v0.36.1

Version 0.36.1

Changed

• #546: Improve debug formatting of instruction in panic receipts.

Fixed

• #547: Bump ed25519-dalek to 2.0.0 to deal with RustSec Advisory
• #524: Fix a crash in CCP instruction when overflowing contract bounds. Fix a bug in CCP where overflowing contract bounds in a different way would not actually copy the contract bytes, but just zeroes out the section. Fix a bug in LDC where it would revert the transaction when the contract bounds were exceeded, when it's just supposed to fill the rest of the bytes with zeroes.

What's Changed

• Instruction debug fmt improvements by @Dentosal in #546
• Fix a crash in CCP and zero-filling issues in CCP and LDC by @Dentosal in #524
• Bump dalek version because of RustSec Advisory by @MitchTurner in #547

Full Changelog: v0.36.0...v0.36.1

v0.36.0

Version 0.36.0

Changed

• #525: The $hp register is no longer restored to it's previous value when returning from a call, making it possible to return heap-allocated types from CALL.
• #535: Add better test coverage for TR and TRO.

Breaking

• #514: Add ChainId and GasCosts to ConsensusParameters.
  Break down ConsensusParameters into sub-structs to match usage. Change signatures of functions to ask for
  necessary fields only.
• #532: The TRO instruction now reverts when attempting to send zero coins to an output. Panic reason of this TransferZeroCoins, and TR was changed to use the same panic reason as well.

Fixed

• #511: Changes multiple panic reasons to be more accurate, and internally refactors instruction fetch logic to be less error-prone.

• #529 #534: Enforcing async WASM initialization for all NPM wrapper packages.

• #531: UtxoId::from_str and TxPointer::from_str no longer crash on invalid input with multibyte characters. Also adds clippy lints to prevent future issues.

Breaking

• #527: The balances are empty during predicate estimation/verification.

What's Changed

• Decompose consensus params by @MitchTurner in #514
• Make ConsensusParameters Serialize/Derserialize again by @MitchTurner in #526
• Follow-up clean ups and fixed for the VM initialization by @xgreenx in #527
• Add a CI action to enforce changelog modification by @xgreenx in #528
• Initializing WASM synchronously by @arboleya in #529
• Reimplement with_params method for TxBuilder by @MitchTurner in #530
• Do not restore $hp when returning from a context by @Dentosal in #525
• Make TRO instruction revert on zero coin amount by @Dentosal in #532
• Fix a crash in UtxoId::from_str and TxPointer::from_str with multibyte characters by @Dentosal in #531
• Forcing async wasm initialization by @arboleya in #534
• Duplicate release 0.35.2 by @xgreenx in #540
• Add more test cases for transfer and transfer_output by @MitchTurner in #535
• Duplicate changes from 0.35.3 release by @xgreenx in #543
• Return correct PanicReason on memory-related panics by @Dentosal in #511
• Add push/pop instructions by @Dentosal in #498
• Fix urls to specification by @Voxelot in #544
• Release v0.36.0 by @xgreenx in #545

New Contributors

• @MitchTurner made their first contribution in #514

Full Changelog: v0.35.3...v0.36.0

v0.35.3

Version 0.35.3

Changed

• #542: Make the fuel-tx WASM compatible with serde feature enabled.

What's Changed

• Make the fuel-tx WASM compatible with serde feature enabled by @xgreenx in #542

Full Changelog: v0.35.2...v0.35.3

v0.35.2

Version 0.35.2

Changed

Breaking

• #539: Rollbacked the change for the gas charging formula.
  Actualized the gas prices for opcodes.

What's Changed

• Actualization of the gas prices for the fuel-core 0.20 release in #539
• The change reverts part of the #504 related to gas charging in #539

Full Changelog: v0.35.1...v0.35.2

v0.35.1

Release v0.35.1

The minor release to trigger publishing of the fuel-asm and fuel-types to npm.

Added

• #499: The wasm_bindgen support of fuel-asm and fuel-types.
  Each new release also publish a typescript analog of the fuel-asm and fuel-types crates to the npm.

