Proposal to elect new release rc--2025-08-28_03-17

Governance NNS proposal discussions
,
1

Hello there!

We are happy to announce that voting is now open for a new GuestOS release.
The NNS proposal is here: IC NNS Proposal 138266.

Here is a summary of the changes since the last GuestOS release:

Release Notes for release-2025-08-28_03-17-base (84a268e93a909a6827d76ad794411b161c839a12)

This release is based on changes since release-2025-08-21_03-19-base (f7b2fdb7deb1758622f9c8e282d09ab8813aac62).

Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the GuestOS image.
Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.

To see a full list of commits added since last release, compare the revisions on GitHub.

Features:

  • cb4878c46 Consensus,Interface(canister_migration): introduce new endpoints with canister ranges in the new format (#6378)
  • 950975052 Consensus,Interface: Introduce a way to order pre-signature stashes by their priority (lowest fill level) (#6464)
  • ae392697f Consensus,Interface: Count the total number of available pre-signatures in the state and blockchain (#6446)
  • f2fdb3357 Consensus,Interface: introduce NNSDelegationReader (#6172)
  • 7f15a6b73 Interface: Add new helper to get BlessedReplicaVersions (#6463)
  • 619546650 Interface(canister_migration): Add the nns delegation format to the execution_environment::QueryCache (#6461)
  • f398475d9 Interface(NRC): Store rewards distribution in stable mem. (#6302)
  • 2651e30c2 Interface(ICP-Ledger): consent message for legacy transfer (#6357)
  • b83661c8e Interface,Node: Improve SEV library (#6433)

Bugfixes:

  • c1597e18d Consensus,Interface: Use cached block chain to create IDkgBlockReader (#6287)
  • f92bb9435 Execution,Interface: replace outdated hard-coded constant by size_of::() (#6397)
  • f322cac90 Interface(Ledgers): verify fee when generating consent message (#6381)
  • bb7804bfe Interface,Node(node): use deserialize_config to deserialize config object (#6437)
  • 87fdc26af Interface,Node: Use a more reliable way to check if SEV is active in the Guest (#6248)
  • 373f0330e Interface,Node(node): validate tar bootstrap contents (#6401)

Performance improvements:

  • f2956e833 Interface: Replace RoutingTable::route by NetworkTopology::route (#6361)

Chores:

  • 4bd3bf6b4 Crypto: use LazyLock instead lazy_static in packages (#6358)
  • f6b4883f2 Crypto,Interface(crypto): use LazyLock instead lazy_static in rs/crypto (#6380)
  • 37ce213ff Execution,Interface: refactor SubnetAvailableMemory (#6447)
  • 44b86128c Execution,Interface: rename main_memory to wasm_memory in snapshot data API (#6420)
  • e8fc89aff Execution,Interface: Remove wasm64 feature flag (#6354)
  • 93aab1f15 Interface: disallow ic_cdk::futures::spawn & upgrade ic_cdk to 0.18.7 (#6373)
  • ef05fa225 Interface,Message Routing: improve checkpoint step duration metrics (#6017)
  • fa0885360 Interface,Node(node): convert generate-ic-config to rust (#6408)
  • 6a5a56ecd Interface,Node(node): deprecate logging field (#6377)
  • 1f7767f0a Interface,Node(node): rewrite bootstrap-ic-node.sh into rust config tool (#6324)
  • 0728c0cdf Node: Update Base Image Refs [2025-08-21-0805] (#6375)

Refactoring:

  • 03ddbe5c1 Execution,Interface(XC): More consistent naming of native cross chain code (#6383)
  • ba0fd9bce Node: reorganize ic-os components (#6402)

Full list of changes (including the ones that are not relevant to GuestOS) can be found on GitHub.

