Security Patch

Eliminate denial of service vulnerability

Leap v4.0.4 contains a security patch eliminating a denial of service vulnerability present in all prior versions of Leap.

Bug Fixes

Report transaction failed if trx was exhausted in non-producing mode

Summary:

Improved reporting of transaction failures in non-producing mode by immediately retrying them using a speculative block, resulting in faster resolution and reduced waiting time.

Problem:

Transaction failures in non-producing mode were not being reported efficiently, leading to delays in resolving the issues.

Impact:

The previous approach caused delays in addressing transaction failures, resulting in potential disruptions and slower processing.

Changes:

• Added functionality to report transaction failures if exhausted in non-producing mode
• Implemented a mechanism to restart a speculative block for immediate retry instead of waiting for a new block
• Updated terminology and added new members (in_producing_mode() and in_speculating_mode()) for improved clarity
• Removed unnecessary comments based on PR review feedback

Resolution:

With the implemented changes, transactionfailures in non-producing mode are now reported promptly, and the system initiates immediate retries using a speculative block. This reduces waiting time and improves the efficiency of resolving transaction failures.

Fixed incorrect serialization scenario

Summary:

Fixed incorrect serialization of std::optional fields in the AntelopeIO/leap repository. The issue occurred when a value was not provided for a std::optional field during serialization, resulting in missing flags. This PR addresses the problem by adding the necessary flags to properly serialize missing values.

Problem:

Incorrect serialization of std::optional fields when a value is not provided.

Impact:

The missing flags during serialization of std::optional fields led to incorrect representation of missing values.

Changes:

• Added flags to the serialization process to indicate missing values in std::optional fields.
• Updated the ABI serializer and test cases.
• Made changes to the libraries/libfc/include/fc/time.hpp and unittests/abi_tests.cpp files.

Resolution:

Missing values in std::optional fields are correctly serialized, addressing the issue and preventing incorrect representation.

Close connection on aysnc_read with a closed socket

Summary:

Improved socket shutdown and cleanup logic in version 4.0 of AntelopeIO/leap to address the issue of closing a connection on async_read with a closed socket. The changes resolve frequent p2p connection drops observed in version 4.0.3.

Problem:

Closing a connection on async_read with a closed socket resulted in frequent p2p connection drops.

Impact:

Frequent p2p connection drops impacted the stability and reliability of the system.

Changes:

• Implemented a more paranoid socket shutdown when closing and handling async_read with a closed socket.
• Improved logic for connection duplicate check cleanup.
• Reset the organization on close to ensure correct sending of time messages in new connections.

Resolution:

The changes ensure proper closure of connections and improve the stability and reliability of the system, resolving the issue of frequent p2p connection drops.

Support snapshot start with full deltas

Summary:

Support state_history_plugin clients when starting from a snapshot. Clients can now connect and receive the full delta of a snapshot without consuming additional blocks.

Problem:

Starting Chronicle from a ship endpoint after a snapshot resulted in errors. The Chronicle did not receive the whole state first, which caused issues with populating its ABI database.

Impact:

Clients connecting to state_history_plugin when starting from a snapshot experienced difficulties in receiving the complete snapshot delta.

Changes:

• Fixed the issue with ship initial block in Leap 4.0.3.
• Support for state_history_plugin clients starting from a snapshot.
• Clients now receive the full delta of a snapshot without consuming additional blocks.
• Improved handling of requested blocks that are not available.

Resolution:

Clients can now successfully connect to state_history_plugin and receive the full delta of a snapshot without any additional block consumption.

Other Changes

Emit Correct Trace Id for Deferred Transactions Before the On-Chain ACtivation of Replaced-Defered.

Summary

Before protocol feature replace_deferred is activated the transaction id of the scheduled transaction can differ from the packed_transaction that is executed. This PR restores the behavior of tracking and reporting in transaction traces the scheduled transaction id instead of the packed_transaction id. This was not a consensus error but rather the wrong trx id was being reported in transaction traces for scheduled transactions before the on-chain activation of replaced_deferred. This manifested itself by confusing SHiP in recording the scheduled transactions reported in a block.

Improve startup when large number of SHiP logs in retain directory

Summary

Startup of state_history_plugin was very slow when a large number of SHiP logs were in the retain directory. This PR includes other performance improvements. Taken together these improvements resulted in a one order of magnitude improvement in benchmarked performance.

Changes to Logging

Summary:

In this release of leap (v4.0.4), we have introduced better reporting for peer to peer connections.

Changes:

In some cases, head_num was incorrectly reported as 0, even though the unlying value was correct.

Benefits:

With this change block producers can see the correct state of their peers.

Changes to Pinned Builds

Summary:

In this release of leap (v4.0.4), we have introduced a new manual dispatch workflow for Pinned Builds in CI. This workflow allows for more control and flexibility in running Pinned Builds using GitHub Actions.

Changes:

To enable the manual dispatch workflow for Pinned Builds, the following actions were taken in leap v4.0:

1. Build-script changes to enable manual dispatch.
2. Pinned builds now run seamlessly in GitHub Actions, ensuring reliable and consistent execution.
3. The artifact name for Pinned Builds has been to improve clarity and organization.

Benefits:

The introduction of the manual dispatch workflow for Pinned Builds brings the following benefits:

1. Pinned builds can now be executed in a controlled manner.
2. Improved integration with GitHub Actions for build automation.
3. Enhanced traceability and visibility of Pinned Build execution.

Changes to Testing

Summary

Reduced the number of generated and expected transactions in Continuous Integration testing to reduce testing load, and increase reapability of tests.

Changes to Documentation

Summary:

Enhanced documentation for nodeos --help by adding additional information for the transaction-retry-interval-sec and transaction-retry-max-expiration-sec options. This provides clearer instructions on how to configure these options effectively.

Changes:

• Added more detailed help information for the transaction-retry-interval-sec and transaction-retry-max-expiration-sec options in nodeos --help
• Clarified the purpose of the options and their recommended values

Benefits:

• Improved understanding and usage of the transaction-retry-interval-sec and transaction-retry-max-expiration-sec options
• Users can now configure these options more effectively, leading to better control over transaction retries
• Increased efficiency and reliability in managing transaction resending and expiration

Further details on changes since last release

Contributors

Special thanks to the contributors that submitted patches for this release:

• @greg7mdp
• @spoonincode
• @oschwaldp-oci
• @linh2931
• @dimas1185
• @heifner

Full list of changes since last release

Full Changelog: v4.0.3...v4.0.4