* CORDA-2634 - Fix default currentTargetVersion
* CORDA-2634 - Include abstract flow classes in CorDapp class scanning
* CORDA-2634 - Run test for target platform version 4
To allow rolling upgrades where members of a BN may not all upgrade at the same time, the FinalityHandler is now always enabled, and not disabled if no old apps are installed.
Previously any attempt to use the FinalityHandler in such a scenerio would send the flow to the hospital, where manual intervention would be required to recover the transaction.
* Use the attachments classloader to deserialize contract states in migrations
* Added some comments to explain serialisation behaviour and how tests work.
* Add debug log to indicate when attachment classloading has failed.
* Use a servicesForResolution to load states for compatibility with notary changes and contract upgrades
* Add test case to cover notary change transactions
* Address review comments
* Change logging message in MigrationServicesForResolution
* Read the network-parameters file if there is nothing in the database
* Update documentation and provide a warning if there are many states.
* Handle case where file containing network parameters is missing
* Improve logging if attachments are not available and the file path doesn't exist
* Get logs the right way around
* Fix build error in tests
* Improve error when transaction deserialisation fails and move migrations for finance to contracts CorDapp
* Revert move of migrations and errors thrown from CordaRPCOps
* Ensure VaultQueryException is thrown from vault queries and remove unused import
* Improve error reporting from VaultQueryException
* Fix API break
* Fix vault query test failure due to exception change
CORDA-2595 - Fix test and api.
CORDA-2595 add test
CORDA-2595 fix tests
CORDA-2595 fix test and address code review comments
CORDA-2595 address code review comments
* First pass at fixing 2563.
* In memory KMS now maps keys to IDs.
* CreateDatabaseAndMockServices now creates a persistent key management service and a can take a persistent identity service, so now the external id mapping works for mock services.
* * Created a helper for mock services which allows the creation of a mock services with persistent identity management service key management service and vault.
* MockNode now uses persistent key management service - not sure why it didn't do before?
* * MockNode now uses BasicHSMKeyManagementService
* Updated api-current file
* Little fix required after rebase to master.
* Fixed broken test.
* Added informative error messages to UnsupportedOperationExceptions thrown by E2ETestKeyManagementService.
* Removed redundant private constructor for mock services from api-current.txt.
* Addressed Rick's comments.
* Create a new custom migration for populating the state_party table and the relevancy_status column within the vault_states table when migrating from V3 to V4.
* Add a corresponding unit test suite.
* Small refactorings to expose data required by the migration: the isRelevant function in the NodeVaultService, and the node's legal name from the configuration.
Previous implementation was in LedgerTransaction and focused only on contract classes,
but every package matters.
Also fixes some exception types and does misc refactorings.
Take out a useless parameter from a method that was added to the public
API, document it. Add some comments explaining more about why we are
looking up attachment versions in WireTransaction.toLedgerTransaction.
* CORDA-2547: WIP Migrate old notary schema correctly.
Modify liquibase scripts to rename the old committed state table instead of creating a new one.
* Rename liquibase change sets
* Change 3.3 baseline before Liquibase.
* Aligin with ENT, orginal node-notary.changelog-v1.xml moved to node-notary.changelog-v2.xml and it's compatible with ENT (which already has changes from v2).
* Aligin with ENT, orginal node-notary.changelog-v1.xml moved to node-notary.changelog-v2.xml and it's compatible with ENT (which already has changes from v2) - adding v2 to master file.
* Ensure setting up Liquibase on pre-existing pre-Liquibase database
* Add FetchParametersFlow
* No downgrade parameters in ResolveTransactionsFlow
Make sure that parameters in the transaction
graph are ordered (this is to prevent the downgrade attack, when the
malicious notary and participants sign transaction that shouldn't be
notarised otherwise). We ensure that by checking that epochs of network
parameters in the transaction chain are ordered.
* Addressed some minor items from RP review feedback.
