sui_config/
node.rs

1// Copyright (c) Mysten Labs, Inc.
2// SPDX-License-Identifier: Apache-2.0
3use crate::Config;
4use crate::certificate_deny_config::CertificateDenyConfig;
5use crate::genesis;
6use crate::object_storage_config::ObjectStoreConfig;
7use crate::p2p::P2pConfig;
8use crate::transaction_deny_config::TransactionDenyConfig;
9use crate::validator_client_monitor_config::ValidatorClientMonitorConfig;
10use crate::verifier_signing_config::VerifierSigningConfig;
11use anyhow::Result;
12use consensus_config::Parameters as ConsensusParameters;
13use mysten_common::fatal;
14use nonzero_ext::nonzero;
15use once_cell::sync::OnceCell;
16use rand::rngs::OsRng;
17use serde::{Deserialize, Serialize};
18use serde_with::serde_as;
19use std::collections::{BTreeMap, BTreeSet};
20use std::net::SocketAddr;
21use std::num::{NonZeroU32, NonZeroUsize};
22use std::path::{Path, PathBuf};
23use std::sync::Arc;
24use std::time::Duration;
25use sui_keys::keypair_file::{read_authority_keypair_from_file, read_keypair_from_file};
26use sui_types::base_types::{ObjectID, SuiAddress};
27use sui_types::committee::EpochId;
28use sui_types::crypto::AuthorityPublicKeyBytes;
29use sui_types::crypto::KeypairTraits;
30use sui_types::crypto::NetworkKeyPair;
31use sui_types::crypto::SuiKeyPair;
32use sui_types::messages_checkpoint::CheckpointSequenceNumber;
33use sui_types::node_role::{FullNodeSyncMode, NodeRole};
34use sui_types::supported_protocol_versions::{Chain, SupportedProtocolVersions};
35use sui_types::traffic_control::{PolicyConfig, RemoteFirewallConfig};
36
37use sui_types::crypto::{AccountKeyPair, AuthorityKeyPair, get_key_pair_from_rng};
38use sui_types::multiaddr::Multiaddr;
39use tracing::info;
40
41// Default max number of concurrent requests served
42pub const DEFAULT_GRPC_CONCURRENCY_LIMIT: usize = 20000000000;
43
44/// Default gas price of 100 Mist
45pub const DEFAULT_VALIDATOR_GAS_PRICE: u64 = sui_types::transaction::DEFAULT_VALIDATOR_GAS_PRICE;
46
47/// Default commission rate of 2%
48pub const DEFAULT_COMMISSION_RATE: u64 = 200;
49
50/// The type of funds withdraw scheduler to use.
51#[derive(Debug, Clone, Copy, Default, PartialEq, Eq)]
52pub enum FundsWithdrawSchedulerType {
53    Naive,
54    #[default]
55    Eager,
56}
57
58#[serde_as]
59#[derive(Clone, Debug, Deserialize, Serialize)]
60#[serde(rename_all = "kebab-case")]
61pub struct NodeConfig {
62    #[serde(default = "default_authority_key_pair")]
63    pub protocol_key_pair: AuthorityKeyPairWithPath,
64    #[serde(default = "default_key_pair")]
65    pub worker_key_pair: KeyPairWithPath,
66    #[serde(default = "default_key_pair")]
67    pub account_key_pair: KeyPairWithPath,
68    #[serde(default = "default_key_pair")]
69    pub network_key_pair: KeyPairWithPath,
70
71    pub db_path: PathBuf,
72    #[serde(default = "default_grpc_address")]
73    pub network_address: Multiaddr,
74    #[serde(default = "default_json_rpc_address")]
75    pub json_rpc_address: SocketAddr,
76
77    #[serde(skip_serializing_if = "Option::is_none")]
78    pub rpc: Option<crate::RpcConfig>,
79
80    #[serde(default = "default_metrics_address")]
81    pub metrics_address: SocketAddr,
82    #[serde(default = "default_admin_interface_port")]
83    pub admin_interface_port: u16,
84
85    #[serde(skip_serializing_if = "Option::is_none")]
86    pub consensus_config: Option<ConsensusConfig>,
87
88    /// The sync mode for full nodes.
89    /// When `None` is provided and this is a full node then the default is used which is `StateSyncOnly`.
90    /// For validator nodes this is expected to be `None`
91    #[serde(default, skip_serializing_if = "Option::is_none")]
92    pub fullnode_sync_mode: Option<FullNodeSyncMode>,
93
94    #[serde(default = "default_enable_index_processing")]
95    pub enable_index_processing: bool,
96
97    /// When true, post-processing (JSON-RPC indexing and event emission) runs
98    /// synchronously on the execution path instead of being spawned to a
99    /// background thread. This is the legacy behavior and can be used as a
100    /// rollback mechanism or for testing.
101    #[serde(default)]
102    pub sync_post_process_one_tx: bool,
103
104    #[serde(default, skip_serializing_if = "std::ops::Not::not")]
105    pub remove_deprecated_tables: bool,
106
107    #[serde(default)]
108    /// Determines the jsonrpc server type as either:
109    /// - 'websocket' for a websocket based service (deprecated)
110    /// - 'http' for an http based service
111    /// - 'both' for both a websocket and http based service (deprecated)
112    pub jsonrpc_server_type: Option<ServerType>,
113
114    /// When true, the JSON-RPC HTTP service is not started. This only stops the
115    /// node from serving JSON-RPC requests; it is independent of JSON-RPC
116    /// indexing (see `enable_index_processing`), which continues to run. This
117    /// lets a node keep indexing while no longer exposing the JSON-RPC service,
118    /// and it does not affect the gRPC/REST service served on the same address.
119    /// Defaults to false so the service stays enabled unless explicitly turned
120    /// off.
121    #[serde(default, skip_serializing_if = "std::ops::Not::not")]
122    pub disable_json_rpc: bool,
123
124    #[serde(default)]
125    pub grpc_load_shed: Option<bool>,
126
127    #[serde(default = "default_concurrency_limit")]
128    pub grpc_concurrency_limit: Option<usize>,
129
130    #[serde(default)]
131    pub p2p_config: P2pConfig,
132
133    pub genesis: Genesis,
134
135    #[serde(default = "default_authority_store_pruning_config")]
136    pub authority_store_pruning_config: AuthorityStorePruningConfig,
137
138    /// Size of the broadcast channel used for notifying other systems of end of epoch.
139    ///
140    /// If unspecified, this will default to `128`.
141    #[serde(default = "default_end_of_epoch_broadcast_channel_capacity")]
142    pub end_of_epoch_broadcast_channel_capacity: usize,
143
144    #[serde(default)]
145    pub checkpoint_executor_config: CheckpointExecutorConfig,
146
147    #[serde(skip_serializing_if = "Option::is_none")]
148    pub metrics: Option<MetricsConfig>,
149
150    /// In a `sui-node` binary, this is set to SupportedProtocolVersions::SYSTEM_DEFAULT
151    /// in sui-node/src/main.rs. It is present in the config so that it can be changed by tests in
152    /// order to test protocol upgrades.
153    #[serde(skip)]
154    pub supported_protocol_versions: Option<SupportedProtocolVersions>,
155
156    #[serde(default)]
157    pub db_checkpoint_config: DBCheckpointConfig,
158
159    #[serde(default)]
160    pub expensive_safety_check_config: ExpensiveSafetyCheckConfig,
161
162    #[serde(skip_serializing_if = "Option::is_none")]
163    pub name_service_package_address: Option<SuiAddress>,
164
165    #[serde(skip_serializing_if = "Option::is_none")]
166    pub name_service_registry_id: Option<ObjectID>,
167
168    #[serde(skip_serializing_if = "Option::is_none")]
169    pub name_service_reverse_registry_id: Option<ObjectID>,
170
171    #[serde(default)]
172    pub transaction_deny_config: TransactionDenyConfig,
173
174    /// Whether dev-inspect transaction execution is disabled on this node.
175    #[serde(default)]
176    pub dev_inspect_disabled: bool,
177
178    #[serde(default)]
179    pub certificate_deny_config: CertificateDenyConfig,
180
181    #[serde(default)]
182    pub state_debug_dump_config: StateDebugDumpConfig,
183
184    #[serde(default)]
185    pub state_archive_read_config: Vec<StateArchiveConfig>,
186
187    #[serde(default)]
188    pub state_snapshot_write_config: StateSnapshotConfig,
189
190    #[serde(default)]
191    pub indexer_max_subscriptions: Option<usize>,
192
193    #[serde(default = "default_transaction_kv_store_config")]
194    pub transaction_kv_store_read_config: TransactionKeyValueStoreReadConfig,
195
196    #[serde(skip_serializing_if = "Option::is_none")]
197    pub transaction_kv_store_write_config: Option<TransactionKeyValueStoreWriteConfig>,
198
199    #[serde(default = "default_jwk_fetch_interval_seconds")]
200    pub jwk_fetch_interval_seconds: u64,
201
202    #[serde(default = "default_zklogin_oauth_providers")]
203    pub zklogin_oauth_providers: BTreeMap<Chain, BTreeSet<String>>,
204
205    #[serde(default = "default_authority_overload_config")]
206    pub authority_overload_config: AuthorityOverloadConfig,
207
208    #[serde(skip_serializing_if = "Option::is_none")]
209    pub run_with_range: Option<RunWithRange>,
210
211    // For killswitch use None
212    #[serde(
213        skip_serializing_if = "Option::is_none",
214        default = "default_traffic_controller_policy_config"
215    )]
216    pub policy_config: Option<PolicyConfig>,
217
218    #[serde(skip_serializing_if = "Option::is_none")]
219    pub firewall_config: Option<RemoteFirewallConfig>,
220
221    #[serde(default)]
222    pub execution_cache: ExecutionCacheConfig,
223
224    // step 1 in removing the old state accumulator
225    #[serde(skip)]
226    #[serde(default = "bool_true")]
227    pub state_accumulator_v2: bool,
228
229    /// The type of funds withdraw scheduler to use.
230    /// Default is Eager. Not exposed to file configuration.
231    #[serde(skip)]
232    #[serde(default)]
233    pub funds_withdraw_scheduler_type: FundsWithdrawSchedulerType,
234
235    #[serde(default = "bool_true")]
236    pub enable_soft_bundle: bool,
237
238    #[serde(default)]
239    pub verifier_signing_config: VerifierSigningConfig,
240
241    /// If a value is set, it determines if writes to DB can stall, which can halt the whole process.
242    /// By default, write stall is enabled on validators but not on fullnodes.
243    #[serde(skip_serializing_if = "Option::is_none")]
244    pub enable_db_write_stall: Option<bool>,
245
246    /// If set, determines whether database writes are synced to disk (fsync).
247    /// Provides stronger durability at the cost of write performance.
