iota_protocol_config/
lib.rs

1// Copyright (c) Mysten Labs, Inc.
2// Modifications Copyright (c) 2024 IOTA Stiftung
3// SPDX-License-Identifier: Apache-2.0
4
5use std::{
6    cell::RefCell,
7    cmp::min,
8    sync::atomic::{AtomicBool, Ordering},
9};
10
11use clap::*;
12use iota_protocol_config_macros::{
13    ProtocolConfigAccessors, ProtocolConfigFeatureFlagsGetters, ProtocolConfigOverride,
14};
15use move_vm_config::verifier::VerifierConfig;
16use serde::{Deserialize, Serialize};
17use serde_with::skip_serializing_none;
18use tracing::{info, warn};
19
20/// The minimum and maximum protocol versions supported by this build.
21const MIN_PROTOCOL_VERSION: u64 = 1;
22pub const MAX_PROTOCOL_VERSION: u64 = 12;
23
24// Record history of protocol version allocations here:
25//
26// Version 1:  Original version.
27// Version 2:  Don't redistribute slashed staking rewards, fix computation of
28//             SystemEpochInfoEventV1.
29// Version 3:  Set the `relocate_event_module` to be true so that the module
30//             that is associated as the "sending module" for an event is
31//             relocated by linkage.
32//             Add `Clock` based unlock to `Timelock` objects.
33// Version 4:  Introduce the `max_type_to_layout_nodes` config that sets the
34//             maximal nodes which are allowed when converting to a type layout.
35// Version 5:  Introduce fixed protocol-defined base fee, IotaSystemStateV2 and
36//             SystemEpochInfoEventV2.
37//             Disallow adding new modules in `deps-only` packages.
38//             Improve gas/wall time efficiency of some Move stdlib vector
39//             functions.
40//             Add new gas model version to update charging of functions.
41//             Enable proper conversion of certain type argument errors in the
42//             execution layer.
43// Version 6:  Bound size of values created in the adapter.
44// Version 7:  Improve handling of stake withdrawal from candidate validators.
45// Version 8:  Variants as type nodes.
46//             Enable smart ancestor selection for testnet.
47//             Enable probing for accepted rounds in round prober for testnet.
48//             Switch to distributed vote scoring in consensus in testnet.
49//             Enable zstd compression for consensus tonic network in testnet.
50//             Enable consensus garbage collection for testnet
51//             Enable the new consensus commit rule for testnet.
52//             Enable min_free_execution_slot for the shared object congestion
53//             tracker in devnet.
54// Version 9:  Disable smart ancestor selection for the testnet.
55//             Enable zstd compression for consensus tonic network in mainnet.
56//             Enable passkey auth in multisig for devnet.
57//             Remove the iota-bridge from the framework.
58// Version 10: Enable min_free_execution_slot for the shared object congestion
59//             tracker in all networks.
60//             Increase the committee size to 80 on all networks.
61//             Enable round prober in consensus for mainnet.
62//             Enable probing for accepted rounds in round prober for mainnet.
63//             Switch to distributed vote scoring in consensus for mainnet.
64//             Enable the new consensus commit rule for mainnet.
65//             Enable consensus garbage collection for mainnet with GC depth set
66//             to 60 rounds.
67//             Enable batching in synchronizer for testnet
68//             Enable the gas price feedback mechanism in devnet.
69//             Enable Identifier input validation.
70//             Removes unnecessary child object mutations
71//             Add additional signature checks
72//             Add additional linkage checks
73// Version 11: Framework fix regarding candidate validator commission rate.
74// Version 12: Enable the gas price feedback mechanism in all networks.
75//             Enable the normalization of PTB arguments.
76
77#[derive(Copy, Clone, Debug, Hash, Serialize, Deserialize, PartialEq, Eq, PartialOrd, Ord)]
78pub struct ProtocolVersion(u64);
79
80impl ProtocolVersion {
81    // The minimum and maximum protocol version supported by this binary.
82    // Counterintuitively, this constant may change over time as support for old
83    // protocol versions is removed from the source. This ensures that when a
84    // new network (such as a testnet) is created, its genesis committee will
85    // use a protocol version that is actually supported by the binary.
86    pub const MIN: Self = Self(MIN_PROTOCOL_VERSION);
87
88    pub const MAX: Self = Self(MAX_PROTOCOL_VERSION);
89
90    #[cfg(not(msim))]
91    const MAX_ALLOWED: Self = Self::MAX;
92
93    // We create one additional "fake" version in simulator builds so that we can
94    // test upgrades.
95    #[cfg(msim)]
96    pub const MAX_ALLOWED: Self = Self(MAX_PROTOCOL_VERSION + 1);
97
98    pub fn new(v: u64) -> Self {
99        Self(v)
100    }
101
102    pub const fn as_u64(&self) -> u64 {
103        self.0
104    }
105
106    // For serde deserialization - we don't define a Default impl because there
107    // isn't a single universally appropriate default value.
108    pub fn max() -> Self {
109        Self::MAX
110    }
111}
112
113impl From<u64> for ProtocolVersion {
114    fn from(v: u64) -> Self {
115        Self::new(v)
116    }
117}
118
119impl std::ops::Sub<u64> for ProtocolVersion {
120    type Output = Self;
121    fn sub(self, rhs: u64) -> Self::Output {
122        Self::new(self.0 - rhs)
123    }
124}
125
126impl std::ops::Add<u64> for ProtocolVersion {
127    type Output = Self;
128    fn add(self, rhs: u64) -> Self::Output {
129        Self::new(self.0 + rhs)
130    }
131}
132
133#[derive(Clone, Serialize, Deserialize, Debug, PartialEq, Copy, PartialOrd, Ord, Eq, ValueEnum)]
134pub enum Chain {
135    Mainnet,
136    Testnet,
137    Unknown,
138}
139
140impl Default for Chain {
141    fn default() -> Self {
142        Self::Unknown
143    }
144}
145
146impl Chain {
147    pub fn as_str(self) -> &'static str {
148        match self {
149            Chain::Mainnet => "mainnet",
150            Chain::Testnet => "testnet",
151            Chain::Unknown => "unknown",
152        }
153    }
154}
155
156pub struct Error(pub String);
157
158// TODO: There are quite a few non boolean values in the feature flags. We
159// should move them out.
160/// Records on/off feature flags that may vary at each protocol version.
161#[derive(Default, Clone, Serialize, Deserialize, Debug, ProtocolConfigFeatureFlagsGetters)]
162struct FeatureFlags {
163    // Add feature flags here, e.g.:
164    // new_protocol_feature: bool,
165
166    // Disables unnecessary invariant check in the Move VM when swapping the value out of a local
167    // This flag is used to provide the correct MoveVM configuration for clients.
168    #[serde(skip_serializing_if = "is_true")]
169    disable_invariant_violation_check_in_swap_loc: bool,
170
171    // If true, checks no extra bytes in a compiled module
172    // This flag is used to provide the correct MoveVM configuration for clients.
173    #[serde(skip_serializing_if = "is_true")]
174    no_extraneous_module_bytes: bool,
175
176    // Enable zklogin auth
177    #[serde(skip_serializing_if = "is_false")]
178    zklogin_auth: bool,
179
180    // How we order transactions coming out of consensus before sending to execution.
181    #[serde(skip_serializing_if = "ConsensusTransactionOrdering::is_none")]
182    consensus_transaction_ordering: ConsensusTransactionOrdering,
183
184    #[serde(skip_serializing_if = "is_false")]
185    enable_jwk_consensus_updates: bool,
186
187    // If true, multisig containing zkLogin sig is accepted.
188    #[serde(skip_serializing_if = "is_false")]
189    accept_zklogin_in_multisig: bool,
190
191    // If true, use the hardened OTW check
192    // This flag is used to provide the correct MoveVM configuration for clients.
193    #[serde(skip_serializing_if = "is_true")]
194    hardened_otw_check: bool,
195
196    // Enable the poseidon hash function
197    #[serde(skip_serializing_if = "is_false")]
198    enable_poseidon: bool,
199
200    // Enable native function for msm.
201    #[serde(skip_serializing_if = "is_false")]
202    enable_group_ops_native_function_msm: bool,
203
204    // Controls the behavior of per object congestion control in consensus handler.
205    #[serde(skip_serializing_if = "PerObjectCongestionControlMode::is_none")]
206    per_object_congestion_control_mode: PerObjectCongestionControlMode,
207
208    // The consensus protocol to be used for the epoch.
209    #[serde(skip_serializing_if = "ConsensusChoice::is_mysticeti")]
210    consensus_choice: ConsensusChoice,
211
212    // Consensus network to use.
213    #[serde(skip_serializing_if = "ConsensusNetwork::is_tonic")]
214    consensus_network: ConsensusNetwork,
215
216    // Set the upper bound allowed for max_epoch in zklogin signature.
217    #[serde(skip_serializing_if = "Option::is_none")]
218    zklogin_max_epoch_upper_bound_delta: Option<u64>,
219
220    // Enable VDF
221    #[serde(skip_serializing_if = "is_false")]
222    enable_vdf: bool,
223
224    // Enable passkey auth (SIP-9)
225    #[serde(skip_serializing_if = "is_false")]
226    passkey_auth: bool,
227
228    // Rethrow type layout errors during serialization instead of trying to convert them.
229    // This flag is used to provide the correct MoveVM configuration for clients.
230    #[serde(skip_serializing_if = "is_true")]
231    rethrow_serialization_type_layout_errors: bool,
232
233    // Makes the event's sending module version-aware.
234    #[serde(skip_serializing_if = "is_false")]
235    relocate_event_module: bool,
236
237    // Enable a protocol-defined base gas price for all transactions.
238    #[serde(skip_serializing_if = "is_false")]
239    protocol_defined_base_fee: bool,
240
241    // Enable uncompressed group elements in BLS123-81 G1
242    #[serde(skip_serializing_if = "is_false")]
243    uncompressed_g1_group_elements: bool,
244
245    // Disallow adding new modules in `deps-only` packages.
246    #[serde(skip_serializing_if = "is_false")]
247    disallow_new_modules_in_deps_only_packages: bool,
248
249    // Enable v2 native charging for natives.
250    #[serde(skip_serializing_if = "is_false")]
251    native_charging_v2: bool,
252
253    // Properly convert certain type argument errors in the execution layer.
254    #[serde(skip_serializing_if = "is_false")]
255    convert_type_argument_error: bool,
256
257    // Probe rounds received by peers from every authority.
258    #[serde(skip_serializing_if = "is_false")]
259    consensus_round_prober: bool,
260
261    // Use distributed vote leader scoring strategy in consensus.
262    #[serde(skip_serializing_if = "is_false")]
263    consensus_distributed_vote_scoring_strategy: bool,
264
265    // Enables the new logic for collecting the subdag in the consensus linearizer. The new logic
266    // does not stop the recursion at the highest committed round for each authority, but
267    // allows to commit uncommitted blocks up to gc round (excluded) for that authority.
268    #[serde(skip_serializing_if = "is_false")]
269    consensus_linearize_subdag_v2: bool,
270
271    // Variants count as nodes
272    #[serde(skip_serializing_if = "is_false")]
273    variant_nodes: bool,
274
275    // Use smart ancestor selection in consensus.
276    #[serde(skip_serializing_if = "is_false")]
277    consensus_smart_ancestor_selection: bool,
278
279    // Probe accepted rounds in round prober.
280    #[serde(skip_serializing_if = "is_false")]
281    consensus_round_prober_probe_accepted_rounds: bool,
282
283    // If true, enable zstd compression for consensus tonic network.
284    #[serde(skip_serializing_if = "is_false")]
285    consensus_zstd_compression: bool,
286
287    // Use the minimum free execution slot to schedule execution of a transaction in the shared
288    // object congestion tracker.
289    #[serde(skip_serializing_if = "is_false")]
290    congestion_control_min_free_execution_slot: bool,
291
292    // If true, multisig containing passkey sig is accepted.
293    #[serde(skip_serializing_if = "is_false")]
294    accept_passkey_in_multisig: bool,
295
296    // If true, enabled batched block sync in consensus.
297    #[serde(skip_serializing_if = "is_false")]
298    consensus_batched_block_sync: bool,
299
300    // To enable/disable the gas price feedback mechanism used for transactions
301    // cancelled due to shared object congestion
302    #[serde(skip_serializing_if = "is_false")]
303    congestion_control_gas_price_feedback_mechanism: bool,
304
305    // Validate identifier inputs separately
306    #[serde(skip_serializing_if = "is_false")]
307    validate_identifier_inputs: bool,
308
309    // If true, enables the optimizations for child object mutations, removing unnecessary
310    // mutations
311    #[serde(skip_serializing_if = "is_false")]
312    minimize_child_object_mutations: bool,
313
314    // If true enable additional linkage checks.
315    #[serde(skip_serializing_if = "is_false")]
316    dependency_linkage_error: bool,
317
318    // If true enable additional multisig checks.
319    #[serde(skip_serializing_if = "is_false")]
320    additional_multisig_checks: bool,
321
322    // If true, enables the normalization of PTB arguments but does not yet enable splatting
323    // `Result`s of length not equal to 1
324    #[serde(skip_serializing_if = "is_false")]
325    normalize_ptb_arguments: bool,
326}
327
328fn is_true(b: &bool) -> bool {
329    *b
330}
331
332fn is_false(b: &bool) -> bool {
333    !b
334}
335
336/// Ordering mechanism for transactions in one consensus output.
337#[derive(Default, Copy, Clone, PartialEq, Eq, Serialize, Deserialize, Debug)]
338pub enum ConsensusTransactionOrdering {
339    /// No ordering. Transactions are processed in the order they appear in the
340    /// consensus output.
341    #[default]
342    None,
343    /// Order transactions by gas price, highest first.
344    ByGasPrice,
345}
346
347impl ConsensusTransactionOrdering {
348    pub fn is_none(&self) -> bool {
349        matches!(self, ConsensusTransactionOrdering::None)
350    }
351}
352
353// The config for per object congestion control in consensus handler.
354#[derive(Default, Copy, Clone, PartialEq, Eq, Serialize, Deserialize, Debug)]
355pub enum PerObjectCongestionControlMode {
356    #[default]
357    None, // No congestion control.
358    TotalGasBudget, // Use txn gas budget as execution cost.
359    TotalTxCount,   // Use total txn count as execution cost.
360}
361
362impl PerObjectCongestionControlMode {
363    pub fn is_none(&self) -> bool {
364        matches!(self, PerObjectCongestionControlMode::None)
365    }
366}
367
368// Configuration options for consensus algorithm.
369#[derive(Default, Copy, Clone, PartialEq, Eq, Serialize, Deserialize, Debug)]
370pub enum ConsensusChoice {
371    #[default]
372    Mysticeti,
373}
374
375impl ConsensusChoice {
376    pub fn is_mysticeti(&self) -> bool {
377        matches!(self, ConsensusChoice::Mysticeti)
378    }
379}
380
381// Configuration options for consensus network.
