This allows a different signed version of the same CorDapp to be automatically trusted.
This reverts "[CORDA-2575] Allow users to whitelist attachments by public key config (#5035)"
With (Contract JARs) rolling upgrades the downgrade rule cannot be effectively check as the platform can't tell the difference between a transaction that's downgrading because of an attack, vs a transaction that's downgrading because Alice has upgraded but Bob hasn't yet. During a rolling upgrade we would expect state versions to fluctuate up and down as data gets read/written by a mix of nodes. With the feature as implemented Alice will upgrade and start trading with Bob. Bob will be able to read and process the states Alice sent him, but the moment he tries to consume such a state he will fail. This will result in cascading flow deaths and a hung business network the moment an upgrade starts.
* Create a new custom migration for populating the state_party table and the relevancy_status column within the vault_states table when migrating from V3 to V4.
* Add a corresponding unit test suite.
* Small refactorings to expose data required by the migration: the isRelevant function in the NodeVaultService, and the node's legal name from the configuration.
This includes all of the cash selection logic, JSON support using jackson and a bunch of utilities which are not relevant to contract verification. The exception to this are Interpolator which has been moved to the IRS demo, and PhysicalLocationStructures.kt which is now in explorer.
* Update changelog with changes to vault queries
* Move choice of relevancy state to QueryCriteria
* Ensure relevancy default is correct for all query types
* Remove superfluous imports
* Update documentation for queries using state relevancy
* Fix merge damage
* Revert change to use RELEVANT as the default and update docs
* Revert missed instance of relevancy change
* Rewrite of upgrade notes for vault state query updates
* Address review comments
The API has been reverted to be completely ABI compatible with V3, and the small changes that were made to the wire format in https://github.com/corda/corda/pull/4260 have also been reverted.
Move Raft and BFT-Smart notaries back into node to preserve backwards compatibility.
* Allow overriding full node config when using internal mock network parameters.
* Make BFT-Smart notary start up in prod mode as well
* Move raft & bftsmart notaries to net.corda.notary.experimental package
* Make sure Raft notary handles reference state edge cases correctly.
* Make sure BFT-Smart notary handles reference state edge cases correctly.
* Include notary schemas in node internal schemas
* Undo Raft notary table schema changes to maintain compatibility.
The ResponderFlowFactory parameter is not used and so removed. Also, instead of returning a Future it returns an Observable of responder flows, to support multiple invocations. And finally renamed to registerInitiatedFlow to stick with the existing naming strategy.
* CORDA-1839 - Remove race condition between trackBy and notifyAll
* Fix null check
* Improve filtering
* Switch equality test to refs
* Refine filtering of seen updates
* Add entry in the changelog
* Address comments
TestCordapp has now two implementations to clearly separate the two use cases it has in the Corda repo:
* TestCordappImpl which implements the revised public API of TestCordapp; namely that a TestCordapp instance references a real CorDapp jar on the classpath. This is either an external dependency jar in which case it’s taken as is and given to the node, or it’s a local gradle project in which case it’s compiled using the gradle “jar” task to generate the CorDapp jar. This approach means the jar has all the original CorDapp versioning information, which is important that it’s correct when testing. To this end, TestCordapp only needs to expose the ability to specify the app’s config. All the remaining properties have moved to CustomCordapp.
* CustomCordapp for creating arbitrary custom CorDapps, including specifying the jar’s MANIFEST values. This is internal API and only used for testing the platform. Technically this shouldn’t implement TestCordapp but does so to reduce the complexity of the driver and mock network.
* Make TimedFlows retry forever, and cap the growth of the time out interval.
* Only time flows for restart if that is sensible (i.e. notary flows that actually have an alternative node to talk to).
* Move check for multi node notary into getter so it the `canBeRestarted` attribute can't be set too late.
* Make restartable timed flow a concept on SubFlow metadata and the relevant events so we can handle it properly for subflows based on their metadata.
* Addressing review comments.
* Consistent naming
* Update documentation
* Addressing documentation comments.
* Implementation of Contract and Workflow attribute identifiers.
* Fixes following rebase from master.
* Fix broken JUnit test.
* Fix broken JUnit test.
* Fix broken JUnit test.
* Added missing constants.
* Further clean-up.
* Updated documentation.
