Skip to content

Remove unnecessary deps#276

Merged
dannywillems merged 10 commits into
devfrom
remove_unnecessary_deps
Jul 3, 2026
Merged

Remove unnecessary deps#276
dannywillems merged 10 commits into
devfrom
remove_unnecessary_deps

Conversation

@zancas

@zancas zancas commented Jul 3, 2026

Copy link
Copy Markdown
Member

What

Ten commits that take the workspace's dependency graph from "the zebra node stack, the librustzcash family, and an unmaintained proc-macro" to: reqwest, tokio, serde, sha2, clap, and the zingo sibling crates. The end state, verified by cargo metadata over every member and every edge kind:

  • Zero zcash*, zebra*, or librustzcash-family dependencies of any kind (normal, dev, or build) in any workspace member.
  • Zero zebra or librustzcash entries in Cargo.lock (about 5,000 lock lines gone), so even this repo's own test builds compile none of it.
  • cargo deny check advisories passes with no ignored advisories.
  • Consumers of zcash_local_net (the zls and zaino test builds) stop compiling the zebra stack and librustzcash entirely at their next pin bump.

The commits

  • Keygen deleted (b68f4d8): --miner-address defaults to the well-known ABANDONART fixture (the same constant the harness has always mined to; its seed is the public BIP-39 test mnemonic, so default-mined regtest funds import into any wallet). An org-wide audit found no programmatic consumers of the launcher, and every human user has wallet software that mints addresses. Removes zcash_keys, zcash_protocol, zcash_transparent, zip32, bip0039, secp256k1, ripemd, and sha2 from the launcher, and three duplicate-version pairs from the lock.
  • MinerPool replaces zcash_protocol::PoolType (b09d9c1): dedicated mine-to-pool vocabulary in zingo-consensus beside NetworkType. The borrowed shape never fit (zebrad panics on its Sapling variant) and consumers only ever passed literals. API break: PoolType::ORCHARD-style literals become MinerPool::Orchard at pin bump (six harness crates across zls/zaino).
  • zebra_chain via zebra-rpc's re-export + explicit rpc-client feature (7ae0673): drops a workspace version pin and fixes a latent feature-unification bug.
  • Hand-rolled JSON-RPC client (05c7dc9): rpc_client::RpcRequestClient, drop-in for the zebra-node-services client (same name, methods, wire format). Requirements pinned by 8 unit tests against a canned server, including the error-envelope-to-Err mapping that readiness polling depends on; validated 15/15 against real zebrad. zebra-node-services deleted.
  • zebra-rpc 11.0 (848422c): brings nu6.3 (ironwood) through the conversion and launcher CLI, off by default (the CLI's cascade semantics would otherwise activate it at the nu6_2 height). should_allow_unshielded_coinbase_spends: None preserves prior consensus behavior.
  • mod zebra_rpc (8e74e9e): template parsing and proposal assembly equivalent to proposal_block_from_template for every way this repo uses it, with the commitment branch driven by zingo_consensus::ActivationHeights instead of zebra's Network. Proven by a live differential test: byte-for-byte block and hash equality against a real zebrad at heights 2-6, crossing the NU6.1/NU6.2 lockbox activation, and submitting our bytes so the chain itself accepts them.
  • The swap (029e93e): generate_blocks and the launcher mine through the new module. Removing zebra's feature unification unmasked undeclared serde/tokio requirements, now stated explicitly.
  • External-types allowlist (116bd5a): the new public API's boundary types (reqwest Response/Result, serde_json Error/Value, serde deserialization traits) sanctioned explicitly.
  • Oracle deleted (477504b): the zebra-rpc dev-dependency and its differential suite leave, after capturing a Canopy-branch golden fixture. All three commitment-branch cases (NU5+, lockbox activation, Canopy) are pinned offline by zebra_rpc_golden.rs against fixtures recording the oracle's exact outputs: no binary, no dependency. Recapture machinery lives in git history.
  • getset removed (232cf9f): the six Getters/CopyGetters structs get hand-written accessors with identical names and signatures (minus Lightwalletd's never-callable _data_dir()). This erases getset and the unmaintained proc-macro-error2 from the lock, so the RUSTSEC-2026-0173 deny ignore is deleted.

Verification

Full workspace suite run locally with all binaries present (zebrad, zainod, zcashd, lightwalletd): integration and e2e green, including real mining through the new client and assembler. cargo check --workspace --all-features, clippy, fmt, and cargo deny clean at every step. Golden regression fixtures in tests/fixtures/zebra_rpc/ pin block-assembly equivalence with zebra-rpc permanently.

