Leap v5.0.0-rc3
Pre-releaseLeap 5.0.0-rc3 builds upon the first Leap 5.0 release candidate with important updates to the BLS host functions, as well as bug fixes, and improvements to performance, efficiency, and stability of the Leap software. It also includes a mitigation for a security issue.
📝 | This release includes consensus changes from prior 5.0 releases. Node Operators running prior 5.0 release candidates must upgrade. |
---|
See the Upgrade Guide for details on required/recommended configuration changes, deprecations and new nodeos
options.
Expand the release notes below for an in depth look at the Leap v5.0.0-rc3 release including a summary of important changes, and a complete change log.
Leap v5.0.0-rc3 Release Notes
Security
Mitigation of Potential Denial of Service for Snapshots & SHiP
A security vulnerability has been mitigated, preventing errors in state_history_plugin
and snapshot functionality in certain edge case conditions (PR 1964).
Node Operators that depend on snapshots or state_history_plugin
with chain-state-history
enabled should upgrade. Users running state_history_plugin
with only trace-history
are not affected.
Compatibility
basee64 encoding compatibility
This release includes a change to base64 encoding that is incompatible with versions of leap prior to 3.2.5.
For more details, see PR 1888.
Enhancements
BLS Updates
Changed host functions and added benchmarking for BLS. (PRs #1882, #1884, #1904, #1938)
BLS Host Function Updates
Added, removed, and changed host functions to require affine and non-Montgomery form and enable additional BLS mathematical operations to be feasibly implemented in WASM such as compressed signature conversion.
Changes to BLS host functions
- Replaced these
bls_g1_mul
bls_g2_mul
bls_g1_exp
bls_g2_exp
- With these
bls_g1_weighted_sum
bls_g2_weighted_sum
- Added these (which make it feasible to implement more operations in WASM such as converting from compressed encodings of public keys and signatures to the affine form required for use with the host functions)
bls_fp_mul
bls_fp_exp
- BLS host functions originally expected and returned points in Jacobian and Mongtomery form. They now expect and return points in affine and non-Montgomery form.
BLS Benchmarking
Add benchmarking of BLS host functions into Leap
Benchmark suites. Use benchmark/benchmark -f bls
to benchmark.
A sample result looks like
function runs average minimum maximum
bls:
bls_g1_add 5,000 76,699 ns 75,622 ns 123,329 ns
bls_g2_add 5,000 82,521 ns 81,196 ns 131,229 ns
bls_pairing 1 pair 5,000 1,638,763 ns 1,557,463 ns 3,569,653 ns
bls_pairing 3 pairs 5,000 2,321,344 ns 2,232,847 ns 3,740,820 ns
bls_g1_weighted_sum 1 point 5,000 260,683 ns 258,196 ns 328,138 ns
bls_g1_weighted_sum 3 points 5,000 670,546 ns 661,700 ns 2,038,831 ns
bls_g1_weighted_sum 5 points 5,000 817,884 ns 808,866 ns 2,200,022 ns
bls_g2_weighted_sum 1 point 5,000 818,862 ns 794,358 ns 2,368,434 ns
bls_g2_weighted_sum 3 points 5,000 2,338,746 ns 2,285,345 ns 4,072,288 ns
bls_g2_weighted_sum 5 points 5,000 2,924,081 ns 2,845,713 ns 22,833,113 ns
bls_g1_map 5,000 379,593 ns 372,223 ns 566,554 ns
bls_g2_map 5,000 531,899 ns 522,480 ns 722,943 ns
bls_fp_mod 5,000 794 ns 703 ns 9,219 ns
bls_fp_mul 5,000 692 ns 621 ns 7,913 ns
bls_fp_exp 5,000 32,397 ns 31,702 ns 43,478 ns
Updated Protocol Feature
Renamed BLS_PRIMITIVES
to BLS_PRIMITIVES2
to make explicit that there is a breaking change in the interface and behavior of the BLS host functions enabled by the BLS_PRIMITIVES2
protocol feature compared to the BLS_PRIMITIVES
protocol feature that was added in v5.0.0-rc2.
Replace cpu-effort-percent
with produce-block-offset-ms
5.0.0-rc3 builds upon changes we made in rc2 to optimize block start time but replaces the existing config parameter expressed in miliseconds instead of a percentage.
