1use crate::Config;
4use crate::certificate_deny_config::CertificateDenyConfig;
5use crate::genesis;
6use crate::object_storage_config::ObjectStoreConfig;
7use crate::p2p::P2pConfig;
8use crate::transaction_deny_config::TransactionDenyConfig;
9use crate::validator_client_monitor_config::ValidatorClientMonitorConfig;
10use crate::verifier_signing_config::VerifierSigningConfig;
11use anyhow::Result;
12use consensus_config::Parameters as ConsensusParameters;
13use mysten_common::fatal;
14use nonzero_ext::nonzero;
15use once_cell::sync::OnceCell;
16use rand::rngs::OsRng;
17use serde::{Deserialize, Serialize};
18use serde_with::serde_as;
19use std::collections::{BTreeMap, BTreeSet};
20use std::net::SocketAddr;
21use std::num::{NonZeroU32, NonZeroUsize};
22use std::path::{Path, PathBuf};
23use std::sync::Arc;
24use std::time::Duration;
25use sui_keys::keypair_file::{read_authority_keypair_from_file, read_keypair_from_file};
26use sui_types::base_types::{ObjectID, SuiAddress};
27use sui_types::committee::EpochId;
28use sui_types::crypto::AuthorityPublicKeyBytes;
29use sui_types::crypto::KeypairTraits;
30use sui_types::crypto::NetworkKeyPair;
31use sui_types::crypto::SuiKeyPair;
32use sui_types::messages_checkpoint::CheckpointSequenceNumber;
33use sui_types::node_role::{FullNodeSyncMode, NodeRole};
34use sui_types::supported_protocol_versions::{Chain, SupportedProtocolVersions};
35use sui_types::traffic_control::{PolicyConfig, RemoteFirewallConfig};
36
37use sui_types::crypto::{AccountKeyPair, AuthorityKeyPair, get_key_pair_from_rng};
38use sui_types::multiaddr::Multiaddr;
39use tracing::info;
40
41pub const DEFAULT_GRPC_CONCURRENCY_LIMIT: usize = 20000000000;
43
44pub const DEFAULT_VALIDATOR_GAS_PRICE: u64 = sui_types::transaction::DEFAULT_VALIDATOR_GAS_PRICE;
46
47pub const DEFAULT_COMMISSION_RATE: u64 = 200;
49
50#[derive(Debug, Clone, Copy, Default, PartialEq, Eq)]
52pub enum FundsWithdrawSchedulerType {
53 Naive,
54 #[default]
55 Eager,
56}
57
58#[serde_as]
59#[derive(Clone, Debug, Deserialize, Serialize)]
60#[serde(rename_all = "kebab-case")]
61pub struct NodeConfig {
62 #[serde(default = "default_authority_key_pair")]
63 pub protocol_key_pair: AuthorityKeyPairWithPath,
64 #[serde(default = "default_key_pair")]
65 pub worker_key_pair: KeyPairWithPath,
66 #[serde(default = "default_key_pair")]
67 pub account_key_pair: KeyPairWithPath,
68 #[serde(default = "default_key_pair")]
69 pub network_key_pair: KeyPairWithPath,
70
71 pub db_path: PathBuf,
72 #[serde(default = "default_grpc_address")]
73 pub network_address: Multiaddr,
74 #[serde(default = "default_json_rpc_address")]
75 pub json_rpc_address: SocketAddr,
76
77 #[serde(skip_serializing_if = "Option::is_none")]
78 pub rpc: Option<crate::RpcConfig>,
79
80 #[serde(default = "default_metrics_address")]
81 pub metrics_address: SocketAddr,
82 #[serde(default = "default_admin_interface_port")]
83 pub admin_interface_port: u16,
84
85 #[serde(skip_serializing_if = "Option::is_none")]
86 pub consensus_config: Option<ConsensusConfig>,
87
88 #[serde(default, skip_serializing_if = "Option::is_none")]
92 pub fullnode_sync_mode: Option<FullNodeSyncMode>,
93
94 #[serde(default = "default_enable_index_processing")]
95 pub enable_index_processing: bool,
96
97 #[serde(default)]
102 pub sync_post_process_one_tx: bool,
103
104 #[serde(default, skip_serializing_if = "std::ops::Not::not")]
105 pub remove_deprecated_tables: bool,
106
107 #[serde(default)]
108 pub jsonrpc_server_type: Option<ServerType>,
113
114 #[serde(default, skip_serializing_if = "std::ops::Not::not")]
122 pub disable_json_rpc: bool,
123
124 #[serde(default)]
125 pub grpc_load_shed: Option<bool>,
126
127 #[serde(default = "default_concurrency_limit")]
128 pub grpc_concurrency_limit: Option<usize>,
129
130 #[serde(default)]
131 pub p2p_config: P2pConfig,
132
133 pub genesis: Genesis,
134
135 #[serde(default = "default_authority_store_pruning_config")]
136 pub authority_store_pruning_config: AuthorityStorePruningConfig,
137
138 #[serde(default = "default_end_of_epoch_broadcast_channel_capacity")]
142 pub end_of_epoch_broadcast_channel_capacity: usize,
143
144 #[serde(default)]
145 pub checkpoint_executor_config: CheckpointExecutorConfig,
146
147 #[serde(skip_serializing_if = "Option::is_none")]
148 pub metrics: Option<MetricsConfig>,
149
150 #[serde(skip)]
154 pub supported_protocol_versions: Option<SupportedProtocolVersions>,
155
156 #[serde(default)]
157 pub db_checkpoint_config: DBCheckpointConfig,
158
159 #[serde(default)]
160 pub expensive_safety_check_config: ExpensiveSafetyCheckConfig,
161
162 #[serde(skip_serializing_if = "Option::is_none")]
163 pub name_service_package_address: Option<SuiAddress>,
164
165 #[serde(skip_serializing_if = "Option::is_none")]
166 pub name_service_registry_id: Option<ObjectID>,
167
168 #[serde(skip_serializing_if = "Option::is_none")]
169 pub name_service_reverse_registry_id: Option<ObjectID>,
170
171 #[serde(default)]
172 pub transaction_deny_config: TransactionDenyConfig,
173
174 #[serde(default)]
176 pub dev_inspect_disabled: bool,
177
178 #[serde(default)]
179 pub certificate_deny_config: CertificateDenyConfig,
180
181 #[serde(default)]
182 pub state_debug_dump_config: StateDebugDumpConfig,
183
184 #[serde(default)]
185 pub state_archive_read_config: Vec<StateArchiveConfig>,
186
187 #[serde(default)]
188 pub state_snapshot_write_config: StateSnapshotConfig,
189
190 #[serde(default)]
191 pub indexer_max_subscriptions: Option<usize>,
192
193 #[serde(default = "default_transaction_kv_store_config")]
194 pub transaction_kv_store_read_config: TransactionKeyValueStoreReadConfig,
195
196 #[serde(skip_serializing_if = "Option::is_none")]
197 pub transaction_kv_store_write_config: Option<TransactionKeyValueStoreWriteConfig>,
198
199 #[serde(default = "default_jwk_fetch_interval_seconds")]
200 pub jwk_fetch_interval_seconds: u64,
201
202 #[serde(default = "default_zklogin_oauth_providers")]
203 pub zklogin_oauth_providers: BTreeMap<Chain, BTreeSet<String>>,
204
205 #[serde(default = "default_authority_overload_config")]
206 pub authority_overload_config: AuthorityOverloadConfig,
207
208 #[serde(skip_serializing_if = "Option::is_none")]
209 pub run_with_range: Option<RunWithRange>,
210
211 #[serde(
213 skip_serializing_if = "Option::is_none",
214 default = "default_traffic_controller_policy_config"
215 )]
216 pub policy_config: Option<PolicyConfig>,
217
218 #[serde(skip_serializing_if = "Option::is_none")]
219 pub firewall_config: Option<RemoteFirewallConfig>,
220
221 #[serde(default)]
222 pub execution_cache: ExecutionCacheConfig,
223
224 #[serde(skip)]
226 #[serde(default = "bool_true")]
227 pub state_accumulator_v2: bool,
228
229 #[serde(skip)]
232 #[serde(default)]
233 pub funds_withdraw_scheduler_type: FundsWithdrawSchedulerType,
234
235 #[serde(default = "bool_true")]
236 pub enable_soft_bundle: bool,
237
238 #[serde(default)]
239 pub verifier_signing_config: VerifierSigningConfig,
240
241 #[serde(skip_serializing_if = "Option::is_none")]
244 pub enable_db_write_stall: Option<bool>,
245
246 #[serde(skip_serializing_if = "Option::is_none")]
250 pub enable_db_sync_to_disk: Option<bool>,
251
252 #[serde(skip_serializing_if = "Option::is_none")]
253 pub execution_time_observer_config: Option<ExecutionTimeObserverConfig>,
254
255 #[serde(default, skip_serializing_if = "Option::is_none")]
258 pub recent_submission_dedup_window_ms: Option<u64>,
259
260 #[serde(skip_serializing_if = "Option::is_none")]
264 pub chain_override_for_testing: Option<Chain>,
265