382#[derive(Default, Copy, Clone, PartialEq, Eq, Serialize, Deserialize, Debug)]
383pub enum ConsensusNetwork {
384    #[default]
385    Tonic,
386}
387
388impl ConsensusNetwork {
389    pub fn is_tonic(&self) -> bool {
390        matches!(self, ConsensusNetwork::Tonic)
391    }
392}
393
394/// Constants that change the behavior of the protocol.
395///
396/// The value of each constant here must be fixed for a given protocol version.
397/// To change the value of a constant, advance the protocol version, and add
398/// support for it in `get_for_version` under the new version number.
399/// (below).
400///
401/// To add a new field to this struct, use the following procedure:
402/// - Advance the protocol version.
403/// - Add the field as a private `Option<T>` to the struct.
404/// - Initialize the field to `None` in prior protocol versions.
405/// - Initialize the field to `Some(val)` for your new protocol version.
406/// - Add a public getter that simply unwraps the field.
407/// - Two public getters of the form `field(&self) -> field_type` and
408///   `field_as_option(&self) -> Option<field_type>` will be automatically
409///   generated for you.
410/// Example for a field: `new_constant: Option<u64>`
411/// ```rust,ignore
412///      pub fn new_constant(&self) -> u64 {
413///         self.new_constant.expect(Self::CONSTANT_ERR_MSG)
414///     }
415///      pub fn new_constant_as_option(&self) -> Option<u64> {
416///         self.new_constant.expect(Self::CONSTANT_ERR_MSG)
417///     }
418/// ```
419/// With `pub fn new_constant(&self) -> u64`, if the constant is accessed in a
420/// protocol version in which it is not defined, the validator will crash.
421/// (Crashing is necessary because this type of error would almost always result
422/// in forking if not prevented here). If you don't want the validator to crash,
423/// you can use the `pub fn new_constant_as_option(&self) -> Option<u64>`
424/// getter, which will return `None` if the field is not defined at that
425/// version.
426/// - If you want a customized getter, you can add a method in the impl.
427#[skip_serializing_none]
428#[derive(Clone, Serialize, Debug, ProtocolConfigAccessors, ProtocolConfigOverride)]
429pub struct ProtocolConfig {
430    pub version: ProtocolVersion,
431
432    feature_flags: FeatureFlags,
433
434    // ==== Transaction input limits ====
435
436    //
437    /// Maximum serialized size of a transaction (in bytes).
438    max_tx_size_bytes: Option<u64>,
439
440    /// Maximum number of input objects to a transaction. Enforced by the
441    /// transaction input checker
442    max_input_objects: Option<u64>,
443
444    /// Max size of objects a transaction can write to disk after completion.
445    /// Enforce by the IOTA adapter. This is the sum of the serialized size
446    /// of all objects written to disk. The max size of individual objects
447    /// on the other hand is `max_move_object_size`.
448    max_size_written_objects: Option<u64>,
449    /// Max size of objects a system transaction can write to disk after
450    /// completion. Enforce by the IOTA adapter. Similar to
451    /// `max_size_written_objects` but for system transactions.
452    max_size_written_objects_system_tx: Option<u64>,
453
454    /// Maximum size of serialized transaction effects.
455    max_serialized_tx_effects_size_bytes: Option<u64>,
456
457    /// Maximum size of serialized transaction effects for system transactions.
458    max_serialized_tx_effects_size_bytes_system_tx: Option<u64>,
459
460    /// Maximum number of gas payment objects for a transaction.
461    max_gas_payment_objects: Option<u32>,
462
463    /// Maximum number of modules in a Publish transaction.
464    max_modules_in_publish: Option<u32>,
465
466    /// Maximum number of transitive dependencies in a package when publishing.
467    max_package_dependencies: Option<u32>,
468
469    /// Maximum number of arguments in a move call or a
470    /// ProgrammableTransaction's TransferObjects command.
471    max_arguments: Option<u32>,
472
473    /// Maximum number of total type arguments, computed recursively.
474    max_type_arguments: Option<u32>,
475
476    /// Maximum depth of an individual type argument.
477    max_type_argument_depth: Option<u32>,
478
479    /// Maximum size of a Pure CallArg.
480    max_pure_argument_size: Option<u32>,
481
482    /// Maximum number of Commands in a ProgrammableTransaction.
483    max_programmable_tx_commands: Option<u32>,
484
485    // ==== Move VM, Move bytecode verifier, and execution limits ===
486
487    //
488    /// Maximum Move bytecode version the VM understands. All older versions are
489    /// accepted.
490    move_binary_format_version: Option<u32>,
491    min_move_binary_format_version: Option<u32>,
492
493    /// Configuration controlling binary tables size.
494    binary_module_handles: Option<u16>,
495    binary_struct_handles: Option<u16>,
496    binary_function_handles: Option<u16>,
497    binary_function_instantiations: Option<u16>,
498    binary_signatures: Option<u16>,
499    binary_constant_pool: Option<u16>,
500    binary_identifiers: Option<u16>,
501    binary_address_identifiers: Option<u16>,
502    binary_struct_defs: Option<u16>,
503    binary_struct_def_instantiations: Option<u16>,
504    binary_function_defs: Option<u16>,
505    binary_field_handles: Option<u16>,
506    binary_field_instantiations: Option<u16>,
507    binary_friend_decls: Option<u16>,
508    binary_enum_defs: Option<u16>,
509    binary_enum_def_instantiations: Option<u16>,
510    binary_variant_handles: Option<u16>,
511    binary_variant_instantiation_handles: Option<u16>,
512
513    /// Maximum size of the `contents` part of an object, in bytes. Enforced by
514    /// the IOTA adapter when effects are produced.
515    max_move_object_size: Option<u64>,
516
517    // TODO: Option<increase to 500 KB. currently, publishing a package > 500 KB exceeds the max
518    // computation gas cost
519    /// Maximum size of a Move package object, in bytes. Enforced by the IOTA
520    /// adapter at the end of a publish transaction.
521    max_move_package_size: Option<u64>,
522
523    /// Max number of publish or upgrade commands allowed in a programmable
524    /// transaction block.
525    max_publish_or_upgrade_per_ptb: Option<u64>,
526
527    /// Maximum gas budget in NANOS that a transaction can use.
528    max_tx_gas: Option<u64>,
529
530    /// Maximum amount of the proposed gas price in NANOS (defined in the
531    /// transaction).
532    max_gas_price: Option<u64>,
533
534    /// The max computation bucket for gas. This is the max that can be charged
535    /// for computation.
536    max_gas_computation_bucket: Option<u64>,
537
538    // Define the value used to round up computation gas charges
539    gas_rounding_step: Option<u64>,
540
541    /// Maximum number of nested loops. Enforced by the Move bytecode verifier.
542    max_loop_depth: Option<u64>,
543
544    /// Maximum number of type arguments that can be bound to generic type
545    /// parameters. Enforced by the Move bytecode verifier.
546    max_generic_instantiation_length: Option<u64>,
547
548    /// Maximum number of parameters that a Move function can have. Enforced by
549    /// the Move bytecode verifier.
550    max_function_parameters: Option<u64>,
551
552    /// Maximum number of basic blocks that a Move function can have. Enforced
553    /// by the Move bytecode verifier.
554    max_basic_blocks: Option<u64>,
555
556    /// Maximum stack size value. Enforced by the Move bytecode verifier.
557    max_value_stack_size: Option<u64>,
558
559    /// Maximum number of "type nodes", a metric for how big a SignatureToken
560    /// will be when expanded into a fully qualified type. Enforced by the Move
561    /// bytecode verifier.
562    max_type_nodes: Option<u64>,
563
564    /// Maximum number of push instructions in one function. Enforced by the
565    /// Move bytecode verifier.
566    max_push_size: Option<u64>,
567
568    /// Maximum number of struct definitions in a module. Enforced by the Move
569    /// bytecode verifier.
570    max_struct_definitions: Option<u64>,
571
572    /// Maximum number of function definitions in a module. Enforced by the Move
573    /// bytecode verifier.
574    max_function_definitions: Option<u64>,
575
576    /// Maximum number of fields allowed in a struct definition. Enforced by the
577    /// Move bytecode verifier.
578    max_fields_in_struct: Option<u64>,
579
580    /// Maximum dependency depth. Enforced by the Move linker when loading
581    /// dependent modules.
582    max_dependency_depth: Option<u64>,
583
584    /// Maximum number of Move events that a single transaction can emit.
585    /// Enforced by the VM during execution.
586    max_num_event_emit: Option<u64>,
587
588    /// Maximum number of new IDs that a single transaction can create. Enforced
589    /// by the VM during execution.
590    max_num_new_move_object_ids: Option<u64>,
591
592    /// Maximum number of new IDs that a single system transaction can create.
593    /// Enforced by the VM during execution.
594    max_num_new_move_object_ids_system_tx: Option<u64>,
595
596    /// Maximum number of IDs that a single transaction can delete. Enforced by
597    /// the VM during execution.
598    max_num_deleted_move_object_ids: Option<u64>,
599
600    /// Maximum number of IDs that a single system transaction can delete.
601    /// Enforced by the VM during execution.
602    max_num_deleted_move_object_ids_system_tx: Option<u64>,
603
604    /// Maximum number of IDs that a single transaction can transfer. Enforced
605    /// by the VM during execution.
606    max_num_transferred_move_object_ids: Option<u64>,
607
608    /// Maximum number of IDs that a single system transaction can transfer.
609    /// Enforced by the VM during execution.
610    max_num_transferred_move_object_ids_system_tx: Option<u64>,
611
612    /// Maximum size of a Move user event. Enforced by the VM during execution.
613    max_event_emit_size: Option<u64>,
614
615    /// Maximum size of a Move user event. Enforced by the VM during execution.
616    max_event_emit_size_total: Option<u64>,
617
618    /// Maximum length of a vector in Move. Enforced by the VM during execution,
619    /// and for constants, by the verifier.
620    max_move_vector_len: Option<u64>,
621
622    /// Maximum length of an `Identifier` in Move. Enforced by the bytecode
623    /// verifier at signing.
624    max_move_identifier_len: Option<u64>,
625
626    /// Maximum depth of a Move value within the VM.
627    max_move_value_depth: Option<u64>,
628
629    /// Maximum number of variants in an enum. Enforced by the bytecode verifier
630    /// at signing.
631    max_move_enum_variants: Option<u64>,
632
633    /// Maximum number of back edges in Move function. Enforced by the bytecode
634    /// verifier at signing.
635    max_back_edges_per_function: Option<u64>,
636
637    /// Maximum number of back edges in Move module. Enforced by the bytecode
638    /// verifier at signing.
639    max_back_edges_per_module: Option<u64>,
640
641    /// Maximum number of meter `ticks` spent verifying a Move function.
642    /// Enforced by the bytecode verifier at signing.
643    max_verifier_meter_ticks_per_function: Option<u64>,
644
645    /// Maximum number of meter `ticks` spent verifying a Move function.
646    /// Enforced by the bytecode verifier at signing.
647    max_meter_ticks_per_module: Option<u64>,
648
649    /// Maximum number of meter `ticks` spent verifying a Move package. Enforced
650    /// by the bytecode verifier at signing.
651    max_meter_ticks_per_package: Option<u64>,
652
653    // === Object runtime internal operation limits ====
654    // These affect dynamic fields
655
656    //
657    /// Maximum number of cached objects in the object runtime ObjectStore.
658    /// Enforced by object runtime during execution
659    object_runtime_max_num_cached_objects: Option<u64>,
660
661    /// Maximum number of cached objects in the object runtime ObjectStore in
662    /// system transaction. Enforced by object runtime during execution
663    object_runtime_max_num_cached_objects_system_tx: Option<u64>,
664
665    /// Maximum number of stored objects accessed by object runtime ObjectStore.
666    /// Enforced by object runtime during execution
667    object_runtime_max_num_store_entries: Option<u64>,
668
669    /// Maximum number of stored objects accessed by object runtime ObjectStore
670    /// in system transaction. Enforced by object runtime during execution
671    object_runtime_max_num_store_entries_system_tx: Option<u64>,
672
673    // === Execution gas costs ====
674
675    //
676    /// Base cost for any IOTA transaction
677    base_tx_cost_fixed: Option<u64>,
678
679    /// Additional cost for a transaction that publishes a package
680    /// i.e., the base cost of such a transaction is base_tx_cost_fixed +
681    /// package_publish_cost_fixed
682    package_publish_cost_fixed: Option<u64>,
683
684    /// Cost per byte of a Move call transaction
685    /// i.e., the cost of such a transaction is base_cost +
686    /// (base_tx_cost_per_byte * size)
687    base_tx_cost_per_byte: Option<u64>,
688
689    /// Cost per byte for a transaction that publishes a package
690    package_publish_cost_per_byte: Option<u64>,
691
692    // Per-byte cost of reading an object during transaction execution
693    obj_access_cost_read_per_byte: Option<u64>,
694
695    // Per-byte cost of writing an object during transaction execution
696    obj_access_cost_mutate_per_byte: Option<u64>,
697
698    // Per-byte cost of deleting an object during transaction execution
699    obj_access_cost_delete_per_byte: Option<u64>,
700
701    /// Per-byte cost charged for each input object to a transaction.
702    /// Meant to approximate the cost of checking locks for each object
703    // TODO: Option<I'm not sure that this cost makes sense. Checking locks is "free"
704    // in the sense that an invalid tx that can never be committed/pay gas can
705    // force validators to check an arbitrary number of locks. If those checks are
706    // "free" for invalid transactions, why charge for them in valid transactions
707    // TODO: Option<if we keep this, I think we probably want it to be a fixed cost rather
708    // than a per-byte cost. checking an object lock should not require loading an
709    // entire object, just consulting an ID -> tx digest map
710    obj_access_cost_verify_per_byte: Option<u64>,
711
712    // Maximal nodes which are allowed when converting to a type layout.
713    max_type_to_layout_nodes: Option<u64>,
714
715    // Maximal size in bytes that a PTB value can be
716    max_ptb_value_size: Option<u64>,
717
718    // === Gas version. gas model ===
719
720    //
721    /// Gas model version, what code we are using to charge gas
722    gas_model_version: Option<u64>,
723
724    // === Storage gas costs ===
725
726    //
727    /// Per-byte cost of storing an object in the IOTA global object store. Some
728    /// of this cost may be refundable if the object is later freed
729    obj_data_cost_refundable: Option<u64>,
730
731    // Per-byte cost of storing an object in the IOTA transaction log (e.g., in
732    // CertifiedTransactionEffects) This depends on the size of various fields including the
733    // effects TODO: Option<I don't fully understand this^ and more details would be useful
734    obj_metadata_cost_non_refundable: Option<u64>,
735
736    // === Tokenomics ===
737
738    // TODO: Option<this should be changed to u64.
