* We were leaving trailing attachmentStorage on pooled kryo instances after some tests. Changed attachment storage logic to make it impossible to leave it behind.
* Some low level tests corrupt the Kryo config, so do not return to pool when this is the case. Also, we discovered that Kryo is caching class name to class resolution. We don't want to do this where attachments are involved. The errors raised highlighted a class missing from the whitelist. Need to write a unit test to test the class loader issue.
* Unit test for attachment class loading with kryo.
Convert NodeVaultService states to return Iterable (backed by Sequence) Vs the old way using a List. Worth noting this relieves memory pressure as the number of vault states grows.
* remove toList in ContractUpgradeFlowTest
Basic crypto API to support 5 signature schemes and MetaData-ed signatures.
Supported schemes: (1) RSA_SHA256, (2) ECDSA_SECP256K1_SHA256, (3) ECDSA_SECP256R1_SHA256, (4) EDDSA_ED25519_SHA512, (5) SPHINCS-256_SHA512.
To sign a transaction, a signer should create a MetaData wrapper that contains transaction's merkle root and some extra information, such as signer's public key, timestamp and visibleInputs. Actually, MetaData is utilised to support a practical partial, blind and extra-data attached signature model.
When a MetaData object is signed, the signer sends a TransactionSignature object that contains the signed output and the corresponding MetaData object.
Remarks:
This is an temporary solution for signature algorithmic agility. Further development is required for a robust and extensible Crypto Manager/Provider PKI that will support certificate creation, key generation, signing/verifying, deterministic key derivation, encoding formats, SGX/HSM support, identity and key management, versioning, revocation, asynchronicity, metadata, partial sig. policies etc.
* BFT notary prototype: add a non-validating service.
Each replica now validates the transaction timestamp and returns an individual signature to the BFT client. The client then returns a list of signatures back to the notary service flow.
The validating variant is still incomplete - it requires the ability to suspend flows on arbitrary function calls.
* Exclude old version of Javassist in favour of Hibernate's version.
* Comment why we are excluding javassist:javassist, and add TODO for when junit-quickcheck 0.8 is released.
Make notary flow return a collection of signatures to support the BFT notary. For a single-node or RAFT notary it would just contain a single signature.
* Initial prototyping with Requery as a persistence replacement for Exposed/Hibernate
Applied changes following PR review by RP
Updated timestamp naming (removed committedTimestamp) and StateStatus (removed AWAITING_CONSENSUS) after discussion with RP.
Removed FungibleState and LinearState schemas (and associated tests) - awaiting Requery uni-directional relationship fix.
Added Transaction propagation such that requery re-uses any existing transaction context.
Made requery default logging configurable (disabled by default)
Nullable fields are now truly nullable (in the Kotlin and DDL sense)
Fix for SimmValuation integration test.
Workarounds applied to resolve Requery issues when sharing Transactional context.
Addressed PR review comments from MH.
Further updates following re-review by RP/MH
Further updates following additional PR review comments by RP
Minor update following additional PR review comments by RP
Optimised makeUpdate state processing code.
Resolved conflicts after rebase.
Additional Unit tests and bug fix for correct spending of multiple contract state types within a single transaction.
Required interface change to states() API to take a setOf (ContractStateClassTypes)
Minor code clean-up.
Re-write NodeVaultService consumed state makeUpdate function using SQL.
* Resolve conflict after rebase from master
* Added missing out modifier to UpgradedContract class
* Added ContractUpgradeFlow.Instigator to whitelist in AbstractNode
* Added test for contract upgrade using RPC
* Add support for contract upgrades
* Add interface for the upgraded contract to implement, which provides functionality for upgrading legacy states.
* Add shared upgrade command and verification code for it.
* Add DummyContractV2 to illustrate what an upgraded contract looks like.
* Add new functions to vault service to support upgrading state objects.
* Add contract upgrade flow
Add AnonymousParty superclass of Party in preparation for anonymising parties stored in
contract states.
Signed-off-by: Ross Nicoll <ross.nicoll@r3.com>
Replaces the legacy name-only comparison in the vault service with a party comparison. `Party` now
has an equals method that only uses the owning key, and therefore this functions as expected.
Make FinalityFlow do more, and be used more consistently.
