Proposals 136731 & 136740 | Tim - CodeGov
Vote: Adopt
Reason: Build is successful, hashes match, commits match descriptions and the reasoning behind the changes is sound. Proposal 136731 (for GuestOS) includes the full set of commits from last week’s rejected proposal 136664. Most of the commits in proposal 136740 (for HostOS) are also present in proposal 136731. I’ve reviewed the previously unseen commits for Consensus, Crypto and Interface as detailed below.
Review
Features:
[2857e0d9d]
Modifies fetch_and_verify_catch_up_package method to use https rather than http in endpoint URLs.
[e0d7421a8]
Adds a logging message in fn deliver_batches to list chain keys (vetKD keys and others) for the subnet concerned for each CUP height / summary block.
[566b26b51]
Adds CONNECTION_TIMEOUT and NNS_DELEGATION_REQUEST_SEND_TIMEOUT, both set at 10 seconds, to the NNS delegation manager along with related tests and associated code changes as per description.
[c546ec087]
Renames ecdsa_secp256r1 crate to ic-secp256r1 and moves it from rs/crypto/ to packages/. Modifies related code and tests accordingly.
[4be430732]
Adds use ic_cdk::println, use self::println or use ic_cdk::eprintln to ensure that logs and errors are displayed correctly and adjusts dependencies accordingly.
[1f71efe57]
Implements the ICRC-103 standard, which extends the ICRC-2 token standard by adding an endpoint that allows querying all outstanding allowances related to a specific account. Adds type GetAllowancesArgs for the endpoint arguments, and related types for errors and allowances returned. Adds associated tests and modifies others accordingly.
[b0a3d6dc4]
Adds .header("Cache-Control", "no-store") to canister and metrics endpoints in order to solve a metrics scraping problem as described in the commit notes.
[0eb0a97cf]
Adds a new certification version that excludes the loopback stream from the certified state tree and introduces a new trait MapFilter, implemented for new types NoFilter and StreamFilter in order to make this distinction.
[6b7e973c6]
Adapts some state manager tests to test cross-subnet streams between two subnets rather than just a loopback stream using one subnet.
[f199fd67d]
Adapts checkpointing process within rs/state_manager/src/tip.rs by moving serialisation of canister and snapshot protobufs out of the critical path (now managed by fn serialize_protos_to_tip) into separate auxillary functions (serialize_wasm_binaries_and_pagemaps and related functions) to be run asynchronously in the background + related code changes matching the description.
[4e32733cb]
Adapts logging field of ICOSSettings to use Elasticsearch hosts and tags. This is then passed sequentially through setupos_config, hostos_config and guestos_config.
[4fea8f598]
Matches description. Integrates the IC-OS config tool, primarily within the GuestOS tool.
Bugfixes:
[70e34ea9c]
Changes the error handling process for the case in which an https outcall transformed http response exceeds the specified size limit as described in the commit notes.
[6404cdd34]
Adapts CanisterHttp::create_socks_proxy_client to switch https_only() to https_or_http() in the proxy client if the http flag is true.
[79472c740]
Reverts 1f4a5986f below.
[6248e2aeb]
Changes String::from(...) to format!(...) in order to fix a logging bug.
[05fdb3a47]
Switches timestamp_seconds to timestamp_nanoseconds in several code sections + related code and test changes.
Chores:
[b55418a22]
Raises the new SOCKS proxy discovery rate from 50% to 100% so that all http outcall requests from system subnets to API boundary nodes will now go via just the new SOCKS proxy instead of comparing the results between the old and new SOCKS proxy and returning the result from the old SOCKS proxy as was happening previously.
[724ca0463]
Adds http method (GET, POST or HEAD) to http_request_duration and request_total metrics.
[6d6b47200]
Removes the ic-vetkd-utils crate from packages/ as this crate’s functionality has now been moved to the dfinity/vetkeys repo. Updates dependencies accordingly + version updates for various other crates.
[917b62727]
Modifies RsaPublicKey::verify_pkcs1_sha256 method to remove two sections that return an error if an RSA signature has been malformed, which was intended to work around an issue in which an older version of the rsa crate accepted these malformed signatures. This issue has since been fixed so the workaround is no longer needed.
[88079a4d7]
Version updates for several crates.
[59a4303a9]
[28d24c288]
[d0ca0b423]
Various code and dependency changes within rs/boundary_node/ic_boundary/ as per the descriptions of these 3 commits along with dependency changes in rs/pocket_ic_server/ and related test changes.
[2949c97ba]
Reverts commit 3490ef2a0, which updated the monorepo version of ic-cdk to 0.18.0 and maintained a distinction between ic-cdk 0.17.1 and ic-cdk 0.18.0 (and similarly for related crates).
Refactoring:
[1f4a5986f]
Replaces orchestrator dependency on ic_canister_client::Agent with ic_agent::Agent, adds NodeSender type to replace ic_canister_client::Sender and modifies code accordingly.
[830f4caa9]
Removes direct dependency on ic-cdk-macros as these macros are now re-exported by ic-cdk.
[d2c64c332]
Adds pub fn generate_guestos_config to replace some of the logic in rs/ic_os/config/src/main.rs with further changes as per the commit notes.
Tests:
[f326b9faf]
Renames test_registry_get_value to test_registry_get_value_and_changes_since and expands it accordingly + makes fn get_changes_since async.
About CodeGov
CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, API Boundary Node Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neurons’ Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralisation of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.
Learn more about CodeGov and its mission at codegov.org.