Proposal to elect new release rc--2025-02-13_03-06

Governance NNS proposal discussions
,
1

Hello there!

We are happy to announce that voting is now open for a new IC release.
The NNS proposal is here: [IC NNS Proposal Proposal for version 2008d47a169c4984631c87f2efaa88798e6f14dc submitted with ID 135301](https://dashboard.internetcomputer.org/proposal/Proposal for version 2008d47a169c4984631c87f2efaa88798e6f14dc submitted with ID 135301).

Here is a summary of the changes since the last release:

Release Notes for release-2025-02-13_03-06-base (2008d47a169c4984631c87f2efaa88798e6f14dc)

This release is based on changes since release-2025-02-06_12-26-base (5ee8dcf34f26c12defcff51c2f5737214611bccc).

Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the GuestOS image. Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.

To see a full list of commits added since last release, compare the revisions on GitHub.

This release diverges from the latest release. Merge base is 0206830a658fc51c35d9ccb005e86a22adf3b5be. Changes were removed from this release.

Features:

  • df5828f5b Consensus,Execution,Interface(MR): Roll out best-effort calls to the first few subnets (#3816)
  • 0ff90c220 Consensus,Interface: Create local transcripts for Vetkeys (#3387)
  • 09b5bac97 Consensus,Interface: Implement the VetKd payload builder and validator (#3613)
  • 1eedff6ff Consensus,Interface: Call crypto in the VetKd client (#3745)
  • b24f181ad Consensus,Interface: ramp up the socks proxy from registry to 10% (#3824)
  • 17e911e1f Crypto: Add rand feature to ic-ed25519 (#3888)
  • 19bf527a9 Execution,Interface: Increase Wasm64 heap size to 6 GiB (#3748)
  • 070656f25 Execution,Interface(MR): Basic metrics for best-effort calls (#3858)
  • 5a9304032 Execution,Interface(crypto): restrict vetKD encryption public key size in mgmt canister types to 48 bytes (#3749)
  • 513258aa0 Execution,Interface(MR): Support incremental rollout of best-effort calls (#3688)
  • 39f6eec55 Interface,Message Routing(MR): Use both guaranteed and best-effort calls in all XNet tests (#3582)
  • 6c5d1942f Interface,Message Routing: Asynchronously mark checkpoint readonly and sync (#3682)

Bugfixes:

  • f17589cf2 Consensus,Interface: bitcoin adapter: don’t retry aggressively (#3774)
  • d2ec812ef Consensus,Interface: bitcoin adapter: prune blocks if response empty (#3775)
  • c8436757c Consensus,Interface,Node: open port 22 between replica nodes (#3819)
  • 9fd33fc11 Execution,Interface: revert Run hook after CanisterWasmMemoryLimitExceeded error is fixed (#3850)
  • 00be225f3 Node: Add ahci to HostOS initramfs to fix gen1 spms (#3894)

Chores:

  • 8ee65b22e Consensus,Interface: Remove deprecated TaggedNiDkgTranscript proto (#3701)
  • 47b1aa1e2 Consensus,Interface(p2p): make some some functions/structs/traits private to the ic_artifact_manager crate (#3823)
  • 70ce01763 Execution,Interface: Upgrade Wasmtime 29 (#3622)
  • af74d26ea Execution,Interface: remove obsolete allowed_viewers_feature flag (#3900)
  • 63c193c59 Execution,Interface: Adjust metric to track whether message is executed on Wasm32 or Wasm64 canisters (#3746)
  • 527f4adf9 Execution,Interface: Quotation in error messages (#3828)
  • 5506c7c41 Interface: Make ic-management-canister-types private (#3814)
  • 97bcf0945 Interface(crypto): Move ic-crypto-secp256k1 to packages (#3784)
  • 03cd1a68f Node: improve check-network.sh failure logs (#3907)
  • 0329e9f1f Node: Update Base Image Refs [2025-02-08-0145] (#3875)
  • 5ea5e0928 Node: systemd tidying-up (#3699)
  • 639657530 Node: export cpu microcode metrics (#3787)
  • c29f4632b Node: remove unnecessary metrics_tool security settings (#3797)
  • 9bf488d5c Node: update mount settings (#3798)
  • 0ba0edf44 Node: move metrics services to run before node_exporter (#3678)
  • 86473052e Node: Update Base Image Refs [2025-02-06-0807] (#3813)
  • 7ed4c13ba Node(IDX): push checksum logic to Bazel (#3752)

Refactoring:

  • 63e785cd0 Execution,Interface,Message Routing: Use saturating arithmetics when evaluating hook conditions (#3879)
  • e8d8808a2 Interface: Add is_best_effort() for Request (#3892)
  • 289a67f1a Node: build-bootloader-tree.sh (#3844)

Documentation:

  • f906ca2c2 Execution,Interface(EXC): Switch error link to HTTPS (#3895)

Full list of changes (including the ones that are not relevant to GuestOS) can be found on GitHub.

IC-OS Verification

To build and verify the IC-OS disk image, run:

# From https://github.com/dfinity/ic#verifying-releases
sudo apt-get install -y curl && curl --proto '=https' --tlsv1.2 -sSLO https://raw.githubusercontent.com/dfinity/ic/2008d47a169c4984631c87f2efaa88798e6f14dc/ci/tools/repro-check.sh && chmod +x repro-check.sh && ./repro-check.sh -c 2008d47a169c4984631c87f2efaa88798e6f14dc --guestos

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

While not required for this NNS proposal, as we are only electing a new GuestOS version here, you have the option to verify the build reproducibility of the HostOS by passing --hostos to the script above instead of --guestos, or the SetupOS by passing --setupos.

1 Like
2

Hello there!

We are happy to announce that voting is now open for a new IC release.
The NNS proposal is here: [IC NNS Proposal Proposal for version d781ef0aa1ada11964394bd9269675ebe84a7b86 submitted with ID 135302](https://dashboard.internetcomputer.org/proposal/Proposal for version d781ef0aa1ada11964394bd9269675ebe84a7b86 submitted with ID 135302).

Here is a summary of the changes since the last release:

Release Notes for release-2025-02-13_03-06-disable-best-effort-messaging (d781ef0aa1ada11964394bd9269675ebe84a7b86)

This release is based on changes since release-2025-02-13_03-06-base (2008d47a169c4984631c87f2efaa88798e6f14dc).

Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the GuestOS image. Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.

To see a full list of commits added since last release, compare the revisions on GitHub.

Other changes:

  • d781ef0aa Consensus,Execution,Interface: Revert “feat(MR): Roll out best-effort calls to the first few subnets (#3816)”

Note: this is a fallback version, and will be used only if it becomes necessary to quickly disable the feature

IC-OS Verification

To build and verify the IC-OS disk image, run:

# From https://github.com/dfinity/ic#verifying-releases
sudo apt-get install -y curl && curl --proto '=https' --tlsv1.2 -sSLO https://raw.githubusercontent.com/dfinity/ic/d781ef0aa1ada11964394bd9269675ebe84a7b86/ci/tools/repro-check.sh && chmod +x repro-check.sh && ./repro-check.sh -c d781ef0aa1ada11964394bd9269675ebe84a7b86 --guestos

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

While not required for this NNS proposal, as we are only electing a new GuestOS version here, you have the option to verify the build reproducibility of the HostOS by passing --hostos to the script above instead of --guestos, or the SetupOS by passing --setupos.

3

Proposal 135301 - Hamish | CodeGov

Vote: Adopt
Reason: I have reviewed all of the commits listed and in my opinion they all look fine, but I have been unable to successfully run the build verification script. I haven’t voted yet, but if others manage to run the script successfully then I will vote to adopt.

Update: Given that others have successfully run the build scripts, I have voted to adopt this proposal.

This is the error I get when I attempt to run the build verification script -

Screenshot 2025-02-14 at 09.59.33
Screenshot 2025-02-14 at 09.59.331710×720 221 KB

Full review

Features:

  • df5828f5b Consensus,Execution,Interface(MR): Roll out best-effort calls to the first few subnets (#3816)
    Review: Looks fine + matches description
    Notes: Enables the best_effort_responses feature flag on the 3 subnets which OpenChat is on since we agreed to give it a try + also reduces the SUBNET_GUARANTEED_RESPONSE_MESSAGE_MEMORY_CAPACITY setting from 25GB to 15GB to make space for these best effort responses.

  • 0ff90c220 Consensus,Interface: Create local transcripts for Vetkeys (#3387)
    Review: Looks fine + matches description
    Notes: Updates the PayloadBuilder to generate and include NiDkg transcripts for any vetKD keys that are enabled on the subnet.