739    /// Sender of a txn that touches an object will get this percent of the
740    /// storage rebate back. In basis point.
741    storage_rebate_rate: Option<u64>,
742
743    /// The share of rewards that will be slashed and redistributed is 50%.
744    /// In basis point.
745    reward_slashing_rate: Option<u64>,
746
747    /// Unit storage gas price, Nanos per internal gas unit.
748    storage_gas_price: Option<u64>,
749
750    // Base gas price for computation gas, nanos per computation unit.
751    base_gas_price: Option<u64>,
752
753    /// The number of tokens minted as a validator subsidy per epoch.
754    validator_target_reward: Option<u64>,
755
756    // === Core Protocol ===
757
758    //
759    /// Max number of transactions per checkpoint.
760    /// Note that this is a protocol constant and not a config as validators
761    /// must have this set to the same value, otherwise they *will* fork.
762    max_transactions_per_checkpoint: Option<u64>,
763
764    /// Max size of a checkpoint in bytes.
765    /// Note that this is a protocol constant and not a config as validators
766    /// must have this set to the same value, otherwise they *will* fork.
767    max_checkpoint_size_bytes: Option<u64>,
768
769    /// A protocol upgrade always requires 2f+1 stake to agree. We support a
770    /// buffer of additional stake (as a fraction of f, expressed in basis
771    /// points) that is required before an upgrade can happen automatically.
772    /// 10000bps would indicate that complete unanimity is required (all
773    /// 3f+1 must vote), while 0bps would indicate that 2f+1 is sufficient.
774    buffer_stake_for_protocol_upgrade_bps: Option<u64>,
775
776    // === Native Function Costs ===
777
778    // `address` module
779    // Cost params for the Move native function `address::from_bytes(bytes: vector<u8>)`
780    address_from_bytes_cost_base: Option<u64>,
781    // Cost params for the Move native function `address::to_u256(address): u256`
782    address_to_u256_cost_base: Option<u64>,
783    // Cost params for the Move native function `address::from_u256(u256): address`
784    address_from_u256_cost_base: Option<u64>,
785
786    // `config` module
787    // Cost params for the Move native function `read_setting_impl<Name: copy + drop + store,
788    // SettingValue: key + store, SettingDataValue: store, Value: copy + drop + store,
789    // >(config: address, name: address, current_epoch: u64): Option<Value>`
790    config_read_setting_impl_cost_base: Option<u64>,
791    config_read_setting_impl_cost_per_byte: Option<u64>,
792
793    // `dynamic_field` module
794    // Cost params for the Move native function `hash_type_and_key<K: copy + drop + store>(parent:
795    // address, k: K): address`
796    dynamic_field_hash_type_and_key_cost_base: Option<u64>,
797    dynamic_field_hash_type_and_key_type_cost_per_byte: Option<u64>,
798    dynamic_field_hash_type_and_key_value_cost_per_byte: Option<u64>,
799    dynamic_field_hash_type_and_key_type_tag_cost_per_byte: Option<u64>,
800    // Cost params for the Move native function `add_child_object<Child: key>(parent: address,
801    // child: Child)`
802    dynamic_field_add_child_object_cost_base: Option<u64>,
803    dynamic_field_add_child_object_type_cost_per_byte: Option<u64>,
804    dynamic_field_add_child_object_value_cost_per_byte: Option<u64>,
805    dynamic_field_add_child_object_struct_tag_cost_per_byte: Option<u64>,
806    // Cost params for the Move native function `borrow_child_object_mut<Child: key>(parent: &mut
807    // UID, id: address): &mut Child`
808    dynamic_field_borrow_child_object_cost_base: Option<u64>,
809    dynamic_field_borrow_child_object_child_ref_cost_per_byte: Option<u64>,
810    dynamic_field_borrow_child_object_type_cost_per_byte: Option<u64>,
811    // Cost params for the Move native function `remove_child_object<Child: key>(parent: address,
812    // id: address): Child`
813    dynamic_field_remove_child_object_cost_base: Option<u64>,
814    dynamic_field_remove_child_object_child_cost_per_byte: Option<u64>,
815    dynamic_field_remove_child_object_type_cost_per_byte: Option<u64>,
816    // Cost params for the Move native function `has_child_object(parent: address, id: address):
817    // bool`
818    dynamic_field_has_child_object_cost_base: Option<u64>,
819    // Cost params for the Move native function `has_child_object_with_ty<Child: key>(parent:
820    // address, id: address): bool`
821    dynamic_field_has_child_object_with_ty_cost_base: Option<u64>,
822    dynamic_field_has_child_object_with_ty_type_cost_per_byte: Option<u64>,
823    dynamic_field_has_child_object_with_ty_type_tag_cost_per_byte: Option<u64>,
824
825    // `event` module
826    // Cost params for the Move native function `event::emit<T: copy + drop>(event: T)`
827    event_emit_cost_base: Option<u64>,
828    event_emit_value_size_derivation_cost_per_byte: Option<u64>,
829    event_emit_tag_size_derivation_cost_per_byte: Option<u64>,
830    event_emit_output_cost_per_byte: Option<u64>,
831
832    //  `object` module
833    // Cost params for the Move native function `borrow_uid<T: key>(obj: &T): &UID`
834    object_borrow_uid_cost_base: Option<u64>,
835    // Cost params for the Move native function `delete_impl(id: address)`
836    object_delete_impl_cost_base: Option<u64>,
837    // Cost params for the Move native function `record_new_uid(id: address)`
838    object_record_new_uid_cost_base: Option<u64>,
839
840    // Transfer
841    // Cost params for the Move native function `transfer_impl<T: key>(obj: T, recipient: address)`
842    transfer_transfer_internal_cost_base: Option<u64>,
843    // Cost params for the Move native function `freeze_object<T: key>(obj: T)`
844    transfer_freeze_object_cost_base: Option<u64>,
845    // Cost params for the Move native function `share_object<T: key>(obj: T)`
846    transfer_share_object_cost_base: Option<u64>,
847    // Cost params for the Move native function
848    // `receive_object<T: key>(p: &mut UID, recv: Receiving<T>T)`
849    transfer_receive_object_cost_base: Option<u64>,
850
851    // TxContext
852    // Cost params for the Move native function `transfer_impl<T: key>(obj: T, recipient: address)`
853    tx_context_derive_id_cost_base: Option<u64>,
854
855    // Types
856    // Cost params for the Move native function `is_one_time_witness<T: drop>(_: &T): bool`
857    types_is_one_time_witness_cost_base: Option<u64>,
858    types_is_one_time_witness_type_tag_cost_per_byte: Option<u64>,
859    types_is_one_time_witness_type_cost_per_byte: Option<u64>,
860
861    // Validator
862    // Cost params for the Move native function `validate_metadata_bcs(metadata: vector<u8>)`
863    validator_validate_metadata_cost_base: Option<u64>,
864    validator_validate_metadata_data_cost_per_byte: Option<u64>,
865
866    // Crypto natives
867    crypto_invalid_arguments_cost: Option<u64>,
868    // bls12381::bls12381_min_sig_verify
869    bls12381_bls12381_min_sig_verify_cost_base: Option<u64>,
870    bls12381_bls12381_min_sig_verify_msg_cost_per_byte: Option<u64>,
871    bls12381_bls12381_min_sig_verify_msg_cost_per_block: Option<u64>,
872
873    // bls12381::bls12381_min_pk_verify
874    bls12381_bls12381_min_pk_verify_cost_base: Option<u64>,
875    bls12381_bls12381_min_pk_verify_msg_cost_per_byte: Option<u64>,
876    bls12381_bls12381_min_pk_verify_msg_cost_per_block: Option<u64>,
877
878    // ecdsa_k1::ecrecover
879    ecdsa_k1_ecrecover_keccak256_cost_base: Option<u64>,
880    ecdsa_k1_ecrecover_keccak256_msg_cost_per_byte: Option<u64>,
881    ecdsa_k1_ecrecover_keccak256_msg_cost_per_block: Option<u64>,
882    ecdsa_k1_ecrecover_sha256_cost_base: Option<u64>,
883    ecdsa_k1_ecrecover_sha256_msg_cost_per_byte: Option<u64>,
884    ecdsa_k1_ecrecover_sha256_msg_cost_per_block: Option<u64>,
885
886    // ecdsa_k1::decompress_pubkey
887    ecdsa_k1_decompress_pubkey_cost_base: Option<u64>,
888
889    // ecdsa_k1::secp256k1_verify
890    ecdsa_k1_secp256k1_verify_keccak256_cost_base: Option<u64>,
891    ecdsa_k1_secp256k1_verify_keccak256_msg_cost_per_byte: Option<u64>,
892    ecdsa_k1_secp256k1_verify_keccak256_msg_cost_per_block: Option<u64>,
893    ecdsa_k1_secp256k1_verify_sha256_cost_base: Option<u64>,
894    ecdsa_k1_secp256k1_verify_sha256_msg_cost_per_byte: Option<u64>,
895    ecdsa_k1_secp256k1_verify_sha256_msg_cost_per_block: Option<u64>,
896
897    // ecdsa_r1::ecrecover
898    ecdsa_r1_ecrecover_keccak256_cost_base: Option<u64>,
899    ecdsa_r1_ecrecover_keccak256_msg_cost_per_byte: Option<u64>,
900    ecdsa_r1_ecrecover_keccak256_msg_cost_per_block: Option<u64>,
901    ecdsa_r1_ecrecover_sha256_cost_base: Option<u64>,
902    ecdsa_r1_ecrecover_sha256_msg_cost_per_byte: Option<u64>,
903    ecdsa_r1_ecrecover_sha256_msg_cost_per_block: Option<u64>,
904
905    // ecdsa_r1::secp256k1_verify
906    ecdsa_r1_secp256r1_verify_keccak256_cost_base: Option<u64>,
907    ecdsa_r1_secp256r1_verify_keccak256_msg_cost_per_byte: Option<u64>,
908    ecdsa_r1_secp256r1_verify_keccak256_msg_cost_per_block: Option<u64>,
909    ecdsa_r1_secp256r1_verify_sha256_cost_base: Option<u64>,
910    ecdsa_r1_secp256r1_verify_sha256_msg_cost_per_byte: Option<u64>,
911    ecdsa_r1_secp256r1_verify_sha256_msg_cost_per_block: Option<u64>,
912
913    // ecvrf::verify
914    ecvrf_ecvrf_verify_cost_base: Option<u64>,
915    ecvrf_ecvrf_verify_alpha_string_cost_per_byte: Option<u64>,
916    ecvrf_ecvrf_verify_alpha_string_cost_per_block: Option<u64>,
917
918    // ed25519
919    ed25519_ed25519_verify_cost_base: Option<u64>,
920    ed25519_ed25519_verify_msg_cost_per_byte: Option<u64>,
921    ed25519_ed25519_verify_msg_cost_per_block: Option<u64>,
922
923    // groth16::prepare_verifying_key
924    groth16_prepare_verifying_key_bls12381_cost_base: Option<u64>,
925    groth16_prepare_verifying_key_bn254_cost_base: Option<u64>,
926
927    // groth16::verify_groth16_proof_internal
928    groth16_verify_groth16_proof_internal_bls12381_cost_base: Option<u64>,
929    groth16_verify_groth16_proof_internal_bls12381_cost_per_public_input: Option<u64>,
930    groth16_verify_groth16_proof_internal_bn254_cost_base: Option<u64>,
931    groth16_verify_groth16_proof_internal_bn254_cost_per_public_input: Option<u64>,
932    groth16_verify_groth16_proof_internal_public_input_cost_per_byte: Option<u64>,
933
934    // hash::blake2b256
935    hash_blake2b256_cost_base: Option<u64>,
936    hash_blake2b256_data_cost_per_byte: Option<u64>,
937    hash_blake2b256_data_cost_per_block: Option<u64>,
938
939    // hash::keccak256
940    hash_keccak256_cost_base: Option<u64>,
941    hash_keccak256_data_cost_per_byte: Option<u64>,
942    hash_keccak256_data_cost_per_block: Option<u64>,
943
944    // poseidon::poseidon_bn254
945    poseidon_bn254_cost_base: Option<u64>,
946    poseidon_bn254_cost_per_block: Option<u64>,
947
948    // group_ops
949    group_ops_bls12381_decode_scalar_cost: Option<u64>,
950    group_ops_bls12381_decode_g1_cost: Option<u64>,
951    group_ops_bls12381_decode_g2_cost: Option<u64>,
952    group_ops_bls12381_decode_gt_cost: Option<u64>,
953    group_ops_bls12381_scalar_add_cost: Option<u64>,
954    group_ops_bls12381_g1_add_cost: Option<u64>,
955    group_ops_bls12381_g2_add_cost: Option<u64>,
956    group_ops_bls12381_gt_add_cost: Option<u64>,
957    group_ops_bls12381_scalar_sub_cost: Option<u64>,
958    group_ops_bls12381_g1_sub_cost: Option<u64>,
959    group_ops_bls12381_g2_sub_cost: Option<u64>,
960    group_ops_bls12381_gt_sub_cost: Option<u64>,
961    group_ops_bls12381_scalar_mul_cost: Option<u64>,
962    group_ops_bls12381_g1_mul_cost: Option<u64>,
963    group_ops_bls12381_g2_mul_cost: Option<u64>,
964    group_ops_bls12381_gt_mul_cost: Option<u64>,
965    group_ops_bls12381_scalar_div_cost: Option<u64>,
966    group_ops_bls12381_g1_div_cost: Option<u64>,
967    group_ops_bls12381_g2_div_cost: Option<u64>,
968    group_ops_bls12381_gt_div_cost: Option<u64>,
969    group_ops_bls12381_g1_hash_to_base_cost: Option<u64>,
970    group_ops_bls12381_g2_hash_to_base_cost: Option<u64>,
971    group_ops_bls12381_g1_hash_to_cost_per_byte: Option<u64>,
972    group_ops_bls12381_g2_hash_to_cost_per_byte: Option<u64>,
973    group_ops_bls12381_g1_msm_base_cost: Option<u64>,
974    group_ops_bls12381_g2_msm_base_cost: Option<u64>,
975    group_ops_bls12381_g1_msm_base_cost_per_input: Option<u64>,
976    group_ops_bls12381_g2_msm_base_cost_per_input: Option<u64>,
977    group_ops_bls12381_msm_max_len: Option<u32>,
978    group_ops_bls12381_pairing_cost: Option<u64>,
979    group_ops_bls12381_g1_to_uncompressed_g1_cost: Option<u64>,
980    group_ops_bls12381_uncompressed_g1_to_g1_cost: Option<u64>,
981    group_ops_bls12381_uncompressed_g1_sum_base_cost: Option<u64>,
982    group_ops_bls12381_uncompressed_g1_sum_cost_per_term: Option<u64>,
983    group_ops_bls12381_uncompressed_g1_sum_max_terms: Option<u64>,
984
985    // hmac::hmac_sha3_256
986    hmac_hmac_sha3_256_cost_base: Option<u64>,
987    hmac_hmac_sha3_256_input_cost_per_byte: Option<u64>,
988    hmac_hmac_sha3_256_input_cost_per_block: Option<u64>,
989
990    // zklogin::check_zklogin_id
991    check_zklogin_id_cost_base: Option<u64>,
992    // zklogin::check_zklogin_issuer
993    check_zklogin_issuer_cost_base: Option<u64>,
994
995    vdf_verify_vdf_cost: Option<u64>,
996    vdf_hash_to_input_cost: Option<u64>,
997
998    // Stdlib costs
999    bcs_per_byte_serialized_cost: Option<u64>,
1000    bcs_legacy_min_output_size_cost: Option<u64>,
1001    bcs_failure_cost: Option<u64>,
1002
1003    hash_sha2_256_base_cost: Option<u64>,
1004    hash_sha2_256_per_byte_cost: Option<u64>,
1005    hash_sha2_256_legacy_min_input_len_cost: Option<u64>,
1006    hash_sha3_256_base_cost: Option<u64>,
1007    hash_sha3_256_per_byte_cost: Option<u64>,
1008    hash_sha3_256_legacy_min_input_len_cost: Option<u64>,
1009    type_name_get_base_cost: Option<u64>,
1010    type_name_get_per_byte_cost: Option<u64>,
1011
1012    string_check_utf8_base_cost: Option<u64>,
1013    string_check_utf8_per_byte_cost: Option<u64>,
1014    string_is_char_boundary_base_cost: Option<u64>,
1015    string_sub_string_base_cost: Option<u64>,
1016    string_sub_string_per_byte_cost: Option<u64>,
1017    string_index_of_base_cost: Option<u64>,
1018    string_index_of_per_byte_pattern_cost: Option<u64>,
1019    string_index_of_per_byte_searched_cost: Option<u64>,
1020
1021    vector_empty_base_cost: Option<u64>,
1022    vector_length_base_cost: Option<u64>,
1023    vector_push_back_base_cost: Option<u64>,
1024    vector_push_back_legacy_per_abstract_memory_unit_cost: Option<u64>,
1025    vector_borrow_base_cost: Option<u64>,
1026    vector_pop_back_base_cost: Option<u64>,
1027    vector_destroy_empty_base_cost: Option<u64>,
1028    vector_swap_base_cost: Option<u64>,
1029    debug_print_base_cost: Option<u64>,
1030    debug_print_stack_trace_base_cost: Option<u64>,
1031
1032    // === Execution Version ===
1033    execution_version: Option<u64>,
1034
1035    // Dictates the threshold (percentage of stake) that is used to calculate the "bad" nodes to be
1036    // swapped when creating the consensus schedule. The values should be of the range [0 - 33].