266 #[serde(skip_serializing_if = "Option::is_none")]
269 pub validator_client_monitor_config: Option<ValidatorClientMonitorConfig>,
270
271 #[serde(skip_serializing_if = "Option::is_none")]
273 pub fork_recovery: Option<ForkRecoveryConfig>,
274
275 #[serde(skip_serializing_if = "Option::is_none")]
277 pub transaction_driver_config: Option<TransactionDriverConfig>,
278
279 #[serde(skip_serializing_if = "Option::is_none")]
282 pub congestion_log: Option<CongestionLogConfig>,
283}
284
285#[derive(Clone, Debug, Deserialize, Serialize)]
286#[serde(rename_all = "kebab-case")]
287pub struct TransactionDriverConfig {
288 #[serde(default, skip_serializing_if = "Vec::is_empty")]
291 pub allowed_submission_validators: Vec<String>,
292
293 #[serde(default, skip_serializing_if = "Vec::is_empty")]
296 pub blocked_submission_validators: Vec<String>,
297
298 #[serde(default = "bool_true")]
303 pub enable_early_validation: bool,
304}
305
306impl Default for TransactionDriverConfig {
307 fn default() -> Self {
308 Self {
309 allowed_submission_validators: vec![],
310 blocked_submission_validators: vec![],
311 enable_early_validation: true,
312 }
313 }
314}
315
316#[derive(Clone, Debug, Deserialize, Serialize)]
317#[serde(rename_all = "kebab-case")]
318pub struct CongestionLogConfig {
319 pub path: PathBuf,
320 #[serde(default = "default_congestion_log_max_file_size")]
321 pub max_file_size: u64,
322 #[serde(default = "default_congestion_log_max_files")]
323 pub max_files: u32,
324}
325
326fn default_congestion_log_max_file_size() -> u64 {
327 100 * 1024 * 1024 }
329
330fn default_congestion_log_max_files() -> u32 {
331 10
332}
333
334#[derive(Debug, Clone, Copy, Default, Deserialize, Serialize, PartialEq, Eq)]
335#[serde(rename_all = "kebab-case")]
336pub enum ForkCrashBehavior {
337 #[serde(rename = "await-fork-recovery")]
338 #[default]
339 AwaitForkRecovery,
340 #[serde(rename = "return-error")]
342 ReturnError,
343}
344
345#[derive(Clone, Debug, Default, Deserialize, Serialize)]
346#[serde(rename_all = "kebab-case")]
347pub struct ForkRecoveryConfig {
348 #[serde(default)]
351 pub transaction_overrides: BTreeMap<String, String>,
352
353 #[serde(default)]
357 pub checkpoint_overrides: BTreeMap<u64, String>,
358
359 #[serde(default)]
361 pub fork_crash_behavior: ForkCrashBehavior,
362}
363
364#[derive(Clone, Debug, Default, Deserialize, Serialize)]
365#[serde(rename_all = "kebab-case")]
366pub struct ExecutionTimeObserverConfig {
367 pub observation_channel_capacity: Option<NonZeroUsize>,
371
372 pub observation_cache_size: Option<NonZeroUsize>,
376
377 pub object_debt_channel_capacity: Option<NonZeroUsize>,
381
382 pub object_utilization_cache_size: Option<NonZeroUsize>,
386
387 pub report_object_utilization_metric_with_full_id: Option<bool>,
398
399 pub observation_sharing_object_utilization_threshold: Option<Duration>,
404
405 pub observation_sharing_diff_threshold: Option<f64>,
410
411 pub observation_sharing_min_interval: Option<Duration>,
415
416 pub observation_sharing_rate_limit: Option<NonZeroU32>,
421
422 pub observation_sharing_burst_limit: Option<NonZeroU32>,
426
427 pub enable_gas_price_weighting: Option<bool>,
434
435 pub weighted_moving_average_window_size: Option<usize>,
442
443 #[cfg(msim)]
449 pub inject_synthetic_execution_time: Option<bool>,
450}
451
452impl ExecutionTimeObserverConfig {
453 pub fn observation_channel_capacity(&self) -> NonZeroUsize {
454 self.observation_channel_capacity
455 .unwrap_or(nonzero!(1_024usize))
456 }
457
458 pub fn observation_cache_size(&self) -> NonZeroUsize {
459 self.observation_cache_size.unwrap_or(nonzero!(10_000usize))
460 }
461
462 pub fn object_debt_channel_capacity(&self) -> NonZeroUsize {
463 self.object_debt_channel_capacity
464 .unwrap_or(nonzero!(128usize))
465 }
466
467 pub fn object_utilization_cache_size(&self) -> NonZeroUsize {
468 self.object_utilization_cache_size
469 .unwrap_or(nonzero!(50_000usize))
470 }
471
472 pub fn report_object_utilization_metric_with_full_id(&self) -> bool {
473 self.report_object_utilization_metric_with_full_id
474 .unwrap_or(false)
475 }
476
477 pub fn observation_sharing_object_utilization_threshold(&self) -> Duration {
478 self.observation_sharing_object_utilization_threshold
479 .unwrap_or(Duration::from_millis(500))
480 }
481
482 pub fn observation_sharing_diff_threshold(&self) -> f64 {
483 self.observation_sharing_diff_threshold.unwrap_or(0.1)
484 }
485
486 pub fn observation_sharing_min_interval(&self) -> Duration {
487 self.observation_sharing_min_interval
488 .unwrap_or(Duration::from_secs(5))
489 }
490
491 pub fn observation_sharing_rate_limit(&self) -> NonZeroU32 {
492 self.observation_sharing_rate_limit
493 .unwrap_or(nonzero!(10u32))
494 }
495
496 pub fn observation_sharing_burst_limit(&self) -> NonZeroU32 {
497 self.observation_sharing_burst_limit
498 .unwrap_or(nonzero!(100u32))
499 }
500
501 pub fn enable_gas_price_weighting(&self) -> bool {
502 self.enable_gas_price_weighting.unwrap_or(false)
503 }
504
505 pub fn weighted_moving_average_window_size(&self) -> usize {
506 self.weighted_moving_average_window_size.unwrap_or(20)
507 }
508
509 #[cfg(msim)]
510 pub fn inject_synthetic_execution_time(&self) -> bool {
511 self.inject_synthetic_execution_time.unwrap_or(false)
512 }
513}
514
515#[allow(clippy::large_enum_variant)]
516#[derive(Clone, Debug, Deserialize, Serialize)]
517#[serde(rename_all = "kebab-case")]
518pub enum ExecutionCacheConfig {
519 PassthroughCache,
520 WritebackCache {
521 max_cache_size: Option<u64>,
524
525 package_cache_size: Option<u64>, object_cache_size: Option<u64>, marker_cache_size: Option<u64>, object_by_id_cache_size: Option<u64>, transaction_cache_size: Option<u64>, executed_effect_cache_size: Option<u64>, effect_cache_size: Option<u64>, events_cache_size: Option<u64>, transaction_objects_cache_size: Option<u64>, backpressure_threshold: Option<u64>,
541
542 backpressure_threshold_for_rpc: Option<u64>,
545 },
546}
547
548impl Default for ExecutionCacheConfig {
549 fn default() -> Self {
550 ExecutionCacheConfig::WritebackCache {
551 max_cache_size: None,
552 backpressure_threshold: None,
553 backpressure_threshold_for_rpc: None,
554 package_cache_size: None,
555 object_cache_size: None,
556 marker_cache_size: None,
557 object_by_id_cache_size: None,
558 transaction_cache_size: None,
559 executed_effect_cache_size: None,
560 effect_cache_size: None,
561 events_cache_size: None,
562 transaction_objects_cache_size: None,
563 }
564 }
565}
566
567impl ExecutionCacheConfig {
568 pub fn max_cache_size(&self) -> u64 {
569 std::env::var("SUI_MAX_CACHE_SIZE")
570 .ok()
571 .and_then(|s| s.parse().ok())
572 .unwrap_or_else(|| match self {
573 ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
574 ExecutionCacheConfig::WritebackCache { max_cache_size, .. } => {
575 max_cache_size.unwrap_or(100000)
576 }
577 })
578 }
579
580 pub fn package_cache_size(&self) -> u64 {
581 std::env::var("SUI_PACKAGE_CACHE_SIZE")
582 .ok()
583 .and_then(|s| s.parse().ok())
584 .unwrap_or_else(|| match self {
585 ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
586 ExecutionCacheConfig::WritebackCache {
587 package_cache_size, ..
588 } => package_cache_size.unwrap_or(1000),
589 })
590 }
591
592 pub fn object_cache_size(&self) -> u64 {
593 std::env::var("SUI_OBJECT_CACHE_SIZE")
594 .ok()
595 .and_then(|s| s.parse().ok())
596 .unwrap_or_else(|| match self {
597 ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
598 ExecutionCacheConfig::WritebackCache {
599 object_cache_size, ..