IC-OS Verification

To build and verify the IC-OS GuestOS disk image, after installing curl if necessary (sudo apt install curl), run:

# From https://github.com/dfinity/ic#verifying-releases
curl -fsSL https://raw.githubusercontent.com/dfinity/ic/master/ci/tools/repro-check | python3 - -c 84a268e93a909a6827d76ad794411b161c839a12 --guestos

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

While not required for this NNS proposal, as we are only electing a new GuestOS version here, you have the option to verify the build reproducibility of the HostOS by passing --hostos to the script above instead of --guestos, or the SetupOS by passing --setupos.

2

Hello there!

We are happy to announce that voting is now open for a new HostOS release.
The NNS proposal is here: IC NNS Proposal 138267.

Here is a summary of the changes since the last HostOS release:

Release Notes for release-2025-08-28_03-17-base (84a268e93a909a6827d76ad794411b161c839a12)

This release is based on changes since release-2025-08-21_03-19-base (f7b2fdb7deb1758622f9c8e282d09ab8813aac62).

Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the HostOS image. Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.

To see a full list of commits added since last release, compare the revisions on GitHub.

Bugfixes:

  • bb7804bfe Interface,Node(node): use deserialize_config to deserialize config object (#6437)

Chores:

  • 0728c0cdf Node: Update Base Image Refs [2025-08-21-0805] (#6375)
  • 9b9a3cc6a Node: guestos-recovery-upgrader.sh download retry logic (#6360)

Refactoring:

Tests:

Full list of changes (including the ones that are not relevant to HostOS) can be found on GitHub.

IC-OS Verification

To build and verify the IC-OS HostOS disk image, after installing curl if necessary (sudo apt install curl), run:

# From https://github.com/dfinity/ic#verifying-releases
curl -fsSL https://raw.githubusercontent.com/dfinity/ic/master/ci/tools/repro-check | python3 - -c 84a268e93a909a6827d76ad794411b161c839a12 --hostos

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

While not required for this NNS proposal, as we are only electing a new HostOS version here, you have the option to verify the build reproducibility of the GuestOS by passing --guestos to the script above instead of --hostos, or the SetupOS by passing --setupos.

3

Hello there!

We are happy to announce that voting is now open for a new GuestOS release.
The NNS proposal is here: IC NNS Proposal 138268.

Here is a summary of the changes since the last GuestOS release:

Release Notes for release-2025-08-28_03-17-snapshot-feature (91732387a03c7c82bdaea6f78d7f8321cc8cb559)

This release is based on changes since release-2025-08-28_03-17-base (84a268e93a909a6827d76ad794411b161c839a12).

Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the GuestOS image.
Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.

To see a full list of commits added since last release, compare the revisions on GitHub.

Other changes:

  • 91732387a Execution,Interface: enable snapshot upload/download

IC-OS Verification

To build and verify the IC-OS GuestOS disk image, after installing curl if necessary (sudo apt install curl), run:

# From https://github.com/dfinity/ic#verifying-releases
curl -fsSL https://raw.githubusercontent.com/dfinity/ic/master/ci/tools/repro-check | python3 - -c 91732387a03c7c82bdaea6f78d7f8321cc8cb559 --guestos

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

While not required for this NNS proposal, as we are only electing a new GuestOS version here, you have the option to verify the build reproducibility of the HostOS by passing --hostos to the script above instead of --guestos, or the SetupOS by passing --setupos.

4

Proposal 138166, 138167 & 138168 - Hamish | CodeGov

Vote: Adopt
Reason: I have successfully run the build script and in my opinion all the commits listed look fine and match their descriptions.

Screenshot 2025-08-30 at 23.57.14
Screenshot 2025-08-30 at 23.57.141914×966 203 KB

Screenshot 2025-08-30 at 23.56.54
Screenshot 2025-08-30 at 23.56.541914×824 277 KB

Features:

  • cb4878c46 Consensus,Interface(canister_migration): introduce new endpoints with canister ranges in the new format (#6378)
    Review: Looks fine + matches description
    Notes: Includes new verions of the /read_state, /call and /query endpoints which include the new canister_ranges path within the returned NNS delegation, then also does some renaming and refactoring.