1037    // Anything above 33 (f) will not be allowed.
1038    consensus_bad_nodes_stake_threshold: Option<u64>,
1039
1040    max_jwk_votes_per_validator_per_epoch: Option<u64>,
1041    // The maximum age of a JWK in epochs before it is removed from the AuthenticatorState object.
1042    // Applied at the end of an epoch as a delta from the new epoch value, so setting this to 1
1043    // will cause the new epoch to start with JWKs from the previous epoch still valid.
1044    max_age_of_jwk_in_epochs: Option<u64>,
1045
1046    // === random beacon ===
1047    /// Maximum allowed precision loss when reducing voting weights for the
1048    /// random beacon protocol.
1049    random_beacon_reduction_allowed_delta: Option<u16>,
1050
1051    /// Minimum number of shares below which voting weights will not be reduced
1052    /// for the random beacon protocol.
1053    random_beacon_reduction_lower_bound: Option<u32>,
1054
1055    /// Consensus Round after which DKG should be aborted and randomness
1056    /// disabled for the epoch, if it hasn't already completed.
1057    random_beacon_dkg_timeout_round: Option<u32>,
1058
1059    /// Minimum interval between consecutive rounds of generated randomness.
1060    random_beacon_min_round_interval_ms: Option<u64>,
1061
1062    /// Version of the random beacon DKG protocol.
1063    /// 0 was deprecated (and currently not supported), 1 is the default
1064    /// version.
1065    random_beacon_dkg_version: Option<u64>,
1066
1067    /// The maximum serialized transaction size (in bytes) accepted by
1068    /// consensus. `consensus_max_transaction_size_bytes` should include
1069    /// space for additional metadata, on top of the `max_tx_size_bytes`
1070    /// value.
1071    consensus_max_transaction_size_bytes: Option<u64>,
1072    /// The maximum size of transactions included in a consensus block.
1073    consensus_max_transactions_in_block_bytes: Option<u64>,
1074    /// The maximum number of transactions included in a consensus block.
1075    consensus_max_num_transactions_in_block: Option<u64>,
1076
1077    /// The max number of consensus rounds a transaction can be deferred due to
1078    /// shared object congestion. Transactions will be cancelled after this
1079    /// many rounds.
1080    max_deferral_rounds_for_congestion_control: Option<u64>,
1081
1082    /// Minimum interval of commit timestamps between consecutive checkpoints.
1083    min_checkpoint_interval_ms: Option<u64>,
1084
1085    /// Version number to use for version_specific_data in `CheckpointSummary`.
1086    checkpoint_summary_version_specific_data: Option<u64>,
1087
1088    /// The max number of transactions that can be included in a single Soft
1089    /// Bundle.
1090    max_soft_bundle_size: Option<u64>,
1091
1092    /// Deprecated because of bridge removal.
1093    /// Whether to try to form bridge committee
1094    // Note: this is not a feature flag because we want to distinguish between
1095    // `None` and `Some(false)`, as committee was already finalized on Testnet.
1096    bridge_should_try_to_finalize_committee: Option<bool>,
1097
1098    /// The max accumulated txn execution cost per object in a mysticeti commit.
1099    /// Transactions in a commit will be deferred once their touch shared
1100    /// objects hit this limit.
1101    max_accumulated_txn_cost_per_object_in_mysticeti_commit: Option<u64>,
1102
1103    /// Maximum number of committee (validators taking part in consensus)
1104    /// validators at any moment. We do not allow the number of committee
1105    /// validators in any epoch to go above this.
1106    max_committee_members_count: Option<u64>,
1107
1108    /// Configures the garbage collection depth for consensus. When is unset or
1109    /// `0` then the garbage collection is disabled.
1110    consensus_gc_depth: Option<u32>,
1111}
1112
1113// feature flags
1114impl ProtocolConfig {
1115    // Add checks for feature flag support here, e.g.:
1116    // pub fn check_new_protocol_feature_supported(&self) -> Result<(), Error> {
1117    //     if self.feature_flags.new_protocol_feature_supported {
1118    //         Ok(())
1119    //     } else {
1120    //         Err(Error(format!(
1121    //             "new_protocol_feature is not supported at {:?}",
1122    //             self.version
1123    //         )))
1124    //     }
1125    // }
1126
1127    pub fn disable_invariant_violation_check_in_swap_loc(&self) -> bool {
1128        self.feature_flags
1129            .disable_invariant_violation_check_in_swap_loc
1130    }
1131
1132    pub fn no_extraneous_module_bytes(&self) -> bool {
1133        self.feature_flags.no_extraneous_module_bytes
1134    }
1135
1136    pub fn zklogin_auth(&self) -> bool {
1137        self.feature_flags.zklogin_auth
1138    }
1139
1140    pub fn consensus_transaction_ordering(&self) -> ConsensusTransactionOrdering {
1141        self.feature_flags.consensus_transaction_ordering
1142    }
1143
1144    pub fn enable_jwk_consensus_updates(&self) -> bool {
1145        self.feature_flags.enable_jwk_consensus_updates
1146    }
1147
1148    // this function only exists for readability in the genesis code.
1149    pub fn create_authenticator_state_in_genesis(&self) -> bool {
1150        self.enable_jwk_consensus_updates()
1151    }
1152
1153    pub fn dkg_version(&self) -> u64 {
1154        // Version 0 was deprecated and removed, the default is 1 if not set.
1155        self.random_beacon_dkg_version.unwrap_or(1)
1156    }
1157
1158    pub fn accept_zklogin_in_multisig(&self) -> bool {
1159        self.feature_flags.accept_zklogin_in_multisig
1160    }
1161
1162    pub fn zklogin_max_epoch_upper_bound_delta(&self) -> Option<u64> {
1163        self.feature_flags.zklogin_max_epoch_upper_bound_delta
1164    }
1165
1166    pub fn hardened_otw_check(&self) -> bool {
1167        self.feature_flags.hardened_otw_check
1168    }
1169
1170    pub fn enable_poseidon(&self) -> bool {
1171        self.feature_flags.enable_poseidon
1172    }
1173
1174    pub fn enable_group_ops_native_function_msm(&self) -> bool {
1175        self.feature_flags.enable_group_ops_native_function_msm
1176    }
1177
1178    pub fn per_object_congestion_control_mode(&self) -> PerObjectCongestionControlMode {
1179        self.feature_flags.per_object_congestion_control_mode
1180    }
1181
1182    pub fn consensus_choice(&self) -> ConsensusChoice {
1183        self.feature_flags.consensus_choice
1184    }
1185
1186    pub fn consensus_network(&self) -> ConsensusNetwork {
1187        self.feature_flags.consensus_network
1188    }
1189
1190    pub fn enable_vdf(&self) -> bool {
1191        self.feature_flags.enable_vdf
1192    }
1193
1194    pub fn passkey_auth(&self) -> bool {
1195        self.feature_flags.passkey_auth
1196    }
1197
1198    pub fn max_transaction_size_bytes(&self) -> u64 {
1199        // Provide a default value if protocol config version is too low.
1200        self.consensus_max_transaction_size_bytes
1201            .unwrap_or(256 * 1024)
1202    }
1203
1204    pub fn max_transactions_in_block_bytes(&self) -> u64 {
1205        if cfg!(msim) {
1206            256 * 1024
1207        } else {
1208            self.consensus_max_transactions_in_block_bytes
1209                .unwrap_or(512 * 1024)
1210        }
1211    }
1212
1213    pub fn max_num_transactions_in_block(&self) -> u64 {
1214        if cfg!(msim) {
1215            8
1216        } else {
1217            self.consensus_max_num_transactions_in_block.unwrap_or(512)
1218        }
1219    }
1220
1221    pub fn rethrow_serialization_type_layout_errors(&self) -> bool {
1222        self.feature_flags.rethrow_serialization_type_layout_errors
1223    }
1224
1225    pub fn relocate_event_module(&self) -> bool {
1226        self.feature_flags.relocate_event_module
1227    }
1228
1229    pub fn protocol_defined_base_fee(&self) -> bool {
1230        self.feature_flags.protocol_defined_base_fee
1231    }
1232
1233    pub fn uncompressed_g1_group_elements(&self) -> bool {
1234        self.feature_flags.uncompressed_g1_group_elements
1235    }
1236
1237    pub fn disallow_new_modules_in_deps_only_packages(&self) -> bool {
1238        self.feature_flags
1239            .disallow_new_modules_in_deps_only_packages
1240    }
1241
1242    pub fn native_charging_v2(&self) -> bool {
1243        self.feature_flags.native_charging_v2
1244    }
1245
1246    pub fn consensus_round_prober(&self) -> bool {
1247        self.feature_flags.consensus_round_prober
1248    }
1249
1250    pub fn consensus_distributed_vote_scoring_strategy(&self) -> bool {
1251        self.feature_flags
1252            .consensus_distributed_vote_scoring_strategy
1253    }
1254
1255    pub fn gc_depth(&self) -> u32 {
1256        if cfg!(msim) {
1257            // exercise a very low gc_depth
1258            min(5, self.consensus_gc_depth.unwrap_or(0))
1259        } else {
1260            self.consensus_gc_depth.unwrap_or(0)
1261        }
1262    }
1263
1264    pub fn consensus_linearize_subdag_v2(&self) -> bool {
1265        let res = self.feature_flags.consensus_linearize_subdag_v2;
1266        assert!(
1267            !res || self.gc_depth() > 0,
1268            "The consensus linearize sub dag V2 requires GC to be enabled"
1269        );
1270        res
1271    }
1272
1273    pub fn variant_nodes(&self) -> bool {
1274        self.feature_flags.variant_nodes
1275    }
1276
1277    pub fn consensus_smart_ancestor_selection(&self) -> bool {
1278        self.feature_flags.consensus_smart_ancestor_selection
1279    }
1280
1281    pub fn consensus_round_prober_probe_accepted_rounds(&self) -> bool {
1282        self.feature_flags
1283            .consensus_round_prober_probe_accepted_rounds
1284    }
1285
1286    pub fn consensus_zstd_compression(&self) -> bool {
1287        self.feature_flags.consensus_zstd_compression
1288    }
1289
1290    pub fn congestion_control_min_free_execution_slot(&self) -> bool {
1291        self.feature_flags
1292            .congestion_control_min_free_execution_slot
1293    }
1294
1295    pub fn accept_passkey_in_multisig(&self) -> bool {
1296        self.feature_flags.accept_passkey_in_multisig
1297    }
1298
1299    pub fn consensus_batched_block_sync(&self) -> bool {
1300        self.feature_flags.consensus_batched_block_sync
1301    }
1302
1303    /// Check if the gas price feedback mechanism (which is used for
1304    /// transactions cancelled due to shared object congestion) is enabled
1305    pub fn congestion_control_gas_price_feedback_mechanism(&self) -> bool {
1306        self.feature_flags
1307            .congestion_control_gas_price_feedback_mechanism
1308    }
1309
1310    pub fn validate_identifier_inputs(&self) -> bool {
1311        self.feature_flags.validate_identifier_inputs
1312    }
1313
1314    pub fn minimize_child_object_mutations(&self) -> bool {
1315        self.feature_flags.minimize_child_object_mutations
1316    }
1317
1318    pub fn dependency_linkage_error(&self) -> bool {
1319        self.feature_flags.dependency_linkage_error
1320    }
1321
1322    pub fn additional_multisig_checks(&self) -> bool {
1323        self.feature_flags.additional_multisig_checks
1324    }
1325
1326    pub fn consensus_num_requested_prior_commits_at_startup(&self) -> u32 {
1327        // TODO: this will eventually be the max of some number of other
1328        // parameters.
1329        0
1330    }
1331
1332    pub fn normalize_ptb_arguments(&self) -> bool {
1333        self.feature_flags.normalize_ptb_arguments
1334    }
1335}
1336
1337#[cfg(not(msim))]
1338static POISON_VERSION_METHODS: AtomicBool = const { AtomicBool::new(false) };
1339
1340// Use a thread local in sim tests for test isolation.
