Proposal to elect new release rc--2024-12-06_03-16

Hello there!

We are happy to announce that voting is now open for a new IC release.
The NNS proposal is here: IC NNS Proposal 134408.

Here is a summary of the changes since the last release:

Release Notes for release-2024-12-06_03-16-base (d9fe2076f677a08734bed90c67b1c3f4056ed621)

This release is based on changes since release-2024-11-28_03-15-base (2d8611eb4efa8e69c4dd567546c1c353a545e0a6).

Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the GuestOS image. Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.

To see a full list of commits added since last release, compare the revisions on GitHub.

Features:

  • ad36e6b0d Consensus,Interface: make orchestrator load env vars for ic-boundary (#2879)
  • af2605ffb Crypto,Interface,Node: discard for data partition (#2953)
  • 8ec2ca18b Execution,Interface: Enable tail_call in wasmtime. (#2826)
  • a2a6247f8 Interface(crypto): Add support for BIP341 Taproot signatures (#2523)
  • 8d726cc67 Interface(ICRC-ledger): Implement V3 for ICRC ledger - migrate allowances to stable structures (#1513)
  • bed178d77 Interface,Message Routing: Add various subnet info metrics (#2969)
  • e41a4efb7 Interface,Message Routing: More latency metrics (#2905)
  • b6e0faa05 Interface,Node(node): update-config.service (#2393)
  • 8a538aac7 Owners(IDX): Force static link of lmdb (#2941)
  • ee08c5875 Node: Create and use a faster alternative to prestorecon (#2980)

Bugfixes:

  • bd92560a7 Execution,Interface(crypto): Fix the management canister interface for Schnorr aux inputs (#2952)
  • 05f660259 Interface(BOUN): Integrate log anonymization into ic-boundary (#2665)
  • 1368f04cc Interface(EXC): Make expensive debug assert conditional (#2820)
  • df6e86ced Interface,Node: Revert from 24.04 build container (#2951)
  • 23d181e50 Interface,Node: Update Elasticsearch URLs and index patterns for testnet environment (#2888)
  • 4158ba727 Node: Fixup colliding permission services (#2933)

Performance improvements:

  • 796a29be6 Interface,Message Routing: Copy outside write lock (#2963)

Chores:

  • 05c96cbd1 Execution,Interface: Rename IDKG test functions and struct fields in Network and SubnetTopology (#2741)
  • 57dc741a9 Interface: Remove deprecated scenario tests (#2866)
  • b3ab4bf9a Interface,Networking: merge infallible errors, improve expect statements and use {:#?} for anyhow error formatting (#2964)
  • a8d210455 Interface,Networking: split out parsing the read state response into a separate create (#2899)
  • 3466a3205 Owners(IDX): Use pigz from Bazel Central Registry (#2945)
  • 9f5674ce6 Node: Update Base Image Refs [2024-12-05-0808] (#2982)
  • 2a400f53b Node: Update Base Image Refs [2024-11-28-1813] (#2887)

Refactoring:

  • 0ab07de46 Interface: Rename idkg_subnet_public_keys in Consensus and Execution (#2817)
  • 006709366 Interface,Networking: small improvement on error handling in transport (#2878)
  • 697c20ccd Interface,Node(node): follow-ups to deterministic_ips/ consolidation (#2845)

Tests:

  • 51f1c7e21 Consensus,Interface: Enable cup_compatibility_test for new NiDkgTag::HighThresholdForKey (#2840)
  • 9a95ec743 Execution,Interface(EXC): Fix race condition in tests (#2828)
  • aab432742 Interface: Deriving reject code from error code (#2871)

Full list of changes (including the ones that are not relevant to GuestOS) can be found on GitHub.

IC-OS Verification

To build and verify the IC-OS disk image, run:

# From https://github.com/dfinity/ic#verifying-releases
sudo apt-get install -y curl && curl --proto '=https' --tlsv1.2 -sSLO https://raw.githubusercontent.com/dfinity/ic/d9fe2076f677a08734bed90c67b1c3f4056ed621/ci/tools/repro-check.sh && chmod +x repro-check.sh && ./repro-check.sh -c d9fe2076f677a08734bed90c67b1c3f4056ed621 --guestos

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

While not required for this NNS proposal, as we are only electing a new GuestOS version here, you have the option to verify the build reproducibility of the HostOS by passing --hostos to the script above instead of --guestos, or the SetupOS by passing --setupos.

Proposal 134408: Adopt

I have successfully run the build verification script and in my opinion all of the commits look fine.

Features:

  • ad36e6b0d Consensus,Interface: make orchestrator load env vars for ic-boundary (#2879)
    Review: Looks fine + matches description
    Notes: Reads the env variables from the new ic-boundary.env file and passes them in when spawning the boundary node process.

  • af2605ffb Crypto,Interface,Node: discard for data partition (#2953)
    Review: Looks fine + matches description
    Notes: Adds a new datadir_target arg to the fstrim_tool executable which is used to specify a 2nd directory to run fstrim on but only for unassigned nodes in order to clear unneeded data.

  • 8ec2ca18b Execution,Interface: Enable tail_call in wasmtime. (#2826)
    Review: Looks fine + matches description
    Notes: Enables the tail_call wasmtime feature + reduces the instruction cost of using ReturnCall and ReturnCallIndirect.

  • a2a6247f8 Interface(crypto): Add support for BIP341 Taproot signatures (#2523)
    Review: Looks fine + matches description
    Notes: Adds taproot_tree_root to the SchnorrArguments which is required to support BIP341 Taproot signatures, the actual implementation which will make use of the taproot_tree_root will follow later.

  • 8d726cc67 Interface(ICRC-ledger): Implement V3 for ICRC ledger - migrate allowances to stable structures (#1513)
    Review: Looks fine + matches description
    Notes: Uses a recurring timer to continuously migrate batches of allowances to stable memory, while the migration is happening the ledger is blocked, once migratin is complete the ledger is marked as ready and the timer will stop being scheduled.

  • bed178d77 Interface,Message Routing: Add various subnet info metrics (#2969)
    Review: Looks fine + matches description
    Notes: Adds new gauge metrics to show various subnet configuration values (eg. max number of canisters, max block payload size, etc.).

  • e41a4efb7 Interface,Message Routing: More latency metrics (#2905)
    Review: Looks fine + matches description
    Notes: Adds 3 new metrics covering latency within various consensus and message routing steps: batch_delivery_latency, induct_batch_latency, and certification_duration.

  • b6e0faa05 Interface,Node(node): update-config.service (#2393)
    Review: Looks fine + matches description
    Notes: Adds the new update-config.service which checks if nodes are using the old config system, and if so, reads in all the config and then converts it to the new config.json format.

