61ac04aacc
* Add jss fields used by Clio `nft_info`: (#4320) Add Clio-specific JSS constants to ensure a common vocabulary of keywords in Clio and this project. By providing visibility of the full API keyword namespace, it reduces the likelihood of developers introducing minor variations on names used by Clio, or unknowingly claiming a keyword that Clio has already claimed. This change moves this project slightly away from having only the code necessary for running the core server, but it is a step toward the goal of keeping this server's and Clio's APIs similar. The added JSS constants are annotated to indicate their relevance to Clio. Clio can be found here: https://github.com/XRPLF/clio Signed-off-by: ledhed2222 <ledhed2222@users.noreply.github.com> * Introduce support for a slabbed allocator: (#4218) When instantiating a large amount of fixed-sized objects on the heap the overhead that dynamic memory allocation APIs impose will quickly become significant. In some cases, allocating a large amount of memory at once and using a slabbing allocator to carve the large block into fixed-sized units that are used to service requests for memory out will help to reduce memory fragmentation significantly and, potentially, improve overall performance. This commit introduces a new `SlabAllocator<>` class that exposes an API that is _similar_ to the C++ concept of an `Allocator` but it is not meant to be a general-purpose allocator. It should not be used unless profiling and analysis of specific memory allocation patterns indicates that the additional complexity introduced will improve the performance of the system overall, and subsequent profiling proves it. A helper class, `SlabAllocatorSet<>` simplifies handling of variably sized objects that benefit from slab allocations. This commit incorporates improvements suggested by Greg Popovitch (@greg7mdp). Commit 1 of 3 in #4218. * Optimize `SHAMapItem` and leverage new slab allocator: (#4218) The `SHAMapItem` class contains a variable-sized buffer that holds the serialized data associated with a particular item inside a `SHAMap`. Prior to this commit, the buffer for the serialized data was allocated separately. Coupled with the fact that most instances of `SHAMapItem` were wrapped around a `std::shared_ptr` meant that an instantiation might result in up to three separate memory allocations. This commit switches away from `std::shared_ptr` for `SHAMapItem` and uses `boost::intrusive_ptr` instead, allowing the reference count for an instance to live inside the instance itself. Coupled with using a slab-based allocator to optimize memory allocation for the most commonly sized buffers, the net result is significant memory savings. In testing, the reduction in memory usage hovers between 400MB and 650MB. Other scenarios might result in larger savings. In performance testing with NFTs, this commit reduces memory size by about 15% sustained over long duration. Commit 2 of 3 in #4218. * Avoid using std::shared_ptr when not necessary: (#4218) The `Ledger` class contains two `SHAMap` instances: the state and transaction maps. Previously, the maps were dynamically allocated using `std::make_shared` despite the fact that they did not require lifetime management separate from the lifetime of the `Ledger` instance to which they belong. The two `SHAMap` instances are now regular member variables. Some smart pointers and dynamic memory allocation was avoided by using stack-based alternatives. Commit 3 of 3 in #4218. * Prevent replay attacks with NetworkID field: (#4370) Add a `NetworkID` field to help prevent replay attacks on and from side-chains. The new field must be used when the server is using a network id > 1024. To preserve legacy behavior, all chains with a network ID less than 1025 retain the existing behavior. This includes Mainnet, Testnet, Devnet, and hooks-testnet. If `sfNetworkID` is present in any transaction submitted to any of the nodes on one of these chains, then `telNETWORK_ID_MAKES_TX_NON_CANONICAL` is returned. Since chains with a network ID less than 1025, including Mainnet, retain the existing behavior, there is no need for an amendment. The `NetworkID` helps to prevent replay attacks because users specify a `NetworkID` field in every transaction for that chain. This change introduces a new UINT32 field, `sfNetworkID` ("NetworkID"). There are also three new local error codes for transaction results: - `telNETWORK_ID_MAKES_TX_NON_CANONICAL` - `telREQUIRES_NETWORK_ID` - `telWRONG_NETWORK` To learn about the other transaction result codes, see: https://xrpl.org/transaction-results.html Local error codes were chosen because a transaction is not necessarily malformed if it is submitted to a node running on the incorrect chain. This is a local error specific to that node and could be corrected by switching to a different node or by changing the `network_id` on that node. See: https://xrpl.org/connect-your-rippled-to-the-xrp-test-net.html In addition to using `NetworkID`, it is still generally recommended to use different accounts and keys on side-chains. However, people will undoubtedly use the same keys on multiple chains; for