Compare commits

..

46 Commits

Author SHA1 Message Date
benedettadavico 867acfef26 .. 2025-10-22 10:02:17 +02:00
benedettadavico e4996dc0ce comment out migration 2025-10-21 14:28:01 +02:00
Jędrzej Stuczyński a6e23a210b bugfix: update stored epoch share when changing ownership 2025-10-21 11:10:24 +01:00
Jędrzej Stuczyński 88c4e0ce6c bugfix: update stored epoch share when changing announce address (#6131)
* bugfix: update stored epoch share when changing announce address

* chore: remove placeholder legacy mixnode bonding test [mixnet contract]
2025-10-21 10:59:17 +01:00
Tommy Verrall 5a817e1df1 Merge pull request #6126 from nymtech/multiple-fall-back-urls
Changes:

Multiple URL fallback with configurable retries (defaults to 3)
Infallible URL conversion per Andrews feedback (Url::from() instead of parse().ok())
Non-breaking builder pattern for BuilderConfig per Andrej's "too many arguments" feedback
Reverted redundant node filtering per Andrew's clarification that API already filters by supported_roles.entry
2025-10-21 11:27:37 +02:00
Tommy Verrall a07a24db00 Fix CI issues 2025-10-21 11:01:04 +02:00
Tommy Verrall a0cb812eff Allow clippy::enum_variant_names for BuilderConfigError 2025-10-21 10:35:57 +02:00
Tommy Verrall 923c1fa184 Improve error handling
Changes:
- Replace String error with BuilderConfigError enum in BuilderConfigBuilder
- Update tests to use pattern matching instead of string assertions
2025-10-20 16:57:31 +02:00
Tommy Verrall 35ea7e4926 - Add DEFAULT_NYM_API_RETRIES constant (replaces magic number 3)
- Run cargo fmt on all affected packages
- All clippy warnings resolved
2025-10-20 16:51:07 +02:00
Tommy Verrall d1cb9afaf0 not sure what happened but it's fixed 2025-10-20 15:20:24 +02:00
Tommy Verrall 79d4b4b2e3 Merge branch 'develop' into multiple-fall-back-urls 2025-10-20 15:16:36 +02:00
Tommy Verrall 8460b33946 Merge branch 'multiple-fall-back-urls' of https://github.com/nymtech/nym into multiple-fall-back-urls 2025-10-20 15:16:17 +02:00
Tommy Verrall ae6539e07c Merge resolution 2025-10-20 15:14:48 +02:00
Tommy Verrall 18cebdfedc Add accessor methods for Url internals
Add inner_url() and fronts() accessor methods to nym_http_api_client::Url
for VPN client integration
2025-10-20 14:33:57 +02:00
Tommy Verrall c448ec823a Remove tests for removed with_nym_api_client method
These tests were referencing with_nym_api_client() which was removed when
cleaning domain fronting code from this branch
2025-10-20 11:52:04 +02:00
Tommy Verrall a266137278 Add optional builder pattern for BuilderConfig (non-breaking)
Addresses @jstuczyn's feedback about too many arguments by adding
BuilderConfigBuilder as an alternative to the existing new() method.
2025-10-20 11:39:50 +02:00
Tommy Verrall 6f4dfd1dab fix conversion type && make the retry count configurable 2025-10-20 11:15:31 +02:00
Andy Duplain 57719787db Merge pull request #6130 from nymtech/andy/url_fronts
VPN-4262: Update `Url` to return `url` and `front` fields.
2025-10-17 15:44:08 +01:00
Andy Duplain 29a57bf172 VPN-4262: Update Url to return url and front fields.
The VPN client is using the `Url` type alot now and in order to avoid
double URL-parsing we would like the content of the `Url` type exposed.
2025-10-17 15:37:07 +01:00
Tommy Verrall db813b6e3e Revert node filtering changes per Andrew's feedback
Andrew clarified that get_basic_entry_assigned_nodes_v2() already filters by
supported_roles.entry
2025-10-17 15:18:28 +02:00
Tommy Verrall 1be5ba310a Remove domain fronting code to keep gateway changes only
This branch now contains only gateway registration improvements:
- Multiple URL fallback support in gateways_for_init()
- Get all entry-capable nodes for registration
- Performance and code quality improvements
2025-10-17 14:27:31 +02:00
Tommy Verrall 41ff3f7824 Address PR feedback: simplify code and reduce log noise
- Reverted all changes to topology_control/nym_api_provider.rs
- Changed info/warn logs to debug for custom client messages
- Removed unused _rng parameter from gateways_for_init()
- Simplified URL builder to always use new_with_urls()
2025-10-17 14:20:12 +02:00
Tommy Verrall c9d4d62446 Fix clippy warnings: use arrays instead of vec! in tests 2025-10-17 13:30:30 +02:00
Tommy Verrall e839a0d80e Merge develop into multiple-fall-back-urls
Resolved conflicts:
- Added event_tx field to MixnetClientBuilder alongside custom_nym_api_client
- Both features are independent and coexist:
  * custom_nym_api_client: for domain fronting support
  * event_tx: for event handling
- Updated all constructors and methods to properly handle both fields
2025-10-17 13:23:04 +02:00
Tommy Verrall cd61f930bf feat: pass custom HTTP client through SDK stack for domain fronting
- Add with_nym_api_client() to BaseClientBuilder, MixnetClientBuilder, and RegistrationClientBuilderConfig

- Modify nym_api_provider to fetch all nodes then filter by supported_roles.entry (fixes metadata inconsistency)

- Update helpers.rs to build HTTP client with all nym_apis URLs and retries for fallback support

- Fix SDK to use entry_capable_nodes() instead of entry_gateways() for broader gateway selection

This enables domain fronting and URL rotation throughout the entire SDK stack, improving censorship resistance and connection reliability. All changes are backward compatible - custom client is optional.
2025-10-17 08:36:23 +02:00
Bogdan-Ștefan Neacşu 0674f31227 Introduce event backchannel (#6119)
* Introduce even backchannel

* Rust fmt

* Rename Event to MixnetClientEvent

* Use unbounded_send for events

* Remove unused file

* Remove mut borrow

* Event hierarchy and mixnet client intermediary

* Export MixTrafficEvent in sdk
2025-10-16 19:02:36 +03:00
Jędrzej Stuczyński 3e4f563dce Merge pull request #6099 from nymtech/bugfix/incompatibility-fixes
Bugfix/incompatibility fixes
2025-10-16 15:58:43 +01:00
Tommy Verrall edcf2b1204 enable URL rotation and retries for mixnet gateway init 2025-10-16 16:22:57 +02:00
Jędrzej Stuczyński b07fb18113 Merge pull request #6125 from nymtech/merge/release/2025.18-jarlsberg
Merge/release/2025.18 jarlsberg
2025-10-16 14:50:16 +01:00
benedettadavico 017dea4afd update changelog 2025-10-16 14:09:46 +01:00
Jędrzej Stuczyński 5a9ce13beb Bugfix/bloomfilters purge (#6089)
* remove all old bloomfilters upon starting binary

* remove old bloomfilter file upon purging secondary data
2025-10-16 14:09:45 +01:00
benedettadavico 514cf25c68 bump versions 2025-10-16 13:53:06 +01:00
Andrej Mihajlov 49ee0636e4 Merge pull request #6109 from nymtech/am/update-dirs-6
Update dirs to 6.0
2025-10-16 12:59:31 +02:00
Jędrzej Stuczyński bb971ce99c bugfix: nym-credential-proxy query params parsing regression (#6121) 2025-10-16 11:40:12 +01:00
Tommy Verrall 54de369c1e Skip ipv6 metadata endpoint request (#6118)
Co-authored-by: Tommy Verrall <tommy@nymtech.net>
2025-10-16 11:39:53 +01:00
Jędrzej Stuczyński 6d6ce284df bugfix: revert some dep updates introduced in #6043 (#6120) 2025-10-16 11:39:09 +01:00
Andrej Mihajlov 56ad1c6c8e Merge pull request #6115 from nymtech/am/revert-cancel-token
Revert "Propagate cancel token to mixnet client"
2025-10-15 16:54:49 +02:00
Jędrzej Stuczyński 10b4a288c8 chore: restore pending dkg contract state migration (#6116)
since it has not yet been run on mainnet
2025-10-15 14:18:03 +01:00
benedetta davico bbbb9486ce Merge pull request #6117 from nymtech/probe/remove-1mb-file
update to no longer use 1mb files
2025-10-15 15:17:01 +02:00
benedetta davico 16e86e1a07 Update lib.go 2025-10-15 15:15:20 +02:00
Jędrzej Stuczyński ca0c9898f0 bugfix: retrieve and update ticketbook in the same query (#6101)
* bugfix: retrieve and update ticketbook in the same query

* bump up NS version

* Update Cargo.toml

* remove SKIP LOCKED part of the query

---------

Co-authored-by: benedetta davico <46782255+benedettadavico@users.noreply.github.com>
2025-10-15 13:53:07 +01:00
Andrej Mihajlov 8b73d4e615 Revert "Propagate cancel token to mixnet client"
This reverts commit 50a259d454.
2025-10-15 14:17:36 +02:00
mfahampshire 6a9a767ab4 DOCS Jarlsberg Release (#6111)
* First pass release notes

