EIP-7951: Precompile for secp256r1 Curve Support#3
Open
snissn wants to merge 54 commits into
Open
Conversation
…ct#1689) * Remove market actor requirement on notifications * claude first pass * Integration test fixes * One contract fix and attempt at wiring integration test * Add new test to module * correct import * fix path * Fix * trying create external * don't do useless send to non payable constructor * Use foundry build of test contract * Contract fixes * build new hex from updated source * remove 0x * Use bytecode.object not deployedBytecode * Deal with serde transparent * New hex * Check notifications are received correctly * More precise expiration testing * Remove unfixed ai tests * fmt + test cleanup * clippy * more clippy * more clippy * fmt * Review Response: check before and afte * Attempt isMiner actor receiver contract * Correct hex * Fix filecoin actor call bug * Test that isMiner check rejects diret calls * fmt * clippy * Update actors/evm/tests/contracts/NotificationReceiver.sol Co-authored-by: Rod Vagg <rod@vagg.org> * Update integration_tests/src/tests/evm_notification_test.rs Co-authored-by: Rod Vagg <rod@vagg.org> * Update integration_tests/src/tests/evm_notification_test.rs Co-authored-by: Rod Vagg <rod@vagg.org> * Tweak solidity test file for codecov to not fail * fmt * Fixup review suggestion * Codecov is extremely picky --------- Co-authored-by: zenground0 <ZenGround0@users.noreply.github.com> Co-authored-by: Rod Vagg <rod@vagg.org>
chore: release 17.0.0-dev1
chore: release 17.0.0-dev1
Co-authored-by: TippyFlits <james.bluett@protocol.ai>
There was a problem hiding this comment.
Pull request overview
This PR implements RIP-7212 secp256r1 curve precompile support and enables data activation notifications to EVM contracts. Note: The PR title mentions "EIP-7951" but the implementation is actually for RIP-7212.
Key changes:
- Adds RIP-7212 secp256r1 signature verification precompile at address 0x0100
- Removes restriction limiting data activation notifications to only the storage market actor, enabling EVM contracts to receive sector content change notifications
- Updates version from 16.0.1 to 17.0.0 (breaking change)
Reviewed changes
Copilot reviewed 16 out of 17 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
actors/evm/src/interpreter/precompiles/secp256r1.rs |
New RIP-7212 precompile implementation with signature verification |
actors/evm/src/interpreter/precompiles/mod.rs |
Registers secp256r1 precompile at address 0x0100 |
actors/evm/tests/rip7212_precompile.rs |
Assembly-level tests for precompile functionality |
actors/evm/tests/basic.rs |
Solidity contract tests for secp256r1 verification |
actors/evm/tests/contracts/Secp256r1Precompile.sol |
Test contract covering valid/invalid signature scenarios |
actors/evm/tests/contracts/Secp256r1Precompile.hex |
Compiled bytecode for test contract |
actors/miner/src/notifications.rs |
Removes market-only restriction for data activation notifications |
integration_tests/src/tests/evm_notification_test.rs |
Tests EVM contracts receiving sector notifications |
test_vm/tests/suite/evm_notification_test.rs |
Integration test wrappers |
actors/evm/tests/contracts/NotificationReceiver.sol |
Example notification receiver contract with CBOR parsing |
actors/evm/tests/contracts/NotificationReceiver.hex |
Compiled notification receiver bytecode |
runtime/src/util/mapmap.rs |
Fixes PhantomData import to use std::marker |
actors/evm/Cargo.toml |
Adds p256, alloy-core, and rstest dependencies |
Cargo.toml |
Updates version to 17.0.0 and relaxes serde version constraint |
Cargo.lock |
Updates dependencies including syn, serde, and new crates |
test_vm/tests/suite/mod.rs |
Registers new notification test module |
integration_tests/src/tests/mod.rs |
Exports notification test functions |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| rt.expect_gas_available(10_000_000_000u64); | ||
| let result = util::invoke_contract(&rt, &hex::decode(selector).unwrap()); | ||
| println!("{} completed successfully", name); | ||
| assert!(result.is_empty() || !result.is_empty(), "{} should complete successfully", name); |
There was a problem hiding this comment.