1341#[cfg(msim)]
1342thread_local! {
1343    static POISON_VERSION_METHODS: AtomicBool = const { AtomicBool::new(false) };
1344}
1345
1346// Instantiations for each protocol version.
1347impl ProtocolConfig {
1348    /// Get the value ProtocolConfig that are in effect during the given
1349    /// protocol version.
1350    pub fn get_for_version(version: ProtocolVersion, chain: Chain) -> Self {
1351        // ProtocolVersion can be deserialized so we need to check it here as well.
1352        assert!(
1353            version >= ProtocolVersion::MIN,
1354            "Network protocol version is {:?}, but the minimum supported version by the binary is {:?}. Please upgrade the binary.",
1355            version,
1356            ProtocolVersion::MIN.0,
1357        );
1358        assert!(
1359            version <= ProtocolVersion::MAX_ALLOWED,
1360            "Network protocol version is {:?}, but the maximum supported version by the binary is {:?}. Please upgrade the binary.",
1361            version,
1362            ProtocolVersion::MAX_ALLOWED.0,
1363        );
1364
1365        let mut ret = Self::get_for_version_impl(version, chain);
1366        ret.version = version;
1367
1368        ret = CONFIG_OVERRIDE.with(|ovr| {
1369            if let Some(override_fn) = &*ovr.borrow() {
1370                warn!(
1371                    "overriding ProtocolConfig settings with custom settings (you should not see this log outside of tests)"
1372                );
1373                override_fn(version, ret)
1374            } else {
1375                ret
1376            }
1377        });
1378
1379        if std::env::var("IOTA_PROTOCOL_CONFIG_OVERRIDE_ENABLE").is_ok() {
1380            warn!(
1381                "overriding ProtocolConfig settings with custom settings; this may break non-local networks"
1382            );
1383            let overrides: ProtocolConfigOptional =
1384                serde_env::from_env_with_prefix("IOTA_PROTOCOL_CONFIG_OVERRIDE")
1385                    .expect("failed to parse ProtocolConfig override env variables");
1386            overrides.apply_to(&mut ret);
1387        }
1388
1389        ret
1390    }
1391
1392    /// Get the value ProtocolConfig that are in effect during the given
1393    /// protocol version. Or none if the version is not supported.
1394    pub fn get_for_version_if_supported(version: ProtocolVersion, chain: Chain) -> Option<Self> {
1395        if version.0 >= ProtocolVersion::MIN.0 && version.0 <= ProtocolVersion::MAX_ALLOWED.0 {
1396            let mut ret = Self::get_for_version_impl(version, chain);
1397            ret.version = version;
1398            Some(ret)
1399        } else {
1400            None
1401        }
1402    }
1403
1404    #[cfg(not(msim))]
1405    pub fn poison_get_for_min_version() {
1406        POISON_VERSION_METHODS.store(true, Ordering::Relaxed);
1407    }
1408
1409    #[cfg(not(msim))]
1410    fn load_poison_get_for_min_version() -> bool {
1411        POISON_VERSION_METHODS.load(Ordering::Relaxed)
1412    }
1413
1414    #[cfg(msim)]
1415    pub fn poison_get_for_min_version() {
1416        POISON_VERSION_METHODS.with(|p| p.store(true, Ordering::Relaxed));
1417    }
1418
1419    #[cfg(msim)]
1420    fn load_poison_get_for_min_version() -> bool {
1421        POISON_VERSION_METHODS.with(|p| p.load(Ordering::Relaxed))
1422    }
1423
1424    pub fn convert_type_argument_error(&self) -> bool {
1425        self.feature_flags.convert_type_argument_error
1426    }
1427
1428    /// Convenience to get the constants at the current minimum supported
1429    /// version. Mainly used by client code that may not yet be
1430    /// protocol-version aware.
1431    pub fn get_for_min_version() -> Self {
1432        if Self::load_poison_get_for_min_version() {
1433            panic!("get_for_min_version called on validator");
1434        }
1435        ProtocolConfig::get_for_version(ProtocolVersion::MIN, Chain::Unknown)
1436    }
1437
1438    /// CAREFUL! - You probably want to use `get_for_version` instead.
1439    ///
1440    /// Convenience to get the constants at the current maximum supported
1441    /// version. Mainly used by genesis. Note well that this function uses
1442    /// the max version supported locally by the node, which is not
1443    /// necessarily the current version of the network. ALSO, this function
1444    /// disregards chain specific config (by using Chain::Unknown), thereby
1445    /// potentially returning a protocol config that is incorrect for some
1446    /// feature flags. Definitely safe for testing and for protocol version
1447    /// 11 and prior.
1448    #[expect(non_snake_case)]
1449    pub fn get_for_max_version_UNSAFE() -> Self {
1450        if Self::load_poison_get_for_min_version() {
1451            panic!("get_for_max_version_UNSAFE called on validator");
1452        }
1453        ProtocolConfig::get_for_version(ProtocolVersion::MAX, Chain::Unknown)
1454    }
1455
1456    fn get_for_version_impl(version: ProtocolVersion, chain: Chain) -> Self {
1457        #[cfg(msim)]
1458        {
1459            // populate the fake simulator version # with a different base tx cost.
1460            if version > ProtocolVersion::MAX {
1461                let mut config = Self::get_for_version_impl(ProtocolVersion::MAX, Chain::Unknown);
1462                config.base_tx_cost_fixed = Some(config.base_tx_cost_fixed() + 1000);
1463                return config;
1464            }
1465        }
1466
1467        // IMPORTANT: Never modify the value of any constant for a pre-existing protocol
1468        // version. To change the values here you must create a new protocol
1469        // version with the new values!
1470        let mut cfg = Self {
1471            version,
1472
1473            feature_flags: Default::default(),
1474
1475            max_tx_size_bytes: Some(128 * 1024),
1476            // We need this number to be at least 100x less than
1477            // `max_serialized_tx_effects_size_bytes`otherwise effects can be huge
1478            max_input_objects: Some(2048),
1479            max_serialized_tx_effects_size_bytes: Some(512 * 1024),
1480            max_serialized_tx_effects_size_bytes_system_tx: Some(512 * 1024 * 16),
1481            max_gas_payment_objects: Some(256),
1482            max_modules_in_publish: Some(64),
1483            max_package_dependencies: Some(32),
1484            max_arguments: Some(512),
1485            max_type_arguments: Some(16),
1486            max_type_argument_depth: Some(16),
1487            max_pure_argument_size: Some(16 * 1024),
1488            max_programmable_tx_commands: Some(1024),
1489            move_binary_format_version: Some(7),
1490            min_move_binary_format_version: Some(6),
1491            binary_module_handles: Some(100),
1492            binary_struct_handles: Some(300),
1493            binary_function_handles: Some(1500),
1494            binary_function_instantiations: Some(750),
1495            binary_signatures: Some(1000),
1496            binary_constant_pool: Some(4000),
1497            binary_identifiers: Some(10000),
1498            binary_address_identifiers: Some(100),
1499            binary_struct_defs: Some(200),
1500            binary_struct_def_instantiations: Some(100),
1501            binary_function_defs: Some(1000),
1502            binary_field_handles: Some(500),
1503            binary_field_instantiations: Some(250),
1504            binary_friend_decls: Some(100),
1505            binary_enum_defs: None,
1506            binary_enum_def_instantiations: None,
1507            binary_variant_handles: None,
1508            binary_variant_instantiation_handles: None,
1509            max_move_object_size: Some(250 * 1024),
1510            max_move_package_size: Some(100 * 1024),
1511            max_publish_or_upgrade_per_ptb: Some(5),
1512            // max gas budget is in NANOS and an absolute value 50IOTA
1513            max_tx_gas: Some(50_000_000_000),
1514            max_gas_price: Some(100_000),
1515            max_gas_computation_bucket: Some(5_000_000),
1516            max_loop_depth: Some(5),
1517            max_generic_instantiation_length: Some(32),
1518            max_function_parameters: Some(128),
1519            max_basic_blocks: Some(1024),
1520            max_value_stack_size: Some(1024),
1521            max_type_nodes: Some(256),
1522            max_push_size: Some(10000),
1523            max_struct_definitions: Some(200),
1524            max_function_definitions: Some(1000),
1525            max_fields_in_struct: Some(32),
1526            max_dependency_depth: Some(100),
1527            max_num_event_emit: Some(1024),
1528            max_num_new_move_object_ids: Some(2048),
1529            max_num_new_move_object_ids_system_tx: Some(2048 * 16),
1530            max_num_deleted_move_object_ids: Some(2048),
1531            max_num_deleted_move_object_ids_system_tx: Some(2048 * 16),
1532            max_num_transferred_move_object_ids: Some(2048),
1533            max_num_transferred_move_object_ids_system_tx: Some(2048 * 16),
1534            max_event_emit_size: Some(250 * 1024),
1535            max_move_vector_len: Some(256 * 1024),
1536            max_type_to_layout_nodes: None,
1537            max_ptb_value_size: None,
1538
1539            max_back_edges_per_function: Some(10_000),
1540            max_back_edges_per_module: Some(10_000),
1541
1542            max_verifier_meter_ticks_per_function: Some(16_000_000),
1543
1544            max_meter_ticks_per_module: Some(16_000_000),
1545            max_meter_ticks_per_package: Some(16_000_000),
1546
1547            object_runtime_max_num_cached_objects: Some(1000),
1548            object_runtime_max_num_cached_objects_system_tx: Some(1000 * 16),
1549            object_runtime_max_num_store_entries: Some(1000),
1550            object_runtime_max_num_store_entries_system_tx: Some(1000 * 16),
1551            // min gas budget is in NANOS and an absolute value 1000 NANOS or 0.000001IOTA
1552            base_tx_cost_fixed: Some(1_000),
1553            package_publish_cost_fixed: Some(1_000),
1554            base_tx_cost_per_byte: Some(0),
1555            package_publish_cost_per_byte: Some(80),
1556            obj_access_cost_read_per_byte: Some(15),
1557            obj_access_cost_mutate_per_byte: Some(40),
1558            obj_access_cost_delete_per_byte: Some(40),
1559            obj_access_cost_verify_per_byte: Some(200),
1560            obj_data_cost_refundable: Some(100),
1561            obj_metadata_cost_non_refundable: Some(50),
1562            gas_model_version: Some(1),
1563            storage_rebate_rate: Some(10000),
1564            // Change reward slashing rate to 100%.
1565            reward_slashing_rate: Some(10000),
1566            storage_gas_price: Some(76),
1567            base_gas_price: None,
1568            // The initial subsidy (target reward) for validators per epoch.
1569            // Refer to the IOTA tokenomics for the origin of this value.
1570            validator_target_reward: Some(767_000 * 1_000_000_000),
1571            max_transactions_per_checkpoint: Some(10_000),
1572            max_checkpoint_size_bytes: Some(30 * 1024 * 1024),
1573
1574            // For now, perform upgrades with a bare quorum of validators.