  • 950975052 Consensus,Interface: Introduce a way to order pre-signature stashes by their priority (lowest fill level) (#6464)
    Review: Looks fine + matches description
    Notes: Introduces the PrioritizedStash struct and implements ordering for them where the resulting values are ordered by their pre-signature count divided by the max size. In a subsequent commit this lightweight structs will be used to determine which stashes should be prioritised to be populated with more pre-signatures.

  • ae392697f Consensus,Interface: Count the total number of available pre-signatures in the state and blockchain (#6446)
    Review: Looks fine + matches description
    Notes: Adds iter_above to IDkgBlockReader (which just forwards to ConsensusBlockChain::iter_above in the implementation) and uses it to implement the new count_pre_signatures_total which iterates over the state at each height to sum up the total number of pre-signatures available.

  • f2fdb3357 Consensus,Interface: introduce NNSDelegationReader (#6172)
    Review: Looks fine + matches description
    Notes: Introduces the NNSDelegationReader struct which exposes a get_delegation method which takes a filter specifying how the canister ranges should be handled. This filter value is either Flat (the old behaviour), Tree (the new behaviour), or None (which excludes the canister ranges altogether, as returned by the new /api/v3/subnet/read_state endpoint).

  • 7f15a6b73 Interface: Add new helper to get BlessedReplicaVersions (#6463)
    Review: Looks fine + matches description
    Notes: Introduces the BlessedReplicaVersionRegistry with a single get_blessed_replica_versions function, then implements it for all types that implement RegistryClient. Internally this function simply reads the value out of the registry then handles the deserialization.

  • 619546650 Interface(canister_migration): Add the nns delegation format to the execution_environment::QueryCache (#6461)
    Review: Looks fine + matches description
    Notes: Adds the new certificate_delegation_format field to the EntryKey struct which is used as the keys of the query cache. This is to ensure requests to the /api/v2/... and /api/v3/... query endpoints don’t share cache entries since the NNS delegation format differs between the 2 endpoints.

  • f398475d9 Interface(NRC): Store rewards distribution in stable mem. (#6302)
    Review: Looks fine + matches description
    Notes: Modifies the NodeRewards canister to store the log of historical node rewards and the daily subnet failure rates in stable memory, and also introduces the DayUtc struct which ensures each timestamp always corresponds to the end of a day in UTC timezone.

  • 2651e30c2 Interface(ICP-Ledger): consent message for legacy transfer (#6357)
    Review: Looks fine + matches description
    Notes: Updates the ICP ledger by adding the GenericTransfer variant to the Icrc21Function enum, then modifies the ConsentMessageBuilder to take each address as an AccountOrId rather than an (ICRC) Account. This allows consent messages to be constructed for transfers to AccountIdentifiers (as opposed to ICRC transfers).

  • b83661c8e Interface,Node: Improve SEV library (#6433)
    Review: Looks fine + matches description
    Notes: Replaces the SevKeyDeriver struct (which took an owned copy of the sev_firmware) with the simpler derive_key_from_sev_measurement function (which instead takes a mutable reference to the sev_firmware) then also adds a few tests.

Bugfixes:

  • c1597e18d Consensus,Interface: Use cached block chain to create IDkgBlockReader (#6287)
    Review: Looks fine + matches description
    Notes: Reduces the overhead of creating each IDkgBlockReaderImpl by modifying ConsensusPool::build_block_chain to read blocks from the cached finalized chain rather than adding blocks from the consensus pool which required deserializing each block. Also fixes a bug within get_parent_block to grab the block from the catch-up package if needed.

  • f92bb9435 Execution,Interface: replace outdated hard-coded constant by size_of::() (#6397)
    Review: Looks fine + matches description
    Notes: Fixes the global_memory_usage calculation to use size_of::<Global>() rather than the constant (and incorrect) value of 8.