  • 09b5bac97 Consensus,Interface: Implement the VetKd payload builder and validator (#3613)
    Review: Looks fine + matches description
    Notes: Introduces the VetKdPayloadBuilderImpl struct which exposes methods to get enabled keys, and build / verify vetKd payloads. The cryptography around combined key shares remains unimplemented for now.

  • 1eedff6ff Consensus,Interface: Call crypto in the VetKd client (#3745)
    Review: Looks fine + matches description
    Notes: Wires up creating and verifying VetKd key shares within ThresholdSignerImpl by forwarding through to the newly implemented VetKdProtocol.

  • b24f181ad Consensus,Interface: ramp up the socks proxy from registry to 10% (#3824)
    Review: Looks fine + matches description
    Notes: Increases the REGISTRY_SOCKS_PROXY_DARK_LAUNCH_PERCENTAGE setting from 0 to 10, meaning that 10% of requests will be sent via the new SOCKS proxy and then the responses will be validated by comparing to the responses from the current setup.

  • 17e911e1f Crypto: Add rand feature to ic-ed25519 (#3888)
    Review: Looks fine + matches description
    Notes: Allows the ic-ed25519 library to be used within canisters by making the dependency on rand optional. When this dependency is enabled the resulting wasm is invalid for running within a canister.

  • 19bf527a9 Execution,Interface: Increase Wasm64 heap size to 6 GiB (#3748)
    Review: Looks fine + matches description
    Notes: Bumps the MAX_WASM64_MEMORY_IN_BYTES setting from 4GB to 6GB.

  • 070656f25 Execution,Interface(MR): Basic metrics for best-effort calls (#3858)
    Review: Looks fine + matches description
    Notes: Adds labels to the call_tree metrics to distinguish between best-effort calls and guaranteed response calls. Also adds the queues_best_effort_message_bytes and best_effort_request_count counter metrics.

  • 5a9304032 Execution,Interface(crypto): restrict vetKD encryption public key size in mgmt canister types to 48 bytes (#3749)
    Review: Looks fine + matches description
    Notes: Sets the VetKdDeriveEncryptedKeyArgs::encryption_public_key field type to [u8; 48] rather than being a Vec<u8> since the standard mandates that this key must be 48 bytes. This change enables invalid keys to be detected earlier when constructing the args rather than later within the crypto component.

  • 513258aa0 Execution,Interface(MR): Support incremental rollout of best-effort calls (#3688)
    Review: Looks fine + matches description
    Notes: Implements the ability to have more fine-grained control over which subnets the best-effort calls feature is enabled on. It does this by introducing the BestEffortResponsesFeature enum which supports enabling the feature either on specified subnet Ids, or all application subnets, or everywhere.

  • 39f6eec55 Interface,Message Routing(MR): Use both guaranteed and best-effort calls in all XNet tests (#3582)
    Review: Looks fine + matches description
    Notes: Updates a load of XNet tests to make calls using both guaranteed response calls and best-effort calls.

  • 6c5d1942f Interface,Message Routing: Asynchronously mark checkpoint readonly and sync (#3682)
    Review: Looks fine + matches description
    Notes: Removes the call to sync_and_mark_files_readonly from scratchpad_to_checkpoint, and instead handles this functionality during the ValidateReplicatedStateAndFinalize stage which happens asynchronously on a different thread.

Bugfixes:

  • f17589cf2 Consensus,Interface: bitcoin adapter: don’t retry aggressively (#3774)
    Review: Looks fine + matches description
    Notes: Modifies the Bitcoin adapter’s scheduling logic to prioritise fetching new blocks over retrying blocks that failed.

  • d2ec812ef Consensus,Interface: bitcoin adapter: prune blocks if response empty (#3775)
    Review: Looks fine + matches description
    Notes: Clears the block cache within the Bitcoin adapter if a call to get_successors returns no blocks and the block cache is full. This is because if this scenario ever occurs then none of the blocks can currently be reached from th anchor, and if the block cache is full then no new blocks can be requested, resulting in the adapter stalling.

  • c8436757c Consensus,Interface,Node: open port 22 between replica nodes (#3819)
    Review: Looks fine + matches description
    Notes: Updates the IC config by adding port 22 to the tcp_ports_for_node_whitelist setting.

  • 9fd33fc11 Execution,Interface: revert Run hook after CanisterWasmMemoryLimitExceeded error is fixed (#3850)
    Review: Looks fine + matches description
    Notes: Reverts a commit relating to the CanisterWasmMemoryLimitExceeded hook because the devs decided it was risky to include it in this week’s release.

  • 00be225f3 Node: Add ahci to HostOS initramfs to fix gen1 spms (#3894)
    Review: Looks fine + matches description
    Notes: Enables AHCI for HostOS to fix an issue affecting Gen1 nodes.

Chores:

  • 8ee65b22e Consensus,Interface: Remove deprecated TaggedNiDkgTranscript proto (#3701)
    Review: Looks fine + matches description
    Notes: Removes the Proto definitions of the old TaggedNiDkgTranscript fields and marks their Ids as reserved.

  • 47b1aa1e2 Consensus,Interface(p2p): make some some functions/structs/traits private to the ic_artifact_manager crate (#3823)
    Review: Looks fine + matches description
    Notes: Makes a few functions and types within the ic_artifact_manager crate private since they were only used by tests, then updates the test code to avoid using these newly private functions.

  • 70ce01763 Execution,Interface: Upgrade Wasmtime 29 (#3622)
    Review: Looks fine + matches description
    Notes: Bumps wasmtime from 28.0.0 to 29.0.1.

  • af74d26ea Execution,Interface: remove obsolete allowed_viewers_feature flag (#3900)
    Review: Looks fine + matches description
    Notes: Removes the allowed_viewers_feature feature flag relating to canister logs since it has now been fully enabled in production for a while.

  • 63c193c59 Execution,Interface: Adjust metric to track whether message is executed on Wasm32 or Wasm64 canisters (#3746)
    Review: Looks fine + matches description
    Notes: Adds the wasm_execution_mode label to the sandboxed_execution_executed_message_slices_total metric so that the counts can be viewed separately for wasm32 and wasm64.

  • 527f4adf9 Execution,Interface: Quotation in error messages (#3828)
    Review: Looks fine + matches description
    Notes: Adds punctuation to some error messages to aid readability.

  • 5506c7c41 Interface: Make ic-management-canister-types private (#3814)
    Review: Looks fine + matches description
    Notes: Renames ic-management-canister-types to ic-management-canister-types-private as a step towards switching all usages over to the publicly available ic-management-canister-types crate.

  • 97bcf0945 Interface(crypto): Move ic-crypto-secp256k1 to packages (#3784)
    Review: Looks fine + matches description
    Notes: Renames the ic-crypto-secp256k1 package to ic-secp256k1 and moves it to the packages directory with a view to publishing it.

  • 03cd1a68f Node: improve check-network.sh failure logs (#3907)
    Review: Looks fine + matches description
    Notes: Adds more details to the output logs if the check-network.sh script fails.

  • 0329e9f1f Node: Update Base Image Refs [2025-02-08-0145] (#3875)
    Review: Looks fine + matches description
    Notes: Updates the base IC-OS image references.

  • 5ea5e0928 Node: systemd tidying-up (#3699)
    Review: Looks fine + matches description
    Notes: Updates the comments of some systemd services and cleans up some unnecessary parameters.

  • 639657530 Node: export cpu microcode metrics (#3787)
    Review: Looks fine + matches description
    Notes: Adds the new custom-metrics.service and uses it to export the node_cpu_microcode value as a metric.

  • c29f4632b Node: remove unnecessary metrics_tool security settings (#3797)
    Review: Looks fine + matches description
    Notes: Removes a load of unnecessary settings from the metrics_tool.service.

  • 9bf488d5c Node: update mount settings (#3798)
    Review: Looks fine + matches description
    Notes: Updates how some services specify which other services must first complete to use RequiresMountsFor rather than Requires and After.

  • 0ba0edf44 Node: move metrics services to run before node_exporter (#3678)
    Review: Looks fine + matches description
    Notes: Switches a few services to run before the node_exporter service so that their data is initialized by the time the exporter begins scraping it.

  • 86473052e Node: Update Base Image Refs [2025-02-06-0807] (#3813)
    Review: Looks fine + matches description
    Notes: Updates the base IC-OS image references.

  • 7ed4c13ba Node(IDX): push checksum logic to Bazel (#3752)
    Review: Looks fine + matches description
    Notes: Does some refactoring of the build-ic.sh script, most notably, moves checksum_rule to BUILD.bazel so that it can be used outside the main build script.

