1use std::{net::SocketAddr, path::PathBuf, time::Duration};
6
7use fastcrypto::{
8 encoding::{Encoding, Hex},
9 traits::KeyPair,
10};
11use iota_config::{
12 AUTHORITIES_DB_NAME, CONSENSUS_DB_NAME, ConsensusConfig, FULL_NODE_DB_PATH,
13 IOTA_GENESIS_MIGRATION_TX_DATA_FILENAME, NodeConfig, local_ip_utils,
14 node::{
15 AuthorityKeyPairWithPath, AuthorityOverloadConfig, AuthorityStorePruningConfig,
16 CheckpointExecutorConfig, DBCheckpointConfig, DEFAULT_GRPC_CONCURRENCY_LIMIT,
17 ExecutionCacheConfig, ExpensiveSafetyCheckConfig, Genesis, KeyPairWithPath, RunWithRange,
18 StateArchiveConfig, StateSnapshotConfig, default_enable_index_processing,
19 default_end_of_epoch_broadcast_channel_capacity, default_zklogin_oauth_providers,
20 },
21 p2p::{P2pConfig, SeedPeer, StateSyncConfig},
22 verifier_signing_config::VerifierSigningConfig,
23};
24use iota_types::{
25 crypto::{AuthorityKeyPair, AuthorityPublicKeyBytes, IotaKeyPair, NetworkKeyPair},
26 multiaddr::Multiaddr,
27 supported_protocol_versions::SupportedProtocolVersions,
28 traffic_control::{PolicyConfig, RemoteFirewallConfig},
29};
30
31use crate::{
32 genesis_config::{ValidatorGenesisConfig, ValidatorGenesisConfigBuilder},
33 network_config::NetworkConfig,
34};
35
36#[derive(Clone, Default)]
40pub struct ValidatorConfigBuilder {
41 config_directory: Option<PathBuf>,
42 supported_protocol_versions: Option<SupportedProtocolVersions>,
43 force_unpruned_checkpoints: bool,
44 jwk_fetch_interval: Option<Duration>,
45 authority_overload_config: Option<AuthorityOverloadConfig>,
46 data_ingestion_dir: Option<PathBuf>,
47 policy_config: Option<PolicyConfig>,
48 firewall_config: Option<RemoteFirewallConfig>,
49 max_submit_position: Option<usize>,
50 submit_delay_step_override_millis: Option<u64>,
51}
52
53impl ValidatorConfigBuilder {
54 pub fn new() -> Self {
55 Self {
56 ..Default::default()
57 }
58 }
59
60 pub fn with_config_directory(mut self, config_directory: PathBuf) -> Self {
61 assert!(self.config_directory.is_none());
62 self.config_directory = Some(config_directory);
63 self
64 }
65
66 pub fn with_supported_protocol_versions(
67 mut self,
68 supported_protocol_versions: SupportedProtocolVersions,
69 ) -> Self {
70 assert!(self.supported_protocol_versions.is_none());
71 self.supported_protocol_versions = Some(supported_protocol_versions);
72 self
73 }
74
75 pub fn with_unpruned_checkpoints(mut self) -> Self {
76 self.force_unpruned_checkpoints = true;
77 self
78 }
79
80 pub fn with_jwk_fetch_interval(mut self, i: Duration) -> Self {
81 self.jwk_fetch_interval = Some(i);
82 self
83 }
84
85 pub fn with_authority_overload_config(mut self, config: AuthorityOverloadConfig) -> Self {
86 self.authority_overload_config = Some(config);
87 self
88 }
89
90 pub fn with_data_ingestion_dir(mut self, path: PathBuf) -> Self {
91 self.data_ingestion_dir = Some(path);
92 self
93 }
94
95 pub fn with_policy_config(mut self, config: Option<PolicyConfig>) -> Self {
96 self.policy_config = config;
97 self
98 }
99
100 pub fn with_firewall_config(mut self, config: Option<RemoteFirewallConfig>) -> Self {
101 self.firewall_config = config;
102 self
103 }
104
105 pub fn with_max_submit_position(mut self, max_submit_position: usize) -> Self {
106 self.max_submit_position = Some(max_submit_position);
107 self
108 }
109
110 pub fn with_submit_delay_step_override_millis(
111 mut self,
112 submit_delay_step_override_millis: u64,
113 ) -> Self {
114 self.submit_delay_step_override_millis = Some(submit_delay_step_override_millis);
115 self
116 }
117
118 pub fn build_without_genesis(self, validator: ValidatorGenesisConfig) -> NodeConfig {