This assertion is redundant and meaningless. It will always pass since result.is_empty() || !result.is_empty() is always true. Consider asserting on specific expected outcomes or removing this assertion entirely.
| for (name, selector) in fail_functions.iter() { | ||
| rt.expect_gas_available(10_000_000_000u64); | ||
| let result = util::invoke_contract(&rt, &hex::decode(selector).unwrap()); | ||
| assert!(result.is_empty() || !result.is_empty(), "{} should complete successfully", name); |
There was a problem hiding this comment.
This assertion is redundant and meaningless. It will always pass since result.is_empty() || !result.is_empty() is always true. The test should verify that invalid inputs are rejected properly, either by checking for specific error behavior or verifying the result is empty.
Suggested change
| assert!(result.is_empty() || !result.is_empty(), "{} should complete successfully", name); | |
| assert!(result.is_empty(), "{} should fail and return no output", name); |
| @@ -0,0 +1,173 @@ | |||
| //! # RIP-7212 secp256r1 Precompile | |||
There was a problem hiding this comment.
The PR title mentions "EIP-7951" but the implementation is for "RIP-7212" (as correctly documented in the code). The PR title appears to have an incorrect EIP number.
Comment on lines
+44
to
+49
| if addr.0 | ||
| == [ | ||
| 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
| 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, | ||
| ] | ||
| { |
There was a problem hiding this comment.
The array literal comparison could be error-prone. Consider using a constant for the precompile address (e.g., const RIP7212_PRECOMPILE_ADDRESS: [u8; 20] = [0x00, ..., 0x01, 0x00];) to ensure consistency with the lookup_precompile function and improve maintainability.
Comment on lines
+96
to
+100
| if addr.0[0] == 0x00 | ||
| && addr.0[1..18] == [0u8; 17] | ||
| && addr.0[18] == 0x01 | ||
| && addr.0[19] == 0x00 | ||
| { |
There was a problem hiding this comment.
The address checking logic uses different approaches in is_reserved_precompile_address (full array comparison) and lookup_precompile (byte-by-byte comparison). These should use the same logic or share a constant to prevent potential inconsistencies.
| let create_return: fil_actor_eam::CreateReturn = | ||
| create_result.ret.unwrap().deserialize().expect("Failed to decode create return"); | ||
| let evm_robust_addr = create_return.robust_address.unwrap(); | ||
| let _evm_eth_addr = create_return.eth_address; |
There was a problem hiding this comment.
The variable _evm_eth_addr is declared but never used. Either remove this variable or use it if it was intended for validation purposes.
Suggested change
| let _evm_eth_addr = create_return.eth_address; |
| let proofs = vec![RawBytes::new(vec![8, 8, 8, 8]); manifests.len()]; // dummy value for faked proof syscalls in test vm | ||
| let prove_params = ProveCommitSectors3Params { | ||
| sector_activations: manifests, | ||
| sector_proofs: proofs, // Empty proofs for testing |
There was a problem hiding this comment.
The comment says "Empty proofs for testing" but the proofs are not actually empty - they contain vec![8, 8, 8, 8]. Update the comment to accurately describe the dummy proof values.
Suggested change
| sector_proofs: proofs, // Empty proofs for testing | |
| sector_proofs: proofs, // Dummy proofs for testing (vec![8, 8, 8, 8]) |
| let cbor_params = to_vec(§or_changes).expect("Failed to serialize CBOR params"); | ||
|
|
||
| // Now call handle_filecoin_method using the alloy interface | ||
| let _method_selector = NotificationReceiver::handle_filecoin_methodCall::SELECTOR; |
There was a problem hiding this comment.
The variable _method_selector is declared but never used. Either remove this variable or use it if it was intended for validation.