600 } => object_cache_size.unwrap_or(self.max_cache_size()),
601 })
602 }
603
604 pub fn marker_cache_size(&self) -> u64 {
605 std::env::var("SUI_MARKER_CACHE_SIZE")
606 .ok()
607 .and_then(|s| s.parse().ok())
608 .unwrap_or_else(|| match self {
609 ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
610 ExecutionCacheConfig::WritebackCache {
611 marker_cache_size, ..
612 } => marker_cache_size.unwrap_or(self.object_cache_size()),
613 })
614 }
615
616 pub fn object_by_id_cache_size(&self) -> u64 {
617 std::env::var("SUI_OBJECT_BY_ID_CACHE_SIZE")
618 .ok()
619 .and_then(|s| s.parse().ok())
620 .unwrap_or_else(|| match self {
621 ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
622 ExecutionCacheConfig::WritebackCache {
623 object_by_id_cache_size,
624 ..
625 } => object_by_id_cache_size.unwrap_or(self.object_cache_size()),
626 })
627 }
628
629 pub fn transaction_cache_size(&self) -> u64 {
630 std::env::var("SUI_TRANSACTION_CACHE_SIZE")
631 .ok()
632 .and_then(|s| s.parse().ok())
633 .unwrap_or_else(|| match self {
634 ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
635 ExecutionCacheConfig::WritebackCache {
636 transaction_cache_size,
637 ..
638 } => transaction_cache_size.unwrap_or(self.max_cache_size()),
639 })
640 }
641
642 pub fn executed_effect_cache_size(&self) -> u64 {
643 std::env::var("SUI_EXECUTED_EFFECT_CACHE_SIZE")
644 .ok()
645 .and_then(|s| s.parse().ok())
646 .unwrap_or_else(|| match self {
647 ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
648 ExecutionCacheConfig::WritebackCache {
649 executed_effect_cache_size,
650 ..
651 } => executed_effect_cache_size.unwrap_or(self.transaction_cache_size()),
652 })
653 }
654
655 pub fn effect_cache_size(&self) -> u64 {
656 std::env::var("SUI_EFFECT_CACHE_SIZE")
657 .ok()
658 .and_then(|s| s.parse().ok())
659 .unwrap_or_else(|| match self {
660 ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
661 ExecutionCacheConfig::WritebackCache {
662 effect_cache_size, ..
663 } => effect_cache_size.unwrap_or(self.executed_effect_cache_size()),
664 })
665 }
666
667 pub fn events_cache_size(&self) -> u64 {
668 std::env::var("SUI_EVENTS_CACHE_SIZE")
669 .ok()
670 .and_then(|s| s.parse().ok())
671 .unwrap_or_else(|| match self {
672 ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
673 ExecutionCacheConfig::WritebackCache {
674 events_cache_size, ..
675 } => events_cache_size.unwrap_or(self.transaction_cache_size()),
676 })
677 }
678
679 pub fn transaction_objects_cache_size(&self) -> u64 {
680 std::env::var("SUI_TRANSACTION_OBJECTS_CACHE_SIZE")
681 .ok()
682 .and_then(|s| s.parse().ok())
683 .unwrap_or_else(|| match self {
684 ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
685 ExecutionCacheConfig::WritebackCache {
686 transaction_objects_cache_size,
687 ..
688 } => transaction_objects_cache_size.unwrap_or(1000),
689 })
690 }
691
692 pub fn backpressure_threshold(&self) -> u64 {
693 std::env::var("SUI_BACKPRESSURE_THRESHOLD")
694 .ok()
695 .and_then(|s| s.parse().ok())
696 .unwrap_or_else(|| match self {
697 ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
698 ExecutionCacheConfig::WritebackCache {
699 backpressure_threshold,
700 ..
701 } => backpressure_threshold.unwrap_or(100_000),
702 })
703 }
704
705 pub fn backpressure_threshold_for_rpc(&self) -> u64 {
706 std::env::var("SUI_BACKPRESSURE_THRESHOLD_FOR_RPC")
707 .ok()
708 .and_then(|s| s.parse().ok())
709 .unwrap_or_else(|| match self {
710 ExecutionCacheConfig::PassthroughCache => fatal!("invalid cache config"),
711 ExecutionCacheConfig::WritebackCache {
712 backpressure_threshold_for_rpc,
713 ..
714 } => backpressure_threshold_for_rpc.unwrap_or(self.backpressure_threshold()),
715 })
716 }
717}
718
719#[derive(Clone, Copy, Debug, Deserialize, Serialize)]
720#[serde(rename_all = "lowercase")]
721pub enum ServerType {
722 WebSocket,
723 Http,
724 Both,
725}
726
727#[derive(Clone, Debug, Deserialize, Serialize)]
728#[serde(rename_all = "kebab-case")]
729pub struct TransactionKeyValueStoreReadConfig {
730 #[serde(default = "default_base_url")]
731 pub base_url: String,
732
733 #[serde(default = "default_cache_size")]
734 pub cache_size: u64,
735}
736
737impl Default for TransactionKeyValueStoreReadConfig {
738 fn default() -> Self {
739 Self {
740 base_url: default_base_url(),
741 cache_size: default_cache_size(),
742 }
743 }
744}
745
746fn default_base_url() -> String {
747 "https://transactions.sui.io/".to_string()
748}
749
750fn default_cache_size() -> u64 {
751 100_000
752}
753
754fn default_jwk_fetch_interval_seconds() -> u64 {
755 3600
756}
757
758pub fn default_zklogin_oauth_providers() -> BTreeMap<Chain, BTreeSet<String>> {
759 let mut map = BTreeMap::new();
760
761 let experimental_providers = BTreeSet::from([
763 "Google".to_string(),
764 "Facebook".to_string(),
765 "Twitch".to_string(),
766 "Kakao".to_string(),
767 "Apple".to_string(),
768 "Slack".to_string(),
769 "TestIssuer".to_string(),
770 "Microsoft".to_string(),
771 "KarrierOne".to_string(),
772 "Credenza3".to_string(),
773 "Playtron".to_string(),
774 "Threedos".to_string(),
775 "Onefc".to_string(),
776 "FanTV".to_string(),
777 "Arden".to_string(), "AwsTenant-region:eu-west-3-tenant_id:eu-west-3_gGVCx53Es".to_string(), "EveFrontier".to_string(),
780 "TestEveFrontier".to_string(),
781 "AwsTenant-region:ap-southeast-1-tenant_id:ap-southeast-1_2QQPyQXDz".to_string(), "AwsTenant-region:eu-north-1-tenant_id:eu-north-1_Bpct2JyBg".to_string(), "AwsTenant-region:eu-north-1-tenant_id:eu-north-1_4HdQTpt3E".to_string(), ]);
785
786 let providers = BTreeSet::from([
788 "Google".to_string(),
789 "Facebook".to_string(),
790 "Twitch".to_string(),
791 "Apple".to_string(),
792 "KarrierOne".to_string(),
793 "Credenza3".to_string(),
794 "Playtron".to_string(),
795 "Onefc".to_string(),
796 "Threedos".to_string(),
797 "AwsTenant-region:eu-west-3-tenant_id:eu-west-3_gGVCx53Es".to_string(), "Arden".to_string(),
799 "FanTV".to_string(),
800 "EveFrontier".to_string(),
801 "TestEveFrontier".to_string(),
802 "AwsTenant-region:ap-southeast-1-tenant_id:ap-southeast-1_2QQPyQXDz".to_string(), "AwsTenant-region:eu-north-1-tenant_id:eu-north-1_Bpct2JyBg".to_string(), "AwsTenant-region:eu-north-1-tenant_id:eu-north-1_4HdQTpt3E".to_string(), ]);
806 map.insert(Chain::Mainnet, providers.clone());
807 map.insert(Chain::Testnet, providers);
808 map.insert(Chain::Unknown, experimental_providers);
809 map
810}
811
812fn default_transaction_kv_store_config() -> TransactionKeyValueStoreReadConfig {
813 TransactionKeyValueStoreReadConfig::default()
814}
815
816fn default_authority_store_pruning_config() -> AuthorityStorePruningConfig {
817 AuthorityStorePruningConfig::default()
818}
819
820pub fn default_enable_index_processing() -> bool {
821 true
822}
823
824fn default_grpc_address() -> Multiaddr {
825 "/ip4/0.0.0.0/tcp/8080".parse().unwrap()
826}
827fn default_authority_key_pair() -> AuthorityKeyPairWithPath {
828 AuthorityKeyPairWithPath::new(get_key_pair_from_rng::<AuthorityKeyPair, _>(&mut OsRng).1)
829}
830
831fn default_key_pair() -> KeyPairWithPath {
832 KeyPairWithPath::new(
833 get_key_pair_from_rng::<AccountKeyPair, _>(&mut OsRng)
834 .1
835 .into(),
836 )
837}
838
839fn default_metrics_address() -> SocketAddr {
840 use std::net::{IpAddr, Ipv4Addr};
841 SocketAddr::new(IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)), 9184)