Refactoring:

  • 63e785cd0 Execution,Interface,Message Routing: Use saturating arithmetics when evaluating hook conditions (#3879)
    Review: Looks fine + matches description
    Notes: Switches to using saturating_sub rather than a normal subtraction within is_low_wasm_memory_hook_condition_satisfied.

  • e8d8808a2 Interface: Add is_best_effort() for Request (#3892)
    Review: Looks fine + matches description
    Notes: Adds the is_best_effort helper function to Request and uses it rather than checking if the deadline is set.

  • 289a67f1a Node: build-bootloader-tree.sh (#3844)
    Review: Looks fine + matches description
    Notes: Tidies up the build-bootloader-tree.sh script by renaming some variables, adding punctuation, and extracting the cleanup logic into a function.

Documentation:

  • f906ca2c2 Execution,Interface(EXC): Switch error link to HTTPS (#3895)
    Review: Looks fine + matches description
    Notes: Updates a link to the IC website to use https rather than http.

Proposal 135302

Vote: Adopt
Reason: This proposal only contains a single additional commit which disables the new best-effort calls feature. This is done as a precaution in case there is an issue with the feature and it needs to quickly be disabled.
I have been unable to successfully run the build verification script but given that others have done so I have opted to go ahead with approving this proposal.

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron’s Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

3 Likes
4

Proposal 135301 - Ipsita | ZenithCode

Summary

  1. Vote: Adopt
  2. Hash: Not able to build successfully
  3. Reason to Adopt The release notes match the commits and the code changes. Not able to build successfully.

Update: Adopting this proposal even thought not able to build successfully since other engineers from CodeGov team were able to build successfully.

135301
1353012318×714 87.6 KB

Commits ### Features

  • df5828f5b
    Summary: Roll out best-effort calls to the first few subnets
    Notes: Enables best_effort_responses feature flag to which sets deadline on the calls being constructed and allows best effort requests to be routed in subnet only. This PR also reduces the subnet_message_memory_capacity from 25 GB to 15GB.
    Review: Code changes match the commit message.

  • 0ff90c220
    Summary: Create local transcripts for Vetkeys
    Notes: Adds functionality to generate local NiDkg transcripts for vetkeys in the DKG component.
    Review: Code changes match the commit message.

  • 09b5bac97
    Summary: Implement the VetKd payload builder and validator
    Notes: Implements VetKdPayloadBuilderImpl struct which have several functions such as get_enabled_keys_and_expiry, get_vetkd_payload_impl , validate_vetkd_payload_impl and validate_vetkd_agreement. Todo work for next PR is writting unit test cases, adding metrics and logs, call crypto endpoints.
    Review: Code changes match the commit message.

  • 1eedff6ff
    Summary: Call crypto in the VetKd client
    Notes: This PR now calls the new VetKd protocol endpoint in crypto component also updates the unit test cases accordingly.
    Review: Code changes match the commit message.

  • b24f181ad
    Summary: ramp up the socks proxy from registry to 10%
    Notes: Updates REGISTRY_SOCKS_PROXY_DARK_LAUNCH_PERCENTAGE from 0 to 10 so that 10% of the total requests are not sent using socks proxy.
    Review: Code changes match the commit message.

  • 17e911e1f
    Summary: Add rand feature to ic-ed25519
    Notes: wasm32-unknown-unknown target used by canisters had an issue which is resolved by using the library without pulling in dependency on getrandom.
    Review: Code changes match the commit message.

  • 19bf527a9
    Summary: Increase Wasm64 heap size to 6 GiB
    Notes: This PR simply increase the MAX_WASM64_MEMORY_IN_BYTES from 4GB to 6GB
    Review: Code changes match the commit message.

  • 070656f25
    Summary: Basic metrics for best-effort calls
    Notes: Adds execution_queues_best_effort_message_bytes metric to track the best effort memory pool size.
    Review: Code changes match the commit message.

  • 5a9304032
    Summary: restrict vetKD encryption public key size in mgmt canister types to 48 bytes
    Notes: Updates encryption_public_key in VetKdDeriveEncryptedKeyArgs struct from Vec<u8> to [u8; 48]. This update rejects all the keys which have a size larger than 48 bytes, earlier these invalid keys would have gone to the crypto component and the crypto vault where they were rejected.
    Review: Code changes match the commit message.

  • 513258aa0
    Summary: Support incremental rollout of best-effort calls
    Notes: Replaces the best effort feature flag to an enum to have more control when enabling best effort calls such as now we can only enable it for select subnets, system subnets or fully enable it.
    Review: Code changes match the commit message.

  • 39f6eec55
    Summary: Use both guaranteed and best-effort calls in all XNet tests
    Notes: Updates xnet_test_canister calls to use both guaranteed response and best-effort calls.
    Review: Code changes match the commit message.

  • 6c5d1942f
    Summary: Asynchronously mark checkpoint readonly and sync
    Notes: marks checpointing read only async also move this logic from scratchpad_to_checkpoint to ValidateReplicatedStateAndFinalize.
    Review: Code changes match the commit message.

Bugfixes

  • f17589cf2
    Summary: bitcoin adapter: don’t retry aggressively
    Notes: Modify’s bitcoin adapter to fetch new blocks instead of retrying blocks that failed.
    Review: Code changes match the commit message.

  • d2ec812ef
    Summary: prune blocks if response empty
    Notes: we only used to purne the blocks if they were either processed or below the anchor height. We now also purne the blocks if the response contains no blocks.
    Review: Code changes match the commit message.

  • c8436757c
    Summary: open port 22 between replica nodes
    Notes: Adds port 22 to tcp_ports_for_node_whitelist.
    Review: Code changes match the commit message.

  • 9fd33fc11
    Summary: revert Run hook after CanisterWasmMemoryLimitExceeded error is fixed
    Notes: Reverts #3631
    Review: Code changes match the commit message.

  • 00be225f3
    Summary: Add ahci to HostOS initramfs to fix gen1 spms
    Notes: Adds ahci to host os to fix a Gen1 nodes issue.
    Review: Code changes match the commit message.

Chores

  • 8ee65b22e
    Summary: Remove deprecated TaggedNiDkgTranscript proto
    Notes: Removes old deprecated TaggedNiDkgTranscript proto definitions.
    Review: Code changes match the commit message.

  • 47b1aa1e2
    Summary: make some some functions/structs/traits private to the ic_artifact_manager crate
    Notes: Makes certain functions, structs and traits in ic_artifact_manager private.
    Review: Code changes match the commit message.

  • 70ce01763
    Summary: Upgrade Wasmtime 29
    Notes: upgrades wasmtime version from 28.0.0 to 29.0.1.
    Review: Code changes match the commit message.

  • 70ce01763
    Summary: remove obsolete allowed_viewers_feature flag
    Notes: removes allowed_viewers_feature feature flag since it was enabled in production environment.
    Review: Code changes match the commit message.

  • 63c193c59
    Summary: Adjust metric to track whether message is executed on Wasm32 or Wasm64 canisters
    Notes: Updates the sandboxed_execution_executed_message_slices_total metric to track if the message was executed on wasm32 canister or wasm64 canister.
    Review: Code changes match the commit message.

  • 527f4adf9
    Summary: Quotation in error messages
    Notes: Updates error log messages to improve readability.
    Review: Code changes match the commit message.

  • 5506c7c41
    Summary: Make ic-management-canister-types private
    Notes: Updates the name and makes ic-management-canister-types private ic-management-canister-types-private. This PR had no functional change.
    Review: Code changes match the commit message.

  • 97bcf0945
    Summary: Move ic-crypto-secp256k1 to packages
    Notes: Renames ic-crypto-secp256k1 package to ic-secp256k1 and moves it to the ic/packages directory.
    Review: Code changes match the commit message.

  • 03cd1a68f
    Summary: improve check-network.sh failure logs
    Notes: Adds more details to the logs if check-network.sh script fails.
    Review: Code changes match the commit message.

  • 0329e9f1f
    Summary: Update Base Image Refs [2025-02-08-0145]
    Notes: Updates the base ic-os container image references.
    Review: Code changes match the commit message.

  • 5ea5e0928
    Summary: systemd tidying-up
    Notes: Updates comments of systemd services.
    Review: Code changes match the commit message.

  • 639657530
    Summary: export cpu microcode metrics
    Notes: Adds a new custom-metrics service and exports CPU node as metric.
    Review: Code changes match the commit message.

