diff --git a/.changelog/4475.doc.md b/.changelog/4475.doc.md deleted file mode 100644 index 540f2c6dfd1..00000000000 --- a/.changelog/4475.doc.md +++ /dev/null @@ -1,3 +0,0 @@ -Document `gcc-multilib` dependency for Ubuntu/Debian systems - -It is needed for building `oasis-core-runtime`. diff --git a/.changelog/4539.feature.md b/.changelog/4539.feature.md deleted file mode 100644 index d9e95641966..00000000000 --- a/.changelog/4539.feature.md +++ /dev/null @@ -1,6 +0,0 @@ -Add archive mode support - -Node started in archive mode only serves existing consensus and runtime -states. The node has all unneeded consensus and P2P functionality disabled so -it wont participate in the network. Archive mode can be set using the -`consensus.tendermint.mode` setting. diff --git a/.changelog/4633.bugfix.md b/.changelog/4633.bugfix.md deleted file mode 100644 index f0431cb19f4..00000000000 --- a/.changelog/4633.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -go/worker/compute: Always include resolved transactions diff --git a/.changelog/4634.feature.md b/.changelog/4634.feature.md deleted file mode 100644 index 149f0c401ea..00000000000 --- a/.changelog/4634.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/control: Show the debug option statuses in the control output diff --git a/.changelog/4638.bugfix.md b/.changelog/4638.bugfix.md deleted file mode 100644 index fb24602eddf..00000000000 --- a/.changelog/4638.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -go/runtime/txpool: Fix crash on early access diff --git a/.changelog/4640.bugfix.md b/.changelog/4640.bugfix.md deleted file mode 100644 index 659bfbdafb1..00000000000 --- a/.changelog/4640.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -go/worker/compute: Improve proposed transaction handling diff --git a/.changelog/4640.feature.md b/.changelog/4640.feature.md deleted file mode 100644 index b7798e32c7c..00000000000 --- a/.changelog/4640.feature.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Make persistent transaction check state configurable diff --git a/.changelog/4644.trivial.md b/.changelog/4644.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4647.bugfix.md b/.changelog/4647.bugfix.md deleted file mode 100644 index 8debe14aed4..00000000000 --- a/.changelog/4647.bugfix.md +++ /dev/null @@ -1,5 +0,0 @@ -go/runtime/host: Always emit StoppedEvent on stop - -Previously the StoppedEvent was only emitted in case the runtime was -previously running. In case multihost was performing a version switch when a -runtime was not yet started, this resulted in a deadlock. diff --git a/.changelog/4650.bugfix.md b/.changelog/4650.bugfix.md deleted file mode 100644 index 26322aea32b..00000000000 --- a/.changelog/4650.bugfix.md +++ /dev/null @@ -1,4 +0,0 @@ -go/worker/common/p2p: Make sure P2P stops before service cleanup runs - -Otherwise this may result in a crash during shutdown when P2P requests are -processed while database is already closed. diff --git a/.changelog/4652.breaking.md b/.changelog/4652.breaking.md deleted file mode 100644 index 07934ff65f7..00000000000 --- a/.changelog/4652.breaking.md +++ /dev/null @@ -1 +0,0 @@ -go/staking/grpc: rename misnamed GovernanceDeposits method diff --git a/.changelog/4653.trivial.md b/.changelog/4653.trivial.md deleted file mode 100644 index 36727a4e1de..00000000000 --- a/.changelog/4653.trivial.md +++ /dev/null @@ -1 +0,0 @@ -go/consensus/api/transactions: Fix OpenRawTransactions diff --git a/.changelog/4657.trivial.md b/.changelog/4657.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4659.bugfix.md b/.changelog/4659.bugfix.md deleted file mode 100644 index 6b2447d1c7b..00000000000 --- a/.changelog/4659.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -go/oasis-node/cmd/control: Fix runtime-stats arg diff --git a/.changelog/4662.bugfix.md b/.changelog/4662.bugfix.md deleted file mode 100644 index 6a26bb84efb..00000000000 --- a/.changelog/4662.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -Fix waiting for deregister event on `RequestShutdown` diff --git a/.changelog/4665.breaking.md b/.changelog/4665.breaking.md deleted file mode 100644 index a1ece05ced5..00000000000 --- a/.changelog/4665.breaking.md +++ /dev/null @@ -1,4 +0,0 @@ -go/runtime: Mandate the use of runtime schedule control - -Runtimes that do not support the schedule control feature will no longer work -with executor nodes. diff --git a/.changelog/4665.feature.md b/.changelog/4665.feature.md deleted file mode 100644 index 730bef6c9ba..00000000000 --- a/.changelog/4665.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/runtime/txpool: Limit outstanding transactions per sender diff --git a/.changelog/4669.feature.md b/.changelog/4669.feature.md deleted file mode 100644 index 3988cc59a1d..00000000000 --- a/.changelog/4669.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/control/status: Add fields for quick overview of node status diff --git a/.changelog/4671.feature.md b/.changelog/4671.feature.md deleted file mode 100644 index 5c420c04602..00000000000 --- a/.changelog/4671.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/worker/storage: Make checkpoint sync peer selection smarter diff --git a/.changelog/4671.internal.md b/.changelog/4671.internal.md deleted file mode 100644 index 4641d7fd6f0..00000000000 --- a/.changelog/4671.internal.md +++ /dev/null @@ -1 +0,0 @@ -go/worker/common/p2p/rpc: Add support for per-call peer limits diff --git a/.changelog/4673.internal.md b/.changelog/4673.internal.md deleted file mode 100644 index 42b0a008b24..00000000000 --- a/.changelog/4673.internal.md +++ /dev/null @@ -1 +0,0 @@ -ci: fix SGX E2E tests diff --git a/.changelog/4677.feature.md b/.changelog/4677.feature.md deleted file mode 100644 index 4586d407d77..00000000000 --- a/.changelog/4677.feature.md +++ /dev/null @@ -1 +0,0 @@ -runtime: verify epoch in dispatcher using consensus verifier diff --git a/.changelog/4678.feature.md b/.changelog/4678.feature.md deleted file mode 100644 index cefa067cbec..00000000000 --- a/.changelog/4678.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/worker/compute: Ensure trust root is verified before registering diff --git a/.changelog/4679.feature.md b/.changelog/4679.feature.md deleted file mode 100644 index 6fbbb020235..00000000000 --- a/.changelog/4679.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/worker/compute: Start batch resolution early for backup worker diff --git a/.changelog/4681.feature.md b/.changelog/4681.feature.md deleted file mode 100644 index ddf1ce309b3..00000000000 --- a/.changelog/4681.feature.md +++ /dev/null @@ -1,11 +0,0 @@ -go/runtime/txpool: Add roothash incoming messages' data as transactions - -Roothash incoming messages can provide a piece of data for the runtime. -With this change, the data is now treated as a transaction. - -Along with this change, we're splitting the txpool into multiple queues. -The transactions collected from roothash incoming messages go in a special -queue that does not undergo checking or broadcasting. - -We also make another queue for a node's own transactions, so that a proposer -can prioritize its own transactions. diff --git a/.changelog/4683.bugfix.md b/.changelog/4683.bugfix.md deleted file mode 100644 index 473d176f7ea..00000000000 --- a/.changelog/4683.bugfix.md +++ /dev/null @@ -1,4 +0,0 @@ -go/worker/compute: Only advertise active version for TEE runtimes - -Previously this caused additional downtime on upgrades due to capability -updates not being allowed. diff --git a/.changelog/4686.feature.md b/.changelog/4686.feature.md deleted file mode 100644 index e724cad3f16..00000000000 --- a/.changelog/4686.