Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DO NOT MERGE: osmo v27/0.38.15 #148

Closed
wants to merge 36 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
e339afc
build(deps): Bump docker/build-push-action from 6.7.0 to 6.8.0 (#4194)
dependabot[bot] Sep 30, 2024
908093f
build(deps): Bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 (…
dependabot[bot] Oct 1, 2024
ce3df84
build(deps): Bump github.com/sasha-s/go-deadlock from 0.3.1 to 0.3.5 …
dependabot[bot] Oct 1, 2024
f01e418
build(deps): Bump github.com/lib/pq from 1.10.7 to 1.10.9 (#4200)
dependabot[bot] Oct 1, 2024
43eac82
build(deps): Bump github.com/prometheus/common from 0.57.0 to 0.59.1 …
dependabot[bot] Oct 1, 2024
0ea719f
build(deps): Bump github.com/adlio/schema from 1.3.3 to 1.3.6 (#4208)
dependabot[bot] Oct 1, 2024
4a8f661
build(deps): Bump github.com/go-kit/kit from 0.12.0 to 0.13.0 (#4206)
dependabot[bot] Oct 1, 2024
73d596d
build(deps): Bump github.com/prometheus/client_golang from 1.20.1 to …
dependabot[bot] Oct 1, 2024
067d6b0
build(deps): Bump google.golang.org/grpc from 1.66.1 to 1.67.0 (#4202)
dependabot[bot] Oct 1, 2024
fb704bb
build(deps): Bump bufbuild/buf-setup-action from 1.42.0 to 1.44.0 (#4…
dependabot[bot] Oct 9, 2024
fb08ff1
build(deps): Bump docker/build-push-action from 6.8.0 to 6.9.0 (#4266)
dependabot[bot] Oct 14, 2024
c3a66d3
build(deps): Bump docker/setup-buildx-action from 3.6.1 to 3.7.1 (#4264)
dependabot[bot] Oct 14, 2024
53dcd9b
build(deps): Bump bufbuild/buf-setup-action from 1.44.0 to 1.45.0 (#4…
dependabot[bot] Oct 14, 2024
2fee473
fix(state/indexer): copy value (#4321)
melekes Oct 24, 2024
048bb7a
chore: use decred secp256k1 directly (backport #4294) (#4328)
mergify[bot] Oct 24, 2024
0514a09
Release v0.38.13 (#4331)
andynog Oct 24, 2024
5544864
release v0.38.13 (fixed changelog) (#4333)
andynog Oct 25, 2024
e5c7d39
build(deps): Bump github.com/prometheus/client_golang from 1.20.4 to …
dependabot[bot] Nov 1, 2024
be0ad58
build(deps): Bump google.golang.org/grpc from 1.67.0 to 1.67.1 (#4383)
dependabot[bot] Nov 1, 2024
5226a8d
build(deps): Bump golang.org/x/crypto from 0.27.0 to 0.28.0 (#4379)
dependabot[bot] Nov 1, 2024
7275ed2
build(deps): Bump google.golang.org/protobuf from 1.34.2 to 1.35.1 (#…
dependabot[bot] Nov 1, 2024
899095f
build(deps): Bump github.com/decred/dcrd/dcrec/secp256k1/v4 from 4.0.…
dependabot[bot] Nov 1, 2024
b2866fa
build(deps): Bump github.com/prometheus/common from 0.59.1 to 0.60.1 …
dependabot[bot] Nov 1, 2024
ab9cc83
build(deps): Bump golang.org/x/net from 0.29.0 to 0.30.0 (#4384)
dependabot[bot] Nov 1, 2024
c71de55
build(deps): Bump bufbuild/buf-setup-action from 1.45.0 to 1.46.0 (#4…
dependabot[bot] Nov 4, 2024
28a308f
chore: use the latest cometbft-db in v0.38.x (#4297)
faddat Nov 4, 2024
deef97f
fix(p2p): adjust backoff seconds to increase reconnect retries close …
mergify[bot] Nov 4, 2024
3a023da
Merge commit from fork
melekes Nov 6, 2024
ce0949e
build: v0.38.14 (#4437)
melekes Nov 6, 2024
d8980f9
test: fix TestStateDoesntCrashOnInvalidVote (#4439)
melekes Nov 6, 2024
17d3bb6
Revert "chore: use the latest cometbft-db in v0.38.x (#4297)" (#4442)
cason Nov 6, 2024
f58e4b0
Retract v0.38.14 (#4446)
alesforz Nov 6, 2024
e8eb5bd
Release v0.38.15 (#4447)
alesforz Nov 6, 2024
9328e86
Merge remote-tracking branch 'upstream/v0.38.x' into osmo-v27/0.38.15
PaddyMc Nov 6, 2024
08ef650
fix: merge error (#149)
PaddyMc Nov 7, 2024
fcd17ce
fix: copy TxIndex TxBytes value (#150)
crnbarr93 Nov 18, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,6 @@
([\#1584](https://github.com/cometbft/cometbft/pull/1584))
- `[config]` Add mempool parameters `experimental_max_gossip_connections_to_persistent_peers` and
`experimental_max_gossip_connections_to_non_persistent_peers` for limiting the number of peers to
which the node gossip transactions.
which the node gossip transactions.
([\#1558](https://github.com/cometbft/cometbft/pull/1558))
([\#1584](https://github.com/cometbft/cometbft/pull/1584))
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
- `[state/indexer]` Fix the tx_search results not returning all results by changing the logic in the indexer to copy the key and values instead of reusing an iterator. This issue only arises when upgrading to cometbft-db v0.13 or later.
([\#4295](https://github.com/cometbft/cometbft/issues/4295)). Special thanks to @faddat for reporting the issue.

