statement store: sync dht feature branch with master#12320
Merged
AndreiEres merged 24 commits intoJun 10, 2026
Conversation
Make polkadot/cumulus zombienet test required again. cc: @sandreim
This improves the performance of xcmp-queue by not requiring to check all pages individually. --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Oliver Tale-Yazdi <oliver.tale-yazdi@parity.io>
- Map the origin account in `prepare_dry_run` when it is not already mapped, so dry-running contract calls/instantiations does not fail with `AccountUnmapped` for callers that never registered a mapping (e.g fresh product account that does not exist on chain yet) --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This PR introduces try state hook into the Beefy MMR Pallet. It also defines the invariants that holds for the pallet. Part of: #239 --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…and consumer (#12214) BeefyEcdsaToEthereum returned an empty Vec<u8> on conversion failure, while compute_authority_set counted failures by matching [0u8; 20]. Extract the sentinel into a shared FAILED_BEEFY_TO_ETH_ADDRESS constant referenced by both sites. Fix mock_beefy_id to derive valid ECDSA keys so tests exercise the happy path as well as the failure branch. --------- Signed-off-by: Adrian Catangiu <adrian@parity.io> Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Related to: #12083 (bitswap section). Adds four Prometheus metrics to the litep2p bitswap inbound handler so we can observe bitswap-driven load from network clients: | Metric | Type | Labels | |---|---|---| | `substrate_sub_libp2p_bitswap_entries_total` | counter | `outcome` ∈ `block_served`, `have`, `dont_have`, `unsupported_cid` | | `substrate_sub_libp2p_bitswap_request_errors_total` | counter | `reason` ∈ `too_many_entries`, `client` | | `substrate_sub_libp2p_bitswap_inbound_request_duration_seconds` | histogram | — | | `substrate_sub_libp2p_bitswap_response_bytes_total` | counter | — | `NetworkBackend::bitswap_server` gains an `Option<Registry>` parameter (mirroring `peer_store`). The libp2p backend impl accepts and ignores it — bitswap isn't wired into its request-response framework. Bitswap remains gated by `--ipfs-server`. Labels are pruned vs #12083: `missing`/`bad_cid` outcomes and `decode`/`encode`/`invalid_wantlist` errors are absorbed by litep2p before reaching the shim. --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com>
# Description Removes deprecated `parachains_common::AssetsToBlockAuthor` as part of #11561. `AssetsToBlockAuthor` was deprecated in favor of `frame_support::traits::tokens::imbalance::MaybeResolveTo<BlockAuthor, ...>`. It has no remaining usage in this repository; system parachain runtimes already use `MaybeResolveAssetTo<BlockAuthor<Runtime>, ...>` for asset transaction fees. ## Integration Downstream code using `AssetsToBlockAuthor` must migrate before upgrading `parachains-common`: ```diff - type CreditHandler = AssetsToBlockAuthor<Runtime, Instance>; + type CreditHandler = MaybeResolveAssetTo<BlockAuthor<Runtime>, NativeAndAssets, AccountId>; --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: muharem <ismailov.m.h@gmail.com>
LLM suggests that there might be some token leftovers. Let's check. cc paritytech/devops#5306
…12212) All prod changes needed for #12007 . With this merged, 12007 should be test code only. We skipped full determinism for now on subsystems we don't have deterministic tests yet anyways. Those will come later as needed. --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…acks (#12125) Superseeds #12043. Bandersnatch HWCD on non-subgroup inputs can produce z = 0 projectives, which arkworks' `into_affine()` panics on. Instead of extending the wire format to carry these states, this PR adds an `IntoAffineSafe` trait in `utils.rs` and uses it to substitute a non-subgroup affine on the degenerate path: - mul_te / msm_te: returns (0, 0, 0, 0) to arkworks as the fallback Wire format is byte-identical to the current `EdwardsAffine` encoding. A downstream subgroup check on the output rejects the degenerate case; honest callers that subgroup-validate inputs never hit it. --------- Signed-off-by: Oliver Tale-Yazdi <oliver.tale-yazdi@parity.io> Co-authored-by: Oliver Tale-Yazdi <oliver.tale-yazdi@parity.io> Co-authored-by: drskalman <35698397+drskalman@users.noreply.github.com> Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com>
The trait was only reachable at `pallet_dap::weights::WeightInfo`, so the benchmark template's generated `pallet_dap::WeightInfo` path failed to resolve and required a manual fixup in every consumer. Add the standard FRAME re-export (`pub use weights::WeightInfo;`) and switch the Asset Hub Westend weights file and the staking-async integration test back to the canonical `pallet_dap::WeightInfo` path. --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This PR backports regular version bumps and perdocs reordering from stable2603 branch back to master --------- Co-authored-by: Sebastian Kunert <mail@skunert.dev>
# Description
Adds a `remove_registrar` extrinsic to `pallet-identity` so that a
compromised, inactive, or
malicious registrar can be disabled on-chain via the existing
`RegistrarOrigin` (governance).