Add a new waitForLedgerCommit API that is intended to be used at the end of flows, or at any other point where a flow wants to wait for a transaction to finalise (but the finalisation flow is being done by someone else).
Update the docs a bit.
* Move merkle building extension functions on wire tx to WireTransaction class.
* Add timestamp, notary, transaction type and signers to wire transaction id calculation.
* Change construction of MerkleTree from duplicating last node on a given level to padding leaves' list with zero hash to size of the nearest power of 2 - so we always have a full binary tree.
The problem was that it was possible to construct 2 different transactions with the same ids. Trick worked for txs having number of leaves that were not power of 2.
* Update tear-offs documentation and diagrams to reflect changes in construction of Merkle trees - padding with zero hashes and including all WireTransaction fields in id computation.
* Change in filtering API of WireTransaction for partial Merkle trees calculation.
Instead of many filtering functions over a transaction only one needs to be provided.
Additional change to check and verification of FilteredTransaction.
* IRS demo change. Make filtering function a protected method of RatesFixFlow class.
Comment on situation when capturing too much scope and connected problems with checkpointing.
Change oracle and tear-offs documentation.
InMemoryNetworkMapCacheTest was not actually asserting that an expected exception was thrown, which
meant when earlier changes to the service changed the operation it wasn't caught. The service now
overwrites previous node if a new matching node is added, and this updates the test to follow that
design.
Change Party instances to be uniquely identified by the owning key, without taking into account name.
This requires that mock node key generation is reworked so that keys for services and the node itself
are distinct, otherwise the network map service cannot differentiate them.
Signed-off-by: Ross Nicoll <ross.nicoll@r3.com>
This deprecates the existing composition clauses and adds new better named versions,
as well as changing 'AnyOf' to require at least one matching subclase (better matching
the name of the clause).
Add new functions for converting amounts to/from decimal representation. Also adds clarification that
the constructor which takes in a BigDecimal drops any fractional part.
Signed-off-by: Ross Nicoll <ross.nicoll@r3.com>
The keys used to sign a command are tested for being a superset of the keys which own
the states, not for being an exact match (as the text previously suggested). This corrects
the message used if this requirement isn't met.
Signed-off-by: Ross Nicoll <ross.nicoll@r3.com>
* Update notary change flow to support encumbrances.
Move encumbrance pointer from ContractState to TransactionState.
* Refactor & add new encumbrance tests
Check that the SMM.add method is being called on the SMM thread and throw if not. Make ServiceHubInternal.startFlow() do a blocking call onto the server thread. Update unit tests.
This resolves an issue whereby the scheduler was starting flows outside of the server thread, which isn't intended.
Initial conversion of Explorer to use IssuerFlow (from BankOfCorda)
Initial conversion of TraderDemo to use IssuerFlow (from BankOfCorda)
Updated TraderDemo to use IssuerFlow (from BankOfCorda)
Fixed TraderDemo integration text (added new BankOfCorda node)
Updated Explorer with changes IssuerRequest params
Explorer now correctly displaying transaction id upon Issue.
Moved IssuerFlow into finance package so can be reused across multiple demos (TraderDemo) and applications (eg Explorer)
Refactored BankOfCorda demo to use Finance package and TestUtil constants
Updated TraderDemo to use IssuerFlow
Updated Explorer to use finance package IssuerFlow.
Advertised BankOfCorda as Issuer for usage by Explorer.
Explorer no longer depends on BankOfCorda demo since IssuerFlow promoted to Finance module
Added IssuerFlow to AbstractNode whitelist.
Explicit declarations of IssuerFlow no longer required.
Added plugin registration of IssuerFlow at bootstrap.
Revert whitelisting of IssuerFlow (plugin configured)
Refactored to use constant BOC definition.
Added gradle RPC security config.
Updated documentation
Fixed incorrect references.
Renamed Issuer banks.
Added new permission set (for Issuer nodes)
Added node nearestCity info
Added new Issuer Event Generator for Issuer nodes only
Associated currency with issuer using ServiceType naming structure.
Added argument flag (-S) to trigger event generator simulation node.
Fixed problem with issuers not resolving from network map.
Updated perms on Issuer rpc proxy nodes.
Fixed minor in cash generateExit identified by Explorer.
Changes applied in prep for AWG demo.