119 let key_path = get_key_path(&validator.authority_key_pair);
120 let config_directory = self
121 .config_directory
122 .unwrap_or_else(|| tempfile::tempdir().unwrap().into_path());
123 let migration_tx_data_path =
124 Some(config_directory.join(IOTA_GENESIS_MIGRATION_TX_DATA_FILENAME));
125 let db_path = config_directory
126 .join(AUTHORITIES_DB_NAME)
127 .join(key_path.clone());
128 let network_address = validator.network_address;
129 let consensus_db_path = config_directory.join(CONSENSUS_DB_NAME).join(key_path);
130 let localhost = local_ip_utils::localhost_for_testing();
131 let consensus_config = ConsensusConfig {
132 db_path: consensus_db_path,
133 db_retention_epochs: None,
134 db_pruner_period_secs: None,
135 max_pending_transactions: None,
136 max_submit_position: self.max_submit_position,
137 submit_delay_step_override_millis: self.submit_delay_step_override_millis,
138 parameters: Default::default(),
139 };
140
141 let p2p_config = P2pConfig {
142 listen_address: validator.p2p_listen_address.unwrap_or_else(|| {
143 validator
144 .p2p_address
145 .udp_multiaddr_to_listen_address()
146 .unwrap()
147 }),
148 external_address: Some(validator.p2p_address),
149 state_sync: Some(StateSyncConfig {
152 checkpoint_content_timeout_ms: Some(10_000),
153 ..Default::default()
154 }),
155 ..Default::default()
156 };
157
158 let mut pruning_config = AuthorityStorePruningConfig::default();
159 if self.force_unpruned_checkpoints {
160 pruning_config.set_num_epochs_to_retain_for_checkpoints(None);
161 }
162 let pruning_config = pruning_config;
163 let checkpoint_executor_config = CheckpointExecutorConfig {
164 data_ingestion_dir: self.data_ingestion_dir,
165 ..Default::default()
166 };
167
168 NodeConfig {
169 authority_key_pair: AuthorityKeyPairWithPath::new(validator.authority_key_pair),
170 network_key_pair: KeyPairWithPath::new(IotaKeyPair::Ed25519(
171 validator.network_key_pair,
172 )),
173 account_key_pair: KeyPairWithPath::new(validator.account_key_pair),
174 protocol_key_pair: KeyPairWithPath::new(IotaKeyPair::Ed25519(
175 validator.protocol_key_pair,
176 )),
177 db_path,
178 network_address,
179 metrics_address: validator.metrics_address,
180 admin_interface_address: local_ip_utils::new_tcp_address_for_testing(&localhost)
181 .to_socket_addr()
182 .unwrap(),
183 json_rpc_address: local_ip_utils::new_tcp_address_for_testing(&localhost)
184 .to_socket_addr()
185 .unwrap(),
186 consensus_config: Some(consensus_config),
187 remove_deprecated_tables: false,
188 enable_index_processing: default_enable_index_processing(),
189 genesis: Genesis::new_empty(),
190 migration_tx_data_path,
191 grpc_load_shed: None,
192 grpc_concurrency_limit: Some(DEFAULT_GRPC_CONCURRENCY_LIMIT),
193 p2p_config,
194 authority_store_pruning_config: pruning_config,
195 end_of_epoch_broadcast_channel_capacity:
196 default_end_of_epoch_broadcast_channel_capacity(),
197 checkpoint_executor_config,
198 metrics: None,
199 supported_protocol_versions: self.supported_protocol_versions,
200 db_checkpoint_config: Default::default(),
201 indirect_objects_threshold: usize::MAX,
202 expensive_safety_check_config: ExpensiveSafetyCheckConfig::default(),
205 transaction_deny_config: Default::default(),
206 certificate_deny_config: Default::default(),
207 state_debug_dump_config: Default::default(),
208 state_archive_write_config: StateArchiveConfig::default(),
209 state_archive_read_config: vec![],
210 state_snapshot_write_config: StateSnapshotConfig::default(),
211 indexer_max_subscriptions: Default::default(),
212 transaction_kv_store_read_config: Default::default(),
213 transaction_kv_store_write_config: None,
