ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2026-04-29 15:37:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ec57fbdc5f826116f0bea0a24025772db7d18912
rippled/src/test/csf
History
Shawn Xie e919a25ecb Merge develop into ripple/confidential-transfer (#5835) 
* Fix: Don't flag consensus as stalled prematurely (#5658)

Fix stalled consensus detection to prevent false positives in situations where there are no disputed transactions.

Stalled consensus detection was added to 2.5.0 in response to a network consensus halt that caused a round to run for over an hour. However, it has a flaw that makes it very easy to have false positives. Those false positives are usually mitigated by other checks that prevent them from having an effect, but there have been several instances of validators "running ahead" because there are circumstances where the other checks are "successful", allowing the stall state to be checked.

* Set version to 2.5.1

* fix: Skip processing transaction batch if the batch is empty (#5670)

Avoids an assertion failure in NetworkOPsImp::apply in the unlikely event that all incoming transactions are invalid.

* Fix: EscrowTokenV1 (#5571)

* resolves an accounting inconsistency in MPT escrows where transfer fees were not properly handled when unlocking escrowed tokens.

* refactor: Wrap GitHub CI conditionals in curly braces (#5796)

This change wraps all GitHub conditionals in `${{ .. }}`, both for consistency and to reduce unexpected failures, because it was previously noticed that not all conditionals work without those curly braces.

* Only notify clio for PRs targeting the release and master branches (#5794)

Clio should only be notified when releases are about to be made, instead of for all PR, so this change only notifies Clio when a PR targets the release or master branch.

* Support DynamicMPT XLS-94d (#5705)

* extends the functionality of the MPTokenIssuanceSet transaction, allowing the issuer to update fields or flags that were explicitly marked as mutable during creation.

* Bugfix: Adds graceful peer disconnection (#5669)

The XRPL establishes connections in three stages: first a TCP connection, then a TLS/SSL handshake to secure the connection, and finally an upgrade to the bespoke XRP Ledger peer-to-peer protocol. During connection termination, xrpld directly closes the TCP connection, bypassing the TLS/SSL shutdown handshake. This makes peer disconnection diagnostics more difficult - abrupt TCP termination appears as if the peer crashed rather than disconnected gracefully.

This change refactors the connection lifecycle with the following changes:
- Enhanced outgoing connection logic with granular timeouts for each connection stage (TCP, TLS, XRPL handshake) to improve diagnostic capabilities
- Updated both PeerImp and ConnectAttempt to use proper asynchronous TLS shutdown procedures for graceful connection termination

* Downgrade to boost 1.83

* Set version to 2.6.1-rc1

* chore: Use self hosted windows runners (#5780)

This changes switches from the GitHub-managed Windows runners to self-hosted runners to significantly reduce build time.

* Rename mutable flags (#5797)

This is a minor change on top of #5705

* fix(amendment): Add missing fields for keylets to ledger objects (#5646)

This change adds a fix amendment (`fixIncludeKeyletFields`) that adds:
* `sfSequence` to `Escrow` and `PayChannel`
* `sfOwner` to `SignerList`
* `sfOracleDocumentID` to `Oracle`

This ensures that all ledger entries hold all the information needed to determine their keylet.

* chore: Limits CI build and test parallelism to reduce resource contention (#5799)

GitHub runners have a limit on how many concurrent jobs they can actually process (even though they will try to run them all at the same time), and similarly the Conan remote cannot handle hundreds of concurrent requests. Previously, the Conan dependency uploading was already limited to max 10 jobs running in parallel, and this change makes the same change to the build+test workflow.

* chore: Build and test all configs for daily scheduled run (#5801)

This change re-enables building and testing all configurations, but only for the daily scheduled run. Previously all configurations were run for each merge into the develop branch, but that overwhelmed both the GitHub runners and the Conan remote, and thus they were limited to just a subset of configurations. Now that the number of jobs is limited via `max-parallel: 10`, we should be able to safely enable building all configurations again. However, building them all once a day instead of for each PR merge should be sufficient.

* chore: Add unit tests dir to code coverage excludes (#5803)

This change excludes unit test code from code coverage reporting.

