Proposal to elect new release rc--2025-03-14_03-10

Governance NNS proposal discussions
,
1

Hello there!

We are happy to announce that voting is now open for a new IC release.
The NNS proposal is here: IC NNS Proposal 135836.

Here is a summary of the changes since the last release:

Release Notes for release-2025-03-14_03-10-base (f6f5e0927d14886e4bd67f776ee889f31cec2364)

This release is based on changes since release-2025-03-06_03-10-base (de6e339b323f59fc07b18c23f37c3cd2aa8ceb55).

Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the GuestOS image. Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.

To see a full list of commits added since last release, compare the revisions on GitHub.

Features:

  • cc90e1de9 Consensus,Interface: Time out vetKD requests that take longer than one DKG interval (#4078)
  • a171c4263 Crypto,Interface(crypto): improve vetKD API naming (#4354)
  • e005586c6 Execution,Interface: Implement ReshareChainKey endpoint (#4177)
  • ceee1f65c Execution,Interface(fuzzing): Add new Wasm module generator for system API (#4275)
  • 62f408bed Execution,Interface: New system API to retrieve liquid cycle balance of a canister (#4255)
  • 5ed9bb96f Execution,Interface,Message Routing: Add CyclesUseCase::DroppedMessages variant (#4283)
  • 787ec33a0 Node: Remove firmware from GuestOS (#4371)
  • f0c82237a Node: Upgrade components to SEV-SNP compatible versions (#4320)

Bugfixes:

  • c494f861b Execution,Interface: EXC: Fix metric overflow in tests (#4359)
  • 5f9b37f3e Execution,Interface: Fix in-round DTS for memory copy (#4066)
  • c94db9ef7 Execution,Interface: Limit compilation cache entries (#4312)
  • 6b9af1eb0 Interface(utils): Add invariants check for pop_lru (#4329)
  • bcd271802 Interface,Message Routing: No warnings on XNet payload building (#4193)
  • 61f37f7d6 Node: Remove CPU microcode from GuestOS (#4306)
  • 50418d4f0 Node: Move StandardOutput+StandardError to correct section (#4304)
  • 07090259b Node: extracting of sampling period for power measurements (#4266)

Chores:

  • d7549e90d Consensus,Interface: Remove unnecessary certified_height argument (#4350)
  • 556620982 Consensus,Interface: Check block proposal version before integrity (#4345)
  • d778e277d Consensus,Interface: Fix typos in http_outcalls metrics.rs file (#4339)
  • 5bed068be Execution,Interface: Revert “chore: Ignore wasmtime validation errors (#3338)” (#4328)
  • bebd89a36 Execution,Interface: Move OnLowWasmMemoryHookStatus to management types (#4318)
  • 2b947f437 Execution,Interface(EXC): Remove outdated TODO (#4291)
  • c5857e9d3 Execution,Interface: Add a metric observing the number of open signature request contexts (#4305)
  • 1c22acdd5 Execution,Interface: Bump wasmtime version (#4188)
  • f6f5e0927 Interface: upgrade stable-structures (#4284)
  • 4d40e10c7 Interface(IDX): use correct .gz name for canisters (#4300)
  • f53cd0ae0 Interface(ICP-Ledger): migrating protobuf query endpoints from dfn to cdk (#4299)
  • 972b38c05 Interface: upgrade axum to 0.8 (#4256)
  • 2e7d6c76a Interface,Message Routing: Add TaskQueue to CanisterStateBits (#2254)
  • cc7b6f155 Owners: Bump wasm tools (#4246)
  • 267655a59 Node: Update Base Image Refs [2025-03-13-2203] (#4372)
  • 1d7a1173c Node: update ic-gateway dep & release (#4315)
  • 5e8587031 Node: address guestOS/hostOS FW findings (#4093)
  • 650602101 Node: Update Base Image Refs [2025-03-06-0807] (#4253)

Refactoring:

  • f024f61df Consensus,Interface(consensus): remote transcript delivery (#4279)
  • e8fa4c5ef Execution,Interface: Move canister manager types in their own module (#4282)
  • 4b7c9fee3 Interface(nervous-system): Move canister interfaces into canister crate (#4351)

Tests:

Other changes:

  • 1205f6ceb Node: “feat: Upgrade components to SEV-SNP compatible versions” (#4369)

Full list of changes (including the ones that are not relevant to GuestOS) can be found on GitHub.

IC-OS Verification

To build and verify the IC-OS disk image, run:

# From https://github.com/dfinity/ic#verifying-releases
sudo apt-get install -y curl && curl --proto '=https' --tlsv1.2 -sSLO https://raw.githubusercontent.com/dfinity/ic/f6f5e0927d14886e4bd67f776ee889f31cec2364/ci/tools/repro-check.sh && chmod +x repro-check.sh && ./repro-check.sh -c f6f5e0927d14886e4bd67f776ee889f31cec2364 --guestos

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

While not required for this NNS proposal, as we are only electing a new GuestOS version here, you have the option to verify the build reproducibility of the HostOS by passing --hostos to the script above instead of --guestos, or the SetupOS by passing --setupos.

1 Like
2

Proposal #135836 — Zack | CodeGov

for release-22025-03-14_03-10-base.

Vote: Adopted
Reason: The build is reproducible and all three OS hashes match (GUESTOS, HOSTOS and SETUPOS) as well as the listed commits descriptions.

image
image1880×845 57.4 KB

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron’s Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

1 Like
3

Proposal 135836 | Tim - CodeGov

Screenshot 2025-03-16 221012
Screenshot 2025-03-16 2210121288×141 9.38 KB

Vote: Adopt

Reason: Build is successful, hashes match, commits match descriptions and the reasoning behind the changes is sound. I’ve reviewed commits for Consensus, Crypto and Interface as detailed below. I’ve also perused Node and Owners commits, which include base image and package updates and changes concerning GuestOS and HostOS components.

Review

Features:

[cc90e1de9]
Adapts get_enabled_keys_and_expiry so that it now also returns request_expiry_height, which accounts for dkg_interval_length, in addition to key_ids and request_expiry_time. This is then used in the VetKD payload builder to time out vetKD requests that take longer than one DKG interval, as explained in the commit notes.

[a171c4263]
Renames various types, fields, functions, etc for consistency with the current VetKD specs, as per the description.

Bugfixes:

[6b9af1eb0]
Adds pop_inner method to LruCache, serving to update tracking parameters for memory and disk usage of the cache. Utilises this and check_invariants, which serves to check the accuracy of these same parameters, in pop_lru (which removes the least recently used entry from the cache) and related methods.

[bcd271802]
Adds log_level field to validate_signals and validate_slice methods of XNet payload builder, so as to avoid unnecessary logging when validating just a slice rather than a payload.

Chores:

[d7549e90d]
Removes certified_height parameter from construct_block_proposal and build_batch_payload methods as this is redundant.

[556620982]
Shifts the code that calls verify_artifact within validate_blocks to occur before calling check_integrity instead of after.

[d778e277d]
Corrects spelling errors in a comment and a log message.

[f6f5e0927]
Upgrades ic-stable-structures to version 0.6.8, along with changes to related tests.

[4d40e10c7]
Changes the names of gzipped canisters in .bazel files to end in .wasm.gz instead of .wasm.

[f53cd0ae0]
Adds functions to_proto_bytes and from_proto_bytes and changes several functions in rs/ledger_suite/icp/ledger/src/main.rs to call ic_cdk::setup() and to use the new functions to construct arguments.

[972b38c05]
Version upgrade for axum and various other crates + associated code changes.

[2e7d6c76a]
Adds type TaskQueue, then adds optional field tasks of type TaskQueue to struct CanisterStateBits. Related code changes as per description.

Refactoring:

[f024f61df]
Refactoring of batch delivery code matching the detailed description in the commit notes, noting that the relevant file name batch_delivery.rs was mistyped as deliver_batches.rs in the notes.