What's Changed

• The wasm_bindgen support of fuel-asm and fuel-types by @xgreenx in #499
• Release v0.35.1 by @xgreenx in #517
• Fixing NPM-publish workflow by @arboleya in #519

Full Changelog: v0.35.0...v0.35.1

v0.35.0

Release v0.35.0

The release mostly fixes funding during the audit and integration with the bridge. But the release also contains some new features like:

• Asynchronous predicate estimation/verification.
• Multi-asset support per contract.
• Support Secp256r1 signature recovery and Ed25519 verificaiton.

Added

• #486: Adds ed25519 signature verification and secp256r1 signature recovery to fuel-crypto, and corresponding opcodes ED19 and ECR1 to fuel-vm.

• #500: Introduced ParallelExecutor trait
  and made available async versions of verify and estimate predicates.
  Updated tests to test for both parallel and sequential execution.
  Fixed a bug in transaction/check_predicate_owners.

Breaking

• #506: Added new Mint and Burn variants to Receipt enum.
  It affects serialization and deserialization with new variants.

Changed

Breaking

• #506: The mint and burn
  opcodes accept a new $rB register. It is a sub-identifier used to generate an
  AssetId by this rule.
  This feature allows having multi-asset per one contract. It is a huge breaking change, and
  after this point, ContractId can't be equal to AssetId.

  The conversion like AssetId::from(*contract_id) is no longer valid. Instead, the ContractId implements the ContractIdExt trait:

  /// Trait extends the functionality of the `ContractId` type.
  pub trait ContractIdExt {
      /// Creates an `AssetId` from the `ContractId` and `sub_id`.
      fn asset_id(&self, sub_id: &Bytes32) -> AssetId;
  }

• #506: The mint and burn
  opcodes affect the receipts_root of the Script transaction.

Removed

Breaking

• #486: Removes apparently unused Keystore and Signer traits from fuel-crypto. Also renames ECR opcode to ECK1.

Fixed

• #500: Fixed a bug where MessageCoinPredicate wasn't checked for in check_predicate_owners.

Breaking

• #502: The algorithm used by the
  binary Merkle tree for generating Merkle proofs has been updated to remove
  the leaf data from the proof set. This change allows BMT proofs to conform
  to the format expected by the Solidity contracts used for verifying proofs.

• #503: Use correct amount of gas in call
  receipts when limited by cgas. Before this change, the Receipt::Call could show an incorrect value for the gas limit.

• #504: The CROO and CSIZ opcodes require
  the existence of corresponding ContractId in the transaction's
  inputs(the same behavior as for the CROO opcode).

• #504: The size of the contract
  was incorrectly padded. It affects the end of the call frame in the memory,
  making it not 8 bytes align. Also, it affects the cost of the contract
  call(in some cases, we charged less in some more).

• #504: The charging for DependentCost
  was done incorrectly, devaluing the dep_per_unit part. After the fixing of
  this, the execution should become much more expensive.

• #505: The data field of the Receipt
  is not part of the canonical serialization and deserialization anymore. The SDK should use the
  Receipt type instead of OpaqueReceipt. The Receipt.raw_payload will be removed for the
  fuel-core 0.20. The data field is optional now. The SDK should update serialization and
  deserialization for MessageOut, LogData, and ReturnData receipts.

• #505: The len field of the Receipt
  is not padded anymore and represents an initial value.

All changes:

What's Changed

• Some additional test to verify ecrecovery with TxId and coin witness by @xgreenx in #495
• Add argument names to fuel-asm opcodes by @Dentosal in #497
• Use correct amount of gas in call receipts when limited by cgas by @Dentosal in #503
• bug: Remove leaf data from BMT proofs by @bvrooman in #502
• Bugfixes found during chatting with Auditors on July 7th by @xgreenx in #504
• Removed the data field from canonical serialization and deserialization of receipts by @xgreenx in #505
• Secp256r1 signature recovery and Ed25519 verification by @Dentosal in #486
• enable parallel predicate verification by @leviathanbeak in #500
• Support of the multi-assets per contract by @xgreenx in #506

Full Changelog: v0.34.1...v0.35.0

v0.34.1

Release v0.34.1

Mainly new opcodes prices and small performance improvements in the BinaryMerkleTree.

