 - template: - metadata: - labels: - app: mobilenode-NETWORKNAME - nodename: node4 - spec: - # Need better node-selector semantics. This depends on agentpool naming - nodeSelector: - builder-node: "false" - sgx-enabled-node: "true" - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - mobilenode-NETWORKNAME - topologyKey: "kubernetes.io/hostname" - imagePullSecrets: - - name: docker-credentials - initContainers: - - name: install-ledger-data - image: mobilecoin/node_hw:DOCKER_TAG - imagePullPolicy: IfNotPresent - command: [ "/bin/bash" ] - args: - - -c - - | - set -x - rm -rf /ledger/* - cp -r /var/lib/mobilecoin/origin_data/data.mdb /ledger - volumeMounts: - - name: ledger-db-dir - mountPath: /ledger - - containers: - - - name: node - image: mobilecoin/node_hw:DOCKER_TAG - imagePullPolicy: IfNotPresent - # Override entrypoint for this container - command: [ "/usr/bin/supervisord" ] - ports: - - name: cns-client - containerPort: 3223 - - name: cns-port - containerPort: 8443 - - name: cns-mgmt - containerPort: 8000 - livenessProbe: - exec: - command: - - /bin/grpc_health_probe - - -tls - - -tls-ca-cert - - /certs/ca.crt - - -tls-server-name - - node4.NETWORKNAME.mobilecoin.com - - -addr=:8443 - failureThreshold: 3 - periodSeconds: 30 - readinessProbe: - exec: - command: - - /bin/grpc_health_probe - - -tls - - -tls-ca-cert - - /certs/ca.crt - - -tls-server-name - - node4.NETWORKNAME.mobilecoin.com - - -addr=:8443 - # This will need to be updated as initial sync and startup times increase. - failureThreshold: 30 - periodSeconds: 30 - env: - # Contents of /opt/intel/sgxsdk/environment and AESM requirements - - name: "PATH" - value: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/intel/sgxsdk/bin:/opt/intel/sgxsdk/bin/x64" - # Rust env settings - - name: "RUST_BACKTRACE" - value: "1" - - name: "RUST_LOG" - value: "debug,rustls=warn,hyper=warn,tokio_reactor=warn,mio=warn,want=warn,reqwest=warn,rusoto_core=error,rusoto_signature=error,h2=error,rocket=warn,=warn" - - name: "SGX_MODE" - value: "HW" - - name: LOCAL_NODE_ID - value: "peer4.NETWORKNAME.mobilecoin.com:443" - - name: MC_LOG_UDP_JSON - value: "127.0.0.1:16666" - - name: MC_LOG_EXTRA_CONTEXT - value: "mc.local_node_id=$(LOCAL_NODE_ID)" - - name: MC_BRANCH - value: "NETWORKNAME" - - name: AWS_PATH - value: "AWS_PATH=s3://mobilecoin.chain/node4.NETWORKNAME.mobilecoin.com" - - name: AWS_REGION - value: "us-west-1" - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: aws-creds-env - key: aws-access-key-id - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: aws-creds-env - key: aws-secret-access-key - - name: NODE4_SIGNER_KEY - valueFrom: - secretKeyRef: - name: node-signer-keys - key: node4 - - name: "SEALED_BLOCK_SIGNING_KEY" - value: "/keys/sealed-block-signing-key" - volumeMounts: - - name: aesm-socket-dir - mountPath: /var/run/aesmd - - name: config-dir - mountPath: /config - - name: ledger-db-dir - mountPath: /ledger - - name: keys-dir - mountPath: /keys - - name: node-cert - mountPath: /certs - readOnly: true - - name: supervisor-conf - mountPath: /etc/supervisor/conf.d - readOnly: true - resources: - limits: - intel.com/sgx: 5000 - requests: - intel.com/sgx: 5000 - - volumes: - - name: ledger-db-dir - emptyDir: {} - - name: account-db-dir - emptyDir: {} - - name: config-dir - configMap: - name: config-consensus-node4 - - name: keys-dir - emptyDir: {} - - name: aesm-socket-dir - emptyDir: {} - - name: node-cert - secret: - secretName: node4-peer-tls - - name: supervisor-conf - projected: - sources: - - configMap: - name: supervisor-daemon-config - - configMap: - name: supervisor-sgx-config - - configMap: - name: supervisor-consensus-node4 - - configMap: - name: supervisor-ledger-dist-node4 - - configMap: - name: supervisor-admin-http-gw-node4 diff --git a/deploy/03-node5.yaml b/deploy/03-node5.yaml deleted file mode 100644 index af622b7d82..0000000000 --- a/deploy/03-node5.yaml +++ /dev/null @@ -1,272 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-ledger-dist-node5 - namespace: NETWORKNAME -data: - ledger_dist.conf: | - [program:ledger-distribution] - command=/usr/bin/ledger-distribution - --dest s3://mobilecoin.chain/node5.NETWORKNAME.mobilecoin.com - --ledger-path /ledger - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-admin-http-gw-node5 - namespace: NETWORKNAME -data: - admin_http_gw.conf: | - [program:mc-admin-http-gateway] - command=/usr/bin/mc-admin-http-gateway - --listen-host 0.0.0.0 - --listen-port 8000 - --admin-uri insecure-mca://127.0.0.1:8001/ - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: supervisor-consensus-node5 - namespace: NETWORKNAME -data: - consensus-service-node.conf: | - [program:consensus-service] - command=/usr/bin/consensus-service - --client-responder-id node5.NETWORKNAME.mobilecoin.com:443 - --peer-responder-id peer5.NETWORKNAME.mobilecoin.com:443 - --peer-listen-uri=mcp://0.0.0.0:8443/?tls-chain=/certs/tls.crt&tls-key=/certs/tls.key - --client-listen-uri=mc://0.0.0.0:3223/?tls-chain=/certs/tls.crt&tls-key=/certs/tls.key - --admin-listen-uri=insecure-mca://127.0.0.1:8001/ - --network /config/network.toml - --ledger-path /ledger - --msg-signer-key %(ENV_NODE5_SIGNER_KEY)s - --sealed-block-signing-key %(ENV_SEALED_BLOCK_SIGNING_KEY)s - - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/2 - stderr_logfile_maxbytes=0 - autorestart=true ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-consensus-node5 - namespace: NETWORKNAME -data: - network.toml: | - broadcast_peers = [ - "mcp://peer1.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEAg1iGuFv37uEFrn71kn31TE38TC-ma_Fb4wX239H0c8M=", - "mcp://peer2.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEA7i8HyecUp-0lcw5c8yP3BNP_R6JRlpXoxjJD-gWcqUE=", - "mcp://peer3.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEAHzaqHvf66h03cd3-Ny4VOYoa0zhcnak8tKTb3P0gMHE=", - "mcp://peer4.NETWORKNAME.mobilecoin.com:443/?consensus-msg-key=MCowBQYDK2VwAyEAYYmxZMX2B4kkhfPap8NrV4JMp_s6j06oxwlMD0DAiC8=", - ] - - tx_source_urls = [ - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node1.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node2.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node3.NETWORKNAME.mobilecoin.com/", - "https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node4.NETWORKNAME.mobilecoin.com/", - ] - - quorum_set = { threshold = 3, members = [ - { type = "Node", args = "peer1.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer2.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer3.NETWORKNAME.mobilecoin.com:443" }, - { type = "Node", args = "peer4.NETWORKNAME.mobilecoin.com:443" }, - ] } ---- -# node5 -apiVersion: apps/v1 -kind: Deployment -metadata: - name: node5 - namespace: NETWORKNAME - labels: - app: mobilenode-NETWORKNAME - nodename: node5 -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app: mobilenode-NETWORKNAME - nodename: node5 - template: - metadata: - labels: - app: mobilenode-NETWORKNAME - nodename: node5 - spec: - # Need better node-selector semantics. This depends on agentpool naming - nodeSelector: - builder-node: "false" - sgx-enabled-node: "true" - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - mobilenode-NETWORKNAME - topologyKey: "kubernetes.io/hostname" - imagePullSecrets: - - name: docker-credentials - initContainers: - - name: install-ledger-data - image: mobilecoin/node_hw:DOCKER_TAG - imagePullPolicy: IfNotPresent - command: [ "/bin/bash" ] - args: - - -c - - | - set -x - rm -rf /ledger/* - cp -r /var/lib/mobilecoin/origin_data/data.mdb /ledger - volumeMounts: - - name: ledger-db-dir - mountPath: /ledger - - containers: - - - name: node - image: mobilecoin/node_hw:DOCKER_TAG - imagePullPolicy: IfNotPresent - # Override entrypoint for this container - command: [ "/usr/bin/supervisord" ] - ports: - - name: cns-client - containerPort: 3223 - - name: cns-port - containerPort: 8443 - - name: cns-mgmt - containerPort: 8000 - livenessProbe: - exec: - command: - - /bin/grpc_health_probe - - -tls - - -tls-ca-cert - - /certs/ca.crt - - -tls-server-name - - node5.NETWORKNAME.mobilecoin.com - - -addr=:8443 - failureThreshold: 3 - periodSeconds: 30 - readinessProbe: - exec: - command: - - /bin/grpc_health_probe - - -tls - - -tls-ca-cert - - /certs/ca.crt - - -tls-server-name - - node5.NETWORKNAME.mobilecoin.com - - -addr=:8443 - # This will need to be updated as initial sync and startup times increase. - failureThreshold: 30 - periodSeconds: 30 - env: - # Contents of /opt/intel/sgxsdk/environment and AESM requirements - - name: "PATH" - value: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/intel/sgxsdk/bin:/opt/intel/sgxsdk/bin/x64" - # Rust env settings - - name: "RUST_BACKTRACE" - value: "1" - - name: "RUST_LOG" - value: "debug,rustls=warn,hyper=warn,tokio_reactor=warn,mio=warn,want=warn,reqwest=warn,rusoto_core=error,rusoto_signature=error,h2=error,rocket=warn,=warn" - - name: "SGX_MODE" - value: "HW" - - name: LOCAL_NODE_ID - value: "peer5.NETWORKNAME.mobilecoin.com:443" - - name: MC_LOG_UDP_JSON - value: "127.0.0.1:16666" - - name: MC_LOG_EXTRA_CONTEXT - value: "mc.local_node_id=$(LOCAL_NODE_ID)" - - name: MC_BRANCH - value: "NETWORKNAME" - - name: AWS_PATH - value: "AWS_PATH=s3://mobilecoin.chain/node5.NETWORKNAME.mobilecoin.com" - - name: AWS_REGION - value: "us-west-1" - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: aws-creds-env - key: aws-access-key-id - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: aws-creds-env - key: aws-secret-access-key - - name: NODE5_SIGNER_KEY - valueFrom: - secretKeyRef: - name: node-signer-keys - key: node5 - - name: "SEALED_BLOCK_SIGNING_KEY" - value: "/keys/sealed-block-signing-key" - volumeMounts: - - name: aesm-socket-dir - mountPath: /var/run/aesmd - - name: config-dir - mountPath: /config - - name: ledger-db-dir - mountPath: /ledger - - name: keys-dir - mountPath: /keys - - name: node-cert - mountPath: /certs - readOnly: true - - name: supervisor-conf - mountPath: /etc/supervisor/conf.d - readOnly: true - resources: - limits: - intel.com/sgx: 5000 - requests: - intel.com/sgx: 5000 - - volumes: - - name: ledger-db-dir - emptyDir: {} - - name: config-dir - configMap: - name: config-consensus-node5 - - name: keys-dir - emptyDir: {} - - name: aesm-socket-dir - emptyDir: {} - - name: node-cert - secret: - secretName: node5-peer-tls - - name: supervisor-conf - projected: - sources: - - configMap: - name: supervisor-daemon-config - - configMap: - name: supervisor-sgx-config - - configMap: - name: supervisor-consensus-node5 - - configMap: - name: supervisor-ledger-dist-node5 - - configMap: - name: supervisor-admin-http-gw-node5 diff --git a/deploy/04-mobilecoind.yaml b/deploy/04-mobilecoind.yaml deleted file mode 100644 index 8d16842869..0000000000 --- a/deploy/04-mobilecoind.yaml +++ /dev/null @@ -1,104 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mobilecoind - namespace: NETWORKNAME -spec: - type: ClusterIP - selector: - app: mobilecoind - ports: - - name: mobilecoind-rpc - port: 3229 - targetPort: mobilecoind-rpc ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mobilecoind - namespace: NETWORKNAME - labels: - app: mobilecoind -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app: mobilecoind - template: - metadata: - labels: - app: mobilecoind - spec: - nodeSelector: - builder-node: "false" - sgx-enabled-node: "false" - imagePullSecrets: - - name: docker-credentials - - initContainers: - - name: install-ledger-data - image: mobilecoin/node_hw:DOCKER_TAG - imagePullPolicy: IfNotPresent - command: [ "/bin/bash" ] - args: - - -c - - | - set -x - rm -rf /ledger/* - cp -r /var/lib/mobilecoin/origin_data/data.mdb /ledger - volumeMounts: - - name: ledger-db-dir - mountPath: /ledger - - containers: - - - name: mobilecoind - image: mobilecoin/mobilecoind:DOCKER_TAG - imagePullPolicy: IfNotPresent - command: [ "/usr/bin/supervisord" ] - ports: - - name: mobilecoind-rpc - containerPort: 3229 - livenessProbe: - exec: - command: - - "/bin/grpc_health_probe" - - "-addr=:3229" - failureThreshold: 3 - periodSeconds: 30 - readinessProbe: - exec: - command: - - "/bin/grpc_health_probe" - - "-addr=:3229" - failureThreshold: 4 - periodSeconds: 30 - env: - - name: "RUST_BACKTRACE" - value: "full" - - name: "RUST_LOG" - value: "info,rustls=warn,hyper=warn,tokio_reactor=warn,mio=warn,want=warn,reqwest=warn,rusoto_core=error,rusoto_signature=error,h2=error" - volumeMounts: - - name: ledger-db-dir - mountPath: /ledger - - name: mobilecoind-db-dir - mountPath: /mobilecoind - - name: supervisor-conf - mountPath: /etc/supervisor/conf.d - readOnly: true - - volumes: - - name: ledger-db-dir - emptyDir: {} - - name: mobilecoind-db-dir - emptyDir: {} - - name: supervisor-conf - projected: - sources: - - configMap: - name: supervisor-daemon-config - - configMap: - name: supervisor-mobilecoind ---- diff --git a/deploy/generate-manifests b/deploy/generate-manifests deleted file mode 100755 index 1829f15a1a..0000000000 --- a/deploy/generate-manifests +++ /dev/null @@ -1,55 +0,0 @@ -#!/bin/bash -set -e - -usage() { - cat << EOF - usage: generate-manifests [-h]|[ARGS] - Generage Kubernetes manifests from templates in this directory - Required arguments: - -n, --namespace Kubernetes namespace to deploy into. Also sets networkname - and subdomain - Optional arguments: - -h, --help Show this message and exit - -t, --tag Docker tag to use. Default is to use -latest. -EOF -} - -while (( "$#" )); do - case "$1" in - -h|--help) - usage - exit 0 - ;; - -n|--namespace) - NAMESPACE="${2}" - shift 2 - ;; - -t|--tag) - DOCKER_TAG="${2}" - shift 2 - ;; - -*|--*=) - echo "Error: Unsupported flag $1" >&2 - exit 1 - ;; - esac -done - -if [ -z $NAMESPACE ]; then - echo - echo "Missing parameter: namespace" - echo - usage - exit 1 -fi - -if [ -z $DOCKER_TAG ]; then - DOCKER_TAG="${NAMESPACE}-latest" -fi - -mkdir -p build - -for i in *.yaml; do - echo "Generating build/${i}" - sed "s/NETWORKNAME/${NAMESPACE}/g; s/DOCKER_TAG/${DOCKER_TAG}/g" ${i} > build/${i} -done diff --git a/docker/check.sh b/docker/check.sh deleted file mode 100755 index 3f664b06cd..0000000000 --- a/docker/check.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2018-2022 The MobileCoin Foundation -# -# This script performs any "health checks" that are not considered unit tests, -# such as code formatting, that are run in CI. -# -# This script is meant to run inside the container, and be invoked by `mob`. -# It should not be referred to directly by CI so that it can change or be moved -# without requiring CI to be reconfigured. CI should use `./mob check` -set -ex - -echo "=== Checking code is formatted. ===" -cargo fmt --version -cargo fmt -- --unstable-features --check - -cd consensus_enclave/static/ -cargo fmt -- --unstable-features --check - -rustc --version -cargo --version diff --git a/docker/init_debian.sh b/docker/init_debian.sh deleted file mode 100755 index f9c5622042..0000000000 --- a/docker/init_debian.sh +++ /dev/null @@ -1,125 +0,0 @@ -#!/usr/bin/env bash - -# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -# Note: When modifying this file, increment the Dockerfile-version minor version number -# This is needed for mob tool to be able to pull the right image from the farm, -# if it isn't done, bad things will happen to local builds and CI using mob tool -# See mob tool comments for extended discussion -# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - -set -e # Die on any errors - -cd /tmp - -# Certain Installers make 'installations' easier by having a nice front-end. While this is great when you have a manual install, this becomes an issue during automated installations. -export DEBIAN_FRONTEND=noninteractive - -# Install build tools and dependencies -apt-get update -q -q -apt-get upgrade --yes -apt-get install --yes \ - alien \ - apt-transport-https \ - autoconf \ - automake \ - binutils-dev \ - build-essential \ - clang \ - cmake \ - curl \ - git \ - jq \ - libclang-dev \ - libcurl4-openssl-dev \ - libdw-dev \ - libiberty-dev \ - libpq-dev \ - libprotobuf-c-dev \ - libprotobuf-dev \ - libssl-dev \ - libssl1.1 \ - libsystemd-dev \ - libtool \ - libxml2-dev \ - llvm-dev \ - nano \ - nginx \ - ninja-build \ - ocaml-native-compilers \ - ocamlbuild \ - patch \ - pkg-config \ - postgresql \ - postgresql-client \ - prometheus \ - protobuf-c-compiler \ - protobuf-compiler \ - psmisc \ - python \ - python3-pip \ - sqlite3 \ - systemd \ - unzip \ - uuid-dev \ - wget \ - zlib1g-dev -# psmisc = killall -# prometheus = helps with running slam scripts locally - -# For use in CI -# TODO: Do we need this outside CI? -pip3 install awscli black - -# filebeat is used for logs when running slam scripts locally -# via https://www.elastic.co/guide/en/beats/filebeat/current/setup-repositories.html -wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add - -echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" >> /etc/apt/sources.list.d/elastic-7.x.list -apt-get update && apt-get install filebeat - -# Install go 1.16 release -GO_PKG=go1.16.4.linux-amd64.tar.gz -wget https://golang.org/dl/$GO_PKG -O go.tgz -tar -C /usr/local -xzf go.tgz -rm -rf go.tgz - -# Install SQLite release. -SQLITE=sqlite-autoconf-3350400 -SQLITE_PKG=$SQLITE.tar.gz -wget https://www.sqlite.org/2021/$SQLITE_PKG -tar xf $SQLITE_PKG -pushd $SQLITE -./configure -make install -popd -rm -r $SQLITE* - -# set rust toolchain, defaulting to nightly -RUST_TOOLCHAIN=${RUST_TOOLCHAIN:-nightly} -if [ -f "$RUST_TOOLCHAIN_PATH" ]; then - RUST_TOOLCHAIN=`cat "$RUST_TOOLCHAIN_PATH"` -fi - -# Fetch rustup, and tell it to install $RUST_TOOLCHAIN -curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- --default-toolchain $RUST_TOOLCHAIN -y -source $HOME/.cargo/env -rustup component add \ - clippy \ - llvm-tools-preview \ - rust-analysis \ - rust-src \ - rustfmt -cargo install sccache cargo-cache cargo2junit cargo-tree cargo-feature-analyst cbindgen && \ -cargo install diesel_cli --no-default-features --features postgres - -# Install kcov. So that we don't have to do this again with every build in ci. -# TODO: Replace with `apt-get install kcov` when we upgrade builder image to -# Ubuntu 20 -mkdir -p /tmp/kcov -cd /tmp/kcov -wget https://github.com/SimonKagstrom/kcov/archive/v36.tar.gz -tar xvf v36.tar.gz -cd kcov-36 -cmake . -make install - -echo "Successfully installed packages." diff --git a/docker/install-bolt.sh b/docker/install-bolt.sh deleted file mode 100755 index d990a4c0e6..0000000000 --- a/docker/install-bolt.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# -# This script will checkout and compile the llvm-bolt executable from -# the signalapp fork of the facebook BOLT project. -# - -set -u -set -eE - -BASE_DIR=$(mktemp -d) - -LLVM_GIT_REV="f137ed238db11440f03083b1c88b7ffc0f4af65e" -LLVM_URL="https://github.com/llvm-mirror/llvm/archive/${LLVM_GIT_REV}.tar.gz" -LLVM_DIR="${BASE_DIR}/llvm-${LLVM_GIT_REV}" -LLVM_TOOLS_DIR="${LLVM_DIR}/tools" - -BOLT_GIT_REV="0655e9a71f43b3fc6a87e3c9be779dc76bc9efb9" -BOLT_URL="https://github.com/signalapp/BOLT/archive/${BOLT_GIT_REV}.tar.gz" -BOLT_DIR="${BASE_DIR}/BOLT-${BOLT_GIT_REV}" -BOLT_SYMLINK="${LLVM_TOOLS_DIR}/llvm-bolt" -BOLT_PATCH="${BOLT_DIR}/llvm.patch" - -BUILD_DIR="${BASE_DIR}/build" - -BOLT_EXE="${BUILD_DIR}/bin/llvm-bolt" - -function traphandler() { - echo "Installation of llvm-bolt failed, build located at ${BASE_DIR}" -} - -trap traphandler ERR - -echo -n "Downloading and patching LLVM..." - -curl -qLsf ${LLVM_URL} | tar -zxf - -C ${BASE_DIR} -curl -qLsf ${BOLT_URL} | tar -zxf - -C ${BASE_DIR} -ln -sf ${BOLT_DIR} "${BOLT_SYMLINK}" -patch -d ${LLVM_DIR} -p1 -T < "${BOLT_PATCH}" - -mkdir -p "${BUILD_DIR}" - -echo " Done." - -pushd "${BUILD_DIR}" - -cmake -G Ninja "${LLVM_DIR}" -DLLVM_TARGETS_TO_BUILD=X86 -DCMAKE_BUILD_TYPE=Release -ninja - -install -Dbpm 0755 ${BOLT_EXE} "${HOME}/.local/bin/llvm-bolt" - -popd >/dev/null - -rm -rf ${BASE_DIR} diff --git a/docker/install_sgx.sh b/docker/install_sgx.sh deleted file mode 100755 index baff1164f3..0000000000 --- a/docker/install_sgx.sh +++ /dev/null @@ -1,77 +0,0 @@ -#!/bin/sh - -# Copyright (c) 2018-2022 The MobileCoin Foundation - -set -e -x - -# ############################################### # -# builder-install-sgx - Add SGX SDK and reinstall protobuf -# (Note(chris): I don't understand the protobuf part right now) -# -# Inspired by: -# https://github.com/sebva/docker-sgx -# Note: The example is FROM ubuntu:bionic, which is 18.04 -# Note: Not just 'FROM'ing it because they make no maintenance promises -# ############################################### # - -set -e -set -u - -cd /tmp - -# Install SGX Ubuntu/Debian Repo -# NB: When updating dependencies, please remember to update the instructions in BUILD.md as well -( - . /etc/os-release - - wget "https://download.01.org/intel-sgx/sgx-linux/2.22/distro/ubuntu${VERSION_ID}-server/sgx_linux_x64_sdk_2.22.100.3.bin" - - echo "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/intel-sgx-archive-keyring.gpg] https://download.01.org/intel-sgx/sgx_repo/ubuntu/ ${UBUNTU_CODENAME} main" > /etc/apt/sources.list.d/intel-sgx.list -) - -wget -O- https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | \ - gpg --dearmor > /etc/apt/trusted.gpg.d/intel-sgx-archive-keyring.gpg - -# Actually install stuff -apt-get update -apt-get install -yq --no-install-recommends \ - ca-certificates \ - build-essential \ - ocaml \ - ocamlbuild \ - automake \ - autoconf \ - libtool \ - wget \ - python \ - libssl-dev \ - libcurl4-openssl-dev \ - protobuf-compiler \ - git \ - libprotobuf-dev \ - alien \ - cmake \ - debhelper \ - uuid-dev \ - libxml2-dev \ - libsgx-uae-service \ - sgx-aesm-service - -# Install *after* pkg-config so that they get registered correctly. -# pkg-config gets pulled in transitively via build-essential -chmod +x ./sgx_linux_x64_sdk_2.22.100.3.bin -./sgx_linux_x64_sdk_2.22.100.3.bin --prefix=/opt/intel - -# Update .bashrc to source sgxsdk -echo 'source /opt/intel/sgxsdk/environment' >> /root/.bashrc - -# Protobuf -# -# When you absolutely, positively, can't depend on this getting installed properly... -# -mkdir -p /tmp/protoc - -cd /tmp/protoc -wget https://github.com/protocolbuffers/protobuf/releases/download/v3.6.1/protoc-3.6.1-linux-x86_64.zip -unzip protoc-3.6.1-linux-x86_64.zip -cp bin/protoc /usr/bin/protoc diff --git a/docker/mrenclave.sh b/docker/mrenclave.sh deleted file mode 100755 index 213db38ced..0000000000 --- a/docker/mrenclave.