CP78:Runtime Upgrade 1024

:raised_hands: Good day, Community!

Uses component: CP3.1
Author(s): k/f
Contributor(s):@WilliamFreude, @mustermeiszer , @nuno , @cdamian , @luis
Proposal on Proposal Repository (Github): cps/cps/CP78.md at main Β· centrifuge/cps Β· GitHub
Date proposed: 2023-12-07

About this proposal

Upgrade Centrifuge Chain to Runtime Version 1024


Upgrade Priority:

  • Full Nodes: :exclamation: High :exclamation: - Please upgrade as soon as possible.
  • Collators: Medium - Please upgrade at your earliest convenience.

Upgrading before executing the corresponding runtime upgrade should not introduce block production issues.

Be aware that there are several breaking changes for node operators. It’s important to read the following section carefully due to these breaking changes!

Client: Breaking Changes

The upgrade to Polkadot v0.9.43 inherited a plurality of breaking changes, mainly affecting node operators.

CLI

See Polkadot v0.9.43 release:

This release removes the following CLI parameters:

–rpc-max-payload (replaced by --rpc-max-request-size and --rpc-max-response-size)
–ws-max-out-buffer-capacity
–ws-external (replaced by --rpc-external)
–unsafe-ws-external (replaced by --unsafe-rpc-external)
–ipc--path
–ws-port (replaced by --rpc-port)
–ws-max--connections (replaced by --rpc-max-connections)
–rpc-http (replaced by --rpc-addr)
–rpc-ws (replaced by --rpc-addr)

Relaychain folder renaming

Another inheritance from the Polkadot release is the forced default relaychain directory name. It was changede fro relaychain to polkadot.

For Centrifuge Chain docker clients, we have fixed the issue by renaming the directory via an entrypoint script. However, if you are running the client with another method, you need to do this manually to circumvent resyncing the entire relaychain.

Docker: Unix permissions

We optimized our docker image by decreasing the size by roughly 20% :rocket:

Moreover, the security was optimized. On the one side, vulnerabilities went from 10 High and 200 Medium to 0 High and 5 Medium. On the other side, the container is not run by root anymore. Instead, it is run by centrifuge user with user id 1000.

Unfortunately, the latter change is breaking for anyone using docker and assuming running as root by default. In this case, you either need to force the container to run as root or make sure all mounted directories have the right permissions for centrifuge user with id 1000. For Kubernetes, an init container can be added to modify permissions as root before the actual container starts:

spec:
  initContainers:
  - name: init-container
    image: busybox
    command: 
    - 'sh'
    - '-c'
    - |
      chown -R 1000:1000 /data
      chown -R 1000:1000 /config
    volumeMounts:
    - mountPath: /config
      name: config-volume
    - mountPath: /data
      name: storage-volume 

Docker: New name tag syntax

In the past, the docker tags could not be linked to official releases without checking the release notes. Moreover, release and dev tags could not be distinguished. We have introduced latest tag which pins the latest official release.

There are five types of docker tags:

  • Latest official version: latest tag
  • Releases mainnet build: ${TAG}-${SHA}-${YY-MM-DD} tag
    • Releases testnet build: test-${TAG}-${SHA}-${YY-MM-DD} tag
  • Push to main branch mainnet build: main-${SHA}-${YY-MM-DD} tag
    • Push to main branch testnet build: test-main-${SHA}-${YY-MM-DD} tag

Update: It appears that the release CI pipeline is not working as expected. This will be fixed by the next release.

Centrifuge 1024 - Release Notes Highlights

  • BREAKING: Upgrade to Polkadot v0.9.43 (#1577, #1622, #1626, #1640)
    • See below for details
  • Feat: Add transfer allowlist pallet for local (via balances) and xcm transfers (via xtokens) (#1621)
    • Allows setting a filter for transfer destinations
  • Feat: Debt transfer (#1615)
  • Feat: InvestmentPortfolio API (#1608)
  • Liquiditypools:
    • Add compute_at to UpdateTrancheTokenPrice (#1598)
    • Add restriction_set field to AddTranche message (#1610)
  • CI: Rewrite & Improvements (#1551, #1611, #1619, #1624, #1625, #1628, #1636)

Migrations

No migrations for this release.