248    /// Falls back to SUI_DB_SYNC_TO_DISK env var if not set. Default: disabled.
249    #[serde(skip_serializing_if = "Option::is_none")]
250    pub enable_db_sync_to_disk: Option<bool>,
251
252    #[serde(skip_serializing_if = "Option::is_none")]
253    pub execution_time_observer_config: Option<ExecutionTimeObserverConfig>,
254
255    /// Window (ms) during which a given transaction is allowed into consensus at most once, to
256    /// suppress duplicate resubmissions. Defaults to 1000ms.
257    #[serde(default, skip_serializing_if = "Option::is_none")]
258    pub recent_submission_dedup_window_ms: Option<u64>,
259
260    /// Allow overriding the chain for testing purposes. For instance, it allows you to
261    /// create a test network that believes it is mainnet or testnet. Attempting to
262    /// override this value on production networks will result in an error.
263    #[serde(skip_serializing_if = "Option::is_none")]
264    pub chain_override_for_testing: Option<Chain>,
265
266    /// Configuration for validator client monitoring from the client perspective.
267    /// When enabled, tracks client-observed performance metrics for validators.
268    #[serde(skip_serializing_if = "Option::is_none")]
269    pub validator_client_monitor_config: Option<ValidatorClientMonitorConfig>,
270
271    /// Fork recovery configuration for handling validator equivocation after forks
272    #[serde(skip_serializing_if = "Option::is_none")]
273    pub fork_recovery: Option<ForkRecoveryConfig>,
274
275    /// Configuration for the transaction driver.
276    #[serde(skip_serializing_if = "Option::is_none")]
277    pub transaction_driver_config: Option<TransactionDriverConfig>,
278
279    /// Configuration for congestion tracker binary logging.
280    /// When set, enables per-commit binary logs of congestion tracker state.
281    #[serde(skip_serializing_if = "Option::is_none")]
282    pub congestion_log: Option<CongestionLogConfig>,
283}
284
285#[derive(Clone, Debug, Deserialize, Serialize)]
286#[serde(rename_all = "kebab-case")]
287pub struct TransactionDriverConfig {
288    /// The list of validators that are allowed to submit MFP transactions to (via the transaction driver).
289    /// Each entry is a validator display name.
290    #[serde(default, skip_serializing_if = "Vec::is_empty")]
291    pub allowed_submission_validators: Vec<String>,
292
293    /// The list of validators that are blocked from submitting block transactions to (via the transaction driver).
294    /// Each entry is a validator display name.
295    #[serde(default, skip_serializing_if = "Vec::is_empty")]
296    pub blocked_submission_validators: Vec<String>,
297
298    /// Enable early transaction validation before submission to consensus.
299    /// This checks for non-retriable errors (like old object versions) and rejects
300    /// transactions early to provide fast feedback to clients.
301    /// Note: Currently used in TransactionOrchestrator, but may be moved to TransactionDriver in future.
302    #[serde(default = "bool_true")]
303    pub enable_early_validation: bool,
304}
305
306impl Default for TransactionDriverConfig {
307    fn default() -> Self {
308        Self {
309            allowed_submission_validators: vec![],
310            blocked_submission_validators: vec![],
311            enable_early_validation: true,
312        }
313    }
314}
315
316#[derive(Clone, Debug, Deserialize, Serialize)]
317#[serde(rename_all = "kebab-case")]
318pub struct CongestionLogConfig {
319    pub path: PathBuf,
320    #[serde(default = "default_congestion_log_max_file_size")]
321    pub max_file_size: u64,
322    #[serde(default = "default_congestion_log_max_files")]
323    pub max_files: u32,
324}
325
326fn default_congestion_log_max_file_size() -> u64 {
327    100 * 1024 * 1024 // 100MB
328}
329
330fn default_congestion_log_max_files() -> u32 {
331    10
332}
333
334#[derive(Debug, Clone, Copy, Default, Deserialize, Serialize, PartialEq, Eq)]
335#[serde(rename_all = "kebab-case")]
336pub enum ForkCrashBehavior {
337    #[serde(rename = "await-fork-recovery")]
338    #[default]
339    AwaitForkRecovery,
340    /// Return an error instead of blocking forever. This is primarily for testing.
341    #[serde(rename = "return-error")]
342    ReturnError,
343}
344
345#[derive(Clone, Debug, Default, Deserialize, Serialize)]
346#[serde(rename_all = "kebab-case")]
347pub struct ForkRecoveryConfig {
348    /// Map of transaction digest to effects digest overrides
349    /// Used to repoint transactions to correct effects after a fork
350    #[serde(default)]
351    pub transaction_overrides: BTreeMap<String, String>,
352
353    /// Map of checkpoint sequence number to checkpoint digest overrides
354    /// On node start, if we have a locally computed checkpoint with a
355    /// digest mismatch with this table, we will clear any associated local state.
356    #[serde(default)]
357    pub checkpoint_overrides: BTreeMap<u64, String>,
358
359    /// Behavior when a fork is detected after recovery attempts
360    #[serde(default)]
361    pub fork_crash_behavior: ForkCrashBehavior,
362}
363
364#[derive(Clone, Debug, Default, Deserialize, Serialize)]
365#[serde(rename_all = "kebab-case")]
366pub struct ExecutionTimeObserverConfig {
367    /// Size of the channel used for buffering local execution time observations.
368    ///
369    /// If unspecified, this will default to `1_024`.
370    pub observation_channel_capacity: Option<NonZeroUsize>,
371
372    /// Size of the LRU cache used for storing local execution time observations.
373    ///
374    /// If unspecified, this will default to `10_000`.
375    pub observation_cache_size: Option<NonZeroUsize>,
376
377    /// Size of the channel used for buffering object debt updates from consensus handler.
378    ///
379    /// If unspecified, this will default to `128`.
380    pub object_debt_channel_capacity: Option<NonZeroUsize>,
381
382    /// Size of the LRU cache used for tracking object utilization.
383    ///
384    /// If unspecified, this will default to `50_000`.
385    pub object_utilization_cache_size: Option<NonZeroUsize>,
386
387    /// If true, the execution time observer will report per-object utilization metrics
388    /// with full object IDs. When set, the metric can have a high cardinality, so this
389    /// should not be used except in controlled tests where there are a small number of
390    /// objects.
391    ///
392    /// If false, object utilization is reported using hash(object_id) % 32 as the key,
393    /// which still allows observation of utilization when there are small numbers of
394    /// over-utilized objects.
395    ///
396    /// If unspecified, this will default to `false`.
397    pub report_object_utilization_metric_with_full_id: Option<bool>,
398
399    /// Unless target object utilization is exceeded by at least this amount, no observation
400    /// will be shared with consensus.
401    ///
402    /// If unspecified, this will default to `500` milliseconds.
403    pub observation_sharing_object_utilization_threshold: Option<Duration>,
404
405    /// Unless the current local observation differs from the last one we shared by at least this
406    /// percentage, no observation will be shared with consensus.
407    ///
408    /// If unspecified, this will default to `0.1`.
409    pub observation_sharing_diff_threshold: Option<f64>,
410
411    /// Minimum interval between sharing multiple observations of the same key.
412    ///
413    /// If unspecified, this will default to `5` seconds.
414    pub observation_sharing_min_interval: Option<Duration>,
415
416    /// Global per-second rate limit for sharing observations. This is a safety valve and
417    /// should not trigger during normal operation.
418    ///
419    /// If unspecified, this will default to `10` observations per second.
420    pub observation_sharing_rate_limit: Option<NonZeroU32>,
421
422    /// Global burst limit for sharing observations.
423    ///
424    /// If unspecified, this will default to `100` observations.
425    pub observation_sharing_burst_limit: Option<NonZeroU32>,
426
427    /// Whether to use gas price weighting in execution time estimates.
428    /// When enabled, samples with higher gas prices have more influence on the
429    /// execution time estimates, providing protection against volume-based
430    /// manipulation attacks.
431    ///
432    /// If unspecified, this will default to `false`.
433    pub enable_gas_price_weighting: Option<bool>,
434
435    /// Size of the weighted moving average window for execution time observations.
436    /// This determines how many recent observations are kept in the weighted moving average
437    /// calculation for each execution time observation key.
438    /// Note that this is independent of the window size for the simple moving average.
439    ///
440    /// If unspecified, this will default to `20`.
441    pub weighted_moving_average_window_size: Option<usize>,
442
443    /// Whether to inject synthetic execution time for testing in simtest.
444    /// When enabled, synthetic timings will be generated for execution time observations
445    /// to enable deterministic testing of congestion control features.
446    ///
447    /// If unspecified, this will default to `false`.
448    #[cfg(msim)]
449    pub inject_synthetic_execution_time: Option<bool>,
450}
451
452impl ExecutionTimeObserverConfig {
453    pub fn observation_channel_capacity(&self) -> NonZeroUsize {
454        self.observation_channel_capacity
455            .unwrap_or(nonzero!(1_024usize))
456    }
457
458    pub fn observation_cache_size(&self) -> NonZeroUsize {
459        self.observation_cache_size.unwrap_or(nonzero!(10_000usize))
460    }
461
462    pub fn object_debt_channel_capacity(&self) -> NonZeroUsize {
463        self.object_debt_channel_capacity
464            .unwrap_or(nonzero!(128usize))
465    }
466
467    pub fn object_utilization_cache_size(&self) -> NonZeroUsize {
468        self.object_utilization_cache_size
469            .unwrap_or(nonzero!(50_000usize))
470    }
471
472    pub fn report_object_utilization_metric_with_full_id(&self) -> bool {
473        self.report_object_utilization_metric_with_full_id
474            .unwrap_or(false)
475    }
476
477    pub fn observation_sharing_object_utilization_threshold(&self) -> Duration {
478        self.observation_sharing_object_utilization_threshold
479            .unwrap_or(Duration::from_millis(500))
480    }
481
482    pub fn observation_sharing_diff_threshold(&self) -> f64 {
483        self.observation_sharing_diff_threshold.unwrap_or(0.1)
484    }
485
486    pub fn observation_sharing_min_interval(&self) -> Duration {
487        self.observation_sharing_min_interval
488            .unwrap_or(Duration::from_secs(5))
489    }
490
491    pub fn observation_sharing_rate_limit(&self) -> NonZeroU32 {
492        self.observation_sharing_rate_limit
493            .unwrap_or(nonzero!(10u32))
494    }
495
496    pub fn observation_sharing_burst_limit(&self) -> NonZeroU32 {
497        self.observation_sharing_burst_limit
498            .unwrap_or(nonzero!(100u32))
499    }
500
501    pub fn enable_gas_price_weighting(&self) -> bool {
502        self.enable_gas_price_weighting.unwrap_or(false)
503    }
504
505    pub fn weighted_moving_average_window_size(&self) -> usize {
506        self.weighted_moving_average_window_size.unwrap_or(20)
507    }
508
509    #[cfg(msim)]
510    pub fn inject_synthetic_execution_time(&self) -> bool {
511        self.inject_synthetic_execution_time.unwrap_or(false)
512    }
513}
514
515#[allow(clippy::large_enum_variant)]
516#[derive(Clone, Debug, Deserialize, Serialize)]
517#[serde(rename_all = "kebab-case")]
518pub enum ExecutionCacheConfig {
519    PassthroughCache,
520    WritebackCache {
521        /// Maximum number of entries in each cache. (There are several different caches).