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/worker/registration: add node status metrics diff --git a/.changelog/4687.bugfix.md b/.changelog/4687.bugfix.md deleted file mode 100644 index 101874fd8e5..00000000000 --- a/.changelog/4687.bugfix.md +++ /dev/null @@ -1,13 +0,0 @@ -go/runtime/host/sandbox: Properly handle clone3 in seccomp policy - -We need to handle the clone3 syscall in a special manner as there are -several complications to its handling: - -- Newer glibc versions will try clone3 first and if they see EPERM they - will instantly fail making the program unable to spawn threads. - -- The clone3 syscall is much more complex than clone and so we can't - simply inspect its flags as we do for clone. - -Therefore we need to reject the syscall with ENOSYS, causing fallback to -clone. diff --git a/.changelog/4690.internal.md b/.changelog/4690.internal.md deleted file mode 100644 index 9f58cf2dfc4..00000000000 --- a/.changelog/4690.internal.md +++ /dev/null @@ -1 +0,0 @@ -docker: Add oasisprotocol/aesmd Docker image diff --git a/.changelog/4693.internal.md b/.changelog/4693.internal.md deleted file mode 100644 index 86f25d94064..00000000000 --- a/.changelog/4693.internal.md +++ /dev/null @@ -1 +0,0 @@ -Bump Rust toolchain to nightly-2022-04-13, Go to 1.17.9 diff --git a/.changelog/4694.feature.md b/.changelog/4694.feature.md deleted file mode 100644 index e3613874566..00000000000 --- a/.changelog/4694.feature.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Enable dispatcher to verify state integrity for queries diff --git a/.changelog/4700.feature.md b/.changelog/4700.feature.md deleted file mode 100644 index 6e28fd554f2..00000000000 --- a/.changelog/4700.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/oasis-node/cmd: unsafe-reset preserve local storage by default diff --git a/.changelog/4702.feature.md b/.changelog/4702.feature.md deleted file mode 100644 index 71d60e84e25..00000000000 --- a/.changelog/4702.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/oasis-node/cmd: unsafe-reset check datadir validity diff --git a/.changelog/4706.internal.md b/.changelog/4706.internal.md deleted file mode 100644 index d03f717a7c3..00000000000 --- a/.changelog/4706.internal.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Bump tendermint-rs, x509-parser and oid-registry diff --git a/.changelog/4707.internal.md b/.changelog/4707.internal.md deleted file mode 100644 index a3cf0f052dd..00000000000 --- a/.changelog/4707.internal.md +++ /dev/null @@ -1,4 +0,0 @@ -ci: Build OpenSSL statically for Oasis Core releases - -This makes sure that oasis-core-loader is more portable between -distributions. diff --git a/.changelog/4709.feature.md b/.changelog/4709.feature.md deleted file mode 100644 index dfa7d47320e..00000000000 --- a/.changelog/4709.feature.md +++ /dev/null @@ -1,7 +0,0 @@ -runtime: Emit runtime logs as oasis-node logs - -Previously, runtime logs used a slightly different format. -Also, they were written to stdout in a manner that was not -synchronized with node logs, so the two sets of logs -sometimes intertwined mid-line. Those annoyances are gone, -plus runtime logs are now annotated with the runtime ID. diff --git a/.changelog/4710.bugfix.md b/.changelog/4710.bugfix.md deleted file mode 100644 index 601a8139774..00000000000 --- a/.changelog/4710.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -go/runtime/config: report error if SGX loader required but not configured diff --git a/.changelog/4711.internal.md b/.changelog/4711.internal.md deleted file mode 100644 index ddd3e0bb5d4..00000000000 --- a/.changelog/4711.internal.md +++ /dev/null @@ -1 +0,0 @@ -go/common/sgx/aesm: Add support for newer methods diff --git a/.changelog/4713.feature.md b/.changelog/4713.feature.md deleted file mode 100644 index a27759d1c65..00000000000 --- a/.changelog/4713.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/worker/common/p2p: Add support for persistent and blocked peers diff --git a/.changelog/4715.feature.md b/.changelog/4715.feature.md deleted file mode 100644 index 0943d458b65..00000000000 --- a/.changelog/4715.feature.md +++ /dev/null @@ -1,4 +0,0 @@ -go/worker/common: Properly handle dynamic key manager configuration - -Since the runtime can go from having no key manager configured to having one, -the worker node should handle this correctly. diff --git a/.changelog/4720.internal.md b/.changelog/4720.internal.md deleted file mode 100644 index 47a0c6a9174..00000000000 --- a/.changelog/4720.internal.md +++ /dev/null @@ -1 +0,0 @@ -go/common/sgx/pcs: Initial types and quote parser diff --git a/.changelog/4724.feature.md b/.changelog/4724.feature.md deleted file mode 100644 index 5dc65a65ab0..00000000000 --- a/.changelog/4724.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/runtime/txpool: Add txpool metric for rejected runtime transactions diff --git a/.changelog/4725.bugfix.md b/.changelog/4725.bugfix.md deleted file mode 100644 index c35e8a0b028..00000000000 --- a/.changelog/4725.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -go/worker/keymanager: Fix crash on capability TEE updates diff --git a/.changelog/4726.bugfix.md b/.changelog/4726.bugfix.md deleted file mode 100644 index c90f8e19ace..00000000000 --- a/.changelog/4726.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -go/worker/registration: Only register once epoch is known diff --git a/.changelog/4727.internal.md b/.changelog/4727.internal.md deleted file mode 100644 index 3435c71c012..00000000000 --- a/.changelog/4727.internal.md +++ /dev/null @@ -1 +0,0 @@ -rust-toolchain: Migrate to TOML version of rust-toolchain diff --git a/.changelog/4729.bugfix.md b/.changelog/4729.bugfix.md deleted file mode 100644 index a1fea9dce9a..00000000000 --- a/.changelog/4729.bugfix.md +++ /dev/null @@ -1,4 +0,0 @@ -go/runtime/registry: Refresh key manager policy on runtime changes - -Since the runtime can change dynamically (due to version upgrades), we -need to make sure that we notify the new runtime as well. diff --git a/.changelog/4733.trivial.md b/.changelog/4733.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4734.bugfix.md b/.changelog/4734.bugfix.md deleted file mode 100644 index 35c8660acce..00000000000 --- a/.changelog/4734.bugfix.md +++ /dev/null @@ -1,4 +0,0 @@ -go/runtime/config: fix SGX provisioner check for runtimes without SGX - -This fixes a bug in `22.1.5` where an SGX provisioner was required even for -non-SGX runtimes. diff --git a/.changelog/4741.bugfix.md b/.changelog/4741.bugfix.md deleted file mode 100644 index 711bca7acc0..00000000000 --- a/.changelog/4741.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -runtime/common/version: fix from u64 conversion diff --git a/.changelog/4741.feature.md b/.changelog/4741.feature.md deleted file mode 100644 index 2e82eeaed80..00000000000 --- a/.changelog/4741.feature.