Until now there was no way to remove a registrar: once added with
`add_registrar`, a registrar
existed for the life of the chain. Disabling one required a full runtime
upgrade carrying a bespoke
storage migration — a heavyweight, ~weeks-long process for what should
be a routine governance
action. This PR closes that gap.
## Integration
This is an **additive** change for `pallet-identity` (prdoc bump:
`minor`). Nothing is removed or
renamed, and **no storage migration is required**.
- **New extrinsic** `Identity::remove_registrar(index)` at
`#[pallet::call_index(24)]` (a fresh
index; no existing call index is reused or renumbered). Gated by
`T::RegistrarOrigin`, the same
origin as `add_registrar`.
- **New event** `Event::RegistrarRemoved { registrar_index }`, emitted
on success. Wallets,
explorers, and indexers should index the new call and event.
- **`WeightInfo` trait gains `remove_registrar`.** Runtimes using the
in-tree
`SubstrateWeight`/`()` impls get this for free. Any runtime with a
*hand-written* `WeightInfo`
impl for `pallet-identity` must add a `remove_registrar` method —
otherwise it will not compile:
```diff
impl pallet_identity::WeightInfo for MyWeights {
fn add_registrar(r: u32) -> Weight { /* ... */ }
+ fn remove_registrar(r: u32) -> Weight { /* ... */ }
// ...
}
```
- **No `Config` change**, no new storage item. `Registrars` is already
`BoundedVec<Option<RegistrarInfo>, MaxRegistrars>` and every read site
already handles `None`.
- **Error codes:** returns `InvalidIndex` for an out-of-range index and
`EmptyIndex` for an
already-empty (tombstoned) slot — consistent with `request_judgement`'s
handling of an empty slot.
## Review Notes
**Design: tombstone, don't shift.** Removal sets the slot to `None`
(`*slot = None`) rather than removing it from the vector. This is the
core decision and the reason
no migration is needed:
- `Registrars` is a `BoundedVec<Option<RegistrarInfo>, MaxRegistrars>`
indexed positionally by
`RegistrarIndex`. Judgements in `IdentityOf` store a `RegistrarIndex`.
If removal *shifted*
elements (e.g. `Vec::remove`), every later registrar's index would
change and existing judgements
would silently point at the wrong registrar. Tombstoning keeps every
other index stable.
- All read sites (`request_judgement`, `provide_judgement`, `set_fee`,
`set_account_id`,
`set_fields`) already resolve a registrar via
`.get(index).and_then(Option::as_ref)`, so a
tombstoned slot reads back as `None` and those calls fail closed
automatically. A removed
registrar can no longer act.
**Two intentional consequences, documented on the dispatchable:**
1. **Pending judgement deposits are not auto-refunded.** A `FeePaid`
deposit reserved by
`request_judgement` against a now-removed registrar can no longer be
released via
`provide_judgement`. Funds are **not lost** — the requester reclaims
them with `cancel_request`,
which keys off their own identity entry, not the registrar. An on-chain
sweep would be unbounded
over all identities (a DoS vector), so the manual-cancel model is used,
matching the existing
`kill_identity` caveat.
2. **The freed index is not reused.** `add_registrar` always appends, so
each removal permanently
consumes one slot against `MaxRegistrars`. Reusing a freed slot would
let a new registrar inherit
an index that historical judgements still reference, so monotonic
capacity is the safer choice.
**Where to read:**
- `substrate/frame/identity/src/lib.rs` — the `remove_registrar`
dispatchable (call_index 24).
- `substrate/frame/identity/src/tests.rs` — bad-origin, invalid vs empty
index, index-stability
across judgements, removed-registrar-cannot-act, and append-not-reuse
tests.
- `substrate/frame/identity/src/benchmarking.rs` — worst case removes
the last registrar at full
`MaxRegistrars` length so the bench walks the full list (codec cost).
- `substrate/frame/identity/src/weights.rs` — large diff is a **full
bench-bot regen** of the whole
pallet (uniform base-time drift); only `remove_registrar` is a genuinely
new entry.
# Checklist
* [x] My PR includes a detailed description as outlined in the
"Description" and its two subsections above.
* [x] My PR follows the labeling requirements (at minimum one label for
`T` required) — needs `T1-FRAME`.
* [x] I have made corresponding changes to the documentation (if
applicable).
* [x] I have added tests that prove my fix is effective or that my
feature works (if applicable).
