Merge branch 'master' into refactor/req-res-on-upgrade

.github/workflows/ci.yml

@@ -76,7 +76,10 @@ jobs:
         if: >
           github.event_name == 'pull_request' &&
           !startsWith(github.event.pull_request.title, 'chore') &&
-          !startsWith(github.event.pull_request.title, 'refactor')
+          !startsWith(github.event.pull_request.title, 'refactor') &&
+          !startsWith(github.event.pull_request.title, 'deps') &&
+          !startsWith(github.event.pull_request.title, 'docs') &&
+          !contains(github.event.pull_request.labels.*.name, 'internal-change')
         run: |
           git fetch origin master:master
           ./scripts/ensure-version-bump-and-changelog.sh

.github/workflows/docker-image.yml

@@ -35,5 +35,10 @@ jobs:
           context: .
           file: ./misc/server/Dockerfile
           push: ${{ ! github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }} # Only push image if we have the required permissions, i.e. not running from a fork
+          cache-from: ${{ ! github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' && type=s3,mode=max,bucket=libp2p-by-tf-aws-bootstrap,region=us-east-1,prefix=buildCache,name=rust-libp2p-server }}
+          cache-to:   ${{ ! github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' && type=s3,mode=max,bucket=libp2p-by-tf-aws-bootstrap,region=us-east-1,prefix=buildCache,name=rust-libp2p-server }}
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
+        env:
+          AWS_ACCESS_KEY_ID: ${{ vars.TEST_PLANS_BUILD_CACHE_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_PLANS_BUILD_CACHE_KEY }}

Cargo.toml

@@ -83,7 +83,7 @@ libp2p-dns = { version = "0.40.1", path = "transports/dns" }
 libp2p-floodsub = { version = "0.43.0", path = "protocols/floodsub" }
 libp2p-gossipsub = { version = "0.45.2", path = "protocols/gossipsub" }
 libp2p-identify = { version = "0.43.1", path = "protocols/identify" }
-libp2p-identity = { version = "0.2.5" }
+libp2p-identity = { version = "0.2.7" }
 libp2p-kad = { version = "0.44.6", path = "protocols/kad" }
 libp2p-mdns = { version = "0.44.0", path = "protocols/mdns" }
 libp2p-memory-connection-limits = { version = "0.1.0", path = "misc/memory-connection-limits" }
@@ -94,7 +94,7 @@ libp2p-noise = { version = "0.43.2", path = "transports/noise" }
 libp2p-perf = { version = "0.2.0", path = "protocols/perf" }
 libp2p-ping = { version = "0.43.1", path = "protocols/ping" }
 libp2p-plaintext = { version = "0.40.1", path = "transports/plaintext" }
-libp2p-pnet = { version = "0.23.0", path = "transports/pnet" }
+libp2p-pnet = { version = "0.23.1", path = "transports/pnet" }
 libp2p-quic = { version = "0.9.3", path = "transports/quic" }
 libp2p-relay = { version = "0.16.2", path = "protocols/relay" }
 libp2p-rendezvous = { version = "0.13.1", path = "protocols/rendezvous" }
@@ -104,13 +104,13 @@ libp2p-server = { version = "0.12.3", path = "misc/server" }
 libp2p-swarm = { version = "0.43.6", path = "swarm" }
 libp2p-swarm-derive = { version = "0.33.0", path = "swarm-derive" }
 libp2p-swarm-test = { version = "0.2.0", path = "swarm-test" }
-libp2p-tcp = { version = "0.40.0", path = "transports/tcp" }
+libp2p-tcp = { version = "0.40.1", path = "transports/tcp" }
 libp2p-tls = { version = "0.2.1", path = "transports/tls" }
 libp2p-uds = { version = "0.39.0", path = "transports/uds" }
 libp2p-wasm-ext = { version = "0.40.0", path = "transports/wasm-ext" }
 libp2p-webrtc = { version = "0.6.1-alpha", path = "transports/webrtc" }
 libp2p-webrtc-utils = { version = "0.1.0", path = "misc/webrtc-utils" }
-libp2p-webrtc-websys = { version = "0.1.0-alpha", path = "transports/webrtc-websys" }
+libp2p-webrtc-websys = { version = "0.2.0-alpha", path = "transports/webrtc-websys" }
 libp2p-websocket = { version = "0.42.1", path = "transports/websocket" }
 libp2p-websocket-websys = { version = "0.2.0", path = "transports/websocket-websys" }
 libp2p-webtransport-websys = { version = "0.1.0", path = "transports/webtransport-websys" }