* refactor: Modularise ledger (#5493)

This change moves the ledger code to libxrpl.

* Mark PermissionDelegation as unsupported

* Set version to 2.6.1-rc2

* Miscellaneous refactors and updates (#5590)

- Added a new Invariant: `ValidPseudoAccounts` which checks that all pseudo-accounts behave consistently through creation and updates, and that no "real" accounts look like pseudo-accounts (which means they don't have a 0 sequence). 
- `to_short_string(base_uint)`. Like `to_string`, but only returns the first 8 characters. (Similar to how a git commit ID can be abbreviated.) Used as a wrapped sink to prefix most transaction-related messages. More can be added later.
- `XRPL_ASSERT_PARTS`. Convenience wrapper for `XRPL_ASSERT`, which takes the `function` and `description` as separate parameters.
- `SField::sMD_PseudoAccount`. Metadata option for `SField` definitions to indicate that the field, if set in an `AccountRoot` indicates that account is a pseudo-account. Removes the need for hard-coded field lists all over the place. Added the flag to `AMMID` and `VaultID`.
- Added functionality to `SField` ctor to detect both code and name collisions using asserts. And require all SFields to have a name
- Convenience type aliases `STLedgerEntry::const_pointer` and `STLedgerEntry::const_ref`. (`SLE` is an alias to `STLedgerEntry`.)
- Generalized `feeunit.h` (`TaggedFee`) into `unit.h` (`ValueUnit`) and added new "BIPS"-related tags for future use. Also refactored the type restrictions to use Concepts.
- Restructured `transactions.macro` to do two big things
	1. Include the `#include` directives for transactor header files directly in the macro file. Removes the need to update `applySteps.cpp` and the resulting conflicts.
	2. Added a `privileges` parameter to the `TRANSACTION` macro, which specifies some of the operations a transaction is allowed to do. These `privileges` are enforced by invariant checks. Again, removed the need to update scattered lists of transaction types in various checks.
- Unit tests:
	1.  Moved more helper functions into `TestHelpers.h` and `.cpp`. 
	2. Cleaned up the namespaces to prevent / mitigate random collisions and ambiguous symbols, particularly in unity builds.
	3. Generalized `Env::balance` to add support for `MPTIssue` and `Asset`.
	4. Added a set of helper classes to simplify `Env` transaction parameter classes: `JTxField`, `JTxFieldWrapper`, and a bunch of classes derived or aliased from it. For an example of how awesome it is, check the changes `src/test/jtx/escrow.h` for how much simpler the definitions are for `finish_time`, `cancel_time`, `condition`, and `fulfillment`. 
	5. Generalized several of the amount-related helper classes to understand `Asset`s.
     6. `env.balance` for an MPT issuer will return a negative number (or 0) for consistency with IOUs.

* refactor: Simplify STParsedJSON with some helper functions (#5591)

- Add code coverage for STParsedJSON edge cases

Co-authored-by: Denis Angell <dangell@transia.co>

* test: Add STInteger and STParsedJSON tests (#5726)

This change is to improve code coverage (and to simplify #5720 and #5725); there is otherwise no change in functionality. The change adds basic tests for `STInteger` and `STParsedJSON`, so it becomes easier to test smaller changes to the types, as well as removes `STParsedJSONArray`, since it is not used anywhere (including in Clio).

* Revert "Update Conan dependencies: OpenSSL" (#5807)

This change reverts #5617, because it will require extensive testing that will take up more time than we have before the next scheduled release.

Reverting this change does not mean we are abandoning it. We aim to pick it back up once there's a sufficient time window to allow for testing on multiple distros running a mixture of OpenSSL 1.x and 3.x.

* docs: Add warning about using std::counting_semaphore (#5595)

This adds a comment to avoid using `std::counting_semaphore` until the minimum compiler versions of GCC and Clang have been updated to no longer contain the bug that is present in older compilers.

* Improve ValidatorList invalid UNL manifest logging (#5804)

This change raises logging severity from `INFO` to `WARN` when handling UNL manifest signed with an unexpected / invalid key. It also changes the internal error code for an invalid format of UNL manifest to `invalid` (from `untrusted`).