  • f322cac90 Interface(Ledgers): verify fee when generating consent message (#6381)
    Review: Looks fine + matches description
    Notes: Adds calls to icrc21_check_fee within build_icrc21_consent_info when constructing messages for the various transfer/approve functions.

  • bb7804bfe Interface,Node(node): use deserialize_config to deserialize config object (#6437)
    Review: Looks fine + matches description
    Notes: Simplifies the code to read the SetupOS config by using config::deserialize_config rather than explicitly loading the file then deserializing it using serde_json.

  • 87fdc26af Interface,Node: Use a more reliable way to check if SEV is active in the Guest (#6248)
    Review: Looks fine + matches description
    Notes: Implements is_sev_active which queries the CPU to check if SEV is active then uses it within GuestOS rather than relying on the config value passed in by HostOS.

  • 373f0330e Interface,Node(node): validate tar bootstrap contents (#6401)
    Review: Looks fine + matches description
    Notes: Implements validate_bootstrap_contents and calls into it when validating a bootstrap tar file for GuestOS. Internally this function iterates over each entry in the tar bundle to verify that it contains only regular files and directories.

Performance improvements:

  • f2956e833 Interface: Replace RoutingTable::route by NetworkTopology::route (#6361)
    Review: Looks fine + matches description
    Notes: Previously the target subnet for each request would be found by calling RoutingTable::route, this would first iterate over the map of canister ranges to try to find a matching principal in order to check if the request is to a subnetId. But with the upcoming canister migration feature the map of canister ranges can grow massively so this will become inefficient. So this change introduces NetworkTopology::route which looks up if the request is to a subnet by doing a simple key lookup in a map.

Chores:

  • 4bd3bf6b4 Crypto: use LazyLock instead lazy_static in packages (#6358)
    Review: Looks fine + matches description
    Notes: Replaces usages of lazy_static from the lazy_static crate with LazyLock which solves the same problem and was added to the Rust standard library a year ago.

  • f6b4883f2 Crypto,Interface(crypto): use LazyLock instead lazy_static in rs/crypto (#6380)
    Review: Looks fine + matches description
    Notes: Same as f6b4883f2 but for a few more usages.

  • 37ce213ff Execution,Interface: refactor SubnetAvailableMemory (#6447)
    Review: Looks fine + matches description
    Notes: Renames SubnetAvailableMemory::new (which internally sets a scaling factor of 1) to SubnetAvailableMemory::new_for_testing, then adds a new constructor called new_scaled to make it explicit that a scaling factor must be provided when creating SubnetAvailableMemory instances. The scaling factor is based on the number of scheduler cores, so that each thread can allocate memory up to the scaled limit without it being possible for the max memory to be exceeded. Also renames subnet_memory_capacity to full_subnet_memory_capacity to make it clear that no scaling factor is being applied.

  • 44b86128c Execution,Interface: rename main_memory to wasm_memory in snapshot data API (#6420)
    Review: Looks fine + matches description
    Notes: Renames main_memory / MainMemory to wasm_memory / WasmMemory within the canister snapshots API for consistency and clarity.

  • e8fc89aff Execution,Interface: Remove wasm64 feature flag (#6354)
    Review: Looks fine + matches description
    Notes: Removes the wasm64 feature flag since it is now enabled everywhere, then removes all the code which handled the case where it was set to false.

  • 93aab1f15 Interface: disallow ic_cdk::futures::spawn & upgrade ic_cdk to 0.18.7 (#6373)
    Review: Looks fine + matches description
    Notes: Adds ic_cdk::futures::spawn to the list of disallowed methods along with an explanation message since its behaviour differs between CDK version 0.17 and 0.18. This is to avoid developers being tripped up by the change is behaviour, but they can still make use of the new version if they explicitly disable the warning.

  • ef05fa225 Interface,Message Routing: improve checkpoint step duration metrics (#6017)
    Review: Looks fine + matches description
    Notes: Renames 2 labels within checkpointing metrics to be more precise (flush_page_map_deltasflush_page_map_deltas_preprocessing and tip_to_checkpointwait_for_tip_to_checkpoint).

