Skip to content
This repository has been archived by the owner on Nov 19, 2024. It is now read-only.

Commit

Permalink
Merge branch 'release-0.22' into public
Browse files Browse the repository at this point in the history
  • Loading branch information
@mraszyk
mraszyk committed Nov 15, 2023
2 parents 6951ff5 + f1a8f18 commit 83698b2
Show file tree
Hide file tree
Showing 7 changed files with 395 additions and 84 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/master-preview.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
python-version: "3.10"

- name: Install DFX
run: sh -ci "$(curl -fsSL https://internetcomputer.org/install.sh)"
uses: dfinity/setup-dfx@main

- name: "Build & Deploy"
run: |
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/preview-deployment.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ jobs:
python-version: "3.10"

- name: Install DFX
run: sh -ci "$(curl -fsSL https://internetcomputer.org/install.sh)"
uses: dfinity/setup-dfx@main

- name: "Build & Deploy"
run: |
Expand Down
23 changes: 23 additions & 0 deletions spec/_attachments/ic.did
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,8 @@ type change = record {
details : change_details;
};

type chunk_hash = blob;

type http_header = record { name: text; value: text };

type http_response = record {
Expand Down Expand Up @@ -121,6 +123,12 @@ service ic : {
settings : canister_settings;
sender_canister_version : opt nat64;
}) -> ();
upload_chunk : (record {
canister_id : principal;
chunk : blob;
}) -> (chunk_hash);
clear_chunk_store: (record {canister_id : canister_id}) -> ();
stored_chunks: (record {canister_id : canister_id}) -> (vec chunk_hash);
install_code : (record {
mode : variant {
install;
Expand All @@ -134,6 +142,21 @@ service ic : {
arg : blob;
sender_canister_version : opt nat64;
}) -> ();
install_chunked_code: (record {
mode : variant {
install;
reinstall;
upgrade : opt record {
skip_pre_upgrade: opt bool;
};
};
target_canister: canister_id;
storage_canister: opt canister_id;
chunk_hashes_list: vec chunk_hash;
wasm_module_hash: blob;
arg : blob;
sender_canister_version : opt nat64;
}) -> ();
uninstall_code : (record {
canister_id : canister_id;
sender_canister_version : opt nat64;
Expand Down
11 changes: 10 additions & 1 deletion spec/_attachments/interface-spec-changelog.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,15 @@
## Changelog {#changelog}

### ∞ (unreleased)
### 0.22.0 (2023-11-15) {#0_22_0}
* Add metrics on subnet usage into the certified state tree and a new HTTP endpoint `/api/v2/subnet/<subnet_id>/read_state` for retrieving them.
* Add management canister methods to support installing large WebAssembly modules split into chunks.
* Add a system API method to determine if the canister is running in replicated or non-replicated mode.
* Add a system API method to burn cycles of the canister that calls this method.
* Add a check that a canister receiving an ingress message is Running before the ingress message is marked as Received.
* Increase the maximum number of globals in a canister's WASM.
* Add per-call context performance counter.
* Update the computation of the representation-independent hash for the case of maps with nested maps.
* Remove `senders` field from user delegations.