Notes for reviewers

  • The launcher e2e snapshot changed with the keygen removal (no more mnemonic block in the output).
  • CAPTURE_PROPOSAL_FIXTURES=1 refreshed the golden fixtures while the oracle existed; to recapture after a zebra template-format change, resurrect tests/zebra_rpc_oracle.rs and the zebra-rpc dev-dependency from git history. The variable deliberately avoids the ZEBRA_ prefix: zebrad parses ZEBRA_* environment variables as configuration and refuses to launch on unknown fields.
  • Remaining follow-up, deliberately not included: CI-image provisioning for zcash-devtool and zainod, to un-filter the five devtool_client integration tests excluded in .config/nextest.toml.

🤖 Generated with Claude Code

zancas and others added 7 commits July 2, 2026 17:26
regtest-launcher no longer generates keypairs. --miner-address now
defaults to zingo_test_vectors::REG_T_ADDR_FROM_ABANDONART, the same
fixture the harness has always mined to, whose seed is the public
BIP-39 test mnemonic, so default-mined regtest funds are spendable by
importing that phrase into any wallet. An org-wide audit found no
programmatic consumers of the launcher, and every human user has
wallet software that mints addresses.

This removes the workspace's entire remaining direct librustzcash
surface outside zebra: zcash_keys, zcash_protocol, zcash_transparent,
zip32, bip0039, secp256k1, ripemd, and sha2 leave regtest-launcher,
and the zcash_keys 0.13/zcash_protocol 0.8/zcash_transparent 0.7
duplicate-version pairs leave the lock.

The e2e snapshot is updated by hand for the new output (zainod is not
available in this environment); re-run the e2e locally to confirm.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
The harness's mine-to-pool selector becomes a dedicated vocabulary
type beside NetworkType. The borrowed PoolType shape never fit (zebrad
panics on its Sapling variant) and consumers only ever passed
literals, so the ecosystem-type-identity benefit was theoretical while
the cost was chaining zcash_local_net's API to librustzcash's major
cadence. zcash_protocol leaves the workspace manifests entirely,
along with the unused local-consensus feature; it remains in the lock
only where zebra embeds it internally.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
zebra_rpc::client re-exports all of zebra_chain (verified stable
through zebra-rpc 11.0.0), so zcash_local_net's three zebra_chain
imports move to that path and the direct zebra-chain dependency is
removed, dropping a workspace version pin that had to chase zebra
releases. zebra-node-services gains an explicit rpc-client feature
declaration: the crate imports rpc_client::RpcRequestClient but
previously compiled only because zebra-rpc happens to enable that
feature, a latent unification bug.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
zcash_local_net gains rpc_client::RpcRequestClient, a drop-in
replacement for zebra_node_services::rpc_client::RpcRequestClient
built on the crate's existing reqwest dependency. Same name, same
method surface, same spliced JSON-RPC 2.0 wire format, so all call
sites change imports only. Unit tests pin the requirements derived
from the seven call sites: wire shape, result payload delivery,
error-envelope-to-Err mapping (which readiness polling depends on),
transport failures as Err, byte-faithful text passthrough for the
submitblock result:null check, and sequential-call soundness.
Validated against real zebrad: 15/15 integration and e2e tests pass.

zebra-node-services leaves both member manifests and the workspace
table, freeing the workspace from tracking its version in lockstep
with zebra-rpc (which moves it 7.0.0 -> 9.0.0 at zebra-rpc 11). The
external-types allowlist loses its last zebra entry.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
The workspace's single zebra pin moves 9.0 -> 11.0 (two-component
version per manifest convention). zebra 11's
ConfiguredActivationHeights gained nu6_3 (ironwood), so the zingo
conversion now maps it and the launcher CLI grows the nu6_3 key,
off by default like nu7 (the fixture string says so explicitly:
cascade semantics would otherwise activate ironwood at the nu6_2
height). RegtestParameters gained
should_allow_unshielded_coinbase_spends; None preserves prior
behavior. Verified against a pre-ironwood zebrad binary: 42/42
CLI, client, integration, and e2e tests pass, including real
mining through zebra 11's template assembly.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
New zcash_local_net::zebra_rpc module: a serde template model for the
nine getblocktemplate fields proposal assembly consumes, byte-level
block construction equivalent to zebra-rpc's
proposal_block_from_template (curtime source, zero nonce, zero
1344-byte solution, Canopy-vs-NU5+ commitment branch driven by
zingo_consensus::ActivationHeights), and the display-order block
hash. zebra-rpc stays as the oracle for now.