This is a follow up to problems experienced by an UNL node due to old manifest key configured in `validators.txt`, which would be easier to diagnose with improved logging.

It also replaces a log line with `UNREACHABLE` for an impossible situation when we match UNL manifest key against a configured key which has an invalid type (we cannot configure such a key because of checks when loading configured keys).

* chore: Pin all CI Docker tags (#5813)

To avoid surprises and ensure reproducibility, this change pins all CI Docker image tags to the latest version in the XRPLF/CI repo.

* change `fixPriceOracleOrder` to `Supported::yes` (#5749)

* fix: Address http header case sensitivity (#5767)

This change makes the regex in `HttpClient.cpp` that matches the content-length http header case insensitive to improve compatibility, as http headers are case insensitive.

* test: add more comprehensive tests for `FeeVote` (#5746)

This change adds more comprehensive tests for the `FeeVote` module, which previously only checked the basics, and not the more comprehensive flows in that class.

* ci: Call all reusable workflows reusable (#5818)

* Add `STInt32` as a new `SType` (#5788)

This change adds `STInt32` as a new `SType` under the `STInteger` umbrella, with `SType` value `12`. This is the first and only `STInteger` type that supports negative values.

* switch `fixIncludeKeyletFields` to `Supported::yes` (#5819)

* refactor: Restructure Transactor::preflight to reduce boilerplate (#5592)

* Restructures `Transactor::preflight` to create several functions that will remove the need for error-prone boilerplate code in derived classes' implementations of `preflight`.

* refactor: Add support for extra transaction signatures (#5594)

* Restructures Transactor signature checking code to be able to handle a `sigObject`, which may be the full transaction, or may be an object field containing a separate signature. Either way, the `sigObject` can be a single- or multi-sign signature.

* ci: Upload artifacts during build and test in a separate job (#5817)

* chore: Set free-form CI inputs as env vars (#5822)

This change moves CI values that could be user-provided into environment variables.

* Rename flags for DynamicMPT (#5820)

* Set version to 2.6.1

* fix: FD/handle guarding + exponential backoff (#5823)

* fix: Transaction sig checking functions do not get a full context (#5829)

Fixes a (currently harmless) bug introduced by PR #5594

* Remove bogus coverage warning (#5838)