Added IntelliJ run-configurations for launching Explorer demo nodes (with and without simulation)
Updated documentation (and added additional gradle task to launch Explorer nodes in simulation mode).
Fix following rebase.
Addressed review items from PR.
Updated TraderDemo readme.
Updated TraderDemo gradle file to launch Bank of Corda node.
Updated JRE properties.
Updated IssuerModel to incorporate correct JFX Observable handling.
Fixed bug with Exit command not displaying any currency.
Added TODO's for revisiting correct Exception handling strategy.
Optimization for when issuing cash to self.
Minor updates following PR review.
Remove old refs to Royal Mint and Federal Reserve
Add unit tests of ScheduledFlow running on simulated network.
Just use existing DumyContract in test
DummyContract requires value equality so that assertEquals over states works as expected.
Remove blank line.
Add TODO on waitQuiescent.
Fix minor build error
Add sanity check on SignedTransaction.id when deserializing the wrapped transaction. This
check is already done when verifying signatures, this moves it up to an earlier step and
adds a more specific error message to aid diagnosis.
The UniqueIdentifier class exists to ensure any external ID for a state is kept coupled to a
proper unique ID, however in doing so it requires both UUID and external ID to find linear head
states in the vault. This modifies the equality and hashing algorithms to use the UUID only,
so that lookup can be done without knowing the external ID.
Remove deposit field from the FungibleAsset interface, and moved it into a fixed reference to
amount.token.issuer.
Remove issuanceDef field and replace it with amount.token.
Added ApiUtils - a library for managing api lifecycles with less boilerplate.
Added default values to http api and improved the api utils.
Fixed spacing and comments.
Removed withName and added a bad request response to handle error cases.
Replaced use of 400 error with a 404 and error message as per HTTP spec.
# Conflicts:
# core/src/main/kotlin/com/r3corda/core/contracts/Structures.kt
# node/src/test/kotlin/com/r3corda/node/services/NodeSchedulerServiceTest.kt
Fixed failing CommercialPaper test
(caused by re-use of same database transaction context for vault across two different transaction participants)
Allow AdvertisedServices to have their own identity and keys. Also, rationalise legalIdentity onto the local node's NodeInfo which is available on ServiceHub
Fixup after rebase
Remove legal identity that was on storage service. Now access via myInfo.legalIdentity and key via keyManagement lookup.
Enforce singleton notary per node for now
Tidy up based upon Rick's suggestions
Handle PR comments
clean up imports
Fix typo
Fixup rename
Capitalise comment
Eliminate unused variable warning
Make changes based upon PR comments
Cleanup whitespace changes
Restructure the Result class used in the notary protocol to use a sealed class, so that it's impossible for it
to be empty, removing that error case from the checks.
This introduces the core of a receivable contract for the second stage Trade Finance Registry project.
This is a subset of the cope of the initial Trade Finance project, which focuses on managing
invoices/receivables only, and does not deal with the contents of the invoice yet.
some minor changes, including gitignore rule changes. The largest change
is replacing the current fresh key for each transaction with a single
static identity in preparation for aimproved and more fleshed out key
sharing infrastructure.
Use synchronized wrapper over set.
Drop discard message to trace level logging.
Fix code layout
Use lazy trace extension method
Track message id's to deduplicate replays. Widen the auto-acknowledgement window of Artemis back to the default.
Use synchronized wrapper over set.
Include tx message unique id in checkpointed data.
Add test for checkpointed resend
Fix bug in not getting UUID off message.
Tidy formatting
Add explanation comments to test asserts
Put unique id even on Client messages.
Tidy formatting
The RPC mechanism uses message queues and is essentially conventional except for the fact that it supports marshalling observables. An observable encapsulates a stream of ongoing events, and server-side observables sent to the client are automatically bound to message queues and managed by Artemis.
Change Clause to an abstract class, and merge ConcreteClause into it. CompositeClause now
overrides defaults provided in Clause which are more suitable for composition of clauses.
This moves a lot of the test support code into its own package which is only imported for tests,
so it's not shipped as a part of core Corda. The node currently depends on this support code to
compile, although future work could try to separate this out. This change highlights that parts
of production code is dependent on test elements (i.e. dummy keys), and makes it harder for
such accidental crosses to occur later.
An integration test category is also added as part of this work, to contribute towards COR-345.