Breaking Changes

The following changes are all inherited from upgrading from Polkadot v0.9.38 to Polkadot v0.9.43

  • The balances::transfer call will soonℒ️ be deprecated. It is replaces with balances::transfer_allow_death (paritytech/substrate#12951)
  • Switch from balance locks and reserves to balance freezes and holds (paritytech/substrate#12951)
  • Require existential deposit for all currencies except for tranche tokens (#1596, #1577)
    • The amount for each currency is taken from the existential_deposit field in the corresponding Asset Registry entry

An ExistentialDeposit of zero no longer works. If you need to allow any account to have a zero balance and retain associated account data, you must introduce a pallet which allows an unpermissioned frame_system::Pallet::<Runtime>::inc_providers(). (paritytech/substrate#12951)

WASM

Since the latest srtool does not produce a WASM report due to this issue, the following WASM information is provided by subwasm v0.16.1 which is internally used by srtool as well.

πŸ‹οΈ Runtime size:		1.754 MB (1,839,185 bytes)
πŸ—œ Compressed:			Yes, 78.34%
✨ Reserved meta:		OK - [6D, 65, 74, 61]
🎁 Metadata version:		V14
πŸ”₯ Core version:		centrifuge-1024 (centrifuge-1.tx2.au1)
πŸ—³οΈ system.setCode hash:		0xb84978e151aa721326b911992d7789d8a8f3b4c21c40185f86a3cb78b8fcd37f
πŸ—³οΈ authorizeUpgrade hash:	0xe6073dcc2eef6f734d2d5d946b1e1f456d8c1f449a63bc3dae9e540aea546c66
#️⃣ Blake2-256 hash:		0xe9ecfd39bfd01a658ba28344963c4206863e81119b361f497538a164c2ef5a97
πŸ“¦ IPFS:			https://www.ipfs.io/ipfs/QmZRejYou7do4JpJcMsYM5L2XodbcFx4tTsMsjquiswCbt

Docker Image: centrifugeio/centrifugechain:main-ccbc3a1-23-12-07

Full Changelog: v0.10.34…v0.10.35
Release Notes v0.10.35


Governance process for this proposal

  1. Council Motion + fast-track
  2. Referendum vote open for 32,400 blocks (~4.5 days)
  3. If the referendum passes: the enactment will be immediately after
1 Like

The proposal was uploaded on GitHub: https://github.com/centrifuge/cps/blob/main/cps/CP78.md

Pre-Image: 0xe1891b62b9355ba27577c1799e1ca638f13f8bf0ab5de530be21a5affeacceda

Good day!

Council Motion 77 has just been submitted to the Centrifuge Council.

Please vote on Council Motion 77 at your earliest convenience Councillors!

:ballot_box: Vote in the portal: Polkadot/Substrate Portal

:ballot_box: Vote on SubSquare: CP78: Runtime Upgrade 1024

@branan @thespaceacatjr @prankstr25 @cassidy @lucasvo @vedhavyas @mikiquantum

Thanks!

We need 2 votes more.

Please vote on Council Motion 77 at your earliest convenience Councillors!
@branan @thespaceacatjr @cassidy @lucasvo @vedhavyas @mikiquantum

Good day!

Council Motion 77 has passed and has now become Referendum 44 for all CFG token holders can vote on.

The referendum is open for 32,400 blocks (~4 1/2 days). The Upgrade will be enacted manually shortly after.

:ballot_box: Vote in the portal: Polkadot/Substrate Portal

:ballot_box: Vote on SubSquare: CP78: Runtime Upgrade 1024

Please vote!
Thank you.

Referendum 44 for CP78 has successfully passed at block #4,457,259.

image

Thank you for voting everyone!

1 Like