NNS Updates: December 9, 2024

The NNS Team submitted the following proposals. DFINITY plans to vote on these proposals later this week.

https://dashboard.internetcomputer.org/proposal/134437

Additional Notes

This Registry change is being released early as this bug prevented updating subnet features in a previous proposal that was adopted over the weekend.

Proposals submitted

# Upgrade the Registry Canister to Commit 8622959

__Proposer__: maximilian.summe at dfinity.org

__Source code__: [86229594d61b433c39fc5331ab818ccb6c6aa6a7][new-commit]

[new-commit]: https://github.com/dfinity/ic/tree/86229594d61b433c39fc5331ab818ccb6c6aa6a7

## Summary

This release includes a bug fix that prevented setting any subnet features if the subnet record did not contain any existing feature settings.

Also includes several refactorings.

## New Commits

```
$ git log --format="%C(auto) %h %s" d265b130647f04aa25909ec1fbb8294ce0139d1c..86229594d61b433c39fc5331ab818ccb6c6aa6a7 --  ./rs/registry/canister
 c2e11ca2ae fix(registry): Ensure subnet features can be changed for subnets without any features (#3044)
 3e0cf89b23 test(IDX): depend on the universal canister at run-time instead of at build-time (#2502)
 3c3d9cd360 refactor(crypto): CRP-2597 move MasterPublicKeyId protobuf from registry/crypto to types (#2406)
 44095f27bb chore(CRP-2617): Generalize CUP’s ChainKeyInitialization (#2337)
```


## Current Version

__Current git hash__: d265b130647f04aa25909ec1fbb8294ce0139d1c

__Current wasm hash__: 2fabd44386a8af5a579a72af4a27c6b844a8a88aced49d16f286187e5660d771


## Verification

See the general instructions on [how to verify] proposals like this. A "quick
start" guide is provided here.

[how to verify]: https://github.com/dfinity/ic/tree/86229594d61b433c39fc5331ab818ccb6c6aa6a7/rs/nervous_system/docs/proposal_verification.md


### WASM Verification

See ["Building the code"][prereqs] for prerequisites.

[prereqs]: https://github.com/dfinity/ic/tree/86229594d61b433c39fc5331ab818ccb6c6aa6a7/README.adoc#building-the-code

```
# 1. Get a copy of the code.
git clone git@github.com:dfinity/ic.git
cd ic
# Or, if you already have a copy of the ic repo,
git fetch
git checkout 86229594d61b433c39fc5331ab818ccb6c6aa6a7

# 2. Build canisters.
./ci/container/build-ic.sh -c

# 3. Fingerprint the result.
sha256sum ./artifacts/canisters/registry-canister.wasm.gz
```

This should match `wasm_module_hash` field of this proposal.
1 Like

Proposal #134437

Vote: Adopted
Reason: Builds fine and the hash matches., as does the fix for features change.

c2e11ca2ae fix(registry): Ensure subnet features can be changed for subnets without any features (#3044)
The validate_update_sev_feature function is used to make sure that the SEV feature for a subnet remains immutable after the subnet’s creation.
The update of this function improves simplicity and readability while keeping the functionality of validating the sev_enabled feature on existing subnets.
The previous logic used to compare old & new SubnetFeatures is replaced with a simple check against sev_enabled field in the payload.

2 Likes

Proposal 134437

Vote: ADOPT

Reason:
Build successful and hashes match, commits look great and match the description. Found no issues.

[c2e11ca2ae]: This commit fixes a bug found in the previous Subnet Management Proposal 134382. The following line caused the problem if let Some(old_features) = subnet_record.features where if the old_features was None the condition would evaluate to false triggering the panic Proposal attempts to change sev_enabled for Subnet '{}', but sev_enabled can only be set during subnet creation. which isn’t true. Now this if condition is replaced with if let Some(sev_enabled) = features.sev_enabled that makes sure that only sev features are not changed since this can only be set during subnet creation.

