feat: Ironwood support#4
Draft
dorianvp wants to merge 435 commits into
Draft
Conversation
Add RocksDB dependency and dynamic linking Include librocksdb-dev in the setup-zebra-build action and in the Dockerfile, and define ROCKSDB_LIB_DIR to enable dynamic linking, reducing build time.
ZcashFoundation#10474) * fix(ci): rewrite checkpoint artifact upload to scp a pre-captured file PR ZcashFoundation#10459 introduced an upload-checkpoint-artifact job that rediscovers the test container with `docker ps -a --filter name=${TEST_ID}` and greps HEIGHT HASH lines out of `docker logs`. Every run since the merge has reported "Extracted 0 checkpoint lines" because the filter does not match the `klt-` prefixed container name injected by Container-Optimized OS, and the anchored regex is brittle against nextest output wrapping. Capture the lines during the test-result job while the correct container ID is still in `steps.find-container.outputs.CONTAINER_ID`, save them to `/tmp/checkpoints.txt` on the instance, and retrieve them with a single `gcloud compute scp` in the upload job. The container-lookup step is gone and the grep runs with `-oE` so it tolerates nextest prefixes. * fix(ci): drop --ssh-flag from gcloud compute scp invocation `gcloud compute scp` does not accept `--ssh-flag` (that flag is for `gcloud compute ssh`). Each `--ssh-flag=...` is being parsed as a positional source path, producing 'Source(s) must be remote when destination is local'. The capture step verified our architecture works: 'Captured 61 checkpoint lines'. The transfer is tiny so no keep-alive is needed; just drop the flags.
…oundation#10475) The `run-stateful-tests` label had to be removed and re-added after every push to re-trigger the integration tests. Two coordinated fixes: - Expand the `pull_request` trigger to `[labeled, synchronize, reopened]` so the workflow fires on push, not only when a label is toggled. - Replace `github.event.label.name == 'run-stateful-tests'` with `contains(github.event.pull_request.labels.*.name, 'run-stateful-tests')` at all four gate sites. The old expression is null outside label events; the new expression reads the PR's current label set on any `pull_request` activity, matching the pattern used for the `A-release` label in `tests-unit.yml`.
…shFoundation#10472) * fix(ci): remove dead gcr-cleaner job from GCP cleanup workflow The `clean-registries` job pinned a Docker image from a deleted GCP project (`us-docker.pkg.dev/gcr-cleaner/gcr-cleaner/gcr-cleaner-cli`), so every daily run failed with "Project #78287296261 has been deleted" for ~12 days. Artifact Registry image cleanup is now handled server-side by a native cleanup policy on the `zebra` repository: keep the 2 newest versions, delete anything older than 504h / 21 days. Policy is defined in the cloud-foundation-fabric Terraform stage. Semantically identical to the retired gcr-cleaner args. Drop the job, its Docker login, the `DELETE_IMAGE_HOURS` env var, the `clean-registries` entry on `delete-resources-success.needs`, and the related documentation. The disk/instance/template/image cleanup jobs that use gcloud CLI are unaffected. * fix(ci): drop transitive comment about registry cleanup
…ion#10471) * fix(ci): grant issues: write to failure-issue jobs The failure-issue jobs in zfnd-ci-integration-tests-gcp.yml and zfnd-deploy-nodes-gcp.yml inherit only contents: read from the workflow-level permissions, so jayqi/failed-build-issue-action failed with "Resource not accessible by integration" whenever a real failure triggered the job. Add a job-scoped permissions block (contents: read, issues: write) so auto-issue creation works again, without broadening the token at workflow scope. * fix(ci): restore contents: read on book.yml build job Job-level permissions replace the workflow-level block entirely, so the Build Docs job was running with only id-token: write and statuses: write. actions/checkout currently works because the public repo allows anonymous HTTPS clone, but the job should declare the contents: read it actually needs.
…Foundation#10478) Link RDB only in tests Docker stage
…0464) * fix(docker): expose P2P port for inbound peer connections Zebra's Docker configuration did not expose the P2P port (8233/18233), meaning containerized nodes could only make outbound connections. This prevents inbound peer connections, degrades Zcash network health, and breaks the "network shield" use case where Zebra sits in front of zcashd. Docker changes: - Add EXPOSE 8233 18233 to Dockerfile runtime stage - Enable P2P port mapping in docker-compose.yml (was commented out) - Add P2P port to lightwalletd and observability compose files - Document external_addr in default config for NAT/firewall scenarios - Add ZEBRA_NETWORK__EXTERNAL_ADDR to .env template Documentation changes: - Add P2P port mapping (-p 8233:8233) to all docker run examples - Add persistent volume (-v) to quickstart commands - Add P2P Networking section to Docker docs with port table and NAT guidance - Update requirements.md with Docker-specific and firewall/NAT guidance - Fix stale docker-compose.grafana.yml reference to observability.yml - Update mining docs to use modern ZEBRA_RPC__LISTEN_ADDR env var GCP deployment changes: - Add explicit P2P port to ZEBRA_NETWORK__LISTEN_ADDR (was bare IP) - Add firewall rule creation step for P2P ingress on zebrad-tagged instances * docs: use neutral language in P2P documentation and fix workflow bug - Remove alarming phrasing ("does not contribute to network health", "network shield", "silently drops") from Dockerfile, docker.md, docker-compose.yml, mining-docker.md, and requirements.md - Remove descriptions of internal peer discovery mechanisms and defensive network topologies from public documentation - Fix P2P_PORT variable scope bug in GCP deploy workflow: shell variables from earlier run: blocks do not persist across steps, so P2P_PORT is now recomputed in the firewall rule step - Update deprecated env var names in docker/.env (ZEBRA_RPC_PORT → ZEBRA_RPC__LISTEN_ADDR, ENABLE_COOKIE_AUTH → ZEBRA_RPC__ENABLE_COOKIE_AUTH, ZEBRA_COOKIE_DIR → ZEBRA_RPC__COOKIE_DIR) to match config-rs conventions https://claude.ai/code/session_015yZ5NpStAj6aq8kbroBxUh * fix(ci): remove