* placeholder handling of wg registration with upgrade mode token
* include upgrade mode credentials as part of credential storage
* introduce helper for decoding JWT payload
* expose methods for removing emergency credentials from the storage
* don't allow duplicate emergency credentials with the same content
* added authenticator ClientMessage for upgrade mode check
* retrieve credentials with longest expiration first
* post rebasing fixes
* fixed gateway config
* feat: allow specifying minimum node performance for client init
* nym-node UM improvements
* fixed upgrade mode bandwidth on initial authentication
* fix: logs and thresholds
* expose attestation information from nym-node http api
* additional logs
* post rebasing fixes
* make @simonwicky happy by removing empty lines in emergency_credential table definition
* chore: remove '_' prefix for internal counters within in-mem ecash storage
* improved import of 'UpgradeModeState' within the nym-node
* use explicit time dependency within credential-storage
* re-order imports within the gateway-client
* moved 'AvailableBandwidth' definition to the monorepo
* squashing feat: merge intermediate upgrade mode changes #6174 to more easily resolve merge conflicts during rebasing
added additional v2 query for metadata endpoint for requesting upgrade mode recheck
added additional message to v6 authenticator to request explicit upgrade mode recheck
clippy
test fixes due to updated keys
updated assertion for upgrading v1 top up request to v2
compare attester public key against the expected value within the credential proxy
use pre-generated attestation public keys within nym-nodes
remove version deprecation
bugfix: default bandwidth response for authenticator
expose upgrade mode information in authenticator responses
adding tests for new v2 server
passing upgrade mode information in metadata endpoint
v2 wireguard private metadata
bugfix: make sure to immediately poll for attestation after spawning task
fix gateway probe and remove code duplication for finalizing registration
squashing before rebasing
post rebasing fixes
AuthenticatorVersion helpers
additional nits
allow unwraps in mocks
fixed linux build
clippy
integrating upgrade mode into authenticator
fixed build after adding wrappers to response types
conditionally updating peer handle bandwidth
cleanup
negotiate initial protocol during registration
change auth to use highest protocol
handler for JWT message
dont meter client bandwidth in upgrade mode
handling recheck requests
sending information about upgrade_mode on client messages
gateway watching for upgrade mode attestation
wip: gateways to disable bandwidth metering on upgrade mode
* fixed ServerResponse deserialisation
* fixed incorrect swagger path for upgrade mode check endpoint
* moved upgrade mode endpoint out of bandwidth routes
* chore: remove unused error variant
* removed re-export of UpgradeModeAttestation from credentials-interface
* chore: define single source of truth for minimum bandwidth threshold value
* moved type definitions out of traits.rs
* updated v6 versioning to point to niolo release instead
* fixed incorrect error mapping
dont build netstack in CI
additional rust 2024 fixes
fixes
removed temp.rs
first round of cleanup
removed duplicated NS types
moved gateway probe to the monorepo
* feat: unify HTTP client creation and enable domain fronting
Enhanced the base nym_http_api_client to reduce fragmentation and enable domain fronting:
- Added SerializationFormat enum for explicit JSON/bincode choice (no auto-detection)
- Added from_network() method to create clients from NymNetworkDetails with domain fronting
- Added with_bincode() builder method for explicit serialization configuration
- Set Accept header based on serialization preference
- Added deprecation paths for NymApiClient wrapper and nym_api::Client re-export
- Enabled domain fronting support via network defaults feature
This is part of a broader effort to consolidate HTTP client implementations across the codebase,
reducing ~500 lines of wrapper code and providing automatic domain fronting for censorship resistance.
* feat: migrate NymApiClient usage to unified HTTP client
- Wire up domain fronting configuration in NymNetworkDetails
- Implement NymApiClientExt trait for base nym_http_api_client::Client
- Migrate direct NymApiClient usage in multiple components:
- nym-network-monitor
- verloc measurements
- connection tester
- coconut/ecash client
- validator rewarder
- Add Copy derive to ApiUrlConst to enable iteration
- Update error handling and Display implementations
This enables automatic domain fronting for all Nym API calls via the configured CDN front hosts.
* fix: resolve all compilation errors after NymApiClient migration
- Add missing nym-http-api-client dependencies to multiple crates
- Add NymApiClientExt trait imports where needed
- Fix type mismatches from NymApiClient to unified Client
- Add error conversions for NymAPIError in various error enums
- Implement missing trait methods (get_current_rewarded_set, get_all_basic_nodes_with_metadata, get_all_described_nodes)
- Fix type conversions for RewardedSetResponse in network monitor
- Update all API client instantiation to use new unified HTTP client
* feat: complete migration to unified HTTP client and fix all compilation errors
- Added missing NymApiClientExt trait methods (get_all_expanded_nodes, change_base_urls)
- Fixed all compilation errors across the workspace
- Updated nym-node to use unified client instead of deprecated NymApiClient
- Fixed type conversions for RewardedSetResponse → EpochRewardedSet
- Added nym-http-api-client dependency where needed
- Updated all examples and documentation to use new client API
* fix: provide all API URLs for automatic failover in endpoint rotation
Previously, when rotating API endpoints, only a single URL was provided to the
HTTP client, defeating the purpose of having multiple URLs for resilience.