[3e0cf89b23]: Previously the Universal Canister wasm needed to be manually changed at build time following specific instructions. Now it is treated as a run time dependency and it’s wasm is loaded during execution using an environment variable "UNIVERSAL_CANISTER_WASM_PATH": "$(rootpath //rs/universal_canister/impl:universal_canister.wasm.gz)".

[3c3d9cd360]: Moves the MasterPublicKeyId Protobuf and subsequently contained message definitions from the registry.crypto.v1package to thetypes.v1package. This is done in order to avoid a circular dependency in a later stage when adding an optional field to thetypes.v1.NiDkgId` message. The code is then refactored accordingly to the move.

[44095f27bb]: The ChainKeyInitialization message type is extended to include a new variant transcript_record. The dealings variant is replaced with a oneof initialization which can either hold InitialIDkgDealings dealings or InitialNiDkgTranscriptRecord transcript_record. Using the oneof like this does the change the wire representation of the type and doesn’t introduce incompatibilities, so no migration code was necessary.

2 Likes

proposal - 134437

Vote: ADOPT

Reason:

Build completed successfully, hashes are verified, and commits match the changes described with the code implemented.

Hash Match: MATCH

Feedback: NONE

Proposer Check: MATCH

Commits

c2e11ca2ae
Modifies the validate_update_sev_feature function to completely prohibit setting the sev_enabled field during subnet updates, regardless of its previous state. Any presence of the sev_enabled field in the update payload leads to a panic. Subnet features can be added or modified only for subnets that do not currently have any features.

3e0cf89b23
Replace the statically included universal canister WASM (include_bytes!) with a dynamic runtime dependency using UNIVERSAL_CANISTER_WASM_PATH. This allows the universal canister’s WASM to be treated as a runtime dependency, enabling Bazel to manage updates and automatically rerun dependent tests.

Standardized WASM usage by replacing calls to UNIVERSAL_CANISTER_WASM.into() with UNIVERSAL_CANISTER_WASM.to_vec().

3c3d9cd360
Relocate the MasterPublicKeyId and related cryptographic key definitions (EcdsaCurve, EcdsaKeyId, SchnorrAlgorithm, SchnorrKeyId, VetKdCurve, VetKdKeyId) from the registry.crypto.v1 namespace to types.v1. This restructuring prevents circular dependencies between registry.crypto.v1.crypto.proto and types.v1.types.proto, enabling future enhancements such as adding a MasterPublicKeyId field to the NiDkgId message as described in the commit description.

44095f27bb
Update the ChainKeyInitialization structure to use a oneof field named initialization, allowing it to include either InitialIDkgDealings or InitialNiDkgTranscriptRecord instead of only dealings. This matches the description to add InitialNiDkgTranscriptRecord variant to ChainKeyInitialization using a oneof to support VetKeys, ensuring backward compatibility and updating client code without requiring migration, with registry enhancements planned for future updates.

2 Likes

Proposal 134437

Vote: ADOPT

Reason: Build is successful and both code changes and hashes match.

134437

c2e11ca2ae Fixed validate_update_sev_feature method to allow updating subnet features. Previously it’d panic if any changes were made to the subnet’s features, now it will only panic when attempting to change sev state on an existing subnet.
Added more tests to ensure sev can’t be toggled on/off and other features can be changed.

Other commits have already been validated as part of previous releases.

Proposal #134437

Vote: Adopted
Args: No args.
Canister Id: rwlgt-iiaaa-aaaaa-aaaaa-cai is indeed the registry canister.
Install Mode: Upgrade.
The build is reproducible.

Screenshot 2024-12-14 at 14.39.30

The function validate_update_sev_feature was refactored to improve clarity and robustness. Key updates include:

  • Enhanced Documentation: Added a detailed explanation of SEV (AMD Secure Encrypted Virtualization).
  • Logic Simplification: Replaced nested conditionals with pattern matching (let Some(features) = ... else { return; }).
  • Clearer Error Messaging: The panic message now specifies the attempted sev_enabled value for easier debugging.
  • Improved Readability: Removed redundant conversions and unnecessary nesting while maintaining existing validation logic.

This refactor simplifies the code, improves maintainability, and enhances error traceability.