  • c29f4632b
    Summary: remove unnecessary metrics_tool security settings
    Notes: removes metrics_tool settings which are no longer used.
    Review: Code changes match the commit message.

  • 9bf488d5c
    Summary: update mount settings
    Notes: Updates how services are mounted by using RequiresMountsFor instead of requires and after.
    Review: Code changes match the commit message.

  • 0ba0edf44
    Summary: move metrics services to run before node_exporter
    Notes: Runs metric service before node_exporter.
    Review: Code changes match the commit message.

  • 86473052e
    Summary: Update Base Image Refs [2025-02-06-0807]
    Notes: Updates the base ic-os container image references.
    Review: Code changes match the commit message.

  • 7ed4c13ba
    Summary: push checksum logic to Bazel
    Notes: Code refactoring in build-ic.sh script by mainly moving checksum rule to BUILD.bazel
    Review: Code changes match the commit message.

Refactoring

  • 63e785cd0
    Summary: Use saturating arithmetics when evaluating hook conditions
    Notes: uses saturating_sub helper method instead of subtracting manually.
    Review: Code changes match the commit message.

  • e8d8808a2
    Summary: Add is_best_effort() for Request
    Notes: Adds best effort to requests by calling them req.is_best_effort() instead of req.deadline != NO_DEADLINE.
    Review: Code changes match the commit message.

  • 289a67f1a
    Summary: build-bootloader-tree.sh
    Notes: Code refactoring in build-bootloader-tree.sh by moving cleanup logic to a helper function, renaming variables etc.
    Review: Code changes match the commit message.

Documentation

  • f906ca2c2
    Summary: Switch error link to HTTPS
    Notes: Minor update to move error link from http to https.
    Review: Code changes match the commit message.

Proposal 135302

Summary

  1. Vote: Adopt
  2. Hash: Not able to build successfully
  3. Reason to Adopt The release notes match the commits and the code changes. Not able to build successfully.

Update: Adopting this proposal even thought not able to build successfully since other engineers from CodeGov team were able to build successfully.

135302
1353022314×638 79.5 KB

Commits

Other changes

  • d781ef0aa
    Summary: Revert “feat(MR): Roll out best-effort calls to the first few subnets”
    Notes: This reverts commit df5828f
    Review: Code changes match the commit message.

PS: I am not able to build successfully, waiting to see what the team decides to do here. :thinking:

2 Likes
5

proposal - 135301 – Cyberowl | CodeGov

v1
v11260×835 137 KB

Vote: ADOPT

Reason:

All commits match their description and no errors were found. The verification build hash also matches release_package_sha256_hex.

Hash Match: MATCH

2 Urls: MATCH

Feedback: NONE

Proposer Check: MATCH

Overall Summary:

The MAX_WASM64_MEMORY_IN_BYTES constant is increased from 4 GiB to 6 GiB, expanding the allowed memory for wasm64 canisters.
New types and functionality for management canister types include extended DKG tag support and helper functions for extracting vet key IDs and iterating over relevant tags.

One potential concern could be around changing the encryption public key to a fixed 48-byte array may introduce compatibility issues, requiring updates to dependent components.

Commits Summary

df5828f5b
Why was this commit reverted?

0ff90c220
New types and functionality related to management canister types. Support an extended set of DKG tags. Helper functions to extract vet key IDs and iterate over all relevant tags.

09b5bac97
Why was this commit reverted?

1eedff6ff
Replace the old helper function
fake_master_public_key_ids_for_all_algorithms()
with the more specific
fake_master_public_key_ids_for_all_idkg_algorithms(). Changes in the signer, pre-signatures, and signature builders now include branches to handle VetKD shares appropriately.

b24f181ad
New counter vector named socks_proxy_dl_requests is added. System now logs certain outcomes at the info level. The dark launch feature now has a nonzero chance (10% of requests) to be used. Something to follow up on the success of this feature.

17e911e1f
A default feature that enables “rand”. Updates package so that the use of the rand crate is optional and only enabled when the “rand” feature is selected.

19bf527a9
The constant MAX_WASM64_MEMORY_IN_BYTES is increased from 4 GiB to 6 GiB. This change increases the allowed memory for wasm64 canisters. This is an exciting feature, we are slowly increasing the size of canisters.

070656f25
Add new labels and metrics to distinguish between different “classes” of requests (for example, best‐effort versus guaranteed responses).

5a9304032
Encryption public key is now fixed to a 48‐byte array rather than a variable-length vector of 32 bytes. I guess rejection (e.g. close to 2 MB) are immediately rejected by the management upstream is better than downstream.

513258aa0
In several places (e.g. in wasmtime_embedder.rs, system_api.rs), the configuration is now passed as a whole rather than extracting individual flags. Migrates the best‐effort responses feature from a simple on/off FlagStatus into a multi‑stage rollout using the BestEffortResponsesFeature enum.

39f6eec55
xnet and message routing tests use the new fields for payload sizes and call timeouts, allowing simulation of both guaranteed response and best‑effort calls. secp256k1 is changed from 0.29.1 to 0.29.0. Not sure why secp256k1 was reverted.

6c5d1942f
First create an unverified checkpoint marker in the scratchpad and then call the internal function that moves (or renames) the scratchpad directory to the checkpoint directory. Separate “finalize” step that both synchronizes (marks files read‑only and syncs) and then removes the unverified marker.

Bugfixes:
f17589cf2
Improves how blockchain manager schedules getdata requests by using a round-robin scheme for peer selection, using proper Duration comparisons for timeouts, and cleaning up timed‐out requests to avoid stalling.

d2ec812ef
If nothing is found in the cache (blocks is empty) and the cache is full, then all blocks become candidates for pruning. Block cache is considered full if its size exceeds 10 MB.

c8436757c
Matches open port 22 between replica nodes

9fd33fc11
execute_call_or_task function, the mutable binding for the canister is changed from mutable to immutable. removes special-case handling for the “OnLowWasmMemory” task in the execution path

00be225f3
Matches Add ahci to HostOS initramfs to fix gen1 spms.

Chores:
8ee65b22e
deprecated “tagged” transcript fields from the DKG summary messages

47b1aa1e2
Matches description make some some functions/structs/traits private to the ic_artifact_manager crate

70ce01763
Matches description Upgrade Wasmtime 29

af74d26ea
Matches description remove obsolete allowed_viewers_feature flag

63c193c59
New metric dimension to distinguish between wasm32 and wasm64.

527f4adf9
Refines error message formatting for canister traps

5506c7c41
renames the dependency from ic-management-canister-types to ic-management-canister-types-private across the entire codebase.

97bcf0945
secp256k1 package was relocated and renamed.

03cd1a68f
Matches description improve check-network.sh failure logs.

0329e9f1f
Update base image refs.

5ea5e0928
Remove obsolete or redundant notification settings. Simplify start limit settings.

639657530
Collect and export HostOS metrics for CPU microcode. Matches description.

c29f4632b
Matches description remove unnecessary metrics_tool security settings .

9bf488d5c
Matches description update mount settings

0ba0edf44
Matches description move metrics services to run before node_exporter

86473052e
Update base image refs.

7ed4c13ba
Bazel configuration now uses a “common” flag alias syntax.
The CI build script has been restructured for better safety, improved logging, cleaner error checking.

Refactoring:
63e785cd0
Adds the num-traits crate as a dependency.
In task_queue.rs, arithmetic that computes memory usage and available memory is updated to use the saturating_sub method.

e8d8808a2
Helper method is_best_effort() on the Request type.

289a67f1a
Unified cleanup function is added and installed via a trap to ensure that temporary resources are properly cleaned up on exit.

Documentation:
f906ca2c2
Matches description Switch error link to HTTPS

proposal - 135302 – Cyberowl | CodeGov

v2
v21260×835 133 KB

Vote: ADOPT

Reason:

One commit to revert "feat: roll out best-effort calls to the first few subnets. Commit matches description and no errors were found. The verification build hash also matches release_package_sha256_hex.

Hash Match: MATCH

2 Urls: MATCH

Feedback: NONE

Proposer Check: MATCH

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron’s Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

2 Likes
6

Proposal: 135301 | Manvick - ZenithCode

Summary:

  1. Build Hash: Unable to build locally.
    a. Even when using repro-check.sh file from an older commit getting the error while building attached in screenshot.
    b. With the latest build command mentioned in the proposal we see some script errors. Attached screenshot. This however has been a long pending issue.

  2. Summary: The release notes matches the code changes

  3. Vote: YES. Keeping the vote to pending now, as I was not able to build locally, however code changes matches release notes.
    UPDATE: Since other dev were able to build it changing the vote to YES.