* fix return type

---------

Co-authored-by: Ed Hennis <ed@ripple.com>
Co-authored-by: Jingchen <a1q123456@users.noreply.github.com>
Co-authored-by: Denis Angell <dangell@transia.co>
Co-authored-by: Bart <bthomee@users.noreply.github.com>
Co-authored-by: yinyiqian1 <yqian@ripple.com>
Co-authored-by: Vito Tumas <5780819+Tapanito@users.noreply.github.com>
Co-authored-by: Bronek Kozicki <brok@incorrekt.com>
Co-authored-by: Mayukha Vadari <mvadari@ripple.com>
Co-authored-by: Valentin Balaschenko <13349202+vlntb@users.noreply.github.com>
Co-authored-by: tequ <git@tequ.dev>
Co-authored-by: Ayaz Salikhov <mathbunnyru@users.noreply.github.com>
2025-10-07 14:14:34 -04:00
..
impl
refactor: Remove unused and add missing includes (#5293)
2025-03-11 14:16:45 -04:00
BasicNetwork_test.cpp
fix: Make test suite names match the directory name (#5597)
2025-08-11 14:12:36 -04:00
BasicNetwork.h
chore: remove repeat words (#5041)
2024-06-14 15:36:59 -04:00
CollectorRef.h
refactor: Remove unused and add missing includes (#5293)
2025-03-11 14:16:45 -04:00
collectors.h
chore: Fix file formatting (#5718)
2025-08-22 10:02:56 -04:00
csf_graph.png
Redesign CSF framework (RIPD-1361):
2017-12-01 14:15:04 -05:00
csf_overview.png
Redesign CSF framework (RIPD-1361):
2017-12-01 14:15:04 -05:00
Digraph_test.cpp
fix: Make test suite names match the directory name (#5597)
2025-08-11 14:12:36 -04:00
Digraph.h
Merge develop into ripple/confidential-transfer (#5835)
2025-10-07 14:14:34 -04:00
events.h
refactor: Remove unused and add missing includes (#5293)
2025-03-11 14:16:45 -04:00
Histogram_test.cpp
fix: Make test suite names match the directory name (#5597)
2025-08-11 14:12:36 -04:00
Histogram.h
refactor: Remove unused and add missing includes (#5293)
2025-03-11 14:16:45 -04:00
ledgers.h
refactor: use east const convention (#5409)
2025-05-08 11:00:42 +00:00
Peer.h
refactor: use east const convention (#5409)
2025-05-08 11:00:42 +00:00
PeerGroup.h
refactor: Remove unused and add missing includes (#5293)
2025-03-11 14:16:45 -04:00
Proposal.h
refactor: Improve ordering of headers with clang-format (#5343)
2025-03-12 18:33:21 -04:00
random.h
chore: fix typos in comments (#5094)
2024-09-16 13:53:19 -07:00
README.md
chore: Run prettier on all files (#5657)
2025-08-11 16:15:42 +00:00
Scheduler_test.cpp
fix: Make test suite names match the directory name (#5597)
2025-08-11 14:12:36 -04:00
Scheduler.h
Rewrite includes (#4997)
2024-06-20 13:57:16 -05:00
Sim.h
Log detailed correlated consensus data together (#5302)
2025-02-27 13:02:57 -05:00
SimTime.h
refactor: Remove unused and add missing includes (#5293)
2025-03-11 14:16:45 -04:00
submitters.h
refactor: Remove unused and add missing includes (#5293)
2025-03-11 14:16:45 -04:00
timers.h
refactor: Remove unused and add missing includes (#5293)
2025-03-11 14:16:45 -04:00
TrustGraph.h
refactor: Remove unused and add missing includes (#5293)
2025-03-11 14:16:45 -04:00
Tx.h
refactor: use east const convention (#5409)
2025-05-08 11:00:42 +00:00
Validation.h
refactor: Improve ordering of headers with clang-format (#5343)
2025-03-12 18:33:21 -04:00

README.md

Consensus Simulation Framework

The Consensus Simulation Framework is a set of software components for describing, running and analyzing simulations of the consensus algorithm in a controlled manner. It is also used to unit test the generic Ripple consensus algorithm implementation. The framework is in its early stages, so the design and supported features are subject to change.

Overview

The simulation framework focuses on simulating the core consensus and validation algorithms as a discrete event simulation. It is completely abstracted from the details of the XRP ledger and transactions. In the simulation, a ledger is simply a set of observed integers and transactions are single integers. The consensus process works to agree on the set of integers to include in the next ledger.

CSF Overview

The diagram above gives a stylized overview of the components provided by the framework. These are combined by the simulation author into the simulation specification, which defines the configuration of the system and the data to collect when running the simulation. The specification includes:

  • A collection of Peers that represent the participants in the network, with each independently running the consensus algorithm.
  • The Peer trust relationships as a TrustGraph. This is a directed graph whose edges define what other Peers a given Peer trusts. In other words, the set of out edges for a Peer in the graph correspond to the UNL of that Peer.
  • The network communication layer as a BasicNetwork. This models the overlay network topology in which messages are routed between Peers. This graph topology can be configured independently from the TrustGraph.
  • Transaction Submitters that model the submission of client transactions to the network.
  • Collectors that aggregate, filter and analyze data from the simulation. Typically, this is used to monitor invariants or generate reports.

Once specified, the simulation runs using a single Scheduler that manages the global clock and sequencing of activity. During the course of simulation, Peers generate Ledgers and Validations as a result of consensus, eventually fully validating the consensus history of accepted transactions. Each Peer also issues various Events during the simulation, which are analyzed by the registered Collectors.

Example Simulation

Below is a basic simulation we can walk through to get an understanding of the framework. This simulation is for a set of 5 validators that aren't directly connected but rely on a single hub node for communication.

Example Sim

Each Peer has a unique transaction submitted, then runs one round of the consensus algorithm.