522        /// If None, the default of 10000 is used.
523        max_cache_size: Option<u64>,
524
525        package_cache_size: Option<u64>, // defaults to 1000
526
527        object_cache_size: Option<u64>, // defaults to max_cache_size
528        marker_cache_size: Option<u64>, // defaults to object_cache_size
529        object_by_id_cache_size: Option<u64>, // defaults to object_cache_size
530
531        transaction_cache_size: Option<u64>, // defaults to max_cache_size
532        executed_effect_cache_size: Option<u64>, // defaults to transaction_cache_size
533        effect_cache_size: Option<u64>,      // defaults to executed_effect_cache_size
534
535        events_cache_size: Option<u64>, // defaults to transaction_cache_size
536
537        transaction_objects_cache_size: Option<u64>, // defaults to 1000
538
539        /// Number of uncommitted transactions at which to pause consensus handler.
540        backpressure_threshold: Option<u64>,
541
542        /// Number of uncommitted transactions at which to refuse new transaction
543        /// submissions. Defaults to backpressure_threshold if unset.
544        backpressure_threshold_for_rpc: Option<u64>,
545    },
546}
547
548impl Default for ExecutionCacheConfig {
549    fn default() -> Self {
550        ExecutionCacheConfig::WritebackCache {
551            max_cache_size: None,
552            backpressure_threshold: None,
553            backpressure_threshold_for_rpc: None,
554            package_cache_size: None,
555            object_cache_size: None,
556            marker_cache_size: None,
557            object_by_id_cache_size: None,
558            transaction_cache_size: None,
559            executed_effect_cache_size: None,
560            effect_cache_size: None,
561            events_cache_size: None,
562            transaction_objects_cache_size: None,
563        }
564    }
565}
566
567impl ExecutionCacheConfig {
568    pub fn max_cache_size(&self) -> u64 {
569        std::env::var("SUI_MAX_CACHE_SIZE")
570            .ok()
571            .and_then(|s| s.parse().ok())
572            .unwrap_or_else(|| match self {
573                ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
574                ExecutionCacheConfig::WritebackCache { max_cache_size, .. } => {
575                    max_cache_size.unwrap_or(100000)
576                }
577            })
578    }
579
580    pub fn package_cache_size(&self) -> u64 {
581        std::env::var("SUI_PACKAGE_CACHE_SIZE")
582            .ok()
583            .and_then(|s| s.parse().ok())
584            .unwrap_or_else(|| match self {
585                ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
586                ExecutionCacheConfig::WritebackCache {
587                    package_cache_size, ..
588                } => package_cache_size.unwrap_or(1000),
589            })
590    }
591
592    pub fn object_cache_size(&self) -> u64 {
593        std::env::var("SUI_OBJECT_CACHE_SIZE")
594            .ok()
595            .and_then(|s| s.parse().ok())
596            .unwrap_or_else(|| match self {
597                ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
598                ExecutionCacheConfig::WritebackCache {
599                    object_cache_size, ..
600                } => object_cache_size.unwrap_or(self.max_cache_size()),
601            })
602    }
603
604    pub fn marker_cache_size(&self) -> u64 {
605        std::env::var("SUI_MARKER_CACHE_SIZE")
606            .ok()
607            .and_then(|s| s.parse().ok())
608            .unwrap_or_else(|| match self {
609                ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
610                ExecutionCacheConfig::WritebackCache {
611                    marker_cache_size, ..
612                } => marker_cache_size.unwrap_or(self.object_cache_size()),
613            })
614    }
615
616    pub fn object_by_id_cache_size(&self) -> u64 {
617        std::env::var("SUI_OBJECT_BY_ID_CACHE_SIZE")
618            .ok()
619            .and_then(|s| s.parse().ok())
620            .unwrap_or_else(|| match self {
621                ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
622                ExecutionCacheConfig::WritebackCache {
623                    object_by_id_cache_size,
624                    ..
625                } => object_by_id_cache_size.unwrap_or(self.object_cache_size()),
626            })
627    }
628
629    pub fn transaction_cache_size(&self) -> u64 {
630        std::env::var("SUI_TRANSACTION_CACHE_SIZE")
631            .ok()
632            .and_then(|s| s.parse().ok())
633            .unwrap_or_else(|| match self {
634                ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
635                ExecutionCacheConfig::WritebackCache {
636                    transaction_cache_size,
637                    ..
638                } => transaction_cache_size.unwrap_or(self.max_cache_size()),
639            })
640    }
641
642    pub fn executed_effect_cache_size(&self) -> u64 {
643        std::env::var("SUI_EXECUTED_EFFECT_CACHE_SIZE")
644            .ok()
645            .and_then(|s| s.parse().ok())
646            .unwrap_or_else(|| match self {
647                ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
648                ExecutionCacheConfig::WritebackCache {
649                    executed_effect_cache_size,
650                    ..
651                } => executed_effect_cache_size.unwrap_or(self.transaction_cache_size()),
652            })
653    }
654
655    pub fn effect_cache_size(&self) -> u64 {
656        std::env::var("SUI_EFFECT_CACHE_SIZE")
657            .ok()
658            .and_then(|s| s.parse().ok())
659            .unwrap_or_else(|| match self {
660                ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
661                ExecutionCacheConfig::WritebackCache {
662                    effect_cache_size, ..
663                } => effect_cache_size.unwrap_or(self.executed_effect_cache_size()),
664            })
665    }
666
667    pub fn events_cache_size(&self) -> u64 {
668        std::env::var("SUI_EVENTS_CACHE_SIZE")
669            .ok()
670            .and_then(|s| s.parse().ok())
671            .unwrap_or_else(|| match self {
672                ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
673                ExecutionCacheConfig::WritebackCache {
674                    events_cache_size, ..
675                } => events_cache_size.unwrap_or(self.transaction_cache_size()),
676            })
677    }
678
679    pub fn transaction_objects_cache_size(&self) -> u64 {
680        std::env::var("SUI_TRANSACTION_OBJECTS_CACHE_SIZE")
681            .ok()
682            .and_then(|s| s.parse().ok())
683            .unwrap_or_else(|| match self {
684                ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
685                ExecutionCacheConfig::WritebackCache {
686                    transaction_objects_cache_size,
687                    ..
688                } => transaction_objects_cache_size.unwrap_or(1000),
689            })
690    }
691
692    pub fn backpressure_threshold(&self) -> u64 {
693        std::env::var("SUI_BACKPRESSURE_THRESHOLD")
694            .ok()
695            .and_then(|s| s.parse().ok())
696            .unwrap_or_else(|| match self {
697                ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
698                ExecutionCacheConfig::WritebackCache {
699                    backpressure_threshold,
700                    ..
701                } => backpressure_threshold.unwrap_or(100_000),
702            })
703    }
704
705    pub fn backpressure_threshold_for_rpc(&self) -> u64 {
706        std::env::var("SUI_BACKPRESSURE_THRESHOLD_FOR_RPC")
707            .ok()
708            .and_then(|s| s.parse().ok())
709            .unwrap_or_else(|| match self {
710                ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
711                ExecutionCacheConfig::WritebackCache {
712                    backpressure_threshold_for_rpc,
713                    ..
714                } => backpressure_threshold_for_rpc.unwrap_or(self.backpressure_threshold()),
715            })
716    }
717}
718
719#[derive(Clone, Copy, Debug, Deserialize, Serialize)]
720#[serde(rename_all = "lowercase")]
721pub enum ServerType {
722    WebSocket,
723    Http,
724    Both,
725}
726
727#[derive(Clone, Debug, Deserialize, Serialize)]
728#[serde(rename_all = "kebab-case")]
729pub struct TransactionKeyValueStoreReadConfig {
730    #[serde(default = "default_base_url")]
731    pub base_url: String,
732
733    #[serde(default = "default_cache_size")]
734    pub cache_size: u64,
735}
736
737impl Default for TransactionKeyValueStoreReadConfig {
738    fn default() -> Self {
739        Self {
740            base_url: default_base_url(),
741            cache_size: default_cache_size(),
742        }
743    }
744}
745
746fn default_base_url() -> String {
747    "https://transactions.sui.io/".to_string()
748}
749
750fn default_cache_size() -> u64 {
751    100_000
752}
753
754fn default_jwk_fetch_interval_seconds() -> u64 {
755    3600
756}
757
758pub fn default_zklogin_oauth_providers() -> BTreeMap<Chain, BTreeSet<String>> {
759    let mut map = BTreeMap::new();
760
761    // providers that are available on devnet only.
762    let experimental_providers = BTreeSet::from([
763        "Google".to_string(),
764        "Facebook".to_string(),
765        "Twitch".to_string(),
766        "Kakao".to_string(),
767        "Apple".to_string(),
768        "Slack".to_string(),
769        "TestIssuer".to_string(),
770        "Microsoft".to_string(),
771        "KarrierOne".to_string(),
772        "Credenza3".to_string(),
773        "Playtron".to_string(),
774        "Threedos".to_string(),
775        "Onefc".to_string(),
776        "FanTV".to_string(),
777        "Arden".to_string(), // Arden partner
778        "AwsTenant-region:eu-west-3-tenant_id:eu-west-3_gGVCx53Es".to_string(), // Trace, external partner
779        "EveFrontier".to_string(),
780        "TestEveFrontier".to_string(),
781        "AwsTenant-region:ap-southeast-1-tenant_id:ap-southeast-1_2QQPyQXDz".to_string(), // Decot, external partner
782        "AwsTenant-region:eu-north-1-tenant_id:eu-north-1_Bpct2JyBg".to_string(), // test Gamma Prime, external partner
783        "AwsTenant-region:eu-north-1-tenant_id:eu-north-1_4HdQTpt3E".to_string(), // Gamma Prime, external partner
784    ]);
785
786    // providers that are available for mainnet and testnet.