* Refactoring following rebase from master.
* Address RP PR review comments (round 2)
* Addressed a couple of minor PR review points.
* Renaming of unit tests and cleanup.
* Changes discusses with RP to ensure Network Param checking is applied at txn verify time + resolve order checking gated on existence of tagged NPs in txn and associated minimum platform version.
* Do not fail on missing ServiceHub impl + return nothing if txn not NP tagged.
* Unify HistoricNetworkParametersStorage and
NetworkParametersStorageInternal
* SignedDataWithCert implements NamedByHash
* Cleanup
* Move parameters ordering check to signed transaction resolution
* Fixes after merge, address comments
* Address Andrius comments
This includes all of the cash selection logic, JSON support using jackson and a bunch of utilities which are not relevant to contract verification. The exception to this are Interpolator which has been moved to the IRS demo, and PhysicalLocationStructures.kt which is now in explorer.
* Allow for duplicate (contract class, version) signed attachments in devMode.
* Code clean-up.
* Fix compilation error in test code.
* Additional gating/warning and added Unit test for development mode behaviour.
* Remove locks around database access in AppendOnlyPersistentMap and introduce
a unit test that checks that known deadlock scenarios of the old version
are avoided.
* Fix Deadlock unit test
* Add some extra latching to try and make timing less fragile. Can never be perfect though.
* Review feedback, and some thread safety fixes.
* Start pooling classpath scanning
Quickly patch synchronisation of attachment class loader cache. Needs a revisit but more complicated due to DJVM.
Annotate away for DJVM
Take ClassGraph utils into their own file so we can exclude for DJVM
Clean up a little
* Daemonize the threads
* Seems to be some concurrency problems with use of ClassGraph. Using a mutex for now to work around.
Merged three tests into one to avoid repeating the same node startups. The assertions the original tests made can be done in one test without any contamination.
* Removed `restart node successfully with suspended flow` as it duplicates `TraderDemoTest#Test restart node during flow works properly`
* Removed the need for a notary
This is only testing the internal cordappForClasses method which is used for internal testing. This method is covered by other unit and integration tests.
CORDA-2497 fix
* Added test to show the fix working.
* Now backwards compatible.
* Refactored out some duped code.
* Added better explanations for what's going on.
* Fixed test which was failing due to the serializationEnvRule problem.
* Addressed Tudor's review comments.
The column 'uploader' was marked as not updatable entity so any update wasn't propagated to the database when the attachment was uploaded again and the uploader field was changed to a trusted one. Also 'saveOrUpdate' removed, the entity is already managed, saveOrUpdate is for detached/new entity.
Upgrade from node 3.0 to 4.0 fails to create versions of whitelisted JARs from networkParameters - read parameters from file at first as in Corda 3.0 there no relevant table, then try from the table.
As this is migration, the code will run only once on each node, she increased log level to info for messages. Tested using https://r3-cev.atlassian.net/browse/R3T-1549
* Update changelog with changes to vault queries
* Move choice of relevancy state to QueryCriteria
* Ensure relevancy default is correct for all query types
* Remove superfluous imports
* Update documentation for queries using state relevancy
* Fix merge damage
* Revert change to use RELEVANT as the default and update docs
* Revert missed instance of relevancy change
* Rewrite of upgrade notes for vault state query updates
* Address review comments
There were two issues:
* The original "sealing violation: can't seal package net.corda.nodeapi" issue was due to the isolated CorDapp containing some code in the net.corda.nodeapi namespace. This has been moved to the isolated namespace.