* Added changelog entry.
* Updated all samples (using new Gradle Plugin 4.0.37 functionality)
* Temporarily resolve gradle plugins from latest published snapshot.
* Temporarily resolve gradle plugins from latest published snapshot.
* Updates following feedback from PR review.
* Move constants into CordappInfo companion object.
* Contract and Workflow attribute `version` to `versionId` (as version is a reserved gradle variable)
* Clarified warning message on incorrect version identifier.
* Align version identifier processing logic with gradle cordapp plugin.
* Updated comment.
* Minor fixes following rebase from master.
* Fixed broken unit test.
* Improved exception reporting.
* Update to use 4.0.37 of Gradle Plugins.
* Added support for combined Contract and Workflow CorDapp info.
* Updated following discussions with Shams + cleanup.
* Updated following Shams PR review.
* Minor API improvements.
* Added missing cordapp info causing deployNodes to fail.
New property database.initialiseAppSchema introduced that allows to turn-off Hibernate DDL generation while leaving Node-specific Liquibase handling enabled.
Contract class version non-downgrade rule is check by LedgerTransaction.verify().
TransactionBuilder.toWireTransaction(services: ServicesForResolution) selects attachments for the transaction which obey non downgrade rule.
New ServiceHub method loadAttachmentConstraint(stateRef: StateRef, forContractClassName: ContractClassName? = null) retrieves the attachment contract related to transaction output states of given contract class name.
* Hash to signature constraints migration #1
* After rebase from Attachments Classloader commit.
* Simplified implementation without CZ whitelisting and relaxing the no-overlap rule slightly.
* Further simplification.
* Detailed implementation.
* Use fully loaded Cash contract jar for hash to signature constraints migration test.
Additional debug logging.
* Minor cleanup.
* Address PR review feedback.
* Minor fix.
* Fixes following rebase from master.
* Implemented `calculateEntriesHashes` to improve classloader validation performance.
* Address minor PR review comments.
* Added integration tests and some minor fixes.
* Minor fixes following rebase from master.
* Updates and fixes following integration testing.
* Added changelog entry.
* Fix broken unit tests.
* Fix compilation errors in DriverDSL tests after rebase from master.
* Minor fix to test cordapp jar signing using explicit keystore.
* Run hash-to-signature constraints integration test out of process using a non-validating notary.
* Address PR review feedback: contract version from database + other minor changes.
* Address final PR review feedback: remove signed attachment field from attachmentWithContext
* Resolve conflicts following rebase from master.
* Fix failing junit test.
* Fix Kryo serialization error (forgot to write new `version` identifier field)
* Removed redundant query carried over from previous commit.
* Added documentation.
* Fix test case where explicit Hash Constraint input and Signature Constraint output explicitly configured.
* Addressing PR review comments from SA.
* AttachmentQueryCriteria API: added wither methods and Java Unit tests.
* Fixed compilation error caused by Unit tests being in wrong module.
* Added @CordaInternal to canBeTransitionedFrom function.
* Minimized AttachmentClassloader overlap duplicates checking.
* Moved JarSignatureTestUtils and ContractJarTestUtils to internal pending clean-up and documentation before public release.
* Minor fix following rebase from master.
* Removed redundant checkNotNull(networkParameters) checks now that these are always passed into the main (non-deprecated) constructor.
* Remove capitalization.
https://github.com/corda/corda/pull/4260 removed the dependency that node had to confidential-identities which means CorDapps using it must now use compile and not cordaCompile. This resolves the failing smoke test.
LedgerTransaction is not meant to be created directly from client code, but it being a data class means we will expose new copy methods as new properties are added. The existing copy methods that we've exposed since V3 are deprecated, and equals and hashCode have been updated to be based just on id.
The primary c'tor has been clearly marked as the class' wire format, and so the internal stuff has been moved out. The references property cannot be made nullable and so DeprecatedConstructorForDeserialization is used instead.
* add auto acceptance of certain network parameters
* Remove incorrect nullification of newNetworkParameters object within NetworkMapUpdater
* Automatically update network parameters if update accepted and flag day occured
* Comment cleanup
* Add node configuration for auto accepting network parameter changes
* Remove hot swapping of network parameters
* Add docs for auto accept config flag
* Minor change to log line
* Remove unrelated fix that was corrected on master
* Minor name change within NetworkParameters class
* Minor doc rewording
* Fix typo in docs
* Address PR comments
* Add node config option to turn off network param auto-accept on a per param basis
* Address PR comments
* Fix failing Network Map update integration test
FinalityHandler is insecure in that it is open to receive any transaction from any party.