Sim sim;
PeerGroup validators = sim.createGroup(5);
PeerGroup center = sim.createGroup(1);
PeerGroup network = validators + center;
center[0]->runAsValidator = false;

validators.trust(validators);
center.trust(validators);

using namespace std::chrono;
SimDuration delay = 200ms;
validators.connect(center, delay);

SimDurationCollector simDur;
sim.collectors.add(simDur);

// prep round to set initial state.
sim.run(1);

// everyone submits their own ID as a TX and relay it to peers
for (Peer * p : validators)
    p->submit(Tx(static_cast<std::uint32_t>(p->id)));

sim.run(1);

std::cout << (simDur.stop - simDur.start).count() << std::endl;
assert(sim.synchronized());

Sim and PeerGroup

Sim sim;
PeerGroup validators = sim.createGroup(5);
PeerGroup center = sim.createGroup(1);
PeerGroup network = validators + center;
center[0]->runAsValidator = false;

The simulation code starts by creating a single instance of the Sim class. This class is used to manage the overall simulation and internally owns most other components, including the Peers, Scheduler, BasicNetwork and TrustGraph. The next two lines create two differ PeerGroups of size 5 and 1 . A PeerGroup is a convenient way for configuring a set of related peers together and internally has a vector of pointers to the Peers which are owned by the Sim. PeerGroups can be combined using +/- operators to configure more complex relationships of nodes as shown by PeerGroup network. Note that each call to createGroup adds that many new Peers to the simulation, but does not specify any trust or network relationships for the new Peers.

Lastly, the single Peer in the size 1 center group is switched from running as a validator (the default) to running as a tracking peer. The Peer class has a variety of configurable parameters that control how it behaves during the simulation.

trust and connect

validators.trust(validators);
center.trust(validators);

using namespace std::chrono;
SimDuration delay = 200ms;
validators.connect(center, delay);

Although the sim object has accessible instances of TrustGraph and BasicNetwork, it is more convenient to manage the graphs via the PeerGroups. The first two lines create a trust topology in which all Peers trust the 5 validating Peers. Or in the UNL perspective, all Peers are configured with the same UNL listing the 5 validating Peers. The two lines could've been rewritten as network.trust(validators).

The next lines create the network communication topology. Each of the validating Peers connects to the central hub Peer with a fixed delay of 200ms. Note that the network connections are really undirected, but are represented internally in a directed graph using edge pairs of inbound and outbound connections.

Collectors

SimDurationCollector simDur;
sim.collectors.add(simDur);

The next lines add a single collector to the simulation. The SimDurationCollector is a simple example collector which tracks the total duration of the simulation. More generally, a collector is any class that implements void on(NodeID, SimTime, Event) for all Events emitted by a Peer. Events are arbitrary types used to indicate some action or change of state of a Peer. Other existing collectors measure latencies of transaction submission to validation or the rate of ledger closing and monitor any jumps in ledger history.

Note that the collector lifetime is independent of the simulation and is added to the simulation by reference. This is intentional, since collectors might be used across several simulations to collect more complex combinations of data. At the end of the simulation, we print out the total duration by subtracting simDur members.

std::cout << (simDur.stop - simDur.start).count() << std::endl;

Transaction submission

// everyone submits their own ID as a TX and relay it to peers
for (Peer * p : validators)
    p->submit(Tx(static_cast<std::uint32_t>(p->id)));

In this basic example, we explicitly submit a single transaction to each validator. For larger simulations, clients can use a Submitter to send transactions in at fixed or random intervals to fixed or random Peers.

Run

The example has two calls to sim.run(1). This call runs the simulation until each Peer has closed one additional ledger. After closing the additional ledger, the Peer stops participating in consensus. The first call is used to ensure a more useful prior state of all Peers. After the transaction submission, the second call to run results in one additional ledger that accepts those transactions.

Alternatively, you can specify a duration to run the simulation, e.g. sim.run(10s) which would have Peers continuously run consensus until the scheduler has elapsed 10 additional seconds. The sim.scheduler.in or sim.scheduler.at methods can schedule arbitrary code to execute at a later time in the simulation, for example removing a network connection or modifying the trust graph.