README.md

@@ -91,8 +91,8 @@ Conduct](https://github.com/ipfs/community/blob/master/code-of-conduct.md).
 - [Forest](https://github.com/ChainSafe/forest) - An implementation of Filecoin written in Rust.
 - [fuel-core](https://github.com/FuelLabs/fuel-core) - A Rust implementation of the Fuel protocol.
 - [HotShot](https://github.com/EspressoSystems/HotShot) - Decentralized sequencer in Rust developed by [Espresso Systems](https://www.espressosys.com/).
-- [ipfs-embed](https://github.com/ipfs-rust/ipfs-embed) - A small embeddable ipfs implementation
-used and maintained by [Actyx](https://www.actyx.com).
+- [ipfs-embed](https://github.com/ipfs-rust/ipfs-embed) - A small embeddable ipfs implementation used and maintained by [Actyx](https://www.actyx.com).
+- [Homestar](https://github.com/ipvm-wg/homestar) - An InterPlanetary Virtual Machine (IPVM) implementation used and maintained by Fission.
 - [beetle](https://github.com/n0-computer/beetle) - Next-generation implementation of IPFS for Cloud & Mobile platforms.
 - [Lighthouse](https://github.com/sigp/lighthouse) - Ethereum consensus client in Rust.
 - [Locutus](https://github.com/freenet/locutus) - Global, observable, decentralized key-value store.
@@ -103,4 +103,4 @@ used and maintained by [Actyx](https://www.actyx.com).
 - [Subspace](https://github.com/subspace/subspace) - Subspace Network reference implementation
 - [Substrate](https://github.com/paritytech/substrate) - Framework for blockchain innovation,
 used by [Polkadot](https://www.parity.io/technologies/polkadot/).
-- [Taple](https://github.com/opencanarias/taple-core) - Sustainable DLT for asset and process traceability by [OpenCanarias](https://www.opencanarias.com/en/).
+- [Taple](https://github.com/opencanarias/taple-core) - Sustainable DLT for asset and process traceability by [OpenCanarias](https://www.opencanarias.com/en/).

clippy.toml

@@ -1,3 +1,4 @@
 disallowed-methods = [
   { path = "futures::channel::mpsc::unbounded", reason = "does not enforce backpressure" },
 ]
+avoid-breaking-exported-api = false

core/Cargo.toml

@@ -39,7 +39,7 @@ libp2p-mplex = { path = "../muxers/mplex" }                    # Using `path` he
 libp2p-noise = { path = "../transports/noise" }                # Using `path` here because this is a cyclic dev-dependency which otherwise breaks releasing.
 multihash = { workspace = true, features = ["arb"] }
 quickcheck = { workspace = true }
-libp2p-identity = { workspace = true, features = ["ed25519"] }
+libp2p-identity = { workspace = true, features = ["ed25519", "rand"] }
 
 [features]
 serde = ["multihash/serde-codec", "dep:serde", "libp2p-identity/serde"]

docs/maintainer-handbook.md

@@ -26,6 +26,14 @@ Once a PR fulfills all merge requirements (approvals, passing CI, etc), applying
 In case of a trivial code change, maintainers may choose to apply the `trivial` label.
 This will have mergify approve your PR, thus fulfilling all requirements to automatically queue a PR for merging.
 
