This change introduces the `fixDirectoryLimit` amendment to remove the directory pages limit. We found that the directory size limit is easier to hit than originally assumed, and there is no good reason to keep this limit, since the object reserve provides the necessary incentive to avoid creating unnecessary objects on the ledger.
- Restructures `STTx` signature checking code to be able to handle
a `sigObject`, which may be the full transaction, or may be an object
field containing a separate signature. Either way, the `sigObject` can
be a single- or multi-sign signature.
- This is distinct from 550f90a75e (#5594), which changed the check in
Transactor, which validates whether a given account is allowed to sign
for the given transaction. This cryptographically checks the signature
validity.
Amendments activated for more than 2 years can be retired. This change retires the fix1571 amendment.
Co-authored-by: Bart Thomee <11445373+bthomee@users.noreply.github.com>
To protect the identity of UNL validators, the IP addresses are redacted from the log messages sent to the common Grafana instance. However, without such identifying information it is challenging to debug issues. This change adds a node's public key to logs to improve our ability to debug issues.
Co-authored-by: Bart Thomee <11445373+bthomee@users.noreply.github.com>
* Retired fix1781 amendment
Signed-off-by: Pratik Mankawde <pmankawde@ripple.com>
* refactor: Retire fix1781 amendment
Amendments activated for more than 2 years can be retired. This change retires the fix1781 amendment.
---------
Signed-off-by: Pratik Mankawde <pmankawde@ripple.com>
Co-authored-by: Bart Thomee <11445373+bthomee@users.noreply.github.com>
* XRPLF/develop:
ci: Use commit hash so workflows are not canceled when merging multiple PRs (5950)
ci: Only upload codecov reports in the original repo, not in forks (5953)
ci: Only log into Conan when uploading packages (5952)
fix: invariant error in fee-sized `VaultWithdraw` (5876)
fix: account_tx limit parameter validation for malformed values (5891)
refactor: Retire fix1543 amendment (5926)
ci: Only run .exe files during test phase on Windows (5947)
refactor: Migrate json unit tests to use doctest (5533)
Change `fixMPTDeliveredAmount` to `Supported::yes` (5833)
fix: Upload all test binaries (5932)
chore: Better pre-commit failure message (5940)
- Compute the next "true" state, round the values off, then compute the
deltas needed to get the current state to that state. Plus some data
integrity checks.
- Add `Number::zero`, which is longer to type, but more readable than
`Number{}`.
- Prepare to improve Loan unit tests: track managementFeeRate in
BrokerInfo, define a LoanParameters object for creation options and
start adding support for it, track and verify loan state while making
payments.
This changes fixes an invariant error where the amount withdrawn is equal to the transaction fee.
Co-authored-by: Bart Thomee <11445373+bthomee@users.noreply.github.com>
This change fixes the `account_tx` RPC method to properly validate malformed limit parameter values. Previously, invalid values like `0`, `1.2`, `"10"`, `true`, `false`, `-1`, `[]`, `{}`, etc. were either accepted without errors or caused internal errors. Now all malformed values correctly return the `invalidParams` error.
Co-authored-by: Bart Thomee <11445373+bthomee@users.noreply.github.com>
- Addresses FIND-013 from audit.
- Bases the limit on the current ledger time, and ensures that
"payments * interval <= limit". This allows a loan to potentially run through
"the end of time" successfully, but not go a second over.
- Wrote several test cases, including a few that go right to "the end of
time".
- FIND-005, FIND-009, and FIND-010.
- Add the finding number to existing tests - FIND-001, FIND-003,
FIND-012, FIND-007.
- Tweak the interest rate failure log messages in LoanSet.
- Addresses FIND-005 from audit.
- Tuning values defined in Protocol.h. Optimal values TBD.
- loanPaymentsPerFeeIncrement: calculateBaseFee estimates the number
of payments included in the Amount and charges
"baseFee * number / loanPaymentsPerFeeIncrement".
- loanMaximumPaymentsPerTransaction: If the number of payments
(including overpayments if applicable) hits this limit, stop
processing more payments, but DO NOT FAIL.
- Fix the rounding in LoanSet for Guard 4 (sufficient computed payments)
- Tweak several test parameters to account for the new limits.
- Change payment component rounding for IOUs to "towards_zero".
- Add some safety limits to loan calculations to prevent nonsensical
values.
- Addresses FIND-006 from audit.
- Removes the "minimum" check for sfLoanOriginationFee, and replaces it
with a "valid range" check with the max value being
sfPrincipalRequested.
- Reuses the test from the report, with some modifications.
- Also adds some more test cases for existing interest rate tests.
- Changes:
1. Removed the `AssetType` template parameter from all functions in
favor of just using the `Asset` class.
2. Fully moved all `ripple::detail` functions from .h to .cpp.
3. Moved all definitions of non `detail` functions from .h to .cpp,
except roundPeriodicPayment, just because it's small and I want it
to be visible. Left declarations in .h
4. Moved `PaymentSpecialCase`, `PaymentComponents` and
`computePaymentComponents` into `detail` and updated references.
- This is an intermediate commit. It leaves the old variables in place,
so I can do verifications that the new computations are correct. They
will be removed in the next commit.
- PaymentComponents is an class used internally to break a payment value
into principal, interest, and fees.
- Adds a check to the MPToken creation invariant to ensure none are created for the issuer.
- `addEmptyHolding()` will return success without doing anything for these scenarios. There is nothing to do, as with XRP.
---------
Co-authored-by: Ed Hennis <ed@ripple.com>
- Renamed canSendToAccount to canWithdraw, because the semantics are
a little different from a payment. Notably, if withdrawing to self,
you can still include a destination tag.
- Simplified the interface to canWithdraw to just pass in the
STTx.
- preflightDestinationAndTag is pretty pointless now, so removed it.
- Loan scale is completely irrelevant to integral types (XRP, MPT), and
the field is "soeDEFAULT", so when set to 0, it won't be stored on
ledger, saving a little bit of space.
- Move management fee calculations out of transactors an into the
appropriate functions in LendingHelpers.h.
- Rewrite how overpayments are handled. May changed based on numerical
analysis.
- Update, fix, and clean up unit tests. Includes adding tolerances for
some checks where an exact match is unlikely.
- Add "integral()" function to Asset to simplify a common check.
As XRPL network demand grows and ledger sizes increase, the default 4K NuDB block size becomes a performance bottleneck, especially on high-performance storage systems. Modern SSDs and enterprise storage often perform better with larger block sizes, but rippled previously had no way to configure this parameter. This change therefore implements configurable NuDB block size support, allowing operators to optimize storage performance based on their hardware configuration. The feature adds a new `nudb_block_size` configuration parameter that enables block sizes from 4K to 32K bytes, with comprehensive validation and backward compatibility.
Specific changes are:
- Implements `parseBlockSize()` function with validation.
- Adds `nudb_block_size` configuration parameter.
- Supports block sizes from 4K to 32K (power of 2).
- Adds comprehensive logging and error handling.
- Maintains backward compatibility with 4K default.
- Adds unit tests for block size validation.
- Updates configuration documentation with performance guidance.
- Marks feature as experimental.
- Applies code formatting fixes.
Co-authored-by: Bart Thomee <11445373+bthomee@users.noreply.github.com>
Similarly to other transaction typed that can create a trust line or MPToken for the transaction submitter (e.g. CashCheck #5285, EscrowFinish #5185 ), VaultWithdraw should enforce reserve before creating a new object. Additionally, the lsfRequireDestTag account flag should be enforced for the transaction submitter.
Co-authored-by: Bart Thomee <11445373+bthomee@users.noreply.github.com>