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Verify RAK in consensus state when serving requests diff --git a/.changelog/4744.internal.md b/.changelog/4744.internal.md deleted file mode 100644 index 7ca31159c29..00000000000 --- a/.changelog/4744.internal.md +++ /dev/null @@ -1 +0,0 @@ -go/common/node/address: use custom type instead of `net.TCPAddr` diff --git a/.changelog/4751.doc.md b/.changelog/4751.doc.md deleted file mode 100644 index 3806efdde9c..00000000000 --- a/.changelog/4751.doc.md +++ /dev/null @@ -1 +0,0 @@ -doc: Replace community slack links with discord diff --git a/.changelog/4752.internal.md b/.changelog/4752.internal.md deleted file mode 100644 index b2ca547f20a..00000000000 --- a/.changelog/4752.internal.md +++ /dev/null @@ -1 +0,0 @@ -go/common/sgx/pcs: Add PCS HTTP client diff --git a/.changelog/4754.internal.md b/.changelog/4754.internal.md deleted file mode 100644 index 2a59fa81fb7..00000000000 --- a/.changelog/4754.internal.md +++ /dev/null @@ -1 +0,0 @@ -docker/oasis-core-dev: Fix golangci-lint install diff --git a/.changelog/4757.feature.md b/.changelog/4757.feature.md deleted file mode 100644 index 98da091da8a..00000000000 --- a/.changelog/4757.feature.md +++ /dev/null @@ -1,4 +0,0 @@ -runtime: Add support for reporting EnclaveRPC peer feedback - -This makes EnclaveRPC more robust as the higher-level layer in the -runtime can trigger peer replacement on high level errors. diff --git a/.changelog/4759.trivial.md b/.changelog/4759.trivial.md deleted file mode 100644 index f84c36579ce..00000000000 --- a/.changelog/4759.trivial.md +++ /dev/null @@ -1,3 +0,0 @@ -go/consensus: Reduce log severity (from Error to Debug) -for errors that stem from bad transactions and not -node or network problems. diff --git a/.changelog/4762.trivial.md b/.changelog/4762.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4765.internal.md b/.changelog/4765.internal.md deleted file mode 100644 index e7e9374476c..00000000000 --- a/.changelog/4765.internal.md +++ /dev/null @@ -1 +0,0 @@ -go: Bump go-libp2p to 0.23.0 diff --git a/.changelog/4766.internal.md b/.changelog/4766.internal.md deleted file mode 100644 index baf1d41d5d9..00000000000 --- a/.changelog/4766.internal.md +++ /dev/null @@ -1 +0,0 @@ -go: Bump viper to 1.12.0 diff --git a/.changelog/4767.doc.md b/.changelog/4767.doc.md deleted file mode 100644 index 47e429f790d..00000000000 --- a/.changelog/4767.doc.md +++ /dev/null @@ -1 +0,0 @@ -README.md: Fix broken links diff --git a/.changelog/4769.internal.md b/.changelog/4769.internal.md deleted file mode 100644 index 0a986fecf3a..00000000000 --- a/.changelog/4769.internal.md +++ /dev/null @@ -1 +0,0 @@ -go/oasis-test-runner/fixture: support configuring runtime messages diff --git a/.changelog/4770.doc.md b/.changelog/4770.doc.md deleted file mode 100644 index f4bbd1bd3f4..00000000000 --- a/.changelog/4770.doc.md +++ /dev/null @@ -1 +0,0 @@ -doc: Migrate ADRs to oasisprotocol/adrs repo diff --git a/.changelog/4775.feature.md b/.changelog/4775.feature.md deleted file mode 100644 index 2884a54d38f..00000000000 --- a/.changelog/4775.feature.md +++ /dev/null @@ -1 +0,0 @@ -archive-mode: disable runtime P2P if archive mode is used diff --git a/.changelog/4782.internal.md b/.changelog/4782.internal.md deleted file mode 100644 index e7e9374476c..00000000000 --- a/.changelog/4782.internal.md +++ /dev/null @@ -1 +0,0 @@ -go: Bump go-libp2p to 0.23.0 diff --git a/.changelog/4784.internal.md b/.changelog/4784.internal.md deleted file mode 100644 index db25d30bc69..00000000000 --- a/.changelog/4784.internal.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Bump oasis-cbor to 0.4.0 diff --git a/.changelog/4789.internal.md b/.changelog/4789.internal.md deleted file mode 100644 index d06685a8241..00000000000 --- a/.changelog/4789.internal.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Add PCS types and quote verification diff --git a/.changelog/4790.bugfix.md b/.changelog/4790.bugfix.md deleted file mode 100644 index 6737909cc7a..00000000000 --- a/.changelog/4790.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -go/common/quantity: Avoid side-effects on errors diff --git a/.changelog/4793.feature.md b/.changelog/4793.feature.md deleted file mode 100644 index 31148201f75..00000000000 --- a/.changelog/4793.feature.md +++ /dev/null @@ -1,4 +0,0 @@ -go/consensus/tendermint: Add `consensus.tendermint.halt_height` - -This is equivalent to the cosmos `halt-height` option, to be used to -bring a node down gracefully at a specific height. diff --git a/.changelog/4799.internal.md b/.changelog/4799.internal.md deleted file mode 100644 index 20ce0728d23..00000000000 --- a/.changelog/4799.internal.md +++ /dev/null @@ -1 +0,0 @@ -go/oasis-test-runner/byzantine: Add primary+backup liveness test diff --git a/.changelog/4806.feature.md b/.changelog/4806.feature.md deleted file mode 100644 index 4c4507d4fb6..00000000000 --- a/.changelog/4806.feature.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Add support for PCS attestation diff --git a/.changelog/4808.bugfix.md b/.changelog/4808.bugfix.md deleted file mode 100644 index e4f463e91e1..00000000000 --- a/.changelog/4808.bugfix.md +++ /dev/null @@ -1,4 +0,0 @@ -net-runner: Fix regression introduced in #4564 - -Fix the missing Deployments field when oasis-net-runner generating the genesis -state and no key manager is provided. diff --git a/.changelog/4809.trivial.md b/.changelog/4809.trivial.md deleted file mode 100644 index 790a7ee08a5..00000000000 --- a/.changelog/4809.trivial.md +++ /dev/null @@ -1,7 +0,0 @@ -go/consensus/tendermint/full: Unify started indicators - -Previously there were two sets of "node started" indicators, one for the -commonNode and the other one for the fullService/archiveService. Due to -how things were initialized this could cause the full node to report -that it is "started" too soon which would cause some queries to trigger -a segmentation fault instead of blocking. diff --git a/.changelog/4813.feature.md b/.changelog/4813.feature.md deleted file mode 100644 index 980fe7055f6..00000000000 --- a/.changelog/4813.feature.md +++ /dev/null @@ -1 +0,0 @@ -net-runner: Add --fixture.default.runtime.version flag diff --git a/.changelog/4814.trivial.md b/.changelog/4814.trivial.md deleted file mode 100644 index 7dcc1ea6baa..00000000000 --- a/.changelog/4814.trivial.md +++ /dev/null @@ -1,10 +0,0 @@ -go/consensus/tendermint: Only close DBs in archive node mode - -Previously the Tendermint-related state stores were always closed during -Stop in the common node. But in case the node is a full node, the stores -are owned by the Tendermint Core Node and as such should not be closed -to avoid a panic during queries. - -In addition, the more correct behavior is to close the stores during -service cleanup to ensure that all other services that may use them have -already been stopped. diff --git a/.changelog/4816.trivial.md b/.changelog/4816.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4817.trivial.md b/.changelog/4817.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4820.internal.md b/.changelog/4820.internal.md deleted file mode 100644 index edf4e3978a0..00000000000 --- a/.changelog/4820.internal.md +++ /dev/null @@ -1 +0,0 @@ -Bump Go to 1.18.3 diff --git a/.changelog/4821.feature.md b/.changelog/4821.feature.md deleted file mode 100644 index f17c4ffea56..00000000000 --- a/.changelog/4821.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/oasis-node: allow km to have private peers diff --git a/.changelog/4822.bugfix.2.md b/.changelog/4822.bugfix.2.md deleted file mode 100644 index 4fa61fe440f..00000000000 --- a/.changelog/4822.bugfix.2.md +++ /dev/null @@ -1 +0,0 @@ -go/registry/api: ensure no nil runtimes in VerifyRegisterNodeArgs diff --git a/.changelog/4822.bugfix.md b/.changelog/4822.bugfix.md deleted file mode 100644 index 0c70835828d..00000000000 --- a/.changelog/4822.