[4b7c9fee3]
Moves CMC, ICRC1Ledger and IcpLedger traits and associated code from nervous_system/common/ to nervous_system/canisters/.

Tests:

[ebcfd08d6]
Modifies the test_invariants LRU cache property test to add lru.pop_lru to the methods tested.

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neurons’ Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralisation of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

3 Likes
4

Proposal 135836 - Hamish | CodeGov

Vote: Adopt
Reason: I have successfully run the build script and in my opinion all the commits listed look fine and match their descriptions.

Screenshot 2025-03-14 at 17.56.16
Screenshot 2025-03-14 at 17.56.161996×878 285 KB

Features:

  • cc90e1de9 Consensus,Interface: Time out vetKD requests that take longer than one DKG interval (#4078)
    Review: Looks fine + matches description
    Notes: Modifies how VetKd payloads are built and verified, such that any requests which are older than one full DKG interval are rejected.

  • a171c4263 Crypto,Interface(crypto): improve vetKD API naming (#4354)
    Review: Looks fine + matches description
    Notes: Renames a load of functions and variables relating to VetKeys (eg. VetKdDeriveEncryptedKeyVetKdDeriveKey).

  • e005586c6 Execution,Interface: Implement ReshareChainKey endpoint (#4177)
    Review: Looks fine + matches description
    Notes: Implements Ic00Method::ReshareChainKey by forwarding the request through to the partially implemented reshare_chain_key which will supplant compute_initial_idkg_dealings once it is fully implemented and the registry has migrated over to it.

  • ceee1f65c Execution,Interface(fuzzing): Add new Wasm module generator for system API (#4275)
    Review: Looks fine + matches description
    Notes: Introduces the SystemApiModule struct and implements Arbitrary for it so that it can generate random wasm modules which call into system APIs. Then uses it within the new execute_system_api.rs fuzz test.

  • 62f408bed Execution,Interface: New system API to retrieve liquid cycle balance of a canister (#4255)
    Review: Looks fine + matches description
    Notes: Adds the canister_liquid_cycle_balance128 system API which returns the canister’s cycle balance minus its freezing threshold cycles.

  • 5ed9bb96f Execution,Interface,Message Routing: Add CyclesUseCase::DroppedMessages variant (#4283)
    Review: Looks fine + matches description
    Notes: Adds the CyclesUseCase::DroppedMessages variant to account for cycles which get lost after sending messages which end up being dropped.

  • 787ec33a0 Node: Remove firmware from GuestOS (#4371)
    Review: Looks fine + matches description
    Notes: I’m not actually 100% sure exactly what change this is making as it seemingly just moves the location of where linux-image-extra-virtual-hwe-24.04 is installed within GuestOS. Regardless of the specifics, I am confident this change is fine.

  • f0c82237a Node: Upgrade components to SEV-SNP compatible versions (#4320)
    Review: Looks fine + matches description
    Notes: This is reverted by 1205f6ceb so can be ignored.

Bugfixes:

  • c494f861b Execution,Interface: EXC: Fix metric overflow in tests (#4359)
    Review: Looks fine + matches description
    Notes: Changes accumulated_priority_deviation to be an f64 rather than an i64 to fix test case where it would overflow.

  • 5f9b37f3e Execution,Interface: Fix in-round DTS for memory copy (#4066)
    Review: Looks fine + matches description
    Notes: Fixes an issue where after a large amount of dirty pages are generated, the canister would start executing messages within inner the inner loop of the subsequent execution round, whereas the canister should instead have been paused for the entire round in order to process the memory copying. This is done by passing in an instruction limit of 0 within try_yield_for_dirty_memory_copy.

  • c94db9ef7 Execution,Interface: Limit compilation cache entries (#4312)
    Review: Looks fine + matches description
    Notes: Adds max_entries to the on disk compilation cache and uses it to limit the number of cache entries.

  • 6b9af1eb0 Interface(utils): Add invariants check for pop_lru (#4329)
    Review: Looks fine + matches description
    Notes: Extracts the common logic for popping cache entries into pop_inner which also runs debug assertions to ensure data integrity. Also adds a call to check_invariants to pop_lru.

  • bcd271802 Interface,Message Routing: No warnings on XNet payload building (#4193)
    Review: Looks fine + matches description
    Notes: Makes the log level dynamic within the payload validation logic, since this code is used multiple scenarios, some of which it makes sense for a validation error to be a warning, and others where it should just be logged as info level.

  • 61f37f7d6 Node: Remove CPU microcode from GuestOS (#4306)
    Review: Looks fine + matches description
    Notes: Avoids explicitly installing Intel/AMD CPU microcode within GuestOS since it is already included within linux-image-extra-virtual-hwe-24.04 which was introduced a few weeks ago.

  • 50418d4f0 Node: Move StandardOutput+StandardError to correct section (#4304)
    Review: Looks fine + matches description
    Notes: Modifies the ordering within generate-ic-config.service so that StandardOutput and StandardError are included in the [Service] section.

  • 07090259b Node: extracting of sampling period for power measurements (#4266)
    Review: Looks fine + matches description
    Notes: Fixes the monitor-power.sh script to correctly extract the sampling period now that the output format of the IPMI tool has changed slightly.

Chores:

  • d7549e90d Consensus,Interface: Remove unnecessary certified_height argument (#4350)
    Review: Looks fine + matches description
    Notes: Removes the certified_height argument from a few functions in the block maker, because its value is already included within the ValidationContext argument.

  • 556620982 Consensus,Interface: Check block proposal version before integrity (#4345)
    Review: Looks fine + matches description
    Notes: Modifies validate_blocks to perform verify_artifact before proposal.check_integrity(), this ensures that block proposals created from earlier layout versions are removed rather than marked as invalid.

  • d778e277d Consensus,Interface: Fix typos in http_outcalls metrics.rs file (#4339)
    Review: Looks fine + matches description
    Notes: Fixes 2 typos within the HTTP outcalls metrics.

  • 5bed068be Execution,Interface: Revert “chore: Ignore wasmtime validation errors (#3338)” (#4328)
    Review: Looks fine + matches description
    Notes: Reverts an earlier commit which threw away the wasmtime validation error details because they were not deterministic, but as of wasmtime 30 they now are, so the details can be included again.

  • bebd89a36 Execution,Interface: Move OnLowWasmMemoryHookStatus to management types (#4318)
    Review: Looks fine + matches description
    Notes: Moves the OnLowWasmMemoryHookStatus enum out of ic-replicated-state and into ic-management-canister-types-private.

  • 2b947f437 Execution,Interface(EXC): Remove outdated TODO (#4291)
    Review: Looks fine + matches description
    Notes: Removes a TODO comment which is no longer applicable.

  • c5857e9d3 Execution,Interface: Add a metric observing the number of open signature request contexts (#4305)
    Review: Looks fine + matches description
    Notes: Adds the in_flight_signature_request_contexts metric to track the number of open signature request contexts per master public key.

  • 1c22acdd5 Execution,Interface: Bump wasmtime version (#4188)
    Review: Looks fine + matches description
    Notes: Bumps wasmtime from 29.0.1 to 30.0.2.

  • f6f5e0927 Interface: upgrade stable-structures (#4284)
    Review: Looks fine + matches description
    Notes: Bumps ic-stable-structures from 0.6.5 to 0.6.8 to pull in the recent performance improvements and updates the canbench results to show the improved numbers.

  • 4d40e10c7 Interface(IDX): use correct .gz name for canisters (#4300)
    Review: Looks fine + matches description
    Notes: Appends the .gz suffix to gzipped canister names which were previously incorrectly simply ending in .wasm.