Suggested change
| let _method_selector = NotificationReceiver::handle_filecoin_methodCall::SELECTOR; |
* chore: configure dependabot * dependabot cooldown, groups and cadence change
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ct#1716) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 6. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4...v6) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…coin-project#1713) Bumps [taiki-e/install-action](https://github.com/taiki-e/install-action) from 2.56.13 to 2.68.2. - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](taiki-e/install-action@c07504c...70e0055) --- updated-dependencies: - dependency-name: taiki-e/install-action dependency-version: 2.68.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…n-project#1714) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.1 to 5.5.2. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@d9f34f8...671740a) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 5.5.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…project#1717) Bumps the patch-versions group with 11 updates: | Package | From | To | | --- | --- | --- | | [clap](https://github.com/clap-rs/clap) | `4.5.36` | `4.5.58` | | [anyhow](https://github.com/dtolnay/anyhow) | `1.0.98` | `1.0.101` | | [log](https://github.com/rust-lang/log) | `0.4.27` | `0.4.29` | | [serde_json](https://github.com/serde-rs/json) | `1.0.140` | `1.0.149` | | [castaway](https://github.com/sagebind/castaway) | `0.2.3` | `0.2.4` | | [thiserror](https://github.com/dtolnay/thiserror) | `2.0.12` | `2.0.18` | | [blake2b_simd](https://github.com/oconnor663/blake2_simd) | `1.0.3` | `1.0.4` | | [sha2](https://github.com/RustCrypto/hashes) | `0.10.8` | `0.10.9` | | [fvm_shared](https://github.com/filecoin-project/ref-fvm) | `4.7.1` | `4.7.5` | | [fvm_ipld_amt](https://github.com/filecoin-project/ref-fvm) | `0.7.4` | `0.7.5` | | [blst](https://github.com/supranational/blst) | `0.3.14` | `0.3.16` | Updates `clap` from 4.5.36 to 4.5.58 - [Release notes](https://github.com/clap-rs/clap/releases) - [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md) - [Commits](clap-rs/clap@clap_complete-v4.5.36...clap_complete-v4.5.58) Updates `anyhow` from 1.0.98 to 1.0.101 - [Release notes](https://github.com/dtolnay/anyhow/releases) - [Commits](dtolnay/anyhow@1.0.98...1.0.101) Updates `log` from 0.4.27 to 0.4.29 - [Release notes](https://github.com/rust-lang/log/releases) - [Changelog](https://github.com/rust-lang/log/blob/master/CHANGELOG.md) - [Commits](rust-lang/log@0.4.27...0.4.29) Updates `serde_json` from 1.0.140 to 1.0.149 - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](serde-rs/json@v1.0.140...v1.0.149) Updates `castaway` from 0.2.3 to 0.2.4 - [Release notes](https://github.com/sagebind/castaway/releases) - [Changelog](https://github.com/sagebind/castaway/blob/master/CHANGELOG.md) - [Commits](sagebind/castaway@0.2.3...v0.2.4) Updates `thiserror` from 2.0.12 to 2.0.18 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](dtolnay/thiserror@2.0.12...2.0.18) Updates `blake2b_simd` from 1.0.3 to 1.0.4 - [Commits](oconnor663/blake2_simd@1.0.3...1.0.4) Updates `sha2` from 0.10.8 to 0.10.9 - [Commits](RustCrypto/hashes@sha2-v0.10.8...sha2-v0.10.9) Updates `fvm_shared` from 4.7.1 to 4.7.5 - [Changelog](https://github.com/filecoin-project/ref-fvm/blob/master/RELEASE.md) - [Commits](https://github.com/filecoin-project/ref-fvm/compare/fvm_shared@v4.7.1...fvm_shared@v4.7.5) Updates `fvm_ipld_amt` from 0.7.4 to 0.7.5 - [Changelog](https://github.com/filecoin-project/ref-fvm/blob/master/RELEASE.md) - [Commits](https://github.com/filecoin-project/ref-fvm/compare/fvm_ipld_amt@v0.7.4...fvm_ipld_amt@v0.7.5) Updates `blst` from 0.3.14 to 0.3.16 - [Release notes](https://github.com/supranational/blst/releases) - [Commits](supranational/blst@v0.3.14...v0.3.16) --- updated-dependencies: - dependency-name: clap dependency-version: 4.5.58 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: anyhow dependency-version: 1.0.101 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: log dependency-version: 0.4.29 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: serde_json dependency-version: 1.0.149 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: castaway dependency-version: 0.2.