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -go/registry/api/runtime: ensure no nil deployments in ValidateDeployments diff --git a/.changelog/4823.bugfix.md b/.changelog/4823.bugfix.md deleted file mode 100644 index b5bfe5a6c18..00000000000 --- a/.changelog/4823.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -go/consensus/tendermint: Make sure DBs are only closed during cleanup diff --git a/.changelog/4824.trivial.md b/.changelog/4824.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4825.internal.md b/.changelog/4825.internal.md deleted file mode 100644 index 5f68dda4564..00000000000 --- a/.changelog/4825.internal.md +++ /dev/null @@ -1 +0,0 @@ -go/runtime/host: Make sure runtime-reported version matches bundle diff --git a/.changelog/4827.trivial.md b/.changelog/4827.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4830.feature.md b/.changelog/4830.feature.md deleted file mode 100644 index e3613874566..00000000000 --- a/.changelog/4830.feature.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Enable dispatcher to verify state integrity for queries diff --git a/.changelog/4832.feature.md b/.changelog/4832.feature.md deleted file mode 100644 index 02fb2b2af7f..00000000000 --- a/.changelog/4832.feature.md +++ /dev/null @@ -1,4 +0,0 @@ -go/runtime/registry: allow client nodes to run sgx runtimes - -Client nodes can now run runtimes in SGX, which enables them to execute -signed queries if peered with a keymanager. diff --git a/.changelog/4835.internal.md b/.changelog/4835.internal.md deleted file mode 100644 index db25d30bc69..00000000000 --- a/.changelog/4835.internal.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Bump oasis-cbor to 0.4.0 diff --git a/.changelog/4837.internal.md b/.changelog/4837.internal.md deleted file mode 100644 index 88a904f2c4b..00000000000 --- a/.changelog/4837.internal.md +++ /dev/null @@ -1 +0,0 @@ -go: remove synced storage wrapper diff --git a/.changelog/4839.trivial.md b/.changelog/4839.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4841.internal.md b/.changelog/4841.internal.md deleted file mode 100644 index 7f5d1194a9a..00000000000 --- a/.changelog/4841.internal.md +++ /dev/null @@ -1 +0,0 @@ -Bump Rust toolchain to 2022-07-12 diff --git a/.changelog/4843.feature.md b/.changelog/4843.feature.md deleted file mode 100644 index 5174fd65f3b..00000000000 --- a/.changelog/4843.feature.md +++ /dev/null @@ -1 +0,0 @@ -oasis-net-runner: support configuring runtime state and state root diff --git a/.changelog/4844.internal.md b/.changelog/4844.internal.md deleted file mode 100644 index 052ea503b39..00000000000 --- a/.changelog/4844.internal.md +++ /dev/null @@ -1 +0,0 @@ -go/common/sgx/sigstruct: Add support for offline signing diff --git a/.changelog/4849.doc.md b/.changelog/4849.doc.md deleted file mode 100644 index 0ac0acda4d0..00000000000 --- a/.changelog/4849.doc.md +++ /dev/null @@ -1 +0,0 @@ -doc: Fix Metrics page title diff --git a/.changelog/4861.bugfix.md b/.changelog/4861.bugfix.md deleted file mode 100644 index 5f897a7e402..00000000000 --- a/.changelog/4861.bugfix.md +++ /dev/null @@ -1,4 +0,0 @@ -go/runtime/host/sandbox/process: Handle missing clone3 - -This should fix seccomp filter generation failures on systems with -ancient kernel/userland pairs (RHEL8 and variants). diff --git a/.changelog/4867.bugfix.md b/.changelog/4867.bugfix.md deleted file mode 100644 index 5473278139b..00000000000 --- a/.changelog/4867.bugfix.md +++ /dev/null @@ -1,4 +0,0 @@ -go/runtime/host: correct clone3 version threshold - -The threshold was too low and older kernels were mistakenly asked to resolve -'clone3.' diff --git a/.changelog/4875.internal.md b/.changelog/4875.internal.md deleted file mode 100644 index 4c7ac5be96a..00000000000 --- a/.changelog/4875.internal.md +++ /dev/null @@ -1 +0,0 @@ -go: Drop go-fuzz in favor of Go 1.18 fuzzing support diff --git a/.changelog/4877.feature.md b/.changelog/4877.feature.md deleted file mode 100644 index 2b4cadb18e3..00000000000 --- a/.changelog/4877.feature.md +++ /dev/null @@ -1,9 +0,0 @@ -go/worker/keymanager: Add key manager worker metrics - -The following metrics were added: - -- oasis_worker_keymanager_compute_runtime_count - -- oasis_worker_keymanager_enclave_rpc_count - -- oasis_worker_keymanager_policy_update_count diff --git a/.changelog/4878.internal.md b/.changelog/4878.internal.md deleted file mode 100644 index 6b8d57f024b..00000000000 --- a/.changelog/4878.internal.md +++ /dev/null @@ -1 +0,0 @@ -keymanager-client: Skip policy when OASIS_UNSAFE_SKIP_KM_POLICY is set diff --git a/.changelog/4883.feature.md b/.changelog/4883.feature.md deleted file mode 100644 index 6c28be3270a..00000000000 --- a/.changelog/4883.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/control/status: Add key manager worker status to node status diff --git a/.changelog/4886.internal.md b/.changelog/4886.internal.md deleted file mode 100644 index c4132e88e05..00000000000 --- a/.changelog/4886.internal.md +++ /dev/null @@ -1 +0,0 @@ -go/common/grpc/credentials.go: advancedtls options moved to IdentityOptions diff --git a/.changelog/4888.feature.md b/.changelog/4888.feature.md deleted file mode 100644 index 87ae08f3327..00000000000 --- a/.changelog/4888.feature.md +++ /dev/null @@ -1 +0,0 @@ -keymanager: Add support for ephemeral keys diff --git a/.changelog/4891.doc.md b/.changelog/4891.doc.md deleted file mode 100644 index ee944695026..00000000000 --- a/.changelog/4891.doc.md +++ /dev/null @@ -1 +0,0 @@ -doc: Use github.com URL for markdown files in other git repositories diff --git a/.changelog/4892.bugfix.md b/.changelog/4892.bugfix.md deleted file mode 100644 index 69ccbe5d2e0..00000000000 --- a/.changelog/4892.bugfix.md +++ /dev/null @@ -1,5 +0,0 @@ -go/oasis-node/cmd/genesis: Fix reading of height argument when dumping state - -Command line argument for block height was mistakenly read from an invalid -source, which caused all state dumps to be made at height 0 (the most recent -block height). diff --git a/.changelog/4893.internal.1.md b/.changelog/4893.internal.1.md deleted file mode 100644 index 7c0f673549f..00000000000 --- a/.changelog/4893.internal.1.md +++ /dev/null @@ -1,4 +0,0 @@ -runtime: Add state_at to consensus Verifier trait - -This allows fetching historic consensus layer state in addition to the -latest state. diff --git a/.changelog/4893.internal.2.md b/.changelog/4893.internal.2.md deleted file mode 100644 index 6962a147fcf..00000000000 --- a/.changelog/4893.internal.2.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Refactor dispatcher initializer and expose consensus_verifier diff --git a/.changelog/4896.internal.md b/.changelog/4896.internal.md deleted file mode 100644 index 72eaca15a2f..00000000000 --- a/.changelog/4896.internal.md +++ /dev/null @@ -1 +0,0 @@ -Bump Rust toolchain to 2022-08-22 diff --git a/.changelog/4897.internal.md b/.changelog/4897.internal.md deleted file mode 100644 index 000db18e27d..00000000000 --- a/.changelog/4897.internal.