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2018-2022 The MobileCoin Foundation -# -# Test for mrenclave stability -# Meant to be run as a git bisect run script, inside the prompt -# This may be a lot faster if there are docker image changes in recent history - -set -ex - -cd public - -FILE=target/debug/libconsensus-enclave.mrenclave - -cargo clean && (cd enclave && cargo clean) -cargo build -p mc-consensus-service --locked -test -f $FILE -MRENCLAVE1=$(cat $FILE) - -cargo clean && (cd enclave && cargo clean) -cargo build -p mc-consensus-service --locked -test -f $FILE -MRENCLAVE2=$(cat $FILE) - -if [ "$MRENCLAVE1" != "$MRENCLAVE2" ] ; then - echo "Warning: MRENCLAVE changed after rebuild!" - exit 1 -fi diff --git a/docker/patches/install-psw.patch b/docker/patches/install-psw.patch deleted file mode 100644 index bd15a045d8..0000000000 --- a/docker/patches/install-psw.patch +++ /dev/null @@ -1,77 +0,0 @@ -diff --git a/linux/installer/bin/install-sgx-psw.bin.tmpl b/linux/installer/bin/install-sgx-psw.bin.tmpl -index 3510e97c..751831ab 100755 ---- a/linux/installer/bin/install-sgx-psw.bin.tmpl -+++ b/linux/installer/bin/install-sgx-psw.bin.tmpl -@@ -30,34 +30,10 @@ - # - # - --grep 'sgx\.ko$\|intel_sgx\.ko$' /lib/modules/$(uname -r)/modules.builtin &> /dev/null --if [[ $? != "0" ]]; then -- /sbin/modinfo isgx &> /dev/null -- if [[ $? != "0" ]]; then -- /sbin/modinfo intel_sgx &> /dev/null -- if [[ $? != "0" ]]; then -- lsmod | grep 'isgx\|intel_sgx' &> /dev/null -- if [[ $? = "0" ]]; then -- echo "Warning: You did not follow the document to install the driver package." -- echo -- elif [[ ! -e /dev/isgx ]] && [[ ! -e /dev/sgx ]]; then -- echo -e "\033[31;49;1mWarning: You may need to activate the SGX module if SGX is enabled in the kernel (e.g., sudo modprobe sgx) or download and install the SGX driver if the kernel doesn't have SGX support.\033[39;49;0m" -- echo -- fi -- fi -- fi --fi -- - set -e - - PKG_NAME="Intel SGX PSW Package" - --if test $(id -u) -ne 0; then -- echo "Root privilege is required to install $PKG_NAME." -- exit 4 --fi -- -- - PKG_ARCH=@arch@ - ARCH=$(uname -m) - -diff --git a/linux/installer/common/libsgx-enclave-common/install.sh b/linux/installer/common/libsgx-enclave-common/install.sh -index 296879af..851d520b 100755 ---- a/linux/installer/common/libsgx-enclave-common/install.sh -+++ b/linux/installer/common/libsgx-enclave-common/install.sh -@@ -33,11 +33,6 @@ - - set -e - --if test $(id -u) -ne 0; then -- echo "Root privilege is required." -- exit 1 --fi -- - SCRIPT_DIR=$(dirname "$0") - source ${SCRIPT_DIR}/installConfig - -@@ -95,7 +90,7 @@ elif [ -d /etc/init/ ]; then - else - echo " failed." - echo "Unsupported platform - neither systemctl nor initctl is found." -- exit 5 -+ retval=0 - fi - - if test $retval -ne 0; then -diff --git a/linux/installer/common/psw/install.sh b/linux/installer/common/psw/install.sh -index 59f3ed61..8ba940a3 100755 ---- a/linux/installer/common/psw/install.sh -+++ b/linux/installer/common/psw/install.sh -@@ -96,7 +96,7 @@ elif [ -d /etc/init/ ]; then - else - echo " failed." - echo "Unsupported platform - neither systemctl nor initctl is found." -- exit 5 -+ retval=0 - fi - - if test $retval -ne 0; then diff --git a/docker/patches/install-sgx-malloc-deprecated.patch b/docker/patches/install-sgx-malloc-deprecated.patch deleted file mode 100644 index 202a9a3b95..0000000000 --- a/docker/patches/install-sgx-malloc-deprecated.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/sdk/tlibc/Makefile b/sdk/tlibc/Makefile -index 9aee436..acc73cf 100644 ---- /tmp/linux-sgx/sdk/tlibc/Makefile -+++ /tmp/linux-sgx/sdk/tlibc/Makefile -@@ -33,7 +33,7 @@ include ../../buildenv.mk - - CFLAGS += $(ENCLAVE_CFLAGS) - ASFLAGS := $(CFLAGS) --CFLAGS += -std=c99 -+CFLAGS += -std=c99 -D USE_MALLOC_DEPRECATED - CXXFLAGS += $(ENCLAVE_CXXFLAGS) -fno-exceptions -fno-rtti - - CPPFLAGS += -I. \ diff --git a/docker/patches/install-sgx-psw.bin.tmpl.patch b/docker/patches/install-sgx-psw.bin.tmpl.patch deleted file mode 100644 index 67b71d25e9..0000000000 --- a/docker/patches/install-sgx-psw.bin.tmpl.patch +++ /dev/null @@ -1,26 +0,0 @@ ---- /tmp/linux-sgx/linux/installer/bin/install-sgx-psw.bin.tmpl.bak 2018-01-26 12:02:12.780343255 +0100 -+++ /tmp/linux-sgx/linux/installer/bin/install-sgx-psw.bin.tmpl 2018-01-26 12:02:22.364442287 +0100 -@@ -30,23 +30,6 @@ - # - # - --grep intel_sgx /lib/modules/$(uname -r)/modules.builtin &> /dev/null --if [[ $? != "0" ]]; then -- modinfo isgx &> /dev/null -- if [[ $? != "0" ]]; then -- modinfo intel_sgx &> /dev/null -- if [[ $? != "0" ]]; then -- lsmod | grep 'isgx\|intel_sgx' &> /dev/null -- if [[ $? = "0" ]]; then -- echo "Warning: You did not follow the document to install the driver package" -- echo -- else -- echo "Please install the driver package before the PSW package" -- exit 4 -- fi -- fi -- fi --fi - - set -e - diff --git a/docker/rust-toolchain b/docker/rust-toolchain deleted file mode 100644 index bed25ae774..0000000000 --- a/docker/rust-toolchain +++ /dev/null @@ -1,2 +0,0 @@ -[toolchain] -channel = "nightly-2023-10-01" diff --git a/enclave-boundary/Cargo.toml b/enclave-boundary/Cargo.toml index 30f06e381f..57d7a35690 100644 --- a/enclave-boundary/Cargo.toml +++ b/enclave-boundary/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-enclave-boundary" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/api/Cargo.toml b/fog/api/Cargo.toml index 0fb392f0e2..5551bd7f36 100644 --- a/fog/api/Cargo.toml +++ b/fog/api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-api" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" links = "mc-fog-api" diff --git a/fog/block_provider/Cargo.toml b/fog/block_provider/Cargo.toml index 8637b683d2..59559bbfc6 100644 --- a/fog/block_provider/Cargo.toml +++ b/fog/block_provider/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-block-provider" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "Provide blocks from a local or remote ledger database" diff --git a/fog/block_provider/src/local.rs b/fog/block_provider/src/local.rs index 24717571ca..9f234f3eed 100644 --- a/fog/block_provider/src/local.rs +++ b/fog/block_provider/src/local.rs @@ -14,8 +14,8 @@ use std::time::Duration; #[derive(Clone)] pub struct LocalBlockProvider { - ledger: L, - watcher: Option, + pub ledger: L, + pub watcher: Option, } impl LocalBlockProvider { diff --git a/fog/distribution/Cargo.toml b/fog/distribution/Cargo.toml index 4fe9e93cd3..0392d608ba 100644 --- a/fog/distribution/Cargo.toml +++ b/fog/distribution/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-distribution" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/enclave_connection/Cargo.toml b/fog/enclave_connection/Cargo.toml index 10f3926f7b..333e313b16 100644 --- a/fog/enclave_connection/Cargo.toml +++ b/fog/enclave_connection/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-enclave-connection" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/ingest/client/Cargo.toml b/fog/ingest/client/Cargo.toml index dcb8561357..b9b5169e72 100644 --- a/fog/ingest/client/Cargo.toml +++ b/fog/ingest/client/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ingest-client" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/ingest/enclave/Cargo.toml b/fog/ingest/enclave/Cargo.toml index ca4ac78d4f..01dc720891 100644 --- a/fog/ingest/enclave/Cargo.toml +++ b/fog/ingest/enclave/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ingest-enclave" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/ingest/enclave/api/Cargo.toml b/fog/ingest/enclave/api/Cargo.toml index 88b0ebd25e..32de5d9bd9 100644 --- a/fog/ingest/enclave/api/Cargo.toml +++ b/fog/ingest/enclave/api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ingest-enclave-api" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/ingest/enclave/edl/Cargo.toml b/fog/ingest/enclave/edl/Cargo.toml index db4d693716..f5850841cf 100644 --- a/fog/ingest/enclave/edl/Cargo.toml +++ b/fog/ingest/enclave/edl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ingest-enclave-edl" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" links = "ingest_enclave_edl" diff --git a/fog/ingest/enclave/impl/Cargo.toml b/fog/ingest/enclave/impl/Cargo.toml index 68188861ab..e0d2b76574 100644 --- a/fog/ingest/enclave/impl/Cargo.toml +++ b/fog/ingest/enclave/impl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ingest-enclave-impl" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/ingest/enclave/measurement/Cargo.toml b/fog/ingest/enclave/measurement/Cargo.toml index a9cd586663..398b28c0cf 100644 --- a/fog/ingest/enclave/measurement/Cargo.toml +++ b/fog/ingest/enclave/measurement/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ingest-enclave-measurement" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "MobileCoin Ingest Enclave - Measurement" edition = "2021" diff --git a/fog/ingest/enclave/measurement/build.rs b/fog/ingest/enclave/measurement/build.rs index acc6ac1a49..76daca6974 100644 --- a/fog/ingest/enclave/measurement/build.rs +++ b/fog/ingest/enclave/measurement/build.rs @@ -13,7 +13,7 @@ use std::{env::var, path::PathBuf}; const SGX_VERSION: &str = "2.22.100.3"; const INGEST_ENCLAVE_PRODUCT_ID: u16 = 4; -const INGEST_ENCLAVE_SECURITY_VERSION: u16 = 7; +const INGEST_ENCLAVE_SECURITY_VERSION: u16 = 8; const INGEST_ENCLAVE_NAME: &str = "ingest-enclave"; const INGEST_ENCLAVE_DIR: &str = "../trusted"; const INGEST_ENCLAVE_BUILD_DIR: &str = "enclave"; diff --git a/fog/ingest/enclave/trusted/Cargo.lock b/fog/ingest/enclave/trusted/Cargo.lock index 480ac3655f..d3f2c6fc11 100644 --- a/fog/ingest/enclave/trusted/Cargo.lock +++ b/fog/ingest/enclave/trusted/Cargo.lock @@ -979,7 +979,7 @@ dependencies = [ [[package]] name = "mc-account-keys" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -1003,14 +1003,14 @@ dependencies = [ [[package]] name = "mc-account-keys-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-keys", ] [[package]] name = "mc-attest-ake" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "cargo-emit", @@ -1033,7 +1033,7 @@ dependencies = [ [[package]] name = "mc-attest-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "bitflags 2.4.1", @@ -1063,7 +1063,7 @@ dependencies = [ [[package]] name = "mc-attest-enclave-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-ake", @@ -1078,7 +1078,7 @@ dependencies = [ [[package]] name = "mc-attest-trusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -1089,7 +1089,7 @@ dependencies = [ [[package]] name = "mc-attest-verifier" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "cfg-if 1.0.0", @@ -1121,7 +1121,7 @@ dependencies = [ [[package]] name = "mc-attest-verifier-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "displaydoc", @@ -1163,7 +1163,7 @@ dependencies = [ [[package]] name = "mc-blockchain-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "hex_fmt", @@ -1186,7 +1186,7 @@ dependencies = [ [[package]] name = "mc-common" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "displaydoc", @@ -1207,7 +1207,7 @@ dependencies = [ [[package]] name = "mc-consensus-scp-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-common", "mc-crypto-digestible", @@ -1219,7 +1219,7 @@ dependencies = [ [[package]] name = "mc-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "ed25519-dalek", @@ -1234,7 +1234,7 @@ dependencies = [ [[package]] name = "mc-core-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "mc-crypto-keys", @@ -1244,7 +1244,7 @@ dependencies = [ [[package]] name = "mc-crypto-ake-enclave" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "digest", @@ -1266,7 +1266,7 @@ dependencies = [ [[package]] name = "mc-crypto-box" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "digest", @@ -1280,7 +1280,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "curve25519-dalek", @@ -1293,7 +1293,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible-derive" -version = "5.2.3" +version = "6.0.0" dependencies = [ "proc-macro2", "quote", @@ -1302,7 +1302,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible-signature" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-digestible", "signature", @@ -1310,7 +1310,7 @@ dependencies = [ [[package]] name = "mc-crypto-hashes" -version = "5.2.3" +version = "6.0.0" dependencies = [ "blake2", "digest", @@ -1319,7 +1319,7 @@ dependencies = [ [[package]] name = "mc-crypto-keys" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "curve25519-dalek", @@ -1348,7 +1348,7 @@ dependencies = [ [[package]] name = "mc-crypto-multisig" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-digestible", "mc-crypto-keys", @@ -1358,7 +1358,7 @@ dependencies = [ [[package]] name = "mc-crypto-noise" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "aes-gcm", @@ -1378,7 +1378,7 @@ dependencies = [ [[package]] name = "mc-crypto-ring-signature" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -1399,7 +1399,7 @@ dependencies = [ [[package]] name = "mc-crypto-ring-signature-signer" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -1419,7 +1419,7 @@ dependencies = [ [[package]] name = "mc-enclave-boundary" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-common", "mc-rand", @@ -1430,7 +1430,7 @@ dependencies = [ [[package]] name = "mc-fog-ingest-enclave-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -1447,7 +1447,7 @@ dependencies = [ [[package]] name = "mc-fog-ingest-enclave-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-util-build-script", @@ -1455,7 +1455,7 @@ dependencies = [ [[package]] name = "mc-fog-ingest-enclave-impl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aligned-cmov", "mc-attest-core", @@ -1484,7 +1484,7 @@ dependencies = [ [[package]] name = "mc-fog-ingest-enclave-trusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "lazy_static", @@ -1515,7 +1515,7 @@ dependencies = [ [[package]] name = "mc-fog-kex-rng" -version = "5.2.3" +version = "6.0.0" dependencies = [ "digest", "displaydoc", @@ -1530,14 +1530,14 @@ dependencies = [ [[package]] name = "mc-fog-ocall-oram-storage-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-fog-ocall-oram-storage-trusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes", "aligned-cmov", @@ -1554,7 +1554,7 @@ dependencies = [ [[package]] name = "mc-fog-recovery-db-iface" -version = "5.2.3" +version = "6.0.0" dependencies = [ "chrono", "displaydoc", @@ -1570,7 +1570,7 @@ dependencies = [ [[package]] name = "mc-fog-report-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-attest-verifier-types", "mc-crypto-digestible", @@ -1580,14 +1580,14 @@ dependencies = [ [[package]] name = "mc-fog-sig-authority" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-keys", ] [[package]] name = "mc-fog-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "crc", "displaydoc", @@ -1665,11 +1665,11 @@ dependencies = [ [[package]] name = "mc-sgx-alloc" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-sgx-build" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cc", "lazy_static", @@ -1679,7 +1679,7 @@ dependencies = [ [[package]] name = "mc-sgx-compat" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "mc-sgx-alloc", @@ -1733,7 +1733,7 @@ dependencies = [ [[package]] name = "mc-sgx-css" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-sgx-core-types", @@ -1774,36 +1774,36 @@ dependencies = [ [[package]] name = "mc-sgx-debug" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-sgx-debug-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-enclave-id" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-types", ] [[package]] name = "mc-sgx-panic" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-sgx-panic-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-report-cache-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -1815,7 +1815,7 @@ dependencies = [ [[package]] name = "mc-sgx-service" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-build", "mc-sgx-types", @@ -1823,7 +1823,7 @@ dependencies = [ [[package]] name = "mc-sgx-slog" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "mc-common", @@ -1833,14 +1833,14 @@ dependencies = [ [[package]] name = "mc-sgx-slog-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-sync" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-panic", "mc-sgx-types", @@ -1848,7 +1848,7 @@ dependencies = [ [[package]] name = "mc-sgx-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-core-sys-types", ] @@ -1861,7 +1861,7 @@ checksum = "70a17bdd557d482382794a59232314fe9cfb7a9c4450aec867f737d815e5f5b0" [[package]] name = "mc-transaction-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes", "bulletproofs-og", @@ -1899,7 +1899,7 @@ dependencies = [ [[package]] name = "mc-transaction-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "crc", "displaydoc", @@ -1917,7 +1917,7 @@ dependencies = [ [[package]] name = "mc-util-build-script" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "displaydoc", @@ -1928,7 +1928,7 @@ dependencies = [ [[package]] name = "mc-util-build-sgx" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "cc", @@ -1939,7 +1939,7 @@ dependencies = [ [[package]] name = "mc-util-encodings" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "displaydoc", @@ -1950,14 +1950,14 @@ dependencies = [ [[package]] name = "mc-util-from-random" -version = "5.2.3" +version = "6.0.0" dependencies = [ "rand_core", ] [[package]] name = "mc-util-repr-bytes" -version = "5.2.3" +version = "6.0.0" dependencies = [ "generic-array", "hex_fmt", @@ -1967,7 +1967,7 @@ dependencies = [ [[package]] name = "mc-util-serial" -version = "5.2.3" +version = "6.0.0" dependencies = [ "prost", "serde", @@ -1976,11 +1976,11 @@ dependencies = [ [[package]] name = "mc-util-u64-ratio" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-util-zip-exact" -version = "5.2.3" +version = "6.0.0" dependencies = [ "serde", ] diff --git a/fog/ingest/enclave/trusted/Cargo.toml b/fog/ingest/enclave/trusted/Cargo.toml index 9d2a89df02..b04747dc54 100644 --- a/fog/ingest/enclave/trusted/Cargo.toml +++ b/fog/ingest/enclave/trusted/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ingest-enclave-trusted" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/ingest/report/Cargo.toml b/fog/ingest/report/Cargo.toml index 2f6869229e..4654baf94c 100644 --- a/fog/ingest/report/Cargo.toml +++ b/fog/ingest/report/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ingest-report" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/fog/ingest/server/Cargo.toml b/fog/ingest/server/Cargo.toml index 47e469f744..c0f19128dc 100644 --- a/fog/ingest/server/Cargo.toml +++ b/fog/ingest/server/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ingest-server" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/ingest/server/test-utils/Cargo.toml b/fog/ingest/server/test-utils/Cargo.toml index 3db314a2a8..4a75674daa 100644 --- a/fog/ingest/server/test-utils/Cargo.toml +++ b/fog/ingest/server/test-utils/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ingest-server-test-utils" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/kex_rng/Cargo.toml b/fog/kex_rng/Cargo.toml index 065f73f4f5..589e022e2b 100644 --- a/fog/kex_rng/Cargo.toml +++ b/fog/kex_rng/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-kex-rng" -version = "5.2.3" +version = "6.0.0" authors = ["Mobilecoin"] edition = "2021" license = "Apache-2.0" diff --git a/fog/ledger/connection/Cargo.toml b/fog/ledger/connection/Cargo.toml index 49f613aac7..054ab41270 100644 --- a/fog/ledger/connection/Cargo.toml +++ b/fog/ledger/connection/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ledger-connection" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/ledger/enclave/Cargo.toml b/fog/ledger/enclave/Cargo.toml index f2c4640ce5..a5b61a82c9 100644 --- a/fog/ledger/enclave/Cargo.toml +++ b/fog/ledger/enclave/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ledger-enclave" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/ledger/enclave/api/Cargo.toml b/fog/ledger/enclave/api/Cargo.toml index 9870779f34..2fb152464d 100644 --- a/fog/ledger/enclave/api/Cargo.toml +++ b/fog/ledger/enclave/api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ledger-enclave-api" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = """ The ECALL API declarations and API for operating a ledger enclave. diff --git a/fog/ledger/enclave/edl/Cargo.toml b/fog/ledger/enclave/edl/Cargo.toml index 3f93bfa564..f01c58519d 100644 --- a/fog/ledger/enclave/edl/Cargo.toml +++ b/fog/ledger/enclave/edl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ledger-enclave-edl" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" links = "ledger_enclave_edl" diff --git a/fog/ledger/enclave/impl/Cargo.toml b/fog/ledger/enclave/impl/Cargo.toml index feaf011582..fca5a5b659 100644 --- a/fog/ledger/enclave/impl/Cargo.toml +++ b/fog/ledger/enclave/impl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ledger-enclave-impl" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "This crate contains the actual implementation of a ledger