  • 8a538aac7 Owners(IDX): Force static link of lmdb (#2941)
    Review: Looks fine + matches description
    Notes: Modifies the lmdb-rkv-sys build to first build and statically link lmdb.

  • ee08c5875 Node: Create and use a faster alternative to prestorecon (#2980)
    Review: Looks fine + matches description
    Notes: Switches out prestorecon and instead uses the new erestorecon.sh when setting up permissions.

Bugfixes:

  • bd92560a7 Execution,Interface(crypto): Fix the management canister interface for Schnorr aux inputs (#2952)
    Review: Looks fine + matches description
    Notes: Replaces taproot_tree_root: Option<ByteBuf> in the management canister SignWithSchnorrArgs with aux: Option<SignWithSchnorrAux> in order to match the interface specification.

  • 05f660259 Interface(BOUN): Integrate log anonymization into ic-boundary (#2665)
    Review: Looks fine + matches description
    Notes: Anonymizes logs within ic-boundary by hashing fields in the log entries with an anonymization_salt.

  • 1368f04cc Interface(EXC): Make expensive debug assert conditional (#2820)
    Review: Looks fine + matches description
    Notes: Speeds up tests by only running an expensive debug assert under certain conditions.

  • df6e86ced Interface,Node: Revert from 24.04 build container (#2951)
    Review: Looks fine + matches description
    Notes: Reverts back to using Ubuntu 20.04 until some fixes are in place.

  • 23d181e50 Interface,Node: Update Elasticsearch URLs and index patterns for testnet environment (#2888)
    Review: Looks fine + matches description
    Notes: Updates ElasticSearch urls from using https://elasticsearch.testnet.dfinity.network to https://elasticsearch.ch1-obsdev1.dfinity.network.

  • 4158ba727 Node: Fixup colliding permission services (#2933)
    Review: Looks fine + matches description
    Notes: Fixes an if condition in a script which was causing the replica to unnecessarily run chown -R over all of /var/lib/ic/data.

Performance improvements:

  • 796a29be6 Interface,Message Routing: Copy outside write lock (#2963)
    Review: Looks fine + matches description
    Notes: Within state manager, clones the state to calculate the next tip before acquiring the write lock so that the lock is held for a shorter duration.

Chores:

  • 05c96cbd1 Execution,Interface: Rename IDKG test functions and struct fields in Network and SubnetTopology (#2741)
    Review: Looks fine + matches description
    Notes: Renames a few types and functions from using “IDKG” to using “chain key” or in some case to using “master public keys”.

  • 57dc741a9 Interface: Remove deprecated scenario tests (#2866)
    Review: Looks fine + matches description
    Notes: Removes a load of deprecated tests.

  • b3ab4bf9a Interface,Networking: merge infallible errors, improve expect statements and use {:#?} for anyhow error formatting (#2964)
    Review: Looks fine + matches description
    Notes: Cleans up some code within the Quic transport connection manager, merges 2 error types into 1, replaces calls to unwrap with expect which give reasons why the preceding values should be Ok, updates some comments, and reduces duplication by extracting the logic of if a node can attempt an outbound connection attempt into the new can_i_dial_to function.

  • a8d210455 Interface,Networking: split out parsing the read state response into a separate create (#2899)
    Review: Looks fine + matches description
    Notes: Moves the logic for parsing read_state responses out of the ic-canister-client package and into the new ic-read-state-response-parser package.

  • 3466a3205 Owners(IDX): Use pigz from Bazel Central Registry (#2945)
    Review: Looks fine + matches description
    Notes: Makes Bazel fetch the pigz dependency by name from the central registry rather than using a GitHub reference.

  • 9f5674ce6 Node: Update Base Image Refs [2024-12-05-0808] (#2982)
    Review: Looks fine + matches description
    Notes: Updates the IC-OS base image references.

  • 2a400f53b Node: Update Base Image Refs [2024-11-28-1813] (#2887)
    Review: Looks fine + matches description
    Notes: Updates the IC-OS base image references.

Refactoring:

  • 0ab07de46 Interface: Rename idkg_subnet_public_keys in Consensus and Execution (#2817)
    Review: Looks fine + matches description
    Notes: Renames idkg_subnet_public_keys to chain_key_subnet_public_keys in a few places.

  • 006709366 Interface,Networking: small improvement on error handling in transport (#2878)
    Review: Looks fine + matches description
    Notes: Updates a few error types within the Quic transport connection manager. Also updates the text within some expect calls and updates some comments.

  • 697c20ccd Interface,Node(node): follow-ups to deterministic_ips/ consolidation (#2845)
    Review: Looks fine + matches description
    Notes: Removes a load of code from the recently added deterministic_ips package by pulling in the macaddr crate which contains much of the same functionality, also switches some usages of deterministic_ips to instead use the macaddr crate.

Tests:

  • 51f1c7e21 Consensus,Interface: Enable cup_compatibility_test for new NiDkgTag::HighThresholdForKey (#2840)
    Review: Looks fine + matches description
    Notes: Implements ExhaustiveSet for a few DKG and VetKd types and adds them to the ExhaustiveSet impl for MasterPublicKeyId and NiDkgConfig so that they get included in the cup_compatibility_test.

    • 9a95ec743 Execution,Interface(EXC): Fix race condition in tests (#2828)
      Review: Looks fine + matches description
      Notes: Within the sandboxed execution manager test, sends a stop signal to the background monitoring thread and waits for it to finish to avoid a race condition.
  • aab432742 Interface: Deriving reject code from error code (#2871)
    Review: Looks fine + matches description
    Notes: Adds the reject_code_from_error_code to check that the reject code can be derived from the leading digit of each error code.

Proposal 134408

Vote: ADOPTED.
Reason: All reviewed commits match their description and hashes match.

Review:
For the Execution and Runtime layers, the main changes introduced in this proposal are:

  • Introduces an optimization of the Wasm instructions
  • Continues the implementation of vetKeys

I’ve reviewed all the commits listed in the proposal, for the Execution and Runtime layers:

8ec2ca18b:
Enables the Wasm’s tail call proposal by calling the config.wasm_tail_call method with true argument inside the wasmtime_validation_config function. The tail calls proposal introduces the return_call and return_call_indirect instructions, which have been observed to be 1.5x more performant in the canister benchmarks. For this reason, this change also reduces the cost of those two instructions from 5 to 3 and from 10 to 6, respectively.

bd92560a7:
Renames the taproot_tree_root field of the SignWithSchnorrArgs into aux, according to the management canister’s interface spec. The aux field is an option of the SignWithSchnorrAux enum, which has also been introduced in this commit. The enum has a single Bip341 variant, which is a SignWithBip341Aux struct. This makes the sign_with_schnorr method of the management canister be compliant with the specification. It also adapts the mapping of the sign_with_schnorr arguments to the sign_with_threshold arguments in the ExecutionEnvironment’s execute_subnet_message method.