  • fa0885360 Interface,Node(node): convert generate-ic-config to rust (#6408)
    Review: Looks fine + matches description
    Notes: Implements the new generate_ic_config function written in Rust which takes the GuestOS config and the config template and generates the IC config file and the TLS certificate if needed. Then makes this new function callable via the IC config tool.

  • 6a5a56ecd Interface,Node(node): deprecate logging field (#6377)
    Review: Looks fine + matches description
    Notes: Adds the serde(default) attribute to ICOSSettings::logging, this allows it to be safely removed in a future commit since older versions will still be able to deserialize config values which don’t contain the field by simply assigning a default value.

  • 1f7767f0a Interface,Node(node): rewrite bootstrap-ic-node.sh into rust config tool (#6324)
    Review: Looks fine + matches description
    Notes: Removes bootstrap-ic-node.sh and moves its logic to the new process_bootstrap Rust function within the IC config tool. Then updates bootstrap-ic-node.service to use this new function via the IC config tool rather than the old script.

  • 0728c0cdf Node: Update Base Image Refs [2025-08-21-0805] (#6375)
    Review: Looks fine + matches description
    Notes: Updates the base IC-OS image references.

  • 9b9a3cc6a Node: guestos-recovery-upgrader.sh download retry logic (#6360)
    Review: Looks fine + matches description
    Notes: Modifies guestos-recovery-upgrader.sh to support retrying the download_and_verify_upgrade step, and by default allows up to 10 attempts.

Refactoring:

  • 03ddbe5c1 Execution,Interface(XC): More consistent naming of native cross chain code (#6383)
    Review: Looks fine + matches description
    Notes: Renames a few Bitcoin related types now that the same code will support both Bitcoin and Dogecoin, eg. Network::RegtestNetwork::BitcoinRegtest.

  • ba0fd9bce Node: reorganize ic-os components (#6402)
    Review: Looks fine + matches description
    Notes: Re-organises the /ic-os/components/ directory by moving many GuestOS related files into /ic-os/components/guestos/, and similarly with HostOS and SetupOS files.

  • 712475c22 Node: guestos-recovery-upgrader url construction (#6392)
    Review: Looks fine + matches description
    Notes: Moves the /ic/ path when constructing GuestOS upgrade urls into base_urls for consistency.

Tests:

  • 8b25560fb Node: include dev-cert in dev hostos (#6389)
    Review: Looks fine + matches description
    Notes: Modifies the HostOS Dockerfile to include a dev certificate when it is run in dev mode.
About CodeGov - reliable, credible, and sensible NNS governance
CodeGov has a team of developers who review and vote independently on the following proposal topics: IC-OS Version Election, Protocol Canister Management, Subnet Management, Node Admin, and Participant Management. The CodeGov NNS known neuron is configured to follow our reviewers on these technical topics. We also have a group of Followees who vote independently on the Governance and the SNS & Neuron's Fund topics. We strive to be a credible and reliable Followee option that votes on every proposal and every proposal topic in the NNS. We also support decentralization of SNS projects such as WaterNeuron, KongSwap, and Alice with a known neuron and credible Followees.

Learn more about CodeGov and its mission at codegov.org.
5

Proposal: 138266 & 138267 & 138268 - Manvick | ZenithCode

Summary:

  1. Build Hash: The build hash matches
  2. Summary: The release notes matches the code changes
  3. Vote: Adopt

138266
1382661920×949 168 KB

138268
1382681952×964 176 KB

Commits

Features:

  • cb4878c46 Consensus,Interface(canister_migration): introduce new endpoints with canister ranges in the new format (#6378)
    Review: Matches description + changes are appropriate
    Notes: Changed to add 4 new HTTP endpoints: /api/v3/canister/{id}/read_state, /api/v3/canister/{id}/query, /api/v3/canister/{id}/call and /api/v4/canister/{id}/call that allow clients to retrieve NNS delegations containing canister ranges either in the new flat or tree format. Updated /api/v3/subnet/{subnet_id}/read_state to support delegation responses without ranges. Refactored routing logic: renamed call_v2call_async and call_v3call_sync, and updated route definitions to handle versioning.

