Release/node/v0.7.0#173
Merged
Merged
Conversation
Fixes for protocol vulnerabilities; TVM stability updates
Stability improvements for compressed BOCs and external messages
Performance and memory optimizations for CellDb
External messages processing optimization; memory optimization for ar…
Do not expose node keys in config, use secrets vault
Do not save temporary keys in vault; JSON-RPC fix for getTransactions
Key migration and management fixes
Add secrets-vault-cli to Dockerfile, remove old unused tests
Contributor
There was a problem hiding this comment.
Pull request overview
Release v0.7.0 focused on moving key material out of plaintext configs (secrets vault) while also tightening multiple protocol/serialization bounds and improving VM/storage performance/stability.
Changes:
- Integrate
secrets-vaultacross node/adnl/consensus tooling and migrate key handling to zeroizing/protected buffers. - Add/adjust VM + executor behaviors (RNG range checks, RUNVM behavior, signature gas accounting, extra-balance/config access, outbound message extra-currency limits).
- Add operational hardening/perf work (RocksDB open-file/table-reader limits + telemetry, RLDP inbound caps, TL/BOC size caps, RPC body size limit, merkle update lazy apply).
Reviewed changes
Copilot reviewed 189 out of 195 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| src/vm/tests/test_rand.rs | Add SETRAND range/overflow tests |
| src/vm/tests/test_cont.rs | Add CHKSIGNS gas/runvm tests |
| src/vm/tests/test_config.rs | Extend balance/extra-balance tests |
| src/vm/src/executor/rand.rs | Enforce SETRAND 256-bit range |
| src/vm/src/executor/gas/gas_state.rs | Refactor signature gas constants |
| src/vm/src/executor/engine/fix_gas.rs | Make short-code check non-mutating |
| src/vm/src/executor/engine/core.rs | RUNVM child VM plumbing updates |
| src/vm/src/executor/crypto.rs | Adjust signature gas + ristretto ops |
| src/vm/src/executor/continuation.rs | RUNVM stack gas + push_0 flag |
| src/vm/src/executor/config.rs | Fix GETEXTRABALANCE tuple indexing/gas |
| src/tl/ton_api/src/ton_prelude.rs | Add TL length/vector size caps |
| src/tl/ton_api/src/lib.rs | Use ZeroizingBytes for pubkeys |
| src/tl/ton_api/Cargo.toml | Cleanup formatting |
| src/secrets-vault/src/vault.rs | Expose storage accessor; API updates |
| src/secrets-vault/src/utils/hex.rs | Formatting-only change |
| src/secrets-vault/src/types/secret.rs | Formatting-only change |
| src/secrets-vault/src/tests/vault/vault_trait.rs | Update list/store APIs in tests |
| src/secrets-vault/src/tests/vault/vault_builder.rs | Use vault.clear() in tests |
| src/secrets-vault/src/tests/storage/hashicorp_api.rs | Update Hashicorp path expectations |
| src/secrets-vault/src/tests/storage/file_storage_json.rs | Update store signature in tests |
| src/secrets-vault/src/tests/storage/file_json_migration.rs | Update store signature in tests |
| src/secrets-vault/src/tests/protected_memory.rs | Formatting-only change |
| src/secrets-vault/src/tests/fixture.rs | Remove ListMode/clear helpers; use clear() |
| src/secrets-vault/src/storage/utils.rs | Fix slice coercion style |
| src/secrets-vault/src/storage/storage_trait.rs | Storage API changes + test helpers |
| src/secrets-vault/src/storage/hashicorp.rs | Override extractable + list/clear/is_empty |
| src/secrets-vault/src/storage/file_json.rs | Override extractable + migration helper |
| src/secrets-vault/src/storage/file_json_migrator.rs | Formatting-only change |
| src/secrets-vault/src/memory/protected_memory.rs | Implement ton_block SecretBytes trait |
| src/secrets-vault/src/lib.rs | Feature/module exports reshuffle |