enclave." diff --git a/fog/ledger/enclave/measurement/Cargo.toml b/fog/ledger/enclave/measurement/Cargo.toml index bcd39688cb..4bfcb9bb95 100644 --- a/fog/ledger/enclave/measurement/Cargo.toml +++ b/fog/ledger/enclave/measurement/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ledger-enclave-measurement" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "MobileCoin Ledger Enclave - Measurement" edition = "2021" diff --git a/fog/ledger/enclave/measurement/build.rs b/fog/ledger/enclave/measurement/build.rs index 07a7ae5dec..e3a7ea2662 100644 --- a/fog/ledger/enclave/measurement/build.rs +++ b/fog/ledger/enclave/measurement/build.rs @@ -13,7 +13,7 @@ use std::{env::var, path::PathBuf}; const SGX_VERSION: &str = "2.22.100.3"; const LEDGER_ENCLAVE_PRODUCT_ID: u16 = 2; -const LEDGER_ENCLAVE_SECURITY_VERSION: u16 = 7; +const LEDGER_ENCLAVE_SECURITY_VERSION: u16 = 8; const LEDGER_ENCLAVE_NAME: &str = "ledger-enclave"; const LEDGER_ENCLAVE_DIR: &str = "../trusted"; const LEDGER_ENCLAVE_BUILD_DIR: &str = "enclave"; diff --git a/fog/ledger/enclave/trusted/Cargo.lock b/fog/ledger/enclave/trusted/Cargo.lock index 297d41172f..e26f3f7842 100644 --- a/fog/ledger/enclave/trusted/Cargo.lock +++ b/fog/ledger/enclave/trusted/Cargo.lock @@ -973,7 +973,7 @@ dependencies = [ [[package]] name = "mc-account-keys" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -997,14 +997,14 @@ dependencies = [ [[package]] name = "mc-account-keys-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-keys", ] [[package]] name = "mc-attest-ake" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "cargo-emit", @@ -1027,7 +1027,7 @@ dependencies = [ [[package]] name = "mc-attest-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "bitflags 2.4.1", @@ -1057,7 +1057,7 @@ dependencies = [ [[package]] name = "mc-attest-enclave-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-ake", @@ -1072,7 +1072,7 @@ dependencies = [ [[package]] name = "mc-attest-trusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -1083,7 +1083,7 @@ dependencies = [ [[package]] name = "mc-attest-verifier" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "cfg-if", @@ -1115,7 +1115,7 @@ dependencies = [ [[package]] name = "mc-attest-verifier-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "displaydoc", @@ -1157,7 +1157,7 @@ dependencies = [ [[package]] name = "mc-blockchain-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "hex_fmt", @@ -1180,7 +1180,7 @@ dependencies = [ [[package]] name = "mc-common" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if", "displaydoc", @@ -1201,7 +1201,7 @@ dependencies = [ [[package]] name = "mc-consensus-scp-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-common", "mc-crypto-digestible", @@ -1213,7 +1213,7 @@ dependencies = [ [[package]] name = "mc-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "ed25519-dalek", @@ -1228,7 +1228,7 @@ dependencies = [ [[package]] name = "mc-core-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "mc-crypto-keys", @@ -1238,7 +1238,7 @@ dependencies = [ [[package]] name = "mc-crypto-ake-enclave" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "digest", @@ -1260,7 +1260,7 @@ dependencies = [ [[package]] name = "mc-crypto-box" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "digest", @@ -1274,7 +1274,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if", "curve25519-dalek", @@ -1287,7 +1287,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible-derive" -version = "5.2.3" +version = "6.0.0" dependencies = [ "proc-macro2", "quote", @@ -1296,7 +1296,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible-signature" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-digestible", "signature", @@ -1304,7 +1304,7 @@ dependencies = [ [[package]] name = "mc-crypto-hashes" -version = "5.2.3" +version = "6.0.0" dependencies = [ "blake2", "digest", @@ -1313,7 +1313,7 @@ dependencies = [ [[package]] name = "mc-crypto-keys" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "curve25519-dalek", @@ -1342,7 +1342,7 @@ dependencies = [ [[package]] name = "mc-crypto-multisig" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-digestible", "mc-crypto-keys", @@ -1352,7 +1352,7 @@ dependencies = [ [[package]] name = "mc-crypto-noise" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "aes-gcm", @@ -1372,7 +1372,7 @@ dependencies = [ [[package]] name = "mc-crypto-ring-signature" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -1393,7 +1393,7 @@ dependencies = [ [[package]] name = "mc-crypto-ring-signature-signer" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -1413,7 +1413,7 @@ dependencies = [ [[package]] name = "mc-enclave-boundary" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-common", "mc-rand", @@ -1424,7 +1424,7 @@ dependencies = [ [[package]] name = "mc-fog-kex-rng" -version = "5.2.3" +version = "6.0.0" dependencies = [ "digest", "displaydoc", @@ -1439,7 +1439,7 @@ dependencies = [ [[package]] name = "mc-fog-ledger-enclave-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -1457,7 +1457,7 @@ dependencies = [ [[package]] name = "mc-fog-ledger-enclave-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-util-build-script", @@ -1465,7 +1465,7 @@ dependencies = [ [[package]] name = "mc-fog-ledger-enclave-impl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aligned-cmov", "mc-attest-core", @@ -1489,7 +1489,7 @@ dependencies = [ [[package]] name = "mc-fog-ledger-enclave-trusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "lazy_static", @@ -1520,14 +1520,14 @@ dependencies = [ [[package]] name = "mc-fog-ocall-oram-storage-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-fog-ocall-oram-storage-trusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes", "aligned-cmov", @@ -1544,14 +1544,14 @@ dependencies = [ [[package]] name = "mc-fog-sig-authority" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-keys", ] [[package]] name = "mc-fog-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "crc", "displaydoc", @@ -1629,11 +1629,11 @@ dependencies = [ [[package]] name = "mc-sgx-alloc" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-sgx-build" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cc", "lazy_static", @@ -1643,7 +1643,7 @@ dependencies = [ [[package]] name = "mc-sgx-compat" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if", "mc-sgx-alloc", @@ -1697,7 +1697,7 @@ dependencies = [ [[package]] name = "mc-sgx-css" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-sgx-core-types", @@ -1738,36 +1738,36 @@ dependencies = [ [[package]] name = "mc-sgx-debug" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-sgx-debug-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-enclave-id" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-types", ] [[package]] name = "mc-sgx-panic" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-sgx-panic-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-report-cache-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -1779,7 +1779,7 @@ dependencies = [ [[package]] name = "mc-sgx-service" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-build", "mc-sgx-types", @@ -1787,7 +1787,7 @@ dependencies = [ [[package]] name = "mc-sgx-slog" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if", "mc-common", @@ -1797,14 +1797,14 @@ dependencies = [ [[package]] name = "mc-sgx-slog-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-sync" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-panic", "mc-sgx-types", @@ -1812,7 +1812,7 @@ dependencies = [ [[package]] name = "mc-sgx-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-core-sys-types", ] @@ -1825,7 +1825,7 @@ checksum = "70a17bdd557d482382794a59232314fe9cfb7a9c4450aec867f737d815e5f5b0" [[package]] name = "mc-transaction-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes", "bulletproofs-og", @@ -1863,7 +1863,7 @@ dependencies = [ [[package]] name = "mc-transaction-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "crc", "displaydoc", @@ -1881,7 +1881,7 @@ dependencies = [ [[package]] name = "mc-util-build-script" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "displaydoc", @@ -1892,7 +1892,7 @@ dependencies = [ [[package]] name = "mc-util-build-sgx" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "cc", @@ -1903,7 +1903,7 @@ dependencies = [ [[package]] name = "mc-util-encodings" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "displaydoc", @@ -1914,14 +1914,14 @@ dependencies = [ [[package]] name = "mc-util-from-random" -version = "5.2.3" +version = "6.0.0" dependencies = [ "rand_core", ] [[package]] name = "mc-util-repr-bytes" -version = "5.2.3" +version = "6.0.0" dependencies = [ "generic-array", "hex_fmt", @@ -1931,7 +1931,7 @@ dependencies = [ [[package]] name = "mc-util-serial" -version = "5.2.3" +version = "6.0.0" dependencies = [ "prost", "serde", @@ -1940,18 +1940,18 @@ dependencies = [ [[package]] name = "mc-util-u64-ratio" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-util-zip-exact" -version = "5.2.3" +version = "6.0.0" dependencies = [ "serde", ] [[package]] name = "mc-watcher-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "serde", diff --git a/fog/ledger/enclave/trusted/Cargo.toml b/fog/ledger/enclave/trusted/Cargo.toml index a999a5e82d..deed26c0e2 100644 --- a/fog/ledger/enclave/trusted/Cargo.toml +++ b/fog/ledger/enclave/trusted/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ledger-enclave-trusted" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/ledger/server/Cargo.toml b/fog/ledger/server/Cargo.toml index f583f5c508..4ec0a859c1 100644 --- a/fog/ledger/server/Cargo.toml +++ b/fog/ledger/server/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ledger-server" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" @@ -89,6 +89,7 @@ mc-fog-ledger-test-infra = { path = "../test_infra" } mc-fog-test-infra = { path = "../../test_infra" } portpicker = "0.1.1" sha2 = "0.10" +stdext = "0.3" # third-party tempfile = "3.10" diff --git a/fog/ledger/server/tests/router_integration.rs b/fog/ledger/server/tests/router_integration.rs index a23affd539..bee1fc191f 100644 --- a/fog/ledger/server/tests/router_integration.rs +++ b/fog/ledger/server/tests/router_integration.rs @@ -4,7 +4,6 @@ use mc_account_keys::{AccountKey, PublicAddress}; use mc_api::watcher::TimestampResultCode; use mc_blockchain_types::BlockVersion; use mc_common::{ - logger, logger::{log, Logger}, time::SystemTimeProvider, }; @@ -15,7 +14,6 @@ use mc_fog_ledger_server::{ sharding_strategy::EpochShardingStrategy, KeyImageStoreServer, LedgerRouterConfig, LedgerRouterServer, LedgerStoreConfig, ShardingStrategy, }; -use mc_fog_ledger_test_infra::ShardProxyServer; use mc_fog_test_infra::get_enclave_path; use mc_fog_types::common::BlockRange; use mc_fog_uri::{FogLedgerUri, KeyImageStoreUri}; @@ -30,7 +28,7 @@ use serde::{Deserialize, Serialize}; use std::{ collections::HashMap, net::{IpAddr, Ipv4Addr, SocketAddr}, - path::{Path, PathBuf}, + path::PathBuf, str::FromStr, sync::Arc, time::Duration, @@ -38,6 +36,7 @@ use std::{ use tempfile::TempDir; use url::Url; +const POLL_INTERVAL: Duration = Duration::from_millis(10); const TEST_URL: &str = "http://www.my_url1.com"; const CHAIN_ID: &str = "local"; @@ -68,18 +67,18 @@ fn create_store_config( client_auth_token_max_lifetime: Default::default(), omap_capacity, sharding_strategy: ShardingStrategy::Epoch(EpochShardingStrategy::new(block_range)), - poll_interval: Duration::from_millis(250), + poll_interval: POLL_INTERVAL, } } fn add_block_to_ledger( - ledger_db: &mut LedgerDB, + block_provider: &mut LocalBlockProvider, recipients: &[PublicAddress], key_images: &[KeyImage], rng: &mut (impl CryptoRng + RngCore), - watcher: &WatcherDB, ) -> u64 { let amount = Amount::new(10, Mob::ID); + let ledger_db = &mut block_provider.ledger; let block_data = mc_ledger_db::test_utils::add_block_to_ledger( ledger_db, BlockVersion::MAX, @@ -92,6 +91,7 @@ fn add_block_to_ledger( let block_index = block_data.block().index; let signature = block_data.signature().expect("missing signature"); + let watcher = block_provider.watcher.as_ref().expect("missing watcher"); for src_url in watcher.get_config_urls().unwrap().iter() { watcher .add_block_signature( @@ -106,28 +106,36 @@ fn add_block_to_ledger( block_index + 1 } -fn populate_ledger(blocks_config: &BlockConfig, ledger: &mut LedgerDB, watcher: &WatcherDB) { +fn seed_block_provider(block_provider: &mut LocalBlockProvider) { let mut rng = thread_rng(); let alice = AccountKey::random_with_fog(&mut rng); let recipients = vec![alice.default_subaddress()]; // Origin block cannot have key images - add_block_to_ledger(ledger, &recipients, &[], &mut rng, watcher); + add_block_to_ledger(block_provider, &recipients, &[], &mut rng); +} + +fn populate_block_provider( + block_provider: &mut LocalBlockProvider, + blocks_config: &BlockConfig, +) { + let mut rng = thread_rng(); for block in blocks_config { let recipients: Vec<_> = block.keys().cloned().collect(); let key_images: Vec<_> = block.values().flat_map(|x| x.clone()).collect(); - add_block_to_ledger(ledger, &recipients, &key_images, &mut rng, watcher); + add_block_to_ledger(block_provider, &recipients, &key_images, &mut rng); } + + // The stores are running on separate threads. We wait twice as long as + // their POLL_INTERVAL to ensure they've had time to process the new blocks + std::thread::sleep(POLL_INTERVAL * 2); } fn create_store( test_config: &StoreConfig, - blocks_config: &BlockConfig, - block_range: BlockRange, - watcher_db_path: &Path, - ledger_db_path: &Path, + block_provider: Box>, logger: Logger, ) -> KeyImageStoreServer { let uri = KeyImageStoreUri::from_str(&format!( @@ -135,11 +143,7 @@ fn create_store( test_config.address )) .unwrap(); - let block_range = test_config - .block_range - .as_ref() - .unwrap_or(&block_range) - .clone(); + let block_range = test_config.block_range.clone(); let config = create_store_config(&uri, block_range.clone(), test_config.omap_capacity); let enclave = LedgerSgxEnclave::new( get_enclave_path(mc_fog_ledger_enclave::ENCLAVE_FILE), @@ -148,15 +152,10 @@ fn create_store( logger.clone(), ); - let mut ledger = recreate_ledger_db(ledger_db_path); - let watcher = setup_watcher_db(watcher_db_path.to_path_buf(), logger.clone()); - - populate_ledger(blocks_config, &mut ledger, &watcher); - let mut store = KeyImageStoreServer::new_from_config( config, enclave, - LocalBlockProvider::new(ledger, watcher), + block_provider, EpochShardingStrategy::new(block_range), SystemTimeProvider, logger, @@ -166,22 +165,9 @@ fn create_store( store } -fn create_shard(config: &ShardConfig, _logger: Logger) -> ShardProxyServer { - ShardProxyServer::new( - &config.address, - config - .stores - .iter() - .map(|x| x.address.to_string()) - .collect(), - ) -} - fn create_router( test_config: &TestEnvironmentConfig, - blocks_config: &BlockConfig, - watcher_db_path: &Path, - ledger_db_path: &Path, + block_provider: Box>, logger: Logger, ) -> LedgerRouterServer { let uri = FogLedgerUri::from_str(&format!( @@ -195,18 +181,13 @@ fn create_router( )) .unwrap(); - let mut ledger = recreate_ledger_db(ledger_db_path); - let watcher = setup_watcher_db(watcher_db_path.to_path_buf(), logger.clone()); - - populate_ledger(blocks_config, &mut ledger, &watcher); - let config = LedgerRouterConfig { chain_id: "local".to_string(), - ledger_db: Some(ledger_db_path.to_path_buf()), - watcher_db: Some(watcher_db_path.to_path_buf()), + ledger_db: None, + watcher_db: None, mobilecoind_uri: None, shard_uris: test_config - .shards + .stores .iter() .map(|x| { KeyImageStoreUri::from_str(&format!("insecure-key-image-store://{}", x.address)) @@ -230,12 +211,7 @@ fn create_router( logger.clone(), ); - let mut router = LedgerRouterServer::new( - config, - enclave, - LocalBlockProvider::new(ledger, watcher), - logger, - ); + let mut router = LedgerRouterServer::new(config, enclave, block_provider, logger); router.start(); router } @@ -254,74 +230,44 @@ fn create_router_client( fn create_env( config: TestEnvironmentConfig, - blocks_config: BlockConfig, grpc_env: Arc, logger: Logger, ) -> TestEnvironment { - let mut shards = vec![]; - let mut stores = vec![]; - let mut tempdirs = vec![]; - for shard in config.shards.iter() { - for store in shard.stores.iter() { - let watcher_db_dir = - TempDir::new().expect("Couldn't create temporary path for watcher DB"); - let ledger_db_dir = - TempDir::new().expect("Couldn't create temporary path for ledger DB"); - stores.push(create_store( - store, - &blocks_config, - shard.block_range.clone(), - watcher_db_dir.path(), - ledger_db_dir.path(), - logger.clone(), - )); - tempdirs.push(watcher_db_dir); - tempdirs.push(ledger_db_dir); - } + let watcher_db_dir = TempDir::new().expect("Couldn't create temporary path for watcher DB"); + let ledger_db_dir = TempDir::new().expect("Couldn't create temporary path for ledger DB"); + let ledger = recreate_ledger_db(ledger_db_dir.path()); + let watcher = setup_watcher_db(watcher_db_dir.path().to_path_buf(), logger.clone()); + let mut block_provider = LocalBlockProvider::new(ledger, watcher); + seed_block_provider(&mut block_provider); - shards.push(create_shard(shard, logger.clone())); + let mut stores = vec![]; + for store in config.stores.iter() { + stores.push(create_store(store, block_provider.clone(), logger.clone())); } - let watcher_db_dir = TempDir::new().expect("Couldn't create temporary path for watcher DB"); - let ledger_db_dir = TempDir::new().expect("Couldn't create temporary path for ledger DB"); - let router = create_router( - &config, - &blocks_config, - watcher_db_dir.path(), - ledger_db_dir.path(), - logger.clone(), - ); - tempdirs.push(watcher_db_dir); - tempdirs.push(ledger_db_dir); + let router = create_router(&config, block_provider.clone(), logger.clone()); let router_client = create_router_client(&config, grpc_env, logger); TestEnvironment { stores, - shards, _router: router, router_client, - _tempdirs: tempdirs, + block_provider, + _tempdirs: vec![watcher_db_dir, ledger_db_dir], } } struct TestEnvironment { router_client: LedgerGrpcClient, _router: LedgerRouterServer, - shards: Vec, stores: Vec>, + block_provider: Box>, _tempdirs: Vec, } impl Drop for TestEnvironment { fn drop(&mut self) { - for shard in &mut self.shards { - tokio::task::block_in_place(move || { - tokio::runtime::Handle::current().block_on(async move { - shard.stop().await; - }) - }); - } for store in &mut self.stores { store.stop(); } @@ -332,20 +278,13 @@ impl Drop for TestEnvironment { struct TestEnvironmentConfig { router_address: SocketAddr, router_admin_address: SocketAddr, - shards: Vec, -} - -#[derive(Serialize, Deserialize)] -struct ShardConfig { - address: SocketAddr, - block_range: BlockRange, stores: Vec, } #[derive(Serialize, Deserialize)] struct StoreConfig { address: SocketAddr, - block_range: Option, + block_range: BlockRange, omap_capacity: u64, } @@ -358,45 +297,35 @@ fn free_sockaddr() -> SocketAddr { #[tokio::test(flavor = "multi_thread")] async fn smoke_test() { - let logger = logger::create_test_logger("smoke_test".to_string()); + let logger = mc_common::logger::create_test_logger(stdext::function_name!().to_string()); log::info!(logger, "test"); - // Three shards, three stores each, correct config, each stores three blocks, + // Three stores, correct config, each stores three blocks, // each has three users with three keys each - let num_shards = 3; - let stores_per_shard = 3; - let blocks_per_shard = 3; + let num_stores = 3; + let blocks_per_store = 3; let mut rng = RngType::from_seed([0u8; 32]); - let mut shards_config = vec![]; - for i in 0..num_shards { - let mut stores_config = vec![]; - for _ in 0..stores_per_shard { - let store = StoreConfig { - address: free_sockaddr(), - block_range: None, - omap_capacity: 1000, - }; - stores_config.push(store); - } - let shard = ShardConfig { + let mut stores_config = vec![]; + for i in 0..num_stores { + let store = StoreConfig { address: free_sockaddr(), // the 1-block offset is because block 0 cannot contain key images - block_range: BlockRange::new_from_length((i * blocks_per_shard) + 1, blocks_per_shard), - stores: stores_config, + block_range: BlockRange::new_from_length((i * blocks_per_store) + 1, blocks_per_store), + omap_capacity: 1000, }; - shards_config.push(shard); + stores_config.push(store); } let config = TestEnvironmentConfig { router_address: free_sockaddr(), router_admin_address: free_sockaddr(), - shards: shards_config, + stores: stores_config, }; let mut blocks_config = vec![]; let mut key_index = 0; - let num_blocks = blocks_per_shard * num_shards; + let blocks_to_add = blocks_per_store * num_stores; let users_per_block = 3; let keys_per_user = 3; - for _ in 0..num_blocks { + for _ in 0..blocks_to_add { let mut block = HashMap::new(); for _ in 0..users_per_block { let account = AccountKey::random_with_fog(&mut rng); @@ -412,9 +341,11 @@ async fn smoke_test() { let grpc_env = Arc::new(grpcio::EnvBuilder::new().build()); - let mut test_environment = create_env(config, blocks_config, grpc_env, logger.clone()); + let mut test_environment = create_env(config, grpc_env, logger.clone()); + populate_block_provider(&mut test_environment.block_provider, &blocks_config); - // Check that we can get all the key images from each shard + let new_transactions = users_per_block * blocks_to_add; + // Check that we can get all the key images from each store let keys_per_block = users_per_block * keys_per_user; for i in 0..key_index { let key = KeyImage::from(i); @@ -433,6 +364,13 @@ async fn smoke_test() { response.results[0].timestamp_result_code, TimestampResultCode::TimestampFound as u32 ); + // The genesis block will add 1 to the total number of blocks, it has + // one transaction which will also add 1 to the total number of + // transactions + assert_eq!