214 enable_rest_api: true,
215 jwk_fetch_interval_seconds: self
216 .jwk_fetch_interval
217 .map(|i| i.as_secs())
218 .unwrap_or(3600),
219 zklogin_oauth_providers: default_zklogin_oauth_providers(),
220 authority_overload_config: self.authority_overload_config.unwrap_or_default(),
221 run_with_range: None,
222 jsonrpc_server_type: None,
223 policy_config: self.policy_config,
224 firewall_config: self.firewall_config,
225 execution_cache: ExecutionCacheConfig::default(),
226 enable_validator_tx_finalizer: true,
227 verifier_signing_config: VerifierSigningConfig::default(),
228 enable_db_write_stall: None,
229 iota_names_config: None,
230 }
231 }
232
233 pub fn build(
234 self,
235 validator: ValidatorGenesisConfig,
236 genesis: iota_config::genesis::Genesis,
237 ) -> NodeConfig {
238 let mut config = self.build_without_genesis(validator);
239 config.genesis = iota_config::node::Genesis::new(genesis);
240 config
241 }
242
243 pub fn build_new_validator<R: rand::RngCore + rand::CryptoRng>(
244 self,
245 rng: &mut R,
246 network_config: &NetworkConfig,
247 ) -> NodeConfig {
248 let validator_config = ValidatorGenesisConfigBuilder::new().build(rng);
249 self.build(validator_config, network_config.genesis.clone())
250 }
251}
252
253#[derive(Clone, Debug, Default)]
254pub struct FullnodeConfigBuilder {
255 config_directory: Option<PathBuf>,
256 rpc_port: Option<u16>,
258 rpc_addr: Option<SocketAddr>,
259 supported_protocol_versions: Option<SupportedProtocolVersions>,
260 db_checkpoint_config: Option<DBCheckpointConfig>,
261 expensive_safety_check_config: Option<ExpensiveSafetyCheckConfig>,
262 db_path: Option<PathBuf>,
263 network_address: Option<Multiaddr>,
264 json_rpc_address: Option<SocketAddr>,
265 metrics_address: Option<SocketAddr>,
266 admin_interface_address: Option<SocketAddr>,
267 genesis: Option<Genesis>,
268 p2p_external_address: Option<Multiaddr>,
269 p2p_listen_address: Option<SocketAddr>,
270 network_key_pair: Option<KeyPairWithPath>,
271 run_with_range: Option<RunWithRange>,
272 policy_config: Option<PolicyConfig>,
273 fw_config: Option<RemoteFirewallConfig>,
274 data_ingestion_dir: Option<PathBuf>,
275}
276
277impl FullnodeConfigBuilder {
278 pub fn new() -> Self {
279 Self::default()
280 }
281
282 pub fn with_config_directory(mut self, config_directory: PathBuf) -> Self {
283 self.config_directory = Some(config_directory);
284 self
285 }
286
287 pub fn with_rpc_port(mut self, port: u16) -> Self {
288 assert!(self.rpc_addr.is_none() && self.rpc_port.is_none());
289 self.rpc_port = Some(port);
290 self
291 }
292
293 pub fn with_rpc_addr(mut self, addr: impl Into<SocketAddr>) -> Self {
294 assert!(self.rpc_addr.is_none() && self.rpc_port.is_none());
295 self.rpc_addr = Some(addr.into());
296 self
297 }
298
299 pub fn with_supported_protocol_versions(mut self, versions: SupportedProtocolVersions) -> Self {
300 self.supported_protocol_versions = Some(versions);
301 self
302 }
303
304 pub fn with_db_checkpoint_config(mut self, db_checkpoint_config: DBCheckpointConfig) -> Self {
305 self.db_checkpoint_config = Some(db_checkpoint_config);
306 self
307 }
308
309 pub fn with_expensive_safety_check_config(
310 mut self,
311 expensive_safety_check_config: ExpensiveSafetyCheckConfig,
312 ) -> Self {
313 self.expensive_safety_check_config = Some(expensive_safety_check_config);
314 self
315 }
316
317 pub fn with_db_path(mut self, db_path: PathBuf) -> Self {
318 self.db_path = Some(db_path);
319 self
320 }
321
322 pub fn with_network_address(mut self, network_address: Multiaddr) -> Self {
323 self.network_address = Some(network_address);
324 self
325 }
326