inline firewall rule creation from deploy workflow Firewall rules are managed outside the deployment workflow. https://claude.ai/code/session_015yZ5NpStAj6aq8kbroBxUh * docs: reduce P2P documentation repetition - Replace duplicate docker run examples in P2P Networking section with a reference to the Quick Start - Shorten NAT comment in default-zebra-config.toml to one line https://claude.ai/code/session_015yZ5NpStAj6aq8kbroBxUh * docs: align P2P networking prose with surrounding sections Replace bolded bullet breakdowns and inline labels with flowing prose to match the style of each file's surrounding sections. Drop duplicate sentences about `external_addr` and normalize the port reference table headers. * Update docker/Dockerfile Co-authored-by: Marek <m@rek.onl> * fix(ci): exclude IACR eprint from lychee link checker IACR's eprint server returns 403 Forbidden to automated clients, causing docs-check link-check failures on every PR. Exclude the domain so historical academic references in book/ don't break CI. --------- Co-authored-by: Marek <m@rek.onl>
…cashFoundation#10482) * refactor(ci): unify GCP deploy lifecycle and remove versioned-MIG collisions Replaces versioned MIG names (`zebrad-v${MAJOR}-${network}`) with a stable MIG per network and routes deploys through three lifecycle classes (prod, staging, canary). Removes the single-writer disk collisions that versioned MIGs created on every major release, and the shell-conditional fall-through that routed every deploy to the prod-disk path regardless of trigger. Workflow: trigger maps to lifecycle class via `case` on `github.event_name`, deriving MIG, disk, and template names from one source. Pre-flight squatter check fails fast (with the holding instance's name) when a stateful disk is held by an unrelated MIG. Rolling action uses `--max-unavailable=1`. Lifecycle labels (`lifecycle_class`, `created_by`, `github_ref`, `github_sha`) are stamped on templates, instances, and disks. Rationale and trade-offs: docs/decisions/devops/0006-gcp-deployment-lifecycle.md Operations: book/src/dev/gcp-deployment-operations.md * docs(ci): restore trigger and job context in deploy workflow header The previous header inventoried jobs that no longer exist and described release semantics that no longer apply. Replace it with the current trigger list, the actual job graph, and pointers to the ADR and runbook. Also annotate `set-matrix` and `deploy-nodes` so a reader can identify each job's role without reading the full implementation. * fix(ci): move template-injection-flagged interpolations into env vars Routes `env.GITHUB_SHA_SHORT` (template name) and `vars.GCP_REGION` (pre-flight check) through the step's `env:` block so they reach the shell as `$VAR` rather than `${{ ... }}`. Removes the new zizmor/template-injection findings introduced by this PR. * refactor(ci): drop lifecycle-class label; reuse environment + created_by The `lifecycle_class` label introduced earlier in this PR duplicated information already carried by the existing `environment` (`dev` | `prod`) and `created_by` (`release` | `push` | `workflow_dispatch`) labels. Drop the label and the matching env var; let the existing labels carry the discriminator. Filtering reduces to a single predicate (`labels.created_by=workflow_dispatch` covers PR deploys; `=release` covers production; `=push` covers staging). Rename the ADR to `0006-gcp-deployment-naming.md` to reflect that the decision is about deriving MIG and disk names from `(environment, branch)`, not about a new lifecycle vocabulary. The word "lifecycle" stays available for what it already means in this repo: how disks are created, retained, snapshotted, and reaped. Replace "canary" with "PR deploy" in docs and runbook. Dispatch deploys are dev work on branches, not partial-production canaries with traffic splits. * docs(ops): tighten GCP operations runbook Consolidate the four PR-deploy sections (run / list / label / reap / sweep) into one with sub-headings, since they share label vocabulary and target the same resources. Move static-IP, cache-image, and daily-cleanup notes into a single Reference section. Drop the duplicated "Concepts" preamble; the same model is in continuous-delivery.md. Factor `$P` and `$R` into shell defaults at the top so each recipe stops redeclaring them. No behavior changes. The runbook drops from 255 lines to roughly half without losing any procedure.
…shFoundation#10485) * refactor(ci): zonal MIG per (environment, branch, network, zone) One zonal MIG per matrix cell. Each MIG holds 1 instance, 1 stateful disk, 1 static IP. Push and release fan out to 6 cells (2 networks × 3 zones); workflow_dispatch deploys one cell (user picks network + zone) for PR smoke-tests. The prior regional stateful MIG architecture forced all-at-once updates: regional stateful MIGs require max-surge=0 and max-unavailable >= zone_count. Zonal MIGs take max-unavailable=1 natively, so a rolling update replaces one zone at a time while the other two keep serving. Deploy success is two channels: - deploy-nodes reports infrastructure (template + MIG + IP), ~3-5 min per cell. `failure-issue` label `S-ci-fail-release-auto-issue`. - verify-nodes reports application (peer mesh + chain tip), up to 90 min, runs async. `verify-failure-issue` label `S-ci-fail-verify-auto-issue`. On-call can tell deploy bugs from warmup slowness. Other: - get-disk-name split per-network; fixes testnet-gets-mainnet-image leak from the workflow-level lookup. - ensure-health-checks is a one-shot job (runs once per push, not 6x from the matrix). - environment value computed once in set-matrix.outputs.environment; the old four copies of the event-name ternary are gone. - Template uses --disk=name=X (attach existing) plus an explicit "Ensure zonal disk exists" step that creates from the cache image when missing. Supports both fresh deploys and manual snapshot seeds. - Matrix fail-fast off; each (network, zone) cell succeeds or fails independently. * docs: fix broken GCP docs link in ADR 0006 link-check flagged `.../instance-groups/zonal-migs` as 404. Replace with the canonical `.../instance-groups` overview, which covers the zonal/regional distinction and is stable across GCP doc restructures.