* The test was not correctly creating the second transaction with the dummy command
* Add whitelists and custom serializers from cordapps to serialization context
* Remove changes in TransactionBuilder, add caching
* Add whitelists and custom serializers from cordapps to serialization context
* Remove changes in TransactionBuilder, add caching
* Address comments
* Increase node memory for SIMM integration test
* Cache only serialization context
* Increase integ test timeout
* Fix API breakage
* Increase max heap size for web server integ test
* Move classloading utils from separate module to core.internal
* Adjust heap size for more integ tests
* Increase time window for IRS demo transactions
* Fix determinator
* Add parameter in core-deterministic
* Stub out class-loading method for DJVM
* Pass states to record through to transaction resolution
* Add a test case
* Add comment indicating why states are always added in tx resolution
* Update observer node documentation
The version of contract attachments that are whitelisted should be read from NetworkParameters.whitelistedContractImplementations.
It use the lattes network map from db with the highest epoch.
* Fixed bug in state pointer search and added tests.
* Blacklisted problematic package.
* Addressed Shams' comments.
* Addressed round two of comments.
* Fixed another bug whereby the DFS gets stuck in an infinite loop.
The API has been reverted to be completely ABI compatible with V3, and the small changes that were made to the wire format in https://github.com/corda/corda/pull/4260 have also been reverted.
Corda Node ensures a given contract class and version can be sourced from only one signed and trusted Attachment (JAR).
An attempt to import a signed JAR as a trusted uploader (or promote to be trusted) with a class and version already present in the other trusted Attachment will raise DuplicateContractClassException.
Minor fixes to Hibernate Attachment Query parser (original query to select attachment without signers would always return no attachments)
Move Raft and BFT-Smart notaries back into node to preserve backwards compatibility.
* Allow overriding full node config when using internal mock network parameters.
* Make BFT-Smart notary start up in prod mode as well
* Move raft & bftsmart notaries to net.corda.notary.experimental package
* Make sure Raft notary handles reference state edge cases correctly.
* Make sure BFT-Smart notary handles reference state edge cases correctly.
* Include notary schemas in node internal schemas
* Undo Raft notary table schema changes to maintain compatibility.
* Add cordapp code signing dev key to production blacklist.
* Remove code used to generate the actual PK hash (it is now attached to the JIRA story)
* Remove wiki page reference.
* Remove the non redundant cash transfer.
* ENT-2923 - remove db access code from the verification thread pool
* Remove worker pool for tx verification and disable db access.
* Address code review comments
* Reduce the operation of ip autodetect to nodes specifying localhost, rather than any node with a 192.168.x.x or 10.x.x.x address. Also, catch the common user error of specifying 0.0.0.0 in p2pAddress.
* Fix test that uses invalid config
Apps may depend on the previous behaviour of catching Throwable rather than just Exception. Better to not risk this break and instead provide a helper to throw Errors.
Also using Consumer to avoid ugly usage in Java for doOnSuccess and doOnFailure.
* Update the documentation for trackBy to better indicate that updates are not filtered according to the query criteria
* Add a test that shows the behaviour, which is skipped for now until a solution is implemented.
* [CORDA-2376]: Unable to make contract attachment trusted if it was received via network (fixed).
* [CORDA-2376]: Wrote some tests.
* [CORDA-2376]: Wrote some tests.
* [CORDA-2376]: Code review changes.
* [CORDA-2376]: Code review changes.
* Fixed incorrect attachment loading integration test
`AttachmentLoadingTests.test that attachments retrieved over the network are not used for code` was a false-positive - it was incorrect on multiple levels. Fixing it required updating the finance:isolated CorDapp, at which point it was given the new MANIFEST metadata for V4, and moved out of the net.corda.finance namespace to avoid package sealing issues.
The new test exposed a bug in the LedgerTransaction verification logic. This was cleaned up as it was too easy to verify on the wrong instance.
The overload that takes in a String does NOT check that the exception thrown has that message, which is what these tests are assuming. Rather it's the assertion message when the test fails.
* CORDA-1839 - Remove race condition between trackBy and notifyAll
* Fix null check
* Improve filtering
* Switch equality test to refs
* Refine filtering of seen updates
* Add entry in the changelog
* Address comments
* Working version
* api-current.txt change to remove diff due to inheritance hierarchy change.