example, this is common practice on other blockchain networks. There are also some legitimate use cases for this. A `app.NetworkID` test suite has been added, and `core.Config` was updated to include some network_id tests. * Fix the fix for std::result_of (#4496) Newer compilers, such as Apple Clang 15.0, have removed `std::result_of` as part of C++20. The build instructions provided a fix for this (by adding a preprocessor definition), but the fix was broken. This fixes the fix by: * Adding the `conf` prefix for tool configurations (which had been forgotten). * Passing `extra_b2_flags` to `boost` package to fix its build. * Define `BOOST_ASIO_HAS_STD_INVOKE_RESULT` in order to build boost 1.77 with a newer compiler. * Use quorum specified via command line: (#4489) If `--quorum` setting is present on the command line, use the specified value as the minimum quorum. This allows for the use of a potentially fork-unsafe quorum, but it is sometimes necessary for small and test networks. Fix #4488. --------- Co-authored-by: RichardAH <richard.holland@starstone.co.nz> * Fix errors for Clang 16: (#4501) Address issues related to the removal of `std::{u,bi}nary_function` in C++17 and some warnings with Clang 16. Some warnings appeared with the upgrade to Apple clang version 14.0.3 (clang-1403.0.22.14.1). - `std::{u,bi}nary_function` were removed in C++17. They were empty classes with a few associated types. We already have conditional code to define the types. Just make it unconditional. - libc++ checks a cast in an unevaluated context to see if a type inherits from a binary function class in the standard library, e.g. `std::equal_to`, and this causes an error when the type privately inherits from such a class. Change these instances to public inheritance. - We don't need a middle-man for the empty base optimization. Prefer to inherit directly from an empty class than from `beast::detail::empty_base_optimization`. - Clang warns when all the uses of a variable are removed by conditional compilation of assertions. Add a `[[maybe_unused]]` annotation to suppress it. - As a drive-by clean-up, remove commented code. See related work in #4486. * Fix typo (#4508) * fix!: Prevent API from accepting seed or public key for account (#4404) The API would allow seeds (and public keys) to be used in place of accounts at several locations in the API. For example, when calling account_info, you could pass `"account": "foo"`. The string "foo" is treated like a seed, so the method returns `actNotFound` (instead of `actMalformed`, as most developers would expect). In the early days, this was a convenience to make testing easier. However, it allows for poor security practices, so it is no longer a good idea. Allowing a secret or passphrase is now considered a bug. Previously, it was controlled by the `strict` option on some methods. With this commit, since the API does not interpret `account` as `seed`, the option `strict` is no longer needed and is removed. Removing this behavior from the API is a [breaking change](https://xrpl.org/request-formatting.html#breaking-changes). One could argue that it shouldn't be done without bumping the API version; however, in this instance, there is no evidence that anyone is using the API in the "legacy" way. Furthermore, it is a potential security hole, as it allows users to send secrets to places where they are not needed, where they could end up in logs, error messages, etc. There's no reason to take such a risk with a seed/secret, since only the public address is needed. Resolves: #3329, #3330, #4337 BREAKING CHANGE: Remove non-strict account parsing (#3330) * Add nftoken_id, nftoken_ids, offer_id fields for NFTokens (#4447) Three new fields are added to the `Tx` responses for NFTs: 1. `nftoken_id`: This field is included in the `Tx` responses for `NFTokenMint` and `NFTokenAcceptOffer`. This field indicates the `NFTokenID` for the `NFToken` that was modified on the ledger by the transaction. 2. `nftoken_ids`: This array is included in the `Tx` response for `NFTokenCancelOffer`. This field provides a list of all the `NFTokenID`s for the `NFToken`s that were modified on the ledger by the transaction. 3. `offer_id`: This field is included in the `Tx` response for `NFTokenCreateOffer` transactions and shows the OfferID of the `NFTokenOffer` created. The fields make it easier to track specific tokens and offers. The implementation includes code (by @ledhed2222) from the Clio project to extract NFTokenIDs from mint transactions. * Ensure that switchover vars are initialized before use: (#4527) Global variables in different TUs are initialized in an undefined order. At least one global variable was accessing a global switchover variable. This caused the switchover variable to be accessed in an uninitialized state. Since the switchover is always explicitly set before transaction processing, this bug can not effect transaction processing, but could effect unit tests (and potentially the value of some global variables). Note: at the time of this patch the offending bug is not yet in production. * Move faulty assert (#4533) This assert was put in the wrong place, but it only triggers