1575            buffer_stake_for_protocol_upgrade_bps: Some(5000),
1576
1577            // === Native Function Costs ===
1578            // `address` module
1579            // Cost params for the Move native function `address::from_bytes(bytes: vector<u8>)`
1580            address_from_bytes_cost_base: Some(52),
1581            // Cost params for the Move native function `address::to_u256(address): u256`
1582            address_to_u256_cost_base: Some(52),
1583            // Cost params for the Move native function `address::from_u256(u256): address`
1584            address_from_u256_cost_base: Some(52),
1585
1586            // `config` module
1587            // Cost params for the Move native function `read_setting_impl``
1588            config_read_setting_impl_cost_base: Some(100),
1589            config_read_setting_impl_cost_per_byte: Some(40),
1590
1591            // `dynamic_field` module
1592            // Cost params for the Move native function `hash_type_and_key<K: copy + drop +
1593            // store>(parent: address, k: K): address`
1594            dynamic_field_hash_type_and_key_cost_base: Some(100),
1595            dynamic_field_hash_type_and_key_type_cost_per_byte: Some(2),
1596            dynamic_field_hash_type_and_key_value_cost_per_byte: Some(2),
1597            dynamic_field_hash_type_and_key_type_tag_cost_per_byte: Some(2),
1598            // Cost params for the Move native function `add_child_object<Child: key>(parent:
1599            // address, child: Child)`
1600            dynamic_field_add_child_object_cost_base: Some(100),
1601            dynamic_field_add_child_object_type_cost_per_byte: Some(10),
1602            dynamic_field_add_child_object_value_cost_per_byte: Some(10),
1603            dynamic_field_add_child_object_struct_tag_cost_per_byte: Some(10),
1604            // Cost params for the Move native function `borrow_child_object_mut<Child: key>(parent:
1605            // &mut UID, id: address): &mut Child`
1606            dynamic_field_borrow_child_object_cost_base: Some(100),
1607            dynamic_field_borrow_child_object_child_ref_cost_per_byte: Some(10),
1608            dynamic_field_borrow_child_object_type_cost_per_byte: Some(10),
1609            // Cost params for the Move native function `remove_child_object<Child: key>(parent:
1610            // address, id: address): Child`
1611            dynamic_field_remove_child_object_cost_base: Some(100),
1612            dynamic_field_remove_child_object_child_cost_per_byte: Some(2),
1613            dynamic_field_remove_child_object_type_cost_per_byte: Some(2),
1614            // Cost params for the Move native function `has_child_object(parent: address, id:
1615            // address): bool`
1616            dynamic_field_has_child_object_cost_base: Some(100),
1617            // Cost params for the Move native function `has_child_object_with_ty<Child:
1618            // key>(parent: address, id: address): bool`
1619            dynamic_field_has_child_object_with_ty_cost_base: Some(100),
1620            dynamic_field_has_child_object_with_ty_type_cost_per_byte: Some(2),
1621            dynamic_field_has_child_object_with_ty_type_tag_cost_per_byte: Some(2),
1622
1623            // `event` module
1624            // Cost params for the Move native function `event::emit<T: copy + drop>(event: T)`
1625            event_emit_cost_base: Some(52),
1626            event_emit_value_size_derivation_cost_per_byte: Some(2),
1627            event_emit_tag_size_derivation_cost_per_byte: Some(5),
1628            event_emit_output_cost_per_byte: Some(10),
1629
1630            //  `object` module
1631            // Cost params for the Move native function `borrow_uid<T: key>(obj: &T): &UID`
1632            object_borrow_uid_cost_base: Some(52),
1633            // Cost params for the Move native function `delete_impl(id: address)`
1634            object_delete_impl_cost_base: Some(52),
1635            // Cost params for the Move native function `record_new_uid(id: address)`
1636            object_record_new_uid_cost_base: Some(52),
1637
1638            // `transfer` module
1639            // Cost params for the Move native function `transfer_impl<T: key>(obj: T, recipient:
1640            // address)`
1641            transfer_transfer_internal_cost_base: Some(52),
1642            // Cost params for the Move native function `freeze_object<T: key>(obj: T)`
1643            transfer_freeze_object_cost_base: Some(52),
1644            // Cost params for the Move native function `share_object<T: key>(obj: T)`
1645            transfer_share_object_cost_base: Some(52),
1646            transfer_receive_object_cost_base: Some(52),
1647
1648            // `tx_context` module
1649            // Cost params for the Move native function `transfer_impl<T: key>(obj: T, recipient:
1650            // address)`
1651            tx_context_derive_id_cost_base: Some(52),
1652
1653            // `types` module
1654            // Cost params for the Move native function `is_one_time_witness<T: drop>(_: &T): bool`
1655            types_is_one_time_witness_cost_base: Some(52),
1656            types_is_one_time_witness_type_tag_cost_per_byte: Some(2),
1657            types_is_one_time_witness_type_cost_per_byte: Some(2),
1658
1659            // `validator` module
1660            // Cost params for the Move native function `validate_metadata_bcs(metadata:
1661            // vector<u8>)`
1662            validator_validate_metadata_cost_base: Some(52),
1663            validator_validate_metadata_data_cost_per_byte: Some(2),
1664
1665            // Crypto
1666            crypto_invalid_arguments_cost: Some(100),
1667            // bls12381::bls12381_min_pk_verify
1668            bls12381_bls12381_min_sig_verify_cost_base: Some(52),
1669            bls12381_bls12381_min_sig_verify_msg_cost_per_byte: Some(2),
1670            bls12381_bls12381_min_sig_verify_msg_cost_per_block: Some(2),
1671
1672            // bls12381::bls12381_min_pk_verify
1673            bls12381_bls12381_min_pk_verify_cost_base: Some(52),
1674            bls12381_bls12381_min_pk_verify_msg_cost_per_byte: Some(2),
1675            bls12381_bls12381_min_pk_verify_msg_cost_per_block: Some(2),
1676
1677            // ecdsa_k1::ecrecover
1678            ecdsa_k1_ecrecover_keccak256_cost_base: Some(52),
1679            ecdsa_k1_ecrecover_keccak256_msg_cost_per_byte: Some(2),
1680            ecdsa_k1_ecrecover_keccak256_msg_cost_per_block: Some(2),
1681            ecdsa_k1_ecrecover_sha256_cost_base: Some(52),
1682            ecdsa_k1_ecrecover_sha256_msg_cost_per_byte: Some(2),
1683            ecdsa_k1_ecrecover_sha256_msg_cost_per_block: Some(2),
1684
1685            // ecdsa_k1::decompress_pubkey
1686            ecdsa_k1_decompress_pubkey_cost_base: Some(52),
1687
1688            // ecdsa_k1::secp256k1_verify
1689            ecdsa_k1_secp256k1_verify_keccak256_cost_base: Some(52),
1690            ecdsa_k1_secp256k1_verify_keccak256_msg_cost_per_byte: Some(2),
1691            ecdsa_k1_secp256k1_verify_keccak256_msg_cost_per_block: Some(2),
1692            ecdsa_k1_secp256k1_verify_sha256_cost_base: Some(52),
1693            ecdsa_k1_secp256k1_verify_sha256_msg_cost_per_byte: Some(2),
1694            ecdsa_k1_secp256k1_verify_sha256_msg_cost_per_block: Some(2),
1695
1696            // ecdsa_r1::ecrecover
1697            ecdsa_r1_ecrecover_keccak256_cost_base: Some(52),
1698            ecdsa_r1_ecrecover_keccak256_msg_cost_per_byte: Some(2),
1699            ecdsa_r1_ecrecover_keccak256_msg_cost_per_block: Some(2),
1700            ecdsa_r1_ecrecover_sha256_cost_base: Some(52),
1701            ecdsa_r1_ecrecover_sha256_msg_cost_per_byte: Some(2),
1702            ecdsa_r1_ecrecover_sha256_msg_cost_per_block: Some(2),
1703
1704            // ecdsa_r1::secp256k1_verify
1705            ecdsa_r1_secp256r1_verify_keccak256_cost_base: Some(52),
1706            ecdsa_r1_secp256r1_verify_keccak256_msg_cost_per_byte: Some(2),
1707            ecdsa_r1_secp256r1_verify_keccak256_msg_cost_per_block: Some(2),
1708            ecdsa_r1_secp256r1_verify_sha256_cost_base: Some(52),
1709            ecdsa_r1_secp256r1_verify_sha256_msg_cost_per_byte: Some(2),
1710            ecdsa_r1_secp256r1_verify_sha256_msg_cost_per_block: Some(2),
1711
1712            // ecvrf::verify
1713            ecvrf_ecvrf_verify_cost_base: Some(52),
1714            ecvrf_ecvrf_verify_alpha_string_cost_per_byte: Some(2),
1715            ecvrf_ecvrf_verify_alpha_string_cost_per_block: Some(2),
1716
1717            // ed25519
1718            ed25519_ed25519_verify_cost_base: Some(52),
1719            ed25519_ed25519_verify_msg_cost_per_byte: Some(2),
1720            ed25519_ed25519_verify_msg_cost_per_block: Some(2),
1721
1722            // groth16::prepare_verifying_key
1723            groth16_prepare_verifying_key_bls12381_cost_base: Some(52),
1724            groth16_prepare_verifying_key_bn254_cost_base: Some(52),
1725
1726            // groth16::verify_groth16_proof_internal
1727            groth16_verify_groth16_proof_internal_bls12381_cost_base: Some(52),
1728            groth16_verify_groth16_proof_internal_bls12381_cost_per_public_input: Some(2),
1729            groth16_verify_groth16_proof_internal_bn254_cost_base: Some(52),
1730            groth16_verify_groth16_proof_internal_bn254_cost_per_public_input: Some(2),
1731            groth16_verify_groth16_proof_internal_public_input_cost_per_byte: Some(2),
1732
1733            // hash::blake2b256
1734            hash_blake2b256_cost_base: Some(52),
1735            hash_blake2b256_data_cost_per_byte: Some(2),
1736            hash_blake2b256_data_cost_per_block: Some(2),
1737            // hash::keccak256
1738            hash_keccak256_cost_base: Some(52),
1739            hash_keccak256_data_cost_per_byte: Some(2),
1740            hash_keccak256_data_cost_per_block: Some(2),
1741
1742            poseidon_bn254_cost_base: None,
1743            poseidon_bn254_cost_per_block: None,
1744
1745            // hmac::hmac_sha3_256
1746            hmac_hmac_sha3_256_cost_base: Some(52),
1747            hmac_hmac_sha3_256_input_cost_per_byte: Some(2),
1748            hmac_hmac_sha3_256_input_cost_per_block: Some(2),
1749
1750            // group ops
1751            group_ops_bls12381_decode_scalar_cost: Some(52),
1752            group_ops_bls12381_decode_g1_cost: Some(52),
1753            group_ops_bls12381_decode_g2_cost: Some(52),
1754            group_ops_bls12381_decode_gt_cost: Some(52),
1755            group_ops_bls12381_scalar_add_cost: Some(52),
1756            group_ops_bls12381_g1_add_cost: Some(52),
1757            group_ops_bls12381_g2_add_cost: Some(52),
1758            group_ops_bls12381_gt_add_cost: Some(52),
1759            group_ops_bls12381_scalar_sub_cost: Some(52),
1760            group_ops_bls12381_g1_sub_cost: Some(52),
1761            group_ops_bls12381_g2_sub_cost: Some(52),
1762            group_ops_bls12381_gt_sub_cost: Some(52),
1763            group_ops_bls12381_scalar_mul_cost: Some(52),
1764            group_ops_bls12381_g1_mul_cost: Some(52),
1765            group_ops_bls12381_g2_mul_cost: Some(52),
1766            group_ops_bls12381_gt_mul_cost: Some(52),
1767            group_ops_bls12381_scalar_div_cost: Some(52),
1768            group_ops_bls12381_g1_div_cost: Some(52),
1769            group_ops_bls12381_g2_div_cost: Some(52),
1770            group_ops_bls12381_gt_div_cost: Some(52),
1771            group_ops_bls12381_g1_hash_to_base_cost: Some(52),
1772            group_ops_bls12381_g2_hash_to_base_cost: Some(52),
1773            group_ops_bls12381_g1_hash_to_cost_per_byte: Some(2),
1774            group_ops_bls12381_g2_hash_to_cost_per_byte: Some(2),
1775            group_ops_bls12381_g1_msm_base_cost: Some(52),
1776            group_ops_bls12381_g2_msm_base_cost: Some(52),
1777            group_ops_bls12381_g1_msm_base_cost_per_input: Some(52),
1778            group_ops_bls12381_g2_msm_base_cost_per_input: Some(52),
1779            group_ops_bls12381_msm_max_len: Some(32),
1780            group_ops_bls12381_pairing_cost: Some(52),
1781            group_ops_bls12381_g1_to_uncompressed_g1_cost: None,
1782            group_ops_bls12381_uncompressed_g1_to_g1_cost: None,
1783            group_ops_bls12381_uncompressed_g1_sum_base_cost: None,
1784            group_ops_bls12381_uncompressed_g1_sum_cost_per_term: None,
1785            group_ops_bls12381_uncompressed_g1_sum_max_terms: None,
1786
1787            // zklogin::check_zklogin_id
1788            check_zklogin_id_cost_base: Some(200),
1789            // zklogin::check_zklogin_issuer
1790            check_zklogin_issuer_cost_base: Some(200),
1791
1792            vdf_verify_vdf_cost: None,
1793            vdf_hash_to_input_cost: None,
1794
1795            bcs_per_byte_serialized_cost: Some(2),
1796            bcs_legacy_min_output_size_cost: Some(1),
1797            bcs_failure_cost: Some(52),
1798            hash_sha2_256_base_cost: Some(52),
1799            hash_sha2_256_per_byte_cost: Some(2),
1800            hash_sha2_256_legacy_min_input_len_cost: Some(1),
1801            hash_sha3_256_base_cost: Some(52),
1802            hash_sha3_256_per_byte_cost: Some(2),
1803            hash_sha3_256_legacy_min_input_len_cost: Some(1),
1804            type_name_get_base_cost: Some(52),
1805            type_name_get_per_byte_cost: Some(2),
1806            string_check_utf8_base_cost: Some(52),
1807            string_check_utf8_per_byte_cost: Some(2),
1808            string_is_char_boundary_base_cost: Some(52),
1809            string_sub_string_base_cost: Some(52),
1810            string_sub_string_per_byte_cost: Some(2),
1811            string_index_of_base_cost: Some(52),
1812            string_index_of_per_byte_pattern_cost: Some(2),
1813            string_index_of_per_byte_searched_cost: Some(2),
1814            vector_empty_base_cost: Some(52),
1815            vector_length_base_cost: Some(52),
1816            vector_push_back_base_cost: Some(52),
1817            vector_push_back_legacy_per_abstract_memory_unit_cost: Some(2),
1818            vector_borrow_base_cost: Some(52),
1819            vector_pop_back_base_cost: Some(52),
1820            vector_destroy_empty_base_cost: Some(52),
1821            vector_swap_base_cost: Some(52),
1822            debug_print_base_cost: Some(52),
1823            debug_print_stack_trace_base_cost: Some(52),
1824
1825            max_size_written_objects: Some(5 * 1000 * 1000),
1826            // max size of written objects during a system TXn to allow for larger writes
1827            // akin to `max_size_written_objects` but for system TXns
1828            max_size_written_objects_system_tx: Some(50 * 1000 * 1000),
1829
1830            // Limits the length of a Move identifier
1831            max_move_identifier_len: Some(128),
1832            max_move_value_depth: Some(128),
1833            max_move_enum_variants: None,
1834
1835            gas_rounding_step: Some(1_000),
1836
1837            execution_version: Some(1),
1838
1839            // We maintain the same total size limit for events, but increase the number of
1840            // events that can be emitted.
1841            max_event_emit_size_total: Some(
1842                256 /* former event count limit */ * 250 * 1024, // size limit per event
1843            ),
1844
1845            // Taking a baby step approach, we consider only 20% by stake as bad nodes so we
1846            // have a 80% by stake of nodes participating in the leader committee. That
1847            // allow us for more redundancy in case we have validators
1848            // under performing - since the responsibility is shared
1849            // amongst more nodes. We can increase that once we do have
1850            // higher confidence.
1851            consensus_bad_nodes_stake_threshold: Some(20),
1852
1853            // Max of 10 votes per hour.
1854            max_jwk_votes_per_validator_per_epoch: Some(240),
1855
1856            max_age_of_jwk_in_epochs: Some(1),
1857
1858            consensus_max_transaction_size_bytes: Some(256 * 1024), // 256KB
1859
1860            // Assume 1KB per transaction and 500 transactions per block.
1861            consensus_max_transactions_in_block_bytes: Some(512 * 1024),
1862
1863            random_beacon_reduction_allowed_delta: Some(800),
1864
1865            random_beacon_reduction_lower_bound: Some(1000),
1866            random_beacon_dkg_timeout_round: Some(3000),
1867            random_beacon_min_round_interval_ms: Some(500),
1868
1869            random_beacon_dkg_version: Some(1),
1870
1871            // Assume 20_000 TPS * 5% max stake per validator / (minimum) 4 blocks per round
1872            // = 250 transactions per block maximum Using a higher limit
1873            // that is 512, to account for bursty traffic and system transactions.
1874            consensus_max_num_transactions_in_block: Some(512),
1875
1876            max_deferral_rounds_for_congestion_control: Some(10),
1877
1878            min_checkpoint_interval_ms: Some(200),
1879
1880            checkpoint_summary_version_specific_data: Some(1),
1881
1882            max_soft_bundle_size: Some(5),
1883
1884            bridge_should_try_to_finalize_committee: None,
1885
1886            max_accumulated_txn_cost_per_object_in_mysticeti_commit: Some(10),
1887
1888            max_committee_members_count: None,
1889
1890            consensus_gc_depth: None,
1891            // When adding a new constant, set it to None in the earliest version, like this:
1892            // new_constant: None,
1893        };
1894
1895        cfg.feature_flags.consensus_transaction_ordering = ConsensusTransactionOrdering::ByGasPrice;
1896
1897        // MoveVM related flags
1898        {
1899            cfg.feature_flags
1900                .disable_invariant_violation_check_in_swap_loc = true;
1901            cfg.feature_flags.no_extraneous_module_bytes = true;
1902            cfg.feature_flags.hardened_otw_check = true;
1903            cfg.feature_flags.rethrow_serialization_type_layout_errors = true;
1904        }
1905
1906        // zkLogin related flags
1907        {
1908            cfg.feature_flags.zklogin_max_epoch_upper_bound_delta = Some(30);
1909        }
1910
1911        // Enable Mysticeti on mainnet.
1912        cfg.feature_flags.consensus_choice = ConsensusChoice::Mysticeti;
1913        // Use tonic networking for Mysticeti.
