feat: improve multisig utility and usability

BREAKING CHANGES: - (api-changes) `CanRegisterAnyTrigger` `CanUnregisterAnyTrigger` permission - (config-changes) `defaults/genesis.json` contains hashes of wasm binaries stored under `defaults/blobs/` Major commits: - feat: support multisig recursion - feat: introduce multisig quorum and weights - feat: add multisig subcommand to client CLI - feat: introduce multisig transaction time-to-live - feat: predefine multisig world-level trigger in genesis - feat: allow accounts in domain to register multisig accounts Signed-off-by: Shunkichi Sato <[email protected]>
hyperledger · Oct 3, 2024 · 076617d · 076617d
1 parent 4ed4632
commit 076617d
Show file tree

Hide file tree

Showing 42 changed files with 1,912 additions and 430 deletions.
diff --git a/.github/workflows/iroha2-custom-image.yml b/.github/workflows/iroha2-custom-image.yml
@@ -58,10 +58,31 @@ jobs:
  path: ${{ env.DOCKER_COMPOSE_PATH }}/executor.wasm
  retention-days: 1
 
+ build_genesis_trigger_blobs:
+ runs-on: ubuntu-latest
+ container:
+ image: hyperledger/iroha2-ci:nightly-2024-09-09
+ timeout-minutes: 30
+ steps:
+ - uses: actions/checkout@v4
+ with:
+ ref: ${{ github.event.inputs.CHECKOUT_REF }}
+ - uses: Swatinem/rust-cache@v2
+ - name: Build genesis trigger blobs
+ run: |
+ mkdir -p ${{ env.DOCKER_COMPOSE_PATH }}/blobs
+ cargo run --release --bin kagami -- genesis generate --executor-path-in-genesis ./executor.wasm --genesis-public-key ed01204164BF554923ECE1FD412D241036D863A6AE430476C898248B8237D77534CFC4 > ${{ env.DOCKER_COMPOSE_PATH }}/genesis.json
+ - name: Upload genesis trigger blobs to reuse in other jobs
+ uses: actions/upload-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}/blobs
+ retention-days: 1
+
  registry-profiling-image:
  if: ${{ inputs.BUILD_GLIBC_IMAGE == 'false' }} and ${{ inputs.BUILD_ALPINE_IMAGE == 'false' }}
  runs-on: [self-hosted, Linux, iroha2]
- needs: build_executor
+ needs: [build_executor, build_genesis_trigger_blobs]
  container:
  image: hyperledger/iroha2-ci:nightly-2024-09-09
  steps:
@@ -73,6 +94,11 @@ jobs:
  with:
  name: executor.wasm
  path: ${{ env.DOCKER_COMPOSE_PATH }}
+ - name: Download genesis trigger blobs
+ uses: actions/download-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}
  - name: Get the release tag
  run: |
  RELEASE_VERSION=${{ github.ref_name }}
@@ -115,7 +141,7 @@ jobs:
  registry-glibc-image:
  if: ${{ inputs.BUILD_GLIBC_IMAGE == 'true' }} and ${{ inputs.BUILD_ALPINE_IMAGE == 'false' }}
  runs-on: [self-hosted, Linux, iroha2]
- needs: build_executor
+ needs: [build_executor, build_genesis_trigger_blobs]
  container:
  image: hyperledger/iroha2-ci:nightly-2024-09-09
  steps:
@@ -127,6 +153,11 @@ jobs:
  with:
  name: executor.wasm
  path: ${{ env.DOCKER_COMPOSE_PATH }}
+ - name: Download genesis trigger blobs
+ uses: actions/download-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}
  - name: Login to Soramitsu Harbor
  uses: docker/login-action@v3
  with:
@@ -152,7 +183,7 @@ jobs:
  registry-alpine-image:
  if: ${{ inputs.BUILD_GLIBC_IMAGE == 'false' }} and ${{ inputs.BUILD_ALPINE_IMAGE == 'true' }}
  runs-on: [self-hosted, Linux, iroha2]
- needs: build_executor
+ needs: [build_executor, build_genesis_trigger_blobs]
  container:
  image: hyperledger/iroha2-ci:nightly-2024-09-09
  steps:
@@ -164,6 +195,11 @@ jobs:
  with:
  name: executor.wasm
  path: ${{ env.DOCKER_COMPOSE_PATH }}
+ - name: Download genesis trigger blobs
+ uses: actions/download-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}
  - name: Login to Soramitsu Harbor
  uses: docker/login-action@v3
  with:

diff --git a/.github/workflows/iroha2-dev-nightly.yml b/.github/workflows/iroha2-dev-nightly.yml
@@ -22,9 +22,30 @@ jobs:
  path: ${{ env.DOCKER_COMPOSE_PATH }}/executor.wasm
  retention-days: 1
 