Unable to build the current build even with a previous commit’s repro-check.sh file ( which usually works for previous submitted proposals ).

image
image1274×497 25.9 KB

Issues with build command mentioned in the proposal

image
image673×156 6.35 KB

Detailed Review:

Commits

Features:

  • df5828f5b Consensus,Execution,Interface(MR): Roll out best-effort calls to the first few subnets (#3816)
    Notes: BestEffortResponsesFeature is now enabled for three subnets to allow ic0_call_with_best_effort_response() API call on these subnets. Also default subnet_message_memory_capacity is reduced to 15GB from 25gb to make space for best-effort messages and certain callbacks.
    Review: Code changes look good and match release notes.
  • 0ff90c220 Consensus,Interface: Create local transcripts for Vetkeys (#3387)
    Notes: Changes have been made to dkg package’s payload_builder and utils and some tests are updated to create local transcripts for vetkeys. Changes have been done to get all key ids from ChainKeyCOnfig and tags_iter function has been introduced to iterate over high / low threshold as well as all key ids.
    Review: Code changes look good and match release notes.
  • 09b5bac97 Consensus,Interface: Implement the VetKd payload builder and validator (#3613)
    Notes: This PR implements vetkey payload builder and validator by introducing struct VetKdPayloadBuilderImpl in vetkey lib.rs and implementing it. Functions like get_enabled_keys_and_expiry(), get_vetkd_payload_impl(), validate_vetkd_agreement() and validate_vetkd_payload_impl() are defined to support the implementation.
    Review: Code changes look good and match release notes.
  • 1eedff6ff Consensus,Interface: Call crypto in the VetKd client (#3745)
    Notes: Since the vetkeyd crypto implementation is done, in this PR vetkd client is updated to create and verify vetkey shares by using VetKdProtocol in ThresholdSigInputs.
    Review: Code changes look good and match release notes.
  • b24f181ad Consensus,Interface: ramp up the socks proxy from registry to 10% (#3824)
    Notes: REGISTRY_SOCKS_PROXY_DARK_LAUNCH_PERCENTAGE has been updated to 10% from 0% to test api boundary nodes for SOCKS proxy dark launch in production, enabling 10% of all the requests being sent via socks proxy.
    Review: Code changes look good and match release notes.
  • 17e911e1f Crypto: Add rand feature to ic-ed25519 (#3888)
    Notes: There were problems with wasm32-unknown-unknown target which is now resolved by using the library, rather than pulling a dependency on getRandom.
    Review: Code changes look good and match release notes.
  • 19bf527a9 Execution,Interface: Increase Wasm64 heap size to 6 GiB (#3748)
    Notes: A simple change to increase wasm64 heapsize to 6GB, by updating constant MAX_WASM64_MEMORY_IN_BYTES.
    Review: Code changes look good and match release notes.
  • 070656f25 Execution,Interface(MR): Basic metrics for best-effort calls (#3858)
    Notes: A new metric execution_queues_best_effort_message_bytes has been added to measure usage of best-effort message pool. Also adds label for best effort and guaranteed response.
    Review: Code changes look good and match release notes.
  • 5a9304032 Execution,Interface(crypto): restrict vetKD encryption public key size in mgmt canister types to 48 bytes (#3749)
    Notes: A simple change to make encryption_public_key of type [u8; 48], rather than Vec to follow the interface specification. This change also helps in earlier detection of invalid requests.
    Review: Code changes look good and match release notes.
  • 513258aa0 Execution,Interface(MR): Support incremental rollout of best-effort calls (#3688)
    Notes: BestEffortResponsesFeature enum is defined and implemented to have more control on enabling / disabling best-effort calls in specific subnets.
    Review: Code changes look good and match release notes.
  • 39f6eec55 Interface,Message Routing(MR): Use both guaranteed and best-effort calls in all XNet tests (#3582)
    Notes: XNet tests are updated at various places to use both best-effort and guaranteed calls.
    Review: Code changes look good and match release notes.
  • 6c5d1942f Interface,Message Routing: Asynchronously mark checkpoint readonly and sync (#3682)
    Notes: In function mark_checkpoint_files_readonly calls to function sync_and_mark_files_readonly is now replaced with a newly defined function mark_files_readonly_and_sync to do it in async manner which is more efficient.
    Review: Code changes look good and match release notes.

Bugfixes:

  • f17589cf2 Consensus,Interface: bitcoin adapter: don’t retry aggressively (#3774)
    Notes: Bitcoin adapter is updated to focus more on getting new blocks rather than aggressively retrying for failed blocks. Constant GETDATA_REQUEST_TIMEOUT_SECS has been changed to GETDATA_REQUEST_TIMEOUT of type Duration.
    Review: Code changes look good and match release notes.
  • d2ec812ef Consensus,Interface: bitcoin adapter: prune blocks if response empty (#3775)
    Notes: Before, blocks were pruned only if processed by the canister or below the anchor. Now, blocks are also pruned if no blocks are found in the response, ensuring unreachable blocks are discarded and preventing cache overflow.
    Review: Code changes look good and match release notes.
  • c8436757c Consensus,Interface,Node: open port 22 between replica nodes (#3819)
    Notes: Port 22 is now also opened between replica nodes in addition to previously just [2497, 4100, 8080] by updating variable tcp_ports_for_node_whitelist.
    Review: Code changes look good and match release notes.
  • 9fd33fc11 Execution,Interface: revert Run hook after CanisterWasmMemoryLimitExceeded error is fixed (#3850)
    Notes: A simple revert for previous changes related to CanisterWasmMemoryLimitExceeded hook.
    Review: Code changes look good and match release notes.
  • 00be225f3 Node: Add ahci to HostOS initramfs to fix gen1 spms (#3894)
    Notes: Adds ahci support to hostos to fix a gen1 issue by updating file ic-os/components/early-boot/initramfs-tools/hostos/modules.
    Review: Code changes look good and match release notes.

Chores:

  • 8ee65b22e Consensus,Interface: Remove deprecated TaggedNiDkgTranscript proto (#3701)
    Notes: Proto TaggedNiDkgTranscript has been removed since it was deprecated and its ids 5 and 6 are now marked reserved.
    Review: Code changes look good and match release notes.
  • 47b1aa1e2 Consensus,Interface(p2p): make some some functions/structs/traits private to the ic_artifact_manager crate (#3823)
    Notes: Some functions / traits / and structs are now marked private in artifact_manager by removing pub keyword. Also updates the test for the accommodate change.
    Review: Code changes look good and match release notes.
  • 70ce01763 Execution,Interface: Upgrade Wasmtime 29 (#3622)
    Notes: Wasmtime has been upgraded from 28.0.0 to 29.0.1 with some minor bumps to other dependencies.
    Review: Code changes look good and match release notes.
  • af74d26ea Execution,Interface: remove obsolete allowed_viewers_feature flag (#3900)
    Notes: Unused feature flag allowed_viewers_feature is now completely removed.
    Review: Code changes look good and match release notes.
  • 63c193c59 Execution,Interface: Adjust metric to track whether message is executed on Wasm32 or Wasm64 canisters (#3746)
    Notes: sandboxed_execution_executed_message_slices_total metric is now updated to include wasm_execution_mode to measure where the messages are executed. Also updates relevant tests.
    Review: Code changes look good and match release notes.
  • 527f4adf9 Execution,Interface: Quotation in error messages (#3828)
    Notes: Minor change to logs by adding punctuation for better readability.
    Review: Code changes look good and match release notes.
  • 5506c7c41 Interface: Make ic-management-canister-types private (#3814)
    Notes: ic-management-canister-types is now renamed to ic-management-canister-types-private all over the codebase to allow the usage of public crate in the future. In this PR, its just a name change so does not affect any functionality.
    Review: Code changes look good and match release notes.
  • 97bcf0945 Interface(crypto): Move ic-crypto-secp256k1 to packages (#3784)
    Notes: ic-crypto-secp256k1 is now moved to package folder and renamed to ic-secp256k1.
    Review: Code changes look good and match release notes.
  • 03cd1a68f Node: improve check-network.sh failure logs (#3907)
    Notes: check-network.sh file is now improved and has better logs.
    Review: Code changes look good and match release notes.
  • 0329e9f1f Node: Update Base Image Refs [2025-02-08-0145] (#3875)
    Notes: ic-os base image references has been updated.
    Review: Code changes look good and match release notes.
  • 5ea5e0928 Node: systemd tidying-up (#3699)
    Notes: systemd has been updated with some minor comment change and removes some unwanted code.
    Review: Code changes look good and match release notes.
  • 639657530 Node: export cpu microcode metrics (#3787)
    Notes: Exposes a new metric node_cpu_microcode by adding a custom metric service.sh and service.
    Review: Code changes look good and match release notes.
  • c29f4632b Node: remove unnecessary metrics_tool security settings (#3797)
    Notes: A lot of settings has been removed from metric_tool.service.
    Review: Code changes look good and match release notes.
  • 9bf488d5c Node: update mount settings (#3798)
    Notes: Services are updated now to use RequiresMountsFor instead of Requires and After.
    Review: Code changes look good and match release notes.
  • 0ba0edf44 Node: move metrics services to run before node_exporter (#3678)
    Notes: Changes made at various places to make sure metrics service runs before node-exporter.service
    Review: Code changes look good and match release notes.
  • 86473052e Node: Update Base Image Refs [2025-02-06-0807] (#3813)
    Notes: ic-os base image references are updated.
    Review: Code changes look good and match release notes.
  • 7ed4c13ba Node(IDX): push checksum logic to Bazel (#3752)
    Notes: compute_checksums has now been added to BUILD.bazel for better usability and updates build-ic.sh
    Review: Code changes look good and match release notes.

Refactoring:

  • 63e785cd0 Execution,Interface,Message Routing: Use saturating arithmetics when evaluating hook conditions (#3879)
    Notes: saturating_sub is now used rather thana regular minus operation while subtracting memory_usage_without_wasm_memory from memory_allocation.
    Review: Code changes look good and match release notes.
  • e8d8808a2 Interface: Add is_best_effort() for Request (#3892)
    Notes: is_best_effort() helper function is now added to Request in addition to Response and RequestOrResponse.
    Review: Code changes look good and match release notes.
  • 289a67f1a Node: build-bootloader-tree.sh (#3844)
    Notes: some refactoring has been done to build-bootloader.sh by removing some traps , adding punctuation and consolidating some code in cleanup() function.
    Review: Code changes look good and match release notes.

Documentation:

  • f906ca2c2 Execution,Interface(EXC): Switch error link to HTTPS (#3895)
    Notes: Updates a link to internetcomputer.org to use https rather than http.
    Review: Code changes look good and match release notes.

Proposal: 135302 | Manvick - ZenithCode

Summary:

  1. Build Hash: Unable to build locally.
    a. Even when using repro-check.sh file from an older commit getting the error while building attached in screenshot.

  2. Summary: The release notes matches the code changes

  3. Vote: YES .Keeping the vote to pending now, as I was not able to build locally, however code changes matches release notes.

    image
    image1267×495 25.6 KB

    UPDATE: Since other dev were able to build it changing the vote to YES.

Detailed Review:

Commits

Other changes:

  • d781ef0aa Consensus,Execution,Interface: Revert “feat(MR): Roll out best-effort calls to the first few subnets (#3816)”
    Notes: Its a simple revert of “Roll out best-effort calls to the first few subnets”, in case there are some errors in production upon deployment to specific subnets.
    Review: Code changes look good and match release notes.
1 Like
7

@hpeebles, @zenithcode, @ipsita many thanks for your reviews! Can you confirm you aren’t attempting to build from inside the dev container? The verification script should start it automatically.

i.e.

1. cd ic
2. git pull
3. verification script

Thank you!

2 Likes
8

Proposal #135301 — Zack | CodeGov

for release-2025-02-13_03-06-base.

Vote: Adopted.
Reason: Builds fine and the hash matches for GUESTOS, HOSTOS and SETUPOS.

Screenshot 2025-02-15 181518
Screenshot 2025-02-15 1815181874×832 53.9 KB

Proposal #135302 — Zack | CodeGov

for release-2025-02-13_03-06-disable-best-effort-messaging.

Vote: Adopted.
Reason: Builds fine and the hash matches for GUESTOS, HOSTOS and SETUPOS.

Screenshot 2025-02-15 183130
Screenshot 2025-02-15 1831301868×846 53.7 KB

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron’s Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

1 Like
9

Proposal 135301 – Zane | CodeGov

Vote: ADOPT
Reason: Build completes successfully, both hashes and reviewed commits match their descriptions.

135301
1353011900×468 101 KB

Features:

df5828f5b Enabled best-effort calls on 3 subnets and reduced SUBNET_GUARANTEED_RESPONSE_MESSAGE_MEMORY_CAPACITY from 25 GiB to 15GiB.

19bf527a9 Increased MAX_WASM64_MEMORY_IN_BYTES to 6GiB. Updated embedders test to use wasm64 wasm limit instead of the 32 bit one and modified install_code_fails_on_invalid_memory_allocation test to use the correct max memory allocation value by importing the related constant instead of computing it.

070656f25 Added labels to CallTreeMetrics to distinguish between the different types of calls, i.e best effort and guaranteed. Split the count field of RequestMetadataStats into best_effort_request_count and guaranteed_response_request_count so that they can be used to observe call tree related metrics between message class.
Added queues_best_effort_message_bytes to SchedulerMetrics, which is used to track the size of best effort messages in the canister queues.

5a9304032 In VetKdDeriveEncryptedKeyArgs changed encryption_public_key field’s type from Vec<u8> to a fixed size array of 48 bytes, this was done cause the interface specification requires the key to be exactly 48 bytes long, by enforcing this early, invalid requests can be immediately rejected by the management canister.

513258aa0 Reworked best_effort_responses feature flag to allow more granularity in how the feature is rolled out. Instead of a boolean value, BestEffortResponsesFeature enum has been defined, which has three variants: SpecificSubnets, ApplicationSubnetsOnly and Enabled. This allows to gradually rollout support for the new message model, starting from a list of subnets, then all subnets except system ones and finally enabling it for the entire network. Modified ic0_call_with_best_effort_response system api so that it no-ops if the best effort response are not enabled on the subnet. In build_streams_impl collect all best effort requests to unsupported subnets in a vector and reject them with DestinationInvalid reject code.

39f6eec55 Reworked XNet tests to use a mix of guaranteed and best effort calls

6c5d1942f Removed sync_and_mark_files_readonly call from scratchpad_to_checkpoint and moved it to validate_and_finalize_checkpoint_and_remove_unverified_marker so that it happens asynchronously in the tip thread after state validation.

Bugfixes:

9fd33fc11 Reverts 773b035f2, while keeping structural changes to CanisterCallOrTask from b7a0b3d3b.

Chores:

8ee65b22e Delete deprecated TaggedNiDkgTranscript protobuf files alongside relative Rust definition and conversion logic. Reserved proto ids used by current_transcripts_deprecated and next_transcripts_deprecated to to prevent accidental reuse.

47b1aa1e2 Changed visibility of some functions/structs/traits to private in the ic_artifact_manager crate and modified start_test_processor method to replace call to run_artifact_processor, which is now private, with create_artifact_handler.

70ce01763 Bumped Wasmtime from v28 to v29.

af74d26ea Deleted allowed_viewers_feature flag and its related checks as it is no longer needed.

63c193c59 Modified sandboxed_execution_executed_message_slices to also track wasm execution mode with a dedicated label.

527f4adf9 Improved readability for CalledTrap type errors.

5506c7c41 Renamed ic-management-canister-types from rs/types/management_canister_types and related imports to ic-management-canister-types-private.

86473052e Updated ICOS image refs.

Refactoring:

63e785cd0 In is_low_wasm_memory_hook_condition_satisfied use saturating_sub instead of normal subtraction.

e8d8808a2 Added is_best_effort helper method to Request and use it in apply_changes.

Documentation:

f906ca2c2 Same as description.

Proposal 135302 – Zane | CodeGov

Vote: ADOPT
Reason: Build completes successfully and hashes match. Proposed changes are the same as 135301 but with commit df5828f reverted in case the subents where the new message model is enabled start experiencing issues.

135302
1353021894×460 100 KB

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron’s Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

1 Like
10

Proposal 135301 | Yuvika - ZenithCode

Summary

  1. Vote: Adopt.
  2. Hash: Unable to build due to script errors.
  3. Reasons to adopt: Pending.

build-135301
build-1353011592×1204 260 KB

Commits

Features:

  • df5828f5b
    Summary: Roll out best-effort calls to the first few subnets.
    Notes: Enable the best_effort_responses feature flag, adding deadlines to calls for subnet-only routing of best-effort requests, and reduces subnet_message_memory_capacity from 25GB to 15GB.
    Review: The description matches the code changes.

  • 0ff90c220
    Summary: Create local transcripts for Vetkeys.
    Notes: Enable the DKG component to generate local NiDkg transcripts for vetkeys.
    Review: The description matches the code changes.

  • 09b5bac97
    Summary: Implement the VetKd payload builder and validator.
    Notes: Introduce the VetKdPayloadBuilderImpl struct with functions for managing and validating VetKD payloads and agreements, with unit tests, metrics, logging, and crypto endpoint integration planned for a future PR.
    Review: The description matches the code changes.

  • 1eedff6ff
    Summary: Call crypto in the VetKd client.
    Notes: Integrate the new VetKd protocol endpoint in the crypto component and updates its corresponding unit tests.
    Review: The description matches the code changes.

  • b24f181ad
    Summary: ramp up the socks proxy from registry to 10%.
    Notes: Change REGISTRY_SOCKS_PROXY_DARK_LAUNCH_PERCENTAGE to 10, meaning 10% of requests will bypass the SOCKS proxy.
    Review: The description matches the code changes.

  • 17e911e1f
    Summary: Add rand feature to ic-ed25519.
    Notes: Fix an issue with the wasm32-unknown-unknown target used by canisters by updating the library to avoid a dependency on getrandom.
    Review: The description matches the code changes.

  • 19bf527a9
    Summary: Increase Wasm64 heap size to 6 GiB.
    Notes: Increase the maximum allowed WASM64 memory from 4GB to 6GB.
    Review: The description matches the code changes.

  • 070656f25
    Summary: Basic metrics for best-effort calls.
    Notes: Introduce the execution_queues_best_effort_message_bytes metric to monitor the size of the best-effort memory pool used by execution queues.
    Review: The description matches the code changes.

  • 5a9304032
    Summary: restrict vetKD encryption public key size in mgmt canister types to 48 bytes.
    Notes: Change the encryption_public_key field in VetKdDeriveEncryptedKeyArgs from Vec to [u8; 48], a fixed-size array of 48 bytes, preventing keys larger than this from being passed to the crypto component and causing rejections there.
    Review: The description matches the code changes.

  • 513258aa0
    Summary: Support incremental rollout of best-effort calls.
    Notes: Replace the boolean “best effort” feature flag with an enum, allowing finer-grained control over enabling best-effort calls, such as for specific subnets, system subnets, or all subnets.
    Review: The description matches the code changes.

  • 39f6eec55
    Summary: Use both guaranteed and best-effort calls in all XNet tests.
    Notes: Modify xnet_test_canister calls to utilize both guaranteed and best-effort response mechanisms.
    Review: The description matches the code changes.

  • 6c5d1942f
    Summary: Asynchronously mark checkpoint readonly and sync.
    Notes: Make checkpoint reads asynchronous and moves this logic from scratchpad_to_checkpoint to ValidateReplicatedStateAndFinalize.
    Review: The description matches the code changes.

Bugfixes:

  • f17589cf2
    Summary: bitcoin adapter: don’t retry aggressively.
    Notes: Update the Bitcoin adapter to fetch new blocks instead of repeatedly attempting to retrieve failed ones.
    Review: The description matches the code changes.

  • d2ec812ef
    Summary: prune blocks if response empty.
    Notes: Change prune blocks not only if processed or below the anchor height, but also if the response contains no blocks, improving block management.
    Review: The description matches the code changes.

  • c8436757c
    Summary: open port 22 between replica nodes.
    Notes: Add port 22 to the node whitelist’s allowed TCP ports.
    Review: The description matches the code changes.

  • 9fd33fc11
    Summary: revert Run hook after CanisterWasmMemoryLimitExceeded error is fixed.
    Notes: Revert the change #3631.
    Review: The description matches the code changes.

  • 00be225f3
    Summary: Add ahci to HostOS initramfs to fix gen1 spms.
    Notes: Add the AHCI driver to the host OS to resolve an issue affecting Gen1 nodes.
    Review: The description matches the code changes.

Chores:

  • 8ee65b22e
    Summary: Remove deprecated TaggedNiDkgTranscript proto.
    Notes: Clean up the codebase by deleting obsolete TaggedNiDkgTranscript protocol buffer definitions.
    Review: The description matches the code changes.

  • 47b1aa1e2
    Summary: make some some functions/structs/traits private to the ic_artifact_manager crate.
    Notes: Restrict access to certain functions, structs, and traits within the ic_artifact_manager by making them private.
    Review: The description matches the code changes.

  • 70ce01763
    Summary: Upgrade Wasmtime 29.
    Notes: Upgrade the Wasmtime runtime from version 28.0.0 to 29.0.1 .
    Review: The description matches the code changes.

  • af74d26ea
    Summary: remove obsolete allowed_viewers_feature flag.
    Notes: Remove the allowed_viewers_feature flag as it’s already enabled in production.
    Review: The description matches the code changes.

  • 63c193c59
    Summary: Adjust metric to track whether message is executed on Wasm32 or Wasm64 canisters.
    Notes: The sandboxed_execution_executed_message_slices_total metric is updated to distinguish between messages executed on wasm32 and wasm64 canisters.
    Review: The description matches the code changes.

  • 527f4adf9
    Summary: Quotation in error messages.
    Notes: Enhance error log readability through updated messages.
    Review: The description matches the code changes.

  • 5506c7c41
    Summary: Make ic-management-canister-types private.
    Notes: Rename ic-management-canister-types to ic-management-canister-types-private and makes it private, with no impact on functionality.
    Review: The description matches the code changes.

  • 97bcf0945
    Summary: Move ic-crypto-secp256k1 to packages.
    Notes: Rename the ic-crypto-secp256k1 package to ic-secp256k1 and relocates it to the ic/packages directory.
    Review: The description matches the code changes.

  • 03cd1a68f
    Summary: improve check-network.sh failure logs.
    Notes: Enhance logging for the check-network.sh script, providing more detailed information upon failure.
    Review: The description matches the code changes.

  • 0329e9f1f
    Summary: Update Base Image Refs [2025-02-08-0145].
    Notes: Update the base image references used for the IC OS.
    Review: The description matches the code changes.

  • 5ea5e0928
    Summary: systemd tidying-up.
    Notes: Update systemd service comments for improved clarity and documentation.
    Review: The description matches the code changes.

  • 639657530
    Summary: export cpu microcode metrics.
    Notes: Introduce a custom-metrics service and exports CPU node data as a metric.
    Review: The description matches the code changes.

  • c29f4632b
    Summary: remove unnecessary metrics_tool security settings.
    Notes: Clean up unused metrics_tool settings.
    Review: The description matches the code changes.

  • 9bf488d5c
    Summary: update mount settings.
    Notes: Update service mounting to use RequiresMountsFor instead of the less precise requires and after directives.
    Review: The description matches the code changes.

  • 0ba0edf44
    Summary: move metrics services to run before node_exporter.
    Notes: Start the metric service before the node_exporter service.
    Review: The description matches the code changes.

  • 86473052e
    Summary: Update Base Image Refs [2025-02-06-0807].
    Notes: Update the base image references used for the IC OS.
    Review: The description matches the code changes.

  • 7ed4c13ba
    Summary: push checksum logic to Bazel.
    Notes: Refactor the build-ic.sh script, primarily by migrating the checksum generation rule to BUILD.bazel.
    Review: The description matches the code changes.

Refactoring:

  • 63e785cd0
    Summary: Use saturating arithmetics when evaluating hook conditions.
    Notes: Replace manual subtraction with the saturating_sub helper method to prevent underflow.
    Review: The description matches the code changes.

  • e8d8808a2
    Summary: Add is_best_effort() for Request.
    Notes: Change uses req.is_best_effort() instead of req.deadline != NO_DEADLINE to mark requests as best-effort, improving clarity and potentially handling edge cases.
    Review: The description matches the code changes.

  • 289a67f1a
    Summary: build-bootloader-tree.sh.
    Notes: Refactor build-bootloader-tree.sh by extracting cleanup logic into a helper function and improving readability through variable renaming.
    Review: The description matches the code changes.

Documentation:

  • f906ca2c2
    Summary: Switch error link to HTTPS.
    Notes: Update an error link to use HTTPS for improved security.
    Review: The description matches the code changes.

Proposal 135302

Summary

  1. Vote: Adopt.
  2. Hash: Unable to build due to script errors.
  3. Reasons to adopt: Pending.

build-135302
build-135302883×576 22.1 KB

Commits

Other changes:

  • d781ef0aa
    Summary: Revert “feat(MR): Roll out best-effort calls to the first few subnets”.
    Notes: Revert commit df5828f.
    Review: The description matches the code changes.
11

Proposal 135301 – ilbert | CodeGov

Vote: ADOPTED.
Reason: All the reviewed commits match their description. Although I wasn’t able to reproduce the build, the other team members managed to reproduce the build successfully, so I didn’t want to block the release.