Specifically, we have replaced the cpu-effort-percent
configuration parameter with produce-block-offset-ms
, which now specifies the amount of time to leave at the end of the 12-block production round for the last block to reach the next block producer. This value can be configured to be larger than 500 milliseconds if necessary.
See PR 1800 for complete details on the change. BP Documentation has been updated.
Only return wasm config settings if configurable wasm limits enabled
Before this change, these wasm config settings were included in the response regardless of the protocol features in use. However, it has been recognized that these settings are only valid and relevant when the CONFIGURABLE_WASM_LIMITS2
protocol feature is active.
With this update, a change has been made to the behavior of the /v1/chain/get_consensus_parameters
endpoint. The wasm config settings, which include various parameters related to WebAssembly execution, will now only be returned if the protocol feature CONFIGURABLE_WASM_LIMITS2
is enabled.
This modification ensures that clients requesting consensus parameters receive only the information that is applicable to the current protocol configuration, making the responses more accurate and relevant.
For complete details on this change see PR 1770.
Prometheus Enhancements
Added stable identifiers for P2P connections and ensured valid unique_conn_node_id. (PRs #1750, #1879).
Stable Identifiers
Improved identification in prometheus_plugin
by using node_id
as a stable identifier for P2P connections, addressing the issue of changing identifiers with each disconnect and reconnect. This enhancement, implemented in PR #1750, resolves the challenge outlined in Issue #1683 of tracking consistent metrics in nodeos_p2p_connections
.
Ensure Valid Connection ID
Ensured the presence of a valid and unique connection ID for Prometheus metrics, as detailed in PR #1879. This update addresses Issue #1871, which highlighted the inefficiency of stats displayed without connection IDs, and now temporarily assigns an ID until an established connection is confirmed.
Performance & Efficiency Improvements
- VM and ABI Serializer Performance: Various improvements to ABI serializer performance. (PRs #1770, #1773, #1792, #1922)
- Chainbase Performance Improvement: Notable enhancements in performance. (PR #1772)
- Snapshot Scheduler Test: Refactored threading for better efficiency. (PR #1821)
- P2P Network Improvements: Several updates including fixes for throttling issues and improvements in sync window management. (PRs #1791, #1811)
Stability Improvements
- Resource Monitor Plugin: Hardened shutdown handling and made tests deterministic. (PRs #1774, #1783, #1826)
Bug Fixes
- Compiler Warnings and Errors: Addressed various compiler warnings and errors to ensure a clean build. (PRs #1752, #1836)
- Test Fixes: Various fixes in tests to avoid deadlocks and improve reliability. (PRs #1766, #1818, #1905)
- Chainbase and EOS VM OC Fixes: Resolved issues with Chainbase database size and EOS VM OC's subjective compilation limits. (PRs #1827, #1843, #1877)
- PH Reliability and Error Handling: Improved error handling and reliability in PH. (PRs #1814, #1866)
- Miscellaneous Fixes: Various other fixes including those for base64 encoding and contract exceptions. (PRs #1886, #1888, #1889, #1901, #1903)
Operational Improvements
- CICD: Enhanced branch protection and integration with CI Build & Test workflow for more stable builds. (PRs #1753, #1710, #1797, #1867)
Deprecations & Removals
Deferred Transactions Removed
Deferred Transactions were previously deprecated and have been removed. No new deferred transactions may be created. Existing deferred transactions, will be blocked from executing.
Get Block Header State Deprecated
As of Leap v5.0.0 v1/chain/get_block_header_state
is deprecated. It will be removed in Leap v6.0.0.
