Batch computed evidence does not match presented evidence

I’m trying to update the frontend via proposal and have an output of:

Proposed commit of batch 203 with evidence 5f2d8fac4591e01e2d8e0da715a632ba5016d8bdaa897d31c0766a3095d3fb13

When trying to submit the frontend proposal however, I get the error:

The request is being processed…
(
record {
command = opt variant {
Error = record {
error_message = “1 defects in Proposal:\nInvalid proposal: batch computed evidence 5f2d8fac4591e01e2d8e0da715a632ba5016d8bdaa897d31c0766a3095d3fb13 does not match presented evidence 35663264386661633435393165303165326438653064613731356136333262613530313664386264616138393764333163303736366133303935643366623133”;
error_type = 15 : int32;
}
};
},
)

Was just wondering where I might be going wrong?

Is this local? Any chance you have some background process like vite building code when ever changes occur(or at some other time). This basically means that the deployer is telling the canister an improper hash which could be because of a bad assembly, because a file isn’t being included that it thought was going to be, or that the files change between the compute and the upload.

No this isn’t local, i get different errors trying to compute the batch evidence on local. I just want to push the frontend to the live IC canister. Largely to know I can too since it’s something I need updating more often than say the backend.

If you could point me to the docs where I configure the deployer / hashes and assembly of the files.

It’s almost like it’s looking for the decoded payload value

when i log the payload it’s the encoded value I think:

I think your Candid blob notation runs into a surprise feature (?).

From the candid reference:

blob <text> where <text> represents a text literal with all characters representing their utf8 encoding, and arbitrary byte sequences ("\CA\FF\FE").

meaning that you’re passing the bytes of the hex-encoded string instead of the bytes.

❯ didc encode '(blob "5f2d8fac4591e01e2d8e0da715a632ba5016d8bdaa897d31c0766a3095d3fb13")'             
4449444c016d7b01004035663264386661633435393165303165326438653064613731356136333262613530313664386264616138393764333163303736366133303935643366623133
 
❯ didc encode '(blob "\5f\2d\8f\ac\45\91\e0\1e\2d\8e\0d\a7\15\a6\32\ba\50\16\d8\bd\aa\89\7d\31\c0\76\6a\30\95\d3\fb\13")'
4449444c016d7b0100205f2d8fac4591e01e2d8e0da715a632ba5016d8bdaa897d31c0766a3095d3fb13

The bytes you can see in the error message can be produced like this (minus some endian issues I think, so you need to transpose all the bytes):

❯ echo 5f2d8fac4591e01e2d8e0da715a632ba5016d8bdaa897d31c0766a3095d3fb13 | hexdump
0000000 6635 6432 6638 6361 3534 3139 3065 6531
0000010 6432 6538 6430 3761 3531 3661 3233 6162
0000020 3035 3631 3864 6462 6161 3938 6437 3133
0000030 3063 3637 6136 3033 3539 3364 6266 3331
0000040 000a                                   
0000041

I’m so confused. Sorry if I’m not converting bytes of encoded strings properly, it’s not something I have any clue about or have needed to in building applications before.

So can we get back to the documented trail so I can get a grip. From the commands and the docs, can you show me how I get the frontend updated?

I’m looking for code on transposing bytes in the docs on updating the asset canister but can’t see it.

Docs are lacking. What you want to do:

EVIDENCE_STRING=5f2d8fac4591e01e2d8e0da715a632ba5016d8bdaa897d31c0766a3095d3fb13
BATCH_ID=123
didc encode "(record{ batch_id = $BATCH_ID : nat; evidence = blob \"$(echo $EVIDENCE_STRING | sed 's/../\\&/g')\"; })"

You should then be able to see the evidence bytes in the candid-encoded bytes, and that’s the arg you want to submit to the generic function call. To construct the generic proposal you need to apply the same treatment again before wrapping it in the blob: blob "$(echo $ARG | sed 's/..\\&/g')"

Thanks Severin,

So here is the proposal file:


#!/bin/bash

# Set current directory to the scripts root
SCRIPT=$(readlink -f "$0")
SCRIPT_DIR=$(dirname "$SCRIPT")
cd $SCRIPT_DIR

TITLE="Update Frontend Canister."
SUMMARY="Update frontend canister with evidence batch id 203."
URL="https://openfpl.xyz"

EVIDENCE_STRING=5f2d8fac4591e01e2d8e0da715a632ba5016d8bdaa897d31c0766a3095d3fb13
BATCH_ID=203
FUNCTION_ID=24000

# Submit the proposal

../../utils/make_custom_function_proposal_frontend.sh $FUNCTION_ID "$TITLE" "$SUMMARY" "$URL" "$EVIDENCE_STRING" "$BATCH_ID" "commit_proposed_batch"

Which calls this file to submit the proposal:

#!/bin/bash

# cd into folder containing this script
SCRIPT=$(readlink -f "$0")
SCRIPT_DIR=$(dirname "$SCRIPT")
cd $SCRIPT_DIR

# Extract the args
FUNCTION_ID=$1
TITLE=$2
SUMMARY=$3
URL=$4
EVIDENCE_STRING=$5
BATCH_ID=$6
METHOD=$7

# Candid encode the payload as binary
PAYLOAD=$(didc encode "(record{ batch_id = $BATCH_ID : nat; evidence = blob \"$($EVIDENCE_STRING | sed 's/../\\&/g')\"; })")

# Build the proposal candid
PROPOSAL="(record { title=\"$TITLE\"; url=\"$URL\"; summary=\"$SUMMARY\"; action=opt variant 
    {ExecuteGenericNervousSystemFunction = record {function_id=($FUNCTION_ID:nat64); payload=$PAYLOAD}}})"
# Make the proposal
./submit_proposal.sh "$PROPOSAL"

But I still have a candid parse error:

I can’t see an issue with the output proposal:


(
  record 
    { 
      title="Update Frontend Canister."; 
      url="https://openfpl.xyz"; 
      summary="Update frontend canister with evidence batch id 203."; 
      action=opt variant 
      {
        ExecuteGenericNervousSystemFunction = record 
          {
            function_id=(24000:nat64); 
            payload=4449444c026c0280b5a6f0047dd787b4f308016d7b0100cb0100
          }
      }
    }
)

is invalid Candid. It needs to be payload = blob "\44\49..."

So instead of payload=$PAYLOAD use payload = blob \"$(echo $PAYLOAD | sed 's/../\\&/g')\";

Ok cool, so

#!/bin/bash

# cd into folder containing this script
SCRIPT=$(readlink -f "$0")
SCRIPT_DIR=$(dirname "$SCRIPT")
cd $SCRIPT_DIR

# Extract the args
FUNCTION_ID=$1
TITLE=$2
SUMMARY=$3
URL=$4
EVIDENCE_STRING=$5
BATCH_ID=$6
METHOD=$7


# Build the proposal candid
PROPOSAL="(record { title=\"$TITLE\"; url=\"$URL\"; summary=\"$SUMMARY\"; action=opt variant 
    {ExecuteGenericNervousSystemFunction = record {function_id=($FUNCTION_ID:nat64); payload = blob \"$(echo $PAYLOAD | sed 's/../\\&/g')\"}}})"
# Make the proposal
./submit_proposal.sh "$PROPOSAL"

Does attempt to submit now, however it still fails due to a parse error:

error_message = "1 defects in Proposal:\nCanister method call to validate and render proposal payload of NervousSystemFunction: 24000 failed: (Some(5), \"IC0503: Error from Canister bgpwv-eqaaa-aaaal-qb6eq-cai: Canister called `ic0.trap` with message: failed to decode call arguments: Custom(Cannot parse header \\n\\nCaused by:\\n    binary parser error: io error).\\nConsider gracefully handling failures from this canister or altering the canister to handle exceptions. See documentation: http://internetcomputer.org/docs/current/references/execution-errors#trapped-explicitly\")";
        error_type = 15 : int32;

Haven’t encountered this error yet. I’m asking if someone who knows more Candid would know. Can you share the final encoded argument?