(response.num_blocks, blocks_to_add + 1); + assert_eq!(response.global_txo_count, new_transactions + 1); + assert_eq!(response.latest_block_version, *BlockVersion::MAX); + assert_eq!(response.max_block_version, *BlockVersion::MAX); } // Grab them all at once @@ -455,6 +393,10 @@ async fn smoke_test() { TimestampResultCode::TimestampFound as u32 ); } + assert_eq!(response.num_blocks, blocks_to_add + 1); + assert_eq!(response.global_txo_count, new_transactions + 1); + assert_eq!(response.latest_block_version, *BlockVersion::MAX); + assert_eq!(response.max_block_version, *BlockVersion::MAX); // Check that an unspent key image is unspent let key = KeyImage::from(126u64); @@ -470,49 +412,43 @@ async fn smoke_test() { response.results[0].timestamp_result_code, TimestampResultCode::TimestampFound as u32 ); + assert_eq!(response.num_blocks, blocks_to_add + 1); + assert_eq!(response.global_txo_count, new_transactions + 1); + assert_eq!(response.latest_block_version, *BlockVersion::MAX); + assert_eq!(response.max_block_version, *BlockVersion::MAX); } #[tokio::test(flavor = "multi_thread")] async fn overlapping_stores() { - let logger = logger::create_test_logger("overlapping_stores".to_string()); + let logger = mc_common::logger::create_test_logger(stdext::function_name!().to_string()); log::info!(logger, "test"); - // Three shards, three stores each, correct config, each stores three blocks, + // Three stores, correct config, each stores three blocks, // each has three users with three keys each - but the blocks overlap (so // total of 5 blocks) - let num_shards = 3; - let stores_per_shard = 3; - let blocks_per_shard = 3; + let num_stores = 3; + let blocks_per_store = 3; let mut rng = RngType::from_seed([0u8; 32]); - let mut shards_config = vec![]; - for i in 0..num_shards { - let mut stores_config = vec![]; - for _ in 0..stores_per_shard { - let store = StoreConfig { - address: free_sockaddr(), - block_range: None, - omap_capacity: 1000, - }; - stores_config.push(store); - } - let shard = ShardConfig { + let mut stores_config = vec![]; + for i in 0..num_stores { + let store = StoreConfig { address: free_sockaddr(), - block_range: BlockRange::new_from_length(i + 1, blocks_per_shard), - stores: stores_config, + block_range: BlockRange::new_from_length(i + 1, blocks_per_store), + omap_capacity: 1000, }; - shards_config.push(shard); + stores_config.push(store); } let config = TestEnvironmentConfig { router_address: free_sockaddr(), router_admin_address: free_sockaddr(), - shards: shards_config, + stores: stores_config, }; let mut blocks_config = vec![]; let mut key_index = 0; - let num_blocks = 5; + let blocks_to_add = 5; let users_per_block = 3; let keys_per_user = 3; - for _ in 0..num_blocks { + for _ in 0..blocks_to_add { let mut block = HashMap::new(); for _ in 0..users_per_block { let account = AccountKey::random_with_fog(&mut rng); @@ -528,9 +464,12 @@ async fn overlapping_stores() { let grpc_env = Arc::new(grpcio::EnvBuilder::new().build()); - let mut test_environment = create_env(config, blocks_config, grpc_env, logger.clone()); + let mut test_environment = create_env(config, grpc_env, logger.clone()); + populate_block_provider(&mut test_environment.block_provider, &blocks_config); + + let new_transactions = users_per_block * blocks_to_add; - // Check that we can get all the key images from each shard + // Check that we can get all the key images from each store let keys_per_block = users_per_block * keys_per_user; for i in 0..key_index { let key = KeyImage::from(i); @@ -549,6 +488,10 @@ async fn overlapping_stores() { response.results[0].timestamp_result_code, TimestampResultCode::TimestampFound as u32 ); + assert_eq!(response.num_blocks, blocks_to_add + 1); + assert_eq!(response.global_txo_count, new_transactions + 1); + assert_eq!(response.latest_block_version, *BlockVersion::MAX); + assert_eq!(response.max_block_version, *BlockVersion::MAX); } // Grab them all at once @@ -571,6 +514,10 @@ async fn overlapping_stores() { TimestampResultCode::TimestampFound as u32 ); } + assert_eq!(response.num_blocks, blocks_to_add + 1); + assert_eq!(response.global_txo_count, new_transactions + 1); + assert_eq!(response.latest_block_version, *BlockVersion::MAX); + assert_eq!(response.max_block_version, *BlockVersion::MAX); // Check that an unspent key image is unspent let key = KeyImage::from(126u64); @@ -586,4 +533,8 @@ async fn overlapping_stores() { response.results[0].timestamp_result_code, TimestampResultCode::TimestampFound as u32 ); + assert_eq!(response.num_blocks, blocks_to_add + 1); + assert_eq!(response.global_txo_count, new_transactions + 1); + assert_eq!(response.latest_block_version, *BlockVersion::MAX); + assert_eq!(response.max_block_version, *BlockVersion::MAX); } diff --git a/fog/ledger/test_infra/Cargo.toml b/fog/ledger/test_infra/Cargo.toml index 2d9d12c753..f052744b54 100644 --- a/fog/ledger/test_infra/Cargo.toml +++ b/fog/ledger/test_infra/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ledger-test-infra" -version = "5.2.3" +version = "6.0.0" authors = ["Mobilecoin"] edition = "2021" license = "GPL-3.0" @@ -23,10 +23,3 @@ mc-transaction-core = { path = "../../../transaction/core" } mc-fog-ledger-enclave = { path = "../enclave" } mc-fog-ledger-enclave-api = { path = "../enclave/api" } mc-fog-types = { path = "../../types" } - -# third party -http = "0.2" -hyper = { version = "0.14", features = ["full"] } -rand = "0.8" -tokio = { version = "1", features = ["full"] } - diff --git a/fog/ledger/test_infra/src/lib.rs b/fog/ledger/test_infra/src/lib.rs index 49be297bda..9b8deb062f 100644 --- a/fog/ledger/test_infra/src/lib.rs +++ b/fog/ledger/test_infra/src/lib.rs @@ -2,12 +2,6 @@ //! Functionality for mocking and testing components in the ledger server -use http::Uri; -use hyper::{ - client::HttpConnector, - service::{make_service_fn, service_fn}, - Body, Client, Request, Response, Server, -}; use mc_attest_core::{DcapEvidence, EnclaveReportDataContents, Report, TargetInfo}; use mc_attest_enclave_api::{ ClientAuthRequest, ClientAuthResponse, ClientSession, EnclaveMessage, NonceAuthRequest, @@ -31,9 +25,6 @@ use mc_transaction_core::{ tx::{TxOut, TxOutMembershipElement, TxOutMembershipProof}, TokenId, }; -use rand::seq::SliceRandom; -use std::{net::SocketAddr, sync::Arc}; -use tokio::{sync::oneshot, task::JoinHandle}; #[derive(Default, Clone)] pub struct MockEnclave {} @@ -316,70 +307,3 @@ impl Ledger for MockLedger { unimplemented!() } } - -pub struct ShardProxyServer { - server_handle: Option>>, - stop_channel: Option>, -} - -impl ShardProxyServer { - async fn route( - request: Request, - client: Arc>, - endpoints: Arc>, - ) -> Result, hyper::Error> { - let endpoint = { - let mut rng = rand::thread_rng(); - endpoints.choose(&mut rng).unwrap() - }; - let (mut parts, body) = request.into_parts(); - - let mut uri_parts = parts.uri.clone().into_parts(); - uri_parts.authority = Some(endpoint.parse().unwrap()); - uri_parts.scheme = Some("http".parse().unwrap()); - parts.uri = Uri::from_parts(uri_parts).unwrap(); - - let request = Request::from_parts(parts, body); - client.request(request).await - } - - async fn shutdown(channel: oneshot::Receiver<()>) { - channel.await.unwrap_or(()); - } - - pub fn new(address: &SocketAddr, endpoints: Vec) -> Self { - let client = Arc::new(Client::builder().http2_only(true).build_http()); - let endpoints = Arc::new(endpoints); - let (tx, rx) = oneshot::channel::<()>(); - - let make_service = make_service_fn(move |_| { - let client = client.clone(); - let endpoints = endpoints.clone(); - - async move { - Ok::<_, hyper::Error>(service_fn(move |req| { - Self::route(req, client.clone(), endpoints.clone()) - })) - } - }); - - let server = Server::bind(address).serve(make_service); - let graceful = server.with_graceful_shutdown(Self::shutdown(rx)); - - let server_handle = tokio::spawn(graceful); - - Self { - server_handle: Some(server_handle), - stop_channel: Some(tx), - } - } - - pub async fn stop(&mut self) { - if let Some(stop_channel) = self.stop_channel.take() { - let _ = stop_channel.send(()); - } - if let Some(server_handle) = self.server_handle.take() { - let _ = server_handle.await; - } - } -} diff --git a/fog/load_testing/Cargo.toml b/fog/load_testing/Cargo.toml index fe6ee9a221..926cc095d5 100644 --- a/fog/load_testing/Cargo.toml +++ b/fog/load_testing/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-load-testing" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/ocall_oram_storage/edl/Cargo.toml b/fog/ocall_oram_storage/edl/Cargo.toml index f901ba2f32..508e2be8d2 100644 --- a/fog/ocall_oram_storage/edl/Cargo.toml +++ b/fog/ocall_oram_storage/edl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ocall-oram-storage-edl" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" links = "fog_ocall_oram_storage_edl" diff --git a/fog/ocall_oram_storage/testing/Cargo.toml b/fog/ocall_oram_storage/testing/Cargo.toml index 4eb9a582f2..1c42760581 100644 --- a/fog/ocall_oram_storage/testing/Cargo.toml +++ b/fog/ocall_oram_storage/testing/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ocall-oram-storage-testing" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/ocall_oram_storage/trusted/Cargo.toml b/fog/ocall_oram_storage/trusted/Cargo.toml index f16a91bffb..35dd538aef 100644 --- a/fog/ocall_oram_storage/trusted/Cargo.toml +++ b/fog/ocall_oram_storage/trusted/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ocall-oram-storage-trusted" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/ocall_oram_storage/untrusted/Cargo.toml b/fog/ocall_oram_storage/untrusted/Cargo.toml index 80ca5346e4..4300245a18 100644 --- a/fog/ocall_oram_storage/untrusted/Cargo.toml +++ b/fog/ocall_oram_storage/untrusted/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-ocall-oram-storage-untrusted" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/overseer/server/Cargo.toml b/fog/overseer/server/Cargo.toml index 96d87c2eaf..e7d716435d 100644 --- a/fog/overseer/server/Cargo.toml +++ b/fog/overseer/server/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-overseer-server" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/recovery_db_iface/Cargo.toml b/fog/recovery_db_iface/Cargo.toml index 561ba6be73..7eee902ac3 100644 --- a/fog/recovery_db_iface/Cargo.toml +++ b/fog/recovery_db_iface/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-recovery-db-iface" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/report/api/Cargo.toml b/fog/report/api/Cargo.toml index f4ca9883a8..3c42dc8153 100644 --- a/fog/report/api/Cargo.toml +++ b/fog/report/api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-report-api" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" links = "mc-fog-report-api" diff --git a/fog/report/api/test-utils/Cargo.toml b/fog/report/api/test-utils/Cargo.toml index 2a7af3f0cd..9174943578 100644 --- a/fog/report/api/test-utils/Cargo.toml +++ b/fog/report/api/test-utils/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-report-api-test-utils" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/report/cli/Cargo.toml b/fog/report/cli/Cargo.toml index 56a11f8985..e5dd0cdbf0 100644 --- a/fog/report/cli/Cargo.toml +++ b/fog/report/cli/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-report-cli" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/report/connection/Cargo.toml b/fog/report/connection/Cargo.toml index d1a8de01fb..536afcdf9f 100644 --- a/fog/report/connection/Cargo.toml +++ b/fog/report/connection/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-report-connection" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/report/resolver/Cargo.toml b/fog/report/resolver/Cargo.toml index e7df91ca9f..ba3ea19d51 100644 --- a/fog/report/resolver/Cargo.toml +++ b/fog/report/resolver/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-report-resolver" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/fog/report/server/Cargo.toml b/fog/report/server/Cargo.toml index b753fb8bc8..e8617f13d1 100644 --- a/fog/report/server/Cargo.toml +++ b/fog/report/server/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-report-server" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/report/types/Cargo.toml b/fog/report/types/Cargo.toml index 50245f8fd2..2b53576d45 100644 --- a/fog/report/types/Cargo.toml +++ b/fog/report/types/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-report-types" -version = "5.2.3" +version = "6.0.0" authors = ["Mobilecoin"] edition = "2021" license = "Apache-2.0" diff --git a/fog/report/validation/Cargo.toml b/fog/report/validation/Cargo.toml index 0f9409756f..77f2a1e1f7 100644 --- a/fog/report/validation/Cargo.toml +++ b/fog/report/validation/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-report-validation" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/fog/report/validation/test-utils/Cargo.toml b/fog/report/validation/test-utils/Cargo.toml index 948facd86c..353cba3ccb 100644 --- a/fog/report/validation/test-utils/Cargo.toml +++ b/fog/report/validation/test-utils/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-report-validation-test-utils" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/sample-paykit/Cargo.toml b/fog/sample-paykit/Cargo.toml index 2c273399a5..b5d2d9341f 100644 --- a/fog/sample-paykit/Cargo.toml +++ b/fog/sample-paykit/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-sample-paykit" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/fog/sig/Cargo.toml b/fog/sig/Cargo.toml index 897083034f..d310636f46 100644 --- a/fog/sig/Cargo.toml +++ b/fog/sig/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-sig" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "Verify Fog Signatures" diff --git a/fog/sig/authority/Cargo.toml b/fog/sig/authority/Cargo.toml index 32ffe42fcb..164fdcb4d2 100644 --- a/fog/sig/authority/Cargo.toml +++ b/fog/sig/authority/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-sig-authority" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "Create and verify fog authority signatures" edition = "2021" diff --git a/fog/sig/report/Cargo.toml b/fog/sig/report/Cargo.toml index e29b6a0176..02a0be063a 100644 --- a/fog/sig/report/Cargo.toml +++ b/fog/sig/report/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-sig-report" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "Create and verify fog report signatures" edition = "2021" diff --git a/fog/sql_recovery_db/Cargo.toml b/fog/sql_recovery_db/Cargo.toml index 145b6d6b2c..7f44b1d8a1 100644 --- a/fog/sql_recovery_db/Cargo.toml +++ b/fog/sql_recovery_db/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-sql-recovery-db" -version = "5.2.3" +version = "6.0.0" authors = ["Mobilecoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/sql_recovery_db/cleanup/Cargo.toml b/fog/sql_recovery_db/cleanup/Cargo.toml index c9d8836214..cc6cee8061 100644 --- a/fog/sql_recovery_db/cleanup/Cargo.toml +++ b/fog/sql_recovery_db/cleanup/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-sql-recovery-db-cleanup" -version = "5.2.3" +version = "6.0.0" authors = ["Mobilecoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/test-client/Cargo.toml b/fog/test-client/Cargo.toml index e4e2bfb434..c5bc351fe4 100644 --- a/fog/test-client/Cargo.toml +++ b/fog/test-client/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-test-client" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/test_infra/Cargo.toml b/fog/test_infra/Cargo.toml index d5b954e7e3..b6bd4d898b 100644 --- a/fog/test_infra/Cargo.toml +++ b/fog/test_infra/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-test-infra" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/types/Cargo.toml b/fog/types/Cargo.toml index c8111be7cc..6c900b99ea 100644 --- a/fog/types/Cargo.toml +++ b/fog/types/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-types" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/uri/Cargo.toml b/fog/uri/Cargo.toml index a9ab199790..cdd2e6943c 100644 --- a/fog/uri/Cargo.toml +++ b/fog/uri/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-uri" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/view/connection/Cargo.toml b/fog/view/connection/Cargo.toml index faaa84e663..c73af74158 100644 --- a/fog/view/connection/Cargo.toml +++ b/fog/view/connection/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-view-connection" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/view/enclave/Cargo.toml b/fog/view/enclave/Cargo.toml index 8fb0dc09b3..e7ec496bde 100644 --- a/fog/view/enclave/Cargo.toml +++ b/fog/view/enclave/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-view-enclave" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/view/enclave/api/Cargo.toml b/fog/view/enclave/api/Cargo.toml index 21e7c7643b..32ac675c14 100644 --- a/fog/view/enclave/api/Cargo.toml +++ b/fog/view/enclave/api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-view-enclave-api" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/view/enclave/edl/Cargo.toml b/fog/view/enclave/edl/Cargo.toml index f18270c14c..a6de4e8f6a 100644 --- a/fog/view/enclave/edl/Cargo.toml +++ b/fog/view/enclave/edl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-view-enclave-edl" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" links = "view_enclave_edl" diff --git a/fog/view/enclave/impl/Cargo.toml b/fog/view/enclave/impl/Cargo.toml index bc86958343..c2da0d48fd 100644 --- a/fog/view/enclave/impl/Cargo.toml +++ b/fog/view/enclave/impl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-view-enclave-impl" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/view/enclave/measurement/Cargo.toml b/fog/view/enclave/measurement/Cargo.toml index f2f9776dfc..bbba416b8d 100644 --- a/fog/view/enclave/measurement/Cargo.toml +++ b/fog/view/enclave/measurement/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-view-enclave-measurement" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "MobileCoin Fog View Enclave - Application Code" edition = "2021" diff --git a/fog/view/enclave/measurement/build.rs b/fog/view/enclave/measurement/build.rs index 6899846308..a473b0a942 100644 --- a/fog/view/enclave/measurement/build.rs +++ b/fog/view/enclave/measurement/build.rs @@ -13,7 +13,7 @@ use std::{env::var, path::PathBuf}; const SGX_VERSION: &str = "2.22.100.3"; const VIEW_ENCLAVE_PRODUCT_ID: u16 = 3; -const VIEW_ENCLAVE_SECURITY_VERSION: u16 = 7; +const VIEW_ENCLAVE_SECURITY_VERSION: u16 = 8; const VIEW_ENCLAVE_NAME: &str = "view-enclave"; const VIEW_ENCLAVE_DIR: &str = "../trusted"; const VIEW_ENCLAVE_BUILD_DIR: &str = "enclave"; diff --git a/fog/view/enclave/trusted/Cargo.lock b/fog/view/enclave/trusted/Cargo.lock index 409615e3d7..a02677c9f4 100644 --- a/fog/view/enclave/trusted/Cargo.lock +++ b/fog/view/enclave/trusted/Cargo.lock @@ -979,7 +979,7 @@ dependencies = [ [[package]] name = "mc-account-keys" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -1003,14 +1003,14 @@ dependencies = [ [[package]] name = "mc-account-keys-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-keys", ] [[package]] name = "mc-attest-ake" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "cargo-emit", @@ -1033,7 +1033,7 @@ dependencies = [ [[package]] name = "mc-attest-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "bitflags 2.4.1", @@ -1063,7 +1063,7 @@ dependencies = [ [[package]] name = "mc-attest-enclave-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-ake", @@ -1078,7 +1078,7 @@ dependencies = [ [[package]] name = "mc-attest-trusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -1089,7 +1089,7 @@ dependencies = [ [[package]] name = "mc-attest-verifier" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "cfg-if 1.0.0", @@ -1121,7 +1121,7 @@ dependencies = [ [[package]] name = "mc-attest-verifier-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "displaydoc", @@ -1163,7 +1163,7 @@ dependencies = [ [[package]] name = "mc-blockchain-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "hex_fmt", @@ -1186,7 +1186,7 @@ dependencies = [ [[package]] name = "mc-common" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "displaydoc", @@ -1207,7 +1207,7 @@ dependencies = [ [[package]] name = "mc-consensus-scp-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-common", "mc-crypto-digestible", @@ -1219,7 +1219,7 @@ dependencies = [ [[package]] name = "mc-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "ed25519-dalek", @@ -1234,7 +1234,7 @@ dependencies = [ [[package]] name = "mc-core-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "mc-crypto-keys", @@ -1244,7 +1244,7 @@ dependencies = [ [[package]] name = "mc-crypto-ake-enclave" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes-gcm", "digest", @@ -1266,7 +1266,7 @@ dependencies = [ [[package]] name = "mc-crypto-box" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "digest", @@ -1280,7 +1280,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "curve25519-dalek", @@ -1293,7 +1293,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible-derive" -version = "5.2.3" +version = "6.0.0" dependencies = [ "proc-macro2", "quote", @@ -1302,7 +1302,7 @@ dependencies = [ [[package]] name = "mc-crypto-digestible-signature" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-digestible", "signature", @@ -1310,7 +1310,7 @@ dependencies = [ [[package]] name = "mc-crypto-hashes" -version = "5.2.3" +version = "6.0.0" dependencies = [ "blake2", "digest", @@ -1319,7 +1319,7 @@ dependencies = [ [[package]] name = "mc-crypto-keys" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "curve25519-dalek", @@ -1348,7 +1348,7 @@ dependencies = [ [[package]] name = "mc-crypto-multisig" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-digestible", "mc-crypto-keys", @@ -1358,7 +1358,7 @@ dependencies = [ [[package]] name = "mc-crypto-noise" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aead", "aes-gcm", @@ -1378,7 +1378,7 @@ dependencies = [ [[package]] name = "mc-crypto-ring-signature" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -1399,7 +1399,7 @@ dependencies = [ [[package]] name = "mc-crypto-ring-signature-signer" -version = "5.2.3" +version = "6.0.0" dependencies = [ "curve25519-dalek", "displaydoc", @@ -1419,7 +1419,7 @@ dependencies = [ [[package]] name = "mc-enclave-boundary" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-common", "mc-rand", @@ -1430,7 +1430,7 @@ dependencies = [ [[package]] name = "mc-fog-kex-rng" -version = "5.2.3" +version = "6.0.0" dependencies = [ "digest", "displaydoc", @@ -1445,14 +1445,14 @@ dependencies = [ [[package]] name = "mc-fog-ocall-oram-storage-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-fog-ocall-oram-storage-trusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes", "aligned-cmov", @@ -1469,7 +1469,7 @@ dependencies = [ [[package]] name = "mc-fog-recovery-db-iface" -version = "5.2.3" +version = "6.0.0" dependencies = [ "chrono", "displaydoc", @@ -1485,7 +1485,7 @@ dependencies = [ [[package]] name = "mc-fog-report-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-attest-verifier-types", "mc-crypto-digestible", @@ -1495,14 +1495,14 @@ dependencies = [ [[package]] name = "mc-fog-sig-authority" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-crypto-keys", ] [[package]] name = "mc-fog-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "crc", "displaydoc", @@ -1517,7 +1517,7 @@ dependencies = [ [[package]] name = "mc-fog-view-enclave-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -1536,7 +1536,7 @@ dependencies = [ [[package]] name = "mc-fog-view-enclave-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-util-build-script", @@ -1544,7 +1544,7 @@ dependencies = [ [[package]] name = "mc-fog-view-enclave-impl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aligned-cmov", "mc-attest-core", @@ -1567,7 +1567,7 @@ dependencies = [ [[package]] name = "mc-fog-view-enclave-trusted" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "lazy_static", @@ -1667,11 +1667,11 @@ dependencies = [ [[package]] name = "mc-sgx-alloc" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-sgx-build" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cc", "lazy_static", @@ -1681,7 +1681,7 @@ dependencies = [ [[package]] name = "mc-sgx-compat" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "mc-sgx-alloc", @@ -1694,7 +1694,7 @@ dependencies = [ [[package]] name = "mc-sgx-compat-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "mc-sgx-debug-edl", @@ -1744,7 +1744,7 @@ dependencies = [ [[package]] name = "mc-sgx-css" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-sgx-core-types", @@ -1785,36 +1785,36 @@ dependencies = [ [[package]] name = "mc-sgx-debug" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-sgx-debug-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-enclave-id" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-types", ] [[package]] name = "mc-sgx-panic" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-sgx-panic-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-report-cache-api" -version = "5.2.3" +version = "6.0.0" dependencies = [ "displaydoc", "mc-attest-core", @@ -1826,7 +1826,7 @@ dependencies = [ [[package]] name = "mc-sgx-service" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-build", "mc-sgx-types", @@ -1834,7 +1834,7 @@ dependencies = [ [[package]] name = "mc-sgx-slog" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cfg-if 1.0.0", "mc-common", @@ -1844,14 +1844,14 @@ dependencies = [ [[package]] name = "mc-sgx-slog-edl" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", ] [[package]] name = "mc-sgx-sync" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-panic", "mc-sgx-types", @@ -1859,7 +1859,7 @@ dependencies = [ [[package]] name = "mc-sgx-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "mc-sgx-core-sys-types", ] @@ -1872,7 +1872,7 @@ checksum = "70a17bdd557d482382794a59232314fe9cfb7a9c4450aec867f737d815e5f5b0" [[package]] name = "mc-transaction-core" -version = "5.2.3" +version = "6.0.0" dependencies = [ "aes", "bulletproofs-og", @@ -1910,7 +1910,7 @@ dependencies = [ [[package]] name = "mc-transaction-types" -version = "5.2.3" +version = "6.0.0" dependencies = [ "crc", "displaydoc", @@ -1928,7 +1928,7 @@ dependencies = [ [[package]] name = "mc-util-build-script" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "displaydoc", @@ -1939,7 +1939,7 @@ dependencies = [ [[package]] name = "mc-util-build-sgx" -version = "5.2.3" +version = "6.0.0" dependencies = [ "cargo-emit", "cc", @@ -1950,7 +1950,7 @@ dependencies = [ [[package]] name = "mc-util-encodings" -version = "5.2.3" +version = "6.0.0" dependencies = [ "base64", "displaydoc", @@ -1961,14 +1961,14 @@ dependencies = [ [[package]] name = "mc-util-from-random" -version = "5.2.3" +version = "6.0.0" dependencies = [ "rand_core", ] [[package]] name = "mc-util-repr-bytes" -version = "5.2.3" +version = "6.0.0" dependencies = [ "generic-array", "hex_fmt", @@ -1978,7 +1978,7 @@ dependencies = [ [[package]] name = "mc-util-serial" -version = "5.2.3" +version = "6.0.0" dependencies = [ "prost", "serde", @@ -1987,11 +1987,11 @@ dependencies = [ [[package]] name = "mc-util-u64-ratio" -version = "5.2.3" +version = "6.0.0" [[package]] name = "mc-util-zip-exact" -version = "5.2.3" +version = "6.0.0" dependencies = [ "serde", ] diff --git a/fog/view/enclave/trusted/Cargo.toml b/fog/view/enclave/trusted/Cargo.toml index aa289bf96d..1b8b8d0e5b 100644 --- a/fog/view/enclave/trusted/Cargo.toml +++ b/fog/view/enclave/trusted/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-view-enclave-trusted" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "The MobileCoin Fog user-facing server's enclave entry point." edition = "2021" diff --git a/fog/view/load-test/Cargo.toml b/fog/view/load-test/Cargo.toml index edd4c0f4df..c96d257a43 100644 --- a/fog/view/load-test/Cargo.toml +++ b/fog/view/load-test/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-view-load-test" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/view/protocol/Cargo.toml b/fog/view/protocol/Cargo.toml index cfa4a3bf07..318a3cd5ca 100644 --- a/fog/view/protocol/Cargo.toml +++ b/fog/view/protocol/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-view-protocol" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/fog/view/server/Cargo.toml b/fog/view/server/Cargo.toml index 90a21c657a..530e5f81b1 100644 --- a/fog/view/server/Cargo.toml +++ b/fog/view/server/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-view-server" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/fog/view/server/test-utils/Cargo.toml b/fog/view/server/test-utils/Cargo.toml index 76f1ba9201..bfac22ce03 100644 --- a/fog/view/server/test-utils/Cargo.toml +++ b/fog/view/server/test-utils/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-fog-view-server-test-utils" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/go-grpc-gateway/testing/Cargo.toml b/go-grpc-gateway/testing/Cargo.toml index c4b73fb287..47d1bcff6f 100644 --- a/go-grpc-gateway/testing/Cargo.toml +++ b/go-grpc-gateway/testing/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "go-grpc-gateway-testing" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/jenkins/Jenkinsfile b/jenkins/Jenkinsfile deleted file mode 100644 index ae62de0a90..0000000000 --- a/jenkins/Jenkinsfile +++ /dev/null @@ -1,249 +0,0 @@ -def COLOR_MAP = ['SUCCESS': 'good', 'FAILURE': 'danger', 'UNSTABLE': 'danger', 'ABORTED': 'danger'] - -pipeline { - options { - parallelsAlwaysFailFast() - } - agent { - kubernetes { - slaveConnectTimeout 240000 - activeDeadlineSeconds 43200 - yamlFile 'jenkins/build-pod.yaml' - } - } - stages { - stage('Source and Environment Setup') { - steps { - script { - // SGX Compile mode - env.SGX_MODE = "HW" - - // Network name, results in node names like nodeX.$NETWORK.mobilecoin.com - env.NETWORK = "cd" - - // Owner of the Docker repos for pushing container images - env.DOCKER_OWNER = "mobilecoin" - - // Container repository for the consensus service - env.CONSENSUS_NODE_DOCKER_REPO = "node_hw" - - // Container repository for the mobilecoind service - env.MOBILECOIND_DOCKER_REPO = "mobilecoind" - - // Container repository for the mobilecoind service - env.BOOTSTRAP_TOOLS_DOCKER_REPO = "bootstrap-tools" - - // Set a dateformat string to be used as a docker tag - env.TAG_VERSION = sh(returnStdout: true, script: 'date +"v%Y%m%d%H%m%S"').trim() - } - - // Stash sources for later use on multiple Jenkins nodes - stash name: 'sources', useDefaultExcludes: false, includes: '**', excludes: '**/.git, **/.git/**' - } - } - stage('Cargo Build') { - // Reusing the default agent/pod config - steps { - container('rust-builder-default') { - // Show the environment for posterity - sh 'printenv | sort' - - // Can be swapped out for specific build commands - sh 'cargo build --release' - - // Build mobilecoind without default features - sh 'cargo build --release -p mc-mobilecoind --no-default-features' - - // Staging area for binary packaging - sh 'mkdir -p $WORKSPACE/ops/bin' - - // Copy relevant binaries to staging area - sh ''' - for file in $(find ${CARGO_TARGET_DIR:-$WORKSPACE/target}/release -maxdepth 1 -type f "(" -name '*.so' -o -executable ")" -not -name '*_test' ); do - cp -v ${file} $WORKSPACE/ops/bin/ - done - ls -la $WORKSPACE/ops/bin - ''' - - // Copy the one-shot test-certificates into the staging area - sh 'mkdir -p $WORKSPACE/ops/attest && cp -a $WORKSPACE/attest/test_certs $WORKSPACE/ops/attest/test_certs' - - // Make directories and populate sample_data - dir('ops') { - sh 'mkdir -p sample_data/ledger' - sh 'mkdir -p sample_data/keys' - } - - // Generate sample data - dir('ops/sample_data') { - // Generate lots of account keys to keep balances smaller - sh '../bin/sample-keys --num 1000' - sh '../bin/generate-sample-ledger -t 100' - // Remove extra keys otherwise test_client will try all combinations - sh 'for i in $(seq 6 999); do rm -rf keys/*_${i}.*; done' - sh 'rm -f ./ledger/lock.mdb' - } - - // Stash the ops data/binaries for usage in later steps - stash name: 'ops_data', includes: 'ops/**' - } - } - } - stage('Build Images') { - parallel { - stage('Build Consensus Service container') { - options { - skipDefaultCheckout true - } - agent { - kubernetes { - slaveConnectTimeout 240000 - activeDeadlineSeconds 43200 - yamlFile 'jenkins/packaging-pod.yaml' - } - } - steps { - container('jnlp'){ - unstash name: 'sources' - unstash name: 'ops_data' - } - container('kaniko'){ - sh ''' - for i in 1 2 3; do - /kaniko/executor -f $WORKSPACE/ops/Dockerfile-consensus -c $WORKSPACE/ops \ - --build-arg ORIGIN_DATA_DIR=sample_data \ - --build-arg GIT_COMMIT=${GIT_COMMIT} \ - --build-arg BRANCH=${NETWORK} \ - --destination=$DOCKER_OWNER/$CONSENSUS_NODE_DOCKER_REPO:${NETWORK}-${TAG_VERSION} \ - --destination=$DOCKER_OWNER/$CONSENSUS_NODE_DOCKER_REPO:${NETWORK}-latest \ - --cleanup \ - && break || sleep 5; - done - ''' - } - } - } - stage('Build mobilecoind container') { - options { - skipDefaultCheckout true - } - agent { - kubernetes { - slaveConnectTimeout 240000 - activeDeadlineSeconds 43200 - yamlFile 'jenkins/packaging-pod.yaml' - } - } - steps { - container('jnlp'){ - unstash name: 'sources' - unstash name: 'ops_data' - } - container('kaniko'){ - sh ''' - for i in 1 2 3; do - /kaniko/executor -f $WORKSPACE/ops/Dockerfile-mobilecoind -c $WORKSPACE/ops \ - --build-arg ORIGIN_DATA_DIR=sample_data \ - --build-arg GIT_COMMIT=${GIT_COMMIT} \ - --build-arg BRANCH=${NETWORK} \ - --destination=$DOCKER_OWNER/$MOBILECOIND_DOCKER_REPO:${NETWORK}-${TAG_VERSION} \ - --destination=$DOCKER_OWNER/$MOBILECOIND_DOCKER_REPO:${NETWORK}-latest \ - --cleanup \ - && break || sleep 5; - done - ''' - } - } - } - } - } - stage('Deploy and Test') { - options { - lock resource: env.NETWORK - } - stages { - stage('Deploy to k8s') { - options { - skipDefaultCheckout true - } - agent { - kubernetes { - slaveConnectTimeout 240000 - activeDeadlineSeconds 43200 - yamlFile 'jenkins/kubectl-pod.yaml' - } - } - steps { - container('jnlp') { - unstash name: 'sources' - dir('deploy') { - sh './generate-manifests -n ${NETWORK} -t ${NETWORK}-${TAG_VERSION}' - } - } - container('kubectl') { - dir('deploy/build') { - script { - sh(script: 'kubectl get po -n ${NETWORK}') - - // Delete the consensus nodes, and {discovery, mobilecoind, ledger} nodes if any - sh(script: 'for i in 03* 04*; do kubectl delete --ignore-not-found -n ${NETWORK} -f ${i}; done') - - // Update the 01* configs - sh(script: 'for i in 01*yaml; do kubectl apply -n ${NETWORK} -f ${i}; done') - - // Launch the consensus node deployments - sh(script: 'for i in 03*yaml; do kubectl apply -n ${NETWORK} -f ${i}; done') - - // Wait until the deployments have achieved an Available state. - sh(script: 'for i in 1 2 3 4 5; do kubectl wait --for=condition=Available deploy/node${i} -n ${NETWORK} --timeout=2500s; done') - - // Deploy an internal mobilecoind to test with - sh(script: 'kubectl apply -n ${NETWORK} -f 04-mobilecoind.yaml') - - // Wait for mobilecoind to achieve and Available state - sh(script: 'kubectl wait --for=condition=Available deploy/mobilecoind -n ${NETWORK} --timeout=480s') - - sh(script: 'kubectl get po -n ${NETWORK}') - } - } - } - } - } - stage('Wallet Integration Test') { - steps { - container('rust-builder-default') { - dir('mobilecoind/strategies') { - sh 'pip3 install -r requirements.txt' - sh ''' - python3 -m grpc_tools.protoc -I$WORKSPACE/api/proto \ - --python_out=. $WORKSPACE/api/proto/external.proto - ''' - sh ''' - python3 -m grpc_tools.protoc -I$WORKSPACE/api/proto \ - --python_out=. $WORKSPACE/api/proto/blockchain.proto - ''' - sh ''' - python3 -m grpc_tools.protoc \ - -I$WORKSPACE/mobilecoind/api/proto -I$WORKSPACE/api/proto -I$WORKSPACE/consensus/api/proto \ - --python_out=. --grpc_python_out=. $WORKSPACE/mobilecoind/api/proto/mobilecoind_api.proto - ''' - sh ''' - python3 test_client.py \ - --key-dir $WORKSPACE/ops/sample_data/keys \ - --mobilecoind-host mobilecoind.${NETWORK}.svc.cluster.local\ - --mobilecoind-port 3229 - ''' - } - } - } - } - } - } - } - post { - always { - slackSend color: COLOR_MAP[currentBuild.currentResult], - message: "*${currentBuild.currentResult}:*\nJob: ${env.JOB_NAME}\nCommit: ${env.GIT_COMMIT}\nDocker Tag: ${env.NETWORK}-${env.TAG_VERSION}\nBuild: ${env.BUILD_NUMBER}\nDuration: ${currentBuild.durationString}\nMore info at: ${env.BUILD_URL}" - } - } -} diff --git a/jenkins/build-pod.yaml b/jenkins/build-pod.yaml deleted file mode 100644 index 347c98cdeb..0000000000 --- a/jenkins/build-pod.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - labels: - build-pipeline-name: mobilecoin-build -spec: - nodeSelector: - builder-node: "true" - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: build-pipeline-name - operator: In - values: - - mobilecoin-build - topologyKey: "kubernetes.io/hostname" - containers: - - name: rust-builder-default - image: mobilecoin/builder-install:v0.0.18 - env: - - name: PATH - value: "/root/.cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/intel/sgxsdk/bin:/opt/intel/sgxsdk/bin/x64" - - name: RUST_BACKTRACE - value: full - command: - - /bin/cat - tty: true - resources: - limits: - cpu: "4.5" - memory: "8000Mi" - requests: - cpu: "3" - memory: "6000Mi" diff --git a/jenkins/kubectl-pod.yaml b/jenkins/kubectl-pod.yaml deleted file mode 100644 index e3986f0a0b..0000000000 --- a/jenkins/kubectl-pod.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - labels: - build-pipeline-name: mobilecoin-build -spec: - nodeSelector: - builder-node: "true" - serviceAccountName: jenkins-kubernetes-deploy - # bitnami kubectl container has USER 1001 hardcoded - securityContext: - runAsUser: 1001 - allowPrivilegeEscalation: false - containers: - - name: kubectl - image: bitnami/kubectl:1.17-debian-10 - command: - - /bin/cat - tty: true - resources: - limits: - cpu: "0.75" - memory: "512Mi" - requests: - cpu: "0.25" - memory: "256Mi" diff --git a/jenkins/packaging-pod.yaml b/jenkins/packaging-pod.yaml deleted file mode 100644 index f7feaaaec3..0000000000 --- a/jenkins/packaging-pod.yaml +++ /dev/null @@ -1,43 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - labels: - build-pipeline-name: mobilecoin-build -spec: - nodeSelector: - builder-node: "true" - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: build-pipeline-name - operator: In - values: - - mobilecoin-build - topologyKey: "kubernetes.io/hostname" - - containers: - - - name: kaniko - # Need the debug container to get busybox - image: gcr.io/kaniko-project/executor:v1.6.0-debug - imagePullPolicy: Always - command: - - /busybox/cat - tty: true - volumeMounts: - - name: jenkins-docker-cfg - mountPath: /kaniko/.docker - - volumes: - - name: jenkins-docker-cfg - secret: - secretName: docker-credentials - items: - - key: .dockerconfigjson - path: config.json - - diff --git a/ledger/db/Cargo.toml b/ledger/db/Cargo.toml index 9ffd31d2e8..01e2cb7eae 100644 --- a/ledger/db/Cargo.toml +++ b/ledger/db/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-ledger-db" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/ledger/distribution/Cargo.toml b/ledger/distribution/Cargo.toml index 96efc77807..f2369b1c5b 100644 --- a/ledger/distribution/Cargo.toml +++ b/ledger/distribution/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-ledger-distribution" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/ledger/from-archive/Cargo.toml b/ledger/from-archive/Cargo.toml index acb770af46..09ab42af18 100644 --- a/ledger/from-archive/Cargo.toml +++ b/ledger/from-archive/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-ledger-from-archive" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/ledger/migration/Cargo.toml b/ledger/migration/Cargo.toml index 0460eba45c..7a6df3e404 100644 --- a/ledger/migration/Cargo.toml +++ b/ledger/migration/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-ledger-migration" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/ledger/sync/Cargo.toml b/ledger/sync/Cargo.toml index 5d2fc0e08d..bae8ba328b 100644 --- a/ledger/sync/Cargo.toml +++ b/ledger/sync/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-ledger-sync" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/mobilecoind-dev-faucet/Cargo.toml b/mobilecoind-dev-faucet/Cargo.toml index e76adda0ff..73295b0568 100644 --- a/mobilecoind-dev-faucet/Cargo.toml +++ b/mobilecoind-dev-faucet/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-mobilecoind-dev-faucet" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/mobilecoind-json/Cargo.toml b/mobilecoind-json/Cargo.toml index 130b599cb3..3dd2ba54d5 100644 --- a/mobilecoind-json/Cargo.toml +++ b/mobilecoind-json/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-mobilecoind-json" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/mobilecoind/Cargo.toml b/mobilecoind/Cargo.toml index 2911ebb3cc..a2ed509b85 100644 --- a/mobilecoind/Cargo.toml +++ b/mobilecoind/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-mobilecoind" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/mobilecoind/api/Cargo.toml b/mobilecoind/api/Cargo.toml index c2368bb87d..bd9d8a0308 100644 --- a/mobilecoind/api/Cargo.toml +++ b/mobilecoind/api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-mobilecoind-api" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] build = "build.rs" edition = "2021" diff --git a/mobilecoind/api/proto/mobilecoind_api.proto b/mobilecoind/api/proto/mobilecoind_api.proto index 1fd480f90b..350c6cce4e 100644 --- a/mobilecoind/api/proto/mobilecoind_api.proto +++ b/mobilecoind/api/proto/mobilecoind_api.proto @@ -31,6 +31,8 @@ service MobilecoindAPI { rpc GetAccountKeyFromRootEntropy (GetAccountKeyFromRootEntropyRequest) returns (GetAccountKeyResponse) {} rpc GetAccountKeyFromMnemonic (GetAccountKeyFromMnemonicRequest) returns (GetAccountKeyResponse) {} rpc GetPublicAddress (GetPublicAddressRequest) returns (GetPublicAddressResponse) {} + rpc GetShortAddressHash (GetShortAddressHashRequest) returns (GetShortAddressHashResponse) {} + rpc ValidateAuthenticatedSenderMemo (ValidateAuthenticatedSenderMemoRequest) returns (ValidateAuthenticatedSenderMemoResponse) {} // b58 Codes rpc ParseRequestCode (ParseRequestCodeRequest) returns (ParseRequestCodeResponse) {} @@ -118,6 +120,9 @@ enum TxStatus { message Outlay { uint64 value = 1; external.PublicAddress receiver = 2; + // Optional tx private key to use for this tx out. This can be chosen explicitly as a mechanism for idempotence. + // Must be 32 pseudorandom bytes or none. Will be reduced to curve25519 scalar mod order. + bytes tx_private_key = 3; } // Structure used in specifying the list of outputs in a transaction. @@ -126,6 +131,9 @@ message OutlayV2 { uint64 value = 1; external.PublicAddress receiver = 2; uint64 token_id = 3; + // Optional tx private key to use for this tx out. This can be chosen explicitly as a mechanism for idempotence. + // Must be 32 pseudorandom bytes or none. Will be reduced to curve25519 scalar mod order. + bytes tx_private_key = 4; } // Structure used to refer to a TxOut in the ledger that is presumed to be spendable. @@ -152,9 +160,42 @@ message UnspentTxOut { // The token id of the TxOut uint64 token_id = 7; + // The (decrypted) MemoPayload of this TxOut + bytes memo_payload = 8; + // The monitor id this UnspentTxOut belongs to. // Note that this field is not included in the