+ build_genesis_trigger_blobs:
+ runs-on: ubuntu-latest
+ container:
+ image: hyperledger/iroha2-ci:nightly-2024-09-09
+ timeout-minutes: 30
+ steps:
+ - uses: actions/checkout@v4
+ with:
+ ref: ${{ github.event.inputs.CHECKOUT_REF }}
+ - uses: Swatinem/rust-cache@v2
+ - name: Build genesis trigger blobs
+ run: |
+ mkdir -p ${{ env.DOCKER_COMPOSE_PATH }}/blobs
+ cargo run --release --bin kagami -- genesis generate --executor-path-in-genesis ./executor.wasm --genesis-public-key ed01204164BF554923ECE1FD412D241036D863A6AE430476C898248B8237D77534CFC4 > ${{ env.DOCKER_COMPOSE_PATH }}/genesis.json
+ - name: Upload genesis trigger blobs to reuse in other jobs
+ uses: actions/upload-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}/blobs
+ retention-days: 1
+
  dockerhub:
  runs-on: ubuntu-latest
- needs: build_executor
+ needs: [build_executor, build_genesis_trigger_blobs]
  container:
  image: hyperledger/iroha2-ci:nightly-2024-09-09
  steps:
@@ -34,6 +55,11 @@ jobs:
  with:
  name: executor.wasm
  path: ${{ env.DOCKER_COMPOSE_PATH }}
+ - name: Download genesis trigger blobs
+ uses: actions/download-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}
  - uses: docker/login-action@v3
  with:
  username: ${{ secrets.DOCKERHUB_USERNAME }}

diff --git a/.github/workflows/iroha2-dev-pr-wasm.yaml → .github/workflows/iroha2-dev-pr-wasm.yml b/.github/workflows/iroha2-dev-pr-wasm.yaml → .github/workflows/iroha2-dev-pr-wasm.yml
diff --git a/.github/workflows/iroha2-dev-pr.yml b/.github/workflows/iroha2-dev-pr.yml
@@ -76,6 +76,27 @@ jobs:
  path: ${{ env.DOCKER_COMPOSE_PATH }}/executor.wasm
  retention-days: 1
 
+ build_genesis_trigger_blobs:
+ runs-on: ubuntu-latest
+ container:
+ image: hyperledger/iroha2-ci:nightly-2024-09-09
+ timeout-minutes: 30
+ steps:
+ - uses: actions/checkout@v4
+ with:
+ ref: ${{ github.event.inputs.CHECKOUT_REF }}
+ - uses: Swatinem/rust-cache@v2
+ - name: Build genesis trigger blobs
+ run: |
+ mkdir -p ${{ env.DOCKER_COMPOSE_PATH }}/blobs
+ cargo run --release --bin kagami -- genesis generate --executor-path-in-genesis ./executor.wasm --genesis-public-key ed01204164BF554923ECE1FD412D241036D863A6AE430476C898248B8237D77534CFC4 > ${{ env.DOCKER_COMPOSE_PATH }}/genesis.json
+ - name: Upload genesis trigger blobs to reuse in other jobs
+ uses: actions/upload-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}/blobs
+ retention-days: 1
+
  unit_tests_with_coverage:
  runs-on: [self-hosted, Linux, iroha2]
  container:
@@ -116,13 +137,13 @@ jobs:
  name: report-coverage
  path: lcov.info
 
- # include: iroha/tests/integration/
+ # include: iroha/tests/integration/, iroha_p2p/tests/integration/
  # exclude: iroha/tests/integration/extra_functional
  integration:
  runs-on: [self-hosted, Linux, iroha2]
  container:
  image: hyperledger/iroha2-ci:nightly-2024-09-09
- needs: build_executor
+ needs: [build_executor, build_genesis_trigger_blobs]
  timeout-minutes: 30
  steps:
  - uses: actions/checkout@v4
@@ -131,6 +152,11 @@ jobs:
  with:
  name: executor.wasm
  path: ${{ env.DOCKER_COMPOSE_PATH }}
+ - name: Download genesis trigger blobs
+ uses: actions/download-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}
  - uses: taiki-e/install-action@nextest
  - name: Run integration tests, with all features
  run: >
@@ -145,7 +171,7 @@ jobs:
  runs-on: [self-hosted, Linux, iroha2]
  container:
  image: hyperledger/iroha2-ci:nightly-2024-09-09
- needs: build_executor
+ needs: [build_executor, build_genesis_trigger_blobs]
  timeout-minutes: 60
  steps:
  - uses: actions/checkout@v4
@@ -154,6 +180,11 @@ jobs:
  with:
  name: executor.wasm
  path: ${{ env.DOCKER_COMPOSE_PATH }}
+ - name: Download genesis trigger blobs
+ uses: actions/download-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}
  - uses: taiki-e/install-action@nextest
  - name: Run integration tests, with all features
  run: >
@@ -198,7 +229,7 @@ jobs:
  context: .
 