### 0.21.0 (2023-09-18) {#0_21_0}
* Canister cycle balance cannot decrease below the freezing limit after executing `install_code` on the management canister.
Expand Down
1 change: 0 additions & 1 deletion spec/_attachments/requests.cddl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,6 @@ signed-delegation = {
pubkey: bytes
expiration: timestamp
? targets: [* principal]
? senders: [* principal]
}
signature: bytes
}
Expand Down
16 changes: 9 additions & 7 deletions spec/http-gateway-protocol-spec.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -274,15 +274,19 @@ REQUEST-CERTIFICATION = 'RequestCertification{certified_request_headers:', STRIN
RESPONSE-CERTIFICATION = 'ResponseCertification{', ('response_header_exclusions:' | 'certified_response_headers:'), RESPONSE-HEADER-LIST, '}'
CERTIFICATION = 'Certification{', ('no_request_certification: Empty{}' | 'request_certification:', REQUEST-CERTIFICATION), ',response_certification:', RESPONSE-CERTIFICATION, '}'
CERTIFICATION = 'Certification{', ('no_request_certification:Empty{}' | 'request_certification:', REQUEST-CERTIFICATION), ',response_certification:', RESPONSE-CERTIFICATION, '}'
VALIDATION-ARGS = 'ValidationArgs{', ('no_certification: Empty{}' | 'certification:', CERTIFICATION), '}'
VALIDATION-ARGS = 'ValidationArgs{', ('no_certification:Empty{}' | 'certification:', CERTIFICATION), '}'
HEADER-VALUE = 'default_certification(', VALIDATION-ARGS, ')'
HEADER = 'IC-CertificateExpression: ', HEADER-VALUE
HEADER = 'IC-CertificateExpression:', HEADER-VALUE
```

:::note
Implementors should note that the EBNF specification does not allow for any whitespace within the header value. This is intentional and should be supported by all implementations. Optionally, support could also be added for whitespace agnosticism.
:::

### Request Hash Calculation

The request hash is calculated as follows:
Expand Down Expand Up @@ -375,18 +379,16 @@ The steps for response verification are as follows:

## Response Verification Version Assertion

Canisters can report the supported versions of response verification using (public) metadata sections available in the [system state tree](https://internetcomputer.org/docs/current/references/ic-interface-spec/#state-tree-canister-information). This metadata will be read by the HTTP Gateway using a [read_state request](https://internetcomputer.org/docs/current/references/ic-interface-spec/#http-read-state). The metadata section must be a (public) custom section with the name `supported_certificate_versions` and contain a comma-delimited string of versions, e.g., `1,2`. This is treated as an optional, additional layer of security for canisters supporting multiple versions. If the metadata has not been added (i.e., the `read_state` request *succeeds* and the lookup of the metadata section in the `read_state` response certificate returns `Absent`), then the HTTP Gateway will allow for whatever version the canister has responded with.

Canisters can report the supported versions of response verification using (public) metadata sections available in the [system state tree](https://internetcomputer.org/docs/current/references/ic-interface-spec/#state-tree-canister-information). This metadata will be read by the HTTP Gateway using a [read_state request](https://internetcomputer.org/docs/current/references/ic-interface-spec/#http-read-state). The metadata section must be a (public) custom section with the name `supported_certificate_versions` and contain a comma-delimited string of versions, e.g., `1,2`. This is treated as an optional, additional layer of security for canisters supporting multiple versions. If the metadata has not been added (i.e., the `read_state` request _succeeds_ and the lookup of the metadata section in the `read_state` response certificate returns `Absent`), then the HTTP Gateway will allow for whatever version the canister has responded with.

The request for the metadata will only be made by the HTTP Gateway if there is a downgrade. If the HTTP Gateway requests v2 and the canister responds with v2, then a request will not be made. If the HTTP Gateway requests v2 and the canister responds with v1, a request will be made. If a request is made, the HTTP Gateway will not accept any response from the canister that is below the max version supported by both the HTTP Gateway and the canister. This will guarantee that a canister supporting both v1 and v2 will always have v2 security when accessed by an HTTP Gateway that supports v2.

:::note

The HTTP Gateway can only allow for arbitrary certification version if the custom section `supported_certificate_versions` is *provably* not present, i.e., if the `read_state` response contains a valid certificate whose lookup of the corresponding path yields `Absent`. Otherwise, e.g., if the replica is overloaded or if the `read_state` is rejected because the custom section with the name `supported_certificate_versions` is private, the HTTP Gateway should also reject the canister's response.
The HTTP Gateway can only allow for arbitrary certification version if the custom section `supported_certificate_versions` is _provably_ not present, i.e., if the `read_state` response contains a valid certificate whose lookup of the corresponding path yields `Absent`. Otherwise, e.g., if the replica is overloaded or if the `read_state` is rejected because the custom section with the name `supported_certificate_versions` is private, the HTTP Gateway should also reject the canister's response.

:::


## Canister HTTP Interface

The full [Candid](https://github.com/dfinity/candid/blob/master/spec/Candid.md) interface that a canister is expected to implement is as follows:
Expand Down
Loading

0 comments on commit 83698b2

Please sign in to comment.