  • f53cd0ae0 Interface(ICP-Ledger): migrating protobuf query endpoints from dfn to cdk (#4299)
    Review: Looks fine + matches description
    Notes: Updates the legacy protobuf endpoints of the ICP ledger to use the CDK rather than the deprecated DFN implementation.

  • 972b38c05 Interface: upgrade axum to 0.8 (#4256)
    Review: Looks fine + matches description
    Notes: Bumps axum from 0.7.9 to 0.8.0 and modifies the places it is used to work with the new version.

  • 2e7d6c76a Interface,Message Routing: Add TaskQueue to CanisterStateBits (#2254)
    Review: Looks fine + matches description
    Notes: Introduces the TaskQueue struct which holds the in-progress and queued execution tasks along with the on_low_wasm_memory_hook_status, then adds this to the CanisterStateBits for each canister. In a subsequent commit the existing task_queue and on_low_wasm_memory_hook_status fields will be removed.

  • cc7b6f155 Owners: Bump wasm tools (#4246)
    Review: Looks fine + matches description
    Notes: Bumps a few wasm related dependencies (eg. wasm-encoder, wasmparser, etc).

  • 267655a59 Node: Update Base Image Refs [2025-03-13-2203] (#4372)
    Review: Looks fine + matches description
    Notes: Updates the base IC-OS image references.

  • 1d7a1173c Node: update ic-gateway dep & release (#4315)
    Review: Looks fine + matches description
    Notes: Bumps the ic-gateway Git dependency to the latest commit.

  • 5e8587031 Node: address guestOS/hostOS FW findings (#4093)
    Review: Looks fine + matches description
    Notes: Simplifies the GuestOS and HostOS firewall configs by removing old IP entries and removing duplicate code by defining icmp_v4_types_accept and icmp_v6_types_accept which contain the rules which were previously repeated.

  • 650602101 Node: Update Base Image Refs [2025-03-06-0807] (#4253)
    Review: Looks fine + matches description
    Notes: Updates the base IC-OS image references.

Refactoring:

  • f024f61df Consensus,Interface(consensus): remote transcript delivery (#4279)
    Review: Looks fine + matches description
    Notes: Refactors and simplifies generate_responses_to_setup_initial_dkg_calls to make it work with the new ReshareChainKey requests. It does this by introducing RemoteDkgResults which implements add_transcript allowing this logic to be removed from the generate_responses_to_setup_initial_dkg_calls function. The ReshareChainKey path is not implemented yet, that will follow in a subsequent commit.

  • e8fa4c5ef Execution,Interface: Move canister manager types in their own module (#4282)
    Review: Looks fine + matches description
    Notes: Moves the types used by the canister manager into the canister_manager::types module.

  • 4b7c9fee3 Interface(nervous-system): Move canister interfaces into canister crate (#4351)
    Review: Looks fine + matches description
    Notes: Moves the nervous system canister interfaces out of ic-nervous-system-common and into ic-nervous-system-canisters.

Tests:

  • ebcfd08d6 Interface(EXC): Add pop to lru cache proptest (#4352)
    Review: Looks fine + matches description
    Notes: Extends the LruCache prop tests to include calls to the pop_lru, rather than only ever calling push.

Other changes:

  • 1205f6ceb Node: “feat: Upgrade components to SEV-SNP compatible versions” (#4369)
    Review: Looks fine + matches description
    Notes: This simply reverts f0c82237a which was only needed temporarily for testing.
About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron’s Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

3 Likes
6

He’s actually ok. If he’s not then we’re in deeper trouble than I thought! :slight_smile:

1 Like
7

Proposal 135836 – ilbert | CodeGov

Vote: ADOPTED.
Reason: All reviewed commits match their description and hashes match.

build-2025-03-16 at 19.09.40
build-2025-03-16 at 19.09.401309×378 65.6 KB

Review:
For the Execution and Runtime layers, the main changes introduced in this proposal are:

  • Introduces new management canister methods
  • Small fixes and improvements

I’ve reviewed all the commits listed in the proposal, for the Execution and Runtime layers:

e005586c6:
Changes the make_reshare_dealings_response function to return a ReshareChainKeyResponse if the method that originated the request was reshare_chain_key. Otherwise, it returns a ComputeInitialIDkgDealingsResponse. The latter case will be removed once the compute_i_dkg_dealings method will be removed.
Implements the reshare_chain_key management canister method in the execute_subnet_message method of the ExecutionEnvironment struct. It calls the newly introduced reshare_chain_key method of the struct, which creates a SubnetCallContext::ReshareChainKey context and passes it to the subnet’s call context manager.
Adds the target_id field to the ReshareChainKeyContext struct, which is initialized to 0 if it’s empty from the deserialized protobuf ReshareChainKeyContext struct. Otherwise, it is initialized to the value coming from the deserialized protobuf struct.

ceee1f65c:
Matches description.

62f408bed:
Adds the canister_liquid_cycle_balance128 linker handler to the Wasm module linker, which calls the newly implemented ic0_canister_liquid_cycle_balance128 method of the SystemApiImpl struct. This method calls the newly introduced liquid_cycles_balance method of the SandboxSafeSystemState struct, which computes the liquid cycles as the cycles balance - the freezing threshold.

5ed9bb96f:
Adds the DroppedMessages variant to the CyclesUseCase enum.

c494f861b:
Matches description.

5f9b37f3e:
Changes the yield_for_dirty_memory_copy method of the SystemApiImpl struct to set the instructions_executed_before_current_slice to current_slice_instruction_limit, removing the need for the instruction_counter argument.
Changes the try_yield_for_dirty_memory_copy method of the DeterministicTimeSlicing struct to return 0 instructions used, removing the need for the instruction_counter argument.

c94db9ef7:
Adds the max_entries field to the CompilationCache enum. This field is used in the insert_err and insert_ok methods of the CompilationCache struct: if the cache has more entries than max_entries, calls the pop_lru method of the LruCache struct before pushing the new module to the cache.

5bed068be:
Matches description.

bebd89a36:
Matches description.

2b947f437:
Matches description.

c5857e9d3:
Adds the in_flight_signature_request_contexts histogram metric to the SchedulerMetrics struct. This metric is observed in the observe_replicated_state_metrics function, from the replicated state’s signature_request_contexts method result.

1c22acdd5:
Bumps wasmtime major version from 29 to 30.

e8fa4c5ef:
Matches description.

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron’s Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

2 Likes
8

proposal - 135836 Cyberowl | CodeGov

v1
v11906×574 115 KB

Vote: ADOPT

Reason:

The build was successful, and all the commit descriptions matched the changes in the code.

Checks

Hash Match: MATCH
2 Urls: MATCH
Feedback: NONE
Proposer Check: MATCH

Overall Summary:

New RequestExpiry struct that improves VetKD request expiration by combining both time-based and height-based criteria. It also adds a reshare_chain_key API to extend the consensus and execution layers for better key management, and refactors the fuzzing infrastructure to separate general IC WASM module testing from system API-specific testing through dedicated fuzz targets and edge-case parameter injection.

Commits Summary

Features:
cc90e1de9
New RequestExpiry struct that combines both time-based and height-based expiration, using num-traits for saturating arithmetic to safely compute expiration heights based on DKG interval lengths. The updated logic now rejects VetKD requests that are older than one DKG interval and updates error handling to classify these failures as SysTransient.

a171c4263
Renaming of vetkd-related identifiers—for example, changing derivation_id to input, encryption_public_key to transport_public_key, and VetKdDerivationDomain to VetKdDerivationContext to improve clarity and better reflect their roles. It reorders fields in the VetKdArgs struct and updates all affected components. Functionality remains unchanged.

e005586c6
New reshare_chain_key API in both the consensus and execution layers by adding a new response type for resharing operations while maintaining backward compatibility with the legacy compute_initial_idkg_dealings response.

ceee1f65c
Enhance the fuzzing infrastructure by introducing dedicated fuzz targets that separate general IC WASM module testing from system API-specific testing. SystemApiModule generates WASM modules with valid system API imports and leverages utilities like SpecialInt and SystemApiImportStore to inject edge-case parameters and reuse prebuilt import sections efficiently.

