This is a rewrite of the build system with `jbuilder`, with just a
minimal toplevel Makefile for backward compatibility.
This first patch preserves the project architecture, we only gain
proper dependencies handling and always up-to-date `.merlin` files.
A latter patch may split the project in smaller "sub-package",
i.e. multiple `.opam` files.
The embedded versions of the economic protocol are now compiled with
`jbuilder` instead of `tezos-protocol-compiler`, potentially allowing
proper inlining at the cost of slightly-less-stricter
sandboxing. Nevertheless, dynamically loaded protocol are still
compiled with the `tezos-protocol-compiler` and thus strictly
sandboxed ; and a CI rule also checks the proper sandboxing of
embedded protocols.
This patch is coauthored with @hnrgrgr
Ouch! That was a subtle Lwt misuse.
With the current (very-old) validator code, when the validation of
block is waiting to the validation of its predecessor, a "pending" Lwt
thread is created. The validation of the predecessor might also wait
on its own predecessor, potentially creating a very long chain of
pending validation"... If in the process one of the block is tagged
invalid, all the pending "successors" in the chain are 'wakeuped'
immediatly and in sequence, potentially blowing the stack in the
process.
A quick fix is to add an `Lwt_unix.yield` to break the recursion.
A better fix is to not create such long chain of "pending" validations.
See merge request !59.
This patch is co-authored with: cagdas.bozman@ocamlpro.com
With this patch the economic protocol is now compiled as as
"functor-pack", parameterized over the environment. This will ease the
protocol reusability outside of the tezos source tree (e.g. for a
michelson Web IDE) and will allow proper unit testing of the economic
protocol.
This functorization allows to break the dependency of the
'tezos-protocol-compiler' on various '.mli' of the node, and hence
we don't need anymore the unusual compilation schema:
a.mli -> b.mli -> b.ml -> a.ml
where 'A' is linked after 'B' but 'a.mli' should still be compiled
before 'b.mli'. This will simplify a switch to 'ocp-build' or 'jbuiler'.
Operations now include a block hash in their header. Such an operation
could only be included in a successor of this block.
Furthermore, when validating a block, the economic protocol now
returns---together with the context---an integer `max_operations_ttl`.
Then, when validating a successor, the shell will fail if it contains
an operation whose header's block hash is not one the
`max_operations_ttl` predecessors of the block.
As a bonus, the shell is now able to detect and forbid replayed
operations. Then, we might decide to remove some replay
detection-mechanism that we previously implemented in the economic
protocol.
It now takes a `proto_header` in parameter, and it returns a full
`shell_header`. This prepares the inclusion of the context's hash in the
`shell_header`.
The `begin_construction` function now accepts an optional argument
`proto_header`. This is to be used by a new RPC that ease forging the
shell header of a block (i.e. it will compute the fitness and, in a
near future, the hash of the resulting context).
Let's get serious. The full index of operations is not sustainable in
the production code. We now only keep the index of operations not yet
in the chain (i.e. the mempool/prevalidation). Operations from the
chain are now only accesible through a block. For instance, see the
RPC:
/blocks/<hash>/proto/operations
This prepares the context to the inclusion the hash of the context in
the block header. By "looking" into the resulting context of a block,
we are now know able to determine whether:
- no testnet is currently associated to the branch;
- a testnet must be forked after the block;
- a previously forked testnet is running.
The minimal header now (classically) contains the root of a Merkle tree,
wrapping a list of lists of operations. Currently, the validator only
accept a single list of operations, but the 3+pass validator will
requires at least two lists.