) * fix(ci): scope deploy concurrency per (env, network, zone) The previous concurrency key serialized every deploy event on the same ref, so firing six workflow_dispatch runs against (env=prod, one per network+zone) would let only one run at a time. That contradicts the zonal-MIG design in ADR 0006, where each (environment, network, zone) owns an independent MIG, disk, and IP and has no reason to block its siblings. Including inputs.environment, inputs.network, and inputs.zone in the group gives each cell its own concurrency bucket. For push and release the inputs are empty, so the key collapses to one group per (event, ref), preserving the current in-workflow matrix fan-out. * fix(ci): derive MIG names and static-IP condition from env + branch Both `Compute MIG and disk naming` and `Assign static IP` branched on `github.event_name` instead of the deploy target, which broke workflow_dispatch to prod: 1. Naming: `event=workflow_dispatch` set `PREFIX="${REF_SLUG}-"`, so a prod dispatch looked for `zebrad-cache-main-mainnet-b` instead of the ADR-0006 stable name `zebrad-cache-mainnet-b`. The disk-exists check missed and the fallback `disks.create` tried to use a dev-project cache image that prod cannot read. 2. Static IP: skipped for every workflow_dispatch, including dispatches to prod that need the reserved zone-to-IP mapping. Derive both from (environment, branch): - `env=prod` -> empty prefix, assign static IP (any event). - `env=dev` + `main` -> `main-` prefix, assign static IP. - `env=dev` + other -> `${ref}-` prefix, ephemeral IP.
…undation#10488) fix(ci): harden pre-flight parse and make health-check idempotent Two races surfaced when post-merge main ran and six prod dispatches fired in parallel: 1. Pre-flight owner parse: `grep -oE 'instanceGroupManagers/[^/]+'` accepts every non-slash character, so when gcloud renders the extracted metadata value with list-bracket framing, the trailing `']` becomes part of the owner string. The `owner != MIG_NAME` check then always fails when the disk is already attached (every push after the first). Tighten the character class to `[a-z0-9-]+`, matching only valid MIG name chars. 2. Health-check upsert: the create-or-update pattern races across parallel runs. `update` sees the resource mid-creation and gets `The resource ... is not ready`. Switch to describe-or-create: skip entirely when the global health check exists.
…n#10489) The build job references `needs.set-matrix.outputs.environment` but does not list set-matrix in its `needs:`, so GitHub Actions silently resolves the reference to an empty string. The build reusable workflow then falls back to environment=dev and pushes the image to the dev Artifact Registry, even when the deploy target is prod. Adding `needs: [set-matrix]` resolves the reference to the real value.
Replace `.expect()` on fallible `body.collect().await` with `?` in `request_to_json_rpc_2` and `response_from_json_rpc_2`. A TCP connection reset during body reading previously panicked, which with `panic = "abort"` instantly killed the entire Zebra process. Now body collection errors propagate as `Err(BoxError)`, closing the HTTP connection cleanly.
* fmt * fix(clippy): use Option::zip instead of manual implementation * fix(deps): update rustls-webpki to 0.103.12 for security advisories * fix(clippy): use Option::zip in zebra-rpc indexer * fix(ci): add rustls-webpki audit and downgrade yanked to warn
* add test to reproduce issue * consensus: remove mempool bypass * addressed comments in test * fix skips_verification_of_block_transactions_in_mempool() * add test to reproduce issue * fix(chain): validate rk on parsing * adjust test for the fix * reproduce addr_limit * fix addr_limit * add fuzzing artifacts to .gitignore * fix(script): correct v4/v5 sighash divergence with zcashd For V5+ transactions, reject undefined hash_type values in the script verification callback, matching zcashd's SighashType::parse behavior. For pre-V5 (V4) transactions, use the raw hash_type byte in the sighash preimage instead of canonicalizing it, matching zcashd's serialization behavior that only masks with 0x1f for selection logic. Add sighash_v4_raw API to zebra-chain for raw-byte V4 sighash computation and comprehensive tests for both V4 and V5 divergence scenarios. * build: update zcash_script to 0.4.4 Use the published zcash_script 0.4.4 and zcash_transparent 0.6.4 which include the sighash fixes upstream. No patches needed. * style: apply rustfmt to cherry-picked code * fix: move test-only constants into test modules, pin zcash_transparent 0.6.4 Move ADDR_V1_SIZE and ADDR_V2_MIN_SIZE from source files into the test modules that consume them, eliminating dead_code warnings from clippy. Pin zcash_transparent to 0.6.4 in Cargo.toml so the fix is explicit and not dependent on lockfile resolution. * Delete zebra-network/proptest-regressions/peer_set/set/tests/prop.txt --------- Co-authored-by: Conrado Gouvea <conradoplg@gmail.com> Co-authored-by: Alfredo Garcia <oxarbitrage@gmail.com> Co-authored-by: DC <alchemydc@proton.me>
* bump versions and changelogs for 4.3.1 * Update zebra-consensus/CHANGELOG.md Co-authored-by: Alfredo Garcia <oxarbitrage@gmail.com> * add some CVE numbers * expand CHANGELOG * bump zebra-rpc; add rpc panic to the changelogs * chore: refresh mainnet and testnet checkpoints for v4.3.1 * chore(release): add Dockerized mining changelog entry; bump estimated release height; fix duplicate Unreleased heading --------- Co-authored-by: Conrado Gouvea <conradoplg@gmail.com> Co-authored-by: Conrado <conrado@zfnd.org> Co-authored-by: Alfredo Garcia <oxarbitrage@gmail.com>
…ion#10444) * bench(consensus): add Groth16 proof verification benchmarks Add criterion benchmarks for Sprout JoinSplit Groth16 proof verification in zebra-consensus. Measures single and unbatched verification at batch sizes 2–64, plus input preparation costs (primary_inputs computation and item creation). Uses cycled items from mainnet test blocks since verification cost is constant per proof regardless of content. * bench(consensus): add Halo2 (Orchard) proof verification benchmarks Add criterion benchmarks for Orchard Halo2 proof verification in zebra-consensus. Extracts real Orchard bundles from NU5 mainnet test blocks and measures single and unbatched verification at batch sizes 2-32. Only exercises verify_single() since Item fields and the batch trait are private. * bench(consensus): add Sapling proof verification benchmarks Add criterion benchmarks for Sapling shielded data verification in zebra-consensus. Extracts real Sapling bundles from mainnet test blocks (28 items) and measures both unbatched (one-item batch per bundle) and true batch verification at sizes 2-64. Batch verification shows ~5x speedup at 64 bundles, validating the batching architecture. * bench(chain): add per-version transaction serialization benchmarks Add criterion benchmarks for transaction deserialization and serialization across all five Zcash transaction versions (V1-V5). Extracts real transactions from mainnet test blocks at the appropriate network upgrade heights. V5 deserialization is notably slower than V1-V4 due to consensus branch ID validation and Orchard field parsing. --------- Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