* api-current.txt change to remove warnings of abstract methods in new interfaces.
* Fix indent
TestCordapp has now two implementations to clearly separate the two use cases it has in the Corda repo:
* TestCordappImpl which implements the revised public API of TestCordapp; namely that a TestCordapp instance references a real CorDapp jar on the classpath. This is either an external dependency jar in which case it’s taken as is and given to the node, or it’s a local gradle project in which case it’s compiled using the gradle “jar” task to generate the CorDapp jar. This approach means the jar has all the original CorDapp versioning information, which is important that it’s correct when testing. To this end, TestCordapp only needs to expose the ability to specify the app’s config. All the remaining properties have moved to CustomCordapp.
* CustomCordapp for creating arbitrary custom CorDapps, including specifying the jar’s MANIFEST values. This is internal API and only used for testing the platform. Technically this shouldn’t implement TestCordapp but does so to reduce the complexity of the driver and mock network.
* Split Workflow and contracts of Finance App into separate Cordapps, part 1 - content which is different between OS and ENT is still in contract Cordapp.
* Move CashSelection implementations to workflow module.
* Move CashSelection implmentations to workflow module.
* Move finance module to finance-flows, top level finance module is empty.
* Move finance module to finance-flows, top level finance module is empty.
* Updated build comment.
* Revert publication of combined (contracts and flows) corda-finance.jar (to maintain backwards compatibility with 3rd party cordapps dependent on finance)
* Added backwards compatibility clarification comment.
* Re-instate new cordapp metadata.
* Global rename of `finance-flows` to `finance-workflows` to follow adopted naming conventions.
* Addressed final review comments.
* Rename application to "Corda Finance Demo"
* Generation of original corda-finance jar from new sub-modules.
* Fixed and tested demobench with new split finance contract and workflow jars.
* Renamed finance sub-modules to contracts and workflows.
* Remove Michele!!!
* Minor fix to filtering logic.
* Align CorDapp configuration filename with workflows jar.
* Fix breaks caused by finance module naming changes.
* Final alignment between OS/ENT of finance contract code.
* Make TimedFlows retry forever, and cap the growth of the time out interval.
* Only time flows for restart if that is sensible (i.e. notary flows that actually have an alternative node to talk to).
* Move check for multi node notary into getter so it the `canBeRestarted` attribute can't be set too late.
* Make restartable timed flow a concept on SubFlow metadata and the relevant events so we can handle it properly for subflows based on their metadata.
* Addressing review comments.
* Consistent naming
* Update documentation
* Addressing documentation comments.
* Refactor into attachment service
Fix up mock service
First caching version, but with no invalidation currently
Set cache size
Fix up after rebase
Cache invalidation
Formatting tidy up
Sort out some nullability
Add kdocs.
Unit tests
More unit tests
Fix TODO
Unit test fixes
Unit test fixes
Fixed concurrent invalidating transaction support.
* Correct some transaction concurrency bug, including unit test.
* Added some unit tests for the method I added to persistence.
* Remove some blank lines
* Review feedback
* Fix imports
* Implementation of Contract and Workflow attribute identifiers.
* Fixes following rebase from master.
* Fix broken JUnit test.
* Fix broken JUnit test.
* Fix broken JUnit test.
* Added missing constants.
* Further clean-up.
* Updated documentation.
* Added changelog entry.
* Updated all samples (using new Gradle Plugin 4.0.37 functionality)
* Temporarily resolve gradle plugins from latest published snapshot.
* Temporarily resolve gradle plugins from latest published snapshot.
* Updates following feedback from PR review.
* Move constants into CordappInfo companion object.
* Contract and Workflow attribute `version` to `versionId` (as version is a reserved gradle variable)
* Clarified warning message on incorrect version identifier.
* Align version identifier processing logic with gradle cordapp plugin.
* Updated comment.
