* added unit tests for MemoryEcachTicketbookManager
* bugfix: propagate socks5 proxy errors instead of panicking
* introduce guard against providing too short verification keyduring signature validation
* add checked overflow checks for icmp packet construction
* fix kcp loggin
* forbid construction of illegal sphninx fragments
* fix division by zero in packet statistics calculations
* experiment: add openspec details for node families contract
* add openspec for the ecash contract
* fix(ecash): correct latest_deposit off-by-one
DepositStorage::latest_deposit() returned the counter value, but the
counter holds the *next* free id (after next_id() saves counter+1). The
GetLatestDeposit handler then tried try_load_by_id(counter), which
always returned None — meaning the query yielded { deposit: None }
both on a fresh contract and after every successful deposit.
Fix: return counter.checked_sub(1) so latest_deposit() yields the most
recently assigned id (or None on a fresh contract). The
getting_latest_deposit unit test is updated to assert Some(0) and
Some(1) after one and two next_id() calls respectively.
No downstream consumer was relying on the buggy semantics
(validator-client exposes the query as a passthrough trait method that
nothing currently calls).
* experiment: add openspec details for ecash contract
Reverse-engineered openspec change `ecash-contract-spec` documenting
the existing CosmWasm contract at `contracts/ecash/`. Mirrors the
node-families workflow: docs-only deliverable, no migration, no
dependency changes. Archived as
openspec/changes/archive/2026-05-21-ecash-contract-spec/ and promoted
to openspec/specs/ecash-contract/spec.md as the canonical reference.
The spec captures 25 normative requirements with 64 scenarios covering
instantiation, migration, deposit submission (default + reduced tier),
RequestRedemption + redemption-proposal reply, legacy RedeemTickets
(dead code retained), stubbed blacklist surface, the ticketbook-size
invariant tripwire, the full query surface, and the public storage /
event / error surface.
Key documented points the source-of-truth phrasing pins down:
- The contract stores claimed ed25519 pubkeys opaquely; ownership is
enforced off-chain by nym-api signers via `validate_deposit`.
- Per-signer-local de-duplication via `state.already_issued`; no
on-chain "issued" state.
- Raw 32-byte deposit storage under the `"deposit"` namespace; deposit
ids are sequential `u32` starting at 0.
- Statistics invariant: default_count + sum(custom_count) = total.
- `cw_controllers::Admin` is used as a generic address-equality helper
for the `multisig` slot (the wrapper's full admin semantics are not
exercised on that slot).
- `RedeemTickets` is dead code retained on the public surface; flagged
as a candidate for removal.
Stubbed-blacklist final disposition is the only Open Question left for
the redesign change owner.
* docs(ecash): add rustdoc derived from archived ecash-contract spec
Drop short doc-comments on the ecash contract surface — handlers,
storage slots, message variants, error variants, event constants,
shared types — derived from the canonical spec at
openspec/specs/ecash-contract/spec.md (archived 2026-05-21).
Coverage:
- contracts/ecash/src/*.rs: crate-root summary, both DepositStorage
and DepositStatsStorage with their invariants called out, every
#[sv::msg(...)] handler in contract/mod.rs, reply id constants,
Config + invariants snapshot, migration entry point.
- common/cosmwasm-smart-contracts/ecash-contract/src/*.rs: every
ExecuteMsg / QueryMsg variant, every reachable EcashContractError
variant (with unreachable-but-preserved variants flagged), every
event constant, every response type, Deposit + DepositId.
Explicitly out of scope (separate concerns):
- Removing event_attributes::BANDWIDTH_PROPOSAL_ID (dead constant,
documented as such for now).
- Removing ExecuteMsg::RedeemTickets (dead handler, documented as such;
removal is a breaking-schema change).
- contracts/ecash/Cargo.toml version bump (docs-only).
No behaviour change; all 38 contract tests pass and cargo doc emits
no warnings on the touched crates.
On Windows, the database can become corrupted if the client is killed
while it is running. This is fixed by ensuring the database file is
properly closed.
VerificationKeyAuth::to_bytes() and SecretKeyAuth::to_bytes() used
usize::to_le_bytes() to serialize vector lengths, producing 4 bytes on
32-bit and 8 bytes on 64-bit. Since from_bytes() always reads 8 bytes
(u64), this caused ZK proof challenge hash mismatches when a 32-bit
client's proof was verified by a 64-bit gateway, resulting in
"the provided ticket failed to get verified" on all 32-bit platforms.
* start node families topic branch
* start node families topic branch
* initialise node families contract
* define contract storage
* registering new family in storage
* accepting family invitation
* add_pending_invitation
* revoke_pending_invitation
* remove_family_member
* reject_pending_invitation
* disband_family
* added unit tests for the storage methods
* added restriction on uniquness of family names
* update rustc version for node families contract common
* clippy
* basic queries by id
* query_families_paged
* change family membership storage and expose query for all members of a family
* queries for pending invitations
* queries for past invitations
* queries for past data per node
* queries for past family members
* query_past_members_for_node_paged
* queries for family by name and by owner
* fixup family name normalisation
* fixed incorrect lower bound for queries for past data
* implement contract and storage initialisation
* stubbing tx messages that are to be exposed by the contract
* handler for updating config
* removed partial fee return
* wip: create family
* move mixnet contract interaction traits to shared location
* store original family name alongside the normalised variant
* prevent family creation if owner has a node in another family
* try_disband_family
* try_invite_to_family + shared helpers
* try_revoke_family_invitation
* accept_family_invitation
* stub method for node unbonding
* try_reject_family_invitation
* unit tests for family name normalisation
* try_leave_family
* try_kick_from_family
* fix outdated comments and add paid fee event attribute
* feat: NMv3: leave family upon node unbonding
* NF contract handling of unbonding
* lints
* init node families contract when creating performance contract tester
* clippy
* avoid self-dep in the contract dev deps
* introduced client traits for interacting with the node families contract
* add node families contract to cache refresher
* added query for all node family members (globally) and started scaffolding nym-api caches
* docs and cache -> api conversion
* calculating average node age based on individual timestamps
* wire up node families cache
* http stubs
* filled in the implementation
* route tests + extracting shared code
* review fixes
* feat: expose family information for all dvpn gateway endpoints within NS API
* expose family information for explorer v3 route
* clippy
* review comments and optimise db family update
* feat: Node Families: expose stake information inside DVpnGateway
* chore: update lock files after rebase
* chore: sort workspace members
* explicitly require providing node families contract address for mixnet contract migration
* fix missing node families contract address env export
* dont swallow cache overwrite failures in fixture
* pin network-defaults rustc version due to contracts dep
* further version pinning
* chore: update mixnet contract schema
* version fix
* try to publish core crates first
* bump version ci
* fix to yaml
* Slight modifications to ordering, remove core-crates and rely on ordering as test + sed tweak
* crates release: bump version to 1.21.0 (#6744)
Co-authored-by: Nym bot <nym-bot@users.noreply.github.com>
Co-authored-by: mfahampshire <maxhampshire@pm.me>
* Remove unnecessary verification step becase of dryrun (doubled)
* Revert some changes to develop
* Add preflight to its own workflow
* Clippy
* Update crate publishing file
* Clippy
---------
Co-authored-by: benedettadavico <benedettadavico@users.noreply.github.com>
Co-authored-by: mfahampshire <maxhampshire@pm.me>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Nym bot <nym-bot@users.noreply.github.com>