* build info
2025-10-15 09:20:03 +00:00
Andrej Mihajlov e03a9fa16f Merge pull request #6105 from nymtech/am/reg-client-mixnet-cancel-token
Propagate cancel token to mixnet client
2025-10-14 13:10:02 +02:00
Andrej Mihajlov a0fbd57d5b Update dirs to 6.0 2025-10-14 11:17:33 +02:00
Andrej Mihajlov cfa7635ae1 Propagate cancel token to mixnet client 2025-10-13 12:25:54 +02:00
62 changed files with 2090 additions and 1263 deletions
+1 -1
View File
@@ -54,7 +54,7 @@ jobs:
uses: actions-rs/cargo@v1
with:
command: test
args: --lib --manifest-path contracts/Cargo.toml
args: --lib --manifest-path contracts/Cargo.toml --all-features
- name: Check formatting
uses: actions-rs/cargo@v1
+44
View File
@@ -4,6 +4,50 @@ Post 1.0.0 release, the changelog format is based on [Keep a Changelog](https://
## [Unreleased]
## [2025.18-jarlsberg] (2025-10-14)
- ns-api: add descriptions to dVPN gateway responses ([#6102])
- NS API: use new probe download filesize and milliseconds field ([#6097])
- ns-api: use download files size from probes instead of parsing filenames ([#6095])
- ns-api: add new fields for probe output for query_metadata and download file size and duration in ms ([#6091])
- Bugfix/bloomfilters purge ([#6089])
- Hotfix: Update API source in node ping tester script ([#6082])
- Get wireguard keypair as arg instead of reading it from disk ([#6078])
- Feature: Ping probe all nodes /described nodes from a server ([#6074])
- Node Status API: add bridge information to dVPN endpoint ([#6069])
- frontdoor typo fix ([#6067])
- Feature: Node rewards tracker ([#6064])
- [chore] Clippy fix ([#6060])
- Registration Client ([#6059])
- Bugfix: Nym node CLI download nym-node exception ([#6058])
- Feature: Nym node html landing page ([#6053])
- feat: DKG contract method for updating announce address ([#6050])
- feat: NS ticket faucet ([#6047])
- Bridge proto client params in Self-Described ([#6035])
- Node Status API: remove sqlite support ([#6004])
- Benny/ci contract fix ([#5962])
[#6102]: https://github.com/nymtech/nym/pull/6102
[#6097]: https://github.com/nymtech/nym/pull/6097
[#6095]: https://github.com/nymtech/nym/pull/6095
[#6091]: https://github.com/nymtech/nym/pull/6091
[#6089]: https://github.com/nymtech/nym/pull/6089
[#6082]: https://github.com/nymtech/nym/pull/6082
[#6078]: https://github.com/nymtech/nym/pull/6078
[#6074]: https://github.com/nymtech/nym/pull/6074
[#6069]: https://github.com/nymtech/nym/pull/6069
[#6067]: https://github.com/nymtech/nym/pull/6067
[#6064]: https://github.com/nymtech/nym/pull/6064
[#6060]: https://github.com/nymtech/nym/pull/6060
[#6059]: https://github.com/nymtech/nym/pull/6059
[#6058]: https://github.com/nymtech/nym/pull/6058
[#6053]: https://github.com/nymtech/nym/pull/6053
[#6050]: https://github.com/nymtech/nym/pull/6050
[#6047]: https://github.com/nymtech/nym/pull/6047
[#6035]: https://github.com/nymtech/nym/pull/6035
[#6004]: https://github.com/nymtech/nym/pull/6004
[#5962]: https://github.com/nymtech/nym/pull/5962
## [2025.17-isabirra] (2025-09-29)
- Bugfix | Fix the registration handshake ([#6062])
Generated
+680 -810
View File
File diff suppressed because it is too large Load Diff
+1 -1
View File
@@ -248,7 +248,7 @@ dashmap = "5.5.3"
# We want https://github.com/DefGuard/wireguard-rs/pull/64 , but there's no crates.io release being pushed out anymore
defguard_wireguard_rs = { git = "https://github.com/DefGuard/wireguard-rs.git", rev = "v0.4.7" }
digest = "0.10.7"
dirs = "5.0"
dirs = "6.0"
doc-comment = "0.3"
dotenvy = "0.15.6"
dyn-clone = "1.0.19"
+1 -1
View File
@@ -1,6 +1,6 @@
[package]
name = "nym-client"
version = "1.1.63"
version = "1.1.64"
authors = ["Dave Hrycyszyn <futurechimp@users.noreply.github.com>", "Jędrzej Stuczyński <andrew@nymtech.net>"]
description = "Implementation of the Nym Client"
edition = "2021"
+1
View File
@@ -60,6 +60,7 @@ impl SocketClient {
let ClientInput {
connection_command_sender,
input_sender,
..
} = client_input;
let ClientOutput {
+1 -1
View File
@@ -1,6 +1,6 @@
[package]
name = "nym-socks5-client"
version = "1.1.63"
version = "1.1.64"
authors = ["Dave Hrycyszyn <futurechimp@users.noreply.github.com>"]
description = "A SOCKS5 localhost proxy that converts incoming messages to Sphinx and sends them to a Nym address"
edition = "2021"
@@ -114,13 +114,12 @@ where
})?;
hardcoded_topology.entry_capable_nodes().cloned().collect()
} else {
let mut rng = rand::thread_rng();
crate::init::helpers::gateways_for_init(
&mut rng,
&core.client.nym_api_urls,
user_agent,
core.debug.topology.minimum_gateway_performance,
core.debug.topology.ignore_ingress_epoch_role,
None,
)
.await?
};
@@ -173,13 +173,12 @@ where
})?;
hardcoded_topology.entry_capable_nodes().cloned().collect()
} else {
let mut rng = rand::thread_rng();
crate::init::helpers::gateways_for_init(
&mut rng,
&core.client.nym_api_urls,
user_agent,
core.debug.topology.minimum_gateway_performance,
core.debug.topology.ignore_ingress_epoch_role,
None,
)
.await?
};
@@ -7,11 +7,12 @@ use super::statistics_control::StatisticsControl;
use crate::client::base_client::storage::helpers::store_client_keys;
use crate::client::base_client::storage::MixnetClientStorage;
use crate::client::cover_traffic_stream::LoopCoverTrafficStream;
use crate::client::event_control::EventControl;
use crate::client::inbound_messages::{InputMessage, InputMessageReceiver, InputMessageSender};
use crate::client::key_manager::persistence::KeyStore;
use crate::client::key_manager::ClientKeys;
use crate::client::mix_traffic::transceiver::{GatewayReceiver, GatewayTransceiver, RemoteGateway};
use crate::client::mix_traffic::{BatchMixMessageSender, MixTrafficController};
use crate::client::mix_traffic::{BatchMixMessageSender, MixTrafficController, MixTrafficEvent};
use crate::client::real_messages_control;
use crate::client::real_messages_control::RealMessagesController;
use crate::client::received_buffer::{
@@ -66,7 +67,6 @@ use std::path::Path;
use std::sync::Arc;
use time::OffsetDateTime;
use tokio::sync::mpsc::Sender;
use tracing::*;
use url::Url;
#[cfg(target_arch = "wasm32")]
@@ -83,10 +83,28 @@ pub mod non_wasm_helpers;
pub mod helpers;
pub mod storage;
#[derive(Clone, Copy, Debug)]
pub enum MixnetClientEvent {
Traffic(MixTrafficEvent),
}
pub type EventReceiver = mpsc::UnboundedReceiver<MixnetClientEvent>;
#[derive(Clone)]
pub struct EventSender(pub mpsc::UnboundedSender<MixnetClientEvent>);
impl EventSender {
pub fn send(&self, event: MixnetClientEvent) {
if let Err(err) = self.0.unbounded_send(event) {
tracing::warn!("Failed to send error event. The caller event reader was closed: {err}");
}
}
}
#[derive(Clone)]
pub struct ClientInput {
pub connection_command_sender: ConnectionCommandSender,
pub input_sender: InputMessageSender,
pub client_request_sender: ClientRequestSender,
}
impl ClientInput {
@@ -198,6 +216,7 @@ pub struct BaseClientBuilder<C, S: MixnetClientStorage> {
custom_topology_provider: Option<Box<dyn TopologyProvider + Send + Sync>>,
custom_gateway_transceiver: Option<Box<dyn GatewayTransceiver + Send>>,
shutdown: Option<ShutdownTracker>,
event_tx: Option<EventSender>,
user_agent: Option<UserAgent>,
setup_method: GatewaySetup,
@@ -226,6 +245,7 @@ where
custom_topology_provider: None,
custom_gateway_transceiver: None,
shutdown: None,
event_tx: None,
user_agent: None,
setup_method: GatewaySetup::MustLoad { gateway_id: None },
#[cfg(unix)]
@@ -288,6 +308,12 @@ where
self
}
#[must_use]
pub fn with_event_tx(mut self, event_tx: EventSender) -> Self {
self.event_tx = Some(event_tx);
self
}
#[must_use]
pub fn with_user_agent(mut self, user_agent: UserAgent) -> Self {
self.user_agent = Some(user_agent);
@@ -318,6 +344,18 @@ where
details.client_address()
}
fn start_event_control(
parent_event_tx: Option<EventSender>,
children_event_rx: EventReceiver,
shutdown_tracker: &ShutdownTracker,
) {
let event_control = EventControl::new(parent_event_tx, children_event_rx);
shutdown_tracker.try_spawn_named_with_shutdown(
async move { event_control.run().await },
"EventControl",
);
}
// future constantly pumping loop cover traffic at some specified average rate
// the pumped traffic goes to the MixTrafficController
fn start_cover_traffic_stream(
@@ -329,7 +367,7 @@ where
stats_tx: ClientStatsSender,
shutdown_tracker: &ShutdownTracker,
) {
info!("Starting loop cover traffic stream...");
tracing::info!("Starting loop cover traffic stream...");
let mut stream = LoopCoverTrafficStream::new(
ack_key,
@@ -361,7 +399,7 @@ where
stats_tx: ClientStatsSender,
shutdown_tracker: &ShutdownTracker,
) {
info!("Starting real traffic stream...");
tracing::info!("Starting real traffic stream...");
let real_messages_controller = RealMessagesController::new(
controller_config,
@@ -446,7 +484,7 @@ where
metrics_reporter: ClientStatsSender,
shutdown_tracker: &ShutdownTracker,
) {
info!("Starting received messages buffer controller...");
tracing::info!("Starting received messages buffer controller...");
let controller = ReceivedMessagesBufferController::<SphinxMessageReceiver>::new(
local_encryption_keypair,
query_receiver,
@@ -557,7 +595,7 @@ where
details_store
.upgrade_stored_remote_gateway_key(gateway_client.gateway_identity(), &updated_key)
.await.map_err(|err| {
error!("failed to store upgraded gateway key! this connection might be forever broken now: {err}");
tracing::error!("failed to store upgraded gateway key! this connection might be forever broken now: {err}");
ClientCoreError::GatewaysDetailsStoreError { source: Box::new(err) }
})?
}
@@ -654,7 +692,7 @@ where
if topology_config.disable_refreshing {
// if we're not spawning the refresher, don't cause shutdown immediately
info!("The background topology refresher is not going to be started");
tracing::info!("The background topology refresher is not going to be started");
}
let mut topology_refresher = TopologyRefresher::new(
@@ -664,7 +702,7 @@ where
);
// before returning, block entire runtime to refresh the current network view so that any
// components depending on topology would see a non-empty view
info!("Obtaining initial network topology");
tracing::info!("Obtaining initial network topology");
topology_refresher.try_refresh().await;
if let Err(err) = topology_refresher.ensure_topology_is_routable().await {
@@ -690,13 +728,13 @@ where
.wait_for_gateway(local_gateway, waiting_timeout)
.await
{
error!(
tracing::error!(
"the gateway did not come back online within the specified timeout: {err}"
);
return Err(err.into());
}
} else {
error!("the gateway we're supposedly connected to does not exist. We'll not be able to send any packets to ourselves: {err}");
tracing::error!("the gateway we're supposedly connected to does not exist. We'll not be able to send any packets to ourselves: {err}");
return Err(err.into());
}
}
@@ -704,7 +742,7 @@ where
if !topology_config.disable_refreshing {
// don't spawn the refresher if we don't want to be refreshing the topology.
// only use the initial values obtained
info!("Starting topology refresher...");
tracing::info!("Starting topology refresher...");
shutdown_tracker.try_spawn_named_with_shutdown(
async move { topology_refresher.run().await },
"TopologyRefresher",
@@ -721,7 +759,7 @@ where
input_sender: Sender<InputMessage>,
shutdown_tracker: &ShutdownTracker,
) -> ClientStatsSender {
info!("Starting statistics control...");
tracing::info!("Starting statistics control...");
StatisticsControl::create_and_start(
config.debug.stats_reporting,
user_agent
@@ -736,10 +774,17 @@ where
fn start_mix_traffic_controller(
gateway_transceiver: Box<dyn GatewayTransceiver + Send>,
shutdown_tracker: &ShutdownTracker,
event_tx: EventSender,
) -> (BatchMixMessageSender, ClientRequestSender) {
info!("Starting mix traffic controller...");
let (mut mix_traffic_controller, mix_tx, client_tx) =
MixTrafficController::new(gateway_transceiver, shutdown_tracker.clone_shutdown_token());
tracing::info!("Starting mix traffic controller...");
let mut mix_traffic_controller = MixTrafficController::new(
gateway_transceiver,
shutdown_tracker.clone_shutdown_token(),
event_tx,
);
let mix_tx = mix_traffic_controller.mix_rx();
let client_tx = mix_traffic_controller.client_tx();
shutdown_tracker.try_spawn_named(
async move { mix_traffic_controller.run().await },
@@ -803,7 +848,7 @@ where
{
// if client keys do not exist already, create and persist them
if key_store.load_keys().await.is_err() {
info!("could not find valid client keys - a new set will be generated");
tracing::info!("could not find valid client keys - a new set will be generated");
let mut rng = OsRng;
let keys = if let Some(derivation_material) = derivation_material {
ClientKeys::from_master_key(&mut rng, &derivation_material)
@@ -850,7 +895,7 @@ where
<S::CredentialStore as CredentialStorage>::StorageError: Send + Sync + 'static,
<S::GatewaysDetailsStore as GatewaysDetailsStore>::StorageError: Sync + Send,
{
info!("Starting nym client");
tracing::info!("Starting nym client");
#[cfg(debug_assertions)]
#[cfg(target_arch = "wasm32")]
{
@@ -884,6 +929,9 @@ where
// channels responsible for controlling real messages
let (input_sender, input_receiver) = tokio::sync::mpsc::channel::<InputMessage>(1);
// channels responsible for event management
let (event_sender, event_receiver) = mpsc::unbounded();
// channels responsible for controlling ack messages
let (ack_sender, ack_receiver) = mpsc::unbounded();
let shared_topology_accessor =
@@ -892,10 +940,12 @@ where
// Create a shutdown tracker for this client - either as a child of provided tracker
// or get one from the registry
let shutdown_tracker = match self.shutdown {
Some(parent_tracker) => parent_tracker.clone(),
Some(parent_tracker) => parent_tracker.child_tracker(),
None => nym_task::get_sdk_shutdown_tracker()?,
};
Self::start_event_control(self.event_tx, event_receiver, &shutdown_tracker);
// channels responsible for dealing with reply-related fun
let (reply_controller_sender, reply_controller_receiver) =
reply_controller::requests::new_control_channels();
@@ -926,7 +976,7 @@ where
self.user_agent.clone(),
generate_client_stats_id(*self_address.identity()),
input_sender.clone(),
&shutdown_tracker.clone(),
&shutdown_tracker.child_tracker(),
);
// needs to be started as the first thing to block if required waiting for the gateway
@@ -936,7 +986,7 @@ where
shared_topology_accessor.clone(),
self_address.gateway(),
self.wait_for_gateway,
&shutdown_tracker.clone(),
&shutdown_tracker.child_tracker(),
)
.await?;
@@ -956,7 +1006,7 @@ where
stats_reporter.clone(),
#[cfg(unix)]
self.connection_fd_callback,
&shutdown_tracker.clone(),
&shutdown_tracker.child_tracker(),
)
.await?;
let gateway_ws_fd = gateway_transceiver.ws_fd();
@@ -964,7 +1014,7 @@ where
let reply_storage = Self::setup_persistent_reply_storage(
reply_storage_backend,
key_rotation_config,
&shutdown_tracker.clone(),
&shutdown_tracker.child_tracker(),
)
.await?;
@@ -975,7 +1025,7 @@ where
reply_storage.key_storage(),
reply_controller_sender.clone(),
stats_reporter.clone(),
&shutdown_tracker.clone(),
&shutdown_tracker.child_tracker(),
);
// The message_sender is the transmitter for any component generating sphinx packets
@@ -983,8 +1033,11 @@ where
// traffic stream.
// The MixTrafficController then sends the actual traffic
let (message_sender, client_request_sender) =
Self::start_mix_traffic_controller(gateway_transceiver, &shutdown_tracker.clone());
let (message_sender, client_request_sender) = Self::start_mix_traffic_controller(
gateway_transceiver,
&shutdown_tracker.child_tracker(),
EventSender(event_sender),
);
// Channels that the websocket listener can use to signal downstream to the real traffic
// controller that connections are closed.
@@ -1013,7 +1066,7 @@ where
shared_lane_queue_lengths.clone(),
client_connection_rx,
stats_reporter.clone(),
&shutdown_tracker.clone(),
&shutdown_tracker.child_tracker(),
);
if !self
@@ -1029,12 +1082,12 @@ where
shared_topology_accessor.clone(),
message_sender,
stats_reporter.clone(),
&shutdown_tracker.clone(),
&shutdown_tracker.child_tracker(),
);
}
debug!("Core client startup finished!");
debug!("The address of this client is: {self_address}");