Original file line number Diff line number Diff line change
@@ -1,4 +1,2 @@
- `[go/runtime]` Bump Go version to 1.22
([\#4073](https://github.com/cometbft/cometbft/pull/4073))
- Bump cometbft-db version to v0.12.0
([\#4073](https://github.com/cometbft/cometbft/pull/4073))
2 changes: 2 additions & 0 deletions .changelog/v0.38.13/dependencies/4321-update-cometbft-db.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
- Bump cometbft-db version to v0.14.1
([\#4321](https://github.com/cometbft/cometbft/pull/4321))
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
- `[crypto]` use decred secp256k1 directly ([#4294](https://github.com/cometbft/cometbft/pull/4294))
2 changes: 2 additions & 0 deletions .changelog/v0.38.13/improvements/4123-mempool-is-full-log.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
- `[log]` Change "mempool is full" log to debug level
([\#4123](https://github.com/cometbft/cometbft/pull/4123)) Special thanks to @yihuang.
7 changes: 7 additions & 0 deletions .changelog/v0.38.13/summary.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
*October 24, 2024*

This patch release addresses the issue where tx_search was not returning all results, which only arises when upgrading
to CometBFT-DB version 0.13 or later. It includes a fix in the state indexer to resolve this problem. We recommend
upgrading to this patch release if you are affected by this issue.


Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
- `[consensus]` Do not panic if the validator index of a `Vote` message is out
of bounds, when vote extensions are enabled
([\#ABC-0021](https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj))
2 changes: 2 additions & 0 deletions .changelog/v0.38.14/dependencies/4297-update-cometbft-db.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
- Bump cometbft-db version to v0.15.0
([\#4297](https://github.com/cometbft/cometbft/pull/4297))
2 changes: 2 additions & 0 deletions .changelog/v0.38.14/dependencies/4297-update-go.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
- `[go/runtime]` Bump Go version to 1.23
([\#4297](https://github.com/cometbft/cometbft/pull/4297))
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
- `[p2p]` fix exponential backoff logic to increase reconnect retries close to 24 hours
([\#3519](https://github.com/cometbft/cometbft/issues/3519))
7 changes: 7 additions & 0 deletions .changelog/v0.38.14/summary.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
*November 6, 2024*

This release fixes a security vulnerability in the vote extensions (VE)
validation logic. For more details, please refer to
[ASA-2024-011](https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj).

We recommend upgrading ASAP if you’re using vote extensions (VE).
9 changes: 9 additions & 0 deletions .changelog/v0.38.15/summary.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
*November 6, 2024*

This release supersedes [`v0.38.14`](#v03814), which mistakenly updated the Go version to
`1.23`, introducing an unintended breaking change. It sets the Go version back
to `1.22.7` by reverting [\#4297](https://github.com/cometbft/cometbft/pull/4297).

The release includes the bug fixes, performance improvements, and importantly,
the fix for the security vulnerability in the vote extensions (VE) validation
logic that were part of `v0.38.14`. For more details, please refer to [ASA-2024-011](https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj).
2 changes: 0 additions & 2 deletions .changelog/v0.38.8/improvements/4123-mempool-is-full-log.md

This file was deleted.