842}
843
844pub fn default_admin_interface_port() -> u16 {
845 1337
846}
847
848pub fn default_json_rpc_address() -> SocketAddr {
849 use std::net::{IpAddr, Ipv4Addr};
850 SocketAddr::new(IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)), 9000)
851}
852
853pub fn default_concurrency_limit() -> Option<usize> {
854 Some(DEFAULT_GRPC_CONCURRENCY_LIMIT)
855}
856
857pub fn default_end_of_epoch_broadcast_channel_capacity() -> usize {
858 128
859}
860
861pub fn bool_true() -> bool {
862 true
863}
864
865fn is_true(value: &bool) -> bool {
866 *value
867}
868
869impl Config for NodeConfig {}
870
871impl NodeConfig {
872 pub fn protocol_key_pair(&self) -> &AuthorityKeyPair {
873 self.protocol_key_pair.authority_keypair()
874 }
875
876 pub fn recent_submission_dedup_window(&self) -> Duration {
879 Duration::from_millis(self.recent_submission_dedup_window_ms.unwrap_or(1000))
880 }
881
882 pub fn worker_key_pair(&self) -> &NetworkKeyPair {
883 match self.worker_key_pair.keypair() {
884 SuiKeyPair::Ed25519(kp) => kp,
885 other => panic!(
886 "Invalid keypair type: {:?}, only Ed25519 is allowed for worker key",
887 other
888 ),
889 }
890 }
891
892 pub fn network_key_pair(&self) -> &NetworkKeyPair {
893 match self.network_key_pair.keypair() {
894 SuiKeyPair::Ed25519(kp) => kp,
895 other => panic!(
896 "Invalid keypair type: {:?}, only Ed25519 is allowed for network key",
897 other
898 ),
899 }
900 }
901
902 pub fn protocol_public_key(&self) -> AuthorityPublicKeyBytes {
903 self.protocol_key_pair().public().into()
904 }
905
906 pub fn db_path(&self) -> PathBuf {
907 self.db_path.join("live")
908 }
909
910 pub fn db_checkpoint_path(&self) -> PathBuf {
911 self.db_path.join("db_checkpoints")
912 }
913
914 pub fn db_store_path(&self) -> PathBuf {
915 self.db_path().join("store")
916 }
917
918 pub fn archive_path(&self) -> PathBuf {
919 self.db_path.join("archive")
920 }
921
922 pub fn snapshot_path(&self) -> PathBuf {
923 self.db_path.join("snapshot")
924 }
925
926 pub fn network_address(&self) -> &Multiaddr {
927 &self.network_address
928 }
929
930 pub fn consensus_config(&self) -> Option<&ConsensusConfig> {
931 self.consensus_config.as_ref()
932 }
933
934 pub fn intended_node_role(&self) -> NodeRole {
939 let has_consensus_config = self.consensus_config.is_some();
940
941 match (self.fullnode_sync_mode, has_consensus_config) {
942 (Some(FullNodeSyncMode::ConsensusObserver), _) => {
943 assert!(
944 self.has_observer_config_peers(),
945 "Observer peers must be configured when sync mode is ConsensusObserver"
946 );
947 NodeRole::FullNode(FullNodeSyncMode::ConsensusObserver)
948 }
949 (Some(FullNodeSyncMode::StateSyncOnly), true) => {
950 panic!("Consensus config should not be set for a StateSyncOnly full node");
951 }
952 (Some(FullNodeSyncMode::StateSyncOnly), false) => {
953 NodeRole::FullNode(FullNodeSyncMode::StateSyncOnly)
954 }
955 (None, false) => NodeRole::FullNode(FullNodeSyncMode::StateSyncOnly),
956 (None, true) => NodeRole::Validator,
957 }
958 }
959
960 pub fn has_observer_config_peers(&self) -> bool {
961 self.consensus_config
962 .as_ref()
963 .and_then(|c| c.parameters.as_ref())
964 .map(|p| !p.observer.peers.is_empty())
965 .unwrap_or(false)
966 }
967
968 pub fn genesis(&self) -> Result<&genesis::Genesis> {
969 self.genesis.genesis()
970 }
971
972 pub fn sui_address(&self) -> SuiAddress {
973 (&self.account_key_pair.keypair().public()).into()
974 }
975
976 pub fn archive_reader_config(&self) -> Option<ArchiveReaderConfig> {
977 self.state_archive_read_config
978 .first()
979 .map(|config| ArchiveReaderConfig {
980 ingestion_url: config.ingestion_url.clone(),
981 remote_store_options: config.remote_store_options.clone(),
982 remote_store_headers: config.remote_store_headers.clone(),
983 download_concurrency: NonZeroUsize::new(config.concurrency)
984 .unwrap_or(NonZeroUsize::new(5).unwrap()),
985 remote_store_config: ObjectStoreConfig::default(),
986 })
987 }
988
989 pub fn jsonrpc_server_type(&self) -> ServerType {
990 self.jsonrpc_server_type.unwrap_or(ServerType::Http)
991 }
992
993 pub fn json_rpc_enabled(&self) -> bool {
997 !self.disable_json_rpc
998 }
999
1000 pub fn rpc(&self) -> Option<&crate::RpcConfig> {
1001 self.rpc.as_ref()
1002 }
1003}
1004
1005#[derive(Debug, Clone, Deserialize, Serialize)]
1006pub enum ConsensusProtocol {
1007 #[serde(rename = "narwhal")]
1008 Narwhal,
1009 #[serde(rename = "mysticeti")]
1010 Mysticeti,
1011}
1012
1013#[derive(Debug, Clone, Deserialize, Serialize)]
1014#[serde(rename_all = "kebab-case")]
1015pub struct ConsensusConfig {
1016 pub db_path: PathBuf,
1018
1019 pub db_retention_epochs: Option<u64>,
1022
1023 pub db_pruner_period_secs: Option<u64>,
1026
1027 pub max_pending_transactions: Option<usize>,
1031
1032 pub parameters: Option<ConsensusParameters>,
1033
1034 #[serde(skip_serializing_if = "Option::is_none")]
1038 pub listen_address: Option<Multiaddr>,
1039
1040 #[serde(skip_serializing_if = "Option::is_none")]
1045 pub external_address: Option<Multiaddr>,
1046}
1047
1048impl ConsensusConfig {
1049 pub fn db_path(&self) -> &Path {
1050 &self.db_path
1051 }
1052
1053 pub fn max_pending_transactions(&self) -> usize {
1054 self.max_pending_transactions.unwrap_or(20_000)
1055 }
1056
1057 pub fn db_retention_epochs(&self) -> u64 {
1058 self.db_retention_epochs.unwrap_or(0)
1059 }
1060
1061 pub fn db_pruner_period(&self) -> Duration {
1062 self.db_pruner_period_secs
1064 .map(Duration::from_secs)
1065 .unwrap_or(Duration::from_secs(3_600))
1066 }
1067}
1068
1069#[derive(Clone, Debug, Deserialize, Serialize)]
1070#[serde(rename_all = "kebab-case")]
1071pub struct CheckpointExecutorConfig {
1072 #[serde(default = "default_checkpoint_execution_max_concurrency")]
1076 pub checkpoint_execution_max_concurrency: usize,
1077
1078 #[serde(default = "default_local_execution_timeout_sec")]
1084 pub local_execution_timeout_sec: u64,
1085
1086 #[serde(default, skip_serializing_if = "Option::is_none")]
1089 pub data_ingestion_dir: Option<PathBuf>,
1090}
1091
1092#[derive(Clone, Debug, Default, Deserialize, Serialize)]
1093#[serde(rename_all = "kebab-case")]
1094pub struct ExpensiveSafetyCheckConfig {
1095 #[serde(default)]
1100 enable_epoch_sui_conservation_check: bool,
1101
1102 #[serde(default)]
1106 enable_deep_per_tx_sui_conservation_check: bool,
1107
1108 #[serde(default)]
1110 force_disable_epoch_sui_conservation_check: bool,
1111
1112 #[serde(default)]
1115 enable_state_consistency_check: bool,
1116
1117 #[serde(default)]
1119 force_disable_state_consistency_check: bool,
1120
1121 #[serde(default)]
1122 enable_secondary_index_checks: bool,
1123 }
1125
1126impl ExpensiveSafetyCheckConfig {
1127 pub fn new_enable_all() -> Self {
1128 Self {
1129 enable_epoch_sui_conservation_check: true,
1130 enable_deep_per_tx_sui_conservation_check: true,
1131 force_disable_epoch_sui_conservation_check: false,
1132 enable_state_consistency_check: true,
1133 force_disable_state_consistency_check: false,
1134 enable_secondary_index_checks: false, }
1136 }
1137
1138 pub fn new_enable_all_with_secondary_index_checks() -> Self {
1139 Self {
1140 enable_secondary_index_checks: true,
1141 ..Self::new_enable_all()
1142 }
1143 }
1144
1145 pub fn new_disable_all() -> Self {
1146 Self {
1147 enable_epoch_sui_conservation_check: false,