Changes:
- NymApiTopologyProvider now provides all URLs in rotated order when switching endpoints
- NymApisClient similarly provides all URLs starting from the working endpoint
- Added clarifying comments for broadcast/exhaustive query methods where single URLs are intentionally used
- This enables the HTTP client's built-in failover mechanism while maintaining endpoint rotation behavior
The fix ensures that if the primary endpoint fails, the client can automatically
failover to alternative endpoints without manual intervention, improving overall
network resilience.
* Update common/client-core/src/client/base_client/mod.rs
Co-authored-by: Jędrzej Stuczyński <jedrzej.stuczynski@gmail.com>
* Remove error generics, address PR comments
* Explicit warning on missing fronting configuration
* Assorted CI fixes
* Registry proc-macro
* Rename macro
* Syn workspace version
* Where do we need to put inventory
* Ergonomics and call sites, incept the builder
* fix: Address critical issues in client configuration registry implementation
- Fixed HeaderMapInit parsing bug that would cause compilation errors
- Added comprehensive documentation with usage examples and DSL reference
- Improved error handling with better error messages for invalid headers
- Added test coverage for both macro and registry functionality
- Added debug inspection capabilities for registered configurations
- Fixed module name conflicts in tests by using separate modules
All tests now passing:
- 7 macro tests validating DSL parsing and code generation
- 4 registry tests verifying configuration collection and application
* Use default value for the ports until api is deployed
* Feature/improved http error (#6025)
* use display impl for urls
* feat: attempt to add more details to reqwest errors
* temporarily restored GenericRequestFailure variant
* another restoration
* cleanup
* Some debug tooling, and default timeout fix
* Fix user-agent override
* Fix various wasm things
---------
Co-authored-by: Jędrzej Stuczyński <jedrzej.stuczynski@gmail.com>
Co-authored-by: Bogdan-Ștefan Neacşu <bogdan@nymtech.net>
* squashing work on using cancellation in nym crates
making nym-task wasm compilable
removed sending of status messages
replaced TaskManager with ShutdownManager in the validator rewarder
additional helpers for ShutdownManager
simplified ShutdownToken by removing the name field
TaskClient => ShutdownToken within all client tasks
wip: remove TaskHandle
* track all long-living client tasks
* add task tracking for most top level tasks within nym-node
* improved default builder
* split up cancellation module
* module documentation and unit tests
* nym node fixes and naming consistency
* wasm fixes
* assert_eq => assert
* wasm fixes and made 'run_until_shutdown' take reference instead of ownership
* linux-specific fixes to IpPacketRouter
* post rebasing fixes for signing monitor
* add ShutdownManager constructor to build it from an external token
* applying PR review suggestions
* conditionally enable console-subscriber within nym-node
* Update ci-build-upload-binaries.yml
* Update ci-build-upload-binaries.yml
add features console
* updated feature name
* fixed filtering on tracing layers
* add track_caller when spawning futures for better tokio-console support
* allow [client] tasks to specify their names when used within tokio console
* clippy
* pre-emptively fix wasm clippy
---------
Co-authored-by: Tommy Verrall <60836166+tommyv1987@users.noreply.github.com>
* Set cached storage counters to 0 (#5812)
* Set cached storage counters to 0
* u64 to i64 log possible error
* Check addition too
Debug commit
Remove more data from wg storage peer
Put actual ticket type in storage
Simplify add peer
Finish rebase
Pass defguard Peer
Cache less data for consumption
GatewayStorage traits
Wg API trait
Mock test structures
Unit test for peer controller
EcashManager trait
Init test of Authenticator
Remove peer test
* Fix windows different API
* Use make_bincode_serializer like in other places
* Add log_slow_statements to gateway storage
* Use correct LevelFilter
* Fix clippy
* More win fix
* Win clippy
* Use two error variants more
* Use only one Arc<RwLock<T>> instead of many more
* Remove commented test
* Specific trait import
* feat(db): add SQL query wrapper for PostgreSQL placeholder conversion
- Created query_wrapper module with functions to automatically convert
SQLite ? placeholders to PostgreSQL $1, $2, ... format
- Updated build.rs to handle mutually exclusive feature flags
- Modified one query in mixnodes.rs as proof of concept
- Added type conversions for PostgreSQL compatibility (u32->i64, u16->i32)
This is a checkpoint commit before converting all queries to use the wrapper.
* feat(nym-node-status-api): add PostgreSQL database support via feature flags
Implement dual database support for SQLite and PostgreSQL through Cargo feature flags.
The implementation uses a query wrapper that automatically converts SQLite-style ?
placeholders to PostgreSQL-style $1, $2, ... placeholders at runtime.