+## Changelog entries
+
+Our CI checks that each crate which is modified gets a changelog entry.
+Whilst this is a good default safety-wise, it creates a lot of false-positives for changes that are internal and don't need a changelog entry.
+
+For PRs that in the categories `chore`, `deps`, `refactor` and `docs`, this check is disabled automatically.
+Any other PR needs to explicitly disable this check if desired by applying the `internal-change` label.
+
 ## Dependencies
 
 We version our `Cargo.lock` file for better visibility into which dependencies are required for a functional build.

examples/rendezvous/src/main.rs

@@ -33,7 +33,11 @@ use std::time::Duration;
 async fn main() -> Result<(), Box<dyn Error>> {
     env_logger::init();
 
-    let mut swarm = libp2p::SwarmBuilder::with_new_identity()
+    // Results in PeerID 12D3KooWDpJ7As7BWAwRMfu1VU2WCqNjvq387JEYKDBj4kx6nXTN which is
+    // used as the rendezvous point by the other peer examples.
+    let keypair = libp2p::identity::Keypair::ed25519_from_bytes([0; 32]).unwrap();
+
+    let mut swarm = libp2p::SwarmBuilder::with_existing_identity(keypair)
         .with_tokio()
         .with_tcp(
             tcp::Config::default(),

identity/CHANGELOG.md

@@ -1,3 +1,14 @@
+## 0.2.7
+
+- Add `rand` feature to gate methods requiring a random number generator, enabling use in restricted environments (e.g. smartcontracts).
+  This feature is not enabled by default.
+  See [PR 4349](https://github.com/libp2p/rust-libp2p/pull/4349).
+
+## 0.2.6
+
+- Make `PeerId::to_bytes` and `PeerId::to_base58` take `self` by value to follow Rust convention of `Copy` types.
+  See [PR 4653](https://github.com/libp2p/rust-libp2p/pull/4653).
+
 ## 0.2.5
 
 - Fix usage of HKDF within `Keypair::derive_secret`.

identity/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "libp2p-identity"
-version = "0.2.5"
+version = "0.2.7"
 edition = "2021"
 description = "Data structures and algorithms for identifying peers in libp2p."
 rust-version = { workspace = true }
@@ -14,7 +14,7 @@ categories = ["cryptography"]
 [dependencies]
 asn1_der = { version = "0.7.6", optional = true }
 bs58 = { version = "0.5.0", optional = true }
-ed25519-dalek = { version = "2.0", optional = true, features = ["rand_core"] }
+ed25519-dalek = { version = "2.0", optional = true }
 hkdf = { version = "0.12.3", optional = true }
 libsecp256k1 = { version = "0.7.0", optional = true }
 log = "0.4"
@@ -33,11 +33,12 @@ zeroize = { version = "1.6", optional = true }
 ring = { version = "0.16.9", features = [ "alloc", "std"], default-features = false, optional = true }
 
 [features]
-secp256k1 = ["dep:libsecp256k1", "dep:asn1_der", "dep:rand", "dep:sha2", "dep:hkdf", "dep:zeroize"]
-ecdsa = ["dep:p256", "dep:rand", "dep:void", "dep:zeroize", "dep:sec1", "dep:sha2", "dep:hkdf"]
+secp256k1 = ["dep:libsecp256k1", "dep:asn1_der", "dep:sha2", "dep:hkdf", "dep:zeroize"]
+ecdsa = ["dep:p256", "dep:void", "dep:zeroize", "dep:sec1", "dep:sha2", "dep:hkdf"]
 rsa = ["dep:ring", "dep:asn1_der", "dep:rand", "dep:zeroize"]
-ed25519 = ["dep:ed25519-dalek", "dep:rand", "dep:zeroize", "dep:sha2", "dep:hkdf"]
-peerid = ["dep:multihash", "dep:bs58", "dep:rand", "dep:thiserror", "dep:sha2", "dep:hkdf" ]
+ed25519 = ["dep:ed25519-dalek", "dep:zeroize", "dep:sha2", "dep:hkdf"]
+peerid = ["dep:multihash", "dep:bs58", "dep:thiserror", "dep:sha2", "dep:hkdf"]
+rand = ["dep:rand", "ed25519-dalek?/rand_core"]
 
 [dev-dependencies]
 quickcheck = { workspace = true }

identity/src/ecdsa.rs

@@ -44,6 +44,7 @@ pub struct Keypair {
 
 impl Keypair {
     /// Generate a new random ECDSA keypair.
+    #[cfg(feature = "rand")]
     pub fn generate() -> Keypair {
         Keypair::from(SecretKey::generate())
     }
@@ -265,6 +266,7 @@ mod tests {
     use super::*;
 