1914        cfg.feature_flags.consensus_network = ConsensusNetwork::Tonic;
1915
1916        cfg.feature_flags.per_object_congestion_control_mode =
1917            PerObjectCongestionControlMode::TotalTxCount;
1918
1919        // Do not allow bridge committee to finalize on mainnet.
1920        cfg.bridge_should_try_to_finalize_committee = Some(chain != Chain::Mainnet);
1921
1922        // Devnet
1923        if chain != Chain::Mainnet && chain != Chain::Testnet {
1924            cfg.feature_flags.enable_poseidon = true;
1925            cfg.poseidon_bn254_cost_base = Some(260);
1926            cfg.poseidon_bn254_cost_per_block = Some(10);
1927
1928            cfg.feature_flags.enable_group_ops_native_function_msm = true;
1929
1930            cfg.feature_flags.enable_vdf = true;
1931            // Set to 30x and 2x the cost of a signature verification for now. This
1932            // should be updated along with other native crypto functions.
1933            cfg.vdf_verify_vdf_cost = Some(1500);
1934            cfg.vdf_hash_to_input_cost = Some(100);
1935
1936            cfg.feature_flags.passkey_auth = true;
1937        }
1938
1939        for cur in 2..=version.0 {
1940            match cur {
1941                1 => unreachable!(),
1942                // version 2 is a new framework version but with no config changes
1943                2 => {}
1944                3 => {
1945                    cfg.feature_flags.relocate_event_module = true;
1946                }
1947                4 => {
1948                    cfg.max_type_to_layout_nodes = Some(512);
1949                }
1950                5 => {
1951                    cfg.feature_flags.protocol_defined_base_fee = true;
1952                    cfg.base_gas_price = Some(1000);
1953
1954                    cfg.feature_flags.disallow_new_modules_in_deps_only_packages = true;
1955                    cfg.feature_flags.convert_type_argument_error = true;
1956                    cfg.feature_flags.native_charging_v2 = true;
1957
1958                    if chain != Chain::Mainnet && chain != Chain::Testnet {
1959                        cfg.feature_flags.uncompressed_g1_group_elements = true;
1960                    }
1961
1962                    cfg.gas_model_version = Some(2);
1963
1964                    cfg.poseidon_bn254_cost_per_block = Some(388);
1965
1966                    cfg.bls12381_bls12381_min_sig_verify_cost_base = Some(44064);
1967                    cfg.bls12381_bls12381_min_pk_verify_cost_base = Some(49282);
1968                    cfg.ecdsa_k1_secp256k1_verify_keccak256_cost_base = Some(1470);
1969                    cfg.ecdsa_k1_secp256k1_verify_sha256_cost_base = Some(1470);
1970                    cfg.ecdsa_r1_secp256r1_verify_sha256_cost_base = Some(4225);
1971                    cfg.ecdsa_r1_secp256r1_verify_keccak256_cost_base = Some(4225);
1972                    cfg.ecvrf_ecvrf_verify_cost_base = Some(4848);
1973                    cfg.ed25519_ed25519_verify_cost_base = Some(1802);
1974
1975                    // Manually changed to be "under cost"
1976                    cfg.ecdsa_r1_ecrecover_keccak256_cost_base = Some(1173);
1977                    cfg.ecdsa_r1_ecrecover_sha256_cost_base = Some(1173);
1978                    cfg.ecdsa_k1_ecrecover_keccak256_cost_base = Some(500);
1979                    cfg.ecdsa_k1_ecrecover_sha256_cost_base = Some(500);
1980
1981                    cfg.groth16_prepare_verifying_key_bls12381_cost_base = Some(53838);
1982                    cfg.groth16_prepare_verifying_key_bn254_cost_base = Some(82010);
1983                    cfg.groth16_verify_groth16_proof_internal_bls12381_cost_base = Some(72090);
1984                    cfg.groth16_verify_groth16_proof_internal_bls12381_cost_per_public_input =
1985                        Some(8213);
1986                    cfg.groth16_verify_groth16_proof_internal_bn254_cost_base = Some(115502);
1987                    cfg.groth16_verify_groth16_proof_internal_bn254_cost_per_public_input =
1988                        Some(9484);
1989
1990                    cfg.hash_keccak256_cost_base = Some(10);
1991                    cfg.hash_blake2b256_cost_base = Some(10);
1992
1993                    // group ops
1994                    cfg.group_ops_bls12381_decode_scalar_cost = Some(7);
1995                    cfg.group_ops_bls12381_decode_g1_cost = Some(2848);
1996                    cfg.group_ops_bls12381_decode_g2_cost = Some(3770);
1997                    cfg.group_ops_bls12381_decode_gt_cost = Some(3068);
1998
1999                    cfg.group_ops_bls12381_scalar_add_cost = Some(10);
2000                    cfg.group_ops_bls12381_g1_add_cost = Some(1556);
2001                    cfg.group_ops_bls12381_g2_add_cost = Some(3048);
2002                    cfg.group_ops_bls12381_gt_add_cost = Some(188);
2003
2004                    cfg.group_ops_bls12381_scalar_sub_cost = Some(10);
2005                    cfg.group_ops_bls12381_g1_sub_cost = Some(1550);
2006                    cfg.group_ops_bls12381_g2_sub_cost = Some(3019);
2007                    cfg.group_ops_bls12381_gt_sub_cost = Some(497);
2008
2009                    cfg.group_ops_bls12381_scalar_mul_cost = Some(11);
2010                    cfg.group_ops_bls12381_g1_mul_cost = Some(4842);
2011                    cfg.group_ops_bls12381_g2_mul_cost = Some(9108);
2012                    cfg.group_ops_bls12381_gt_mul_cost = Some(27490);
2013
2014                    cfg.group_ops_bls12381_scalar_div_cost = Some(91);
2015                    cfg.group_ops_bls12381_g1_div_cost = Some(5091);
2016                    cfg.group_ops_bls12381_g2_div_cost = Some(9206);
2017                    cfg.group_ops_bls12381_gt_div_cost = Some(27804);
2018
2019                    cfg.group_ops_bls12381_g1_hash_to_base_cost = Some(2962);
2020                    cfg.group_ops_bls12381_g2_hash_to_base_cost = Some(8688);
2021
2022                    cfg.group_ops_bls12381_g1_msm_base_cost = Some(62648);
2023                    cfg.group_ops_bls12381_g2_msm_base_cost = Some(131192);
2024                    cfg.group_ops_bls12381_g1_msm_base_cost_per_input = Some(1333);
2025                    cfg.group_ops_bls12381_g2_msm_base_cost_per_input = Some(3216);
2026
2027                    cfg.group_ops_bls12381_uncompressed_g1_to_g1_cost = Some(677);
2028                    cfg.group_ops_bls12381_g1_to_uncompressed_g1_cost = Some(2099);
2029                    cfg.group_ops_bls12381_uncompressed_g1_sum_base_cost = Some(77);
2030                    cfg.group_ops_bls12381_uncompressed_g1_sum_cost_per_term = Some(26);
2031                    cfg.group_ops_bls12381_uncompressed_g1_sum_max_terms = Some(1200);
2032
2033                    cfg.group_ops_bls12381_pairing_cost = Some(26897);
2034
2035                    cfg.validator_validate_metadata_cost_base = Some(20000);
2036
2037                    cfg.max_committee_members_count = Some(50);
2038                }
2039                6 => {
2040                    cfg.max_ptb_value_size = Some(1024 * 1024);
2041                }
2042                7 => {
2043                    // version 7 is a new framework version but with no config
2044                    // changes
2045                }
2046                8 => {
2047                    cfg.feature_flags.variant_nodes = true;
2048
2049                    if chain != Chain::Mainnet {
2050                        // Enable round prober in consensus.
2051                        cfg.feature_flags.consensus_round_prober = true;
2052                        // Enable distributed vote scoring.
2053                        cfg.feature_flags
2054                            .consensus_distributed_vote_scoring_strategy = true;
2055                        cfg.feature_flags.consensus_linearize_subdag_v2 = true;
2056                        // Enable smart ancestor selection for testnet
2057                        cfg.feature_flags.consensus_smart_ancestor_selection = true;
2058                        // Enable probing for accepted rounds in round prober for testnet
2059                        cfg.feature_flags
2060                            .consensus_round_prober_probe_accepted_rounds = true;
2061                        // Enable zstd compression for consensus in testnet
2062                        cfg.feature_flags.consensus_zstd_compression = true;
2063                        // Assuming a round rate of max 15/sec, then using a gc depth of 60 allow
2064                        // blocks within a window of ~4 seconds
2065                        // to be included before be considered garbage collected.
2066                        cfg.consensus_gc_depth = Some(60);
2067                    }
2068
2069                    // Enable min_free_execution_slot for the shared object congestion tracker in
2070                    // devnet.
2071                    if chain != Chain::Testnet && chain != Chain::Mainnet {
2072                        cfg.feature_flags.congestion_control_min_free_execution_slot = true;
2073                    }
2074                }
2075                9 => {
2076                    if chain != Chain::Mainnet {
2077                        // Disable smart ancestor selection in the testnet and devnet.
2078                        cfg.feature_flags.consensus_smart_ancestor_selection = false;
2079                    }
2080
2081                    // Enable zstd compression for consensus
2082                    cfg.feature_flags.consensus_zstd_compression = true;
2083
2084                    // Enable passkey in multisig in devnet.
2085                    if chain != Chain::Testnet && chain != Chain::Mainnet {
2086                        cfg.feature_flags.accept_passkey_in_multisig = true;
2087                    }
2088
2089                    // this flag is now deprecated because of the bridge removal.
2090                    cfg.bridge_should_try_to_finalize_committee = None;
2091                }
2092                10 => {
2093                    // Enable min_free_execution_slot for the shared object congestion tracker in
2094                    // all networks.
2095                    cfg.feature_flags.congestion_control_min_free_execution_slot = true;
2096
2097                    // Increase the committee size to 80 on all networks.
2098                    cfg.max_committee_members_count = Some(80);
2099
2100                    // Enable round prober in consensus.
2101                    cfg.feature_flags.consensus_round_prober = true;
2102                    // Enable probing for accepted rounds in round.
2103                    cfg.feature_flags
2104                        .consensus_round_prober_probe_accepted_rounds = true;
2105                    // Enable distributed vote scoring.
2106                    cfg.feature_flags
2107                        .consensus_distributed_vote_scoring_strategy = true;
2108                    // Enable the new consensus commit rule.
2109                    cfg.feature_flags.consensus_linearize_subdag_v2 = true;
2110
2111                    // Enable consensus garbage collection
2112                    // Assuming a round rate of max 15/sec, then using a gc depth of 60 allow
2113                    // blocks within a window of ~4 seconds
2114                    // to be included before be considered garbage collected.
2115                    cfg.consensus_gc_depth = Some(60);
2116
2117                    // Enable minimized child object mutation counting.
2118                    cfg.feature_flags.minimize_child_object_mutations = true;
2119
2120                    if chain != Chain::Mainnet {
2121                        // Enable batched block sync in devnet and testnet.
2122                        cfg.feature_flags.consensus_batched_block_sync = true;
2123                    }
2124
2125                    if chain != Chain::Testnet && chain != Chain::Mainnet {
2126                        // Enable the gas price feedback mechanism (which is used for
2127                        // transactions cancelled due to shared object congestion) in devnet
2128                        cfg.feature_flags
2129                            .congestion_control_gas_price_feedback_mechanism = true;
2130                    }
2131
2132                    cfg.feature_flags.validate_identifier_inputs = true;
2133                    cfg.feature_flags.dependency_linkage_error = true;
2134                    cfg.feature_flags.additional_multisig_checks = true;
2135                }
2136                11 => {
2137                    // version 11 is a new framework version but with no config
2138                    // changes
2139                }
2140                12 => {
2141                    // Enable the gas price feedback mechanism for transactions
2142                    // cancelled due to congestion in all networks
2143                    cfg.feature_flags
2144                        .congestion_control_gas_price_feedback_mechanism = true;
2145
2146                    // Enable normalization of PTB arguments in all networks.
2147                    cfg.feature_flags.normalize_ptb_arguments = true;
2148                }
2149                // Use this template when making changes:
2150                //
2151                //     // modify an existing constant.
2152                //     move_binary_format_version: Some(7),
2153                //
2154                //     // Add a new constant (which is set to None in prior versions).
2155                //     new_constant: Some(new_value),
2156                //
2157                //     // Remove a constant (ensure that it is never accessed during this version).
2158                //     max_move_object_size: None,
2159                _ => panic!("unsupported version {version:?}"),
2160            }
2161        }
2162        cfg
2163    }
2164
2165    // Extract the bytecode verifier config from this protocol config. `for_signing`
2166    // indicates whether this config is used for verification during signing or
2167    // execution.
2168    pub fn verifier_config(&self, signing_limits: Option<(usize, usize)>) -> VerifierConfig {
2169        let (max_back_edges_per_function, max_back_edges_per_module) = if let Some((
2170            max_back_edges_per_function,
2171            max_back_edges_per_module,
2172        )) = signing_limits
2173        {
2174            (
2175                Some(max_back_edges_per_function),
2176                Some(max_back_edges_per_module),
2177            )
2178        } else {
2179            (None, None)
2180        };
2181
2182        VerifierConfig {
2183            max_loop_depth: Some(self.max_loop_depth() as usize),
2184            max_generic_instantiation_length: Some(self.max_generic_instantiation_length() as usize),
2185            max_function_parameters: Some(self.max_function_parameters() as usize),
2186            max_basic_blocks: Some(self.max_basic_blocks() as usize),
2187            max_value_stack_size: self.max_value_stack_size() as usize,
2188            max_type_nodes: Some(self.max_type_nodes() as usize),
2189            max_push_size: Some(self.max_push_size() as usize),
2190            max_dependency_depth: Some(self.max_dependency_depth() as usize),
2191            max_fields_in_struct: Some(self.max_fields_in_struct() as usize),
2192            max_function_definitions: Some(self.max_function_definitions() as usize),
2193            max_data_definitions: Some(self.max_struct_definitions() as usize),
2194            max_constant_vector_len: Some(self.max_move_vector_len()),
2195            max_back_edges_per_function,
2196            max_back_edges_per_module,
2197            max_basic_blocks_in_script: None,
2198            max_identifier_len: self.max_move_identifier_len_as_option(), /* Before protocol
2199                                                                           * version 9, there was
2200                                                                           * no limit */
2201            bytecode_version: self.move_binary_format_version(),
2202            max_variants_in_enum: self.max_move_enum_variants_as_option(),
2203        }
2204    }
2205
2206    /// Override one or more settings in the config, for testing.
2207    /// This must be called at the beginning of the test, before
2208    /// get_for_(min|max)_version is called, since those functions cache
2209    /// their return value.