Rust `utxo_store::UnspentTxOut` struct. bytes monitor_id = 10; + + // The decoded memo info, if any + DecodedMemo decoded_memo = 11; +} + +message DecodedMemo { + // Details of the decoded memo payload. + // Omitted if the empty memo was found. + oneof decoded_memo { + UnknownMemo unknown_memo = 1; + AuthenticatedSenderMemo authenticated_sender_memo = 2; + } +} + +// Structure used to represent the decoded MCIP #4 Authenticated sender memo and its variants. +// Note that the sender can write whatever they want in a memo, and to rely on the data. +// You must validate the memo by checking the hmac, see the ValidateAuthenticatedSenderMemo rpc call. +message AuthenticatedSenderMemo { + /// The standard short address hash (MCIP #4) + bytes sender_hash = 1; + // Payment request ID if present + optional uint64 payment_request_id = 2; + // Payment intent ID if present + optional uint64 payment_intent_id = 3; +} + +// Details returned when this version of mobilecoind couldn't interpret a memo payload. +message UnknownMemo { + // The type bytes of this memo, which couldn't be interpreted by mobilecoind. + bytes type_bytes = 1; } // Structure used to refer to an SCI that we want to add to a transaction. @@ -413,6 +454,28 @@ message GetPublicAddressResponse { string b58_code = 2; } +// +// Memos +// + +message GetShortAddressHashRequest { + external.PublicAddress public_address = 1; +} + +message GetShortAddressHashResponse { + bytes hash = 1; +} + +message ValidateAuthenticatedSenderMemoRequest { + bytes monitor_id = 1; + UnspentTxOut utxo = 2; + external.PublicAddress sender = 3; +} + +message ValidateAuthenticatedSenderMemoResponse { + bool success = 1; +} + // // b58 Codes // diff --git a/mobilecoind/src/conversions.rs b/mobilecoind/src/conversions.rs index 7b8750f9d1..7070a79372 100644 --- a/mobilecoind/src/conversions.rs +++ b/mobilecoind/src/conversions.rs @@ -1,4 +1,4 @@ -// Copyright (c) 2018-2023 The MobileCoin Foundation +// Copyright (c) 2018-2024 The MobileCoin Foundation //! Utilities for converting between `mobilecoind` and `mobilecoind_api` data //! types. @@ -10,13 +10,14 @@ use crate::{ use mc_account_keys::PublicAddress; use mc_api::ConversionError; use mc_common::HashMap; +use mc_crypto_keys::RistrettoPrivate; use mc_mobilecoind_api as api; use mc_transaction_core::{ ring_signature::KeyImage, tx::{Tx, TxOut}, - Amount, TokenId, + Amount, MemoPayload, TokenId, }; -use mc_transaction_extra::TxOutConfirmationNumber; +use mc_transaction_extra::{MemoType, TxOutConfirmationNumber}; use protobuf::RepeatedField; impl From<&UnspentTxOut> for api::UnspentTxOut { @@ -30,6 +31,11 @@ impl From<&UnspentTxOut> for api::UnspentTxOut { dst.set_attempted_spend_height(src.attempted_spend_height); dst.set_attempted_spend_tombstone(src.attempted_spend_tombstone); dst.set_token_id(src.token_id); + dst.set_memo_payload(src.memo_payload.clone()); + + if let Ok(mp) = MemoPayload::try_from(&src.memo_payload[..]) { + dst.set_decoded_memo(decode_memo(&mp)); + } dst } @@ -46,6 +52,7 @@ impl TryFrom<&api::UnspentTxOut> for UnspentTxOut { let attempted_spend_height = src.attempted_spend_height; let attempted_spend_tombstone = src.attempted_spend_tombstone; let token_id = src.token_id; + let memo_payload = src.memo_payload.clone(); Ok(Self { tx_out, @@ -55,16 +62,66 @@ impl TryFrom<&api::UnspentTxOut> for UnspentTxOut { attempted_spend_height, attempted_spend_tombstone, token_id, + memo_payload, }) } } +fn bytes_to_tx_private_key(bytes: &[u8]) -> Result, ConversionError> { + if bytes.is_empty() { + return Ok(None); + } + + let bytes = <&[u8; 32] as TryFrom<&[u8]>>::try_from(bytes)?; + Ok(Some(RistrettoPrivate::from_bytes_mod_order(bytes))) +} + +// Convert an arbitrary MemoPayload to the api::DecodedMemo format. +// When this fails, it sets the UnknownMemo variant in the result. +// +// Note: This could be From<&MemoPayload> for api::DecodedMemo, but there are +// orphan rules issues. +fn decode_memo(memo_payload: &MemoPayload) -> api::DecodedMemo { + let mut result = api::DecodedMemo::new(); + + match MemoType::try_from(memo_payload) { + Ok(MemoType::Unused(_)) => {} + Ok(MemoType::AuthenticatedSender(memo)) => { + let mut asm = api::AuthenticatedSenderMemo::new(); + asm.set_sender_hash(memo.sender_address_hash().as_ref().to_vec()); + result.set_authenticated_sender_memo(asm); + } + Ok(MemoType::AuthenticatedSenderWithPaymentRequestId(memo)) => { + let mut asm = api::AuthenticatedSenderMemo::new(); + asm.set_sender_hash(memo.sender_address_hash().as_ref().to_vec()); + asm.set_payment_request_id(memo.payment_request_id()); + result.set_authenticated_sender_memo(asm); + } + Ok(MemoType::AuthenticatedSenderWithPaymentIntentId(memo)) => { + let mut asm = api::AuthenticatedSenderMemo::new(); + asm.set_sender_hash(memo.sender_address_hash().as_ref().to_vec()); + asm.set_payment_intent_id(memo.payment_intent_id()); + result.set_authenticated_sender_memo(asm); + } + Ok(_) | Err(_) => { + let mut um = api::UnknownMemo::new(); + um.set_type_bytes(memo_payload.get_memo_type().to_vec()); + result.set_unknown_memo(um); + } + } + + result +} + impl From<&Outlay> for api::Outlay { fn from(src: &Outlay) -> Self { let mut dst = Self::new(); dst.set_value(src.value); dst.set_receiver((&src.receiver).into()); + if let Some(key) = src.tx_private_key { + dst.set_tx_private_key(key.to_bytes().to_vec()); + } dst } @@ -76,8 +133,13 @@ impl TryFrom<&api::Outlay> for Outlay { fn try_from(src: &api::Outlay) -> Result { let value = src.value; let receiver = PublicAddress::try_from(src.get_receiver())?; + let tx_private_key = bytes_to_tx_private_key(src.get_tx_private_key())?; - Ok(Self { value, receiver }) + Ok(Self { + value, + receiver, + tx_private_key, + }) } } @@ -88,6 +150,9 @@ impl From<&OutlayV2> for api::OutlayV2 { dst.set_value(src.amount.value); dst.set_token_id(*src.amount.token_id); dst.set_receiver((&src.receiver).into()); + if let Some(key) = src.tx_private_key { + dst.set_tx_private_key(key.to_bytes().to_vec()); + } dst } @@ -99,8 +164,13 @@ impl TryFrom<&api::OutlayV2> for OutlayV2 { fn try_from(src: &api::OutlayV2) -> Result { let amount = Amount::new(src.value, TokenId::from(src.token_id)); let receiver = PublicAddress::try_from(src.get_receiver())?; + let tx_private_key = bytes_to_tx_private_key(src.get_tx_private_key())?; - Ok(Self { amount, receiver }) + Ok(Self { + amount, + receiver, + tx_private_key, + }) } } @@ -229,13 +299,18 @@ impl TryFrom<&api::SciForTx> for SciForTx { #[cfg(test)] mod test { use super::*; - use mc_account_keys::AccountKey; - use mc_crypto_keys::RistrettoPrivate; + use mc_account_keys::{AccountKey, ShortAddressHash}; + use mc_crypto_keys::{CompressedRistrettoPublic, RistrettoPrivate}; use mc_ledger_db::{ test_utils::{create_ledger, create_transaction, initialize_ledger}, Ledger, }; use mc_transaction_core::{tokens::Mob, Amount, BlockVersion, Token}; + use mc_transaction_extra::{ + AuthenticatedSenderMemo, AuthenticatedSenderWithPaymentIntentIdMemo, + AuthenticatedSenderWithPaymentRequestIdMemo, DestinationMemo, SenderMemoCredential, + UnusedMemo, + }; use mc_util_from_random::FromRandom; use rand::{rngs::StdRng, SeedableRng}; @@ -271,6 +346,7 @@ mod test { attempted_spend_height, attempted_spend_tombstone, token_id: *Mob::ID, + memo_payload: vec![6u8, 66], }; let proto = api::UnspentTxOut::from(&rust); @@ -289,6 +365,86 @@ mod test { assert_eq!(rust, UnspentTxOut::try_from(&proto).unwrap()); } + // Test the decode_memo implementation + #[test] + fn test_memo_conversion() { + let mut rng: StdRng = SeedableRng::from_seed([1u8; 32]); + + let alice = AccountKey::new( + &RistrettoPrivate::from_random(&mut rng), + &RistrettoPrivate::from_random(&mut rng), + ); + let alice_cred = SenderMemoCredential::from(&alice); + let alice_hash = alice_cred.address_hash.clone(); + + let bob = AccountKey::new( + &RistrettoPrivate::from_random(&mut rng), + &RistrettoPrivate::from_random(&mut rng), + ); + let bob_addr = bob.default_subaddress(); + + let tx_public_key = CompressedRistrettoPublic::from_random(&mut rng); + + let memo1 = UnusedMemo {}; + let decoded = decode_memo(&MemoPayload::from(memo1)); + assert_eq!(decoded.decoded_memo, None); + + let memo2 = + AuthenticatedSenderMemo::new(&alice_cred, bob_addr.view_public_key(), &tx_public_key); + let decoded = decode_memo(&MemoPayload::from(memo2)); + assert!(decoded.has_authenticated_sender_memo()); + let sender_memo = decoded.get_authenticated_sender_memo(); + assert_eq!(sender_memo.get_sender_hash(), alice_hash.as_ref()); + assert!(!sender_memo.has_payment_request_id()); + assert!(!sender_memo.has_payment_intent_id()); + + let memo3 = AuthenticatedSenderWithPaymentRequestIdMemo::new( + &alice_cred, + bob_addr.view_public_key(), + &tx_public_key, + 7u64, + ); + let decoded = decode_memo(&MemoPayload::from(memo3)); + assert!(decoded.has_authenticated_sender_memo()); + assert!(!decoded.has_unknown_memo()); + let sender_memo = decoded.get_authenticated_sender_memo(); + assert_eq!(sender_memo.get_sender_hash(), alice_hash.as_ref()); + assert!(sender_memo.has_payment_request_id()); + assert_eq!(sender_memo.get_payment_request_id(), 7); + assert!(!sender_memo.has_payment_intent_id()); + + let memo4 = AuthenticatedSenderWithPaymentIntentIdMemo::new( + &alice_cred, + bob_addr.view_public_key(), + &tx_public_key, + 9u64, + ); + let decoded = decode_memo(&MemoPayload::from(memo4)); + assert!(decoded.has_authenticated_sender_memo()); + assert!(!decoded.has_unknown_memo()); + let sender_memo = decoded.get_authenticated_sender_memo(); + assert_eq!(sender_memo.get_sender_hash(), alice_hash.as_ref()); + assert!(!sender_memo.has_payment_request_id()); + assert!(sender_memo.has_payment_intent_id()); + assert_eq!(sender_memo.get_payment_intent_id(), 9); + + // Destination memos are not implemented yet + let memo5 = DestinationMemo::new(ShortAddressHash::from(&bob_addr), 17, 18).unwrap(); + let decoded = decode_memo(&MemoPayload::from(memo5)); + assert!(!decoded.has_authenticated_sender_memo()); + assert!(decoded.has_unknown_memo()); + let type_bytes = decoded.get_unknown_memo().get_type_bytes(); + assert_eq!(&type_bytes, &[2u8, 0u8]); + + // This is an unassigned memo type + let memo6 = MemoPayload::new([7u8, 8u8], [0u8; 64]); + let decoded = decode_memo(&memo6); + assert!(!decoded.has_authenticated_sender_memo()); + assert!(decoded.has_unknown_memo()); + let type_bytes = decoded.get_unknown_memo().get_type_bytes(); + assert_eq!(&type_bytes, &[7u8, 8u8]); + } + #[test] fn test_outlay_conversion() { let mut rng: StdRng = SeedableRng::from_seed([1u8; 32]); @@ -298,6 +454,30 @@ mod test { let rust = Outlay { receiver: public_addr.clone(), value: 1234, + tx_private_key: None, + }; + let proto = api::Outlay::from(&rust); + + assert_eq!(proto.value, rust.value); + assert_eq!( + PublicAddress::try_from(proto.get_receiver()).unwrap(), + public_addr + ); + + // Proto -> Rust + assert_eq!(rust, Outlay::try_from(&proto).unwrap()); + } + + #[test] + fn test_outlay_conversion_with_tx_private_key() { + let mut rng: StdRng = SeedableRng::from_seed([1u8; 32]); + let public_addr = AccountKey::random(&mut rng).default_subaddress(); + + // Rust -> Proto, with tx private key + let rust = Outlay { + receiver: public_addr.clone(), + value: 1234, + tx_private_key: Some(RistrettoPrivate::from_random(&mut rng)), }; let proto = api::Outlay::from(&rust); @@ -363,6 +543,7 @@ mod test { attempted_spend_height, attempted_spend_tombstone, token_id: *Mob::ID, + memo_payload: vec![9u8, 66], } }; @@ -371,6 +552,7 @@ mod test { OutlayV2 { receiver: public_addr, amount: Amount::new(1234, TokenId::from(0)), + tx_private_key: Some(RistrettoPrivate::from_random(&mut rng)), } }; diff --git a/mobilecoind/src/payments.rs b/mobilecoind/src/payments.rs index 173c1d8948..ca76cb5cf2 100644 --- a/mobilecoind/src/payments.rs +++ b/mobilecoind/src/payments.rs @@ -12,7 +12,7 @@ use mc_common::{ use mc_connection::{ BlockInfo, BlockchainConnection, ConnectionManager, RetryableUserTxConnection, UserTxConnection, }; -use mc_crypto_keys::RistrettoPublic; +use mc_crypto_keys::{RistrettoPrivate, RistrettoPublic}; use mc_crypto_ring_signature_signer::NoKeysRingSigner; use mc_fog_report_validation::FogPubkeyResolver; use mc_ledger_db::{Error as LedgerError, Ledger, LedgerDB}; @@ -60,6 +60,9 @@ pub struct Outlay { /// Destination. pub receiver: PublicAddress, + + /// Optional tx private key to use. + pub tx_private_key: Option, } /// An outlay, with token id information. @@ -72,6 +75,9 @@ pub struct OutlayV2 { /// Destination. pub receiver: PublicAddress, + + /// Optional tx private key to use. + pub tx_private_key: Option, } /// A single pending transaction. @@ -304,6 +310,7 @@ impl list of transactions that @@ -321,6 +321,7 @@ mod test { attempted_spend_height: 0, attempted_spend_tombstone: 0, token_id: *Mob::ID, + memo_payload: vec![], } }) .collect(); diff --git a/mobilecoind/src/service.rs b/mobilecoind/src/service.rs index 85a71f2eab..ce2a333df8 100644 --- a/mobilecoind/src/service.rs +++ b/mobilecoind/src/service.rs @@ -1,4 +1,4 @@ -// Copyright (c) 2018-2023 The MobileCoin Foundation +// Copyright (c) 2018-2024 The MobileCoin Foundation //! The mobilecoind Service //! * provides a GRPC server @@ -18,7 +18,8 @@ use api::ledger::{TxOutResult, TxOutResultCode}; use bip39::{Language, Mnemonic, MnemonicType}; use grpcio::{EnvBuilder, RpcContext, RpcStatus, RpcStatusCode, ServerBuilder, UnarySink}; use mc_account_keys::{ - burn_address, AccountKey, PublicAddress, RootIdentity, DEFAULT_SUBADDRESS_INDEX, + burn_address, AccountKey, PublicAddress, RootIdentity, ShortAddressHash, + DEFAULT_SUBADDRESS_INDEX, }; use mc_api::blockchain::ArchiveBlock; use mc_blockchain_types::BlockIndex; @@ -43,9 +44,9 @@ use mc_transaction_core::{ onetime_keys::recover_onetime_private_key, ring_signature::KeyImage, tx::{TxOut, TxOutMembershipProof}, - Amount, TokenId, + Amount, MemoPayload, TokenId, }; -use mc_transaction_extra::{BurnRedemptionMemo, TxOutConfirmationNumber}; +use mc_transaction_extra::{BurnRedemptionMemo, MemoType, TxOutConfirmationNumber}; use mc_util_from_random::FromRandom; use mc_util_grpc::{ rpc_internal_error, rpc_invalid_arg_error, rpc_logger, send_result, AdminService, @@ -465,7 +466,7 @@ impl Result { // Get MonitorId from from the GRPC request. let monitor_id = MonitorId::try_from(&request.monitor_id) - .map_err(|err| rpc_internal_error("monitor_id.try_from.bytes", err, &self.logger))?; + .map_err(|err| rpc_invalid_arg_error("monitor_id.try_from.bytes", err, &self.logger))?; // Get monitor data. let data = self @@ -505,6 +506,83 @@ impl Result { + let address = PublicAddress::try_from(request.get_public_address()) + .map_err(|err| rpc_invalid_arg_error("PublicAddress.try_from", err, &self.logger))?; + + let hash = ShortAddressHash::from(&address); + + let mut response = api::GetShortAddressHashResponse::new(); + response.set_hash(hash.as_ref().to_vec()); + Ok(response) + } + + fn validate_authenticated_sender_memo_impl( + &mut self, + request: api::ValidateAuthenticatedSenderMemoRequest, + ) -> Result { + // Read the utxo proto + let utxo = UnspentTxOut::try_from(request.get_utxo()) + .map_err(|err| rpc_invalid_arg_error("unspent_tx_out.try_from", err, &self.logger))?; + + let memo_payload = MemoPayload::try_from(&utxo.memo_payload[..]) + .map_err(|err| rpc_invalid_arg_error("memo_payload.try_from", err, &self.logger))?; + + // Read the sender proto + let sender = PublicAddress::try_from(request.get_sender()) + .map_err(|err| rpc_invalid_arg_error("sender.try_from", err, &self.logger))?; + + // Get MonitorId from the GRPC request. + let monitor_id = MonitorId::try_from(request.get_monitor_id()) + .map_err(|err| rpc_invalid_arg_error("monitor_id.try_from.bytes", err, &self.logger))?; + + // Get monitor data. + let data = self + .mobilecoind_db + .get_monitor_data(&monitor_id) + .map_err(|err| { + rpc_internal_error("mobilecoind_db.get_monitor_data", err, &self.logger) + })?; + + let subaddress_vpk = data + .account_key + .subaddress_view_private(utxo.subaddress_index); + let tx_out_public_key = &utxo.tx_out.public_key; + + let mut response = api::ValidateAuthenticatedSenderMemoResponse::new(); + + response.set_success(bool::from(match MemoType::try_from(&memo_payload) { + Ok(MemoType::AuthenticatedSender(memo)) => { + memo.validate(&sender, &subaddress_vpk, tx_out_public_key) + } + Ok(MemoType::AuthenticatedSenderWithPaymentRequestId(memo)) => { + memo.validate(&sender, &subaddress_vpk, tx_out_public_key) + } + Ok(MemoType::AuthenticatedSenderWithPaymentIntentId(memo)) => { + memo.validate(&sender, &subaddress_vpk, tx_out_public_key) + } + Ok(other) => { + return Err(rpc_invalid_arg_error( + "Not an authenticated sender memo", + format!("{other:?}"), + &self.logger, + )); + } + Err(err) => { + return Err(rpc_invalid_arg_error( + "Not an authenticated sender memo", + format!("{err:?}"), + &self.logger, + )); + } + })); + + Ok(response) + } + fn parse_request_code_impl( &mut self, request: api::ParseRequestCodeRequest, @@ -645,6 +723,8 @@ impl [UnspentTxOut]s. @@ -60,6 +60,12 @@ pub struct UnspentTxOut { /// The token id of this TxOut #[prost(uint64, tag = "7")] pub token_id: u64, + + /// The (decrypted) MemoPayload of this TxOut + // Note: This is stored as raw bytes so that if we later extend the list of defined memos, + // mobilecoind can interpret the new memos without having to rescan and rebuild the db. + #[prost(bytes, tag = "8")] + pub memo_payload: Vec, } /// Type used as the key in the utxo_id_to_utxo database. @@ -511,6 +517,7 @@ mod test { attempted_spend_height: 0, attempted_spend_tombstone: 0, token_id: *Mob::ID, + memo_payload: vec![], } }) .collect(); diff --git a/ops/Dockerfile-consensus b/ops/Dockerfile-consensus deleted file mode 100644 index 192d79625a..0000000000 --- a/ops/Dockerfile-consensus +++ /dev/null @@ -1,111 +0,0 @@ -# ################################ # -# MobileCoin Consensus Validator # -# ################################ # -FROM ubuntu:18.04 AS consensus - -# -# This builds a slim runtime container based on Ubuntu 18.04 LTS for distribution of a MobileCoin Consensus Validator. -# -SHELL ["/bin/bash", "-c"] - -RUN apt-get update -q -q && \ - apt-get upgrade --yes && \ - apt-get install --yes \ - gpg \ - wget \ - && \ - rm -rf /var/cache/apt && \ - rm -rf /var/lib/apt/lists/* - -# Install SGX Ubuntu/Debian Repo -RUN source /etc/os-release && \ - wget "https://download.01.org/intel-sgx/sgx-linux/2.22/distro/ubuntu${VERSION_ID}-server/sgx_linux_x64_sdk_2.22.100.3.bin" && \ - echo "deb [arch=amd64 signed-by=/usr/local/share/apt-keyrings/intel-sgx-archive-keyring.gpg] https://download.01.org/intel-sgx/sgx_repo/ubuntu/ ${UBUNTU_CODENAME} main" > /etc/apt/sources.list.d/intel-sgx.list - -RUN mkdir -p /usr/local/share/apt-keyrings && \ - wget -O /tmp/intel-sgx-deb.key https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key && \ - gpg -v --no-default-keyring --keyring /tmp/intel-sgx-archive-keyring.gpg \ - --import /tmp/intel-sgx-deb.key && \ - gpg -v --no-default-keyring --keyring /tmp/intel-sgx-archive-keyring.gpg \ - --export --output /usr/local/share/apt-keyrings/intel-sgx-archive-keyring.gpg && \ - rm /tmp/intel-sgx-archive-keyring.gpg && \ - rm /tmp/intel-sgx-deb.key - -# Update OS and install deps -# -# - All of these are runtime dependencies of both aesm_service and mobilenode. -# - This is run as a one-off in order to reduce the number of layers in the resulting image -# -RUN apt-get update -q -q && \ - apt-get upgrade --yes && \ - apt-get install --yes \ - build-essential \ - ca-certificates \ - cmake \ - gettext \ - libc6 \ - libcurl4 \ - libgcc-7-dev \ - libgcc1 \ - libnghttp2-14 \ - libprotobuf-c1 \ - libprotobuf10 \ - libstdc++6 \ - libsgx-uae-service \ - rsync \ - sgx-aesm-service \ - supervisor \ - tar \ - zlib1g \ - && \ - rm -rf /var/cache/apt && \ - rm -rf /var/lib/apt/lists/* - -# Add grpc_health_probe for healthcheck/liveness probes -RUN GRPC_HEALTH_PROBE_VERSION=v0.3.2 && \ - wget -qO/bin/grpc_health_probe https://github.com/grpc-ecosystem/grpc-health-probe/releases/download/${GRPC_HEALTH_PROBE_VERSION}/grpc_health_probe-linux-amd64 && \ - chmod +x /bin/grpc_health_probe - -WORKDIR / - -COPY bin/libconsensus-enclave.signed.so /usr/bin/ -COPY bin/consensus-service /usr/bin/ -COPY bin/ledger-distribution /usr/bin/ -COPY bin/mc-admin-http-gateway /usr/bin/ -COPY bin/mc-ledger-migration /usr/bin/ -COPY bin/mc-util-grpc-admin-tool /usr/bin/ - -# Q: Why not use NODE_LEDGER_DIR here? -# A: The ENV dictates where the app actually looks, and the ARG sets -# the default ENV value, but the origin_data install dir should -# remain constant, and image builds may make that location their -# default. -- jmc -ARG ORIGIN_DATA_DIR -COPY ${ORIGIN_DATA_DIR}/ledger /var/lib/mobilecoin/origin_data - -COPY entrypoints/consensus_validator.sh /usr/bin/entrypoint.sh - -# Set default NODE_LEDGER_DIR to use ORIGIN_DATA_DIR, but override if docker run if intent is to preserve origin -ENV NODE_LEDGER_DIR "/var/lib/mobilecoin/origin_data" - -# Put arg and env configuration at the end when possible to improve use of docker layer caching -ENV NODE_MANAGEMENT_PORT 8000 -ENV NODE_CLIENT_PORT 3223 -ENV NODE_CONSENSUS_PORT 8443 -ARG BRANCH -ENV BRANCH "${BRANCH}" -ARG AWS_ACCESS_KEY_ID -ENV AWS_ACCESS_KEY_ID "${AWS_ACCESS_KEY_ID}" -ARG AWS_SECRET_ACCESS_KEY -ENV AWS_SECRET_ACCESS_KEY "${AWS_SECRET_ACCESS_KEY}" -ARG AWS_PATH -ENV AWS_PATH "${AWS_PATH}" -ENV RUST_LOG "debug" -ENV RUST_BACKTRACE "full" -ENV RUST_LOG_STYLE "never" - -EXPOSE $NODE_CLIENT_PORT -EXPOSE $NODE_CONSENSUS_PORT -EXPOSE $NODE_MANAGEMENT_PORT - -ENTRYPOINT ["entrypoint.sh"] diff --git a/ops/Dockerfile-mobilecoind