Any CorDapp targeting platform version 4 or above is required use the new c'tors which take in FlowSession objects to the counterpart flow. This flow must subcall ReceiveFinalityFlow to receive and record the finalised transaction.
Old CorDapps (with target platform version < 4) will continue to work as previously. However if there are no old CorDapps loaded then the node will disable FinalityHandler.
* Tidy up
* Add install-shell-extensions command
* Make cli tests use same version of picocli as everything else
* Remove initLogging from NodeStartup, it is ran earlier by CordaCLIWrapper
* Use picocli snapshot for testing
* Use RunLast() parser to invoke correct subcommands
* Deprecate old clear-network-map-cache parameter
* Restructure NodeStartup for commands
* Get rid of -c option since the flag method has been deprecated and that didn't exist in last release
* Update documentation
* Update backwards compatibility test
* Get all subcommands working
* Refactor sub commands into seperate classes
* Update docs and fix some tests
* Docs changes
* Fix merge conflicts with master
* Fix renamed parameters
* Fix test failure
* Fix compatibility tests
* Add missing compatibility test for blob inspector
* Remove blob inspector compatibility test as there are import conflicts
* Assorted doc fixes
* Addressing review comments
* More review comments
* Couple more bits
* Fix broken tests
* Fix compilation error
* More merge conflicts
* Make startup logging function a bit more sensible
* Fix broken shell extensions
* Make shell extensions work with subcommands
* Make sure parameters for deprecated options are carried through
* More review comments
* Adding some s's
* One last go
* Fix compilation error on Windows
* Revert logging changes
* Revert docs back to their original imperatively moody state
The configuration objects for specific notary implementations have been replaced
by a single untyped "extraConfig" Config object that is left to the notary service
itself to parse.
* Remove the raft bootstrapping command from node, we'll need a different
mechanism for that.
* Remove pre-generated identity config value.
* Split up obtainIdentity() in AbstractNode to make it easier to read.
* A temporary workaround for the bootstrapper tool to support BFT notaries.
* Update docs
* Add upgrade notes
* Fix rebase issue
* Add a config diff for the bft notary as well
* Provide an optional configuration setting to specify the minimum platform version to use in the network params file.
* Leave Cordform signature intact.
* Leave previous Gradle Plugin called signature intact.
* Incorporating feedback from PR review.
* Added minimum platform version validation check.
* Removed final 2 references to "default"
* Added changelog entry.
* Added constraint type information to vault states table.
* Added Vault Query criteria support for constraint data.
* Added documentation and changelog entry.
* Added missing @CordaSerializable.
* Fix minor bug in test setup and parsing code.
* Use binary encoding data types instead of serialize/deserialize.
* Optimized storage of constraints data.
Additional assertions on Vault Query constraint data contents (to validate encoding/decoding).
Tested with CompositeKey containing 10 keys.
* Addressing PR review feedback.
* Query by constraints type and data.
* Revert back accidentally removed code for contractStateType filtering.
* Incorporating final PR review feedback. Use @JvmOverloads on constructor.
* Make sure constraintInfo is class evolution friendly.
This is a split-out change from an enterprise feature, but since we do have: `RPCApi.RPC_TARGET_LEGAL_IDENTITY` header constant even in OS, it would make sense to extend RPC client API to populate this.
* Make the criteria builder functions case insensitive
Add IGNORE_CASE versions of the comparison operator enums
Add exactMatch argument to criteria builder functions where strings can be passed in and set its default value to true
Use JvmOverrides to provide the default true version to java without needing to specify a value manually
If exactMatch is true then the original enums will be used, if false the IGNORE_CASE enums will be used instead
HibernateQueryCriteriaParser.columnPredicateToPredicate now takes into account the IGNORE_CASE versions of the enums
* Tidy up QueryCriteriaUtils and HibernateQueryCriteriaParser
Split HibernateQueryCriteriaParser.columnPredicateToPredicate into smaller functions
Reduce duplicated code in QueryCriteriaUtils
* Tidy up QueryCriteriaUtils and HibernateQueryCriteriaParser
Split HibernateQueryCriteriaParser.columnPredicateToPredicate into smaller functions
Reduce duplicated code in QueryCriteriaUtils (missed some code here)
* update changelog and api-vault-query docs with new API functions
* reorder Operator enums so that the ignore case enums are at the end
In case anyone is depending on the order of the enums, to keep compatibility with existing CorDapps the enums should be added at the end to prevent ordinals from breaking.