1148 enable_deep_per_tx_sui_conservation_check: false,
1149 force_disable_epoch_sui_conservation_check: true,
1150 enable_state_consistency_check: false,
1151 force_disable_state_consistency_check: true,
1152 enable_secondary_index_checks: false,
1153 }
1154 }
1155
1156 pub fn force_disable_epoch_sui_conservation_check(&mut self) {
1157 self.force_disable_epoch_sui_conservation_check = true;
1158 }
1159
1160 pub fn enable_epoch_sui_conservation_check(&self) -> bool {
1161 (self.enable_epoch_sui_conservation_check || cfg!(debug_assertions))
1162 && !self.force_disable_epoch_sui_conservation_check
1163 }
1164
1165 pub fn force_disable_state_consistency_check(&mut self) {
1166 self.force_disable_state_consistency_check = true;
1167 }
1168
1169 pub fn enable_state_consistency_check(&self) -> bool {
1170 (self.enable_state_consistency_check || cfg!(debug_assertions))
1171 && !self.force_disable_state_consistency_check
1172 }
1173
1174 pub fn enable_deep_per_tx_sui_conservation_check(&self) -> bool {
1175 self.enable_deep_per_tx_sui_conservation_check || cfg!(debug_assertions)
1176 }
1177
1178 pub fn enable_secondary_index_checks(&self) -> bool {
1179 self.enable_secondary_index_checks
1180 }
1181}
1182
1183fn default_checkpoint_execution_max_concurrency() -> usize {
1184 4
1185}
1186
1187fn default_local_execution_timeout_sec() -> u64 {
1188 30
1189}
1190
1191impl Default for CheckpointExecutorConfig {
1192 fn default() -> Self {
1193 Self {
1194 checkpoint_execution_max_concurrency: default_checkpoint_execution_max_concurrency(),
1195 local_execution_timeout_sec: default_local_execution_timeout_sec(),
1196 data_ingestion_dir: None,
1197 }
1198 }
1199}
1200
1201#[derive(Debug, Clone, Deserialize, Serialize)]
1202#[serde(rename_all = "kebab-case")]
1203pub struct AuthorityStorePruningConfig {
1204 #[serde(default = "default_num_latest_epoch_dbs_to_retain")]
1206 pub num_latest_epoch_dbs_to_retain: usize,
1207 #[serde(default = "default_epoch_db_pruning_period_secs")]
1209 pub epoch_db_pruning_period_secs: u64,
1210 #[serde(default)]
1215 pub num_epochs_to_retain: u64,
1216 #[serde(skip_serializing_if = "Option::is_none")]
1218 pub pruning_run_delay_seconds: Option<u64>,
1219 #[serde(default = "default_max_checkpoints_in_batch")]
1221 pub max_checkpoints_in_batch: usize,
1222 #[serde(default = "default_max_transactions_in_batch")]
1224 pub max_transactions_in_batch: usize,
1225 #[serde(
1229 default = "default_periodic_compaction_threshold_days",
1230 skip_serializing_if = "Option::is_none"
1231 )]
1232 pub periodic_compaction_threshold_days: Option<usize>,
1233 #[serde(skip_serializing_if = "Option::is_none")]
1235 pub num_epochs_to_retain_for_checkpoints: Option<u64>,
1236 #[serde(default, skip_serializing_if = "std::ops::Not::not")]
1238 pub killswitch_tombstone_pruning: bool,
1239 #[serde(default = "default_smoothing", skip_serializing_if = "is_true")]
1240 pub smooth: bool,
1241 #[serde(skip_serializing_if = "Option::is_none")]
1242 pub num_epochs_to_retain_for_indexes: Option<u64>,
1243}
1244
1245fn default_num_latest_epoch_dbs_to_retain() -> usize {
1246 3
1247}
1248
1249fn default_epoch_db_pruning_period_secs() -> u64 {
1250 3600
1251}
1252
1253fn default_max_transactions_in_batch() -> usize {
1254 1000
1255}
1256
1257fn default_max_checkpoints_in_batch() -> usize {
1258 10
1259}
1260
1261fn default_smoothing() -> bool {
1262 cfg!(not(test))
1263}
1264
1265fn default_periodic_compaction_threshold_days() -> Option<usize> {
1266 Some(1)
1267}
1268
1269impl Default for AuthorityStorePruningConfig {
1270 fn default() -> Self {
1271 Self {
1272 num_latest_epoch_dbs_to_retain: default_num_latest_epoch_dbs_to_retain(),
1273 epoch_db_pruning_period_secs: default_epoch_db_pruning_period_secs(),
1274 num_epochs_to_retain: 0,
1275 pruning_run_delay_seconds: if cfg!(msim) { Some(2) } else { None },
1276 max_checkpoints_in_batch: default_max_checkpoints_in_batch(),
1277 max_transactions_in_batch: default_max_transactions_in_batch(),
1278 periodic_compaction_threshold_days: None,
1279 num_epochs_to_retain_for_checkpoints: if cfg!(msim) { Some(2) } else { None },
1280 killswitch_tombstone_pruning: false,
1281 smooth: true,
1282 num_epochs_to_retain_for_indexes: None,
1283 }
1284 }
1285}
1286
1287impl AuthorityStorePruningConfig {
1288 pub fn set_num_epochs_to_retain(&mut self, num_epochs_to_retain: u64) {
1289 self.num_epochs_to_retain = num_epochs_to_retain;
1290 }
1291
1292 pub fn set_num_epochs_to_retain_for_checkpoints(&mut self, num_epochs_to_retain: Option<u64>) {
1293 self.num_epochs_to_retain_for_checkpoints = num_epochs_to_retain;
1294 }
1295
1296 pub fn num_epochs_to_retain_for_checkpoints(&self) -> Option<u64> {
1297 self.num_epochs_to_retain_for_checkpoints
1298 .map(|n| {
1300 if n < 2 {
1301 info!("num_epochs_to_retain_for_checkpoints must be at least 2, rounding up from {}", n);
1302 2
1303 } else {
1304 n
1305 }
1306 })
1307 }
1308
1309 pub fn set_killswitch_tombstone_pruning(&mut self, killswitch_tombstone_pruning: bool) {
1310 self.killswitch_tombstone_pruning = killswitch_tombstone_pruning;
1311 }
1312}
1313
1314#[derive(Debug, Clone, Deserialize, Serialize)]
1315#[serde(rename_all = "kebab-case")]
1316pub struct MetricsConfig {
1317 #[serde(skip_serializing_if = "Option::is_none")]
1318 pub push_interval_seconds: Option<u64>,
1319 #[serde(skip_serializing_if = "Option::is_none")]
1320 pub push_url: Option<String>,
1321}
1322
1323#[derive(Default, Debug, Clone, Deserialize, Serialize)]
1324#[serde(rename_all = "kebab-case")]
1325pub struct DBCheckpointConfig {
1326 #[serde(default)]
1327 pub perform_db_checkpoints_at_epoch_end: bool,
1328 #[serde(skip_serializing_if = "Option::is_none")]
1329 pub checkpoint_path: Option<PathBuf>,
1330 #[serde(skip_serializing_if = "Option::is_none")]
1331 pub object_store_config: Option<ObjectStoreConfig>,
1332 #[serde(skip_serializing_if = "Option::is_none")]
1333 pub perform_index_db_checkpoints_at_epoch_end: Option<bool>,
1334 #[serde(skip_serializing_if = "Option::is_none")]
1335 pub prune_and_compact_before_upload: Option<bool>,
1336}
1337
1338#[derive(Debug, Clone)]
1339pub struct ArchiveReaderConfig {
1340 pub remote_store_config: ObjectStoreConfig,
1341 pub download_concurrency: NonZeroUsize,
1342 pub ingestion_url: Option<String>,
1343 pub remote_store_options: Vec<(String, String)>,
1344 pub remote_store_headers: Vec<(String, String)>,
1345}
1346
1347#[derive(Default, Debug, Clone, Deserialize, Serialize)]
1348#[serde(rename_all = "kebab-case")]
1349pub struct StateArchiveConfig {
1350 #[serde(skip_serializing_if = "Option::is_none")]
1351 pub object_store_config: Option<ObjectStoreConfig>,
1352 pub concurrency: usize,
1353 #[serde(skip_serializing_if = "Option::is_none")]
1354 pub ingestion_url: Option<String>,
1355 #[serde(
1356 skip_serializing_if = "Vec::is_empty",
1357 default,
1358 deserialize_with = "deserialize_remote_store_options"
1359 )]
1360 pub remote_store_options: Vec<(String, String)>,
1361 #[serde(skip_serializing_if = "Vec::is_empty", default)]
1365 pub remote_store_headers: Vec<(String, String)>,
1366}
1367
1368#[derive(Default, Debug, Clone, Deserialize, Serialize)]
1369#[serde(rename_all = "kebab-case")]
1370pub struct StateSnapshotConfig {
1371 #[serde(skip_serializing_if = "Option::is_none")]
1372 pub object_store_config: Option<ObjectStoreConfig>,
