This PR add the support to DNS. By default Besu refuses the use of a DNS but it is possible to use it by adding the following flag --Xdns-enabled=true. Adding this flag will resolve the hostname when starting besu and then it won't change
If there is a need for a more dynamic update (eg for permissioning) add also this flag --Xdns-update-enabled = true ( this will query the DNS every time. So you must trust the DNS on which you are looking for the IP)
Signed-off-by: Karim TAAM <karim.t2am@gmail.com>
- On-chain group management changes: additional API to check whether someone is allowed to update the contract, and remove enclave key as a parameter to contract APIs
- Add check for group membership to onchain and offchain precompiled contracts
Signed-off-by: Stefan Pingel <stefan.pingel@consensys.net>
Experimental backup and restore via `operator x-backup-state` and `operator x-restore-state` CLI commands. Besu needs to be in a non-operational state for the backup and restore to occur. Restore has only been tested into an empty database, not on top of an existing database.
This feature is not advised for production use at the moment.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Refactors prior to Backup/Restore
* Allow multiple extra commands on the command line
* Extra commands appear at the end of the command line
* Pull node setup out of DB migration test
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* deprecate CLI option for privacy precompile address; only put the relevant precompile in the registry
Signed-off-by: Sally MacFarlane <sally.macfarlane@consensys.net>
The IBFT2 configuration section of a genesis file has been updated
to allow the specification of a block reward (defaults to 0) and also an explicit
recipient (defaults to the block proposer).
The block reward can be specified as a hex string (with 0x prefix) or a decimal
string (no prefix), and is defined in Wei.
These values are not modifiable for the duration of the network.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
* rename more whitelist occurrences; change allowlisted to allowed and reword where we ended up with allowlisting
Signed-off-by: Sally MacFarlane <sally.macfarlane@consensys.net>
Upgrade to ErrorProne 2.4.0
* public constructors on abstract classes are removed
* Javadoc must have meaningfull documentation
* lambdas should not be variables
* Added to the list of confusing inner class names (Entry and Type)
* no assert keyword in tests
* Obsolete JDK classes produce errors now
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Way back in the pantheon days, I put the DATABASE_METADATA.json file in
the database directory. This was a bad idea because rocksdb owns that
directory. We changed to putting it in the directory we own, data, but
we needed to support the old way of doing things. The time to support
that old location has well and truly past so now we're safe to stop
looking in that directory.
Signed-off-by: Ratan Rai Sur <ratan.r.sur@gmail.com>
* replace whitelist/blacklist with allowlist/denylist and support both versions in CLI options
Signed-off-by: Sally MacFarlane <sally.macfarlane@consensys.net>
- Implemented submitHashrate endpoint.
- Updated eth_hashrateEndpoint so that it returns the cumulative hashrate of all sealers if available. Otherwise it returns the local hashrate
- Added hashrate submission with Stratum1EthProxyProtocol and Stratum1Protocol
Signed-off-by: Karim TAAM <karim.t2am@gmail.com>
Ensures the "node" field on log messages is correct when node-clusters are restarted during AT.
Signed-off-by: Joshua Fernandes <joshua.fernandes@consensys.net>
ProtocolContext uses a generic for the consensus state, which has a very
large footprint across the code to accomplish what it intends to
accomplish. For every call there are about 61 other lines per call that
need to be updated, over 1300 lines total.
Instead replace it with java.lang.Class#cast, which provides runtime
security, and use generics to provide the compile time sugar that
allows for chained methods of the appropriate type. Then remove its
(quite large) footprint from the rest of the code.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* reduce number of validators, remove unnecessary checks for number of peers (this is already done in cluster.start) and reduce number of blocks we wait for
Signed-off-by: Sally MacFarlane <sally.macfarlane@consensys.net>
* check status of cluster not a single node
Signed-off-by: Sally MacFarlane <sally.macfarlane@consensys.net>
We consider the named network condition to be satisfied when --network
is explicitly used OR when it isn't supplied but neither are
--genesis-file nor --privacy-enabled
Signed-off-by: Ratan Rai Sur <ratan.r.sur@gmail.com>
* Use non-blocking randomness for acceptance tests
This addresses entropy draining during unit tests.