  • 950975052 Consensus,Interface: Introduce a way to order pre-signature stashes by their priority (lowest fill level) (#6464)
    Review: Matches description + changes are appropriate
    Notes: Changes to add a new struct PrioritizedStash which is used to order pre-signature stashes based on their priority which is determined by the proportional fill level of each stash. Stashes with a lower fill level get higher priority for the creation of new pre-signatures. If two stashes have the same proportional fill level then their ordering is determined using their key IDs.

  • ae392697f Consensus,Interface: Count the total number of available pre-signatures in the state and blockchain (#6446)
    Review: Matches description + changes are appropriate
    Notes: Changes to add count_pre_signatures_total method that counts all available pre-signatures per key stored in the pre_signature_stashes inside the certified replicated state and all IDkgPayloads in the blocks above the certified state height accessed through the block_reader.

  • f2fdb3357 Consensus,Interface: introduce NNSDelegationReader (#6172)
    Review: Matches description + changes are appropriate
    Notes: Changes to create NNSDelegationReader and NNSDelegationBuilder which support building and reading delegations with canister ranges in new formats. The new formats limit the number of canister ranges included in delegations to keep size limited (by 5). Added tests for the same. Cureently all endpoints still return the existing delegation format.

  • 7f15a6b73 Interface: Add new helper to get BlessedReplicaVersions (#6463)
    Review: Matches description + changes are appropriate
    Notes: Changes to add helper trait BlessedReplicaVersionRegistry with a method get_blessed_replica_versions that retrieves the blessed replica versions from the registry for a given registry version.

  • 619546650 Interface(canister_migration): Add the nns delegation format to the execution_environment::QueryCache (#6461)
    Review: Matches description + changes are appropriate
    Notes: Changes to add a new field CertificateDelegationFormat to the execution env query cache key, which ensures that cached query results are correctly distinguished based on the different delegation certificate formats returned by different API versions. Updated the query handler to include delegation metadata, modified the cache key struct to include the delegation format, and added tests to cover these cases.

  • f398475d9 Interface(NRC): Store rewards distribution in stable mem. (#6302)
    Review: Matches description + changes are appropriate
    Notes: Added logic to compute and persist intermediate and final rewards results in stable memory within the node rewards canister. Fixed input for DayUtc, added protobuf schemas for intermediate and final rewards results, and added tests for verifying stored results.

  • 2651e30c2 Interface(ICP-Ledger): consent message for legacy transfer (#6357)
    Review: Matches description + changes are appropriate
    Notes: Changes to support legacy ICP transfers via ICRC-21 consent messages - allowing applications that only know a recipient’s account ID to perform transfers using the generic transfer method. Added GenericTransfer variant and AccountOrId to support account ID–based transfers, updated ConsentMessageBuilder responses and ledger logic for the new flow and added tests across icrc-ledger-types and ledger_suite for validation.

  • b83661c8e Interface,Node: Improve SEV library (#6433)
    Review: Matches description + changes are appropriate
    Notes: Refactored SevKeyDerive from a struct to derive_key_from_sev_measurement function. Added AttestationReportBuilder that encapsulates the construction of SEV attestation reports and FakeSevSigner for signing in tests without requiring SEV hardware. Updated SevDiskEncryption struct to use the new SevGuestFirmware trait instead of firmware implementation.

Bugfixes:

  • c1597e18d Consensus,Interface: Use cached block chain to create IDkgBlockReader (#6287)
    Review: Matches description + changes are appropriate
    Notes: Updated ConsensusBlockChain::build_block_chain to use CachedChainIterator::new_from_cache for constructing block chains from the finalized chain cache. Bug fix in CachedChainIterator to correctly resolve parents using summary blocks. Also updated build_block_chain to use start_height and an end_block instead of full block references and its callers.