4 changes: 2 additions & 2 deletions .github/workflows/cometbft-docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:
platforms: all

- name: Set up Docker Build
uses: docker/setup-buildx-action@v3.6.1
uses: docker/setup-buildx-action@v3.7.1

- name: Login to DockerHub
if: ${{ github.event_name != 'pull_request' }}
Expand All @@ -51,7 +51,7 @@ jobs:
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Publish to Docker Hub
uses: docker/build-push-action@v6.7.0
uses: docker/build-push-action@v6.9.0
with:
context: .
file: ./DOCKER/Dockerfile
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/proto-lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
timeout-minutes: 5
steps:
- uses: actions/checkout@v4
- uses: bufbuild/buf-setup-action@v1.42.0
- uses: bufbuild/buf-setup-action@v1.46.0
- uses: bufbuild/buf-lint-action@v1
with:
input: "proto"
4 changes: 2 additions & 2 deletions .github/workflows/testapp-docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:
platforms: all

- name: Set up Docker Build
uses: docker/setup-buildx-action@v3.6.1
uses: docker/setup-buildx-action@v3.7.1

- name: Login to DockerHub
if: ${{ github.event_name != 'pull_request' }}
Expand All @@ -51,7 +51,7 @@ jobs:
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Publish to Docker Hub
uses: docker/build-push-action@v6.7.0
uses: docker/build-push-action@v6.9.0
with:
context: .
file: ./test/e2e/docker/Dockerfile
Expand Down
51 changes: 51 additions & 0 deletions .golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,7 @@ linters-settings:
- github.com/spf13
- github.com/stretchr/testify/require
- github.com/syndtr/goleveldb
- github.com/decred/dcrd/dcrec/secp256k1/v4
test:
files:
- "$test"
Expand All @@ -96,3 +97,53 @@ linters-settings:
- github.com/prometheus/client_golang/prometheus/promhttp
- github.com/spf13
- github.com/stretchr/testify
- github.com/decred/dcrd/dcrec/secp256k1/v4

revive:
enable-all-rules: true
rules:
- name: comment-spacings # temporarily disabled
disabled: true
- name: max-public-structs
disabled: true
- name: cognitive-complexity
disabled: true
- name: argument-limit
disabled: true
- name: cyclomatic
disabled: true
- name: deep-exit
disabled: true
- name: file-header
disabled: true
- name: function-length
disabled: true
- name: function-result-limit
disabled: true
- name: line-length-limit
disabled: true
- name: flag-parameter
disabled: true
- name: add-constant
disabled: true
- name: empty-lines
disabled: true
- name: import-shadowing
disabled: true
- name: modifies-value-receiver
disabled: true
- name: confusing-naming
disabled: true
- name: defer
disabled: true
- name: unchecked-type-assertion
disabled: true
- name: unhandled-error
disabled: true
arguments:
- "fmt.Printf"
- "fmt.Print"
- "fmt.Println"
gosec:
excludes:
- G115
84 changes: 83 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,14 @@

## v27

## [v0.38.15-v27-osmo-1](https://github.com/osmosis-labs/cometbft/releases/tag/v0.38.15-v27-osmo-1)

This v0.38.15 branch was created at the [e8eb5bdc04f942e540ef6a063950da5d0ad19f22](https://github.com/cometbft/cometbft/commit/e8eb5bdc04f942e540ef6a063950da5d0ad19f22) commit of the [v0.38.15](https://github.com/cometbft/cometbft/releases/tag/v0.38.15) tag. If you catch this fork up with the latest changes from upstream, please start at the commit after the one mentioned above, and work your way to the tip (or desired commit) of the upstream branch. Then, update this message with the new commit hash. Also, when you add a new PRs to this branch on Osmosis and it is not yet upstreamed, make sure you add it both directly below AND in the respective release section of this file.

## [v0.38.12-v27-osmo-1](https://github.com/osmosis-labs/cometbft/releases/tag/v0.38.12-v27-osmo-1)

This v0.38.12 branch was created at the [cf7836ad7b63bc1421deed23beb8630a3705b5d1](https://github.com/cometbft/cometbft/commit/cf7836ad7b63bc1421deed23beb8630a3705b5d1) commit of the [v0.38.12](https://github.com/cometbft/cometbft/releases/tag/v0.38.12) tag. If you catch this fork up with the latest changes from upstream, please start at the commit after the one mentioned above, and work your way to the tip (or desired commit) of the upstream branch. Then, update this message with the new commit hash. Also, when you add a new PRs to this branch on Osmosis and it is not yet upstreamed, make sure you add it both directly below AND in the respective release section of this file.