…er Sapling migration (ZcashFoundation#10436) cleanup(zebra-consensus): remove remaining groth16 abstractions after Sapling migration Remove the `Description` trait and `DescriptionWrapper` that were only used by Sprout JoinSplit after Sapling verification moved to `sapling_crypto::BatchValidator`. Replace with a direct `Item::from_joinsplit()` constructor. Relocate `SAPLING` params from `groth16/params.rs` to `sapling.rs` where they are actually used, and rename misleading `proofs.groth16.*` metrics to `proofs.sapling.*` in the Sapling verifier. Closes ZcashFoundation#9891
* fix(ci): update cargo vet exemptions to match current crate versions * fix(ci): prune unnecessary cargo vet exemptions and refresh imports * fix(ci): trigger lint workflow on supply-chain changes * fix(ci): update rustls-webpki and ignore core2 unmaintained advisory
…ZcashFoundation#10503) * build(deps): bump the devops group across 1 directory with 26 updates Bumps the devops group with 26 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.1` | `6.0.2` | | [actions-rust-lang/setup-rust-toolchain](https://github.com/actions-rust-lang/setup-rust-toolchain) | `1.15.2` | `1.16.0` | | [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `9.0.0` | | [actions/configure-pages](https://github.com/actions/configure-pages) | `5.0.0` | `6.0.0` | | [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact) | `4.0.0` | `5.0.0` | | [actions/deploy-pages](https://github.com/actions/deploy-pages) | `4.0.5` | `5.0.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `7.0.0` | `8.0.1` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `8.1.0` | `8.1.1` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.68.10` | `2.75.18` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.5.2` | `6.0.0` | | [actions/cache](https://github.com/actions/cache) | `5.0.1` | `5.0.5` | | [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) | `2.7.0` | `2.8.0` | | [actions/setup-node](https://github.com/actions/setup-node) | `6.1.0` | `6.4.0` | | [EmbarkStudios/cargo-deny-action](https://github.com/embarkstudios/cargo-deny-action) | `2.0.15` | `2.0.17` | | [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment) | `3.0.3` | `3.0.4` | | [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) | `6.2.0` | `7.2.0` | | [rlespinasse/github-slug-action](https://github.com/rlespinasse/github-slug-action) | `5.5.0` | `5.6.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.12.0` | `4.0.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.19.2` | `7.1.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `7.0.1` | | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2.2.1` | `3.1.1` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5.10.0` | `6.0.0` | | [docker/login-action](https://github.com/docker/login-action) | `3.7.0` | `4.1.0` | | [docker/scout-action](https://github.com/docker/scout-action) | `1.18.2` | `1.20.4` | | [shimataro/ssh-key-action](https://github.com/shimataro/ssh-key-action) | `2.8.0` | `2.8.1` | | [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.5.0` | `0.5.3` | Updates `actions/checkout` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v6.0.1...de0fac2) Updates `actions-rust-lang/setup-rust-toolchain` from 1.15.2 to 1.16.0 - [Release notes](https://github.com/actions-rust-lang/setup-rust-toolchain/releases) - [Changelog](https://github.com/actions-rust-lang/setup-rust-toolchain/blob/main/CHANGELOG.md) - [Commits](actions-rust-lang/setup-rust-toolchain@1780873...2b1f5e9) Updates `actions/github-script` from 7.0.1 to 9.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@60a0d83...3a2844b) Updates `actions/configure-pages` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/configure-pages/releases) - [Commits](actions/configure-pages@983d773...45bfe01) Updates `actions/upload-pages-artifact` from 4.0.0 to 5.0.0 - [Release notes](https://github.com/actions/upload-pages-artifact/releases) - [Commits](actions/upload-pages-artifact@7b1f4a7...fc324d3) Updates `actions/deploy-pages` from 4.0.5 to 5.0.0 - [Release notes](https://github.com/actions/deploy-pages/releases) - [Commits](actions/deploy-pages@d6db901...cd2ce8f) Updates `actions/download-artifact` from 7.0.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v7...3e5f45b) Updates `peter-evans/create-pull-request` from 8.1.0 to 8.1.1 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@c0f553f...5f6978f) Updates `taiki-e/install-action` from 2.68.10 to 2.75.18 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](taiki-e/install-action@305beba...055f5df) Updates `codecov/codecov-action` from 5.5.2 to 6.0.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@671740a...57e3a13) Updates `actions/cache` from 5.0.1 to 5.0.5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@9255dc7...27d5ce7) Updates `lycheeverse/lychee-action` from 2.7.0 to 2.8.0 - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](lycheeverse/lychee-action@a8c4c7c...8646ba3) Updates `actions/setup-node` from 6.1.0 to 6.4.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@395ad32...48b55a0) Updates `EmbarkStudios/cargo-deny-action` from 2.0.15 to 2.0.17 - [Release notes](https://github.com/embarkstudios/cargo-deny-action/releases) - [Commits](EmbarkStudios/cargo-deny-action@3fd3802...91bf2b6) Updates `marocchino/sticky-pull-request-comment` from 3.0.3 to 3.0.4 - [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases) - [Commits](marocchino/sticky-pull-request-comment@d4d6b09...0ea0beb) Updates `release-drafter/release-drafter` from 6.2.0 to 7.2.0 - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](release-drafter/release-drafter@6db134d...5de9358) Updates `rlespinasse/github-slug-action` from 5.5.0 to 5.6.0 - [Release notes](https://github.com/rlespinasse/github-slug-action/releases) - [Commits](rlespinasse/github-slug-action@9e7def6...e6f2616) Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@8d2750c...4d04d5d) Updates `docker/build-push-action` from 6.19.2 to 7.1.