tracing::debug!("Core client startup finished!");
tracing::debug!("The address of this client is: {self_address}");
#[cfg(debug_assertions)]
#[cfg(target_arch = "wasm32")]
@@ -1050,6 +1103,7 @@ where
client_input: ClientInput {
connection_command_sender: client_connection_tx,
input_sender,
client_request_sender,
},
},
client_output: ClientOutputStatus::AwaitingConsumer {
@@ -1065,7 +1119,6 @@ where
},
stats_reporter,
shutdown_handle: shutdown_tracker, // The primary tracker for this client
client_request_sender,
forget_me: self.config.debug.forget_me,
remember_me: self.config.debug.remember_me,
})
@@ -1079,7 +1132,6 @@ pub struct BaseClient {
pub client_output: ClientOutputStatus,
pub client_state: ClientState,
pub stats_reporter: ClientStatsSender,
pub client_request_sender: ClientRequestSender,
pub shutdown_handle: ShutdownTracker,
pub forget_me: ForgetMe,
pub remember_me: RememberMe,
@@ -0,0 +1,40 @@
// Copyright 2025 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: Apache-2.0
use futures::StreamExt;
use crate::client::base_client::{EventReceiver, EventSender, MixnetClientEvent};
/// Launches and manages task events, propagating upwards what is not strictly internal.
pub(crate) struct EventControl {
parent_event_tx: Option<EventSender>,
children_event_rx: EventReceiver,
}
impl EventControl {
pub(crate) fn new(
parent_event_tx: Option<EventSender>,
children_event_rx: EventReceiver,
) -> Self {
EventControl {
parent_event_tx,
children_event_rx,
}
}
fn is_internal(event: MixnetClientEvent) -> bool {
match event {
MixnetClientEvent::Traffic(_) => false,
}
}
pub(crate) async fn run(mut self) {
while let Some(event) = self.children_event_rx.next().await {
if let Some(parent_event_tx) = &self.parent_event_tx {
if !Self::is_internal(event) {
parent_event_tx.send(event);
}
}
}
}
}
@@ -1,7 +1,10 @@
// Copyright 2021 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: Apache-2.0
use crate::client::mix_traffic::transceiver::GatewayTransceiver;
use crate::client::{
base_client::{EventSender, MixnetClientEvent},
mix_traffic::transceiver::GatewayTransceiver,
};
use nym_gateway_requests::ClientRequest;
use nym_sphinx::forwarding::packet::MixPacket;
use nym_task::ShutdownToken;
@@ -22,28 +25,33 @@ const MAX_FAILURE_COUNT: usize = 100;
// that's also disgusting.
pub struct Empty;
#[derive(Clone, Copy, Debug)]
pub enum MixTrafficEvent {
FailedSendingSphinx,
}
pub struct MixTrafficController {
gateway_transceiver: Box<dyn GatewayTransceiver + Send>,
mix_tx: BatchMixMessageSender,
mix_rx: BatchMixMessageReceiver,
client_rx: ClientRequestReceiver,
client_tx: ClientRequestSender,
// TODO: this is temporary work-around.
// in long run `gateway_client` will be moved away from `MixTrafficController` anyway.
consecutive_gateway_failure_count: usize,
shutdown_token: ShutdownToken,
event_tx: EventSender,
}
impl MixTrafficController {
pub fn new<T>(
gateway_transceiver: T,
shutdown_token: ShutdownToken,
) -> (
MixTrafficController,
BatchMixMessageSender,
ClientRequestSender,
)
event_tx: EventSender,
) -> MixTrafficController
where
T: GatewayTransceiver + Send + 'static,
{
@@ -52,41 +60,32 @@ impl MixTrafficController {
let (client_sender, client_receiver) = tokio::sync::mpsc::channel(8);
(
MixTrafficController {
gateway_transceiver: Box::new(gateway_transceiver),
mix_rx: message_receiver,
client_rx: client_receiver,
consecutive_gateway_failure_count: 0,
shutdown_token,
},
message_sender,
client_sender,
)
MixTrafficController {
gateway_transceiver: Box::new(gateway_transceiver),
mix_tx: message_sender,
mix_rx: message_receiver,
client_rx: client_receiver,
client_tx: client_sender,
consecutive_gateway_failure_count: 0,
shutdown_token,
event_tx,
}
}
pub fn new_dynamic(
gateway_transceiver: Box<dyn GatewayTransceiver + Send>,
shutdown_token: ShutdownToken,
) -> (
MixTrafficController,
BatchMixMessageSender,
ClientRequestSender,
) {
let (message_sender, message_receiver) =
tokio::sync::mpsc::channel(MIX_MESSAGE_RECEIVER_BUFFER_SIZE);
let (client_sender, client_receiver) = tokio::sync::mpsc::channel(8);
(
MixTrafficController {
gateway_transceiver,
mix_rx: message_receiver,
client_rx: client_receiver,
consecutive_gateway_failure_count: 0,
shutdown_token,
},
message_sender,
client_sender,
)
event_tx: EventSender,
) -> MixTrafficController {
Self::new(gateway_transceiver, shutdown_token, event_tx)
}
pub fn client_tx(&self) -> ClientRequestSender {
self.client_tx.clone()
}
pub fn mix_rx(&self) -> BatchMixMessageSender {
self.mix_tx.clone()
}
async fn on_messages(
@@ -145,35 +144,26 @@ impl MixTrafficController {
trace!("MixTrafficController: Received shutdown");
break;
}
mix_packets = self.mix_rx.recv() => match mix_packets {
Some(mix_packets) => {
if let Err(err) = self.on_messages(mix_packets).await {
error!("Failed to send sphinx packet(s) to the gateway: {err}");
if self.consecutive_gateway_failure_count == MAX_FAILURE_COUNT {
// Disconnect from the gateway. If we should try to re-connect
// is handled at a higher layer.
error!("Failed to send sphinx packet to the gateway {MAX_FAILURE_COUNT} times in a row - assuming the gateway is dead");
// Do we need to handle the embedded mixnet client case
// separately?
self.shutdown_token.cancel();
break;
}
// mix_rx should never error out as we're holding one instance of the sender
Some(mix_packets) = self.mix_rx.recv() => {
if let Err(err) = self.on_messages(mix_packets).await {
error!("Failed to send sphinx packet(s) to the gateway: {err}");
if self.consecutive_gateway_failure_count == MAX_FAILURE_COUNT {
// Disconnect from the gateway. If we should try to re-connect
// is handled at a higher layer.
error!("Failed to send sphinx packet to the gateway {MAX_FAILURE_COUNT} times in a row - assuming the gateway is dead");
// Do we need to handle the embedded mixnet client case
// separately?
self.event_tx.send(MixnetClientEvent::Traffic(MixTrafficEvent::FailedSendingSphinx));
break;
}
},
None => {
trace!("MixTrafficController: Stopping since channel closed");
break;
}
},
client_request = self.client_rx.recv() => match client_request {
Some(client_request) => {
self.on_client_request(client_request).await;
},
None => {
trace!("MixTrafficController, client request channel closed");
break
}
},
// client_rx should never error out as we're holding one instance of the sender
Some(client_request) = self.client_rx.recv() => {
self.on_client_request(client_request).await;
}
}
}
debug!("MixTrafficController: Exiting");
+1
View File
@@ -3,6 +3,7 @@
pub mod base_client;
pub mod cover_traffic_stream;
pub(crate) mod event_control;
pub(crate) mod helpers;
pub mod inbound_messages;
pub mod key_manager;
+77 -20
View File
@@ -45,6 +45,7 @@ type WsConn = JSWebsocket;
const CONCURRENT_GATEWAYS_MEASURED: usize = 20;
const MEASUREMENTS: usize = 3;
const DEFAULT_NYM_API_RETRIES: usize = 3;
#[cfg(not(target_arch = "wasm32"))]
const CONN_TIMEOUT: Duration = Duration::from_millis(1500);
@@ -132,25 +133,27 @@ impl<'a, G: ConnectableGateway> GatewayWithLatency<'a, G> {
}
}
pub async fn gateways_for_init<R: Rng>(
rng: &mut R,
pub async fn gateways_for_init(
nym_apis: &[Url],
user_agent: Option<UserAgent>,
minimum_performance: u8,
ignore_epoch_roles: bool,
retry_count: Option<usize>,
) -> Result<Vec<RoutingNode>, ClientCoreError> {
let nym_api = nym_apis
.choose(rng)
.ok_or(ClientCoreError::ListOfNymApisIsEmpty)?;
// Build client with ALL URLs for fallback support
let nym_api_urls: Vec<nym_http_api_client::Url> = nym_apis
.iter()
.map(|url| nym_http_api_client::Url::from(url.clone()))
.collect();
// Use the unified HTTP client directly with optional user agent
let mut builder = nym_http_api_client::Client::builder(nym_api.clone())
.map_err(|e| {
ClientCoreError::ValidatorClientError(nym_validator_client::ValidatorClientError::from(
e,
))
})?
.with_bincode(); // Use bincode for better performance
if nym_api_urls.is_empty() {
return Err(ClientCoreError::ListOfNymApisIsEmpty);
}
let retry_count = retry_count.unwrap_or(DEFAULT_NYM_API_RETRIES);
let mut builder = nym_http_api_client::ClientBuilder::new_with_urls(nym_api_urls.clone())
.with_retries(retry_count)
.with_bincode();
if let Some(user_agent) = user_agent {
builder = builder.with_user_agent(user_agent);
@@ -160,7 +163,7 @@ pub async fn gateways_for_init<R: Rng>(
ClientCoreError::ValidatorClientError(nym_validator_client::ValidatorClientError::from(e))
})?;
tracing::debug!("Fetching list of gateways from: {nym_api}");
tracing::debug!("Fetching list of gateways from: {:?}", nym_api_urls);
// Use our helper to handle pagination
let gateways = get_all_basic_entry_nodes_with_metadata(&client, true)
@@ -172,17 +175,15 @@ pub async fn gateways_for_init<R: Rng>(
// filter out gateways below minimum performance and ones that could operate as a mixnode
// (we don't want instability)
let valid_gateways = gateways
let valid_gateways: Vec<RoutingNode> = gateways
.iter()
.filter(|g| ignore_epoch_roles || !g.supported_roles.mixnode)
.filter(|g| g.performance.round_to_integer() >= minimum_performance)
.filter_map(|gateway| gateway.try_into().ok())
.collect::<Vec<_>>();
tracing::debug!("After checking validity: {}", valid_gateways.len());
tracing::trace!("Valid gateways: {valid_gateways:#?}");
.collect();
tracing::info!(
"and {} after validity and performance filtering",
"Found {} valid gateways after filtering",
valid_gateways.len()
);
@@ -345,13 +346,20 @@ pub(super) fn get_specified_gateway(
must_use_tls: bool,
) -> Result<RoutingNode, ClientCoreError> {
tracing::debug!("Requesting specified gateway: {gateway_identity}");
let user_gateway = ed25519::PublicKey::from_base58_string(gateway_identity)
.map_err(ClientCoreError::UnableToCreatePublicKeyFromGatewayId)?;
let gateway = gateways
.iter()
.find(|gateway| gateway.identity_key == user_gateway)
.ok_or_else(|| ClientCoreError::NoGatewayWithId(gateway_identity.to_string()))?;
.ok_or_else(|| {
tracing::debug!(
"Gateway {gateway_identity} not found in {} available gateways",
gateways.len()
);
ClientCoreError::NoGatewayWithId(gateway_identity.to_string())
})?;
let Some(entry_details) = gateway.entry.as_ref() else {
return Err(ClientCoreError::UnsupportedEntry {
@@ -414,3 +422,52 @@ pub(super) async fn register_with_gateway(
authenticated_ephemeral_client: gateway_client,
})
}
#[cfg(test)]
mod tests {
use url::Url;
#[test]
fn test_single_url_builds_without_retries() {
let urls = [Url::parse("https://api.nym.com").unwrap()];
let nym_api_urls: Vec<nym_http_api_client::Url> = urls
.iter()
.map(|url| nym_http_api_client::Url::from(url.clone()))
.collect();
assert_eq!(nym_api_urls.len(), 1, "Should have exactly one URL");
}
#[test]
fn test_multiple_urls_prepared_for_retries() {
let urls = vec![
Url::parse("https://api1.nym.com").unwrap(),
Url::parse("https://api2.nym.com").unwrap(),
Url::parse("https://api3.nym.com").unwrap(),
];
let nym_api_urls: Vec<nym_http_api_client::Url> = urls
.iter()
.map(|url| nym_http_api_client::Url::from(url.clone()))
.collect();
assert_eq!(nym_api_urls.len(), 3, "Should have all three URLs");
assert!(
nym_api_urls.len() > 1,
"Multiple URLs trigger retry behavior"
);
}
#[test]
fn test_empty_url_list_is_detected() {
let urls: Vec<Url> = vec![];
let nym_api_urls: Vec<nym_http_api_client::Url> = urls
.iter()
.map(|url| nym_http_api_client::Url::from(url.clone()))
.collect();
assert!(nym_api_urls.is_empty(), "Empty list should remain empty");
}
}
+10
View File
@@ -183,6 +183,11 @@ impl Url {
})
}
/// Returns the underlying URL
pub fn inner_url(&self) -> &url::Url {
&self.url
}
/// Returns true if the URL has a front domain set
pub fn has_front(&self) -> bool {
if let Some(fronts) = &self.fronts {
@@ -201,6 +206,11 @@ impl Url {
.and_then(|url| url.host_str())
}
/// Returns the fronts
pub fn fronts(&self) -> Option<&[url::Url]> {
self.fronts.as_deref()
}
/// Return the string representation of the host (domain or IP address) for this URL, if any.
pub fn host_str(&self) -> Option<&str> {
self.url.host_str()
+1
View File
@@ -119,6 +119,7 @@ where
let ClientInput {
connection_command_sender,
input_sender,
..
} = client_input;
let ClientOutput {
+2 -4
View File
@@ -160,13 +160,12 @@ pub async fn setup_gateway_from_api(
minimum_performance: u8,
ignore_epoch_roles: bool,
) -> Result<InitialisationResult, WasmCoreError> {
let mut rng = thread_rng();
let gateways = gateways_for_init(
&mut rng,
nym_apis,
None,
minimum_performance,
ignore_epoch_roles,
None,
)
.await?;
setup_gateway_wasm(client_store, force_tls, chosen_gateway, gateways).await
@@ -178,13 +177,12 @@ pub async fn current_gateways_wasm(
minimum_performance: u8,
ignore_epoch_roles: bool,
) -> Result<Vec<RoutingNode>, ClientCoreError> {
let mut rng = thread_rng();
gateways_for_init(
&mut rng,
nym_apis,
user_agent,
minimum_performance,
ignore_epoch_roles,
None,
)
.await
}
+3 -1
View File
@@ -255,10 +255,12 @@ pub fn query(deps: Deps<'_>, env: Env, msg: QueryMsg) -> Result<QueryResponse, C
}
#[entry_point]
pub fn migrate(deps: DepsMut<'_>, _env: Env, _msg: MigrateMsg) -> Result<Response, ContractError> {
pub fn migrate(deps: DepsMut<'_>, env: Env, _msg: MigrateMsg) -> Result<Response, ContractError> {
set_build_information!(deps.storage)?;
cw2::ensure_from_older_version(deps.storage, CONTRACT_NAME, CONTRACT_VERSION)?;
// crate::queued_migrations::introduce_historical_epochs(deps, env)?;
Ok(Response::new())
}
@@ -9,6 +9,7 @@ use crate::epoch_state::storage::{load_current_epoch, save_epoch};
use crate::epoch_state::utils::check_epoch_state;
use crate::error::ContractError;
use crate::state::storage::STATE;
use crate::verification_key_shares::storage::vk_shares;
use crate::Dealer;
use cosmwasm_std::{Deps, DepsMut, Env, Event, MessageInfo, Response};
use nym_coconut_dkg_common::dealer::{DealerRegistrationDetails, OwnershipTransfer};
@@ -109,7 +110,7 @@ pub fn try_transfer_ownership(
DEALERS_INDICES.save(deps.storage, &transfer_to, &current_index)?;
DEALERS_INDICES.remove(deps.storage, &info.sender);
// update registration detail for every epoch the current dealer has participated in the protocol
// update registration detail and share information for every epoch the current dealer has participated in the protocol
// ideally, we'd have only updated the current epoch, but the way the contract is constructed
// forbids that otherwise we'd have introduced inconsistency
for epoch_id in 0..=epoch.epoch_id {
@@ -117,6 +118,11 @@ pub fn try_transfer_ownership(
EPOCH_DEALERS_MAP.remove(deps.storage, (epoch_id, &info.sender));
EPOCH_DEALERS_MAP.save(deps.storage, (epoch_id, &transfer_to), &details)?;
}
if let Some(mut vk_share) = vk_shares().may_load(deps.storage, (&info.sender, epoch_id))? {
vk_shares().remove(deps.storage, (&info.sender, epoch_id))?;
vk_share.owner = transfer_to.clone();
vk_shares().save(deps.storage, (&transfer_to, epoch_id), &vk_share)?;
}
}
let Some(transaction_info) = env.transaction else {
@@ -161,6 +167,14 @@ pub fn try_update_announce_address(
details.announce_address = new_address.clone();
EPOCH_DEALERS_MAP.save(deps.storage, (epoch.epoch_id, &info.sender), &details)?;
let mut contract_share = vk_shares().load(deps.storage, (&info.sender, epoch.epoch_id))?;
contract_share.announce_address = new_address.clone();
vk_shares().save(
deps.storage,
(&info.sender, epoch.epoch_id),
&contract_share,
)?;
Ok(Response::new().add_event(
Event::new("dkg-announce-address-update")
.add_attribute("dealer", info.sender)
@@ -228,9 +242,14 @@ pub(crate) mod tests {
#[cfg(feature = "testable-dkg-contract")]
mod tests_with_mock {
use super::*;
use crate::testable_dkg_contract::{init_contract_tester, DkgContractTesterExt};
use crate::testable_dkg_contract::{
init_contract_tester, init_contract_tester_with_group_members, DkgContractTesterExt,
};
use anyhow::Context;
use cosmwasm_std::testing::message_info;
use nym_contracts_common_testing::ContractOpts;
use nym_coconut_dkg_common::msg::QueryMsg;
use nym_coconut_dkg_common::verification_key::PagedVKSharesResponse;
use nym_contracts_common_testing::{ChainOpts, ContractOpts};
#[test]
fn transferring_ownership() -> anyhow::Result<()> {
@@ -248,6 +267,7 @@ mod tests_with_mock {