327 pub fn with_json_rpc_address(mut self, json_rpc_address: impl Into<SocketAddr>) -> Self {
328 self.json_rpc_address = Some(json_rpc_address.into());
329 self
330 }
331
332 pub fn with_metrics_address(mut self, metrics_address: impl Into<SocketAddr>) -> Self {
333 self.metrics_address = Some(metrics_address.into());
334 self
335 }
336
337 pub fn with_admin_interface_address(
338 mut self,
339 admin_interface_address: impl Into<SocketAddr>,
340 ) -> Self {
341 self.admin_interface_address = Some(admin_interface_address.into());
342 self
343 }
344
345 pub fn with_genesis(mut self, genesis: Genesis) -> Self {
346 self.genesis = Some(genesis);
347 self
348 }
349
350 pub fn with_p2p_external_address(mut self, p2p_external_address: Multiaddr) -> Self {
351 self.p2p_external_address = Some(p2p_external_address);
352 self
353 }
354
355 pub fn with_p2p_listen_address(mut self, p2p_listen_address: impl Into<SocketAddr>) -> Self {
356 self.p2p_listen_address = Some(p2p_listen_address.into());
357 self
358 }
359
360 pub fn with_network_key_pair(mut self, network_key_pair: Option<NetworkKeyPair>) -> Self {
361 if let Some(network_key_pair) = network_key_pair {
362 self.network_key_pair =
363 Some(KeyPairWithPath::new(IotaKeyPair::Ed25519(network_key_pair)));
364 }
365 self
366 }
367
368 pub fn with_run_with_range(mut self, run_with_range: Option<RunWithRange>) -> Self {
369 if let Some(run_with_range) = run_with_range {
370 self.run_with_range = Some(run_with_range);
371 }
372 self
373 }
374
375 pub fn with_policy_config(mut self, config: Option<PolicyConfig>) -> Self {
376 self.policy_config = config;
377 self
378 }
379
380 pub fn with_fw_config(mut self, config: Option<RemoteFirewallConfig>) -> Self {
381 self.fw_config = config;
382 self
383 }
384
385 pub fn with_data_ingestion_dir(mut self, path: Option<PathBuf>) -> Self {
386 self.data_ingestion_dir = path;
387 self
388 }
389
390 pub fn build_from_parts<R: rand::RngCore + rand::CryptoRng>(
391 self,
392 rng: &mut R,
393 validator_configs: &[NodeConfig],
394 genesis: iota_config::node::Genesis,
395 ) -> NodeConfig {
396 let validator_config = ValidatorGenesisConfigBuilder::new().build(rng);
399 let ip = validator_config
400 .network_address
401 .to_socket_addr()
402 .unwrap()
403 .ip()
404 .to_string();
405
406 let key_path = get_key_path(&validator_config.authority_key_pair);
407 let config_directory = self
408 .config_directory
409 .unwrap_or_else(|| tempfile::tempdir().unwrap().into_path());
410
411 let migration_tx_data_path =
412 Some(config_directory.join(IOTA_GENESIS_MIGRATION_TX_DATA_FILENAME));
413
414 let p2p_config = {
415 let seed_peers = validator_configs
416 .iter()
417 .map(|config| SeedPeer {
418 peer_id: Some(anemo::PeerId(
419 config.network_key_pair().public().0.to_bytes(),
420 )),
421 address: config.p2p_config.external_address.clone().unwrap(),
422 })
423 .collect();
424
425 P2pConfig {
426 listen_address: self.p2p_listen_address.unwrap_or_else(|| {
427 validator_config.p2p_listen_address.unwrap_or_else(|| {
428 validator_config
429 .p2p_address
430 .udp_multiaddr_to_listen_address()
431 .unwrap()
432 })
433 }),
434 external_address: self
435 .p2p_external_address
436 .or(Some(validator_config.p2p_address.clone())),
437 seed_peers,
438 state_sync: Some(StateSyncConfig {
441 checkpoint_content_timeout_ms: Some(10_000),
442 ..Default::default()
443 }),
444 ..Default::default()
445 }
446 };
447
448 let json_rpc_address = self.rpc_addr.unwrap_or_else(|| {
449 let rpc_port = self
450 .rpc_port
451 .unwrap_or_else(|| local_ip_utils::get_available_port(&ip));
452 format!("{}:{}", ip, rpc_port).parse().unwrap()
453 });