05c96cbd1:
Refactors NetworkTopology, SubnetTopology, struct to rename idkg_* functions and fields into chain_key_* in order to prepare the implementation of vetKeys.

9a95ec743:
Matches description.

Proposal: 134408

Summary:

  1. Build Hash: Build has from the proposal, local build and CDN matches and is “9bcd092eebeba2d44f8c45e60638fbf055bd725e3de8d06d4869fa18f156e7d1”.
  2. Summary: The release notes matches the code changes
  3. Vote: I vote to adopt the proposals

Detailed Review:

Features:

  • ad36e6b0d Consensus,Interface: make orchestrator load env vars for ic-boundary (#2879)
    Notes: A new file has been introduced to store the env variables ic-boundary.env. Orchastrator will now use a new package env-file-reader to read env variables from this file and pass it to new spawned processes.
    Review: Code changes look good and match release notes.
  • af2605ffb Crypto,Interface,Node: discard for data partition (#2953)
    Notes: To remove unnecessary data on unassigned nodes datadir_target is introduced as a parameter in fstrim command which was previously introduced.
    Review: Code changes look good and match release notes.
  • 8ec2ca18b Execution,Interface: Enable tail_call in wasmtime. (#2826)
    Notes: tail_call is set to true in wastime now. Also reduced the cost by using ReturnCall and ReturnCallIndirect when call depths are smaller.
    Review: Code changes look good and match release notes.
  • a2a6247f8 Interface(crypto): Add support for BIP341 Taproot signatures (#2523)
    Notes: A nw argument taproot_tree_root is added to SchnorrArguments in order to support BIP341.
    Review: Code changes look good and match release notes.
  • 8d726cc67 Interface(ICRC-ledger): Implement V3 for ICRC ledger - migrate allowances to stable structures (#1513)
    Notes: Various changes has been done in ledger-1 codebase to migrate allowance to stable structures. Migration code has been introduced to make sure writes happen to correct data structure while the migration is in progress. Various unit tests are also added.
    Review: Code changes look good and match release notes.
  • bed178d77 Interface,Message Routing: Add various subnet info metrics (#2969)
    Notes: New subnet metrics has been added for subnet configuration values like subnet type, size, features, initial notary delay, max block payload size.
    Review: Code changes look good and match release notes.
  • e41a4efb7 Interface,Message Routing: More latency metrics (#2905)
    Notes: More metrics have been added to latency monitoring which are batch_delivery_latency, induct_batch_latency, certification_duration.
    Review: Code changes look good and match release notes.
  • b6e0faa05 Interface,Node(node): update-config.service (#2393)
    Notes: update-config service is now being used in guestos and host os which will convert the old config format to new one. Once all the nodes are updated with the new config, this service will be removed.
    Review: Code changes look good and match release notes.
  • 8a538aac7 Owners(IDX): Force static link of lmdb (#2941)
    Notes: Patch script lmdb_rkv_sys.patch has been added to lmdb_rkv_sys to ensure static linking of lmdb.
    Review: Code changes look good and match release notes.
  • ee08c5875 Node: Create and use a faster alternative to prestorecon (#2980)
    Notes: Changes have been made to use erestorecon.sh instead of prestorecon while Restoring SELinux security.
    Review: Code changes look good and match release notes.

Bugfixes:

  • bd92560a7 Execution,Interface(crypto): Fix the management canister interface for Schnorr aux inputs (#2952)
    Notes: Modify the SignWithSchnorrArgs structure in the management canister by replacing taproot_tree_root: Option with aux: Option to ensure compliance with the interface specification.
    Review: Code changes look good and match release notes.
  • 05f660259 Interface(BOUN): Integrate log anonymization into ic-boundary (#2665)
    Notes: anonymization_salt has been introduced to hash the fields in the logs for anonymity in ic-boundary…
    Review: Code changes look good and match release notes.
  • 1368f04cc Interface(EXC): Make expensive debug assert conditional (#2820)
    Notes: Expensive debug_assert_eq will now be used under a conditional to speed up the test executions.
    Review: Code changes look good and match release notes.
  • df6e86ced Interface,Node: Revert from 24.04 build container (#2951)
    Notes: Revert of old PR #1946 and #2858 which were an attempt to upgrade to ubuntu 24.04 until more compatibility issues are fixed.
    Review: Code changes look good and match release notes.
  • 23d181e50 Interface,Node: Update Elasticsearch URLs and index patterns for testnet environment (#2888)
    Notes: Elasticsearch url has been updated from elasticsearch.testnet.dfinity.network to elasticsearch.ch1-obsdev1.dfinity.network with some minor changes to index patterns.
    Review: Code changes look good and match release notes.
  • 4158ba727 Node: Fixup colliding permission services (#2933)
    Notes: A bad check has been corrected which was causing a chown -R to run across all of /var/lib/ic/data.
    Review: Code changes look good and match release notes.

Performance improvements:

  • 796a29be6 Interface,Message Routing: Copy outside write lock (#2963)
    Notes: The setting of variable next_tip was expensive, thats why it is now taken out of write lock for states.
    Review: Code changes look good and match release notes.

Chores:

  • 05c96cbd1 Execution,Interface: Rename IDKG test functions and struct fields in Network and SubnetTopology (#2741)
    Notes: Renames certain functions and types from the “IDKG” terminology to the more general “Chain Key” naming, making it relevant for VetKd as well.
    Review: Code changes look good and match release notes.
  • 57dc741a9 Interface: Remove deprecated scenario tests (#2866)
    Notes: Deprecated test scenarios are now removed.
    Review: Code changes look good and match release notes.
  • b3ab4bf9a Interface,Networking: merge infallible errors, improve expect statements and use {:#?} for anyhow error formatting (#2964)
    Notes: To infallible errors MissingPeerIdentity and MalformedPeerIdentity are now merged into one called AuthenticationFailed, improvements on expect statement while defining quinn_server_config, and added some comments.
    Review: Code changes look good and match release notes.
  • a8d210455 Interface,Networking: split out parsing the read state response into a separate create (#2899)
    Notes: The logic to parse the read_state response is now separated out to a separate crate called read_state_response_parser.
    Review: Code changes look good and match release notes.
  • 3466a3205 Owners(IDX): Use pigz from Bazel Central Registry (#2945)
    Notes: MInor changes to use pigz from central registry rather than from a github repo.
    Review: Code changes look good and match release notes.
  • 9f5674ce6 Node: Update Base Image Refs [2024-12-05-0808] (#2982)
    Notes: Base image refs are updated.
    Review: Code changes look good and match release notes.
  • 2a400f53b Node: Update Base Image Refs [2024-11-28-1813] (#2887)
    Notes: base image refs are updated.
    Review: Code changes look good and match release notes.