Documentation Updates
- Updated tutorial readme to reflect the latest changes. (PR #1810)
Change Log
Pull Requests
- [5.0] fix "All Required Tests Passed" CI Branch Protection by @spoonincode in #1753
- [5.0] Fix compiler warning by @heifner in #1752
- [5.0] Prometheus: Add stable identifier for P2P connections by @heifner in #1750
- [5.0] Test: read-only trxs should only be posted to read_exclusive queue by @heifner in #1766
- [4.0 -> 5.0] Only return wasm config settings if configurable wasm limits enabled by @heifner in #1773
- [4.0 -> 5.0] Signal accepted_block after it is marked valid by @heifner in #1777
- [4.0 -> 5.0] hardening resource monitor manager plugin shutdown handling by @linh2931 in #1783
- [5.0] Chainbase performance improvement by @greg7mdp in #1772
- [5.0] P2P: Fix: Throttling of last block of request caused lost block by @heifner in #1791
- [5.0] only use
--eos-vm-oc-enable
option in tests when OC is available, and tweak/fix location of its usage by @spoonincode in #1792 - [4.0 -> 5.0] SHiP: Fixes: Stack overflow, invalid index, split file access by @heifner in #1798
- [5.0] Replaced
cpu-effort-percent
withproduce-block-offset-ms
by @heifner in #1800 - [5.0] automatically create
experimental-binaries
package on release by @spoonincode in #1797 - [5.0] P2P: Throttle over sync window by @heifner in #1811
- [5.0] integrate reproducible build with CI Build & Test workflow by @spoonincode in #1710
- [5.0] Test Fix: Avoid deadlock on app_thread by @heifner in #1818
- [5.0] refactor threading of
snapshot_scheduler_test
by @spoonincode in #1821 - [5.0] make resource monitor plugin tests deterministic by using fixed fc::temp_directory instead of dynamic /tmp by @linh2931 in #1826
- [5.0] don't run EOS VM OC's monitor compile task callback when socket being dtored by @spoonincode in #1827
- [5.0] Increase max-transaction-time for read_only_trx unit tests by @linh2931 in #1819
- [5.0] Undo the temporary switch to
mapped
mode when loading a snapshot inmapped_private
mode. by @greg7mdp in #1825 - [5.0] Update Tutorial Readme by @ericpassmore in #1810
- [5.0] fix new signedness warnings to have a clean build for rc3 by @linh2931 in #1836
- [5.0] Normalize speculative & producer block intervals by @heifner in #1840
- [5.0] Minimize abort/start block for speculative blocks by @heifner in #1845
- [5.0] revert usage of zstd for .deb packages by @spoonincode in #1831
- [5.0] PH: Reliability improvements by @heifner in #1814
- [5.0] backport: upload core dumps from failed tests in CI by @spoonincode in #1853
- [5.0] Recover keys in chain thread pool by @heifner in #1846
- [5.0] fix release workflow's artifact download to
wait-for-exact-target
notwait-for-exact-target-workflow
by @spoonincode in #1867 - [5.0] PH: Improve error handling and use one strand by @heifner in #1866
- [5.0] Disable EOS VM OC's subjective compilation limits in unit tests by @linh2931 in #1843
- [5.0] Prometheus: Ensure valid unique_conn_node_id by @heifner in #1879
- [5.0] Fix chainbase issue when shrinking the database size. by @greg7mdp in #1877
- [5.0] Add additional tests for mapped_private by @heifner in #1887
- [5.0] Revert "Fix base64 encoding" by @heifner in #1886
- [5.0] Fix base64 encoding - take 2 by @heifner in #1888
- [5.0] Add dynamic check for pagemap support by @greg7mdp in #1895
- [5.0] Benchmark BLS host functions by @linh2931 in #1884
- [4.0 -> 5.0] Do not require trailing = for base64 encoded strings by @heifner in #1894
- [5.0] Change remaining references of mandel to leap by @heifner in #1901
- [5.0] Add context to contract exceptions by @YaroShkvorets in #1903
- [5.0] Test: net_plugin test cleanup by @heifner in #1905
- BLS: add benchmarking for Affine form host functions by @linh2931 in #1904
- [4.0 -> 5.0] Fix non-working cleos set code and set abi commands, and add tests by @linh2931 in #1909
- [5.0] Fix two small performance issues in abi_serializer. by @greg7mdp in #1922
- [5.0] Adapt to changes in bls12-381 lib and add tests by @yarkinwho in #1882
- [5.0] Update BLS host function doxygen comments by @heifner in #1938
- [5.0] Update bls12-381 lib with affine non-montgomery public key proof of possession by @heifner in #1948
- [5.0] Return error for num == 0 for bls_g1_weighted_sum, bls_g2_weighted_sum and bls_pairing by @heifner in #1954
- [3.2] consolidated security fixes for 3.2.5 by @spoonincode in #1961
- [3.2] bump version to 3.2.5 by @spoonincode in #1962
- [3.2 -> 4.0] consolidated security fixes for 4.0.5 by @spoonincode in #1964
- [4.0] bump version to 4.0.5 by @spoonincode in #1965
- [4.0 -> 5.0] consolidated security fixes for 5.0.0-rc3 by @spoonincode in #1966
- [5.0] bump version to 5.0.0-rc3 by @spoonincode in #1967
Full Changelog: v5.0.0-rc2...v5.0.0-rc3