Voting is open for a new IC release - 5058a13

Hello there!

we are happy to announce that voting is now open for a new IC release.
The NNS proposal is here: IC NNS Proposal 114479.

Here is a summary of the changes since the last release:

• [f28a3e078] Consensus: chore: Use BatchMessages instead of BatchPayload in batch delivery
• [5c108c1fa] Consensus: chore: Remove StateBehind case
• [cf2ae2ee5] Consensus: feat: add a state to the recovery tool so that it’s possible to resume the previous execution.
• [c57449813] Consensus: feat: add metrics for the number of notarized blocks
• [f24c7853b] Consensus: feat: sort ingress messages by the time they were received.
• [8b60ab1c8] Consensus: feat: extend ic-recovery with explanations of every recovery step
• [e84c29e9f] Crypto: feat: restrict access to crypto keys to CSP vault process
• [173045cdf] Execution: Delete the bitcoin subnet feature
• [2c2fb8efa] Execution: perf: speed up execute_round by optimising queue::filter_messages
• [df310a6b6] Message Routing: Drop redundant fields of StateSyncAttribute
• [df310a6b6] Message Routing: Drop redundant fields of StateSyncAttribute
• [df310a6b6] Message Routing: Drop redundant fields of StateSyncAttribute
• [607154e22] Message Routing: chore: Validate the byte size of the slice returned by take_slice()
• [3cab18926] Message Routing: feature: Don’t cleanup archived and diverged checkpoints if we don’t make progress
• [3c0a832b6] Message Routing: improvement: More robust slice decoding
• [0b45cb9f2] Networking/Node: Fix builds on sf1-spm41 by upping podman pids.
• [6d8142203] Networking: Add a metric to count number of request that go via a SOCKS proxy
• [366d416ae] Networking: [Onchain Observability] Add support for additional peer metrics (connection bytes received/sent, retry)
• [aebee2407] Networking: chore: Remove the Certifier trait in favour of the ChangeSetProducer
• [8395e817d] Networking: chore: Unify the on_state_chage traits
• [c645fd707] Networking: chore: don’t depend on the CanisterHttpPool interface in the artifact manager
• [a696d9f91] Networking: chore: remove the CanisterHttpPoolManager in favour of the ChangeSetProducer trait
• [8124bd148] Networking: chore: remove the state sync attribute type
• [8268ba5b2] Node: Add new vsock library and binaries - rewritten in rust
• [c5a857aca] Node: Bazelize HostOS
• [4d67902e4] Node: Consolidate bootloaders
• [440356bdc] Node: Userspace LVM tools
• [04283d52d] Runtime: Abort paused executions on state sync
• [14adafc9b] Runtime: Avoid accessing dropped pages on DTS abort
• [905479385] Runtime: Introduce a prologue guard region for Wasm memory
• [024cda87a] Runtime: Mmap enough for stable memory in mem creation
• Various tech-debt management: code refactoring, docs, bug fixes, test updates

IC-OS Verification

To build and verify the IC-OS disk image, run:

# From https://github.com/dfinity/ic#building-the-code
# This process requires Mac/Linux/WSL2, Git and Podman on your machine.
git clone https://github.com/dfinity/ic
cd ic
git fetch origin
git checkout 5058a1326d45303de376cd1a1dc5303fa27cdb07
if ./gitlab-ci/container/build-ic.sh -i ; then
    curl -LO https://download.dfinity.systems/ic/5058a1326d45303de376cd1a1dc5303fa27cdb07/guest-os/update-img/update-img.tar.gz
    shasum -a 256 artifacts/icos/update-img.tar.gz update-img.tar.gz
else
    echo "IC-OS build failed. Verification unsuccessful." >&2
fi

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image,
must be identical, and must match the SHA256 from the payload of the NNS proposal.

Update: @NathanosDev discovered that the script this week created a new folder that has not previously been used to hold the update-img.tar.gz file. When we built the replica and produced the shasum that includes the guestos folder in the file path, we discovered that the hash does match the proposal payload. I updated my review in the CodeGov portal showing the result of this new build. I can now support the adoption of the proposal since I now realize that the build worked. However, I cannot change my NNS vote since it has already been cast.

Original post: I was not able to build the replica and two other reviewers who posted in the CodeGov portal had similar experience. I recommend this proposal is rejected by DFINITY so the issue can be resolved and the community has the ability to properly reproduce the build of the replica from the public version of commit on the ic repository before it gets implemented.

Our reviews can be found in the CodeGov portal on DSCVR using this link.

One note of interest, the release notes do not contain details of implementation of the financial spam prevention proposal 80970. DFINITY posted on the forum two weeks ago that the proposal would be implemented in March 2023, so perhaps we will see it next Friday.

@sat @diegop @Zane @northman

Thanks for the heads up (and actually building the replica!). Let me ping folks.

Hold on @diegop , I have an update…

Please see my previous comment. I can now support this proposal.

Note that spam prevention and other NNS-level proposals are NOT covered in IC release proposals. This proposal type is only about lower level code that runs on node machines.

…whereas the financial spam prevention logic would be implemented in an NNS canister (the governance canister, I guess).