contract.run_initial_dummy_dkg();
let old_index = DEALERS_INDICES.load(&contract, &group_member)?;
let old_details = EPOCH_DEALERS_MAP.load(&contract, (0, &group_member))?;
let old_share = vk_shares().load(&contract, (&group_member, 0))?;
let not_group_member = contract.addr_make("not_group_member");
let (deps, env) = contract.deps_mut_env();
@@ -277,13 +297,20 @@ mod tests_with_mock {
assert!(EPOCH_DEALERS_MAP
.may_load(&contract, (0, &group_member))?
.is_none());
assert!(vk_shares()
.may_load(&contract, (&group_member, 0))?
.is_none());
let new_index = DEALERS_INDICES.load(&contract, &new_group_member)?;
let new_details = EPOCH_DEALERS_MAP.load(&contract, (0, &new_group_member))?;
let new_share = vk_shares().load(&contract, (&new_group_member, 0))?;
// the underlying info hasn't changed
assert_eq!(old_index, new_index);
assert_eq!(old_details, new_details);
assert_ne!(old_share, new_share);
assert_eq!(old_share.owner, group_member);
assert_eq!(new_share.owner, new_group_member);
assert_eq!(
OWNERSHIP_TRANSFER_LOG.load(
@@ -436,9 +463,91 @@ mod tests_with_mock {
assert_eq!(old_details1, new_details1);
assert_eq!(old_details2, new_details2);
// most recent entry is updated
// most recent entry is updated
assert_eq!(new_details3.announce_address, new_address);
Ok(())
}
#[test]
fn updating_announce_address_updates_vk_shares() -> anyhow::Result<()> {
let mut contract = init_contract_tester_with_group_members(3);
let group_member = contract.random_group_member();
contract.run_initial_dummy_dkg(); // => epoch 0
contract.run_reset_dkg(); // => epoch 1
// LEAVE DKG MEMBERSHIP
contract.remove_group_member(group_member.clone());
contract.run_reset_dkg(); // => epoch 2
// COME BACK
contract.add_group_member(group_member.clone());
contract.run_reset_dkg(); // => epoch 3
let old_address = EPOCH_DEALERS_MAP
.load(&contract, (3, &group_member))?
.announce_address;
let old_share0 = vk_shares().load(&contract, (&group_member, 0))?;
let old_share1 = vk_shares().load(&contract, (&group_member, 1))?;
let old_share2 = vk_shares().may_load(&contract, (&group_member, 2))?;
assert!(old_share2.is_none());
let old_share3 = vk_shares().may_load(&contract, (&group_member, 3))?;
assert!(old_share3.is_some());
let new_address = "https://new-address.com".to_string();
try_update_announce_address(
contract.deps_mut(),
message_info(&group_member, &[]),
new_address.clone(),
)?;
let new_share0 = vk_shares().load(&contract, (&group_member, 0))?;
let new_share1 = vk_shares().load(&contract, (&group_member, 1))?;
let new_share2 = vk_shares().may_load(&contract, (&group_member, 2))?;
assert!(new_share2.is_none());
let new_share3 = vk_shares().load(&contract, (&group_member, 3))?;
// old epoch data is unchanged
assert_eq!(old_share0, new_share0);
assert_eq!(old_share1, new_share1);
assert_eq!(old_share2, new_share2);
// most recent entry is updated
assert_eq!(new_share3.announce_address, new_address);
// finally an integration check against query endpoint
let epoch0_shares: PagedVKSharesResponse =
contract.query(&QueryMsg::GetVerificationKeys {
epoch_id: 0,
limit: None,
start_after: None,
})?;
assert_eq!(epoch0_shares.shares.len(), 3);
let member_share = epoch0_shares
.shares
.iter()
.find(|s| s.owner == group_member)
.context("failed to find member's share")?;
assert_eq!(member_share.announce_address, old_address);
let epoch0_shares: PagedVKSharesResponse =
contract.query(&QueryMsg::GetVerificationKeys {
epoch_id: 3,
limit: None,
start_after: None,
})?;
assert_eq!(epoch0_shares.shares.len(), 3);
let member_share = epoch0_shares
.shares
.iter()
.find(|s| s.owner == group_member)
.context("failed to find member's share")?;
assert_eq!(member_share.announce_address, new_address);
Ok(())
}
}
@@ -1,2 +1,21 @@
// Copyright 2025 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: Apache-2.0
use crate::epoch_state::storage::HISTORICAL_EPOCH;
use crate::error::ContractError;
use cosmwasm_std::{DepsMut, Env};
pub fn introduce_historical_epochs(deps: DepsMut, env: Env) -> Result<(), ContractError> {
if HISTORICAL_EPOCH.may_load(deps.storage)?.is_some() {
return Err(ContractError::FailedMigration {
comment: "this migration has already been run before".to_string(),
});
}
#[allow(deprecated)]
let current = crate::epoch_state::storage::CURRENT_EPOCH.load(deps.storage)?;
// we won't have information on intermediate states prior to now, but that's not the end of the world
HISTORICAL_EPOCH.save(deps.storage, &current, env.block.height)?;
Ok(())
}
@@ -62,12 +62,18 @@ impl TestableNymContract for DkgContract {
where
Self: Sized,
{
init_contract_tester_with_group_members(DEFAULT_GROUP_MEMBERS)
init_contract_tester()
}
}
pub fn init_contract_tester() -> ContractTester<DkgContract> {
DkgContract::init().with_common_storage_key(CommonStorageKeys::Admin, "dkg-admin")
init_contract_tester_with_group_members(DEFAULT_GROUP_MEMBERS)
}
pub fn init_contract_tester_with_group_members(members: usize) -> ContractTester<DkgContract> {
prepare_contract_tester_builder_with_group_members(members)
.build()
.with_common_storage_key(CommonStorageKeys::Admin, "dkg-admin")
}
pub fn prepare_contract_tester_builder_with_group_members<C>(
@@ -137,12 +143,6 @@ where
builder
}
pub fn init_contract_tester_with_group_members(members: usize) -> ContractTester<DkgContract> {
prepare_contract_tester_builder_with_group_members(members)
.build()
.with_common_storage_key(CommonStorageKeys::Admin, "dkg-admin")
}
pub trait DkgContractTesterExt:
ContractOpts<ExecuteMsg = ExecuteMsg, QueryMsg = QueryMsg, ContractError = ContractError>
+ ChainOpts
-12
View File
@@ -1,12 +0,0 @@
// Copyright 2024 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: Apache-2.0
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn legacy_mixnode_bonding() {
todo!()
}
}
-4
View File
@@ -2,7 +2,3 @@
// SPDX-License-Identifier: Apache-2.0
pub(crate) mod transactions;
// the purpose of that module is to keep track of tests of legacy features that will eventually be phased out
// such as standalone mixnode/gateway bonding
pub(crate) mod legacy;
@@ -1 +1 @@
Monday, October 13th 2025, 13:24:56 UTC
Tuesday, October 14th 2025, 11:34:14 UTC
+338 -25
View File
@@ -49,6 +49,319 @@ This page displays a full list of all the changes during our release cycle from
<VarInfo />
## `v2025.18-jarlsberg`
- [Release Binaries](https://github.com/nymtech/nym/releases/tag/nym-binaries-v2025.18-jarlsberg)
- [`nym-node`](nodes/nym-node.mdx) version `1.19.0`
```sh
nym-node
Binary Name: nym-node
Build Timestamp: 2025-10-15T09:04:32.043934599Z
Build Version: 1.19.0
Commit SHA: 2235a6e1477bea7368ee5443a298f544deb63504
Commit Date: 2025-10-15T10:22:16.000000000+02:00
Commit Branch: master
rustc Version: 1.92.0-nightly
rustc Channel: nightly
cargo Profile: release
```
### API Changes
There have been a few updates to the Node Status API (used by the NymVPN API) to do with Nodes' metadata endpoints, which are used to determine if they are running a QUIC bridge.
- [Node Status API: add bridge information to dVPN endpoint](https://github.com/nymtech/nym/pull/6069)
Scrape the `/api/v1/bridges/client-params` endpoint from nodes to get bridge information and add to the dVPN output:
```
{
"identity_key": "3wqfp9ebaajgV8HRKYHeZuZCNXgitnW8BbytxyBH65xZ",
"name": "middle winner wing",
"authenticator": {
"address": "6CQMtm9DqUj7mPVkSD9YarjUuPh7mJaZQnnHWxNpgByh.AGXiTivVieBULeDhL9tuyMKgRydoT67sFCjeoERDN84k@3wqfp9ebaajgV8HRKYHeZuZCNXgitnW8BbytxyBH65xZ"
},
"ip_packet_router": {
"address": "GA47h8294m7f6ciyFuDkjk3mmqrvALqboL2o22jkqFhi.22SdTGBWKFrrBM31hMgzjmgduSH1nosnbE9dgNcY2CXz@3wqfp9ebaajgV8HRKYHeZuZCNXgitnW8BbytxyBH65xZ"
},
"location": {
"two_letter_iso_country_code": "GB",
"latitude": 51.5085,
"longitude": -0.1257
},
"last_probe": {
"last_updated_utc": "2025-09-02T18:19:10Z",
"outcome": {
"as_entry": {
"can_connect": true,
"can_route": true
},
"as_exit": {
"can_connect": true,
"can_route_ip_external_v4": true,
"can_route_ip_external_v6": true,
"can_route_ip_v4": true,
"can_route_ip_v6": true
},
"wg": {
"can_handshake_v4": true,
"can_handshake_v6": true,
"can_register": true,
"can_resolve_dns_v4": true,
"can_resolve_dns_v6": true,
"download_duration_sec_v4": 0,
"download_duration_sec_v6": 5,
"download_error_v4": "",
"download_error_v6": "",
"downloaded_file_v4": "https://proof.ovh.net/files/1Mb.dat",
"downloaded_file_v6": "https://proof.ovh.net/files/10Mb.dat",
"ping_hosts_performance_v4": 1,
"ping_hosts_performance_v6": 1,
"ping_ips_performance_v4": 1,
"ping_ips_performance_v6": 0.6666667,
"can_handshake": true,
"can_resolve_dns": true,
"ping_hosts_performance": 1,
"ping_ips_performance": 1
}
}
},
"ip_addresses": [
"178.79.168.250",
"2a01:7e00::f03c:95ff:fef8:77f"
],
"mix_port": 1789,
"role": "EntryGateway",
"entry": {
"hostname": "nym-circ.anonym.tech",
"ws_port": 9000,
"wss_port": 9443
},
+ "bridges":{
+ "version": 0,
+ "transports": [
+ {
+ "transport_type": "quic_plain",
+ "args": {
+ "addresses": ["[2a01:7e00::f03c:95ff:fef8:77f]:4443", "178.79.168.250:4443"],
+ "id_pubkey": "gyKl6DN9hgdPGhEzdf9gY4Ha2GzrOwSzLCguxeTVTJU=",
+ "host": "netdna.bootstrapcdn.com"
+ }
+ }
+ ]
+ }
"performance": "1",
"build_information": {
"build_version": "1.16.0",
"commit_branch": "build",
"commit_sha": "7f97f13799342f864e1b106e8cafc9f6d6c24c0f"
}
}
```
- [ns-api: add new fields for probe output for query_metadata and download file size and duration in ms](https://github.com/nymtech/nym/pull/6091)
This PR adds new fields to the Node Status API:
```json
{
"node": "ByxGq9hpDQu6Wc8augEh22w7CRWJHPNfDshB1b8nfWkh",
"used_entry": "ByxGq9hpDQu6Wc8augEh22w7CRWJHPNfDshB1b8nfWkh",
"outcome": {
"as_entry": {
"can_connect": true,
"can_route": true
},
"as_exit": {
"can_connect": true,
"can_route_ip_v4": true,
"can_route_ip_external_v4": true,
"can_route_ip_v6": true,
"can_route_ip_external_v6": true
},
"wg": {
"can_register": true,
"can_query_metadata_v4": true, // <--------------------------------
"can_handshake_v4": true,
"can_resolve_dns_v4": true,
"ping_hosts_performance_v4": 1.0,
"ping_ips_performance_v4": 1.0,
"can_handshake_v6": true,
"can_resolve_dns_v6": true,
"ping_hosts_performance_v6": 1.0,
"ping_ips_performance_v6": 0.93333334,
"download_duration_sec_v4": 2,
"download_duration_milliseconds_v4": 2034, // <--------------------------------
"downloaded_file_size_bytes_v4": 1048576, // <--------------------------------
"downloaded_file_v4": "https://nym-bandwidth-monitoring.ops-d86.workers.dev/1mb.dat",
"download_error_v4": "",
"download_duration_sec_v6": 5,
"downloaded_file_size_bytes_v6": 1048576,
"download_duration_milliseconds_v6": 5501,
"downloaded_file_v6": "https://proof.ovh.net/files/1Mb.dat",
"download_error_v6": ""
}
}
}
```
- [ns-api: add descriptions to dVPN gateway responses](https://github.com/nymtech/nym/pull/6102)
This PR adds the `description` field to dVPN gateways in `/dvpn/v1/directory/gateways`.
- [NS API: use new probe download filesize and milliseconds field](https://github.com/nymtech/nym/pull/6097)
This PR uses the new fields in mainnet to calculate the probe download score.
- [ns-api: use download files size from probes instead of parsing filenames](https://github.com/nymtech/nym/pull/6095) This PR uses the new field in the probe results that says how many bytes were downloaded to calculate the speed of download. It only uses downloads on ipv4 and ignores ipv6 for now. This might change in the future.
- [Node Status API: remove sqlite support](https://github.com/nymtech/nym/pull/6004)
This PR removes sqlite support, requiring pgsql to run the NS API.
It also fixes the following issues:
- deserialisation of `NodeDescription`
- defaults for `WireguardDetails` for deserialisation
It also bumps the version to v4.0.0.
### Operators Updates & Tools
- [Node rewards tracker](https://github.com/nymtech/nym/pull/6064)
This PR introduces a script fetching operators rewards based on provided Nyx account addresses provided in `data/wallet-addresses.csv`.
<AccordionTemplate name="Info">
**Output is:**
1. Printed table in terminal
3. Sheet with complete info stored in `data/node-balances.csv`
4. Historical data yaml file stored in `data/data.yaml` - this file should not be changed manually, as
all values older than 30 days get auto-removed
**RUN**
Before you start fill first column of `data/wallet-addresses.csv` called `addresses` with your Nyx account addresses and (optionally) second column called `tag` with an entity, for example *"mysquad"* and *"personal"* to get sorted output per entity.
- Csv example with `tag`s:
```
n1foofoofoo, personal
n1barbarbar, personal
n1bazbazbaz, mysquad
n1lollollol, mysquad
```
- For operators having all nodes under one entity, the tag field will be left empty. Example:
```csv
n1foofoofoo
n1barbarbar
n1bazbazbaz
```
Documentation coming soon.
</AccordionTemplate>
- [Bugfix/bloomfilters purge](https://github.com/nymtech/nym/pull/6089)
This PR fixes bug where old replay protection bloomfilters were never getting removed.
### Features
- [Get wireguard keypair as arg instead of reading it from disk](https://github.com/nymtech/nym/pull/6078)
- [Registration Client](https://github.com/nymtech/nym/pull/6059)
This PR introduces the `RegistrationClient` whose eventual job will be to handle registration with gateway and bandwidth control. This is step 1, where it only handles registration and then hands back the control channel to the vpn-client.
<AccordionTemplate name="Info">
**nym-wg-gateway-client**
This crate has been smooshed with the nym-authenticator-client as they were doing the same thing : talking with the Authenticator.
**nym-authenticator-client**
The job of the `AuthenticatorClient` is to talk to the `Authenticator`s via the mixnet. They both make use of a `AuthClientMixnetListener` that handles interaction with the mixnet client. No more `SharedMixnetClient`, only clear owners. That component could be turned into an actual multiplexer, but that's out of scope.
It is designed to be able to shut down, since it won't be necessary for bandwidth top up in the future.
Lots of types and traits were copied in both repos, some of them are sadly still there. Further work could be done to improve messaging ( `ClientMessage` and `AuthenticatorRequests` for example)
**nym-ip-packet-client**
This crate has minor changes, focused on getting rid of the `SharedMixnetClient`. It still talks to the `IpPacketRouter` but it owns the `MixnetClient`
**Nym-registration-client**
Brand new crates, whose current job is to run a `MixnetClient` with the given options, register with the component related to the tunnel type, and hand back the necessary component for running the tunnel.
**authenticator-requests**
Mostly refactoring, lots of code was duplicated in the vpn-client repo
**misc**
The rest are qol changes that might not be needed right away but that is preparing the future improvements coming soon™
</AccordionTemplate>
- [Feature: Ping probe all nodes /described nodes from a server](https://github.com/nymtech/nym/pull/6074)
This script should be ran from a node hosting server. It pings all IPs listed in /described endpoint and returns a file with unreachable IPs. Such list gives operator an idea on IPs potentially blocking their IP.
- [Feature: Nym node html landing page](https://github.com/nymtech/nym/pull/6053)
This PR introduces a new landing page which contains:
- no more deprecated tornul
- new nym theme
- bold text about DMCA
- hook for nym-node-cli to use it and add $EMAIL prompted to the operator
- [feat: DKG contract method for updating announce address](https://github.com/nymtech/nym/pull/6050)
- [feat: NS ticket faucet](https://github.com/nymtech/nym/pull/6047)
Overview: modifies the Node Status API so that it keeps a buffer of tickets inside its storage that it gives out when new test runs get requested. it also slightly adjusts the ticketbook API in a bit hacky way to allow importing ticketbooks with specific index ranges. However, those changes also involve modifying cli arguments passed to both NS API and gateway probes. The associated vpn-client repo branch is `feature/ticket-faucet-probe` which for the same reason is not yet ready