* wait 30 seconds instead of 2 when killing AT processes
* mark NodeSmartContractPermissioningIbftStallAcceptanceTest as @Ignore since it has become reliably and specifically flakey.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
The EthGetWork.shouldReturnSuccessResponseWhenMining was exhibiting intermittent failures, as a mining node would occasionally report "No mining work available yet" - rather than the inputs required to be solved for the current block.
From investigation, it was found that Besu's EthHash miner has a small time window after completing a block, in which the target for the next block has not yet been computed (eg while collating transactions) - during this interval, Besu will validly report "No mining work available yet".
To overcome this, the acceptance test has been updated to poll Besu for upto 5 seconds, waiting for a valid work target to be provided - rather than executing a single-attempt (which may fall within the window specified above).
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
Updated SimpleNodePermissioning smart contract in the acceptance tests to relax enodeURL matching to exclude the p2p port.
Signed-off-by: Mark Terry <mark.terry@consensys.net>
Add a configuration option that disables the secp256k1 and altbn128 native libraries during acceptance tests.
This option is disabled by default.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* Capture test logs in CI
If test logs were saved, store them as CI artifacts
* Only keep logs for failed tests
* Catch tests who didn't define names into a generic filename
Signed-off-by: Horacio Mijail Anton Quiles <hmijail@gmail.com>
Co-authored-by: Sally MacFarlane <sally.macfarlane@consensys.net>
Introduced Security Module Plugin API. This allows to switch to a different security module provider to provide cryptographic function that can be used by NodeKey (such as sign, ECDHKeyAgreement etc.). By default register KeyPairSecurityModule otherwise attempt to load Security Module via plugin API.
CLI Options:
--security-module=<name>. (defaults to localfile)
Signed-off-by: Usman Saleem <usman@usmans.info>
Enable native encryption by default, but retain the feature flags. The problem with acceptance tests is that the new native libraries added some startup overhead, which when translated to starting up 12 nodes on the same vm resulted in longer time getting to a testable state. Start up timeout was increased to 60 seconds.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Update BesuController to use the NodeKey, rather than working with KeyPair - which in turn allows the crypto operations to be injected.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
* Added changelog entries for PR:
- https://github.com/hyperledger/besu/pull/430
- https://github.com/hyperledger/besu/pull/440
Signed-off-by: Abdelhamid Bakhta <abdelhamid.bakhta@consensys.net>
* ### Description
BlockHeader object needs to be modified in order to add the new field (baseFee) as specified in the EIP.
We should take care about the RLP encoding/decoding of this structure since it has to include or not the new fields depending on whether we are pre fork or post fork.
- Update `core.BlockHeader.java`
- Add `baseFee`
- Update `readFrom` method for RLP decoding
- Update `writeTo` method for RLP encoding
- Update `plugin.data.BlockHeader.java`
- Add `getBaseFee` method
Signed-off-by: Abdelhamid Bakhta <abdelhamid.bakhta@consensys.net>
* TODO Add CLI command line flag `--Xeip1559-enabled`.
Signed-off-by: Abdelhamid Bakhta <abdelhamid.bakhta@consensys.net>
* TODO Add CLI command line flag `--Xeip1559-enabled`.
Signed-off-by: Abdelhamid Bakhta <abdelhamid.bakhta@consensys.net>
* Added unstable annotation for getBaseFee. Moved from long to `Optional<Long>`
Signed-off-by: Abdelhamid Bakhta <abdelhamid.bakhta@consensys.net>
* Spotless apply
Signed-off-by: Abdelhamid Bakhta <abdelhamid.bakhta@consensys.net>
* Fixed error
Signed-off-by: Abdelhamid Bakhta <abdelhamid.bakhta@consensys.net>
* fix plugin API hash
Signed-off-by: Abdelhamid Bakhta <abdelhamid.bakhta@consensys.net>
* RLP encoding / decoding operations are guarded with the feature flag.
Signed-off-by: Abdelhamid Bakhta <abdelhamid.bakhta@consensys.net>
* spotless apply
Signed-off-by: Abdelhamid Bakhta <abdelhamid.bakhta@consensys.net>
License reporting depends on the deprecated "compile" dependency in the
root project. Restore that so that license checking can work.
Also clean out old unused license types and one unneeded dependency.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>