Key changes:
- Add query wrapper functions that handle placeholder conversion
- Convert all sqlx::query\! macros to use wrapper functions
- Handle type conversions between databases (i64 vs i32)
- Add feature-gated implementations for database-specific SQL syntax
- Update Makefile with clippy targets for both database features
- Document database support in README
* feat(nym-node-status-agent): add multi-API support with random selection
Agents can now connect to multiple APIs and randomly select one for each testrun:
- Accept multiple --server arguments in format "address:port:auth_key"
- Randomly shuffle server list before attempting connections
- Try each server until a testrun is obtained
- Submit results back only to the API that provided the testrun
- Continue to next server if one is down or has no testruns available
* feat(nym-node-status): implement primary/secondary server architecture
- Agent now requests testruns only from primary server (first in list)
- Results are submitted to all configured servers in parallel
- Secondary servers accept external testruns via new v2 endpoint
- Added auto-creation of gateway and testrun records on secondary servers
- New database queries: get_or_create_gateway, insert_external_testrun
- Client library enhanced with submit_results_with_context method
* Bump Node status API version
* Fix build workdir
* Bump to 3.1.4
* Fix types and queries
* 3.1.6
* Fix gateway perf, bump 3.1.7
* NodeId -> i32, 3.1.8
* Bump agent version
* i64 -> i32
* Use image yq
* Migration and more types
* Update remaining JSONB columns
* Simplify server config
* Update build path
* Change delimiter
* bump agent
* Split up pg and sqlite builds
* More typing fixes, build-and-push script
* Fix Dockerfile-pg
* Bump node-status-api
* TYping
* Agent build script
* More logging around testruns
* Fail loudly on read errors
* Cleanup
* Debug get gateways query
* Fix get_gateways query
* Use pg cert, 3.1.16
* Submit regular results to primary server
* Bump freshenss cutoff
* Update Cargo.lock
* fix: resolve rebase conflicts and compilation errors
After rebasing onto develop, fixed several issues:
- Fixed borrowed data escapes error by using sqlx::query directly in transaction functions
- Removed unused imports and cleaned up code
- Maintained database-specific implementations for transaction functions
* fmt
* Make PG default to make lives easier
* Performance improvements for Explorer v2
* Fix sqlite build
* Fix PG migration
* Tests round 1
* DB tests
* More tests
* And some more tests
* And some more, more tests
* cargo fmt
* Fix some failing lints
* Fix lioness version problems
* Clippy in tests
---------
Co-authored-by: dynco-nym <173912580+dynco-nym@users.noreply.github.com>
* wip: changes to surb logic + stronger db typing
* surb invalidation logic
* chore: remove unused deps
* resolving todos
* a lot of additional bugfixes
* 1.88 clippy
* wasm fixes
* wasm clippy
* wallet clippy
* wait for epoch end when setting up new network
* split ReplyController into Sender and Receiver for easier reasoning
* additional reply surbs improvements
includes, but is not limited to: unconditionally reseting sender tag on restart, limiting number of surb re-requests, resetting stale surbs on load
* fixed calculation of number of removed surbs
* add additional calculated field to key rotation info
* DBG: 'request_reply_surbs_for_queue_clearing' temp logs
* fixes for silly mistakes
* conditionally reduce log severity
* wip
* wip: wrap node's sphinx key with a manager
* wip: choosing correct key for packet processing
* further propagation of key rotation information
* attaching key rotation information to reply surbs
* added basic key rotation information to mixnet contract
* wip: introducing cached queries for key rotation info from nym api
* unified nym-api contract cache refreshing
* finish packet decoding
* multi api client + retrieving rotation id
* rotating sphinx key files
* logic for migrating config file
* wip: putting new sphinx keys to self described endpoints
* processing loop of KeyRotationController
* fixed sphinx key loading
* rotating bloomfilters
* wired up KeyRotationController
* flushing bloomfilters to disk and loading
* most of nym-node changes
* post rebase fixes
* fixes due to backwards compatible hostkeys
* split http state.rs file
* dont use deprecated fields
* fixed backwards compatible deserialisation of host information
* split up node describe cache
* added a dedicated CacheRefresher listener to perform full refresh outside the set interval
* controlling announced sphinx keys within nym-api
* retrieving rotation id when pulling topology
* split nym-nodes http handlers
* v2 nym-api endpoints to retrieve nodes with additional metadata information
* bug fixes...
* additional bugfixes and guards against stuck epoch
* testnet manager: set first nym-api as the rewarder
* fixed host information deserialisation
* fixed panic during first key rotation
* post rebase fixes
* clippy
* more guards against stuck epochs
* added helper method to reset node's sphinx key
* instantiate mixnet contract with custom key rotation validity
* additional bugfixes and debugging nym-api deadlock
* passing shutdown to nym apis client
* remove dead test
* post rebasing fixes
* missing MixnetQueryClient variants
* remove usage of deprecated methods in sdk example
* fix: incorrect method signature
* post rebasing fixes
* attempt to retrieve key rotation id before doing any config migration work
* ignore tests relying on networking behaviour
* allow networking failures in certain tests
* Clippy in wallet & sdk
* Clippy in wallet
* Pin rust to 1.86 in builder
* apply changes from b7da75a18c
* missing nym-node features
* Box all the things
* additional boxes in the wallet
* post rebasing clippy
---------
Co-authored-by: dynco-nym <173912580+dynco-nym@users.noreply.github.com>