62f408bed
ic0_canister_liquid_cycle_balance128, which allows a canister to query its “liquid” cycle balance, the amount of cycles available for spending after subtracting the freeze threshold from the total cycle balance.

5ed9bb96f
CyclesUseCase::DroppedMessages (value 15) to track cycles lost when messages are dropped, integrating it into the cycle accounting system. It updates cycle withdrawal and subnet metrics logic so that dropped messages are handled like burned cycles, ensuring full deduction from the balance, and adds a debug assertion to restrict its use to the subnet level.

787ec33a0
Moves kernel and extra module installation from a static package list in packages.common into the Dockerfile, where a new build argument (_KERNEL_PACKAGE) defines the kernel package (defaulting to linux-image-virtual-hwe-24.04).

f0c82237a
Streamlines HostOS by consolidating its Dockerfile into a single-stage build based on Ubuntu 24.04, eliminating the manual download and compilation of QEMU in favor of using pre-built packages.

Bugfixes:
c494f861b
Converts the priority deviation calculation from integer arithmetic to floating-point arithmetic by initializing the accumulated deviation as an f64 and casting priority values to f64 before squaring them.

5f9b37f3e
Refactors the DTS implementation by removing the instruction counter dependency from try_yield_for_dirty_memory_copy, so that the function now always passes 0 to state.newly_executed and state.update, decoupling dirty memory page copying from instruction-based accounting.

c94db9ef7
Introduces a builder pattern for the WASM compilation cache, allowing configurable parameters such as memory capacity, disk capacity, and a maximum entry limit (default 500,000) to prevent excessive resource usage like file descriptor exhaustion.

6b9af1eb0
Helper method, pop_inner, which centralizes the logic for updating memory and disk size metrics when cache entries are removed.

bcd271802
Improves the XNetPayloadBuilderImpl by adding a configurable log_level parameter to its validation functions, allowing different logging severities (such as Info or Warning) to be used based on context.

61f37f7d6
Matches description Remove CPU microcode from GuestOS.

50418d4f0
Matches description Move StandardOutput+StandardError to correct section.

07090259b
Matches extracting of sampling period for power measurements.

Chores:
d7549e90d
Removes the redundant certified_height parameter from block construction functions by sourcing it directly from the ValidationContext.

556620982
Reorders the validation steps in the Validator implementation, so that cryptographic verification (verify_artifact) is performed before checking the block’s structural integrity (check_integrity).

d778e277d
Fix typos

5bed068be
Improves Wasm validation error reporting by including detailed error messages from wasmtime, rather than a generic message, which aids in debugging. It also re-enables two tests test_initial_wasmtime_config and toolchain_error_message.

bebd89a36
Relocates the OnLowWasmMemoryHookStatus enum and its associated logic from the replicated_state module to the management_canister_types module, aligning it with canister management functionality.

2b947f437
Remove TODO

c5857e9d3
Introduces a new HistogramVec metric, in_flight_signature_request_contexts, to track the number of pending signature request contexts by key ID. It updates the scheduler’s observation logic to aggregate counts from signature request contexts by MasterPublicKeyId and record these counts in the new metric.

1c22acdd5
Major version change for wasmtime. Now 30.0.2.

f6f5e0927
Update the ic-stable-structures crate to version 0.6.8 across various lockfiles and Bazel configuration files.

4d40e10c7
Standardizes WASM file naming in the build system by changing the canonical output from .wasm to .wasm.gz for both Rust and Motoko canisters.

f53cd0ae0
Removes the use of the over macro in ICP ledger query endpoints and replaces it with a more explicit manual handling of raw arguments and responses using arg_data_raw, reply_raw, and custom protobuf serialization functions.

972b38c05
Updates many dependencies—especially key Axum libraries, rustls, wasm-bindgen, and rand—while also revising Bazel configurations and lock files to ensure compatibility with the latest versions.

2e7d6c76a
Refactors the task queue handling in canister state management by introducing a unified TaskQueue message type that consolidates paused/aborted tasks, on_low_wasm_memory_hook_status, and regular tasks, while deprecating older flat fields.

cc7b6f155
Updates several WebAssembly-related dependencies (such as wasm-encoder, wasm-smith, wasmparser, and others) and introduces leb128fmt as a new dependency.

267655a59
Update base image Refs

1d7a1173c
Updates the ic-gateway dependency to version 0.2.0 across Cargo.toml, and the Dockerfile for the boundary guest OS, ensuring that the system uses the latest features and fixes from ic-gateway. It also downgrades itertools from 0.13.0 to 0.11.0 to maintain compatibility with prost-build and prost-derive.

5e8587031
Refactors the firewall rules in both GuestOS and HostOS by consolidating ICMP types into defined sets and updating outbound restrictions for the ic-http-adapter, while also switching the NTP configuration from multiple pool servers to ntp.ubuntu.com.

650602101
Update base image Refs

Refactoring:
f024f61df
Refactors DKG response generation in the consensus module by renaming functions and introducing a new RemoteDkgResults enum to support both SetupInitialDKG and ReshareChainKey scenarios. It aggregates transcripts using a BTreeMap and generates responses based on the DKG type.

e8fa4c5ef
Refactors the canister_manager.rs file by extracting a large portion of its type definitions (structs, enums, traits, and their implementations) into a new file, canister_manager/types.rs.

4b7c9fee3
Integrates the mockall crate to enable robust unit testing by allowing mocks for traits like CMC, ICRC1Ledger, and IcpLedger. It moves these traits from a common module to a canister-specific module ic_nervous_system_canisters.

Tests:
ebcfd08d6
Enhance the LruCache property-based tests by adding a Clone implementation for MemoryDiskValue and introducing a new Action enum to simulate both push and pop_lru operations with a weighted random strategy.

Other changes:
1205f6ceb
Reverts f0c82237a that was used for testing.

2 Likes
9

Proposal 135836– Zane | CodeGov

Vote: ADOPT
Reason: Build completes successfully, both hashes and reviewed commits match their descriptions, so I’ve decided voted to adopt.

135836
1358361916×467 101 KB

Features:

e005586c6 Extended ReshareChainKeyContext struct with target_id field and partially implemented logic for ReshareChainKey IC00 method. When a canister request is received, it is passed down to the new reshare_chain_key method, which behaves similarly to the existing compute_initial_idkg_dealings, exception made for the fact it initializes the ReshareChainKeyContext’s target id vector randomly instead of with zeros and it attempts to retrieve the master public key for the request’s key id, early returning a UserError if its not present on the current subnet, though at this time the public key id is not actually used. The endpoint is not fully functional yet, as reshare_chain_key always return an UserError with CanisterRejectedMessage error code. Finally modified make_reshare_dealings_response to construct the consensus response based on the name of the method that generated the context, with special case for reshare_chain_key and updated protobuf decode logic for ReshareChainKeyContext so that it defaults all empty target ids from legacy IDkgDealingContexts to a zeroed array.

ceee1f65c Added execute_with_wasm_executor_system_api fuzz target using SystemApiModule struct, which randomly generates wasm modules invoking system APIs from system_api_imports.

62f408bed Added ic0_canister_liquid_cycle_balance128 system API which computes the amount of cycles the calling canister can spend without hitting the freezing threshold.

5ed9bb96f Added DroppedMessages variant to CyclesUseCase enum, this will be used by future changes to keep tracked of cycles lost after bounded wait calls are dropped.

Bugfixes:

c494f861b In apply_scheduling_strategy changed accumulated_priority_deviation type to f64 and use floating point multiplication when squaring accumulated_priority to prevent overflows.