b/ops/Dockerfile-mobilecoind deleted file mode 100644 index 4a3a5309f4..0000000000 --- a/ops/Dockerfile-mobilecoind +++ /dev/null @@ -1,65 +0,0 @@ -# ############# # -# Mobilecoind # -# ############# # -FROM ubuntu:18.04 AS mobilecoind -# -# This builds a slim runtime container based on Ubuntu 18.04 LTS for distribution of the mobilecoind program -# - -SHELL ["/bin/bash", "-c"] - -# Install any updates -# -RUN apt-get update -q -q && \ -apt-get upgrade --yes --force-yes && \ -apt-get install --yes --force-yes \ -ca-certificates \ -gettext \ -libssl1.1 \ -supervisor \ -wget && \ -rm -rf /var/cache/apt && \ -rm -rf /var/lib/apt/lists/* - -# Add grpc_health_probe for healthcheck/liveness probes -RUN GRPC_HEALTH_PROBE_VERSION=v0.3.2 && \ - wget -qO/bin/grpc_health_probe https://github.com/grpc-ecosystem/grpc-health-probe/releases/download/${GRPC_HEALTH_PROBE_VERSION}/grpc_health_probe-linux-amd64 && \ - chmod +x /bin/grpc_health_probe - -WORKDIR / -COPY bin/mobilecoind /usr/bin/ -COPY bin/mc-util-grpc-admin-tool /usr/bin/ - -# Q: Why not use NODE_LEDGER_DIR here? -# A: The ENV dictates where the app actually looks, and the ARG sets -# the default ENV value, but the sample-keys install dir should -# remain constant, and image builds may make that location their -# default. -- jmc -ARG ORIGIN_DATA_DIR -COPY ${ORIGIN_DATA_DIR}/keys /var/lib/mobilecoin/keys -COPY ${ORIGIN_DATA_DIR}/ledger /var/lib/mobilecoin/ledger - -COPY attest/test_certs/ /var/lib/mobilecoin/attest/test_certs - -COPY entrypoints/mobilecoind.sh /usr/bin/entrypoint.sh - -# Put arg and env configuration at the end when possible to improve use of docker layer caching -ARG MOBILECOIND_SERVICE_PORT=4444 - -ARG BRANCH -ARG NODE_LEDGER_DIR="/var/lib/mobilecoin/ledger" -ARG MOBILECOIND_DB_DIR="/var/lib/mobilecoin/mobilecoind_db" -ENV MOBILECOIND_SERVICE_PORT="${MOBILECOIND_SERVICE_PORT}" -ENV BRANCH="${BRANCH}" -ENV RUST_LOG "debug" -ENV RUST_BACKTRACE "full" -ENV RUST_LOG_STYLE "never" -ENV NODE_LEDGER_DIR=${NODE_LEDGER_DIR} -ENV MOBILECOIND_DB_DIR=${MOBILECOIND_DB_DIR} -ENV ORIGIN_DATA_DIR=${ORIGIN_DATA_DIR} -ENV GIT_COMMIT=${GIT_COMMIT} -ENV BRANCH=${BRANCH} - -EXPOSE $MOBILECOIND_SERVICE_PORT - -ENTRYPOINT ["entrypoint.sh"] diff --git a/ops/entrypoints/consensus_validator.sh b/ops/entrypoints/consensus_validator.sh deleted file mode 100755 index 562e84a40a..0000000000 --- a/ops/entrypoints/consensus_validator.sh +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/bash -# -# This script will start the aesm_service daemon, if the isgx device node is -# present in /dev, then run consensus service with any given arguments. -# -# NOTE: Some of the environment variables are set in the Docker container, and -# some are set in the docker run command - -# exit if anything fails. -set -e - -function launch() { - app=$(basename $1) - (set +e; while true; do - echo "${@}" - if [ -z "${NODE_LOG_DIR}" ]; then - ${@} - else - ${@} >> ${NODE_LOG_DIR}/${app}.log 2>&1 - fi - echo "${app} died; restarting after 10 seconds" >&2 - sleep 10 - done) & -} - -if [ ! -z "${NODE_LOG_DIR}" ]; then - mkdir -p ${NODE_LOG_DIR} -fi - -if [ -c /dev/isgx ]; then - # Use a subshell to prevent environment leakage - ( - export AESM_PATH=/opt/intel/sgx-aesm-service/aesm - export LD_LIBRARY_PATH=${AESM_PATH} - - ${AESM_PATH}/linksgx.sh - /bin/mkdir -p /var/run/aesmd/ - /bin/chown -R aesmd:aesmd /var/run/aesmd/ - /bin/chmod 0755 /var/run/aesmd/ - /bin/chown -R aesmd:aesmd /var/opt/aesmd/ - launch ${AESM_PATH}/aesm_service --no-daemon - ) - - sleep 1 -fi - -# If the ledgerdir is not already populated, copy the origin block. -if [ ! -r "${NODE_LEDGER_DIR}/data.mdb" ]; then - mkdir -p "${NODE_LEDGER_DIR}" - rsync -a /var/lib/mobilecoin/origin_data/* ${NODE_LEDGER_DIR}/ -fi - -# Update the ledger to the current version if necessary -/usr/bin/mc-ledger-migration --ledger-db ${NODE_LEDGER_DIR} - -if [[ -z "${AWS_PATH}" ]] || [[ -z "${AWS_SECRET_ACCESS_KEY}" ]] || [[ -z "${AWS_ACCESS_KEY_ID}" ]]; then - echo "Warning: Must provide AWS_PATH, AWS_SECRET_ACCESS_KEY, and AWS_ACCESS_KEY_ID to start ledger distribution"; -else - launch /usr/bin/ledger-distribution \ - --ledger-path "${NODE_LEDGER_DIR}" \ - --dest "${AWS_PATH}" -fi - -# Clean old dump directory - consensus writes a new dir, which is owned by root due to docker volume ownership -rm -rf /scp-debug-dump/${LOCAL_NODE_ID} - -launch /usr/bin/mc-admin-http-gateway --listen-host 0.0.0.0 --listen-port ${NODE_MANAGEMENT_PORT} --admin-uri insecure-mca://127.0.0.1:9091/ - -exec consensus-service $@ diff --git a/ops/entrypoints/mobilecoind.sh b/ops/entrypoints/mobilecoind.sh deleted file mode 100755 index 38813caa8c..0000000000 --- a/ops/entrypoints/mobilecoind.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# -# NOTE: Some of the environment variables are set in the Docker container, and -# some are set in the docker run command - -# exit if anything fails. -set -ex - -# Make the mobilecoind_db dir (should not yet exist) -mkdir -p "${MOBILECOIND_DB_DIR}" - -mobilecoind \ - --peer mc://node1.${BRANCH}.mobilecoin.com/ \ - --peer mc://node2.${BRANCH}.mobilecoin.com/ \ - --peer mc://node3.${BRANCH}.mobilecoin.com/ \ - --peer mc://node4.${BRANCH}.mobilecoin.com/ \ - --peer mc://node5.${BRANCH}.mobilecoin.com/ \ - --tx-source-url https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node1.${BRANCH}.mobilecoin.com/ \ - --tx-source-url https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node2.${BRANCH}.mobilecoin.com/ \ - --tx-source-url https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node3.${BRANCH}.mobilecoin.com/ \ - --tx-source-url https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node4.${BRANCH}.mobilecoin.com/ \ - --tx-source-url https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node5.${BRANCH}.mobilecoin.com/ \ - --quorum-set="{ \"threshold\": 3, \"members\": [{ \"type\": \"Node\", \"args\": \"node1.${BRANCH}.mobilecoin.com:443\"}, {\"type\": \"Node\", \"args\": \"node2.${BRANCH}.mobilecoin.com:443\" }, { \"type\": \"Node\", \"args\": \"node3.${BRANCH}.mobilecoin.com:443\" }, { \"type\": \"Node\", \"args\": \"node4.${BRANCH}.mobilecoin.com:443\" }, { \"type\": \"Node\", \"args\": \"node5.${BRANCH}.mobilecoin.com:443\" }]}" \ - --ledger-db "${NODE_LEDGER_DIR}" \ - --poll-interval 1 \ - --mobilecoind-db "${MOBILECOIND_DB_DIR}" \ - --listen-uri "insecure-mobilecoind://0.0.0.0:${MOBILECOIND_SERVICE_PORT}/" - diff --git a/peers/Cargo.toml b/peers/Cargo.toml index 8962a298d2..6aefbda86e 100644 --- a/peers/Cargo.toml +++ b/peers/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-peers" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/peers/test-utils/Cargo.toml b/peers/test-utils/Cargo.toml index f95b495190..a20888aa0e 100644 --- a/peers/test-utils/Cargo.toml +++ b/peers/test-utils/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-peers-test-utils" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/rust-toolchain b/rust-toolchain deleted file mode 120000 index e90d280217..0000000000 --- a/rust-toolchain +++ /dev/null @@ -1 +0,0 @@ -docker/rust-toolchain \ No newline at end of file diff --git a/rust-toolchain b/rust-toolchain new file mode 100644 index 0000000000..bed25ae774 --- /dev/null +++ b/rust-toolchain @@ -0,0 +1,2 @@ +[toolchain] +channel = "nightly-2023-10-01" diff --git a/sgx/alloc/Cargo.toml b/sgx/alloc/Cargo.toml index 309bd85da0..45008ac79d 100644 --- a/sgx/alloc/Cargo.toml +++ b/sgx/alloc/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-alloc" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] license = "GPL-3.0" readme = "README.md" diff --git a/sgx/build/Cargo.toml b/sgx/build/Cargo.toml index 9cae1eb01a..6934166203 100644 --- a/sgx/build/Cargo.toml +++ b/sgx/build/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-build" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/sgx/compat-edl/Cargo.toml b/sgx/compat-edl/Cargo.toml index bdf72a159f..f5383ee4e2 100644 --- a/sgx/compat-edl/Cargo.toml +++ b/sgx/compat-edl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-compat-edl" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/sgx/compat/Cargo.toml b/sgx/compat/Cargo.toml index a729062b40..1497d836a3 100644 --- a/sgx/compat/Cargo.toml +++ b/sgx/compat/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-compat" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/sgx/css-dump/Cargo.toml b/sgx/css-dump/Cargo.toml index 7e266298c9..6f6b8fca8e 100644 --- a/sgx/css-dump/Cargo.toml +++ b/sgx/css-dump/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-css-dump" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/sgx/css/Cargo.toml b/sgx/css/Cargo.toml index e207a696c5..31438b5452 100644 --- a/sgx/css/Cargo.toml +++ b/sgx/css/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-css" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/sgx/debug-edl/Cargo.toml b/sgx/debug-edl/Cargo.toml index 1934861ee7..a16dedaa0c 100644 --- a/sgx/debug-edl/Cargo.toml +++ b/sgx/debug-edl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-debug-edl" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/sgx/debug/Cargo.toml b/sgx/debug/Cargo.toml index 41b33508e6..b56e12c25a 100644 --- a/sgx/debug/Cargo.toml +++ b/sgx/debug/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-debug" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/sgx/enclave-id/Cargo.toml b/sgx/enclave-id/Cargo.toml index 6f51bf75d8..9cd860d295 100644 --- a/sgx/enclave-id/Cargo.toml +++ b/sgx/enclave-id/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-enclave-id" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/sgx/panic-edl/Cargo.toml b/sgx/panic-edl/Cargo.toml index 5ec7ae9fa3..e37e4db431 100644 --- a/sgx/panic-edl/Cargo.toml +++ b/sgx/panic-edl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-panic-edl" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/sgx/panic/Cargo.toml b/sgx/panic/Cargo.toml index c1c7e932f1..f4e9a1dde1 100644 --- a/sgx/panic/Cargo.toml +++ b/sgx/panic/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-panic" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] license = "GPL-3.0" readme = "README.md" diff --git a/sgx/report-cache/api/Cargo.toml b/sgx/report-cache/api/Cargo.toml index f9d90ed19a..fc9eebf4eb 100644 --- a/sgx/report-cache/api/Cargo.toml +++ b/sgx/report-cache/api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-report-cache-api" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/sgx/report-cache/untrusted/Cargo.toml b/sgx/report-cache/untrusted/Cargo.toml index b729db3f91..44ade73110 100644 --- a/sgx/report-cache/untrusted/Cargo.toml +++ b/sgx/report-cache/untrusted/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-report-cache-untrusted" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/sgx/service/Cargo.toml b/sgx/service/Cargo.toml index af426e81b9..5b69760792 100644 --- a/sgx/service/Cargo.toml +++ b/sgx/service/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-service" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/sgx/slog-edl/Cargo.toml b/sgx/slog-edl/Cargo.toml index 3605477d47..b2a58fea27 100644 --- a/sgx/slog-edl/Cargo.toml +++ b/sgx/slog-edl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-slog-edl" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/sgx/slog/Cargo.toml b/sgx/slog/Cargo.toml index 99d9486b8e..7421593753 100644 --- a/sgx/slog/Cargo.toml +++ b/sgx/slog/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-slog" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/sgx/sync/Cargo.toml b/sgx/sync/Cargo.toml index 7c197793cf..49d025a58c 100644 --- a/sgx/sync/Cargo.toml +++ b/sgx/sync/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-sync" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] license = "GPL-3.0" readme = "README.md" diff --git a/sgx/types/Cargo.toml b/sgx/types/Cargo.toml index e951b87015..7a6c58e3c5 100644 --- a/sgx/types/Cargo.toml +++ b/sgx/types/Cargo.toml @@ -1,7 +1,7 @@ [package] authors = ["MobileCoin"] name = "mc-sgx-types" -version = "5.2.3" +version = "6.0.0" repository = "https://github.com/baidu/rust-sgx-sdk" license-file = "LICENSE" documentation = "https://dingelish.github.io/" diff --git a/sgx/urts/Cargo.toml b/sgx/urts/Cargo.toml index e151ba4b3b..17de2dbfac 100644 --- a/sgx/urts/Cargo.toml +++ b/sgx/urts/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-sgx-urts" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] license = "GPL-3.0" readme = "README.md" diff --git a/test-vectors/account-keys/Cargo.toml b/test-vectors/account-keys/Cargo.toml index c3ba3517ab..00a9b3f9f4 100644 --- a/test-vectors/account-keys/Cargo.toml +++ b/test-vectors/account-keys/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-test-vectors-account-keys" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/test-vectors/b58-encodings/Cargo.toml b/test-vectors/b58-encodings/Cargo.toml index 30e33a2667..42191458e1 100644 --- a/test-vectors/b58-encodings/Cargo.toml +++ b/test-vectors/b58-encodings/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-test-vectors-b58-encodings" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/test-vectors/definitions/Cargo.toml b/test-vectors/definitions/Cargo.toml index ef39deed05..1fb35d92c5 100644 --- a/test-vectors/definitions/Cargo.toml +++ b/test-vectors/definitions/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-test-vectors-definitions" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/test-vectors/memos/Cargo.toml b/test-vectors/memos/Cargo.toml index ad181d557d..a1342b0fa1 100644 --- a/test-vectors/memos/Cargo.toml +++ b/test-vectors/memos/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-test-vectors-memos" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/test-vectors/tx-out-records/Cargo.toml b/test-vectors/tx-out-records/Cargo.toml index f6a7f00581..d0c017384f 100644 --- a/test-vectors/tx-out-records/Cargo.toml +++ b/test-vectors/tx-out-records/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-test-vectors-tx-out-records" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/tools/local-network/local_network.py b/tools/local-network/local_network.py index f42097e08b..e9e311729e 100755 --- a/tools/local-network/local_network.py +++ b/tools/local-network/local_network.py @@ -162,7 +162,7 @@ def __init__(self, name, node_num, client_port, peer_port, admin_port, admin_htt self.peers = peers self.quorum_set = quorum_set self.minimum_fee = 400_000_000 - self.block_version = block_version or 3 + self.block_version = block_version or 4 self.consensus_process = None self.ledger_distribution_process = None diff --git a/transaction/builder/Cargo.toml b/transaction/builder/Cargo.toml index 02b9f369ab..35cf7997fe 100644 --- a/transaction/builder/Cargo.toml +++ b/transaction/builder/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-transaction-builder" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/transaction/builder/src/signed_contingent_input_builder.rs b/transaction/builder/src/signed_contingent_input_builder.rs index 31282b78f7..035a7525bc 100644 --- a/transaction/builder/src/signed_contingent_input_builder.rs +++ b/transaction/builder/src/signed_contingent_input_builder.rs @@ -1,4 +1,4 @@ -// Copyright (c) 2018-2022 The MobileCoin Foundation +// Copyright (c) 2018-2024 The MobileCoin Foundation //! A builder object for signed contingent inputs (see MCIP #31) //! This plays a similar role to the transaction builder. @@ -10,6 +10,7 @@ use crate::{ use alloc::{boxed::Box, vec::Vec}; use core::cmp::min; use mc_account_keys::PublicAddress; +use mc_crypto_keys::RistrettoPrivate; use mc_crypto_ring_signature_signer::{RingSigner, SignableInputRing}; use mc_fog_report_validation::FogPubkeyResolver; use mc_transaction_core::{ @@ -20,6 +21,7 @@ use mc_transaction_core::{ RevealedTxOut, TokenId, UnmaskedAmount, }; use mc_transaction_extra::{SignedContingentInput, TxOutConfirmationNumber}; +use mc_util_from_random::FromRandom; use rand_core::{CryptoRng, RngCore}; /// Helper utility for creating signed contingent inputs with required outputs, @@ -249,15 +251,15 @@ impl SignedContingentInputBuilder { let (hint, pubkey_expiry) = crate::transaction_builder::create_fog_hint(fog_hint_address, &self.fog_resolver, rng)?; - let (tx_out, shared_secret, _tx_private_key) = - crate::transaction_builder::create_output_with_fog_hint( - self.block_version, - amount, - recipient, - hint, - memo_fn, - rng, - )?; + let tx_private_key = RistrettoPrivate::from_random(rng); + let (tx_out, shared_secret) = crate::transaction_builder::create_output_with_fog_hint( + self.block_version, + amount, + recipient, + hint, + memo_fn, + &tx_private_key, + )?; let (amount, blinding) = tx_out .get_masked_amount() @@ -412,15 +414,15 @@ impl SignedContingentInputBuilder { let (hint, pubkey_expiry) = crate::transaction_builder::create_fog_hint(fog_hint_address, &self.fog_resolver, rng)?; - let (tx_out, shared_secret, _tx_private_key) = - crate::transaction_builder::create_output_with_fog_hint( - self.block_version, - amount, - recipient, - hint, - memo_fn, - rng, - )?; + let tx_private_key = RistrettoPrivate::from_random(rng); + let (tx_out, shared_secret) = crate::transaction_builder::create_output_with_fog_hint( + self.block_version, + amount, + recipient, + hint, + memo_fn, + &tx_private_key, + )?; self.impose_tombstone_block_limit(pubkey_expiry); let amount_shared_secret = diff --git a/transaction/builder/src/test_utils.rs b/transaction/builder/src/test_utils.rs index 84b3816564..cf20302251 100644 --- a/transaction/builder/src/test_utils.rs +++ b/transaction/builder/src/test_utils.rs @@ -1,4 +1,4 @@ -// Copyright (c) 2018-2022 The MobileCoin Foundation +// Copyright (c) 2018-2024 The MobileCoin Foundation //! Utilities that help with testing the transaction builder and related objects @@ -8,7 +8,7 @@ use crate::{ }; use alloc::vec::Vec; use mc_account_keys::{AccountKey, PublicAddress, DEFAULT_SUBADDRESS_INDEX}; -use mc_crypto_keys::RistrettoPublic; +use mc_crypto_keys::{RistrettoPrivate, RistrettoPublic}; use mc_crypto_ring_signature_signer::{NoKeysRingSigner, OneTimeKeyDeriveData}; use mc_fog_report_validation::FogPubkeyResolver; use mc_transaction_core::{ @@ -44,13 +44,14 @@ pub fn create_output( ) -> Result<(TxOut, RistrettoPublic), TxBuilderError> { let (hint, _pubkey_expiry) = crate::transaction_builder::create_fog_hint(recipient, fog_resolver, rng)?; - let (tx_out, shared_secret, _) = crate::transaction_builder::create_output_with_fog_hint( + let tx_private_key = RistrettoPrivate::from_random(rng); + let (tx_out, shared_secret) = crate::transaction_builder::create_output_with_fog_hint( block_version, amount, recipient, hint, |_| Ok(MemoPayload::default()), - rng, + &tx_private_key, )?; Ok((tx_out, shared_secret)) } diff --git a/transaction/builder/src/transaction_builder.rs b/transaction/builder/src/transaction_builder.rs index 389123d16b..3b91d71701 100644 --- a/transaction/builder/src/transaction_builder.rs +++ b/transaction/builder/src/transaction_builder.rs @@ -1,4 +1,4 @@ -// Copyright (c) 2018-2023 The MobileCoin Foundation +// Copyright (c) 2018-2024 The MobileCoin Foundation //! Utility for building and signing a transaction. //! @@ -447,6 +447,56 @@ impl TransactionBuilder { amount: Amount, recipient: &PublicAddress, rng: &mut RNG, + ) -> Result { + self.add_output_with_tx_private_key(amount, recipient, None, rng) + } + + /// Add a non-change output to the transaction, optionally with a specified + /// tx_private_key. + /// + /// Specifying the tx_private_key gives you two things: + /// + /// * Together with the amount and recipient, fixes the generated TxOut + /// public key, target key, and blinding factor for amount. Because the + /// blockchain enforces that TxOut public keys are unique, this is a point + /// of mutual exclusion, and you can use this to create idempotent payment + /// interfaces. + /// * If you know the tx private key, you can prove to an untrusting third + /// party what the amount and recipient of the tx out is. You can use this + /// resolve disputes. The TxOut shared secret and confirmation numbers + /// don't accomplish this because they don't reveal the recipient. + /// + /// If the tx_private_key is not pseudorandom, it will harm the privacy of + /// transactions. For a merchant or exchange, a reasonable way to derive + /// it is to hash the payment id, or the withdrawal id, together with a + /// 32 byte secret. (You could use your private spend key or similar for + /// example, but you may wish to rotate that from time to time, and you + /// may not expect that idempotence would break across that key rotation. + /// It's up to the application developer to decide the most suitable + /// scheme.) You must ensure 32 bytes of pseudo-entropy to avoid + /// undermining the transaction protocol. + /// + /// An alternative is to seed the RNG that is used with the transaction + /// builder and then call add_output as usual. However, this approach + /// means that upgrading your RNG is a way that idempotence can break, + /// and in many cases, breaking idempotence means risk of double payments / + /// loss of funds. Setting the tx_private_key directly is possibly + /// simpler and with fewer hazards. Additionally, this approach allows + /// you to easily determine and record the tx_private_key, which you may + /// want for other reasons as described. + /// + /// # Arguments + /// * `amount` - The amount of this output + /// * `recipient` - The recipient's public address + /// * `tx_private_key` - Optionally, a specific tx_private_key to use for + /// this output. + /// * `rng` - RNG used to generate blinding for commitment + pub fn add_output_with_tx_private_key( + &mut self, + amount: Amount, + recipient: &PublicAddress, + tx_private_key: Option, + rng: &mut RNG, ) -> Result { // Taking self.memo_builder here means that we can call functions on &mut self, // and pass them something that has captured the memo builder. @@ -459,6 +509,7 @@ impl TransactionBuilder { amount, recipient, recipient, + tx_private_key, |memo_ctxt| mb.make_memo_for_output(amount, recipient, memo_ctxt), rng, ); @@ -524,6 +575,7 @@ impl TransactionBuilder { amount, &change_destination.change_subaddress, &change_destination.primary_address, + None, |memo_ctxt| mb.make_memo_for_change_output(amount, change_destination, memo_ctxt), rng, ); @@ -570,6 +622,7 @@ impl TransactionBuilder { amount, &reserved_subaddresses.gift_code_subaddress, &reserved_subaddresses.primary_address, + None, |memo_ctxt| { mb.make_memo_for_output( amount, @@ -600,13 +653,17 @@ impl TransactionBuilder { /// * `amount` - The amount of this output /// * `recipient` - The recipient's public address /// * `fog_hint_address` - The public address used to create the fog hint + /// * `tx_private_key` - Optional. If unspecified, generated randomly using + /// rng. /// * `memo_fn` - The memo function to use (see TxOut::new_with_memo) - /// * `rng` - RNG used to generate blinding for commitment + /// * `rng` - RNG used to generate tx private key (if not specified), and + /// encrypted fog hint fn add_output_with_fog_hint_address( &mut self, amount: Amount, recipient: &PublicAddress, fog_hint_address: &PublicAddress, + tx_private_key: Option, memo_fn: impl FnOnce(MemoContext) -> Result, rng: &mut RNG, ) -> Result { @@ -621,8 +678,16 @@ impl TransactionBuilder { )); } - let (tx_out, shared_secret, tx_private_key) = - create_output_with_fog_hint(self.block_version, amount, recipient, hint, memo_fn, rng)?; + let tx_private_key = tx_private_key.unwrap_or_else(|| RistrettoPrivate::from_random(rng)); + + let (tx_out, shared_secret) = create_output_with_fog_hint( + self.block_version, + amount, + recipient, + hint, + memo_fn, + &tx_private_key, + )?; let (amount, blinding) = tx_out .get_masked_amount() @@ -851,7 +916,7 @@ impl TransactionBuilder { } /// Creates a TxOut that sends `value` to `recipient` using the provided -/// `fog_hint`. +/// `fog_hint` and `tx_private_key`. /// /// # Arguments /// * `block_version` - Block version rules to conform to @@ -859,32 +924,30 @@ impl TransactionBuilder { /// * `recipient` - Recipient's address. /// * `fog_hint` - The encrypted fog hint to use /// * `memo_fn` - The memo function to use -- see TxOut::new_with_memo docu -/// * `rng` - +/// * `tx_private_key` - The tx private key to use. This should be pseudorandom. /// /// # Returns /// * TxOut /// * tx_out_shared_secret -/// * tx_private_key -pub(crate) fn create_output_with_fog_hint( +pub(crate) fn create_output_with_fog_hint( block_version: BlockVersion, amount: Amount, recipient: &PublicAddress, fog_hint: EncryptedFogHint, memo_fn: impl FnOnce(MemoContext) -> Result, - rng: &mut RNG, -) -> Result<(TxOut, RistrettoPublic, RistrettoPrivate), TxBuilderError> { - let tx_private_key = RistrettoPrivate::from_random(rng); + tx_private_key: &RistrettoPrivate, +) -> Result<(TxOut, RistrettoPublic), TxBuilderError> { let tx_out = TxOut::new_with_memo( block_version, amount, recipient, - &tx_private_key, + tx_private_key, fog_hint, memo_fn, )?; - let shared_secret = create_shared_secret(recipient.view_public_key(), &tx_private_key); - Ok((tx_out, shared_secret, tx_private_key)) + let shared_secret = create_shared_secret(recipient.view_public_key(), tx_private_key); + Ok((tx_out, shared_secret)) } /// Create a fog hint, using the fog_resolver collection in self. @@ -1172,6 +1235,7 @@ pub mod transaction_builder_tests { Amount::new(value - Mob::MINIMUM_FEE, token_id), &recipient.default_subaddress(), &fog_hint_address, + None, |_| Ok(Default::default()), &mut rng, ) diff --git a/transaction/core/Cargo.toml b/transaction/core/Cargo.toml index 5b5dfd9211..0aacfe75d2 100644 --- a/transaction/core/Cargo.toml +++ b/transaction/core/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-transaction-core" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/transaction/core/test-utils/Cargo.toml b/transaction/core/test-utils/Cargo.toml index 613570c518..928df9b68b 100644 --- a/transaction/core/test-utils/Cargo.toml +++ b/transaction/core/test-utils/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-transaction-core-test-utils" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" rust-version = { workspace = true } diff --git a/transaction/extra/Cargo.toml b/transaction/extra/Cargo.toml index 3a07ec3c5d..79533401c4 100644 --- a/transaction/extra/Cargo.toml +++ b/transaction/extra/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-transaction-extra" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" @@ -11,12 +11,10 @@ rust-version = { workspace = true } # External dependencies cfg-if = "1.0" displaydoc = { version = "0.2", default-features = false } -hmac = "0.12" prost = { version = "0.12", default-features = false, features = ["prost-derive"] } rand = { version = "0.8", default-features = false } rand_core = { version = "0.6", default-features = false } serde = { version = "1.0", default-features = false, features = ["alloc", "derive"] } -sha2 = { version = "0.10", default-features = false } subtle = { version = "2", default-features = false } zeroize = "1" @@ -26,6 +24,7 @@ mc-core = { path = "../../core" } mc-crypto-digestible = { path = "../../crypto/digestible", features = ["dalek"] } mc-crypto-hashes = { path = "../../crypto/hashes" } mc-crypto-keys = { path = "../../crypto/keys", default-features = false } +mc-crypto-memo-mac = { path = "../../crypto/memo-mac" } mc-crypto-ring-signature = { path = "../../crypto/ring-signature" } mc-crypto-ring-signature-signer = { path = "../../crypto/ring-signature/signer" } mc-transaction-core = { path = "../../transaction/core" } diff --git a/transaction/extra/src/memo/authenticated_common.rs b/transaction/extra/src/memo/authenticated_common.rs index 54bd69fd1a..2755557230 100644 --- a/transaction/extra/src/memo/authenticated_common.rs +++ b/transaction/extra/src/memo/authenticated_common.rs @@ -5,48 +5,14 @@ //! This validation scheme was proposed for standardization in //! mobilecoinfoundation/mcips/pull/4 -use hmac::{Hmac, Mac}; use mc_account_keys::{PublicAddress, ShortAddressHash}; use mc_crypto_keys::{ CompressedRistrettoPublic, KexReusablePrivate, RistrettoPrivate, RistrettoPublic, }; -use sha2::Sha512; use subtle::{Choice, ConstantTimeEq}; use crate::SenderMemoCredential; -type HmacSha512 = Hmac; - -/// Shared code for memo types in category 0x01, whose last 16 bytes is an HMAC -/// This HMAC key is always first the 32 bytes of a shared secret, then the 32 -/// bytes of the TxOut public key, then all the bytes of the decrypted memo, -/// omitting the last 16 which are the HMAC. -/// -/// Arguments: -/// * shared_secret, produced in some way between sender and recipient. -/// * tx_out_public_key, from the TxOut associated to this memo -/// * memo_data. The last 16 bytes of this slice will be ignored. -pub fn compute_category1_hmac( - shared_secret: &[u8; 32], - tx_out_public_key: &CompressedRistrettoPublic, - memo_type_bytes: [u8; 2], - memo_data: &[u8; 64], -) -> [u8; 16] { - let mut mac = HmacSha512::new_from_slice(shared_secret.as_ref()) - .expect("hmac can take a key of any size"); - // First add domain separation - mac.update(b"mc-memo-mac"); - // Next add tx_out_public_key, binding this mac to a paritcular TxOut - mac.update(tx_out_public_key.as_ref()); - // Next add memo type bytes (2) - mac.update(&memo_type_bytes); - // Next add all the memo data bytes, except for the last 16 (which are the mac) - mac.update(&memo_data[..(64 - 16)]); - let mut result = [0u8; 16]; - result.copy_from_slice(&mac.finalize().into_bytes()[0..16]); - result -} - /// Shared code for validation of 0x0100 and 0x0101 memos pub fn validate_authenticated_sender( sender_address: &PublicAddress, @@ -64,13 +30,13 @@ pub fn validate_authenticated_sender( let shared_secret = receiving_subaddress_view_private_key.key_exchange(sender_address.spend_public_key()); - let expected_hmac = compute_category1_hmac( + let expected_hmac = mc_crypto_memo_mac::compute_category1_hmac( shared_secret.as_ref(), tx_out_public_key, memo_type_bytes, - memo_data, + &memo_data[..48].try_into().expect("length mismatch"), ); - let found_hmac: [u8; 16] = memo_data[(64 - 16)..].try_into().unwrap(); + let found_hmac: [u8; 16] = memo_data[(64 - 16)..].try_into().expect("length mismatch"); result &= expected_hmac.ct_eq(&found_hmac); result } @@ -92,11 +58,11 @@ pub fn compute_authenticated_sender_memo( .subaddress_spend_private_key .key_exchange(receiving_subaddress_view_public_key); - let hmac_value = compute_category1_hmac( + let hmac_value = mc_crypto_memo_mac::compute_category1_hmac( shared_secret.as_ref(), tx_out_public_key, memo_type_bytes, - &memo_data, + &memo_data[..48].try_into().expect("length mismatch"), ); memo_data[48..].copy_from_slice(&hmac_value); memo_data diff --git a/transaction/extra/src/memo/mod.rs b/transaction/extra/src/memo/mod.rs index 38a0e7d9fd..c8671442f8 100644 --- a/transaction/extra/src/memo/mod.rs +++ b/transaction/extra/src/memo/mod.rs @@ -48,7 +48,7 @@ //! | 0x0204 | Destination With Payment Intent Id Memo | pub use self::{ - authenticated_common::{compute_authenticated_sender_memo, compute_category1_hmac}, + authenticated_common::compute_authenticated_sender_memo, authenticated_sender::AuthenticatedSenderMemo, authenticated_sender_with_payment_intent_id::AuthenticatedSenderWithPaymentIntentIdMemo, authenticated_sender_with_payment_request_id::AuthenticatedSenderWithPaymentRequestIdMemo, diff --git a/transaction/signer/Cargo.toml b/transaction/signer/Cargo.toml index effb56c82a..d03b240b91 100644 --- a/transaction/signer/Cargo.toml +++ b/transaction/signer/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-transaction-signer" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/transaction/signer/src/types.rs b/transaction/signer/src/types.rs index f65a31423d..8da7e9a536 100644 --- a/transaction/signer/src/types.rs +++ b/transaction/signer/src/types.rs @@ -182,6 +182,19 @@ impl AsRef<[u8; 32]> for AccountId { } } +/// Create [AccountId] object from hex-encoded string +impl TryFrom for AccountId { + type Error = hex::FromHexError; + + fn try_from(value: String) -> Result { + let mut byte_array = [0u8; 32]; + match hex::decode_to_slice(value, &mut byte_array) { + Ok(()) => Ok(Self(byte_array)), + Err(e) => Err(e), + } + } +} + /// Create [AccountId] object from raw hash impl From<[u8; 32]> for AccountId { fn from(value: [u8; 32]) -> Self { diff --git a/transaction/summary/Cargo.toml b/transaction/summary/Cargo.toml index ef020429df..aa45046459 100644 --- a/transaction/summary/Cargo.toml +++ b/transaction/summary/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-transaction-summary" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" readme = "README.md" diff --git a/transaction/types/Cargo.toml b/transaction/types/Cargo.toml index 011453963a..32df818bc3 100644 --- a/transaction/types/Cargo.toml +++ b/transaction/types/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-transaction-types" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/util/b58-decoder/Cargo.toml b/util/b58-decoder/Cargo.toml index f8ead73ec4..eac829ff5b 100644 --- a/util/b58-decoder/Cargo.toml +++ b/util/b58-decoder/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-b58-decoder" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/build/enclave/Cargo.toml b/util/build/enclave/Cargo.toml index 3bef59a84f..adb957619a 100644 --- a/util/build/enclave/Cargo.toml +++ b/util/build/enclave/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-build-enclave" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "Enclave build assistance, from MobileCoin." diff --git a/util/build/grpc/Cargo.toml b/util/build/grpc/Cargo.toml index 20258510f2..9a519cc8b8 100644 --- a/util/build/grpc/Cargo.toml +++ b/util/build/grpc/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-build-grpc" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/util/build/info/Cargo.toml b/util/build/info/Cargo.toml index cd81394487..7bed4abcd3 100644 --- a/util/build/info/Cargo.toml +++ b/util/build/info/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-build-info" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] build = "build.rs" edition = "2021" diff --git a/util/build/script/Cargo.toml b/util/build/script/Cargo.toml index 43a1ce579c..a4ed64f749 100644 --- a/util/build/script/Cargo.toml +++ b/util/build/script/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-build-script" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "Cargo build-script assistance, from MobileCoin." edition = "2021" diff --git a/util/build/sgx/Cargo.toml b/util/build/sgx/Cargo.toml index f941032958..e6bfafd2ec 100644 --- a/util/build/sgx/Cargo.toml +++ b/util/build/sgx/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-build-sgx" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "SGX utilities assistance, from MobileCoin." diff --git a/util/cli/Cargo.toml b/util/cli/Cargo.toml index 91e31a350f..a2e1073322 100644 --- a/util/cli/Cargo.toml +++ b/util/cli/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-cli" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/dump-ledger/Cargo.toml b/util/dump-ledger/Cargo.toml index 9d5a4a4dbd..f2038704d1 100644 --- a/util/dump-ledger/Cargo.toml +++ b/util/dump-ledger/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-dump-ledger" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/encodings/Cargo.toml b/util/encodings/Cargo.toml index 428b9c36b4..7e8d7e4de4 100644 --- a/util/encodings/Cargo.toml +++ b/util/encodings/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-encodings" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "Support for various simple encodings (hex strings, base64 strings, Intel x86_64 structures, etc.)" edition = "2021" diff --git a/util/ffi/Cargo.toml b/util/ffi/Cargo.toml index a9c5ace81c..799f49914d 100644 --- a/util/ffi/Cargo.toml +++ b/util/ffi/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-ffi" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/util/from-random/Cargo.toml b/util/from-random/Cargo.toml index 65ea514414..0459f20729 100644 --- a/util/from-random/Cargo.toml +++ b/util/from-random/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-from-random" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "A trait for constructing an object from a random number generator." edition = "2021" diff --git a/util/generate-sample-ledger/Cargo.toml b/util/generate-sample-ledger/Cargo.toml index 1f13743238..ae9958a2fb 100644 --- a/util/generate-sample-ledger/Cargo.toml +++ b/util/generate-sample-ledger/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-generate-sample-ledger" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/grpc-admin-tool/Cargo.toml b/util/grpc-admin-tool/Cargo.toml index 53adb2f0e2..ae2059d80f 100644 --- a/util/grpc-admin-tool/Cargo.toml +++ b/util/grpc-admin-tool/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-grpc-admin-tool" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/grpc-token-generator/Cargo.toml b/util/grpc-token-generator/Cargo.toml index 90377da141..0c4f5b70c5 100644 --- a/util/grpc-token-generator/Cargo.toml +++ b/util/grpc-token-generator/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-grpc-token-generator" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/grpc/Cargo.toml b/util/grpc/Cargo.toml index 1e66c6d4e1..dc45cc9b69 100644 --- a/util/grpc/Cargo.toml +++ b/util/grpc/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-grpc" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "Runtime gRPC Utilities" edition = "2021" diff --git a/util/host-cert/Cargo.toml b/util/host-cert/Cargo.toml index f1098a1457..7cd835a90b 100644 --- a/util/host-cert/Cargo.toml +++ b/util/host-cert/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-host-cert" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/util/keyfile/Cargo.toml b/util/keyfile/Cargo.toml index 06f3804082..d61ee779aa 100644 --- a/util/keyfile/Cargo.toml +++ b/util/keyfile/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-keyfile" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/lmdb/Cargo.toml b/util/lmdb/Cargo.toml index 42e25406bc..586e623a01 100644 --- a/util/lmdb/Cargo.toml +++ b/util/lmdb/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-lmdb" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/logger-macros/Cargo.toml b/util/logger-macros/Cargo.toml index ef606d3bf6..b6e2c6a8b5 100644 --- a/util/logger-macros/Cargo.toml +++ b/util/logger-macros/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-logger-macros" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/metered-channel/Cargo.toml b/util/metered-channel/Cargo.toml index fed36b945c..444165fc32 100644 --- a/util/metered-channel/Cargo.toml +++ b/util/metered-channel/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-metered-channel" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/metrics/Cargo.toml b/util/metrics/Cargo.toml index a0a9bc2ad2..77ab41acf8 100644 --- a/util/metrics/Cargo.toml +++ b/util/metrics/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-metrics" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/parse/Cargo.toml b/util/parse/Cargo.toml index dffd0f4f07..9b3b82f7db 100644 --- a/util/parse/Cargo.toml +++ b/util/parse/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-parse" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "Helpers for parsing, particularly, for use with Clap and similar" diff --git a/util/repr-bytes/Cargo.toml b/util/repr-bytes/Cargo.toml index ce8befbafb..56571a5ce9 100644 --- a/util/repr-bytes/Cargo.toml +++ b/util/repr-bytes/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-repr-bytes" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/util/seeded-ed25519-key-gen/Cargo.toml b/util/seeded-ed25519-key-gen/Cargo.toml index ac4166fa61..05849f7dd9 100644 --- a/util/seeded-ed25519-key-gen/Cargo.toml +++ b/util/seeded-ed25519-key-gen/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-seeded-ed25519-key-gen" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/serial/Cargo.toml b/util/serial/Cargo.toml index 571a7f0eda..e56872890f 100644 --- a/util/serial/Cargo.toml +++ b/util/serial/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-serial" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/util/telemetry/Cargo.toml b/util/telemetry/Cargo.toml index 64ebdb4b00..5d474d5ff8 100644 --- a/util/telemetry/Cargo.toml +++ b/util/telemetry/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-telemetry" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/test-helper/Cargo.toml b/util/test-helper/Cargo.toml index 0c918f173a..7074c671e9 100644 --- a/util/test-helper/Cargo.toml +++ b/util/test-helper/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-test-helper" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/test-vector/Cargo.toml b/util/test-vector/Cargo.toml index 3a107de143..c061d199ce 100644 --- a/util/test-vector/Cargo.toml +++ b/util/test-vector/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-test-vector" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/test-with-data/Cargo.toml b/util/test-with-data/Cargo.toml index 7c46aed386..e98be77e5e 100644 --- a/util/test-with-data/Cargo.toml +++ b/util/test-with-data/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-test-with-data" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/util/u64-ratio/Cargo.toml b/util/u64-ratio/Cargo.toml index 3201cb1101..997348099c 100644 --- a/util/u64-ratio/Cargo.toml +++ b/util/u64-ratio/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-u64-ratio" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "A helper for computing with ratios of u64 numbers" edition = "2021" diff --git a/util/uri/Cargo.toml b/util/uri/Cargo.toml index ae66c95b09..d7247bf55a 100644 --- a/util/uri/Cargo.toml +++ b/util/uri/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-uri" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0" diff --git a/util/vec-map/Cargo.toml b/util/vec-map/Cargo.toml index 16fd601c3c..24ca270838 100644 --- a/util/vec-map/Cargo.toml +++ b/util/vec-map/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-vec-map" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] description = "A map object based on heapless Vec" edition = "2021" diff --git a/util/zip-exact/Cargo.toml b/util/zip-exact/Cargo.toml index e9d624151c..7524274b78 100644 --- a/util/zip-exact/Cargo.toml +++ b/util/zip-exact/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-util-zip-exact" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" description = "An iterator helper" diff --git a/wasm-test/Cargo.toml b/wasm-test/Cargo.toml index 3fdde25579..7d6bfd4409 100644 --- a/wasm-test/Cargo.toml +++ b/wasm-test/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-wasm-test" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/watcher/Cargo.toml b/watcher/Cargo.toml index 3ed0b99581..5186f31d61 100644 --- a/watcher/Cargo.toml +++ b/watcher/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-watcher" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "GPL-3.0" diff --git a/watcher/api/Cargo.toml b/watcher/api/Cargo.toml index 6c6d2c4b63..7e0ec5db67 100644 --- a/watcher/api/Cargo.toml +++ b/watcher/api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-watcher-api" -version = "5.2.3" +version = "6.0.0" authors = ["MobileCoin"] edition = "2021" license = "Apache-2.0"