| src/secrets-vault/src/crypto/symmetric_key_in_memory.rs | Formatting-only change |
| src/secrets-vault/src/crypto/master_key.rs | Formatting-only change |
| src/secrets-vault/src/crypto/key_pair_in_memory.rs | Formatting-only change |
| src/secrets-vault/src/crypto/key_material.rs | Formatting-only change |
| src/secrets-vault/src/crypto/default_impl.rs | Formatting-only change |
| src/secrets-vault/src/crypto/block_impl.rs | Remove legacy block backend impl |
| src/secrets-vault/src/crypto/blob_in_memory.rs | Formatting-only change |
| src/secrets-vault/src/crypto/aes_gcm.rs | Wrap AEAD buffer adapter type |
| src/secrets-vault/cli/utils.rs | Hide private key unless flag passed |
| src/secrets-vault/cli/README.md | Rename copy command + docs update |
| src/secrets-vault/cli/main.rs | Rename command; add show-private flag |
| src/secrets-vault/cli/list.rs | Remove ListMode; pass show_private |
| src/secrets-vault/cli/copy_file_to_hashicorp.rs | Dedicated file→Hashicorp copy flow |
| src/secrets-vault/cli/COPY_FILE_TO_HASHICORP.md | Update command name |
| src/secrets-vault/Cargo.toml | Feature/deps refactor; make ton_block required |
| src/node/validator-session/tests/test_fast_session.rs | Use ZeroizingBytes keygen |
| src/node/validator-session/tests/test_accelerated_consensus_session.rs | Use ZeroizingBytes keygen |
| src/node/validator-session/src/session_processor.rs | Avoid raw export_key in logs |
| src/node/tests/test_run_net/test_run_net.sh | Unset VAULT_URL for inline-key test |
| src/node/tests/test_run_net/test_run_net_ci.sh | Improve failure diagnostics |
| src/node/tests/test_run_net_py/test_run_net.py | Allow disabling vault per run |
| src/node/tests/test_load_net/scripts/batchedPromise.ts | Reduce noisy error logging |
| src/node/storage/src/tests/test_dynamic_boc_rc_db.rs | Update delete_boc signature in tests |
| src/node/storage/src/lib.rs | Add telemetry metrics; remove TimeChecker |
| src/node/storage/src/db/rocksdb.rs | Bound open files; cache registration; mem usage |
| src/node/storage/src/cell_db.rs | Register CF cache; add bytes telemetry; lazy cell |
| src/node/storage/src/archives/package.rs | Fix truncate cursor; improve read errors |
| src/node/storage/src/archives/db_provider.rs | Exclude main DB from provider mem usage |
| src/node/storage/src/archives/block_index_db.rs | Return options+cache; register cache |
| src/node/storage/src/archives/archive_slice.rs | Warn on inconsistent offsets DB |
| src/node/storage/src/archives/archive_manager.rs | Add time_checker spans; sum RocksDB mem |
| src/node/storage/Cargo.toml | Formatting and version constraint tweaks |
| src/node/storage/benches/shardstate_db3.rs | Adjust CF options tuple return |
| src/node/storage/benches/shardstate_db2.rs | Adjust CF options tuple return |
| src/node/storage/benches/shardstate_db1.rs | Adjust CF options; clone repr_hash |
| src/node/src/validator/validator_utils.rs | Use vault key factory for pubkeys |
| src/node/src/validator/tests/test_validator_session_listener.rs | Use ZeroizingBytes keygen |
| src/node/src/validator/tests/test_validator_group.rs | Use ZeroizingBytes keygen |
| src/node/src/validator/tests/test_session_id.rs | Use ZeroizingBytes keygen |
| src/node/src/validator/tests/test_collator.rs | Update complete_external_messages signature |
| src/node/src/validator/out_msg_queue.rs | Switch stop flag to CancellationToken |
| src/node/src/types/awaiters_pool.rs | Ensure finalize removes map entry consistently |
| src/node/src/types/accounts.rs | Replace ad-hoc timing with time_checker macro |
| src/node/src/tests/test_helper.rs | Await async config load; update ext msg API |
| src/node/src/tests/test_control.rs | Await async config load |