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@10e90e3...bcafcac) Updates `actions/upload-artifact` from 4.6.2 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4.6.2...043fb46) Updates `actions/create-github-app-token` from 2.2.1 to 3.1.1 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@29824e6...1b10c78) Updates `docker/metadata-action` from 5.10.0 to 6.0.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@c299e40...030e881) Updates `docker/login-action` from 3.7.0 to 4.1.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@c94ce9f...4907a6d) Updates `docker/scout-action` from 1.18.2 to 1.20.4 - [Release notes](https://github.com/docker/scout-action/releases) - [Commits](docker/scout-action@f8c7768...bacf462) Updates `shimataro/ssh-key-action` from 2.8.0 to 2.8.1 - [Release notes](https://github.com/shimataro/ssh-key-action/releases) - [Changelog](https://github.com/shimataro/ssh-key-action/blob/v2/CHANGELOG.md) - [Commits](shimataro/ssh-key-action@6b84f2e...87a8f06) Updates `zizmorcore/zizmor-action` from 0.5.0 to 0.5.3 - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](zizmorcore/zizmor-action@0dce257...b1d7e1f) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: devops - dependency-name: actions-rust-lang/setup-rust-toolchain dependency-version: 1.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: devops - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: devops - dependency-name: actions/configure-pages dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: devops - dependency-name: actions/upload-pages-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: devops - dependency-name: actions/deploy-pages dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: devops - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: devops - dependency-name: peter-evans/create-pull-request dependency-version: 8.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: devops - dependency-name: taiki-e/install-action dependency-version: 2.75.18 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: devops - dependency-name: codecov/codecov-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: devops - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: devops - dependency-name: lycheeverse/lychee-action dependency-version: 2.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: devops - dependency-name: actions/setup-node dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: devops - dependency-name: EmbarkStudios/cargo-deny-action dependency-version: 2.0.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: devops - dependency-name: marocchino/sticky-pull-request-comment dependency-version: 3.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: devops - dependency-name: release-drafter/release-drafter dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: devops - dependency-name: rlespinasse/github-slug-action dependency-version: 5.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: devops - dependency-name: docker/setup-buildx-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: devops - dependency-name: docker/build-push-action dependency-version: 7.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: devops - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: devops - dependency-name: actions/create-github-app-token dependency-version: 3.1.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: devops - dependency-name: docker/metadata-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: devops - dependency-name: docker/login-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: devops - dependency-name: docker/scout-action dependency-version: 1.20.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: devops - dependency-name: shimataro/ssh-key-action dependency-version: 2.8.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: devops - dependency-name: zizmorcore/zizmor-action dependency-version: 0.5.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: devops ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): pin cargo-deny-action, suppress zizmor cache finding - cargo-deny-action stays at 2.0.15: 2.0.17 ships a newer cargo-deny that trips on the hashbrown triple already present in Cargo.lock. - docker/setup-buildx-action keeps 4.0.0 with an inline `# zizmor: ignore[cache-poisoning]` documenting that PR, main, and release builds share one Docker Build Cloud endpoint without per-environment cache scoping. * build(deps): move zizmor ignore to trailing comment on uses line --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
…10498) * rpc: Add nTx field to getblock response Add a per-block transaction count (`nTx`) to the verbose `getblock` RPC response. The value is derived from the length of the `tx` array, so it introduces no new storage or computation — it just makes the count explicitly available as a top-level field. This is useful for release tooling, block explorers, and consistency with Bitcoin Core. zcash/zcash#7144 proposes to add the same field to zcashd. `nChainTx` (cumulative transaction count from genesis) is not included in this change as it requires new storage infrastructure. See ZcashFoundation#10497. Partially addresses ZcashFoundation#10497 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(zebra-rpc): update serialization tests and fixtures for nTx field --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: Alfredo Garcia <oxarbitrage@gmail.com>
* test(rpc): add regression test for getrawtransaction confirmations undercount * fix(state): use non-finalized tip for getrawtransaction confirmation count * Apply suggestion from @Copilot Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * add annotation --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…ation#10521) fix(docs): update broken NetworkConstants doc link to zcash_protocol The lychee link checker started failing on `main` after librustzcash released zcash_primitives 0.27.0 (zcash/librustzcash#2313, merged 2026-04-24). docs.rs/zcash_primitives/latest now resolves to 0.27.0, where the trait page at consensus/trait.NetworkConstants.html returns a hard 404. At 0.26.0 the same path returned a 302 redirect that lychee silently accepted, so the link looked valid even though the trait's canonical home had already moved to zcash_protocol. Repoint the prose reference and hyperlink in the custom-testnets book chapter to zcash_protocol::consensus, which is where Zebra's own code already imports the trait from (zebra-chain/src/parameters/network/tests/vectors.rs).