---------
Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Bastian Köcher <git@kchr.de>
Co-authored-by: Branislav Kontur <bkontur@gmail.com>
As a follow-up to #8705, we would like to propose an adjustment to the BEEFY RoundTracker, allowing it to count duplicated authorities as non-equal weight votes, in a similar way as handled by [GRANDPA's VoterSet](https://docs.rs/finality-grandpa/latest/finality_grandpa/voter_set/struct.VoterSet.html#method.new). We choose this approach because adapting the interfaces related to OneSessionHandler would be significantly more invasive. Since GRANDPA already supports handling duplicated authorities in this manner, we decided to implement a similar solution here for consistency and simplicity. This change should not affect how equivocations (double voting) are handled, nor does it alter the structure of commitments. It only impacts how votes from duplicated authorities are accounted for when calculating the threshold. --------- Signed-off-by: Tomasz Bartos <tomasz.bartos@iohk.io> Co-authored-by: Serban Iorga <serban300@gmail.com>
…12250) # Description Removes deprecated `frame_support::AllowAll`, `DenyAll`, and `Filter` as part of #11561. These were legacy aliases for `Everything`, `Nothing`, and `Contains`. They have no remaining usage in this repository. ## Integration ```diff - use frame_support::traits::AllowAll; + use frame_support::traits::Everything; - use frame_support::traits::DenyAll; + use frame_support::traits::Nothing; - impl frame_support::traits::Filter<MyType> for MyFilter { ... } + impl frame_support::traits::Contains<MyType> for MyFilter { ... } ``` Review Notes `2 files: substrate/frame/support/src/traits/members.rs, traits.rs ` Verified no in-repo references before removal --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: muharem <ismailov.m.h@gmail.com>
# Description Removes deprecated `frame_support::match_type!` as part of #11561. `match_type!` was a thin alias for `match_types!` with no remaining usage in this repository. ## Integration ```diff - frame_support::match_type! { ... } + frame_support::match_types! { ... } ``` Review Notes Single-file change: substrate/frame/support/src/traits/members.rs Verified no in-repo references before removal --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Bastian Köcher <git@kchr.de>
…para_id (#12275) While running tests on Versi I noticed that while generating chainspec for e.g. `glutton-westend-local-1301` I noticed that the para id in the spec id is ignored and always set to 1300. Not sure if there is a good reason for this behaviour but it's misleading. --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…in destroying state (#12297) Addresses #12290 Previously, any attempt to permissionlessly unbond the depositor was unconditionally rejected with `DoesNotHavePermission`. This was not in accordance with the `unbond` documentation, blocking the case where a pool is being destroyed and the depositor is the sole remaining member. **What it fixes:** - Permissionless unbonding of the depositor is now allowed **only** when it's a full unbond (`is_full_unbond`) **and** the pool is in the destroying state with the depositor as the sole remaining member (`is_destroying_and_only_depositor`). - Partial permissionless unbonds of the depositor still correctly return `PartialUnbondNotAllowedPermissionlessly`. - Tests are updated to assert both the newly-allowed success path and that repeated unbond attempts (after points are already zero) correctly fail with `MinimumBondNotMet`. --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Dear team, hello! Please consider this Pull Request to remove all bootnodes from the Infrastructure Builders Programme (IBP) due to the shutdown of its operations (signaled in [referendum 1891](https://polkadot.subsquare.io/referenda/1891)) These changes affect `polkadot`, `kusama` and `westend` relay and system chain chainspecs, as the `paseo` ones will be modified in their own repository. Many thanks for the long standing partnership! Best regards!! **_Milos_**
# Description Verifies the scheduling info payload in PVF, if formed by an author that claims its para slot at internal scheduling parent. Closes #12152 ## Integration Runtime developers that want to enable resubmissions for their parachains must configure the newly added associated type on parachain-system's `Config`: `VerifySchedulingSignature`. ## Review Notes Concerns like parachain session or para slot duration changes must be handled by the resubmission engine, as described here: #12036 (comment). --------- Signed-off-by: Iulian Barbu <iulian.barbu@parity.io> Co-authored-by: eskimor <robert@gonimo.com> Co-authored-by: eskimor <eskimor@noreply.com> Co-authored-by: eskimor <jfanatiker@gmx.at> Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Serban Iorga <serban@parity.io> Co-authored-by: Marios <marios@parity.io> Co-authored-by: Serban Iorga <serban300@gmail.com> Co-authored-by: Alin Dima <alin@parity.io>
## Summary Part of #2415 (follow-up to #10150) Migrate `pallet-im-online` from the deprecated `ValidateUnsigned` trait to `#[pallet::authorize]`, following the pattern established in #10716. ## Changes - Replace `ValidateUnsigned` impl with `#[pallet::authorize]` on the `heartbeat` call. - Change Config bound from `CreateBare<Call<Self>>` to `CreateAuthorizedTransaction<Call<Self>>`. - `ensure_none` → `ensure_authorized`, `create_bare` → `create_authorized_transaction`. - Add tests covering all authorize validation paths and dispatch with `RawOrigin::Authorized`. ## Migration The `Config` trait now requires `CreateAuthorizedTransaction<Call<Self>>` instead of `CreateBare<Call<Self>>`. Runtimes with a blanket `impl<C> CreateAuthorizedTransaction<C> for Runtime` (like kitchensink) need no changes. --------- Co-authored-by: Shawn Tabrizi <shawntabrizi@gmail.com>
Ideally tests should not describe implementation details, but only expected actual output, vs input. This is an attempt for achieving this for our subsystem tests, starting with the collator protocol - where we have 2 implementations. For behavior that has not changed, the tests for both legacy and experimental should be the same. This is useful in general, but also becomes more and more important to better verify AI code.
alexggh
approved these changes
Jun 10, 2026
P1sar
approved these changes
Jun 10, 2026
AndreiEres
merged commit 599140a
into
feature/statement-store-dht
389 of 396 checks passed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Merged master