| src/node/src/sync.rs | Fix download queue gap-close + add diagnostics |
| src/node/src/rpc_server/tests/test_serializers.rs | Add transaction account-field tests |
| src/node/src/rpc_server/tests/test_handlers.rs | Update init shard + @extra assertions |
| src/node/src/rpc_server/mod.rs | Add body size limit + change response envelopes |
| src/node/src/network/tests/test_node_network_validator_list.rs | Use ZeroizingBytes keygen |
| src/node/src/network/tests/test_full_node_overlays.rs | Use ZeroizingBytes keygen |
| src/node/src/network/node_network.rs | Lock private key before QUIC add_key |
| src/node/src/network/liteserver.rs | Harden getTransactions LT/account lookup |
| src/node/src/network/full_node_overlays.rs | Handle empty validator set; QUIC key lock |
| src/node/src/network/full_node_overlay_client.rs | Move decompress/deserialize to spawn_blocking |
| src/node/src/network/control.rs | Use ED25519_KEY_TYPE const |
| src/node/src/main.rs | Build runtimes earlier; jemalloc conf; panic hook |
| src/node/src/full_node/apply_block.rs | Validate merkle old_hash; use lazy apply |
| src/node/src/engine_traits.rs | Add new telemetry fields |
| src/node/src/engine_operations.rs | Reduce trace noise; ext msg API update |
| src/node/src/collator_test_bundle.rs | Add new telemetry fields; ext msg API update |
| src/node/src/archive_import/mod.rs | Register archive CF cache |
| src/node/simplex/tests/test_validation.rs | Use ZeroizingBytes keygen |
| src/node/simplex/tests/test_restart.rs | Use ZeroizingBytes keygen |
| src/node/simplex/tests/test_consensus.rs | Use ZeroizingBytes keygen |
| src/node/simplex/tests/test_collation.rs | Use ZeroizingBytes keygen |
| src/node/simplex/src/tests/test_simplex_state.rs | Use ZeroizingBytes keygen |
| src/node/simplex/src/tests/test_session_processor.rs | Use ZeroizingBytes keygen |
| src/node/simplex/src/tests/test_session_description.rs | Use ZeroizingBytes keygen |
| src/node/simplex/src/tests/test_restart.rs | Use ZeroizingBytes keygen |
| src/node/simplex/src/tests/test_crypto.rs | Use ZeroizingBytes keygen |
| src/node/simplex/src/tests/test_certificate.rs | Use ZeroizingBytes keygen |
| src/node/simplex/src/tests/test_candidate_resolver.rs | Use ZeroizingBytes keygen |
| src/node/simplex/src/tests/test_block.rs | Use ZeroizingBytes keygen |
| src/node/consensus-common/tests/test_in_process_overlay.rs | Use ZeroizingBytes keygen |
| src/node/consensus-common/tests/test_block_source_info.rs | Use ZeroizingBytes keygen |
| src/node/consensus-common/tests/test_adnl_overlay.rs | Use vault key factory in tests |
| src/node/consensus-common/src/utils.rs | Use vault key factory for parsing keys |
| src/node/consensus-common/src/tests/test_lossy_overlay.rs | Use ZeroizingBytes keygen |
| src/node/consensus-common/src/adnl_overlay.rs | QUIC key lock; improve broadcast logging |
| src/node/consensus-common/Cargo.toml | Add secrets-vault dependency |
| src/node/catchain/tests/test_fork.rs | Use ZeroizingBytes keygen |
| src/node/catchain/tests/test_catchain_network.rs | Use ZeroizingBytes keygen |
| src/node/catchain/src/utils.rs | Use vault key factory for parsing keys |
| src/node/catchain/Cargo.toml | Add secrets-vault dependency |
| src/node/Cargo.toml | Bump version; jemalloc ctl; tokio signal |
| src/node/bin/hardfork.rs | Update ext msg API signature |
| src/node/bin/crypto.rs | Use vault key factory; avoid raw key exposure |
| src/node/bin/console.rs | Use vault key factory; await async config |
| src/node/bin/benchmark.rs | Adjust CF options tuple return |
| src/node/bin/adnl_ping.rs | Use vault key factory for pubkey |