if shards are configured. This change moves the assert to the right place and updates it to ensure correctness. The assert could be hit after the server downloads some shards. It may be necessary to restart after the shards are downloaded. Note that asserts are normally checked only in debug builds, so release packages should not be affected. Introduced in: #4319 (66627b26cf) * Fix unaligned load and stores: (#4528) (#4531) Misaligned load and store operations are supported by both Intel and ARM CPUs. However, in C++, these operations are undefined behavior (UB). Substituting these operations with a `memcpy` fixes this UB. The compiled assembly code is equivalent to the original, so there is no performance penalty to using memcpy. For context: The unaligned load and store operations fixed here were originally introduced in the slab allocator (#4218). * Add missing includes for gcc 13.1: (#4555) gcc 13.1 failed to compile due to missing headers. This patch adds the needed headers. * Trivial: add comments for NFToken-related invariants (#4558) * fix node size estimation (#4536) Fix a bug in the `NODE_SIZE` auto-detection feature in `Config.cpp`. Specifically, this patch corrects the calculation for the total amount of RAM available, which was previously returned in bytes, but is now being returned in units of the system's memory unit. Additionally, the patch adjusts the node size based on the number of available hardware threads of execution. * fix: remove redundant moves (#4565) - Resolve gcc compiler warning: AccountObjects.cpp:182:47: warning: redundant move in initialization [-Wredundant-move] - The std::move() operation on trivially copyable types may generate a compile warning in newer versions of gcc. - Remove extraneous header (unused imports) from a unit test file. * Revert "Fix the fix for std::result_of (#4496)" This reverts commitcee8409d60. * Revert "Fix typo (#4508)" This reverts commit2956f14de8. * clang * [fold] bad merge * [fold] fix bad merge - add back filter for ripple state on account_channels - add back network id test (env auto adds network id in xahau) * [fold] fix build error --------- Signed-off-by: ledhed2222 <ledhed2222@users.noreply.github.com> Co-authored-by: ledhed2222 <ledhed2222@users.noreply.github.com> Co-authored-by: Nik Bougalis <nikb@bougalis.net> Co-authored-by: RichardAH <richard.holland@starstone.co.nz> Co-authored-by: John Freeman <jfreeman08@gmail.com> Co-authored-by: Mark Travis <mtrippled@users.noreply.github.com> Co-authored-by: solmsted <steven.olm@gmail.com> Co-authored-by: drlongle <drlongle@gmail.com> Co-authored-by: Shawn Xie <35279399+shawnxie999@users.noreply.github.com> Co-authored-by: Scott Determan <scott.determan@yahoo.com> Co-authored-by: Ed Hennis <ed@ripple.com> Co-authored-by: Scott Schurr <scott@ripple.com> Co-authored-by: Chenna Keshava B S <21219765+ckeshava@users.noreply.github.com>
Consensus Simulation Framework
The Consensus Simulation Framework is a set of software components for describing, running and analyzing simulations of the consensus algorithm in a controlled manner. It is also used to unit test the generic Ripple consensus algorithm implementation. The framework is in its early stages, so the design and supported features are subject to change.
Overview
The simulation framework focuses on simulating the core consensus and validation algorithms as a discrete event simulation. It is completely abstracted from the details of the XRP ledger and transactions. In the simulation, a ledger is simply a set of observed integers and transactions are single integers. The consensus process works to agree on the set of integers to include in the next ledger.
The diagram above gives a stylized overview of the components provided by the framework. These are combined by the simulation author into the simulation specification, which defines the configuration of the system and the data to collect when running the simulation. The specification includes:
- A collection of
Peers that represent the participants in the network, with each independently running the consensus algorithm. - The
Peertrust relationships as aTrustGraph. This is a directed graph whose edges define what otherPeers a givenPeertrusts. In other words, the set of out edges for aPeerin the graph correspond to the UNL of thatPeer. - The network communication layer as a
BasicNetwork. This models the overlay network topology in which messages are routed betweenPeers. This graph topology can be configured independently from theTrustGraph. - Transaction
Submitters that model the submission of client transactions to the network. Collectors that aggregate, filter and analyze data from the simulation. Typically, this is used to monitor invariants or generate reports.
Once specified, the simulation runs using a single Scheduler that manages the
global clock and sequencing of activity. During the course of simulation,
Peers generate Ledgers and Validations as a result of consensus,
eventually fully validating the consensus history of accepted transactions. Each
Peer also issues various Events during the simulation, which are analyzed by
the registered Collectors.