2210    pub fn apply_overrides_for_testing(
2211        override_fn: impl Fn(ProtocolVersion, Self) -> Self + Send + Sync + 'static,
2212    ) -> OverrideGuard {
2213        CONFIG_OVERRIDE.with(|ovr| {
2214            let mut cur = ovr.borrow_mut();
2215            assert!(cur.is_none(), "config override already present");
2216            *cur = Some(Box::new(override_fn));
2217            OverrideGuard
2218        })
2219    }
2220}
2221
2222// Setters for tests.
2223// This is only needed for feature_flags. Please suffix each setter with
2224// `_for_testing`. Non-feature_flags should already have test setters defined
2225// through macros.
2226impl ProtocolConfig {
2227    pub fn set_zklogin_auth_for_testing(&mut self, val: bool) {
2228        self.feature_flags.zklogin_auth = val
2229    }
2230    pub fn set_enable_jwk_consensus_updates_for_testing(&mut self, val: bool) {
2231        self.feature_flags.enable_jwk_consensus_updates = val
2232    }
2233
2234    pub fn set_accept_zklogin_in_multisig_for_testing(&mut self, val: bool) {
2235        self.feature_flags.accept_zklogin_in_multisig = val
2236    }
2237
2238    pub fn set_per_object_congestion_control_mode_for_testing(
2239        &mut self,
2240        val: PerObjectCongestionControlMode,
2241    ) {
2242        self.feature_flags.per_object_congestion_control_mode = val;
2243    }
2244
2245    pub fn set_consensus_choice_for_testing(&mut self, val: ConsensusChoice) {
2246        self.feature_flags.consensus_choice = val;
2247    }
2248
2249    pub fn set_consensus_network_for_testing(&mut self, val: ConsensusNetwork) {
2250        self.feature_flags.consensus_network = val;
2251    }
2252
2253    pub fn set_zklogin_max_epoch_upper_bound_delta_for_testing(&mut self, val: Option<u64>) {
2254        self.feature_flags.zklogin_max_epoch_upper_bound_delta = val
2255    }
2256
2257    pub fn set_passkey_auth_for_testing(&mut self, val: bool) {
2258        self.feature_flags.passkey_auth = val
2259    }
2260
2261    pub fn set_disallow_new_modules_in_deps_only_packages_for_testing(&mut self, val: bool) {
2262        self.feature_flags
2263            .disallow_new_modules_in_deps_only_packages = val;
2264    }
2265
2266    pub fn set_consensus_round_prober_for_testing(&mut self, val: bool) {
2267        self.feature_flags.consensus_round_prober = val;
2268    }
2269
2270    pub fn set_consensus_distributed_vote_scoring_strategy_for_testing(&mut self, val: bool) {
2271        self.feature_flags
2272            .consensus_distributed_vote_scoring_strategy = val;
2273    }
2274
2275    pub fn set_gc_depth_for_testing(&mut self, val: u32) {
2276        self.consensus_gc_depth = Some(val);
2277    }
2278
2279    pub fn set_consensus_linearize_subdag_v2_for_testing(&mut self, val: bool) {
2280        self.feature_flags.consensus_linearize_subdag_v2 = val;
2281    }
2282
2283    pub fn set_consensus_round_prober_probe_accepted_rounds(&mut self, val: bool) {
2284        self.feature_flags
2285            .consensus_round_prober_probe_accepted_rounds = val;
2286    }
2287
2288    pub fn set_accept_passkey_in_multisig_for_testing(&mut self, val: bool) {
2289        self.feature_flags.accept_passkey_in_multisig = val;
2290    }
2291
2292    pub fn set_consensus_smart_ancestor_selection_for_testing(&mut self, val: bool) {
2293        self.feature_flags.consensus_smart_ancestor_selection = val;
2294    }
2295
2296    pub fn set_consensus_batched_block_sync_for_testing(&mut self, val: bool) {
2297        self.feature_flags.consensus_batched_block_sync = val;
2298    }
2299
2300    pub fn set_congestion_control_min_free_execution_slot_for_testing(&mut self, val: bool) {
2301        self.feature_flags
2302            .congestion_control_min_free_execution_slot = val;
2303    }
2304
2305    pub fn set_congestion_control_gas_price_feedback_mechanism_for_testing(&mut self, val: bool) {
2306        self.feature_flags
2307            .congestion_control_gas_price_feedback_mechanism = val;
2308    }
2309}
2310
2311type OverrideFn = dyn Fn(ProtocolVersion, ProtocolConfig) -> ProtocolConfig + Send + Sync;
2312
2313thread_local! {
2314    static CONFIG_OVERRIDE: RefCell<Option<Box<OverrideFn>>> = const { RefCell::new(None) };
2315}
2316
2317#[must_use]
2318pub struct OverrideGuard;
2319
2320impl Drop for OverrideGuard {
2321    fn drop(&mut self) {
2322        info!("restoring override fn");
2323        CONFIG_OVERRIDE.with(|ovr| {
2324            *ovr.borrow_mut() = None;
2325        });
2326    }
2327}
2328
2329/// Defines which limit got crossed.
2330/// The value which crossed the limit and value of the limit crossed are
2331/// embedded
2332#[derive(PartialEq, Eq)]
2333pub enum LimitThresholdCrossed {
2334    None,
2335    Soft(u128, u128),
2336    Hard(u128, u128),
2337}
2338
2339/// Convenience function for comparing limit ranges
2340/// V::MAX must be at >= U::MAX and T::MAX
2341pub fn check_limit_in_range<T: Into<V>, U: Into<V>, V: PartialOrd + Into<u128>>(
2342    x: T,
2343    soft_limit: U,
2344    hard_limit: V,
2345) -> LimitThresholdCrossed {
2346    let x: V = x.into();
2347    let soft_limit: V = soft_limit.into();
2348
2349    debug_assert!(soft_limit <= hard_limit);
2350
2351    // It is important to preserve this comparison order because if soft_limit ==
2352    // hard_limit we want LimitThresholdCrossed::Hard
2353    if x >= hard_limit {
2354        LimitThresholdCrossed::Hard(x.into(), hard_limit.into())
2355    } else if x < soft_limit {
2356        LimitThresholdCrossed::None
2357    } else {
2358        LimitThresholdCrossed::Soft(x.into(), soft_limit.into())
2359    }
2360}
2361
2362#[macro_export]
2363macro_rules! check_limit {
2364    ($x:expr, $hard:expr) => {
2365        check_limit!($x, $hard, $hard)
2366    };
2367    ($x:expr, $soft:expr, $hard:expr) => {
2368        check_limit_in_range($x as u64, $soft, $hard)
2369    };
2370}
2371
2372/// Used to check which limits were crossed if the TX is metered (not system tx)
2373/// Args are: is_metered, value_to_check, metered_limit, unmetered_limit
2374/// metered_limit is always less than or equal to unmetered_hard_limit
2375#[macro_export]
2376macro_rules! check_limit_by_meter {
2377    ($is_metered:expr, $x:expr, $metered_limit:expr, $unmetered_hard_limit:expr, $metric:expr) => {{
2378        // If this is metered, we use the metered_limit limit as the upper bound
2379        let (h, metered_str) = if $is_metered {
2380            ($metered_limit, "metered")
2381        } else {
2382            // Unmetered gets more headroom
2383            ($unmetered_hard_limit, "unmetered")
2384        };
2385        use iota_protocol_config::check_limit_in_range;
2386        let result = check_limit_in_range($x as u64, $metered_limit, h);
2387        match result {
2388            LimitThresholdCrossed::None => {}
2389            LimitThresholdCrossed::Soft(_, _) => {
2390                $metric.with_label_values(&[metered_str, "soft"]).inc();
2391            }
2392            LimitThresholdCrossed::Hard(_, _) => {
2393                $metric.with_label_values(&[metered_str, "hard"]).inc();
2394            }
2395        };
2396        result
2397    }};
2398}
2399
2400#[cfg(all(test, not(msim)))]
2401mod test {
2402    use insta::assert_yaml_snapshot;
2403
2404    use super::*;
2405
2406    #[test]
2407    fn snapshot_tests() {
2408        println!("\n============================================================================");
2409        println!("!                                                                          !");
2410        println!("! IMPORTANT: never update snapshots from this test. only add new versions! !");
2411        println!("!                                                                          !");
2412        println!("============================================================================\n");
2413        for chain_id in &[Chain::Unknown, Chain::Mainnet, Chain::Testnet] {
2414            // make Chain::Unknown snapshots compatible with pre-chain-id snapshots so that
2415            // we don't break the release-time compatibility tests. Once Chain
2416            // Id configs have been released everywhere, we can remove this and
2417            // only test Mainnet and Testnet
2418            let chain_str = match chain_id {
2419                Chain::Unknown => "".to_string(),
2420                _ => format!("{chain_id:?}_"),
2421            };
2422            for i in MIN_PROTOCOL_VERSION..=MAX_PROTOCOL_VERSION {
2423                let cur = ProtocolVersion::new(i);
2424                assert_yaml_snapshot!(
2425                    format!("{}version_{}", chain_str, cur.as_u64()),
2426                    ProtocolConfig::get_for_version(cur, *chain_id)
2427                );
2428            }
2429        }
2430    }
2431
2432    #[test]
2433    fn test_getters() {
2434        let prot: ProtocolConfig =
2435            ProtocolConfig::get_for_version(ProtocolVersion::new(1), Chain::Unknown);
2436        assert_eq!(
2437            prot.max_arguments(),
2438            prot.max_arguments_as_option().unwrap()
2439        );
2440    }
2441
2442    #[test]
2443    fn test_setters() {
2444        let mut prot: ProtocolConfig =
2445            ProtocolConfig::get_for_version(ProtocolVersion::new(1), Chain::Unknown);
2446        prot.set_max_arguments_for_testing(123);
2447        assert_eq!(prot.max_arguments(), 123);
2448
2449        prot.set_max_arguments_from_str_for_testing("321".to_string());
2450        assert_eq!(prot.max_arguments(), 321);
2451
2452        prot.disable_max_arguments_for_testing();
2453        assert_eq!(prot.max_arguments_as_option(), None);
2454
2455        prot.set_attr_for_testing("max_arguments".to_string(), "456".to_string());
2456        assert_eq!(prot.max_arguments(), 456);
2457    }
2458
2459    #[test]
2460    #[should_panic(expected = "unsupported version")]
2461    fn max_version_test() {
2462        // When this does not panic, version higher than MAX_PROTOCOL_VERSION exists.
2463        // To fix, bump MAX_PROTOCOL_VERSION or disable this check for the version.
2464        let _ = ProtocolConfig::get_for_version_impl(
2465            ProtocolVersion::new(MAX_PROTOCOL_VERSION + 1),
2466            Chain::Unknown,
2467        );
2468    }
2469
2470    #[test]
2471    fn lookup_by_string_test() {
2472        let prot: ProtocolConfig =
2473            ProtocolConfig::get_for_version(ProtocolVersion::new(1), Chain::Mainnet);
2474        // Does not exist
2475        assert!(prot.lookup_attr("some random string".to_string()).is_none());
2476
2477        assert!(
2478            prot.lookup_attr("max_arguments".to_string())
2479                == Some(ProtocolConfigValue::u32(prot.max_arguments())),
2480        );
2481
2482        // We didnt have this in version 1 on Mainnet
2483        assert!(
2484            prot.lookup_attr("poseidon_bn254_cost_base".to_string())
2485                .is_none()
2486        );
2487        assert!(
2488            prot.attr_map()
2489                .get("poseidon_bn254_cost_base")
2490                .unwrap()
2491                .is_none()
2492        );
2493
2494        // But we did in version 1 on Devnet
2495        let prot: ProtocolConfig =
2496            ProtocolConfig::get_for_version(ProtocolVersion::new(1), Chain::Unknown);
2497
2498        assert!(
2499            prot.lookup_attr("poseidon_bn254_cost_base".to_string())
2500                == Some(ProtocolConfigValue::u64(prot.poseidon_bn254_cost_base()))
2501        );
2502        assert!(
2503            prot.attr_map().get("poseidon_bn254_cost_base").unwrap()
2504                == &Some(ProtocolConfigValue::u64(prot.poseidon_bn254_cost_base()))
2505        );
2506
2507        // Check feature flags
2508        let prot: ProtocolConfig =
2509            ProtocolConfig::get_for_version(ProtocolVersion::new(1), Chain::Mainnet);
2510        // Does not exist
2511        assert!(
2512            prot.feature_flags
2513                .lookup_attr("some random string".to_owned())
2514                .is_none()
2515        );
2516        assert!(
2517            !prot
2518                .feature_flags
2519                .attr_map()
2520                .contains_key("some random string")
2521        );
2522
2523        // Was false in v1 on Mainnet
2524        assert!(prot.feature_flags.lookup_attr("enable_poseidon".to_owned()) == Some(false));
2525        assert!(
2526            prot.feature_flags
2527                .attr_map()
2528                .get("enable_poseidon")
2529                .unwrap()
2530                == &false
2531        );
2532        let prot: ProtocolConfig =
2533            ProtocolConfig::get_for_version(ProtocolVersion::new(1), Chain::Unknown);
2534        // Was true from v1 and up on Devnet
2535        assert!(prot.feature_flags.lookup_attr("enable_poseidon".to_owned()) == Some(true));
2536        assert!(
2537            prot.feature_flags
2538                .attr_map()
2539                .get("enable_poseidon")
2540                .unwrap()
2541                == &true
2542        );
2543    }
2544
2545    #[test]
2546    fn limit_range_fn_test() {
2547        let low = 100u32;
2548        let high = 10000u64;
2549
2550        assert!(check_limit!(1u8, low, high) == LimitThresholdCrossed::None);
2551        assert!(matches!(
2552            check_limit!(255u16, low, high),
2553            LimitThresholdCrossed::Soft(255u128, 100)
2554        ));
2555        // This wont compile because lossy
2556        // assert!(check_limit!(100000000u128, low, high) ==
2557        // LimitThresholdCrossed::None); This wont compile because lossy
2558        // assert!(check_limit!(100000000usize, low, high) ==
2559        // LimitThresholdCrossed::None);
2560
2561        assert!(matches!(
2562            check_limit!(2550000u64, low, high),
2563            LimitThresholdCrossed::Hard(2550000, 10000)
2564        ));
2565
2566        assert!(matches!(
2567            check_limit!(2550000u64, high, high),
2568            LimitThresholdCrossed::Hard(2550000, 10000)
2569        ));
2570
2571        assert!(matches!(
2572            check_limit!(1u8, high),
2573            LimitThresholdCrossed::None
2574        ));
2575
2576        assert!(check_limit!(255u16, high) == LimitThresholdCrossed::None);
2577
2578        assert!(matches!(
2579            check_limit!(2550000u64, high),
2580            LimitThresholdCrossed::Hard(2550000, 10000)
2581        ));
2582    }
2583}