<AccordionTemplate name="Info">
**Node Status API**
**Added**
- `--config-env-file` / `-c` (optional) - helper allowing testing locally on non-mainnet networks without passing everything through env variables
- `--mnemonic` (env: `NYM_NODE_STATUS_API_MNEMONIC`) - account used for obtaining ticketbooks
- `--max-concurrent-deposits` (env: `NYM_NODE_STATUS_API_MAX_CONCURRENT_DEPOSITS`) (optional; default: 5) - Specifies the maximum number of deposits the node status api can make in a single transaction. Note that each deposit batch is followed by the same number of sequential signing requests
- `--tickets-buffer-size` (env: `NYM_NODE_STATUS_API_TICKETS_BUFFER`) (optional; default: 50) - Specifies the size of the tickets buffer the node status api should have available at any time for each ticket type.
- `--tickets-buffer-check-interval` (env: `NYM_NODE_STATUS_API_TICKETS_CHECK_INTERVAL`) (optional; default: 1min) - Specifies interval at which the node status api should check if it has sufficient number of tickets buffered
- `--quorum-check-interval` (env: `NYM_NODE_STATUS_API_QUORUM_CHECK_INTERVAL`) (optional; default: 5min) - Specifies interval at which the node status api should check if signing quorum is available
- `--buffered-ticket-types` (env: `NYM_NODE_STATUS_BUFFERED_TICKET_TYPES`) (optional; default: `[V1MixnetEntry, V1WireguardEntry, V1WireguardExit]`) - Specifies types of tickets to buffer
- `--ecash-client-identifier-bs58` (env: `NYM_NODE_STATUS_API_ECASH_CLIENT_IDENTIFIER_BS58`) - Identifier used for deriving keys embedded in the issued ticketbooks (i.e. seed for the client identity). It can be a random string, but make sure it has sufficient entropy. it has to be base58 encoded.
**Node Status Agent**
**Removed**
- `--mnemonic` - no longer needed as tickets are obtained throught the faucet
**Gateway Probe (vpn-client repo)**
**Added**
- `--ticket-materials` - all the encoded generated tickets (and global data) needed by the probe
- `--ticket-materials-revision` - revision of the serialisation to help with decoding (not strictly needed, but it was already available)
**Removed**
- `--mnemonic` - no longer needed as tickets are obtained throught the faucet
</AccordionTemplate>
- [Bridge proto client params in Self-Described](https://github.com/nymtech/nym/pull/6035)
This PR gives the nym-node a way to expose information about the bridge protocols that the node supports, and the parameters that are necessary to connect using those protocols.
<AccordionTemplate name="Info">
This is meant to be usable by the node status API to be be included into node descriptors that are compiled for the vpn client.
- Adds a new field to the nym-node config `gateway_tasks.storage_paths.bridge_client_params`
- IF the new config field is present a new self-described endpoint is available at `/v1/bridges/client-params`
- IF the new config field is NOT present the endpoint is not exposed.
I arbitrarily chose config v8 as the oldest nym-node configuration version that supports the option. This can probably be propogated further backwards if necessary.
NOTE: The new `/bridges/client-params` endpoint does not have swagger / utopia docs associated. This interface will likely change in several upcoming iterations and serving from file (for now) means that the types are not defined internally.
tested as working on node `3wqfp9eb` both when file is provided in config (sucessful response) and when file is not specified in config (path gives 404).
</AccordionTemplate>
### Refactors & Maintenance
- [[chore] Clippy fix](https://github.com/nymtech/nym/pull/6060)
- [Bugfix: Nym node CLI download nym-node exception](https://github.com/nymtech/nym/pull/6058)
This PR fixes a case when the "Latest" platform release doesn't include `nym-node` by prompting user to insert binary URL instead of failing. Additionally it fixes fetching new landing page script in the CLI.
- [Benny/ci contract fix](https://github.com/nymtech/nym/pull/5962)
- [frontdoor typo fix](https://github.com/nymtech/nym/pull/6067)
- [Hotfix: Update API source in node ping tester script](https://github.com/nymtech/nym/pull/6082)
This PR fixes initial development bug where a wrong API endpoint was used.
`https://validator.nymtech.net/api/v1/nym-nodes/described` gets all nym nodes, not just gateways.
Code is simplified accordingly.
## QUIC Transport Bridge Deployment
<QuicDeploymentSteps />
@@ -108,7 +421,7 @@ All of the routes removed had already been deprecated over a year ago. This is m
<AccordionTemplate name="Removed API routes">
### Legacy mixnodes related:
- `/v1/mixnodes`
- `/v1/mixnodes/active`
- `/v1/mixnodes/active/detailed`
@@ -130,9 +443,9 @@ All of the routes removed had already been deprecated over a year ago. This is m
- `/v1/status/mixnodes/detailed-unfiltered`
- `/v1/status/mixnode/{mix_id}/report`
- `/v1/status/mixnode/{mix_id}/avg_uptime`
### Legacy gateways related:
- `/v1/gateways`
- `/v1/gateways/described`
- `/v1/gateways/blacklisted`
@@ -144,21 +457,21 @@ All of the routes removed had already been deprecated over a year ago. This is m
</AccordionTemplate>
#### Structs changes:
- `MixnodeUptimeHistoryResponse` no longer has `owner` field
- `GatewayUptimeHistoryResponse` no longer has `owner` field
#### New Routes Added
- `/v1/nym-nodes/stake-saturation/{node_id}` - as a better replacement for `/v1/status/mixnode/{mix_id}/stake-saturation` as this information might be potentially useful and can be applied to any nym-node, not just a legacy mixnode.
- `/v1/legacy/mixnodes` - returns a list of bonded legacy mixnodes that haven't migrated to nym-nodes
- `/v1/legacy/gateways` - returns a list of bonded legacy gateways that haven't migrated to nym-nodes
#### Node Status API
Furthermore the changes remove all scraping of legacy mixnodes from NS and the following routes are removed:
- `/v2/mixnodes/{mix_id}`
- `/v2/mixnodes`
@@ -229,7 +542,7 @@ Furthermore the changes remove all scraping of legacy mixnodes from NS and the f
### Operators Updates & Tools
<Callout type="info" emoji="️">
Nodes receiving stake as a part of [**Nym Delegation Program**](https://nym.com/network/DP) are updated weekly based on the [rules](https://forms.nym.com/form/#/2/form/view/BRh8QroXFinjOF4D3FHgYiX76zbiRvUV2Sy+czaoKFQ) without prior notification given to the operators.
Nodes receiving stake as a part of [**Nym Delegation Program**](https://nym.com/network/DP) are updated weekly based on the [rules](https://forms.nym.com/form/#/2/form/view/BRh8QroXFinjOF4D3FHgYiX76zbiRvUV2Sy+czaoKFQ) without prior notification given to the operators.
[**Nym Delegation account**](https://explorer.nym.spectredao.net/account/n1rnxpdpx3kldygsklfft0gech7fhfcux4zst5lw) `n1rnxpdpx3kldygsklfft0gech7fhfcux4zst5lw` is a single source of truth. If you expect your node to have Nym team stake and it doesn't, please reach out in in the [**Node Operators Matrix channel**](https://matrix.to/#/#operators:nymtech.chat).
</Callout>
@@ -252,32 +565,32 @@ nym-vpnc connect --enable-two-hop --entry-gateway-id 7CWjY3QFoA9dgE535u9bQiXCfz
- [Feature/testing utils](https://github.com/nymtech/nym/pull/5963): This PR introduces a couple of general helpers, in particular some mocks for sending across values using Stream/Sink and AsyncRead/AsyncWrite without actual underlying networking. Example implementation are with NymNoise (which was the original inspiration) and gateway handshake.
- [Backport metadata endpoint](https://github.com/nymtech/nym/pull/6010)
- [Backport metadata endpoint](https://github.com/nymtech/nym/pull/6010)
### Bugfix
- [Fix rust `1.89` `clippy` issues](https://github.com/nymtech/nym/pull/5944)
- [`http api` client adjustment](https://github.com/nymtech/nym/pull/5953): It fixes missing `feature-lock` when cloning the client and adds helper macro for user agent creation
- [`http api` client adjustment](https://github.com/nymtech/nym/pull/5953): It fixes missing `feature-lock` when cloning the client and adds helper macro for user agent creation
- [Fix `ci-build` for linux (and use updated runner)](https://github.com/nymtech/nym/pull/5958): This PR fixes our build pipeline by using correct (updated) linux runner and updates all the conditional steps that were behind `ubuntu` runners (which no longer exist)
- [Fixing the ci for ns agent](https://github.com/nymtech/nym/pull/5965)
- [Fixing the ci for ns agent](https://github.com/nymtech/nym/pull/5965)
- [Manually calculate per node work on rewarded set changes](https://github.com/nymtech/nym/pull/5972): This PR fixes:
1. Nym rewarded set was set to X, for argument sake say 200
1. Nym rewarded set was set to X, for argument sake say 200
2. We sent transaction to update it to Y, say 100
3. This internally updated the interval rewarding parameters inside the mixnet contract including the default active and standby node work factors. Note that the rewarded set itself stayed the same, as it only changes after epoch rolls over and new one is assigned (by the `nym-api`)
4. Epoch has finished and `nym-api` wanted to do the rewarding. It grabbed the **current** rewarded set (of X, 200) and started calculating the total work in the system. But since the contract already had new parameters (adjusted for size of Y, 100), the result was greater than 1 thus `nym-api` was preventably blowing up.
To fix it we introduce additional checks, so that if the current rewarded set does not match the specification defined in the contract rewarding parameters, `nym-api` will attempt to do its best to manually calculate work factors for this epoch.
- [Fix the ns api ci workflow](https://github.com/nymtech/nym/pull/5981)
- [Fix the ns api ci workflow](https://github.com/nymtech/nym/pull/5981)
- [Make sure tables are removed in correct order to not trigger FK constraint issue](https://github.com/nymtech/nym/pull/5987)
- [Make sure tables are removed in correct order to not trigger FK constraint issue](https://github.com/nymtech/nym/pull/5987)
### Refactors & Maintenance
- [Move credential verifier in peer controller](https://github.com/nymtech/nym/pull/5938): This PR is to not duplicate the verifier code (minus the actual verification operation, which is harder to unit test because of expiration checks)
- [Move credential verifier in peer controller](https://github.com/nymtech/nym/pull/5938): This PR is to not duplicate the verifier code (minus the actual verification operation, which is harder to unit test because of expiration checks)
- [Remove unused import](https://github.com/nymtech/nym/pull/5942)
@@ -288,7 +601,7 @@ nym-vpnc connect --enable-two-hop --entry-gateway-id 7CWjY3QFoA9dgE535u9bQiXCfz
- [Remove freshness check on testrun submit](https://github.com/nymtech/nym/pull/5977):
- Freshness is enforced by a background task that marks test runs as stale after a configured amount of time
- Make existing freshness period configurable to avoid code changes in the future
- Added `humantime` for parsing
- Added `humantime` for parsing
- [Move authenticator into gateway crate](https://github.com/nymtech/nym/pull/5982)
@@ -311,7 +624,7 @@ nym-vpnc connect --enable-two-hop --entry-gateway-id 7CWjY3QFoA9dgE535u9bQiXCfz
- [Ecash liveness check](https://github.com/nymtech/nym/pull/5890)
- [Basic zulip client for sending messages](https://github.com/nymtech/nym/pull/5913): In order to be able to send zulip notifications about *emergency* upgrade mode being activated, we need some sort of client. Unfortunately there isn't any rust library that's maintained (the only one had last commit 4 years ago). This simple thing now currently only supports message sending
- [Basic zulip client for sending messages](https://github.com/nymtech/nym/pull/5913): In order to be able to send zulip notifications about *emergency* upgrade mode being activated, we need some sort of client. Unfortunately there isn't any rust library that's maintained (the only one had last commit 4 years ago). This simple thing now currently only supports message sending
- [`nym-node` debug command to reset providers db](https://github.com/nymtech/nym/pull/5914)
@@ -321,7 +634,7 @@ nym-vpnc connect --enable-two-hop --entry-gateway-id 7CWjY3QFoA9dgE535u9bQiXCfz
### Refactors & Maintenance
- [Allow compatibility with 'CDLA-Permissive-2.0'](https://github.com/nymtech/nym/pull/5910): This license is present in the included `webpki-roots`
- [Allow compatibility with 'CDLA-Permissive-2.0'](https://github.com/nymtech/nym/pull/5910): This license is present in the included `webpki-roots`
- [Migrate strum to `0.27.2`](https://github.com/nymtech/nym/pull/5960): This PR migrates strum to the latest. Notably all macros' were moved into `strum_macros`. The rest stays the same.
@@ -346,9 +659,9 @@ cargo Profile: release
### Operators Updates & Tools
- Stark Industries is on a sanction list by EU. IP addresses managed by Stark Ind. and their subsidies (ASN 44477 / ASN 33993) had been put on [spamhaus.org](http://spamhaus.org/) [list](https://www.spamhaus.org/drop/asndrop.json). The effect on NymVPN user experience is that Exit Gateways IPs hosted on Stark Ind. are seen as a spam proxies by many online services.
- Stark Industries is on a sanction list by EU. IP addresses managed by Stark Ind. and their subsidies (ASN 44477 / ASN 33993) had been put on [spamhaus.org](http://spamhaus.org/) [list](https://www.spamhaus.org/drop/asndrop.json). The effect on NymVPN user experience is that Exit Gateways IPs hosted on Stark Ind. are seen as a spam proxies by many online services.
- We ask operators - especially Exit Gateways - to consider moving to another ISP. Visit an updated [ISP list](community-counsel/isp-list) and feel free to add more providers, following [these steps](community-counsel/add-content).
- We ask operators - especially Exit Gateways - to consider moving to another ISP. Visit an updated [ISP list](community-counsel/isp-list) and feel free to add more providers, following [these steps](community-counsel/add-content).
### Features
@@ -362,13 +675,13 @@ cargo Profile: release
- [`sqlx-pool-guard`: allocate more memory on windows](https://github.com/nymtech/nym/pull/5896):
- Allocate 1.5x more memory than reported by the system to provide a safety margin
- Increase number of retry attempts to 5
- [dkg epoch dealers query](https://github.com/nymtech/nym/pull/5899)
- [dkg snapshot epoch](https://github.com/nymtech/nym/pull/5900): In order to determine if signer quorum has been down at particular height, we need to know with certainty the dkg epoch id corresponding to given block height. This PR makes it possible. Every time epoch state is changed (due to DKG progress), snapshot is saved and can be queried. This doesn't work for past data, but given mainnet has only had a single DKG instance, that's not an issue.
- [`sqlx-pool-guard`: obtain filename from connect options](https://github.com/nymtech/nym/pull/5905):
- [`sqlx-pool-guard`: obtain filename from connect options](https://github.com/nymtech/nym/pull/5905):
### Refactors & Maintenance
@@ -424,7 +737,7 @@ cargo Profile: release
- [Remove old explorer references](https://github.com/nymtech/nym/pull/5846)
- [Listen for shutdown signals during nym-node startup](https://github.com/nymtech/nym/pull/5879): This is to avoid situation where the process can't be killed without 'kill -9' because the logic to listen to shutdown signals hasn't been hit yet
- [Listen for shutdown signals during nym-node startup](https://github.com/nymtech/nym/pull/5879): This is to avoid situation where the process can't be killed without 'kill -9' because the logic to listen to shutdown signals hasn't been hit yet
### Bugfixes
@@ -21,13 +21,13 @@ This documentation page provides a guide on how to set up and run a [NYM NODE](.
```sh
nym-node
Binary Name: nym-node
Build Timestamp: 2025-10-01T10:42:58.647419869Z
Build Version: 1.18.0
Commit SHA: bbea2ff9e913f49cb7bf6c7bafa9d9b158c80de5
Commit Date: 2025-10-01T12:06:07.000000000+02:00
Commit Branch: HEAD
rustc Version: 1.88.0
rustc Channel: stable