### Osmosis Specific Changes

* [#21](https://github.com/osmosis-labs/cometbft/pull/21) Make websocket's log on success be in Debug, not info
Expand Down Expand Up @@ -40,11 +46,14 @@
* [#142](https://github.com/osmosis-labs/cometbft/pull/142) feat(p2p): render HasChannel(chID) is a public p2p.Peer method (#3510) #142
* [#143](https://github.com/osmosis-labs/cometbft/pull/143) fix: comment out expensive debug logs #143
* [#f2f9426](https://github.com/osmosis-labs/cometbft/commit/f2f9426c6985f2ea63ceb879c26858cf7f42f186) perf(blocksync): Parallelize logic for receiving a block from a peer. (backport cometbft#3554) (cometbft#3592)
* [#150](https://github.com/osmosis-labs/cometbft/pull/150) fix: copy TxIndex TxBytes value

## v26

## [v0.38.11-v26-osmo-1](https://github.com/osmosis-labs/cometbft/releases/tag/v0.38.11-v26-osmo-1)

This v0.38.12 branch was created at the [cf7836ad7b63bc1421deed23beb8630a3705b5d1](https://github.com/cometbft/cometbft/commit/cf7836ad7b63bc1421deed23beb8630a3705b5d1) commit of the [v0.38.12](https://github.com/cometbft/cometbft/releases/tag/v0.38.12) tag. If you catch this fork up with the latest changes from upstream, please start at the commit after the one mentioned above, and work your way to the tip (or desired commit) of the upstream branch. Then, update this message with the new commit hash. Also, when you add a new PRs to this branch on Osmosis and it is not yet upstreamed, make sure you add it both directly below AND in the respective release section of this file.

### Osmosis Specific Changes

* perf(p2p): Only update send monitor once per batch packet msg send (#3382)
Expand Down Expand Up @@ -73,6 +82,79 @@
* [#143](https://github.com/osmosis-labs/cometbft/pull/143) fix: comment out expensive debug logs #143
* [#f2f9426](https://github.com/osmosis-labs/cometbft/commit/f2f9426c6985f2ea63ceb879c26858cf7f42f186) perf(blocksync): Parallelize logic for receiving a block from a peer. (backport cometbft#3554) (cometbft#3592)

## v0.38.15

*November 6, 2024*

This release supersedes [`v0.38.14`](#v03814), which mistakenly updated the Go version to
`1.23`, introducing an unintended breaking change. It sets the Go version back
to `1.22.7` by reverting [\#4297](https://github.com/cometbft/cometbft/pull/4297).

The release includes the bug fixes, performance improvements, and importantly,
the fix for the security vulnerability in the vote extensions (VE) validation
logic that were part of `v0.38.14`. For more details, please refer to [ASA-2024-011](https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj).

## v0.38.14

*November 6, 2024*

This release fixes a security vulnerability in the vote extensions (VE)
validation logic. For more details, please refer to
[ASA-2024-011](https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj).

We recommend upgrading ASAP if you’re using vote extensions (VE).

### BUG FIXES

- `[consensus]` Do not panic if the validator index of a `Vote` message is out
of bounds, when vote extensions are enabled
([\#ABC-0021](https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj))

### DEPENDENCIES

- Bump cometbft-db version to v0.15.0
([\#4297](https://github.com/cometbft/cometbft/pull/4297))
- `[go/runtime]` Bump Go version to 1.23
([\#4297](https://github.com/cometbft/cometbft/pull/4297))

### IMPROVEMENTS

- `[p2p]` fix exponential backoff logic to increase reconnect retries close to 24 hours
([\#3519](https://github.com/cometbft/cometbft/issues/3519))

## v0.38.13

*October 24, 2024*

This patch release addresses the issue where tx_search was not returning all results, which only arises when upgrading
to CometBFT-DB version 0.13 or later. It includes a fix in the state indexer to resolve this problem. We recommend
upgrading to this patch release if you are affected by this issue.

### BUG FIXES

- `[metrics]` Call unused `rejected_txs` metric in mempool
([\#4019](https://github.com/cometbft/cometbft/pull/4019))
- `[state/indexer]` Fix the tx_search results not returning all results by changing the logic in the indexer to copy the key and values instead of reusing an iterator. This issue only arises when upgrading to cometbft-db v0.13 or later.
([\#4295](https://github.com/cometbft/cometbft/issues/4295)). Special thanks to @faddat for reporting the issue.