5f9b37f3e Fixed executions which dirty over 1GiB of state not being paused for the current execution round by forcefully passing zero instructions to state.update in try_yield_for_dirty_memory_copy, signaling the round instruction limit has been reached.

c94db9ef7 Added limit for the number of entries for the on disk CompilationCache. max_entries has been added to the Disk variant and insert_err has been modified so that if the limit has been reached, the least recently used element is popped from the cache before pushing a new one.
Also implemented CompilationCacheBuilder struct to provide a flexible way to construct CompilationCache instances with customizable parameters or with sensible default values. Left comment here

6b9af1eb0 Reduced code duplication by moving cache memory and disk size update logic alongside some debug asserts out of push/pop/evict to pop_inner method. Modified pop_lru to call pop_inner and enforce invariants before returning. Evict also has been updated to enforce invariants after completing the eviction process.

bcd271802 Modified validate_slice and validate_signals so that log level can be configured by the caller and updated get_xnet_payload_impl method of payload builder to use info log level instead of warn.

Chores:

5bed068be Reverted commit 227e8e3de. Matches description.

bebd89a36 Moved OnLowWasmMemoryHookStatus definition and implementation from system_state/task_queue.rs to ic-management-canister-types-private package and updated imports accordingly.

2b947f437 Removed obsolete TODO comment as previously suggested by a reviewer

c5857e9d3 Added in_flight_signature_request_contexts field to SchedulerMetrics to keep track of the number of in flight signature request contexts by key ID. In observe_replicated_state_metrics the metric is computed by using a temporary map linking each public key id to its respective count, which is initialized at 1 and incremented every time a context with the key id is found.

1c22acdd5 Bumped wasmtime to v30.0.2

f6f5e0927 Bumped ic-stable-structures to v0.6.8. In icrc1_test_stable_migration_endpoints_disabled increased the number of approvals/transfers to process from 40 to 60, similarly in test_migration_resumes_from_frozen both have been bumped to 40.

f53cd0ae0 Port over some endpoints in ledger_suite/icp/ledger/src/main.rs to use the ic-cdk instead of the deprecated dfn library.

972b38c05 Updated axum to 0.8.1 and updated some code to comply with the new version’s breaking changes such as route definitions.

650602101 Updated ICOS image refs.

Refactoring:

e8fa4c5ef Moved many canister manager types definitions and their respective implementation to a separate module. Updated imports to reflect this change.

Tests:

ebcfd08d6 Modified invariants proptest of LruCache to also include pop_lru actions.

About CodeGov

CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron’s Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.

1 Like
10

Proposal 135836 - Ipsita | ZenithCode

Summary

  1. Vote: Adopt
  2. Hash: All the hashes match
  3. Reason to Adopt The release notes match the commits and the code changes. Builds successfully.

135836
1358362018×814 248 KB

Commits

Features

  • cc90e1de9
    Summary: Time out vetKD requests that take longer than one DKG interval
    Notes: This PR adds logic to timeout vetkd requests that take longer than DKG interval
    Review: Code changes match the commit message.

  • a171c4263
    Summary: improve vetKD API naming
    Notes: Renames several vetkd api’s.
    Review: Code changes match the commit message.

  • e005586c6
    Summary: Implement ReshareChainKey endpoint
    Notes: Activates ReshareChainKey endpoint which generalizes the ComputeIDkgDealings endpoint to also support IDKG chain keys.
    Review: Code changes match the commit message.

  • ceee1f65c
    Summary: Add new Wasm module generator for system API
    Notes: This PR extracts all the system api imports and invoks them in randomly with abertarily generated values.
    Review: Code changes match the commit message.

  • 62f408bed
    Summary: new system API to retrieve liquid cycle balance of a canister
    Notes: Adds a new api to return available cycles for spending.
    Review: Code changes match the commit message.

  • 5ed9bb96f
    Summary: Add CyclesUseCase::DroppedMessages variant
    Notes: Work towards tracking cycles lost when dropping messages.
    Review: Code changes match the commit message.

  • 787ec33a0
    Summary: Remove firmware from GuestOS
    Notes: Makes update to dockerfile.base and packages.common.
    Review: Code changes match the commit message.

  • f0c82237a
    Summary: Upgrade components to SEV-SNP compatible versions
    Notes: Makes update to create new base images.
    Review: Code changes match the commit message.

Bugfixes

  • c494f861b
    Summary: Fix metric overflow in tests
    Notes: Small fixes to test cases.
    Review: Code changes match the commit message.

  • 5f9b37f3e
    Summary: Fix in-round DTS for memory copy
    Notes: Passes a zero counter to yield_for_dirty_memory_copy to ensure when the round instruction limits is reaached to fix in-round DTS for memory copy.
    Review: Code changes match the commit message.

  • c94db9ef7
    Summary: Limit compilation cache entries
    Notes: Limits the number of entries in the compilations cache.
    Review: Code changes match the commit message.

  • 6b9af1eb0
    Summary: Add invariants check for pop_lru
    Notes: Adds check in test cases for pop_lru
    Review: Code changes match the commit message.

  • bcd271802
    Summary: No warnings on XNet payload building
    Notes: updates bunch of log messages from warn to info.
    Review: Code changes match the commit message.

  • 61f37f7d6
    Summary: Remove CPU microcode from GuestOS
    Notes: #4096 has started including microcode to GuestOS which are removed in this PR.
    Review: Code changes match the commit message.

  • 50418d4f0
    Summary: Move StandardOutput+StandardError to correct section
    Notes: Refactors code in generate-ic-config.service file.
    Review: Code changes match the commit message.

  • 07090259b
    Summary: extracting of sampling period for power measurements
    Notes: Bugfixes in monitor-power.sh file to correctly extract sampling period.
    Review: Code changes match the commit message.

Chores

  • d7549e90d
    Summary: Remove unnecessary certified_height argument
    Notes: Removes certified_height arguments from bunch of places since it is already part of validation context.
    Review: Code changes match the commit message.

  • 556620982
    Summary: Check block proposal version before integrity
    Notes: move verification checks before proposal.check_integrity() method so that empty blocks are removed instead of marked as invalid.
    Review: Code changes match the commit message.

  • d778e277d
    Summary: fix typos in http_outcalls metrics.rs file
    Notes: Fixes typo in metrics.rs file.
    Review: Code changes match the commit message.

  • 5bed068be
    Summary: Revert "chore: Ignore wasmtime validation errors
    Notes: reverts commit 227e8e3
    Review: Code changes match the commit message.

  • bebd89a36
    Summary: Move OnLowWasmMemoryHookStatus to management types
    Notes: Moves Move OnLowWasmMemoryHookStatus to management types to management canister.
    Review: Code changes match the commit message.

  • 2b947f437
    Summary: Remove outdated TODO
    Notes: Removes todo comment which was already addressed in #3554.
    Review: Code changes match the commit message.

  • c5857e9d3
    Summary: Add a metric observing the number of open signature request contexts
    Notes: Adds metrics to get the size of current request queue.
    Review: Code changes match the commit message.

  • 1c22acdd5
    Summary: Bump wasmtime version
    Notes: Upgrades wasmtime version from 29.0.1 to 30.0.2.
    Review: Code changes match the commit message.

  • f6f5e0927
    Summary: upgrade stable-structures
    Notes: Upgrades ic-stable-structures from 0.6.5 to 0.6.8
    Review: Code changes match the commit message.

  • 4d40e10c7
    Summary: use correct .gz name for canisters
    Notes: renames bazel build canisters from .wasm to .wasm.gz.
    Review: Code changes match the commit message.

  • f53cd0ae0
    Summary: migrating protobuf query endpoints from dfn to cdk
    Notes: uses cdk instead of dfn for protobuf endpoints.
    Review: Code changes match the commit message.

  • 972b38c05
    Summary: upgrade axum to 0.8
    Notes: upgrades axum version from 0.7.9 to 0.8.1
    Review: Code changes match the commit message.