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Add epoch_state query and EPOCH_INVALID constant diff --git a/.changelog/4899.internal.md b/.changelog/4899.internal.md deleted file mode 100644 index c0f28e45b9c..00000000000 --- a/.changelog/4899.internal.md +++ /dev/null @@ -1 +0,0 @@ -go: Bump Tendermint to v0.34.21 diff --git a/.changelog/4902.feature.md b/.changelog/4902.feature.md deleted file mode 100644 index 114d255561d..00000000000 --- a/.changelog/4902.feature.md +++ /dev/null @@ -1,12 +0,0 @@ -oasis-net-runner: Set default max_allowances, increase test account balance - -The max_allowances staking setting in the default oasis-net-runner fixture has -been changed from 0 to 16 matching the testnet and mainnet setting. This -enables the allowance transactions locally which are required for doing -deposits to runtimes. - -The initial balance of the default test account generated by the -oasis-net-runner was increased from 100 tokens to 1 million. This makes the -account directly suitable for deploying and running confidential smart -contracts (e.g. on the local Cipher instance) with more realistic transaction -fees. diff --git a/.changelog/4903.feature.md b/.changelog/4903.feature.md deleted file mode 100644 index a52157b4ab0..00000000000 --- a/.changelog/4903.feature.md +++ /dev/null @@ -1 +0,0 @@ -runtime/consensus/verifier: Support trust root consensus layer upgrades diff --git a/.changelog/4904.feature.2.md b/.changelog/4904.feature.2.md deleted file mode 100644 index e3613874566..00000000000 --- a/.changelog/4904.feature.2.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Enable dispatcher to verify state integrity for queries diff --git a/.changelog/4904.feature.md b/.changelog/4904.feature.md deleted file mode 100644 index 05f87538460..00000000000 --- a/.changelog/4904.feature.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Support consensus event queries diff --git a/.changelog/4906.internal.md b/.changelog/4906.internal.md deleted file mode 100644 index e7e9374476c..00000000000 --- a/.changelog/4906.internal.md +++ /dev/null @@ -1 +0,0 @@ -go: Bump go-libp2p to 0.23.0 diff --git a/.changelog/4910.feature.md b/.changelog/4910.feature.md deleted file mode 100644 index 31658041f3f..00000000000 --- a/.changelog/4910.feature.md +++ /dev/null @@ -1 +0,0 @@ -keymanager: Validate latest trust root height in key manager requests diff --git a/.changelog/4911.internal.md b/.changelog/4911.internal.md deleted file mode 100644 index ae4c3d6344c..00000000000 --- a/.changelog/4911.internal.md +++ /dev/null @@ -1 +0,0 @@ -go: Add consensus transaction prioritization diff --git a/.changelog/4916.feature.md b/.changelog/4916.feature.md deleted file mode 100644 index f9eed601ad8..00000000000 --- a/.changelog/4916.feature.md +++ /dev/null @@ -1,6 +0,0 @@ -registry: Add ProveFreshness consensus layer transaction - -Introducing new transaction that accepts a fixed-size binary blob of 32 bytes -and always succeeds without doing any processing or state changes. Transaction -is needed for client node TEE freshness verification and enabled via -freshness_proofs parameter located in tee_features consensus parameter group. diff --git a/.changelog/4919.feature.md b/.changelog/4919.feature.md deleted file mode 100644 index 7a64388fd67..00000000000 --- a/.changelog/4919.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/genesis: Cache computed genesis document hash diff --git a/.changelog/4920.doc.md b/.changelog/4920.doc.md deleted file mode 100644 index 5dd0fc92b19..00000000000 --- a/.changelog/4920.doc.md +++ /dev/null @@ -1,3 +0,0 @@ -docs: Use README.md for introductory chapters - -This policy was introduced by oasisprotocol/docs#200. diff --git a/.changelog/4922.feature.md b/.changelog/4922.feature.md deleted file mode 100644 index 5fb9d6a5c43..00000000000 --- a/.changelog/4922.feature.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Add client node TEE freshness verification diff --git a/.changelog/4924.feature.md b/.changelog/4924.feature.md deleted file mode 100644 index 3eb41b7ee5e..00000000000 --- a/.changelog/4924.feature.md +++ /dev/null @@ -1 +0,0 @@ -go/runtime/host: Make logging of non-JSON runtime output nicer diff --git a/.changelog/4925.feature.md b/.changelog/4925.feature.md deleted file mode 100644 index 578ce431b90..00000000000 --- a/.changelog/4925.feature.md +++ /dev/null @@ -1 +0,0 @@ -keymanager: Verify that policy was published in the consensus layer diff --git a/.changelog/4926.feature.md b/.changelog/4926.feature.md deleted file mode 100644 index 8a3f777b418..00000000000 --- a/.changelog/4926.feature.md +++ /dev/null @@ -1 +0,0 @@ -Bind TEE attestations to nodes and enforce freshness diff --git a/.changelog/4926.internal.md b/.changelog/4926.internal.md deleted file mode 100644 index deb27006854..00000000000 --- a/.changelog/4926.internal.md +++ /dev/null @@ -1 +0,0 @@ -go/worker/keymanager: Use common runtime host handler diff --git a/.changelog/4928.internal.md b/.changelog/4928.internal.md deleted file mode 100644 index bf70a1f719b..00000000000 --- a/.changelog/4928.internal.md +++ /dev/null @@ -1 +0,0 @@ -Bump tokio to 1.20.x diff --git a/.changelog/4929.trivial.md b/.changelog/4929.trivial.md deleted file mode 100644 index 10f9071173d..00000000000 --- a/.changelog/4929.trivial.md +++ /dev/null @@ -1 +0,0 @@ -docs: Migrate docs.oasis.dev -> docs.oasis.io diff --git a/.changelog/4930.internal.md b/.changelog/4930.internal.md deleted file mode 100644 index 8c0c1859c5f..00000000000 --- a/.changelog/4930.internal.md +++ /dev/null @@ -1 +0,0 @@ -keymanager: Refactor and reorganize runtime-related crates diff --git a/.changelog/4932.trivial.md b/.changelog/4932.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4934.internal.md b/.changelog/4934.internal.md deleted file mode 100644 index d243e2b91c0..00000000000 --- a/.changelog/4934.internal.md +++ /dev/null @@ -1 +0,0 @@ -runtime/consensus/tendermint/verifier: Refactor verifier diff --git a/.changelog/4935.doc.md b/.changelog/4935.doc.md deleted file mode 100644 index 12b6beb2f5e..00000000000 --- a/.changelog/4935.doc.md +++ /dev/null @@ -1 +0,0 @@ -doc: update build dependencies diff --git a/.changelog/4937.trivial.md b/.changelog/4937.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4938.feature.md b/.changelog/4938.feature.md deleted file mode 100644 index cbd74d2e7b2..00000000000 --- a/.changelog/4938.feature.md +++ /dev/null @@ -1,5 +0,0 @@ -go/governance: Add change parameters proposal - -Introducing a new governance proposal for changing consensus parameters. -Until now, this was possible only with an upgrade governance proposal -which was not very efficient. diff --git a/.changelog/4944.internal.md b/.changelog/4944.internal.md deleted file mode 100644 index e7e9374476c..00000000000 --- a/.changelog/4944.internal.md +++ /dev/null @@ -1 +0,0 @@ -go: Bump go-libp2p to 0.23.0 diff --git a/.changelog/4944.trivial.md b/.changelog/4944.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4951.trivial.md b/.changelog/4951.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4953.trivial.md b/.changelog/4953.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4956.internal.md b/.changelog/4956.internal.md deleted file mode 100644 index 1cfe1e29cb2..00000000000 --- a/.changelog/4956.internal.md +++ /dev/null @@ -1 +0,0 @@ -runtime: Add current sender sequence number to CheckTxMeta diff --git a/.changelog/4959.bugfix.md b/.changelog/4959.bugfix.md deleted file mode 100644 index a3d17d8152e..00000000000 --- a/.changelog/4959.