787    let providers = BTreeSet::from([
788        "Google".to_string(),
789        "Facebook".to_string(),
790        "Twitch".to_string(),
791        "Apple".to_string(),
792        "KarrierOne".to_string(),
793        "Credenza3".to_string(),
794        "Playtron".to_string(),
795        "Onefc".to_string(),
796        "Threedos".to_string(),
797        "AwsTenant-region:eu-west-3-tenant_id:eu-west-3_gGVCx53Es".to_string(), // Trace, external partner
798        "Arden".to_string(),
799        "FanTV".to_string(),
800        "EveFrontier".to_string(),
801        "TestEveFrontier".to_string(),
802        "AwsTenant-region:ap-southeast-1-tenant_id:ap-southeast-1_2QQPyQXDz".to_string(), // Decot, external partner
803        "AwsTenant-region:eu-north-1-tenant_id:eu-north-1_Bpct2JyBg".to_string(), // test Gamma Prime, external partner
804        "AwsTenant-region:eu-north-1-tenant_id:eu-north-1_4HdQTpt3E".to_string(), // Gamma Prime, external partner
805    ]);
806    map.insert(Chain::Mainnet, providers.clone());
807    map.insert(Chain::Testnet, providers);
808    map.insert(Chain::Unknown, experimental_providers);
809    map
810}
811
812fn default_transaction_kv_store_config() -> TransactionKeyValueStoreReadConfig {
813    TransactionKeyValueStoreReadConfig::default()
814}
815
816fn default_authority_store_pruning_config() -> AuthorityStorePruningConfig {
817    AuthorityStorePruningConfig::default()
818}
819
820pub fn default_enable_index_processing() -> bool {
821    true
822}
823
824fn default_grpc_address() -> Multiaddr {
825    "/ip4/0.0.0.0/tcp/8080".parse().unwrap()
826}
827fn default_authority_key_pair() -> AuthorityKeyPairWithPath {
828    AuthorityKeyPairWithPath::new(get_key_pair_from_rng::<AuthorityKeyPair, _>(&mut OsRng).1)
829}
830
831fn default_key_pair() -> KeyPairWithPath {
832    KeyPairWithPath::new(
833        get_key_pair_from_rng::<AccountKeyPair, _>(&mut OsRng)
834            .1
835            .into(),
836    )
837}
838
839fn default_metrics_address() -> SocketAddr {
840    use std::net::{IpAddr, Ipv4Addr};
841    SocketAddr::new(IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)), 9184)
842}
843
844pub fn default_admin_interface_port() -> u16 {
845    1337
846}
847
848pub fn default_json_rpc_address() -> SocketAddr {
849    use std::net::{IpAddr, Ipv4Addr};
850    SocketAddr::new(IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)), 9000)
851}
852
853pub fn default_concurrency_limit() -> Option<usize> {
854    Some(DEFAULT_GRPC_CONCURRENCY_LIMIT)
855}
856
857pub fn default_end_of_epoch_broadcast_channel_capacity() -> usize {
858    128
859}
860
861pub fn bool_true() -> bool {
862    true
863}
864
865fn is_true(value: &bool) -> bool {
866    *value
867}
868
869impl Config for NodeConfig {}
870
871impl NodeConfig {
872    pub fn protocol_key_pair(&self) -> &AuthorityKeyPair {
873        self.protocol_key_pair.authority_keypair()
874    }
875
876    /// Window during which a given transaction is allowed into consensus at most once, used to
877    /// suppress duplicate resubmissions at the submission handler.
878    pub fn recent_submission_dedup_window(&self) -> Duration {
879        Duration::from_millis(self.recent_submission_dedup_window_ms.unwrap_or(1000))
880    }
881
882    pub fn worker_key_pair(&self) -> &NetworkKeyPair {
883        match self.worker_key_pair.keypair() {
884            SuiKeyPair::Ed25519(kp) => kp,
885            other => panic!(
886                "Invalid keypair type: {:?}, only Ed25519 is allowed for worker key",
887                other
888            ),
889        }
890    }
891
892    pub fn network_key_pair(&self) -> &NetworkKeyPair {
893        match self.network_key_pair.keypair() {
894            SuiKeyPair::Ed25519(kp) => kp,
895            other => panic!(
896                "Invalid keypair type: {:?}, only Ed25519 is allowed for network key",
897                other
898            ),
899        }
900    }
901
902    pub fn protocol_public_key(&self) -> AuthorityPublicKeyBytes {
903        self.protocol_key_pair().public().into()
904    }
905
906    pub fn db_path(&self) -> PathBuf {
907        self.db_path.join("live")
908    }
909
910    pub fn db_checkpoint_path(&self) -> PathBuf {
911        self.db_path.join("db_checkpoints")
912    }
913
914    pub fn db_store_path(&self) -> PathBuf {
915        self.db_path().join("store")
916    }
917
918    pub fn archive_path(&self) -> PathBuf {
919        self.db_path.join("archive")
920    }
921
922    pub fn snapshot_path(&self) -> PathBuf {
923        self.db_path.join("snapshot")
924    }
925
926    pub fn network_address(&self) -> &Multiaddr {
927        &self.network_address
928    }
929
930    pub fn consensus_config(&self) -> Option<&ConsensusConfig> {
931        self.consensus_config.as_ref()
932    }
933
934    /// Returns the node role as declared by configuration. This is the
935    /// *intended* role used for one-time startup decisions (e.g. whether to
936    /// create RPC servers or index stores). The authoritative per-epoch role
937    /// lives on `AuthorityPerEpochStore::node_role()`.
938    pub fn intended_node_role(&self) -> NodeRole {
939        let has_consensus_config = self.consensus_config.is_some();
940
941        match (self.fullnode_sync_mode, has_consensus_config) {
942            (Some(FullNodeSyncMode::ConsensusObserver), _) => {
943                assert!(
944                    self.has_observer_config_peers(),
945                    "Observer peers must be configured when sync mode is ConsensusObserver"
946                );
947                NodeRole::FullNode(FullNodeSyncMode::ConsensusObserver)
948            }
949            (Some(FullNodeSyncMode::StateSyncOnly), true) => {
950                panic!("Consensus config should not be set for a StateSyncOnly full node");
951            }
952            (Some(FullNodeSyncMode::StateSyncOnly), false) => {
953                NodeRole::FullNode(FullNodeSyncMode::StateSyncOnly)
954            }
955            (None, false) => NodeRole::FullNode(FullNodeSyncMode::StateSyncOnly),
956            (None, true) => NodeRole::Validator,
957        }
958    }
959
960    pub fn has_observer_config_peers(&self) -> bool {
961        self.consensus_config
962            .as_ref()
963            .and_then(|c| c.parameters.as_ref())
964            .map(|p| !p.observer.peers.is_empty())
965            .unwrap_or(false)
966    }
967
968    pub fn genesis(&self) -> Result<&genesis::Genesis> {
969        self.genesis.genesis()
970    }
971
972    pub fn sui_address(&self) -> SuiAddress {
973        (&self.account_key_pair.keypair().public()).into()
974    }
975
976    pub fn archive_reader_config(&self) -> Option<ArchiveReaderConfig> {
977        self.state_archive_read_config
978            .first()
979            .map(|config| ArchiveReaderConfig {
980                ingestion_url: config.ingestion_url.clone(),
981                remote_store_options: config.remote_store_options.clone(),
982                remote_store_headers: config.remote_store_headers.clone(),
983                download_concurrency: NonZeroUsize::new(config.concurrency)
984                    .unwrap_or(NonZeroUsize::new(5).unwrap()),
985                remote_store_config: ObjectStoreConfig::default(),
986            })
987    }
988
989    pub fn jsonrpc_server_type(&self) -> ServerType {
990        self.jsonrpc_server_type.unwrap_or(ServerType::Http)
991    }
992
993    /// Whether the JSON-RPC HTTP service should be served. This gates only the
994    /// JSON-RPC endpoints; the gRPC/REST service and JSON-RPC indexing are
995    /// unaffected.
996    pub fn json_rpc_enabled(&self) -> bool {
997        !self.disable_json_rpc
998    }
999
1000    pub fn rpc(&self) -> Option<&crate::RpcConfig> {
1001        self.rpc.as_ref()
1002    }
1003}
1004
1005#[derive(Debug, Clone, Deserialize, Serialize)]
1006pub enum ConsensusProtocol {
1007    #[serde(rename = "narwhal")]
1008    Narwhal,
1009    #[serde(rename = "mysticeti")]
1010    Mysticeti,
1011}
1012
1013#[derive(Debug, Clone, Deserialize, Serialize)]
1014#[serde(rename_all = "kebab-case")]
1015pub struct ConsensusConfig {
1016    // Base consensus DB path for all epochs.
1017    pub db_path: PathBuf,
1018
1019    // The number of epochs for which to retain the consensus DBs. Setting it to 0 will make a consensus DB getting
1020    // dropped as soon as system is switched to a new epoch.
1021    pub db_retention_epochs: Option<u64>,
1022
1023    // Pruner will run on every epoch change but it will also check periodically on every `db_pruner_period_secs`
1024    // seconds to see if there are any epoch DBs to remove.
1025    pub db_pruner_period_secs: Option<u64>,
1026
1027    /// Maximum number of pending transactions to submit to consensus, including those
1028    /// in submission wait.
1029    /// Default to 20_000 inflight limit, assuming 20_000 txn tps * 1 sec consensus latency.
1030    pub max_pending_transactions: Option<usize>,
1031
1032    pub parameters: Option<ConsensusParameters>,
1033
1034    /// Override for the consensus network listen address.
1035    /// When set, Mysticeti binds to this address instead of deriving from the committee.
1036    /// Address override is advertised via the discovery protocol.
1037    #[serde(skip_serializing_if = "Option::is_none")]
1038    pub listen_address: Option<Multiaddr>,
1039
1040    /// External consensus address that should be advertised via the discovery protocol,
1041    /// if it is different from `listen_address` above.
1042    ///
1043    /// When neither this nor `listen_address` is set, peers use the on-chain committee address.
1044    #[serde(skip_serializing_if = "Option::is_none")]
1045    pub external_address: Option<Multiaddr>,
1046}
1047
1048impl ConsensusConfig {
1049    pub fn db_path(&self) -> &Path {
1050        &self.db_path
1051    }
1052
1053    pub fn max_pending_transactions(&self) -> usize {
1054        self.max_pending_transactions.unwrap_or(20_000)
1055    }
1056
1057    pub fn db_retention_epochs(&self) -> u64 {
1058        self.db_retention_epochs.unwrap_or(0)
1059    }
1060
1061    pub fn db_pruner_period(&self) -> Duration {
1062        // Default to 1 hour
1063        self.db_pruner_period_secs
1064            .map(Duration::from_secs)
1065            .unwrap_or(Duration::from_secs(3_600))
1066    }
1067}
1068
1069#[derive(Clone, Debug, Deserialize, Serialize)]
1070#[serde(rename_all = "kebab-case")]
1071pub struct CheckpointExecutorConfig {
1072    /// Upper bound on the number of checkpoints that can be concurrently executed
1073    ///
1074    /// If unspecified, this will default to `200`
1075    #[serde(default = "default_checkpoint_execution_max_concurrency")]
1076    pub checkpoint_execution_max_concurrency: usize,
1077
1078    /// Number of seconds to wait for effects of a batch of transactions
1079    /// before logging a warning. Note that we will continue to retry
1080    /// indefinitely
1081    ///
1082    /// If unspecified, this will default to `10`.