* Minor fixes following rebase from master.
* Fixed broken unit test.
* Improved exception reporting.
* Update to use 4.0.37 of Gradle Plugins.
* Added support for combined Contract and Workflow CorDapp info.
* Updated following discussions with Shams + cleanup.
* Updated following Shams PR review.
* Minor API improvements.
* Added missing cordapp info causing deployNodes to fail.
* Exponential back off for retries
* Log back-off
* Jitter back off timing
* Set the minimum back-off to 10s
* Refactor code to be only called when required.
* Spelling
* Make condition purely based on `Chronic` interface
* Make timer a daemon thread
New property database.initialiseAppSchema introduced that allows to turn-off Hibernate DDL generation while leaving Node-specific Liquibase handling enabled.
1) TwoPartyTradeFlowTests - restructured - saving transaction just after creating a state, as it's needed for the next TransactionState to be verified (for non-downgrade rule), enable more tests which were set as @Ignored, left 3 TODOs as 2 tests were slightly modified, need further investigation
2) MockService method loadContractAttachment always returns a dummy Attachment which means it has a default Contract Class Version number 1 used for signature constraints non-downgrade rule.
3) TransactionSerializationTests - added a fake transaction which created fake stated used as input state and using real (not mocked one) implementation of loadContractAttachment
* Modify toString of DBCheckPoint
Fix toString of object DBCheckPoint to remove printing of array in DEBUG log
* Update DBCheckpointStorage.kt
Fix for Code Style Guideline
There was a parallel work done on PersistentKeyManagementService (new table added) while this service has been superseded by BasicHSMKeyManagementService.
Move new table change for the former class to the later one and did some minor cleanup.
Contract class version non-downgrade rule is check by LedgerTransaction.verify().
TransactionBuilder.toWireTransaction(services: ServicesForResolution) selects attachments for the transaction which obey non downgrade rule.
New ServiceHub method loadAttachmentConstraint(stateRef: StateRef, forContractClassName: ContractClassName? = null) retrieves the attachment contract related to transaction output states of given contract class name.
Note: similar sort of changes already made in Ent codebase that fix execution against external DBs.
it will make sense to backport those change to OS to avoid merge conflicts in the future.
TransactionBuilder loads attachment using attachment storage instead of CordappLoader,
contract class version is now Integer (format and stored in db as Integer).
* Hash to signature constraints migration #1
* After rebase from Attachments Classloader commit.
* Simplified implementation without CZ whitelisting and relaxing the no-overlap rule slightly.
* Further simplification.
* Detailed implementation.
* Use fully loaded Cash contract jar for hash to signature constraints migration test.
Additional debug logging.
* Minor cleanup.
* Address PR review feedback.
* Minor fix.
* Fixes following rebase from master.
* Implemented `calculateEntriesHashes` to improve classloader validation performance.
* Address minor PR review comments.
* Added integration tests and some minor fixes.
* Minor fixes following rebase from master.
* Updates and fixes following integration testing.
* Added changelog entry.
* Fix broken unit tests.
* Fix compilation errors in DriverDSL tests after rebase from master.
* Minor fix to test cordapp jar signing using explicit keystore.
* Run hash-to-signature constraints integration test out of process using a non-validating notary.
* Address PR review feedback: contract version from database + other minor changes.
* Address final PR review feedback: remove signed attachment field from attachmentWithContext
* Resolve conflicts following rebase from master.
* Fix failing junit test.
* Fix Kryo serialization error (forgot to write new `version` identifier field)
* Removed redundant query carried over from previous commit.
* Added documentation.
* Fix test case where explicit Hash Constraint input and Signature Constraint output explicitly configured.
* Addressing PR review comments from SA.
* AttachmentQueryCriteria API: added wither methods and Java Unit tests.
* Fixed compilation error caused by Unit tests being in wrong module.
* Added @CordaInternal to canBeTransitionedFrom function.