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: thiserror dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: blake2b_simd dependency-version: 1.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: sha2 dependency-version: 0.10.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: fvm_shared dependency-version: 4.7.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: fvm_ipld_amt dependency-version: 0.7.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: blst dependency-version: 0.3.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Hubert <hubert@chainsafe.io>
Bumps [keccak](https://github.com/RustCrypto/sponges) from 0.1.5 to 0.1.6. - [Commits](RustCrypto/sponges@keccak-v0.1.5...keccak-v0.1.6) --- updated-dependencies: - dependency-name: keccak dependency-version: 0.1.6 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…roject#1719) Bumps the patch-versions group with 5 updates: | Package | From | To | | --- | --- | --- | | [clap](https://github.com/clap-rs/clap) | `4.5.58` | `4.5.60` | | [serde](https://github.com/serde-rs/serde) | `1.0.226` | `1.0.228` | | [anyhow](https://github.com/dtolnay/anyhow) | `1.0.101` | `1.0.102` | | [ipld-core](https://github.com/ipld/rust-ipld-core) | `0.4.2` | `0.4.3` | | [fvm_sdk](https://github.com/filecoin-project/ref-fvm) | `4.7.1` | `4.7.5` | Updates `clap` from 4.5.58 to 4.5.60 - [Release notes](https://github.com/clap-rs/clap/releases) - [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md) - [Commits](clap-rs/clap@clap_complete-v4.5.58...clap_complete-v4.5.60) Updates `serde` from 1.0.226 to 1.0.228 - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](serde-rs/serde@v1.0.226...v1.0.228) Updates `anyhow` from 1.0.101 to 1.0.102 - [Release notes](https://github.com/dtolnay/anyhow/releases) - [Commits](dtolnay/anyhow@1.0.101...1.0.102) Updates `ipld-core` from 0.4.2 to 0.4.3 - [Commits](ipld/rust-ipld-core@v0.4.2...v0.4.3) Updates `fvm_sdk` from 4.7.1 to 4.7.5 - [Changelog](https://github.com/filecoin-project/ref-fvm/blob/master/RELEASE.md) - [Commits](https://github.com/filecoin-project/ref-fvm/compare/fvm_sdk@v4.7.1...fvm_sdk@v4.7.5) --- updated-dependencies: - dependency-name: clap dependency-version: 4.5.60 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: serde dependency-version: 1.0.228 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: anyhow dependency-version: 1.0.102 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: ipld-core dependency-version: 0.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions - dependency-name: fvm_sdk dependency-version: 4.7.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
test(evm): vendor EIP-7951 vectors for P256VERIFY
…ct#1722) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6 to 7. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v6...v7) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…coin-project#1723) Bumps [taiki-e/install-action](https://github.com/taiki-e/install-action) from 2.68.2 to 2.68.15. - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](taiki-e/install-action@70e0055...68675c5) --- updated-dependencies: - dependency-name: taiki-e/install-action dependency-version: 2.68.15 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
) Bumps [hex-literal](https://github.com/RustCrypto/utils) from 1.0.0 to 1.1.0. - [Commits](RustCrypto/utils@hex-literal-v1.0.0...hex-literal-v1.1.0) --- updated-dependencies: - dependency-name: hex-literal dependency-version: 1.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ect#1725) Bumps [integer-encoding](https://github.com/dermesser/integer-encoding-rs) from 4.0.2 to 4.1.0. - [Commits](https://github.com/dermesser/integer-encoding-rs/commits/v4.1.0) --- updated-dependencies: - dependency-name: integer-encoding dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ns group (filecoin-project#1726) build(deps): bump once_cell in the patch-versions group Bumps the patch-versions group with 1 update: [once_cell](https://github.com/matklad/once_cell). Updates `once_cell` from 1.21.3 to 1.21.4 - [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md) - [Commits](matklad/once_cell@v1.21.3...v1.21.4) --- updated-dependencies: - dependency-name: once_cell dependency-version: 1.21.