     #[test]
+    #[cfg(feature = "rand")]
     fn sign_verify() {
         let pair = Keypair::generate();
         let pk = pair.public();

identity/src/ed25519.rs

@@ -34,6 +34,7 @@ pub struct Keypair(ed25519::SigningKey);
 
 impl Keypair {
     /// Generate a new random Ed25519 keypair.
+    #[cfg(feature = "rand")]
     pub fn generate() -> Keypair {
         Keypair::from(SecretKey::generate())
     }
@@ -181,6 +182,7 @@ impl fmt::Debug for SecretKey {
 
 impl SecretKey {
     /// Generate a new Ed25519 secret key.
+    #[cfg(feature = "rand")]
     pub fn generate() -> SecretKey {
         let signing = ed25519::SigningKey::generate(&mut rand::rngs::OsRng);
         SecretKey(signing.to_bytes())
@@ -213,6 +215,7 @@ mod tests {
     }
 
     #[test]
+    #[cfg(feature = "rand")]
     fn ed25519_keypair_encode_decode() {
         fn prop() -> bool {
             let kp1 = Keypair::generate();
@@ -224,6 +227,7 @@ mod tests {
     }
 
     #[test]
+    #[cfg(feature = "rand")]
     fn ed25519_keypair_from_secret() {
         fn prop() -> bool {
             let kp1 = Keypair::generate();
@@ -235,6 +239,7 @@ mod tests {
     }
 
     #[test]
+    #[cfg(feature = "rand")]
     fn ed25519_signature() {
         let kp = Keypair::generate();
         let pk = kp.public();

identity/src/keypair.rs

@@ -102,23 +102,23 @@ enum KeyPairInner {
 
 impl Keypair {
     /// Generate a new Ed25519 keypair.
-    #[cfg(feature = "ed25519")]
+    #[cfg(all(feature = "ed25519", feature = "rand"))]
     pub fn generate_ed25519() -> Keypair {
         Keypair {
             keypair: KeyPairInner::Ed25519(ed25519::Keypair::generate()),
         }
     }
 
     /// Generate a new Secp256k1 keypair.
-    #[cfg(feature = "secp256k1")]
+    #[cfg(all(feature = "secp256k1", feature = "rand"))]
     pub fn generate_secp256k1() -> Keypair {
         Keypair {
             keypair: KeyPairInner::Secp256k1(secp256k1::Keypair::generate()),
         }
     }
 
     /// Generate a new ECDSA keypair.
-    #[cfg(feature = "ecdsa")]
+    #[cfg(all(feature = "ecdsa", feature = "rand"))]
     pub fn generate_ecdsa() -> Keypair {
         Keypair {
             keypair: KeyPairInner::Ecdsa(ecdsa::Keypair::generate()),
@@ -352,7 +352,6 @@ impl Keypair {
     /// ```
     /// # fn main() {
     /// # use libp2p_identity as identity;
-    ///
     /// let key = identity::Keypair::generate_ed25519();
     ///
     /// let new_key = key.derive_secret(b"my encryption key").expect("can derive secret for ed25519");
@@ -926,7 +925,7 @@ mod tests {
     }
 
     #[test]
-    #[cfg(feature = "ed25519")]
+    #[cfg(all(feature = "ed25519", feature = "rand"))]
     fn test_publickey_from_ed25519_public_key() {
         let pubkey = Keypair::generate_ed25519().public();
         let ed25519_pubkey = pubkey
@@ -941,7 +940,7 @@ mod tests {
     }
 
     #[test]
-    #[cfg(feature = "secp256k1")]
+    #[cfg(all(feature = "secp256k1", feature = "rand"))]
     fn test_publickey_from_secp256k1_public_key() {
         let pubkey = Keypair::generate_secp256k1().public();
         let secp256k1_pubkey = pubkey
@@ -955,7 +954,7 @@ mod tests {
     }
 
     #[test]
-    #[cfg(feature = "ecdsa")]
+    #[cfg(all(feature = "ecdsa", feature = "rand"))]
     fn test_publickey_from_ecdsa_public_key() {
         let pubkey = Keypair::generate_ecdsa().public();
         let ecdsa_pubkey = pubkey.clone().try_into_ecdsa().expect("A ecdsa keypair");