  docker-compose-and-pytests:
- needs: build_executor
+ needs: [build_executor, build_genesis_trigger_blobs]
  runs-on: [self-hosted, Linux, iroha2]
  timeout-minutes: 60
  env:
@@ -215,6 +246,11 @@ jobs:
  with:
  name: executor.wasm
  path: ${{ env.DOCKER_COMPOSE_PATH }}
+ - name: Download genesis trigger blobs
+ uses: actions/download-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}
  - name: Install Python and Poetry
  run: |
  yum install -y python${{ env.PYTHON_VERSION }} python${{ env.PYTHON_VERSION }}-devel

diff --git a/.github/workflows/iroha2-dev.yml b/.github/workflows/iroha2-dev.yml
@@ -26,18 +26,44 @@ jobs:
  name: executor.wasm
  path: ${{ env.DOCKER_COMPOSE_PATH }}/executor.wasm
 
+ build_genesis_trigger_blobs:
+ runs-on: ubuntu-latest
+ container:
+ image: hyperledger/iroha2-ci:nightly-2024-09-09
+ timeout-minutes: 30
+ steps:
+ - uses: actions/checkout@v4
+ with:
+ ref: ${{ github.event.inputs.CHECKOUT_REF }}
+ - uses: Swatinem/rust-cache@v2
+ - name: Build genesis trigger blobs
+ run: |
+ mkdir -p ${{ env.DOCKER_COMPOSE_PATH }}/blobs
+ cargo run --release --bin kagami -- genesis generate --executor-path-in-genesis ./executor.wasm --genesis-public-key ed01204164BF554923ECE1FD412D241036D863A6AE430476C898248B8237D77534CFC4 > ${{ env.DOCKER_COMPOSE_PATH }}/genesis.json
+ - name: Upload genesis trigger blobs to reuse in other jobs
+ uses: actions/upload-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}/blobs
+ retention-days: 1
+
  registry_save_build_artifacts:
  runs-on: [self-hosted, Linux, iroha2]
  container:
  image: hyperledger/iroha2-ci:nightly-2024-09-09
- needs: build_executor
+ needs: [build_executor, build_genesis_trigger_blobs]
  steps:
  - uses: actions/checkout@v4
  - name: Download executor.wasm file
  uses: actions/download-artifact@v4
  with:
  name: executor.wasm
  path: ${{ env.DOCKER_COMPOSE_PATH }}
+ - name: Download genesis trigger blobs
+ uses: actions/download-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}
  - name: Set up Docker Buildx
  id: buildx
  if: always()

diff --git a/.github/workflows/iroha2-release.yml b/.github/workflows/iroha2-release.yml
@@ -26,16 +26,42 @@ jobs:
  path: ${{ env.DOCKER_COMPOSE_PATH }}/executor.wasm
  retention-days: 1
 
+ build_genesis_trigger_blobs:
+ runs-on: ubuntu-latest
+ container:
+ image: hyperledger/iroha2-ci:nightly-2024-09-09
+ timeout-minutes: 30
+ steps:
+ - uses: actions/checkout@v4
+ with:
+ ref: ${{ github.event.inputs.CHECKOUT_REF }}
+ - uses: Swatinem/rust-cache@v2
+ - name: Build genesis trigger blobs
+ run: |
+ mkdir -p ${{ env.DOCKER_COMPOSE_PATH }}/blobs
+ cargo run --release --bin kagami -- genesis generate --executor-path-in-genesis ./executor.wasm --genesis-public-key ed01204164BF554923ECE1FD412D241036D863A6AE430476C898248B8237D77534CFC4 > ${{ env.DOCKER_COMPOSE_PATH }}/genesis.json
+ - name: Upload genesis trigger blobs to reuse in other jobs
+ uses: actions/upload-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}/blobs
+ retention-days: 1
+
  registry:
  runs-on: ubuntu-latest
- needs: build_executor
+ needs: [build_executor, build_genesis_trigger_blobs]
  steps:
  - uses: actions/checkout@v4
  - name: Download executor.wasm file
  uses: actions/download-artifact@v4
  with:
  name: executor.wasm
  path: ${{ env.DOCKER_COMPOSE_PATH }}
+ - name: Download genesis trigger blobs
+ uses: actions/download-artifact@v4
+ with:
+ name: blobs
+ path: ${{ env.DOCKER_COMPOSE_PATH }}
  - name: Set up Docker Buildx
  id: buildx
  uses: docker/setup-buildx-action@v3

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/crates/iroha/tests/integration/events/data.rs b/crates/iroha/tests/integration/events/data.rs
@@ -214,7 +214,7 @@ fn produce_multiple_events() -> Result<()> {
 
  // Grants role to Bob
  let bob_id = BOB_ID.clone();
- let grant_role = Grant::account_role(role_id.clone(), bob_id.clone());
+ let grant_role = Grant::role(role_id.clone(), bob_id.clone());
  client.submit_blocking(grant_role)?;
 
  // Unregister role