1373 pub concurrency: usize,
1374 #[serde(default)]
1378 pub archive_interval_epochs: u64,
1379}
1380
1381#[derive(Default, Debug, Clone, Deserialize, Serialize)]
1382#[serde(rename_all = "kebab-case")]
1383pub struct TransactionKeyValueStoreWriteConfig {
1384 pub aws_access_key_id: String,
1385 pub aws_secret_access_key: String,
1386 pub aws_region: String,
1387 pub table_name: String,
1388 pub bucket_name: String,
1389 pub concurrency: usize,
1390}
1391
1392#[derive(Clone, Debug, Deserialize, Serialize)]
1397#[serde(rename_all = "kebab-case")]
1398pub struct AuthorityOverloadConfig {
1399 #[serde(default = "default_max_txn_age_in_queue")]
1400 pub max_txn_age_in_queue: Duration,
1401
1402 #[serde(default = "default_overload_monitor_interval")]
1404 pub overload_monitor_interval: Duration,
1405
1406 #[serde(default = "default_execution_queue_latency_soft_limit")]
1408 pub execution_queue_latency_soft_limit: Duration,
1409
1410 #[serde(default = "default_execution_queue_latency_hard_limit")]
1412 pub execution_queue_latency_hard_limit: Duration,
1413
1414 #[serde(default = "default_max_load_shedding_percentage")]
1416 pub max_load_shedding_percentage: u32,
1417
1418 #[serde(default = "default_min_load_shedding_percentage_above_hard_limit")]
1421 pub min_load_shedding_percentage_above_hard_limit: u32,
1422
1423 #[serde(default = "default_safe_transaction_ready_rate")]
1426 pub safe_transaction_ready_rate: u32,
1427
1428 #[serde(default = "default_check_system_overload_at_signing")]
1431 pub check_system_overload_at_signing: bool,
1432
1433 #[serde(default = "default_max_transaction_manager_queue_length")]
1436 pub max_transaction_manager_queue_length: usize,
1437
1438 #[serde(default = "default_max_transaction_manager_per_object_queue_length")]
1441 pub max_transaction_manager_per_object_queue_length: usize,
1442
1443 #[serde(default = "default_admission_queue_capacity_fraction")]
1447 pub admission_queue_capacity_fraction: f64,
1448
1449 #[serde(default = "default_admission_queue_bypass_fraction")]
1453 pub admission_queue_bypass_fraction: f64,
1454
1455 #[serde(default = "default_admission_queue_enabled")]
1459 pub admission_queue_enabled: bool,
1460
1461 #[serde(default = "default_admission_queue_failover_timeout")]
1466 pub admission_queue_failover_timeout: Duration,
1467}
1468
1469fn default_max_txn_age_in_queue() -> Duration {
1470 Duration::from_millis(1000)
1471}
1472
1473fn default_overload_monitor_interval() -> Duration {
1474 Duration::from_secs(10)
1475}
1476
1477fn default_execution_queue_latency_soft_limit() -> Duration {
1478 Duration::from_secs(1)
1479}
1480
1481fn default_execution_queue_latency_hard_limit() -> Duration {
1482 Duration::from_secs(10)
1483}
1484
1485fn default_max_load_shedding_percentage() -> u32 {
1486 95
1487}
1488
1489fn default_min_load_shedding_percentage_above_hard_limit() -> u32 {
1490 50
1491}
1492
1493fn default_safe_transaction_ready_rate() -> u32 {
1494 100
1495}
1496
1497fn default_check_system_overload_at_signing() -> bool {
1498 true
1499}
1500
1501fn default_max_transaction_manager_queue_length() -> usize {
1502 100_000
1503}
1504
1505fn default_max_transaction_manager_per_object_queue_length() -> usize {
1506 2000
1507}
1508
1509fn default_admission_queue_capacity_fraction() -> f64 {
1510 0.5
1511}
1512
1513fn default_admission_queue_bypass_fraction() -> f64 {
1514 0.9
1515}
1516
1517fn default_admission_queue_enabled() -> bool {
1518 true
1519}
1520
1521fn default_admission_queue_failover_timeout() -> Duration {
1522 Duration::from_secs(30)
1523}
1524
1525impl Default for AuthorityOverloadConfig {
1526 fn default() -> Self {
1527 Self {
1528 max_txn_age_in_queue: default_max_txn_age_in_queue(),
1529 overload_monitor_interval: default_overload_monitor_interval(),
1530 execution_queue_latency_soft_limit: default_execution_queue_latency_soft_limit(),
1531 execution_queue_latency_hard_limit: default_execution_queue_latency_hard_limit(),
1532 max_load_shedding_percentage: default_max_load_shedding_percentage(),
1533 min_load_shedding_percentage_above_hard_limit:
1534 default_min_load_shedding_percentage_above_hard_limit(),
1535 safe_transaction_ready_rate: default_safe_transaction_ready_rate(),
1536 check_system_overload_at_signing: true,
1537 max_transaction_manager_queue_length: default_max_transaction_manager_queue_length(),
1538 max_transaction_manager_per_object_queue_length:
1539 default_max_transaction_manager_per_object_queue_length(),
1540 admission_queue_capacity_fraction: default_admission_queue_capacity_fraction(),
1541 admission_queue_bypass_fraction: default_admission_queue_bypass_fraction(),
1542 admission_queue_enabled: default_admission_queue_enabled(),
1543 admission_queue_failover_timeout: default_admission_queue_failover_timeout(),
1544 }
1545 }
1546}
1547
1548fn default_authority_overload_config() -> AuthorityOverloadConfig {
1549 AuthorityOverloadConfig::default()
1550}
1551
1552fn default_traffic_controller_policy_config() -> Option<PolicyConfig> {
1553 Some(PolicyConfig::default_dos_protection_policy())
1554}
1555
1556#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, Eq)]
1557pub struct Genesis {
1558 #[serde(flatten)]
1559 location: GenesisLocation,
1560
1561 #[serde(skip)]
1562 genesis: once_cell::sync::OnceCell<genesis::Genesis>,
1563}
1564
1565impl Genesis {
1566 pub fn new(genesis: genesis::Genesis) -> Self {
1567 Self {
1568 location: GenesisLocation::InPlace { genesis },
1569 genesis: Default::default(),
1570 }
1571 }
1572
1573 pub fn new_from_file<P: Into<PathBuf>>(path: P) -> Self {
1574 Self {
1575 location: GenesisLocation::File {
1576 genesis_file_location: path.into(),
1577 },
1578 genesis: Default::default(),
1579 }
1580 }
1581
1582 pub fn genesis(&self) -> Result<&genesis::Genesis> {
1583 match &self.location {
1584 GenesisLocation::InPlace { genesis } => Ok(genesis),
1585 GenesisLocation::File {
1586 genesis_file_location,
1587 } => self
1588 .genesis
1589 .get_or_try_init(|| genesis::Genesis::load(genesis_file_location)),
1590 }
1591 }
1592}
1593
1594#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, Eq)]
1595#[serde(untagged)]
1596#[allow(clippy::large_enum_variant)]
1597enum GenesisLocation {
1598 InPlace {
1599 genesis: genesis::Genesis,
1600 },
1601 File {
1602 #[serde(rename = "genesis-file-location")]
1603 genesis_file_location: PathBuf,
1604 },
1605}
1606
1607#[derive(Clone, Debug, PartialEq, Eq, Deserialize, Serialize)]
1609pub struct KeyPairWithPath {
1610 #[serde(flatten)]
1611 location: KeyPairLocation,
1612
1613 #[serde(skip)]
1614 keypair: OnceCell<Arc<SuiKeyPair>>,
1615}
1616
1617#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, Eq)]
1618#[serde_as]
1619#[serde(untagged)]
1620enum KeyPairLocation {
1621 InPlace {
1622 #[serde_as(as = "Arc<KeyPairBase64>")]
1623 value: Arc<SuiKeyPair>,
1624 },
1625 File {
1626 #[serde(rename = "path")]
1627 path: PathBuf,
1628 },
1629}
1630
1631impl KeyPairWithPath {
1632 pub fn new(kp: SuiKeyPair) -> Self {
1633 let cell: OnceCell<Arc<SuiKeyPair>> = OnceCell::new();
1634 let arc_kp = Arc::new(kp);
1635 cell.set(arc_kp.clone()).expect("Failed to set keypair");
1637 Self {
1638 location: KeyPairLocation::InPlace { value: arc_kp },
1639 keypair: cell,
1640 }
1641 }
1642
1643 pub fn new_from_path(path: PathBuf) -> Self {