Build Timestamp: 2025-10-15T09:04:32.043934599Z
Build Version: 1.19.0
Commit SHA: 2235a6e1477bea7368ee5443a298f544deb63504
Commit Date: 2025-10-15T10:22:16.000000000+02:00
Commit Branch: master
rustc Version: 1.92.0-nightly
rustc Channel: nightly
cargo Profile: release
```
+1 -1
View File
@@ -4,7 +4,7 @@
[package]
name = "nym-api"
license = "GPL-3.0"
version = "1.1.66"
version = "1.1.67"
authors.workspace = true
edition = "2021"
rust-version.workspace = true
+1
View File
@@ -124,6 +124,7 @@ pub struct Config {
pub node_status_api: NodeStatusAPI,
#[serde(alias = "topology_cacher")]
#[serde(default)]
pub describe_cache: DescribeCache,
#[serde(default)]
-24
View File
@@ -70,30 +70,6 @@ per_node_test_packets = {{ network_monitor.debug.per_node_test_packets }}
# Path to the database file containing uptime statuses for all mixnodes and gateways.
database_path = '{{ node_status_api.storage_paths.database_path }}'
[node_status_api.debug]
caching_interval = '{{ node_status_api.debug.caching_interval }}'
##### topology cacher config options #####
[topology_cacher.debug]
caching_interval = '{{ topology_cacher.debug.caching_interval }}'
##### circulating supply cacher config options #####
[circulating_supply_cacher]
# Specifies whether circulating supply caching service is enabled in this process.
enabled = {{ circulating_supply_cacher.enabled }}
[circulating_supply_cacher.debug]
caching_interval = '{{ circulating_supply_cacher.debug.caching_interval }}'
##### rewarding config options #####
[rewarding]
@@ -51,12 +51,12 @@ impl AuthClientMixnetListener {
}
async fn run(mut self) -> Self {
let mixnet_cancel_token = self.mixnet_client.cancellation_token();
self.shutdown_token.run_until_cancelled(async {
let shutdown_event = self.mixnet_client.shutdown_event();
loop {
tokio::select! {
biased;
_ = shutdown_event.wait() => {
_ = mixnet_cancel_token.cancelled() => {
tracing::debug!("AuthClientMixnetListener: mixnet client was shutdown");
break;
}
@@ -100,7 +100,9 @@ impl AuthClientMixnetListener {
// Disconnects the mixnet client and effectively drop itself, since it doesn't work without one, and reconnecting isn't supported
pub async fn disconnect_mixnet_client(self) {
self.mixnet_client.disconnect().await;
if !self.mixnet_client.cancellation_token().is_cancelled() {
self.mixnet_client.disconnect().await;
}
}
pub fn start(self) -> AuthClientMixnetListenerHandle {
@@ -108,14 +110,14 @@ impl AuthClientMixnetListener {
let message_sender = self.input_message_tx.clone();
// Allows stopping only this, e.g. if we don't need it in the new bandwidth controller
let cancellation_token = self.shutdown_token.clone();
// let mixnet_cancellation_token = self.mixnet_client.cancellation_token();
let mixnet_cancellation_token = self.mixnet_client.cancellation_token();
let handle = tokio::spawn(self.run());
AuthClientMixnetListenerHandle {
message_broadcast,
message_sender,
cancellation_token,
// mixnet_cancellation_token,
mixnet_cancellation_token,
handle,
}
}
@@ -125,7 +127,7 @@ pub struct AuthClientMixnetListenerHandle {
message_broadcast: MixnetMessageBroadcastSender,
message_sender: MixnetMessageInputSender,
cancellation_token: CancellationToken,
// mixnet_cancellation_token: CancellationToken,
mixnet_cancellation_token: CancellationToken,
handle: JoinHandle<AuthClientMixnetListener>,
}
@@ -138,9 +140,9 @@ impl AuthClientMixnetListenerHandle {
self.message_broadcast.subscribe()
}
// pub fn mixnet_cancel_token(&self) -> CancellationToken {
// self.mixnet_cancellation_token.clone()
// }
pub fn mixnet_cancel_token(&self) -> CancellationToken {
self.mixnet_cancellation_token.clone()
}
pub async fn stop(self) {
// If shutdown was externally called, that call is a no-op
@@ -16,6 +16,7 @@ schemars = { workspace = true, features = ["preserve_order", "uuid1"] }
uuid = { workspace = true, features = ["serde"] }
serde = { workspace = true, features = ["derive"] }
serde_json.workspace = true
serde_with = { workspace = true }
time = { workspace = true, features = ["serde", "formatting", "parsing"] }
tsify = { workspace = true, optional = true }
reqwest = { workspace = true, features = ["json", "rustls-tls"] }
@@ -9,6 +9,7 @@ use schemars::JsonSchema;
use schemars::r#gen::SchemaGenerator;
use schemars::schema::Schema;
use serde::{Deserialize, Serialize};
use serde_with::{DisplayFromStr, serde_as};
use std::ops::{Deref, DerefMut};
use time::{Date, OffsetDateTime};
@@ -264,12 +265,14 @@ pub struct WebhookTicketbookWalletSharesRequest {
pub secret: String,
}
#[serde_as]
#[derive(Default, Debug, Serialize, Deserialize, Clone)]
#[cfg_attr(feature = "openapi", derive(utoipa::ToSchema, utoipa::IntoParams))]
#[cfg(feature = "query-types")]
#[serde(default, rename_all = "kebab-case")]
pub struct TicketbookObtainParams {
#[serde(default)]
#[serde_as(as = "DisplayFromStr")]
pub skip_webhook: bool,
#[serde(default)]
@@ -277,15 +280,19 @@ pub struct TicketbookObtainParams {
pub global: GlobalDataParams,
}
#[serde_as]
#[derive(Default, Debug, Serialize, Deserialize, Clone)]
#[cfg_attr(feature = "openapi", derive(utoipa::ToSchema, utoipa::IntoParams))]
#[cfg(feature = "query-types")]
#[serde(default, rename_all = "kebab-case")]
pub struct GlobalDataParams {
#[serde_as(as = "DisplayFromStr")]
pub include_master_verification_key: bool,
#[serde_as(as = "DisplayFromStr")]
pub include_coin_index_signatures: bool,
#[serde_as(as = "DisplayFromStr")]
pub include_expiration_date_signatures: bool,
}
+34 -30
View File
@@ -35,15 +35,13 @@ import (
)
var fileUrls = []string{
"https://proof.ovh.net/files/1Mb.dat",
"https://nym-bandwidth-monitoring.ops-d86.workers.dev/1mb.dat",
"https://proof.ovh.net/files/10Mb.dat",
"https://nym-bandwidth-monitoring.ops-d86.workers.dev/10mb.dat",
// "https://nym-bandwidth-monitoring.ops-d86.workers.dev/100mb.dat", to be introduced later
}
var fileUrlsV6 = []string{
"https://proof.ovh.net/files/1Mb.dat",
"https://nym-bandwidth-monitoring.ops-d86.workers.dev/1mb.dat",
"https://proof.ovh.net/files/10Mb.dat",
"https://nym-bandwidth-monitoring.ops-d86.workers.dev/10mb.dat",
// "https://nym-bandwidth-monitoring.ops-d86.workers.dev/100mb.dat", to be introduced later
}
@@ -194,14 +192,20 @@ func ping(req NetstackRequestGo) (NetstackResponse, error) {
response.CanHandshake = true
version, duration, err := queryMetadata(req.MetadataEndpoint, req.MetadataTimeoutSec, tnet)
if err != nil {
log.Printf("Failed to query metadata URLs: %v\n", err)
response.CanQueryMetadata = false
// Skip metadata query if endpoint is empty (e.g., for IPv6 where the IPv4 metadata endpoint is not reachable)
if req.MetadataEndpoint != "" {
version, duration, err := queryMetadata(req.MetadataEndpoint, req.MetadataTimeoutSec, tnet)
if err != nil {
log.Printf("Failed to query metadata URLs: %v\n", err)
response.CanQueryMetadata = false
} else {
log.Printf("Queried metadata endpoint with version: %v\n", version)
log.Printf("Query duration: %v\n", duration)
response.CanQueryMetadata = true
}
} else {
log.Printf("Queried metadata endpoint with version: %v\n", version)
log.Printf("Query duration: %v\n", duration)
response.CanQueryMetadata = true
log.Printf("Skipping metadata query (no endpoint provided)")
response.CanQueryMetadata = false
}
for _, host := range req.PingHosts {
@@ -542,25 +546,25 @@ func queryMetadata(url string, timeoutSecs uint64, tnet *netstack.Net) (int, tim
func main() {
// uncomment the lines below to run locally and see README.md for how to get the Wireguard config
/* var _, err = ping(NetstackRequestGo{
WgIp: "10.1.155.153",
PrivateKey: "...",
PublicKey: "...",
Endpoint: "13.245.9.123:51822",
MetadataEndpoint: "http://10.1.0.1:51830",
Dns: "1.1.1.1",
IpVersion: 4,
//PingHosts: nil,
//PingIps: nil,
//NumPing: 0,
//SendTimeoutSec: 0,
//RecvTimeoutSec: 0,
//DownloadTimeoutSec: 0,
MetadataTimeoutSec: 5,
//AwgArgs: "",
})
WgIp: "10.1.155.153",
PrivateKey: "...",
PublicKey: "...",
Endpoint: "13.245.9.123:51822",
MetadataEndpoint: "http://10.1.0.1:51830",
Dns: "1.1.1.1",
IpVersion: 4,
//PingHosts: nil,
//PingIps: nil,
//NumPing: 0,
//SendTimeoutSec: 0,
//RecvTimeoutSec: 0,
//DownloadTimeoutSec: 0,
MetadataTimeoutSec: 5,
//AwgArgs: "",
})
if err != nil {
log.Fatal(err)
}
if err != nil {
log.Fatal(err)
}
*/
}
+5 -4
View File
@@ -215,8 +215,8 @@ func TestPingFunction(t *testing.T) {
// Create a request with valid IP but will fail due to network setup
req := NetstackRequestGo{
WgIp: "10.0.0.1",
PrivateKey: "test-key",
PublicKey: "test-pub-key",
PrivateKey: "0000000000000000000000000000000000000000000000000000000000000000",
PublicKey: "0000000000000000000000000000000000000000000000000000000000000000",
Endpoint: "1.1.1.1:51820",
Dns: "1.1.1.1",
IpVersion: 4,
@@ -275,10 +275,11 @@ func TestResultStructs(t *testing.T) {
// TestConsecutiveFailureExit validates that the ping loop exits cleanly after consecutive failures
func TestConsecutiveFailureExit(t *testing.T) {
// Create a test request that will trigger consecutive failures
// Using valid hex-encoded keys (32 bytes = 64 hex chars)
req := NetstackRequestGo{
WgIp: "10.0.0.1",
PrivateKey: "test-key",
PublicKey: "test-pub-key",
PrivateKey: "0000000000000000000000000000000000000000000000000000000000000000",
PublicKey: "0000000000000000000000000000000000000000000000000000000000000000",
Endpoint: "1.1.1.1:51820",
Dns: "1.1.1.1",
IpVersion: 4,
+2 -1
View File
@@ -145,7 +145,8 @@ impl NetstackRequestGo {
private_key: req.private_key.clone(),
public_key: req.public_key.clone(),
endpoint: req.endpoint.clone(),
metadata_endpoint: req.metadata_endpoint.clone(),
// Skip metadata endpoint for IPv6 as it's an IPv4-only address (10.1.0.1)
metadata_endpoint: String::new(),
dns: req.v6_ping_config.dns.clone(),
ip_version: 6,
ping_hosts: req.v6_ping_config.ping_hosts.clone(),
+7 -5
View File
@@ -133,7 +133,8 @@ impl IprClientConnect {
let timeout = sleep(IPR_CONNECT_TIMEOUT);
tokio::pin!(timeout);
let shutdown_event = self.mixnet_client.shutdown_event();
let mixnet_cancel_token = self.mixnet_client.cancellation_token();
loop {
tokio::select! {
@@ -141,14 +142,15 @@ impl IprClientConnect {
error!("Cancelled while waiting for reply to connect request");
return Err(Error::Cancelled);
},
_ = mixnet_cancel_token.cancelled() => {
error!("Mixnet client stopped while waiting for reply to connect request");
return Err(Error::Cancelled);
},
_ = &mut timeout => {
error!("Timed out waiting for reply to connect request");
return Err(Error::TimeoutWaitingForConnectResponse);
},
_ = shutdown_event.wait() => {
error!("Mixnet client stopped while waiting for reply to connect request");
return Err(Error::Cancelled);
},
msgs = self.mixnet_client.wait_for_messages() => match msgs {
None => {
return Err(Error::NoMixnetMessagesReceived);
@@ -1,14 +0,0 @@
{
"db_name": "PostgreSQL",
"query": "UPDATE ecash_ticketbook SET used_tickets = used_tickets + 1 WHERE id = $1",
"describe": {
"columns": [],
"parameters": {
"Left": [
"Int4"
]
},
"nullable": []
},
"hash": "8c92a413a2853a2508c0e8a17ae8723c400930663c4c76e96dfdc7e8c98501ca"
}
@@ -0,0 +1,65 @@
{
"db_name": "PostgreSQL",
"query": "\n UPDATE ecash_ticketbook\n SET used_tickets = used_tickets + 1\n WHERE id = (\n SELECT id\n FROM ecash_ticketbook\n WHERE used_tickets < total_tickets\n AND expiration_date >= $1\n AND ticketbook_type = $2\n ORDER BY expiration_date ASC\n LIMIT 1\n FOR UPDATE\n )\n RETURNING *\n ",
"describe": {
"columns": [
{
"ordinal": 0,
"name": "id",
"type_info": "Int4"
},
{
"ordinal": 1,
"name": "serialization_revision",
"type_info": "Int2"
},
{
"ordinal": 2,
"name": "ticketbook_type",
"type_info": "Text"
},
{
"ordinal": 3,
"name": "ticketbook_data",
"type_info": "Bytea"
},
{
"ordinal": 4,
"name": "expiration_date",
"type_info": "Date"
},
{
"ordinal": 5,
"name": "epoch_id",
"type_info": "Int4"
},
{
"ordinal": 6,
"name": "total_tickets",
"type_info": "Int4"
},
{
"ordinal": 7,
"name": "used_tickets",
"type_info": "Int4"
}
],
"parameters": {
"Left": [
"Date",
"Text"
]
},
"nullable": [
false,
false,
false,
false,
false,
false,
false,
false
]
},
"hash": "af5c78ef980e38d81f58f72f21c9cd410f83b8750196e0cf5fa5af23883e76df"
}
@@ -3,7 +3,7 @@
[package]
name = "nym-node-status-api"
version = "4.0.9"
version = "4.0.10"
authors.workspace = true
repository.workspace = true
homepage.workspace = true
@@ -1,5 +1,4 @@
use anyhow::{Result, anyhow};
use std::ops::{Deref, DerefMut};
use std::{str::FromStr, time::Duration};
pub(crate) mod models;
@@ -8,9 +7,7 @@ pub(crate) mod queries;
#[cfg(test)]
mod tests;
use sqlx::{
ConnectOptions, PgPool, Postgres, Transaction, migrate::Migrator, postgres::PgConnectOptions,
};
use sqlx::{ConnectOptions, PgPool, Postgres, migrate::Migrator, postgres::PgConnectOptions};
static MIGRATOR: Migrator = sqlx::migrate!("./migrations_pg");
@@ -18,35 +15,6 @@ pub(crate) type DbPool = PgPool;
pub(crate) type DbConnection = sqlx::pool::PoolConnection<Postgres>;
pub(crate) struct StorageTransaction<'a> {
inner: Transaction<'a, Postgres>,
}
impl<'a> StorageTransaction<'a> {
pub(crate) async fn commit(self) -> Result<(), sqlx::Error> {
self.inner.commit().await
}
}
impl<'a> From<Transaction<'a, Postgres>> for StorageTransaction<'a> {
fn from(inner: Transaction<'a, Postgres>) -> Self {
Self { inner }
}
}
impl<'a> Deref for StorageTransaction<'a> {
type Target = Transaction<'a, Postgres>;
fn deref(&self) -> &Self::Target {
&self.inner
}
}
impl<'a> DerefMut for StorageTransaction<'a> {
fn deref_mut(&mut self) -> &mut Transaction<'a, Postgres> {
&mut self.inner
}
}
#[derive(Clone)]
pub(crate) struct Storage {
pool: DbPool,
@@ -1,7 +1,7 @@
// Copyright 2025 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: GPL-3.0-only
use crate::db::{Storage, StorageTransaction};
use crate::db::Storage;
use crate::ticketbook_manager::storage::auxiliary_models::StoredIssuedTicketbook;
use nym_credential_proxy_lib::storage::models::{
RawCoinIndexSignatures, RawExpirationDateSignatures, RawVerificationKey,
@@ -10,10 +10,6 @@ use time::Date;
use tracing::error;
impl Storage {
pub(crate) async fn begin_storage_tx(&self) -> Result<StorageTransaction<'_>, sqlx::Error> {
self.pool.begin().await.map(Into::into)
}
pub(crate) async fn available_tickets_of_type(&self, typ: &str) -> Result<i64, sqlx::Error> {
let count = sqlx::query!(
r#"
@@ -217,46 +213,38 @@ impl Storage {
.await?;
Ok(())
}
}
impl<'a> StorageTransaction<'a> {
pub(crate) async fn get_next_unspent_ticketbook(
&mut self,
&self,
ticket_type: String,
deadline: Date,
) -> Result<Option<StoredIssuedTicketbook>, sqlx::Error> {
sqlx::query_as(
sqlx::query_as!(
StoredIssuedTicketbook,
r#"
SELECT *
FROM ecash_ticketbook
WHERE used_tickets + 1 <= total_tickets
AND expiration_date >= $1
AND ticketbook_type = $2
ORDER BY expiration_date ASC
LIMIT 1
UPDATE ecash_ticketbook
SET used_tickets = used_tickets + 1
WHERE id = (
SELECT id
FROM ecash_ticketbook
WHERE used_tickets < total_tickets
AND expiration_date >= $1
AND ticketbook_type = $2
ORDER BY expiration_date ASC
LIMIT 1
FOR UPDATE
)
RETURNING *
"#,
deadline,
ticket_type
)
.bind(deadline)
.bind(ticket_type)
.fetch_optional(&mut ***self)
.fetch_optional(&self.pool)
.await
}
pub(crate) async fn increase_used_ticketbook_tickets(
&mut self,
ticketbook_id: i32,
) -> Result<(), sqlx::Error> {
sqlx::query!(
"UPDATE ecash_ticketbook SET used_tickets = used_tickets + 1 WHERE id = $1",
ticketbook_id
)
.execute(&mut ***self)
.await?;
Ok(())
}
pub(crate) async fn set_distributed_ticketbook(
&mut self,
&self,
testrun_id: i32,
ticketbook_id: i32,
assigned_index: i32,
@@ -271,7 +259,7 @@ impl<'a> StorageTransaction<'a> {
ticketbook_id,
assigned_index
)
.execute(&mut ***self)
.execute(&self.pool)
.await?;
Ok(())
}
@@ -91,15 +91,14 @@ impl TicketbookManagerStorage {
testrun_id: i32,
) -> anyhow::Result<Option<RetrievedTicketbook>> {
let deadline = ecash_today().ecash_date();
let mut tx = self.storage.begin_storage_tx().await?;
// we don't want ticketbooks with expiration in the past
let Some(raw) = tx
// note: this query updates the spent tickets atomically
let Some(raw) = self
.storage
.get_next_unspent_ticketbook(ticket_type.to_string(), deadline)
.await?
else {
// make sure to finish our tx