Equivalence proof: a live differential test launches zebrad, parses
each template with both implementations, asserts byte-for-byte block
and hash equality at heights 2-6 (crossing the NU6.1/NU6.2 lockbox
activation), and submits OUR bytes so the chain itself accepts them.
An offline test covers the Canopy branch by replaying a captured
fixture at height 1. Golden fixtures captured from the oracle's
outputs (tests/fixtures/zebra_rpc) pin the equivalence in
zebra_rpc_golden.rs, which needs no binary and no zebra-rpc, so the
regression suite survives the dependency's deletion.

Discovered along the way: zebrad parses ZEBRA_* environment
variables as configuration, so the capture flag is
CAPTURE_PROPOSAL_FIXTURES.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
generate_blocks and the launcher's mining loops now assemble proposals
with zcash_local_net::zebra_rpc (proven byte-equivalent to zebra-rpc
by the oracle suite and pinned by golden fixtures). The commitment
branch takes zingo_consensus::ActivationHeights directly, so the
zingo_to_zebra_activation_heights conversion and the launcher's
Network/RegtestParameters construction are deleted, and the CLI
parses into a small local struct.

zebra-rpc leaves every [dependencies] table and survives only as
zcash_local_net's dev-dependency, powering the oracle differential
test and fixture recapture. The workspace's consumer-facing
dependency graph now contains zero zcash*, zebra*, or librustzcash
crates, transitively.

Removing zebra's feature unification unmasked undeclared requirements
of the same class as the earlier rpc-client finding: serde/derive and
the real tokio feature sets are now declared explicitly in both
members.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
zancas added a commit to zingolabs/zaino that referenced this pull request Jul 3, 2026
Follow zingolabs/infrastructure#276 to its current head (029e93eb) by
switching the git dependency from an exact rev to branch tracking; the
committed Cargo.lock still pins the resolved commit, so builds stay
deterministic until the next cargo update.

The PR empties zcash_local_net's dependency tables of the zebra and
librustzcash stacks, which drops an entire duplicate zebra stack from
our lock: zebra-chain 9.0.0, zebra-rpc 9.0.0, zebra-node-services
7.0.0, zebra-consensus/network/script/state 8.x, and
tower-batch-control/tower-fallback. No zaino code changes were needed —
the MinerPool rename in the previous commit was the only API break.

Verified with cargo check --tests on zaino-testutils/e2e/clientless
under both default features and zcashd_support; fmt clean; clippy
shows only pre-existing warnings.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
zancas and others added 3 commits July 2, 2026 21:03
The rpc_client and zebra_rpc modules expose reqwest's Response/Result,
serde_json's Error/Value, and serde's deserialization traits in their
public signatures; the External Types CI job flagged all six.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
The oracle differential suite served its purpose (live byte-for-byte
equivalence proven against real zebrad) and leaves with the zebra-rpc
dev-dependency. Before deletion, a Canopy-branch golden fixture was
captured from the oracle, so all three commitment-branch cases (NU5+,
lockbox activation, Canopy) are pinned offline by zebra_rpc_golden.rs
with no dependency and no binary. Recapture machinery lives in git
history.

The lock file now contains zero zebra or librustzcash entries: the
entire tree is gone for this repo's own builds, not just consumers.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
The six Getters/CopyGetters structs (Zebrad, Zcashd, Zainod,
Lightwalletd, Empty, ZcashDevtool) get explicit accessor impls with
identical names and signatures, except Lightwalletd's never-callable
_data_dir() getter, which is not reproduced. With the zebra tree
already gone, removing the direct getset dependency erases getset and
the unmaintained proc-macro-error2 from the lock entirely, so the
RUSTSEC-2026-0173 deny ignore is deleted and cargo deny passes with no
advisories ignored at all.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@zancas zancas marked this pull request as ready for review July 3, 2026 04:11
@zancas

zancas commented Jul 3, 2026

Copy link
Copy Markdown
Member Author

I have a branch of zaino that depends on this feature all tests pass there.

zancas added a commit to zingolabs/zaino that referenced this pull request Jul 3, 2026
Pure lock bump following new pushes to zingolabs/infrastructure#276:
getset replaced by hand-written accessors (dropping getset from
zcash_local_net's dependency list), the zebra-rpc oracle dev-dependency
deleted, and an external-types allowlist fix. No zaino API impact.

Verified with cargo check --tests on zaino-testutils/e2e/clientless
under both default features and zcashd_support.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

@dannywillems dannywillems left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK 232cf9f

I read the Claude text about why the code is duplicated here (for instance PoolType and ActivationHeights), but I don't still understand why it is replaced.

Accepting to move further.

@dannywillems dannywillems merged commit 1874b8b into dev Jul 3, 2026
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants