Proposal 133061
The hash from CDN, local build and the payload matches
Features
[060f84b48]
The code replaces white listed subnets with a list of disabled subnets. This inverting logic will enable synchronous responses for all the subnets expect the once explicitly listed.
[959e8a5a3]
This completes the process for block makers to propose blocks containing only message IDs, not the actual messages. The block proposer removes the messages, and the receiving replica checks for missing ones, retrieves them, and reassembles the block.
[b1e1c0728]
The default initial notarization delay INITIAL_NOTARY_DELAY_APP_SUBNET
has been reduced from 600 ms to 300 ms.
[380182c78]
A new callbacks_with_enqueued_response
set has been added to the CanisterQueues
struct to track callback IDs for enqueued responses. This helps detect and prevent duplicate callbacks, ensuring safe handling of local timeout responses. If a duplicate callback is detected in the queue during response induction, it either returns an error (for guaranteed responses) or silently drops the duplicate (for best-effort responses). This approach also mitigates issues caused by bugs or malicious subnets that might enqueue duplicate responses, preventing unnecessary slot consumption and potential loss of valid responses.
[02cc3657d]
This update modifies the ingress pool to enforce per-peer limits on the number/size of ingress messages in the ingress pool, replacing the previous global limit. By introducing a per-peer counter module, the system now tracks message counts and sizes on a per-peer basis, ensuring that threshold checks are applied individually for each peer, including the node itself. This change improves resilience under heavy load or potential DDOS attacks by ensuring that ingress messages from all peers are still received, even if one peer is overloaded. Additionally, it prevents malicious nodes from disrupting the acceptance of ingress messages from other peers, helping to maintain a balanced flow of messages in scenarios like the future hashes-in-blocks feature.
[c99e1478d]
This update adjusts the cost of certain Wasm instructions, particularly memory load/store and SIMD, following recent benchmarking with the new Wasm64 memory type. The cost for these instructions increases from 1 to 2 in Wasm64 mode. The instruction_to_cost
function now takes memory type into account, allowing for differentiation between Wasm32 and Wasm64.
[70dc1a743]
The push_input
method now silently drops best-effort responses without matching callbacks, while returning errors only for guaranteed responses when no queue or slot exists. The validate_response
function was renamed to should_enqueue
to clarify its role in handling response queuing.
[c29dde299]
The push_input
method now returns an error if a response is directed to the management canister, as it does not accept responses. A new StateError
has been introduced for this scenario, along with a metric critical_error_induct_response_failed
to track failed response inductions. This ensures responses are correctly routed to the canisters that initiated the requests, not the management canister.
[e880042de]
This update defines the config structure and tool for reading, validating, and normalizing network settings such as IP addresses and gateways. While not yet integrated into SetupOS, this prepares for future use in IC-OS deployments to handle configuration sanitization, organization, and access.
[d64d62905]
This change updates the ubuntu image from 20.04
to 24.04
[7a93bcafd]
This update adds benchmarking steps to the nightly pipeline, allowing performance tracking for the IC-OS stack deployed on physical hardware.
[160734742]
This change updates ubuntu from 20.04
to 24.04
Bugfixes
[942668985]
This change starts adding equivocation_proof
metric.
[d373ce97a]
This update applies the same changes from the security hotfix that was deployed across all IC subnets last week.
[7a3fcfa9c]
This update implements performance optimizations based on System API microbenchmarks, including inlining critical functions and replacing checked_add
with saturating_add
. These changes significantly improve execution time, reducing a prior regression from +63% to +14%. Key functions like mark_writes_on_bytemap
, charge_for_cpu
, and others have been optimized for better performance.
[02aba7918]
This update modifies the garbage_collect
method in CanisterQueues
to ensure the structure serializes to zero bytes after cleanup, rather than comparing it to a default instance. A debug assertion is added to verify that the encoded size of the queues is 0 bytes post-garbage collection.
[bbb8a5152]
This change fixes the data ertificate for get_average_icp_xdr_conversion_rate
[f95748820]
This change introduces a drop guard that wraps quinn::SendStream
in the transport implementation for RPC calls. The guard ensures that a SendStream::reset
frame is sent when the stream is dropped, preventing peers from mistakenly interpreting incomplete messages as complete. This resolves the issue where dropping a stream sends a finish
frame by default, causing peers to attempt decoding incomplete messages when a client, such as P2P, cancels the RPC.
[1ca9fc370]
This change reverts the Cloudflare dependency back to using Dfinity’s forked version, undoing the recent dependency update to the Cloudflare server.