"app", "rpc", "p2p" and "unknown" have security implications (see isUploaderTrusted method) and thus they are not allowed to be used in the uploader field when importing attachments via the public API.
* Add registerFlowFactory method to public test API
* Return CordaFuture rather than a plain Future
* Rename method
* Improve KDoc
* Hide internal interface with public wrapper
* Modify API current to include ResponderFlowFactory interface
* Take API definition change from generated file
* Note API change in changelog
* * First commit for reference input states feature.
* Added docs.
* Added additional test.
* Fixed whitespace.
* Rebased to master.
* Updated Raft and persistent notary implementations.
* Updated changelog.
* Updated topo sort to handle reference states.
* Stubbed out with referenced states flow.
* Added WithReferencedStatesFlow.
* Added Tests for WithReferencedStatesFlow.
* Added ReferenceState type.
* Rebased to latest version of master.
* Added better comments.
* Updated unit test.
* Added comment to explain a little hack.
* Fixed broken contract upgrade RPC test.
* Added minimum platform version check.
* Updated mock network so that notary nodes inherit the platform version set by the network's minimum platform version.
* References states can now only be used when minimum platform version >= 4.
* Created a new file to hold async operations as "WaitForStatesToUpdate" is broadly reusable.
* Refactored WithReferenceStatesFlow
* Updated javadoc for WaitForStatesToUpdate aysnc operation.
* Added network parameters property to InternalMockNetwork.
* Added min platform version capability to mock services.
* Removed erroneous chars from file.
* Made async operation internal and now call it from FlowLogic.
* Moved some transaction checking code around.
* Removed serializable annotation from referenced state and ref.
* Added reference states design doc.
* Added missing KDocs.
* Updated with reference states flow to handle consecutive update races.
* Made platform version info an inheritable thread local.
* Fixed various typos.
* Updated docs.
* Fixed race.
* Removed min platform version checks as API needs more thought.
* Added deprecation to method and supressed warnings.
* Renamed WaitForStatesToUpdate to WaitForStateConsumption.
* Fixed race in WaitForStateConsumption.
* Addressed PR comments and updated comments / KDocs.
* Reverse vault bugfixes.
* * Vault bug fixes.
* * Fixed broken test.
* Moved WaitForStateConsumption to internal package.
* CORDA-1813 fix Postgres db bloat issue
* CORDA-1813 merge fixes
* CORDA-1813 change column type and size to a standard corda type
* CORDA-1813 docs
* CORDA-1813 create custom hibernate type for the checkpoint blob and align with enterprise
* CORDA-1813 Remove max col size
* CORDA-1813 Remove max col size
* CORDA-1813 Fix merge
* CORDA-1813 Remove buggy :serverNameTablePrefix: configuration
They're prone to cause flaky tests due to the "allocated" ports already being taken by the system when eventually needed. Replaced usages with PortAllocation.Incremental.
Affected unit tests made into integration tests to avoid any issues in the future when unit tests are made to run in parallel.
This requires the class carpenter to be able to run in a "lenient" mode where it permits synthesised classes to implement interfaces with unimplemented methods.
The list of CorDapps jars is no longer passed in via the cmd line but is now expected to be placed in the bootstrapped directory.
Ended up being a bit of a refactor to cater for unit testing, and also tidied up the bootstrapper docs.
* Introduce new h2Settings config block which overrides h2Port
* H2 server listens on localhost by default
* Change is backward compatible and old h2Port option can still be used but that always listens on localhost now
* Update changelog and docs with H2 changes
* filter by contract state in _trackBy
* write tests to check that _trackBy is filtering the states correct and tidy up filtering functions
* remove un needed function
* add change log message for filtering unrelated ContractStates from trackBy