### DEPENDENCIES

- `[go/runtime]` Bump Go version to 1.22
([\#4073](https://github.com/cometbft/cometbft/pull/4073))
- Bump cometbft-db version to v0.14.1
([\#4321](https://github.com/cometbft/cometbft/pull/4321))

### FEATURES

- `[crypto]` use decred secp256k1 directly ([#4294](https://github.com/cometbft/cometbft/pull/4294))

### IMPROVEMENTS

- `[metrics]` Add `evicted_txs` metric to mempool
([\#4019](https://github.com/cometbft/cometbft/pull/4019))
- `[log]` Change "mempool is full" log to debug level
([\#4123](https://github.com/cometbft/cometbft/pull/4123)) Special thanks to @yihuang.

## v0.38.12

## [Unreleased]
Expand Down Expand Up @@ -444,7 +526,7 @@ gossip.
([\#1584](https://github.com/cometbft/cometbft/pull/1584))
- `[config]` Add mempool parameters `experimental_max_gossip_connections_to_persistent_peers` and
`experimental_max_gossip_connections_to_non_persistent_peers` for limiting the number of peers to
which the node gossip transactions.
which the node gossip transactions.
([\#1558](https://github.com/cometbft/cometbft/pull/1558))
([\#1584](https://github.com/cometbft/cometbft/pull/1584))

Expand Down
9 changes: 9 additions & 0 deletions consensus/errors.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
package consensus

type ErrInvalidVote struct {
Reason string
}

func (e ErrInvalidVote) Error() string {
return "invalid vote: " + e.Reason
}
37 changes: 37 additions & 0 deletions consensus/reactor_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ import (
"github.com/cometbft/cometbft/libs/bytes"
"github.com/cometbft/cometbft/libs/json"
"github.com/cometbft/cometbft/libs/log"
cmtrand "github.com/cometbft/cometbft/libs/rand"
cmtsync "github.com/cometbft/cometbft/libs/sync"
mempl "github.com/cometbft/cometbft/mempool"
"github.com/cometbft/cometbft/p2p"
Expand Down Expand Up @@ -1126,3 +1127,39 @@ func TestMarshalJSONPeerState(t *testing.T) {
"block_parts":"0"}
}`, string(data))
}

func TestVoteMessageValidateBasic(t *testing.T) {
_, vss := randState(2)

randBytes := cmtrand.Bytes(tmhash.Size)
blockID := types.BlockID{
Hash: randBytes,
PartSetHeader: types.PartSetHeader{
Total: 1,
Hash: randBytes,
},
}
vote := signVote(vss[1], cmtproto.PrecommitType, randBytes, blockID.PartSetHeader, true)

testCases := []struct {
malleateFn func(*VoteMessage)
expErr string
}{
{func(_ *VoteMessage) {}, ""},
{func(msg *VoteMessage) { msg.Vote.ValidatorIndex = -1 }, "negative ValidatorIndex"},
// INVALID, but passes ValidateBasic, since the method does not know the number of active validators
{func(msg *VoteMessage) { msg.Vote.ValidatorIndex = 1000 }, ""},
}

for i, tc := range testCases {
t.Run(fmt.Sprintf("#%d", i), func(t *testing.T) {
msg := &VoteMessage{vote}

tc.malleateFn(msg)
err := msg.ValidateBasic()
if tc.expErr != "" && assert.Error(t, err) { //nolint:testifylint // require.Error doesn't work with the conditional here
assert.Contains(t, err.Error(), tc.expErr)
}
})
}
}
8 changes: 8 additions & 0 deletions consensus/state.go
Original file line number Diff line number Diff line change
Expand Up @@ -2256,6 +2256,14 @@ func (cs *State) addVote(vote *types.Vote, peerID p2p.ID) (added bool, err error
// Here, we verify the signature of the vote extension included in the vote
// message.
_, val := cs.state.Validators.GetByIndex(vote.ValidatorIndex)
if val == nil { // TODO: we should disconnect from this malicious peer
valsCount := cs.state.Validators.Size()
cs.Logger.Info("Peer sent us vote with invalid ValidatorIndex",
"peer", peerID,
"validator_index", vote.ValidatorIndex,
"len_validators", valsCount)
return added, ErrInvalidVote{Reason: fmt.Sprintf("ValidatorIndex %d is out of bounds [0, %d)", vote.ValidatorIndex, valsCount)}
}
if err := vote.VerifyExtension(cs.state.ChainID, val.PubKey); err != nil {
return false, err
}
Expand Down
Loading
Loading