tx.commit().await?;
return Ok(None);
};
@@ -110,10 +109,9 @@ impl TicketbookManagerStorage {
)
.map_err(|err| anyhow!("failed to deserialise stored ticketbook: {err}"))?;
tx.set_distributed_ticketbook(testrun_id, raw.id, raw.used_tickets)
self.storage
.set_distributed_ticketbook(testrun_id, raw.id, raw.used_tickets)
.await?;
tx.increase_used_ticketbook_tickets(raw.id).await?;
tx.commit().await?;
deserialised.update_spent_tickets(raw.used_tickets as u64);
Ok(Some(RetrievedTicketbook {
+1 -1
View File
@@ -3,7 +3,7 @@
[package]
name = "nym-node"
version = "1.16.0"
version = "1.19.0"
authors.workspace = true
repository.workspace = true
homepage.workspace = true
@@ -2,9 +2,7 @@
// SPDX-License-Identifier: GPL-3.0-only
use crate::config::Config;
use crate::config::persistence::{
DEFAULT_RD_BLOOMFILTER_FILE_EXT, DEFAULT_RD_BLOOMFILTER_FLUSH_FILE_EXT,
};
use crate::config::persistence::DEFAULT_RD_BLOOMFILTER_FLUSH_FILE_EXT;
use crate::error::NymNodeError;
use crate::node::replay_protection::bloomfilter::RotationFilter;
use crate::node::replay_protection::helpers::parse_rotation_id_from_filename;
@@ -24,7 +22,6 @@ use tracing::{debug, error, info, trace, warn};
// background task responsible for periodically flushing the bloomfilters to disk
pub struct ReplayProtectionDiskFlush {
bloomfilters_directory: PathBuf,
disk_flushing_rate: Duration,
filters_manager: ReplayProtectionBloomfiltersManager,
@@ -124,8 +121,25 @@ impl ReplayProtectionDiskFlush {
None
};
// if we have any other stored bloomfilters that are neither primary nor secondary,
// remove them - they are an artifact from an old version that had a bug in purging code
for (rotation_id, path) in filter_files {
if rotation_id == primary_key_rotation_id {
continue;
}
if let Some(secondary_key_rotation_id) = secondary_key_rotation_id
&& secondary_key_rotation_id == rotation_id
{
continue;
}
info!(
"stale bloomfilter for rotation {rotation_id} found at: {path:?}. it is going to get removed"
);
fs::remove_file(&path)
.map_err(|source| NymNodeError::BloomfilterIoFailure { source, path })?;
}
Ok(ReplayProtectionDiskFlush {
bloomfilters_directory,
disk_flushing_rate: config
.mixnet
.replay_protection
@@ -142,15 +156,12 @@ impl ReplayProtectionDiskFlush {
}
fn bloomfilter_filepath(&self, rotation_id: u32) -> PathBuf {
self.bloomfilters_directory
.join(format!("rot-{rotation_id}"))
.with_extension(DEFAULT_RD_BLOOMFILTER_FILE_EXT)
self.filters_manager.bloomfilter_filepath(rotation_id)
}
fn current_bloomfilter_being_flushed_filepath(&self, rotation_id: u32) -> PathBuf {
self.bloomfilters_directory
.join(format!("rot-{rotation_id}"))
.with_extension(DEFAULT_RD_BLOOMFILTER_FLUSH_FILE_EXT)
self.filters_manager
.current_bloomfilter_being_flushed_filepath(rotation_id)
}
pub(crate) fn bloomfilters_manager(&self) -> ReplayProtectionBloomfiltersManager {
@@ -213,7 +224,7 @@ impl ReplayProtectionDiskFlush {
}
async fn flush_filters_to_disk(&self) -> Result<(), NymNodeError> {
if let Some(parent) = self.bloomfilters_directory.parent() {
if let Some(parent) = self.filters_manager.bloomfilters_directory().parent() {
fs::create_dir_all(parent).map_err(|source| NymNodeError::BloomfilterIoFailure {
source,
path: parent.to_path_buf(),
@@ -4,6 +4,7 @@
use crate::error::NymNodeError;
use bloomfilter::Bloom;
use nym_sphinx_types::REPLAY_TAG_SIZE;
use nym_validator_client::models::KeyRotationId;
use std::collections::HashMap;
use std::fs::File;
use std::io::Read;
@@ -12,7 +13,6 @@ use std::path::Path;
use std::sync::{Arc, Mutex, PoisonError, TryLockError};
use time::OffsetDateTime;
use tracing::{error, info, warn};
// auxiliary data associated with the bloomfilter to get some statistics from the time of its creation
// this is needed in order to more accurately resize it upon reset
@@ -180,15 +180,16 @@ impl ReplayProtectionBloomfilters {
Ok(())
}
pub(crate) fn purge_secondary(&self) -> Result<(), NymNodeError> {
pub(crate) fn purge_secondary(&self) -> Result<Option<KeyRotationId>, NymNodeError> {
let mut guard = self
.inner
.lock()
.map_err(|_| NymNodeError::BloomfilterFailure {
message: "mutex got poisoned",
})?;
guard.overlap = None;
Ok(())
let id = guard.overlap.take().map(|f| f.metadata.rotation_id);
Ok(id)
}
pub(crate) fn primary_metadata(
+38 -1
View File
@@ -2,18 +2,25 @@
// SPDX-License-Identifier: GPL-3.0-only
use crate::config::Config;
use crate::config::persistence::{
DEFAULT_RD_BLOOMFILTER_FILE_EXT, DEFAULT_RD_BLOOMFILTER_FLUSH_FILE_EXT,
};
use crate::error::NymNodeError;
use crate::node::replay_protection::bloomfilter::{ReplayProtectionBloomfilters, RotationFilter};
use crate::node::replay_protection::items_in_bloomfilter;
use human_repr::HumanCount;
use nym_node_metrics::NymNodeMetrics;
use std::cmp::max;
use std::fs;
use std::path::PathBuf;
use std::time::Duration;
use time::OffsetDateTime;
use tracing::info;
#[derive(Clone)]
pub(crate) struct ReplayProtectionBloomfiltersManager {
bloomfilters_directory: PathBuf,
target_fp_p: f64,
minimum_bloomfilter_packets_per_second: usize,
bloomfilter_size_multiplier: f64,
@@ -26,6 +33,7 @@ impl ReplayProtectionBloomfiltersManager {
pub(crate) fn new_disabled(metrics: NymNodeMetrics) -> Self {
// the exact config values are irrelevant as the filters will never be recreated
ReplayProtectionBloomfiltersManager {
bloomfilters_directory: Default::default(),
target_fp_p: 0.001,
minimum_bloomfilter_packets_per_second: 1,
bloomfilter_size_multiplier: 1.0,
@@ -41,6 +49,12 @@ impl ReplayProtectionBloomfiltersManager {
metrics: NymNodeMetrics,
) -> Self {
ReplayProtectionBloomfiltersManager {
bloomfilters_directory: config
.mixnet
.replay_protection
.storage_paths
.current_bloomfilters_directory
.clone(),
target_fp_p: config.mixnet.replay_protection.debug.false_positive_rate,
minimum_bloomfilter_packets_per_second: config
.mixnet
@@ -57,6 +71,22 @@ impl ReplayProtectionBloomfiltersManager {
}
}
pub(crate) fn bloomfilters_directory(&self) -> &PathBuf {
&self.bloomfilters_directory
}
pub(crate) fn bloomfilter_filepath(&self, rotation_id: u32) -> PathBuf {
self.bloomfilters_directory
.join(format!("rot-{rotation_id}"))
.with_extension(DEFAULT_RD_BLOOMFILTER_FILE_EXT)
}
pub(crate) fn current_bloomfilter_being_flushed_filepath(&self, rotation_id: u32) -> PathBuf {
self.bloomfilters_directory
.join(format!("rot-{rotation_id}"))
.with_extension(DEFAULT_RD_BLOOMFILTER_FLUSH_FILE_EXT)
}
pub(crate) fn bloomfilters(&self) -> ReplayProtectionBloomfilters {
self.filters.clone()
}
@@ -70,7 +100,14 @@ impl ReplayProtectionBloomfiltersManager {
}
pub(crate) fn purge_secondary(&self) -> Result<(), NymNodeError> {
self.filters.purge_secondary()
// remove data in memory
if let Some(secondary_id) = self.filters.purge_secondary()? {
// remove data on disk (if applicable)
let path = self.bloomfilter_filepath(secondary_id);
fs::remove_file(&path)
.map_err(|source| NymNodeError::BloomfilterIoFailure { source, path })?;
}
Ok(())
}
pub(crate) fn promote_pre_announced(&self) -> Result<(), NymNodeError> {
+1
View File
@@ -12,6 +12,7 @@ license.workspace = true
workspace = true
[dependencies]
futures.workspace = true
thiserror.workspace = true
tokio.workspace = true
tokio-util.workspace = true
@@ -56,6 +56,53 @@ pub struct MixnetClientConfig {
}
impl BuilderConfig {
/// Creates a new BuilderConfig with all required parameters.
///
/// However, consider using `BuilderConfig::builder()` instead.
#[allow(clippy::too_many_arguments)]
pub fn new(
entry_node: NymNodeWithKeys,
exit_node: NymNodeWithKeys,
data_path: Option<PathBuf>,
mixnet_client_config: MixnetClientConfig,
two_hops: bool,
user_agent: UserAgent,
custom_topology_provider: Box<dyn TopologyProvider + Send + Sync>,
network_env: NymNetworkDetails,
cancel_token: CancellationToken,
#[cfg(unix)] connection_fd_callback: Arc<dyn Fn(RawFd) + Send + Sync>,
) -> Self {
Self {
entry_node,
exit_node,
data_path,
mixnet_client_config,
two_hops,
user_agent,
custom_topology_provider,
network_env,
cancel_token,
#[cfg(unix)]
connection_fd_callback,
}
}
/// Creates a builder for BuilderConfig
///
/// This is the preferred way to construct a BuilderConfig.
///
/// # Example
/// ```ignore
/// let config = BuilderConfig::builder()
/// .entry_node(entry)
/// .exit_node(exit)
/// .user_agent(agent)
/// .build()?;
/// ```
pub fn builder() -> BuilderConfigBuilder {
BuilderConfigBuilder::default()
}
pub fn mixnet_client_debug_config(&self) -> DebugConfig {
if self.two_hops {
two_hop_debug_config(&self.mixnet_client_config)
@@ -206,3 +253,205 @@ fn log_mixnet_client_config(debug_config: &DebugConfig) {
fn true_to_disabled(val: bool) -> &'static str {
if val { "disabled" } else { "enabled" }
}
/// Error type for BuilderConfig validation
#[derive(Debug, Clone, thiserror::Error)]
#[allow(clippy::enum_variant_names)]
pub enum BuilderConfigError {
#[error("entry_node is required")]
MissingEntryNode,
#[error("exit_node is required")]
MissingExitNode,
#[error("mixnet_client_config is required")]
MissingMixnetClientConfig,
#[error("user_agent is required")]
MissingUserAgent,
#[error("custom_topology_provider is required")]
MissingTopologyProvider,
#[error("network_env is required")]
MissingNetworkEnv,
#[error("cancel_token is required")]
MissingCancelToken,
#[cfg(unix)]
#[error("connection_fd_callback is required")]
MissingConnectionFdCallback,
}
/// Builder for `BuilderConfig`
///
/// This provides a more convenient way to construct a `BuilderConfig` compared to the
/// `new()` constructor with many arguments.
#[derive(Default)]
pub struct BuilderConfigBuilder {
entry_node: Option<NymNodeWithKeys>,
exit_node: Option<NymNodeWithKeys>,
data_path: Option<PathBuf>,
mixnet_client_config: Option<MixnetClientConfig>,
two_hops: bool,
user_agent: Option<UserAgent>,
custom_topology_provider: Option<Box<dyn TopologyProvider + Send + Sync>>,
network_env: Option<NymNetworkDetails>,
cancel_token: Option<CancellationToken>,
#[cfg(unix)]
connection_fd_callback: Option<Arc<dyn Fn(RawFd) + Send + Sync>>,
}
impl BuilderConfigBuilder {
pub fn new() -> Self {
Self::default()
}
pub fn entry_node(mut self, entry_node: NymNodeWithKeys) -> Self {
self.entry_node = Some(entry_node);
self
}
pub fn exit_node(mut self, exit_node: NymNodeWithKeys) -> Self {
self.exit_node = Some(exit_node);
self
}
pub fn data_path(mut self, data_path: Option<PathBuf>) -> Self {
self.data_path = data_path;
self
}
pub fn mixnet_client_config(mut self, mixnet_client_config: MixnetClientConfig) -> Self {
self.mixnet_client_config = Some(mixnet_client_config);
self
}
pub fn two_hops(mut self, two_hops: bool) -> Self {
self.two_hops = two_hops;
self
}
pub fn user_agent(mut self, user_agent: UserAgent) -> Self {
self.user_agent = Some(user_agent);
self
}
pub fn custom_topology_provider(
mut self,
custom_topology_provider: Box<dyn TopologyProvider + Send + Sync>,
) -> Self {
self.custom_topology_provider = Some(custom_topology_provider);
self
}
pub fn network_env(mut self, network_env: NymNetworkDetails) -> Self {
self.network_env = Some(network_env);
self
}
pub fn cancel_token(mut self, cancel_token: CancellationToken) -> Self {
self.cancel_token = Some(cancel_token);
self
}
#[cfg(unix)]
pub fn connection_fd_callback(
mut self,
connection_fd_callback: Arc<dyn Fn(RawFd) + Send + Sync>,
) -> Self {
self.connection_fd_callback = Some(connection_fd_callback);
self
}
/// Builds the `BuilderConfig`.
///
/// Returns an error if any required field is missing.
pub fn build(self) -> Result<BuilderConfig, BuilderConfigError> {
Ok(BuilderConfig {
entry_node: self
.entry_node
.ok_or(BuilderConfigError::MissingEntryNode)?,
exit_node: self.exit_node.ok_or(BuilderConfigError::MissingExitNode)?,
data_path: self.data_path,
mixnet_client_config: self
.mixnet_client_config
.ok_or(BuilderConfigError::MissingMixnetClientConfig)?,
two_hops: self.two_hops,
user_agent: self
.user_agent
.ok_or(BuilderConfigError::MissingUserAgent)?,
custom_topology_provider: self
.custom_topology_provider
.ok_or(BuilderConfigError::MissingTopologyProvider)?,
network_env: self
.network_env
.ok_or(BuilderConfigError::MissingNetworkEnv)?,
cancel_token: self
.cancel_token
.ok_or(BuilderConfigError::MissingCancelToken)?,
#[cfg(unix)]
connection_fd_callback: self
.connection_fd_callback
.ok_or(BuilderConfigError::MissingConnectionFdCallback)?,
})
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_mixnet_client_config_default_values() {
let config = MixnetClientConfig::default();
assert!(!config.disable_poisson_rate);
assert!(!config.disable_background_cover_traffic);
assert_eq!(config.min_mixnode_performance, None);
assert_eq!(config.min_gateway_performance, None);
}
#[test]
fn test_builder_config_builder_fails_without_required_fields() {
// Building without any fields should fail with specific error
let result = BuilderConfig::builder().build();
assert!(result.is_err());
match result {
Err(BuilderConfigError::MissingEntryNode) => (), // Expected
Err(e) => panic!("Expected MissingEntryNode, got: {}", e),
Ok(_) => panic!("Expected error, got Ok"),
}
}
#[test]
fn test_builder_config_builder_validates_all_required_fields() {
// Test that each required field is validated
let result = BuilderConfig::builder().build();
assert!(result.is_err());
// Short-circuits at first missing field, so we just verify it's one of the expected errors
#[allow(unreachable_patterns)] // All variants are covered, but keeping catch-all for safety
match result {
Err(BuilderConfigError::MissingEntryNode)
| Err(BuilderConfigError::MissingExitNode)
| Err(BuilderConfigError::MissingMixnetClientConfig)
| Err(BuilderConfigError::MissingUserAgent)
| Err(BuilderConfigError::MissingTopologyProvider)
| Err(BuilderConfigError::MissingNetworkEnv)
| Err(BuilderConfigError::MissingCancelToken) => (),
#[cfg(unix)]
Err(BuilderConfigError::MissingConnectionFdCallback) => (),
Err(e) => panic!("Unexpected error: {}", e),
Ok(_) => panic!("Expected validation error, got Ok"),
}
}
#[test]
fn test_builder_config_builder_method_chaining() {
// Test that builder methods chain properly and return Self
let builder = BuilderConfig::builder();
// Verify the builder returns itself for chaining
let builder = builder.two_hops(true);
let builder = builder.two_hops(false);
let builder = builder.data_path(None);
// Builder should still fail because required fields are missing
let result = builder.build();
assert!(result.is_err());
}
}
+7 -3
View File
@@ -1,11 +1,12 @@
// Copyright 2025 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: Apache-2.0
use futures::channel::mpsc;
use nym_bandwidth_controller::{BandwidthController, BandwidthTicketProvider};
use nym_credential_storage::ephemeral_storage::EphemeralCredentialStorage;
use nym_sdk::{
NymNetworkDetails,
mixnet::{MixnetClient, MixnetClientBuilder},
mixnet::{EventSender, MixnetClient, MixnetClientBuilder},
};
use nym_validator_client::{
QueryHttpRpcNyxdClient,
@@ -37,6 +38,7 @@ impl RegistrationClientBuilder {
two_hops: self.config.two_hops,
};
let cancel_token = self.config.cancel_token.clone();
let (event_tx, event_rx) = mpsc::unbounded();
let nyxd_client = get_nyxd_client(&self.config.network_env)?;
@@ -44,7 +46,8 @@ impl RegistrationClientBuilder {
MixnetClient,
Box<dyn BandwidthTicketProvider>,
) = if let Some((mixnet_client_storage, credential_storage)) = storage {
let builder = MixnetClientBuilder::new_with_storage(mixnet_client_storage);
let builder = MixnetClientBuilder::new_with_storage(mixnet_client_storage)
.event_tx(EventSender(event_tx));
let mixnet_client = tokio::time::timeout(
MIXNET_CLIENT_STARTUP_TIMEOUT,
self.config.build_and_connect_mixnet_client(builder),
@@ -54,7 +57,7 @@ impl RegistrationClientBuilder {
Box::new(BandwidthController::new(credential_storage, nyxd_client));
(mixnet_client, bandwidth_controller)
} else {
let builder = MixnetClientBuilder::new_ephemeral();
let builder = MixnetClientBuilder::new_ephemeral().event_tx(EventSender(event_tx));
let mixnet_client = tokio::time::timeout(
MIXNET_CLIENT_STARTUP_TIMEOUT,
self.config.build_and_connect_mixnet_client(builder),
@@ -74,6 +77,7 @@ impl RegistrationClientBuilder {
cancel_token,
mixnet_client_address,
bandwidth_controller,