| src/node-control/service/Cargo.toml | Remove secrets-vault ton-block feature |
| src/node-control/README.md | Document vault secret-name config option |
| src/node-control/nodectl/Cargo.toml | Remove secrets-vault ton-block feature |
| src/node-control/elections/Cargo.toml | Remove secrets-vault ton-block feature |
| src/node-control/docs/singlehost-vault-setup.md | Formatting-only change |
| src/node-control/docs/nodectl-setup.md | Fix trailing markdown newline |
| src/node-control/common/src/app_config.rs | Use vault key factory for ADNL keys |
| src/node-control/common/Cargo.toml | Remove secrets-vault ton-block feature |
| src/node-control/commands/src/commands/nodectl/key_cmd.rs | Remove ListMode in key listing |
| src/node-control/commands/Cargo.toml | Remove secrets-vault ton-block feature |
| src/Makefile | Restrict rustfmt targets explicitly |
| src/executor/src/transaction_executor.rs | VM phase success/exit_arg + extra currency checks |
| src/executor/src/tests/test_transaction_executor_with_real_data.rs | Add exit_arg-on-success regression |
| src/executor/src/tests/test_currency_collections.rs | Add SENDMSG extra-currency tests |
| src/Dockerfile | Build/install secrets-vault-cli; pass RUSTFLAGS |
| src/Cargo.lock | Update dependency graph for new crates |
| src/block/src/wrappers.rs | Add expanded key length const |
| src/block/src/tests/test_validators.rs | Use ZeroizingBytes keygen |
| src/block/src/tests/test_types.rs | Use ZeroizingBytes; shared_secret guard |
| src/block/src/tests/test_signature.rs | Use ZeroizingBytes keygen |
| src/block/src/tests/test_crypto.rs | Use ZeroizingBytes keygen |
| src/block/src/tests/test_config_params.rs | Use ZeroizingBytes keygen |
| src/block/src/tests/test_boc_compression.rs | Add node-count cap regression tests |
| src/block/src/storage_stat.rs | Comment cleanup |
| src/block/src/signature.rs | Use ZeroizingBytes in SigPubKey |
| src/block/src/shard_accounts.rs | DepthBalanceInfo API + aug refactor |
| src/block/src/merkle_update.rs | Add lazy-load cell path + metrics |
| src/block/src/cell/builder.rs | Validate merkle cell data lengths |
| src/block/src/boc_compression.rs | Add node-count cap; input validation |
| src/block/src/accounts.rs | Use anycast depth for split_depth |
| src/block/Cargo.toml | Add zeroize; reorder deps |
| src/adnl/tests/test_tcp.rs | Fix JSON test strings as raw literals |
| src/adnl/tests/test_rldp.rs | Extend inbound cap in test |
| src/adnl/tests/test_real_dht_data.rs | Use ZeroizingBytes key handling |
| src/adnl/tests/test_quic.rs | Use ED25519_* constants; hash calc change |
| src/adnl/tests/test_overlay.rs | Use ZeroizingBytes keygen |
| src/adnl/tests/test_key.rs | Use ProtectedMemory keys; shared_secret guard |
| src/adnl/src/rldp/recv.rs | Add expected size cap + softer chunk handling |
| src/adnl/src/rldp/mod.rs | Add inbound cap controls + drop transfer on error |
| src/adnl/src/quic/mod.rs | Use ED25519 constants; key id calc change |
| src/adnl/src/adnl/server.rs | Use vault key factory for key JSON parsing |
| src/adnl/src/adnl/common.rs | Use SecretBytes guard for shared secret |
| src/adnl/src/adnl/client.rs | Use vault key factory for key JSON parsing |
| src/adnl/Cargo.toml | Add secrets-vault dependency |
Comments suppressed due to low confidence (1)
src/node/src/rpc_server/mod.rs:279
- REST/JSON-RPC success/error replies now include an
@extrafield, buthandle_rejectionresponses (e.g., PayloadTooLarge) still omit it. This creates inconsistent response shapes depending on failure mode. Consider adding@extra(and keeping the same top-level schema) for rejections as well.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Added
Changed
Fixed