Example Simulation
Below is a basic simulation we can walk through to get an understanding of the framework. This simulation is for a set of 5 validators that aren't directly connected but rely on a single hub node for communication.
Each Peer has a unique transaction submitted, then runs one round of the consensus algorithm.
Sim sim;
PeerGroup validators = sim.createGroup(5);
PeerGroup center = sim.createGroup(1);
PeerGroup network = validators + center;
center[0]->runAsValidator = false;
validators.trust(validators);
center.trust(validators);
using namespace std::chrono;
SimDuration delay = 200ms;
validators.connect(center, delay);
SimDurationCollector simDur;
sim.collectors.add(simDur);
// prep round to set initial state.
sim.run(1);
// everyone submits their own ID as a TX and relay it to peers
for (Peer * p : validators)
p->submit(Tx(static_cast<std::uint32_t>(p->id)));
sim.run(1);
std::cout << (simDur.stop - simDur.start).count() << std::endl;
assert(sim.synchronized());
Sim and PeerGroup
Sim sim;
PeerGroup validators = sim.createGroup(5);
PeerGroup center = sim.createGroup(1);
PeerGroup network = validators + center;
center[0]->runAsValidator = false;
The simulation code starts by creating a single instance of the Sim
class. This class is used to manage the overall simulation and
internally owns most other components, including the Peers, Scheduler,
BasicNetwork and TrustGraph. The next two lines create two differ
PeerGroups of size 5 and 1 . A PeerGroup is a convenient
way for configuring a set of related peers together and internally has a vector
of pointers to the Peers which are owned by the Sim. PeerGroups can be
combined using +/- operators to configure more complex relationships of nodes
as shown by PeerGroup network. Note that each call to createGroup adds that
many new Peers to the simulation, but does not specify any trust or network
relationships for the new Peers.
Lastly, the single Peer in the size 1 center group is switched from running
as a validator (the default) to running as a tracking peer. The Peer
class has a variety of configurable parameters that control how it
behaves during the simulation.
trust and connect
validators.trust(validators);
center.trust(validators);
using namespace std::chrono;
SimDuration delay = 200ms;
validators.connect(center, delay);
Although the sim object has accessible instances of
TrustGraph and BasicNetwork, it is more
convenient to manage the graphs via the PeerGroups. The first two lines
create a trust topology in which all Peers trust the 5 validating Peers. Or
in the UNL perspective, all Peers are configured with the same UNL listing the
5 validating Peers. The two lines could've been rewritten as
network.trust(validators).
The next lines create the network communication topology. Each of the validating
Peers connects to the central hub Peer with a fixed delay of 200ms. Note
that the network connections are really undirected, but are represented
internally in a directed graph using edge pairs of inbound and outbound connections.
Collectors
SimDurationCollector simDur;
sim.collectors.add(simDur);
The next lines add a single collector to the simulation. The
SimDurationCollector is a a simple example collector which tracks the total
duration of the simulation. More generally, a collector is any class that
implements void on(NodeID, SimTime, Event) for all Events
emitted by a Peer. Events are arbitrary types used to indicate some action or
change of state of a Peer. Other existing collectors measure
latencies of transaction submission to validation or the rate of ledger closing
and monitor any jumps in ledger history.
Note that the collector lifetime is independent of the simulation and is added
to the simulation by reference. This is intentional, since collectors might be
used across several simulations to collect more complex combinations of data. At
the end of the simulation, we print out the total duration by subtracting
simDur members.
std::cout << (simDur.stop - simDur.start).count() << std::endl;
Transaction submission
// everyone submits their own ID as a TX and relay it to peers
for (Peer * p : validators)
p->submit(Tx(static_cast<std::uint32_t>(p->id)));
In this basic example, we explicitly submit a single transaction to each
validator. For larger simulations, clients can use a Submitter
to send transactions in at fixed or random intervals to fixed or random Peers.
Run
The example has two calls to sim.run(1). This call runs the simulation until
each Peer has closed one additional ledger. After closing the additional
ledger, the Peer stops participating in consensus. The first call is used to
ensure a more useful prior state of all Peers. After the transaction
submission, the second call to run results in one additional ledger that
accepts those transactions.
Alternatively, you can specify a duration to run the simulation, e.g.
sim.run(10s) which would have Peers continuously run consensus until the
scheduler has elapsed 10 additional seconds. The sim.scheduler.in or
sim.scheduler.at methods can schedule arbitrary code to execute at a later
time in the simulation, for example removing a network connection or modifying
the trust graph.