Ok so this submitted:

#!/bin/bash

# cd into folder containing this script
SCRIPT=$(readlink -f "$0")
SCRIPT_DIR=$(dirname "$SCRIPT")
cd $SCRIPT_DIR

# Extract the args
FUNCTION_ID=$1
TITLE=$2
SUMMARY=$3
URL=$4
EVIDENCE_STRING=$5
BATCH_ID=$6
METHOD=$7


# Build the proposal candid
PAYLOAD=$(didc encode "(record{ batch_id = $BATCH_ID : nat; evidence = blob \"$($EVIDENCE_STRING | sed 's/../\\&/g')\"; })")

PROPOSAL="(record { title=\"$TITLE\"; url=\"$URL\"; summary=\"$SUMMARY\"; action=opt variant 
    {ExecuteGenericNervousSystemFunction = record {function_id=($FUNCTION_ID:nat64); payload = blob \"$(echo $PAYLOAD | sed 's/../\\&/g')\"}}})"

echo "------"
echo $PROPOSAL
# Make the proposal
./submit_proposal.sh "$PROPOSAL"

And now I’m back to the error of computed evidence does not match.

I took your script and added some more debug prints:

Script
#!/bin/bash

# cd into folder containing this script
SCRIPT=$(readlink -f "$0")
SCRIPT_DIR=$(dirname "$SCRIPT")
cd $SCRIPT_DIR

# Extract the args
FUNCTION_ID=1
TITLE="title"
SUMMARY="summary"
URL="url"
EVIDENCE_STRING="5f2d8fac4591e01e2d8e0da715a632ba5016d8bdaa897d31c0766a3095d3fb13"
BATCH_ID="203"
METHOD=$7


# Build the proposal candid
PAYLOAD=$(didc encode "(record{ batch_id = $BATCH_ID : nat; evidence = blob \"$(echo $EVIDENCE_STRING | sed 's/../\\&/g')\"; })")

echo $PAYLOAD
didc decode $PAYLOAD

PROPOSAL="(record { title=\"$TITLE\"; url=\"$URL\"; summary=\"$SUMMARY\"; action=opt variant 
    {ExecuteGenericNervousSystemFunction = record {function_id=($FUNCTION_ID:nat64); payload = blob \"$(echo $PAYLOAD | sed 's/../\\&/g')\"}}})"

echo "------"
echo $PROPOSAL

ENCODED_PROPOSAL="$(didc encode "$PROPOSAL")"

echo "------"
echo $ENCODED_PROPOSAL

didc decode "$ENCODED_PROPOSAL"
# Make the proposal

The output shows that this should be a valid proposal, and that evidence is not empty.

Your latest error message shows that there is no evidence getting passed, so I think there must be something wrong with ./subnit_proposal.sh "$PROPOSAL"

Ok so I submit the proposal with your logs:


james@Jamess-MacBook-Pro OpenFPL % ./governance/proposals/general/469.UpdateFrontend.sh
4449444c026c0280b5a6f0047dd787b4f308016d7b0100cb01205f2d8fac4591e01e2d8e0da715a632ba5016d8bdaa897d31c0766a3095d3fb13
(
  record {
    1_309_252_224 = 203 : nat;
    2_389_509_079 = blob "\5f\2d\8f\ac\45\91\e0\1e\2d\8e\0d\a7\15\a6\32\ba\50\16\d8\bd\aa\89\7d\31\c0\76\6a\30\95\d3\fb\13";
  },
)
------
(record { title="Update Frontend Canister."; url="https://openfpl.xyz"; summary="Update frontend canister with evidence batch id 203."; action=opt variant {ExecuteGenericNervousSystemFunction = record {function_id=(24000:nat64); payload = blob "\44\49\44\4c\02\6c\02\80\b5\a6\f0\04\7d\d7\87\b4\f3\08\01\6d\7b\01\00\cb\01\20\5f\2d\8f\ac\45\91\e0\1e\2d\8e\0d\a7\15\a6\32\ba\50\16\d8\bd\aa\89\7d\31\c0\76\6a\30\95\d3\fb\13"}}})
------
4449444c056c04efd6e4027198abec810171b6f798b20101a696a48708716e026b0197899f8d0f036c02e28bbf14788effd6e90e046d7b01001368747470733a2f2f6f70656e66706c2e78797a195570646174652046726f6e74656e642043616e69737465722e0100c05d0000000000003a4449444c026c0280b5a6f0047dd787b4f308016d7b0100cb01205f2d8fac4591e01e2d8e0da715a632ba5016d8bdaa897d31c0766a3095d3fb13345570646174652066726f6e74656e642063616e697374657220776974682065766964656e6365206261746368206964203230332e
(
  record {
    5_843_823 = "https://openfpl.xyz";
    272_307_608 = "Update Frontend Canister.";
    373_701_558 = opt variant {
      4_054_303_895 = record {
        42_976_738 = 24_000 : nat64;
        3_979_722_638 = blob "\44\49\44\4c\02\6c\02\80\b5\a6\f0\04\7d\d7\87\b4\f3\08\01\6d\7b\01\00\cb\01\20\5f\2d\8f\ac\45\91\e0\1e\2d\8e\0d\a7\15\a6\32\ba\50\16\d8\bd\aa\89\7d\31\c0\76\6a\30\95\d3\fb\13";
      }
    };
    2_162_756_390 = "Update frontend canister with evidence batch id 203.";
  },
)
(record { title="Update Frontend Canister."; url="https://openfpl.xyz"; summary="Update frontend canister with evidence batch id 203."; action=opt variant {ExecuteGenericNervousSystemFunction = record {function_id=(24000:nat64); payload = blob "\44\49\44\4c\02\6c\02\80\b5\a6\f0\04\7d\d7\87\b4\f3\08\01\6d\7b\01\00\cb\01\20\5f\2d\8f\ac\45\91\e0\1e\2d\8e\0d\a7\15\a6\32\ba\50\16\d8\bd\aa\89\7d\31\c0\76\6a\30\95\d3\fb\13"}}})
Using identity: "ic_admin".
Sending message with

  Call type:   update
  Sender:      4jijx-ekel7-4t2kx-32cyf-wzo3t-i4tas-qsq4k-ujnug-oxke7-o5aci-eae
  Canister id: detjl-sqaaa-aaaaq-aacqa-cai
  Method name: manage_neuron
  Arguments:   (
  record {
    subaccount = blob "\d2\cc\f5\9a\be\17\41\c2\1c\35\da\7e\38\63\d5\d1\4c\97\d9\b8\2b\36\04\5f\4a\8d\4c\33\68\64\f6\dc";
    command = opt variant {
      MakeProposal = record {
        url = "https://openfpl.xyz";
        title = "Update Frontend Canister.";
        action = opt variant {
          ExecuteGenericNervousSystemFunction = record {
            function_id = 24_000 : nat64;
            payload = blob "\44\49\44\4c\02\6c\02\80\b5\a6\f0\04\7d\d7\87\b4\f3\08\01\6d\7b\01\00\cb\01\20\5f\2d\8f\ac\45\91\e0\1e\2d\8e\0d\a7\15\a6\32\ba\50\16\d8\bd\aa\89\7d\31\c0\76\6a\30\95\d3\fb\13";
          }
        };
        summary = "Update frontend canister with evidence batch id 203.";
      }
    };
  },
)

Do you want to send this message? [y/N]

And then submit proposal is called like all others:

#!/bin/bash

# Set current directory to the directory this script is in
SCRIPT=$(readlink -f "$0")
SCRIPT_DIR=$(dirname "$SCRIPT")
cd $SCRIPT_DIR