1083    #[serde(default = "default_local_execution_timeout_sec")]
1084    pub local_execution_timeout_sec: u64,
1085
1086    /// Optional directory used for data ingestion pipeline
1087    /// When specified, each executed checkpoint will be saved in a local directory for post processing
1088    #[serde(default, skip_serializing_if = "Option::is_none")]
1089    pub data_ingestion_dir: Option<PathBuf>,
1090}
1091
1092#[derive(Clone, Debug, Default, Deserialize, Serialize)]
1093#[serde(rename_all = "kebab-case")]
1094pub struct ExpensiveSafetyCheckConfig {
1095    /// If enabled, at epoch boundary, we will check that the storage
1096    /// fund balance is always identical to the sum of the storage
1097    /// rebate of all live objects, and that the total SUI in the network remains
1098    /// the same.
1099    #[serde(default)]
1100    enable_epoch_sui_conservation_check: bool,
1101
1102    /// If enabled, we will check that the total SUI in all input objects of a tx
1103    /// (both the Move part and the storage rebate) matches the total SUI in all
1104    /// output objects of the tx + gas fees
1105    #[serde(default)]
1106    enable_deep_per_tx_sui_conservation_check: bool,
1107
1108    /// Disable epoch SUI conservation check even when we are running in debug mode.
1109    #[serde(default)]
1110    force_disable_epoch_sui_conservation_check: bool,
1111
1112    /// If enabled, at epoch boundary, we will check that the accumulated
1113    /// live object state matches the end of epoch root state digest.
1114    #[serde(default)]
1115    enable_state_consistency_check: bool,
1116
1117    /// Disable state consistency check even when we are running in debug mode.
1118    #[serde(default)]
1119    force_disable_state_consistency_check: bool,
1120
1121    #[serde(default)]
1122    enable_secondary_index_checks: bool,
1123    // TODO: Add more expensive checks here
1124}
1125
1126impl ExpensiveSafetyCheckConfig {
1127    pub fn new_enable_all() -> Self {
1128        Self {
1129            enable_epoch_sui_conservation_check: true,
1130            enable_deep_per_tx_sui_conservation_check: true,
1131            force_disable_epoch_sui_conservation_check: false,
1132            enable_state_consistency_check: true,
1133            force_disable_state_consistency_check: false,
1134            enable_secondary_index_checks: false, // Disable by default for now
1135        }
1136    }
1137
1138    pub fn new_enable_all_with_secondary_index_checks() -> Self {
1139        Self {
1140            enable_secondary_index_checks: true,
1141            ..Self::new_enable_all()
1142        }
1143    }
1144
1145    pub fn new_disable_all() -> Self {
1146        Self {
1147            enable_epoch_sui_conservation_check: false,
1148            enable_deep_per_tx_sui_conservation_check: false,
1149            force_disable_epoch_sui_conservation_check: true,
1150            enable_state_consistency_check: false,
1151            force_disable_state_consistency_check: true,
1152            enable_secondary_index_checks: false,
1153        }
1154    }
1155
1156    pub fn force_disable_epoch_sui_conservation_check(&mut self) {
1157        self.force_disable_epoch_sui_conservation_check = true;
1158    }
1159
1160    pub fn enable_epoch_sui_conservation_check(&self) -> bool {
1161        (self.enable_epoch_sui_conservation_check || cfg!(debug_assertions))
1162            && !self.force_disable_epoch_sui_conservation_check
1163    }
1164
1165    pub fn force_disable_state_consistency_check(&mut self) {
1166        self.force_disable_state_consistency_check = true;
1167    }
1168
1169    pub fn enable_state_consistency_check(&self) -> bool {
1170        (self.enable_state_consistency_check || cfg!(debug_assertions))
1171            && !self.force_disable_state_consistency_check
1172    }
1173
1174    pub fn enable_deep_per_tx_sui_conservation_check(&self) -> bool {
1175        self.enable_deep_per_tx_sui_conservation_check || cfg!(debug_assertions)
1176    }
1177
1178    pub fn enable_secondary_index_checks(&self) -> bool {
1179        self.enable_secondary_index_checks
1180    }
1181}
1182
1183fn default_checkpoint_execution_max_concurrency() -> usize {
1184    4
1185}
1186
1187fn default_local_execution_timeout_sec() -> u64 {
1188    30
1189}
1190
1191impl Default for CheckpointExecutorConfig {
1192    fn default() -> Self {
1193        Self {
1194            checkpoint_execution_max_concurrency: default_checkpoint_execution_max_concurrency(),
1195            local_execution_timeout_sec: default_local_execution_timeout_sec(),
1196            data_ingestion_dir: None,
1197        }
1198    }
1199}
1200
1201#[derive(Debug, Clone, Deserialize, Serialize)]
1202#[serde(rename_all = "kebab-case")]
1203pub struct AuthorityStorePruningConfig {
1204    /// number of the latest epoch dbs to retain
1205    #[serde(default = "default_num_latest_epoch_dbs_to_retain")]
1206    pub num_latest_epoch_dbs_to_retain: usize,
1207    /// time interval used by the pruner to determine whether there are any epoch DBs to remove
1208    #[serde(default = "default_epoch_db_pruning_period_secs")]
1209    pub epoch_db_pruning_period_secs: u64,
1210    /// number of epochs to keep the latest version of objects for.
1211    /// Note that a zero value corresponds to an aggressive pruner.
1212    /// This mode is experimental and needs to be used with caution.
1213    /// Use `u64::MAX` to disable the pruner for the objects.
1214    #[serde(default)]
1215    pub num_epochs_to_retain: u64,
1216    /// pruner's runtime interval used for aggressive mode
1217    #[serde(skip_serializing_if = "Option::is_none")]
1218    pub pruning_run_delay_seconds: Option<u64>,
1219    /// maximum number of checkpoints in the pruning batch. Can be adjusted to increase performance
1220    #[serde(default = "default_max_checkpoints_in_batch")]
1221    pub max_checkpoints_in_batch: usize,
1222    /// maximum number of transaction in the pruning batch
1223    #[serde(default = "default_max_transactions_in_batch")]
1224    pub max_transactions_in_batch: usize,
1225    /// enables periodic background compaction for old SST files whose last modified time is
1226    /// older than `periodic_compaction_threshold_days` days.
1227    /// That ensures that all sst files eventually go through the compaction process
1228    #[serde(
1229        default = "default_periodic_compaction_threshold_days",
1230        skip_serializing_if = "Option::is_none"
1231    )]
1232    pub periodic_compaction_threshold_days: Option<usize>,
1233    /// number of epochs to keep the latest version of transactions and effects for
1234    #[serde(skip_serializing_if = "Option::is_none")]
1235    pub num_epochs_to_retain_for_checkpoints: Option<u64>,
1236    /// disables object tombstone pruning. We don't serialize it if it is the default value, false.
1237    #[serde(default, skip_serializing_if = "std::ops::Not::not")]
1238    pub killswitch_tombstone_pruning: bool,
1239    #[serde(default = "default_smoothing", skip_serializing_if = "is_true")]
1240    pub smooth: bool,
1241    #[serde(skip_serializing_if = "Option::is_none")]
1242    pub num_epochs_to_retain_for_indexes: Option<u64>,
1243}
1244
1245fn default_num_latest_epoch_dbs_to_retain() -> usize {
1246    3
1247}
1248
1249fn default_epoch_db_pruning_period_secs() -> u64 {
1250    3600
1251}
1252
1253fn default_max_transactions_in_batch() -> usize {
1254    1000
1255}
1256
1257fn default_max_checkpoints_in_batch() -> usize {
1258    10
1259}
1260
1261fn default_smoothing() -> bool {
1262    cfg!(not(test))
1263}
1264
1265fn default_periodic_compaction_threshold_days() -> Option<usize> {
1266    Some(1)
1267}
1268
1269impl Default for AuthorityStorePruningConfig {
1270    fn default() -> Self {
1271        Self {
1272            num_latest_epoch_dbs_to_retain: default_num_latest_epoch_dbs_to_retain(),
1273            epoch_db_pruning_period_secs: default_epoch_db_pruning_period_secs(),
1274            num_epochs_to_retain: 0,
1275            pruning_run_delay_seconds: if cfg!(msim) { Some(2) } else { None },
1276            max_checkpoints_in_batch: default_max_checkpoints_in_batch(),
1277            max_transactions_in_batch: default_max_transactions_in_batch(),
1278            periodic_compaction_threshold_days: None,
1279            num_epochs_to_retain_for_checkpoints: if cfg!(msim) { Some(2) } else { None },
1280            killswitch_tombstone_pruning: false,
1281            smooth: true,
1282            num_epochs_to_retain_for_indexes: None,
1283        }
1284    }
1285}
1286
1287impl AuthorityStorePruningConfig {
1288    pub fn set_num_epochs_to_retain(&mut self, num_epochs_to_retain: u64) {
1289        self.num_epochs_to_retain = num_epochs_to_retain;
1290    }
1291
1292    pub fn set_num_epochs_to_retain_for_checkpoints(&mut self, num_epochs_to_retain: Option<u64>) {
1293        self.num_epochs_to_retain_for_checkpoints = num_epochs_to_retain;
1294    }
1295
1296    pub fn num_epochs_to_retain_for_checkpoints(&self) -> Option<u64> {
1297        self.num_epochs_to_retain_for_checkpoints
1298            // if n less than 2, coerce to 2 and log
1299            .map(|n| {
1300                if n < 2 {
1301                    info!("num_epochs_to_retain_for_checkpoints must be at least 2, rounding up from {}", n);
1302                    2
1303                } else {
1304                    n
1305                }
1306            })
1307    }
1308
1309    pub fn set_killswitch_tombstone_pruning(&mut self, killswitch_tombstone_pruning: bool) {
1310        self.killswitch_tombstone_pruning = killswitch_tombstone_pruning;
1311    }
1312}
1313
1314#[derive(Debug, Clone, Deserialize, Serialize)]
1315#[serde(rename_all = "kebab-case")]
1316pub struct MetricsConfig {
1317    #[serde(skip_serializing_if = "Option::is_none")]
1318    pub push_interval_seconds: Option<u64>,
1319    #[serde(skip_serializing_if = "Option::is_none")]
1320    pub push_url: Option<String>,
1321}
1322
1323#[derive(Default, Debug, Clone, Deserialize, Serialize)]
1324#[serde(rename_all = "kebab-case")]
1325pub struct DBCheckpointConfig {
1326    #[serde(default)]
1327    pub perform_db_checkpoints_at_epoch_end: bool,
1328    #[serde(skip_serializing_if = "Option::is_none")]
1329    pub checkpoint_path: Option<PathBuf>,
1330    #[serde(skip_serializing_if = "Option::is_none")]
1331    pub object_store_config: Option<ObjectStoreConfig>,
1332    #[serde(skip_serializing_if = "Option::is_none")]
1333    pub perform_index_db_checkpoints_at_epoch_end: Option<bool>,
1334    #[serde(skip_serializing_if = "Option::is_none")]
1335    pub prune_and_compact_before_upload: Option<bool>,
1336}
1337
1338#[derive(Debug, Clone)]
1339pub struct ArchiveReaderConfig {
1340    pub remote_store_config: ObjectStoreConfig,
1341    pub download_concurrency: NonZeroUsize,
1342    pub ingestion_url: Option<String>,
1343    pub remote_store_options: Vec<(String, String)>,
1344    pub remote_store_headers: Vec<(String, String)>,
1345}
1346
1347#[derive(Default, Debug, Clone, Deserialize, Serialize)]
1348#[serde(rename_all = "kebab-case")]
1349pub struct StateArchiveConfig {
1350    #[serde(skip_serializing_if = "Option::is_none")]
1351    pub object_store_config: Option<ObjectStoreConfig>,
1352    pub concurrency: usize,
1353    #[serde(skip_serializing_if = "Option::is_none")]
1354    pub ingestion_url: Option<String>,
1355    #[serde(
1356        skip_serializing_if = "Vec::is_empty",
1357        default,
1358        deserialize_with = "deserialize_remote_store_options"
1359    )]
1360    pub remote_store_options: Vec<(String, String)>,
1361    /// Default headers (name, value) attached to every archive store request,
1362    /// e.g. `x-goog-user-project` to bill a GCS requester-pays bucket. Unlike
1363    /// `remote_store_options`, these are HTTP headers, not object-store config keys.