  • f92bb9435 Execution,Interface: replace outdated hard-coded constant by size_of::() (#6397)
    Review: Matches description + changes are appropriate
    Notes: Replaced hard-coded execution state size constant (8) with size_of::<Global>() to reflect the actual memory layout.

  • f322cac90 Interface(Ledgers): verify fee when generating consent message (#6381)
    Review: Matches description + changes are appropriate
    Notes: Added a validation step icrc21_check_fee(&fee, &ledger_fee)? in build_icrc21_consent_info. This ensures that the fee specified in the consent request matches the actual ledger_fee, so the user signs exactly the fee that will be applied.

  • bb7804bfe Interface,Node(node): use deserialize_config to deserialize config object (#6437)
    Review: Matches description + changes are appropriate
    Notes: Use deserialize_config for deserialization.

  • 87fdc26af Interface,Node: Use a more reliable way to check if SEV is active in the Guest (#6248)
    Review: Matches description + changes are appropriate
    Notes: Updated setup-ssh-user-keys-guestos.sh to call sev_active utility to detect SEV activation in guest OS. For programmatic checks,SEV activity should now be verified using ic_sev::guest::is_sev_active().

  • 373f0330e Interface,Node(node): validate tar bootstrap contents (#6401)
    Review: Matches description + changes are appropriate
    Notes: Added validate_bootstrap_contents in process_bootstrap function of bootstrap_ic_node.rs which verifies that only regular files and directories are present—rejecting any symlinks or other unexpected file types using walkdir. Added dependency to walkdir.

Performance improvements:

  • f2956e833 Interface: Replace RoutingTable::route by NetworkTopology::route (#6361)
    Review: Matches description + changes are appropriate
    Notes: Replaced the use of RoutingTable::route with NetworkTopology::route throughout the codebase to improve routing message logic. Earlier we used RoutingTable::route which involved a linear scan (O(n)) over all canister ranges to identify the subnet for a target, now we use NetworkTopology struct, which maintains both the routing table and a BTreeMap of subnets which supports quick lookup for routing.

Chores:

  • 4bd3bf6b4 Crypto: use LazyLock instead lazy_static in packages (6358)
    Review: Matches description + changes are appropriate
    Notes: Removed dependency on the obsolete lazy_static and shifts to new LazyLock library.

  • f6b4883f2 Crypto,Interface(crypto): use LazyLock instead lazy_static in rs/crypto (#6380)
    Review: Matches description + changes are appropriate
    Notes: More changes to remove dependency on the obsolete lazy_static and shift to new LazyLock library.

  • 37ce213ff Execution,Interface: refactor SubnetAvailableMemory (#6447)
    Review: Matches description + changes are appropriate
    Notes: Split the SubnetAvailableMemory::new() constructor to two variants new_for_testing which is used in tests and does not apply any scaling factor and new_scaled which is used in prod envs and applies the scaling factor derived from the scheduler cores. Renamed field subnet_memory_capacity to full_subnet_memory_capacity for clarity. Updated tests to use new_for_testing.

  • 44b86128c Execution,Interface: rename main_memory to wasm_memory in snapshot data API (#6420)
    Review: Matches description + changes are appropriate
    Notes: Renamed MainMemory to WasmMemory in the snapshot data API.

  • e8fc89aff Execution,Interface: Remove wasm64 feature flag (#6354)
    Review: Matches description + changes are appropriate
    Notes: Code clean-up to remove wasm64 feature flag.

  • 93aab1f15 Interface: disallow ic_cdk::futures::spawn & upgrade ic_cdk to 0.18.7 (#6373)
    Review: Matches description + changes are appropriate
    Notes: Added ic_cdk::futures::spawn to the Clippy disallowed-methods list, because unlike ic_cdk::spawn, it schedules futures without polling them, which may introduce bugs. Also upgraded the ic-cdk and ic-cdk-macros from v0.18.6 to v0.18.7.