1644 let cell: OnceCell<Arc<SuiKeyPair>> = OnceCell::new();
1645 cell.set(Arc::new(read_keypair_from_file(&path).unwrap_or_else(
1647 |e| panic!("Invalid keypair file at path {:?}: {e}", &path),
1648 )))
1649 .expect("Failed to set keypair");
1650 Self {
1651 location: KeyPairLocation::File { path },
1652 keypair: cell,
1653 }
1654 }
1655
1656 pub fn keypair(&self) -> &SuiKeyPair {
1657 self.keypair
1658 .get_or_init(|| match &self.location {
1659 KeyPairLocation::InPlace { value } => value.clone(),
1660 KeyPairLocation::File { path } => {
1661 Arc::new(
1663 read_keypair_from_file(path).unwrap_or_else(|e| {
1664 panic!("Invalid keypair file at path {:?}: {e}", path)
1665 }),
1666 )
1667 }
1668 })
1669 .as_ref()
1670 }
1671}
1672
1673#[derive(Clone, Debug, PartialEq, Eq, Deserialize, Serialize)]
1675pub struct AuthorityKeyPairWithPath {
1676 #[serde(flatten)]
1677 location: AuthorityKeyPairLocation,
1678
1679 #[serde(skip)]
1680 keypair: OnceCell<Arc<AuthorityKeyPair>>,
1681}
1682
1683#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, Eq)]
1684#[serde_as]
1685#[serde(untagged)]
1686enum AuthorityKeyPairLocation {
1687 InPlace { value: Arc<AuthorityKeyPair> },
1688 File { path: PathBuf },
1689}
1690
1691impl AuthorityKeyPairWithPath {
1692 pub fn new(kp: AuthorityKeyPair) -> Self {
1693 let cell: OnceCell<Arc<AuthorityKeyPair>> = OnceCell::new();
1694 let arc_kp = Arc::new(kp);
1695 cell.set(arc_kp.clone())
1697 .expect("Failed to set authority keypair");
1698 Self {
1699 location: AuthorityKeyPairLocation::InPlace { value: arc_kp },
1700 keypair: cell,
1701 }
1702 }
1703
1704 pub fn new_from_path(path: PathBuf) -> Self {
1705 let cell: OnceCell<Arc<AuthorityKeyPair>> = OnceCell::new();
1706 cell.set(Arc::new(
1708 read_authority_keypair_from_file(&path)
1709 .unwrap_or_else(|_| panic!("Invalid authority keypair file at path {:?}", &path)),
1710 ))
1711 .expect("Failed to set authority keypair");
1712 Self {
1713 location: AuthorityKeyPairLocation::File { path },
1714 keypair: cell,
1715 }
1716 }
1717
1718 pub fn authority_keypair(&self) -> &AuthorityKeyPair {
1719 self.keypair
1720 .get_or_init(|| match &self.location {
1721 AuthorityKeyPairLocation::InPlace { value } => value.clone(),
1722 AuthorityKeyPairLocation::File { path } => {
1723 Arc::new(
1725 read_authority_keypair_from_file(path).unwrap_or_else(|_| {
1726 panic!("Invalid authority keypair file {:?}", &path)
1727 }),
1728 )
1729 }
1730 })
1731 .as_ref()
1732 }
1733}
1734
1735#[derive(Clone, Debug, Deserialize, Serialize, Default)]
1738#[serde(rename_all = "kebab-case")]
1739pub struct StateDebugDumpConfig {
1740 #[serde(skip_serializing_if = "Option::is_none")]
1741 pub dump_file_directory: Option<PathBuf>,
1742}
1743
1744fn read_credential_from_path_or_literal(value: &str) -> Result<String, std::io::Error> {
1745 let path = Path::new(value);
1746 if path.exists() && path.is_file() {
1747 std::fs::read_to_string(path).map(|content| content.trim().to_string())
1748 } else {
1749 Ok(value.to_string())
1750 }
1751}
1752
1753fn deserialize_remote_store_options<'de, D>(
1755 deserializer: D,
1756) -> Result<Vec<(String, String)>, D::Error>
1757where
1758 D: serde::Deserializer<'de>,
1759{
1760 use serde::de::Error;
1761
1762 let raw_options: Vec<(String, String)> = Vec::deserialize(deserializer)?;
1763 let mut processed_options = Vec::new();
1764
1765 for (key, value) in raw_options {
1766 let is_service_account_path = matches!(
1769 key.as_str(),
1770 "google_service_account"
1771 | "service_account"
1772 | "google_service_account_path"
1773 | "service_account_path"
1774 );
1775
1776 let processed_value = if is_service_account_path {
1777 value
1778 } else {
1779 match read_credential_from_path_or_literal(&value) {
1780 Ok(processed) => processed,
1781 Err(e) => {
1782 return Err(D::Error::custom(format!(
1783 "Failed to read credential for key '{}': {}",
1784 key, e
1785 )));
1786 }
1787 }
1788 };
1789
1790 processed_options.push((key, processed_value));
1791 }
1792
1793 Ok(processed_options)
1794}
1795
1796#[cfg(test)]
1797mod tests {
1798 use std::path::PathBuf;
1799
1800 use fastcrypto::traits::KeyPair;
1801 use rand::{SeedableRng, rngs::StdRng};
1802 use sui_keys::keypair_file::{write_authority_keypair_to_file, write_keypair_to_file};
1803 use sui_types::crypto::{AuthorityKeyPair, NetworkKeyPair, SuiKeyPair, get_key_pair_from_rng};
1804
1805 use super::{Genesis, StateArchiveConfig};
1806 use crate::NodeConfig;
1807
1808 #[test]
1809 fn serialize_genesis_from_file() {
1810 let g = Genesis::new_from_file("path/to/file");
1811
1812 let s = serde_yaml::to_string(&g).unwrap();
1813 assert_eq!("---\ngenesis-file-location: path/to/file\n", s);
1814 let loaded_genesis: Genesis = serde_yaml::from_str(&s).unwrap();
1815 assert_eq!(g, loaded_genesis);
1816 }
1817
1818 #[test]
1819 fn fullnode_template() {
1820 const TEMPLATE: &str = include_str!("../data/fullnode-template.yaml");
1821
1822 let _template: NodeConfig = serde_yaml::from_str(TEMPLATE).unwrap();
1823 }
1824
1825 #[test]
1827 fn legacy_validator_config() {
1828 const FILE: &str = include_str!("../data/sui-node-legacy.yaml");
1829
1830 let _template: NodeConfig = serde_yaml::from_str(FILE).unwrap();
1831 }
1832
1833 #[test]
1834 fn load_key_pairs_to_node_config() {
1835 let protocol_key_pair: AuthorityKeyPair =
1836 get_key_pair_from_rng(&mut StdRng::from_seed([0; 32])).1;
1837 let worker_key_pair: NetworkKeyPair =
1838 get_key_pair_from_rng(&mut StdRng::from_seed([0; 32])).1;
1839 let network_key_pair: NetworkKeyPair =
1840 get_key_pair_from_rng(&mut StdRng::from_seed([0; 32])).1;
1841
1842 write_authority_keypair_to_file(&protocol_key_pair, PathBuf::from("protocol.key")).unwrap();
1843 write_keypair_to_file(
1844 &SuiKeyPair::Ed25519(worker_key_pair.copy()),
1845 PathBuf::from("worker.key"),
1846 )
1847 .unwrap();
1848 write_keypair_to_file(
1849 &SuiKeyPair::Ed25519(network_key_pair.copy()),
1850 PathBuf::from("network.key"),
1851 )
1852 .unwrap();
1853
1854 const TEMPLATE: &str = include_str!("../data/fullnode-template-with-path.yaml");
1855 let template: NodeConfig = serde_yaml::from_str(TEMPLATE).unwrap();
1856 assert_eq!(
1857 template.protocol_key_pair().public(),
1858 protocol_key_pair.public()
1859 );
1860 assert_eq!(
1861 template.network_key_pair().public(),
1862 network_key_pair.public()
1863 );
1864 assert_eq!(
1865 template.worker_key_pair().public(),
1866 worker_key_pair.public()
1867 );
1868 }
1869
1870 #[test]
1871 fn test_remote_store_options_file_path_support() {
1872 let temp_dir = std::env::temp_dir();
1874 let access_key_file = temp_dir.join("test_access_key");
1875 let secret_key_file = temp_dir.join("test_secret_key");
1876
1877 std::fs::write(&access_key_file, "test_access_key_value").unwrap();
1878 std::fs::write(&secret_key_file, "test_secret_key_value\n").unwrap();
1879
1880 let yaml_config = format!(
1881 r#"
1882object-store-config: null
1883concurrency: 5
1884ingestion-url: "https://example.com"
1885remote-store-options:
1886 - ["aws_access_key_id", "{}"]
1887 - ["aws_secret_access_key", "{}"]
1888 - ["literal_key", "literal_value"]
1889"#,
1890 access_key_file.to_string_lossy(),
1891 secret_key_file.to_string_lossy()
1892 );
1893
1894 let config: StateArchiveConfig = serde_yaml::from_str(&yaml_config).unwrap();
1895