* Minimized AttachmentClassloader overlap duplicates checking.
* Moved JarSignatureTestUtils and ContractJarTestUtils to internal pending clean-up and documentation before public release.
* Minor fix following rebase from master.
* Removed redundant checkNotNull(networkParameters) checks now that these are always passed into the main (non-deprecated) constructor.
* Remove capitalization.
* Make the default schemes for TLS and identity available from the CryptoService interface.
* Change CryptoService.generateKeyPair to accept SignatureScheme instead of Int.
* CORDA-2115: Notary whitelist verification changes
- For regular and contract upgrade transactions: check that the notary is in the network parameter whitelist
- For notary change transactions: check the the new notary is in the network parameter whitelist. This enabled support for network merging: the old notary doesn't have to be in the current network's notary whitelist for re-pointing old states to another notary.
These checks are done during transaction construction/verification and also by the non-validating notary.
* Address comments
* Remove stale todo
* Use notary whitelist of current network parameters for platform versoin 3
* Cleanup test
* Move `getHistoricNotary` to `HistoricNetworkParameterStorage` in `core.internal`
* Require `newNotary` to be notary on the network map during notary change
* ENT-2666: Don't check for network parameter currentness for now
* Add check for parameters null when version >= 4
* Add check that parameters are known to the node/network
* Add test
* [CORDA-2278]: Seems to be working. Leaving the test to ensure no future regressions.
* [CORDA-2278]: Seems to be working. Leaving the test to ensure no future regressions.
* [CORDA-2278]: Seems to be working. Leaving the test to ensure no future regressions.
* [CORDA-2278]: Seems to be working. Leaving the test to ensure no future regressions.
* Make enforceSingleNodeIsRunning internal for test purposes.
* Test that the file is deleted or the file lock is released to be sure that the node has stopped.
* Additional test for enforceSingleNodeIsRunnin
The overload that takes in a bunch of the node parameters with default values has been fixed to the V3 version. New node parameters since V3 now only exist in NodeParameters.
The reason for this is otherwise each new release of Corda that introduces new node parameters will force a new startNode overload to be added to DriverDSL to preserve backwards compatibility.
NodeParameters has been moved to its own file and logLevel is removed as it doesn't do anything.
* CORDA-2089 - network parameters tags - part
Data structures changes, storage and notarisation.
Tag transactions with network parameters hash that was in force when tx
was created. Add component group on all core transactions and resolved
parameters on full transactions. The hash should be always visible on
the filtered versions of transactions. Add
notarisation check that the parameters are current.
Implement network parameters storage on services for resolution.
This is only part of the work, next PR will include changes to
ResolveTransactionsFlow to make sure that parameters in the transaction
graph are ordered (this is to prevent the downgrade attack, when the
malicious notary and participants sign transaction that shouldn't be
notarised otherwise).
Probably on network services side we need the default parameters
endpoint for the
transactions that were created before this change - for now it's default
to the current ones.
* Make parameters storage agnostic to cert hierarchy
Test fixes
* Address most PR comments
* Fixes after rebase
* Fixes. Add epoch column to parameters storage.
* Address part of review comments
* Some more comments
* Hopefully fixing what I broke doing rebse
* Address Kostas comments
* Further fixes
* Save all parameters from updates to storage
* Fix integration test
* Address comments
* Fixes after rebase
* Fix test
* Fixes
* Add wrapper for filtering around parameters hash
* API stability fixes
* Add NetworkParametersStorageInternal
* Rename
* Temp commit
* Print the error message first by default, makes error output more natural.
* Polishing
* Further modifications after testing
* Documentation updates
* Couple of fixes after review
* Removing unnecessary tests
* Fix broken test
* Add interface to bootstrapper for testign
* Added unit tests
* Remove unused class
* Fix up bootstrapper unit tests and add a couple more
* Refactor the tests slightly
* Review comments
* Couple of minor tweaks