  • 2e7d6c76a
    Summary: Add TaskQueue to CanisterStateBits
    Notes: Adds TaskQueue struct to CanisterStateBits which holds the in-progress and execution tasks.
    Review: Code changes match the commit message.

  • cc7b6f155
    Summary: Bump wasm tools
    Notes: Upgrades bunch of wasm tools to newer versions.
    Review: Code changes match the commit message.

  • 267655a59
    Summary: Update Base Image Refs [2025-03-13-2203]
    Notes: updates base ic-os container image references.
    Review: Code changes match the commit message.

  • 1d7a1173c
    Summary: update ic-gateway dep & release
    Notes: Upgrades ic-gateway to the latest version.
    Review: Code changes match the commit message.

  • 5e8587031
    Summary: address guestOS/hostOS FW findings
    Notes: refactors guest os and host os configs.
    Review: Code changes match the commit message.

  • 650602101
    Summary: Update Base Image Refs [2025-03-06-0807]
    Notes: updates base ic-os container image references.
    Review: Code changes match the commit message.

Refactoring

  • f024f61df
    Summary: remote transcript delivery
    Notes: Code refactoring in the batch delivery which addresses the following changes:

    • renames generate_responses_to_setup_initial_dkg_calls to generate_responses_to_remote_dkgs
    • renames TranscriptResults to RemoteDkgResults.
    • moves generate_responses_to_remote_dkgs to test section in deliver_batches.rs and renames to test_generate_setup_initial_dkg_response
    • some more similar changes.

    Review: Code changes match the commit message.

  • e8fa4c5ef
    Summary: Move canister manager types in their own module
    Notes: Moves canister manager types to canister_manager::types module.
    Review: Code changes match the commit message.

  • 4b7c9fee3
    Summary: Move canister interfaces into canister crate
    Notes: Moves canister interface from ic-nervous-system-common to ic-nervous-system-canisters.
    Review: Code changes match the commit message.

Tests

  • ebcfd08d6
    Summary: Add pop to lru cache proptest
    Notes: Adds tests for pop_lru calls.
    Review: Code changes match the commit message.

Other changes

  • 1205f6ceb
    Summary: feat: Upgrade components to SEV-SNP compatible versions
    Notes: Reverts #4320.
    Review: Code changes match the commit message.
2 Likes
11

Proposal: 135836

Summary:

  1. Build Hash: Build has from the proposal, local build and CDN matches and is “3294dbabaf269e9c8f633ae87f459d937abcdd932263f47fbbd2f57950d16c91”.
  2. Summary: The release notes matches the code changes
  3. Vote: I vote to adopt the proposals

135836
1358362128×818 247 KB

Commits

Detailed Review:

Features:

  • cc90e1de9 Consensus,Interface: Time out vetKD requests that take longer than one DKG interval (#4078)
    Notes: request_expiry which was previously defined as Time is now changed to struct RequestTime which is a combination of time and height. This request_expiry.height is then later used to timeout VetKD request that takes longer than one DKG interval. The reject code is also changed from CanisterError to SysTransient , indicating the user that a retry might be successful. Relevant tests are also updated.
    Review: Code changes look good and match release notes.
  • a171c4263 Crypto,Interface(crypto): improve vetKD API naming (#4354)
    Notes: This PR renames certain structs and variables in the VetKD API to align with the Specs. For example derivation_id has been changed to input. derivation_domain to context, vetkd_derive_encrypted_key to vetkd_derive_key , and encryption_public_key to transport_public_key.
    Review: Code changes look good and match release notes.
  • e005586c6 Execution,Interface: Implement ReshareChainKey endpoint (#4177)
    Notes: This PR implements the ReshareChainKey endpoint by modifying the function make_reshare_dealings_response to support ReshareChainKeyResponse alongside ComputeInitialIDkgDealingsResponse by calling function reshare_chain_key conditionally. Later these two different cases will be removed and will only return ReshareChainKeyResponse. Function compute_initial_idkg_dealings will also be removed later once registry will be migrated to reshare_chain_key.
    Review: Code changes look good and match release notes.
  • ceee1f65c Execution,Interface(fuzzing): Add new Wasm module generator for system API (#4275)
    Notes: This PR implements SystemApiModule similar to ICWasmModule . Arbitrary is also implemented to generate random values and invoke system APIs in random fashion. This is then later used in rs/execution_environment/fuzz/fuzz_targets/execute_system_api.rs fuzz targets.
    Review: Code changes look good and match release notes.
  • 62f408bed Execution,Interface: New system API to retrieve liquid cycle balance of a canister (#4255)
    Notes: A new system API has been implemented called canister_liquid_cycle_balance128 to returns the cycles available for execution before the canister gets frozen, so essentially total cycle balance minus freezing threshold cycles.
    Review: Code changes look good and match release notes.
  • 5ed9bb96f Execution,Interface,Message Routing: Add CyclesUseCase::DroppedMessages variant (#4283)
    Notes: This PR adds DroppedMessages variant to CyclesUseCase to prepare for tracking cycles lost when some messages are dropped after being sent.
    Review: Code changes look good and match release notes.
  • 787ec33a0 Node: Remove firmware from GuestOS (#4371)
    Notes: This PR moves additional kernel modules in linux-image-extra-virtual-hwe-24.04 from packages.common to dockerfile.base image itself.
    Review: Code changes look good and match release notes.
  • f0c82237a Node: Upgrade components to SEV-SNP compatible versions (#4320)
    Notes: This PR simply upgrades components in hostos Dockerfile.base image to SEV-SNP compatible versions.
    Review: Code changes look good and match release notes.

Bugfixes:

  • c494f861b Execution,Interface: EXC: Fix metric overflow in tests (#4359)
    Notes: accumulated_priority_deviation is changed from integer to floating point f64 to fix metric overflow in test.
    Review: Code changes look good and match release notes.
  • 5f9b37f3e Execution,Interface: Fix in-round DTS for memory copy (#4066)
    Notes: This PR removes the need of instruction_counter being passed to function try_yield_for_dirty_memory_copy. It is now hardcoded to 0 to fix the issue where over one gigabyte of dirty pages are generated. Previously the canister would have started executing messages within the inner loop of the next execution round, now it will be paused for the entire round for memory copy to complete.
    Review: Code changes look good and match release notes.
  • c94db9ef7 Execution,Interface: Limit compilation cache entries (#4312)
    Notes: This PR adds memory_capacity, disk_capacity and max_entries all defined by constants to limit compilation cache entries.
    Review: Code changes look good and match release notes.
  • 6b9af1eb0 Interface(utils): Add invariants check for pop_lru (#4329)
    Notes: Adds a check self.check_invariants(); in function pop_lru. Also moves the logic of popping cache entries at various places to be now consolidated under function pop_inner.
    Review: Code changes look good and match release notes.
  • bcd271802 Interface,Message Routing: No warnings on XNet payload building (#4193)
    Notes: log_level is now defined in xnet payload builder. This can be dynamically controlled to be a warning or info based on where the code is used and in which scenario. In some cases it would make send to change these logs from warning to info.
    Review: Code changes look good and match release notes.
  • 61f37f7d6 Node: Remove CPU microcode from GuestOS (#4306)
    Notes: amd microcode and intel micro code are now removed from being explicitly installed as they are part of linux-image-extra-virtual-hwe-24.04 already which was introduced in previous changes.
    Review: Code changes look good and match release notes.
  • 50418d4f0 Node: Move StandardOutput+StandardError to correct section (#4304)
    Notes: This PR simply moves WantedBy=multi-user.target to the bottom of file ic-os/components/ic/generate-ic-config/generate-ic-config.service so that StandardOutput and StandardError fall under [Service] section.
    Review: Code changes look good and match release notes.
  • 07090259b Node: extracting of sampling period for power measurements (#4266)
    Notes: Fix the power monitoring script to accommodate a recent change in how IPMI tool reports back IPMI timestamp and sampling period.
    Review: Code changes look good and match release notes.