Changed

• #492 Minor improvements to BMT internals, including a reduction in usage of Box, using expect(...) over unwrap(), and additional comments.

Breaking

• #493 The default GasCostsValues is updated according to the benches with fuel-core 0.19. It may break some unit tests that compare actual gas usage with expected.

What's Changed

• chore: BMT clean up by @bvrooman in #492
• Update gas prices based on fuel-core 0.19 by @xgreenx in #493

Full Changelog: v0.34.0...v0.34.1

v0.34.0

Release v0.34.0

This release contains fixes for critical issues that we found before the audit. Mainly, these changes pertain to the Sparse Merkle Tree (SMT) and related code. The SMT API was extended to provide more flexibility and to allow users to select the most appropriate method their performance needs. Where possible, sequential SMT updates were replaced with constructors that take in a complete data set.

Added

• #476: The fuel_vm::Call supports From<[u8; Self::LEN]> and Into<[u8; Self::LEN]>.

• #484: The sparse::in_memory::MerkleTree got new methods from_set, root_from_set, and nodes_from_set methods. These methods allow a more optimal way to build and calculate the SMT when you know all leaves. The Contract::initial_state_root is much faster now (by ~15 times).

Removed

• #478: The CheckedMemRange is replaced by the MemoryRange.

Changed

• #477: The PanicReason::UnknownPanicReason is 0x00. The PanicReason now implements From<u8> instead of TryFrom<u8> and can't return an error anymore.

• #478: The memcopy method is updated and returns MemoryWriteOverlap instead of MemoryOverflow.

Fixed

• #482: This PR address a security issue where updates to a Sparse Merkle Tree could deliberately overwrite existing leaves by setting the leaf key to the hash of an existing leaf or node. This is done by removing the insertion of the leaf using the leaf key.

• #484: Fixed bug with not-working CreateMetadata.

Breaking

• #473: CFS and CFSI were not validating
  that the new $sp value isn't below $ssp, allowing write access to non-owned
  memory. This is now fixed, and attempting to set an incorrect $sp value panics.

• #485: This PR addresses a security
  issue where the user may manipulate the structure of the Sparse Merkle Tree.
  SMT expects hashed storage key wrapped into a MerkleTreeKey structure.
  The change is breaking because it changes the state_root generated by the SMT
  and may change the ContractId if the Create transaction has non-empty StoargeSlots.

All changes:

• Disallow setting $sp < $ssp using CFS and CFSI instructions by @Dentosal in #473
• MemoryRange rework by @Dentosal in #478
• Return the previous behavior of the data length GTF by @xgreenx in #481
• chore: optimize smt common prefix count by @bvrooman in #475
• refactor: SMT path iter uses leaf key by @bvrooman in #482
• Added a test to show a problem with leaf overriding by @xgreenx in #469
• Minor readibility improvements by @Dentosal in #476
• feat: SMT update set by @bvrooman in #467
• Added more detailed descriptions to README files by @xgreenx in #487
• Use a new sparse::MerkleTree::from_set function to calculate state root by @xgreenx in #484
• Changed the API of the SparseMerkleTree to accept MerkleStorageKey by @xgreenx in #485
• PanicReason rework by @Dentosal in #477
• Use nightly rustfmt with .rustfmt.toml from fuel-core by @xgreenx in #489
• Bump version to 0.34.0 and finilized the CHANGELOG.md by @xgreenx in #488
• dev-deps on local crate must use path by @Voxelot in #490

Full Changelog: v0.33.0...v0.34.0

v0.31.2

What's Changed

• Return the previous behavior of the data length GTF by @xgreenx in #479

Full Changelog: v0.31.1...v0.31.2

v0.33.0

Release v0.33.0

The release contains a lot of breaking changes.
Most of them are audit blockers and affect the protocol itself.
Starting this release we plan to maintain the changelog file and describe all minor and major changes that make sense.