# Extract the proposal
PROPOSAL=$1
echo $PROPOSAL

dfx identity use ic_admin
OWNER_IDENTITY=$(dfx identity whoami)
PEM_FILE="$(readlink -f "$HOME/.config/dfx/identity/${OWNER_IDENTITY}/identity.pem")"
PROPOSER_NEURON_ID=d2ccf59abe1741c21c35da7e3863d5d14c97d9b82b36045f4a8d4c336864f6dc
#PROPOSER_NEURON_ID=015af64e3b155e7cbc45470a6c45e823e689b35fc2170facc7b967d4674236eb
# Make the proposal using quill
quill sns --canister-ids-file ./sns_canister_ids.json --pem-file $PEM_FILE make-proposal --proposal "$PROPOSAL" $PROPOSER_NEURON_ID > msg.json
quill send msg.json
rm -f msg.json

We encountered the same error.

excuse_CommitProposedBatch_func_of_KinicUI.sh "266e91dbb8d435de82a7d961f0ac0060015a597a4e542d9e7f30a488cab8a592" "36" "03be643f94b9ec88609215b99d216cbc3329cd5b1907be577d762e1dd26c3c5b"
The request is being processed...
(
  record {
    command = opt variant {
      Error = record {
        error_message = "1 defects in Proposal:\nInvalid proposal: batch computed evidence 03be643f94b9ec88609215b99d216cbc3329cd5b1907be577d762e1dd26c3c5b does not match presented evidence 03be643f94b9ec88609215b99d216cbc33cd5b1907be577d762e1dd26c3c5b29";
        error_type = 15 : int32;
      }
    };
  },
)

Since encoding the payload in bash can be a bit tricky, we added a custom command to quill that doesn’t directly handle the payload, to clarify whether the issue is in the script or in deploy --by-proposal.

I are submitting the PR and plan to try to submit it again today.

I did get it to submit:

https://nns.ic0.app/proposal/?u=gyito-zyaaa-aaaaq-aacpq-cai&proposal=471

But it failed. Looking into it.

Here was the proposal that submitted:


#!/bin/bash

# Set current directory to the scripts root
SCRIPT=$(readlink -f "$0")
SCRIPT_DIR=$(dirname "$SCRIPT")
cd $SCRIPT_DIR

TITLE="Update Frontend Canister."
SUMMARY="Update frontend canister with evidence batch id 203."
URL="https://openfpl.xyz"

EVIDENCE_STRING=5f2d8fac4591e01e2d8e0da715a632ba5016d8bdaa897d31c0766a3095d3fb13
BATCH_ID=203
FUNCTION_ID=24000

# Submit the proposal

../../utils/make_custom_function_proposal_frontend.sh $FUNCTION_ID "$TITLE" "$SUMMARY" "$URL" "$EVIDENCE_STRING" "$BATCH_ID" "commit_proposed_batch"

called:

#!/bin/bash

# cd into folder containing this script
SCRIPT=$(readlink -f "$0")
SCRIPT_DIR=$(dirname "$SCRIPT")
cd $SCRIPT_DIR

# Extract the args
FUNCTION_ID=$1
TITLE=$2
SUMMARY=$3
URL=$4
EVIDENCE_STRING=$5
BATCH_ID=$6
METHOD=$7



# Build the proposal candid
PAYLOAD=$(didc encode "(record{ batch_id = $BATCH_ID : nat; evidence = blob \"$(echo $EVIDENCE_STRING | sed 's/../\\&/g')\"; })")

echo $PAYLOAD
didc decode $PAYLOAD

PROPOSAL="(record { title=\"$TITLE\"; url=\"$URL\"; summary=\"$SUMMARY\"; action=opt variant 
    {ExecuteGenericNervousSystemFunction = record {function_id=($FUNCTION_ID:nat64); payload = blob \"$(echo $PAYLOAD | sed 's/../\\&/g')\"}}})"

echo "------"
echo $PROPOSAL

ENCODED_PROPOSAL="$(didc encode "$PROPOSAL")"

echo "------"
echo $ENCODED_PROPOSAL

didc decode "$ENCODED_PROPOSAL"
# Make the proposal


# Make the proposal
./submit_proposal.sh "$PROPOSAL"

I don’t have commit permission?

It looks the governance canister does not have commit permission.

Thank you @KinicDevContributor for identifying the issue.

@severin is there a specific proposal to give the governance canister the permission to update the frontend?

There are several steps required to grant commit permission to the governance canister. We also had to do this before.