  • ef05fa225 Interface,Message Routing: improve checkpoint step duration metrics (#6017)
    Review: Matches description + changes are appropriate
    Notes: Renamed metrics flush_page_map_deltas to flush_page_map_deltas_preprocessing and tip_to_checkpoint to wait_for_tip_to_checkpoint.

  • fa0885360 Interface,Node(node): convert generate-ic-config to rust (#6408)
    Review: Matches description + changes are appropriate
    Notes: Migrated the generate-ic-config tool from its previous implementation to Rust. Added new Rust source files for configuration logic, and updated Bazel and Cargo build files to include Rust targets and dependencies. Test setups and data references in build scripts were also revised to rust based setup.

  • 6a5a56ecd Interface,Node(node): deprecate logging field (#6377)
    Review: Matches description + changes are appropriate
    Notes: Added a #[serde(default)] attribute to the deprecated logging field in ICOSSettings, ensuring backward compatibility when deserializing config.json objects that may omit this field. Updated the configuration update logic to gracefully handle the absence of logging, easing its rollout across nodes.

  • 1f7767f0a Interface,Node(node): rewrite bootstrap-ic-node.sh into rust config tool (#6324)
    Review: Matches description + changes are appropriate
    Notes: Rewrites the node bootstrap script bootstrap-ic-node.sh as a Rust binary. The systemd service is updated to run the Rust tool instead of the shell script, and build configurations are adjusted accordingly.

  • 0728c0cdf Node: Update Base Image Refs [2025-08-21-0805] (#6375)
    Review: Matches description + changes are appropriate
    Notes: Updated base image references.

  • 9b9a3cc6a Node: guestos-recovery-upgrader.sh download retry logic (#6360)
    Review: Matches description + changes are appropriate
    Notes: Added retry logic to guestos-recovery-upgrader.sh, added MAX_ATTEMPTS and RETRY_DELAY variables for download retry control and wrapped download-and-verify step in retry loop to retry on transient errors.

Refactoring:

  • 03ddbe5c1 Execution,Interface(XC): More consistent naming of native cross chain code (#6383)
    Review: Matches description + changes are appropriate
    Notes: Code refactoring to rename structs and enums for greater consistency to remove Bitcoin-specific terms and reflect broader functionality (integration of Dogecoin).

  • ba0fd9bce Node: reorganize ic-os components (#6402)
    Review: Matches description + changes are appropriate
    Notes: Code refactoring to rename and reorganize ic-os components.

  • 712475c22 Node: guestos-recovery-upgrader url construction (#6392)
    Review: Matches description + changes are appropriate
    Notes: Refactors the URL construction logic in the guestos-recovery-upgrader.sh script to align with the URL pattern used by the guestos-recovery-engine.

Tests:

  • 8b25560fb Node: include dev-cert in dev hostos (#6389)
    Review: Matches description + changes are appropriate
    Notes: Added dev-cert to the dev HostOS env to enable secure communication with the mock server used in the nns_recovery_test. This change ensures the dev HostOS can correctly establish trusted connections during testing scenarios.

Other changes:

  • 91732387a Execution,Interface: enable snapshot upload/download
    Review: Matches description + changes are appropriate
    Notes: Enabled canister_snapshot_download and canister_snapshot_upload.
About Zenith Code

Zenith Code is a comprehensive platform dedicated to advancing the Internet Computer ecosystem. It offers an interactive live coding and learning environment tailored for Motoko and ICP, making it easy for new developers to onboard through hands-on challenges and real-time code execution.

Beyond education, Zenith Code actively supports the decentralization and governance of the Internet Computer. As a registered node provider, we help run the network’s infrastructure, and through our known neuron, we actively review and vote on IC OS version election proposals.

Explore more at zenithcode.ai.