454
455 let checkpoint_executor_config = CheckpointExecutorConfig {
456 data_ingestion_dir: self.data_ingestion_dir,
457 ..Default::default()
458 };
459
460 NodeConfig {
461 authority_key_pair: AuthorityKeyPairWithPath::new(validator_config.authority_key_pair),
462 account_key_pair: KeyPairWithPath::new(validator_config.account_key_pair),
463 protocol_key_pair: KeyPairWithPath::new(IotaKeyPair::Ed25519(
464 validator_config.protocol_key_pair,
465 )),
466 network_key_pair: self.network_key_pair.unwrap_or(KeyPairWithPath::new(
467 IotaKeyPair::Ed25519(validator_config.network_key_pair),
468 )),
469 db_path: self
470 .db_path
471 .unwrap_or(config_directory.join(FULL_NODE_DB_PATH).join(key_path)),
472 network_address: self
473 .network_address
474 .unwrap_or(validator_config.network_address),
475 metrics_address: self
476 .metrics_address
477 .unwrap_or(local_ip_utils::new_local_tcp_socket_for_testing()),
478 admin_interface_address: self
479 .admin_interface_address
480 .unwrap_or(local_ip_utils::new_local_tcp_socket_for_testing()),
481 json_rpc_address: self.json_rpc_address.unwrap_or(json_rpc_address),
482 consensus_config: None,
483 remove_deprecated_tables: false,
484 enable_index_processing: default_enable_index_processing(),
485 genesis,
486 migration_tx_data_path,
487 grpc_load_shed: None,
488 grpc_concurrency_limit: None,
489 p2p_config,
490 authority_store_pruning_config: AuthorityStorePruningConfig::default(),
491 end_of_epoch_broadcast_channel_capacity:
492 default_end_of_epoch_broadcast_channel_capacity(),
493 checkpoint_executor_config,
494 metrics: None,
495 supported_protocol_versions: self.supported_protocol_versions,
496 db_checkpoint_config: self.db_checkpoint_config.unwrap_or_default(),
497 indirect_objects_threshold: usize::MAX,
498 expensive_safety_check_config: self
499 .expensive_safety_check_config
500 .unwrap_or_else(ExpensiveSafetyCheckConfig::new_enable_all),
501 transaction_deny_config: Default::default(),
502 certificate_deny_config: Default::default(),
503 state_debug_dump_config: Default::default(),
504 state_archive_write_config: StateArchiveConfig::default(),
505 state_archive_read_config: vec![],
506 state_snapshot_write_config: StateSnapshotConfig::default(),
507 indexer_max_subscriptions: Default::default(),
508 transaction_kv_store_read_config: Default::default(),
509 transaction_kv_store_write_config: Default::default(),
510 enable_rest_api: true,
511 jwk_fetch_interval_seconds: 3600,
513 zklogin_oauth_providers: default_zklogin_oauth_providers(),
514 authority_overload_config: Default::default(),
515 run_with_range: self.run_with_range,
516 jsonrpc_server_type: None,
517 policy_config: self.policy_config,
518 firewall_config: self.fw_config,
519 execution_cache: ExecutionCacheConfig::default(),
520 enable_validator_tx_finalizer: false,
522 verifier_signing_config: VerifierSigningConfig::default(),
523 enable_db_write_stall: None,
524 iota_names_config: None,
525 }
526 }
527
528 pub fn build<R: rand::RngCore + rand::CryptoRng>(
529 self,
530 rng: &mut R,
531 network_config: &NetworkConfig,
532 ) -> NodeConfig {
533 let genesis = self
534 .genesis
535 .as_ref()
536 .or_else(|| network_config.get_validator_genesis())
537 .cloned()
538 .unwrap_or_else(|| iota_config::node::Genesis::new(network_config.genesis.clone()));
539 self.build_from_parts(rng, network_config.validator_configs(), genesis)
540 }
541}
542
543fn get_key_path(key_pair: &AuthorityKeyPair) -> String {
546 let public_key: AuthorityPublicKeyBytes = key_pair.public().into();
547 let mut key_path = Hex::encode(public_key);
548 key_path.truncate(12);
551 key_path
552}