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -go/runtime/txpool: Add block propagation delay before tx publish diff --git a/.changelog/4960.bugfix.md b/.changelog/4960.bugfix.md deleted file mode 100644 index bbd112210bc..00000000000 --- a/.changelog/4960.bugfix.md +++ /dev/null @@ -1,9 +0,0 @@ -go/runtime: Fix configuring the SGX-based provisioner - -Previously there was an edge case when the SGX loader was configured and -remapping to non-SGX was forced (e.g. on client nodes). This would result in -an invalid SGX configuration that resulted in a strange error message about a -missing SIGSTRUCT. - -This has now been changed so that remapping happens independent of whether an -SGX loader is configured or not. diff --git a/.changelog/4961.internal.md b/.changelog/4961.internal.md deleted file mode 100644 index bfee5233f31..00000000000 --- a/.changelog/4961.internal.md +++ /dev/null @@ -1 +0,0 @@ -go/fixgenesis: Remove unnecessary migration diff --git a/.changelog/4962.bugfix.md b/.changelog/4962.bugfix.md deleted file mode 100644 index efd51fe182e..00000000000 --- a/.changelog/4962.bugfix.md +++ /dev/null @@ -1 +0,0 @@ -go/worker/compute: Only process keymanager client initialization once diff --git a/.changelog/4963.trivial.md b/.changelog/4963.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4965.trivial.md b/.changelog/4965.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4969.internal.md b/.changelog/4969.internal.md deleted file mode 100644 index bf0505bbc08..00000000000 --- a/.changelog/4969.internal.md +++ /dev/null @@ -1 +0,0 @@ -runtime-loader: Remove unused ELF loader diff --git a/.changelog/4973.internal.md b/.changelog/4973.internal.md deleted file mode 100644 index d60c41ef5f7..00000000000 --- a/.changelog/4973.internal.md +++ /dev/null @@ -1,9 +0,0 @@ -mkvs/proof: Make sure that all entries in the proof have been used - -Note that this does not impact verification correctness as only visited -nodes are part of the proof computation and the verified tree returned -by the verifier. - -But in case future code may want to do something with raw entries of a -verified proof this removes a possible footgun where unverified entries -could be considered. diff --git a/.changelog/4975.trivial.md b/.changelog/4975.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.changelog/4978.trivial.md b/.changelog/4978.trivial.md deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/.punch_version.py b/.punch_version.py index 7e538cd273a..b2246e26790 100644 --- a/.punch_version.py +++ b/.punch_version.py @@ -1,3 +1,3 @@ year = '22' -minor = 1 +minor = 2 micro = 0 diff --git a/CHANGELOG.md b/CHANGELOG.md index dd56f532530..ef88868cc30 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,462 @@ The format is inspired by [Keep a Changelog]. +## 22.2 (2022-10-13) + +| Protocol | Version | +|:------------------|:---------:| +| Consensus | 6.0.0 | +| Runtime Host | 5.1.0 | +| Runtime Committee | 4.0.0 | + +### Removals and Breaking Changes + +- go/staking/grpc: rename misnamed GovernanceDeposits method + ([#4652](https://github.com/oasisprotocol/oasis-core/issues/4652)) + +- go/runtime: Mandate the use of runtime schedule control + ([#4665](https://github.com/oasisprotocol/oasis-core/issues/4665)) + + Runtimes that do not support the schedule control feature will no longer work + with executor nodes. + +### Features + +- Add support for PCS attestation + ([#4806](https://github.com/oasisprotocol/oasis-core/issues/4806), + [#4789](https://github.com/oasisprotocol/oasis-core/issues/4789), + [#4720](https://github.com/oasisprotocol/oasis-core/issues/4720), + [#4752](https://github.com/oasisprotocol/oasis-core/issues/4752)) + +- go/governance: Add change parameters proposal + ([#4938](https://github.com/oasisprotocol/oasis-core/issues/4938)) + + Introducing a new governance proposal for changing consensus parameters. + Until now, this was possible only with an upgrade governance proposal + which was not very efficient. + +- Add archive mode support + ([#4539](https://github.com/oasisprotocol/oasis-core/issues/4539)) + + Node started in archive mode only serves existing consensus and runtime + states. The node has all unneeded consensus and P2P functionality disabled so + it wont participate in the network. Archive mode can be set using the + `consensus.tendermint.mode` setting. + +- go/control: Show the debug option statuses in the control output + ([#4634](https://github.com/oasisprotocol/oasis-core/issues/4634)) + +- runtime: Make persistent transaction check state configurable + ([#4640](https://github.com/oasisprotocol/oasis-core/issues/4640)) + +- go/runtime/txpool: Limit outstanding transactions per sender + ([#4665](https://github.com/oasisprotocol/oasis-core/issues/4665)) + +- go/control/status: Add fields for quick overview of node status + ([#4669](https://github.com/oasisprotocol/oasis-core/issues/4669)) + +- go/worker/storage: Make checkpoint sync peer selection smarter + ([#4671](https://github.com/oasisprotocol/oasis-core/issues/4671)) + +- runtime: verify epoch in dispatcher using consensus verifier + ([#4677](https://github.com/oasisprotocol/oasis-core/issues/4677)) + +- go/worker/compute: Ensure trust root is verified before registering + ([#4678](https://github.com/oasisprotocol/oasis-core/issues/4678)) + +- go/worker/compute: Start batch resolution early for backup worker + ([#4679](https://github.com/oasisprotocol/oasis-core/issues/4679)) + +- go/runtime/txpool: Add roothash incoming messages' data as transactions + ([#4681](https://github.com/oasisprotocol/oasis-core/issues/4681)) + + Roothash incoming messages can provide a piece of data for the runtime. + With this change, the data is now treated as a transaction. + + Along with this change, we're splitting the txpool into multiple queues. + The transactions collected from roothash incoming messages go in a special + queue that does not undergo checking or broadcasting. + + We also make another queue for a node's own transactions, so that a proposer + can prioritize its own transactions. + +- go/worker/registration: add node status metrics + ([#4686](https://github.com/oasisprotocol/oasis-core/issues/4686)) + +- runtime: Enable dispatcher to verify state integrity for queries + ([#4694](https://github.com/oasisprotocol/oasis-core/issues/4694), + [#4830](https://github.com/oasisprotocol/oasis-core/issues/4830), + [#4904](https://github.com/oasisprotocol/oasis-core/issues/4904)) + +- go/worker/common/p2p: Add support for persistent and blocked peers + ([#4713](https://github.com/oasisprotocol/oasis-core/issues/4713)) + +- go/worker/common: Properly handle dynamic key manager configuration + ([#4715](https://github.com/oasisprotocol/oasis-core/issues/4715)) + + Since the runtime can go from having no key manager configured to having one, + the worker node should handle this correctly. + +- go/runtime/txpool: Add txpool metric for rejected runtime transactions + ([#4724](https://github.com/oasisprotocol/oasis-core/issues/4724)) + +- runtime: Verify RAK in consensus state when serving requests + ([#4741](https://github.com/oasisprotocol/oasis-core/issues/4741)) + +- runtime: Add support for reporting EnclaveRPC peer feedback + ([#4757](https://github.com/oasisprotocol/oasis-core/issues/4757)) + + This makes EnclaveRPC more robust as the higher-level layer in the + runtime can trigger peer replacement on high level errors. + +- archive-mode: disable runtime P2P if archive mode is used + ([#4775](https://github.com/oasisprotocol/oasis-core/issues/4775)) + +- go/consensus/tendermint: Add `consensus.tendermint.halt_height` + ([#4793](https://github.com/oasisprotocol/oasis-core/issues/4793)) + + This is equivalent to the cosmos `halt-height` option, to be used to + bring a node down gracefully at a specific height. + +- net-runner: Add --fixture.default.runtime.version flag + ([#4813](https://github.com/oasisprotocol/oasis-core/issues/4813)) + +- go/oasis-node: allow km to have private peers + ([#4821](https://github.com/oasisprotocol/oasis-core/issues/4821)) + +- go/runtime/registry: allow client nodes to run sgx runtimes + ([#4832](https://github.com/oasisprotocol/oasis-core/issues/4832)) + + Client nodes can now run runtimes in SGX, which enables them to execute + signed queries if peered with a keymanager. + +- go/worker/keymanager: Add key manager worker metrics + ([#4877](https://github.com/oasisprotocol/oasis-core/issues/4877)) + + The following metrics were added: + + - oasis_worker_keymanager_compute_runtime_count + + - oasis_worker_keymanager_enclave_rpc_count + + - oasis_worker_keymanager_policy_update_count + +- go/control/status: Add key manager worker status to node status + ([#4883](https://github.com/oasisprotocol/oasis-core/issues/4883)) + +- keymanager: Add support for ephemeral keys + ([#4888](https://github.com/oasisprotocol/oasis-core/issues/4888)) + +- oasis-net-runner: Set default max_allowances, increase test account balance + ([#4902](https://github.com/oasisprotocol/oasis-core/issues/4902)) + + The max_allowances staking setting in the default oasis-net-runner fixture has + been changed from 0 to 16 matching the testnet and mainnet setting. This + enables the allowance transactions locally which are required for doing + deposits to runtimes. + + The initial balance of the default test account generated by the + oasis-net-runner was increased from 100 tokens to 1 million. This makes the + account directly suitable for deploying and running confidential smart + contracts (e.g. on the local Cipher instance) with more realistic transaction + fees. + +- runtime/consensus/verifier: Support trust root consensus layer upgrades + ([#4903](https://github.com/oasisprotocol/oasis-core/issues/4903)) + +- runtime: Support consensus event queries + ([#4904](https://github.com/oasisprotocol/oasis-core/issues/4904)) + +- keymanager: Validate latest trust root height in key manager requests + ([#4910](https://github.com/oasisprotocol/oasis-core/issues/4910)) + +- registry: Add ProveFreshness consensus layer transaction + ([#4916](https://github.com/oasisprotocol/oasis-core/issues/4916)) + + Introducing new transaction that accepts a fixed-size binary blob of 32 bytes + and always succeeds without doing any processing or state changes. Transaction + is needed for client node TEE freshness verification and enabled via + freshness_proofs parameter located in tee_features consensus parameter group. + +- runtime: Add client node TEE freshness verification + ([#4922](https://github.com/oasisprotocol/oasis-core/issues/4922)) + +- keymanager: Verify that policy was published in the consensus layer + ([#4925](https://github.com/oasisprotocol/oasis-core/issues/4925)) + +- Bind TEE attestations to nodes and enforce freshness + ([#4926](https://github.com/oasisprotocol/oasis-core/issues/4926)) + +- go/genesis: Cache computed genesis document hash + ([#4919](https://github.com/oasisprotocol/oasis-core/issues/4919)) + +- go/oasis-node/cmd: unsafe-reset preserve local storage by default + ([#4700](https://github.com/oasisprotocol/oasis-core/issues/4700)) + +- go/oasis-node/cmd: unsafe-reset check datadir validity + ([#4702](https://github.com/oasisprotocol/oasis-core/issues/4702)) + +- runtime: Emit runtime logs as oasis-node logs + ([#4709](https://github.com/oasisprotocol/oasis-core/issues/4709), + [#4924](https://github.com/oasisprotocol/oasis-core/issues/4924)) + + Previously, runtime logs used a slightly different format. + Also, they were written to stdout in a manner that was not + synchronized with node logs, so the two sets of logs + sometimes intertwined mid-line. Those annoyances are gone, + plus runtime logs are now annotated with the runtime ID. + +### Bug Fixes + +- go/worker/compute: Always include resolved transactions + ([#4633](https://github.com/oasisprotocol/oasis-core/issues/4633)) + +- go/runtime/txpool: Fix crash on early access + ([#4638](https://github.com/oasisprotocol/oasis-core/issues/4638)) + +- go/worker/compute: Improve proposed transaction handling + ([#4640](https://github.com/oasisprotocol/oasis-core/issues/4640)) + +- go/runtime/host: Always emit StoppedEvent on stop + ([#4647](https://github.com/oasisprotocol/oasis-core/issues/4647)) + + Previously the StoppedEvent was only emitted in case the runtime was + previously running. In case multihost was performing a version switch when a + runtime was not yet started, this resulted in a deadlock. + +- go/worker/common/p2p: Make sure P2P stops before service cleanup runs + ([#4650](https://github.com/oasisprotocol/oasis-core/issues/4650)) + + Otherwise this may result in a crash during shutdown when P2P requests are + processed while database is already closed. + +- go/oasis-node/cmd/control: Fix runtime-stats arg + ([#4659](https://github.com/oasisprotocol/oasis-core/issues/4659)) + +- Fix waiting for deregister event on `RequestShutdown` + ([#4662](https://github.com/oasisprotocol/oasis-core/issues/4662)) + +- go/worker/compute: Only advertise active version for TEE runtimes + ([#4683](https://github.com/oasisprotocol/oasis-core/issues/4683)) + + Previously this caused additional downtime on upgrades due to capability + updates not being allowed. + +- go/runtime/host/sandbox: Properly handle clone3 in seccomp policy + ([#4687](https://github.com/oasisprotocol/oasis-core/issues/4687), + [#4861](https://github.com/oasisprotocol/oasis-core/issues/4861), + [#4867](https://github.com/oasisprotocol/oasis-core/issues/4867)) + + We need to handle the clone3 syscall in a special manner as there are + several complications to its handling: + + - Newer glibc versions will try clone3 first and if they see EPERM they + will instantly fail making the program unable to spawn threads. + + - The clone3 syscall is much more complex than clone and so we can't + simply inspect its flags as we do for clone. + + Therefore we need to reject the syscall with ENOSYS, causing fallback to + clone. + +- go/runtime/config: report error if SGX loader required but not configured + ([#4710](https://github.com/oasisprotocol/oasis-core/issues/4710)) + +- go/worker/keymanager: Fix crash on capability TEE updates + ([#4725](https://github.com/oasisprotocol/oasis-core/issues/4725)) + +- go/worker/registration: Only register once epoch is known + ([#4726](https://github.com/oasisprotocol/oasis-core/issues/4726)) + +- go/runtime/registry: Refresh key manager policy on runtime changes + ([#4729](https://github.com/oasisprotocol/oasis-core/issues/4729)) + + Since the runtime can change dynamically (due to version upgrades), we + need to make sure that we notify the new runtime as well. + +- go/runtime/config: fix SGX provisioner check for runtimes without SGX + ([#4734](https://github.com/oasisprotocol/oasis-core/issues/4734)) + + This fixes a bug in `22.1.5` where an SGX provisioner was required even for + non-SGX runtimes. + +- runtime/common/version: fix from u64 conversion + ([#4741](https://github.com/oasisprotocol/oasis-core/issues/4741)) + +- go/common/quantity: Avoid side-effects on errors + ([#4790](https://github.com/oasisprotocol/oasis-core/issues/4790)) + +- net-runner: Fix regression introduced in #4564 + ([#4808](https://github.com/oasisprotocol/oasis-core/issues/4808)) + + Fix the missing Deployments field when oasis-net-runner generating the genesis + state and no key manager is provided. + +- go/registry/api/runtime: ensure no nil deployments in ValidateDeployments + ([#4822](https://github.com/oasisprotocol/oasis-core/issues/4822)) + +- go/registry/api: ensure no nil runtimes in VerifyRegisterNodeArgs + ([#4822](https://github.com/oasisprotocol/oasis-core/issues/4822)) + +- go/consensus/tendermint: Make sure DBs are only closed during cleanup + ([#4823](https://github.com/oasisprotocol/oasis-core/issues/4823)) + +- go/oasis-node/cmd/genesis: Fix reading of height argument when dumping state + ([#4892](https://github.com/oasisprotocol/oasis-core/issues/4892)) + + Command line argument for block height was mistakenly read from an invalid + source, which caused all state dumps to be made at height 0 (the most recent + block height). + +- go/runtime/txpool: Add block propagation delay before tx publish + ([#4959](https://github.com/oasisprotocol/oasis-core/issues/4959)) + +- go/runtime: Fix configuring the SGX-based provisioner + ([#4960](https://github.com/oasisprotocol/oasis-core/issues/4960)) + + Previously there was an edge case when the SGX loader was configured and + remapping to non-SGX was forced (e.g. on client nodes). This would result in + an invalid SGX configuration that resulted in a strange error message about a + missing SIGSTRUCT. + + This has now been changed so that remapping happens independent of whether an + SGX loader is configured or not. + +- go/worker/compute: Only process keymanager client initialization once + ([#4962](https://github.com/oasisprotocol/oasis-core/issues/4962)) + +### Documentation Improvements + +- Document `gcc-multilib` dependency for Ubuntu/Debian systems + ([#4475](https://github.com/oasisprotocol/oasis-core/issues/4475)) + + It is needed for building `oasis-core-runtime`. + +- doc: Replace community slack links with discord + ([#4751](https://github.com/oasisprotocol/oasis-core/issues/4751)) + +- doc: Migrate ADRs to oasisprotocol/adrs repo + ([#4770](https://github.com/oasisprotocol/oasis-core/issues/4770)) + +### Internal Changes + +- oasis-net-runner: support configuring runtime state and state root + ([#4843](https://github.com/oasisprotocol/oasis-core/issues/4843)) + +- go/worker/common/p2p/rpc: Add support for per-call peer limits + ([#4671](https://github.com/oasisprotocol/oasis-core/issues/4671)) + +- docker: Add oasisprotocol/aesmd Docker image + ([#4690](https://github.com/oasisprotocol/oasis-core/issues/4690)) + +- runtime: Bump tendermint-rs, x509-parser and oid-registry + ([#4706](https://github.com/oasisprotocol/oasis-core/issues/4706)) + +- ci: Build OpenSSL statically for Oasis Core releases + ([#4707](https://github.com/oasisprotocol/oasis-core/issues/4707)) + + This makes sure that oasis-core-loader is more portable between + distributions. + +- go/common/sgx/aesm: Add support for newer methods + ([#4711](https://github.com/oasisprotocol/oasis-core/issues/4711)) + +- rust-toolchain: Migrate to TOML version of rust-toolchain + ([#4727](https://github.com/oasisprotocol/oasis-core/issues/4727)) + +- go/common/node/address: use custom type instead of `net.TCPAddr` + ([#4744](https://github.com/oasisprotocol/oasis-core/issues/4744)) + +- go: Bump go-libp2p to 0.23.2 + ([#4765](https://github.com/oasisprotocol/oasis-core/issues/4765), + [#4782](https://github.com/oasisprotocol/oasis-core/issues/4782), + [#4906](https://github.com/oasisprotocol/oasis-core/issues/4906), + [#4944](https://github.com/oasisprotocol/oasis-core/issues/4944)) + +- go: Bump viper to 1.12.0 + ([#4766](https://github.com/oasisprotocol/oasis-core/issues/4766)) + +- go/oasis-test-runner/fixture: support configuring runtime messages + ([#4769](https://github.com/oasisprotocol/oasis-core/issues/4769)) + +- runtime: Bump oasis-cbor to 0.5.0 + ([#4784](https://github.com/oasisprotocol/oasis-core/issues/4784), + [#4835](https://github.com/oasisprotocol/oasis-core/issues/4835)) + +- go/oasis-test-runner/byzantine: Add primary+backup liveness test + ([#4799](https://github.com/oasisprotocol/oasis-core/issues/4799)) + +- Bump Go to 1.18.3 + ([#4820](https://github.com/oasisprotocol/oasis-core/issues/4820)) + +- go/runtime/host: Make sure runtime-reported version matches bundle + ([#4825](https://github.com/oasisprotocol/oasis-core/issues/4825)) + +- go: remove synced storage wrapper + ([#4837](https://github.com/oasisprotocol/oasis-core/issues/4837)) + +- go/common/sgx/sigstruct: Add support for offline signing + ([#4844](https://github.com/oasisprotocol/oasis-core/issues/4844)) + +- go: Drop go-fuzz in favor of Go 1.18 fuzzing support + ([#4875](https://github.com/oasisprotocol/oasis-core/issues/4875)) + +- keymanager-client: Skip policy when OASIS_UNSAFE_SKIP_KM_POLICY is set + ([#4878](https://github.com/oasisprotocol/oasis-core/issues/4878)) + +- go/common/grpc: advancedtls options moved to IdentityOptions + ([#4886](https://github.com/oasisprotocol/oasis-core/issues/4886)) + +- runtime: Refactor dispatcher initializer and expose consensus_verifier + ([#4893](https://github.com/oasisprotocol/oasis-core/issues/4893)) + +- runtime: Add state_at to consensus Verifier trait + ([#4893](https://github.com/oasisprotocol/oasis-core/issues/4893)) + + This allows fetching historic consensus layer state in addition to the + latest state. + +- Bump Rust toolchain to 2022-08-22 + ([#4896](https://github.com/oasisprotocol/oasis-core/issues/4896)) + +- runtime: Add epoch_state query and EPOCH_INVALID constant + ([#4897](https://github.com/oasisprotocol/oasis-core/issues/4897)) + +- go: Bump Tendermint to v0.34.21 + ([#4899](https://github.com/oasisprotocol/oasis-core/issues/4899)) + +- go: Add consensus transaction prioritization + ([#4911](https://github.com/oasisprotocol/oasis-core/issues/4911)) + +- go/worker/keymanager: Use common runtime host handler + ([#4926](https://github.com/oasisprotocol/oasis-core/issues/4926)) + +- Bump tokio to 1.20.x + ([#4928](https://github.com/oasisprotocol/oasis-core/issues/4928)) + +- keymanager: Refactor and reorganize runtime-related crates + ([#4930](https://github.com/oasisprotocol/oasis-core/issues/4930)) + +- runtime/consensus/tendermint/verifier: Refactor verifier + ([#4934](https://github.com/oasisprotocol/oasis-core/issues/4934)) + +- runtime: Add current sender sequence number to CheckTxMeta + ([#4956](https://github.com/oasisprotocol/oasis-core/issues/4956)) + +- runtime-loader: Remove unused ELF loader + ([#4969](https://github.com/oasisprotocol/oasis-core/issues/4969)) + +- mkvs/proof: Make sure that all entries in the proof have been used + ([#4973](https://github.com/oasisprotocol/oasis-core/issues/4973)) + + Note that this does not impact verification correctness as only visited + nodes are part of the proof computation and the verified tree returned + by the verifier. + + But in case future code may want to do something with raw entries of a + verified proof this removes a possible footgun where unverified entries + could be considered. + ## 22.1 (2022-04-01) | Protocol | Version |