SecretNetwork
SecretNetwork copied to clipboard
scrtlabs
CosmWasm v1
- [x] In
ContractInstance/start_engine(), check whether the wasm is v0.10 or v1 (using this export) and store it inContractInstance, then (after the crypto stuff) according to the cosmwasm version, initialize theenvobject that is given to the contract in: - [x] Also, invoke the right wasm function:
- [x] Afterwards, translate the v1 output into v0.10 output so that the Go code will handle it nicely.
- [x] Add
plaintext_log()to cosmwasm-std v1 - [x] Handle v1
submessages. TODO: See how cosmwasm implemented this, we might want to piggyback offmessagesand handle it in the Go code, or maybe we can handle it right there inside the enclave by converting them to normal messages.
- [x] Add
- [x] Fix wasm validation. The new v1 API needs these while we currently have the v0.10 API which validates these. In order to support both in parallel, we need to fix the validation code.
- [x] Implement new v1 API
- [x]
db_read- we already have this from v0.10 - [x]
db_write- we already have this from v0.10 - [x]
db_remove- we already have this from v0.10 - [x]
addr_validate - [x]
addr_canonicalize- need to alias fromcanonicalize_address(v0.10) - [x]
addr_humanize- need to alias fromhumanize_address(v0.10) - [x]
secp256k1_verify - [x]
secp256k1_recover_pubkey - [x]
ed25519_verify - [x]
ed25519_batch_verify - [x]
ed25519_sign- we've added on top on v1 - [x]
secp256k1_sign- we've added on top on v1 - [ ]
debug- debug prints from inside the contract - [x]
query_chain- we already have this from v0.10 - [ ]
abort()(low priority) - [x] Charge gas for all functions that don't go back into the chain (Basically the
addr&cryptoones).
- [x]
- [ ] New contract entry points
- [ ]
ibc_channel_open() - [ ]
ibc_channel_connect() - [ ]
ibc_channel_close() - [ ]
ibc_packet_receive() - [ ]
ibc_packet_ack() - [ ]
ibc_packet_timeout() - [x]
reply() - [ ]
sudo()(calls from modules)
- [ ]
- [ ] Implement migration for
cotnractInfodue to the new changes (added IBC port for each contract) - [ ] When handling submessages of v0.10, make sure that errors when
ReplyOn::Neverfails the tx (because in v0.10 errors on submessages always failed the tx) - Code-Wise we saw that the behavior is as expected but a test need to be written - [ ] Add
Withdrawhandler to v1StakingMsg - [x] Handler
callback_sigfor v1 result inside the enclave - [ ] Audit StargateQuery's whitelist
- [x] Audit StargateMsg
- [ ] Add whitelist?
- [ ] Test the
datafield - v1 lets replies override the data field, while v0.10 always returns the first message's data field. - [ ] Initialize
Env.TransactionInfo
So, I did this
-
https://github.com/scrtlabs/cosmos-sdk/pull/167
-
https://github.com/CosmWasm/wasmd/pull/863
and
- https://github.com/cosmos/ibc-go/pull/1653
but depends on if ya'd like to get freaky or nah I suppose?
:P
downside: grpc only upside: grpc only upside: mempool prioritization
So, I did this
and
but depends on if ya'd like to get freaky or nah I suppose?
:P
downside: grpc only upside: grpc only upside: mempool prioritization
We do want it, also has gov and authz goodies. But first we just need to check with all exchanges that they're not using the old REST API.
About the API, I think that these breaking changes are worth exploring because I think others will have similar concerns. It is my understanding that the GRPC gateway could get us around this but I don't know how accurate that is.
It is my understanding that the GRPC gateway could get us around this but I don't know how accurate that is.
Yes that's accurate.
OK, so basically -- if we're fundamentally good with "we won't break exchange API's if go to 46" -- I'd like to either invite you guys to the Notional slack server, or to a call or something.
We're doing 46 on numerous chains and I'd love for secret to be one of them.
OK, so basically -- if we're fundamentally good with "we won't break exchange API's if go to 46" -- I'd like to either invite you guys to the Notional slack server, or to a call or something.
We're doing 46 on numerous chains and I'd love for secret to be one of them.
We'd love to open a Slack connect! Our Slack org name is enigmaco.
We're still reaching out to exchanges and we'll know for sure in a few weeks. Our next chain upgrade is planned for September, so there's some time before we need to make a decision re 45->46.
Cc @YonatanE22
Deploying with 
Cloudflare Pages
| Latest commit: |
4b9d80a
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://8164ef94.swagger-preview.pages.dev |
| Branch Preview URL: | https://cosmwasm-v1.swagger-preview.pages.dev |
![cloudflare-workers-and-pages[bot] avatar](https://avatars.githubusercontent.com/in/85455?v=4 "Published by a pub.dev verified publisher"){kind=small}
How to test an upgrade with LocalSecret
Step 1
Start a v1.3 chain. Port 9091 open for secret.js tests.
docker run -it -p 9091:9091 --name localsecret ghcr.io/scrtlabs/localsecret:v1.3.1
Step 2
Run the secret.js tests from the master branch on the secret.js repo.
This will create state on the chain before the upgrade.