1364    #[serde(skip_serializing_if = "Vec::is_empty", default)]
1365    pub remote_store_headers: Vec<(String, String)>,
1366}
1367
1368#[derive(Default, Debug, Clone, Deserialize, Serialize)]
1369#[serde(rename_all = "kebab-case")]
1370pub struct StateSnapshotConfig {
1371    #[serde(skip_serializing_if = "Option::is_none")]
1372    pub object_store_config: Option<ObjectStoreConfig>,
1373    pub concurrency: usize,
1374    /// Archive snapshots every N epochs. If set to 0, archival is disabled.
1375    /// Archived snapshots are copied to `archive/epoch_<N>/` in the same bucket
1376    /// and are intended to be kept indefinitely.
1377    #[serde(default)]
1378    pub archive_interval_epochs: u64,
1379}
1380
1381#[derive(Default, Debug, Clone, Deserialize, Serialize)]
1382#[serde(rename_all = "kebab-case")]
1383pub struct TransactionKeyValueStoreWriteConfig {
1384    pub aws_access_key_id: String,
1385    pub aws_secret_access_key: String,
1386    pub aws_region: String,
1387    pub table_name: String,
1388    pub bucket_name: String,
1389    pub concurrency: usize,
1390}
1391
1392/// Configuration for the threshold(s) at which we consider the system
1393/// to be overloaded. When one of the threshold is passed, the node may
1394/// stop processing new transactions and/or certificates until the congestion
1395/// resolves.
1396#[derive(Clone, Debug, Deserialize, Serialize)]
1397#[serde(rename_all = "kebab-case")]
1398pub struct AuthorityOverloadConfig {
1399    #[serde(default = "default_max_txn_age_in_queue")]
1400    pub max_txn_age_in_queue: Duration,
1401
1402    // The interval of checking overload signal.
1403    #[serde(default = "default_overload_monitor_interval")]
1404    pub overload_monitor_interval: Duration,
1405
1406    // The execution queueing latency when entering load shedding mode.
1407    #[serde(default = "default_execution_queue_latency_soft_limit")]
1408    pub execution_queue_latency_soft_limit: Duration,
1409
1410    // The execution queueing latency when entering aggressive load shedding mode.
1411    #[serde(default = "default_execution_queue_latency_hard_limit")]
1412    pub execution_queue_latency_hard_limit: Duration,
1413
1414    // The maximum percentage of transactions to shed in load shedding mode.
1415    #[serde(default = "default_max_load_shedding_percentage")]
1416    pub max_load_shedding_percentage: u32,
1417
1418    // When in aggressive load shedding mode, the minimum percentage of
1419    // transactions to shed.
1420    #[serde(default = "default_min_load_shedding_percentage_above_hard_limit")]
1421    pub min_load_shedding_percentage_above_hard_limit: u32,
1422
1423    // If transaction ready rate is below this rate, we consider the validator
1424    // is well under used, and will not enter load shedding mode.
1425    #[serde(default = "default_safe_transaction_ready_rate")]
1426    pub safe_transaction_ready_rate: u32,
1427
1428    // When set to true, transaction signing may be rejected when the validator
1429    // is overloaded.
1430    #[serde(default = "default_check_system_overload_at_signing")]
1431    pub check_system_overload_at_signing: bool,
1432
1433    // Reject a transaction if transaction manager queue length is above this threshold.
1434    // 100_000 = 10k TPS * 5s resident time in transaction manager (pending + executing) * 2.
1435    #[serde(default = "default_max_transaction_manager_queue_length")]
1436    pub max_transaction_manager_queue_length: usize,
1437
1438    // Reject a transaction if the number of pending transactions depending on the object
1439    // is above the threshold.
1440    #[serde(default = "default_max_transaction_manager_per_object_queue_length")]
1441    pub max_transaction_manager_per_object_queue_length: usize,
1442
1443    // Fraction of max_pending_transactions that determines the admission queue
1444    // capacity. During congestion, the queue evicts the lowest gas price entries
1445    // to make room for higher ones. Capacity = max_pending_transactions * fraction.
1446    #[serde(default = "default_admission_queue_capacity_fraction")]
1447    pub admission_queue_capacity_fraction: f64,
1448
1449    // Fraction of max_pending_transactions below which the admission queue is
1450    // bypassed (transactions are submitted directly to consensus). Above this
1451    // threshold, transactions go through the priority queue.
1452    #[serde(default = "default_admission_queue_bypass_fraction")]
1453    pub admission_queue_bypass_fraction: f64,
1454
1455    // Enables use of a gas-price-based priority queue for load shedding of
1456    // transactions at admission time. If false, when consensus is saturated, transactions
1457    // are rejected with TooManyTransactionsPendingConsensus.
1458    #[serde(default = "default_admission_queue_enabled")]
1459    pub admission_queue_enabled: bool,
1460
1461    // Failover timeout for the admission queue. If the queue has not made forward
1462    // progress (draining an entry or observing an empty queue) within this window,
1463    // it is presumed stuck and new transactions bypass it (using the same saturation
1464    // reject behavior as when the queue is disabled) until progress resumes.
1465    #[serde(default = "default_admission_queue_failover_timeout")]
1466    pub admission_queue_failover_timeout: Duration,
1467}
1468
1469fn default_max_txn_age_in_queue() -> Duration {
1470    Duration::from_millis(1000)
1471}
1472
1473fn default_overload_monitor_interval() -> Duration {
1474    Duration::from_secs(10)
1475}
1476
1477fn default_execution_queue_latency_soft_limit() -> Duration {
1478    Duration::from_secs(1)
1479}
1480
1481fn default_execution_queue_latency_hard_limit() -> Duration {
1482    Duration::from_secs(10)
1483}
1484
1485fn default_max_load_shedding_percentage() -> u32 {
1486    95
1487}
1488
1489fn default_min_load_shedding_percentage_above_hard_limit() -> u32 {
1490    50
1491}
1492
1493fn default_safe_transaction_ready_rate() -> u32 {
1494    100
1495}
1496
1497fn default_check_system_overload_at_signing() -> bool {
1498    true
1499}
1500
1501fn default_max_transaction_manager_queue_length() -> usize {
1502    100_000
1503}
1504
1505fn default_max_transaction_manager_per_object_queue_length() -> usize {
1506    2000
1507}
1508
1509fn default_admission_queue_capacity_fraction() -> f64 {
1510    0.5
1511}
1512
1513fn default_admission_queue_bypass_fraction() -> f64 {
1514    0.9
1515}
1516
1517fn default_admission_queue_enabled() -> bool {
1518    true
1519}
1520
1521fn default_admission_queue_failover_timeout() -> Duration {
1522    Duration::from_secs(30)
1523}
1524
1525impl Default for AuthorityOverloadConfig {
1526    fn default() -> Self {
1527        Self {
1528            max_txn_age_in_queue: default_max_txn_age_in_queue(),
1529            overload_monitor_interval: default_overload_monitor_interval(),
1530            execution_queue_latency_soft_limit: default_execution_queue_latency_soft_limit(),
1531            execution_queue_latency_hard_limit: default_execution_queue_latency_hard_limit(),
1532            max_load_shedding_percentage: default_max_load_shedding_percentage(),
1533            min_load_shedding_percentage_above_hard_limit:
1534                default_min_load_shedding_percentage_above_hard_limit(),
1535            safe_transaction_ready_rate: default_safe_transaction_ready_rate(),
1536            check_system_overload_at_signing: true,
1537            max_transaction_manager_queue_length: default_max_transaction_manager_queue_length(),
1538            max_transaction_manager_per_object_queue_length:
1539                default_max_transaction_manager_per_object_queue_length(),
1540            admission_queue_capacity_fraction: default_admission_queue_capacity_fraction(),
1541            admission_queue_bypass_fraction: default_admission_queue_bypass_fraction(),
1542            admission_queue_enabled: default_admission_queue_enabled(),
1543            admission_queue_failover_timeout: default_admission_queue_failover_timeout(),
1544        }
1545    }
1546}
1547
1548fn default_authority_overload_config() -> AuthorityOverloadConfig {
1549    AuthorityOverloadConfig::default()
1550}
1551
1552fn default_traffic_controller_policy_config() -> Option<PolicyConfig> {
1553    Some(PolicyConfig::default_dos_protection_policy())
1554}
1555
1556#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, Eq)]
1557pub struct Genesis {
1558    #[serde(flatten)]
1559    location: GenesisLocation,
1560
1561    #[serde(skip)]
1562    genesis: once_cell::sync::OnceCell<genesis::Genesis>,
1563}
1564
1565impl Genesis {
1566    pub fn new(genesis: genesis::Genesis) -> Self {
1567        Self {
1568            location: GenesisLocation::InPlace { genesis },
1569            genesis: Default::default(),
1570        }
1571    }
1572
1573    pub fn new_from_file<P: Into<PathBuf>>(path: P) -> Self {
1574        Self {
1575            location: GenesisLocation::File {
1576                genesis_file_location: path.into(),
1577            },
1578            genesis: Default::default(),
1579        }
1580    }
1581
1582    pub fn genesis(&self) -> Result<&genesis::Genesis> {
1583        match &self.location {
1584            GenesisLocation::InPlace { genesis } => Ok(genesis),
1585            GenesisLocation::File {
1586                genesis_file_location,
1587            } => self
1588                .genesis
1589                .get_or_try_init(|| genesis::Genesis::load(genesis_file_location)),
1590        }
1591    }
1592}
1593
1594#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, Eq)]
1595#[serde(untagged)]
1596#[allow(clippy::large_enum_variant)]
1597enum GenesisLocation {
1598    InPlace {
1599        genesis: genesis::Genesis,
1600    },
1601    File {
1602        #[serde(rename = "genesis-file-location")]
1603        genesis_file_location: PathBuf,
1604    },
1605}
1606
1607/// Wrapper struct for SuiKeyPair that can be deserialized from a file path. Used by network, worker, and account keypair.