event_rx,
})
}
}
+3 -1
View File
@@ -8,7 +8,7 @@ use nym_bandwidth_controller::BandwidthTicketProvider;
use nym_credentials_interface::TicketType;
use nym_ip_packet_client::IprClientConnect;
use nym_registration_common::AssignedAddresses;
use nym_sdk::mixnet::{MixnetClient, Recipient};
use nym_sdk::mixnet::{EventReceiver, MixnetClient, Recipient};
use crate::config::RegistrationClientConfig;
@@ -31,6 +31,7 @@ pub struct RegistrationClient {
mixnet_client_address: Recipient,
bandwidth_controller: Box<dyn BandwidthTicketProvider>,
cancel_token: CancellationToken,
event_rx: EventReceiver,
}
impl RegistrationClient {
@@ -61,6 +62,7 @@ impl RegistrationClient {
entry_mixnet_gateway_ip,
exit_mixnet_gateway_ip,
},
event_rx: self.event_rx,
},
)))
}
+2 -1
View File
@@ -4,7 +4,7 @@
use nym_authenticator_client::{AuthClientMixnetListenerHandle, AuthenticatorClient};
use nym_bandwidth_controller::BandwidthTicketProvider;
use nym_registration_common::{AssignedAddresses, GatewayData};
use nym_sdk::mixnet::MixnetClient;
use nym_sdk::mixnet::{EventReceiver, MixnetClient};
pub enum RegistrationResult {
Mixnet(Box<MixnetRegistrationResult>),
@@ -14,6 +14,7 @@ pub enum RegistrationResult {
pub struct MixnetRegistrationResult {
pub assigned_addresses: AssignedAddresses,
pub mixnet_client: MixnetClient,
pub event_rx: EventReceiver,
}
pub struct WireguardRegistrationResult {
+3 -24
View File
@@ -1,6 +1,6 @@
# This file is automatically @generated by Cargo.
# It is not intended for manual editing.
version = 3
version = 4
[[package]]
name = "NymWallet"
@@ -773,7 +773,7 @@ dependencies = [
[[package]]
name = "bls12_381"
version = "0.8.0"
source = "git+https://github.com/jstuczyn/bls12_381?branch=temp/experimental-serdect-updated#9bf520059cb28323fc51469cae86868ef4fa6fbd"
source = "git+https://github.com/jstuczyn/bls12_381?branch=temp%2Fexperimental-serdect-updated#9bf520059cb28323fc51469cae86868ef4fa6fbd"
dependencies = [
"digest 0.10.7",
"ff",
@@ -1723,15 +1723,6 @@ dependencies = [
"dirs-sys 0.3.7",
]
[[package]]
name = "dirs"
version = "5.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "44c45a9d03d6676652bcb5e724c7e988de1acad23a711b5217ab9cbecbec2225"
dependencies = [
"dirs-sys 0.4.1",
]
[[package]]
name = "dirs"
version = "6.0.0"
@@ -1752,18 +1743,6 @@ dependencies = [
"winapi",
]
[[package]]
name = "dirs-sys"
version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "520f05a5cbd335fae5a99ff7a6ab8627577660ee5cfd6a94a6a929b52ff0321c"
dependencies = [
"libc",
"option-ext",
"redox_users 0.4.6",
"windows-sys 0.48.0",
]
[[package]]
name = "dirs-sys"
version = "0.5.0"
@@ -4100,7 +4079,7 @@ dependencies = [
name = "nym-config"
version = "0.1.0"
dependencies = [
"dirs 5.0.1",
"dirs 6.0.0",
"handlebars",
"log",
"nym-network-defaults",
+9 -3
View File
@@ -45,15 +45,21 @@ pub use native_client::MixnetClient;
pub use native_client::MixnetClientSender;
#[allow(deprecated)]
pub use nym_client_core::client::{
base_client::storage::{
gateways_storage::{ActiveGateway, BadGateway, GatewayRegistration, GatewaysDetailsStore},
Ephemeral, MixnetClientStorage, OnDiskPersistent,
base_client::{
storage::{
gateways_storage::{
ActiveGateway, BadGateway, GatewayRegistration, GatewaysDetailsStore,
},
Ephemeral, MixnetClientStorage, OnDiskPersistent,
},
EventReceiver, EventSender, MixnetClientEvent,
},
inbound_messages::InputMessage,
key_manager::{
persistence::{InMemEphemeralKeys, KeyStore, OnDiskKeys},
ClientKeys,
},
mix_traffic::MixTrafficEvent,
replies::reply_storage::{
fs_backend::Backend as ReplyStorage, CombinedReplyStorage, Empty as EmptyReplyStorage,
ReplyStorageBackend,
+45 -8
View File
@@ -16,7 +16,7 @@ use nym_client_core::client::base_client::storage::helpers::{
use nym_client_core::client::base_client::storage::{
Ephemeral, GatewaysDetailsStore, MixnetClientStorage, OnDiskPersistent,
};
use nym_client_core::client::base_client::BaseClient;
use nym_client_core::client::base_client::{BaseClient, EventSender};
use nym_client_core::client::key_manager::persistence::KeyStore;
use nym_client_core::client::{
base_client::BaseClientBuilder, replies::reply_storage::ReplyStorageBackend,
@@ -54,6 +54,7 @@ pub struct MixnetClientBuilder<S: MixnetClientStorage = Ephemeral> {
custom_topology_provider: Option<Box<dyn TopologyProvider + Send + Sync>>,
custom_gateway_transceiver: Option<Box<dyn GatewayTransceiver + Send + Sync>>,
custom_shutdown: Option<ShutdownTracker>,
event_tx: Option<EventSender>,
force_tls: bool,
user_agent: Option<UserAgent>,
#[cfg(unix)]
@@ -97,6 +98,7 @@ impl MixnetClientBuilder<OnDiskPersistent> {
.await?,
gateway_endpoint_config_path: None,
custom_shutdown: None,
event_tx: None,
custom_gateway_transceiver: None,
force_tls: false,
user_agent: None,
@@ -130,6 +132,7 @@ where
custom_topology_provider: None,
custom_gateway_transceiver: None,
custom_shutdown: None,
event_tx: None,
force_tls: false,
user_agent: None,
#[cfg(unix)]
@@ -153,6 +156,7 @@ where
custom_topology_provider: self.custom_topology_provider,
custom_gateway_transceiver: self.custom_gateway_transceiver,
custom_shutdown: self.custom_shutdown,
event_tx: self.event_tx,
force_tls: self.force_tls,
user_agent: self.user_agent,
#[cfg(unix)]
@@ -270,6 +274,13 @@ where
self
}
/// Use an externally managed shutdown mechanism.
#[must_use]
pub fn event_tx(mut self, event_tx: EventSender) -> Self {
self.event_tx = Some(event_tx);
self
}
/// Attempt to wait for the selected gateway (if applicable) to come online if its currently not bonded.
#[must_use]
pub fn with_wait_for_gateway(mut self, wait_for_gateway: bool) -> Self {
@@ -318,8 +329,12 @@ where
/// Construct a [`DisconnectedMixnetClient`] from the setup specified.
pub fn build(self) -> Result<DisconnectedMixnetClient<S>> {
let mut client =
DisconnectedMixnetClient::new(self.config, self.socks5_config, self.storage)?;
let mut client = DisconnectedMixnetClient::new(
self.config,
self.socks5_config,
self.storage,
self.event_tx,
)?;
client.custom_gateway_transceiver = self.custom_gateway_transceiver;
client.custom_topology_provider = self.custom_topology_provider;
@@ -381,6 +396,9 @@ where
/// Allows passing an externally controlled shutdown handle.
custom_shutdown: Option<ShutdownTracker>,
/// Sender of mixnet client events to the SDK caller
event_tx: Option<EventSender>,
user_agent: Option<UserAgent>,
/// Callback on the websocket fd as soon as the connection has been established
@@ -415,6 +433,7 @@ where
config: Config,
socks5_config: Option<Socks5>,
storage: S,
event_tx: Option<EventSender>,
) -> Result<DisconnectedMixnetClient<S>> {
// don't create dkg client for the bandwidth controller if credentials are disabled
let dkg_query_client = if config.enabled_credentials_mode {
@@ -443,6 +462,7 @@ where
wait_for_gateway: false,
force_tls: false,
custom_shutdown: None,
event_tx,
user_agent: None,
#[cfg(unix)]
connection_fd_callback: None,
@@ -535,21 +555,22 @@ where
async fn available_gateways(&mut self) -> Result<Vec<RoutingNode>, ClientCoreError> {
if let Some(ref mut custom_provider) = self.custom_topology_provider {
if let Some(topology) = custom_provider.get_new_topology().await {
return Ok(topology.entry_gateways().cloned().collect());
// Use entry_capable_nodes() instead of entry_gateways() to include
// all entry-capable nodes, not just actively assigned ones
return Ok(topology.entry_capable_nodes().cloned().collect());
}
}
let nym_api_endpoints = self.get_api_endpoints();
let topology_cfg = &self.config.debug_config.topology;
let user_agent = self.user_agent.clone();
let mut rng = OsRng;
gateways_for_init(
&mut rng,
&nym_api_endpoints,
user_agent,
topology_cfg.minimum_gateway_performance,
topology_cfg.ignore_ingress_epoch_role,
None,
)
.await
}
@@ -709,6 +730,9 @@ where
}
};
base_builder = base_builder.with_shutdown(shutdown_tracker);
if let Some(event_tx) = self.event_tx {
base_builder = base_builder.with_event_tx(event_tx);
}
if let Some(gateway_transceiver) = self.custom_gateway_transceiver {
base_builder = base_builder.with_gateway_transceiver(gateway_transceiver);
@@ -770,7 +794,7 @@ where
client_output,
client_state.clone(),
nym_address,
started_client.shutdown_handle.clone(),
started_client.shutdown_handle.child_tracker(),
packet_type,
);
@@ -826,7 +850,6 @@ where
stats_events_reporter,
started_client.shutdown_handle,
None,
started_client.client_request_sender,
started_client.forget_me,
started_client.remember_me,
))
@@ -858,3 +881,17 @@ impl IncludedSurbs {
Self::ExposeSelfAddress
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_mixnet_builder_default_no_custom_client() {
let builder = MixnetClientBuilder::new_ephemeral();
assert!(
builder.build().is_ok(),
"Builder should succeed without custom client"
);
}
}
+17 -29
View File
@@ -24,6 +24,7 @@ use std::pin::Pin;
use std::sync::Arc;
use std::task::{Context, Poll};
use tokio::sync::RwLockReadGuard;
use tokio_util::sync::CancellationToken;
/// Client connected to the Nym mixnet.
pub struct MixnetClient {
@@ -57,7 +58,6 @@ pub struct MixnetClient {
// internal state used for the `Stream` implementation
_buffered: Vec<ReconstructedMessage>,
pub(crate) client_request_sender: ClientRequestSender,
pub(crate) forget_me: ForgetMe,
pub(crate) remember_me: RememberMe,
}
@@ -74,7 +74,6 @@ impl MixnetClient {
stats_events_reporter: ClientStatsSender,
task_handle: ShutdownTracker,
packet_type: Option<PacketType>,
client_request_sender: ClientRequestSender,
forget_me: ForgetMe,
remember_me: RememberMe,
) -> Self {
@@ -89,7 +88,6 @@ impl MixnetClient {
shutdown_handle: task_handle,
packet_type,
_buffered: Vec::new(),
client_request_sender,
forget_me,
remember_me,
}
@@ -123,12 +121,12 @@ impl MixnetClient {
}
/// Get a child token of the root, to monitor unexpected shutdown, without causing one
// pub fn cancellation_token(&self) -> CancellationToken {
// self.shutdown_handle.child_shutdown_token().inner().clone()
// }
pub fn cancellation_token(&self) -> CancellationToken {
self.shutdown_handle.child_shutdown_token().inner().clone()
}
pub fn client_request_sender(&self) -> ClientRequestSender {
self.client_request_sender.clone()
self.client_input.client_request_sender.clone()
}
/// Get the client's identity keys.
@@ -198,13 +196,6 @@ impl MixnetClient {
self.client_state.topology_accessor.release_manual_control()
}
/// Returns a shutdown event handle that can be used for waiting for the client to shutdown.
pub fn shutdown_event(&self) -> ShutdownEventHandle {
ShutdownEventHandle {
shutdown_handle: self.shutdown_handle.clone(),
}
}
/// Wait for messages from the mixnet
pub async fn wait_for_messages(&mut self) -> Option<Vec<ReconstructedMessage>> {
self.reconstructed_receiver.next().await
@@ -258,7 +249,12 @@ impl MixnetClient {
client: self.forget_me.client(),
stats: self.forget_me.stats(),
};
match self.client_request_sender.send(client_request).await {
match self
.client_input
.client_request_sender
.send(client_request)
.await
{
Ok(_) => Ok(()),
Err(e) => {
error!("Failed to send forget me request: {e}");
@@ -271,7 +267,12 @@ impl MixnetClient {
let client_request = ClientRequest::RememberMe {
session_type: self.remember_me.session_type(),
};
match self.client_request_sender.send(client_request).await {
match self
.client_input
.client_request_sender
.send(client_request)
.await
{
Ok(_) => Ok(()),
Err(e) => {
error!("Failed to send forget me request: {e}");
@@ -346,16 +347,3 @@ impl MixnetMessageSender for MixnetClientSender {
.map_err(|_| Error::MessageSendingFailure)
}
}
/// Handle for waiting on the shutdown event of the mixnet client.
pub struct ShutdownEventHandle {
shutdown_handle: ShutdownTracker,
}
impl ShutdownEventHandle {
/// Returns once mixnet client has been shut down.
/// If mixnet client is already shut down, returns immediately.
pub async fn wait(&self) {
self.shutdown_handle.wait_for_tracker().await
}
}
@@ -4,7 +4,7 @@
[package]
name = "nym-network-requester"
license = "GPL-3.0"
version = "1.1.64"
version = "1.1.65"
authors.workspace = true
edition.workspace = true
rust-version = "1.85"
+17 -1
View File
@@ -1,2 +1,18 @@
build-bypass-contract:
$(MAKE) -C dkg-bypass-contract build
$(MAKE) -C dkg-bypass-contract build
COSMWASM_OPTIMIZER_IMAGE ?= cosmwasm/optimizer:0.17.0
COSMWASM_OPTIMIZER_PLATFORM ?= linux/amd64
build-bypass-contract-docker:
docker volume rm nym_contracts_cache 2>/dev/null || true
docker volume rm registry_cache 2>/dev/null || true
docker run --rm --platform $(COSMWASM_OPTIMIZER_PLATFORM) \
-v $(CURDIR)/../../..:/code \
--mount type=volume,source=nym_contracts_cache,target=/target \
--mount type=volume,source=registry_cache,target=/usr/local/cargo/registry \
-e CARGO_BUILD_INCREMENTAL=false \
-e RUSTFLAGS="-C target-cpu=generic -C debuginfo=0" \
-e SOURCE_DATE_EPOCH=1 \
$(COSMWASM_OPTIMIZER_IMAGE) "tools/internal/testnet-manager/dkg-bypass-contract"; \
@@ -5,6 +5,7 @@ use crate::msg::MigrateMsg;
use cosmwasm_schema::cw_serde;
use cosmwasm_std::{
Addr, Deps, DepsMut, Env, MessageInfo, QueryResponse, Response, StdError, StdResult, Storage,
entry_point,
};
use cw_storage_plus::{Index, IndexList, IndexedMap, Item, Map, MultiIndex};
use nym_coconut_dkg_common::dealer::DealerRegistrationDetails;
@@ -57,7 +58,9 @@ pub(crate) fn next_node_index(store: &mut dyn Storage) -> StdResult<NodeIndex> {
#[cw_serde]
pub enum EmptyMessage {}
#[cfg_attr(not(feature = "library"), cosmwasm_std::entry_point)]
// #[cfg_attr(not(feature = "library"), cosmwasm_std::entry_point)]
#[entry_point]
pub fn instantiate(
_: DepsMut<'_>,
_: Env,
@@ -68,7 +71,8 @@ pub fn instantiate(
}
/// Handle an incoming message
#[cfg_attr(not(feature = "library"), cosmwasm_std::entry_point)]
// #[cfg_attr(not(feature = "library"), cosmwasm_std::entry_point)]
#[entry_point]
pub fn execute(
_: DepsMut<'_>,
_: Env,
@@ -78,13 +82,15 @@ pub fn execute(
Ok(Response::new())
}
#[cfg_attr(not(feature = "library"), cosmwasm_std::entry_point)]
// #[cfg_attr(not(feature = "library"), cosmwasm_std::entry_point)]
#[entry_point]
pub fn query(_: Deps<'_>, _: Env, _: EmptyMessage) -> Result<QueryResponse, StdError> {
Ok(Default::default())
}
// LIMITATION: we're not storing dealings themselves
#[cfg_attr(not(feature = "library"), cosmwasm_std::entry_point)]
// #[cfg_attr(not(feature = "library"), cosmwasm_std::entry_point)]
#[entry_point]
pub fn migrate(deps: DepsMut<'_>, env: Env, msg: MigrateMsg) -> Result<Response, StdError> {
// on migration immediately attempt to rewrite the storage
let threshold = (2 * msg.dealers.len() as u64).div_ceil(3);
@@ -21,6 +21,7 @@ use std::path::Path;
use std::time::Duration;
use time::OffsetDateTime;
use time::format_description::well_known::Rfc3339;
use tracing::error;
use url::Url;
struct InitCtx {
@@ -682,9 +683,14 @@ impl NetworkManager {
})?;
let now = OffsetDateTime::now_utc();
// SAFETY: all the information saved in our contracts should be well-formed
let commit_timestamp = OffsetDateTime::parse(&build_info.commit_timestamp, &Rfc3339)
.expect("malformed commit timestamp");
.inspect_err(|err| {
error!(
"failed to parse contract build information: {err}. set timestamp was: {}",
build_info.commit_timestamp
)
})
.unwrap_or(OffsetDateTime::UNIX_EPOCH);
let age = now - commit_timestamp;
+1 -1
View File
@@ -1,6 +1,6 @@
[package]
name = "nym-cli"
version = "1.1.63"
version = "1.1.64"
authors.workspace = true
edition = "2021"
license.workspace = true
+1 -1
View File
@@ -1,6 +1,6 @@
[package]
name = "nymvisor"
version = "0.1.28"
version = "0.1.29"
authors.workspace = true
repository.workspace = true
homepage.workspace = true
-6
View File
@@ -66,11 +66,6 @@ pub struct NymClient {
_task_manager: ShutdownTracker,
packet_type: PacketType,
// We need this to keep the client_request channel alive and avoid jamming up the
// JS runtime when the MixTrafficController then tries to reconnect it if it dies
#[allow(dead_code)]
pub(crate) client_request_sender: ClientRequestSender,
}
// TODO: we don't really need a builder anymore,
@@ -263,7 +258,6 @@ impl NymClientBuilder {
_full_topology: None,
_task_manager: started_client.shutdown_handle,
packet_type,
client_request_sender: started_client.client_request_sender,
})
}