Refactoring:

  • 0ab07de46 Interface: Rename idkg_subnet_public_keys in Consensus and Execution (#2817)
    Notes: Simply renamed idkg_subnet_public_keys to chain_key_subnet_public_keys.
    Review: Code changes look good and match release notes.
  • 006709366 Interface,Networking: small improvement on error handling in transport (#2878)
    Notes: Updates a few error types and introduced expect with proper error message in quic transport.
    Review: Code changes look good and match release notes.
  • 697c20ccd Interface,Node(node): follow-ups to deterministic_ips/ consolidation (#2845)
    Notes: This is a consolidation of lot of changes around deterministic ip and mac. macaddr::MacAddr6 crate is now being used and recently added deterministic ip code has been removed at certain places.
    Review: Code changes look good and match release notes.

Tests:

  • 51f1c7e21 Consensus,Interface: Enable cup_compatibility_test for new NiDkgTag::HighThresholdForKey (#2840)
    Notes: ExhaustiveSet for NiDkgConfig and IDkgMasterPublicKeyId are now implemented which were previously defaults to enable cup_compatibility_test .
    Review: Code changes look good and match release notes.
  • 9a95ec743 Execution,Interface(EXC): Fix race condition in tests (#2828)
    Notes: The PR implements a fix for race condition by stopping the background monitoring thread.
    Review: Code changes look good and match release notes.
  • aab432742 Interface: Deriving reject code from error code (#2871)
    Notes: Introduces function reject_code_from_error_code function to validate that the reject code corresponds to the leading digit of each error code.
    Review: Code changes look good and match release notes.

proposal - 134408

Vote: ADOPT

Reason:

All the changes align with the commit description and no errors or anomalies found in the code changes introduced. Also, successfully ran the build verification script.

Hash Match: MATCH

Feedback:

Proposer Check: MATCH

Overall Summary:

Updates introduce more robust and flexible configuration and logging to the boundary nodes, including a new environment file, improved metrics and anonymization features, and support for a BIP341-compatible auxiliary field in Schnorr signatures. They also ensure deterministic linking of LMDB, integrate macaddr and NodeType for flexible IPv6 and MAC address generation, and refine testing, metrics, and migration logic for ledger and consensus.

Commits Summary

ad36e6b0d
Adds a new environment file ic-boundary.env and includes it in the boundary node’s startup configuration by using the env-file-reader crate. The boundary node process is adjusted to read environment variables from the new env file, passing them to the process as part of its startup environment.

af2605ffb
Adds a second optional target for fstrim to discard unused blocks on the replica data partition if the node is unassigned.

8ec2ca18b
Enables wasm_tail_call. There were performance improvements when doing ReturnCall.

a2a6247f8
Optional taproot_tree_root field to SchnorrArguments and updates its handling throughout the consensus and execution environment code. It modifies functions, test utilities, and protobuf definitions to accept and process taproot_tree_root when creating or parsing Schnorr signature arguments. The TODO comment suggest there is more logic on the way.

8d726cc67
Introduces code paths and logic to move ledger data from older, in-memory or legacy formats into stable data structures, using minicbor for serialization. The changes also include added logic to track migration progress, handle partially migrated states, and eventually finalize the migration so that the ledger can resume normal operations.

This migration seems like a really crucial change to Ledger. I am wondering if there is any way we can test the migration and how it will take place. Is there anything CodeGov can do to help test the migration?

bed178d77
Adds additional metrics about subnet configuration, including subnet size, features, and maximum canister capacity. It also modifies the registry reading logic to populate and record these new metrics.

e41a4efb7
New histograms and updates existing metrics to capture wall-clock latencies and durations for various steps in the consensus and message routing processes, including batch delivery, batch induction, and certification.

b6e0faa05
New file src/update_config.rs. This file reads various configuration files (like network.conf, filebeat.conf, and nns.conf) and sets up network, logging, and NNS parameters for a node. It then serializes the gathered configuration into JSON and writes it out to config.json, enabling updates to the node’s configuration without containing secret materials.

8a538aac7
Ensures LMDB is now linked deterministically and at the lmdb-rkv-sys crate build stage rather than relying on late-stage, accidental static linking. By applying a patch that allows specifying a custom LMDB archive path instead of LMDB_NO_BUILD, and providing a pre-built liblmdb.a static archive via Bazel, LMDB is statically linked during the crate’s build.

ee08c5875
Now uses erestorecon instead of prestorecon.

bd92560a7
Replaces the taproot_tree_root field with a more general aux argument in the SignWithSchnorrArgs structure, allowing for BIP341-like auxiliary data (e.g., a merkle_root_hash) to be passed in. It updates all relevant call sites and tests so that the auxiliary argument is consistently used.

05f660259
Renames the anonymization-backend crate to anonymization_backend and adjusts its entry point from src/lib.rs to src/main.rs, clarifying its usage as an executable rather than a library. Additionally, it updates the ic-agent and ic-transport-types dependencies to specified versions and integrates the anonymization client into the boundary node code.

Integrates log anonymization into ic-boundary by referencing a hard-coded anonymization canister ID and tracking a salt fetched from that canister. This salt is then used to hash sensitive fields like IP addresses and principal IDs in request logs, ensuring they are not stored in cleartext. Changes in core.rs, metrics.rs, and related configuration files implement this anonymization logic throughout the boundary node’s request handling and logging process.

1368f04cc
Sets limit for debug_assertions to 1k cache entries. Matches description.

df6e86ced
Reverts changes from prev commits feat: [NODE-1355] Upgrade build container to 24.04 by Bownairo · Pull Request #1946 · dfinity/ic · GitHub and fix(IDX): libtinfo5-6.4 is no longer available in ubuntu so use 6.3 by basvandijk · Pull Request #2858 · dfinity/ic · GitHub.

23d181e50
Matches description of fixing Elasticsearch URLs and index patterns for testnet environment.

4158ba727
Fix permissions for upgrade-shared-data-store/upgrade-shared-data-store.sh by replacing the replica check with the corrected ic-replica.

796a29be6
Perf refactor for state manager commit_and_certify. It now calculates next_tip before self.states.write.

05c96cbd1
More renaming changes for idkg_key to chain_key.

57dc741a9
Removed all tests related to ic-scenario-tests.

b3ab4bf9a
FIX
There is a spelling error with handle_inbound_conn_attemp. Logic related to handle_dial has been consolidated in function can_i_dial_to improving reuse.

a8d210455
This moves code from canister_client/src/cbor.rs to separate file canister_client/read_state_response_parser/src/lib.rs, so now we have a new package ic-read-state-response-parser.

3466a3205
Streamlines the use of pigz lib since it is packaged in the Bazel central registry.

9f5674ce6
Updates base image refs.