1608#[derive(Clone, Debug, PartialEq, Eq, Deserialize, Serialize)]
1609pub struct KeyPairWithPath {
1610    #[serde(flatten)]
1611    location: KeyPairLocation,
1612
1613    #[serde(skip)]
1614    keypair: OnceCell<Arc<SuiKeyPair>>,
1615}
1616
1617#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, Eq)]
1618#[serde_as]
1619#[serde(untagged)]
1620enum KeyPairLocation {
1621    InPlace {
1622        #[serde_as(as = "Arc<KeyPairBase64>")]
1623        value: Arc<SuiKeyPair>,
1624    },
1625    File {
1626        #[serde(rename = "path")]
1627        path: PathBuf,
1628    },
1629}
1630
1631impl KeyPairWithPath {
1632    pub fn new(kp: SuiKeyPair) -> Self {
1633        let cell: OnceCell<Arc<SuiKeyPair>> = OnceCell::new();
1634        let arc_kp = Arc::new(kp);
1635        // OK to unwrap panic because authority should not start without all keypairs loaded.
1636        cell.set(arc_kp.clone()).expect("Failed to set keypair");
1637        Self {
1638            location: KeyPairLocation::InPlace { value: arc_kp },
1639            keypair: cell,
1640        }
1641    }
1642
1643    pub fn new_from_path(path: PathBuf) -> Self {
1644        let cell: OnceCell<Arc<SuiKeyPair>> = OnceCell::new();
1645        // OK to unwrap panic because authority should not start without all keypairs loaded.
1646        cell.set(Arc::new(read_keypair_from_file(&path).unwrap_or_else(
1647            |e| panic!("Invalid keypair file at path {:?}: {e}", &path),
1648        )))
1649        .expect("Failed to set keypair");
1650        Self {
1651            location: KeyPairLocation::File { path },
1652            keypair: cell,
1653        }
1654    }
1655
1656    pub fn keypair(&self) -> &SuiKeyPair {
1657        self.keypair
1658            .get_or_init(|| match &self.location {
1659                KeyPairLocation::InPlace { value } => value.clone(),
1660                KeyPairLocation::File { path } => {
1661                    // OK to unwrap panic because authority should not start without all keypairs loaded.
1662                    Arc::new(
1663                        read_keypair_from_file(path).unwrap_or_else(|e| {
1664                            panic!("Invalid keypair file at path {:?}: {e}", path)
1665                        }),
1666                    )
1667                }
1668            })
1669            .as_ref()
1670    }
1671}
1672
1673/// Wrapper struct for AuthorityKeyPair that can be deserialized from a file path.
1674#[derive(Clone, Debug, PartialEq, Eq, Deserialize, Serialize)]
1675pub struct AuthorityKeyPairWithPath {
1676    #[serde(flatten)]
1677    location: AuthorityKeyPairLocation,
1678
1679    #[serde(skip)]
1680    keypair: OnceCell<Arc<AuthorityKeyPair>>,
1681}
1682
1683#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, Eq)]
1684#[serde_as]
1685#[serde(untagged)]
1686enum AuthorityKeyPairLocation {
1687    InPlace { value: Arc<AuthorityKeyPair> },
1688    File { path: PathBuf },
1689}
1690
1691impl AuthorityKeyPairWithPath {
1692    pub fn new(kp: AuthorityKeyPair) -> Self {
1693        let cell: OnceCell<Arc<AuthorityKeyPair>> = OnceCell::new();
1694        let arc_kp = Arc::new(kp);
1695        // OK to unwrap panic because authority should not start without all keypairs loaded.
1696        cell.set(arc_kp.clone())
1697            .expect("Failed to set authority keypair");
1698        Self {
1699            location: AuthorityKeyPairLocation::InPlace { value: arc_kp },
1700            keypair: cell,
1701        }
1702    }
1703
1704    pub fn new_from_path(path: PathBuf) -> Self {
1705        let cell: OnceCell<Arc<AuthorityKeyPair>> = OnceCell::new();
1706        // OK to unwrap panic because authority should not start without all keypairs loaded.
1707        cell.set(Arc::new(
1708            read_authority_keypair_from_file(&path)
1709                .unwrap_or_else(|_| panic!("Invalid authority keypair file at path {:?}", &path)),
1710        ))
1711        .expect("Failed to set authority keypair");
1712        Self {
1713            location: AuthorityKeyPairLocation::File { path },
1714            keypair: cell,
1715        }
1716    }
1717
1718    pub fn authority_keypair(&self) -> &AuthorityKeyPair {
1719        self.keypair
1720            .get_or_init(|| match &self.location {
1721                AuthorityKeyPairLocation::InPlace { value } => value.clone(),
1722                AuthorityKeyPairLocation::File { path } => {
1723                    // OK to unwrap panic because authority should not start without all keypairs loaded.
1724                    Arc::new(
1725                        read_authority_keypair_from_file(path).unwrap_or_else(|_| {
1726                            panic!("Invalid authority keypair file {:?}", &path)
1727                        }),
1728                    )
1729                }
1730            })
1731            .as_ref()
1732    }
1733}
1734
1735/// Configurations which determine how we dump state debug info.
1736/// Debug info is dumped when a node forks.
1737#[derive(Clone, Debug, Deserialize, Serialize, Default)]
1738#[serde(rename_all = "kebab-case")]
1739pub struct StateDebugDumpConfig {
1740    #[serde(skip_serializing_if = "Option::is_none")]
1741    pub dump_file_directory: Option<PathBuf>,
1742}
1743
1744fn read_credential_from_path_or_literal(value: &str) -> Result<String, std::io::Error> {
1745    let path = Path::new(value);
1746    if path.exists() && path.is_file() {
1747        std::fs::read_to_string(path).map(|content| content.trim().to_string())
1748    } else {
1749        Ok(value.to_string())
1750    }
1751}
1752
1753// Custom deserializer for remote store options that supports file paths or literal values
1754fn deserialize_remote_store_options<'de, D>(
1755    deserializer: D,
1756) -> Result<Vec<(String, String)>, D::Error>
1757where
1758    D: serde::Deserializer<'de>,
1759{
1760    use serde::de::Error;
1761
1762    let raw_options: Vec<(String, String)> = Vec::deserialize(deserializer)?;
1763    let mut processed_options = Vec::new();
1764
1765    for (key, value) in raw_options {
1766        // GCS service_account keys expect a file path, not the file content
1767        // All other keys (AWS credentials, service_account_key) should read file content
1768        let is_service_account_path = matches!(
1769            key.as_str(),
1770            "google_service_account"
1771                | "service_account"
1772                | "google_service_account_path"
1773                | "service_account_path"
1774        );
1775
1776        let processed_value = if is_service_account_path {
1777            value
1778        } else {
1779            match read_credential_from_path_or_literal(&value) {
1780                Ok(processed) => processed,
1781                Err(e) => {
1782                    return Err(D::Error::custom(format!(
1783                        "Failed to read credential for key '{}': {}",
1784                        key, e
1785                    )));
1786                }
1787            }
1788        };
1789
1790        processed_options.push((key, processed_value));
1791    }
1792
1793    Ok(processed_options)
1794}
1795
1796#[cfg(test)]
1797mod tests {
1798    use std::path::PathBuf;
1799
1800    use fastcrypto::traits::KeyPair;
1801    use rand::{SeedableRng, rngs::StdRng};
1802    use sui_keys::keypair_file::{write_authority_keypair_to_file, write_keypair_to_file};
1803    use sui_types::crypto::{AuthorityKeyPair, NetworkKeyPair, SuiKeyPair, get_key_pair_from_rng};
1804
1805    use super::{Genesis, StateArchiveConfig};
1806    use crate::NodeConfig;
1807
1808    #[test]
1809    fn serialize_genesis_from_file() {
1810        let g = Genesis::new_from_file("path/to/file");
1811
1812        let s = serde_yaml::to_string(&g).unwrap();
1813        assert_eq!("---\ngenesis-file-location: path/to/file\n", s);
1814        let loaded_genesis: Genesis = serde_yaml::from_str(&s).unwrap();
1815        assert_eq!(g, loaded_genesis);
1816    }
1817
1818    #[test]
1819    fn fullnode_template() {
1820        const TEMPLATE: &str = include_str!("../data/fullnode-template.yaml");
1821
1822        let _template: NodeConfig = serde_yaml::from_str(TEMPLATE).unwrap();
1823    }
1824
1825    /// Tests that a legacy validator config (captured on 12/06/2024) can be parsed.