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat: add sector status info methods Implement methods for generating and validating sector status information. This comes with a drawback that after expiry, the state becomes impossible to present. Signed-off-by: Jakub Sztandera <oss@kubuxu.com> * tests: sector status Signed-off-by: Jakub Sztandera <oss@kubuxu.com> * appease the lint gods Signed-off-by: Jakub Sztandera <oss@kubuxu.com> * Update to latest fip * Update terminology to match latest fip * fmt * Address Review --------- Signed-off-by: Jakub Sztandera <oss@kubuxu.com> Co-authored-by: zenground0 <ZenGround0@users.noreply.github.com> Co-authored-by: ZenGround0 <5515260+ZenGround0@users.noreply.github.com>
# Conflicts: # Cargo.lock # actors/evm/Cargo.toml
Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.9.0 to 2.13.0. - [Changelog](https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md) - [Commits](indexmap-rs/indexmap@2.9.0...2.13.0) --- updated-dependencies: - dependency-name: indexmap dependency-version: 2.13.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* build(deps): bump rand from 0.8.5 to 0.9.0 Bumps [rand](https://github.com/rust-random/rand) from 0.8.5 to 0.9.0. - [Release notes](https://github.com/rust-random/rand/releases) - [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md) - [Commits](rust-random/rand@0.8.5...0.9.0) --- updated-dependencies: - dependency-name: rand dependency-version: 0.9.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fix rand update --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Hubert Bugaj <lesny.rumcajs+github@gmail.com>
…coin-project#1730) Bumps [taiki-e/install-action](https://github.com/taiki-e/install-action) from 2.68.15 to 2.71.0. - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](taiki-e/install-action@68675c5...a1df912) --- updated-dependencies: - dependency-name: taiki-e/install-action dependency-version: 2.71.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…n-project#1729) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.5.2 to 6.0.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@671740a...57e3a13) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…s group (filecoin-project#1732) build(deps): bump indexmap in the patch-versions group Bumps the patch-versions group with 1 update: [indexmap](https://github.com/indexmap-rs/indexmap). Updates `indexmap` from 2.13.0 to 2.13.1 - [Changelog](https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md) - [Commits](indexmap-rs/indexmap@2.13.0...2.13.1) --- updated-dependencies: - dependency-name: indexmap dependency-version: 2.13.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-versions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
cargo-deny is now flagging rand 0.9.0 via RUSTSEC-2026-0097. The advisory marks rand >=0.7,<0.9.3 and 0.10.0 as affected by an unsoundness issue in rand::rng()/thread_rng() under a specific feature and logger combination. This is not a bug in the new secp256r1 precompile logic; it is a dependency-policy failure caused by the advisory database rejecting the vulnerable lockfile entry. This PR already resolved rand through the workspace dependency, and the manifest range was broad enough to accept a patched release. Raise the workspace minimum to 0.9.3 and refresh Cargo.lock so every rand 0.9.0 edge moves to rand 0.9.3.
Bumps [rand](https://github.com/rust-random/rand) from 0.9.0 to 0.9.3. - [Release notes](https://github.com/rust-random/rand/releases) - [Changelog](https://github.com/rust-random/rand/blob/0.9.3/CHANGELOG.md) - [Commits](rust-random/rand@0.9.0...0.9.3) --- updated-dependencies: - dependency-name: rand dependency-version: 0.9.3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…#1735) Bumps [frc46_token](https://github.com/filecoin-project/actors-utils) from 14.0.0 to 14.1.0. - [Commits](https://github.com/filecoin-project/actors-utils/compare/frc46_token@v14.0.0...frc46_token@v14.1.0) --- updated-dependencies: - dependency-name: frc46_token dependency-version: 14.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat(evm): add CLZ opcode (EIP-7939) * test(evm): add EIP-7939 CLZ vectors * test(evm): align CLZ unit tests with EIP-7939 vectors * style: rustfmt * chore(deps): update ruint to 1.17.1 (RUSTSEC-2025-0137) * test(evm): address CLZ review feedback