First delete globalSetup & globalTeardown (because we already launched the chain manually):
echo 'import { SecretNetworkClient } from "../src";
import { sleep } from "./utils";
require("ts-node").register({ transpileOnly: true });
module.exports = async () => {
await waitForBlocks();
console.log(`LocalSecret is running`);
};
async function waitForBlocks() {
while (true) {
const secretjs = await SecretNetworkClient.create({
grpcWebUrl: "http://localhost:9091",
chainId: "secretdev-1",
});
try {
const { block } = await secretjs.query.tendermint.getLatestBlock({});
if (Number(block?.header?.height) >= 1) {
break;
}
} catch (e) {
// console.error(e);
}
await sleep(250);
}
}' > test/globalSetup.ts
echo '//@ts-ignore
require("ts-node").register({ transpileOnly: true });
module.exports = async () => {};' > test/globalTeardown.js
Then run the tests:
yarn test
Step 3
Start a v1.4 chain just to extract the binaries from it:
docker run -it --rm --name localsecret-1.4 ghcr.io/scrtlabs/localsecret:v1.4.0-beta.5
Step 4
Copy binaries from v1.4 chain to v1.3 chain.
# Copy binaries from v1.4 chain to host (a limitation of `docker cp`)
rm -rf /tmp/upgrade-bin && mkdir -p /tmp/upgrade-bin
docker cp localsecret-1.4:/usr/bin/secretcli /tmp/upgrade-bin
docker cp localsecret-1.4:/usr/bin/secretd /tmp/upgrade-bin
docker cp localsecret-1.4:/usr/lib/librust_cosmwasm_enclave.signed.so /tmp/upgrade-bin
docker cp localsecret-1.4:/usr/lib/librust_cosmwasm_query_enclave.signed.so /tmp/upgrade-bin
docker cp localsecret-1.4:/usr/lib/libgo_cosmwasm.so /tmp/upgrade-bin
# Can kill localsecret-1.4 at this point
docker rm -f localsecret-1.4
# Copy binaries from host to current v1.3 chain
docker exec localsecret bash -c 'rm -rf /tmp/upgrade-bin && mkdir -p /tmp/upgrade-bin'
docker cp /tmp/upgrade-bin/secretcli localsecret:/tmp/upgrade-bin
docker cp /tmp/upgrade-bin/secretd localsecret:/tmp/upgrade-bin
docker cp /tmp/upgrade-bin/librust_cosmwasm_enclave.signed.so localsecret:/tmp/upgrade-bin
docker cp /tmp/upgrade-bin/librust_cosmwasm_query_enclave.signed.so localsecret:/tmp/upgrade-bin
docker cp /tmp/upgrade-bin/libgo_cosmwasm.so localsecret:/tmp/upgrade-bin
# Overwrite v1.3 binaries with v1.4 binaries without affecting file permissions
# v1.3 chain is still running at this point
# we assume v1.3 binaries are loaded to RAM
# so overwriting them with v1.4 binraies won't take effect until a process restart
docker exec localsecret bash -c 'cat /tmp/upgrade-bin/secretcli > /usr/bin/secretcli'
docker exec localsecret bash -c 'cat /tmp/upgrade-bin/librust_cosmwasm_enclave.signed.so > /usr/lib/librust_cosmwasm_enclave.signed.so'
docker exec localsecret bash -c 'cat /tmp/upgrade-bin/librust_cosmwasm_query_enclave.signed.so > /usr/lib/librust_cosmwasm_query_enclave.signed.so'
docker exec localsecret bash -c 'cat /tmp/upgrade-bin/libgo_cosmwasm.so > /usr/lib/libgo_cosmwasm.so'
# We cannot overwrite secretd because it's being used ("Text file busy")
# so instead we're going to point the init script to the new binary
# don't setup secretcli
docker exec localsecret bash -c $'perl -i -pe \'s/^.*?secretcli.*$//\' bootstrap_init.sh'
# point script to the v1.4 secretd file
docker exec localsecret bash -c $'perl -i -pe \'s;RUST_BACKTRACE=1 secretd start;RUST_BACKTRACE=1 /tmp/upgrade-bin/secretd start;\' bootstrap_init.sh'
Step 5
Propose a software upgrade on v1.3 chain.
# 40 blocks (4 minutes) until upgrade block
UPGRADE_BLOCK="$(docker exec localsecret bash -c 'secretcli status | jq "(.SyncInfo.latest_block_height | tonumber) + 40"')"
# Propose upgrade
PROPOSAL_ID="$(docker exec localsecret bash -c "secretcli tx gov submit-proposal software-upgrade v1.4 --upgrade-height $UPGRADE_BLOCK --title 'Shockwave Delta Upgrade' --description YOLO --deposit 100000000uscrt --from a -y -b block | jq '.logs[0].events[] | select(.type == \"submit_proposal\") | .attributes[] | select(.key == \"proposal_id\") | .value | tonumber'")"
# Vote yes (voting period is 90 seconds)
docker exec localsecret bash -c "secretcli tx gov vote $PROPOSAL_ID yes --from a -y -b block"
Step 6
Apply the upgrade.
Wait until you see ERR CONSENSUS FAILURE!!! err="UPGRADE \"v1.4\" NEEDED at height in the logs, then run:
docker stop localsecret
docker start localsecret -a
You should see INF applying upgrade "v1.4" at height in the logs, following by blocks continute to stream.
Step 7
Test that old v0.10 contracts are still working (query + exec + init from stored code)
Step 8
Run the integration tests from the SecretNetwork repo, without IBC:
# Skip IBC tests
perl -i -pe 's/describe\("IBC"/describe.skip\("IBC"/' integration-tests/test.ts
# Run integration tests
(cd integration-tests && yarn test)