Added

Breaking

• #386: The coin and message inputs
  got a new field - predicate_gas_used. So it breaks the constructor API
  of these inputs.

  The value of this field is zero for non-predicate inputs, but for the
  predicates, it indicates the exact amount of gas used by the predicate
  to execute. If after the execution of the predicate remaining gas is not
  zero, then the predicate execution failed.

  This field is malleable but will be used by the VM, and each predicate
  should be estimated before performing the verification logic.
  The Transaction, Create, and Script types implement the
  EstimatePredicates for these purposes.

  /// Provides predicate estimation functionality for the transaction.
  pub trait EstimatePredicates: Sized {
      /// Estimates predicates of the transaction.
      fn estimate_predicates(&mut self, params: &ConsensusParameters, gas_costs: &GasCosts) -> Result<(), CheckError>;
  }

  During the creation of the Input, the best strategy is to use a default
  value like 0 and call the estimate_predicates method to actualize
  the predicate_gas_used after.

• #454: VM native array-backed types
  Address, AssetId, ContractId, Bytes4, Bytes8, Bytes20, Bytes32,
  Nonce, MessageId, Salt now use more compact representation instead of
  hex-encoded string when serialized using serde format that sets
  is_human_readable to false.

• #456: Added a new type - ChainId to represent the identifier of the chain.
  It is a wrapper around the u64, so any u64 can be converted into this type via .into() or ChainId::new(...).

• #459 Require witness index to be specified when adding an unsigned coin to a transaction.
  This allows for better reuse of witness data when using the transaction builder and helper methods to make transactions compact.

• #462: Adds a cache parameter to Input::check and Input::check_signature.
  This is used to avoid redundant signature recovery when multiple inputs share the same witness index.

Changed

• #458: Automatically sort storage slots for creation transactions.

Breaking

• #386: Several methods of the TransactionFee are renamed total -> max_fee
  and bytes -> min_fee. The TransactionFee::min_fee take into account the gas used by predicates.

• #450: The Merkle root of a contract's code is now calculated by partitioning the code into chunks of 16 KiB, instead of 8 bytes. If the last leaf is does not a full 16 KiB, it is padded with 0 up to the nearest multiple of 8 bytes. This affects the ContractId and PredicateId calculations, breaking all code that used hardcoded values.

• #456: The basic methods UniqueIdentifier::id, Signable::sign_inputs,
  and Input::predicate_owner use ChainId instead of the ConsensusParameters.
  It is a less strict requirement than before because you can get ChainId
  from ConsensusParameters.chain_id, and it makes the API cleaner.
  It affects all downstream functions that use listed methods.

• #463: Moves verification that the Output::ContractCreated
  output contains valid contract_id and state_root(the values from the Output match with calculated
  values from the bytecode, storage slots, and salt) from fuel-vm to fuel-tx.
  It means the end-user will receive this error earlier on the SDK side before dry_run instead of after.

Fixed

Breaking

• #457: Transactions got one more validity rule:
  Each Script or Create transaction requires at least one input coin or message to be spendable.
  It may break code/tests that previously didn't set any spendable inputs.
  Note: Message with non-empty data field is not spendable.

• #458: The storage slots with the same key inside the Create transaction are forbidden.

All changes:

• Add empty changelog file by @xgreenx in #455
• Added a new type ChainId and re-used it for signing of transactions by @xgreenx in #456
• Sort storage slots on create transactions automatically by @Voxelot in #458
• Do not hex-format primitives when format doesn't require it by @Dentosal in #454
• Predicate Estimation VM part by @xgreenx in #460
• Reuse witnesses for identical secrets when building transactions by @Voxelot in #459
• Inputs have at least one spendable coin or message by @xgreenx in #457
• feat: Update contract leaf size by @bvrooman in #450
• Signature caching during validation by @Voxelot in #462
• Moved the check of the contract_id and state_root from fuel-vm to fuel-tx by @xgreenx in #463
• Minor improvements during integration with fuel-core by @xgreenx in #465
• Bump version to 0.33.0 by @xgreenx in #466

Full Changelog: v0.32.0...v0.33.0