|
Suggested tag: Changes in configuration file(s): diff --git a/Cargo.toml b/Cargo.toml
index 06192549..949fc932 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,5 +1,5 @@
[workspace]
-resolver = "2"
+resolver = "3"
members = [
"actors/*",
"state",
@@ -12,7 +12,7 @@ members = [
[workspace.package]
version = "16.0.1"
license = "MIT OR Apache-2.0"
-edition = "2021"
+edition = "2024"
repository = "https://github.com/filecoin-project/builtin-actors"
[package]
@@ -48,13 +48,13 @@ fil_actor_system = { workspace = true, features = ["fil-actor"] }
fil_actor_verifreg = { workspace = true, features = ["fil-actor"] }
[build-dependencies]
-fil_actor_bundler = "7.1.0"
+fil_actor_bundler = "8.0.0"
cid = { workspace = true }
fil_actors_runtime = { workspace = true }
num-traits = { workspace = true }
[dependencies]
-clap = { version = "4.3.0", features = [
+clap = { version = "4.5.36", features = [
"derive",
"std",
"help",
@@ -74,43 +74,43 @@ testing-fake-proofs = []
[workspace.dependencies]
# Common
-serde = { version = "1.0.136", features = ["derive"] }
-anyhow = "1.0.65"
-bitflags = "2.4.0"
+serde = { version = "1.0.219", features = ["derive"] }
+anyhow = "1.0.98"
+bitflags = "2.9.0"
num = { version = "0.4", features = ["serde"] }
num-derive = "0.4.2"
-num-traits = "0.2.14"
-lazy_static = "1.4.0"
-log = { version = "0.4.14", features = ["std"] }
-byteorder = "1.4.3"
-itertools = "0.13.0"
-indexmap = { version = "2.7.0" }
+num-traits = "0.2.19"
+lazy_static = "1.5.0"
+log = { version = "0.4.27", features = ["std"] }
+byteorder = "1.5.0"
+itertools = "0.14.0"
+indexmap = { version = "2.9.0" }
derive_builder = "0.20.2"
-once_cell = "1.17.0"
+once_cell = "1.21.3"
rand = { version = "0.8.5", default-features = false }
hex = "0.4.3"
-hex-literal = "0.4.1"
+hex-literal = "1.0.0"
serde_json = "1.0"
regex = "1"
test-case = "3.3.1"
-bimap = "0.6.2"
-castaway = "0.2.2"
-thiserror = "1.0.30"
+bimap = "0.6.3"
+castaway = "0.2.3"
+thiserror = "2.0.12"
pretty_env_logger = "0.5.0"
-serde_repr = "0.1.8"
+serde_repr = "0.1.20"
unsigned-varint = "0.8.0"
rand_chacha = "0.3.1"
# Crypto
-libsecp256k1 = { version = "0.7.1", default-features = false }
+k256 = { version = "0.13.4", default-features = false }
blake2b_simd = "1.0"
sha2 = "0.10"
# EVM
-alloy-core = { version = "0.8.19", default-features = false, features = ["sol-types"] }
-uint = { version = "0.9.3", default-features = false }
+alloy-core = { version = "1.0.0", default-features = false, features = ["sol-types"] }
+uint = { version = "0.10.0", default-features = false }
etk-asm = "^0.3.0"
-rlp = { version = "0.5.1", default-features = false }
+rlp = { version = "0.6.1", default-features = false }
substrate-bn = { version = "0.6.0", default-features = false }
# IPLD/Encoding
@@ -118,26 +118,26 @@ cid = { version = "0.11.1", default-features = false, features = [
"serde",
"std",
] }
-multihash = { version = "0.19.1", default-features = false }
+multihash = { version = "0.19.3", default-features = false }
multihash-codetable = { version = "0.1.4", default-features = false }
multihash-derive = { version = "0.9.1", default-features = false }
-ipld-core = { version = "0.4.1", features = ["serde"] }
+ipld-core = { version = "0.4.2", features = ["serde"] }
integer-encoding = { version = "4.0.2", default-features = false }
# actor-utils
-fvm_actor_utils = "13.0.0"
-frc42_dispatch = "9.0.0"
-frc46_token = "13.0.0"
+fvm_actor_utils = "14.0.0"
+frc42_dispatch = "10.0.0"
+frc46_token = "14.0.0"
# FVM
-fvm_sdk = "4.6.0"
-fvm_shared = "4.6.0"
-fvm_ipld_encoding = "0.5.2"
-fvm_ipld_blockstore = "0.3.0"
-fvm_ipld_hamt = "0.10.2"
-fvm_ipld_kamt = "0.4.4"
-fvm_ipld_amt = { version = "0.7.3" }
-fvm_ipld_bitfield = "0.7.0"
+fvm_sdk = "~4.7"
+fvm_shared = "~4.7"
+fvm_ipld_encoding = "0.5.3"
+fvm_ipld_blockstore = "0.3.1"
+fvm_ipld_hamt = "0.10.4"
+fvm_ipld_kamt = "0.4.5"
+fvm_ipld_amt = "0.7.4"
+fvm_ipld_bitfield = "0.7.2"
# workspace
fil_actor_account = { path = "actors/account" }diff --git a/actors/evm/Cargo.toml b/actors/evm/Cargo.toml
index d0b9c4ac..de100f92 100644
--- a/actors/evm/Cargo.toml
+++ b/actors/evm/Cargo.toml
@@ -33,6 +33,7 @@ hex = { workspace = true }
hex-literal = { workspace = true }
substrate-bn = { workspace = true }
thiserror = { workspace = true }
+blst = "0.3.14"
[dev-dependencies]
hex = { workspace = true, features = ["serde"] }
diff --git a/integration_tests/Cargo.toml b/integration_tests/Cargo.toml
index ea665eb1..6c0b8498 100644
--- a/integration_tests/Cargo.toml
+++ b/integration_tests/Cargo.toml
@@ -4,7 +4,7 @@ description = "Portable integration tests for FVM targets"
version = "1.0.0"
license = "MIT OR Apache-2.0"
authors = ["Protocol Labs", "Filecoin Core Devs"]
-edition = "2021"
+edition.workspace = true
keywords = ["filecoin", "web3", "wasm"]
publish = false
@@ -12,7 +12,7 @@ publish = false
[dependencies]
fil_builtin_actors_state = { workspace = true }
-fil_actors_runtime = { workspace = true, features = [ "test_utils" ] }
+fil_actors_runtime = { workspace = true, features = ["test_utils"] }
fil_actor_init = { workspace = true }
fil_actor_cron = { workspace = true }
fil_actor_system = { workspace = true }
@@ -45,7 +45,7 @@ fvm_ipld_encoding = { workspace = true }
fvm_ipld_hamt = { workspace = true }
fvm_shared = { workspace = true }
hex = { workspace = true }
-hex-literal = { workspace = true }
+hex-literal = { workspace = true }
indexmap = { workspace = true }
integer-encoding = { workspace = true }
lazy_static = { workspace = true }
@@ -57,9 +57,9 @@ rand_chacha = { workspace = true }
regex = { workspace = true }
serde = { workspace = true }
thiserror = { workspace = true }
-libsecp256k1 = { workspace = true }
+k256 = { workspace = true, features = ["ecdsa"] }
export_macro = { path = "./macro" }
-ctor = "0.2.5"
+ctor = "0.4.1"
multihash-codetable = { workspace = true }
[dev-dependencies]
diff --git a/integration_tests/macro/Cargo.toml b/integration_tests/macro/Cargo.toml
index dd44e0ea..32db42e7 100644
--- a/integration_tests/macro/Cargo.toml
+++ b/integration_tests/macro/Cargo.toml
@@ -3,13 +3,13 @@ name = "export_macro"
description = "Macro to decorate integration tests"
version = "1.0.0"
license = "MIT OR Apache-2.0"
-edition = "2021"
+edition.workspace = true
publish = false
[lib]
proc-macro = true
[dependencies]
-syn = "2.0.38"
-quote = "1.0.33"
-proc-macro2 = "1.0.69"
\ No newline at end of file
+syn = "2.0.100"
+quote = "1.0.40"
+proc-macro2 = "1.0.94"
diff --git a/runtime/Cargo.toml b/runtime/Cargo.toml
index fd2e3de2..3e4e791f 100644
--- a/runtime/Cargo.toml
+++ b/runtime/Cargo.toml
@@ -45,9 +45,9 @@ pretty_env_logger = { workspace = true, optional = true }
rand = { workspace = true, optional = true }
multihash-derive = { workspace = true, optional = true }
-[dependencies.libsecp256k1]
+[dependencies.k256]
workspace = true
-features = ["static-context", "std"]
+features = ["ecdsa"]
optional = true
[dev-dependencies]
@@ -95,4 +95,4 @@ no-provider-deal-collateral = []
fake-proofs = []
-test_utils = ["hex", "multihash-derive", "multihash-codetable/sha2", "multihash-codetable/sha3", "multihash-codetable/ripemd", "libsecp256k1", "blake2b_simd", "rand", "rand/std_rng", "pretty_env_logger"]
+test_utils = ["hex", "multihash-derive", "multihash-codetable/sha2", "multihash-codetable/sha3", "multihash-codetable/ripemd", "k256", "blake2b_simd", "rand", "rand/std_rng", "pretty_env_logger"]
diff --git a/vm_api/Cargo.toml b/vm_api/Cargo.toml
index 29cadc0b..e6a88952 100644
--- a/vm_api/Cargo.toml
+++ b/vm_api/Cargo.toml
@@ -4,7 +4,7 @@ description = "Abstract virtual machine interface used for testing FVM native wa
version = "1.0.0"
license = "MIT OR Apache-2.0"
authors = ["Protocol Labs", "Filecoin Core Devs"]
-edition = "2021"
+edition.workspace = true
keywords = ["filecoin", "web3", "wasm"]
publish = false
Cutting a Release (and modifying code files)This PR is modifying both Automatically created GitHub ReleasePre-creating GitHub Releases on release PRs initiated from forks is not supported. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.