Proposal 134250
Vote: Adopt
Reason: Build is successful, hashes match, commits match descriptions and the reasoning behind the changes is sound.
@raymondk I’ve also verified HostOS and SetupOS images for these 3 proposals as requested separately. Local and CDN hashes match for all of these.
Review
I’ve selected reviewed Consensus, Crypto and Interface commits as follows.
Features:
[f3bb40251]
Adds to finaliser, notary and payload builder metrics, including histograms for payload and payload section byte size and batch delivery interval.
[e44d2bc85]
Adds a trait VetKdProtocol, implemented on CryptoReturningOk with placeholder methods for creating, verifying and sharing encrypted key shares and verifying the combined encrypted key. Adds VetKdArgs, VetKdEncryptedKeyShare, VetKdEncryptedKey and error types, along with logging and tests.
@franzstefan Are there any potential concerns with exposing keys during logging here?
[be026d014]
Adds enum NiDkgMasterPublicKeyId and conversion methods between this and MasterPublicKeyId, for use with HighThresholdForKey variant as detailed in the next commit.
[af542cdad]
Adds a variant HighThresholdForKey(MasterPublicKeyId) to enum NiDkgTag. The tag relates to different executions of non-interactive distributed key generation, in this case requiring more participants (i.e. high threshold) for operations using a specific key.
[f8c4eb15e]
Adds field node_reward_type to ConfigIniSettings.
Bugfixes:
[338b77f6c]
Adds a halting flag in order to prevent the notary delay from being increased (which usually happens when the gap between the finalised height and the certified height has gone beyond an acceptable limit) in cases where the subnet is upgrading. Adds related tests.
[545f2fad6]
Replaces .expect with .ok_or in function inspect_idkg_chain_key_initializations in order to always return an error in cases of protobuf conversion errors.
[a078ed82b]
Change types in time calculations in the bitcoin implementation from u32 to i64 in order to correct/prevent an underflow error that occurred due to a bitcoin testnet block storm.
[2902a2a37]
Increase KEEP_ALIVE_INTERVAL from 0.2 s to 1 s in the QUIC transport connection manager.
[b679ad3a3]
Changes AdapterMetrics name type to string slice + related changes.
Chores:
[9732c2c26]
Removes missing_ingress_messages from consensus validator metrics as this has now been superceded by ingress_messages_in_a_block_count in stripped artifact metrics.
[85c272c78]
Removes .clone() from parts of rs/ingress_manager/src/ingress_selector.rs in order to improve performance.
[5a5e0be15]
Adds a logging message advising node providers to wait for a “Join request successful!” message before presuming that onboarding has been successful.
[87270d904]
Adds type IDkgMasterPublicKeyId, serving as a wrapper around MasterPublicKeyId, along with conversion methods between them and other related logic. The intention is to distinguish between IDKG compatible and incompatible variants, given that the VetKD variant will be incompatible with some of the existing IDKG code once it is fully implemented.
[0eedbb674]
Change such that RequestMetadata is always used in test_backward_compatibility instead of just 4 times out of 5.
[aacbed376]
Efficiency changes to canonical state certification version exceptions and tests.
[7dd4dfe62]
Addition of a Jaeger exporter crate.
[8b94d60b6]
Version update to opentelemetry and related crates.
[45dca07dd]
Renames run_stream_acceptor to start_stream_acceptor and removes shutdown in the event of the request handler event loop being exited.
[72ec446d6]
Added detail to the invalid version logging message in the bitcoin adaptor connection manager.
[f96dec1db]
Removes generate_bond6_netdev_content function and related code from rs/ic_os/network/src/systemd.rs + documentation changes.
Refactoring:
[81686f56f]
Moves struct ExtendedDerivationPath from rs/types/types/src/crypto/canister_threshold_sig.rs to rs/types/types/src/crypto.rs as the feature will be used more broadly once vetKeys is implemented.
[3397eb8bf]
Simplifies impl ThresholdSigDataStoreImpl by placing assertions prior to the impl and moving from two constructors to just one.
[dab484292]
Renames nns_public_key_exists to use_nns_public_key and node_operator_private_key_exists to use_node_operator_private_key.
Tests:
[d0acab2b2]
Removal of various tests from rs/tests/src/nns_tests/ to rs/tests/nns/.
Proposal 134251
Vote: Adopt
Reason: Build is successful, hashes match, commits match descriptions and the reasoning behind the changes is sound.
Review
[6e2c0d9fb]
Changes to canister wasm sandboxing, so as to evict sandbox processes only when available memory is low.
[b16d21c2a]
Enables the hashes-in-blocks feature.
Proposal 134259
Vote: Adopt
Reason: Build is successful and hashes match. The proposal consists of a single commit which reverts the base container image references to a previous version.