* fix(zebra-rpc): set explicit 0600 perms on cookie file * fix(zebra-rpc): enforce max request body size in HTTP middleware * fix(zebra-rpc): add slow-consumer drop to gRPC indexer streams * fix(zebra-rpc): use caller-provided blockhash in getrawtransaction to avoid TOCTOU race --------- Co-authored-by: Alfredo Garcia <oxarbitrage@gmail.com>
…t verification (ZcashFoundation#10510) * fix(script): Avoid panicking in transparent script verifier if callers provide a request with a missing input * fix(script): Check that all transparent inputs have matching previous outputs before verifying * fix(consensus): use ok_or_else with formatted index, fixing clippy Clippy's unnecessary_lazy_evaluations lint flagged the ok_or_else closure with a string literal. Switch to an interpolated format that includes the actual input_index, which makes the closure non-trivial (satisfying the lint) and produces a more useful error message. * test(script): cover out-of-range input_index and mismatched-length cases - zebra-script::is_valid_rejects_mismatched_previous_outputs_length: exercises the .filter() length-equality guard inside CachedFfiTransaction::is_valid. - zebra-script::is_valid_rejects_out_of_range_input_index: regression test for the existing bounds check on all_previous_outputs. - zebra-consensus::script::tests::verifier_returns_error_for_out_of_range_input_index: end-to-end Tower service test covering the new ok_or_else error path in Verifier::call. --------- Co-authored-by: Marek <m@rek.onl>
…shFoundation#10522) * feat(deps): migrate librustzcash crates to 2026-04 release wave (drops core2) Bumps the librustzcash crate cohort to the 2026-04 release wave, which replaces the yanked `core2` crate with `corez 0.1.1` and clears RUSTSEC-2026-0105. Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com> * ci: fix deny bans, cargo-vet, and zebrad MSRV for librustzcash 2026-04 cohort The 2026-04 librustzcash cohort upgrade pulls in transitive deps that introduce duplicate-version conflicts and lift the zebrad MSRV. Resolve all three classes of CI failure without bumping the workspace MSRV: - MSRV: bump zebrad 1.89 -> 1.91 (for cargo-platform 0.3.3 via vergen-git2 9.1). Update the lint.yml msrv job toolchain and the docker base image accordingly. The workspace MSRV stays at 1.85.1; transitive deps that were going to lift it to 1.88 (serde_with 3.18, idna_adapter 1.2, home 0.5.12) are pinned via Cargo.lock to older minor versions that still support 1.85.1. - deny bans: add skip-tree entries for the four duplicate crates the upgrade introduces: console (0.15.x via indicatif/howudoin vs 0.16.x via insta), hashbrown (0.16.x via ed25519-zebra vs 0.17.x via indexmap 2.14), toml (0.9.x via zebrad vs 1.1.x via config 0.15), and winnow (0.7.x via toml 0.9 vs 1.x via toml 1.x). - cargo-vet: regenerate exemptions to cover crates entering the supply chain via the cohort upgrade and second-version exemptions for the four duplicates above. Restore the "home must be downgraded manually" note in the release issue and PR templates, since the workaround is still required at MSRV 1.85.1. * style: inline format args --------- Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com> Co-authored-by: Marek <m@rek.onl>
Co-authored-by: Conrado Gouvea <conradoplg@gmail.com>
…#10525) * fix(zebra-script): fix stale sighash issue * fix(chain): validate solution size before allocating * Update zebra-chain/src/work/tests/vectors.rs Co-authored-by: Alfredo Garcia <oxarbitrage@gmail.com> --------- Co-authored-by: Conrado Gouvea <conradoplg@gmail.com> Co-authored-by: Conrado <conrado@zfnd.org> Co-authored-by: Alfredo Garcia <oxarbitrage@gmail.com>
* feat(rpc): report Ironwood value pool balances * fix(rpc): accept legacy value pool responses * fix(rpc): preserve legacy value pool deltas * fix(rpc): preserve value pool order
* feat(state): track Ironwood shielded state * refactor(state): split history tree rebuild from Ironwood state * fix(state): allow activation Ironwood mempool anchor * refactor(chain): batch Ironwood note tree updates * fix(state): make shielded spend lookup explicit * fix(state): cfg-gate Ironwood anchor test imports * docs(state): clean up nullifier check links * refactor(state): reuse Ironwood tree lookup in rollback * docs(state): explain Ironwood tree rollback * test(state): restore chain tip expected action ordering * docs(state): explain typed Ironwood none * fix(state): reset database format minor version * docs(chain): correct Ironwood action bound comment * test(state): rename Ironwood anchor activation test * refactor(state): clarify default Ironwood root naming * docs(state): clarify Ironwood activation root guard * refactor(state): name block info formats explicitly * refactor(state): match Ironwood anchor validation to Orchard * docs(state): move nullifier uniqueness docs to public helper * refactor(state): route Ironwood nullifiers through UpdateWith
…cashFoundation#352) * fix(chain): validate V6 transactions through librustzcash * test(consensus): cover block verifier librustzcash validation * test(consensus): cover librustzcash conversion failures * Revert "test(consensus): cover block verifier librustzcash validation" This reverts commit 4724a9a. * fix(chain): defer librustzcash checks to consensus * consensus: implement native v6 transaction hashing * Update zebra-chain/CHANGELOG.md * test(chain): reject padded V6 Orchard proof via librustzcash conversion The librustzcash conversion check is deferred out of deserialization to consensus verification, so a padded (non-canonical) Orchard proof now deserializes successfully. Update the test to assert the padded proof is rejected by the deferred librustzcash conversion that consensus relies on, rather than at parse time. * test(chain): reject padded V6 Ironwood proof via librustzcash conversion Zebra native deserialization is more permissive than librustzcash for the variable-length Halo2 proofs used by the V6 Orchard and Ironwood pools. Add Ironwood coverage mirroring the Orchard case so both net-new V6 shielded proof surfaces are guarded: a non-canonical (padded) proof deserializes but must be rejected by the deferred librustzcash conversion that consensus relies on. --------- Co-authored-by: Dev Ojha <dojha@berkeley.edu> Co-authored-by: Roman Akhtariev <ackhtariev@gmail.com> Co-authored-by: roman <roman@osmosis.team>