Build error:

build-2025-02-16 at 19.35.50
build-2025-02-16 at 19.35.502912×528 145 KB

Review:
For the Execution and Runtime layers, the main changes introduced in this proposal are:

  • Introduces support for best-effort calls on three specific subnets

I’ve reviewed all the commits listed in the proposal, for the Execution and Runtime layers:

df5828f5b:
Changes the default implementation of the FeatureFlags of the embedders to enable the best effort messages on three specific subnets.
Changes the SUBNET_GUARANTEED_RESPONSE_MESSAGE_MEMORY_CAPACITY constant value from 25 to 15 GiB.

19bf527a9:
Changes the MAX_WASM64_MEMORY_IN_BYTES constant value from 4 to 6 GiB.

070656f25:
Updates the observe method of the CallTreeMetricsImpl struct to label the metrics observed using the newly introduced LABEL_VALUE_GUARANTEED_RESPONSE and LABEL_VALUE_BEST_EFFORT labels.
Changes the RequestMetadataStats struct to have the best_effort_request_count and guaranteed_response_request_count fields in order to observe them with the respective labels.

5a9304032:
Changes the encryption_public_key field of the VetKdDeriveEncryptedKeyArgs to be a fixed-size array of 48 u8 instead of 32 u8 elements.

513258aa0:
Introduces the BestEffortResponsesFeature struct to track the release process of best-effort responses into 4 stages. This flag is used in the best_effort_responses field of the FeatureFlags struct of the embedders and the SystemApiImpl struct.
Changes the call_with_best_effort_response and msg_deadline Wasm linked functions to call the respective system API functions without checking for the feature flag.
Updates the ic0_call_with_best_effort_response method of the SystemApiImpl struct to call the is_enabled_on method of the best_effort_responses field and set a timeout on the request if the check is true. Otherwise, it just ignores the call without returning any error.

9fd33fc11:
Matches description.

70ce01763:
Matches description.

af74d26ea:
Matches description.

63c193c59:
Changes the observe_executed_message_slice method of the SandboxedExecutionMetrics struct to accept the wasm_execution_mode argument (which is either “wasm32” or “wasm64”) that is added as label to the sandboxed_execution_executed_message_slices metric.

527f4adf9:
Matches description.

63e785cd0:
Matches description.

f906ca2c2:
Matches description.

Proposal 135302 – ilbert | CodeGov

Vote: ADOPTED.
Reason: All the reviewed commits match their description. Although I wasn’t able to reproduce the build, the other team members managed to reproduce the build successfully, so I didn’t want to block the release.

Build error:

build-2025-02-16 at 19.40.42
build-2025-02-16 at 19.40.422912×528 145 KB

Review:
This release is the same as the one in 135301 with the addition of the commit d781ef0aa, which matches its description.

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron’s Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

2 Likes
12

Hi @alexu,
We use the command mentioned on the proposal to build it

# From https://github.com/dfinity/ic#verifying-releases
sudo apt-get install -y curl && curl --proto '=https' --tlsv1.2 -sSLO https://raw.githubusercontent.com/dfinity/ic/d781ef0aa1ada11964394bd9269675ebe84a7b86/ci/tools/repro-check.sh && chmod +x repro-check.sh && ./repro-check.sh -c d781ef0aa1ada11964394bd9269675ebe84a7b86 --guestos

image
image1170×439 34.4 KB

1 Like
13

I got a similar error, and this was just from running the verification script from within the repo as usual.

Screenshot 2025-02-17 101454
Screenshot 2025-02-17 1014541341×304 19.1 KB

@nmattia @basvandijk @marko @sat
Is it possible that this has resulted from one of the recent changes to ic/ci?

3 Likes
14

Proposal 135301 | Tim - CodeGov

Vote: Adopt

Reason: Commits match descriptions and the reasoning behind the changes is sound. I was unable to reproduce the build successfully, as per the error that I’ve shown above, but have voted to adopt as other reviewers have managed to build the replica and verify that hashes match.

I’ve selectively reviewed Consensus, Crypto and Interface commits as detailed below.

Review

Features:

[df5828f5b]
Specifies the first 3 subnets for which best-effort calls will apply. Decreases SUBNET_GUARANTEED_RESPONSE_MESSAGE_MEMORY_CAPACITY from 25 GiB to 15 GiB.

[0ff90c220]
Changes to create local transcripts for Vetkeys. Adds functions vetkd_key_ids_for_subnet and tags_iter. Adds chain_key_initializations to CatchUpPackageContents within the returned values of insert_initial_dkg_transcript.

[09b5bac97]
Adds new directory with logic to implement the VetKd payload builder and validator, as described in detail in the commit notes.

[1eedff6ff]
Modifications to idkg/pre_signer.rs to use the endpoints from the new VetKdProtocol crypto implementation to create and verify encrypted key shares. Also re-specifies fake_master_public_key_ids_for_all_algorithms as fake_master_public_key_ids_for_all_idkg_algorithms for several tests.

[b24f181ad]
Changes const REGISTRY_SOCKS_PROXY_DARK_LAUNCH_PERCENTAGE from 0 to 10, so as to specify the probability of using API boundary node addresses for the SOCKS proxy dark launch at 10%, and adds metrics to track this.

[17e911e1f]
Adds rand feature to ic-ed25519 and makes it optional.

[39f6eec55]
Splits payload_size_bytes into request_payload_size_bytes, call_timeouts_seconds and response_payload_size_bytes in order to allow a mix of guaranteed response and best-effort calls in several XNet tests. Also version updates for various packages.

[6c5d1942f]
Renames sync_and_mark_files_readonly function to mark_files_readonly_and_sync and removes logging. Adds function promote_scratchpad_to_unverified_checkpoint and modifies function scratchpad_to_checkpoint to create an unverified marker in the scratchpad and to check that the scratchpad does indeed have an unverified marker before transitioning it to a checkpoint.

Bugfixes:

[f17589cf2]
Changes get_next_block_hash_to_sync in the bitcoin adaptor such that new blocks in the sync queue are prioritised over blocks in the retry queue, so as to avoid creating multiple forks.

[d2ec812ef]
Adapts get_successors in the bitcoin adaptor so that if the response is empty then all blocks in the cache are marked for pruning.

[c8436757c]
Adds port 22 to tcp_ports_for_node_whitelist.

Chores:

[8ee65b22e]
Removes TaggedNiDkgTranscript type as this is no longer needed.

[47b1aa1e2]
Changes ArtifactProcessor trait, run_artifact_processor function, Processor and IngressProcessor structs and respective new methods from public to private within rs/p2p/artifact_manager/src/lib.rs.

[5506c7c41]
Renames ic-management-canister-types to ic-management-canister-types-private. It was not possible to view the full set of changes as there were 322 files changed and GitHub was unable to display the changes in full.

[97bcf0945]
Moves ic-crypto-secp256k1 from rs/crypto/ to packages/ and renames it to ic-secp256k1
so it can be published on crates.io.

Refactoring:

[e8d8808a2]
Adds is_best_effort() flag for inter-canister requests.

Proposal 135302

Vote: Adopt

I was unable to reproduce the build successfully, as per the error that I’ve shown above, but have voted to adopt as other reviewers have managed to build the replica and verify that hashes match. The proposal consists of a single commit which reverts the roll out of best-effort calls to the first few subnets from commit df5828f, as reviewed above.

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neurons’ Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralisation of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

3 Likes
15

Hi @timk11. Could you please share details where you were trying to verify this? It was outside containerized environment? Have you retried once or twice?

16

@hpeebles thanks for reporting the error:

Nested /ic/ci/container/container-run.sh is not supported.

@nmattia and I debugged why this happened and it turns out this happens due to the following 3 facts:

This meant that the 2nd time build-ic.sh was invoked the check [ -e /home/ubuntu/.DFINITY-TAG ] would fail because the host’s /home/ubuntu was mounted over the container’s /home/ubuntu (meaning the .DFINITY-TAG file wasn’t found) causing it to call container-run.sh again resulting in the nested error.

We’ve now fixed this by not mounting the host’s $HOME into the container’s $HOME inside the container-run.sh script:

So the next release should not run into this problem.

5 Likes
17

Hi @marko . Thanks for replying. I tried this at least twice within the directory where I had (just) cloned the repo, titled /dfinity/ic, using a cloud server. I haven’t tried it again since @basvandijk 's response but I’ll let you all know if there are still any issues when we get to this week’s release. :slight_smile:

1 Like