Chores:

  • d7549e90d Consensus,Interface: Remove unnecessary certified_height argument (#4350)
    Notes: certified_height argument is now remove from a few functions in blockmaker, for example construct_block_proposal as it is already part of the validation context.
    Review: Code changes look good and match release notes.
  • 556620982 Consensus,Interface: Check block proposal version before integrity (#4345)
    Notes: Previously marked invalid the block proposals which were generated by earlier versions are now simply removed. This is done by moving the logic of verify_artifact before proposal.check_integrity().
    Review: Code changes look good and match release notes.
  • d778e277d Consensus,Interface: Fix typos in http_outcalls metrics.rs file (#4339)
    Notes: Minor typo fix in comments, and one of the string value in metrics_registry.histogram.
    Review: Code changes look good and match release notes.
  • 5bed068be Execution,Interface: Revert “chore: Ignore wasmtime validation errors (#3338)” (#4328)
    Notes: Its simply a revert of chore: Ignore wasmtime validation errors (#3338) · dfinity/ic@227e8e3 · GitHub as Wasmtime 30 contains the fix that makes wasmtime module validation deterministic.
    Review: Code changes look good and match release notes.
  • bebd89a36 Execution,Interface: Move OnLowWasmMemoryHookStatus to management types (#4318)
    Notes: OnLowWasmMemoryHookStatus is now moved to management types as this soon will become a public interface to support upcoming snapshot metadata PR.
    Review: Code changes look good and match release notes.
  • 2b947f437 Execution,Interface(EXC): Remove outdated TODO (#4291)
    Notes: An outdate TODO comment is removed which was already addressed in feat(EXC-1821): Enable on-disk compilation cache by adambratschikaye · Pull Request #3554 · dfinity/ic · GitHub.
    Review: Code changes look good and match release notes.
  • c5857e9d3 Execution,Interface: Add a metric observing the number of open signature request contexts (#4305)
    Notes: A new metric in_flight_signature_request_contexts_by_key_id has now been added to track open signature requests per key.
    Review: Code changes look good and match release notes.
  • 1c22acdd5 Execution,Interface: Bump wasmtime version (#4188)
    Notes: wasmtime has been bumped from 29.0.0 to 30.0.2
    Review: Code changes look good and match release notes.
  • f6f5e0927 Interface: upgrade stable-structures (#4284)
    Notes: ic-stable-structures has been upgraded from 0.6.5 to 0.6.8 to benefit from performance gain.
    Review: Code changes look good and match release notes.
  • 4d40e10c7 Interface(IDX): use correct .gz name for canisters (#4300)
    Notes: The correct extension is now used for gzipped canisters which is .wasm.gz ( previously it was just referring to as .wasm).
    Review: Code changes look good and match release notes.
  • f53cd0ae0 Interface(ICP-Ledger): migrating protobuf query endpoints from dfn to cdk (#4299)
    Notes: The protobuf query endpoint in the ICP ledger now use CDK implementation rather than old dfn implementation.
    Review: Code changes look good and match release notes.
  • 972b38c05 Interface: upgrade axum to 0.8 (#4256)
    Notes: axum has been bumped from 0.7.9 to 0.8.1. Some part of the code has also been changed to adopt the new version.
    Review: Code changes look good and match release notes.
  • 2e7d6c76a Interface,Message Routing: Add TaskQueue to CanisterStateBits (#2254)
    Notes: An optional TaskQueue which holds paused_or_aborted_task , on_low_wasm_memory_hook_status , and Queue of Heartbeat and GlobalTimer tasks. Is added to CanisterStateBits . In Later PRs task_queue and OnLowWasmMemoryHookStatus will be removed.
    Review: Code changes look good and match release notes.
  • cc7b6f155 Owners: Bump wasm tools (#4246)
    Notes: Wasm tools like wasm-encoder, wasmparser etc etc have be bumped up.
    Review: Code changes look good and match release notes.
  • 267655a59 Node: Update Base Image Refs [2025-03-13-2203] (#4372)
    Notes: ic-os base image references have been updated.
    Review: Code changes look good and match release notes.
  • 1d7a1173c Node: update ic-gateway dep & release (#4315)
    Notes: ic-gateway dependency has been updated to a newer commit.
    Review: Code changes look good and match release notes.
  • 5e8587031 Node: address guestOS/hostOS FW findings (#4093)
    Notes: new variables are added in the firewall config namely icmp_v6_types_accept and icmp_v4_types_accept and then used to avoid duplicate code. Also updates some ipv6 prefix ( mostly removed ) in the firewall rules.
    Review: Code changes look good and match release notes.
  • 650602101 Node: Update Base Image Refs [2025-03-06-0807] (#4253)
    Notes: ic-os base image references have been updated.
    Review: Code changes look good and match release notes.

Refactoring:

  • f024f61df Consensus,Interface(consensus): remote transcript delivery (#4279)
    Notes: This PR refactors batch delivery to simplify the convoluted function handling remote DKG deliveries, enabling the addition of ReshareChainKey responses (CON-1416). Changes include renaming functions and types, restructuring logic, converting to an enum, and updating tests accordingly.
    Review: Code changes look good and match release notes.
  • e8fa4c5ef Execution,Interface: Move canister manager types in their own module (#4282)
    Notes: This simply refactors the code to move the types used by canister manager in canister_manager::types module.
    Review: Code changes look good and match release notes.
  • 4b7c9fee3 Interface(nervous-system): Move canister interfaces into canister crate (#4351)
    Notes: This simply moves the interfaces from nervous_system/common to nervous_system/canisters .
    Review: Code changes look good and match release notes.

Tests:

  • ebcfd08d6 Interface(EXC): Add pop to lru cache proptest (#4352)
    Notes: pop_lru tests are enhanced by now accounting for recent changes which added invariant checks and pop_lru function.
    Review: Code changes look good and match release notes.

Other changes:

2 Likes
12

Proposal 135836 | Yuvika - Zentih Code

Summary

  1. Vote: Adopt
  2. Hash: Hashes match
  3. Reasons to adopt: Builds fine + hashes match + release notes match the commits.

build-135836
build-135836720×390 106 KB

Commits

Features:

  • cc90e1de9
    Summary: Time out vetKD requests that take longer than one DKG interval.
    Notes: Replace request_expiry (Time) with RequestTime (time + height), enabling VetKD request timeouts based on block height and improving error handling with SysTransient rejects for retryable failures.
    Review: The description matches the code changes.

  • a171c4263
    Summary: improve vetKD API naming.
    Notes: Rename VetKD API structs and variables (e.g., derivation_id to input, encryption_public_key to transport_public_key) to match specification naming conventions.
    Review: The description matches the code changes.

  • e005586c6
    Summary: Implement ReshareChainKey endpoint.
    Notes: Add the ReshareChainKey endpoint by refactoring make_reshare_dealings_response to support both initial and reshare key responses, with plans to consolidate into only ReshareChainKeyResponse and remove the initial key functionality later.
    Review: The description matches the code changes.

  • ceee1f65c
    Summary: Add new Wasm module generator for system API.
    Notes: Add SystemApiModule similar to ICWasmModule, enabling randomized system API testing with arbitrary value generation, used in rs/execution_environment/fuzz/fuzz_targets execute_system_api.rs fuzz targets.
    Review: The description matches the code changes.

  • 62f408bed
    Summary: New system API to retrieve liquid cycle balance of a canister.
    Notes: Add canister_liquid_cycle_balance128 a new system API, providing a 128-bit representation of the canister’s usable cycles, excluding the freezing threshold.
    Review: The description matches the code changes.