* fix(rpc): harden getblocktemplate for Ironwood mining * fix(rpc): preserve Orchard mining receiver priority * fix(rpc): prefer Ironwood for Orchard unified miners * fix(rpc): reuse long-poll coinbase precompute * fix(rpc): keep PoW-disabled mempool gated * fix(rpc): satisfy clippy for coinbase precompute * fix(rpc): refresh tip after coinbase precompute * fix(rpc): handle disabled mempool in GBT fetch * fix(rpc): keep Ironwood reward routing after NU6.3 * fix(rpc): restore GBT template invariants * fix(rpc): restore miner params handling * fix(rpc): restore long-poll coinbase precompute * docs(rpc): update getblocktemplate changelog * test(rpc): explain ignored shielded coinbase tests * chore(rpc): defer PoW-disabled GBT support
…tic path (ZcashFoundation#367) * fix(chain): validate V6 transactions through librustzcash * test(consensus): cover block verifier librustzcash validation * test(consensus): cover librustzcash conversion failures * Revert "test(consensus): cover block verifier librustzcash validation" This reverts commit 4724a9a. * fix(chain): defer librustzcash checks to consensus * consensus: implement native v6 transaction hashing * perf(chain): defer Sapling cv/epk decompression, enforce on the semantic path * fix(chain): precheck Sapling points in V6 transactions Ensure V6 Sapling point validation uses the same unstable gates as the V6 transaction variant, so invalid cv/epk encodings fail before reaching the batch verifier. * clarify comments * simplify comments * lints * fmt * Update zebra-chain/src/sapling/keys.rs Co-authored-by: Dev Ojha <ValarDragon@users.noreply.github.com> * refactor Sapling point check Move the deferred Sapling point validation into the transaction check module so the verifier keeps the same named-check structure as surrounding consensus checks. * comment --------- Co-authored-by: Adam Tucker <adamleetucker@outlook.com> Co-authored-by: Dev Ojha <dojha@berkeley.edu> Co-authored-by: Dev Ojha <ValarDragon@users.noreply.github.com>
* chore(deps): bump zcash crates for Ironwood * fix(ci): update transaction builder annotations * test(rpc): update protocol version snapshots * fix(chain): add Testnet NU6.3 activation height * test: update NU6.3 transaction generators * fix(consensus): allow V4 transactions at NU6.3 * test(rpc): update NU6.3 blockchain info snapshot * test(chain): restore Ironwood V6 tx hash vectors * fix(chain): remove stale NU6.3 cfg guards * test(consensus): allow V6 at NU6.3 in tx props * test(consensus): keep ZFuture version max open * fix(network): use NU6.3 protocol version
* feat(state): track Ironwood shielded state * refactor(state): split history tree rebuild from Ironwood state * fix(state): rebuild history tree entries after Ironwood * fix(state): allow activation Ironwood mempool anchor * refactor(chain): batch Ironwood note tree updates * fix(state): make shielded spend lookup explicit * fix(state): cfg-gate Ironwood anchor test imports * docs(state): clean up nullifier check links * refactor(state): reuse Ironwood tree lookup in rollback * docs(state): explain Ironwood tree rollback * test(state): restore chain tip expected action ordering * docs(state): explain typed Ironwood none * fix(state): reset database format minor version * docs(chain): correct Ironwood action bound comment * test(state): rename Ironwood anchor activation test * refactor(state): clarify default Ironwood root naming * docs(state): clarify Ironwood activation root guard * refactor(state): name block info formats explicitly * refactor(state): match Ironwood anchor validation to Orchard * docs(state): move nullifier uniqueness docs to public helper * fix(state): use empty Ironwood tree root in rebuild * fix(state): fold history rebuild into Ironwood upgrade * fix(state): repair legacy history tree rebuilds * fix(state): preserve Ironwood activation anchor * fix(state): align Ironwood history upgrade with upstream * test(state): trim snapshot metadata * refactor(state): inline Ironwood anchor insertion
* feat(rpc): expose Ironwood RPC output * fix(rpc): preserve transaction object constructor * fix(rpc): preserve treestate response constructor * fix(rpc): expose Ironwood cross-address flags * test(rpc): gate Ironwood getblock vector to NU6.3 * refactor(rpc): remove redundant treestate serde defaults * refactor(rpc): align Ironwood treestate shape * fix(rpc): route post-NU6.3 Orchard rewards to Ironwood * refactor(rpc): make Ironwood tree constructors explicit * refactor(rpc): inline subtree response construction * fix(rpc): remove stale NU6.3 cfg gates
* perf(network): tune Zakura native P2P defaults Co-authored-by: Roman Akhtariev <ackhtariev@gmail.com> * docs: link Zakura P2P parameter changelog to PR Co-authored-by: Roman Akhtariev <ackhtariev@gmail.com> * test(zebrad): store Zakura P2P generated config Co-authored-by: Roman Akhtariev <ackhtariev@gmail.com> --------- Co-authored-by: Roman Akhtariev <ackhtariev@gmail.com>