1826    #[test]
1827    fn legacy_validator_config() {
1828        const FILE: &str = include_str!("../data/sui-node-legacy.yaml");
1829
1830        let _template: NodeConfig = serde_yaml::from_str(FILE).unwrap();
1831    }
1832
1833    #[test]
1834    fn load_key_pairs_to_node_config() {
1835        let protocol_key_pair: AuthorityKeyPair =
1836            get_key_pair_from_rng(&mut StdRng::from_seed([0; 32])).1;
1837        let worker_key_pair: NetworkKeyPair =
1838            get_key_pair_from_rng(&mut StdRng::from_seed([0; 32])).1;
1839        let network_key_pair: NetworkKeyPair =
1840            get_key_pair_from_rng(&mut StdRng::from_seed([0; 32])).1;
1841
1842        write_authority_keypair_to_file(&protocol_key_pair, PathBuf::from("protocol.key")).unwrap();
1843        write_keypair_to_file(
1844            &SuiKeyPair::Ed25519(worker_key_pair.copy()),
1845            PathBuf::from("worker.key"),
1846        )
1847        .unwrap();
1848        write_keypair_to_file(
1849            &SuiKeyPair::Ed25519(network_key_pair.copy()),
1850            PathBuf::from("network.key"),
1851        )
1852        .unwrap();
1853
1854        const TEMPLATE: &str = include_str!("../data/fullnode-template-with-path.yaml");
1855        let template: NodeConfig = serde_yaml::from_str(TEMPLATE).unwrap();
1856        assert_eq!(
1857            template.protocol_key_pair().public(),
1858            protocol_key_pair.public()
1859        );
1860        assert_eq!(
1861            template.network_key_pair().public(),
1862            network_key_pair.public()
1863        );
1864        assert_eq!(
1865            template.worker_key_pair().public(),
1866            worker_key_pair.public()
1867        );
1868    }
1869
1870    #[test]
1871    fn test_remote_store_options_file_path_support() {
1872        // Create temporary credential files
1873        let temp_dir = std::env::temp_dir();
1874        let access_key_file = temp_dir.join("test_access_key");
1875        let secret_key_file = temp_dir.join("test_secret_key");
1876
1877        std::fs::write(&access_key_file, "test_access_key_value").unwrap();
1878        std::fs::write(&secret_key_file, "test_secret_key_value\n").unwrap();
1879
1880        let yaml_config = format!(
1881            r#"
1882object-store-config: null
1883concurrency: 5
1884ingestion-url: "https://example.com"
1885remote-store-options:
1886  - ["aws_access_key_id", "{}"]
1887  - ["aws_secret_access_key", "{}"]
1888  - ["literal_key", "literal_value"]
1889"#,
1890            access_key_file.to_string_lossy(),
1891            secret_key_file.to_string_lossy()
1892        );
1893
1894        let config: StateArchiveConfig = serde_yaml::from_str(&yaml_config).unwrap();
1895
1896        // Verify that file paths were resolved and literal values preserved
1897        assert_eq!(config.remote_store_options.len(), 3);
1898
1899        let access_key_option = config
1900            .remote_store_options
1901            .iter()
1902            .find(|(key, _)| key == "aws_access_key_id")
1903            .unwrap();
1904        assert_eq!(access_key_option.1, "test_access_key_value");
1905
1906        let secret_key_option = config
1907            .remote_store_options
1908            .iter()
1909            .find(|(key, _)| key == "aws_secret_access_key")
1910            .unwrap();
1911        assert_eq!(secret_key_option.1, "test_secret_key_value");
1912
1913        let literal_option = config
1914            .remote_store_options
1915            .iter()
1916            .find(|(key, _)| key == "literal_key")
1917            .unwrap();
1918        assert_eq!(literal_option.1, "literal_value");
1919
1920        // Clean up
1921        std::fs::remove_file(&access_key_file).ok();
1922        std::fs::remove_file(&secret_key_file).ok();
1923    }
1924
1925    #[test]
1926    fn test_remote_store_options_literal_values_only() {
1927        let yaml_config = r#"
1928object-store-config: null
1929concurrency: 5
1930ingestion-url: "https://example.com"
1931remote-store-options:
1932  - ["aws_access_key_id", "literal_access_key"]
1933  - ["aws_secret_access_key", "literal_secret_key"]
1934"#;
1935
1936        let config: StateArchiveConfig = serde_yaml::from_str(yaml_config).unwrap();
1937
1938        assert_eq!(config.remote_store_options.len(), 2);
1939        assert_eq!(config.remote_store_options[0].1, "literal_access_key");
1940        assert_eq!(config.remote_store_options[1].1, "literal_secret_key");
1941    }
1942
1943    #[test]
1944    fn test_remote_store_options_gcs_service_account_path_preserved() {
1945        let temp_dir = std::env::temp_dir();
1946        let service_account_file = temp_dir.join("test_service_account.json");
1947        let aws_key_file = temp_dir.join("test_aws_key");
1948
1949        std::fs::write(&service_account_file, r#"{"type": "service_account"}"#).unwrap();
1950        std::fs::write(&aws_key_file, "aws_key_value").unwrap();
1951
1952        let yaml_config = format!(
1953            r#"
1954object-store-config: null
1955concurrency: 5
1956ingestion-url: "gs://my-bucket"
1957remote-store-options:
1958  - ["service_account", "{}"]
1959  - ["google_service_account_path", "{}"]
1960  - ["aws_access_key_id", "{}"]
1961"#,
1962            service_account_file.to_string_lossy(),
1963            service_account_file.to_string_lossy(),
1964            aws_key_file.to_string_lossy()
1965        );
1966
1967        let config: StateArchiveConfig = serde_yaml::from_str(&yaml_config).unwrap();
1968
1969        assert_eq!(config.remote_store_options.len(), 3);
1970
1971        // service_account should preserve the file path, not read the content
1972        let service_account_option = config
1973            .remote_store_options
1974            .iter()
1975            .find(|(key, _)| key == "service_account")
1976            .unwrap();
1977        assert_eq!(
1978            service_account_option.1,
1979            service_account_file.to_string_lossy()
1980        );
1981
1982        // google_service_account_path should also preserve the file path
1983        let gcs_path_option = config
1984            .remote_store_options
1985            .iter()
1986            .find(|(key, _)| key == "google_service_account_path")
1987            .unwrap();
1988        assert_eq!(gcs_path_option.1, service_account_file.to_string_lossy());
1989
1990        // AWS key should read the file content
1991        let aws_option = config
1992            .remote_store_options
1993            .iter()
1994            .find(|(key, _)| key == "aws_access_key_id")
1995            .unwrap();
1996        assert_eq!(aws_option.1, "aws_key_value");
1997
1998        // Clean up
1999        std::fs::remove_file(&service_account_file).ok();
2000        std::fs::remove_file(&aws_key_file).ok();
2001    }
2002
2003    mod intended_node_role_tests {
2004        use super::*;
2005        use crate::ConsensusConfig;
2006        use consensus_config::Parameters as ConsensusParameters;
2007        use fastcrypto::ed25519::Ed25519KeyPair;
2008        use sui_types::node_role::{FullNodeSyncMode, NodeRole};
2009
2010        fn fullnode_template_config() -> NodeConfig {
2011            const TEMPLATE: &str = include_str!("../data/fullnode-template.yaml");
2012            serde_yaml::from_str(TEMPLATE).unwrap()
2013        }
2014
2015        fn minimal_consensus_config() -> ConsensusConfig {
2016            ConsensusConfig {
2017                db_path: PathBuf::from("/tmp/consensus"),
2018                db_retention_epochs: None,
2019                db_pruner_period_secs: None,
2020                max_pending_transactions: None,
2021                parameters: Default::default(),
2022                listen_address: None,
2023                external_address: None,
2024            }
2025        }
2026
2027        fn consensus_config_with_observer_peers() -> ConsensusConfig {
2028            let mut config = minimal_consensus_config();
2029            let kp = Ed25519KeyPair::generate(&mut StdRng::from_seed([0; 32]));
2030            let peer = consensus_config::PeerRecord {
2031                public_key: consensus_config::NetworkPublicKey::new(kp.public().clone()),
2032                address: "/ip4/127.0.0.1/udp/8080".parse().unwrap(),
2033            };
2034            let mut params = ConsensusParameters::default();
2035            params.observer.peers = vec![peer];
2036            config.parameters = Some(params);
2037            config
2038        }
2039
2040        #[test]
2041        fn validator_with_consensus_config() {
2042            let mut config = fullnode_template_config();
2043            config.consensus_config = Some(minimal_consensus_config());
2044            config.fullnode_sync_mode = None;
2045
2046            assert_eq!(config.intended_node_role(), NodeRole::Validator);
2047        }
2048
2049        #[test]
2050        fn fullnode_explicit_state_sync() {
2051            let mut config = fullnode_template_config();
2052            config.consensus_config = None;
2053            config.fullnode_sync_mode = Some(FullNodeSyncMode::StateSyncOnly);
2054
2055            assert_eq!(
2056                config.intended_node_role(),
2057                NodeRole::FullNode(FullNodeSyncMode::StateSyncOnly)
2058            );
2059        }
2060
2061        #[test]
2062        fn fullnode_implicit_state_sync() {
2063            let mut config = fullnode_template_config();
2064            config.consensus_config = None;
2065            config.fullnode_sync_mode = None;
2066
2067            assert_eq!(
2068                config.intended_node_role(),
2069                NodeRole::FullNode(FullNodeSyncMode::StateSyncOnly)
2070            );
2071        }
2072
2073        #[test]
2074        fn fullnode_consensus_observer() {
2075            let mut config = fullnode_template_config();
2076            config.consensus_config = Some(consensus_config_with_observer_peers());
2077            config.fullnode_sync_mode = Some(FullNodeSyncMode::ConsensusObserver);
2078
2079            assert_eq!(
2080                config.intended_node_role(),
2081                NodeRole::FullNode(FullNodeSyncMode::ConsensusObserver)
2082            );
2083        }
2084
2085        #[test]
2086        #[should_panic(
2087            expected = "Consensus config should not be set for a StateSyncOnly full node"
2088        )]
2089        fn state_sync_with_consensus_config_panics() {
2090            let mut config = fullnode_template_config();
2091            config.consensus_config = Some(minimal_consensus_config());
2092            config.fullnode_sync_mode = Some(FullNodeSyncMode::StateSyncOnly);
2093
2094            config.intended_node_role();
2095        }
2096
2097        #[test]
2098        #[should_panic(expected = "Observer peers must be configured")]
2099        fn observer_without_peers_panics() {
2100            let mut config = fullnode_template_config();
2101            config.consensus_config = Some(minimal_consensus_config());
2102            config.fullnode_sync_mode = Some(FullNodeSyncMode::ConsensusObserver);
2103
2104            config.intended_node_role();
2105        }
2106    }
2107}
2108
2109// RunWithRange is used to specify the ending epoch/checkpoint to process.
2110// this is intended for use with disaster recovery debugging and verification workflows, never in normal operations
2111#[derive(Clone, Copy, PartialEq, Debug, Serialize, Deserialize)]
2112pub enum RunWithRange {
2113    Epoch(EpochId),
2114    Checkpoint(CheckpointSequenceNumber),
2115}
2116
2117impl RunWithRange {
2118    // is epoch_id > RunWithRange::Epoch
2119    pub fn is_epoch_gt(&self, epoch_id: EpochId) -> bool {
2120        matches!(self, RunWithRange::Epoch(e) if epoch_id > *e)
2121    }
2122
2123    pub fn matches_checkpoint(&self, seq_num: CheckpointSequenceNumber) -> bool {
2124        matches!(self, RunWithRange::Checkpoint(seq) if *seq == seq_num)
2125    }
2126
2127    pub fn into_checkpoint_bound(self) -> Option<CheckpointSequenceNumber> {
2128        match self {
2129            RunWithRange::Epoch(_) => None,
2130            RunWithRange::Checkpoint(seq) => Some(seq),
2131        }
2132    }
2133}