Rework clauses so that rather than defining match/no-match behaviour themselves, they are
now composed by nesting them within clauses that understand how to match their child clauses.
This unifies a lot of the structure of clauses and removes corner cases needed for the first
design, as well as moving towards a model which is easier to prove.
Add new protocol which manages the entire process of taking a signed transaction ready
for notarisation, through notarisation and onto recording it both locally and informing
remote nodes.
This protocol also optionally can include the ClientToServiceCommand which triggered a transaction
being created, to give the remote nodes context on why a change occurred (i.e. "You are being sent
£100")
Fixup after rebase and fix issue with checking previous deployment of bridges
Correct comments on ArtemisMessagingClient constructor
Fixup rates fix demo
Get rid of when statements
Make NetworkMapCache send modify as well as add//remove events. Make inboxes for nodes persistent.
Suppress warnings
Fix message acknowledgement so that it actually consumes messages properly.
Change queueName to SimpleString to stop lots of wasted conversions
Get rid of spurious import
Tidy up and add comments
Update to include comments on PR
Remove unnecessary import
Try providing a helper interface to encourage enforcing LinearState rules
Fixup after rebase
Change to using Clauses for verifying LinearState standard properties
Fix whitespace change
Tidy up ClauseVerifier after PR comments
Change from SecureHash to a TradeIdentifier class
Change TradeIdentifier to UniqueIdentifier
Add observable for transactions being stored, so the UI can show transactions as they're received, rather than being
limited to the summarised version available from the wallet service.
Change away from extending ClauseVerifier for contracts which support clauses, and explicitely call
clause verification code in the verify() function. This should make the flow of control easier to understand.
- Fix thread safety issues in ArtemisMessagingClient. The Artemis API isn't thread safe, but that isn't well documented and it will happily invoke callbacks in parallel.
- Add discussion of how we tackle threading currently in the codebase and make a few other improvements.
- Add a shutdown hook so we stop properly when the user presses ctrl-c
First working Exposed-assisted persistent wallet
Cleaned up Exposed-based persistent wallet
Cleaned up warnings
Fixed up some generic types
Improved comments
Fix up TODO comment
Hikari and config integration
Fix existing tests
Clean up after looking at PR
Clean up commented out lines
Fix initialisation of IRS demo leaving database open
Fix up after rebase
Review feedback. Main change is lazy wallet iteration.
Rebased and incorporated config changes.
Use standardised config loading. Make wallet cash test use persistent wallet.
Added test to ensure wallet retains state in database across instance creation.
Tidy up whitespace and fix bug in test.
Changes include:
- LedgerTransaction is now much more central: it represents a fully resolved and looked-up tx, with the inputs available.
- TransactionGroup and TransactionForVerification are gone. There is a temporary TransactionForContract class for backwards
compatibility but it will also be gone soon.
- ResolveTransactionsProtocol is simplified, and now commits a tx to the database as soon as it's determined to be valid.
- ServiceHub is now passed in more consistently to verification code, so we can use more services in future more easily e.g. a sandboxing service.
- A variety of APIs have been tweaked or documented better.
1. Function for converting raw entropy into an EDDSA key pair. This is useful for unit tests when you don't want a random key but would rather be able to identify it from the logs by eyesight, and will be useful later also when implementing deterministic key derivation.
2. Function that can format any collection of public keys using the bitcoin-style base58 form.
3. A dummy NullSignature object, again, useful for tests when you don't want to provide a real signature.
Then set a handful of dummy unit testing keys to predictable/fixed values.
Break down what is referred to as "topic" of a message into its component parts. This splits the
general topic from the session ID, so it's clear where a session ID is provided, and whether any
given topic string includes a session ID or not.
- Move code out of ambiguously named TestUtils files (there were three). Sometimes it's simpler to just put these things into the contract source files directly.
- Remove JavaTestHelpers objects (there were three), in favour of just giving the top level kotlin file class better names.
- Misc other small tweaks and cleanups.
As the timestamping authority is now always the notary service, contracts should
no longer be using name-based lookup of the timestamping authority (as this will
generally be wrong). This introduces a new "timestamp" property on a transaction,
and updates most contracts to refer to it.
In some cases (IRS, CommercialPaper) there are transactions with no input states
to derive notary from, that use timestamps. In these cases a notary is specified
in the command.