1896 assert_eq!(config.remote_store_options.len(), 3);
1898
1899 let access_key_option = config
1900 .remote_store_options
1901 .iter()
1902 .find(|(key, _)| key == "aws_access_key_id")
1903 .unwrap();
1904 assert_eq!(access_key_option.1, "test_access_key_value");
1905
1906 let secret_key_option = config
1907 .remote_store_options
1908 .iter()
1909 .find(|(key, _)| key == "aws_secret_access_key")
1910 .unwrap();
1911 assert_eq!(secret_key_option.1, "test_secret_key_value");
1912
1913 let literal_option = config
1914 .remote_store_options
1915 .iter()
1916 .find(|(key, _)| key == "literal_key")
1917 .unwrap();
1918 assert_eq!(literal_option.1, "literal_value");
1919
1920 std::fs::remove_file(&access_key_file).ok();
1922 std::fs::remove_file(&secret_key_file).ok();
1923 }
1924
1925 #[test]
1926 fn test_remote_store_options_literal_values_only() {
1927 let yaml_config = r#"
1928object-store-config: null
1929concurrency: 5
1930ingestion-url: "https://example.com"
1931remote-store-options:
1932 - ["aws_access_key_id", "literal_access_key"]
1933 - ["aws_secret_access_key", "literal_secret_key"]
1934"#;
1935
1936 let config: StateArchiveConfig = serde_yaml::from_str(yaml_config).unwrap();
1937
1938 assert_eq!(config.remote_store_options.len(), 2);
1939 assert_eq!(config.remote_store_options[0].1, "literal_access_key");
1940 assert_eq!(config.remote_store_options[1].1, "literal_secret_key");
1941 }
1942
1943 #[test]
1944 fn test_remote_store_options_gcs_service_account_path_preserved() {
1945 let temp_dir = std::env::temp_dir();
1946 let service_account_file = temp_dir.join("test_service_account.json");
1947 let aws_key_file = temp_dir.join("test_aws_key");
1948
1949 std::fs::write(&service_account_file, r#"{"type": "service_account"}"#).unwrap();
1950 std::fs::write(&aws_key_file, "aws_key_value").unwrap();
1951
1952 let yaml_config = format!(
1953 r#"
1954object-store-config: null
1955concurrency: 5
1956ingestion-url: "gs://my-bucket"
1957remote-store-options:
1958 - ["service_account", "{}"]
1959 - ["google_service_account_path", "{}"]
1960 - ["aws_access_key_id", "{}"]
1961"#,
1962 service_account_file.to_string_lossy(),
1963 service_account_file.to_string_lossy(),
1964 aws_key_file.to_string_lossy()
1965 );
1966
1967 let config: StateArchiveConfig = serde_yaml::from_str(&yaml_config).unwrap();
1968
1969 assert_eq!(config.remote_store_options.len(), 3);
1970
1971 let service_account_option = config
1973 .remote_store_options
1974 .iter()
1975 .find(|(key, _)| key == "service_account")
1976 .unwrap();
1977 assert_eq!(
1978 service_account_option.1,
1979 service_account_file.to_string_lossy()
1980 );
1981
1982 let gcs_path_option = config
1984 .remote_store_options
1985 .iter()
1986 .find(|(key, _)| key == "google_service_account_path")
1987 .unwrap();
1988 assert_eq!(gcs_path_option.1, service_account_file.to_string_lossy());
1989
1990 let aws_option = config
1992 .remote_store_options
1993 .iter()
1994 .find(|(key, _)| key == "aws_access_key_id")
1995 .unwrap();
1996 assert_eq!(aws_option.1, "aws_key_value");
1997
1998 std::fs::remove_file(&service_account_file).ok();
2000 std::fs::remove_file(&aws_key_file).ok();
2001 }
2002
2003 mod intended_node_role_tests {
2004 use super::*;
2005 use crate::ConsensusConfig;
2006 use consensus_config::Parameters as ConsensusParameters;
2007 use fastcrypto::ed25519::Ed25519KeyPair;
2008 use sui_types::node_role::{FullNodeSyncMode, NodeRole};
2009
2010 fn fullnode_template_config() -> NodeConfig {
2011 const TEMPLATE: &str = include_str!("../data/fullnode-template.yaml");
2012 serde_yaml::from_str(TEMPLATE).unwrap()
2013 }
2014
2015 fn minimal_consensus_config() -> ConsensusConfig {
2016 ConsensusConfig {
2017 db_path: PathBuf::from("/tmp/consensus"),
2018 db_retention_epochs: None,
2019 db_pruner_period_secs: None,
2020 max_pending_transactions: None,
2021 parameters: Default::default(),
2022 listen_address: None,
2023 external_address: None,
2024 }
2025 }
2026
2027 fn consensus_config_with_observer_peers() -> ConsensusConfig {
2028 let mut config = minimal_consensus_config();
2029 let kp = Ed25519KeyPair::generate(&mut StdRng::from_seed([0; 32]));
2030 let peer = consensus_config::PeerRecord {
2031 public_key: consensus_config::NetworkPublicKey::new(kp.public().clone()),
2032 address: "/ip4/127.0.0.1/udp/8080".parse().unwrap(),
2033 };
2034 let mut params = ConsensusParameters::default();
2035 params.observer.peers = vec![peer];
2036 config.parameters = Some(params);
2037 config
2038 }
2039
2040 #[test]
2041 fn validator_with_consensus_config() {
2042 let mut config = fullnode_template_config();
2043 config.consensus_config = Some(minimal_consensus_config());
2044 config.fullnode_sync_mode = None;
2045
2046 assert_eq!(config.intended_node_role(), NodeRole::Validator);
2047 }
2048
2049 #[test]
2050 fn fullnode_explicit_state_sync() {
2051 let mut config = fullnode_template_config();
2052 config.consensus_config = None;
2053 config.fullnode_sync_mode = Some(FullNodeSyncMode::StateSyncOnly);
2054
2055 assert_eq!(
2056 config.intended_node_role(),
2057 NodeRole::FullNode(FullNodeSyncMode::StateSyncOnly)
2058 );
2059 }
2060
2061 #[test]
2062 fn fullnode_implicit_state_sync() {
2063 let mut config = fullnode_template_config();
2064 config.consensus_config = None;
2065 config.fullnode_sync_mode = None;
2066
2067 assert_eq!(
2068 config.intended_node_role(),
2069 NodeRole::FullNode(FullNodeSyncMode::StateSyncOnly)
2070 );
2071 }
2072
2073 #[test]
2074 fn fullnode_consensus_observer() {
2075 let mut config = fullnode_template_config();
2076 config.consensus_config = Some(consensus_config_with_observer_peers());
2077 config.fullnode_sync_mode = Some(FullNodeSyncMode::ConsensusObserver);
2078
2079 assert_eq!(
2080 config.intended_node_role(),
2081 NodeRole::FullNode(FullNodeSyncMode::ConsensusObserver)
2082 );
2083 }
2084
2085 #[test]
2086 #[should_panic(
2087 expected = "Consensus config should not be set for a StateSyncOnly full node"
2088 )]
2089 fn state_sync_with_consensus_config_panics() {
2090 let mut config = fullnode_template_config();
2091 config.consensus_config = Some(minimal_consensus_config());
2092 config.fullnode_sync_mode = Some(FullNodeSyncMode::StateSyncOnly);
2093
2094 config.intended_node_role();
2095 }
2096
2097 #[test]
2098 #[should_panic(expected = "Observer peers must be configured")]
2099 fn observer_without_peers_panics() {
2100 let mut config = fullnode_template_config();
2101 config.consensus_config = Some(minimal_consensus_config());
2102 config.fullnode_sync_mode = Some(FullNodeSyncMode::ConsensusObserver);
2103
2104 config.intended_node_role();
2105 }
2106 }
2107}
2108
2109#[derive(Clone, Copy, PartialEq, Debug, Serialize, Deserialize)]
2112pub enum RunWithRange {
2113 Epoch(EpochId),
2114 Checkpoint(CheckpointSequenceNumber),
2115}
2116
2117impl RunWithRange {
2118 pub fn is_epoch_gt(&self, epoch_id: EpochId) -> bool {
2120 matches!(self, RunWithRange::Epoch(e) if epoch_id > *e)
2121 }
2122
2123 pub fn matches_checkpoint(&self, seq_num: CheckpointSequenceNumber) -> bool {
2124 matches!(self, RunWithRange::Checkpoint(seq) if *seq == seq_num)
2125 }
2126
2127 pub fn into_checkpoint_bound(self) -> Option<CheckpointSequenceNumber> {
2128 match self {
2129 RunWithRange::Epoch(_) => None,
2130 RunWithRange::Checkpoint(seq) => Some(seq),
2131 }
2132 }
2133}