* fix(mempool): attribute peer transaction admission * refactor(mempool): don't surface peer queue saturation as overload The per-peer mempool admission cap already refuses excess candidates cheaply, so routing that refusal back as an `Overloaded` error gave honest bursty peers a probabilistic disconnect for little extra security benefit. Keep the peer attribution and the per-peer slot-leak fix, but drop the overload signaling so over-cap candidates are silently refused, as they were before the overload change. * test(mempool): cover peer-pushed transaction cap Add an inbound regression test for the direct full-transaction push path. The test queues MAX_INBOUND_CONCURRENCY_PER_PEER distinct PushTransaction requests from the same LegacySocket peer source, verifies they are admitted, then asserts the next peer-pushed transaction is surfaced as Tower overload. This complements the existing txid-advertisement overload regression by proving full peer-pushed transactions are also attributed to the peer for admission limits. Locally validated with: CXXFLAGS='-include cstdint' cargo test -p zebrad peer_pushed_transactions_are_limited_by_per_peer_cap * test(mempool): align push cap test with silent refusal Update the peer-pushed transaction cap regression after the branch changed per-peer saturation handling to avoid surfacing overload errors. The over-cap PushTransaction request now asserts a Nil response, then verifies only the admitted MAX_INBOUND_CONCURRENCY_PER_PEER transactions reached the verifier. This keeps coverage for the direct full-transaction push path while matching the current policy: excess peer-originated candidates are refused without disconnect-oriented overload signaling. Validated with: CXXFLAGS='-include cstdint' cargo test -p zebrad peer_pushed_transactions_are_limited_by_per_peer_cap * docs(mempool): note peer queue API change --------- Co-authored-by: roman <roman@osmosis.team>
…tion#378) Co-authored-by: Roman Akhtariev <ackhtariev@gmail.com>
* perf(state): precompute checkpoint auth data roots Move ZIP-244 auth data root work ahead of finalized checkpoint commits while preserving recomputation as a fallback, and reuse shared txid/auth-digest conversion during semantic block preparation. * comment
…ndation#374) * perf(network): Zakura block-sync BBR-lite congestion control + O(1) sequencer Byte-identical extraction of the block-sync performance work from feat/pre-release-main (ZcashFoundation#290), split out as the first independently reviewable/testable PR onto ironwood-main. It has no execution-pipeline or header-sync/VCT dependency: the block-sync reactor commits via the existing Request::Commit path, so it stands alone on ironwood-main. Contents (byte-identical to feat): - zebra-network/src/zakura/block_sync/**: BBR-lite byte-denominated congestion control (bbr.rs), per-peer admission control (admission.rs), floor-rescue, the O(1) sequencer hot path (work_queue/sequencer/state), and an offline Sequencer bench helper (bench.rs, behind the new internal-bench feature). - zebra-network/src/zakura/testkit/** (blocksync_fuzz, block_sync_peer, mock_blocksync, and supporting helpers): the block-sync test harness/fuzzer. - zebra-network/src/zakura/transport/guard.rs: ByteBudget charge/audit (dep). - zebra-network/{Cargo.toml, config.rs}: the internal-bench feature and the block-sync config clamp wiring in Config deserialize. - zebrad .../block_sync_driver.rs: the two block-sync perf tweaks (5s -> 200ms checkpoint-frontier refresh + needed-block query coalescing). Shared files kept block-sync-only (their header-sync/VCT parts land with their own PRs): - trace.rs: block_sync + commit_state trace consts only; the header_sync tree-aux consts are excluded (hunk-split). - testkit/cluster.rs, config/tests/vectors.rs: held at ironwood-main because their feat deltas reference header-sync/VCT symbols not present here. Tests: 203 block_sync + fuzzer tests pass; zebra-network fmt + clippy -D warnings clean; zebrad checks clean (CXXFLAGS=-include cstdint for rocksdb under GCC15). Co-authored-by: Roman Akhtariev <ackhtariev@gmail.com> * docs: link block-sync parameter changelog to PR Co-authored-by: Roman Akhtariev <ackhtariev@gmail.com> * test(zebrad): align coalesce test with reordered block-sync driver actions PR1 took the block_sync_driver coalesce reorder (SubmitBlock now precedes QueryNeededBlocks: the needed-blocks query is deferred behind ready submits) but not the paired start.rs test. Replace the stale block_sync_driver_prioritizes_ready_needed_query_over_submit (which asserted the old query-first behavior and now panics) with feat's inverted block_sync_driver_prioritizes_ready_submit_over_needed_query. Byte-identical to feat/pre-release-main. Co-authored-by: Roman Akhtariev <ackhtariev@gmail.com> * test(network): make checkpoint backfill e2e wait deterministic --------- Co-authored-by: Roman Akhtariev <ackhtariev@gmail.com> Co-authored-by: roman <roman@osmosis.team>
Keep the ignored mock reorg scenario compatible with full-coverage CI and fix the restart harness height mapping used by the Zakura header-sync test.
Compare byte-cwnd request density instead of absolute request counts so the mixed-size fuzz test remains valid under slower coverage instrumentation.
* perf(state): limit RocksDB WAL growth * Update CHANGELOG_PARAMS.md
Store the current generated zebrad config so coverage acceptance tests continue checking config compatibility after the Zakura throughput-control defaults changed.
* fix(network): align NU6.3 protocol version floor * docs: fix changelog params lint * test(network): update peer-set fixtures for NU6.2 floor
* feat(state): add VCT docs config and DB storage Introduce the verified-commitment-trees design doc, hidden state config mirror, and RocksDB storage scaffolding needed before wiring the checkpoint-sync fast path. * comment * tests and lint * comment * tests * test * tests: wait for Zakura body gap observation * comment * vct data * remove db code
* fix(transaction): accept supported V6 branch IDs * docs: fix changelog params lint * fix(transaction): accept all V6 NU6.3-or-later branch IDs
* Stabilize Zakura status trace smoke test * Preserve Zakura status sent trace coverage * Temporarily ignore flaky Zakura stream-5 trace test
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This branch tracks the
ironwood-mainbranch from https://github.com/valargroup/zebra.