2a400f53b
Updates base image refs.

0ab07de46
Renames idkg_subnet_public_keys to chain_key_subnet_public_keys.

006709366
Mainly improvements to quic transport error handling. quinn_client_config, client_config are moved outside async conn_fut.

697c20ccd
Integrate the macaddr crate and update various configuration files and scripts to use the new macaddr type and a NodeType enum rather than relying on hardcoded indices. Modify the generation of deterministic MAC and IPv6 addresses, removing the deterministic_ips dependency and making the code more flexible.

51f1c7e21
Extends ExhaustiveSet to include VetKdCurve, VetKdKeyId IDkgMasterPublicKeyId. Changes are related to testing of serialization correctness related to types.

9a95ec743
Matches description to fix race conditions by stopping the background monitoring thread.

aab432742
Test checks that all error codes can be converted to a valid reject code.

Proposal 134408

Summary

  1. Vote: Adopt
  2. Hash: All the hashes match
  3. Reasons to adopt: The release notes match the commits and the code changes. Builds successfully and all the hashes match

Commits

Features

  • ad36e6b0d
    Summary: make orchestrator load env vars for ic-boundary
    Notes: Added a feature to orchestrator to be able to add environment variable to the spawned process. Loads environment variable for ic-boundary from /opt/ic/share/ic-boundary.env.
    Review: Code changes matches the commit message.

  • af2605ffb
    Summary: discard for data partition
    Notes: Unassigned nodes are issued a discard command via fstrim on the replica data partition.
    Review: Code changes matches the commit message.

  • 8ec2ca18b
    Summary: Enable tail_call in wasmtime
    Notes: config.wasm_tail_call(true); is set to true enabling the wasmtime feature. The cost of return_call and return_call_indirect is reduced to incentivize their use as using these have performance improvement of roughly 1.5x
    Review: Code changes matches the commit message.

  • a2a6247f8
    Summary: Add support for BIP341 Taproot signatures
    Notes: Adds support for the user to add the input to the signature protocol as BIP341 requires an extra derivation steps used in BIP340.
    Review: Code changes matches the commit message.

  • 8d726cc67
    Summary: Implement V3 for ICRC ledger - migrate allowances to stable structures
    Notes: Migrates allowance to stable memory structures and the ledger is blocked for the duration of migration and marked as ready after the migration is complete. Also added various test cases for the same.
    Review: Code changes matches the commit message.

  • bed178d77
    Summary: Add various subnet info metrics
    Notes: returns subnet information like type, size, features, initial notary
    delay, max block payload size while reading at top of the round.
    Review: Code changes matches the commit message.

  • e41a4efb7
    Summary: More latency metrics
    Notes: Adds metrics to the subnet latency histogram batch_delivery_latency , induct_batch_latency , and certification_duration
    Review: Code changes matches the commit message.

  • b6e0faa05
    Summary: update-config.service
    Notes: updates update-config.service from old ic-config to new ic-config format.
    Review: Code changes matches the commit message.

  • 8a538aac7
    Summary: Force static link of lmdb
    Notes: Earlier lmdb was linked only at the end of the build, now lmdb is linked when lmdb-rkv-sys crate is built and does not have to be built when final executables are built.
    Review: Code changes matches the commit message.

  • ee08c5875
    Summary: Create and use a faster alternative to prestorecon
    Notes: erestorecon.sh is used instead of prestorecon
    Review: Code changes matches the commit message.

Bugfixes

  • bd92560a7
    Summary: Fix the management canister interface for Schnorr aux inputs
    Notes: uses aux instead of taproot_tree_root in the management canister SignWithSchnorrAux to fix the management canister interface.
    Review: Code changes matches the commit message.

  • 05f660259
    Summary: integrate log anonymization into ic-boundary
    Notes: log anonymization canister which is hard coded in ic-boundary.env is tracked to add log anonymization.
    Review: Code changes matches the commit message.

  • 1368f04cc
    Summary: Make expensive debug assert conditional
    Notes: limits debug assert to 1k cache entries making test cases faster.
    Review: Code changes matches the commit message.

  • df6e86ced
    Summary: Revert from 24.04 build container
    Notes: reverts #1946 and #2858 until we link to older libraries for broader compatibility in distributed binaries.
    Review: Code changes matches the commit message.

  • 23d181e50
    Summary: Update Elasticsearch URLs and index patterns for testnet environment
    Notes: Updates Elasticsearch URLs to facilitate the new ES cluster.
    Review: Code changes matches the commit message.

  • 4158ba727
    Summary: Fixup colliding permission services
    Notes: bug fixes in upgrade-shared-data-store.sh so that chown -R does not run on all of /var/lib/ic/data.
    Review: Code changes matches the commit message.

Performance improvements

  • 796a29be6
    Summary: Copy outside write lock
    Notes: copy_state step is done before taking the write lock in state managers commit_and_certify function since API calls were blocked otherwise which depend on reading the state list.
    Review: Code changes matches the commit message.

Chores

  • 05c96cbd1
    Summary: Rename IDKG test functions and struct fields in Network and SubnetTopology
    Notes: IDKG naming is changed to chain key naming such as idkg_keys_held is updated to chain_keys_held, with_idkg_key is updated to with_chain_key, idkg_signing_subnets updated to chain_key_enabled_subnets etc.
    Review: Code changes matches the commit message.

  • 57dc741a9
    Summary: Remove deprecated scenario tests
    Notes: removes test cases which are no longer used.
    Review: Code changes matches the commit message.

  • b3ab4bf9a
    Summary: merge infallible errors, improve expect statements and use {:#?} for anyhow error formatting
    Notes: code cleanup, removes duplicate code my creating a helper function can_i_dial_to and some other small changes.
    Review: Code changes matches the commit message.

  • a8d210455
    Summary: split out parsing the read state response into a separate create
    Notes: read_state logic is moved to ic-read-state-response-parser
    Review: Code changes matches the commit message.

  • 3466a3205
    Summary: Use pigz from Bazel Central Registry
    Notes: used Bazel Central Registry to fetch pigz (parallel gzip)
    Review: Code changes matches the commit message.

  • 9f5674ce6
    Summary: Update Base Image Refs [2024-12-05-0808]
    Notes: Updates base container image references.
    Review: Code changes matches the commit message.

  • 2a400f53b
    Summary: Update Base Image Refs [2024-11-28-1813]
    Notes: Updates base container image references.
    Review: Code changes matches the commit message.

Refactoring

  • 0ab07de46
    Summary: Rename idkg_subnet_public_keys in Consensus and Execution
    Notes: changes naming from idkg_subnet_public_keys to chain_key_subnet_public_keys to avoid confusion since VetKeys would be added to these lists.
    Review: Code changes matches the commit message.

  • 006709366
    Summary: small improvement on error handling in transport
    Notes: updates to error handling.
    Review: Code changes matches the commit message.

  • 697c20ccd
    Summary: follow-ups to deterministic_ips/ consolidation
    Notes: code refactoring by using macaddr crate instead of deterministic_ips package.
    Review: Code changes matches the commit message.

Tests

  • 51f1c7e21
    Summary: Enable cup_compatibility_test for new NiDkgTag::HighThresholdForKey
    Notes: Adds ExhaustiveSet for VetKdKeyId, IDkgMasterPublicKeyId etc to include them in cup_compatibility_test
    Review: Code changes matches the commit message.

  • 9a95ec743
    Summary: Fix race condition in tests
    Notes: Added code to stop thread monitoring to avoid race condition with the tests.
    Review: Code changes matches the commit message.

  • aab432742
    Summary: deriving reject code from error code
    Notes: Adds reject_code_from_error_code test to derive reject code from error code.
    Review: Code changes matches the commit message.

Proposal 134408

Summary

  1. Vote: Adopt
  2. Hash: Hashes match
  3. Reasons to adopt: Builds fine + hashes match + release notes match the commits

Commits

Features:

  1. ad36e6b0d
    Summary: make orchestrator load env vars for ic-boundary.
    Notes: ic-boundary will load the env vars from the newly added /opt/ic/share/ic-boundary.env file and orchestrator will read and provide env vars to the spawned process.
    Review: The description matches the code changes.

  2. af2605ffb
    Summary: discard for data partition.
    Notes: Add datadir_target arg to the fstrim_tool which will issue NVMe discard commands on the replica data partition to clear unnecessary data for unassigned nodes.
    Review: The description matches the code changes.

  3. 8ec2ca18b
    Summary: Enable tail_call in wasmtime.
    Notes: Enable tail call in wasmtime + improve performance by using ReturnCall and ReturnCallIndirect instead of call when call depths are smaller.
    Review: The description matches the code changes.

  4. a2a6247f8
    Summary: Add support for BIP341 Taproot signatures.
    Notes: To support BIP341, add taproot_tree_root argument to SchnorrArguments .
    Review: The description matches the code changes.

  5. 8d726cc67
    Summary: Implement V3 for ICRC ledger - migrate allowances to stable structures.
    Notes: To ensure the writes are done to the correct data structure, a timer is used to migrate batches of allowances to stable memory and the ledger is blocked. Unit tests added.
    Review: The description matches the code changes.

  6. bed178d77
    Summary: Add various subnet info metrics.
    Notes: Add new subnet config metrics such as subnet type, size, features, initial notary delay, max block payload size etc.
    Review: The description matches the code changes.

  7. e41a4efb7
    Summary: More latency metrics.
    Notes: Add histograms for subnet latency monitoring: batch_delivery_latency, induct_batch_latency, and certification_duration.
    Review: The description matches the code changes.

  8. b6e0faa05
    Summary: update-config.service.
    Notes: Added update-config.service that will update the old ic-os config format to the new ic-os config format. Once all nodes are updated, update-config.service will be deleted.
    Review: The description matches the code changes.

  9. 8a538aac7
    Summary: Force static link of lmdb.
    Notes: To statically link lmdb in the Bazel build, lmdb_rkv_sys.patchwas added to lmdb-rkv-sys .
    Review: The description matches the code changes.

  10. ee08c5875
    Summary: Create and use a faster alternative to prestorecon.
    Notes: Use erestorecon instead of prestorecon to set up permissions for better performance. erestorecon.sh was added.
    Review: The description matches the code changes.

Bugfixes:

  1. bd92560a7
    Summary: Fix the management canister interface for Schnorr aux inputs.
    Notes: Modify the management canister interface to match with the final interface design. Replace taproot_tree_root: Option<ByteBuf> with aux: Option<SignWithSchnorrAux.
    Review: The description matches the code changes.

  2. 05f660259
    Summary: Integrate log anonymization into ic-boundary.
    Notes: Added log anonymization to ic-boundary by tracking a log anonymization canister, anonymization_salt .
    Review: The description matches the code changes.

  3. 1368f04cc
    Summary: Make expensive debug assert conditional.
    Notes: For performance improvement, run the expensive debug assert only under certain conditions.
    Review: The description matches the code changes.

  4. df6e86ced
    Summary: Revert from 24.04 build container.
    Notes: Revert upgrade to ubuntu 24.04 until the issues are fixed.
    Review: The description matches the code changes.

  5. 23d181e50
    Summary: Update Elasticsearch URLs and index patterns for testnet environment.
    Notes: Update Elasticsearch url from https://elasticsearch.testnet.dfinity.network/ci-performance-test/_doc to https://elasticsearch.ch1-obsdev1.dfinity.network/ci-performance-test/_doc .
    Review: The description matches the code changes.

  6. 4158ba727
    Summary: Fixup colliding permission services.
    Notes: Fix a condition in upgrade-shared-data-store.sh which causing a chown -R to run across all of /var/lib/ic/data. It also added additional steps for setup-permissions.sh.
    Review: The description matches the code changes.

Performance improvements:

  1. 796a29be6
    Summary: Copy outside write lock.
    Notes: Move the calculation of the next_tip before the write lock since it is expensive.
    Review: The description matches the code changes.

Chores:

  1. 05c96cbd1
    Summary: Rename IDKG test functions and struct fields in Network and SubnetTopology.
    Notes: Rename functions and types from IDKG naming to a more general Chain Key so it can be used for VetKd as well. In some places, IDKG is also replaced with master public keys.
    Review: The description matches the code changes.

  2. 57dc741a9
    Summary: Remove deprecated scenario tests.
    Notes: Remove various deprecated tests.
    Review: The description matches the code changes.

  3. b3ab4bf9a
    Summary: merge infallible errors, improve expect statements and use {:#?} for anyhow error formatting.
    Notes: Combine the 2 errors MalformedPeerIdentity and MissingPeerIdentity into AuthenticationFailed. Add comments and replace calls to unwrap with expect.
    Review: The description matches the code changes.

  4. a8d210455
    Summary: split out parsing the read state response into a separate create.
    Notes: Move the logic for read_state into a separate create called read_state_response_parser.
    Review: The description matches the code changes.

  5. 3466a3205
    Summary: Use pigz from Bazel Central Registry.
    Notes: Use pigz from Bazel Central Registry rather than from a github repo.
    Review: The description matches the code changes.

  6. 9f5674ce6
    Summary: Update Base Image Refs [2024-12-05-0808].
    Notes: Update base container image references.
    Review: The description matches the code changes.

  7. 2a400f53b
    Summary: Update Base Image Refs [2024-11-28-1813].
    Notes: Update base container image references.
    Review: The description matches the code changes.

Refactoring:

  1. 0ab07de46
    Summary: Rename idkg_subnet_public_keys in Consensus and Execution.
    Notes: Rename idkg_subnet_public_keys to chain_key_subnet_public_keys.
    Review: The description matches the code changes.

  2. 006709366
    Summary: small improvement on error handling in transport.
    Notes: Modify the error types, remove TlsClientConfigError and ConnectError and add BadConnectParameters in the Quic transport connection manager. Update the expect statements to be more descriptive.
    Review: The description matches the code changes.

  3. 697c20ccd
    Summary: follow-ups to deterministic_ips/ consolidation.
    Notes: Various changes around deterministic ip and mac. Switch some usages of deterministic_ips to the newly added macaddr crate.
    Review: The description matches the code changes.

Tests:

  1. 51f1c7e21
    Summary: Enable cup_compatibility_test for new NiDkgTag::HighThresholdForKey.
    Notes: Implement ExhaustiveSet for NiDkgConfig and IDkgMasterPublicKeyId and can used in the cup_compatibility_test .
    Review: The description matches the code changes.

  2. 9a95ec743
    Summary: Fix race condition in tests.
    Notes: Fix to avoid race conditions in the sandboxed_execution_controller.rs test by stopping the background monitoring thread.
    Review: The description matches the code changes.

  3. aab432742
    Summary: Deriving reject code from error code.
    Notes: Add reject_code_from_error_code function to verify that the reject code can be derived from the leading digit of each error code.
    Review: The description matches the code changes.

Proposal 134408

Vote: Adopt

Reason: Build is successful, commits match descriptions and the reasoning behind the changes is sound. I was unable to verify the hashes after two attempts, but 6 other reviewers before me have successfully verified them so the problem is obviously at my end and I’ll look into it.

I’ve selectively reviewed Consensus, Crypto and Interface commits as detailed below.

Review

Features:

[ad36e6b0d]
Adds ic-os/components/ic/share/ic-boundary.env, containing a set of environment variables which are then used in the boundary node manager in rs/orchestrator/src/boundary_node.rs in place of args with the exception of tls-hostname which remains in args.

[af2605ffb]
Adds datadir_target to FsTrimArgs, to act as a second target directory on which to run the filesystem trim tool, but only for unassigned nodes.

[a2a6247f8]
Adds taproot_tree_root field to SchnorrArguments, SignWithSchnorrArgs and ThresholdSchnorrSigInputsRef. The change to SignWithSchnorrArgs is modified further in subsequent commit bd92560a7.

[8d726cc67]
Changes to support the ICRC-3 standard. Changes include switching to the use of the minicbor crate for encoding and decoding of accounts and related data, addition of pop_first_allowance and clear_arrivals to AllowancesData trait, addition of stable_approvals field to Ledger type, and the use of StableBTreeMap from ic_stable_structures for allowances data.

[bed178d77]
Adds subnet info metrics for message routing. Matches description.

[e41a4efb7]
Adds various latency metrics as outlined in the description.

[b6e0faa05]
Adds update_config.rs, which includes update_guestos_config and update_hostos_config methods. Adds corresponding service files which are to be deleted once the new ic-os config format is in use by all nodes and considered stable.

Bugfixes:

[05f660259]
Adds an HTTPS logs anonymisation process to rs/boundary_node/ic_boundary/src/core.rs utilising an existing anonymisation canister, along with a BUILD.bazel for the anonymisation client and related code changes elsewhere.

[1368f04cc]
Makes the least-recently-used cache debug assert conditional on a cache size of less than 1000.

[df6e86ced]
Reverts previous changes that upgraded (GuestOS?) to Ubuntu 24.04.

[23d181e50]
Updates elasticsearch URLs and indices as per description.

Performance improvements:

[796a29be6]
Repositions let _timer = self. ... prior to let mut states = self.states.write() within fn commit_and_certify in order to reduce computational expense.

Chores:

[57dc741a9]
Removes the entire ‎rs/scenario_tests/ directory as this set of tests has now been deprecated.

[b3ab4bf9a]
Error messaging changes as per description. The typo highlighted by @cyberowl is repeated in the function definition so should not by itself cause an error.

[a8d210455]
Adds a new crate ic_read_state_response_parser with code moved from rs/canister_client/src/cbor.rs into the new crate.

Refactoring:

[0ab07de46]
Renames idkg_subnet_public_keys to chain_key_subnet_public_keys in several places in order to avoid inaccurate naming once VetKeys is implemented.

[006709366]
QUIC transport error message changes + associated minor code changes.

[697c20ccd]
Several changes relating to deterministic IP / MAC address handling, matching description, including addition of the macaddr crate.

Tests:

[51f1c7e21]
Applies the ExhaustiveSet trait for testing of NiDkgMasterPublicKeyId and NiDkgTag and removes it from IDkgMasterPublicKeyId.

[aab432742]
Adds reject_code_from_error_code test.

Proposal 134408

Vote: ADOPT

Reason: Build is successful and hashes match, reviewed commits also match their descriptions, therefore I’ve voted to adopt.

Features:

8ec2ca18b Enabled tail_call wasmtime feature. Updated instrumentation costs to make ReturnCall and ReturnCallIndirect cheaper. Updated benchmarks to include recursive calls.

a2a6247f8 Added taproot_tree_root field to SchnorrArguments struct, this is required to support Taproot signatures. When the SignWithSchnorr system API is invoked, the field is decoded from the payload and used to construct SchnorrArguments struct required by sign_with_threshold method, this first validates that the caller has provided enough cycles to cover the cost of the call, that chain keys are enabled on the subnet and the threshold signature contexts still have capacity to fit the request. If all of these conditions are met, the request is pushed to the subnet call manager’s threshold contexts, which will finally be handled the signer component.

8d726cc67 Extended Ledger struct with stable_approvals field and added logic to migrate allowances and expirations from heap to stable memory when upgrading from ledger version v0 to v1. To ensure the upgrade process doesn’t hit the instruction limit, the migration is performed in batches, this is done by calling migrate_next_part method “recursively” by scheduling a timer for the next round as soon as the instruction used reach the limit. The limit is set a bit higher when the method is called initially by post_upgrade, since the hook allows more instructions to be used, subsequent calls made via timer have a lower limit.
A new variable has been added to the ledger’s global state: LEDGER_STATE, this is an enum with 2 variants Migrating and Ready. While the migration process is taking place it is set to Migrating and access to some ledger functionality such as reading balances, allowances, initiating transactions or further upgrading the ledger is blocked. The state can be fetched by calling a new endpoint named is_ledger_ready.
Changed Storable trait implementation for Account struct to use cbor instead of manually handling the serialization. AllowancesData trait has new methods: pop_first_allowance and clear_arrivals, they are used to facilitate the migration and are only actually implemented in HeapAllowancesData.

bed178d77 Added new fields to MessageRoutingMetrics to export subnet related information such as subnet id, type and number of nodes. These infos are read from the registry and recorded every time a new batch is processed.

e41a4efb7 Added more metrics to measure time taken by some protocol operations such as batch delivery, i.e the time taken by consensus between block proposal and its delivery to message routing, batch induction, i.e time between block proposal and the start of the execution round and at last state certification.

Bugfixes:

bd92560a7 Changed name and type of SignWithSchnorrArgs’s taproot_tree_root field, introduced with a2a6247f8 to match the interface specification. It has been renamed to “aux” and its type changed to SignWithSchnorrAux, which is a new enum with currently only variant: SignWithSchnorrAux::Bip341 of type SignWithBip341Aux.

Performance improvements:

796a29be6 Moved state cloning step to take place before states write lock, since the operation is pretty expensive this reduces the time states is locked for.

Chores:

05c96cbd1 Renamed test method and struct fields to use the chain key nomenclature instead of idkg.

57dc741a9 Removed the entire scenario_tests directory as the tests inside have been deprecated.

b3ab4bf9a Merged MissingPeerIdentity and MalformedPeerIdentity error variants of ConnectionEstablishError into AuthenticationFailed. Reduced code duplication by moving logic to determine whether an outbound connection can be opened to can_i_dial_to method. Replaced some unwraps with expects to provide more context to the user as to why the replica panicked.

a8d210455 Moved logic to parse cbor responses return by read_state from canister_client to ic-read-state-response-parser crate.

Refactoring:

0ab07de46 More methods and struct fields renaming.

Tests:

9a95ec743 Modified sandboxed_execution_controller_dir_and_path method to send a stop signal to the background monitoring thread every 10 seconds until the channel is closed, the loop is necessary cause the monitoring thread has a 10 seconds timeout between each iteration and to avoid race condition it has to be stopped before the SandboxedExecutionController is returned.

aab432742 Added reject_code_from_error_code test to ensure all all reject codes can be derived from error codes.

1 Like

Hello everyone!

We intend to make a 3-week break in the regular release schedule, to reduce the risk of incidents over the holidays, when reaching engineers can be difficult.
We will submit proposals that fix particular issues observed on the mainnet, in fact I’m just about to submit one.
We plan to continue with a regular release schedule on Jan 3, 2025.

We’ve done a ton this year, and I’m very happy of all the work that not only DFINITY but also so many community members did. Kudos!

6 Likes

Hello there!

We are happy to announce that voting is now open for a new IC release.
The NNS proposal is here: IC NNS Proposal 134497.

Here is a summary of the changes since the last release:

Release Notes for release-2024-12-06_03-16-sandboxes7k (3e24396441e4c7380928d4e8b4ccff7de77d0e7e)

This release is based on changes since release-2024-12-06_03-16-base (d9fe2076f677a08734bed90c67b1c3f4056ed621).

Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the GuestOS image. Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.

To see a full list of commits added since last release, compare the revisions on GitHub.

Chores:

  • 3e2439644 Execution,Interface,Networking: Increase max number of sandboxes to 7k (#3164)

IC-OS Verification

To build and verify the IC-OS disk image, run:

# From https://github.com/dfinity/ic#verifying-releases
sudo apt-get install -y curl && curl --proto '=https' --tlsv1.2 -sSLO https://raw.githubusercontent.com/dfinity/ic/3e24396441e4c7380928d4e8b4ccff7de77d0e7e/ci/tools/repro-check.sh && chmod +x repro-check.sh && ./repro-check.sh -c 3e24396441e4c7380928d4e8b4ccff7de77d0e7e --guestos

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

While not required for this NNS proposal, as we are only electing a new GuestOS version here, you have the option to verify the build reproducibility of the HostOS by passing --hostos to the script above instead of --guestos, or the SetupOS by passing --setupos.

2 Likes

Proposal 134497

Vote: ADOPTED.
Reason: All reviewed commits match their description and hashes match.

Review:
3e2439644:
Increases the DEFAULT_MAX_SANDBOX_COUNT constant from 5000 to 7000.

1 Like

Proposal 134497: Adopt

The build verification script ran successfully and there is only 1 newly added commit which simply increases the max number of canister sandboxes from 5000 to 7000.

1 Like

Proposal 134497

Vote: ADOPT

Reason: Build is successful and hashes match, this is a hotfix build and contains a single commit which increases DEFAULT_MAX_SANDBOX_COUNT value from 5000 to 7000.

1 Like

Proposal #134408 for release-2024-12-06_03-16-base .

Vote: Adopted
Reason: Builds fine and the hash matches for GUESTOS, HOSTOS and SETUPOS along with all the listed commits.

1 Like

Proposal #134497 for release-2024-12-06_03-16-sandboxes7k .

Vote: Adopted
Reason: Builds fine and the hash matches for GUESTOS, HOSTOS and SETUPOS.

The only one change matches description.
Chores:
3e2439644 Execution,Interface,Networking: Increase max number of sandboxes to 7k .
Done by increasing DEFAULT_MAX_SANDBOX_COUNT to 7000 from currently 5k.

1 Like

proposal - 134497

Vote: ADOPT

Reason:

Successfully ran the build verification script.
All the changes align with the commit description.

### Hash Match: MATCH
### Feedback: NONE
### Proposer Check: MATCH
### 2 Urls: MATCH

3e2439644
Changes DEFAULT_MAX_SANDBOX_COUNT from 5_000 to 7_000, matching the description of increase max number of sandboxes to 7k.

1 Like

Proposal 134497

Summary

  1. Vote: Adopt
  2. Hash: All the hashes match
  3. Reasons to adopt: The release notes match the commits and the code changes. Builds successfully and all the hashes match

Chores

3e2439644
Increase DEFAULT_MAX_SANDBOX_COUNT from 5000 to 7000

Proposal: 134497

Summary:

  1. Build Hash: Build hash from the proposal, local build and CDN matches and is “c18f269b69a5a0c20e7879ca1d4248417952fe24107d84f1e9f519889a6ef721”.
  2. Summary: The release notes matches the code changes
  3. Vote: I vote to adopt the proposals

Detailed Review:

Chores:

3e2439644 Execution,Interface,Networking: Increase max number of sandboxes to 7k (#3164)
Notes: DEFAULT_MAX_SANDBOX_COUNT has been increased from 5k to 7k.
Review: Code changes looks okay and match release notes.

1 Like

Proposal 134497

Vote: Adopt

Reason: Build is successful and hashes match. The proposal consists of a single commit, matching the description, which changes DEFAULT_MAX_SANDBOX_COUNT from 5000 to 7000, with the intention of deploying this change to subnets that have experienced performance degradation due to high load.

1 Like