Chores
[b1e6f4ef9]
This change removes the synchronous QueryHandler
from ic-replay
and replaces it with the asynchronous QueryExecutionService
, which evaluates queries on the latest certified state. To handle states modified by extra ingress messages during NNS recoveries, dummy certifications with empty signatures are now used, eliminating the need for a test-only dependency.
[6bbae04ac]
This change upgrades the versions of wasmparser
, wasmprinter
, and wasm-encoder
to align with the version used by wasmtime
24.
[b60c9012d]
This update introduces a new scheduler metric that tracks the number of canisters actually executed in the previous round. This is distinct from the scheduler_executable_canisters_per_round
metric, which counts canisters eligible for execution but may not reflect those actually run due to round limits or other constraints.
[4a8ed78c9]
This change introduces a new metric, execution_subnet_query_message_duration_seconds
, to track the duration of subnet query message execution, similar to the existing metric for update calls (execution_subnet_message_duration_seconds
). Since the query handler lacks access to execution environment metrics, this new metric will specifically monitor query performance. The metrics for update calls and queries will later be combined using a Prometheus query.
[490fbd87f]
This PR fixes an issue with clamp_debug_len
, where the argument was being moved instead of passed by reference, leading to unintended behavior. The update now correctly passes the argument by reference to reduce log spam.
[73e7bd419]
This change replaces the deprecated rules_docker
with rules_oci
to support future Bazel version upgrades. Key changes include:
- Introduction of a new
oci_tar
macro to expose tarball
s since rules_oci
does not do so by default.
- The
ubuntu_test_runtime_image
is now based on an Ubuntu snapshot with its own lockfile, improving reproducibility and allowing image builds on CI.
- Images can be tagged upon creation, removing the default
bazel/image:image
tag for clearer image identification.
_colocate
tests now receive environment variables via an --env-file
, simplifying test configurations.
[da62cf633]
This change simplifies code by replacing a few instances of map().unwrap_or()
with the more concise map_or()
function.
[0441f4048]
This change removes the GenerateMacAddress
command from SetupOS
.
[5aa7ad88d]
This change updates the base container image references
Refactoring
[b2400524f]
This change introduces no functional changes but renames variables and types for better alignment with related terminology. ChangeSets
are renamed to Mutations
, and ArtifactMutation
is now ArtifactTransmit
. Methods like apply_changes
are also renamed to apply
to reflect these updates.
[41f6ce3a7]
This PR continues the effort to remove dependencies on the NNS Governance crate, aiming to eliminate its Bazel visibility as a dependency. This is part of an ongoing process to decouple it from other components.
[41f6ce3a7]
This change moves the proposal validation logic from ic-nns-governance
to ic-nervous-system-common-validation
, allowing other crates to use the validation logic without relying on ic-nns-governance
. This reduces dependencies on the nns-governance
crate and eliminate its Bazel visibility.
[4f4eef293]
The ic-nervous-system-agent
library is currently hardcoded to work only with ic_agent
, which restricts its flexibility for use in contexts without ic_agent
.
To address this, a CallCanisters
trait has been introduced, representing an object capable of calling a canister. This trait is implemented for Agent
but can be extended for other types in the future. With Rust now supporting async traits, this change is easier to implement.
The CallCanisters
trait includes a call
function, allowing different implementations to handle different types of errors. This is useful since various methods of calling canisters can result in different errors. For example, boundary node errors are possible for external users but not for canister-to-canister calls.
Additionally, this change allows the ic-nervous-system-agent
functions to return more specific error types instead of the generic anyhow::Result
, providing more detailed error information to callers.
[bfc9da079]
This change migrates the ledger canister client to utilize the Runtime
trait, replacing direct calls to dfn_core
[7f0f5d5d3]
To facilitate the transition from dfn_core
to ic_cdk
, this change introduces more usage of dfn_candid
to ensure compatibility with Candid methods, temporarily replacing dfn_protobuf
.
[c19e9b1c9]
This update renames various SetupOS scripts to improve readability.
Tests
[b8845b555]
This update fixes a flaky test for sending reset frames by modifying the test to use tokio::sync::Barrier
instead of tokio::sync::Notify
.
Voting to adopt.
Proposal 133062
The hash from CDN, local build and the payload matches
[7f6a81f48]
It is the same build as proposed in 133061 with
canister snapshot feature flag enabled.
Voting to adopt.
Proposal 133063
The hash from CDN, local build and the payload matches.
[c87abf70c]
It is the same build as proposed in 133061 with guest os upgraded to 24.04
Voting to adopt.