  • 5ed9bb96f
    Summary: Add CyclesUseCase::DroppedMessages variant.
    Notes: Add a new DroppedMessages variant to CyclesUseCase to enable tracking of cycles lost due to dropped messages during transmission.
    Review: The description matches the code changes.

  • 787ec33a0
    Summary: Remove firmware from GuestOS.
    Notes: Integrate more kernel modules into the dockerfile.base image of linux-image-extra-virtual-hwe-24.04, removing their dependency on packages.common.
    Review: The description matches the code changes.

  • f0c82237a
    Summary: Upgrade components to SEV-SNP compatible versions.
    Notes: Update the HostOS Dockerfile.base image components to versions compatible with SEV-SNP.
    Review: The description matches the code changes.

Bugfixes:

  • c494f861b
    Summary: Fix metric overflow in tests.
    Notes: Update accumulated_priority_deviation metric to a 64-bit floating-point number (f64) to prevent overflow errors during testing.
    Review: The description matches the code changes.

  • 5f9b37f3e
    Summary: Fix in-round DTS for memory cop.
    Notes: Simplify dirty memory copy handling by removing the dynamic instruction_counter and hardcoding it to 0, ensuring full-round pauses for large memory copies, preventing premature message execution.
    Review: The description matches the code changes.

  • c94db9ef7
    Summary: Limit compilation cache entries.
    Notes: Enforce compilation cache limits by adding constant-defined memory_capacity, disk_capacity, and max_entries parameters.
    Review: The description matches the code changes.

  • 6b9af1eb0
    Summary: Add invariants check for pop_lru.
    Notes: Enhance cache integrity by adding invariant checks to pop_lru and centralizes cache removal logic under a new pop_inner function.
    Review: The description matches the code changes.

  • bcd271802
    Summary: No warnings on XNet payload building.
    Notes: Make the log_level in the xnet payload builder dynamically configurable as either warning or info, allowing for context-sensitive logging based on usage and scenario.
    Review: The description matches the code changes.

  • 61f37f7d6
    Summary: Remove CPU microcode from GuestOS.
    Notes: Eliminates redundant explicit installation of AMD and Intel microcode, as it’s now included within the linux-image-extra-virtual-hwe-24.04 package from prior updates.
    Review: The description matches the code changes.

  • 50418d4f0
    Summary: Move StandardOutput+StandardError to correct section.
    Notes: Reorganize the ic-os/components/ic/generate-ic-config/generate-ic-config.service file, placing WantedBy=multi-user.target at the end to ensure StandardOutput and StandardError settings are correctly applied within the [Service] section.
    Review: The description matches the code changes.

  • 07090259b
    Summary: extracting of sampling period for power measurements.
    Notes: Update the power monitoring script to correctly parse IPMI data after a recent format change in timestamp and sampling period reporting.
    Review: The description matches the code changes.

Chores:

  • d7549e90d
    Summary: Remove unnecessary certified_height argument.
    Notes: Remove the redundant certified_height argument from blockmaker functions like construct_block_proposal, as it’s already available within the validation context.
    Review: The description matches the code changes.

  • 556620982
    Summary: Check block proposal version before integrity.
    Notes: Refactor block proposal handling by removing outdated proposals instead of marking them invalid, achieved by prioritizing artifact verification before integrity checks.
    Review: The description matches the code changes.

  • d778e277d
    Summary: Fix typos in http_outcalls metrics.rs file.
    Notes: Fix a small typo in comments and a string value within the metrics_registry.histogram.
    Review: The description matches the code changes.

  • 5bed068be
    Summary: Revert “chore: Ignore wasmtime validation errors (#3338)”.
    Notes: Revert commit 227e8e3.
    Review: The description matches the code changes.

  • bebd89a36
    Summary: Move OnLowWasmMemoryHookStatus to management types.
    Notes: Move OnLowWasmMemoryHookStatus to management types, preparing it as a public interface for upcoming snapshot metadata functionality.
    Review: The description matches the code changes.

  • 2b947f437
    Summary: Remove outdated TODO.
    Notes: Remove a stale TODO comment that was resolved in a previous pull request enabling on-disk compilation caching.
    Review: The description matches the code changes.

  • c5857e9d3
    Summary: Add a metric observing the number of open signature request contexts.
    Notes: Introduce the in_flight_signature_request_contexts_by_key_id metric, which monitors the number of pending signature requests for each cryptographic key.
    Review: The description matches the code changes.

  • 1c22acdd5
    Summary: Bump wasmtime version.
    Notes: Upgrade wasmtime from 29.0.0 to 30.0.2.
    Review: The description matches the code changes.

  • f6f5e0927
    Summary: upgrade stable-structures.
    Notes: Upgrade ic-stable-structures from 0.6.5 to 0.6.8.
    Review: The description matches the code changes.

  • 4d40e10c7
    Summary: use correct .gz name for canisters.
    Notes: Use the correct file extension for gzipped WebAssembly canisters to .wasm.gz, replacing the .wasm.
    Review: The description matches the code changes.

  • f53cd0ae0
    Summary: migrating protobuf query endpoints from dfn to cdk.
    Notes: Update the ICP ledger’s protobuf query endpoint to use the CDK implementation, replacing the older dfn implementation.
    Review: The description matches the code changes.

  • 972b38c05
    Summary: upgrade axum to 0.8.
    Notes: Upgrade axum from 0.7.9 to 0.8.1.
    Review: The description matches the code changes.

  • 2e7d6c76a
    Summary: Add TaskQueue to CanisterStateBits.
    Notes: Add an optional TaskQueue to CanisterStateBits to temporarily store paused/aborted tasks, heartbeat/timer tasks, and low-memory hook statuses, with plans to remove the queue and hook status in future updates.
    Review: The description matches the code changes.

  • cc7b6f155
    Summary: Bump wasm tools.
    Notes: Upgrade various WebAssembly tooling libraries, including wasm-encoder and wasmparser etc., to their latest versions.
    Review: The description matches the code changes.

  • 267655a59
    Summary: Update Base Image Refs [2025-03-13-2203].
    Notes: Update the base image references used for IC OS.
    Review: The description matches the code changes.

  • 1d7a1173c
    Summary: update ic-gateway dep & release.
    Notes: Update ic-gateway dependency to the latest commit.
    Review: The description matches the code changes.

  • 5e8587031
    Summary: address guestOS/hostOS FW findings.
    Notes: Add icmp_v6_types_accept and icmp_v4_types_accept variables to streamline firewall configuration, eliminating code duplication and refining IPv6 prefix rules.
    Review: The description matches the code changes.

  • 650602101
    Summary: Update Base Image Refs [2025-03-06-0807].
    Notes: Update the base image references used for IC OS.
    Review: The description matches the code changes.

Refactoring:

  • f024f61df
    Summary: remote transcript delivery.
    Notes: Simplify remote DKG batch delivery by refactoring complex function handling, enabling the integration of ReshareChainKey responses through function and type renames, logic restructuring, enum conversion, and test updates.
    Review: The description matches the code changes.

  • e8fa4c5ef
    Summary: Move canister manager types in their own module.
    Notes: Reorganize code by relocating canister manager types into the dedicated canister_manager::types module.
    Review: The description matches the code changes.

  • 4b7c9fee3
    Summary: Move canister interfaces into canister crate.
    Notes: Reorganizes code by relocating interfaces from nervous_system/common to nervous_system/canisters.
    Review: The description matches the code changes.

Tests:

  • ebcfd08d6
    Summary: Add pop to lru cache proptest.
    Notes: Update pop_lru tests to incorporate recent invariant checks and function additions, ensuring comprehensive test coverage.
    Review: The description matches the code changes.

Other changes:

  • 1205f6ceb
    Summary: “feat: Upgrade components to SEV-SNP compatible versions”.
    Notes: Revert #4320.
    Review: The description matches the code changes.
2 Likes